Commit Graph

1263 Commits

Author SHA1 Message Date
itojun b7b6056081 make sure we do not overrun packet buffer when we set error message string. 2000-11-21 13:50:25 +00:00
itojun 9b1ccfd10e handle getnameinfo error properly 2000-11-21 13:39:07 +00:00
christos 5135a422f1 Buffer overflow and environment passing fixes [originally inspired from
FreeBSD]. We really didn't need the environment fixes, but for the sake
of keeping the code as close as possible...
2000-11-19 20:17:39 +00:00
lukem 999fd3d617 - new ftpd.conf directives:
maxfilesize	set the maximum size of uploaded files
	sanenames	if set, only permit uploaded filenames that contain
			characters from the set "-+,._A-Za-z0-9" and that
			don't start with `.'

- new/changed command line options:
	-e emailaddr	define email address for %E (see below)
	-P dataport	use dataport as the dataport (instead of ctrlport-1)
	-q		use pid files to count users	[default]
	-Q		don't use pid files to count users
	-u		write entries to utmp
	-U		don't write entries to utmp	[default]
	-w		write entries to wtmp		[default]
	-W		don't write entries to wtmp

	  NOTE:	-U used to mean `write utmp entries'. Its meaning has changed
		so that it's orthogonal with -q/-Q and -w/-W. This isn't
		considered a major problem, because using -U isn't going to
		enable something you don't want, but will disable something
		you did want (which is safer).

- new display file escape sequences:
	%E	email address
	%s	literal `s' if the previous %M or %N wasn't ``1''.
	%S	literal `S' if the previous %M or %N wasn't ``1''.

- expand the description of building ~ftp/incoming to cover the
  appropriate ftpd.conf(5) directives (which are defaults, but it pays
  to explicitly explain them)

- replace strsuftoi() with strsuftoll(), which returns a long long if
  supported, otherwise a long

- rework the way that check_modify and check_upload are done in the yacc
  parser; they're merged into a common check_write() function which is
  called explicitly

- merge all ftpclass `flag variables' into a single bitfield-based flag element

- move various common bits of parse_conf() into a couple of macros

- clean up some comments
2000-11-16 13:15:13 +00:00
itojun 0a52851e32 we can assume presense of getaddrinfo.
use NI_MAXHOST for the hostname buffer used with getnameinfo.
2000-11-15 04:07:07 +00:00
lukem f62aa6c8ac changes to improve portability:
* replace union sockunion {} with struct sockinet {}, and modify the code
  accordingly. this is possibly more portable, as it doesn't rely upon
  the structure alignment within the union for our own stuff.  uses local
  su_len unless HAVE_SOCKADDR_SA_LEN is defined (set ifdef BSD4_4)
  (XXX: haven't tested the ipv6 stuff)
* always use getaddrinfo() and getnameinfo() instead of maintaining two code
  paths. (lukemftpd will provide replacements for these on older systems)
* use lockf() instead of open(.., O_EXLOCK) to lock the pid file
* minor KNF
* clean up long long support: create helper #defines and use as appropriate:
        #define		NO_LONG_LONG	! NO_LONG_LONG
        -------		------------	--------------
        LLF		"%ld"		"%lld"
        LLFP(x)		"%" x "ld"	"%" x "lld"
        LLT		long		long long
        ULLF		"%lu"		"%llu"
        ULLFP(x)	"%" x "lu"	"%" x "llu"
        ULLT		unsigned long	unsigned long long
        STRTOLL(x,y,z)	strtol(x,y,z)	strtoll(x,y,z)
2000-11-15 02:32:30 +00:00
perseant 9683b76b99 Try to prevent running more than one active cleaner on a filesystem at a time.
Let lfs_cleanerd record its pid in /var/run like other daemons.  Make
mount_lfs not start another cleaner when updating the mount, unless it is
being upgraded from read-only to read-write; when downgrading to read-only,
kill the cleaner using the recorded pids.
2000-11-13 22:12:49 +00:00
itojun b55bfbac42 correct result code on invalid port number against EPRT. 2000-11-13 15:11:57 +00:00
itojun d9ff63c241 plug memory leak 2000-11-13 11:52:41 +00:00
itojun 1e256e9927 - improve RFC2428 conformance.
return 522 on unknown protocol identifier on EPRT.
- clarify EPSV/EPRT/LPSV/LPRT behavior.
- repair memory leak and lack of boundary check on EPRT.
- make sure we do not resolve DNS on EPRT.
sync with kame.
2000-11-13 11:50:46 +00:00
perseant d5e76bbac2 Don't hold every segment that is being cleaned in memory in its entirety;
instead, if the segment doesn't have many live blocks, copy them to a
more appropriately sized chunk of memory and release the original.

