Commit Graph

1048 Commits

Author SHA1 Message Date
yar
e2a8ecd17c Eliminate another instance of the old and well-known
DoS bug that the select(2)/accept(2) pair is called on
a socket that is in the blocking I/O mode.  The bug is
triggered if a selected connection dies before the accept(2)
leading to the accept(2) blocking virtually forever.

MFC after:	1 week
2001-11-19 21:52:03 +00:00
peter
7f637f2bb2 Update rtld for the "new" ia64 ABI. In the old toolchain, the
DT_INIT and DT_FINI tags pointed to fptr records.  In 2.11.2, it points
to the actuall address of the function.  On IA64 you cannot just take
an address of a function, store it in a function pointer variable and
call it.. the function pointers point to a fptr data block that has the
target gp and address in it.  This is absolutely necessary for using
the in-tree binutils toolchain, but (unfortunately) will not work with
old shared libraries.  Save your old ld-elf.so.1 if you want to use
old ones still.  Do not mix-and-match.

This is a no-op change for i386 and alpha.

Reviewed by:	dfr
2001-10-29 10:10:10 +00:00
peter
0135add4a6 Fix a dependency violation (branch after alloc) 2001-10-29 10:05:32 +00:00
obrien
b4cb5029c7 When we set our UID to `nobody', set an appropriate group also.
Submitted by:	peter
2001-10-22 01:55:40 +00:00
fenner
1e7fe9f955 The interface index space may be sparsely populated (e.g. when an
interface in the middle is if_detach()'d).  Return (and handle)
 ENOENT when the ifmib(4) is accessed for a nonexistent interface.

MFC after: 14 days
2001-10-17 04:12:29 +00:00
dfr
7d69aa4536 Add ia64 support. Various adjustments were made to existing targets to
cope with a few interface changes required by the ia64. In particular,
function pointers on ia64 need special treatment in rtld.
2001-10-15 18:48:42 +00:00
yar
bc2c059580 Don't let a user name in ftpd's proctitle
be mistaken for a status message.

PR:		misc/25217
MFC after:	7 days
2001-10-12 13:16:34 +00:00
yar
090772b098 Be consistent about indent at least within one block of code. 2001-10-12 13:06:40 +00:00
dfr
eb9de05874 The support for accelerating find_symdef() with a cache was broken. This
fixes the problem and improves startup times for large applications such
as KDE2 considerably.

Reviewed by:	jdp
MFC after:	1 week
2001-10-10 07:15:01 +00:00
ru
3837a9604c Terminate the array of execv(3) pointers by a NULL pointer in the edge case.
PR:		bin/30913
Submitted by:	Dimitri Lommers <dimitri@hinttech.com>
2001-10-04 09:02:10 +00:00
ru
68c24f2f7d mdoc(7) police: markup nits. 2001-10-01 12:58:03 +00:00
kris
269b821fe5 Migrate uucpd to ports as well.
Noticed by:	ru
2001-10-01 07:53:13 +00:00
ache
7ec889372d 1) Use OPIE response only when OPIE keys really used
2) Use commonly used OPIE response form instead of self-made one
2001-09-29 19:22:24 +00:00
iedowse
4ca6bf57c4 Avoid a few compiler warnings (printf codes, missing includes etc).
PR:		bin/30864
Obtained from:	Dan Lukes <dan@obluda.cz>
MFC after:	1 week
2001-09-29 11:37:13 +00:00
iedowse
1556b78bef Missing `break' statements caused two error messages to become
"unkown error" [sic]. Add the missing breaks, and correct the
spelling typo.

PR:		bin/30865
Submitted by:	Dan Lukes <dan@obluda.cz>
MFC after:	1 week
2001-09-29 10:31:28 +00:00
obrien
fd227b9658 RFC2349 (http://www.hypermail.org/rfcs/rfc2349.html) adds support
for negotiation of timeout and file size to the tftp protocol.  This
is required by some firmware like EFI boot managers (at least on
HP i2000 Itanium servers) in order to boot an image using tftp.  The
attached patch implements the RFC, and in doing so also implements
RFC2347; a generic tftp option extension.

PR:		30710
Submitted by:	Espen Skoglund <esk@ira.uka.de>
2001-09-27 20:50:14 +00:00
iedowse
c6a3ab8fc6 RFC2132 is not clear about whether the "Maximum DHCP Message Size"
refers to the size of the whole ethernet packet, just the DHCP
message within the UDP payload, or something else. bootpd interpreted
it as a maximum UDP payload size, so it could end up sending
fragmented packets to clients (such as some versions of Etherboot)
that used different interpretations of the maximum message size.

Switch to the most conservative interpretation: ensure that the
ethernet packet containing the response is no larger than the
specified maximum message size. This matches the behaviour of
the ISC dhcpd.

MFC after:	1 week
2001-09-25 21:02:10 +00:00
mikeh
a3f68a6bff Improve the description on how to construct ~ftp/pub. Specifically,
don't instruct users to set the directory mode 777.

PR:		30690
Obtained from:	NetBSD (with modification)
MFC after:	2 weeks
2001-09-25 02:43:45 +00:00
ru
ad71f55b36 Fixed some of style bugs. 2001-09-12 10:04:42 +00:00
mikeh
808da37f93 Remove a field width specifier that's not doing anything more than
what using snprintf() achieves. It was also being used incorrectly.
2001-09-10 18:46:07 +00:00
dd
95cc672424 Include ttymsg.h from ../../usr.bin/wall instead of rolling our own
prototype.
2001-09-09 14:30:11 +00:00
sheldonh
10a7c0e8b9 Do the best we can with respect to fixing command-line option disorder
in the SYNOPSIS and DESCRIPTION.

