Commit Graph

68 Commits

Author SHA1 Message Date
Sheldon Hearn
f6389f4b62 Relegate the diagnostic descriptor counter to the -DSANITY_CHECK case. 1999-07-22 16:29:48 +00:00
Sheldon Hearn
db6da75556 Remove unnecessary macro introduced in previous commit.
Also, the previous commit failed to reference:

PR:	12731
Submitted by:	dwmalone@maths.tcd.ie (David "Inetd" Malone)
1999-07-22 16:10:40 +00:00
Sheldon Hearn
0a418352f9 Don't leak pipe descriptor to daemons on execv(). 1999-07-22 15:57:37 +00:00
Sheldon Hearn
dd09a74de7 Signal handlers should use _exit(2) and not exit(3). 1999-07-22 14:47:29 +00:00
Sheldon Hearn
5ff3afce6f Move code for all builtin services from inetd.c to builtins.c, including
the Green Piece. :-)

In future, new builtin services are less likely to need to touch the
already tangled inetd.c .
1999-07-22 14:11:26 +00:00
Sheldon Hearn
a9ed85ec46 Fix for the hosts_options(5) spawn option.
Restore default SIGHUP, SIGCHLD and SIGALRM handlers in forked inetd
processes. This happens to work around the fact that hosts_access()
doesn't (but should) set SIG_IGN as the handler for SIGCHLD while it
handles the spawn option, but it would make sense even if that were
not true.

This does not address the leaking descriptors issue discussed on the
same PR.

PR:	12731
Reviewed by:	des
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-07-21 16:09:45 +00:00
Sheldon Hearn
6134dbe0ac Fix horribly broken comment. The submitter of the associated code sent
me the right comment and I bastardized it. :-(
1999-07-21 12:19:24 +00:00
Brian Feldman
b81a43e288 By popular demand, ident_stream now takes arguments. Ex:
# This enables the old, fake ident service.
auth    stream  tcp     nowait  root    internal
# This enables the new, real ident service.
auth	stream	tcp	nowait	root	internal	auth -r
# This enables ~/.fakeid support, too.
auth	stream	tcp	nowait	root	internal	auth -r -f
1999-07-15 17:01:43 +00:00
Brian Feldman
d33eb4c802 This is the working internal ident service. Turn it on by setting
the make variable REAL_IDENT, and ~/.fakeid support can be added
with FAKEID set. Note that the default behavior is the same as
the old behavior.
1999-07-15 01:34:02 +00:00
Sheldon Hearn
499067071c Use the proctitle to indicate that we're busy wrapping a request for a
service. Inetd already uses the process title to indicate that a request
for an internal service is being serviced, so this addition is fairly
orthogonal.

Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-07-09 11:46:45 +00:00
Sheldon Hearn
10d03f50ad Allow internal and external wrapping to be enabled independantly of
each other. Instead of allowing the -w option to be specified twice,
we now take -w (wrap external) and -W (wrap internal).

Discussed with:	markm
1999-07-09 11:19:01 +00:00
Sheldon Hearn
eb0fde47f8 Allow service alias names from /etc/services to be used when specifying
internal services in inetd.conf .

The inetd(8) manpage used to say that the official name of a service
_must_ be used, yet inetd itself was hardcoded to used a service alias for
the auth service, namely ident!

Rather than change inetd.conf and break existing configurations on next
upgrade, we now allow service aliases as well as official names. This
allows the software to work as expected and still support existing
configurations.

This should not breaking existing wrapped configurations either and the
inetd(8) manpage already states that it is the service name specified in
inetd.conf that is used for calls to hosts_access(3).

PR:	11796
Reported by:	Alex Charalabidis <alex@wnm.net>
Approved by:	des
1999-07-02 16:21:13 +00:00
Sheldon Hearn
1efeefd521 Ommitted in previous commit message:
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-30 23:47:46 +00:00
Sheldon Hearn
c48c2d6d38 Enable wrapping for dgram services and fix logging so that -l really
does log all connections.
1999-06-30 23:36:39 +00:00
Sheldon Hearn
9735000dd4 Sync usage() with the manpage.
Approved by:	mpp
1999-06-28 11:27:14 +00:00
Sheldon Hearn
8d0fe86993 Fix broken logic: (!wrap || log) -> (!wrap && log) .
Reported by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-28 09:28:17 +00:00
Sheldon Hearn
54f5ebed00 Add command-line option (-w), specified once to enable wrapping and
twice to enable wrapping for internal wrapping as well. If the option is
not specified wrapping is turned off so that inetd will behave exactly
as it used to before TCP Wrappers was imported.

