plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
isatty(1) ! Keep 0 open for this till the modem's
been set up by either dup()ing 0 or by opening
ctermid(NULL) (if isatty(0)).
Discussed problem with: Tomi Vainio <tomppa@fidata.fi>
Made it finally dawn on me: Angelo Turetta <ATuretta@stylo.it>
setup dialog from scripts is more controllable. No more biasing off of
hostname (which is now non-optional in the non-netInteractive case).
Requested by: pst
o Output the correct device for "show modem"
while in -direct mode.
o Cosmetic: Moan a bit more when we can't open
the [modem] device.
o Call OpenModem() in a more "natural" way.
o Add some LogDEBUG in OpenModem().
an export line) is unresolvable, make a note of it via syslog and skip
that individual host instead of skipping the entire line.
PR: 1981, 815
Perused by: joerg
receive the ResetAck, NOT when we send the
ResetReq (as per the rfc).
o SILENTLY ignore CCPs that arrive *before*
the network phase (as per the rfc).
o Check that we've actually negotiated PRED1
before sending PRED1 output.
This bug has been around for a *VERY* long
time ! We shouldn't need to explicitly disable
PRED1 now :-)
mode. We don't want to be forced to type a password
here :-(
Pointed out by: mouth@ibm.net (John Kelly)
While I'm there, don't allow a "set server" in
interactive mode.
lots of disks from sysinstall. Yay! Please test this as much as
possible with any 3.0 SNAP later than 970910 (I.E. tomorrow's snap),
especially those of you with larger disk farms.
Submitted by: Ed Gold <vegold01@starbase.spd.louisville.edu>
Insist that uid == 0 for client ppp
Disallow client sockets if no password is specified
Don't exit on failure to open client socket for listening
Allow specification of null local password
Use reasonable size (smaller) ``vector''s in auth.c
Fix "passwd ..." usage message
Insist on "all" as arg to "quit" (if any)
Drop client socket connection before Cleanup() when "quit all"
of OpenBSD's elf nlist code for this, and our a.out version. The OpenBSD
version was mainly a seek/read system with a mmap of the string table,
this one simply mmap's the lot (like the a.out version).
Obtained from: a fair chunk from OpenBSD
with libc's version.
lpd: use getopt(3), err(3), add usage(), allow specification of a port #
on the command line as the documentation suggested for more than 10 years.
PR: docs/3290
This tells ppp to loopback packets addressed to
the ppp interface IP coming *from* the tun
device.
This means that you can ping the tun interface IP
from inside :-)
idependently time out any of the FSMs.
Split LCP logging into LCP, IPCP and CCP logging,
and make room in "struct fsm" for the log level
that the state machine should use.
dial-on-demand, packet filtering, idle timeouts, etc). The IPX support
is pretty much there but more work needs to be done in sys-bsd.c for
the interface ioctls (Linux has a very different way of configuring IPX
interfaces).
Along the way some things have temporarily been lost due to very messy
conflicts. I will recover them shortly when I can think clearer.
The main one is the local:remote address override in pap-secrets and
chap-secrets. Some other home-grown features (dns1,dns2) have been
implemented differently. Microsoft's chap client auth hacks have been
implemented. There are bound to be more rough edges... The changes for
connect-max-retries doesn't fit well with the dial-on-demand code.
mixed up versions. Also, these were imported onto the 1.1.2 branch
(since the last one was imported there, sigh) and that causes cvsup in
checkout mode some problems (there isn't any 1.1.1 branch at all!!).
"set stopped" directive. If the timeout occurs
it will cause a "Down" event, hanging up the line
if it's still up. This *isn't* part of the FSM
diagram, but I consider it ok as a "higher level
implementation specific timeout" as specified in
the rfc ;-}
Discussed briefly with: joerg
Output function name for the "pre-prologue" entry, by stealing
it from the next entry.
Output length of basic-block in bytes and product of executions
and length.
so you don't need to re-enter it for each and every filesystem. Heads up!
This change is incompatible with the previous scripting format,
so those folks (all 2 of you) using config files should take a look
at the changes to the sample install.cfg file for the diskLabelEditor's
new calling syntax.
Finally write a man page for this thing, documenting all of the above
and more. I can't drive a stake through this thing's heart without
properly documenting it first, so please consider this step #1 in that
process (to be honest, sysinstall will also live on for some time in
the 2.2. branch since it's unlikely that the new install tools will ever
make it over there - they're strictly 3.0 material).
fixed. Natd now waits with select(2) for buffer space
to become available if write fails.
