Commit Graph

1165 Commits

Author SHA1 Message Date
thorpej df83a2a3cd Add MK... variables to enable/disable various aspects of building
crypto support into the system.  See share/mk/bsd.README for more
a full description.
2000-06-23 06:01:10 +00:00
thorpej 5c099b14c1 Bring the telnet situation back into better shape. Specifically,
pull in just about all of the differences from the crypto-us telnet
suite (which includes Kerberos 4 and connection encryption support).
Also bring in the Kerberos 5 support from the Heimdal telnet, and
frob a little so that it can work with the non-Heimdal telnet suite.

There is still some work left to do, specifically:
- Add Heimdal's ticket forwarding support to the Berkeley Kerberos 4
  module.
- Add connection encryption support to the Heimdal Kerberos 5
  module.  Hints on this can be taken from the MIT Kerberos 5
  module which still exists in crypto-us.

However, even with the shortcomings listed above, this is a
better situation than using the stock Heimdal telnet suite,
which does not understand the IPSec policy stuff, and is also
based on much older code which contains bugs that we have already
fixed in the NetBSD sources.
2000-06-22 06:47:42 +00:00
perseant bbc8485d45 Make sure to segunmap segments on error in lfs_bmapv or lfs_markv. Prevents
a memory leak of by default 1 Mb per error.  May fix PR #9149.
2000-06-21 01:58:52 +00:00
lukem 327792f9ed fix problems noted by <dogcow@redback.com> in [bin/10390] and private email:
* fix RATE{GET,PUT} under some situations when the client is slower than
  the server (something i missed when migrating the rate limiting code
  i wrote in ftp(1) to ftpd(8))
* document what units RATE{GET,PUT} use
2000-06-20 07:39:46 +00:00
thorpej e7d6b96938 Merge a bunch of things from crypto-us and crypto-intl into basesrc,
adding support for Heimdal/KTH Kerberos where easy to do so.  Eliminate
bsd.crypto.mk.

There is still a bunch more work to do, but crypto is now more-or-less
fully merged into the base NetBSD distribution.
2000-06-20 06:00:24 +00:00
lukem 13067569df rewrite method of traversing facttab[]; use size of list to terminate
not NULL terminated entry (since we need to know the size of other
reasons...)
2000-06-19 17:08:05 +00:00
lukem 73f082e2ea various fixes suggested by Robert Elz:
* implement closedataconn() and use appropriately (including in mlsd())
* only put leading space in front of MLST output (not MLSD output)
* MLSD: only output pdir and cdir entries when the type fact is requested.
* change error code for giving MLSD a non-directory from 550 to 501
* remove MLSx Type fact support for UNIX.* for now; it's not standardised yet.
* do a check_login when MLSD and MLST are given no args
* detect & complain about null facts in OPTS MLST
* cache getgroups() at login instead of calling each time in fact_perm()

other mods:
* implement cprintf(); as per fprintf() but increments total_bytes{,_out}
* implement CPUTC(); as per putc() but increments total_bytes{,_out}
* implement base64_encode()
* fact_unique() display base64 encoding of dev_t and ino_t rather than
  hex output; should scale if size of those changes
* change reply() so that a negative code acts as the initial line in a reply,
  code == 0 prefixes the line with 4 spaces, and code > 0 works as before.
  deprecate lreply(code, ) and lreply(0, ) in favour of reply(-code, ) and
  reply(0, ) respectively.
* use cprintf() and CPUTC() appropriately (often instead of printf(),
  lreply(-2, ) or lreply(-1, ).
  now we actually account for the data sent by MLST and MLSD.
* remove DEBUG support for sending MLSD output to control connection instead
  of data connection (my ftp client now supports MLSD :-)
2000-06-19 15:15:03 +00:00
thorpej dd5f430adf Fixup Heimdal libexec builds. 2000-06-16 23:41:40 +00:00
thorpej b4bbc15da4 Import libexec portions of Heimdal, from cryptosrc-intl. 2000-06-16 23:32:37 +00:00
explorer f8eb6433b2 include <krb5/krb5.h> before including extern.h, so krb5_context is defined 2000-06-16 23:17:41 +00:00
christos baeb94e0b1 Also set __mainprog_obj so .ini sections can call dlopen() 2000-06-16 19:51:05 +00:00
cgd db755e7c76 sweep of my licenses (userland files w/o only my copyright) for
consistency.  (no functional changes)
2000-06-14 17:24:02 +00:00
itojun 1e949e404d correct LPSV/LPRT display on STAT command.
(did not crank the version since the change is on the same day)
2000-06-14 13:55:15 +00:00
lukem a26448af43 major overhaul (just before netbsd 1.5 :-):
* implement draft-ietf-ftpext-mlst-10 commands, especially MLST and MLSD.
  we already supported SIZE and MDTM. add the appropriate FEAT output lines.

