541 Commits

Author SHA1 Message Date
davidn
d8d579b282 Fix memory leak caused by not freeing memory returned by cgetstr()
calls. The cost is a little more up-front memory allocation, but the
effect seems minimal.

Problem noticed-by: bde

Added syslog at LOG_ERR when referencing an unknown gettytab entry
and for other cgetent() failues (circular reference et al).

To be merged into 2.2 after a few days testing.
1997-05-11 10:25:38 +00:00
davidn
f766bd31c5 login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
jdp
08224caae1 Fix a bug that caused the relocs for linker set members in shared
libraries to come out as 1-byte relocations instead of 4-byte
relocations.

Submitted by:	Doug Rabson <dfr@nlsystems.com>
1997-04-30 05:18:08 +00:00
davidn
55c9dac450 Adds anon ftp virtual host capability to ftpd, using /etc/ftphosts for
definition of a system's virtual hosts.
1997-04-29 12:42:08 +00:00
davidn
004ba69629 YAMF2.2: Allow @group entries in /etc/ftpusers & /etc/ftpchroot to deny
and allow chroot access to entire groups.
1997-04-27 08:29:21 +00:00
davidn
e7ce274b1e Document internal ls, how to compile it in and what it changes wrt
anon ftp and chrooted users.
1997-04-26 12:23:51 +00:00
davidn
a1afe71480 Adds optional "internal ls" support for ftpd, by collecting
modules from src/bin/ls, and handling exec(_PATH_LS,..) as a
special case, very useful in an environment where many users
are given chroot access. "~/etc/{s}pwd.db" files are still
needed if uid/gid->user/group translation is desired.

To enable this it must be compiled with the make variable
FTP_INTERNAL_LS defined, either in /etc/make.conf or the
environment.
1997-04-26 12:12:10 +00:00
davidn
a3b6ff7143 Add basic login.conf (sans authentication) support. 1997-04-23 04:56:39 +00:00
davidn
9467d57b92 Added login.conf support. 1997-04-23 03:06:47 +00:00
bde
ea4c076a10 Fixed `make depend' and related bogons. LDFLAGS was used for
ld-specific flags.  LDFLAGS is really for ld-related flags for cc,
not for ld, and some flags, e.g., -Bshareable, mean completely
different things to cc and ld.  Having the wrong things in LDFLAGS
also broke the standard ${PROG} target.  This was kludged around
by using a special rule that depended on LDFLAGS being bogus.
Fixing `make depend' broke the special rule but fixed the standard
rule (except in the DESTDIR case, which was handled more strictly
here than elsewhere).
1997-04-16 11:31:32 +00:00
davidn
4e402b133c Remove text about unsupported flags 'mdmbuf', 'local', 'crtscts' etc
that are in reality handled in gettytab.

Document the new 'dialin' and 'network' tty flags.
1997-04-13 21:29:50 +00:00
davidn
9445d58268 Submitted by: Philippe Charnier <charnier@xp11.frmug.org>
Fixes name size limitation (was hardcoded to 8).
Closes PR#3258
1997-04-12 01:04:50 +00:00
mpp
d1efa8f258 Ensure that the remote host name is Nul terminated.
Closes PR# 2589.
1997-04-08 20:36:36 +00:00
davidn
2bd0c6c536 Fix for expiration date test. Closes PR#3224. 1997-04-08 12:32:17 +00:00
joerg
4c53760558 Use MAXHOSTNAMELEN, as opposed to an arbitrary number, and ensure
correct termination if it overflows.

Closes PR # misc/2982.

Submitted by:	Drew Derbyshire <ahd@kew.com>
1997-04-01 20:39:59 +00:00
peter
1743de6ff7 Be a bit more careful about what port number we are using for the
second socket.  If we're going to check for reserved ports, we should
do it properly.
1997-03-29 12:35:06 +00:00
imp
3125d931c2 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-28 15:48:21 +00:00
davidn
e7387d0ac0 Don't trucate username to 8 characters. 1997-03-25 09:52:38 +00:00
mpp
948c029576 Remove some incorrect text on how passwords are validated.
Closes PR# 3050.

