summaryrefslogtreecommitdiffstats
path: root/libexec/rexecd
Commit message (Collapse)AuthorAgeFilesLines
* s/int/size_t/ as appropriate.das2005-04-171-4/+4
| | | | Noticed by: bde
* Revert parts of previous commits and use a temporary variable to avoiddes2005-04-081-37/+8
| | | | an invalid type pun.
* An array was mistaken for a pointer in the previous commit.nectar2005-04-071-3/+4
| | | | | Noticed by: tinderbox, stefanf Pointy hat to: nectar
* Correct type mismatch introduced in last commit.nectar2005-04-051-1/+1
| | | | Noticed by: Steve Kargl <sgk@troutmask.apl.washington.edu>
* DES pointed out that the PAM layer may change the target user namenectar2005-04-051-15/+32
| | | | | | during authentication. Thus we need to call getpwnam *after* the user has been authenticated. Colin mentioned that we should also move the check for root in that case.
* When PAM support was added to rexecd in revision 1.29 (just prior tonectar2005-03-271-2/+17
| | | | | | | | | | | | | | | | | | | | | 5.0-RELEASE), a visually elusive bug was introduced. A comparison operator was changed to assignment. As a result, rexecd behaved always as if the `-i' option had been specified. It would allow root logins. This commit corrects the situation in the obvious way. A separate bug was introduced at the same time. The PAM library functions are called between the invocation of getpwnam(3) and the use of the returned static object. Since many PAM library functions result in additional getpwnam(3) calls, the contents of the returned static object could be changed from under rexecd. With this commit, getpwnam_r(3) is used instead. Other PAM-using applications should be reviewed for similar errors in getpw* usage. Security: rexecd's documented default policy of disallowing root logins was not enforced. Reviewed by: cperciva
* Use sysconf(_SC_ARG_MAX) instead of NCARGS.das2005-03-211-2/+7
|
* correct WARNS=6 fix to use cast to (void *).ume2005-03-011-10/+10
| | | | use of struct sockaddr_strage * is thought as not good manner. :)
* If what we have is a struct sockaddr_storage * and what we want is ades2005-02-231-8/+8
| | | | | struct sockaddr_storage *, there's no point in casting it prematurely to a struct sockaddr *. This unbreaks WARNS=6 on sparc64.
* Make WARNS=6-clean.des2005-02-232-12/+13
|
* Fix most cases where the address of an int is passed to a function expecting astefanf2005-02-141-1/+1
| | | | socklen_t * argument.
* Sort sections.ru2005-01-181-3/+3
|
* Mechanically kill hard sentence breaks.ru2004-07-021-4/+8
|
* Include <stdlib.h> for exit() and abort() prototypes.stefanf2004-05-241-0/+1
| | | | Approved by: das (mentor)
* Add section number to .Xrcharnier2003-06-081-1/+1
|
* The .Nm utilitycharnier2002-07-061-11/+16
|
* Unbreak static build and remove usage() that isn't usage().des2002-05-031-15/+8
| | | | Reviewed by: bde
* PAMify rexecd(8).des2002-05-022-116/+89
| | | | Sponsored by: DARPA, NAI Labs
* When opieverify() is fail, fallback to try unix password.ume2002-04-161-4/+9
| | | | Tested by: kuriyama
* Add an IPv6 support.ume2002-04-161-10/+23
| | | | | | | I dunno if there is an IPv6 supported rexec client. So, it was tested that this change doesn't break an IPv4. Tested by: kuriyama (IPv4 only)
* Make this compilable without -DOPIE.kuriyama2002-04-161-1/+1
| | | | Hint by: ume
* o __P removalimp2002-02-071-27/+20
| | | | | o register removal o use new style prototypes and function definitions
* Lock down with WFORMAT?=1, with overrides in the subdirectories whichkris2002-02-041-0/+1
| | | | are not yet warning-clean. Tested on i386 and alpha.
