Commit Graph

81 Commits

Author SHA1 Message Date
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
hubertf 48b31403c5 Remove duplicate #includes
From Slava Semushin <slava.semushin@gmail.com>, via private mail
2007-01-17 00:21:43 +00:00
mrg 0c37c63edc change (mostly) int to socklen_t. GCC 4 doesn't like that int and
socklen_t are different signness.
2006-05-09 20:18:05 +00:00
wiz eb525bd07c Remove some more old kerberos4 code. 2006-03-23 23:44:15 +00:00
rpaulo 0024ded950 Remove the -L parameter from the first line of the SYNOPSIS
and bump the date.

ok Hubert Feyrer.
2005-07-16 12:35:59 +00:00
wiz 2c2533b641 Bump date for new -4, -6. 2005-03-11 13:14:34 +00:00
ginsbach d9a614deae Support -4 and -6. Approved by christos. 2005-03-11 03:19:31 +00:00
ginsbach 02d2680603 getuid() returns a uid_t not int, so make uid uid_t. 2005-01-08 03:23:15 +00:00
ginsbach e736e1e0c5 Dead code clean up:
* The function speed(), imported from 4.4BSD-Lite2, has never been
  used by NetBSD.  Obtained from FreeBSD.
* Finish removing -L (litout) option.  This has not been supported
  since rev. 1.5 (NetBSD 1.0).  The option still appeared in the
  usage and man page.  Obtained from FreeBSD.
* In function doit(), dead code imported from 4.4BSD-Lite2, dealing
  with termios.  NetBSD cracked this nut differently long before this
  import.  Obtained from FreeBSD.
2004-12-21 02:39:00 +00:00
ginsbach b275490943 Remove stray ; in comment. 2004-12-02 21:46:52 +00:00
christos d9d5b79249 - Fix bug in port parsing code; s_port must be in network byte order.
- Factor out port parsing code and add error checking to it.
- WARNS=3
2004-10-16 02:03:54 +00:00
wiz 89fb08a9ec Bump date for removal of Kerberos option descriptions.
Remove dots at end of SEE ALSO.
2004-09-05 08:48:32 +00:00
manu bd3e12fe2f Kerberos support is broken in rcommands, thus making -K -k and -x options
unavailable. Remove theses options from the man pages (it won't be very
hard to bring them back if we fix kerberos one day)
2004-09-05 08:38:23 +00:00
jmmv 31d9ef775a Drop some unnecessary whitespaces from the usage message. Closes PR bin/24993
by Kouichirou Hiratsuka.
2004-03-31 13:01:00 +00:00
agc 89aaa1bb64 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
itojun adeab29eca include des.h, not kerberosIV/des.h 2003-07-23 20:31:18 +00:00
wiz a681ded17a Use Aq or Ao/Ac instead of \*[Lt]/\*[Gt]. 2003-07-04 08:13:59 +00:00
lukem 9014bdbce6 * Document $RCMD_CMD in environ(7).
* Cross-reference rcmd(1), rcmd(3), and environ(7) as appropriate.

