Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
114,865 Commits 606 Branches 0 Tags 3.1 GiB
1d06004879
Commit Graph

92 Commits

Author SHA1 Message Date
itojun
1d06004879 use strlcpy 2003-07-13 13:54:02 +00:00
itojun
a6a7baa235 "user:group=foo.bar" is weird. use colon on both sides 2003-04-22 07:46:46 +00:00
itojun
906a2ba4ed always configure IPV6_FAITH explicitly to avoid misconfiguring it on SIGHUP. 
sync w/kame
 2003-04-22 07:45:27 +00:00
tron
62c4d50f34 Because signals are delivered synchronously via kqueue(2) there is no 
reason to block and release them at various places.
 2003-02-16 18:16:26 +00:00
tron
39e99fe8e3 Now that signal handling is done via kqueue(2) we need to enter 
the event loop even if no sockets were created. This should fix
PR bin/20369 by Martin Husemann.
 2003-02-16 17:57:34 +00:00
tron
726769ad02 Improve kqueue(2) utilization: 
- Don't invoke kevent(2) for every single event change. Instead collect
  event changes and try to do them in the event loop.
- Handle signals via kevent(2) to avoid race conditions for SIGHUP (which
  probably exist in the select(2) based implementation, too).
 2003-02-13 11:47:27 +00:00
tron
d289c0d46f KNF. 2003-02-12 10:03:47 +00:00
tron
8be719490d Rewrite inetd(8) to use kqueue(2) for enhanced performance and scalability. 2003-02-12 08:52:03 +00:00
mycroft
176cc386e1 If we can't set FD_CLOEXEC on a listening socket, close it rather than allowing 
it to be passed down to inetd's children.
Note: Setting FD_CLOEXEC can't actually fail, but we did check for the error
anyway...
 2002-09-19 21:59:03 +00:00
itojun
181c9736b9 correct udp-from-broadcast check. From: andre@ae-35.com 2002-07-04 12:35:19 +00:00
itojun
00a0a65271 on internal udp echoback service, reject request if source address is a 
broadcast address.
 2002-06-05 10:03:31 +00:00
itojun
0c16d570ac no need for inetd_dummy variable. from openbsd 2002-06-01 03:41:33 +00:00
itojun
0062113f7e minor KNF 2002-06-01 00:32:41 +00:00
itojun
2dc34bbe40 cleanup main() by splitting it up in two. inspired by openbsd change 2002-06-01 00:28:52 +00:00
itojun
69c161be36 socklen_t cleanup. make MULOG code actually compile (is there anyone using 
it?  otherwise, i'd like to nuke it)
 2002-06-01 00:15:08 +00:00
christos
1d1ced8220 use setproctitle(3); from itojun. 2002-05-31 14:28:20 +00:00
wiz
b36c0a5406 deamon -> daemon 2002-01-21 14:42:26 +00:00
abs
dd94d9b295 Convert some 'long's to 'uint32_t's. Now rdate works against an LP64 box. 2001-12-26 17:01:39 +00:00
wiz
14dbdf5518 Negative exit code cleanup: Replace exit(-x) with exit(x). 
As seen on tech-userlevel.
 2001-04-06 11:13:45 +00:00
cgd
25bdbb661e convert to use getprogname() 2001-02-19 23:22:40 +00:00
lukem
0645f2f67b use explicit name rather than __progname in openlog 2001-01-11 01:34:28 +00:00
itojun
51156effd6 be more paranoid about UDP-based echo services validation. namely, 
reject the following sources:
	0.0.0.0/8 127.0.0.0/8 240.0.0.0/4 255.0.0.0/8
	ff00::/8 ::/128
	::ffff:0.0.0.0/96 and ::0.0.0.0/96 obeys IPv4 rule.
hint from deraadt.
 2000-08-01 18:42:08 +00:00
mycroft
70c4e41552 Remove bogus typeof hack, and just use the type directly. 2000-07-23 22:54:51 +00:00
itojun
b44d184dec permit square-bracket notation (as in RFC2732) for the first element 
in inetd.conf.  otherwise, we'll have (minor) problem putting IPv6 address in.
sync with kame.

