Commit Graph

22177 Commits

Author SHA1 Message Date
Alexander Langer
8a77722ad7 Block all write operations to /proc/1/* when securelevel > 0.
The additional check in procfs_ctl.c could be backed out, but
I'm leaving it in for good measure.

Reviewed by:	Theo de Raadt <deraadt@OpenBSD.org>
1997-06-21 16:09:49 +00:00
Jordan K. Hubbard
35510945b7 Shut up catman output. 1997-06-21 15:56:50 +00:00
Jordan K. Hubbard
58183fc7b0 Whoops, get the proper rev of this. 1997-06-21 15:45:51 +00:00
Jordan K. Hubbard
31377e1f1f Change the way that X configuration method is selected. 1997-06-21 15:45:15 +00:00
Bruce Evans
ce93f47a1e Don't attempt to generate errors for unpromoted types in va_arg(),
since it is impossible to distinguish unpromoted types from small
(struct) types.  Renamed __va_promote() to __va_size() since it is
related to sizes of args on the stack and not to promotion.

PR:		3884
Submitted by:	mostly by arnej@math.ntnu.no (Arne Henrik Juul)
Obtained from:	name of__va_size and some parentheses fixes from NetBSD
1997-06-21 15:45:13 +00:00
Jordan K. Hubbard
f523d96216 New build scripts for these distributions. 1997-06-21 15:42:17 +00:00
Jordan K. Hubbard
7284556f8e Change the way distributions are built such that they can be built
either in the Makefile or by an external script.  Move some of the
existing stuff into scripts.
1997-06-21 15:41:55 +00:00
Jordan K. Hubbard
398ac038db Change the distribute targets so that a given item in our source tree
can place itself into n distributions, where n >= 1.
1997-06-21 15:40:34 +00:00
Joerg Wunsch
c1bae21c1e Fix a typo, so the -a option will by documented in the synopsis. 1997-06-21 09:17:45 +00:00
Brian Somers
9b5a20e10a Fix "delete all".
PR:		3913
1997-06-20 23:43:35 +00:00
Bill Paul
b1d8279802 Hm... wonder how long this has been here.
The logic in get_myaddress() is broken: it always returns the loopback
address due to the following rule:

                if ((ifreq.ifr_flags & IFF_UP) &&
                    ifr->ifr_addr.sa_family == AF_INET &&
                    (loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {

The idea is that we want to select the interface address only if it's
up and it's in the AF_INET family. If it turns uout we don't have
such an interface available, we make a second pass through the loop,
this time settling for the loopback interface. But the logic inadvertently
locks out all cases when loopback == 0, so nothing is ever selected until
the second pass (when loopback == 1).

This is changed to:

                if (((ifreq.ifr_flags & IFF_UP) &&
                    ifr->ifr_addr.sa_family == AF_INET) ||
                    (loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {

which I think does the right thing.

This is yet another bogon I discovered during NIS+ testing; I need
get_myaddress() to work correctly so that the callback code in the
client library will work.
1997-06-20 17:54:11 +00:00
Jordan K. Hubbard
2588c3547d Add a couple of strategic screen clears. 1997-06-20 07:04:16 +00:00
Jordan K. Hubbard
f2d0ae8518 Back out previous fix - this bug's got diplomatic immunity as a registered
political issue.
1997-06-19 17:57:06 +00:00
Jordan K. Hubbard
9a73af57e4 Fix multiple documentation bogons.
PR:		3798
Submitted by:	Jan Kuriyama <kuriyama@opt.phys.waseda.ac.jp>
1997-06-19 15:18:34 +00:00
Jordan K. Hubbard
fc0eef9f89 >Number: 3780
>Category:       bin
>Synopsis:       WEXITSTATUS() may return nagative value, which causes sh to generate bad $?

PR:		3780
Submitted by:	sanewo@ba2.so-net.or.jp
1997-06-19 15:14:01 +00:00
Philippe Charnier
210a5dc89f Sync usage string according to man page. 1997-06-19 14:44:24 +00:00
Philippe Charnier
49d430cc1f Cosmetic in usage string. 1997-06-19 14:42:10 +00:00
Philippe Charnier
6da7f3783b Use warn(3). 1997-06-19 14:40:41 +00:00
Philippe Charnier
64c12016e7 Use err(3). Add missing prototypes. Cosmetic in usage string. 1997-06-19 14:38:53 +00:00
Philippe Charnier
ac9df8c8e7 Use err(3). Add usage(). 1997-06-19 14:33:42 +00:00
Philippe Charnier
a2bfcdfd76 Use err(3). 1997-06-19 14:28:32 +00:00
John Polstra
904058d0ad Try again to explain the existence of lchown() and the absence of
lchmod() and lutimes().
1997-06-19 01:07:05 +00:00
Garrett Wollman
a8da31fc3e Fix crash when halting where APM was configured but not enabled
by checking whether APM is active in apm_power_off() and returning
if not.  (The code was already written with the expectation that
this function would return if it fails.)
1997-06-19 00:25:03 +00:00
Paul Traina
00f2dc9363 Add cron_enable and inetd_enable flags to rc.conf.
WARNING: don't update rc and forget to update rc.conf, or you won't be
able to telnet back into your box after a reboot.
1997-06-18 16:01:19 +00:00
Philippe Charnier
b5f058fc9b Various typos in man page. Cosmetic in usage string. Use err(3) instead
of fprintf. Remove unused variables.
1997-06-18 06:37:23 +00:00
Philippe Charnier
768b3fbd57 Sync man page and usage string. Remove unused -p option from getopt call. 1997-06-18 06:34:28 +00:00
Philippe Charnier
7766b145c4 Sync man page and usage string. 1997-06-18 06:33:11 +00:00
Philippe Charnier
eee9b17e46 Sync beetween man page and usage string. 1997-06-18 06:30:34 +00:00
Philippe Charnier
1b6a6c70bb Fprintf -> warn. 1997-06-18 06:28:46 +00:00
Philippe Charnier
577b61c645 Typo. 1997-06-18 06:26:13 +00:00
Jordan K. Hubbard
2233edf577 1. Add a noWarn flag so that scripts can turn warnings off.
2. If hostname not set from script, bring up interactive dialog anyway.
1997-06-18 05:11:37 +00:00
Satoshi Asami
e1eecc081e Add `B' to list of flags to pass through from C*FLAGS when using mkdep
(bsd.dep.mk) and compiling assembly language sources (bsd.lib.mk).
This doesn't change anything for our current source tree, but if you
want to use the -B switch in C*FLAGS to specify the location of
compiler subprograms, now you can do it.

