Commit Graph

1509 Commits

Author SHA1 Message Date
ru
e0a06587ac Style: move .PATH to where it belongs. 2005-10-14 15:41:09 +00:00
peter
db8830bc2d Clean out the leftovers from the i386_set_gsbase() TLS conversion.
Like on libthr, there is an i386_set_gsbase() stub implementation here
to avoid libc.so.5 issues.  This should likely be a weak symbol and I
expect this will be fixed soon.

Approved by:	re
2005-06-29 23:15:36 +00:00
ru
e2200cd04b Removed trailing whitespace.
Approved by:	re (blanket)
2005-06-14 08:41:11 +00:00
ru
bd91acfc56 Bump document date on behalf of a recent change.
Approved by:	re (blanket)
2005-06-14 08:40:10 +00:00
nectar
a23214e059 Remove rexecd(8), a server that implements a particularly insecure
method of executing commands remotely.  There are no rexec clients in
the FreeBSD tree, and the client function rexec(3) is present only in
libcompat.  It has been documented as "obsolete" since 4.3BSD, and its
use has been discouraged in the man page for over 10 years.
2005-06-10 20:52:36 +00:00
des
2bb8de20fe Remove kludges intended to support src trees with partial obj trees.
Discussed with:	ru
2005-06-10 06:12:53 +00:00
marius
4eca37e10b MFNetBSD: src/libexec/ld.elf_so/arch/sparc64/mdreloc.c 1.26 (partial)
Fix an obvious bug in the 64-bit PLT fixup: the SLLX was by 12 bits, when
it should be 32.

MFC after:	1 month
2005-06-04 20:49:15 +00:00
marcel
97c723a388 Fix the load64 and store64 macros, created to handle 8-byte unaligned
loads and stores (resp.) The ldq_u and stq_u instruction mask off the
lower 3 bits of the final address before loading from or storing to
the address, so as to avoid unaligned loads and stores. They do not
themselves allow loads from or stores to unaligned addresses. Replace
the macro definitions by a packed struct dereference.

Submitted by: Richard Henderson (rth at twiddle dot net)
2005-06-02 05:34:08 +00:00
maxim
7a5321874f o Missed colon in getopt(3) argument makes tftpd(8) crash. Fix that.
PR:		misc/81732
Submitted by:	Denis Grudkin
MFC after:	2 weeks
2005-05-31 17:22:53 +00:00
eivind
b83d3b8bcc Fixup of last commit: Use the name X instead of XFree86 for the server binary,
thus being compatible with both XFree86 and X.org.

Noticed by: danfe
2005-05-27 06:07:21 +00:00
eivind
5594ff1b13 Make the example for using xterm as a login manager to match the X of the
noughties, not eighties.
2005-05-27 00:39:11 +00:00
dfr
46ba1c3d37 Align the stack to a 16 byte boundary before calling _rtld so that we can
safely initialise shared libraries that use SSE in their init sections.

MFC After: 1 week
2005-05-19 07:32:42 +00:00
keramida
4bf80fbbcf Switch to WARNS=2 instead of tinkering directly with CFLAGS (level 2 was
picked because higher warn levels are broken for ftp-proxy at the moment).

Approved by:	mlaier
2005-05-18 12:19:50 +00:00
obrien
06fef1a964 Enable lukemftpd for 6.0-RELEASE. 2005-05-16 17:12:23 +00:00
ume
e33ba03345 NI_WITHSCOPEID cleanup. Neither RFC 2553 nor RFC 3493 defines
NI_WITHSCOPEID, and our getaddrinfo(3) does nothing special
for it, now.
2005-05-13 16:31:11 +00:00
jmallett
f0d513b44e Spell SHUT_RDWR as SHUT_RDWR not 2 as the how argument to shutdown(2). 2005-05-11 02:43:04 +00:00
jmallett
72198c2a2f Spell SHUT_RDWR as SHUT_RDWR not 1+1 as the how argument to shutdown(2). 2005-05-11 02:41:39 +00:00
delphij
847a7e5295 Prevent usage of nested externs. 2005-05-06 15:28:54 +00:00
davidxu
581ef8042b Fix compilation problem. 2005-04-27 13:17:23 +00:00
peter
55bba67087 Stop calling _amd64_set_gsbase() for COMPAT_32BIT. The amd64 kernel
implements i386_set_gsbase(), so there is no need for the variation.
2005-04-26 20:38:44 +00:00
das
e2b9708f18 s/int/size_t/ as appropriate.
Noticed by:	bde
2005-04-17 01:06:37 +00:00
peter
1fad513bbc Attempt to use i386_set_gsbase(), and gracefully fall back to LDT methods
if the direct access methods are not implemented.
2005-04-14 00:04:50 +00:00
dougb
bb01989367 The script mistakenly ignores the entropy_save_sz variable from
rc.conf[.local]. Fix this, and leave the default as 2048.