Change etc/defaults/rc.conf so as to encourage wrapping on new systems.

Clarify the use of TCP Wrappers in the IMPLEMENTATION NOTES of the
manual page.

Approved by:	jkh
1999-06-27 18:05:34 +00:00
Sheldon Hearn
7aad173232 Fix handling of maximum children and connections per minute.
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-21 11:17:34 +00:00
Sheldon Hearn
1181cf3c52 Various fixes for inetd's TCP Wrappers support:
1) Handle forking and non-forking internal services correctly.
	   Turn on wrapping for internal services because it works now.
	2) Preserve server names for each service on HUP.
	3) Honour hosts_options(5) severity option.
	4) Add IMPLEMENTATION NOTES section to clarify TCP Wrappers
	   usage and limitations.

This change may cause previously allowed builtin services (e.g. daytime)
to be denied in existing configurations.

PR:	12097
Reviewed by:	markm
1)
Reported by:	Pierre Beyssac <pb@fasterix.freenix.org>
2)
Submitted by:	Masachika ISHIZUKA <ishizuka@ish.org>
3)
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-17 09:16:08 +00:00
Dag-Erling Smørgrav
b180b6de88 Don't stop listening to the signal pipe just because you don't have
anything else to do.

PR:		10468, 11594
1999-05-11 12:50:14 +00:00
Mark Murray
d06590a52b Fix the "internal" wrapping as well as a nasty bug involving
the daemon name vs the path. Also fix some warnings and improve
the wrapper section of the man page.

Nice debugging work by:	Sheldon Hearn
1999-04-11 09:22:17 +00:00
Mark Murray
9980037e50 Now inetd(8) has direct support for tcp_wrappers! Not working at the
moment is support for the internal serfvices, so these are not
enabled. Volunteers welcome!
1999-03-28 10:50:30 +00:00
Daniel O'Callaghan
552b1ded8b Make machtime() function unsigned long instead of long.
Reviewed by:	phk
1999-01-05 11:56:35 +00:00
Dag-Erling Smørgrav
87cef388ff Style cleanups.
Requested by:	bde
1999-01-02 16:04:19 +00:00
Dag-Erling Smørgrav
e20e25db62 Back out rev. 1.42 and 1.43. Apply Graham Wheeler's signal handling patch.
Reviewed by:    jkh & eivind
Submitted by:   Graham Wheeler <gram@cdsec.com>
PR:             bin/8183
1998-12-28 15:09:43 +00:00
Matthew Dillon
73df45e228 Remove signal mask prior to calling exec 1998-12-15 23:12:33 +00:00
Matthew Dillon
5177c2936a Reviewed by: freebsd-current
Fix signal/library corruption by blocking all signals except during
    select().  The reported corruption was with reentrancy in the malloc lib.
1998-12-11 17:06:16 +00:00
Poul-Henning Kamp
3c97a31c2f Add an "internal" driver for the "ident" protocol (tcp/113).
It will return "ERROR:HIDDEN-USER" for all requests.

To use it add:
	ident   stream  tcp     nowait  root    internal
to inetd.conf
1998-11-04 19:39:46 +00:00
John Birrell
4b82d708ae Bruce says that %p is intended to format void pointers only. So use a void *
cast. There are pointers and then there are _pointers_. One day I'll
figure out which are which. 8-)
1998-08-18 02:10:05 +00:00
John Birrell
44ab8b53f2 Remove a cast and print the pointer value with %p instead of %x. 1998-08-17 06:16:59 +00:00
Andrey A. Chernov
a07f318f8c Add (struct timezone *) cast to NULL for K&R 1998-07-24 08:28:33 +00:00
Andrey A. Chernov
19ce94466c Use NULL as gettimeofday arg instead of 0 cast
Add missing arg to error diagnostic
Print yet one arg of error diagnostic
1998-07-23 20:05:02 +00:00
Poul-Henning Kamp
d4676e5ad7 last patch misapplied. 1998-07-22 14:24:12 +00:00
Poul-Henning Kamp
02c589d9e9 This may apply to all known versions of inetd.
For a tcp/nowait connection, inetd invokes accept(2) for
each pending connection; this call returns a file descriptor
associated with the new connection.

