Commit Graph

127 Commits

Author SHA1 Message Date
itojun a6a7baa235 "user:group=foo.bar" is weird. use colon on both sides 2003-04-22 07:46:46 +00:00
itojun 906a2ba4ed always configure IPV6_FAITH explicitly to avoid misconfiguring it on SIGHUP.
sync w/kame
2003-04-22 07:45:27 +00:00
wiz 990562bfef .Nm does not need a dummy argument ("") before punctuation or
for correct formatting of the SYNOPSIS any longer.
2003-02-25 10:34:36 +00:00
tron 62c4d50f34 Because signals are delivered synchronously via kqueue(2) there is no
reason to block and release them at various places.
2003-02-16 18:16:26 +00:00
tron 39e99fe8e3 Now that signal handling is done via kqueue(2) we need to enter
the event loop even if no sockets were created. This should fix
PR bin/20369 by Martin Husemann.
2003-02-16 17:57:34 +00:00
tron 726769ad02 Improve kqueue(2) utilization:
- Don't invoke kevent(2) for every single event change. Instead collect
  event changes and try to do them in the event loop.
- Handle signals via kevent(2) to avoid race conditions for SIGHUP (which
  probably exist in the select(2) based implementation, too).
2003-02-13 11:47:27 +00:00
tron d289c0d46f KNF. 2003-02-12 10:03:47 +00:00
tron 8be719490d Rewrite inetd(8) to use kqueue(2) for enhanced performance and scalability. 2003-02-12 08:52:03 +00:00
jschauma 432d470724 Fix typos pointed out by Igor Sobrado in PR misc/19621. 2003-01-02 00:22:29 +00:00
mycroft 176cc386e1 If we can't set FD_CLOEXEC on a listening socket, close it rather than allowing
it to be passed down to inetd's children.
Note: Setting FD_CLOEXEC can't actually fail, but we did check for the error
anyway...
2002-09-19 21:59:03 +00:00
itojun 181c9736b9 correct udp-from-broadcast check. From: andre@ae-35.com 2002-07-04 12:35:19 +00:00
itojun 00a0a65271 on internal udp echoback service, reject request if source address is a
broadcast address.
2002-06-05 10:03:31 +00:00
itojun 0c16d570ac no need for inetd_dummy variable. from openbsd 2002-06-01 03:41:33 +00:00
itojun 0062113f7e minor KNF 2002-06-01 00:32:41 +00:00
itojun 2dc34bbe40 cleanup main() by splitting it up in two. inspired by openbsd change 2002-06-01 00:28:52 +00:00
itojun 69c161be36 socklen_t cleanup. make MULOG code actually compile (is there anyone using
it?  otherwise, i'd like to nuke it)
2002-06-01 00:15:08 +00:00
christos 1d1ced8220 use setproctitle(3); from itojun. 2002-05-31 14:28:20 +00:00
wiz b36c0a5406 deamon -> daemon 2002-01-21 14:42:26 +00:00
wiz 546138910d Drop some unnecessary .Pp, sort sections and SEE ALSO. 2002-01-19 03:14:33 +00:00
abs dd94d9b295 Convert some 'long's to 'uint32_t's. Now rdate works against an LP64 box. 2001-12-26 17:01:39 +00:00
itojun f559c09989 __ss_{len,family} #define hack is no longer necessary 2001-11-19 03:18:28 +00:00
itojun de3a065dcc CPPFLAGS, not CFLAGS, for -D. 2001-09-13 13:02:20 +00:00
wiz 14dbdf5518 Negative exit code cleanup: Replace exit(-x) with exit(x).
As seen on tech-userlevel.
2001-04-06 11:13:45 +00:00
fair 1cab78c82a Document TCPmux internal service, per additional discussion of PR 12325.
The text was snatched directly from the comment about it in inetd.c and
modified for better clarity.
2001-03-16 08:19:13 +00:00
fair 232ed76f81 Add text to more clearly document that tcpd is not needed, per PR 10754.
Add a FILES section. Add a few more references to SEE ALSO.
Clean up nroff nits (e.g. spaces at end of line).
2001-03-10 11:52:51 +00:00
bjh21 e4fc14ba1d Mention relevant RFCs in "SEE ALSO". 2001-03-04 14:18:32 +00:00
cgd 25bdbb661e convert to use getprogname() 2001-02-19 23:22:40 +00:00
jlam c5d65e2d74 Improve grammar slightly in the description for IPsec policy settings. 2001-01-25 21:49:31 +00:00
lukem 0645f2f67b use explicit name rather than __progname in openlog 2001-01-11 01:34:28 +00:00
hubertf 1e2914d00b Document that the path to the configuration file given on the command
line must be absolute, unless the -d option is given on the command line.
2000-12-02 02:15:34 +00:00
ad b8bb84a3b0 Clean one paragraph. 2000-09-19 16:28:52 +00:00
itojun 51156effd6 be more paranoid about UDP-based echo services validation. namely,
reject the following sources:
	0.0.0.0/8 127.0.0.0/8 240.0.0.0/4 255.0.0.0/8
	ff00::/8 ::/128
	::ffff:0.0.0.0/96 and ::0.0.0.0/96 obeys IPv4 rule.
hint from deraadt.
2000-08-01 18:42:08 +00:00
mycroft 70c4e41552 Remove bogus typeof hack, and just use the type directly. 2000-07-23 22:54:51 +00:00
itojun b44d184dec permit square-bracket notation (as in RFC2732) for the first element
in inetd.conf.  otherwise, we'll have (minor) problem putting IPv6 address in.
sync with kame.