- Packet aliasing library upgraded to 2.2.
Submitted by: Ari Suutari <suutari@iki.fi>
is _break_ dns lookups entirely, and since reading the relevant docs and
source code does not enlighten for now, I'll remove this until more
basic research has been done into controlling the resolver's timeout
values.
the MEDIA_TIMEOUT variable. Just -current for now on this one as
I'm still wanting to play with this a bit and see what the ramifications
of doing this are.
Requested by: pst
1. Detecting the split /dev/ttyv0 / /dev/console case, e.g. you've
booted with the -h flag and you have a VGA card also.
2. Adding an extra "menu" for selecting terminal type and adding ANSI
to the list of compiled-in terms.
3. Opening the proper file descriptors before disowning ourselves.
Requested by: pst
at the end of gethostanswer()/getanswer()/whatever where it used to
return TRY_AGAIN. This breaks the domain list traversal in ypserv's
async DNS lookup module: it would only retry using the domain(s) from
the 'domain' or 'search' lines in /etc/resolv.conf if __dns_getanswer()
returned TRY_AGAIN.
Changed the test so that either TRY_AGAIN or NO_RECOVERY will work.
This seemed to me the best solution in the event somebody tries to
compile this code on an older system with a different version of BIND.
(You shouldn't do that of course, but then there's a lot of things
in the world that you shouldn't do and people do them anyway.)
is not sane: if the TTL on a pending but unanswered query hits 0 and the
circular queue entry is removed and free()d, the for() loop may still try
to use the entry pointer (which now points at no longer valid memory).
usually, deleting only the last entry off the end of the queue worked, but
if more than one was deleted, the server would crash. I changed things a
bit so this shouldn't happen anymore.
Also arranged to call the prune routine a bit more often.
diffes with NetBSD/OpenBSD. These changes seem to predate the NetBSD/OpenBSD
split, so it is hard to give proper credit for them.
Obtained from: OpenBSD.
overflow patches that were "near" to where these operations are taking
place. The buffer overflows are from OpenBSD. The setuid/seteuid patches
are from NetBSD by way of OpenBSD (they changed them a little), at least from
my read of the tree.
This is the first of a series of OpenBSD lpr/et al merges. It (and them)
should be merged back into 2.2 and/or 2.1 (if requested) branches when they
have been shaken out in -current.
Obtained from: OpenBSD
we decide to do a DNS lookup, we NUL terminate the key string provided
by the client before passing it into the DNS lookup module. This is
actually wrong. Assume the key is 'foo.com'. In this case, key.keydat_val
will be "foo.com" and key.keydat_len will be 7 (seven characters; the
string is not NUL-terminated so it is not 8 as you might expect).
The string "foo.com" is actually allocated by the XDR routines when the
RPC request is decoded; exactly 7 bytes are allocated. By adding a NUL,
the string becomes "foo.com\0", but the '\0' goes into an 8th byte which
was never allocated for this string and which could be anywhere. The result
is that while the initial request may succeed, we could trash other
dynamically allocated structures (like, oh, I dunno, the circular map
cache queue?) and SEGV later. This is in fact what happens.
The fix is to copy the string into a larger local buffer and NUL-terminate
that buffer instead.
Crash first reported by: Ricky Chan <ricky@come.net.uk>
Bug finally located with: Electric Fence 2.0.5
the hostname into. In theory the bind library should do this, but
in practice the limites between system defines and bind defines make
an attack using this vector possible. These patches have been in
use on my systems for three months now, so I am fairly confident about
them. I plan on commiting this to 2.2 and 2.1 in the near future,
as well as many other patches of this nature.
those ideas that, like the Apache server setup, was well-intentioned
but doomed to fail in the face of change. That and the fact that it
shouldn't be part of the installation tool, it should be part of the
post-installation setup tool (which we need to write). Combining the
two utilities into one utility was my first conceptual mistake.
Apologies also to Coranth Gryphon, who worked hard on the Apache
and Samba server setup code. These features were quite useful
for awhile, if that's any consolation, I just simply had the wrong
ideas about where to put them. :-(
In rt_change() remember to update the interface pointer otherwise we will
send the RIP packets to the wrong interface(s) in future.
Update the hash generator and increase the size of the hash tables.
Only use the network and host parts when comparing IPX interface addresses.
Immediately broadscast RIP and SAP changes.
