Commit Graph

68 Commits

Author SHA1 Message Date
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
mrg 126f7e1139 since ar_tha() can return NULL, don't pass it directly to functions
that expect real addresses.  explicitly KASSERT() that it is not
NULL in the kernel and just avoid using it userland.

(the kernel could be more defensive about this, but, until now it
would have just crashed anyway.)
2006-05-12 01:20:33 +00:00
mrg aadd7d4847 sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4. 2006-05-11 23:16:28 +00:00
christos 5b59015f94 remove backwards compatibility with non-cloning bpf. 2004-12-01 23:12:11 +00:00
christos e13c309dd3 Use /dev/bpf, if _PATH_BPF is defined. 2004-12-01 23:04:58 +00:00
jrf 190b2e4c51 Replaced strncpy with strlcpy. Thanks to Peter Postma who
pointed them our in PR #25762. Approved by christos@NetBSD.org.
2004-09-07 13:20:39 +00:00
tron b174c24825 Fix handling of interface aliases if "rarpd" is not invoked with "-a". 2004-05-12 16:48:44 +00:00
darrenr 221fa57241 With recent changes to BPF, pushing the default buffer size to 1MB, running
a bunch of small daemons that seem small packet flows can easily chew up
significant kernel memory (each BPF device opened takes 2*buffersize of
wired memory.)  In each of these applications, add code to set the buffer
size to 32k before setting the interface.
2004-04-10 17:53:05 +00:00
agc 326b2259b7 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22366, verified by myself.
2003-08-07 11:25:11 +00:00
itojun e8f0e61fd7 use bounded string op 2003-07-13 12:29:20 +00:00
itojun d25769c013 assume presense of getifaddrs(3). 2003-05-15 14:50:02 +00:00
petrov cc92472571 Fix alignment for socket addresses in routing socket requests for
LP64 machines. Addresses port-alpha/11089. Reviewed by thorpej.
2003-04-08 04:04:01 +00:00
grant 70e6e04099 Fix date typo, Oct 27 -> 17.
While it would be nice to be able to add features ahead of time,
it is not possible yet :)
2002-10-21 13:55:11 +00:00
lukem 307f4019a4 tweak usage now that multiple interfaces are supported... 2002-10-21 01:33:02 +00:00
thorpej 2c07094b2a Allow more than one interface to be specified on the command line. 2002-10-17 19:13:50 +00:00
wiz 84dd8f31fd ANSIfy. Remove ifndef __STDC__. Remove __P(). Remove register. 2002-07-14 00:58:30 +00:00
wiz 46f735035c Drop a comma. 2002-02-02 01:40:02 +00:00
wiz a2d753e3ef Whitespace nits. 2002-01-19 11:44:57 +00:00
itojun dad921a24e daemon(3) has to be called prior to file descriptor initialization. 2002-01-11 05:33:22 +00:00
wiz 4c99916337 va_{start,end} audit:
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).

Improved by comments from enami and christos -- thanks!

Heimdal/krb4/KAME changes already fed back, rest to follow.

