auth_level and require_secure_login were defined in two places:
- global.c that picked it from headers and removed 'extern'
- telnetd.c that initialized it to 0
line was defined twice: in global.c and sys_term.c with a non-zero value.
Remove the definition and initialization from sys_term.c and initialize
the variable early in main().
Detected during the build of telned with Address Sanitizer (MKSANITIZER).
Reviewed by <mrg>
on arm after switching to new jemalloc.
jemalloc invokes __tls_get_addr() under some condition. If anything other
than ld.elf_so nor libc exports it, inconsistency arises as a result.
Update version to "NetBSD-ftpd 20180428" for changes:
- Fix violations of the sequence point rule.
- Check that stat and fstat succeed.
- Support blacklistd(8) hooks.
- Clear utmpx struct before writing it to wtmpx files.
- Fix directory stream leaks.
- Use explicit_memset(3) instead of memset(3) to clear password.
- Fix scope of variable. PR misc/50665.
- Ensure that closing socket exists. CID 603440.
- Add -f option to ftpd to stay in foreground with -D. PR bin/53221.
NetBSD.
This brings us resolving for dynamically loaded libraries and makes
tests/libexec/ld.elf_so/t_thread_local_dtor pass.
With suggestions from joerg@
- avoid calloc, use bozomalloc
- minor CSE
- fix bozoprefs->size setting when increasing the size (new total was
being added to the prior total.) found by clang static analyzer
from rajeev_v_pillai.
pass httpd to size_arrays() now.
free(NULL) is legal.
- bozostrnsep() may return with "in = NULL", so check for it.
- nul terminating in bozo_escape_rfc3986() can be simpler
- don't use uniinit variables in check_remap()
- don't use re-used freed data in check_virtual(). this one is tricky as
the original code was:
free(request->hr_file);
request->hr_file = bozostrdup(httpd, request, s ? s : "/");
however, bozostrdup() may reference request->hr_file.
- adjust the directory indexing again:
- don't include "index.html" in html headers
- additional escaping of names
- re-add top/bottom borders
- adds an aquamarine table header
- Zebra-stripes table rows using CSS instead of code
all from "Rajeev V. Pillai" <rajeev_v_pillai@yahoo.com>
for some reason gcc does not warn about this:
case 'x':
stuff_here();
break;
other_stuff_here();
break;
and the other_stuff_here() was what was mis-placed.
should fix atf failures in networking.
- keep a list of special files and their human names
- remove (void) casts on bozo_http_error()
- fix a few more misuses of bozo_http_error()
- rename check_mapping() to check_remap() and perform some CSE
- switch away from ``%s'' to '%s'
- remove a bunch of #ifdef using new have_feature defines
- consolidate all the special file checks into
bozo_check_special_files() so that all builds check the same
list of special files, regardless of build options.
- convert "(void)bozo_http_error(...); return -1;" into plain
"return bozo_http_error(...);"
- fix the call to bozo_check_special_files() to be used on all
input types. part of the fixes for failure to reject access
to /.htpasswd as reported by JP on tech-security.
- use warn_unused_result attribute on bozo_check_special_files(),
and fix the failures to return failure. second part of the
htpasswd access fix.
- update testsuite to use a fixed fake hostname.
call this bozohttpd 20181121.
o reduce default timeouts, and add expand timeouts to handle the
initial line, each header, and the total time spent
o add -T option to expose new timeout settings
o minor RFC fixes related to timeout handling responses
old timeouts:
60 seconds for initial request like, 60 seconds per header line,
and no whole timeout (though the recent total header size changes
do introduce one that would be about 11 hours.)
new timeouts:
30 seconds for initial request like, 10 seconds per header line,
and a total request time of 600 seconds.
the new global timeout is implemented using CLOCK_MONOTONIC, with
a fallback to CLOCK_REALTIME if monotonic time is unavailable.
reject multiple Host: headers. besides being protocol standard,
this closes one additional memory leak found by JP. add a simple
test to check this.
clean up option and usage handling some.
o add url remap support via .bzremap file, from martin@netbsd.org
o handle redirections for any protocol, not just http:
o fix a denial of service attack against header contents, which
is now bounded at 16KiB. reported by JP.
and has eben since 2009. Adapt.
NFCI - while the tv_usec (now tv_nsec) field is used, we will
keep its uses to microsecond precision to avoid any compat issues.
Early ELF binaries defined dlopen and friends in crt0.o by
using function pointers in the object handle passed from rtld.
This contract wastes space when many shared objects are allocated
and ties dynamic linker and rest of the system tightly together.
Fake the entry points in a static object and restrict them to the
platforms that had working ELF support at the time. Keep the magic and
version field used by modern crt0.o for all architectures. The checks
will be removed from crt0.o in a follow-up step.
- This conversion significantly simplifies the code and moves NPF to
a binary serialisation format (replacing the XML-like format).
- Fix some memory/reference leaks and possibly use-after-free bugs.
- Bump NPF_VERSION as this change makes libnpf incompatible with the
previous versions. Also, different serialisation format means NPF
connection/config saving and loading is not compatible with the
previous versions either.
Thanks to christos@ for extra testing.
carriage return to read_request() in foreground mode.
In the C daemon, a NULL check is performed on bozo_read_request in main.c
before moving on to bozo_process_request & bozo_clean_request. Here,
process_request & clean_request just return instead.
- Move to a shared _rtld_call_ifunc for rel and rela architectures
- Architectures using rel format must patch IRELATIVE non-PLT
relocations like RELATIVE in additition to the later ifunc handling
- Consistently record the delta to the end of the relocation group for
non-PLT IRELATIVE relocations
Hidden ifunc is now supported on all ifunc platforms, even when using
-fno-plt. The combination of -fno-plt and relro is broken due to
incorrect GNU ld output though.
into a header for reuse in crt0.o for static ifunc support. Change the
existing logic for sparc64 to use the Bicc variant of ba,a as it allows
+-8MB displacement compared to the BPcc variant's +-1MB. Teach the sparc
variant the same trick for using ba,a and not sethi+jmp when possible.
around for a couple decades now. even if someone wanted to modernize this,
it wouldn't be appropriate for NetBSD, since we don't want programs in base
to be linked against X libs.
identd has aliasing violations, use -fno-strict-aliasing.
newfs_msdos's getbpbinfo() has missing {} issues.
sysctl's kern_cp_id() has missing {} issues.
thread allocation:
(1) Set the DTV vector up whenever an offset into the static allocation
is assigned, even if the block itself is not initialized. This has been
seen in libstdc++.
(2) Do not free a DTV block if it is part of the static thread
allocation.
functions are used for destructors of thread_local objects.
If a pending destructor exists, prevent unloading of shared objects.
Introduce __dl_cxa_refcount interface for this purpose. When the last
reference is gone and the object has been dlclose'd before, the
unloading is finalized.
Ideally, __cxa_thread_atexit_impl wouldn't exist, but libstdc++ insists
on providing __cxa_thread_atexit as direct wrapper without further
patching.
been changed to cope with more and at least Go actively creates them.
Adjust the mapping size computation to use the maximum and not depend on
PT_LOAD segments to be in order.
rmind