* migrate a lot of the command code from ftpcmd.y and ftpd.c to cmds.c

* make dataconn(), feat(), lookup(), opts() and sizecmd() public

* modify struct tab so that it has a `flags' instead of `implemented' element,
  and remove the `hasopts' element.  If flags == 1, the command is implemented.
  if flags == 2, the command is implemented and takes options

* add macros ISDOTDIR(x) (is x ".") and ISDOTDOTDIR(x) (is x "..")

* modify lreply() so that lreply(-2, ...) just outputs the given info without
  a prefix or trailing \r\n. this saves doing b = printf(); total_* += b;

* enhance statcmd(). still needs work in the LPRT status stuff.

* crank version
2000-06-14 13:44:21 +00:00
cgd d220ca5ba3 fix up NetBSD RCS Ids to match the standard, and the leading comment as
to match as well.  No functional changes.
2000-06-14 06:48:47 +00:00
perry 79b8558eac include sys/sched.h to get definition of CPUSTATES 2000-06-04 01:38:52 +00:00
fvdl aefb080ff0 Subject to TI-RPC, followed by complete and utter ANSIfication. 2000-06-03 21:06:02 +00:00
fvdl 145ded3cdc Missed a pmap_unset -> rpcb_unset change. 2000-06-03 20:57:40 +00:00
fvdl 42f513b9d2 Adapt for TI-RPC. 2000-06-03 20:52:18 +00:00
fvdl 19e7dc6fee Use sockaddr_storage. 2000-06-03 20:37:37 +00:00
fvdl 5ce895dff6 Use sockaddr_storage in from_inetd check (call to getsockname()). 2000-06-03 20:36:30 +00:00
fvdl b3032caf2a Use sockaddr_storage in the call to getsockname, not sockaddr_in. 2000-06-03 20:35:06 +00:00
fvdl 6185360f34 Use TI-RPC, thus enabling IPv6. 2000-06-03 20:31:25 +00:00
fvdl e1d419e43a Use TI-RPC interface. ANSIfy. 2000-06-03 19:06:25 +00:00
fvdl 3ff53c6c24 ANSIfy function prototypes and definitions. 2000-06-03 18:58:22 +00:00
fvdl 1e12f48a81 Use rpcb_unset, not pmap_unset. 2000-06-03 18:48:24 +00:00
fvdl 015c3c107d Oops, remove debugging printf. 2000-06-03 18:43:10 +00:00
jdolecek 06d16ede1e slighly move the assert() added in last commit, so that it's
actually useful
2000-06-03 06:51:57 +00:00
fvdl ed2c47f74f Adapt for new RPC interface. 2000-06-02 23:20:18 +00:00
jdolecek 2a05365bbb _rtld_unref_dag(): needed->obj might be null if the unreffed object has
some unsatisfied references (most often when compiled without necessary
	-Wl,-R), so check for that instead of causing null-dereference;
	this way the code has a chance to cleanup after itself and report
	the error to caller