Submitted by:	 Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
1997-03-25 03:45:52 +00:00
imp
4ea8eab386 Fix non explloitable buffer overflows (since the largest packet processed
precludes it) to keep people from whining about it in the newsgroups and
mailing lists.
1997-03-24 06:04:08 +00:00
imp
f5e1bde58d Fix various buffer overflows that may or may not be exploitable.
Fixes PR 2588

Reviewed by:	Dan Cross?
Submitted by:	Julian Assange
1997-03-24 06:01:39 +00:00
imp
7f79bbed5b Julian A's fix. Do chdir as user rather than as root. Fixes a minor NFS
compatibility problem at the same time.  Some buffer made large enough
for worst case hostname.

fixes PR 2593.

Reviewed by:	Dan Cross and maybe others
1997-03-24 05:57:28 +00:00
mpp
85ebd64ceb Change a reference to NetBSD to FreeBSD. 1997-03-14 06:09:04 +00:00
peter
245ba20d12 Revert $FreeBSD$ to $Id$ 1997-02-22 15:48:31 +00:00
peter
090fb430f1 Revert $FreeBSD$ to $Id$ 1997-02-22 14:22:49 +00:00
mpp
58f212920d #include <string.h> to help silence -Wall. 1997-02-20 23:11:22 +00:00
guido
7dfa42b35f Actually allow the -R flag. 1997-02-13 19:24:25 +00:00
davidn
dd9792c5ff Tidy-up modem-chat handling: ensure tty modes are restored to
'sane' standard (not raw) settings before abort/exiting; move
responsibility of setting raw mode for chat-handling out of
chat.c to avoid doing redundant tc{s,g}etattr()s; move DE
pause prior setting standard mode before issue/login prompt to
avoid echoing modem connect strings. Fixed up comment styles
in a couple of places.
1997-02-09 16:12:08 +00:00
imp
cced79bd4c Buffer Overflow from OpenBSD
rev 1.7 deraadt:
	buf oflow
Obtained from: OpenBSD
1997-02-09 04:40:02 +00:00
imp
b0ad700c81 Some patches for source routed packets from OpenBSD.
Rev 1.16 deraadt:
	do not warn about valid options; invalid options correctly quit
Rev 1.15 deraadt:
	need not clear options since bad ones cause exit;
	provos@ws1.physnet.uni-hamburg.de
Rev 1.14 deraadt:
	IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
	out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
	buffer overflow.

Reviewed by:    Peter Wemm
Obtained from:  OpenSBD
1997-02-09 04:18:43 +00:00
imp
ee7d6816c3 Some patches for source routed packets from OpenBSD.
Rev 1.13 deraadt:
	do not warn about valid options; invalid options correctly quit
Rev 1.12 deraadt:
	need not clear options since bad ones cause exit;
	provos@ws1.physnet.uni-hamburg.de
Rev 1.11 deraadt:
	IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
	out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
	buffer overflow.

Reviewed by:	Peter Wemm
Obtained from:	OpenSBD
1997-02-09 04:16:27 +00:00
jkh
66962bcc3d Fix a hop count datatype bogon pointed out in PR#2642 (though my fix
was slightly different than the one submitted).
Submitted by:	Elmar Bartel <bartel@informatik.tu-muenchen.de>
1997-02-07 20:03:49 +00:00
davidn
69f67f3e27 Increased username size to allow passing username:auth_method to
login.
1997-02-07 11:45:10 +00:00
davidn
f96247a130 Make username size dependant on MAXLOGNAME in sys/param.h. Was
previously hard-coded at 16 characters (and possibly overflowing
the field when NUL terminating a username of exactly 16 characters
in length).
1997-02-02 14:43:32 +00:00
davidn
c6f2c73939 Added:
ic=expect/send script    modem init script
    ac=expect/send script    modem answer script
    ct#val		     chat script timeout (seconds)
    rt#val		     recycle timeout (seconds) if 'ac' set
    dc#val		     debug bitmask for debugging chat scripts
    hw	(boolean)	     enable crtscts handshaking
    if=path		     'issue' file sent prior login prompt

