XXX: still not 100% "safe", except that we're in a protected directory.
XXX: arguably we should keep the fds open and fdopen(3) dup()s,
XXX: but we're in a protected directory so it shouldn't matter.
that, but then fill out the control file with the "df" filename. Fix by
sending the remote file with the "df" filename, as suggested by Robert
Vargason on tech-userlevel. lpd -r now works properly with an if (input
filter)
This PR claims that MacOSX 10.1 cannot print postscript files to a NetBSD
lpd because the mac will tag the file with an "o" for postscript, which
we do not handle. Rather than simply mapping o -> f as was done in the
PR, or mapping o -> l as was done in FreeBSD, I have implemented full
support for the "o" option. If a postscript filter does not exist in the
printcap file however, it will default to "l" handling.
With this change, you can now specify a "pf" or postscript filter in your
printcap, and have it handle postscript files sent to it with "lpr -o".
The "o" format in lpd is specified in RFC1179 as being a valid format flag.
Lpd has the ability to start on a port other than "printer" but has no
way to connect to a remote lpd on that port. This change adds the
ability to specify port@host in the rm element of printcap(5). Tested to
work with both a standard lpd setup and one running on special ports.
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).
Improved by comments from enami and christos -- thanks!
Heimdal/krb4/KAME changes already fed back, rest to follow.
Inspired by, but not not based on, OpenBSD.
and use these timeout in the lpq, lpd and lprm programs.
these stop hung remote printers that accept tcp connections but do
not process jobs from hanging the whole system and letting the sysadmin
have a clue about what is going on with this rogue printer.
- add a -r flag to lpd to allow `of' filters for remote jobs.
i know there are ways around this, but i just don't care.
- add a -f flag to lpf to add missing carriage returns.
useful when printing UNIX files to an, eg, LaserWriter that wants CR's
as well as LF's in raw text. stair-stepped text is no fun.
- implement child process accounting: we just have a limit on the number
of children we can have (settable by the sysadmin), and we sleep when
this number is reached. this can reduce malicious not-so-malicious
attacks on the print server by a rogue remote client..
- use setproctitle() where appropriate so the sysadmin has a clue about
what each of the lpd's here are doing.
this was useful to help diagnose a problem (that the above child process
accounting change reduces the lossages of) where a rogue client was
attempting "lpq" operations on one stuck queue in rapid succession,
causing the lpd server to be extremely slow, due to the large number
of lpd processes running.
i have been running these changes in production for about a year.
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
- be safe with unlinking files (from freebsd)
- remove register
- clean up $NetBSD$'s.
- use inet_ntoa() in one place (from openbsd)
- nul terminate after a bunch of strncpy()'s
- #ifdef __STDC__ rather than #if (from freebsd)
- be safe with a bunch of string operations (from freebsd)
- use warn()/err() over home grown versions (some from freebsd)
- rename warn() to nodaemon() to remove conflict with above
- check errno from failed kill(2) against ESRCH (from freebsd)
- use getopt() rather than home grown versions (from freebsd)
- clean up a bunch of man pages (some from freebsd)
- check for hostname spoof (from freebsd)
- use POSIX wait() interfaces
- use sysconf(_SC_OPEN_MAX) in preference to NOFILE (from freebsd)
- deal with fork() failure
- index/rindex -> strchr/strrchr (some from freebsd)
- add B57600 and B115200 speeds (from freebsd)
- some KNF
- be safe with files passed in over the network (some from freebsd)
- check return value of malloc(), calloc() and strdup()
there are some PC/Mac oriented devices that use non-standard speeds,
furthermore that's just not the way we do things anymore.
"Bad" baud rates are no longer caught with their own error message,
but the condition will still be diagnosed when the tcsetattr() fails.
lukem