Commit Graph

1259 Commits

Author SHA1 Message Date
Yaroslav Tykhiy
385f9bf07c NULL looks better than (char *)0 unless we're passing
an unprototyped argument to a function.
2004-02-07 14:59:11 +00:00
Yaroslav Tykhiy
b943b3c4ae Deny attempts to rename a file from guest users if the policy
says they may not modify existing files through FTP.

Renaming a file is effectively a way to modify it.
For instance, if a malicious party is unable to delete or overwrite
a sensitive file, they can nevertheless rename it to a hidden name
and then upload a troyan horse under the guise of the old file name.
2004-02-07 14:54:30 +00:00
Yaroslav Tykhiy
3f8b9cfe85 perror_reply() should not be used where errno isn't meaningful. 2004-02-07 14:38:04 +00:00
Yaroslav Tykhiy
10e8910499 Work around a bug in some clients by never returning raw directory
contents in reply to a RETR command.  Such clients consider RETR
as a way to tell a file from a directory.  Mozilla is an example.

PR:		bin/62232
Submitted by:	Bob Finch <bob+freebsd <at> nas <dot> com>
MFC after:	1 week
2004-02-07 14:11:38 +00:00
Ruslan Ermilov
47d7e8a96f Fixed style of DPADD and LDADD assignments as per style.Makefile(5). 2004-02-05 22:44:25 +00:00
Ruslan Ermilov
3ce0bf5144 Removed unnecessary dependencies on librpcsvc.
Prodded by:	des
2004-02-04 11:59:08 +00:00
Ruslan Ermilov
80c49332e2 Put libdevstat before libkvm, because the former depends on the latter. 2004-02-04 10:20:43 +00:00
Ruslan Ermilov
a9993ab438 - Added the NOPAM knob, for consistency with ${.CURDIR}/../ftpd.
- Unbreak -DNOPAM -DNOSHARED build by putting -lmd after -lopie.

(Static build with PAM remains broken.)
2004-02-04 10:05:21 +00:00
Max Khon
6e918a4d5e Fix "warning: value computed is not used".
Found by:	gcc 2.95.4 [FreeBSD]
2004-02-03 18:53:40 +00:00
Ruslan Ermilov
8dfe84c2fb Removed duplicate -lutil. 2004-02-02 18:23:18 +00:00
Ruslan Ermilov
40f38d59c2 Reorder dependencies to fix static NOPAM build.
Submitted by:	lorder(1)
2004-02-02 18:19:41 +00:00
Philippe Charnier
c433c9daac add missing setusershell() calls.
PR: bin/2442
Reviewed by: Friedemann Becker <zxmxy33@mail.uni-tuebingen.de>
2004-01-18 21:29:33 +00:00
Ruslan Ermilov
d10a8d6cb4 - Build things in pure dictionary order (see sort(1)).
- Unify the conditional assignments section so that architectural
  exclusions come first, then options and !options, sorted by the
  option name, also in directory order, then architecture specific
  sections, sorted by the architecture name, with i386 being a
  traditional exception.

Prodded by:	bde
2004-01-16 15:23:19 +00:00
Eric Anholt
c83098a31d man ftpd says that "by default, anonymous users cannot modify existing files."
However, the code did allow deletion of files.  Make deleting require the -m
flag, too.

PR:		bin/60809
Submitted by:	Alexander Melkov <melkov@comptek.ru>
2004-01-07 19:28:31 +00:00
Doug Rabson
ae59481b1a Initialise some uninitialised variables.
Thanks to: valgrind
2003-12-31 15:10:41 +00:00
David E. O'Brien
cf3fef3bdd Document what the PAM believers failed to do (and should have),
which is how to rsh as root into a machine.
2003-12-17 22:38:57 +00:00
Peter Wemm
6143d8ba5f Fix dynamic linking a bit more.. enough that mozilla-firebird works if you
dig up the patches for amd64 support for it.

