Commit Graph

243 Commits

Author SHA1 Message Date
David Malone
d0c55c69c9 tpc -> tcp in an error message.
PR:		40771
Submitted by:	Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
2002-09-02 20:00:46 +00:00
David Malone
fa11816b52 Clear up a few warnings (unused variable, rpc versions are usigned so use %u,
rename a parameter to avoid shadowing a global).

MFC after:	1 month
2002-09-02 19:58:15 +00:00
Ruslan Ermilov
a654c53e16 mdoc(7) police: Removed redundant .Ns calls. 2002-08-13 16:07:28 +00:00
Hajimu UMEMOTO
09b1c35707 Add capability for limiting the maximum number of simultaneous
invocations of each service from a single IP address.

Requested by:	matusita
Reviewed by:	dwmalone
Tested by:	matusita on snapshots.jp.FreeBSD.org
MFC after:	2 weeks
2002-08-07 17:03:14 +00:00
Hajimu UMEMOTO
fc99a00c7f use IPV6_V6ONLY instead of non standard IPV6_BINDV6ONLY.
MFC after:	1 week
2002-07-22 15:22:53 +00:00
Tony Finch
ae5fafd8c8 Fix typo: corrisponds -> corresponds 2002-07-22 13:58:58 +00:00
Alfred Perlstein
d14ca883cb add support for rpc IPv6 (rpc/udp/46 ...)
Submitted by: Jean-Luc Richier <Jean-Luc.Richier@imag.fr>
2002-07-15 19:09:33 +00:00
Philippe Charnier
490d5836b5 The .Nm utility 2002-07-14 14:47:15 +00:00
Juli Mallett
0ec563a548 Replace the SWAP(var0,var1) macro with SWAP(type,var0,var1) and use it as
is appropriate to avoid using typeof/__typeof__.  It is worth noting that
SWAP() is only ever used to swap pointer values so 'void *' assumptions would
have been acceptable, but I'd gladly pay you tuesday for a cheeseburger^W
cleaner interface today.

Poked into submission by:	bde
2002-06-22 10:44:47 +00:00
Juli Mallett
d3a4920c06 Unused macro. 2002-06-22 10:34:08 +00:00
Juli Mallett
35ea397030 __FBSDID() strategic insertion. 2002-06-21 11:52:59 +00:00
Juli Mallett
edb616bbdc Kill __P, yuck. 2002-06-21 11:42:37 +00:00
Juli Mallett
2306f8e98f Mark unused variables __unused.
Built standalone, inetd(8) is WARNS=5 clean, WARNS=6 if you ignore %m fits.
2002-06-21 11:40:03 +00:00
Juli Mallett
0e23eb871d Use __typeof__ instead of typeof. 2002-06-21 11:25:11 +00:00
Juli Mallett
8aea60beea Kill bad whitespace and do some style cleanups as a result of the protoize. 2002-06-21 11:24:21 +00:00
Juli Mallett
081713dc5b ANSI prototypes via protoize(1). 2002-06-21 11:18:42 +00:00
John W. De Boskey
24aaa74c83 Log invalid config entries. Make the -d option actually log to
the terminal(-d fix from dwmalone).

Approved by:	dwmalone
MFC after:	2 weeks
2002-05-26 04:43:26 +00:00
Hajimu UMEMOTO
89511d9db3 Make compilable without -DINET6. 2002-05-08 17:20:08 +00:00
Hajimu UMEMOTO
7f59d20d17 Log address family of a connection.
Requested by:	matusita
Reviewed by:	matusita
2002-05-08 16:39:58 +00:00
Dima Dorfman
cce4c4fd8b Correct spacing. 2002-04-16 09:56:28 +00:00
Dima Dorfman
76183f3453 Introduce a version field to `struct xucred' in place of one of the
spares (the size of the field was changed from u_short to u_int to
reflect what it really ends up being).  Accordingly, change users of
xucred to set and check this field as appropriate.  In the kernel,
this is being done inside the new cru2x() routine which takes a
`struct ucred' and fills out a `struct xucred' according to the
former.  This also has the pleasant sideaffect of removing some
duplicate code.

Reviewed by:	rwatson
2002-02-27 04:45:37 +00:00
Sheldon Hearn
fa4ec4a5c2 Fix a typo.
Reported by:	Jurrien Koopmans <jjkoopmans@home.nl>
2001-12-11 13:14:48 +00:00
Dima Dorfman
f328d583a2 Use CFLAGS, not COPTS, in the Makefile. bsd.prog.mk conveniently adds
COPTS towards the end of final CFLAGS so that it can be used to
override Makefile and other defaults.  Using it in Makefiles risks
having options set using it clobbered when somebody uses it on the
command line.

