Commit Graph

783 Commits

Author SHA1 Message Date
billf
ea6d044997 Add -c/C which chroots by IP of tftp client, (i.e. /tftproot/127.0.0.1/). 2001-01-25 04:20:25 +00:00
jedgar
7aee899b93 Limit commands that can be issued when not logged in:
TYPE, STRU, MODE, ALLO, STAT, ABOR, SITE IDLE, SYST, REST

Reviewed by:	kris, sheldon
2001-01-20 01:34:22 +00:00
jedgar
f047799471 Check malloc() and strdup() return values
Reviewed by:	kris
2001-01-20 00:29:31 +00:00
ru
bf387fb2e3 man(7) -> mdoc(7). 2001-01-16 13:12:21 +00:00
ru
04d60c1164 Prepare for mdoc(7)NG. 2001-01-16 09:15:57 +00:00
dougb
3bbfa62b63 Move the process of storing entropy from /dev/random and reseeding with
it at boot time closer to the way we want it to be in the final version.

* Move the default directory to /var/db/entropy
* Run the entropy saving cron job every 11 minutes. This seems
  to be a better default, although still bikeshed material.
* Feed /dev/random some cheesy "entropy" from various commands
  and files before the disks are mounted. This gives /dev/random
  a better chance of running without blocking early.
* Move the reseeding with previously stored entropy to the point
  immediately after the disks are mounted.
* Make the harvesting script a little safer in regards to the
  possibility of accidentally overwriting something other
  than a regular file.
2001-01-14 07:18:31 +00:00
dougb
ed0bc299d0 Add a system to save entropy from /dev/random periodically so that
it can be used to reseed at boot time. This will greatly increase
the chances that there will be sufficient entropy available at
boot time to prevent long delays.

For /etc/rc, remove the vmstat and iostat runs from the attempt
to provide some cheesy randomness if the files fail, since
those programs are dynamically linked, and ldd seems to want
some randomness to do its magic.

Guidance and parameters for this project were provided by
Mark Murray, based on the requirements of the Yarrow
algorithm. Some helpful suggestions for implementation
(including the tip about iostat and vmstat) were provided
by Sheldon Hearn. All blame for problems or mistakes is
mine of course.
2001-01-11 13:01:20 +00:00
jdp
1f45c7f8de Fix a bug in which a program called dlclose from a destructor and
got an assert failure in the dynamic linker.
2001-01-05 04:36:17 +00:00
ru
5fe0f042a4 Prepare for mdoc(7)NG. 2000-12-27 14:15:06 +00:00
ru
9dc3f06fd9 Prepare for mdoc(7)NG. 2000-12-20 13:26:01 +00:00
dan
c9771e4d86 In send_data(), use sendfile() instead of the mmap() algorithm. 2000-12-20 03:34:54 +00:00
ru
aa8bbee899 mdoc(7) police: removed hard sentence breaks, run through spell-checker. 2000-12-18 08:33:25 +00:00
demon
cc35668453 Fix typo.
PR:		23591
Submitted by:	mavetju@chello.nl
2000-12-17 17:45:22 +00:00
phk
10d3e9963a Add option -E to disable EPSV which throws certain stateful firewalls
into confusion.

Add option -r to make ftpd support only read-only operations.

Submitted by:	Flemming (F3) Jacobsen <fj@batmule.dk>
Reviewed by:	phk
2000-12-16 19:19:19 +00:00
ru
c23c39b3a4 mdoc(7) police: removed history info from the .Os FreeBSD call. 2000-12-14 11:52:05 +00:00
julian
2f95104836 Add support for advertising the service we support if the
PADI packet contains a NULL service.  This is apparently the desired
behaviour in this case, though we only allow advertising one
service. You could run multiple pppoeds to advertise multiple services.
2000-12-13 00:27:33 +00:00
ru
974dfe4e40 mdoc(7) police: .Os CMU -> .Os, split authors for better output. 2000-12-12 15:31:21 +00:00
ru
278161ed6c mdoc(7) police: use canonical form of .Dd macro. 2000-12-11 15:15:20 +00:00
assar
b022d1d27e (scrub_env): change to only accept a listed set of variables,
including only non-filename contents for TERMCAP
2000-12-10 20:50:20 +00:00
obrien
c2ee1dcc02 Add `_PATH_DEVZERO'.
Use _PATH_* where where possible.
2000-12-09 09:35:55 +00:00
ru
1355982a7e Whitespace-only to sync with -stable. 2000-12-07 15:09:48 +00:00
ru
638d2e4b86 MFS: Silence compilation warnings. 2000-12-07 14:59:11 +00:00
brian
e01a4c0fd9 Drop out of our main loop due to a signal rather than handling things in the
signal handler.
Fix a spelling error.

