Commit Graph

30 Commits

Author SHA1 Message Date
drochner
6ff7079afd plug buffer overflows, see
http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
(CAN 2005-0468 and 2005-0469)

Patch taken from MIT/Kerberos (MITKRB5-SA-2005-001-telnet.txt)
2005-03-29 12:18:28 +00:00
dsl
88d913ebbe Add (unsigned char) cast to ctype functions 2004-11-04 07:22:47 +00:00
heas
209ebbab46 - deal with a dead tty in ttyflush() by cleaning-up and exiting instead of
returning a failure code and processing that all the way up the stack.
- deal with a dead peer similarly and do it without setjmp/longjmp() (at
  christos' request).

These fix bin/20304 and my own observations when the remote abruptly closes
the connection.
2004-03-20 23:26:05 +00:00
wiz
4bbfee09ca Various typo fixes from Jonathon Gray via jmc@openbsd. 2003-11-17 11:16:10 +00:00
agc
89aaa1bb64 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
itojun
1f245ffbb2 more unifdef 2003-07-14 16:06:46 +00:00
itojun
21f5307c6f remove unneeded #ifdef. (confirmed that same *.o is generated) 2003-07-14 15:56:28 +00:00
itojun
7173f16649 use bounded copy ops 2003-07-12 14:29:35 +00:00
christos
2658386875 Ansify. 2003-06-18 20:51:00 +00:00
wiz
797d779cf1 De-register, de-__P. Remove #ifndef __STDC__ parts.
defines.h: Be more careful with braces in macro definitions.
2002-06-14 00:30:56 +00:00
wiz
89f6005c6b s/infinate/infinite/ 2002-02-11 11:00:07 +00:00
wiz
4c99916337 va_{start,end} audit:
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).

Improved by comments from enami and christos -- thanks!

Heimdal/krb4/KAME changes already fed back, rest to follow.

Inspired by, but not not based on, OpenBSD.
2001-09-24 13:22:25 +00:00
wiz
a9356936b4 seperate -> separate 2001-07-22 13:33:58 +00:00
assar
93963c8db2 fix spelling of cpp symbol (ENCRYPT vs ENCRYPTION).
enable encryption with autologin.
fixes PR 12226
2001-03-04 01:51:05 +00:00
thorpej
5c099b14c1 Bring the telnet situation back into better shape. Specifically,
pull in just about all of the differences from the crypto-us telnet
suite (which includes Kerberos 4 and connection encryption support).
Also bring in the Kerberos 5 support from the Heimdal telnet, and
frob a little so that it can work with the non-Heimdal telnet suite.

There is still some work left to do, specifically:
- Add Heimdal's ticket forwarding support to the Berkeley Kerberos 4
  module.
- Add connection encryption support to the Heimdal Kerberos 5
  module.  Hints on this can be taken from the MIT Kerberos 5
  module which still exists in crypto-us.

However, even with the shortcomings listed above, this is a
better situation than using the stock Heimdal telnet suite,
which does not understand the IPSec policy stuff, and is also
based on much older code which contains bugs that we have already
fixed in the NetBSD sources.
2000-06-22 06:47:42 +00:00
blymn
7b14c86600 Convert telnet and top to the new termcap interface. This stops some
buffer overflows in top from ever happening.
2000-05-25 12:25:14 +00:00
itojun
e8834c8cd2 avoid memory leak on realloc() failure. 1999-12-30 09:52:03 +00:00
abs
8714299f16 Add -N option (numeric host address) - idea taken from FreeBSD.
Fix bug where -E8 would still pick up 0xFF as escape (again from FreeBSD)
1999-07-28 06:35:15 +00:00
christos
81c93f4c32 - synchronize with the domestic version
- setupterm -> setup_term
- char -> unsigned char
1998-11-06 19:54:18 +00:00
mycroft
a405bce56c const poisoning. 1998-07-26 22:26:29 +00:00
mrg
32f519716b - use an array MAXHOSTNAMELEN+1 size to hold hostnames
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
1998-07-06 06:56:06 +00:00
christos
434ea11b22 WARNSify and fix problems passing int * -> long * 1998-02-27 10:44:12 +00:00
mycroft
eed746a9eb Don't interpret _POSIX_VDISABLE as a special character. 1997-06-03 01:51:43 +00:00
thorpej
077a490a9f RCS id cosmetics. 1996-02-28 21:03:49 +00:00
jtk
42a670f945 restore local change mistakenly overrun in import of 95.10.23
telnet--keep track of a client-side close and just turn off one
direction of the socket; keep running until server side closes down too.
1996-02-24 07:32:00 +00:00
jtk
583a8146a9 update to 95.10.23 version of telnet
also, RCS ID police
1996-02-24 01:18:25 +00:00
mycroft
451c744306 If we get an EOF on stdin, close the write side of the TCP connection, but
wait for the remote host to close the connection before exiting.
1995-03-17 18:03:06 +00:00
cgd
0582c91393 new telnet from ftp.cray.com. Encryption support ripped out, pending
figuring out what to do about it...
1994-02-25 03:00:16 +00:00
mycroft
e9d867ef50 Add RCS identifiers. 1993-08-01 17:54:45 +00:00
cgd
61f282557f initial import of 386bsd-0.1 sources 1993-03-21 09:45:37 +00:00