Commit Graph

170 Commits

Author SHA1 Message Date
tls
4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
christos
019209fdbc volatile fixes from Anon Ymous 2006-12-18 14:18:40 +00:00
elad
1232ea27c4 PR/18906: roskens at elfin dot net: misc. select() to poll() updates.
Adapted to -current by myself, thanks for the patch!
2006-10-07 17:27:57 +00:00
mrg
aadd7d4847 sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4. 2006-05-11 23:16:28 +00:00
mrg
4bc6feceb6 end the argument list to exec*(3) with a NULL instead of a bare '0', as
the latter isn't a pointer context in these varargs functions.
2006-05-11 00:22:52 +00:00
rpaulo
de8db47547 Add support for RFC 3542 Adv. Socket API for IPv6 (which obsoletes 2292).
* RFC 3542 isn't binary compatible with RFC 2292.
* RFC 2292 support is on by default but can be disabled.
* update ping6, telnet and traceroute6 to the new API.

From the KAME project (www.kame.net).
Reviewed by core.
2006-05-05 00:03:21 +00:00
christos
48cf428279 Turn if/then/elif into a switch 2006-04-04 21:35:20 +00:00
christos
85e611dd01 Goodbye KerberosIV 2006-03-20 04:03:10 +00:00
he
9dfcf4d44d Rename debug to telnet_debug, to allow static linking with libssh.a. 2006-02-02 19:33:12 +00:00
christos
3ac7a40466 fix compilation after changes to telopts. I will revisit this and constify
it later.
2006-01-25 04:20:54 +00:00
atatat
bfff2fd626 charaters -> characters 2005-04-03 02:43:57 +00:00
drochner
6ff7079afd plug buffer overflows, see
http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities
(CAN 2005-0468 and 2005-0469)

Patch taken from MIT/Kerberos (MITKRB5-SA-2005-001-telnet.txt)
2005-03-29 12:18:28 +00:00
he
5152518685 Add -lcrypt to link lines for applications using -lkrb5, so that they
link successfully when MKPIC=no, as is always the case for our ports
which do not support shared libraries.

Discussed with thorpej and christos.
2005-03-04 20:44:55 +00:00
he
8e8728c45c Introduce PAM_STATIC_LDADD and PAM_STATIC_DPADD. When compiling
with MKPIC=no, possibly because the target does not support shared
libraries, these include libraries required to resolve all symbols
which end up referenced from PAM-using applications.  The libraries
presently required are -lcrypt, -lrpcsvc and -lutil.

Add use of these variables which are currently set up to use PAM,
so that they compile when MKPIC=no.

Also, in the telnetd case, reorder the order of the libraries, so
that libtelnet.a comes before -ltermcap and -lutil, again to fix
link error when MKPIC=no.

Discussed with thorpej and christos.
2005-03-04 20:41:08 +00:00
christos
66e1a2c606 Make this compile if pam is present. XXX: this sucks, because we don't
really use PAM here, but libtelnet needs it.
2005-02-19 23:28:41 +00:00
dsl
e77d2c6bcd Change first arg of printsub() for 'char' to 'int' so that it builds again.
This matches the binary interface from before if was de-__Peed (or at least
that of K&R C).
In any case having arguments (and return values) of char and short isn't
especially sensible.
2005-02-06 20:39:35 +00:00
tron
de397c1aee Fix build errors caused by de-__P()--ing "libtelnet". 2005-02-06 17:51:40 +00:00
lukem
7157011597 Only compile in IPv6 support if ${USE_INET6} != "no"
MKINET6 is for providing IPv6 infrastructure.
USE_INET6 is for compiling IPv6 support into the programs (needs MKINET6).
2005-01-10 02:58:58 +00:00
lha
a0dab7aa39 Move linking with libdes to the common kerberos section since
libtelnet depends on the old des functions.

From Jukka Salmi in NetBSD pr misc/28727
2004-12-22 01:25:05 +00:00
itojun
b95181fc9b NI_WITHSCOPEID was not picked up by IETF standardization process. 2004-11-16 05:59:32 +00:00
christos
51beb09565 Kill remnant function decl. 2004-11-10 20:26:43 +00:00
dsl
88d913ebbe Add (unsigned char) cast to ctype functions 2004-11-04 07:22:47 +00:00
heas
209ebbab46 - deal with a dead tty in ttyflush() by cleaning-up and exiting instead of
returning a failure code and processing that all the way up the stack.
- deal with a dead peer similarly and do it without setjmp/longjmp() (at
  christos' request).