Approved by:	bde
2001-09-05 20:10:59 +00:00
Ruslan Ermilov
753d686d34 mdoc(7) police: s/BSD/.Bx/ where appropriate. 2001-08-14 10:01:54 +00:00
David E. O'Brien
90e655ea4e Perform a major cleanup of the usr.sbin Makefiles.
These are not perfectly in agreement with each other style-wise, but they
are orders of orders of magnitude more consistent style-wise than before.
2001-07-20 06:20:32 +00:00
David Malone
b14326ea9a Turn off WARNS stuff. When combined with -nostdinc and system header
files that aren't WARNS clean it causes trouble.
2001-07-17 19:00:47 +00:00
David Malone
20e1eb2130 o Remove old setproctitle.
o Mark unused variables.
o Set WARNS?=2
o Results in no code changes.

Submitted by:	Mike Barcroft <mike@q9media.com>
2001-07-17 07:12:57 +00:00
Dima Dorfman
f247324df7 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
Ruslan Ermilov
a4c37c816b mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 15:12:08 +00:00
Dima Dorfman
70d51341bf mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
Ruslan Ermilov
5cdd6aaac6 mdoc(7) police: fixed markup, sorted xrefs. 2001-07-05 07:37:33 +00:00
Dima Dorfman
b63a058632 mdoc(7) police: fix spacing and punctuation issues. 2001-07-03 21:22:09 +00:00
David Malone
a933327c4b Don't add -Wall, as it's a compiler specific flag. 2001-06-24 09:20:42 +00:00
David Malone
b585f768e1 Fix most of the warnings given by WARNS=2. 2001-06-24 09:20:07 +00:00
Dima Dorfman
a910f192bb Remove duplicate words. 2001-06-24 01:34:38 +00:00
David Malone
1c8d1174b7 Give inetd the ability to manage unix domain sockets. Details of
how to use this feature are in the man page. This is based on work
by Lyndon Nerenberg.

(The only difficult part about this patch is the fact that you
can't fchown a unix domain socket, which means the sockets must be
put in a secure directory).

Reviewed by:	dillon
2001-06-16 18:54:54 +00:00
Maxim Sobolev
8657581bfd Correct cross-reference:
portmap.8 --> rpcbind.8

Submitted by:	.Xr testing script
2001-06-07 16:59:19 +00:00
David Malone
d57dbd1615 Get rid of se_ctladdrinitok, which doesn't do anything and seemes
to have been accidently imported when ipv6 support was added to
inetd.

Approved by:	ume
2001-06-06 20:00:42 +00:00
David Malone
aca66ea036 Correct a comment - the time service returns seconds since 1900 not 1970.
Submitted by:	ru
2001-06-04 11:47:08 +00:00
David Malone
9a0b3389d5 This patch cleans up the ident stuff in inetd. The code which has
been patched so many times it was a bit of a mess. There are style,
code and man page cleanups. The following are the functional changes:

	The RFC only permits the returning of 4 possible error
	codes, make sure we only return these (PR 27636).

	Use MAXLOGNAME to determine the longest usernames.

	Add a -i flag, which returns the uid instead of the username
	(this is from a PR 25787, which also contained alot of the
	cleanups in this patch).

PR:		25787, 27636
Partially Submitted by:	Arne.Dag.Fidjestol@idi.ntnu.no
Reviewed by:	Arne.Dag.Fidjestol@idi.ntnu.no, green
MFC after:	3 weeks
2001-06-04 11:43:29 +00:00
Hajimu UMEMOTO
a07ae7a1d8 Recently, other BSDs had faith support in inetd. Though our inetd has
it already, their syntax is not compatible with ours.  It will confuse
users.  So, we have compatibility with their syntex.

Approved by:	dwmalone
Obtained from:	NetBSD
2001-05-31 10:09:36 +00:00
David Malone
d0847e9377 Make dg_echo return up to the first 65536 bytes of a datagram.
The patch I used isn't quite the one Lars suggested, but the size
of the largest datagram you can recv isn't #defined anywhere, and
probably isn't even bounded for some protocols.

