Commit Graph

875 Commits

Author SHA1 Message Date
Mark Johnston
51d7f2ed58 Improve validation of the sockaddr length in iruserok_sa().
Negative numbers are not valid sockaddr lengths.

PR:		243747
Submitted by:	Andrew Reiter <areiter@veracode.com>
MFC after:	1 week
2020-02-05 16:09:44 +00:00
Konstantin Belousov
6b462d2762 Increase YPMAXRECORD to 16M to be compatible with Linux.
Since YP protocol definition uses the constant to declare
variable-size opaque byte strings, the change should be binary
compatible with existing installations which do not expose keys or
values larger than 1024 bytes.

All uses of local variables with YPMAXRECORD sizes were removed to
avoid insane stack use.  On the other hand, variables with static
lifetime should be fine and only result in increased VA use.

Glibc made same change, increasing the allowed length for keys and
values in YP to 16M, in 2013.

Reviewed by:	markj
Discussed with:	ian
Sponsored by:	Mellanox Technologies
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D20900
2019-08-12 20:27:33 +00:00
Pedro F. Giffuni
ec845b07c6 typo: suppported. 2019-05-29 02:08:23 +00:00
Rodney W. Grimes
6c1c6ae537 Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code
There are a few places that use hand crafted versions of the macros
from sys/netinet/in.h making it difficult to actually alter the
values in use by these macros.  Correct that by replacing handcrafted
code with proper macro usage.

Reviewed by:		karels, kristof
Approved by:		bde (mentor)
MFC after:		3 weeks
Sponsored by:		John Gilmore
Differential Revision:	https://reviews.freebsd.org/D19317
2019-04-04 19:01:13 +00:00
Michael Tuexen
8124c05f2c Use correct buffer sizes in sctp_get[lp]addrs().
MFC after:		3 days
2019-03-02 13:16:01 +00:00
Sergey Kandaurov
9b9a527843 Sync "struct addrinfo" declaration with netdb.h.
Notably, unlike in OpenBSD, which the man page was copied from,
ai_canonname and ai_addr come in different order.

PR:		225880
MFC after:	1 week
2019-02-10 19:07:47 +00:00
Pedro F. Giffuni
09ed804717 gai_strerror() - Update string error messages according to RFC 3493.
Error messages in gai_strerror(3) vary largely among OSs.

For new software we largely replaced the obsoleted EAI_NONAME and
with EAI_NODATA but we never updated the corresponding message to better
match the intended use. We also have references to ai_flags and ai_family
which are not very descriptive for non-developer end users.

Bring new new error messages based on informational RFC 3493, which has
obsoleted RFC 2553, and make them consistent among the header adn
manpage.

MFC after:	1 month
Differentical Revision:	D18630
2018-12-23 18:15:48 +00:00
Dag-Erling Smørgrav
e86caa0bd0 Style cleanup. 2018-11-27 09:41:47 +00:00
Edward Tomasz Napierala
8d113f4aec Don't call stat(2) on nsswitch.conf(5) every time nsdispatch(3)
and dependent functions (eg getpwname(3)) get called. This can
improve performance of binaries that perform a lot of name
lookups, such as gssd(8). It also matches documented behaviour
of Linux and Solaris.

The old code is left in place, should anyone need it, guarded
by #ifdef NS_REREAD_CONF.

Reviewed by:	imp, bcr
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17934
2018-11-10 23:07:46 +00:00
Edward Tomasz Napierala
d3450d02c7 Prevent flex(1) from generating calls to isatty(3) - and, in turn,
TIOCGETA ioctls - when parsing nsswitch.conf(5).

Reviewed by:	imp, markj
Approved by:	re (gjb)
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17564
2018-10-15 19:48:36 +00:00
Edward Tomasz Napierala
1d7da823b4 Don't call dlopen(3) for built-in NSS types - "cache", "compat",
"dns", "files", "db", and "nis". It saves some path lookups during
binary startup.

Reviewed by:	markj
Approved by:	re (gjb, kib)
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D17557
2018-10-15 17:50:02 +00:00
Brad Davis
03452a498c Move hosts, hosts.equiv, networks, nsswitch.conf, protocols to lib/libc/net/
This uses relative paths to make it more specific to avoid any potential
future problems with .PATH and leverages CONFS.

libc was picked as the destination location for these because of the syscalls
that use these files as the lowest level place they are referenced.

Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D17164
2018-09-17 18:56:47 +00:00
Brooks Davis
3a4fc8a8a1 Remove support for the Arcnet protocol.
While Arcnet has some continued deployment in industrial controls, the
lack of drivers for any of the PCI, USB, or PCIe NICs on the market
suggests such users aren't running FreeBSD.

Evidence in the PR database suggests that the cm(4) driver (our sole
Arcnet NIC) was broken in 5.0 and has not worked since.