Note to self: do not put a 64 bit value in a 32 bit space.
2003-12-12 01:12:41 +00:00
Peter Wemm
080f5381b7 Revert last change. ../rtld.c uses CACHE_LINE_SIZE too.
Change it to 64 while here.

Reported by:  ps
2003-12-11 18:42:51 +00:00
Peter Wemm
165d50f626 Only define CACHE_LINE_SIZE in one place.. 2003-12-11 04:49:37 +00:00
Peter Wemm
40a7c81112 CACHE_LINE_SIZE is 64 on athlon and amd64 chips, not 32. This should
probably be 128 since that is what the hardware prefetch fill size is
on both the p3, p4 and athlon* cpus.
2003-12-11 04:47:53 +00:00
Maxim Sobolev
9e95548c30 Fix a bug which causes wrong filename being written into the syslog
in the case when client sends request with RFC2347 options.

Approved by:	re
MFC After:	2 weeks
2003-11-20 13:36:31 +00:00
Hartmut Brandt
89624a3490 Replace all uses of the old netgraph constants NG_*LEN by the new
constants NG_*SIZ that include the trailing NUL byte. This change
is mostly mechanical except for the replacement of a couple of snprintf()
and sprintf() calls with strlcpy.
2003-11-15 15:26:35 +00:00
Yaroslav Tykhiy
db1c2da334 If a file to send in ASCII mode already has CRLF as end-of-line,
don't add excessive CR on the wire.

PR:		bin/59285
Submitted by:	Andrey Beresovsky <and at rsu.ru>
MFC after:	1 week
2003-11-15 11:08:26 +00:00
Anton Berezin
4893027ac4 Sync comment with code's reality.
MFC after:	1 week
2003-11-14 12:56:56 +00:00
Peter Wemm
d988f6deec Tidy up some xdrproc_t related warnings. 2003-10-26 04:32:53 +00:00
Peter Wemm
45ffe5605f Pacify gcc warning with a Douglas Adams reference. 2003-10-26 04:30:05 +00:00
Tim J. Robbins
392d789d29 Make the warning message stand out more. 2003-10-11 07:37:55 +00:00
Tim J. Robbins
a14c617681 Warn users that makekey may disappear in a future release now that the
last in-tree consumer has gone.
2003-10-09 10:06:30 +00:00
Tim J. Robbins
99d21d504c Use the new style struct sockaddr instead of osockaddr in system calls
so that talkd works without COMPAT_43.

Obtained from:	NetBSD (christos), Rumi Szabolcs
2003-09-28 09:16:09 +00:00
Hajimu UMEMOTO
206fe568bf Don't depend on IPv4-mapped IPv6 address to bind to both IPv4
and IPv6.

Wrote at:	Hakone.
Powered by:	Warner Losh's scotch whisky.
Requested by:	nork
2003-09-14 16:42:46 +00:00
Matthew N. Dodd
5515f48ce3 Retire the WITH_LIBMAP compile knob; libmap is now a standard feature. 2003-09-13 21:50:36 +00:00
Matthew N. Dodd
4402996dea Change libmap.c:lm_init() to return a status value; 0 for success
(libmap available) and 1 for failure.  Assign this return to the
global 'libmap_disable' variable in rtld.c.

