Commit Graph

70 Commits

Author SHA1 Message Date
jilles
fba61ef227 libc: Use O_CLOEXEC for various internal file descriptors.
This fixes a race condition where another thread may fork() before CLOEXEC
is set, unintentionally passing the descriptor to the child process.

This commit only adds O_CLOEXEC flags to open() or openat() calls where no
fcntl(fd, F_SETFD, FD_CLOEXEC) follows. The separate fcntl() call still
leaves a race window so it should be fixed later.
2012-09-29 11:54:34 +00:00
dim
489adb600f Consistently set RPCGEN_CPP when running rpcgen, so the C preprocessor
set via ${CPP} is used, instead of always using hardcoded /usr/bin/cpp.

MFC after:	1 week
2012-02-07 09:27:07 +00:00
ghelmer
00828ba3e8 Handle malloc failures in yplib.c.
PR:		bin/83349
2011-12-23 02:13:42 +00:00
ghelmer
0774235070 Handle failures to malloc memory to hold key or val copies.
PR:		bin/83348
2011-12-23 01:56:25 +00:00
brucec
318d44b9bc Remove duplicate "in".
Suggested by:	Rob Farmer <rfarmer at predatorlabs.net>
MFC after:	3 days
2011-03-01 11:47:51 +00:00
brucec
3c9e970368 Revert some of r177626. "in in" is valid in certain sentences.
PR:		121490
MFC after:	3 days
2011-02-28 10:03:48 +00:00
wollman
a98dd21d5f Eliminate more dead stores.
Found by:	Clang static analyzer
MFC after:	7 days
2009-11-25 04:45:45 +00:00
brueffer
b64d211df2 Fix some "in in" typos in comments.
PR:		121490
Submitted by:	Anatoly Borodin <anatoly.borodin@gmail.com>
Approved by:	rwatson (mentor), jkoshy
MFC after:	3 days
2008-03-26 07:32:08 +00:00
simon
9760782042 Set timeout for all NIS RPC requests to 1 second and not just for
yp_next as revision 1.50 did.  This should fix, or at least very much
reduce the risk of, NIS timing out due to UDP packet loss for NIS
functions.

See also revision 1.50 for more details about the general problem.

Tested by:	nosedive, freefall, hub, mx1, brooks
MFC after:	1 week
Approved by:	re (mux)
2007-07-24 13:06:08 +00:00
deischen
2a7306fdc5 Use C comments since we now preprocess these files with CPP. 2007-04-29 14:05:22 +00:00
simon
38eadf93ff - Bump _yplib_timeout limit from 10 to 20 seconds to better handle
packet loss when talking to a NIS server.
- Set 1 second retry timeout to further realistically handle UDP
  packet loss for yp_next packet bursts.  If the packet hasn't come
  back within 1 second its rather unlikely to come back at all.  There
  is still back-off mechanism in RPC so if there is another reason
  than packet loss for the lack of response within 1 second, the NIS
  server will not be totally bombarded with requests.

This reduces the risk of NIS failing with:

     yp_next: clnt_call: RPC: Timed out

considerably.  This is mainly a problem if you have larger NIS maps
(like at FreeBSD.org) since enumerations of the lists will cause a UDP
packet bursts where a few packets being lost once in a while do
happen.

MFC after:	1 week
Discussed with:	peter
Problem mainly diagnosed by:	peter
2007-03-04 10:30:43 +00:00
deischen
a0f6b0f1d0 Add each directory's symbol map file to SYM_MAPS. 2006-03-13 01:15:01 +00:00
deischen
138dd54357 Add symbol maps and initial symbol version definitions to libc.
Reviewed by:	davidxu
2006-03-13 00:53:21 +00:00
ume
86dfcedb7e do mutex lock for each yp calls. with this,
http://cvsweb.netbsd.org/bsdweb.cgi/src/regress/lib/libpthread/resolv/
is working.
2005-05-03 20:30:31 +00:00
ume
26cc55077b MUTEX_INITIALIZER should be used instead of
PTHREAD_MUTEX_INITIALIZER, here.
2005-04-06 15:16:04 +00:00
ume
ac4b9096b3 protect _yp_domain with mutex lock.
Inspired by:	NetBSD
2005-04-05 18:07:59 +00:00
stefanf
8655a91f58 Use socklen_t where appropriate. 2005-03-11 14:17:12 +00:00
nectar
0b64e1476b Back out the `hiding' of strlcpy and strlcat. Several people
vocally objected to this safety belt.
2003-05-01 19:03:14 +00:00
nectar
e69967f534 `Hide' strlcpy and strlcat (using the namespace.h / __weak_reference
technique) so that we don't wind up calling into an application's
version if the application defines them.

