Commit Graph

141 Commits

Author SHA1 Message Date
itojun 798ee6865c add faithd(8) support. with "faith/tcp6" protocol specification,
it will open a socket with setsockopt(IPV6_FAITH).
2000-07-04 13:25:39 +00:00
itojun 9282955dca emit more friendly message on nonexistent service name.
From: enami
2000-07-04 09:33:55 +00:00
itojun 0f20cdad3f check for mux service by ISMUX(), not by != NORM_TYPE
(the assumption can bite us if we extend se_type to have more cases).
2000-07-03 23:40:59 +00:00
itojun ee1989a0d1 remove duplicated ipsec setup code. we always call setup() on
socket reinitialization (like SIGHUP).
sync with kame.
2000-07-03 23:37:17 +00:00
itojun 80a16c051d typo 2000-06-14 16:06:43 +00:00
itojun 59996dbc2b clarify tcp4/tcp6 interaction. 2000-06-14 15:57:26 +00:00
fvdl 2db4d2fdfe Modify to support RPC over IPv6. 2000-06-02 23:17:55 +00:00
itojun 2e33d275dc use LOG_WARNING for syslog output for address family mismatch.
suggested by: thorpej
2000-05-13 06:42:13 +00:00
itojun 31eb929ec0 correct extremely unfriendly error message when the kernel does not
support the address family (like including "tcp6" in inetd.conf, on
non-IPv6 kernel).

was:
inetd[185]: ftp/tcp6: *: hostname nor servname provided, or not known
now:
inetd[315]: ftp/tcp6: *: the address family is not supported by the kernel
2000-05-13 02:56:47 +00:00
itojun 8fb9de8e46 fix IPsec policy parser. #@ should affect multiple lines as documented. 2000-03-06 19:52:13 +00:00
itojun 4b061adfdb sync with latest libipsec.
since outgoing and incoming policy is separated, inetd can take multiple
policy specification, separated by ";".
2000-01-31 14:28:17 +00:00
itojun 55ffb1ce63 make error check against getnameinfo(). 2000-01-27 19:52:43 +00:00
itojun a31f62a92c call sigsetmask() on ipsec initialization failure. 2000-01-13 15:53:00 +00:00
itojun ad663a8d32 refrain using non-standard .Sh. use .Ss. 1999-11-21 17:28:23 +00:00
kristerw 2220c68654 Typos (from OpenBSD) 1999-11-18 19:02:31 +00:00
ad d3f47cfba9 A colon is the preferred way to split a user and group name pair; make this
possible and depreciate the use of dot.
1999-10-06 21:54:10 +00:00
itojun f7c22e9eaa fix internal servers (like echo) so that they can accept AF_INET6 connections.
add AF_INET6 support for port_good_dg().
1999-09-15 09:59:41 +00:00
simonb fd8040a031 s/acknowledgment/acknowledgement/ 1999-09-10 03:24:14 +00:00
itojun 35a68ecb71 avoid multiple BUGS section. 1999-08-13 13:57:52 +00:00
sommerfeld fdadab8fc8 Fix PR7739: correct -DRPC rot in inetd.c 1999-08-02 01:12:21 +00:00
itojun e1b53de44e query service name properly on libwrap warnings.
NetBSD PR: 8101
1999-07-28 10:58:31 +00:00
ghudson 113b4934fe se_wait stores pids; make it a pid_t. 1999-07-19 15:49:39 +00:00
itojun 93de5675b3 be more friendly with non-IPsec kernel (hide warnings). 1999-07-04 00:31:57 +00:00
itojun d161ab0018 clearify and woring fix. 1999-07-02 16:55:45 +00:00
itojun 0d5c089973 document tcp4/tcp6 manipulation. 1999-07-02 16:49:34 +00:00
itojun a77871b871 dual-stack inetd. you can write "tcp6" or "tcp4" into "protocol" field.
(the style is the rough consensus among v6 implementers so it will be
the standard style)

TODO: test rpc and tcpmux on IPv6.
TODO: test identd over IPv6.
1999-07-02 04:48:19 +00:00
thorpej 78688ba793 Use pidfile(3). 1999-06-06 01:50:23 +00:00
hwr f6aa0f509c Prevent sending udp data to the obvious bad ports that are used for
DoS attacks (e.g. looping packets between two echo ports).
This should "fix" PR bin/2455.
Could please anyone with an appropriate "hacker tools" check this?
1999-04-11 15:40:58 +00:00
garbled d1407362ba More and more .Os cleanups. .Os is defined in the tmac.doc-common file,
so we shouldn't override it with versions in the manpages.  Many more to
come.
1999-03-22 18:43:46 +00:00
tsarna c51f63ace5 Clarify the syntax a bit 1999-01-29 19:41:47 +00:00
mycroft e37d13ec69 Revert previous. 1999-01-20 09:24:06 +00:00
mycroft 24285e691d Make all listening sockets non-blocking. 1999-01-20 04:42:17 +00:00
lukem 786b86d71b use AF_LOCAL instead of AF_UNIX 1998-07-18 05:04:35 +00:00
tron ec7c8ec161 From "buqtraq": avoid file descriptor leak if service is looping. 1998-07-16 08:55:43 +00:00
lukem fc90756956 Implement a new manual page category ``SECURITY CONSIDERATIONS''
(suggested by mycroft)
1998-06-08 12:41:41 +00:00
thorpej 723fb3cccc Add support for specifying the send and receive socket buffer sizes. This
is especially useful for TCP servers which must specify the receive
socket buffer size before the connection is made so that the connection's
window scale factor can be properly advertised.