Note that -l remains an ugly exception, to which no known rules apply,
since the specification of a single option multiple times isn't normal
standards-compliant CLI behaviour.

While here, mark AF_INET* and LOG_* defined values up with Dv.
2001-09-04 09:22:21 +00:00
ache
f85b78dcf9 File positions are off_t nowdays, not long, so:
atoi -> strtoll
    fseek -> fseeko

    NOTE: that fseek not works for >long offsets per POSIX:

    [EOVERFLOW] For fseek( ), the resulting file offset would be a value which
    cannot be represented correctly in an object of type long.

Fix minor cast too.
2001-09-03 05:06:48 +00:00
sheldonh
c86b5450b5 Extend the functionality offered by the -o option into a new option
-O, which limits the impact of the write-only restriction to guest
users.

*) The existing manual page's SYNOPSIS and option listing in the
   DESCRIPTION are already horribly disordered.  No attempt has been
   made to fix this.

*) The existing source's getopt() optstring and option handling switch
   are already horribly disordered.  No attempt has been made to fix
   this.

Discussed with: nik, -audit
2001-09-02 17:24:19 +00:00
ache
858507dd20 long -> off_t
long -> time_t
%ld -> %qd
fseek -> fseeko

NOTE: that fseek not works for >long offsets per POSIX:

[EOVERFLOW] For fseek( ), the resulting file offset would be a value which
cannot be represented correctly in an object of type long.
2001-09-02 14:18:28 +00:00
markm
5987cca2b8 Manually unifdef(1) CRAY, UNICOS, hpux and sun uselsess code. 2001-08-29 14:16:17 +00:00
nik
28e8743f4b Add a new option, '-o', for "Write-only". Disables the RETR command,
preventing anyone from downloading files.  In conjunction with -A, and some
appropriate file permissions, this lets you create an anonymous FTP drop
box for people to upload files to.

The more obvious "-w" flag is already taken by NetBSD's ftpd.  "-o" was
available as an option letter in all three BSDs.
2001-08-28 11:59:21 +00:00
brian
8638e55f32 Put a parenthesis in the right place (DUH!).
This fixes the apparent immediate client timeout problem.
2001-08-25 23:41:37 +00:00
dd
2c3a92a16f Remove description of an option that only applies to UNICOS < 7.0.
That define may still be present in the source, but I don't think
anyone has plans to try to use it.

Obtained from:	NetBSD
2001-08-25 21:29:12 +00:00
brian
d5f1613eb6 Understand that a return value of 0 from NgRecvMsg() means that the
socket was closed.

This prevents erroneous ``Unexpected netgraph version'' from turning
up in the log.
2001-08-24 14:52:38 +00:00
ru
15006d0da8 Added netid(5) manpage.
PR:		docs/25657
Obtained from:	OpenBSD
2001-08-21 15:39:15 +00:00
brian
5ba6edf189 Handle snprintf() returning < -1. 2001-08-20 18:13:50 +00:00
brian
4e059b7f96 Handle snprintf() returning -1.
MFC after:	2 weeks
2001-08-20 12:50:21 +00:00
markm
162b7bf01c Feature merging and diff reduction between this code and crypto telnet.
Also remove conditional (AUTHENTICATION) code as we have never compiled
it here, and it is doubtful that it even works in this scenario.
2001-08-20 12:12:27 +00:00
ru
24c7b0a61d mdoc(7) police: s/BSD/.Bx/ where appropriate. 2001-08-14 10:01:54 +00:00
ru
80f060f0cf mdoc(7) police: protect trailing full stops of abbreviations
with a trailing zero-width space: `e.g.\&'.
2001-08-10 13:45:36 +00:00
ru
4345758876 mdoc(7) police:
Avoid using parenthesis enclosure macros (.Pq and .Po/.Pc) with plain text.
Not only this slows down the mdoc(7) processing significantly, but it also
has an undesired (in this case) effect of disabling hyphenation within the
entire enclosed block.
2001-08-07 15:48:51 +00:00
bde
5acdee8a8e Don't clobber the default for CFLAGS. 2001-08-03 21:45:54 +00:00
jon
d83e2b381c Fixes file descriptor leak in standalone mode.
Prevents simultaneous calls to updatestat() as function is not reentrant.

PR:		bin/24857
Submitted by:	Martin Butkus <mb@bagheera.thgwf.de>
MFC after:	1 month
2001-08-03 00:23:37 +00:00
brian
30c6547f47 Don't use SA_RESETHAND here. We gain nothing.
Suggested by: bde
2001-07-31 15:29:50 +00:00
brian
e516ca8abd Add a -l flag used to specify a label when no -p flag is given.
Start new sentences on new lines in pppoed.8.

MFC after: 1 week
2001-07-31 11:45:53 +00:00
brian
63673e8c2d Use sigaction() without SA_RESTART rather than signal() so that we
don't block in NgRecvData() after receiving a signal.

MFC after: 1 week
2001-07-31 09:53:20 +00:00
mikeh
b925de092b Rename the GLOB_MAXPATH flag of glob(3) to GLOB_LIMIT to be compatible
with NetBSD and OpenBSD. glob(3) will now return GLOB_NOSPACE with
errno set to 0 instead of GLOB_LIMIT when we match more than `gl_matchc'
patterns. GLOB_MAXPATH has been left as an alias of GLOB_LIMIT to
maintain backwards compatibility.

