itojun
181c9736b9
correct udp-from-broadcast check. From: andre@ae-35.com
2002-07-04 12:35:19 +00:00
itojun
00a0a65271
on internal udp echoback service, reject request if source address is a
...
broadcast address.
2002-06-05 10:03:31 +00:00
itojun
0c16d570ac
no need for inetd_dummy variable. from openbsd
2002-06-01 03:41:33 +00:00
itojun
0062113f7e
minor KNF
2002-06-01 00:32:41 +00:00
itojun
2dc34bbe40
cleanup main() by splitting it up in two. inspired by openbsd change
2002-06-01 00:28:52 +00:00
itojun
69c161be36
socklen_t cleanup. make MULOG code actually compile (is there anyone using
...
it? otherwise, i'd like to nuke it)
2002-06-01 00:15:08 +00:00
christos
1d1ced8220
use setproctitle(3); from itojun.
2002-05-31 14:28:20 +00:00
wiz
b36c0a5406
deamon -> daemon
2002-01-21 14:42:26 +00:00
abs
dd94d9b295
Convert some 'long's to 'uint32_t's. Now rdate works against an LP64 box.
2001-12-26 17:01:39 +00:00
wiz
14dbdf5518
Negative exit code cleanup: Replace exit(-x) with exit(x).
...
As seen on tech-userlevel.
2001-04-06 11:13:45 +00:00
cgd
25bdbb661e
convert to use getprogname()
2001-02-19 23:22:40 +00:00
lukem
0645f2f67b
use explicit name rather than __progname in openlog
2001-01-11 01:34:28 +00:00
itojun
51156effd6
be more paranoid about UDP-based echo services validation. namely,
...
reject the following sources:
0.0.0.0/8 127.0.0.0/8 240.0.0.0/4 255.0.0.0/8
ff00::/8 ::/128
::ffff:0.0.0.0/96 and ::0.0.0.0/96 obeys IPv4 rule.
hint from deraadt.
2000-08-01 18:42:08 +00:00
mycroft
70c4e41552
Remove bogus typeof hack, and just use the type directly.
2000-07-23 22:54:51 +00:00
itojun
b44d184dec
permit square-bracket notation (as in RFC2732) for the first element
...
in inetd.conf. otherwise, we'll have (minor) problem putting IPv6 address in.
sync with kame.
[::1]:ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
2000-07-08 01:55:24 +00:00
itojun
7bf16d3ecc
explicitly check if the address family is supported, by using socket(2).
2000-07-07 14:56:45 +00:00
itojun
358c3cf8dc
more change on getaddrinfo error handling.
...
XXX enami, I admit it is not a good thing to check the error code from
getaddrinfo. it is sometimes mandatory, however. gai_strerror message
can be too generic in some cases. we can't really extend getaddrinfo,
as it was not invented by kame (see RFC2553)
2000-07-05 12:43:06 +00:00
itojun
798ee6865c
add faithd(8) support. with "faith/tcp6" protocol specification,
...
it will open a socket with setsockopt(IPV6_FAITH).
2000-07-04 13:25:39 +00:00
itojun
9282955dca
emit more friendly message on nonexistent service name.
...
From: enami
2000-07-04 09:33:55 +00:00
itojun
0f20cdad3f
check for mux service by ISMUX(), not by != NORM_TYPE
...
(the assumption can bite us if we extend se_type to have more cases).
2000-07-03 23:40:59 +00:00
itojun
ee1989a0d1
remove duplicated ipsec setup code. we always call setup() on
...
socket reinitialization (like SIGHUP).
sync with kame.
2000-07-03 23:37:17 +00:00
fvdl
2db4d2fdfe
Modify to support RPC over IPv6.
2000-06-02 23:17:55 +00:00
itojun
2e33d275dc
use LOG_WARNING for syslog output for address family mismatch.
...
suggested by: thorpej
2000-05-13 06:42:13 +00:00
itojun
31eb929ec0
correct extremely unfriendly error message when the kernel does not
...
support the address family (like including "tcp6" in inetd.conf, on
non-IPv6 kernel).
was:
inetd[185]: ftp/tcp6: *: hostname nor servname provided, or not known
now:
inetd[315]: ftp/tcp6: *: the address family is not supported by the kernel
2000-05-13 02:56:47 +00:00
itojun
8fb9de8e46
fix IPsec policy parser. #@ should affect multiple lines as documented.