Reviewed by:	bde (implicitly)
1997-06-18 03:39:34 +00:00
Satoshi Asami
ab6e6dd2aa Move the "umask ?= 0022" check (a warning only) from the default
"do-install" target to the beginning of the "install" meta-target, so
that ports that define their own do-install will also run it without
having to duplicate it themselves.

Tested by:	rebuilding all packages
1997-06-18 03:20:22 +00:00
Satoshi Asami
b3e17ba2cf Add "-I${DESTDIR}/usr/include" to CFLAGS if DESTDIR is defined, just
like bsd.lib.mk and bsd.prog.mk.  It doesn't add it to CXXINCLUDES, I
don't think anybody has written a kernel module with C++.  (Not that I
think DavidG will allow it anyway. :)

Reviewed by:	bde
1997-06-18 03:10:31 +00:00
Brian Somers
443e72b45a Protect against garbage mbufs in pppstart.
Remove previous hack in pppfcs().

This is still not the correct solution.  We shouldn't
have any incorrect mbufs.  This patch does however make
pppd/natd work (rather than jamming the interface).
1997-06-18 02:50:40 +00:00
Jordan K. Hubbard
34f52ab279 Check named_enable rather than just named_flags.
PR:		3893 (sort of)
1997-06-18 01:55:19 +00:00
Garrett Wollman
131d416032 Add for public examination the beginnings of the per-host cache support
which will for the basis of RTF_PRCLONING's more efficient, better-
designed replacement.
1997-06-18 01:24:28 +00:00
Alexander Langer
1ace97196f Typo police. 1997-06-18 00:35:53 +00:00
John Polstra
0135ecec56 Correct the section number in the cross-reference for the publickey
file.
1997-06-17 20:24:33 +00:00
Bill Paul
80a53c9813 Work around a bug (deficiency?) in the libdes Secure RPC compat interface.
The way Secure RPC is set up, the ecb_crypt() routine is expected to
be able to encrypt a buffer of any size up to 8192 bytes. However, the
des_ecb_encrypt() routine in libdes only encrypts 8 bytes (64 bits) at a
time. The rpc_enc.c module should compensate for this by calling
des_ecb_encrypt() repeatedly until it has encrypted the entire supplied
buffer, but it does not do this.

As a workaround, keyserv now handles this itself: if we're using DES
encryption, and the caller requested ECB mode, keyserv will do the right
thing.

Also changed all references to 'rc4' into 'arcfour' just in case some
litigious bastard from RSA is watching.

Note that I discovered and fixed this problem while trying to get
a part of NIS+ working: rpc.nisd signs directory objects with a 16-byte
MD5 digest that is encrypted with ecb_crypt(). Previously, only the
first 8 bytes of the digest were being properly encrypted, which caused
the Sun nis_cachemgr to reject the signatures as invalid. I failed to
notice this before since Secure RPC usually never has to encrypt more
than 8 bytes of data during normal operations.
1997-06-17 18:03:52 +00:00
KATO Takenori
ad86734deb Added CONTEC C-NET(9N) and C-NET(98)P2 support.
Submitted by:	Chiharu Shibata <chi@rd.njk.co.jp>
1997-06-17 11:26:50 +00:00
Kenjiro Cho
3cbceb8234 correct the wrong ATM option name for native atm access
NETNATM --> NATM

reported by Bruce Evans.

Bruce also pointed out that NATM is confusing since config(8) defines
NATM as the number of atm pseudo device in "BUILD_DIR/atm.h".
We might change the name in the future but leave it as it is for now.
1997-06-17 05:58:15 +00:00
Brian Somers
3b80c31921 Cosmetic: Fix help syntax. 1997-06-17 02:04:51 +00:00
Brian Somers
712ae38782 Handle redial tries correctly under -ddial 1997-06-17 01:46:05 +00:00
David Nugent
0edf29640b Fix infinite loop.
PR: 3878
Submitted by: roman@rpd.univ.kiev.ua
1997-06-16 23:38:01 +00:00
Brian Somers
55a8cdea92 Put TCP/IP logs back on one line. 1997-06-16 21:20:00 +00:00
Brian Somers
cc39a98fd5 Set netfd to STDOUT_FILENO rather than STDIN_FILENO. 1997-06-16 19:59:41 +00:00
Brian Somers
fd59deba96 Correct filter docs.
PR:		3464
Submitted by:	Stephen J. Roznowski <sjr1@flash.net>
1997-06-16 13:52:10 +00:00
Brian Somers
d656a4c582 Remove call to daemon(). Just call setsid() and close
any relevent descriptors (0,2,[1]).  We've already fork()d.
PR:		3874
1997-06-16 13:24:59 +00:00
John Dyson
0f606585b8 Ouch!!! This should fix a serious build problem after the addition of the
new preliminary AIO support.  Unfortunately, I had a stray copy of aio.h
that made me think that things worked.
1997-06-16 12:10:21 +00:00