Example /etc/inetd.conf configuration line:

shell stream tcp,rcvbuf=1m nowait root /usr/libexec/rshd rshd

That line will cause the rshd to advertise a 1 megabyte window, which could
improve the performance of an rcp in some situations.
1998-05-01 01:57:26 +00:00
mycroft b4d89784ef Reset the SIGPIPE handler to SIG_DFL after forking. 1998-03-21 06:25:37 +00:00
fair 95f309a67f adjust documentation to reflect reality per PR#4859 1998-03-11 05:40:06 +00:00
christos 9fab7a4ffa PR/4837: Jeff Thieleke: inetd does not compile without libwrap. 1998-01-20 16:44:22 +00:00
mycroft a88cef6970 Ignore SIGPIPE, which may be caused by non-forking internal TCP services if
the remote side closes the connection before we answer.
1997-12-04 06:39:02 +00:00
mrg dc05f41d80 add missing .Nm sections 1997-11-11 10:07:34 +00:00
lukem 0a94f4f077 use CPPFLAGS instead of CFLAGS 1997-10-25 06:57:53 +00:00
lukem f5bf267d90 enable WARNS=1 by default, but disable in unclean 3rd party code 1997-10-18 06:42:25 +00:00
lukem 7866707a39 minor .Nm cleanup 1997-10-18 06:33:48 +00:00
lukem a352e573d5 fix use of unix domain socketname length, and signal error if this
is exceeded. from enami tsugutomo <enami@ba2.so-net.or.jp> [bin/3369]
1997-10-17 13:53:30 +00:00
mycroft c5aacdd3b3 Don't sleep if we get EINTR from select(2) (e.g. because we got
a SIGCHLD when something died).  From PR 4056, by David Holland.
1997-10-08 07:15:59 +00:00
mrg 2d06dcebcd WARNS?=1 1997-10-05 16:40:24 +00:00
mrg 7d7091ccdd merge lite2 [actually, just update ucb sccs id's] 1997-10-05 16:16:10 +00:00
phil 96af70a1c9 Rewrite of wait/nowait information in light of identd(8) use of wait.
Removed some blank linkes that made bad formatting.  (PR 3647)
1997-06-30 20:55:06 +00:00
mycroft 52aae8dc8a Don't do libwrap checking for UDP services; they must do it internally on
every packet to be correct.
1997-04-20 22:04:59 +00:00
mycroft 14656f0069 Don't attempt to use libwrap for `stream wait' services, where
we only have the listening socket.
1997-03-19 00:05:05 +00:00
mycroft 95c740d58b Oops; for waiting stream services, we don't do an accept(); we
pass down the fd of the listening socket.
1997-03-18 04:47:22 +00:00
mycroft 6ebf01d197 Output a + line for the tcpmux `help' service, and list itself. 1997-03-14 03:18:25 +00:00
mycroft b860cb428b Move all of the libwrap checking and subprocess startup into a separate
function.  Arrange for tcpmux() to be called like other builtins, and have it
call the aforementioned function recursively.  This allows tcpmux to be
wrapped, and always runs it after forking, so we don't freeze everything
else.
Also, use FD_CLOEXEC to close file descriptors, rather than iterating through
them ourself.
1997-03-13 20:15:04 +00:00
mycroft a68a078f3e Fix typo. 1997-03-13 18:39:50 +00:00
mycroft 51fa5e9be7 Make the previous dependent on LIBWRAP_INTERNAL, which is not defined by
default.
1997-03-13 18:36:35 +00:00
mycroft 249eced8da If we forked for an internal service, make sure we always exit afterward. 1997-03-13 18:19:35 +00:00
mycroft df6ec691b5 If we're using libwrap. always fork. This only affects the time and daytime
services anyway.
1997-03-13 18:08:19 +00:00
mycroft cf5f8c252d Slight rearrangement to forking code. Also, always close the new descriptor
after a fork failure, even for a waiting service.
1997-03-13 18:06:15 +00:00
mycroft 84626a507f Another bug fix to tcpmux. 1997-03-13 17:35:39 +00:00
mycroft cb666b197f Merge changes from Lite2 (with bug fixes). Adds tcpmux. 1997-03-13 17:22:23 +00:00
mycroft 7c7f4379a0 When rejecting a UDP connection, make sure to flush the right socket. 1997-03-13 14:57:34 +00:00
mycroft d6dc78d4c1 Oops; subprocess must exit when rejecting connection. 1997-03-13 14:29:15 +00:00
mycroft 9df028750a Do libwrap access checking *after* forking. 1997-03-13 14:15:40 +00:00
mikel b5ce435d24 set proper length for sockaddr_un. fixes PR bin/3281 from Enami
Tsugutomo, but slightly differently; the code I added is basically
  identical to SUN_LEN(), but avoids the unecessary strlen() call.
1997-03-04 06:12:44 +00:00
mikel 91e876159f fix problem with restarting service after SIGHUP (PR 3093)
indicate proper invocation point and RCS ID police (PR 3098)
1997-01-12 06:55:41 +00:00
mouse ccf88919e4 Per mail from Herb Peyerl, use LOG_AUTH for libwrap logging. 1997-01-02 14:25:18 +00:00
mouse f02c2e5693 Get the local-address-part code in here (instead of "comsat" you can
use "127.0.0.1:comsat").  While I'm here, do trailing whitespace
cleanup, .Nm usage police in the manpage, and a couple of trivial text
typo fixes.
1996-12-30 23:38:18 +00:00
mrg 5b9f69465f if se_argv[0] is NULL, use se_service. 1996-12-07 00:37:00 +00:00
mrg 3e0b84a6d5 syslog allow/deny at the right severity. 1996-12-06 00:45:48 +00:00
mrg b95b23e332 allow allow/deny severity to be compile-time configurable, use getservbyport()
correctly, and log the proto.  from <jbernard@tater.Mines.EDU> in several PR's.
1996-12-04 13:37:18 +00:00
mrg 62f3bbaa0a xref hosts_access.5 and hosts_options.5 1996-12-04 13:35:05 +00:00
mrg 057e9f509f inetd.5 -> inetd.conf.5, from <jbernard@tater.Mines.EDU> 1996-12-04 13:32:31 +00:00
mrg 4e76afacc8 use the new libwrap functionality to provide tcpd-like functionality
as part of inetd.  uses /etc/hosts.{allow,deny} as tcpd does, etc.  it
is basically exactly like tcpd except that you don't need to change
the server to /usr/local/sbin/tcpd.