* Don't clobber the default for CFLAGS.bde2001-08-031-1/+1
|
* Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. Thesheldonh2001-07-261-3/+3
| | | | | | | definitions are more readable, and it's possible that they're more portable to pathalogical platforms. Submitted by: David Hill <david@phobia.ms>
* Remove whitespace at EOL.dd2001-07-151-6/+6
|
* mdoc(7) police: removed HISTORY info from the .Os call.ru2001-07-101-1/+1
|
* Goodbye S/Key, Hello OPIE.markm2001-07-092-13/+17
| | | | | I believe I have done due dilligence on this, but I'd appreciate decent test scenarios and sucess (or failure) reports.
* Fix the type of the NULL arg to execl()brian2001-07-091-1/+1
| | | | Idea from: Theo de Raadt <deraadt@openbsd.org>
* Avoid a warning by making a variable a const char *.dwmalone2001-05-011-1/+2
|
* - Backout botched attempt to intoduce MANSECT feature.ru2001-03-261-0/+1
| | | | - MAN[1-9] -> MAN.
* Set the default manual section for libexec/ to 8.ru2001-03-201-1/+0
|
* Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap.charnier2000-11-281-8/+22
|
* mdoc(7) police: use the new features of the Nm macro.ru2000-11-201-2/+2
|
* Man page fixupsnsayer2000-05-151-4/+7
| | | | Submitted by: sheldonh@uunet.co.za
* Add -i (insecure) flag to rexecd, which allows uid == 0 loginsnsayer2000-05-132-4/+11
| | | | | (presuming that the user in question is not in /etc/ftpusers and does not have a null password).
* $Id$ -> $FreeBSD$peter1999-08-283-3/+3
|
* Ensure that things returned by gethostname() andbrian1999-04-071-3/+3
| | | | | | | | | | friends are terminated and allow for a maximum host name length of MAXHOSTNAMELEN - 1. Put parenthesis around sizeof args. Make some variables static. Fix telnetd -u (broken by my last commit) Prompted by: bde
* Link with libutilbrian1999-04-061-3/+3
|
* Use realhostname() rather than various combinations ofbrian1999-04-061-6/+4
| | | | | | gethostbyaddr() & gethostbyname(). Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
* Use err(3). -Wall cleaning. Use Pa for file names and add section in Xrefs.charnier1997-11-262-23/+29
|
* Julian A's fix. Do chdir as user rather than as root. Fixes a minor NFSimp1997-03-241-8/+8
| | | | | | | | | compatibility problem at the same time. Some buffer made large enough for worst case hostname. fixes PR 2593. Reviewed by: Dan Cross and maybe others
* Revert $FreeBSD$ to $Id$peter1997-02-223-3/+3
|
* Buffer Overflow from OpenBSDimp1997-02-091-1/+1
| | | | | | rev 1.7 deraadt: buf oflow Obtained from: OpenBSD
* Make the long-awaited change from $Id$ to $FreeBSD$jkh1997-01-143-3/+3
| | | | | | | | This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
* Back out recent security patch for rexecd. After more careful analysis,pst1996-11-222-28/+15
| | | | | | | | | | it is both uneeded and breaks certain lock-step timing in the rexec protocol. Yes, an attacker can "relay" connections using this trick, but a properly configured firewall that would make this sort of subterfuge necessary in the first place (instead of direct packet spoofing) would also thwart useful attacks based on this.
* Do not attempt to open reverse channel until authentication phase haspst1996-11-192-17/+30
| | | | | | | | | | | | succeeded. Never allow the reverse channel to be to a privileged port. Cannidate for: 2.1 and 2.2 branches Reviewed by: pst (with local cleanups) Submitted by: Cy Shubert <cy@cwsys.cwent.com> Obtained from: Jaeger <jaeger@dhp.com> via BUGTRAQ
* add forgotten $Id$wosch1996-09-223-0/+4
|
* Check for expired passwords before allowing access to the system.mpp1995-08-281-1/+2
|
* rexecd was not calling "setlogin()" when it should have. This was causingpeter1995-07-291-0/+2
| | | | | | getlogin() to return wrong answers (eg: "root"). Reviewed by: davidg Obtained from: James Jegers, for NetBSD, slightly reworked by me.
OpenPOWER on IntegriCloud