PR:		25050
Submitted by:	Lars Eggert <larse@isi.edu>
2001-05-26 14:40:39 +00:00
David Malone
74e14107c6 Don't spell requester as requestor. 2001-05-26 14:33:47 +00:00
David Malone
d517199f44 Allow ident requests with trailing junk following the terminating "\n".
Reviewed by:	ben
Approved by:	green
2001-03-28 13:41:19 +00:00
Ruslan Ermilov
345e52e742 - Backout botched attempt to introduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:42:20 +00:00
Ruslan Ermilov
c73e22c3d4 Set the default manual section for usr.sbin/ to 8. 2001-03-20 18:17:26 +00:00
Ruslan Ermilov
c2d03ea879 Eliminate mdocNG warnings caused by misplaced or extraneous macro calls. 2001-02-28 17:38:53 +00:00
Brian Feldman
c0511d3b58 Switch to using a struct xucred instead of a struct xucred when not
actually in the kernel.  This structure is a different size than
what is currently in -CURRENT, but should hopefully be the last time
any application breakage is caused there.  As soon as any major
inconveniences are removed, the definition of the in-kernel struct
ucred should be conditionalized upon defined(_KERNEL).

This also changes struct export_args to remove dependency on the
constantly-changing struct ucred, as well as limiting the bounds
of the size fields to the correct size.  This means: a) mountd and
friends won't break all the time, b) mountd and friends won't crash
the kernel all the time if they don't know what they're doing wrt
actual struct export_args layout.

Reviewed by:	bde
2001-02-18 13:30:20 +00:00
Ruslan Ermilov
610a5778c5 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:44:04 +00:00
David Malone
1c3b5f2290 Various cleanups of inetd: Avoid shadowing variables, use socklen_t
instead of ints, don't cast to char *, clear up some remote name
handling code which had become a little odd.

Should result in no functional changes.
2001-01-22 23:19:30 +00:00
David Malone
6ef18ba88d Don't mention /etc/protocols in inetd documentation or comments, as inetd
doesn't actually use it.

PR:		24307
Submitted by:	opentrax@email.com
2001-01-22 23:11:02 +00:00
Ruslan Ermilov
8b5c4af3ff Prepare for mdoc(7)NG. 2000-12-27 15:30:30 +00:00
David Malone
38db6bf3e5 Add a -F option to the builtin ident service, which allows .fakeid files
to contain the name of other valid users.

PR:		22837
Submitted by:	Andreas Gerstenberg <andy@andy.de>
Reviewed by:	green
Reviewed by:	sheldonh
2000-12-05 13:56:01 +00:00
David Malone
13f1579a17 Tidy up some prototypes:
make sure there is exactly one prototype for each function,
        use K&R style definitions everywhere to match dominant style,
        make flag_signal take an int to avoid problems if we have
                ANSI prototypes and K&R definitions.
2000-12-03 11:32:26 +00:00
Brian Feldman
c4483bc094 Make some style changes to the ident_stream() code.
Partially submitted by:	alfred
Reviewed by:	alfred
2000-12-02 21:18:11 +00:00
Brian Feldman
6fe761c783 Security fix: correctly set groups according to the user. Previously,
root's groups' permissions were being used, so a user could read up to
16 (excluding initial whitespace) bytes of e.g. a wheel-accessible file.

Also, don't allow blocking on the opening of ~/.fakeid, so replace a fopen()
with open() and fdopen().  I knew I'd be going to hell for using C file
streams instead of POSIX syscalls...
2000-11-25 04:13:05 +00:00
Ruslan Ermilov
e97407b4f2 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 20:10:44 +00:00
Nick Hibma
b8a4b6cd44 Be explicit about the fact that you can only specify one IP address/hostname 2000-10-29 13:49:18 +00:00
David Malone
caf6015598 Fix two typos in comments.
PR:		22268
Submitted by:	Daniel S. Lewart <d-lewart@uiuc.edu>
2000-10-24 18:47:57 +00:00
David Malone
1051d92c68 Claim maintainership of inetd. 2000-10-21 09:44:46 +00:00
David Malone
f27a3b3e41 Don't leak a file discriptor if a service we've called accept() for
loops.

Submitted by:	Ian Dowse <iedowse@maths.tcd.ie>
2000-10-21 09:43:12 +00:00
David Malone
00205ff618 Make reconfiguring an external service as builtin service work.
PR:		21650
Submitted by:	ben
Tested by:	dan@ducky.nz.freebsd.org
2000-10-02 12:08:27 +00:00
David Malone
957672f9d4 Stop internal ident service spinning until the timeout if the
connection goes away. Spotted by people on -STABLE about 2 weeks
ago.

Submitted by:	Based on a patch by alfred and Maxime Henrion <mux@qualys.com>
2000-10-02 12:04:17 +00:00
David Malone
1b65d153ee Explain "-c" option more exactly and state the default in the man
page.