Change the alarm code to use the setitimer() call and only set a flag in
the alarm signal handler. This gets rid of possible race conditions.
Remove the host routing table. IPX RIP cannot do host routes, only net routes.
Make the delay between broadcast packets 50ms. It seems that some Netware
4.x servers is very slow and don't have much input buffering.
Handle received messages about networks and services that go down, better.
Add tracing of RIP and SAP changes. It gets sysloged with a level of
LOG_DEBUG.
INT cause a hangup - not exiting for -ddial & -auto.
HUP must exit because init sends this at system shutdown
time (why, I don't know), and we don't want to end up
redialing after the HUP (due to another dfilter packet).
Pointed out by and discussed with: ache
the option in pkg_create. Now preserved files start with a . and are
named .<filename>.<pkgname>.backup so that their purpose is more clear.
Note that just using the preserve option without proper pkg_deps
is also foolish since packages being deleted in the incorrect order with
preserve on can generate some odd results.
before replacing them (using pkgname to make this hopefully unique).
Delete also moves them back, if they exist, resulting in a package
which can be "backed out" with reasonable safety.
Catch SIGUSR1 to re-init listening socket.
Document signal behaviour.
Add missing '\n's to LogPrintf(LogWARN,...)
Main() returns int not void.
AF_LOCAL ideal suggested a long time ago by: joerg
unless defined out - including while a telnet
session with a -auto ppp is in effect. If you
don't create ppp.secrets, you deserve what you
get.
telnet connection capabilities will be configurable
per system soon.
Suggested by: Terry Dwyer <tdwyer@omen.net.au>
Updated README file with additional helpful information from Steve Passe
and added patches from Robert Sexton to eliminate case sensitivity of
the xten command.
o Style police
o Make hangup abort the current connection, not
necessarily exiting (-auto/-ddial).
o Trap HUP and INT during DoChat and abort the
connection attempt. This means you can now
type "dial" and change your mind with ^C, or
HUP the process to stop it dialing.
Slapped into doing it by: Chuck Robey <chuckr@glue.umd.edu>
Add a system command to script mechanism (so you can call things like
tzsetup from scripts).
Add noError variable for causing script errors to be ignored.
The way Secure RPC is set up, the ecb_crypt() routine is expected to
be able to encrypt a buffer of any size up to 8192 bytes. However, the
des_ecb_encrypt() routine in libdes only encrypts 8 bytes (64 bits) at a
time. The rpc_enc.c module should compensate for this by calling
des_ecb_encrypt() repeatedly until it has encrypted the entire supplied
buffer, but it does not do this.
As a workaround, keyserv now handles this itself: if we're using DES
encryption, and the caller requested ECB mode, keyserv will do the right
thing.
Also changed all references to 'rc4' into 'arcfour' just in case some
litigious bastard from RSA is watching.
Note that I discovered and fixed this problem while trying to get
a part of NIS+ working: rpc.nisd signs directory objects with a 16-byte
MD5 digest that is encrypted with ecb_crypt(). Previously, only the
first 8 bytes of the digest were being properly encrypted, which caused
the Sun nis_cachemgr to reject the signatures as invalid. I failed to
notice this before since Secure RPC usually never has to encrypt more
than 8 bytes of data during normal operations.
Submitted by: Forgotten
Passed on by: Terry Dwyer 61 8 9491 5161 <tdwyer@io.telstra.com.au>
Also remove extraneous setuid(0) - it's only undone by
the subsequent call to SelectSystem().
o Allow "set var" with no args to blank var (don't req "").
o Zero VarTerm ASAP if not in interactive mode.
o Never print anything to stdout in -direct mode.
o Count redial when failing to open modem.
o Increase device size to 40 characters (for host:port).
o Remove missed "if (fd == 0) fd = 1;".
o Don't give up on incoming non-terminal connections.
o Use syslog
o Remove references to stdout/stderr (incl perror())
o Introduce VarTerm - the interactive terminal or zero
o Allow "set timeout" to affect current session
o Change "set debug" to "set log"
o Allow "set log [+|-]flag"
o Make MSEXT and PASSWDAUTH stuff the default
o Move all #ifdef DEBUG stuff into the code - this
shouldn't be too much overhead. It's now controlled
with "set log +debug"
o Add "set log command, debug, tun, warn, error, alert"
o Remove cdefs.h, and assume an ansi compiler.
o Improve all diagnostic output
o Don't trap SIGSEGV
o SIGHUP now terminates again (log files are controlled
by syslog)
o Call CloseModem() when changing devices
o Fix parsing of third arg of "delete"
I think this fixes the "magic is same" problems that some
people have been experiencing.