Inspired by:	qpopper's interfering and buggy version of strlcpy
2003-04-29 21:13:50 +00:00
ru
40e2359f4b libc_r wasn't so tied to libc for 22 months. 2002-11-18 09:50:57 +00:00
des
e48f76df85 Spell void * as void * rather than caddr_t. This is complicated by the
fact that caddr_t is often misspelled as char *.

Sponsored by:	DARPA, NAI Labs
2002-04-28 15:18:50 +00:00
obrien
d90536e35b Fix the style of the SCM ID's.
I believe have made all of libc .c's as consistent as possible.
2002-03-22 21:53:29 +00:00
mike
bcee06d42c o Move NTOHL() and associated macros into <sys/param.h>. These are
deprecated in favor of the POSIX-defined lowercase variants.
o Change all occurrences of NTOHL() and associated marcros in the
  source tree to use the lowercase function variants.
o Add missing license bits to sparc64's <machine/endian.h>.
  Approved by: jake
o Clean up <machine/endian.h> files.
o Remove unused __uint16_swap_uint32() from i386's <machine/endian.h>.
o Remove prototypes for non-existent bswapXX() functions.
o Include <machine/endian.h> in <arpa/inet.h> to define the
  POSIX-required ntohl() family of functions.
o Do similar things to expose the ntohl() family in libstand, <netinet/in.h>,
  and <sys/param.h>.
o Prepend underscores to the ntohl() family to help deal with
  complexities associated with having MD (asm and inline) versions, and
  having to prevent exposure of these functions in other headers that
  happen to make use of endian-specific defines.
o Create weak aliases to the canonical function name to help deal with
  third-party software forgetting to include an appropriate header.
o Remove some now unneeded pollution from <sys/types.h>.
o Add missing <arpa/inet.h> includes in userland.

Tested on:	alpha, i386
Reviewed by:	bde, jake, tmm
2002-02-18 20:35:27 +00:00
des
d7b064e238 ANSIfy and remove some dead code.
Sponsored by:	DARPA, NAI Labs
2002-02-06 15:26:07 +00:00
des
0f2cb9b020 Apply the following mechanical transformations in preparation for
ansification and constification:

    s{\s+__P\((\(.*?\))\)}{$1}g;
    s{\(\s+}{\(}g;
    s{\s+\)}{\)}g;
    s{\s+,}{,}g;
    s{(\s+)(for|if|switch|while)\(}{$1$2 \(}g;
    s{return ([^\(].*?);}{return ($1);}g;
    s{([\w\)])([!=+/\*-]?=)([\w\(+-])}{$1 $2 $3}g;
    s{\s+$}{\n};g

Also add $FreeBSD$ where needed.

MFC after:	1 week
2002-02-06 13:30:31 +00:00
alfred
5689562575 Fix cc -Wall, fix rcsid warnings, add missing prototypes,
change prototypes to be the same as in the original sun tirpc code.
Remove ()P macro in a file where the mayority had ()P already removed.
Add them if the mayority use ()P macros.

Submitted by: mbr
Requested by: bde
2002-02-05 23:43:43 +00:00
jhb
6e3fd09860 Fix some 32/64-bit bugs. IPv4 addresses are 32-bits, not longs. On the
alpha these bugs didn't cause any problems because it was little endian,
but on sparc64, we ended up with garbage for the IP address when we tried
to contact the server.  (Usually 3.253.0.0)

Not objected to by:	wpaul
2002-01-08 18:05:03 +00:00
pirzyk
22f5936e53 Changed the clnt_perror string in yp_all because it was saying the
error came from yp_next

PR:	bin/13254
Submitted by:	Jim Pirzyk
Reviewed by:	jkh
MFC after: 1 week
2001-05-23 15:37:10 +00:00
deischen
1635c221b7 Remove _THREAD_SAFE and make libc thread-safe by default by
adding (weak definitions to) stubs for some of the pthread
functions.  If the threads library is linked in, the real
pthread functions will pulled in.

Use the following convention for system calls wrapped by the
threads library:
	__sys_foo - actual system call
	_foo - weak definition to __sys_foo
	foo - weak definition to __sys_foo

Change all libc uses of system calls wrapped by the threads
library from foo to _foo.  In order to define the prototypes
for _foo(), we introduce namespace.h and un-namespace.h
(suggested by bde).  All files that need to reference these
system calls, should include namespace.h before any standard
includes, then include un-namespace.h after the standard
includes and before any local includes.  <db.h> is an exception
and shouldn't be included in between namespace.h and
un-namespace.h  namespace.h will define foo to _foo, and
un-namespace.h will undefine foo.

Try to eliminate some of the recursive calls to MT-safe
functions in libc/stdio in preparation for adding a mutex
to FILE.  We have recursive mutexes, but would like to avoid
using them if possible.