Update the copyright year to include the present.

Update the assignment of the copyright to be me personally,
instead of "The FreeBSD Project" which is not a legal entity,
and therefore not a proper assignee. My intention remains the
same however, that this code continue to be BSD licensed, and
freely available to anyone that wants it under those terms.

PR:		conf/75722
Submitted by:	Nicolas Rachinsky <list@rachinsky.de>
2005-04-11 02:07:33 +00:00
des
ca18f36fa5 Revert parts of previous commits and use a temporary variable to avoid
an invalid type pun.
2005-04-08 11:19:50 +00:00
cognet
6bb6868e16 No need to provide atomic_cmpset_32() anymore. 2005-04-07 22:04:49 +00:00
nectar
32eab0f970 An array was mistaken for a pointer in the previous commit.
Noticed by:	tinderbox, stefanf
Pointy hat to:	nectar
2005-04-07 19:26:35 +00:00
stefanf
e45b89dcfd Include gettytab.h before extern.h so that the declarations of struct
gettyflags, gettynums and gettystrs are available.
2005-04-06 17:42:24 +00:00
nectar
816af95a77 Correct type mismatch introduced in last commit.
Noticed by:	Steve Kargl <sgk@troutmask.apl.washington.edu>
2005-04-05 18:25:27 +00:00
nectar
6435ce940d DES pointed out that the PAM layer may change the target user name
during authentication.  Thus we need to call getpwnam *after* the user
has been authenticated.  Colin mentioned that we should also move the
check for root in that case.
2005-04-05 14:55:33 +00:00
dfr
cfeb84df7a When allocating TLS and DTV, make sure that any unused slots in the DTV
are initialised to zero. When freeing TLS, don't attempt to free DTV
slots which were not used.

Pointed out by: Joerg Sonnenberger
X-MFC-After: After the branch, probably
2005-03-30 08:28:26 +00:00
nectar
8f12f32e0d When PAM support was added to rexecd in revision 1.29 (just prior to
5.0-RELEASE), a visually elusive bug was introduced.  A comparison
operator was changed to assignment.  As a result, rexecd behaved
always as if the `-i' option had been specified.  It would allow root
logins.  This commit corrects the situation in the obvious way.

A separate bug was introduced at the same time.  The PAM library
functions are called between the invocation of getpwnam(3) and the use
of the returned static object.  Since many PAM library functions
result in additional getpwnam(3) calls, the contents of the returned
static object could be changed from under rexecd.  With this commit,
getpwnam_r(3) is used instead.

Other PAM-using applications should be reviewed for similar errors in
getpw* usage.

Security:	rexecd's documented default policy of disallowing root
		logins was not enforced.
Reviewed by:	cperciva
2005-03-27 13:59:44 +00:00
cperciva
fdbab8722b If "dangerous" environment variables (LD_PRELOAD, LD_LIBMAP,
LD_LIBMAP_DISABLE, LD_LIBRARY_PATH) are used, then make sure the
libraries being loaded aren't on a noexec-mounted filesystem.

This is a compromise position: I'm assuming that nobody will be silly
enough to set the noexec mount flag on part of the default library
path, in order to avoid adding extra overhead into the common case
(where those environment variables aren't used).

Discussed with:	csjp, secteam
MFC after:	1 week
2005-03-24 10:12:29 +00:00
das
930b2ee454 Use sysconf(_SC_ARG_MAX) instead of NCARGS. 2005-03-21 08:01:14 +00:00
davidxu
4da02be559 Add locking code for tls routines. 2005-03-20 23:28:25 +00:00
ru
860c6fe96a Install rlogind(8). Pointy hat is available on request. 2005-03-03 15:59:32 +00:00
trhodes
792676bbc2 Wrap BSD r* commands in NO_RCMDS.
Change NO_RCMDNS to NO_RCMDS and do the switch in bsd.compat.mk.

Discussed with: ru, nectar
2005-03-02 11:53:22 +00:00
ume
2da58c2233 correct WARNS=6 fix to use cast to (void *).
use of struct sockaddr_strage * is thought as not good manner. :)
2005-03-01 10:55:06 +00:00
dfr
0c34e7e727 Attempt to free any static TLS space used by a shared library when it
is unloaded. This allows applications which load and unload libraries
like libGL.so.1 several times to work properly.

