Commit Graph

45 Commits

Author SHA1 Message Date
stefanf
12a8a7fa4c Include <stdlib.h> for exit() and abort() prototypes.
Approved by:	das (mentor)
2004-05-24 13:21:24 +00:00
charnier
eeb46390af Add section number to .Xr 2003-06-08 12:40:50 +00:00
charnier
9639b20db6 The .Nm utility 2002-07-06 19:19:48 +00:00
des
b833b9d1d3 Unbreak static build and remove usage() that isn't usage().
Reviewed by:	bde
2002-05-03 13:12:06 +00:00
des
37ceba5949 PAMify rexecd(8).
Sponsored by:	DARPA, NAI Labs
2002-05-02 05:06:32 +00:00
ume
903c50775a When opieverify() is fail, fallback to try unix password.
Tested by:	kuriyama
2002-04-16 10:54:30 +00:00
ume
7027bf8c9b Add an IPv6 support.
I dunno if there is an IPv6 supported rexec client.  So, it was
tested that this change doesn't break an IPv4.

Tested by:	kuriyama (IPv4 only)
2002-04-16 10:15:30 +00:00
kuriyama
c89f41e943 Make this compilable without -DOPIE.
Hint by:	ume
2002-04-16 07:53:42 +00:00
imp
c963f1d002 o __P removal
o register removal
o use new style prototypes and function definitions
2002-02-07 23:57:01 +00:00
kris
c60495e0de Lock down with WFORMAT?=1, with overrides in the subdirectories which
are not yet warning-clean.  Tested on i386 and alpha.
2002-02-04 02:33:51 +00:00
bde
5acdee8a8e Don't clobber the default for CFLAGS. 2001-08-03 21:45:54 +00:00
sheldonh
9bfb9eedcd Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. The
definitions are more readable, and it's possible that they're
more portable to pathalogical platforms.

Submitted by:   David Hill <david@phobia.ms>
2001-07-26 11:02:39 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
ru
5e14a6862e mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 10:49:54 +00:00
markm
84b43d4375 Goodbye S/Key, Hello OPIE.
I believe I have done due dilligence on this, but I'd appreciate
decent test scenarios and sucess (or failure) reports.
2001-07-09 17:34:22 +00:00
brian
8636b161b3 Fix the type of the NULL arg to execl()
Idea from: Theo de Raadt <deraadt@openbsd.org>
2001-07-09 09:24:06 +00:00
dwmalone
9d3e9efd8a Avoid a warning by making a variable a const char *. 2001-05-01 10:35:20 +00:00
ru
45d92a4319 - Backout botched attempt to intoduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:22:12 +00:00
ru
a23a98f937 Set the default manual section for libexec/ to 8. 2001-03-20 18:10:13 +00:00
charnier
f1a89df331 Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap. 2000-11-28 18:15:25 +00:00
ru
fda4c0a990 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
nsayer
21a39613d0 Man page fixups
Submitted by:	sheldonh@uunet.co.za
2000-05-15 14:06:07 +00:00
nsayer
d83d7a6528 Add -i (insecure) flag to rexecd, which allows uid == 0 logins
(presuming that the user in question is not in /etc/ftpusers and
does not have a null password).
2000-05-13 15:58:36 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
brian
c6c6c7de65 Ensure that things returned by gethostname() and
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)

Prompted by: bde
1999-04-07 08:27:45 +00:00
brian
213baed96f Link with libutil 1999-04-06 23:40:25 +00:00
brian
a77173a7cd Use realhostname() rather than various combinations of
gethostbyaddr() & gethostbyname().

Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
1999-04-06 23:06:00 +00:00
charnier
d61a5ed6ec Use err(3). -Wall cleaning. Use Pa for file names and add section in Xrefs. 1997-11-26 07:29:04 +00:00
imp
7f79bbed5b Julian A's fix. Do chdir as user rather than as root. Fixes a minor NFS
compatibility problem at the same time.  Some buffer made large enough
for worst case hostname.

fixes PR 2593.

Reviewed by:	Dan Cross and maybe others
1997-03-24 05:57:28 +00:00
peter
090fb430f1 Revert $FreeBSD$ to $Id$ 1997-02-22 14:22:49 +00:00
imp
cced79bd4c Buffer Overflow from OpenBSD
rev 1.7 deraadt:
	buf oflow
Obtained from: OpenBSD
1997-02-09 04:40:02 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
pst
f802c9787d Back out recent security patch for rexecd. After more careful analysis,
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.

Yes, an attacker can "relay" connections using this trick,  but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
1996-11-22 08:59:07 +00:00
pst
9b54175344 Do not attempt to open reverse channel until authentication phase has
succeeded.

Never allow the reverse channel to be to a privileged port.

Cannidate for:	2.1 and 2.2 branches

Reviewed by:	pst (with local cleanups)
Submitted by:	Cy Shubert <cy@cwsys.cwent.com>
Obtained from:	Jaeger <jaeger@dhp.com> via BUGTRAQ
1996-11-19 18:03:16 +00:00
wosch
361a15b8f4 add forgotten $Id$ 1996-09-22 21:56:57 +00:00
mpp
684146e8ce Check for expired passwords before allowing access to the system. 1995-08-28 21:30:59 +00:00
peter
8ca6f0e2ac rexecd was not calling "setlogin()" when it should have. This was causing
getlogin() to return wrong answers (eg: "root").
Reviewed by:	davidg
Obtained from:	James Jegers, for NetBSD, slightly reworked by me.
1995-07-29 15:21:15 +00:00
rgrimes
f05428e4cd Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
nate
bbc020cc5c Don't rely on the shared library bringing in libmd, do it explicitly.
Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command.  This only occurs when
linking statically.
1995-03-18 06:50:00 +00:00
pst
d66cc2a40a make rexecd link against skeyaccess, not authfile 1994-09-30 06:38:43 +00:00
pst
e9556ba2e9 Tighen up rexecd(8) security (see manual page for details).
Rexecd is a crock, it never should have been written,  however make it so
that people who have a need to run it don't hurt themselves so badly.

Obtained from: Ideas obtained from logdaemon 4.3 from Wietse Venema
1994-09-29 09:23:58 +00:00
guido
170df33e71 Add skey support
Reviewed by:
Submitted by:	guido
1994-08-21 19:10:43 +00:00
csgr
bb1890fe44 LDADD= -lcrypt
Submitted by:	Geoff
1994-08-20 21:19:46 +00:00
wollman
96c19e77ba Update to new make macros and disable Kerberos because we haven't got it
set up right yet.
1994-08-05 21:24:58 +00:00
rgrimes
7d07d2de2f BSD 4.4 Lite Libexec Sources 1994-05-27 12:39:25 +00:00