[::1]:ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
2000-07-08 01:55:24 +00:00
itojun 7bf16d3ecc explicitly check if the address family is supported, by using socket(2). 2000-07-07 14:56:45 +00:00
itojun 358c3cf8dc more change on getaddrinfo error handling.
XXX enami, I admit it is not a good thing to check the error code from
getaddrinfo.  it is sometimes mandatory, however.  gai_strerror message
can be too generic in some cases.  we can't really extend getaddrinfo,
as it was not invented by kame (see RFC2553)
2000-07-05 12:43:06 +00:00
itojun 798ee6865c add faithd(8) support. with "faith/tcp6" protocol specification,
it will open a socket with setsockopt(IPV6_FAITH).
2000-07-04 13:25:39 +00:00
itojun 9282955dca emit more friendly message on nonexistent service name.
From: enami
2000-07-04 09:33:55 +00:00
itojun 0f20cdad3f check for mux service by ISMUX(), not by != NORM_TYPE
(the assumption can bite us if we extend se_type to have more cases).
2000-07-03 23:40:59 +00:00
itojun ee1989a0d1 remove duplicated ipsec setup code. we always call setup() on
socket reinitialization (like SIGHUP).
sync with kame.
2000-07-03 23:37:17 +00:00
itojun 80a16c051d typo 2000-06-14 16:06:43 +00:00
itojun 59996dbc2b clarify tcp4/tcp6 interaction. 2000-06-14 15:57:26 +00:00
fvdl 2db4d2fdfe Modify to support RPC over IPv6. 2000-06-02 23:17:55 +00:00
itojun 2e33d275dc use LOG_WARNING for syslog output for address family mismatch.
suggested by: thorpej
2000-05-13 06:42:13 +00:00
itojun 31eb929ec0 correct extremely unfriendly error message when the kernel does not
support the address family (like including "tcp6" in inetd.conf, on
non-IPv6 kernel).

was:
inetd[185]: ftp/tcp6: *: hostname nor servname provided, or not known
now:
inetd[315]: ftp/tcp6: *: the address family is not supported by the kernel
2000-05-13 02:56:47 +00:00
itojun 8fb9de8e46 fix IPsec policy parser. #@ should affect multiple lines as documented. 2000-03-06 19:52:13 +00:00
itojun 4b061adfdb sync with latest libipsec.
since outgoing and incoming policy is separated, inetd can take multiple
policy specification, separated by ";".
2000-01-31 14:28:17 +00:00
itojun 55ffb1ce63 make error check against getnameinfo(). 2000-01-27 19:52:43 +00:00
itojun a31f62a92c call sigsetmask() on ipsec initialization failure. 2000-01-13 15:53:00 +00:00
itojun ad663a8d32 refrain using non-standard .Sh. use .Ss. 1999-11-21 17:28:23 +00:00