Thanks to Jason Thorpe for helping fix this!
2000-06-02 22:52:28 +00:00
explorer 6a07b80d26 make this compile with KERBEROS5 defined. Note: only one of KERBEROS or KERBEROS5 may be defined in this file... 2000-06-02 14:47:19 +00:00
fredb 5c0f4694d6 Make this build again with crypto-us, after recent changes to k{,5}login.c. 2000-06-02 00:19:04 +00:00
lukem 8f1cd9886e Clarify the meaning of `directive', as requested in [security/10229]
by Klaus Klein <kleink@uni-trier.de>
2000-05-30 23:53:37 +00:00
itojun bcae82da01 add comment on IPv4 mapped address twist 2000-05-30 05:31:31 +00:00
itojun 6fc49112e9 document IPv4 mapped address twists.
- ftp(1): treats IPv4 mapped destination as IPv4 peer, not native IPv6 peer.
  this does not support network with SIIT translator.
- rshd(8)/rlogind(8): rejects accesses from IPv4 mapped peer, to avoid
  possible abuse of IPv4 mapped addr (rshd/rlogind use source address-based
  auth so it is important to check the condition).
2000-05-30 05:21:46 +00:00
simonb 6c872090f0 The cp_time array has had 5 members since 1994 - show them all in debug
output.
2000-05-29 11:30:30 +00:00
matt d7e8330189 Remove RELOC_SYMBOLICS_THROUGH_JMPSLOT as it's always the case 2000-05-28 01:53:05 +00:00
matt 03e56c691e Changes to put the COMPAT_AOUT code into ld.aout_so. Search <dir> for <lib>
then search /emul/aout/<dir> for <lib>.  To make sure we don't get false
postives on ELF libraries we make the .so is a ZMAGIC dynamic library.
2000-05-27 06:53:29 +00:00
matt 0189702cee minor fix now that i've defined the plt0 entry. 2000-05-22 19:17:04 +00:00
lukem 18be3cd981 - Always close(pdata) if it was a valid filedescriptor before setting it to -1.
Problem noted in [bin/9642] by Takahiro Kambe <taca@sky.yamashina.kyoto.jp>,
  (part of which already had been solved by itojun a while ago), and provided
  patch covered most of the fixes needed. (Thanks Takahiro!)
- Consistently indent goto labels by one space.
2000-05-20 23:34:55 +00:00
lukem dcc88422ad convert to ANSI C as per style guide 2000-05-20 02:20:18 +00:00
fair bfd08c6ef7 Deal with PR 9427 - add wording to clarify what sending SIGHUP to init(8)
does and does not do. Also, while we're here, make the list of flags more
readable.
2000-05-17 09:22:11 +00:00
itojun 6047a12c7b move IPv6 considerations into BUGS section 2000-05-16 00:59:12 +00:00
bjh21 6c97e2bd78 Initial commit of arm26 port 2000-05-09 21:55:44 +00:00
kleink e425e0a706 PowerPC: support ADDR16_LO, ADDR16_HI and ADDR16_HA relocations. 2000-05-01 11:41:08 +00:00
erh a497b0d8ab Cause ld.elf_so to find the symbols for __progname and environ and set them. If we wait until crt0 gets around to doing it it's too late for any library init functions. 2000-04-15 05:41:46 +00:00
christos 46d52e1ec5 re-indent sanely _rtld_dlsym() [no functional change] 2000-04-15 05:27:49 +00:00
itojun d53d7cf148 reject connection attempt from IPv4 mapped addr, for safety. 2000-04-14 12:29:49 +00:00
itojun 42a6c72320 reject conneciton attempt from IPv4 mapped address, just in case.
I thought of supporting it, however, rejected due to possible complication.
i prefer the safer side here... (code available, commented out)
2000-04-14 12:28:51 +00:00
soren 0b24ff5b31 Also print a newline after the error in the xwarnx case. 2000-04-02 23:04:32 +00:00
mycroft 3d5dc334de Don't try to get libc_pic from the libc compile directory. If we're doing a
build, libc has already been installed.
2000-03-26 21:55:55 +00:00
kleink 6138ff83d9 Document LD_PRELOAD, fixing PR lib/9663, and note that (and why) neither
this nor LD_LIBRARY_PATH are honored when executing set[ug]id.
2000-03-24 20:10:28 +00:00
lukem c8c9e77cbf only define _DEFAULT_CONFDIR if not set. (allows compile-time override) 2000-03-06 21:42:26 +00:00
lukem f318090c60 * don't bother with a version[] string, just use the macro as appropriate
* clean some more of the GLOBAL stuff
* fix unused var if -UHASSETPROCTITLE
2000-03-05 06:12:19 +00:00
aidan 492312b9ed Move include/kerberosIV/com_err.h to include/com_err.h 2000-02-14 03:26:06 +00:00
chs 871e0c1533 switch back to using a file mapping for the initial mapping of a new object.
this allows the kernel to use PMAP_PREFER() to give us better alignment on
platforms that care.
2000-02-13 04:28:09 +00:00
thorpej f8b76eb0fd Const poison dladdr(). 2000-02-11 00:07:36 +00:00
scottb 076e309d3e change first argument of dladdr to const. 2000-02-08 16:22:59 +00:00
scottb c0cf420b69 add hooks to support the dladdr function. 2000-02-07 21:40:40 +00:00
kleink 65b8f3b2eb Change _rtld_dlclose() to unload the object via _rtld_unload_object() rather
than by itself.  Besides being duplicated code the open-coded version
also did not take care of cleaning up after the object's DAG(!).
Fixes PR bin/8905.
2000-02-07 19:02:49 +00:00
assar f73a2b64ec (net_write): rename to telnet_net_write 2000-02-01 02:30:43 +00:00
itojun 2a5b88bffb IPv6 support. 2000-01-31 14:20:13 +00:00
tron 91e1f3f01b Don't write leading white spaces and directory names to whatis file. 2000-01-24 23:03:54 +00:00
itojun 6e6f6caf3e declare -DLOGIN_CAP in CPPFLAGS, not in CFLAGS. 2000-01-24 14:10:56 +00:00
veego 3764f5646b Disable the linking with X11 libraries.
No userland should be linked against X11.
2000-01-23 09:58:13 +00:00
mjl c47ddf604a Login.conf-ify rshd. Heavily inspired by FreeBSD. 2000-01-22 10:22:55 +00:00
mycroft f5d7100e26 Nuke `extern int errno;' in code we compile with -Wstrict-prototypes. We get
the correct definition from errno.h.
2000-01-21 17:08:33 +00:00
perseant d244493927 Take care of memory leaks 2000-01-18 08:02:30 +00:00
christos 3bc3e6f774 use xwarnx instead of warnx 2000-01-15 01:03:45 +00:00
ad 3090e2a588 Put RCS ID in the right place. 2000-01-14 02:11:54 +00:00
ad 6aa5f51487 - Either QVT/Term or the NT 'clipboard' converts tabs to spaces. I pasted in
some code via QVT/Term. Sigh. Fix it.
- Teeny KNF nit.
2000-01-14 02:10:08 +00:00
ad 3476632b59 Make 'if' capability from gettytab work. *shudder*. 2000-01-13 13:11:31 +00:00
lukem ab88a15086 suppress verbose messages from CWD and post-login if the first
character of the anonymous password is `-'.
2000-01-13 00:04:31 +00:00
lukem c8493e9499 * add ftpd.conf directive `portrange class min max', which allows specification
of the port range used by passive connections. based on work in [bin/9158]
  from Takahiro Kambe <taca@sky.yamashina.kyoto.jp>
* change the way global variables are defined and extern-ed to be more
  consistent.
2000-01-12 22:39:27 +00:00
lukem 559037c273 fix problem where ftpd.conf lines would match everything if there was
no template defined. noted by Vebjorn Ljosa <ljosa@initio.no>
2000-01-10 08:03:50 +00:00
lukem 7e80378800 * new ftpd.conf directive:
template class [refclass]
  following directives for refclass will apply to class as well.
  this makes setting up a `template' class with many default settings
  easy, whilst allowing for class-specific overrides
* prevent crash when the optional limitfile wasn't given to limit
* document count_users()
* document default setting of limit in ftpd.conf(5)
* crank version
2000-01-09 10:08:45 +00:00
lukem 61ee60248e reference usr/share/examples/ftpd/ftpusers 2000-01-08 13:36:28 +00:00
lukem 584b0757f6 missing "." on reply 2000-01-08 11:14:36 +00:00
lukem 16e886121d features:
* add connection limits (`limit' keyword in ftpd.conf)
* move initialisation of curclass from parse_conf() to new function
  init_curclass()
* implement count_users(), which determines the number of users in a given
  class. a file - /var/run/ftpd.pids-<class> - is used to store a list
  of pids in use (effectively an array of pid_t's), and its size is reduced
  as necessary.
* new % modifiers in format_file:
	%c	class
	%M	maximum connection count
	%N	current connection count
* always end_login()s, even for refused connections