Twelve years ago, code was added to inetd to detect "failing
servers".  The heuristic that identifies a failing server is
one that has been invoked a large number of times over some
specified interval (e.g., more than 128 ftp services started
in 60 seconds may flag the ftp service as "failing").  These
compile-time constants vary depending on vendor.

The problem is that, when a failing server is detected, the
code neglects to close the file descriptor returned by the
accept(2).

Security-Implications:
I suppose someone with ample free time could orchestrate an
attack buy pummeling services until the inetd process finally
runs out of file descriptors thus rendering inetd useless to
any new connections that require a new descriptor.

PR:		7286
Reviewed by:	phk
Submitted by:	Jeff Forys <jeff@forys.cranbury.nj.us>
1998-07-22 05:53:53 +00:00
Guido van Rooij
c6c38f1d7f On request of Garrett, ad a way to specify that a service should be
reachable via T/TCP
Reviewed by:	Garrett Wollman
1998-05-14 20:26:16 +00:00
Bruce Evans
6543414337 Fixed gross errors in previous commit. `sapipe' was used uninitialized
to attempt to unblock SIGCHLD, but we actually want to unignore SIGPIPE.

Obtained from:	OpenBSD

Finished conversion from sigvec to sigaction (don't assume that sa_mask
is a scalar...).  Didn't convert from sigblock to sigprocmask.  Didn't
fix missing error checking for sigaction...
1998-05-11 12:11:59 +00:00
Guido van Rooij
e523d5ae25 Unblock SIGPIPE before execv(); convert from sigvec to sigaction
Obtained from: OpenBSD
1998-05-08 19:15:44 +00:00
Guido van Rooij
34b32a7cb4 Redo tcpmux stuff. tcpmux handling is now performed after inetd
forks. Furthermore, invalid input for tcpmux does not lead to
an exiting inetd.
This patch is recommended for people running tcpmux (which is NOT
enabled by default)
1998-05-07 18:32:00 +00:00
Paul Traina
ffb7094ed2 Make maxchild and max child-per-minute default values configurable from
the command line or Makefile.
1998-02-24 21:55:14 +00:00
Dima Ruban
3e2e58f12e Add possibility to specify maximum number of connections per minute
for a given IP address.
This should be very effective against DoS attacks.
1997-10-29 21:49:04 +00:00
Andrey A. Chernov
b34683ca29 Implement group part now, final syntax is:
user[:group][/login-class]
1997-10-28 13:46:52 +00:00
Andrey A. Chernov
186a5319ff Implement login classes sepcification as user[/loginclass]
By default inetd run things with the same limits as from /etc/rc
(daemon class) to not break anything as in good old days.
1997-10-27 22:03:47 +00:00
Philippe Charnier
c1a2e93e94 Use err(3). 1997-09-19 06:27:30 +00:00
Warner Losh
83eea89664 Remove and odd sleep found by David Holland and posted to -security.
Reviewed by:	Theo de Raadt (who put it into OpenBSD)
Submitted by:	David Holland <dholland@eecs.harvard.edu>
1997-08-29 18:00:11 +00:00
David Nugent
5d0bfe39ec login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
Garrett Wollman
aeb83a466a Condition SO_PRIVSTATE twiddling on the definedness of SO_PRIVSTATE.
(This was done as a #ifdef to keep source compatibility between 2.2 and 3.0.)
1997-04-28 13:55:07 +00:00
Warner Losh
6c3f552a31 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
Peter Wemm
476602a9d0 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
Julian Elischer
fb42516541 The "-a" option for inetd specifies a specific IP address for the
server to bind to. This works until you send it a SIGHUP with a
new service defined ... the new service is bound to INADDR_ANY.

This patch fixes this bug (in both RELENG_2_2 and -current).

This is a 2.2 candidate..(i.e. pure bug fix)

Submitted by:	Archie Cobbs (archie@whistle.com)
1997-02-05 19:50:04 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00