PR:		182297
Reviewed by:	jhibbits, vangyzen
Relnotes:	yes
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D15057
2018-04-13 21:18:04 +00:00
Hiroki Sato
20d96999a4 Make getnameinfo(3) salen requirement less strict and
document details of salen in getnameinfo(3) manual page.

getnameinfo(3) returned EAI_FAIL when salen was not equal to
the length corresponding to the value specified by sa->sa_family.
However, POSIX or RFC 3493 does not require it and RFC 4038
Sec.6.2.3 shows an example passing sizeof(struct sockaddr_storage)
to salen.

This change makes the requirement less strict by accepting
salen up to sizeof(struct sockaddr_storage).  It also includes
two more changes: one is to fix return values because both SUSv4
and RFC 3493 require EAI_FAMILY when the address length is invalid,
another is to fix sa_len dependency in PF_LOCAL.

Pointed out by:	Christophe Beauval
Reviewed by:	ae
Differential Revision:	https://reviews.freebsd.org/D14585
2018-03-15 13:46:28 +00:00
Warner Losh
90ceddb160 The source strings are from the password database which guarantees
that the data going into it is sane.  Out of an abundance of caution,
limit the string copies to prevent an overflow.

CID: 1019035
2018-01-06 12:46:04 +00:00
Hajimu UMEMOTO
23e1a2d7da Don't ignore trailing spaces after numerical IP addresses.
PR:		224403
Reported by:	Michael Kaufmann
Reviewed by:	Michael Kaufmann
MFC after:	1 week
2017-12-20 17:44:31 +00:00
Pedro F. Giffuni
9b10f59a10 SPDX: mostly fixes to previous changes.
Introduce the recently approved BSD-1-Clause and replace 0BSD which
never did fit well our use cases.
2017-12-13 16:13:17 +00:00
Pedro F. Giffuni
d915a14ef0 libc: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
2017-11-25 17:12:48 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Pedro F. Giffuni
df57947f08 spdx: initial adoption of licensing ID tags.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

Initially, only tag files that use BSD 4-Clause "Original" license.

RelNotes:	yes
Differential Revision:	https://reviews.freebsd.org/D13133
2017-11-18 14:26:50 +00:00
Benjamin Kaduk
75ea0b7697 mdoc style: start new sentence on new line 2017-10-04 12:58:30 +00:00
Cy Schubert
9eba44bf46 Fix typo.
Reported by:	se
2017-10-04 09:54:59 +00:00
Cy Schubert
b1b1386ff4 Clarify the wording describing the stayopen flag.
MFC after:	1 week
2017-10-04 06:06:22 +00:00
Konstantin Belousov
587e285e97 Silently handle freeaddrinfo(NULL) for compatibility with code which
works on other OSes.  Also avoid unnecessary NULL check, free(NULL) is
valid.

Reviewed by:	bjk (man page), hrs, hselasky, ume
Sponsored by:	Mellanox Technologies
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D12354
2017-09-14 19:18:24 +00:00
Mark Johnston
7f48d6a486 Don't dlclose NSS modules from nss_atexit().
As hinted in the commit log message for r259042, this is unnecessary.
Moreover, as a result of that change we may invoke a DSO's atexit handler
after it has been unmapped.

Reviewed by:	bdrewery, cem
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-07-11 17:59:15 +00:00
Edward Tomasz Napierala
a9a393b390 Don't end up manpage titles with a full stop.
MFC after:	2 weeks
2017-05-24 21:02:53 +00:00
Enji Cooper
f18519e1d5 sctp_send(3): start sentences on new lines
Reported by:	make manlint
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-05-23 07:10:20 +00:00
Brooks Davis
a7dc31283a Remove the NATM framework including the en(4), fatm(4), hatm(4), and
patm(4) devices.

Maintaining an address family and framework has real costs when we make
infrastructure improvements.  In the case of NATM we support no devices
manufactured in the last 20 years and some will not even work in modern
motherboards (some newer devices that patm(4) could be updated to
support apparently exist, but we do not currently have support).

With this change, support remains for some netgraph modules that don't
require NATM support code. It is unclear if all these should remain,
though ng_atmllc certainly stands alone.

Note well: FreeBSD 11 supports NATM and will continue to do so until at
least September 30, 2021.  Improvements to the code in FreeBSD 11 are
certainly welcome.

Reviewed by:	philip
Approved by:	harti
2017-04-24 21:21:49 +00:00
Pedro F. Giffuni
9f36610f9e libc: provide some bounds-checking through reallocarray(3).
reallocarray(3) is a non portable extension that originated in OpenBSD.
Given that it is already in FreeBSD's libc it is useful for the cases
where reallocation involves a multiplication.

MFC after:		2 weeks
Differential Revision:	https://reviews.freebsd.org/D9955
2017-03-12 16:03:34 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
Mark Johnston
661c4fe512 Fix indentation in nss_configure().
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-14 21:55:50 +00:00
Mark Johnston
888e46a99b Register nss_atexit() before parsing nsswitch.conf for the first time.
NSS modules are loaded when nsswitch.conf is parsed and may register their
own atexit handlers with libc. nss_atexit() unloads any dynamically loaded
NSS modules, so it should run only after the modules' atexit handlers have
been invoked.

MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-02-14 21:51:19 +00:00
Pedro F. Giffuni
3795066839 Cleanup inelegant calloc(3) introduced in r310984. 2017-01-02 15:17:33 +00:00
Enji Cooper
c5c2166d45 Use calloc instead of malloc + memset(.., 0, ..)
MFC after:	1 week
2016-12-31 21:00:08 +00:00
Gleb Smirnoff
faf19a69a6 Address regressions in SA-16:37.libc.
PR:		215105
Submitted by:	<jtd2004a sbcglobal.net>
2016-12-07 23:18:00 +00:00
Michael Tuexen
159efc33a8 Fix a bug in sctp_sendmsgx(), where the sid provided by the user
was hot honored.

MFC after:	3 days
2016-12-07 21:24:49 +00:00
Gleb Smirnoff
74e540d788 Fix possible buffer overflow(s) in link_ntoa(3).
A specially crafted sockaddr_dl argument can trigger a static buffer overflow
in the libc library, with possibility to rewrite with arbitrary data following
static buffers that belong to other library functions.

Reviewed by:	kib
Security:	FreeBSD-SA-16:37.libc
2016-12-06 18:50:33 +00:00
Andrey A. Chernov
e1ec67bbc9 'addrlen' does not matter when we need to find the first non-zero bit in
the byte from the left and 'addrlen' already counted in 'lim'.

PR:     212121
Submitted by:   Herbie.Robinson@stratus.com
MFC after:      7 days
2016-08-31 18:49:50 +00:00
Andrey A. Chernov
af98aa6e21 Apply the same qsort() usage fix as in r304911 getaddrinfo.c
qsort() can't be stabilized with just return(-1) alone.

MFC after:      3 days
2016-08-31 15:47:58 +00:00
Andrey A. Chernov
ebbc445889 The formal behavior of qsort is unstable with regard to objects that
are equal. Unfortunately, RFC 3484 requires that otherwise equal objects
remain in the order supplied by the DNS server. The present code attempts
to deal with this by returning -1 for objects that are equal (i.e.,
returns that the first parameter is less then the second parameter).
Unfortunately, the qsort API does not state that the first parameter
passed in is in any particular position in the list.

PR:     212122
Submitted by:   Herbie.Robinson@stratus.com
MFC after:      3 days
2016-08-27 14:43:13 +00:00
Kevin Lo
310d2ce0f6 Remove <sys/types.h> from the SYNOPSIS. 2016-08-18 06:39:09 +00:00
Brooks Davis
3bb0c17d3e Don't conflate enum nss_status return values values with int (NS_SUCCESS,
NS_RETURN) values.

Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D6046
2016-08-16 11:38:45 +00:00
Enji Cooper
8b8a0b8883 Initialize ai to NULL and test for ai with type-appropriate values
Depending on the address family and ai_flags containing AI_V4MAPPED,
it might not do a proper DNS lookup on the provided DNS address

Convert some `ai` boolean true/false checks to NULL/non-NULL while here.

MFC after:	1 week
PR:		211790
Reported by:	Herbie.Robinson@stratus.com
Sponsored by:	EMC / Isilon Storage Division
2016-08-13 02:05:06 +00:00
Ed Schouten
b4a395a41b Add NI_NUMERICSCOPE.
POSIX also declares NI_NUMERICSCOPE, which makes getnameinfo() return a
numerical scope identifier. The interesting thing is that support for
this is already present in code, but #ifdef disabled. Expose this
functionality by placing a definition for it in <netdb.h>.

While there, remove references to NI_WITHSCOPEID, as that got removed 11
years ago.
2016-07-28 10:05:41 +00:00
Enji Cooper
b7e992da8e Revert r301707
getnetent_p doesn't return NULL like getnetent does. coccinelle got confused and
I didn't verify that it worked before committing the change

MFC after: 1 week
X-MFC with: r301707
Pointyhat to: ngie
2016-06-08 23:30:13 +00:00
Enji Cooper
140f884e31 Use NULL instead of 0 in _ht_getnetbyname(..)
- getnetent returns NULL on completion/error.
- .h_aliases is NULL terminated.

MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
2016-06-08 23:23:19 +00:00
Don Lewis
705458afae Don't call free_addrselectpolicy(&policyhead) before policyhead has been
initialized.

Reported by:	Coverity
CID:		1018727
2016-05-16 08:13:30 +00:00
Baptiste Daroussin
32fefb2495 Rename dprintf into dbg_printf to avoid collision with dprintf(3)
When dprintf(3) in 2009 was added a _WITH_DPRINTF guard has also been added.
This rename is made in preparation for the removal of this guard
2016-05-10 07:45:44 +00:00
Pedro F. Giffuni
32223c1b7d libc: spelling fixes.
Mostly on comments.
2016-04-30 01:24:24 +00:00
Pedro F. Giffuni
422fa64be3 Minor indentation issue. 2016-04-20 16:03:53 +00:00