bugs fixed:
* remove \n from %T output
* fix some inconsistencies in the man pages
* ensure that both `ftp' *and* `anonymous' are allowed in ftpusers.
  (this was accidently broken in a recent commit to be ``or'' not ``and'')
* use MAXPATHLEN not MAXPATHLEN+1
* crank copyright date on modified files
* crank version
2000-01-08 11:09:56 +00:00
ad 93f5a68033 Oops, fix previous. 2000-01-04 13:51:55 +00:00
ad 2a1297db0c Add two new capabilities to gettytab - idea from FreeBSD:
al - user to auto-login as
  if - banner file to display, like /etc/issue
2000-01-04 13:43:36 +00:00
tron e9a72ad0a3 Accept all kind of whitespaces when searching for the end of a nroff
macro.
1999-12-31 14:50:16 +00:00
tron 3434166ef3 Correct and improve nroff macro stripping. Partially fixes PR bin/9083
by Geoff C. Wing.
1999-12-31 14:28:03 +00:00
tron 18c5f3d5f1 Abort if memory for execv(2) argument array cannot be allocated instead
of passing an array with incomplete contents to login(1).
Fix provided by Jun-ichiro itojun Hagino in PR bin/9082.
1999-12-31 12:42:35 +00:00
itojun 602b7d0407 indentation fix. 1999-12-31 08:01:26 +00:00
christos 3856850e36 don't stutter when printing error messages. 1999-12-27 15:36:36 +00:00
lukem d56fffdd70 * document all classtype defaults
* xref /usr/share/examples/ftpd/ftpd.conf
1999-12-26 09:42:18 +00:00
lukem 019b95b641 crank version 1999-12-21 12:57:45 +00:00
lukem 5c024702df * add support for optional groupglob in ftpuser entry. the syntax is now:
userglob[:groupglob][@host] [directive [class]]
* append ``(class: CLASSNAME, type: TYPE)'' to the syslogged login messages
1999-12-21 12:56:15 +00:00
lukem 80ca00b8cd trivial simplification 1999-12-21 12:52:18 +00:00
christos b360d70cb7 PR/9031: Scott Ellis: Ignore empty sysctl directive lines. 1999-12-20 02:43:58 +00:00
lukem 7543b77a8e * add back support for `-h hostname'; it still may be useful to override
the name advertised to the client, even if ftpd can determine it from
  the ip address that ftpd is bound to. requested by mrg.
* remove -4/-6; they were effectively no-ops since itojun's change in 1.75.
* crank version
1999-12-19 00:09:31 +00:00
lukem 6eff1df26e deprecate -h hostname in favour of automatic determination of local hostname.
this is a much cleaner solution for supporting multihomed virtual servers.
from Geoff C. Wing <gcw@pobox.com> in [bin/8137].
1999-12-18 06:33:54 +00:00
lukem 8aad99ce9d * move version to separate header file
* use .Dv and .Tn in the man pages as appropriate
* KNF a bit