Reviewed by:	sheldonh, assar
Obtained from:	NetBSD/OpenBSD
2001-07-29 00:52:37 +00:00
sheldonh
9bfb9eedcd Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. The
definitions are more readable, and it's possible that they're
more portable to pathalogical platforms.

Submitted by:   David Hill <david@phobia.ms>
2001-07-26 11:02:39 +00:00
kris
60182bcb28 Xref to openssl(1) (i.e. "openssl passwd")
PR:		28885
Submitted by:	Gregory Bond <gnb@itga.com.au>
MFC After:	1 week
2001-07-26 02:41:53 +00:00
dd
44bf20e1b6 yp_errno is an enum ypstat.
PR:		29190
Submitted by:	Cristan Szmajda <cristan@unsw.edu.au>
Reviewed by:	md5(1)
2001-07-24 12:33:08 +00:00
kris
e2364a508f Save errno in signal handler
Obtained from:	OpenBSD
MFC After:	1 week
2001-07-24 05:41:13 +00:00
kris
da715e7cac MFcrypto/telnet/telnetd: Correct semantics of output_data*() and netflush()
to ensure deterministic operation
2001-07-23 22:00:51 +00:00
kris
fa37fb0db6 by by -> by
Obtained from:	OpenBSD
MFC After:	1 week
2001-07-23 11:00:31 +00:00
ru
016c529237 MFCrypto: fixed the remote buffer overflow. 2001-07-20 15:14:03 +00:00
obrien
199ab8cc56 Portability configuration data for LukeM ftpd. 2001-07-19 17:45:14 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
brian
785c88c056 Print the month number properly
MFC after: 1 week
2001-07-13 15:07:06 +00:00
brian
30426b7b3e Remove an extraneous space 2001-07-11 23:02:07 +00:00
ru
5e14a6862e mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 10:49:54 +00:00
markm
3b3e6201e7 Remove S/Key. PAM can do its job. Well, not quite - there is an issue
with the conversation function and challenges which needs to be
revisited, so in the interim a hack is introduced to provide
an OPIE challenge (which is random if OPIE does not apply)
at all non-anonymnous logins.
2001-07-09 17:46:24 +00:00
markm
84b43d4375 Goodbye S/Key, Hello OPIE.
I believe I have done due dilligence on this, but I'd appreciate
decent test scenarios and sucess (or failure) reports.
2001-07-09 17:34:22 +00:00
dd
eaa6ee03b8 mdoc(7) police: remove extraneous .Pp before and/or after .Sh. 2001-07-09 09:54:33 +00:00
brian
8636b161b3 Fix the type of the NULL arg to execl()
Idea from: Theo de Raadt <deraadt@openbsd.org>
2001-07-09 09:24:06 +00:00
ru
05e503d80a mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
ru
9cfe9ee246 mdoc(7) police: sort xrefs. 2001-07-04 13:30:53 +00:00
ru
19dd6363a7 mdoc(7) police: removed hard sentence breaks. 2001-07-04 13:27:05 +00:00
mikeh
01ef3095a5 stat(2) filesystem quotas act on, not filesystem quotas file resides on.
PR:		bin/4949
MFC after:	2 weeks
2001-06-19 04:45:50 +00:00
olgeni
1d67a55f97 Fix some typos.
MFC after:	1 week
2001-06-15 11:25:26 +00:00
dd
61b8c1c1c8 Move the definition of epsvall out of #ifdef VIRTUAL_HOSTING so that
the latter is not required for ftpd to compile.
2001-06-13 00:06:42 +00:00
ghelmer
d6ce76b54b Fix the number of bytes allocated by realloc when more space is needed
for the vector of arguments.

MFC after:	1 week
2001-06-07 20:05:18 +00:00
yar
b999f23d3f Add 'df' string to gettytab - the strftime(3) format for %d
in the banner messages (of course, defaults to "%+").

Submitted by:	Gleb Smirnoff <glebius@tak.estra.ru>
2001-06-07 13:53:23 +00:00
dd
608ddbaef3 In the "Message from Talk_Daemon" announcement, print the date as well
as the current time.  It's nice to know whether the talk request you
see was sent just a few minutes ago (assuming you didn't hear the
bell), or if it's been decaying for days (weeks?).
2001-06-07 05:26:57 +00:00
sobomax
0c29f662fa Correct cross-references:
ng_bpf.8    --> ng_bpf.4
  ng_ether.8  --> ng_ether.4
  ng_iface.8  --> ng_iface.4
  ng_pppoe.8  --> ng_pppoe.4
  ng_socket.8 --> ng_socket.4
  ng_tty.8    --> ng_tty.4
  ng_{type}.4 --> /dev/null

MFC after:	1 week
2001-06-05 12:40:03 +00:00
ru
fd136031ce Use new backup feature of install(1). 2001-05-28 16:58:35 +00:00
jdp
66a962ce67 Performance improvements for the ELF dynamic linker. These
particularly help programs which load many shared libraries with
a lot of relocations.  Large C++ programs such as are found in KDE
are a prime example.

While relocating a shared object, maintain a vector of symbols
which have already been looked up, directly indexed by symbol
number.  Typically, symbols which are referenced by a relocation
entry are referenced by many of them.  This is the same optimization
I made to the a.out dynamic linker in 1995 (rtld.c revision 1.30).

Also, compare the first character of a sought-after symbol with its
symbol table entry before calling strcmp().

On a PII/400 these changes reduce the start-up time of a typical
KDE program from 833 msec (elapsed) to 370 msec.