Add ability to run "inetd -R 0" to disable the default connection
per minute limit of 256 connections. Document this in man page.

Don't use maxchild as a boolean - instead check if it is greater
than zero.

Reviewed by:	sheldonh
Based on a patch by:	Alexander Langer <alex@big.endian.de>
2000-08-03 15:45:38 +00:00
David Malone
2968046ea1 specifer -> specifier 2000-08-03 15:33:39 +00:00
David Malone
8acc38283a Sleep for a second after tcp wrappers rejects a connection, so we
don't traumatise the parent inetd.

Requested by:	wietse@porcupine.org
Approved by:	markm
2000-07-31 13:10:52 +00:00
David Malone
7d37a2e661 Make builtin ident service work if the request arrives in more than
one packet. Also check that the whole request has been recieved
before processing it.

The patch isn't the exact one from the PR, but a slight varient
suggested by Brian.

PR:		16086
Submitted by:	Hajimu UMEMOTO <ume@mahoroba.org>
Reviewed by:	green
2000-07-12 20:49:06 +00:00
Brian Feldman
9e72c31886 Fix the ident server up more: use ssize_t/size_t/socklen_t/int all in the
proper places and make the fakeid parsing code a bit less stupid.  Also,
remove an "Rflag" that snuck in there (-R wouldn't be accepted by it,
anyway).
2000-05-30 22:51:05 +00:00
John Baldwin
1078172a77 Fix a 64-bit'ism in the handling of the ident service. sysctlbyname() takes
a size_t as its 3rd argument, which is 64-bits on the alpha.  The 'len'
variable used was a int, which is only 32-bits.  Use size_t as the type
for 'len' to work-around this.
2000-05-30 18:32:58 +00:00
Sheldon Hearn
6e26837e5f Clarify the use of the auth service's -d option for specifying
a fallback username.

Reviewed by:	green
2000-04-26 10:40:35 +00:00
Hajimu UMEMOTO
612c58996e Make sure to use IPv4 mapped IPv6 address when mapped address is
requested in /etc/inetd.conf.

Reviewed by:	shin
2000-04-02 16:11:14 +00:00
Sheldon Hearn
a3ad0852cc Optimize those services that send only one block of data: use send(2)
with the MSG_EOF flag set instead of write(2).

Submitted by:	David Malone <dwmalone@maths.tcd.ie>
Reviewed by:	wollman
2000-03-28 09:45:19 +00:00
Brian Feldman
7ef719fb93 Allow using "-d username" without "-r". Example:
auth   stream  tcp     nowait  root    internal        auth -d "Only fools trust ident"
2000-03-28 01:10:35 +00:00
Ruslan Ermilov
4049dbb5fc "can received" -> "can receive". 2000-03-22 16:07:32 +00:00
Yoshinobu Inoue
1a0760dd60 Make inetd compilable without INET6.
Approved by: jkh

Submitted by: jhb
2000-03-11 11:28:08 +00:00
Yoshinobu Inoue
a9a948a9bb Fix addr length argument value passed to sendto().
Some inetd internal udp servers didn't worked with problem.
Also fix recvfrom() "fromlen" arg type from int * to socklen_t *.

Approved by: jkh

Submitted by: bde
2000-03-09 15:07:38 +00:00
Sheldon Hearn
46c670939c Clarify the facility used for logging with and without the wrapping
options.

PR:		17017
Submitted by:	Doug Barton <Doug@gorean.org>
2000-03-01 08:20:17 +00:00
Sheldon Hearn
b588cf276b Remove broken hard sentence breaks, which mess up the typeset output. 2000-02-29 17:36:44 +00:00
Yoshinobu Inoue
58af74e6b8 Fix broken inet logging when wrapping options are not specified.
Approved by: jkh

Submitted by: Ben Smithurst <ben@scientia.demon.co.uk>
2000-02-22 00:27:53 +00:00
Luigi Rizzo
8f9196f4a4 Make inetd picobsd friendly, dont use ipsec when RELEASE_CRUNCH
is defined

Approved-by: jordan
2000-02-09 09:04:36 +00:00
Yoshinobu Inoue
ef9c54c751 Fix inetd wrong AF check for RPC services
Incorrect Address Family check is done for RPC services, and
   fail to initialize it.
   The error check is replaced to new one, which checks if IPv4
   bind is enabled or not. (It is disabled when IPv6 numeric
   addr is specified for -a bind address option.)

An review reqeust is once sent to des, but he quit MAINTAINER.

