If inetd is compiled without inet6 support, we need to error out on
rpc+inet6 services rather than attempting to call into rpc bits with an
uninitialized netid.
v4bind is only used with INET6 support, so move it under the proper #ifdefs
with v6bind.
Reported by: Pavel Timofeev <timp87 gmail com>
MFC after: 3 days
After increasing WARNS, building WITHOUT_TCP_WRAPPERS failed because of
some unused variables.
Reported by: Cirrus-CI (against my WIP branch)
MFC with: r356248
Sponsored by: The FreeBSD Foundation
Highlights:
- Use MAX() for maxsock raising; small readability improvement IMO
- malloc(3) + memset(3) -> calloc(3) where appropriate
- stop casting the return value of malloc(3)
- mallloc(3) -> reallocarray(3) where appropriate
A future change may enter capability mode when forking for some of the
built-in handlers.
This change is purely in the name of noise reduction from static analyzers
that want to complain that bzero(3) is obsolete in favor of memset(3).
With this, clang-analyze at least is now noise free. WARNS= 6 also appears
to have been OK for some time now, so drop the current setting and opt for
the default.
Currently, child pids are only tracked if maxchildren is specified. As a
consequence, without a maxchild limit we do not get a notice in syslog on
children aborting abnormally. This turns out to be a great debugging aide at
times.
Children are now tracked in a LIST; the management interface is decidedly
less painful when there's no upper bound on the number of entries we may
have at the cost of one small allocation per connection.
PR: 70335
The main point here is capturing the maxchild > 0 check. A future change to
inetd will start tracking all of the child pids so that it can give proper
and consistent notification of process exit/signalling.
chargen_dg: clang-analyze is convinced that endring could be non-NULL at
entry, and thus wants to assume that rs == NULL. Just independently
initialize rs if it's NULL to appease the analyzer.
getconfigent: policy leaks on return
free_connlist: reorganize the loop to make it clear that we're not going to
access `conn` after it's been freed.
cpmip/hashval: left-shifts performed will result in UB as we take
signed 0xABC3D20F and left shift it by 5.
sep->se_policy gets a strdup'd version of policy, so we don't need it to
stick around afterwards.
While here, remove a couple of NULL checks prior to free(policy).
CID: 1006865
MFC after: 3 days
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
- Only #include tcpd.h when LIBWRAP is true to avoid header include errors
- Only define whichaf when LIBWRAP is true to avoid -Wunused warning and
to avoid issues with structs being defined that should only be defined
when tcpd.h is included.
MFC after: 2 weeks
X-MFC with: r312105
Pointyhat to: ngie
Reported by: gcc tinderbox
Sponsored by: Dell EMC Isilon
This will allow inetd to stand by itself without libwrap.
MFC after: 2 weeks
Relnotes: yes
Reviewed by: hrs (earlier version)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D9056
- Use NI_MAXHOST-long buffer for getnameinfo().
Although INET6_ADDRSTRLEN was designed to hold the longest
IPv6 address in IPv4-mapped address format a long time ago,
getnameinfo() can return scope identifier in addition to it.
MFC after: 1 day
in -a flag.
- Fix a bug that sockaddr_in was used where sockaddr_in6 should have
been used. This was not actually harmful because offsetof(struct
sockaddr_in, sin_port) is equal to offsetof(struct sockaddr_in6,
sin6_port).
MFC after: 1 day
have chosen different (and more traditional) stateless/statuful
NAT64 as translation mechanism. Last non-trivial commits to both
faith(4) and faithd(8) happened more than 12 years ago, so I assume
it is time to drop RFC3142 in FreeBSD.
No objections from: net@
clock. In general, gettimeofday() is not appropriate interface
when accounting for elasped time because it can go backward, in
which case the policy code could errornously consider the limit
as exceeded.
MFC after: 1 week
Reported by: Mahesh Arumugam
Submitted by: Dorr H. Clark via gnn
Sponsored by: Citrix / NetScaler
The index() and rindex() functions were marked LEGACY in the 2001
revision of POSIX and were subsequently removed from the 2008 revision.
The strchr() and strrchr() functions are part of the C standard.
This makes the source code a lot more consistent, as most of these C
files also call into other str*() routines. In fact, about a dozen
already perform strchr() calls.
environments.
Please note that this can't be done while such processes run in jails.
Note: in future it would be interesting to find a way to do that
selectively for any desired proccess (choosen by user himself), probabilly
via a ptrace interface or whatever.
Obtained from: Sandvine Incorporated
Reviewed by: emaste, arch@
Sponsored by: Sandvine Incorporated
MFC: 1 month
sockets. Instead of rejecting all unix domain connections when the
-C flag is given, allow them instead. Aragon tested an earlier
version of the patch.
PR: 109315
MFC after: 2 weeks
Tested-by: Aragon Gouveia <aragon@phat.za.net>
exactly the same as patch from the PR, which also exited if the
config file was missing. I didn't use Jeff's patch because I was
worried that some people might start inetd, create the config file
and then HUP inetd.
PR: 60806
Submitted by: Jeff Ito <jeffi@rcn.com>
MFC after: 2 weeks
(or possibly testing) the previous formula worked for the default
constants compiled into inetd, but if you recompiled with different
values of CHTSIZE and CHTGRAN the calculation might not have worked.
PR: 54354
Submitted by: Claus Assmann <ca@sendmail.org>
Submitted by: Jose Marcio Martins da Cruz <Jose-Marcio.Martins@ensmp.fr>
MFC after: 5 days
into a child process. Rather than closing the discriptors manually,
mark all discriptors as close-on-exec.
PR: 47694
Submitted by: Max Okumoto <okumoto@ucsd.edu>
Obtained from: NetBSD
MFC after: 2 weeks
