Commit Graph

62 Commits

Author SHA1 Message Date
sheldonh
1d3d610bba Use Dq mdoc tag for double-quoted words. 1999-06-21 11:43:13 +00:00
sheldonh
35595e48b4 Fix handling of maximum children and connections per minute.
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-21 11:17:34 +00:00
sheldonh
e9effd7443 Various fixes for inetd's TCP Wrappers support:
1) Handle forking and non-forking internal services correctly.
	   Turn on wrapping for internal services because it works now.
	2) Preserve server names for each service on HUP.
	3) Honour hosts_options(5) severity option.
	4) Add IMPLEMENTATION NOTES section to clarify TCP Wrappers
	   usage and limitations.

This change may cause previously allowed builtin services (e.g. daytime)
to be denied in existing configurations.

PR:	12097
Reviewed by:	markm
1)
Reported by:	Pierre Beyssac <pb@fasterix.freenix.org>
2)
Submitted by:	Masachika ISHIZUKA <ishizuka@ish.org>
3)
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
1999-06-17 09:16:08 +00:00
des
6c65743291 Don't stop listening to the signal pipe just because you don't have
anything else to do.

PR:		10468, 11594
1999-05-11 12:50:14 +00:00
markm
752388eccd There seems to be a problem (most likely when there is no hosts.allow)
with wrapping the internal services, so do not wrap them for now.
1999-05-07 06:48:01 +00:00
obrien
c9af91f18b MFS: sort reference list and embelish history. 1999-05-01 22:03:00 +00:00
markm
9012e78ce4 Fix the "internal" wrapping as well as a nasty bug involving
the daemon name vs the path. Also fix some warnings and improve
the wrapper section of the man page.

Nice debugging work by:	Sheldon Hearn
1999-04-11 09:22:17 +00:00
markm
f15070b9ae Now inetd(8) has direct support for tcp_wrappers! Not working at the
moment is support for the internal serfvices, so these are not
enabled. Volunteers welcome!
1999-03-28 10:50:30 +00:00
danny
e27bf7f1ca Make machtime() function unsigned long instead of long.
Reviewed by:	phk
1999-01-05 11:56:35 +00:00
des
d953ead330 Style cleanups.
Requested by:	bde
1999-01-02 16:04:19 +00:00
des
b44d350f5d Back out rev. 1.42 and 1.43. Apply Graham Wheeler's signal handling patch.
Reviewed by:    jkh & eivind
Submitted by:   Graham Wheeler <gram@cdsec.com>
PR:             bin/8183
1998-12-28 15:09:43 +00:00
dillon
fac338b16a Remove signal mask prior to calling exec 1998-12-15 23:12:33 +00:00
dillon
0257da5919 Reviewed by: freebsd-current
Fix signal/library corruption by blocking all signals except during
    select().  The reported corruption was with reentrancy in the malloc lib.
1998-12-11 17:06:16 +00:00
phk
44cddad39c Add an "internal" driver for the "ident" protocol (tcp/113).
It will return "ERROR:HIDDEN-USER" for all requests.

To use it add:
	ident   stream  tcp     nowait  root    internal
to inetd.conf
1998-11-04 19:39:46 +00:00
jb
7300b9a59c Bruce says that %p is intended to format void pointers only. So use a void *
cast. There are pointers and then there are _pointers_. One day I'll
figure out which are which. 8-)
1998-08-18 02:10:05 +00:00
jb
49f35df526 Remove a cast and print the pointer value with %p instead of %x. 1998-08-17 06:16:59 +00:00
ache
1bbb61bc9b Add (struct timezone *) cast to NULL for K&R 1998-07-24 08:28:33 +00:00
ache
5b6f7049f1 Use NULL as gettimeofday arg instead of 0 cast
Add missing arg to error diagnostic
Print yet one arg of error diagnostic
1998-07-23 20:05:02 +00:00
phk
dbb03b6d18 last patch misapplied. 1998-07-22 14:24:12 +00:00
phk
39bd98f296 This may apply to all known versions of inetd.
For a tcp/nowait connection, inetd invokes accept(2) for
each pending connection; this call returns a file descriptor
associated with the new connection.

Twelve years ago, code was added to inetd to detect "failing
servers".  The heuristic that identifies a failing server is
one that has been invoked a large number of times over some
specified interval (e.g., more than 128 ftp services started
in 60 seconds may flag the ftp service as "failing").  These
compile-time constants vary depending on vendor.

The problem is that, when a failing server is detected, the
code neglects to close the file descriptor returned by the
accept(2).

Security-Implications:
I suppose someone with ample free time could orchestrate an
attack buy pummeling services until the inetd process finally
runs out of file descriptors thus rendering inetd useless to
any new connections that require a new descriptor.

PR:		7286
Reviewed by:	phk
Submitted by:	Jeff Forys <jeff@forys.cranbury.nj.us>
1998-07-22 05:53:53 +00:00
phk
7a64d46ca3 Spelling fixes.
PR:		6903
Reviewed by:	phk
Submitted by:	Josh Gilliam <josh@quick.net>
1998-06-10 12:34:27 +00:00
pb
16f8d7d58c Small typo in T/TCP patch ("speicfy" -> "specify"). 1998-05-15 19:16:35 +00:00
guido
70c2b190c2 On request of Garrett, ad a way to specify that a service should be
reachable via T/TCP
Reviewed by:	Garrett Wollman
1998-05-14 20:26:16 +00:00
bde
bfcb7bdce1 Fixed gross errors in previous commit. `sapipe' was used uninitialized
to attempt to unblock SIGCHLD, but we actually want to unignore SIGPIPE.