Remove uneeded includes of <errno.h> from a few files.

Add $FreeBSD$ to a few files in order to pass commitprep.

Approved by:	-arch
2001-01-24 13:01:12 +00:00
jasone
8abe2a2d86 Simplify sytem call renaming. Instead of _foo() <-- _libc_foo <-- foo(),
just use _foo() <-- foo().  In the case of a libpthread that doesn't do
call conversion (such as linuxthreads and our upcoming libpthread), this
is adequate.  In the case of libc_r, we still need three names, which are
now _thread_sys_foo() <-- _foo() <-- foo().

Convert all internal libc usage of: aio_suspend(), close(), fsync(), msync(),
nanosleep(), open(), fcntl(), read(), and write() to _foo() instead of foo().

Remove all internal libc usage of: creat(), pause(), sleep(), system(),
tcdrain(), wait(), and waitpid().

Make thread cancellation fully POSIX-compliant.

Suggested by:	deischen
2000-01-27 23:07:25 +00:00
jasone
75903038bc Add three-tier symbol naming in support of POSIX thread cancellation
points.  For library functions, the pattern is __sleep() <--
_libc_sleep() <-- sleep().  The arrows represent weak aliases.  For
system calls, the pattern is _read() <-- _libc_read() <-- read().
2000-01-12 09:23:48 +00:00
kris
7edfaee15b Fix buffer overflows.
Reviewed by:	imp, audit@freebsd.org
1999-12-05 21:02:41 +00:00
peter
76f0c923fe $Id$ -> $FreeBSD$ 1999-08-28 00:22:10 +00:00
bde
d04603a325 Fixed the usual missing dependencies on headers generated by rpcgen.
Use rpcgen's -C option, although using it for non-headers breaks K&R
support.  A local copy of yp.h is built to avoid adding
-I/usr/include/rpcsvc to CFLAGS.  This version of yp.h differed from
<rpcsvc/yp.h> only in not declaring prototypes.

Fixed style bugs.
1998-05-09 15:10:53 +00:00
wpaul
b5a6d61144 Fix resource allocation problems:
- Completely recoded the ypmatch cache code. The old code could leak
  memory: it would allow the cache to grow, but never
  shrink. The new code imposes the following limits:

	o The cache is capped at a limit of 5 entries.
	o Each entry expires after five seconds, at which point
	  its slot is freed.
	o If an insertion is to be done and all five slots
	  are filled, the oldest entry is forcibly expired
	  to release its slot.

  Also, the cache is implemented on a per-binding basis rather than
  having a global cache covering all bindings. This means that each
  bound domain has its own 5 slot cache.

- Changed clntudp_create() to clntudp_bufcreate() so that the
  xmit/recv message buffer sizes can be set explicitly. NIS transactions
  are rarely much larger than 1024 bytes since YPMAXRECORD is 1024.
  The defaults chosen by clntudb_create() are actually much larger
  than needed. I set the xmit buffer to a little over 1024 and the
  recv buffer to a little over 2048. This saves a few Kbytes for each
  NIS binding.

- Add my name to the copyright. I think I've made enough changes to
  this file to merit it. :)

Note: these changes should go into the 2.2.x branch, but I'm waiting
on feedback from a tester to see if the cache fixes solve the reported
memory leak problem.
1998-03-07 05:06:10 +00:00
asami
68323c9eb2 Use ${DESTDIR} correctly in front of absolute paths. 1997-05-23 08:24:00 +00:00
jb
a1337bb0ae Changed all paths to be relative to src/lib instead of src/lib/libc
so that all these makefiles can be used to build libc_r too.

Added .if ${LIB} == "c" tests to restrict man page builds to libc
to avoid needlessly building them with libc_r too.

Split libc Makefile into Makefile and Makefile.inc to allow the
libc_r Makefile to include Makefile.inc too.
1997-05-03 03:50:06 +00:00
wpaul
6a02d37882 Don't even think about processing bogus domain names here. 1997-04-10 20:26:04 +00:00
peter
6b08958c64 Revert $FreeBSD$ to $Id$ 1997-02-22 15:12:41 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
wpaul
9f9cef3ee4 Fix for bug noticed by Christoph Kukulies.
_yp_dobind() checks to see if a fork() happens (by checking PIDs) and
invalidates all bindings if it finds itself in a newly created child
process. (This avoids sharing RPC client handles and socket descriptors
with the parent, which would be bad.) Unfortunately, it summarily
calls clnt_destroy() on the handles, which may result in the destruction
of a descriptor that isn't really a socket.

This is fixed by replacing the explicit call to clnt_destroy() with a
call to _yp_unbind(), which deals with potentially hosed socket descriptors
an a safe manner.

