Commit Graph

4800 Commits

Author SHA1 Message Date
iedowse
c10c416552 Make the non-threaded stub for pthread_sigmask() a no-op instead
of calling sigprocmask(). This matches the behaviour of thr_sigsetmask()
on Solaris; _pthread_sigmask_stub was added purely for compatibility
with Solaris (for TI-RPC), so it might as well do the same thing.

This fixes the problem where client RPC calls ignored all signals
for the complete duration of the RPC. This behaviour is currently
necessary in the threaded case due to locking issues, but was never
intended to occur in non-threaded programs.

Reviewed by:	deischen
2001-06-11 23:18:22 +00:00
jlemon
e8f8984147 Fix small bogon.
Submitted by: Anton Berezin <tobez@tobez.org>
2001-06-11 18:15:31 +00:00
des
f47c06a197 Don't call _ftp_closefn() upon EOF in _ftp_readfn(); just return 0. This
fixes a bug in pkg_add(1) (which nobody noticed because of another bug).
2001-06-11 14:12:46 +00:00
ume
832f8d2249 Sync with recent KAME.
This work was based on kame-20010528-freebsd43-snap.tgz and some
critical problem after the snap was out were fixed.
There are many many changes since last KAME merge.

TODO:
  - The definitions of SADB_* in sys/net/pfkeyv2.h are still different
    from RFC2407/IANA assignment because of binary compatibility
    issue.  It should be fixed under 5-CURRENT.
  - ip6po_m member of struct ip6_pktopts is no longer used.  But, it
    is still there because of binary compatibility issue.  It should
    be removed under 5-CURRENT.

Reviewed by:	itojun
Obtained from:	KAME
MFC after:	3 weeks
2001-06-11 12:39:29 +00:00
ache
72ffa91a6b Handle "ASCII" and "US-ASCII" aliases 2001-06-10 23:22:31 +00:00
ume
32dc912feb Implement EDNS0 support, as EDNS0 support will be made mandatory for
IPv6 transport-ready resolvers/DNS servers.  Need careful configuration
when enable it. (default config is not affected).
See manpage for details.

XXX visible symbol __res_opt() is added, however, it is not supposed to be
called from outside, libc minor is not bumped.

Obtained from:	KAME/NetBSD
2001-06-10 20:25:24 +00:00
sobomax
c2aa478671 Fix cross-references:
xntpd.8 --> ntpd.8
acl_delete_perms.3 --> acl_delete_perm.3
getname.2 --> getsockname.2

MFC after:	1 week
2001-06-10 12:06:54 +00:00
dd
174326d6ed Xref dladdr(3).
Requested by:	-hackers
2001-06-08 22:50:33 +00:00
sobomax
e2d465d575 Create curs_termcap.3 --> termcap.3 MLINK, so many manpages in our tree that
reference to termcap.3 will not be pointing to nowhere.

MFC after:	1 week
2001-06-07 17:27:44 +00:00
sobomax
6c2547ab1f Correct cross-reference:
portmap.8 --> rpcbind.8

Submitted by:	.Xr testing script
2001-06-07 16:59:19 +00:00
ru
7371106319 s/format/byte order/ (for clarity). 2001-06-07 15:15:38 +00:00
dd
7e284cc83d urandom(4) -> random(4) in comments.
PR:		27858
Submitted by:	Yoshihiro Koya <Yoshihiro.Koya@math.yokohama-cu.ac.jp>
Reviewed by:	md5(1)
Approved by:	markm
2001-06-07 02:32:18 +00:00
dd
075fc28fc8 urandom(4) -> random(4)
PR:		27858
Submitted by:	Yoshihiro Koya <Yoshihiro.Koya@math.yokohama-cu.ac.jp>
Approved by:	markm
2001-06-07 02:31:03 +00:00
imp
a54c77f56c Back out my changes describing how snprintf nul terminates. It
was from the iso standard.  Keep the sentence that says it is always
NUL terminated to make sure that people understand that.

Requested by: bde
2001-06-05 23:39:45 +00:00
wollman
47ad85ccaf Don't mung the user's tm_sec field if we don't need to. (Belt-and-suspenders
version.)

PR:		bin/27630
Submitted by:	Arthur David Olson <ado@nci.nih.gov>
Obtained from:	Timezone mailing-list <tz@elsie.nci.nih.gov>
MFC after:	1 month
2001-06-05 20:13:28 +00:00
imp
cc3f2849e9 I neglected to notice that the change text had already been added in a
different place. Back out what I added since the other text is better.

