Commit Graph

171 Commits

Author SHA1 Message Date
itojun
7cdedd5c84 use strlcpy. from openbsd 2001-08-30 00:53:53 +00:00
itojun
c9e786ce9e security fix from openbsd:
Fix buffer oflow reading from queue file.  While we are at it, crank
the size of buffers that can hold filenames to MAXPATHLEN.
2001-08-30 00:51:50 +00:00
mjl
98e1bdc90d Add -W parameter to lpd to disable check for a reserved port,
this is needed to get Win2k print to a NetBSD box. Heavily
inspired by FreeBSD.
2001-08-11 01:04:57 +00:00
mrg
b5ca908e21 extend file size lossage message. 2001-06-25 16:40:50 +00:00
mrg
e1633c19d7 printer of "" becomes the DEFLP (the default printer, "lp") 2001-06-25 15:29:12 +00:00
mrg
a062d79672 use DEFLP instead of "lp". 2001-06-25 11:04:51 +00:00
wiz
6db93e0e58 Replace some .Xr with .Ic (programs non-existing or not in base system). 2001-05-08 17:20:02 +00:00
wiz
8357706e0f lowercase Lpq in xref, and some whitespace fixes. 2001-04-09 12:50:59 +00:00
wiz
8a9489155e Fix possible security problem (euid swapout in error handling).
Based on a similar patch in OpenBSD, reported there by
j@ida.interface-business.de.
Fix the second occurrance of a similar problem in that file, too, though.
2001-04-05 13:30:02 +00:00
wiz
2ff26b9838 Improve markup, and add sections to xrefs, as well as the obligatory
whitespace fixes.
2001-04-05 11:49:14 +00:00
simonb
a378517ea4 80 column police. 2001-03-28 03:17:41 +00:00
cgd
25bdbb661e convert to use getprogname() 2001-02-19 23:22:40 +00:00
itojun
bcbf09100a listen to the port number specified on argument, as advertised
in document.  part of PR 12112 from feico@pasta.cs.uit.no.
2001-02-02 14:20:33 +00:00
lukem
443a19e035 convert to using .WAIT 2001-01-09 03:13:39 +00:00
enami
270db080e9 Use PRINTOBJDIR. 2001-01-07 08:00:54 +00:00
lukem
c2aa46e7c2 use %ll_ instead of the less standard %q_ 2001-01-05 03:27:26 +00:00
lukem
279552d3db fix up various .Nm abuses:
- keep the case consistent between the actual name and what's referenced.
  e.g, if it's `foo', don't use '.Nm Foo' at the start of a sentence.
- remove unnecessary `.Nm foo' after the first occurrence (except for
  using `.Nm ""' if there's stuff following, or for the 2nd and so on
  occurrences in a SYNOPSIS
- use Sx, Ic, Li, Em, Sq, and Xr as appropriate
2000-11-07 06:43:24 +00:00
is
d8302e2d73 More format string cleanups by sommerfeld. 2000-10-11 20:23:46 +00:00
jdolecek
a93350bb37 document output format, so that users would know exact meaning
of printed statistics
2000-10-04 11:40:51 +00:00
itojun
78907e0169 don't give result of function directly into syslog, use "%s". 2000-10-03 13:54:31 +00:00
scw
5c0e061414 Free the bind-address list entries, as well as the list itself. 2000-10-03 13:28:27 +00:00
scw
97a603e5b0 Add a "-b" option to specify one or more local addresses to bind
to instead of the default INADDR_ANY.
2000-10-03 11:45:30 +00:00
itojun
c8b98b814c syslog() string format hole.
http://www.securityfocus.com/templates/archive.pike?start=2000-09-24&fromthread=0&mid=85023&list=1&end=2000-09-30&threads=0&
2000-09-26 17:44:38 +00:00
sommerfeld
c829aa7773 Fix ingroup() to not check gid against trailing groups not set by
getgroups().

Reported to security-officer, but not a security hole, since
"operator" is not gid 0.
2000-08-24 17:40:16 +00:00
itohy
880baa236b Don't pass null pointer to syslog.
lpd[6813]: mail sent to user itohy about job foo.ps on printer lp ((null))
                                                                   ^^^^^^
2000-08-24 02:03:54 +00:00
itojun
f714bfb0d8 rewrite local address detection code, to use getifaddrs(3), not gethostname(3).
gethostname(3) do not necessarily represent local host addrses.
pointed out by: Chuck Cranor
2000-08-09 14:28:50 +00:00
jdolecek
9e1ce523c5 account(): fix so that number of copies is optional and whitespace
between it and hostname:username is optional as well (some software relies
in this); while here, covert to use sscanf() instead of explicit parse code,
sprinkle some comments

dumpit(): change so that the price is total price for this entry, instead of
beeing price per copy

Addresses bin/9996 by Brian Stark, though the implementation differs from
patch code attached to it.
2000-07-16 21:33:26 +00:00
matt
3ab02a8704 More #include <stdlib.h> string, etc. cleanup 2000-07-04 20:27:35 +00:00
mycroft
0047d53157 Get rid of the stupid hack that makes this lose when ${CC} is more than one word. 2000-06-05 17:41:19 +00:00
enami
dc0efa126e Just remove the first word so that rcmd.c compiles even if the command line
contains same substrings with the name of compiler.
2000-05-31 07:34:45 +00:00
itojun
ed26506c25 usr.sbin/lpr/lpd now compiles lib/libc/net/rcmd.c on its own, to avoid
use of non-exported function __ivaliduser{,_sa}().