This is basically a one-liner. Once I confirm that it fixes Christoph's
problem, I'd like permission to put it in the 2.2-RELENG branch.
1996-12-20 19:41:15 +00:00
wpaul
844872c49d - Avoid possible SEGVs: never call clnt_destroy() without checking
for NULL RPC client handles. This should hopefully fix the problems
  Satoshi reported on -current.

- Add socket descriptor sanity checks to _yp_unbind().

- Fix yp_order() so that it handles the RPC_PROCUNAVAIL error gracefully.
  NIS+ in YP compat mode doesn't support the YPPROC_ORDER procedure.

This is a 2.2 candidate with bells on.
1996-11-08 01:42:02 +00:00
wpaul
dd36926d57 In _yp_dobind(), if we find ourselves required to contact the local ypbind
directly in order to obtain binding information, check that the local
ypbind is using a reserved port and return YPERR_YPBIND if it isn't.
We should not trust any ypbind running on a port >= IPPORT_RESERVED;
it may have been started by a malicious user hoping to trick us into
talking to a bogus ypserv.

Note that we do not check the ypserv port returned to us from ypbind.
It is assumed that ypbind has already done a reserved port test (or not,
depending on whether or not it was started with -s); if we trust the
authenticity of the local ypbind, we should also trust its judgement.

Obtained from: OpenBSD
1996-07-13 20:23:13 +00:00
jkh
c4d4a99d31 General -Wall warning cleanup, part I.
Submitted-By: Kent Vander Velden <graphix@iastate.edu>
1996-07-12 18:57:58 +00:00
jraynard
9f903bbfff Code clean up:
Changed type of pid from int to pid_t. (Missed one!)
1996-06-04 17:35:15 +00:00
jraynard
c64e4011c6 Code clean up:
Changed type of pid from int to pid_t.
1996-06-03 13:19:10 +00:00
jraynard
8867615c04 Code clean up:
Added missing headers for system functions.
1996-06-03 13:16:53 +00:00
wpaul
469d167428 Make _yp_dobind() a litle smarter:
Now that we preserve RPC handles instead of rebuilding them each time
a ypcln function is called, we have to be careful about keeping our sockets
in a sane state. It's possible that the caller may call a ypclnt
function, and then decide to close all its file descriptors. This would
also close the socket descriptor held by the yplib code. Worse, it
could re-open the same descriptor number for its own use. If it then calls
another ypclnt function, the subsequent RPC will fail because the socket
will either be gone or replaced with Something Completely Different. The
yplib code will recover by rebinding, but it doing so it may wreck the
descriptor which now belongs to the caller.

To fix this, _yp_dobind() needs to label the descriptor somehow so
that it can test it later to make sure it hasn't been altered between
ypclnt calls. It does this by binding the socket, thus associating a port
number with it. It then saves this port number in the dom_local_port member
of the dom_binding structure for the given domain. When _yp_dobind() is
called again (which it is at the start of each ypclnt function), it checks
to see if the domain is already bound, and if it is, it does a getsockname()
on the socket and compares the port number to the one it saved. If the
getsockname() fails, or the port number doesn't match, it abandons the
socket and sets up a new client handle.

This still incurs some syscall overhead, which is what I was trying to
avoid, but it's still not as bad as before.
1996-06-01 05:08:31 +00:00
wpaul
b0005a7f9b - Patch around amd core dump problem: don't allow yp_unbind() or _yp_unbind()
to call clnt_destroy() on a potentially NULL RPC handle. Somebody should
  bang on this a bit to make sure the problem is really gone; I seem to
  have difficulty reproducing it. Patch provided by Peter Wemm and
  slightly tweaked by me.

- Don't call _yp_unbind() in individual ypclnt functions unless we encounter
  an RPC error while making a clnt_call().
1996-05-16 18:01:17 +00:00
wpaul
4df2d36a62 NIS client-side performance tweak:
Each of the ypclnt functions does a _yp_dobind() when it starts and then
a _yp_unbind() when it finishes. This is not strictly necessary and it
wastes cycles: it means we do a new clnt_create() and clnt_destroy()
for each yp_whatever() call. In fact, you can do multiple clnt_call()s
using a single RPC client handle returned by clnt_create(). Ideally we only
have to create a handle to ypserv once (the first time we call a ypclnt
function) and then destroy it and rebind only if a call to ypserv fails.

- Modify _yp_dobind() so that it only creates a new RPC client handle
  when establishing a new binding or when one of the ypclnt calls
  invalidates an existing binding and calls _yp_dobind() to establish
  a new one.

- Modify the various ypclnt functions to only call _yp_unbind() if a
  call to ypserv fails.
1996-05-02 15:44:53 +00:00