Inspired by, but not not based on, OpenBSD.
2001-09-24 13:22:25 +00:00
enami 5e2a856773 Kill no longer used variable decl. 2001-01-11 13:06:28 +00:00
lukem 13220245b2 use explicit name rather than __progname in openlog 2001-01-11 01:43:25 +00:00
is b002f5435b With RARP, MAC asks, and IP answers. Fixes PR 11330 by Thilo Manske, who
also provided the fix (modulo formatting).
2000-11-20 14:59:30 +00:00
is d8302e2d73 More format string cleanups by sommerfeld. 2000-10-11 20:23:46 +00:00
abs 7a26b9af55 Include the fact we're making replies in the debug() output. 2000-08-30 11:01:43 +00:00
itojun b9c3c448e1 use getifaddrs to avoid alignment constraints in SIOCGIFCONF.
(do you have PR # for this? >lukem)
2000-04-13 09:12:16 +00:00
abs 7d14d66b4d We need to close and open the socket to prevent routing updates building
up such that when we send our message we never see our reply (and hang)
Fix taken (modified) from PR 7508
2000-02-11 11:27:20 +00:00
abs 6068331e78 Indicate on which interface a packet has been received when debugging 2000-02-11 11:25:23 +00:00
nathanw 713f906d1c Copy struct ifreq returned by SIOGIFCONF to ensure correct alignment. 2000-02-07 01:15:52 +00:00
kleink 3e833f70b4 Need <sys/param.h> for MAXHOSTNAMELEN. 1999-09-26 10:40:32 +00:00
thorpej 56c5efa335 Use pidfile(3). 1999-06-06 02:52:16 +00:00
thorpej db3ee29b72 Fix a logic error which would have caused a NULL pointer dereference
if the client's IP address wasn't found on the interface's network.
1999-02-13 19:58:29 +00:00
kleink 3ed4fcf61e In userland, pull in <errno.h> instead of <sys/errno.h> for the declaration
of errno.
1999-01-11 22:39:59 +00:00
fvdl 778592d8c3 Shut up gcc. 1998-10-06 15:50:30 +00:00
matt 224e79dde2 Teach rarpd about interface aliases. 1998-10-06 00:23:55 +00:00
mrg 35d49164e0 use daemon(). remove spurious \n from rarperr() call 1998-09-29 09:21:35 +00:00
fair 72dfb07bbe usage & comment string patch, per PR#5859 1998-07-29 07:26:29 +00:00
mrg 5c8240d257 KNF. be safe with buffers. use setsid(). 1998-07-13 06:31:31 +00:00
mrg b7e46f9175 support /var/run/rarpd.pid 1998-04-23 02:48:33 +00:00
mrg aebb3d6c08 add a -l (logging) switch. 1998-04-15 15:06:06 +00:00
fair d0121866f7 These changes from PR#3190 (second set of diffs) deal with rarpd
refusing to work in "-a" mode on a host with more than one Ethernet,
and at least one non-ethernet device. Frankly, the interface
initialization loop is badly structured and should be rewritten,
and these changes do nothing to fix that. However, they oughta do
the requested job, quick & dirty.
1998-03-23 08:44:07 +00:00
christos 02f88f3555 PR/4835: Izumi Tsutsui: rarpd does not set the link level address length.
While there change "6" to "ETHER_ADDR_LEN"
1998-01-17 11:38:36 +00:00
is d4fc5fab1b If we answer a RARP request, also add the mapping to the local arp cache.
[This was broken when the 4.4BSD ARP table changes were done, and never
repaired.]
Inspired by Jarle Greipsland, PR 4531; code stolen from arp.a and cleaned
up (mostly removing global variables).
XXX As pointed out in the PR, this should be in some library (libutil?),
to be usable by other servers like bootpd and dhcpd.
1997-11-24 18:43:12 +00:00
lukem 0a94f4f077 use CPPFLAGS instead of CFLAGS 1997-10-25 06:57:53 +00:00
lukem a13f0387b9 use memcmp/memset/memmove instead of bcmp/bzero/bcopy 1997-10-18 11:18:39 +00:00
lukem 0a9c07ac82 getopt returns -1 not EOF 1997-10-17 12:52:25 +00:00
lukem bffabae34b WARNSify 1997-10-17 12:40:03 +00:00
lukem 12c67164dc * use MAXHOSTNAMELEN+1 instead of 256
* don't use LOG_CONS - it's unnecessary and spams the console if syslogd
  fails (a bad thing, really)

From [misc/873] by Giles Lean <giles@nemeton.com.au>:
* explain why the name lookup failed
* always send debug() via syslog(3) (unlike the PR, which added a -s flag)
* enhance the man page a bit (even in the commented out section which
  is only relevant to the -DREQUIRE_TFTPBOOT case
1997-06-21 14:30:03 +00:00
lukem 885db8b7ed remove unnecessary CFLAGS+=-I${.CURDIR} and SRCS=rarpd.c 1997-06-21 14:23:57 +00:00
cgd b241147c80 fix some u_long vs. u_int32_t bogons in uses of nameserver lookup results. 1997-03-23 00:48:15 +00:00