Noticed by: nectar
2001-06-05 16:43:51 +00:00
sobomax
0c29f662fa Correct cross-references:
ng_bpf.8    --> ng_bpf.4
  ng_ether.8  --> ng_ether.4
  ng_iface.8  --> ng_iface.4
  ng_pppoe.8  --> ng_pppoe.4
  ng_socket.8 --> ng_socket.4
  ng_tty.8    --> ng_tty.4
  ng_{type}.4 --> /dev/null

MFC after:	1 week
2001-06-05 12:40:03 +00:00
sobomax
457c34317b Fix cross-references:
ipnat.8 --> ipnat.1
  environ.5 --> environ.7
  isssetugid.2 --> issetugid.2

MFC after:	1 week
2001-06-05 12:23:22 +00:00
imp
eea71e362d Document what happens when the real id is changed.
I may have obtained this from NetBSD, but I don't recall.  I do know that
I checked FreeBSD's implementation to make sure that it matched what I wrote.
2001-06-05 04:35:42 +00:00
imp
c8a0a2dd4f Minor improvements:
o Explain snprintf's return value better.
o Document snprintf, et al, were defined in C-99
o Warn against %n.
2001-06-05 04:22:30 +00:00
dd
db8173f50e Add a missing word.
Obtained from:	OpenBSD
2001-06-05 00:25:18 +00:00
dd
cb18fb03e8 Add a missing word. 2001-06-05 00:11:08 +00:00
markm
4e8273f82f Big module cleanup.
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.

Build new modules.

Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
2001-06-04 19:47:56 +00:00
markm
bb5c80b440 Null file to bring back a file from the dead. This allows the real commit
to happen remotely. Damn CVS bugs :-(
2001-06-04 19:25:41 +00:00
markm
cafc16591f Add the "nullok" option that causes this module to succeed if the Unix
password is empty/null.
2001-06-04 19:16:57 +00:00
markm
c5ba97baf9 Tidy up the options list (and make it more extendable), and add some
extra "standard" options.
2001-06-04 19:12:08 +00:00
markm
a28a87bd61 Add some new utility authenticators.
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.

pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
2001-06-04 18:44:47 +00:00
brian
91bbcb8b58 Add BSD-style copyright headers
Approved by: Charles Mott <cmott@scientech.com>
2001-06-04 15:09:51 +00:00
brian
5a407d2957 Change to a standard BSD-style copyright
Approved by:	Atsushi Murai <amurai@spec.co.jp>
2001-06-04 14:52:17 +00:00
deischen
44f9b5d247 Properly initialize a temporary FILE that is allocated off the stack.
The change to reuse _up from FILE (to allow FILE to grow without changing
size) overlooked FILE being allocated off the stack.

Approved by:	sobomax
2001-06-04 12:36:07 +00:00
tmm
6e0384074f Change this to support the new way swap device information is exported
via sysctl, and clean up some style and (size_t != int) issues.
2001-06-01 22:57:07 +00:00
kris
b4dd259ff3 Fix another unprotected instance of chdir() by extending the
fts_safe_changedir() function and using that instead for both of the
chdir()s.

Partially submitted by:	Todd Miller <millert@OpenBSD.org>, bde
2001-06-01 21:53:50 +00:00
iedowse
e1e34d59e0 Copy the sockaddr from the netbuf data area, not from the netbuf
data pointer. This bug has been here since the ti-rpc import; it
apparently broke the clnt_control CLGET_SVC_ADDR options.

PR:		misc/27813
Submitted by:	Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
2001-06-01 15:20:45 +00:00
ru
e7a85be33f Remove vestiges of MFS. 2001-06-01 10:07:28 +00:00
gshapiro
4ae5417dae Correct the documentation for snprintf() and vsprintf() which actually
return the number of characters that would have been in the new string.

Obtained from:	OpenBSD
MFC after:	3 days
2001-05-30 23:47:14 +00:00
kris
187932cd93 When doing the chdir("..") in the !FTS_NOCHDIR case, stat() after we get
there and compare the inode and device numbers to the values we remember,
to guard against the directory having been moved around in the meantime.

Reported by:	Nick Cleaton <nick@cleaton.net>
2001-05-30 20:35:44 +00:00
ru
f478ecd8d3 Add an integer field to keep protocol-specific flags with links.
For FTP control connection, keep the CRLF end-of-line termination
status in there.

Fixed the bug when the first FTP command in a session was ignored.

PR:		24048
MFC after:	1 week
2001-05-30 14:24:35 +00:00
sos
b515db2560 Dont free a hard code array.
PR 20569
2001-05-30 07:51:56 +00:00
msmith
18d7539d2e Correct the returned UDP datagram length. See the PR for a more comprehensive
description of the fix.