This should prevent the cleaner from distending itself when cleaning many
segments with only one or two live blocks each, as when using the "-b" option.
2000-11-11 22:40:13 +00:00
mycroft 0581ae5bad Make ldd(1) build again. 2000-11-10 23:53:04 +00:00
mycroft 2d376bed2b When dlopen()ing with RTLD_GLOBAL, also make dependent libraries RTLD_GLOBAL. 2000-11-10 21:31:30 +00:00
simonb ae2c9c22f1 Fix linked-list botch with sysctl-based library selection that meant
only the last line was used.  Allow more than one white space character
between fields.

Reviewed by Christos Zoulas.
2000-11-10 18:19:06 +00:00
simonb 6e63b39fc6 Only need to include <sys/sysctl.h> once. 2000-11-09 23:14:21 +00:00
itojun 7b0d3f1d84 do not refer free'ed memory region. KAME PR 302 from ryo@iij.ad.jp 2000-11-09 01:04:14 +00:00
hubertf dca9c22e0c in SEE also, xref newfs_lfs(8), sort entries and seperate by "," 2000-11-08 19:45:08 +00:00
lukem 9fe3074a12 provide obvious example of line syntax 2000-11-07 07:02:18 +00:00
lukem 674d9fad57 slight cleanup of line syntax 2000-11-07 07:01:54 +00:00
lukem c96b945602 slight rework 2000-11-07 06:58:08 +00:00
lukem 1ae178427f reorganise slightly to make it more obvious what the actual syntax of
a configuration line is.
2000-11-07 06:51:13 +00:00
lukem 279552d3db fix up various .Nm abuses:
- keep the case consistent between the actual name and what's referenced.
  e.g, if it's `foo', don't use '.Nm Foo' at the start of a sentence.
- remove unnecessary `.Nm foo' after the first occurrence (except for
  using `.Nm ""' if there's stuff following, or for the 2nd and so on
  occurrences in a SYNOPSIS
- use Sx, Ic, Li, Em, Sq, and Xr as appropriate
2000-11-07 06:43:24 +00:00
perseant d9cc43d8a3 Fix memory leak described in PR #11094 (patch from Jesse Off
<joff@gci-net.com>).
2000-11-03 17:52:55 +00:00
mycroft 9ee3432bb9 In dlopen(), use the main program's library search path, to match semantics of
other systems (and our ELF).
2000-10-29 13:11:38 +00:00
garbled 1403ef3b87 Remove direct calls to "make" and replace with ${MAKE} 2000-10-26 05:52:54 +00:00
dogcow 90c3bfc9b0 defs had 'short block' for blocksize; changed defs to be unsigned.
added note to tftpd.8 that this bug hits multiple tftp clients.
2000-10-18 01:35:45 +00:00
simonb 9b22175a26 Remove INSTALLFLAGS=-fschg, as per change to usr.bin/ssh/ssh/Makefile. 2000-10-18 00:24:18 +00:00
tv 7781da70d5 Formatting nit: add a space. 2000-10-17 20:55:36 +00:00
dan d173359000 format warning fixes from he, after testing on 64-bit elf (alpha) 2000-10-11 20:46:07 +00:00
is 48052d04a3 Format string cleanups by sommerfeld. 2000-10-10 19:54:37 +00:00
itojun 4a32e44ffe make sure big_buf is big enough to hold line terminations.
if all the lines have N_CHARS of characters, we will write up
	N_CHARS * N_LINES + (3 + 2 * N_LINES) + 1
of bytes.
2000-10-10 12:38:54 +00:00
bjh21 d657c604d0 Clean-up of grotty SCCS workaround. It's now almost not grotty at all.
This is the last part of PR bin/10049.
2000-10-08 16:08:56 +00:00
bjh21 c10e667637 Don't run over the end of the banner buffer if it ends with '%'.
From PR bin/10049
2000-10-08 16:04:02 +00:00
mjl 7627a9213f Un-__P and ANSIfy. 2000-10-04 18:52:50 +00:00
mjl e88c38cfda No \n in syslog messages.
_exit(-1) -> _exit(1).
2000-10-04 18:24:03 +00:00
jdolecek ca98463029 call setlogin() before dropping root privileges, so that process
would have correct p_login value
2000-09-28 17:49:06 +00:00
mjl 4fdc259981 Use strlcpy/strlcat instead of strn* plus manual termination.
Use sizeof() instead of hardcoded length. Clean up NULL vs 0
confusion. sizeof(char) is 1, really.
2000-09-19 16:17:48 +00:00
eeh 45de780533 Wrong register in machine code description. 2000-09-16 14:04:30 +00:00
christos 0dec1c64f5 Make this compile again without -DINET6 and without get{addr,name}info(3)
This ftpd now compiles and runs on NetBSD/1.4.2 with:

