| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
o main returns int not void
o use return 0 at end of main when needed
o use braces to avoid potentially ambiguous else
o don't default to type int (and also remove a useless register
modifier).
Reviewed by: obrien and chuckr
|
| |
|
|
|
|
|
|
|
|
| |
friends are terminated and allow for a maximum
host name length of MAXHOSTNAMELEN - 1.
Put parenthesis around sizeof args.
Make some variables static.
Fix telnetd -u (broken by my last commit)
Prompted by: bde
|
| |
|
|
|
|
| |
gethostbyaddr() & gethostbyname().
Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
on rshd and rlogind. However, note that:
1: rshd used to drop a connection with -a if the hostname != ip address.
This is unneeded, because iruserok() does it's own checking.
It was also wrong if .rhosts had an explicit IP address in it,
connections would be dropped from that host solely because the DNS was
mismatched even though it was explicitly intended to work by IP address.
2: rlogind and rshd check the hostname mappings by default now because that
is what goes into the utmp/wtmp and logs. If the hostname != ip address,
then it uses the IP address for logging/utmp/wtmp purposes. There isn't
much point logging ficticious hostnames.
3: rshd -a is now accepted (but ignored) for compatability. If you really
want to make life miserable for people with bad reverse DNS, use tcpd in
paranoid mode (which is questionable anyway, given DNS ttl tweaking).
|
| | |
|
| |
|
|
| |
Also make -Wall a bit quieter.
|
| |
|
|
| |
posix standard on the topic.
|
| |
|
|
|
|
|
| |
Fixes PR 2588
Reviewed by: Dan Cross?
Submitted by: Julian Assange
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rev 1.16 deraadt:
do not warn about valid options; invalid options correctly quit
Rev 1.15 deraadt:
need not clear options since bad ones cause exit;
provos@ws1.physnet.uni-hamburg.de
Rev 1.14 deraadt:
IPOPT_LSRR/IPOPT_SSRR must exit() due to tcp sequencing; pointed
out by provos@wserver.physnet.uni-hamburg.de. also another 1-char
buffer overflow.
Reviewed by: Peter Wemm
Obtained from: OpenSBD
|
| |
|
|
|
|
|
|
| |
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
lusername starts with a '-' is enough. Otherwise, no users with a '-'
in there name can use rlogin.
|
| |
|
|
| |
It still correctly ignores hosts.equiv. This is now consistant with rshd.
|
| |
|
|
| |
responsiveness at the expense of some additional network traffic.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Kerberos obtains a network address for the local host from the routing
tables and uses it consistently for all Kerberos transactions. This ensures
that packets only leave the *authenticated* interface. Clients who open
and use their own sockets for encrypted or authenticated correspondance
to kerberos services should bind their sockets to the same address as that
used by kerberos. krb_get_local_addr() and krb_bind_local_addr() allow
clients to obtain the local address or bind a socket to the local address
used by Kerberos respectively.
Reviewed by: Mark Murray <markm>, Garrett Wollman <wollman>
Obtained from: concept by Dieter Dworkin Muller <dworkin@village.org>
|
| | |
|
| |
|
|
|
|
|
|
| |
user from specifying their hostname when rlogin()-ing in
(using rlogin -f-h<host>)
Reviewed by:
Submitted by:
|
| |
|