MFC after:	5 days
2001-05-05 23:21:05 +00:00
obrien
538e761e02 * include/elf.h has been repo copied to include/elf-hints.h, and it no
longer includes machine/elf.h.
* consumers of elf.h now use the minimalist elf header possible.

This change is motivated by Binutils 2.11.0 and too much clashing over
our base elf headers and the Binutils elf headers.
2001-05-02 23:56:21 +00:00
dwmalone
9d3e9efd8a Avoid a warning by making a variable a const char *. 2001-05-01 10:35:20 +00:00
markm
8fce913eef Replacement of the old error() routine with errx(3) was premature.
There are protocol issues to deal with.

Bring back this routine (renamed to avoid a library conflict in libssh)
and overhaul it for more 21st Century style coding.

Pointed out by:	bde
2001-04-29 17:50:29 +00:00
markm
8030ab2f51 Grrr. Fix a line that was fatfingered out during the cleanup.
Submitted by:	bde
Pointy hat:	markm
2001-04-29 09:03:52 +00:00
markm
92fb2502f8 Cleaner method of making PAMable apps static (in the optional case of
wanting static apps).
2001-04-28 15:18:10 +00:00
markm
6cecf95d7d Damn. That should be _enable_ static linking, not _force_ static linking. 2001-04-28 07:58:12 +00:00
markm
e0475f8cde Enable (optional) static linking.
Asked for by:	BDE
2001-04-28 07:56:49 +00:00
markm
fefaa70f2e Change names of functions and variables with global scope that are
in conflict with library values of the same name. This allows static
linking.
2001-04-28 07:55:19 +00:00
markm
1b58f2ae27 Allow static linking.
Asked for by:	BDE
2001-04-28 07:44:37 +00:00
markm
652660bca9 Clean up the error handling code a bit. There is no need to "roll our
own" error() routine when errx() is available. This resolves a conflict
when linking statically.
2001-04-28 07:43:01 +00:00
kris
e801e61e06 Replace a strcat() with a strlcat(). Partial sync with OpenBSD; more
work is needed.

Submitted by:	"Andrew R. Reiter" <arr@watson.org>
Obtained from:	OpenBSD
2001-04-24 10:33:46 +00:00
ru
2d1b95a96f mdoc(7) police: normalize .Nd. 2001-04-18 15:54:10 +00:00
ru
03fd77f5a8 mdoc(7) police: uppercase document title. 2001-04-18 08:25:26 +00:00
peter
2f71212769 Previous clobbered a work-in-progress. Here is the merged result:
Limit the "pathname" glob to one item, as that is what all users of it
are expecting, except for LIST.

Always glob, instead of when the first character is a ~.  For example,
if you had directories ~/x1, and ~/x2, then "cwd x[1]" would fail, but
"cwd ~/x[1]" would work since it was globbed due to the ~ character.
Also, "cwd ~/x[12]" used to arbitarily work as it used the first
expansion (ie: x1) without an error.  Make it return '550 ambiguous'
instead of '550 not found' so that the user can see the difference.

For LIST, just use the user supplied string as the popen does the glob.

Problem noticed by:  Ajay Mittal <amittal@iprg.nokia.com>
2001-04-17 03:03:45 +00:00
jedgar
58889ae5bb Limit number of paths returned via glob() for authorized users
using tilde expansion.
2001-04-17 02:33:20 +00:00
green
3b359dad32 Support the empty "PASS\r\n" command. 2001-04-16 22:20:26 +00:00
ru
06518a8e99 Document that SITE extensions are disabled for anonymous logins.
Obtained from:	logdaemon package by Wietse Venema
2001-04-16 14:51:11 +00:00
phk
a463dd29ce Add the "SITE MD5 filename" facility.
This allows you to determine if the file on the other side is the same
as the one you have without transferring the entire file to compare.

Needless to say, if the server end lies to you this check doesn't work,
but on the other hand, if it lies to you about the files checksum,
what can you trust from it ?
2001-04-15 20:59:29 +00:00
ru
ef2dbc1fb0 beforeinstall -> SCRIPTS. 2001-04-07 11:21:35 +00:00
ru
398417e59b mdoc(7) police: cosmetics. 2001-04-04 10:33:13 +00:00
ru
98c6ecb383 Bye-bye /usr/lib/libtelnet.a. This should fix ``make release'' brokeness.
Approved by:	markm
2001-03-28 12:08:22 +00:00
markm
f767ca7e60 Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by:	"David J. MacKenzie" <djm@web.us.uu.net>
2001-03-27 19:40:51 +00:00
ru
45d92a4319 - Backout botched attempt to intoduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:22:12 +00:00
ru
543d496983 Do not build (and install) both secure/ and standard versions
of libtelnet, telnetd, and telnet.  This only worked because
secure/ was listed late in SUBDIR in Makefile.inc1.

Reviewed by:	markm
2001-03-26 12:49:05 +00:00
ru
06e5712a05 Don't use MANDEPEND and MANSRC. 2001-03-26 07:28:26 +00:00
alfred
8e5f42ddb8 change callrpc() from taking "char *" args, I'm quite sure they really meant
to use "void *".

remove a duplicate prototype for callrpc() from libexec/ypxfr/ypxfr_extern.h
2001-03-23 16:14:49 +00:00
ru
a23a98f937 Set the default manual section for libexec/ to 8. 2001-03-20 18:10:13 +00:00
jlemon
e62162bcfe Teach ftpd about the new GLOB_MAXPATH flag. 2001-03-19 19:11:00 +00:00
des
49ef2fb609 When the file was transferred using sendfile(2), we forgot to keep track
of the transferred byte count. MFC candidate.