MFC after: 2 days
2005-02-27 12:55:40 +00:00
cognet
3eb9286d7e Only provide the dummy, non-atomic atomic_cmpset_32() if
ARM_HAS_ATOMIC_CMPSET_32 isn't defined.
2005-02-26 22:49:19 +00:00
des
235eb699e1 If what we have is a struct sockaddr_storage * and what we want is a
struct sockaddr_storage *, there's no point in casting it prematurely
to a struct sockaddr *.  This unbreaks WARNS=6 on sparc64.
2005-02-23 21:26:55 +00:00
des
6b77db7044 Make WARNS=6-clean. 2005-02-23 17:13:28 +00:00
yar
e7b22678a4 Add some consistency checks to the signal-related code.
MFC:	along with rev. 1.202
2005-02-16 11:35:51 +00:00
yar
631e693b39 A call to maskurg() makes sense only when a transfer is under way,
the function will emit an annoying log message otherwise.

Reported by:	kris
MFC:		along with rev. 1.202
2005-02-16 11:22:20 +00:00
stefanf
08dca4373d - Use socklen_t.
- No need for 'fromlen' to have file scope.
- Remove an unused variable.
2005-02-14 17:59:52 +00:00
stefanf
03a2de3818 Fix most cases where the address of an int is passed to a function expecting a
socklen_t * argument.
2005-02-14 17:42:58 +00:00
ru
6b6b8c04f6 Expand contractions. 2005-02-13 23:45:54 +00:00
ru
1541af42f1 Expand *n't contractions. 2005-02-13 22:25:33 +00:00
ru
ad21eaf4a1 Sync program's usage() with manpage's SYNOPSIS. 2005-02-09 20:36:12 +00:00
ru
349a29d45a Removed Kerberos remnants. 2005-02-09 20:23:36 +00:00
ru
8f0a058ccf The only user of this utility (share/man/man0) was removed 2+ years ago. 2005-02-09 19:50:45 +00:00
mdodd
07c084eb10 Description from Dan:
Another handy libmap patch.  Lets you do stuff like this:

	LD_LIBMAP="libpthread.so.1=libthr.so.1" mythreadedapp

	If you already have a program-specific override in libmap.conf, note
	that you must use a program-specific override in LD_LIBMAP:

	LD_LIBMAP="[mythreadedapp],libpthread.so.1=libthr.so.1" mythreadedapp

PR:		bin/74471
Submitted by:	Dan Nelson <dnelson AT allantgroup.com>
MFC after:	2 weeks
2005-02-04 02:46:41 +00:00
mdodd
c0a4f2af34 style(9) 2005-02-04 02:13:37 +00:00
ru
e68efdc747 Let bsd.prog.mk set SRCS and MAN to their default values. 2005-01-28 16:08:11 +00:00
yar
2f9f83ffc7 Respect the `logging' flag.
Pointed out by:	Nick Leuta
MFC after:	3 days
2005-01-19 10:49:40 +00:00
yar
e3e66eec0c Improve handling SIGURG and OOB commands on the control channel.
The major change is to process STAT sent as an OOB command w/o
breaking the current data transfer.  As a side effect, this gives
better error checking in the code performing data transfers.

A lesser, but in no way cosmetic, change is using the flag `recvurg'
in the only signal-safe way that has been blessed by SUSv3.  The
other flag, `transflag,' becomes private to the SIGURG machinery,
serves debugging purposes only, and may be dropped in the future.

The `byte_count' global variable is now accounting bytes actually
transferred over the network.  This can give status messages looking
strange, like "X of Y bytes transferred," where X > Y, but that has
more sense than trying to compensate for combinations of data formats
on the server and client when transferring ASCII type data.  BTW,
getting the size of a file in advance is unreliable for a number of
reasons in the first place.  See question 18.8 of the Infrequently
Asked Questions in comp.lang.c for details.

PR:		bin/52072
Tested by:	Nick Leuta (earlier versions), a stress-testing tool (final)
MFC after:	1 month
2005-01-19 10:33:20 +00:00
ru
d95b3c4c8d Sort sections. 2005-01-18 09:29:40 +00:00
delphij
830453071a 64-bit clean + WARNS=6:
- Convert the (char *) cast+cast backs magic to
	  memcpy(3).  Without this, the resulting code
	  is potentially risky with higher optimization
	  levels.
	- Avoid same name when calling local variables,
	  as well as global symbols.  This reduces
	  confusion for both human and compiler.
	- Add necessary casts, consts
	- Use new style function defination.
	- Minor style.Makefile(5) tweak
	- Bump WARNS?= from 0 to 6

** for the aout code: changes are intentionally limited
   to ease maintaince.
2005-01-14 12:22:57 +00:00
trhodes
4fcbaea729 Restore these files to make ldconfig(8) happy. 2005-01-11 16:40:29 +00:00
trhodes
8af8fbaa58 Remove a.out runtime linker. It doesn't build and was removed from the
build over two years ago by peter.

