| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
are initialised to zero. When freeing TLS, don't attempt to free DTV
slots which were not used.
Pointed out by: Joerg Sonnenberger
X-MFC-After: After the branch, probably
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
5.0-RELEASE), a visually elusive bug was introduced. A comparison
operator was changed to assignment. As a result, rexecd behaved
always as if the `-i' option had been specified. It would allow root
logins. This commit corrects the situation in the obvious way.
A separate bug was introduced at the same time. The PAM library
functions are called between the invocation of getpwnam(3) and the use
of the returned static object. Since many PAM library functions
result in additional getpwnam(3) calls, the contents of the returned
static object could be changed from under rexecd. With this commit,
getpwnam_r(3) is used instead.
Other PAM-using applications should be reviewed for similar errors in
getpw* usage.
Security: rexecd's documented default policy of disallowing root
logins was not enforced.
Reviewed by: cperciva
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
LD_LIBMAP_DISABLE, LD_LIBRARY_PATH) are used, then make sure the
libraries being loaded aren't on a noexec-mounted filesystem.
This is a compromise position: I'm assuming that nobody will be silly
enough to set the noexec mount flag on part of the default library
path, in order to avoid adding extra overhead into the common case
(where those environment variables aren't used).
Discussed with: csjp, secteam
MFC after: 1 week
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Change NO_RCMDNS to NO_RCMDS and do the switch in bsd.compat.mk.
Discussed with: ru, nectar
|
|
|
|
| |
use of struct sockaddr_strage * is thought as not good manner. :)
|
|
|
|
|
|
|
| |
is unloaded. This allows applications which load and unload libraries
like libGL.so.1 several times to work properly.
MFC after: 2 days
|
|
|
|
| |
ARM_HAS_ATOMIC_CMPSET_32 isn't defined.
|
|
|
|
|
| |
struct sockaddr_storage *, there's no point in casting it prematurely
to a struct sockaddr *. This unbreaks WARNS=6 on sparc64.
|
| |
|
|
|
|
| |
MFC: along with rev. 1.202
|
|
|
|
|
|
|
| |
the function will emit an annoying log message otherwise.
Reported by: kris
MFC: along with rev. 1.202
|
|
|
|
|
| |
- No need for 'fromlen' to have file scope.
- Remove an unused variable.
|
|
|
|
| |
socklen_t * argument.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Another handy libmap patch. Lets you do stuff like this:
LD_LIBMAP="libpthread.so.1=libthr.so.1" mythreadedapp
If you already have a program-specific override in libmap.conf, note
that you must use a program-specific override in LD_LIBMAP:
LD_LIBMAP="[mythreadedapp],libpthread.so.1=libthr.so.1" mythreadedapp
PR: bin/74471
Submitted by: Dan Nelson <dnelson AT allantgroup.com>
MFC after: 2 weeks
|
| |
|
| |
|
|
|
|
|
| |
Pointed out by: Nick Leuta
MFC after: 3 days
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The major change is to process STAT sent as an OOB command w/o
breaking the current data transfer. As a side effect, this gives
better error checking in the code performing data transfers.
A lesser, but in no way cosmetic, change is using the flag `recvurg'
in the only signal-safe way that has been blessed by SUSv3. The
other flag, `transflag,' becomes private to the SIGURG machinery,
serves debugging purposes only, and may be dropped in the future.
The `byte_count' global variable is now accounting bytes actually
transferred over the network. This can give status messages looking
strange, like "X of Y bytes transferred," where X > Y, but that has
more sense than trying to compensate for combinations of data formats
on the server and client when transferring ASCII type data. BTW,
getting the size of a file in advance is unreliable for a number of
reasons in the first place. See question 18.8 of the Infrequently
Asked Questions in comp.lang.c for details.
PR: bin/52072
Tested by: Nick Leuta (earlier versions), a stress-testing tool (final)
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Convert the (char *) cast+cast backs magic to
memcpy(3). Without this, the resulting code
is potentially risky with higher optimization
levels.
- Avoid same name when calling local variables,
as well as global symbols. This reduces
confusion for both human and compiler.
- Add necessary casts, consts
- Use new style function defination.
- Minor style.Makefile(5) tweak
- Bump WARNS?= from 0 to 6
** for the aout code: changes are intentionally limited
to ease maintaince.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
build over two years ago by peter.
The binary a.out version of ld.so can be obtained from misc/compat22 or
src/lib/compat/compat22.
Discussed on: -arch
Voted yes: jhb, ru, linimon, delphij
|
|
|
|
|
|
|
| |
A daemon has no stderr to send its complains to.
Pointed out by: Nick Leuta
MFC after: 1 week
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
NOINFO -> NO_INFO
NOINFOCOMPRESS -> NO_INFOCOMPRESS
NOLINT -> NO_LINT
NOPIC -> NO_PIC
NOPROFILE -> NO_PROFILE
|
|
|
|
| |
OK'ed by: core
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When in inetd mode, this prevents bogus messages from
appearing on the control channel. When running as a
daemon, we shouldn't write to the terminal we used to
have at all.
PR: bin/74823
MFC after: 1 week
|
|
|
|
| |
the signals are masked anyway.
|
|
|
|
|
|
| |
stop the search on the first match for efficiency.
Submitted by: Nick Leuta
|
|
|
|
|
|
| |
an FTP user has no chance to change password anyway.
Submitted by: Nick Leuta
|
|
|
|
|
|
|
| |
Log it once at the beginning of the session instead. OTOH, log wd each
time for the sake of better auditing and consistent log format.
Proposed by: Nick Leuta <skynick -at- mail.sc.ru>
|
|
|
|
| |
PR: bin/59773
|
| |
|
|
|
|
|
|
| |
regarding restricted users.
MFC after: 2 weeks
|
|
|
|
| |
Tested with: md5(1)
|
| |
|
|
|
|
| |
is disabled entirely.
|
|
|
|
|
| |
in server messages wherever this doesn't contradict to a particular
message format.
|