| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
shorter than the required length. Note that it rarely happens
because maxlen is almost always 128 which covers struct sockaddr_storage.
|
| |
|
|
| |
working.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
transport specific form of a universal transport address. The
structure is expected to be opaque to consumers. In the current
implementation, the structure contains a pointer to a buffer
that holds the actual address.
In rpcbind(8), netbuf structures are copied directly, which would
result in two netbuf structures that reference to one shared
address buffer. When one of the two netbuf structures is freed,
access to the other netbuf structure would result in an undefined
result that may crash the rpcbind(8) daemon.
Fix this by making a copy of the buffer that is going to be freed
instead of doing a shallow copy.
Security: FreeBSD-SA-15:24.rpcbind
Security: CVE-2015-7236
|
| |\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Off by default, build behaves normally.
WITH_META_MODE we get auto objdir creation, the ability to
start build from anywhere in the tree.
Still need to add real targets under targets/ to build packages.
Differential Revision: D2796
Reviewed by: brooks imp
|
| | | |
|
| | |\
| |/
|/| |
|
| | |\ |
|
| | | | |
|
| | | | |
|
| | |\ \ |
|
| | |\ \ \ |
|
| | | | | | |
|
| | | | | | |
|
| | |\ \ \ \ |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Requested by: Simon Gerraty <sjg@juniper.net>
|
| | |_|_|_|/
|/| | | |
| | | | |
| | | | | |
Reduce overlinking
|
| | |_|_|/
|/| | | |
|
| | |_|/
|/| |
| | |
| | | |
from the latter.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
new command line options -W, to enable it when needed.
On my tests this change by almost ten times improves rpcbind performance.
No objections: many, net@
|
| | |/
|/|
| |
| | |
permission of Sun Microsystems in 2009.
|
| | |
| |
| |
| | |
Submitted by: Garrett Cooper
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
userland via routing socket or sysctl. This eliminates the following
KAME-specific sin6_scope_id handling routine from each userland utility:
sin6.sin6_scope_id = ntohs(*(u_int16_t *)&sin6.sin6_addr.s6_addr[2]);
This behavior can be controlled by net.inet6.ip6.deembed_scopeid. This is
set to 1 by default (sin6_scope_id will be filled in the kernel).
Reviewed by: bz
|
| | |
|
| |
|
|
|
|
| |
statment's border.
MFC after: 1 month
|
| |
|
|
|
|
| |
PR: bin/154928
Submitted by: Eitan Adler <lists at eitanadler.com>
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
| |
from their liceense.
Obtained from: NetBSD
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
interfaces (such as when you are part of a carp pool), and you run
rpcbind -h to restrict which interfaces have rpc services, rpcbind can
none-the-less return addresses that aren't in the -h list. This patch
enforces the rule that when you specify -h on the command line, then
services returned from rpcbind must be to one of the addresses listed
in -h, or be a loopback address (since localhost is implicit when
running -h).
The root cause of this is the assumption in addrmerge that there can
be only one interface that matches a given network IP address. This
turns out not to be the case. To retain historical behavior, I didn't
try to fix the routine to prefer the address that the request came
into, since I didn't know the side effects that might cause in the
normal case. My quick analysis suggests that it wouldn't be a
problem, but since this code is tricky I opted for the more
conservative patch of only restricting the reply when -h is in effect.
Hence, this change will have no effect when you are running rpcbind
without -h.
Reviewed by: alfred@
Sponsored by: iX Systems
MFC after: 2 weeks
|
| |
|
|
|
|
| |
stack garbage.
Obtained from: NetBSD 1.13
|
| | |
|
| |
|
|
|
|
|
|
|
| |
for rpcbind(8) to crash.
The crash was due to a boolean variable initialized
improperly. Besides fixing the initialization, pick
a better name for the variable so that its meaning is
clear and no more coding errors appear around it.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
PR: bin/1122566
MFC after: 1 week
|
| |
|
|
|
|
|
|
|
|
|
|
| |
other than INADDR_ANY.
2) Add the -6 option to specify "IPv6 only".
Glanced at by: bms
Requested by: bms [2]
PR: bin/84494 [1]
Approved by: silence from maintainer (~2 weeks) [1]
MFC after: 2 weeks
|
| | |
|
| |
|
|
|
|
| |
PR: docs/105720
Submitted by: koitsu
MFC after: 1 week
|
| |
|
|
|
|
|
|
| |
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html
The src.conf(5) manpage is to follow in a few days.
Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)
|
| |
|
|
|
| |
are exported by libc with prototypes in our standard headers.
I guess at one time this was necessary, but not any longer.
|
| |
|
|
|
|
| |
PR: kern/73865
Submitted by: Jeremy Chadwick <freebsd@jdc.parodius.com>
MFC after: 3 days
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Decrease log severity to debug if a protocol is not supported by the
kernel (rpcbind checks /etc/netconfig if a protocol is available).
This avoids "rpcbind: cannot create socket for tcp6" messages
at startup on IPv4-only kernels.
|
| |
|
|
| |
Obtained from: NetBSD
|
| |
|
|
| |
Obtained from: NetBSD
|
| | |
|
| |
|
|
|
|
|
|
| |
produce backcompatible code.
Reviewed by: rwatson
Obtained from: NetBSD
MFC after: 1 day
|
| |
|
|
| |
especially in troff files.
|
