| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
| |
Improve blacklist support before upgrading libblacklist
The locally declared enum of blacklistd actions needs to be
hidden when the soon to be committed changes to libblacklist
are brought into the tree. Fix the type of the "msg" parameter
to match the library.
There should be no functional changes.
Sponsored by: The FreeBSD Foundation
|
|
|
|
| |
Sponsored by: The FreeBSD Foundation
|
|
|
|
|
|
|
|
|
| |
Enhance blacklistd support to not log anything by default,
unless blacklistd support is enabled on the command line.
Document new flag in man page, cleanup patches to be less
intrusive in code.
Sponsored by: The FreeBSD Foundation
|
|
|
|
|
| |
Approved by: re (gjb)
Sponsored by: EMC / Isilon Storage Division
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ftp daemon dups the control socket to stdin and uses that fd
throughout the code. Clarify this usage slightly by changing from
explicit use of "0" for the fd to a variable, to make it clear what
the zero represents in the non-blacklist code. Make the
blacklist_notify routine use STDIN_FILENO so as to have less of a
"magic number" feel to the code.
Reviewed by: cem
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D6716
|
|
|
|
|
|
|
|
| |
Reviewed by: rpaulo
Approved by: rpaulo
Relnotes: YES
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D6703
|
|
|
|
|
|
|
|
| |
declaring it in an inner scope and then using it via a pointer
in the outer scope.
Reported by: Coverity
CID: 605895
|
|
|
|
|
| |
When getline(3) in 2009 was added a _WITH_GETLINE guard has also been added.
This rename is made in preparation for the removal of this guard
|
|
|
|
| |
No functional change.
|
|
|
|
|
| |
It is faster and usually safer.
Use NULL instead of zero for the pointer.
|
|
|
|
|
|
|
|
| |
These are no longer needed after the recent 'beforebuild: depend' changes
and hooking DIRDEPS_BUILD into a subset of FAST_DEPEND which supports
skipping 'make depend'.
Sponsored by: EMC / Isilon Storage Division
|
|
|
|
|
|
|
| |
Local changes incorporated by 0.4.5: r284340
Local changes retained: r276260, r282117
Obtained from: https://github.com/Juniper/libxo
|
| |
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
|
| | |
|
| |\ |
|
| | | |
|
| | | |
|
| |\ \ |
|
| |\ \ \ |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | | |
| | \ \ \ | |
| |\ \ \ \ \ |
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | | |
Requested by: Simon Gerraty <sjg@juniper.net>
|
| |_|_|_|/
|/| | | | |
|
| |_|_|/
|/| | |
| | | |
| | | | |
Reduce overlinking
|
| |_|/
|/| |
| | |
| | | |
from the latter.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
permitted by the University of Berkeley on July 22, 1999.
Reviewed by: imp
MFC after: 1 week
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
of struct passwd. This fixes spurious "login_getclass: unknown class"
errors.
PR: 186439
Submitted by: UEMURA Tetsuya <t_uemura at macome.co.jp>
MFC after: 1 week
|
|/
|
|
|
|
|
| |
PR: docs/171624
Submitted by: bdrewery
Approved by: gabor
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
|
|
|
|
| |
calls in ftpd(8).
|
|
|
|
| |
MFC After: 1 week
|
|
|
|
|
| |
Reviewed by: attilio
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
| |
the caller. Currently, checkuser() does not differentiate between the
failure to open the file and the absence of a user in the file. Check
to see if there was an error opening the file. If there are any errors,
terminate the connection. Currently, the only exception to this rule
is ENOENT, since there is nothing that says the /etc/ftpuser
and /etc/ftpchroot has to exist.
MFC after: 3 weeks
|
|
|
|
| |
They have no effect when coming in pairs, or before .Bl/.Bd
|
|
|
|
|
|
|
|
|
| |
When gl_pathc == 0, the content of gl_pathv is undefined.
PR: bin/144761
Submitted by: David BERARD <contact davidberard fr>
Obtained from: OpenBSD
MFC after: 1 week
|
|
|
|
|
|
|
|
| |
This makes it a little easier to figure out which application was
responsible for this log entry. Ideally we should add an ut_process or
something similar.
Suggested by: Vincent Poy <vincepoy gmail com>
|
|
|
|
| |
I removed utmp and its manpage, but not other manpages referring to it.
|
|
|
|
|
|
|
|
| |
Also perform a small cleanup to ftpd_logwtmp(). Just use a NULL
parameter for the username to indicate a logout, instead of an empty
string.
Reported by: Alexey Shuvaev <shuvaev physik uni-wuerzburg de>
|
|
|
|
|
|
|
|
| |
Unfortunately I have to partially wreck its functionality, though. ftpd
used to keep a file descriptor to the wtmp, which allowed it to work
from within a chroot. The current utmpx implementation doesn't offer a
way to do this. Maybe we can address this in the future, if it turns out
to be a real issue.
|
| |
|
|
|
|
|
|
| |
PR: docs/131149
Submitted by: Patrick Oonk
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
long commands into multiple requests. [08:12]
Avoid calling uninitialized function pointers in protocol switch
code. [08:13]
Merry Christmas everybody...
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
|
| |
|
|
|
|
|
|
| |
to myself that I understand it.
Bump document date.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The support for RFC 2640 (UTF8) is optional and rudimentary.
The server just advertises its capability to handle UTF-8 file
names and relies on its own 8-bit cleanness, as well as on
the backward compatibility of UTF-8 with ASCII. So uploaded
files will have UTF-8 names, but the initial server contents
should be prepared in UTF-8 by hand, no on-the-fly conversion
of file names will be done.
PR: bin/111714
Submitted by: Zhang Weiwu <see email in the PR>
MFC after: 1 week
|
|
|
|
|
| |
setting the SO_SNDBUF socket option. Using a hard-coded value for
it was a poor idea anyway in the face of diverse network conditions.
|