This totally prevents any libmap functions from being called after
lm_init() if no config file is present.
2003-09-13 21:43:08 +00:00
David E. O'Brien
1569f861d7 Deal with the LOGIN_NAME_MAX issue in the NetBSD->FreeBSD
translation^H^H^Hhack layer.
2003-09-11 03:28:21 +00:00
David E. O'Brien
79a21e62da Add a dependancy on 'nbsd2fbsd.h' 2003-09-10 19:03:48 +00:00
Ruslan Ermilov
fe08efe680 mdoc(7): Use the new feature of the .In macro. 2003-09-08 19:57:22 +00:00
Alexander Kabaev
84c0a48249 Eliminate last three uses of varargs.h in the tree. These three files
were including varargs.h file but did not use any of its macros,
so they escaped the clean-up before.
2003-09-01 04:12:18 +00:00
Ceri Davies
a707b683e7 Add a note that the -u option can be overridden by settings in login.conf(5).
PR:		docs/56017
Submitted by:	Josef El-Rayes <j.el-rayes@daemon.li>
2003-08-31 07:45:48 +00:00
David E. O'Brien
0e9a61d260 Remove a useless '/'. 2003-08-24 17:35:52 +00:00
Warner Losh
566ef09073 Very minor style nit: sort include files alphabetically. 2003-08-22 02:22:59 +00:00
Gordon Tetlow
df7bdd0ae9 Forgot one instance of ld-elf.so.1. Convert to ${PROG}
Pointed out by:	obrien
2003-08-17 22:12:26 +00:00
Gordon Tetlow
dbbcd515ff Don't forget to honor DESTDIR. Also switch over to using PROG instead of
the binary name directly.
2003-08-17 18:59:30 +00:00
Gordon Tetlow
a857d9305c Don't forget to chflags noschg the existing binary so we can symlink
over it safely.

Pointed out by:	yosimoto@waishi.jp
2003-08-17 18:50:56 +00:00
Gordon Tetlow
df7c0368c1 As long threatened, stage 2 of making a dynamically-linked root a reality.
Install rtld into /libexec.
2003-08-17 08:06:00 +00:00
Gordon Tetlow
7b73593acd Prepend /lib to the builtin library search path in rtld. 2003-08-17 07:55:17 +00:00
Mark Murray
482d5f1f6a Make sure that a "make release" (more accurately the bit that makes
the crunched binary) get a non-cryptographic telnet. This is overkill
in that it covers stuff that is not normally used in a crunched binary.
2003-07-24 17:19:15 +00:00
Mark Murray
3665b7c29b Ensure that for the cryptographic instances of *telnet*, the "crypto"
distribution is used. This only affects release-building.
2003-07-24 07:19:55 +00:00
Mark Murray
acce0bcdb3 Test correct macro for "without crypto" option(s). 2003-07-20 23:29:46 +00:00
Yaroslav Tykhiy
0183b0b8b8 Prototype defttymode() instead of just declaring it. 2003-07-18 16:25:55 +00:00
Mark Murray
4afa371832 Very big makeover in the way telnet, telnetd and libtelnet are built.
Previously, there were two copies of telnet; a non-crypto version
that lived in the usual places, and a crypto version that lived in
crypto/telnet/. The latter was built in a broken manner somewhat akin
to other "contribified" sources. This meant that there were 4 telnets
competing with each other at build time - KerberosIV, Kerberos5,
plain-old-secure and base. KerberosIV is no longer in the running, but
the other three took it in turns to jump all over each other during a
"make buildworld".

As the crypto issue has been clarified, and crypto _calls_ are not
a problem, crypto/telnet has been repo-copied to contrib/telnet,
and with this commit, all telnets are now "contribified". The contrib
path was chosen to not destroy history in the repository, and differs
from other contrib/ entries in that it may be worked on as "normal"
BSD code. There is no dangerous crypto in these sources, only a
very weak system less strong than enigma(1).

Kerberos5 telnet and Secure telnet are now selected by using the usual
macros in /etc/make.conf, and the build process is unsurprising and
less treacherous.
2003-07-16 20:59:15 +00:00
Yaroslav Tykhiy
e25d3184d0 Block SIGURG while reading from the control channel.
Rationale:

SIGURG is configured by ftpd to interrupt system calls, which is useful
during data transfers.  However, SIGURG could interrupt I/O on the
control channel as well, which was mistaken for the end of the session.

A practical example could be aborting the download of a tiny file,
when the abort sequence reached ftpd after ftpd had passed the file
data to the system and returned to its command loop.

Reported by:	ceri
MFC after:	1 week
2003-07-09 13:54:33 +00:00