PR:		misc/25503
Submitted by:	Jim Browne <jbrowne@jbrowne.com>
MFC after:	1 week
2001-05-28 22:27:06 +00:00
msmith
10ff37925c The shortest valid TFTP packet is 4 bytes, not 8.
PR:		misc/25503
Submitted by:	Jim Browne <jbrowne@jbrowne.com>
MFC after:	1 week
2001-05-28 22:25:44 +00:00
des
1d4297a2b2 Implement a HTTP_USER_AGENT environment variable.
PR:		27669
Submitted by:	Eoin Lawless <eoin@maths.tcd.ie>
2001-05-27 11:00:36 +00:00
des
77734dca3c Document the authentication callback interface.
Update RFC references (should have done that ages ago...)
2001-05-26 19:38:34 +00:00
des
7be28011c0 Bump major number. 2001-05-26 19:37:26 +00:00
des
4f0b341263 Add rudimentary support for an authentication callback function. 2001-05-26 19:37:15 +00:00
des
4edf66ad45 MAXPATHLEN -> PATH_MAX 2001-05-26 19:36:49 +00:00
des
71613237c6 Plug memory leak.
PR:		27506
2001-05-26 17:23:38 +00:00
ru
05f3be90b2 - sys/n[tw]fs moved to sys/fs/n[tw]fs
- /usr/include/n[tw]fs moved to /usr/include/fs/n[tw]fs
2001-05-26 11:57:45 +00:00
eric
851fceab51 Add warnings about trusting user-supplied data.
Reviewed by:	ru
Approved by:	murray
Obtained from:	OpenBSD
2001-05-25 20:42:40 +00:00
rwatson
f504530d9f o Merge contents of struct pcred into struct ucred. Specifically, add the
real uid, saved uid, real gid, and saved gid to ucred, as well as the
  pcred->pc_uidinfo, which was associated with the real uid, only rename
  it to cr_ruidinfo so as not to conflict with cr_uidinfo, which
  corresponds to the effective uid.
o Remove p_cred from struct proc; add p_ucred to struct proc, replacing
  original macro that pointed.
  p->p_ucred to p->p_cred->pc_ucred.
o Universally update code so that it makes use of ucred instead of pcred,
  p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo,
  cr_{r,sv}{u,g}id instead of p_*, etc.
o Remove pcred0 and its initialization from init_main.c; initialize
  cr_ruidinfo there.
o Restruction many credential modification chunks to always crdup while
  we figure out locking and optimizations; generally speaking, this
  means moving to a structure like this:
        newcred = crdup(oldcred);
        ...
        p->p_ucred = newcred;
        crfree(oldcred);
  It's not race-free, but better than nothing.  There are also races
  in sys_process.c, all inter-process authorization, fork, exec, and
  exit.
o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid;
  remove comments indicating that the old arrangement was a problem.
o Restructure exec1() a little to use newcred/oldcred arrangement, and
  use improved uid management primitives.
o Clean up exit1() so as to do less work in credential cleanup due to
  pcred removal.
o Clean up fork1() so as to do less work in credential cleanup and
  allocation.
o Clean up ktrcanset() to take into account changes, and move to using
  suser_xxx() instead of performing a direct uid==0 comparision.
o Improve commenting in various kern_prot.c credential modification
  calls to better document current behavior.  In a couple of places,
  current behavior is a little questionable and we need to check
  POSIX.1 to make sure it's "right".  More commenting work still
  remains to be done.
o Update credential management calls, such as crfree(), to take into
  account new ruidinfo reference.
o Modify or add the following uid and gid helper routines:
      change_euid()
      change_egid()
      change_ruid()
      change_rgid()
      change_svuid()
      change_svgid()
  In each case, the call now acts on a credential not a process, and as
  such no longer requires more complicated process locking/etc.  They
  now assume the caller will do any necessary allocation of an
  exclusive credential reference.  Each is commented to document its
  reference requirements.
o CANSIGIO() is simplified to require only credentials, not processes
  and pcreds.
o Remove lots of (p_pcred==NULL) checks.
o Add an XXX to authorization code in nfs_lock.c, since it's
  questionable, and needs to be considered carefully.
o Simplify posix4 authorization code to require only credentials, not
  processes and pcreds.  Note that this authorization, as well as
  CANSIGIO(), needs to be updated to use the p_cansignal() and
  p_cansched() centralized authorization routines, as they currently
  do not take into account some desirable restrictions that are handled
  by the centralized routines, as well as being inconsistent with other
  similar authorization instances.
o Update libkvm to take these changes into account.

Obtained from:	TrustedBSD Project
Reviewed by:	green, bde, jhb, freebsd-arch, freebsd-audit
2001-05-25 16:59:11 +00:00
markm
f6fb59fd55 Add the "auth_as_self" option to the pam_unix module (there is no
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
2001-05-24 18:35:52 +00:00