* don't interpret '-' or '|' when a local filename is determined from
the remote name (i.e, in mget, and in get with only one argument).
This is implemented using an extra argument to recvrequest().
Fixes a major security hole.
* clean up memory leak when using globulize()
* clean up a couple of comments
* fix wording in TNF copyright
features added:
* support for TIS fwtk gate-ftp servers:
* read defaults from $FTPSERVER && $FTPSERVERPORT
* start in gate-ftp mode if invoked as 'gate-ftp'
* toggle or set with 'gate [host [port]]'
set the pw_change field of the user to -1 (defined in <pwd.h> as
_PASSWORD_CHGNOW). based on [bin/936] by Simon Gerraty <sjg@quick.com.au>
* clean up for WARNS?=1
2) Add __RCSIDs where apropriate.
3) WARNS=1, and clean up sources for WARNS=1 (including replacement of
a mktemp with a mkstemp even though it was probably safe...)
4) Some other small cosmetic changes
1) register variables have been killed, except for the ones in the
generated skeleton (which should probably also be killed soon).
2) __P(())ified prototypes for all functions.
3) new style __RCSID's, and #include <sys/cdefs.h>'s.
4) all warnings generated with WARNS=1 (i.e. all warnings you get from
gcc with -Wall -Wstrict-prototypes -Wmissing-prototypes) have been
fixed, although not always in the best possible way.
in particular on #4, in a couple of places I got "control reaches end
of non-void function" errors, and sadly __dead doesn't seem to really
work, so I inserted a couple of exit() calls in strategic
places. These should be nuked if someone can get __dead to Do The
Right Thing.
There were also a couple of places where "while (foo = bar)" things
cropped up and I didn't do the best conceivable thing, but I usually
did.
These fixes should probably go back to the byacc maintainers.
it to a full path using the user's path, before setting the path used by
the script. If it can't be found, try using the standard path used by the
script to find it (/bin:/usr/bin:/usr/ucb), and if it still can't be
found, exit. If user hasn't set CC, try to use cc, again searched for
via their path, then via the standard path.
Also, clean up regexps used to post-process ${CC} -M output, so that
they work on a wider variety of compilers.
full path using the user's path, before setting the path used by the
script. If it can't be found, try using the standard path used by the
script to find it (/bin:/usr/bin), and if it still can't be found, exit.
If user hasn't set NM, try to use nm, again searched for via their path,
then via the standard path.
* cleanup for WARNS=1 (including some ugly '(void)&var' bits wrapped in
#ifdef __GNUC__ to shut up gcc warnings WRT setjmp/longjmp)
* use strtol() instead of atoi(), and more extensively check result of
conversion
* use u_int16_t instead of short or int for TCP port addresses
to the fact that the /bin/sh set command always sets the exit status to
0, so testing $? will not help discover if getopt found an error if
getopt is used via "set -- `getopt ....`". (POSIX 1003.2 D11 draft says
that the sh set command must return 0 as the exit status.)
I think that POSIX is wrong or that is is not well enough specified to
allow the result of the set to be the exit status of the getopt. But
considering the sequential nature of execution, the set is done last
and is the "last command" and therefore must be the one to set the exit
status. At least there is a work-around for shell scripts.
include <unistd.h> for prototypes, reorder #includes, nuke old library
function declarations
add explicit return types and prototypes for local functions
use STDOUT_FILENO instead of manifest constant
initialize variable for gcc -Wuninitialized (marked as such)
pull global variable declarations and function prototypes into hexdump.h
add #includes where necessary for prototypes
replace index() with strchr(), const-poison static string vars, etc.
Actually there were two bugs:
- Add REG_NOTBOL after the first substitution.
- Handle the rm_so == rm_eo == 0 case, where in a substitution such
as 's/bzzzt/z*/g' the first time z* matches nothing.
The appropriate entry in /etc/group as returned by getgrnam() is
used to determine if 'su root' may be permitted, rather than
checking if membership exists in the result of getgroups().
The following changes were made regarding the behaviour of the special
group for 'su root'
* allow for definition of SUGROUP (defaults to "wheel") to override group name.
* use getgrnam(SUGROUP) instead of getgrgid(0).
* only scan getgrnam(SUGROUP)->gr_mem when checking for group membership.
* be more specific as to why 'su root' failed
NOTE: If a user's primary group is SUGROUP, and they're not a member
of SUGROUP in /etc/group, they will not be able to su.
auto-login ftp URL is used when $ftp_proxy is defined. It now prints:
Auto-login using ftp URLs isn't supported when using $ftp_proxy
Should solve rest of [bin/3643].
Whilst this is inconsistant with the behaviour when $ftp_proxy isn't
defined, the following constraints apply:
* it's not possible to support ftp URL auto-login when $ftp_proxy is
defined, since it uses http not ftp, and you can't `login' to http
servers; fudging this would require a major rewrite of ftp anyway)
* silently ignoring $ftp_proxy and not using it if an ftp auto-login
URL is given is bad user interface design)
* mrg & others will harrass me if I remove support for autologin ftp URLs
when $ftp_proxy isn't defined, even though it made the behaviour
consistant whether $ftp_proxy was set or not.
Only information leaks now are:
* if '-s -s' is used (only allow s/key users, and force s/key use),
then "login incorrect" will be given if a non-s/key user (or
non-existant user) attempts to login; no password will be prompted
for.
XXX: maybe this should be fixed, but further analysis is required.
* an s/key user will be reminded in the "Password" prompt that they
have an s/key. Therefore it would be possible to determine if a user
is active on the machine if they have an s/key.
XXX: maybe an option is required to control this behaviour
_PASSWORD_WARNDAYS from <pwd.h>). For non-root users, enforce expiry when
it happens. From Simon Gerraty <sjg@zen.void.oz.au> in [bin/935].
* Check for group 0 in process's current group membership (as returned by
getgroups(2)), instead of just looking at the entry for wheel in /etc/group.
Based on code by Dan Caresone <dan@oink.geek.com.au> in [bin/792], and
also solves [bin/2466].
* Clean up to pass -Wall
* if the user has an s/key, provide a reminder in the password prompt
* if '-s' is given once, force a user that has an s/key to use it
* if '-s' is given more than once, only permit s/key logins
- rsh/rcmd combinations don't die sometimes, and spin in poll loops
+ detect errors from read/write etc, don't ignore them in some cases
+ use INFTIM instead of 0 in poll
+ detect invalid file descriptors in poll
+ use varargs/stdarg as appropriate
+ use posix signal calls
+ EWOULDBLOCK -> EAGAIN
kleink