The man page is being rewritten. It'll follow soon.
will break compilation if DESTDIR is not set. The update.c module is
actually from the Sun RPC distribution so this is really their bogon, but
I should have noticed it when I integrated the code into rpc.ypupdated.
Sung to me by: Satoshi
received and after the TerminateAck is sent (as
per rfc1661) rather than to ST_STOPPING. Going
to ST_STOPPING will leave us in a state where
we're waiting for the other side to do something -
not a good idea, especially as the client side sends
a TerminateReq then exits on idle timeout.
alias commands simply won't work. Only root may specify the
location of the alias lib (otherwise, it's hard-coded).
Make logprintf silently fail if LogOpen hasn't been called.
Suggested by: eivind
The standard SunOS ypbind(8) (and, until now, the FreeBSD ypbind)
only selects servers based on whether or not they respond to clnt_broadcast().
Ypbind(8) broadcasts to the YPPROC_DOMAIN_NONACK procedure and waits
for answers; whichever server answers first is the one ypbind uses
for the local client binding.
This mechanism fails when binding across subnets is desired. In order
for a client on one subnet to bind to a server on another subnet, the
gateway(s) between the client and server must be configured to forward
broadcasts. If this is not possible, then a slave server must be
installed on the remote subnet. If this is also not possible, you
have to force the client to bind to the remote server with ypset(8).
Unfortunately, this last option is less than ideal. If the remote
server becomes unavailable, ypbind(8) will lose its binding and
revert to its broadcast-based search behavior. Even if there are
other servers available, or even if the original server comes back
up, ypbind(8) will not be able to create a new binding since all
the servers are on remote subnets where its broadcasts won't be heard.
If the administrator isn't around to run ypset(8) again, the system
is hosed.
In some Linux NIS implementations, there exists a yp.conf file where
you can explicitly specify a server address and avoid the use of
ypbind altogether. This is not desireable since it removes the
possibility of binding to an alternate server in the event that the
one specified in yp.conf crashes.
Some people have mentioned to me how they though the 'restricted mode'
operation (using the -S flag) could be used as a solution for this
problem since it allows one to specify a list of servers. In fact,
this is not the case: the -S flag just tells ypbind(8) that when it
listens for replies to its broadcasts, it should only honor them if
the replying hosts appear in the specified restricted list.
This behavior has now been changed. If you use the -m flag in conjunction
with the -S flag, ypbind(8) will use a 'many-cast' instead of a broadcast
for choosing a server. In many-cast mode, ypbind(8) will transmit directly
to the YPPROC_DOMAIN_NONACK procedure of all the servers specified in
the restricted mode list and then wait for a reply. As with the broadcast
method, whichever server from the list answers first is used for the
local binding. All other behavior is the same: ypbind(8) continues
to ping its bound server every 60 seconds to insure it's still alive
and will many-cast again if the server fails to respond. The code used
to achieve this is in yp_ping.c; it includes a couple of modified RPC
library routines.
Note that it is not possible to use this mechanism without using
the restricted list since we need to know the addresses of the available
NIS servers ahead of time in order to transmit to them.
Most-recently-requested by: Tom Samplonius
of reconnect & -background.
o Fix reconnect anomolies.
o Make reconnect apply to failed LQR hangups (& mention in man page).
o Make reconnect effective in -background mode.
o Listen on socket in -background mode.
o Try all phone numbers in -background mode.
o Insist on system arg in -background mode.
o Make a control-connection close command exit in -background mode.
o Output status message to stdout on exit of parent in -background mode.
o Don't notify parent of success too soon.
o Describe termination EX_* code.
o Miscelaneous diagnostic corrections.
o Remove redundant connect_time from modem.c.
o Don't repeatedly DownConnection().
to FTS_LOGICAL (follow symlinks and return their targets)
Because
1) In the real system there is a lot of symlinks nowdays over
/var, /spool, etc. Mtree can't do anything for them, i.e. change
permissions/owner. I.e. if you have /var/mail -> /somewhere
it will never be changed to group "mail" 775 like -current does now,
symlink totally confuses mtree.
2) Mtree can't deal with symlinks properly in any case (they are created
separately in other places now), so we lost no functionality by making
them invisible for mtree.
can be specified without the flags field.
