| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Tested by: kuriyama
|
|
|
|
|
|
|
| |
I dunno if there is an IPv6 supported rexec client. So, it was
tested that this change doesn't break an IPv4.
Tested by: kuriyama (IPv4 only)
|
|
|
|
| |
Hint by: ume
|
|
|
|
|
| |
o register removal
o use new style prototypes and function definitions
|
|
|
|
| |
are not yet warning-clean. Tested on i386 and alpha.
|
| |
|
|
|
|
|
|
|
| |
definitions are more readable, and it's possible that they're
more portable to pathalogical platforms.
Submitted by: David Hill <david@phobia.ms>
|
| |
|
| |
|
|
|
|
|
| |
I believe I have done due dilligence on this, but I'd appreciate
decent test scenarios and sucess (or failure) reports.
|
|
|
|
| |
Idea from: Theo de Raadt <deraadt@openbsd.org>
|
| |
|
|
|
|
| |
- MAN[1-9] -> MAN.
|
| |
|
| |
|
| |
|
|
|
|
| |
Submitted by: sheldonh@uunet.co.za
|
|
|
|
|
| |
(presuming that the user in question is not in /etc/ftpusers and
does not have a null password).
|
| |
|
|
|
|
|
|
|
|
|
|
| |
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)
Prompted by: bde
|
| |
|
|
|
|
|
|
| |
gethostbyaddr() & gethostbyname().
Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
|
| |
|
|
|
|
|
|
|
|
|
| |
compatibility problem at the same time. Some buffer made large enough
for worst case hostname.
fixes PR 2593.
Reviewed by: Dan Cross and maybe others
|
| |
|
|
|
|
|
|
| |
rev 1.7 deraadt:
buf oflow
Obtained from: OpenBSD
|
|
|
|
|
|
|
|
| |
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
|
|
|
|
|
|
|
|
|
|
| |
it is both uneeded and breaks certain lock-step timing in the rexec
protocol.
Yes, an attacker can "relay" connections using this trick, but a properly
configured firewall that would make this sort of subterfuge necessary in the
first place (instead of direct packet spoofing) would also thwart useful
attacks based on this.
|
|
|
|
|
|
|
|
|
|
|
|
| |
succeeded.
Never allow the reverse channel to be to a privileged port.
Cannidate for: 2.1 and 2.2 branches
Reviewed by: pst (with local cleanups)
Submitted by: Cy Shubert <cy@cwsys.cwent.com>
Obtained from: Jaeger <jaeger@dhp.com> via BUGTRAQ
|
| |
|
| |
|
|
|
|
|
|
| |
getlogin() to return wrong answers (eg: "root").
Reviewed by: davidg
Obtained from: James Jegers, for NetBSD, slightly reworked by me.
|
| |
|
|
|
|
|
|
|
| |
Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.
|
| |
|
|
|
|
|
|
|
| |
Rexecd is a crock, it never should have been written, however make it so
that people who have a need to run it don't hurt themselves so badly.
Obtained from: Ideas obtained from logdaemon 4.3 from Wietse Venema
|
|
|
|
|
| |
Reviewed by:
Submitted by: guido
|
|
|
|
| |
Submitted by: Geoff
|
|
|
|
| |
set up right yet.
|
|
|