summaryrefslogtreecommitdiffstats
path: root/libexec
Commit message (Collapse)AuthorAgeFilesLines
...
* Revert parts of previous commits and use a temporary variable to avoiddes2005-04-081-37/+8
| | | | an invalid type pun.
* No need to provide atomic_cmpset_32() anymore.cognet2005-04-071-12/+0
|
* An array was mistaken for a pointer in the previous commit.nectar2005-04-071-3/+4
| | | | | Noticed by: tinderbox, stefanf Pointy hat to: nectar
* Include gettytab.h before extern.h so that the declarations of structstefanf2005-04-064-5/+3
| | | | gettyflags, gettynums and gettystrs are available.
* Correct type mismatch introduced in last commit.nectar2005-04-051-1/+1
| | | | Noticed by: Steve Kargl <sgk@troutmask.apl.washington.edu>
* DES pointed out that the PAM layer may change the target user namenectar2005-04-051-15/+32
| | | | | | during authentication. Thus we need to call getpwnam *after* the user has been authenticated. Colin mentioned that we should also move the check for root in that case.
* When allocating TLS and DTV, make sure that any unused slots in the DTVdfr2005-03-301-8/+4
| | | | | | | | are initialised to zero. When freeing TLS, don't attempt to free DTV slots which were not used. Pointed out by: Joerg Sonnenberger X-MFC-After: After the branch, probably
* When PAM support was added to rexecd in revision 1.29 (just prior tonectar2005-03-271-2/+17
| | | | | | | | | | | | | | | | | | | | | 5.0-RELEASE), a visually elusive bug was introduced. A comparison operator was changed to assignment. As a result, rexecd behaved always as if the `-i' option had been specified. It would allow root logins. This commit corrects the situation in the obvious way. A separate bug was introduced at the same time. The PAM library functions are called between the invocation of getpwnam(3) and the use of the returned static object. Since many PAM library functions result in additional getpwnam(3) calls, the contents of the returned static object could be changed from under rexecd. With this commit, getpwnam_r(3) is used instead. Other PAM-using applications should be reviewed for similar errors in getpw* usage. Security: rexecd's documented default policy of disallowing root logins was not enforced. Reviewed by: cperciva
* If "dangerous" environment variables (LD_PRELOAD, LD_LIBMAP,cperciva2005-03-241-1/+24
| | | | | | | | | | | | | LD_LIBMAP_DISABLE, LD_LIBRARY_PATH) are used, then make sure the libraries being loaded aren't on a noexec-mounted filesystem. This is a compromise position: I'm assuming that nobody will be silly enough to set the noexec mount flag on part of the default library path, in order to avoid adding extra overhead into the common case (where those environment variables aren't used). Discussed with: csjp, secteam MFC after: 1 week
* Use sysconf(_SC_ARG_MAX) instead of NCARGS.das2005-03-212-4/+14
|
* Add locking code for tls routines.davidxu2005-03-201-4/+21
|
* Install rlogind(8). Pointy hat is available on request.ru2005-03-031-1/+1
|
* Wrap BSD r* commands in NO_RCMDS.trhodes2005-03-021-3/+9
| | | | | | Change NO_RCMDNS to NO_RCMDS and do the switch in bsd.compat.mk. Discussed with: ru, nectar
* correct WARNS=6 fix to use cast to (void *).ume2005-03-011-10/+10
| | | | use of struct sockaddr_strage * is thought as not good manner. :)
* Attempt to free any static TLS space used by a shared library when itdfr2005-02-273-0/+24
| | | | | | | is unloaded. This allows applications which load and unload libraries like libGL.so.1 several times to work properly. MFC after: 2 days
* Only provide the dummy, non-atomic atomic_cmpset_32() ifcognet2005-02-261-0/+2
| | | | ARM_HAS_ATOMIC_CMPSET_32 isn't defined.
* If what we have is a struct sockaddr_storage * and what we want is ades2005-02-231-8/+8
| | | | | struct sockaddr_storage *, there's no point in casting it prematurely to a struct sockaddr *. This unbreaks WARNS=6 on sparc64.
* Make WARNS=6-clean.des2005-02-232-12/+13
|
* Add some consistency checks to the signal-related code.yar2005-02-161-0/+6
| | | | MFC: along with rev. 1.202
* A call to maskurg() makes sense only when a transfer is under way,yar2005-02-161-3/+5
| | | | | | | the function will emit an annoying log message otherwise. Reported by: kris MFC: along with rev. 1.202
* - Use socklen_t.stefanf2005-02-141-8/+5
| | | | | - No need for 'fromlen' to have file scope. - Remove an unused variable.
* Fix most cases where the address of an int is passed to a function expecting astefanf2005-02-1412-18/+27
| | | | socklen_t * argument.