chat.c is a simplistic expect/send chat module.
1997-02-02 14:24:57 +00:00
davidn
911bf57597 Fix bug in %s, %m, %r and %v macros not displaying data. 1997-02-02 07:38:26 +00:00
davidn
5c0afad0d2 Added support for %s (sysname) %m (machine) %r (release) and %v (version)
prompt macros to agree with getty(8).
1997-02-02 07:33:50 +00:00
dg
abe7289a8c Oops, fix white space in last commit. 1997-01-28 07:09:05 +00:00
dg
3d55397795 Fix signal handler race condition. 1997-01-28 07:06:54 +00:00
joerg
f1bacc34bc Make even more copies of hostnames obtained by inet_ntoa(). iruserok()
could still clobber the static storage, yielding an error message with
a wrong hostname.
1997-01-27 15:38:46 +00:00
jdp
d7912405bd Use xmalloc instead of malloc in two places, so that out-of-memory
conditions will be detected.

Submitted by:	Philippe Charnier <charnier@xp11.frmug.org>
1997-01-24 00:07:03 +00:00
pst
729071c96e Fix buffer overrun problem.
Cannidate for: 2.2	[must]

Obtained from: Lite/2 and BSDI's published patch
1997-01-18 08:30:01 +00:00
jdp
282d267078 Pay attention to the environment variable "LD_IGNORE_MISSING_OBJECTS".
If it is set to a nonempty string, then simply skip any missing
shared libraries.  This came up in a discussion long ago as a
potentially useful feature at sysinstall time.  For example, an
X11 utility could be used without the X libraries being present,
provided the utility had a mode in which no X functions were actually
called.
1997-01-17 20:22:18 +00:00
alex
a3118e8c68 Sweep through the tree fixing mmap() usage:
- Use MAP_FAILED instead of the constant -1 to indicate
    failure (required by POSIX).
  - Removed flag arguments of '0' (required by POSIX).
  - Fixed code which expected an error return of 0.
  - Fixed code which thought any address with the high bit set
    was an error.
  - Check for failure where no checks were present.

Discussed with:	bde
1997-01-16 21:58:40 +00:00
jdp
dcd41564c5 If a library is found in the hints file, but the library doesn't exist,
ignore the hint.

This is a straightforward fix, and it should go into 2.2 after a burn-in
period of a few days.

Noticed by:	bde
1997-01-14 17:53:55 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
wosch
71f5160702 Sort cross references. 1997-01-13 00:25:51 +00:00
jdp
75efa0b561 Use the RTLD_NOW symbol, now that it is defined in <dlfcn.h>. 1997-01-12 19:59:26 +00:00
jdp
222e4ec967 Correct typos and spelling errors. 1997-01-12 00:19:14 +00:00
jdp
04703241ef Add support for the LD_BIND_NOW environment variable. If it is set to a
nonempty string, then function calls are relocated at program start-up
rather than lazily.  This variable is standard on Sun and SVR4 systems.

The dlopen() function now supports both lazy and immediate binding, as
determined by its "mode" argument, which can be either 1 (RTLD_LAZY) or
2 (RTLD_NOW).  I will add defines of these symbols to <dlfcn.h> as soon
as I've done a little more checking to make sure they won't cause
collisions or bootstrapping problems that would break "make world".

The "LD_*" environment variables which alter dynamic linker behavior are
now treated as unset if they are set to the empty string.  This agrees
with the standard SVR4 conventions for the dynamic linker.

Add a work-around for programs compiled with certain buggy versions of
crt0.o.  The buggy versions failed to set the "crt_ldso" member of the
interface structure.  This caused certain error messages from the
dynamic linker to begin with "(null)" instead of the pathname of the
dynamic linker.
1997-01-12 00:16:36 +00:00