[::1]:ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
 2000-07-08 01:55:24 +00:00
itojun
7bf16d3ecc explicitly check if the address family is supported, by using socket(2). 2000-07-07 14:56:45 +00:00
itojun
358c3cf8dc more change on getaddrinfo error handling. 
XXX enami, I admit it is not a good thing to check the error code from
getaddrinfo.  it is sometimes mandatory, however.  gai_strerror message
can be too generic in some cases.  we can't really extend getaddrinfo,
as it was not invented by kame (see RFC2553)
 2000-07-05 12:43:06 +00:00
itojun
798ee6865c add faithd(8) support. with "faith/tcp6" protocol specification, 
it will open a socket with setsockopt(IPV6_FAITH).
 2000-07-04 13:25:39 +00:00
itojun
9282955dca emit more friendly message on nonexistent service name. 
From: enami
 2000-07-04 09:33:55 +00:00
itojun
0f20cdad3f check for mux service by ISMUX(), not by != NORM_TYPE 
(the assumption can bite us if we extend se_type to have more cases).
 2000-07-03 23:40:59 +00:00
itojun
ee1989a0d1 remove duplicated ipsec setup code. we always call setup() on 
socket reinitialization (like SIGHUP).
sync with kame.
 2000-07-03 23:37:17 +00:00
fvdl
2db4d2fdfe Modify to support RPC over IPv6. 2000-06-02 23:17:55 +00:00
itojun
2e33d275dc use LOG_WARNING for syslog output for address family mismatch. 
suggested by: thorpej
 2000-05-13 06:42:13 +00:00
itojun
31eb929ec0 correct extremely unfriendly error message when the kernel does not 
support the address family (like including "tcp6" in inetd.conf, on
non-IPv6 kernel).

was:
inetd[185]: ftp/tcp6: *: hostname nor servname provided, or not known
now:
inetd[315]: ftp/tcp6: *: the address family is not supported by the kernel
 2000-05-13 02:56:47 +00:00
itojun
8fb9de8e46 fix IPsec policy parser. #@ should affect multiple lines as documented. 2000-03-06 19:52:13 +00:00
itojun
4b061adfdb sync with latest libipsec. 
since outgoing and incoming policy is separated, inetd can take multiple
policy specification, separated by ";".
 2000-01-31 14:28:17 +00:00
itojun
55ffb1ce63 make error check against getnameinfo(). 2000-01-27 19:52:43 +00:00
itojun
a31f62a92c call sigsetmask() on ipsec initialization failure. 2000-01-13 15:53:00 +00:00
ad
d3f47cfba9 A colon is the preferred way to split a user and group name pair; make this 
possible and depreciate the use of dot.
 1999-10-06 21:54:10 +00:00
itojun
f7c22e9eaa fix internal servers (like echo) so that they can accept AF_INET6 connections. 
add AF_INET6 support for port_good_dg().
 1999-09-15 09:59:41 +00:00
sommerfeld
fdadab8fc8 Fix PR7739: correct -DRPC rot in inetd.c 1999-08-02 01:12:21 +00:00
itojun
e1b53de44e query service name properly on libwrap warnings. 
NetBSD PR: 8101
 1999-07-28 10:58:31 +00:00
ghudson
113b4934fe se_wait stores pids; make it a pid_t. 1999-07-19 15:49:39 +00:00
itojun
93de5675b3 be more friendly with non-IPsec kernel (hide warnings). 1999-07-04 00:31:57 +00:00
itojun
a77871b871 dual-stack inetd. you can write "tcp6" or "tcp4" into "protocol" field. 
(the style is the rough consensus among v6 implementers so it will be
the standard style)

TODO: test rpc and tcpmux on IPv6.
TODO: test identd over IPv6.
 1999-07-02 04:48:19 +00:00
thorpej
78688ba793 Use pidfile(3). 1999-06-06 01:50:23 +00:00
hwr
f6aa0f509c Prevent sending udp data to the obvious bad ports that are used for 
DoS attacks (e.g. looping packets between two echo ports).
This should "fix" PR bin/2455.
Could please anyone with an appropriate "hacker tools" check this?
 1999-04-11 15:40:58 +00:00
mycroft
e37d13ec69 Revert previous. 1999-01-20 09:24:06 +00:00
mycroft
24285e691d Make all listening sockets non-blocking. 1999-01-20 04:42:17 +00:00
lukem
786b86d71b use AF_LOCAL instead of AF_UNIX 1998-07-18 05:04:35 +00:00
tron
ec7c8ec161 From "buqtraq": avoid file descriptor leak if service is looping. 1998-07-16 08:55:43 +00:00