Commit Graph

37 Commits

Author SHA1 Message Date
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
rumble e948e1b17f Check for allocation failures in malloc, calloc, realloc, asprintf, and
vasprintf and try to handle them.
2006-03-17 15:53:46 +00:00
christos 2c6eadc9ce Move WARNS=3 to the Makefile.inc, and add a little const to the remaining
programs that did not compile before.
2005-06-27 01:00:04 +00:00
martin 7b4b4385c1 Partly back out previous - do not free the linebuffer while still having
pointers into parts of it. Add a comment explaining why we prefer to
leak memory ;-)
Fixes PR bin/30174.
2005-05-10 06:49:10 +00:00
christos 6cc7a7474f Skip empty lines, and free the line buffer so that we don't leak. 2005-02-19 20:50:26 +00:00
christos 5422e51834 PR/29457: Joachim Kuebart: pppoectl's config file does not allow # in passwords
Fixed, by passing FPARSELN_UNESCALL in parsing.
2005-02-19 18:26:09 +00:00
jdolecek 56afb5b885 fix typo 2004-09-01 19:38:09 +00:00
wiz e365329be5 Spell length with h after t. Inspired by a commit by brad@openbsd. 2004-02-13 18:02:05 +00:00
wiz b6c5244ce8 Bump date for previous. 2003-10-02 07:07:48 +00:00
itojun 2c96e1a283 use netmask of /32. as discusssed on tech-userlevel 2003-10-02 06:25:28 +00:00
wiz 51e1730356 Punctuation nits. 2003-09-06 20:11:18 +00:00
martin cf6d36c7b6 Make LCP keepalive behaviour configurable. 2003-09-06 19:35:34 +00:00
itojun d99433c2b5 use bounded string ops 2003-07-12 14:48:10 +00:00
agc c2a3b5ec84 Add NetBSD RCS Ids. 2003-06-23 11:53:35 +00:00
mrg af585b8553 bump .Dt [from wiz] 2003-03-22 15:26:38 +00:00
mrg f3b8a67c63 add a "-f configfile" option. the config file contains individual lines of
parameter=value pairs normally passed on the command line (# and \
continuation also works, yay fparseln), one per line.  now you don't have
to run a program with a password on the command line.
2003-03-22 14:38:15 +00:00
wiz 4afa55e863 Drop trailing whitespace. 2002-12-19 14:49:03 +00:00
lukem b57d4fa862 It's ipppctl not ipppcontrol ...
Also add synopsis for ipppctl.
2002-12-19 11:57:32 +00:00
wiz 2fb4b1db52 New sentence, new line. By Robert Elz with minimal fixes. 2002-10-01 13:40:23 +00:00
martin 2a2b8d06ad Fix usage(). Noticed by itojun. 2002-09-01 11:28:07 +00:00
wiz 23e291b03a Grammar improvement. 2002-09-01 09:44:58 +00:00
martin 470a3cfc76 Add a "clear-auth-failure" command to reset the authentication failure
count without changing any (local) authentication settings.

Fixes kern/18071 ( without any kernel change ;-) )
2002-09-01 09:42:05 +00:00
itojun 27dfc9236f style (tab around $NetBSD$) 2002-08-16 23:54:52 +00:00
itojun 53daf81056 correct usage (-n) 2002-06-21 07:48:53 +00:00
martin 573dfcd430 Fix copyright notice, sprinkle some $NetBSD$. 2002-04-14 11:41:42 +00:00
martin 093f5dbc55 Rename ISDN devices, per discussion on tech-kern. The network devices
become ippp (ISDN ppp) and irip (ISDN raw IP). The character device now
are called: /dev/isdn (isdnd <-> kernel communication), /dev/isdnctl (dialing
and other control), /dev/isdntrc* (tracing), /dev/isdnbchan* (raw B channel
access, i.e. for user land PPP) and /dev/isdntel* (telephone devices, i.e.
for answering machines).
2002-03-16 17:03:28 +00:00
wiz 794dc9ea92 Typo fix. 2002-03-04 00:44:35 +00:00
wiz 69db0d9c90 Whitespace nit. 2002-03-04 00:44:11 +00:00
martin 8c33bf88e8 Add a "query-dns" parameter to tell the interface we would like to get
DNS settings from the peer and a "-n" option to retrieve the results
after the PPP connection is established.
2002-03-02 16:27:02 +00:00
martin ee0b7f707c Xref pppoe(4) and ifwatchd(8). 2002-01-09 20:20:54 +00:00
martin 3b1c9c16b0 Improve usage message. 2002-01-07 12:22:02 +00:00
martin 74801af62d Display the authentication failure count (if non zero) and make the
limit settable.
2002-01-07 11:10:25 +00:00
wiz ed2ab556af Fix two typos and a whitespace nit. 2002-01-07 00:55:25 +00:00
martin 28ae1fab38 Make idle timeout settable and display it.
Bring the man page closer to reality.
2002-01-06 20:23:55 +00:00
martin 3fd75e2cd7 Adapt to new if_sppp.h ioctls.
Add -d option to dump PPPoE session state. XXX need to document this.
2002-01-04 12:23:00 +00:00
wiz 552c88dee6 Lots of grammar fixes and other slight improvements. 2001-12-10 23:57:48 +00:00
martin b7af7aeccd Move /usr/sbin/pppoectl to /sbin/pppoectl, so we can call it from
ifconfig.pppoe* files.

Rename the source directory and files to match the primary purpose
of this utility - probably noone is using this for ISDN now anymore,
as isdnd has simpler ways to acomplish the same.
2001-12-10 17:22:09 +00:00