CPPFLAGS+= \
    '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \
    '-Dstrlcat=strncat' \
    '-Dsl_add(a,b)=(sl_add(a,b),0)'
2000-09-15 14:55:16 +00:00
fvdl d00dd9f9a0 Define INETD_SUPPORT 2000-09-13 11:30:41 +00:00
tron 23bf98f535 - Add "dependall" target so that "make build" will really uudecode the
"ld.so" binaries for i386 and sparc.
- Remove bogus "${DESTDIR}/" from "FILESDIR".
2000-09-12 16:39:51 +00:00
fvdl 3b36dc8408 Add uuencoded binaries for a.out dynamic loaders on i386 and sparc,
who are ELF now. Needed because cross-building them is still a
problem. These loaders will try /emul/aout first, but do not
have the baggage that COMPAT_AOUT has.
2000-09-11 23:23:21 +00:00
joda c5dc92d1e3 install manpage 2000-09-10 19:57:30 +00:00
perseant 9c7f8050f4 Various bug-fixes to LFS, to wit:
Kernel:

* Add runtime quantity lfs_ravail, the number of disk-blocks reserved
  for writing.  Writes to the filesystem first reserve a maximum amount
  of blocks before their write is allowed to proceed; after the blocks
  are allocated the reserved total is reduced by a corresponding amount.

  If the lfs_reserve function cannot immediately reserve the requested
  number of blocks, the inode is unlocked, and the thread sleeps until
  the cleaner has made enough space available for the blocks to be
  reserved.  In this way large files can be written to the filesystem
  (or, smaller files can be written to a nearly-full but thoroughly
  clean filesystem) and the cleaner can still function properly.

* Remove explicit switching on dlfs_minfreeseg from the kernel code; it
  is now merely a fs-creation parameter used to compute dlfs_avail and
  dlfs_bfree (and used by fsck_lfs(8) to check their accuracy).  Its
  former role is better assumed by a properly computed dlfs_avail.

* Bounds-check inode numbers submitted through lfs_bmapv and lfs_markv.
  This prevents a panic, but, if the cleaner is feeding the filesystem
  the wrong data, you are still in a world of hurt.

* Cleanup: remove explicit references of DEV_BSIZE in favor of
  btodb()/dbtob().

lfs_cleanerd:

* Make -n mean "send N segments' blocks through a single call to
  lfs_markv".  Previously it had meant "clean N segments though N calls
  to lfs_markv, before looking again to see if more need to be cleaned".
  The new behavior gives better packing of direct data on disk with as
  little metadata as possible, largely alleviating the problem that the
  cleaner can consume more disk through inefficient use of metadata than
  it frees by moving dirty data away from clean "holes" to produce
  entirely clean segments.

* Make -b mean "read as many segments as necessary to write N segments
  of dirty data back to disk", rather than its former meaning of "read
  as many segments as necessary to free N segments worth of space".  The
  new meaning, combined with the new -n behavior described above,
  further aids in cleaning storage efficiency as entire segments can be
  written at once, using as few blocks as possible for segment summaries
  and inode blocks.