2000-03-06 19:52:13 +00:00
itojun
4b061adfdb
sync with latest libipsec.
...
since outgoing and incoming policy is separated, inetd can take multiple
policy specification, separated by ";".
2000-01-31 14:28:17 +00:00
itojun
55ffb1ce63
make error check against getnameinfo().
2000-01-27 19:52:43 +00:00
itojun
a31f62a92c
call sigsetmask() on ipsec initialization failure.
2000-01-13 15:53:00 +00:00
ad
d3f47cfba9
A colon is the preferred way to split a user and group name pair; make this
...
possible and depreciate the use of dot.
1999-10-06 21:54:10 +00:00
itojun
f7c22e9eaa
fix internal servers (like echo) so that they can accept AF_INET6 connections.
...
add AF_INET6 support for port_good_dg().
1999-09-15 09:59:41 +00:00
sommerfeld
fdadab8fc8
Fix PR7739: correct -DRPC rot in inetd.c
1999-08-02 01:12:21 +00:00
itojun
e1b53de44e
query service name properly on libwrap warnings.
...
NetBSD PR: 8101
1999-07-28 10:58:31 +00:00
ghudson
113b4934fe
se_wait stores pids; make it a pid_t.
1999-07-19 15:49:39 +00:00
itojun
93de5675b3
be more friendly with non-IPsec kernel (hide warnings).
1999-07-04 00:31:57 +00:00
itojun
a77871b871
dual-stack inetd. you can write "tcp6" or "tcp4" into "protocol" field.
...
(the style is the rough consensus among v6 implementers so it will be
the standard style)
TODO: test rpc and tcpmux on IPv6.
TODO: test identd over IPv6.
1999-07-02 04:48:19 +00:00
thorpej
78688ba793
Use pidfile(3).
1999-06-06 01:50:23 +00:00
hwr
f6aa0f509c
Prevent sending udp data to the obvious bad ports that are used for
...
DoS attacks (e.g. looping packets between two echo ports).
This should "fix" PR bin/2455.
Could please anyone with an appropriate "hacker tools" check this?
1999-04-11 15:40:58 +00:00
mycroft
e37d13ec69
Revert previous.
1999-01-20 09:24:06 +00:00
mycroft
24285e691d
Make all listening sockets non-blocking.
1999-01-20 04:42:17 +00:00
lukem
786b86d71b
use AF_LOCAL instead of AF_UNIX
1998-07-18 05:04:35 +00:00
tron
ec7c8ec161
From "buqtraq": avoid file descriptor leak if service is looping.
1998-07-16 08:55:43 +00:00
thorpej
723fb3cccc
Add support for specifying the send and receive socket buffer sizes. This
...
is especially useful for TCP servers which must specify the receive
socket buffer size before the connection is made so that the connection's
window scale factor can be properly advertised.
Example /etc/inetd.conf configuration line:
shell stream tcp,rcvbuf=1m nowait root /usr/libexec/rshd rshd
That line will cause the rshd to advertise a 1 megabyte window, which could
improve the performance of an rcp in some situations.
1998-05-01 01:57:26 +00:00
mycroft
b4d89784ef
Reset the SIGPIPE handler to SIG_DFL after forking.
1998-03-21 06:25:37 +00:00
christos
9fab7a4ffa
PR/4837: Jeff Thieleke: inetd does not compile without libwrap.
1998-01-20 16:44:22 +00:00
mycroft
a88cef6970
Ignore SIGPIPE, which may be caused by non-forking internal TCP services if
...
the remote side closes the connection before we answer.
1997-12-04 06:39:02 +00:00
lukem
a352e573d5
fix use of unix domain socketname length, and signal error if this
...
is exceeded. from enami tsugutomo <enami@ba2.so-net.or.jp> [bin/3369]
1997-10-17 13:53:30 +00:00
mycroft
c5aacdd3b3
Don't sleep if we get EINTR from select(2) (e.g. because we got
...
a SIGCHLD when something died). From PR 4056, by David Holland.
1997-10-08 07:15:59 +00:00
mrg
2d06dcebcd
WARNS?=1
1997-10-05 16:40:24 +00:00
mrg
7d7091ccdd
merge lite2 [actually, just update ucb sccs id's]
1997-10-05 16:16:10 +00:00
mycroft
52aae8dc8a
Don't do libwrap checking for UDP services; they must do it internally on
...
every packet to be correct.
1997-04-20 22:04:59 +00:00