Should fix [bin/21670] from Geoff Wing.
2003-05-26 10:18:39 +00:00
itojun faef962caf need 12 chars for %d; deraadt 2003-04-15 08:02:58 +00:00
wiz 7631a5ff4b Use more mdoc macros. Some mdoc fixes.
Remove the following sentence from the BUGS section:
rlogin will be replaced by telnet(1) in the near future.
2003-04-07 05:56:14 +00:00
hubertf fa337680d6 Add -p option to rsh and rlogin to allow specifying a non-standard port
number.
2003-04-07 01:46:41 +00:00
wiz 990562bfef .Nm does not need a dummy argument ("") before punctuation or
for correct formatting of the SYNOPSIS any longer.
2003-02-25 10:34:36 +00:00
perry 8a49ec08e4 "Utilize" has exactly the same meaning as "use," but it is more
difficult to read and understand. Most manuals of English style
therefore say that you should use "use".
2003-02-04 23:07:28 +00:00
itojun 5f2d0b666f error handling on strdup failure 2002-11-16 15:59:26 +00:00
itojun 9593086444 use strlcpy 2002-11-16 04:34:13 +00:00
wiz b87e54c002 Remove #ifdef __STDC__. De-__P() and ANSIfy. 2002-06-14 00:55:47 +00:00
wiz 49bd48d17e WARNS=2 2002-06-14 00:55:18 +00:00
itojun 89f9a04932 missing memset for sockaddr. from deraadt 2002-06-02 13:50:17 +00:00
ross 2a76afae02 Generate <>& symbolically. I'm avoiding .../dist/... directories for now. 2002-02-08 01:36:18 +00:00
wiz 652ac0048d Sort SEE ALSO. 2001-12-08 19:11:44 +00:00
wiz c4e8d5ac07 kerberos(3) -> (8). 2001-04-04 09:40:07 +00:00
cgd a8ec668ddf convert to use getprogname() 2001-02-19 23:03:42 +00:00
simonb 9b22175a26 Remove INSTALLFLAGS=-fschg, as per change to usr.bin/ssh/ssh/Makefile. 2000-10-18 00:24:18 +00:00
thorpej e7d6b96938 Merge a bunch of things from crypto-us and crypto-intl into basesrc,
adding support for Heimdal/KTH Kerberos where easy to do so.  Eliminate
bsd.crypto.mk.

There is still a bunch more work to do, but crypto is now more-or-less
fully merged into the base NetBSD distribution.
2000-06-20 06:00:24 +00:00
itojun 309d0c990b IPv6 support. (I thought I've committed these but was not yet) 2000-01-31 14:19:34 +00:00
mrg 51a96a002f optionally include CRYPTOPATH Makefile.frag files. 1999-07-20 09:35:18 +00:00
thorpej 9630ed475e Use bsd.crypto.mk. 1999-07-12 22:11:37 +00:00
thorpej 0157452a1b Clean up some warnings in the Kerberos section. 1999-07-11 18:21:18 +00:00
tls 5cd98547a7 cast change needed to make gcc -Wall quiet down with new libdes 1999-06-24 22:43:35 +00:00
christos 6cb04bb5a3 dest_realm is used uninitialized! How did this ever work? 1999-04-30 15:44:21 +00:00
garbled 9e44e9b578 More and more .Os cleanups. .Os is defined in the tmac.doc-common file,
so we shouldn't override it with versions in the manpages.  Many more to
come.
1999-03-22 18:16:34 +00:00
scottr 8481f548e2 Remove the crypto-related bits until such time as we have a fully-
integrated source tree.  Export-controlled versions of these are now
built during the domestic build process.
1999-02-18 21:22:51 +00:00
scottr 6aba90f09c Make this compile ifdef KERBEROS. 1999-02-17 06:49:30 +00:00
perry bfd526219d bzero->memset, bcopy->memcpy, bcmp->memcmp 1998-08-10 02:57:23 +00:00
mrg 4a52ede95c - clean up some of the kerberos option parsing code
- remove support for old BSD systems, seeing that we only have posix signal
  support here anyway.
1998-07-11 07:17:25 +00:00
perry a2c607302b Slightly better RCS keyword munging 1998-01-05 05:15:18 +00:00
tv b6573fcec0 Add xrefs to new hosts.equiv(5)/rhosts(5) man page. 1997-11-26 18:06:51 +00:00
lukem 8ba07ab0b3 use CPPFLAGS instead of CFLAGS 1997-10-24 09:00:17 +00:00
lukem 8121ebfa9b WARNSify, fix .Nm usage, deprecate register, getopt returns -1 not EOF 1997-10-19 14:10:27 +00:00
tls a264bd54a1 Fix several bugs in Kerberos support due to an accidental commit months ago of an incomplete version of the code. Now works; also now falls back to 'old' rlogin correctly. 1997-06-28 23:43:36 +00:00