Approved by: jkh
2000-02-03 09:54:49 +00:00
Dag-Erling Smørgrav
e1bbe71749 Drop maintainership of inetd, since nobody respects it anyway. 2000-02-01 09:21:22 +00:00
Yoshinobu Inoue
49de1b5759 Fix inconsistent debug output. (syslog -> warnx)
Specified by: sheldonh

Reviewed by: des
2000-01-28 20:06:15 +00:00
Sheldon Hearn
a35bd5f6f8 Fix English, mdoc and layout of the previous commit, as requested by
the committer (shin).  While I don't have permission for this change
from the inetd maintainer (des), I assume that shin has permission
and I'm just fixing his contribution up for him.

Okay, I couldn't resist, I made some extra changes:

	* Replace ".Tn FreeBSD" with .Fx
	* Make the illegal TCPMUX and IPSEC sections legal subsections
	  of the IMPLEMENTATION NOTES section.

Requested by:	shin
2000-01-28 10:21:19 +00:00
Yoshinobu Inoue
f669e3af26 Avoid verbose error messages when ipsec initialization for sockets failed
usually, and print it only when debug is enabled.
(This always happens when kernel is configured without IPSEC option.)
2000-01-27 14:46:15 +00:00
Yoshinobu Inoue
0cac72f42c several tcp apps IPv6 update
-inetd
 -rshd
 -rlogind
 -telnetd
 -rsh
 -rlogin

Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
2000-01-25 14:52:10 +00:00
Philippe Charnier
e2b7d85745 Do not dot terminate sentences inside FILES section. Lowercase
inside error messages.
2000-01-23 20:17:41 +00:00
Brian Feldman
5a5e442acd I like base-36 better. 2000-01-20 01:49:41 +00:00
Brian Feldman
18338e9e0f Implement -g and -d options in my ident code. The -g flag uses a random
garbage value for the username (hex garbage, that is), and the -d flag
provides a default username for fallback purposes if the user cannot be
looked up.  That is very useful for the case where inetd auth is
running on a NAT box.

While I'm here updating the manpage, clean up an English error and a
few small nits.
2000-01-19 22:03:12 +00:00
Peter Wemm
0b8c4709dc Put the listening socket into non-blocking mode before doing an
accept(2).  This is a not really problem on -current as the accept race
is fixed, however it is a MFC candidate for -stable.

This could possibly be slightly more efficient and leave the listening
socket permanently in non-blocking mode, but I wasn't certain that I
could catch all the stream/wait (not nowait) mode implications.
1999-11-17 03:32:05 +00:00
Philippe Charnier
42474ae390 Do not dot or \n terminate syslog string. 1999-10-13 20:22:13 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Dag-Erling Smørgrav
5dcb6878e1 Pull on my asbestos undies and claim ownership of inetd to prevent further
flamage between our beloved messrs Hearn and Feldman. Further commits go
through me. I urge the contestants to direct their energies at cleaning
up main() in inetd.c, which has over time become a crawling horror.
1999-07-26 08:43:03 +00:00
Brian Feldman
019893b437 Here goes, the "clear up any possible confusion" commit.
I've taken time to write up comments for the ident code tonight,
so there should no longer be any confusion about the purpouse of
whatever is in there. Wow, me commenting code... who'd have thought
that would happen?

Reviewed by:	DES
1999-07-26 07:57:35 +00:00
Sheldon Hearn
daae13874a Bring two wayward memory allocation failure messages in line with
those featured in the rest of the code.
1999-07-26 06:39:46 +00:00
Brian Feldman
ecf12be032 More cleanups to ident_stream. Variables moved around, changed.
Got rid of an extra variable or two, while making corrections to
problems (that would probably not be a problem anyway, and worked.)

Partially Obtained from:	David Malone <dwmalone@maths.tcd.ie>
1999-07-25 23:15:03 +00:00
Brian Feldman
2404a15a12 Correct a groff error in macro usage ("foo : bar" becomes "``foo: bar''").
Document the auth -n flag.
1999-07-24 17:11:50 +00:00
Brian Feldman
2d878a1923 More cleanups, asprintf() usage (proper, as opposed to using snprintf()),
and addition of a -n .noident-checking flag.
1999-07-24 17:06:05 +00:00
Brian Feldman
b52c43b357 Clean up to match style(9) more closely. This should fix the problem of
people having ants in their pants ;)
1999-07-24 16:24:03 +00:00
Sheldon Hearn
9a16e31ade Use comments to group functions by service more clearly. I've used the
excuse of providing the RFC numbers for the associated services.
1999-07-24 13:02:09 +00:00