Subtley pointed out by: bde

Make some stuff static
2000-12-04 22:13:30 +00:00
obrien
cafb2a0daa The GCC 2.96 snapshots have slightly different rules for finding include
files.  Mostly -I${.CURDIR} was needed -- especially for YACC generated
files as the new cpp does not look in the ultimate source file
(ie, the .y file)'s directory as told by the "#line" directive.  Some were
misspellings of "-I${.CURDIR}" as "-I.".
2000-12-01 09:39:28 +00:00
obrien
c2462a2bf1 There is no src/contrib-crypto/ anything directory. So don't look for
include files in subdirs of it.
2000-12-01 06:34:44 +00:00
charnier
f1a89df331 Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap. 2000-11-28 18:15:25 +00:00
kris
4a4fa974c1 Constify 2000-11-27 07:21:37 +00:00
danny
229c440944 Prevent leakage of information about anonymous user's homedir
via 'QUOTE CWD'.

Reviewed by:	des
2000-11-26 23:33:36 +00:00
kris
d20a282a16 Correct definition of MAXHOSTNAMELEN in ifdef'ed out code. 2000-11-26 22:18:11 +00:00
kris
35eec2074d Correct definition of MAXHOSTNAMELEN in ifdef'ed code.
Submitted by:	Edwin Groothuis <mavetju@chello.nl>
PR:		bin/22787
2000-11-26 21:37:51 +00:00
kris
8eae02ff46 Constify 2000-11-26 10:21:54 +00:00
kris
a6b6cceedc Don't hard-code a buffer size 2000-11-26 10:05:06 +00:00
ru
fda4c0a990 mdoc(7) police: use the new features of the Nm macro. 2000-11-20 14:42:24 +00:00
kris
3cafbeab6d Format string paranoia 2000-11-19 13:30:36 +00:00
kris
33514b48b8 Format string paranoia 2000-11-19 12:46:16 +00:00
kris
df871b4bd5 L_SET -> SEEK_SET
Obtained from:	OpenBSD
2000-11-19 10:56:14 +00:00
kris
41e14b7cc1 Format string paranoia
Obtained from:	OpenBSD
2000-11-19 10:52:10 +00:00
kris
b9600b6040 Don't use sizeof() on a pointer when we really wanted to measure
the length of the array.

Noticed by:	Christos Zoulas <christos@ZOULAS.COM>
Obtained from:	OpenBSD
2000-11-19 10:01:27 +00:00
jwd
9c6b4db333 Check return code from login_tty. Allow getty to try and become
a daemon and session leader (thus allowing getty to be run from
a shell command line or script).

Partially Reviewed by:	bde
2000-11-19 02:10:25 +00:00
brian
2607c6601d Go back to populating data_len in struct ngpppoe_init_data. 2000-11-16 23:15:42 +00:00
ben
5eea8e98aa remove trailing periods from SEE ALSO. 2000-11-15 17:27:54 +00:00
ru
7d99729431 Use Fx macro wherever possible. 2000-11-14 11:20:58 +00:00
ru
a6f5d950d8 Avoid use of direct troff requests in mdoc(7) manual pages. 2000-11-10 17:46:15 +00:00
dirk
c9dfa8c82c Fix to=auto in bootptab.
PR:		misc/5574
Submitted by:	Bart Robinson <lomew@marker.cs.utah.edu>
Reviewed by:	wollman
2000-11-10 12:19:53 +00:00
jdp
d9a6f6cc60 Remove the superfluous call to _rtld_error() in symlook_default().
The function's callers generate the error message when appropriate.

This eliminates the message ``Undefined symbol "__register_frame_info"''
which was bogusly returned by dlerror() in some cases.
2000-11-07 22:41:53 +00:00
kris
d710bffe20 Filter out some more magic environment variables used by libraries linked
with telnetd. This should really be done with a positive filter - i.e.
only allow through a configured list of variables.

Also do some buffer-safety cleanups while I'm here - I don't think these
are exploitable.
2000-10-31 05:29:54 +00:00
brian
7ad8d82169 Use the new-style ngpppoe_init_data structure.
Approved by: archie
2000-10-31 02:46:12 +00:00
gshapiro
90b1557dac Add a MAINTAINER= line so people know who to blame 2000-10-26 23:02:36 +00:00
guido
752f9b3d1c Fix broken PAM with SKEY behaviour: the skey.access file checks
were broken because the code failed to set PAM_RHOST.
2000-10-12 10:21:05 +00:00
ru
1324e3deb9 Removed broken PAM support from rshd(8) and rlogind(8). rshd does
not allocate a pty(4) so it is not suitable at all for interactive
PAM modules.  rlogind calls login(1) which is already PAM enabled.

Approved by:	markm
2000-10-12 07:18:20 +00:00