* Expand contractions.ru2005-02-132-2/+2
|
* Expand *n't contractions.ru2005-02-134-4/+4
|
* Sync program's usage() with manpage's SYNOPSIS.ru2005-02-095-12/+7
|
* Removed Kerberos remnants.ru2005-02-092-58/+6
|
* The only user of this utility (share/man/man0) was removed 2+ years ago.ru2005-02-094-410/+0
|
* Description from Dan:mdodd2005-02-044-13/+93
| | | | | | | | | | | | | | | Another handy libmap patch. Lets you do stuff like this: LD_LIBMAP="libpthread.so.1=libthr.so.1" mythreadedapp If you already have a program-specific override in libmap.conf, note that you must use a program-specific override in LD_LIBMAP: LD_LIBMAP="[mythreadedapp],libpthread.so.1=libthr.so.1" mythreadedapp PR: bin/74471 Submitted by: Dan Nelson <dnelson AT allantgroup.com> MFC after: 2 weeks
* style(9)mdodd2005-02-041-4/+3
|
* Let bsd.prog.mk set SRCS and MAN to their default values.ru2005-01-284-4/+0
|
* Respect the `logging' flag.yar2005-01-191-1/+1
| | | | | Pointed out by: Nick Leuta MFC after: 3 days
* Improve handling SIGURG and OOB commands on the control channel.yar2005-01-191-134/+269
| | | | | | | | | | | | | | | | | | | | | | | | The major change is to process STAT sent as an OOB command w/o breaking the current data transfer. As a side effect, this gives better error checking in the code performing data transfers. A lesser, but in no way cosmetic, change is using the flag `recvurg' in the only signal-safe way that has been blessed by SUSv3. The other flag, `transflag,' becomes private to the SIGURG machinery, serves debugging purposes only, and may be dropped in the future. The `byte_count' global variable is now accounting bytes actually transferred over the network. This can give status messages looking strange, like "X of Y bytes transferred," where X > Y, but that has more sense than trying to compensate for combinations of data formats on the server and client when transferring ASCII type data. BTW, getting the size of a file in advance is unreliable for a number of reasons in the first place. See question 18.8 of the Infrequently Asked Questions in comp.lang.c for details. PR: bin/52072 Tested by: Nick Leuta (earlier versions), a stress-testing tool (final) MFC after: 1 month
* Sort sections.ru2005-01-1814-94/+94
|
* 64-bit clean + WARNS=6:delphij2005-01-142-5/+4
| | | | | | | | | | | | | | | | | - Convert the (char *) cast+cast backs magic to memcpy(3). Without this, the resulting code is potentially risky with higher optimization levels. - Avoid same name when calling local variables, as well as global symbols. This reduces confusion for both human and compiler. - Add necessary casts, consts - Use new style function defination. - Minor style.Makefile(5) tweak - Bump WARNS?= from 0 to 6 ** for the aout code: changes are intentionally limited to ease maintaince.
* Restore these files to make ldconfig(8) happy.trhodes2005-01-114-0/+504
|
* Remove a.out runtime linker. It doesn't build and was removed from thetrhodes2005-01-1113-4456/+0
| | | | | | | | | | build over two years ago by peter. The binary a.out version of ld.so can be obtained from misc/compat22 or src/lib/compat/compat22. Discussed on: -arch Voted yes: jhb, ru, linimon, delphij
* Replace err(3) calls when in daemon mode by syslog(3), too.yar2005-01-101-4/+8
| | | | | | | A daemon has no stderr to send its complains to. Pointed out by: Nick Leuta MFC after: 1 week
* NOPAM -> NO_PAMru2004-12-212-2/+2
|
* NOINET6 -> NO_INET6ru2004-12-211-1/+1
|
* NOCRYPT -> NO_CRYPTru2004-12-211-1/+1
|
* NODOCCOMPRESS -> NO_DOCCOMPRESSru2004-12-211-1/+1
| | | | | | | | NOINFO -> NO_INFO NOINFOCOMPRESS -> NO_INFOCOMPRESS NOLINT -> NO_LINT NOPIC -> NO_PIC NOPROFILE -> NO_PROFILE
* Start the dreaded NOFOO -> NO_FOO conversion.ru2004-12-213-3/+3
| | | | OK'ed by: core
* Do a small style(9) fix before I'm hacking the code itself.yar2004-12-161-1/+0
|
* free(3) is void already.yar2004-12-161-1/+1
|
* Never emit a message to stderr: use syslog instead.yar2004-12-121-9/+15
| | | | | | | | | | When in inetd mode, this prevents bogus messages from appearing on the control channel. When running as a daemon, we shouldn't write to the terminal we used to have at all. PR: bin/74823 MFC after: 1 week
* Implement a dummy atomic_cmpset_32(). It should be safe to use it in rtld ascognet2004-11-231-0/+11
| | | | the signals are masked anyway.
* When looking for a virtual host to handle the connection,yar2004-11-221-2/+3
| | | | | | stop the search on the first match for efficiency. Submitted by: Nick Leuta
* Calling pam_chauthtok() isn't really needed sinceyar2004-11-221-7/+3
| | | | | | an FTP user has no chance to change password anyway. Submitted by: Nick Leuta
* Don't log the chroot dir on every command since it's constant for a session.yar2004-11-221-9/+8
| | | | | | | Log it once at the beginning of the session instead. OTOH, log wd each time for the sake of better auditing and consistent log format. Proposed by: Nick Leuta <skynick -at- mail.sc.ru>
* Always log remote IP.yar2004-11-221-13/+9
| | | | PR: bin/59773
OpenPOWER on IntegriCloud