* Make the cleaner take note of segments which could not be cleaned due
  to error, and not attempt to clean them until they are entirely free
  of dirty blocks.  This prevents the case in which a cleanerd running
  with -n 1 and without -b (formerly the default) would spin trying
  repeatedly to clean a corrupt segment, while the remaining space
  filled and deadlocked the filesystem.

* Update the lfs_cleanerd manual page to describe all the options,
  including the changes mentioned here (in particular, the -b and -n
  flags were previously undocumented).

fsck_lfs:

* Check, and optionally fix, lfs_avail (to an exact figure) and
  lfs_bfree (within a margin of error) in pass 5.

newfs_lfs:

* Reduce the default dlfs_minfreeseg to 1/20 of the total segments.

* Add a warning if the sgs disklabel field is 16 (the default for FFS'
  cpg, but not usually desirable for LFS' sgs: 5--8 is a better range).

* Change the calculation of lfs_avail and lfs_bfree, corresponding to
  the kernel changes mentioned above.

mount_lfs:

* Add -N and -b options to pass corresponding -n and -b options to
  lfs_cleanerd.

* Default to calling lfs_cleanerd with "-b -n 4".


[All of these changes were largely tested in the 1.5 branch, with the
idea that they (along with previous un-pulled-up work) could be applied
to the branch while it was still in ALPHA2; however my test system has
experienced corruption on another filesystem (/dev/console has gone
missing :^), and, while I believe this unrelated to the LFS changes, I
cannot with good conscience request that the changes be pulled up.]
2000-09-09 04:49:54 +00:00
garbled f0b8e397bf Change "Apart form" to "Apart from". 2000-09-04 06:39:03 +00:00
scottb b5de616825 copy the real object filename to the rtld object path so that the
Dl_info structure can be properly filled by dladdr().
2000-08-28 04:15:54 +00:00
mjl 8895a2f9a6 Use sockaddr_storage.
Use correct var for strncpy length.
2000-08-22 16:42:37 +00:00
itojun 697db6345c make error case handling in -daemon case meet with other portion of the code.
(use fprintf-then-exit, not errx - costmetic)
2000-08-18 03:25:52 +00:00
msaitoh b0d71b5f83 remove extra period 2000-08-14 12:16:45 +00:00
matt 1ed7963458 Simplify some stuff. 2000-08-07 01:47:04 +00:00
thorpej 2bcae16fa3 hprop(8) belongs in /usr/sbin, not /usr/libexec. 2000-08-06 20:42:22 +00:00
thorpej f975168682 The Kerberos KDC belongs in /usr/sbin, not in /usr/libexec. 2000-08-06 19:31:24 +00:00
veego 74c5ec3832 We now have to link with -lutil to get pidfile(3). 2000-08-06 19:24:15 +00:00
assar 4bb88e6fb1 forced: previous was really: remove libvers, it's not being used 2000-08-03 22:58:32 +00:00
assar fc90224f06 link against the not-installed libvers 2000-08-03 22:47:37 +00:00
assar 549a4d9cdc update build infrastructure for heimdal 0.3a 2000-08-03 04:02:29 +00:00
martin a140a79b5c Fixed s/key compile bug. 2000-07-29 08:20:02 +00:00
lukem acd8ab456a wtmp is in /var/log not /var/run ... 2000-07-28 12:54:01 +00:00
kleink fb21fd7a91 Adjust a comment after the Great Renaming. 2000-07-27 10:44:39 +00:00
mycroft 94581370f5 The ELF ABI declares that argc must fill an `argument slot'. Make it so.
For __sparc_v9__ only, do a hack to make executables work temporarily before
and after the kernel is switched.
2000-07-26 15:40:07 +00:00
lukem 8a5b724529 add support for -W; don't log to wtmp (orthogonal of -U which logs to utmp).
inspired by similar option in wuftpd.
2000-07-26 13:53:33 +00:00
lukem 0b392afc69 document /var/run/[uw]tmp, /var/run/ftpd.pids-CLASS 2000-07-26 13:45:52 +00:00
mycroft 43cfeb27a9 Catch up with type changes. Also:
* Apply DT_PLTRELSZ to (one of) pltrel or pltrela *after* we've finished