The binary a.out version of ld.so can be obtained from misc/compat22 or
src/lib/compat/compat22.

Discussed on:	-arch
Voted yes:	jhb, ru, linimon, delphij
2005-01-11 06:15:19 +00:00
yar
d9ac4c4879 Replace err(3) calls when in daemon mode by syslog(3), too.
A daemon has no stderr to send its complains to.

Pointed out by:	Nick Leuta
MFC after:	1 week
2005-01-10 12:19:11 +00:00
ru
c8158555ed NOPAM -> NO_PAM 2004-12-21 12:49:24 +00:00
ru
5c04306fea NOINET6 -> NO_INET6 2004-12-21 10:49:29 +00:00
ru
f4c44b761b NOCRYPT -> NO_CRYPT 2004-12-21 10:16:04 +00:00
ru
74176cc161 NODOCCOMPRESS -> NO_DOCCOMPRESS
NOINFO -> NO_INFO
NOINFOCOMPRESS -> NO_INFOCOMPRESS
NOLINT -> NO_LINT
NOPIC -> NO_PIC
NOPROFILE -> NO_PROFILE
2004-12-21 09:33:47 +00:00
ru
cec60429bb Start the dreaded NOFOO -> NO_FOO conversion.
OK'ed by:	core
2004-12-21 08:47:35 +00:00
yar
32ba549445 Do a small style(9) fix before I'm hacking the code itself. 2004-12-16 07:27:28 +00:00
yar
33935e064e free(3) is void already. 2004-12-16 07:17:56 +00:00
yar
1a2e300653 Never emit a message to stderr: use syslog instead.
When in inetd mode, this prevents bogus messages from
appearing on the control channel.  When running as a
daemon, we shouldn't write to the terminal we used to
have at all.

PR:		bin/74823
MFC after:	1 week
2004-12-12 17:30:28 +00:00
cognet
d983d8756d Implement a dummy atomic_cmpset_32(). It should be safe to use it in rtld as
the signals are masked anyway.
2004-11-23 16:32:34 +00:00
yar
a4b5efda6e When looking for a virtual host to handle the connection,
stop the search on the first match for efficiency.

Submitted by:	Nick Leuta
2004-11-22 11:10:04 +00:00
yar
c859d46011 Calling pam_chauthtok() isn't really needed since
an FTP user has no chance to change password anyway.

Submitted by:	Nick Leuta
2004-11-22 11:02:42 +00:00
yar
0570780491 Don't log the chroot dir on every command since it's constant for a session.
Log it once at the beginning of the session instead.  OTOH, log wd each
time for the sake of better auditing and consistent log format.

Proposed by:	Nick Leuta <skynick -at- mail.sc.ru>
2004-11-22 10:48:29 +00:00
yar
87abae189e Always log remote IP.
PR:		bin/59773
2004-11-22 10:27:16 +00:00
yar
806e7b8b99 Treat host name buffers consistently. 2004-11-22 10:16:43 +00:00
yar
604b588faf Make chrootdir global and use it in log messages
regarding restricted users.

MFC after:	2 weeks
2004-11-18 14:15:32 +00:00
yar
d46c701ed5 Nitpicking on style(9) and whitespace.
Tested with:	md5(1)
2004-11-18 13:55:15 +00:00
yar
b18d29fccd Use __FBSDID. 2004-11-18 13:46:29 +00:00
yar
47da99e1ad Don't say, "file: permission denied," if the operation
is disabled entirely.
2004-11-18 11:50:01 +00:00
yar
e3b3851567 Use uniform punctuation, capitalization, and language style
in server messages wherever this doesn't contradict to a particular
message format.
2004-11-18 11:45:13 +00:00
yar
81121bedaf Apply __printflike() to the appendf() prototype so the compiler
can detect format errors.
2004-11-18 11:32:35 +00:00
yar
a6025b1cf1 Fix perror_reply() vs. reply() usage. 2004-11-18 11:27:31 +00:00
yar
3851ed3f4f '\n' needs not to appear in reply() strings. 2004-11-18 11:07:00 +00:00
yar
750c661453 Log pathname arguments to ftp commands as the user specified them;
add the working directory pathname to the log message if any of
such arguments isn't absolute.  This has advantage over the old
way of logging that an admin can see what users are actually trying
to do, and where.  The old code was also not too robust when it
came to a chrooted session and an absolute pathname.