we cannot make __ivaliduser{,_sa}() static yet, since doing that would choke
compiled lpd binaries.  we should do it on next libc major version bump.
added a memo on lib/libc/shlib_version.
2000-05-30 01:07:43 +00:00
thorpej
9581f118ec Need <string.h> for memset() prototype. 2000-04-30 15:47:55 +00:00
abs
6a7a9484ec lpf used its own broken argv parsing (-h without an argument would dump core)
Convert to getopt() and add a basic usage()
2000-04-29 00:12:32 +00:00
msaitoh
c09c988278 remove unused variable 2000-04-27 13:40:18 +00:00
jdolecek
1d83915c52 Finish transition to using getopt(3). Fixes bin/9963 by Brian Stark. 2000-04-27 09:43:38 +00:00
itojun
4be926fbb8 allow lp=port@host again. PR9975 from Andreas Gustafsson. 2000-04-25 02:34:49 +00:00
itojun
e738bb5642 avoid NULL pointer access when rp=<ipv4 numberic address> (no ai_canonname).
From: hiro@takechi.org

XXX checkremote() should be improved.  gethostname -> getaddrinfo is
not the right thing to do, we cannot assume DNS FQDNs is configured
as hostname.  if the goal here is to check if it is really remote or not,
getifaddrs() is the way to go.
2000-04-24 02:53:05 +00:00
mrg
dd28a6c6dd make scandir(3)'s 3rd argument take a function that takes a *const*
struct dirent *, rather than non-const.  this makes scandir(3) the
same as the scandir implementations in libiberty and glibc, and the
select function has no need to modify the dirent.
2000-04-16 14:43:56 +00:00
simonb
fd4ede242b Don't declare 'extern opt*' getopt variables. 2000-04-14 06:26:52 +00:00
mrg
3f207f4f5a - fix usage message to current reality.
- pull over "lpd [port]" code from freebsd's lpr code.
- use posix signal handling.
2000-04-10 08:09:33 +00:00
itojun
7b48263c7b (rcmd.c) to make Zoularis happier, pass sa_len separately from sockaddrs.
this changes function prototype for __ivalid*.
This commit breaks binary compatibility for __ivalid*.  I believe this can be
forgiven due to the following:
- this is not really exported function.  no function prototype is in headers.
  function name starts with underbars.  No third-party applications are
  expected to use it.
- the function was introduced very recently, when rcmd.c was made IPv6-ready.
- the only customer in NetBSD tree is lpd.

(lpd.c) sync with rcmd.c change.
2000-02-24 06:33:47 +00:00
itojun
0c281f2bda do not sleep on ECONNREFUSED, rather, try the next address first.
the behavior itself has a room for debate.  (why we retry on ECONNREFUSED?)

From: SHIMIZU Ryo <ryo@misakimix.org>
2000-02-18 03:53:16 +00:00
itojun
33ba3a0f18 IPv6 support, using rcmd-family funciton added.
NetBSD PR: 9050
From: Feico Dillema
2000-01-27 05:39:50 +00:00
mjl
8515b446a0 Fix null terminating the wrong buffer curtesy of similar variables
mixed up. Seemed to never have any ill effect, but then...
Noted by Tetsuya Furukawa in FreeBSD PR/15604.
1999-12-23 02:10:07 +00:00
mrg
2a987cd998 - use symbolic names for mode bits
- use _exit() where we should
- fix spelling mistake
- use vasprintf() in pstatus()
all from freebsd.
1999-12-11 02:01:18 +00:00
mrg
585454b2f2 xref setsockopt (from freebsd) and hosts.equiv. 1999-12-11 01:59:43 +00:00
mrg
2e2dfe5c71 tsk. tsk. document new features i added. 1999-12-10 23:49:03 +00:00
mrg
5b6d0e7e39 - add timeouts to displayq(), rmremote(), sendfile() and response(),
and use these timeout in the lpq, lpd and lprm programs.

these stop hung remote printers that accept tcp connections but do
not process jobs from hanging the whole system and letting the sysadmin
have a clue about what is going on with this rogue printer.

- add a -r flag to lpd to allow `of' filters for remote jobs.

i know there are ways around this, but i just don't care.

- add a -f flag to lpf to add missing carriage returns.

useful when printing UNIX files to an, eg, LaserWriter that wants CR's
as well as LF's in raw text.  stair-stepped text is no fun.

- implement child process accounting: we just have a limit on the number
  of children we can have (settable by the sysadmin), and we sleep when
  this number is reached.  this can reduce malicious not-so-malicious
  attacks on the print server by a rogue remote client..

- use setproctitle() where appropriate so the sysadmin has a clue about
  what each of the lpd's here are doing.

this was useful to help diagnose a problem (that the above child process
accounting change reduces the lossages of) where a rogue client was
attempting "lpq" operations on one stuck queue in rapid succession,
causing the lpd server to be extremely slow, due to the large number
of lpd processes running.


i have been running these changes in production for about a year.
1999-12-07 14:54:44 +00:00
jdolecek
5986e9b6ee main(): g/c variable errs accidentaly introduced in last commit, rename
'i' to 'opt'
1999-12-05 22:22:05 +00:00
jdolecek
0e29a42af3 Change the formatting of output so that entries with host:user longer than
24 characters would be displayed correctly.
Fixes bin/8880 by Brian Stark <bstark@uswest.net>.

While here, convert code to use getopt(3) and do some const poisoning.
Also g/c variables uid and euid, they are no longer needed after
the split of ../common_source/common.c
1999-12-05 22:18:40 +00:00