  parsing the headers, so we know which one.
* Fix sparc64 bogons.  (It works now!)
2000-07-26 02:07:34 +00:00
lukem d85f3bb159 * make checkportcmd the default. this breaks third-party proxy ftp but
prevents the ftp bounce attack, and we should be secure out of the
  box, not require users to tweak obscure stuff.
* allow the version string reported to clients to be changed with '-V vers'.
  if vers is empty or `-', don't report a version.
* if -r is given, permanently drop root privs
* if not a REAL user (i.e, GUEST or CHROOT), and ftpd is running on a port
  > IPPORT_RESERVED+1, permanently drop root privs
* don't bother reverting to root privs to logout of wtmp/utmp; since the
  file descriptor is already open this isn't necessary.
* fix the binding of the port for the PORT/LPRT/EPRT connection to be the
  ctrl_addr.su_port-1, not hardcoded to `20' (this was broken in the ipv6
  merge). if root privs have been dropped, and this would be a port <
  IPPORT_RESERVED, use a random port instead (which isn't RFC959 compliant
  but it doesn't appear that many clients care).
* prevent login of a new user if privs have been dropped and already logged
  in as a REAL user (existing check already stops GUEST & CHROOT users).
* move the port check stuff into a separate port_check() function, and use
  for PORT, LPRT, and EPRT checks. inspired by freebsd
* minor KNF
* minor man page cleanup
2000-07-23 14:40:48 +00:00
thorpej a8248dcc27 Make it build on non-VARPSZ again. 2000-07-19 15:01:16 +00:00
eeh 55c1b7fb0d Fix some issues with SPARC V9 ELF binaries. 2000-07-18 22:33:55 +00:00
matt 824a084272 More VAX ELF changes. 2000-07-17 02:55:52 +00:00
lukem e3a2c5cc44 * add two new ftpd.conf(5) directives:
chroot	specify dir to chroot to for GUEST and CHROOT users, to
		override -a anondir or the user's homedir.
	homedir	specify dir to change to upon login; also used for ~ expansion
		and $HOME for subprocesses)
  both of these can take % escapes: %u (username), %d (homedir), %c (class).
* fix NLST to take a pathname not a STRING, so that ~ expansion works
* modify CWD to use the homedir parsed from curclass.homedir
* implement format_path(dst, src), to parse src expanding % escapes (see above)
  into dst.
* rename format_file() to display_file()
2000-07-17 02:30:52 +00:00
lukem 4b70eef93f * add -H, which acts like -h `hostname`. (requested by kim@)
* refer to draft-ietf-ftpext-mlst-11 instead of -10
2000-07-15 03:45:19 +00:00
matt 63465d3193 No need for RELOCATE_SELF since the VAX does real PIC. Rewrite the bind
routine to deal with JMP .vs. CALLx differences.
2000-07-14 22:03:02 +00:00
matt 9118b9fe90 Split DEBUG into two lines to make it easier to enable each separately. 2000-07-14 22:01:09 +00:00
matt 72ed915502 Update to reflect VAX ELF reality. 2000-07-14 22:00:33 +00:00
matt cc5d6b2a4d Initialize ld.elf_so's textsize. 2000-07-14 21:59:58 +00:00
eeh 3cf5c2adbf Added support for the SPARC v9 ABI. 2000-07-13 23:14:17 +00:00
tron 7cae32ff49 Invoke "nroff" with "-S" (safer mode) option because "makewhatis" is
usually invoked by "root".
2000-07-13 06:45:22 +00:00
tron 714c921491 Kill "nroff" process and wait for its terminiation if we can't setup
the "libz" file handle.
2000-07-13 06:29:43 +00:00
tron b238c131ce Optimize invokation of "nroff":
- Redirect standard error to "/dev/null" because "nroff" error messages
  for temporary files aren't really useful.
- Don't let "nroff" open temporary file. Use its file descriptor as
  standard input.
2000-07-13 06:15:03 +00:00
lukem 551a7c78c6 base64_encode(): separate out the special case for the last 2 bytes, and
be a bit safer with signed chars. per discussion with kre.
2000-07-10 22:41:17 +00:00