The following were inspired by similar changes in openbsd, but may
have additional improvements by me:
* add more check_login tests to the parser rules
* nuke a few memory leaks in the parser rules
* clear passwords before free()ing them, for safety
* don't display \r\n in setproctitle() output
* add support for -U, which enables managing /var/run/utmp entries for
  connections. solves [bin/2217] by Jason Downs <downsj@teeny.org>
* fix oob handling for STAT command
* use SIG_ERR instead of -1
1999-12-18 05:51:34 +00:00
lukem b5972a49fe install ftpusers(5) as ftpchroot(5). more cleanups 1999-12-16 07:05:18 +00:00
lukem 6a0bdfee15 crank version 1999-12-16 07:01:23 +00:00
lukem 4f181f8249 cleanup 1999-12-16 06:56:49 +00:00
itojun 2c4f20dd99 do not touch __ss_len directly, they are not supposed to be touched. 1999-12-16 06:00:24 +00:00
lukem e11b8f48c5 * add support for `-h hostname', which defines the hostname to advertise
as (useful for virtual ftp servers in conjunction with inetd.conf(5)'s
  ability to bind to a specific address).
  if this option is used, add `hostname' to the syslog messages.
* improve documentation of command-line options
* don't allow class names of `all' or `none' in ftpusers
1999-12-16 02:21:37 +00:00
lukem 6be4a7c9bd separate ftpd.conf(5) and ftpusers(5) out from ftpd(8).
xxx: still needs a bit of work
1999-12-16 01:16:04 +00:00