PR:		bin/25699
2001-03-11 13:20:44 +00:00
kris
81788e10bd First appeared in 4.3, not 5.0 2001-03-04 09:15:55 +00:00
des
46ef236ff6 Change the read-only reply to "550 Permission denied.". 2001-02-19 21:51:26 +00:00
asmodai
0f00927ea0 Preceed/preceeding are not english words. Use precede or preceding. 2001-02-18 10:25:42 +00:00
ru
eb847b5e24 mdoc(7) police: simplify construct. 2001-02-14 09:56:37 +00:00
asmodai
5cf198e77a Synch: Properly constify sccsid[].
Replace bcopy() with memmove().
2001-02-07 22:25:56 +00:00
asmodai
dfe4864cef Synch: Prefer memmove() over bcopy(). 2001-02-07 22:22:57 +00:00
asmodai
1393f49cab Synch: Properly constify sccsid[]. 2001-02-07 22:20:44 +00:00
asmodai
248275ca89 Synch: prefer memmove() over bcopy(), since the first is a C-standard
interface, whilst the latter is a BSD'ism.
2001-02-07 22:18:58 +00:00
asmodai
7d76aced28 Fix typo: compatability -> compatibility.
Compatability is not an existing english word.
2001-02-06 12:05:58 +00:00
asmodai
47a2266000 Fix typo: seperate -> separate.
Seperate does not exist in the english language.

Submitted to look at by:	kris
2001-02-06 10:39:38 +00:00
asmodai
e69fe706f1 Fix typo: wierd -> weird.
There is no such thing as wierd in the english language.
2001-02-06 09:25:10 +00:00
asmodai
09632ab08c Fix tftpd and tftp to support file transfers of over 65535 blocks
(about 31 MB - 32 MB).

Submitted (partially)
	by: Pascal Hofstee <daeron@wit401305.student.utwente.nl>
2001-02-02 10:53:02 +00:00
nik
0121023c6d Structure the options listing to be more standard.
The PR also included documentation for other options, but upon
inspection of the source these options aren't used.

PR:             docs/24149
Submitted by:   Jesse Monroy, Jr. <opentrax@email.com>
2001-02-02 03:29:09 +00:00
ru
8a6f8b5fe4 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
asmodai
077d207194 Add static dependency to libisc to get isc_movefile().
Submitted by:	Munehiro Matsuda <haro@kubota.co.jp>
2001-01-29 07:56:34 +00:00
billf
ea6d044997 Add -c/C which chroots by IP of tftp client, (i.e. /tftproot/127.0.0.1/). 2001-01-25 04:20:25 +00:00
jedgar
7aee899b93 Limit commands that can be issued when not logged in:
TYPE, STRU, MODE, ALLO, STAT, ABOR, SITE IDLE, SYST, REST

Reviewed by:	kris, sheldon
2001-01-20 01:34:22 +00:00
jedgar
f047799471 Check malloc() and strdup() return values
Reviewed by:	kris
2001-01-20 00:29:31 +00:00
ru
bf387fb2e3 man(7) -> mdoc(7). 2001-01-16 13:12:21 +00:00
ru
04d60c1164 Prepare for mdoc(7)NG. 2001-01-16 09:15:57 +00:00
dougb
3bbfa62b63 Move the process of storing entropy from /dev/random and reseeding with
it at boot time closer to the way we want it to be in the final version.

* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
  to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
  and files before the disks are mounted. This gives /dev/random
  a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
  immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
  possibility of accidentally overwriting something other
  than a regular file.
2001-01-14 07:18:31 +00:00
dougb
ed0bc299d0 Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.

For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.

Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
2001-01-11 13:01:20 +00:00
jdp
1f45c7f8de Fix a bug in which a program called dlclose from a destructor and
got an assert failure in the dynamic linker.
2001-01-05 04:36:17 +00:00
ru
5fe0f042a4 Prepare for mdoc(7)NG. 2000-12-27 14:15:06 +00:00
ru
9dc3f06fd9 Prepare for mdoc(7)NG. 2000-12-20 13:26:01 +00:00
dan
c9771e4d86 In send_data(), use sendfile() instead of the mmap() algorithm. 2000-12-20 03:34:54 +00:00
ru
aa8bbee899 mdoc(7) police: removed hard sentence breaks, run through spell-checker. 2000-12-18 08:33:25 +00:00
demon
cc35668453 Fix typo.
PR:		23591
Submitted by:	mavetju@chello.nl
2000-12-17 17:45:22 +00:00
phk
10d3e9963a Add option -E to disable EPSV which throws certain stateful firewalls
into confusion.

Add option -r to make ftpd support only read-only operations.

Submitted by:	Flemming (F3) Jacobsen <fj@batmule.dk>
Reviewed by:	phk
2000-12-16 19:19:19 +00:00
ru
c23c39b3a4 mdoc(7) police: removed history info from the .Os FreeBSD call. 2000-12-14 11:52:05 +00:00
julian
2f95104836 Add support for advertising the service we support if the
PADI packet contains a NULL service.  This is apparently the desired
behaviour in this case, though we only allow advertising one
service. You could run multiple pppoeds to advertise multiple services.
2000-12-13 00:27:33 +00:00
ru
974dfe4e40 mdoc(7) police: .Os CMU -> .Os, split authors for better output. 2000-12-12 15:31:21 +00:00
ru
278161ed6c mdoc(7) police: use canonical form of .Dd macro. 2000-12-11 15:15:20 +00:00
assar
b022d1d27e (scrub_env): change to only accept a listed set of variables,
including only non-filename contents for TERMCAP
2000-12-10 20:50:20 +00:00
obrien
c2ee1dcc02 Add `_PATH_DEVZERO'.
Use _PATH_* where where possible.
2000-12-09 09:35:55 +00:00
ru
1355982a7e Whitespace-only to sync with -stable. 2000-12-07 15:09:48 +00:00
ru
638d2e4b86 MFS: Silence compilation warnings. 2000-12-07 14:59:11 +00:00
brian
e01a4c0fd9 Drop out of our main loop due to a signal rather than handling things in the
signal handler.
Fix a spelling error.