Pointed out by: Nick Leuta
MFC after:      2 weeks
2004-11-18 10:02:28 +00:00
yar
6cd7428b13 Use S_ISDIR() macro instead of a hand-rolled test. 2004-11-18 09:26:58 +00:00
yar
28f076df82 getcwd() won't leave a error string in the buffer, unlike getwd(). 2004-11-18 00:14:09 +00:00
yar
95ee012f23 Use POSIX functions instead of legacy ones:
getwd() -> getcwd()
	wait3() -> waitpid()
2004-11-17 22:43:46 +00:00
yar
5bdd791606 Kill more unneeded casts found.
Noticed by:	Nick Leuta <skynick -at- mail.sc.ru> (some of them)
2004-11-17 11:52:41 +00:00
jhb
59f4aaaef0 Remove 80386 support from the ELF run time linker. 2004-11-16 20:45:51 +00:00
yar
ddaaf2c2ee Don't invent ways of capitalization orthogonal to the English grammar. 2004-11-15 12:47:44 +00:00
yar
93c067539e RFC 959 states that the following codes should be used
for status replies on file system objects:

 212 Directory status.
 213 File status.

Reported by:	Oleg Koreshkov <okor -at- zone.salut.ru>
MFC after:	1 week
2004-11-15 12:41:56 +00:00
ru
1808b89247 So do it like we do in usr.bin/tip/tip/Makefile. ;) 2004-11-14 22:18:31 +00:00
schweikh
de23b48160 Revert previous commit. As ru explains:
In the old world (as the surrounding comment in makefile says), there
 was the /usr/libexec/ld-elf.so.1 binary which is now a symlink to
 /libexec/ld-elf.so.1. To symlink, we need to make sure that the
 _target_ (and the target is /usr/libexec/ld-elf.so.1) doesn't have
 "schg" flag set. A real solution is to protect the chflags call only if
 target exists, like we do in usr.bin/tip/tip/Makefile.

Requested by:	ru
2004-11-14 21:14:06 +00:00
schweikh
d2fd075432 Avoid an (ignored) error by invoking chflags on the link target, not the
symlink.

PR:		kern/73016
Submitted by:	John E. Hein <jhein@timing.com>
MFC after:	1 week
2004-11-14 12:47:20 +00:00
bz
4b83c5852a Add knob NO_NIS (fka NO_YP_LIBC) and make world compileable when set.
If turned on  no NIS support and related programs will be built.

Lost parts rediscovered by:	Danny Braniss <danny at cs.huji.ac.il>
PR:		bin/68303
No objections:	des, gshapiro, nectar
Reviewed by:	ru
Approved by:	rwatson (mentor)
MFC after:	2 weeks
2004-11-13 20:40:32 +00:00
yar
c9044cf500 Using off_t to pass a block size is obvious overkill.
The size_t type is better suited for that, particularly because
the "blksize" argument is to be passed to malloc() and read().
On 64-bit archs it's more to a style issue, but the good style
of coding in C is also important.
2004-11-13 13:42:43 +00:00
yar
9e5ec41335 Kill ancient casts to integral types left from the K&R era.
They're unneeded and sometimes erroneous now.
2004-11-13 13:15:47 +00:00
jhb
c60825dcfe Remove these unused files before any other archs include the same bogus
file.
2004-11-12 18:05:30 +00:00
peter
39432ffbdf The 32 bit compatability ld-elf32.so.1 cannot use i386_set_ldt() when
running on an amd64 kernel.  Use the recently exposed direct %fs/%gs set
routines instead for the TLS setup of 32 bit binaries.
2004-11-06 03:32:07 +00:00
ru
f0fbc30e0d Introduce the PRECIOUSPROG knob in bsd.prog.mk, similar
to PRECIOUSLIB from bsd.lib.mk.  The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.

Reviewed by:	oliver
2004-11-03 18:01:21 +00:00
yar
77ad2555a3 Fix logxfer() by using realpath(3) instead of playing with getwd(3).
Previously logxfer() used to record bogus pathnames to the log
in some cases, namely, when cwd was / or "name" was absolute.

Noticed by:	Nick Leuta
MFC after:	2 weeks
2004-11-03 06:52:40 +00:00