XXX should document better somewhere
1996-11-26 17:23:34 +00:00
mycroft 0ffcbb494d Always swap most of the fields when updating a config file entry; otherwise
we can get weird lossage when deleting a field (e.g. the group).
1996-02-22 11:14:41 +00:00
pk 0dee01cc03 Remove local declarations of ctime(). 1995-06-02 15:02:18 +00:00
cgd f6f602f9a7 includes, for necessary prototypes, and avoid name collisions with the
include.
1994-12-23 16:45:11 +00:00
cgd d8806814a6 specify man pages the new way. 1994-12-22 11:32:57 +00:00
cgd 5893e3811f kill stupidity 1994-05-25 02:49:38 +00:00
pk c491c1c95c Keep up with changed rlimit structure. 1994-05-17 20:47:29 +00:00
cgd 5b823d2a09 don't need -lutil 1994-01-28 00:52:03 +00:00
jtc 2a4121e39d Fix spelling errors 1994-01-14 16:22:25 +00:00
pk e0738ce1d3 RLIMIT_OFILE => RLIMIT_NOFILE
Do something sensible when current RLIMIT_NOFILE turns out to be infinity.
1993-12-14 21:31:53 +00:00
pk 08ba41f417 Allow for a group name to be specified in the ``user'' field: user[.group]
Allow for max # of invocations to be specified; appended to ``wait''
 field: wait/nowait[.max]
Allow for RPC specifications in numeric format.
Inetd now stores its pid in `/var/run/inetd.pid'.
Support for AF_UNIX family.
1993-10-13 11:22:48 +00:00
mycroft 0c4b6b5612 Don't core dump on blank lines. 1993-10-11 20:53:48 +00:00
mycroft e9d867ef50 Add RCS identifiers. 1993-08-01 17:54:45 +00:00
mycroft c3e42d1c64 Add RCS indentifiers. 1993-08-01 07:22:47 +00:00
mycroft b465cf4697 Add RCS identifiers. 1993-07-30 22:11:51 +00:00
brezak c003b4a089 No need to link in librpc 1993-06-11 11:35:44 +00:00
brezak 5dffb9b127 Add support for starting RPC servers. 1993-06-11 00:36:31 +00:00
cgd 61f282557f initial import of 386bsd-0.1 sources 1993-03-21 09:45:37 +00:00