Subtley pointed out by: bde

Make some stuff static
2000-12-04 22:13:30 +00:00
obrien
cafb2a0daa The GCC 2.96 snapshots have slightly different rules for finding include
files.  Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive.  Some were
misspellings of "-I${.CURDIR}" as "-I.".
2000-12-01 09:39:28 +00:00
obrien
c2462a2bf1 There is no src/contrib-crypto/ anything directory. So don't look for
include files in subdirs of it.
2000-12-01 06:34:44 +00:00
charnier
f1a89df331 Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap. 2000-11-28 18:15:25 +00:00
kris
4a4fa974c1 Constify 2000-11-27 07:21:37 +00:00
danny
229c440944 Prevent leakage of information about anonymous user's homedir
via 'QUOTE CWD'.

Reviewed by:	des
2000-11-26 23:33:36 +00:00
kris
d20a282a16 Correct definition of MAXHOSTNAMELEN in ifdef'ed out code. 2000-11-26 22:18:11 +00:00
kris
35eec2074d Correct definition of MAXHOSTNAMELEN in ifdef'ed code.
Submitted by:	Edwin Groothuis <mavetju@chello.nl>
PR:		bin/22787
2000-11-26 21:37:51 +00:00
kris
8eae02ff46 Constify 2000-11-26 10:21:54 +00:00
kris
a6b6cceedc Don't hard-code a buffer size 2000-11-26 10:05:06 +00:00
ru
fda4c0a990 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
kris
3cafbeab6d Format string paranoia 2000-11-19 13:30:36 +00:00
kris
33514b48b8 Format string paranoia 2000-11-19 12:46:16 +00:00
kris
df871b4bd5 L_SET -> SEEK_SET
Obtained from:	OpenBSD
2000-11-19 10:56:14 +00:00
kris
41e14b7cc1 Format string paranoia
Obtained from:	OpenBSD
2000-11-19 10:52:10 +00:00
kris
b9600b6040 Don't use sizeof() on a pointer when we really wanted to measure
the length of the array.

Noticed by:	Christos Zoulas <christos@ZOULAS.COM>
Obtained from:	OpenBSD
2000-11-19 10:01:27 +00:00
jwd
9c6b4db333 Check return code from login_tty. Allow getty to try and become
a daemon and session leader (thus allowing getty to be run from
a shell command line or script).

Partially Reviewed by:	bde
2000-11-19 02:10:25 +00:00
brian
2607c6601d Go back to populating data_len in struct ngpppoe_init_data. 2000-11-16 23:15:42 +00:00
ben
5eea8e98aa remove trailing periods from SEE ALSO. 2000-11-15 17:27:54 +00:00
ru
7d99729431 Use Fx macro wherever possible. 2000-11-14 11:20:58 +00:00
ru
a6f5d950d8 Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
dirk
c9dfa8c82c Fix to=auto in bootptab.
PR:		misc/5574
Submitted by:	Bart Robinson <lomew@marker.cs.utah.edu>
Reviewed by:	wollman
2000-11-10 12:19:53 +00:00
jdp
d9a6f6cc60 Remove the superfluous call to _rtld_error() in symlook_default().
The function's callers generate the error message when appropriate.

This eliminates the message ``Undefined symbol "__register_frame_info"''
which was bogusly returned by dlerror() in some cases.
2000-11-07 22:41:53 +00:00
kris
d710bffe20 Filter out some more magic environment variables used by libraries linked
with telnetd. This should really be done with a positive filter - i.e.
only allow through a configured list of variables.

Also do some buffer-safety cleanups while I'm here - I don't think these
are exploitable.
2000-10-31 05:29:54 +00:00
brian
7ad8d82169 Use the new-style ngpppoe_init_data structure.
Approved by: archie
2000-10-31 02:46:12 +00:00
gshapiro
90b1557dac Add a MAINTAINER= line so people know who to blame 2000-10-26 23:02:36 +00:00
guido
752f9b3d1c Fix broken PAM with SKEY behaviour: the skey.access file checks
were broken because the code failed to set PAM_RHOST.
2000-10-12 10:21:05 +00:00
ru
1324e3deb9 Removed broken PAM support from rshd(8) and rlogind(8). rshd does
not allocate a pty(4) so it is not suitable at all for interactive
PAM modules.  rlogind calls login(1) which is already PAM enabled.