Obtained from:	OpenBSD

Finished conversion from sigvec to sigaction (don't assume that sa_mask
is a scalar...).  Didn't convert from sigblock to sigprocmask.  Didn't
fix missing error checking for sigaction...
1998-05-11 12:11:59 +00:00
guido
656f78b87c Unblock SIGPIPE before execv(); convert from sigvec to sigaction
Obtained from: OpenBSD
1998-05-08 19:15:44 +00:00
guido
779723654b Redo tcpmux stuff. tcpmux handling is now performed after inetd
forks. Furthermore, invalid input for tcpmux does not lead to
an exiting inetd.
This patch is recommended for people running tcpmux (which is NOT
enabled by default)
1998-05-07 18:32:00 +00:00
wollman
e131b51194 Document the requirement for TCPMUX to also be enabled as an internal
service if any external TCPMUX servers are desired.

PR: 826
1998-04-13 15:05:14 +00:00
pst
b89888f153 Make maxchild and max child-per-minute default values configurable from
the command line or Makefile.
1998-02-24 21:55:14 +00:00
dima
c811dec8d3 Add possibility to specify maximum number of connections per minute
for a given IP address.
This should be very effective against DoS attacks.
1997-10-29 21:49:04 +00:00
ache
442881c24b Implement group part now, final syntax is:
user[:group][/login-class]
1997-10-28 13:46:52 +00:00
ache
6a842ce994 Implement login classes sepcification as user[/loginclass]
By default inetd run things with the same limits as from /etc/rc
(daemon class) to not break anything as in good old days.
1997-10-27 22:03:47 +00:00
charnier
e9cad8594e Use err(3). 1997-09-19 06:27:30 +00:00
imp
b52523a54a Remove and odd sleep found by David Holland and posted to -security.
Reviewed by:	Theo de Raadt (who put it into OpenBSD)
Submitted by:	David Holland <dholland@eecs.harvard.edu>
1997-08-29 18:00:11 +00:00
davidn
f766bd31c5 login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
wollman
c63d12aeb3 Condition SO_PRIVSTATE twiddling on the definedness of SO_PRIVSTATE.
(This was done as a #ifdef to keep source compatibility between 2.2 and 3.0.)
1997-04-28 13:55:07 +00:00
imp
691010efad compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
peter
b782f4df30 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
julian
f061fa28f5 The "-a" option for inetd specifies a specific IP address for the
server to bind to. This works until you send it a SIGHUP with a
new service defined ... the new service is bound to INADDR_ANY.

This patch fixes this bug (in both RELENG_2_2 and -current).

This is a 2.2 candidate..(i.e. pure bug fix)

Submitted by:	Archie Cobbs (archie@whistle.com)
1997-02-05 19:50:04 +00:00
wosch
3c5e4a3bbe Sort cross references. 1997-01-20 00:03:00 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
peter
7251a7b426 Implement minimal login class support (ie: does a setusercontext()).
Enabled by defining LOGIN_CAP in Makefile, on by default.
1997-01-13 02:52:30 +00:00
julian
f447087e68 Reviewed by: Bill fenner
Submitted by:	Archie Cobbs (Archie@whistle.com)

Changes to allow inted to control the number of servers to
start on each service. This is a defence against a denial of service attack
in which the system is made unusable by
an external party. It also allows the behaviour of
small memory systems to be more accuratly predicted, by
bounding the extent to which processes can multiply.
1996-11-10 21:12:44 +00:00
julian
5278ea869e Reviewed by: Bill fenner
Submitted by:	 Archie Cobbs (archie@whistle.com)

changes to make inetd compile cleaner under -Wall
1996-11-10 21:07:27 +00:00
alex
8d80515b00 Fix incorrect length argument to memset() function. Closes PR#1937.
Submitted by:	Archie Cobbs <archie@whistle.com>
1996-11-01 01:42:08 +00:00
joerg
e9e54bcde4 Do not modify a malloc()ed pointer; instead, use memmove().
Detected by: phkmalloc - AJ :)
1996-10-28 23:02:38 +00:00
julian
53ead71d81 Reviewed by: various
Submitted by:	archie@whistle.com

changes to allow inetd to bind to a single interface
for more complicated options see xinetd in ports.

Obtained from: whistle.com
1996-08-09 22:20:24 +00:00
dg
a811461f7d Increased listen() queue-depth limit to 64. 1996-07-17 15:00:28 +00:00
gpalmer
3829b6d0e8 Add $Id$ 1996-05-07 03:16:43 +00:00
wollman
41f00ad7a0 Call setsockopt(SO_PRIVSTATE) to renounce SS_PRIV on all the sockets
we create.  (Nothing being called from inetd should use it anyway,
but you can never be too careful.)

Translate the man page back into -mdoc.
1996-02-07 17:15:01 +00:00
mpp
511d4f82b2 Fix a bunch of spelling errors in a bunch of man pages. 1996-01-30 13:52:50 +00:00