These fix bin/20304 and my own observations when the remote abruptly closes
the connection.
2004-03-20 23:26:05 +00:00
heas
d5561e39ff remove duplicate description of DEFAULT keyword (introduced by me). 2004-03-20 23:10:01 +00:00
wiz
f05e6f1a3a occured -> occurred. From Peter Postma. 2004-02-24 15:12:51 +00:00
jmmv
672f49e3a2 Let the usage message fit in 80 columns to avoid wrapping. 2004-01-05 23:35:41 +00:00
jmmv
b635f565e7 Homogenize usage messages: make the 'usage' word all lowercase, as this seems
to be the most common practice in our tree.
2004-01-05 23:23:32 +00:00
chs
1a686b2ea3 rearrange lib stuff so that these link on non-shared-lib platforms. 2003-12-13 22:07:35 +00:00
dyoung
4758291178 Fix the checkflist for builds without Kerberos 4 (MKKERBEROS4=no)
and without Kerberos 4 & 5 (MKKERBEROS=no). Previously checkflist
complained of missing files.

* move kerberos- and kerberos 4-only files into new flists,
  distrib/sets/lists/*/krb.*

* make the flist generators grok MKKERBEROS{,4} variables

* fix Makefiles which treat MKKERBEROS=no as MKKERBEROS5=no.
  9 out of 10 experts agree that it is ludicrous to build w/
  KERBEROS4 and w/o KERBEROS5.

* fix header files, also, which treat MKKERBEROS=no as MKKERBEROS5=no.

* omit some Kerberos-only subdirectories from the build as
  MKKERBEROS{,4} indicate

(I acknowledge the sentiment that flists are the wrong way to go,
and that the makefiles should produce the metalog directly.  That
sounds to me like the right way to go, but I am not prepared to do
revamp all the makefiles.  While my approach is expedient, it fits
painlessly within the current build architecture until we are
delivered from flist purgatory, and it does not postpone our
delivery. Fair enough?)
2003-12-11 09:46:26 +00:00
wiz
4bbfee09ca Various typo fixes from Jonathon Gray via jmc@openbsd. 2003-11-17 11:16:10 +00:00
wiz
a1a9c97ba0 Bump date for previous; fix a typo; use .Dq instead of \*( construct. 2003-10-28 00:28:56 +00:00
heas
642593b012 break the description of the "open" command into two paragraphs and improve
description of .telnetrc.
2003-10-27 19:46:14 +00:00
agc
89aaa1bb64 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
jdolecek
291a252c2e need to pass flags as argument to TIOCFLUSH ioctl
fixes bin/22391 by SAITOH Masanobu
2003-08-07 07:01:09 +00:00
lha
0fe8a8550f libkrb depend on libdes
libkrb5 depends on libasn1 and libcrypto
2003-08-05 10:45:42 +00:00
itojun
e63468d8cc split MKKERBEROS4 from MKKERBEROS. based on work by lha at stacken.kth.se
(build confirmed with both MKKERBEROS4=yes and MKKERBEROS4=no)
2003-07-23 08:01:24 +00:00
itojun
87b3160e5b remove #ifdef sun 2003-07-16 15:14:19 +00:00
itojun
e26b0e0cf5 stop installing install libtelnet. build under lib/libtelnet and reference
it from usr.bin/telnet and libexec/telnetd.
(reason for separate build: compiler flags)
2003-07-16 05:42:01 +00:00
itojun
1f245ffbb2 more unifdef 2003-07-14 16:06:46 +00:00
itojun
eb8120f761 more unifdef 2003-07-14 16:00:52 +00:00
itojun
21f5307c6f remove unneeded #ifdef. (confirmed that same *.o is generated) 2003-07-14 15:56:28 +00:00
itojun
7173f16649 use bounded copy ops 2003-07-12 14:29:35 +00:00
itojun
032ed69f9a strlcpy 2003-07-12 13:23:55 +00:00
christos
1f975a33c3 fix fallout from previous ansification (thanks to Juergen Hannken-Illjes) 2003-06-19 11:16:13 +00:00
christos
2658386875 Ansify. 2003-06-18 20:51:00 +00:00
jdolecek
f906986ad4 one <sys/cdefs.h> include is enough
fixes PR misc/21340 by Igor Sobrado
2003-04-27 11:09:57 +00:00
christos
be6d6ca02b PR/18984: John Heasley: telnet spins on dead tty 2003-03-15 04:48:22 +00:00
wiz
990562bfef .Nm does not need a dummy argument ("") before punctuation or
for correct formatting of the SYNOPSIS any longer.
2003-02-25 10:34:36 +00:00
grant
be8ae688ae New sentence, new line. 2002-09-30 11:08:56 +00:00
mycroft
aae6c28cf9 null commit 2002-09-23 12:44:34 +00:00