Approved by:	markm
2000-10-12 07:18:20 +00:00
gshapiro
e0b2de2c8f Style fixes 2000-10-11 05:04:21 +00:00
gshapiro
74c5c816cc mail.local(8) is no longer installed as a set-user-id binary.
Users may have to adjust their configuration to call mail.local as root
by adding the F=S flag to the local mailer.  Most probably already have this.
2000-10-10 18:12:30 +00:00
wollman
c5c43ce91f Don't depend on <sys/stat.h> bogusly including <sys/time.h> (and thereby
<time.h>).
2000-10-10 01:50:26 +00:00
ru
9cf4fbf723 Make it compile without -DNO_PAM again. 2000-10-06 17:08:31 +00:00
brian
28012b0ee6 o Load netgraph.ko, ng_ether.ko and ng_pppoe.ko as required (I'm sure this
used not to be necessary).
o Allow ``-n ngdebug'' to specify something to pass to NgSetDebug()
  and redirect NgSetDebug() output to syslog(8) in daemon() mode.
o Xref ng_ether(8) and NgSetDebug(4).
o Correct the type of the response passed to NgRecvData.
2000-10-03 20:41:00 +00:00
jdp
a998726092 Add support for dlsym(RTLD_DEFAULT, ...). 2000-09-19 04:27:16 +00:00
gshapiro
1f7ac54fbd Give users a way to alter the sendmail (and related utilities) build
environment so they can enable functionality such as SASL, LDAP, Hesiod.
2000-09-17 00:41:33 +00:00
wollman
9b6a9d4d1d Some more slight doco fixes: update date, and add a bit more to the history. 2000-09-14 19:20:17 +00:00
wollman
fd6ae2da94 Allow tftpd to run as a specified user, not just `nobody'.
Update documentation to reflect new option.  Also fix documentation
style and add missing references.

PR:		21268
Submitted by:	"Aleksandr A. Babaylov" <babolo@links.ru>
Reviewed by:	imp
2000-09-14 19:08:29 +00:00
imp
8332187617 strerror is declared in <string.h>
errno is declared in <errno.h>
2000-09-04 05:48:09 +00:00
imp
a0b3642056 remove redundant optreset declaration 2000-09-04 05:47:14 +00:00
jwd
cb20a6ddc9 Pass two pointer parameters to the r_debug_state() hook
function, thus allowing a debugger or other trace tool
to easily grab the addresses of the needed structures
off the stack.

This change is transparent to gdb, which locates the
link_map list and transfers it to debugger memory
for comparison purposes.

A sample program will be committed showing how this can
be used.

Reviewed by:    John Polstra <jdp@FreeBSD.org>
2000-08-26 05:13:29 +00:00
sheldonh
0160624e09 Don't set an arbitrary limit on username lengths; use MAXLOGNAME
instead.

PR:		20675
Submitted by:	Vladimir B Grebenschikov <vova@express.ru>
2000-08-17 12:31:17 +00:00
ru
9406c3f2a3 Fix `control socket: Protocol not supported' failure in
standalone -D mode when neither -4 nor -6 is specified.
2000-08-16 09:12:33 +00:00
gshapiro
002ef51d6e The rest of the changes needed to support the new version of sendmail (8.11.0).
Beyond changes to the build system, this includes fixing up the sample
freebsd.mc configuration for changes in defaults and syntax, removing
outdated documentation, and updating the release notes.
2000-08-12 22:39:25 +00:00
kris
efb065997b sprintf() -> snprintf() paranoia. 2000-08-04 10:39:34 +00:00
sheldonh
449e2ec6a6 Honour skey.access(5) by allowing UNIX passwords when skeyaccess(3)
has set pwok to a non-zero value.

Previously, the fact that skey.access(5) allowed UNIX passwords for
this connection attempt was ignored, even in the NOPAM case.

This only addresses the NOPAM case; when libpam is used, the problem
will persist.

PR:		20333
2000-08-01 13:58:55 +00:00
nsayer
67331bf98c Add 'nc' flag to gettytab -- no carrier. Forces non-blocking open and
setting of CLOCAL. Necessary for 3 wire RS-232 setups with dumb
terminals.

PR:		5959
2000-07-31 23:47:57 +00:00
ume
9095749df8 Make compilable without -DINET6.
With shut up unused variable warnings.

PR:		bin/20225
Submitted by:	Paul Herman <pherman@frenchfries.net>
2000-07-28 09:34:44 +00:00
jdp
d9182b54c9 Revamp the code that calls shared libraries' init and fini functions.
Formerly the init functions were called in the opposite of the
order in which libraries were loaded, and libraries were loaded
according to a breadth-first traversal of the dependency graph.
That ordering came from SVR4.0, and it was easy to implement but
not always sensible.

Now we do a depth-first walk over the dependency graph and call
the init functions in an order such that each shared object's needed
objects are initialized before the shared object itself.  At the
same time we build a list of finalization (fini) functions in the
opposite order, to guarantee correct C++ destructor ordering whenever
possible.  (It may not be possible if dlopen and dlclose are used
in strange ways, but we come as close as one can come.)

The need for this renovation has become apparent as more programs
have started using multithreading.  The multithreaded C library
libc_r requires initialization, whereas the standard libc does not.
Since virtually every other object depends on the C library, it is
important that it get initialized first.
2000-07-26 04:24:40 +00:00
green
a75ac5a08f We shouldn't use cp to save the old ld-elf.so.1. Use the sanctioned tool
${INSTALL} with -C -p instead.
2000-07-20 08:00:02 +00:00
des
08cda657c6 Don't reply "not a plain file" when the requested file doesn't exist. 2000-07-17 22:24:52 +00:00
jdp
d8dcadaeb6 Fix a bug which could cause programs with user threads packages to
lock against themselves, causing infinite spinning.  Brian Feldman
found this problem when testing with Mozilla and supplied the fix,
which I have revised slightly.

Here is the failure scenario.  A thread calls dlopen() and acquires
the writer lock.  While the thread still holds the lock, a signal
is delivered and caught.  The signal handler tries to call a function
which hasn't been bound yet.  It thus enters the dynamic linker
and tries to acquire the reader lock.  Since the writer lock is
already held, it will spin forever in the signal handler.  The
thread holding the lock won't be able to progress and release the
lock.