Fix bogus "trail" left in parse routine where the code jumps
past the end of the line and wanders into oblivion.
sysinstall about the dangerously dedicated message, and other
variables to allow pre-configuring the distribution sets.
Still todo: add a variable to define an initial set of packages that
should be loaded.
Reviewed by: jkh
(good thing for apache f.e.) This change is backward compatible with old
newsyslog.conf files.
2) Do not compress log if SIGHUP sending failed for some reason
(f.e. pid file deleted). Newcoming messages will be lost
otherwise.
3) Misc cleanup while I am here.
found that my syslogd is now running them for several months...
Add an option to syslogd to restrict the IP addresses that are allowed
to log to this syslogd. It's too late to develop the inter-syslogd
communications protocol mentioned in the BUGS section, some 10 years
too late. Thus, restricting the IP address range is about the most
effective change we can do if we want to allow incoming syslog
messages at all.
IMHO, we should encourage the system administrators to use this option,
and thus provide a knob in /etc/rc.* for it, defaulting to -a 127.0.0.1/32
(just as a hint about the usage).
Please state opinions about whether to merge this change into 2.2 or
not (i've got it running on RELENG_2_2 anyway).
Instead, reverse the order of the testing, so if a symbolic name starts with
a digit, we'll see if we can make a network address out of it first. If
that fails, then we'll call getnet...
the connection after an unexpected loss of carrier:
set reconnect timer ntries
The man page warns against using this command when your
timeout value is slightly more than the other sides :{}
Suggested by: burton@bsampley.vip.best.com (Burton Sampley)
Delete bogus local versions of mount*.[ch] and nfs_prot*.[ch].
Use v3 protocol by default for NFS mounts. If v3 is not supported, v2 is
used automatically. Add a new mount options for NFS, 'nfsv2' to allow the
administrator to force the use of the older protocol.
Document the new mount options and fix a couple of markup problems.
pppd now creates /var/run/ttyXn.if file containing the interface name;
check that a 'login' user is not listed in /etc/ppp/ppp.disabled;
check that a 'login' user's shell is listed in /etc/ppp/ppp.shells;
make sure that passwordless 'login' logins are recorded in wtmp and
utmp.
and chap-secrets files. This allows specific users
to have pre-allocated IP numbers while others get
assigned dynamically.
Submitted by: David Nugent <davidn@unique.usn.blaze.net.au>
list has been dialed. Alternate number dialing has no "pause".
Suggested by: joerg
Document this behaviour. Document that the number of dial attempts
applies to the number of phone calls rather than the number of times
each number is dialed. Add a missing .El. Give a decent description
of how to connect to an ISP.
in the transfer request actually exist. Technically ypxfr can do this too,
but why waste the cycles getting ypxfr off the ground for a transfer we
already know is going to fail.
Also apply stricter access control rules; ypproc_xfr_2_svc() is in a
different class than the normal map access procedures procedures.
nfs requests from non-privileged ports.
Change mountd such that it does never set this variable, but only clears
it when run with -n. Also document this in the man page.
and quitting telnet immediately (while phone number dialed)
Log client connection/disconnection with PHASE_BIT now.
Add more error recovery on client disconnection
(presumably because the kernel is old). Moved the declaration of a
variable realated to this sysctl outside of an unrelated ifdef.
Not fixed:
- this sysctl is badly named (nfs occurs twice).
- it's silly to have for FreeBSD in FreeBSD code, especially when
only half of the FreeBSD-dependent code is ifdefed.
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.
Suggested by: ache@freebsd.org
in the Lite2 merge to not export some nfs constants. It started causing
warnings when I added a kernel-only #define for DIRBLKSIZ.
Removed `#define NFS'. This was an old, bad interface for telling
<sys/mount.h> to export nfs stuff.
it's done for pci. This is so that systat and vmstat can get at the
interrupt counts for the Inter-Processor Interrupts when running a smp
kernel. This doesn't affect the normal kernel, but makes life easier for
the smp people who don't have to track two versions of config.
vnconfig doesn't seem to be in Lite2, although dev/vn is. The Lite2
merge in userland has converted all mount calls except this one and
one for devfs in init, so we can drop support for old mount args soon.
Vnconfig probably shouldn't support mounting - it only supports ufs.
non-standard and not used. "port auto" is equal to "port?" or missing "port"
keyword now. "port none" is really probe routine task (return -1 for
no ports).
