Commit Graph

145 Commits

Author SHA1 Message Date
tls 4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
hubertf 889da1779b * Don't include headers twice
* Remove a few trailing whitespaces
 * Rearrange and join to one #if for some headers

Patch contributed by Slava Semushin <slava.semushin@gmail.com>
in private mail.
2007-01-16 17:32:04 +00:00
rillig 7eb2c18b51 Fixed gcc warnings about comparison between signed and unsigned, as well
as one case where a variable had been used for two different purposes
(which also required different types).
2007-01-02 16:00:46 +00:00
mrg 1fa98f5b05 - use socklen_t where appropriate
- avoid lvalue casts
2006-05-11 06:59:40 +00:00
wiz d57174cb26 Remove useless lines. From YOMURA Masanori in private mail.
While here, remove outdated comment.
2005-09-11 23:38:35 +00:00
christos 2f3bdfce80 Don't ignore SIGCHLD, because we are not going to get kqueue notifications
about it if we do.
2005-04-09 20:14:55 +00:00
lukem 7157011597 Only compile in IPv6 support if ${USE_INET6} != "no"
MKINET6 is for providing IPv6 infrastructure.
USE_INET6 is for compiling IPv6 support into the programs (needs MKINET6).
2005-01-10 02:58:58 +00:00
christos a0d7588f62 Simplify code a bit, and whitespace. 2004-11-28 05:40:47 +00:00
dsl cfe7f80ff0 Add (unsigned char) cast to ctype functions 2004-10-29 20:51:11 +00:00
pk 6b2734d11c Add two missing `#ifdef INET6's. 2004-10-20 11:37:42 +00:00
rumble 7caa241563 Change the log that is produced when the maximum spawn count per
last 60 second interval is reached to more accurately reflect
what has happened.