The solution is to block almost all signals while holding the
exclusive lock.

A similar problem could conceivably occur in the opposite order.
Namely, a thread is holding the reader lock and then a signal
handler calls dlopen() or dlclose() and spins waiting for the writer
lock.  We deal with this administratively by proclaiming that signal
handlers aren't allowed to call dlopen() or dlclose().  Actually
we don't have to proclaim a thing, since signal handlers aren't
allowed to call any system functions except those which are explicitly
permitted.

Submitted by:	Brian Fundakowski Feldman <green>
2000-07-17 17:18:13 +00:00
kris
b8853980fc Don't call err() without a format string. 2000-07-11 23:53:22 +00:00
ben
6cecb051f3 Explain that the -S option only logs file downloads, not all transfers.
PR:		16934
Submitted by:	Kurt Zeilenga <kurt@OpenLDAP.org>
2000-07-11 11:42:29 +00:00
jdp
3fa5480ba3 Solve the dynamic linker's problems with multithreaded programs once
and for all (I hope).  Packages such as wine, JDK, and linuxthreads
should no longer have any problems with re-entering the dynamic
linker.

This commit replaces the locking used in the dynamic linker with a
new spinlock-based reader/writer lock implementation.  Brian
Fundakowski Feldman <green> argued for this from the very beginning,
but it took me a long time to come around to his point of view.
Spinlocks are the only kinds of locks that work with all thread
packages.  But on uniprocessor systems they can be inefficient,
because while a contender for the lock is spinning the holder of the
lock cannot make any progress toward releasing it.  To alleviate
this disadvantage I have borrowed a trick from Sleepycat's Berkeley
DB implementation.  When spinning for a lock, the requester does a
nanosleep() call for 1 usec. each time around the loop.  This will
generally yield the CPU to other threads, allowing the lock holder
to finish its business and release the lock.  I chose 1 usec. as the
minimum sleep which would with reasonable certainty not be rounded
down to 0.

The formerly machine-independent file "lockdflt.c" has been moved
into the architecture-specific subdirectories by repository copy.
It now contains the machine-dependent spinlocking code.  For the
spinlocks I used the very nifty "simple, non-scalable reader-preference
lock" which I found at

  <http://www.cs.rochester.edu/u/scott/synchronization/pseudocode/rw.html>

on all CPUs except the 80386 (the specific CPU model, not the
architecture).  The 80386 CPU doesn't support the necessary "cmpxchg"
instruction, so on that CPU a simple exclusive test-and-set lock
is used instead.  80386 CPUs are detected at initialization time by
trying to execute "cmpxchg" and catching the resulting SIGILL
signal.

To reduce contention for the locks, I have revamped a couple of
key data structures, permitting all common operations to be done
under non-exclusive (reader) locking.  The only operations that
require exclusive locking now are the rare intrusive operations
such as dlopen() and dlclose().

The dllockinit() interface is now deprecated.  It still exists,
but only as a do-nothing stub.  I plan to remove it as soon as is
reasonably possible.  (From the very beginning it was clearly
labeled as experimental and subject to change.)  As far as I know,
only the linuxthreads port uses dllockinit().  This interface turned
out to have several problems.  As one example, when the dynamic
linker called a client-supplied locking function, that function
sometimes needed lazy binding, causing re-entry into the dynamic
linker and a big looping mess.  And in any case, it turned out to be
too burdensome to require threads packages to register themselves
with the dynamic linker.
2000-07-08 04:10:38 +00:00
jdp
aa26657bfb When installing the dynamic linker, save the previous version in
"ld-elf.so.1.old".  The dynamic linker is a critical component of
the system, and it is difficult to recover if it is damaged and
there isn't a working backup available.  For instance, parts of
the toolchain such as the assembler are dynamically linked, making
it impossible to build a new dynamic linker if the installed one
doesn't work.
2000-07-08 03:27:54 +00:00
bsd
688e243e64 Plug the hole where rshd would bypass a proper .rhosts check if the
password was empty.

Reviewed by:	Warner Losh <imp@freebsd.org>
2000-07-05 17:47:17 +00:00
sheldonh
f524c27c4b Only punctuation is an allowed argument type for open-close macros
such as Po/Pc, as explained by phantom.

Reported by:	billf
2000-06-30 06:30:53 +00:00
davidn
1f6b02c5a3 Fix a problem in the virtual host address compare code which caused
duplicated host entries in /etc/ftphosts not to be folded. Make sure
we exit the loop on a match.

PR:		bin/19390
2000-06-26 05:36:09 +00:00
joe
8de98cc2fa Switch over to using the new fflagstostr and strtofflags library calls. 2000-06-17 14:19:33 +00:00
jlemon
6716ee051a Spelling fix: transfered --> transferred
Submitted by:  dan@dan.emsphone.com
2000-06-02 21:22:09 +00:00
jake
961b97d434 Back out the previous change to the queue(3) interface.
It was not discussed and should probably not happen.

Requested by:		msmith and others
2000-05-26 02:09:24 +00:00
nsayer
1779ef3d1c 1. Add IPv6 portrange restriction code (-U flag) to passive().
2. Add portrange restriction code (for both v4 and v6) to the EPSV
processing stuff.
2000-05-25 19:30:18 +00:00
jake
d93fbc9916 Change the way that the queue(3) structures are declared; don't assume that
the type argument to *_HEAD and *_ENTRY is a struct.

Suggested by:	phk
Reviewed by:	phk
Approved by:	mdodd
2000-05-23 20:41:01 +00:00