tron e6f40b0f96 Check exit code returned from "nroff" if it is used to convert
unformatted manual pages.
2000-07-10 08:11:31 +00:00
tron 93cb6f8300 Invoke "nroff" and parse its output if an unformatted manual page uses
macros. Fixes PR bin/9083 by Geoff C. Wing.
2000-07-09 23:07:14 +00:00
lukem 9968cfa298 - base64_encode(): fix garbled output due to fencepost error. output now
appears to match that of 'mimencode' (from metamail).
  problem noted by kre@munnari.oz.au.
- fact_unique(): encode a combined dev_t+ino_t chunk rather than separate bits
2000-07-09 14:26:34 +00:00
lukem e2851fe6dc setproctitle(), and for any other printf variants, it is not a good idea
to pass variable directly like foo(x).  use foo("%s", x) to avoid misuse.
from: openbsd
2000-07-09 14:18:08 +00:00
sommerfeld eac5778e83 More -Wformat cleanups. 2000-07-09 02:24:30 +00:00
sommerfeld 6f0015c48f More format paranoia. 2000-07-08 18:24:28 +00:00
christos 910cd9b309 fix non-portable bit-fields 2000-07-06 03:16:51 +00:00
itojun d7dc7d22d1 setproctitle(), and for any other printf variants, it is not a good idea
to pass variable directly like foo(x).  use foo("%s", x) to avoid misuse.
from: openbsd
2000-07-05 22:15:04 +00:00
msaitoh f6f00e2615 remove extra period in SEE ALL section 2000-07-05 15:45:28 +00:00
perseant f184685d10 cleaner changes corrseponding to kernel changes 2000-07-04 22:36:17 +00:00
matt 9bf906d2e1 Make things builds with GCC 2.96 2000-07-03 03:34:25 +00:00
matt 23bca583f4 shut gcc up about a bogus possibly used before initialized. 2000-07-03 03:33:52 +00:00
matt c72bbb2c51 Treat short and byte print formats as and cast to the right size. 2000-07-03 03:32:57 +00:00
matt 86d15d820b Update to current <machine/asm.h> 2000-07-03 03:31:47 +00:00
matt 5aa9ca0144 If OBJECT_FMT is ELF and MACHINE_ARCH = vax, build ld.elf_so 2000-07-03 03:30:52 +00:00
perseant 9a38f49c57 User-level changes corrseponding to my latest kernel changes.
newfs_lfs gives lfs_minfreeseg a value of 1/8 of the total segments on
the disk, based on rough empirical data, but this should be refined in
the future.
2000-07-03 01:49:11 +00:00
assar 231c9cbcf7 add man-pages for kf and kfd 2000-07-02 07:39:39 +00:00
mrg 8d4795719a remove include of <vm/vm.h> 2000-06-29 06:26:33 +00:00
mrg ad91bba6a6 we now need <uvm/uvm_param.h> 2000-06-26 15:37:26 +00:00
simonb dde4b6e5d0 Use LOGIN_NAME_MAX for sizing the mailname buffer. Allows usernames
longer than 8 characters to run jobs instead of aborting because
"File ... is in wrong format".
2000-06-25 13:32:34 +00:00
thorpej df83a2a3cd Add MK... variables to enable/disable various aspects of building
crypto support into the system.  See share/mk/bsd.README for more
a full description.
2000-06-23 06:01:10 +00:00
thorpej 5c099b14c1 Bring the telnet situation back into better shape. Specifically,
pull in just about all of the differences from the crypto-us telnet
suite (which includes Kerberos 4 and connection encryption support).
Also bring in the Kerberos 5 support from the Heimdal telnet, and
frob a little so that it can work with the non-Heimdal telnet suite.

There is still some work left to do, specifically:
- Add Heimdal's ticket forwarding support to the Berkeley Kerberos 4
  module.
- Add connection encryption support to the Heimdal Kerberos 5
  module.  Hints on this can be taken from the MIT Kerberos 5
  module which still exists in crypto-us.

However, even with the shortcomings listed above, this is a
better situation than using the stock Heimdal telnet suite,
which does not understand the IPSec policy stuff, and is also
based on much older code which contains bugs that we have already
fixed in the NetBSD sources.
2000-06-22 06:47:42 +00:00