Also, break up a few long strings, obey 80 columns, and remove a
superfluous newline passed to syslog(3).
2004-09-14 17:42:31 +00:00
mrg 36fa2ebfb9 note that hosts_allow does not affect internal services 2004-04-02 10:13:57 +00:00
wiz 4db64d9590 Bump date for previous, and use Em for
emphasis instead of Sy for symbolic for marking up a warning.
2004-03-24 11:26:16 +00:00
fair 91a52bbfc3 Document that TCP wrappers do not work on UDP services, per PR 18960 2004-03-24 04:31:34 +00:00
cube 6894b27b47 Allow quoting using single or double quotes inside inetd.conf. Closes
PR 24192 by Tyler Retzlaff.
2004-01-25 10:00:17 +00:00
fvdl 7de4819e2c Don't assign NULL to an integer. 2003-10-21 02:43:37 +00:00
agc 326b2259b7 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22366, verified by myself.
2003-08-07 11:25:11 +00:00
itojun 1d06004879 use strlcpy 2003-07-13 13:54:02 +00:00
itojun a6a7baa235 "user:group=foo.bar" is weird. use colon on both sides 2003-04-22 07:46:46 +00:00
itojun 906a2ba4ed always configure IPV6_FAITH explicitly to avoid misconfiguring it on SIGHUP.
sync w/kame
2003-04-22 07:45:27 +00:00
wiz 990562bfef .Nm does not need a dummy argument ("") before punctuation or
for correct formatting of the SYNOPSIS any longer.
2003-02-25 10:34:36 +00:00
tron 62c4d50f34 Because signals are delivered synchronously via kqueue(2) there is no
reason to block and release them at various places.
2003-02-16 18:16:26 +00:00
tron 39e99fe8e3 Now that signal handling is done via kqueue(2) we need to enter
the event loop even if no sockets were created. This should fix
PR bin/20369 by Martin Husemann.
2003-02-16 17:57:34 +00:00
tron 726769ad02 Improve kqueue(2) utilization:
- Don't invoke kevent(2) for every single event change. Instead collect
  event changes and try to do them in the event loop.
- Handle signals via kevent(2) to avoid race conditions for SIGHUP (which
  probably exist in the select(2) based implementation, too).
2003-02-13 11:47:27 +00:00
tron d289c0d46f KNF. 2003-02-12 10:03:47 +00:00
tron 8be719490d Rewrite inetd(8) to use kqueue(2) for enhanced performance and scalability. 2003-02-12 08:52:03 +00:00
jschauma 432d470724 Fix typos pointed out by Igor Sobrado in PR misc/19621. 2003-01-02 00:22:29 +00:00
mycroft 176cc386e1 If we can't set FD_CLOEXEC on a listening socket, close it rather than allowing
it to be passed down to inetd's children.
Note: Setting FD_CLOEXEC can't actually fail, but we did check for the error
anyway...
2002-09-19 21:59:03 +00:00
itojun 181c9736b9 correct udp-from-broadcast check. From: andre@ae-35.com 2002-07-04 12:35:19 +00:00
itojun 00a0a65271 on internal udp echoback service, reject request if source address is a
broadcast address.
2002-06-05 10:03:31 +00:00
itojun 0c16d570ac no need for inetd_dummy variable. from openbsd 2002-06-01 03:41:33 +00:00
itojun 0062113f7e minor KNF 2002-06-01 00:32:41 +00:00
itojun 2dc34bbe40 cleanup main() by splitting it up in two. inspired by openbsd change 2002-06-01 00:28:52 +00:00
itojun 69c161be36 socklen_t cleanup. make MULOG code actually compile (is there anyone using
it?  otherwise, i'd like to nuke it)
2002-06-01 00:15:08 +00:00
christos 1d1ced8220 use setproctitle(3); from itojun. 2002-05-31 14:28:20 +00:00
wiz b36c0a5406 deamon -> daemon 2002-01-21 14:42:26 +00:00
wiz 546138910d Drop some unnecessary .Pp, sort sections and SEE ALSO. 2002-01-19 03:14:33 +00:00
abs dd94d9b295 Convert some 'long's to 'uint32_t's. Now rdate works against an LP64 box. 2001-12-26 17:01:39 +00:00
itojun f559c09989 __ss_{len,family} #define hack is no longer necessary 2001-11-19 03:18:28 +00:00
itojun de3a065dcc CPPFLAGS, not CFLAGS, for -D. 2001-09-13 13:02:20 +00:00
wiz 14dbdf5518 Negative exit code cleanup: Replace exit(-x) with exit(x).
As seen on tech-userlevel.
2001-04-06 11:13:45 +00:00
fair 1cab78c82a Document TCPmux internal service, per additional discussion of PR 12325.
The text was snatched directly from the comment about it in inetd.c and
modified for better clarity.
2001-03-16 08:19:13 +00:00
fair 232ed76f81 Add text to more clearly document that tcpd is not needed, per PR 10754.
Add a FILES section. Add a few more references to SEE ALSO.
Clean up nroff nits (e.g. spaces at end of line).
2001-03-10 11:52:51 +00:00
bjh21 e4fc14ba1d Mention relevant RFCs in "SEE ALSO". 2001-03-04 14:18:32 +00:00
cgd 25bdbb661e convert to use getprogname() 2001-02-19 23:22:40 +00:00
jlam c5d65e2d74 Improve grammar slightly in the description for IPsec policy settings. 2001-01-25 21:49:31 +00:00
lukem 0645f2f67b use explicit name rather than __progname in openlog 2001-01-11 01:34:28 +00:00
hubertf 1e2914d00b Document that the path to the configuration file given on the command
line must be absolute, unless the -d option is given on the command line.
2000-12-02 02:15:34 +00:00
ad b8bb84a3b0 Clean one paragraph. 2000-09-19 16:28:52 +00:00
itojun 51156effd6 be more paranoid about UDP-based echo services validation. namely,
reject the following sources:
	0.0.0.0/8 127.0.0.0/8 240.0.0.0/4 255.0.0.0/8
	ff00::/8 ::/128
	::ffff:0.0.0.0/96 and ::0.0.0.0/96 obeys IPv4 rule.
hint from deraadt.
2000-08-01 18:42:08 +00:00