#
356388 |
|
05-Jan-2020 |
kevans |
MFC further inetd(8) cleanup: r356204, r356215, r356217-r356218, r356246-r356248, r356254, r356318
r356204: inetd: don't leak `policy` on return
sep->se_policy gets a strdup'd version of policy, so we don't need it to stick around afterwards.
While here, remove a couple of NULL checks prior to free(policy).
r356215: inetd: knock out some clang analyze warnings
chargen_dg: clang-analyze is convinced that endring could be non-NULL at entry, and thus wants to assume that rs == NULL. Just independently initialize rs if it's NULL to appease the analyzer.
getconfigent: policy leaks on return
free_connlist: reorganize the loop to make it clear that we're not going to access `conn` after it's been freed.
cpmip/hashval: left-shifts performed will result in UB as we take signed 0xABC3D20F and left shift it by 5.
r356217: inetd: prefer strtonum(3) to strspn(3)+atoi(3), NFC
strtonum(3) does effectively the same validation as we had, but it's more concise.
r356218: inetd: prefer strlcpy to strlen(3) check + strcpy(3), NFC
This is again functionally equivalent but more concise.
r356246: inetd: add some macros for checking child limits, NFC
The main point here is capturing the maxchild > 0 check. A future change to inetd will start tracking all of the child pids so that it can give proper and consistent notification of process exit/signalling.
r356247: inetd: track all child pids, regardless of maxchild spec
Currently, child pids are only tracked if maxchildren is specified. As a consequence, without a maxchild limit we do not get a notice in syslog on children aborting abnormally. This turns out to be a great debugging aide at times.
Children are now tracked in a LIST; the management interface is decidedly less painful when there's no upper bound on the number of entries we may have at the cost of one small allocation per connection.
r356248: inetd: convert remaining bzero(3) to memset(3), NFC
This change is purely in the name of noise reduction from static analyzers that want to complain that bzero(3) is obsolete in favor of memset(3).
With this, clang-analyze at least is now noise free. WARNS= 6 also appears to have been OK for some time now, so drop the current setting and opt for the default.
r356254: inetd: final round of trivial cleanup, NFC
Highlights: - Use MAX() for maxsock raising; small readability improvement IMO - malloc(3) + memset(3) -> calloc(3) where appropriate - stop casting the return value of malloc(3) - mallloc(3) -> reallocarray(3) where appropriate
A future change may enter capability mode when forking for some of the built-in handlers.
r356318: inetd: fix WITHOUT_TCP_WRAPPERS build after r356248
After increasing WARNS, building WITHOUT_TCP_WRAPPERS failed because of some unused variables.
|
#
356387 |
|
05-Jan-2020 |
kevans |
MFC r310921, r311354, r315644: Light inetd(8) cleanup
r310921: - Add static for symbols which need not to be exported. - Clean up warnings to the WARNS=6 level.
r311354: Fix build when WITHOUT_INET6 is defined.
r315644: Simplify a pipe for signal handling.
|
#
330449 |
|
05-Mar-2018 |
eadler |
MFC r326276:
various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task.
The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts.
No functional change intended.
|
#
326760 |
|
11-Dec-2017 |
delphij |
MFC r326244:
Don't assign rs as we will assign it later.
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
299356 |
|
10-May-2016 |
bapt |
Rename getline with get_line to avoid collision with getline(3)
When getline(3) in 2009 was added a _WITH_GETLINE guard has also been added. This rename is made in preparation for the removal of this guard
|
#
239991 |
|
01-Sep-2012 |
ed |
Rework all non-contributed files that use `struct timezone'.
This structure is not part of POSIX. According to POSIX, gettimeofday() has the following prototype:
int gettimeofday(struct timeval *restrict tp, void *restrict tzp);
Also, POSIX states that gettimeofday() shall return 0 (as long as tzp is not used). Remove dead error handling code. Also use NULL for a nul-pointer instead of integer 0.
While there, change all pieces of code that only use tv_sec to use time(3), as this provides less overhead.
|
#
228990 |
|
30-Dec-2011 |
uqs |
Spelling fixes for usr.sbin/
|
#
157820 |
|
17-Apr-2006 |
dwmalone |
Update a couple of comments relating to RFCs.
|
#
157816 |
|
17-Apr-2006 |
dwmalone |
Port 37 (RFC 738) style times are supposed to be a 32 bit time since 1900 in network byte order. Use a uint32_t to calculate and send the time, so that we don't need to know how big ints or longs are.
I used uint32_t instead of int in the patch, on the off chance someone uses our inetd source on a system that doesnt 32 bit ints.
PR: 95290 Submitted by: Bruce Becker <hostmaster@whois.gts.net> MFC after: 2 weeks
|
#
100498 |
|
22-Jul-2002 |
fanf |
Fix typo: corrisponds -> corresponds
|
#
98563 |
|
21-Jun-2002 |
jmallett |
__FBSDID() strategic insertion.
|
#
98562 |
|
21-Jun-2002 |
jmallett |
Kill __P, yuck.
|
#
98561 |
|
21-Jun-2002 |
jmallett |
Mark unused variables __unused.
Built standalone, inetd(8) is WARNS=5 clean, WARNS=6 if you ignore %m fits.
|
#
98559 |
|
21-Jun-2002 |
jmallett |
Kill bad whitespace and do some style cleanups as a result of the protoize.
|
#
98558 |
|
21-Jun-2002 |
jmallett |
ANSI prototypes via protoize(1).
|
#
91354 |
|
27-Feb-2002 |
dd |
Introduce a version field to `struct xucred' in place of one of the spares (the size of the field was changed from u_short to u_int to reflect what it really ends up being). Accordingly, change users of xucred to set and check this field as appropriate. In the kernel, this is being done inside the new cru2x() routine which takes a `struct ucred' and fills out a `struct xucred' according to the former. This also has the pleasant sideaffect of removing some duplicate code.
Reviewed by: rwatson
|
#
79815 |
|
17-Jul-2001 |
dwmalone |
o Remove old setproctitle. o Mark unused variables. o Set WARNS?=2 o Results in no code changes.
Submitted by: Mike Barcroft <mike@q9media.com>
|
#
78694 |
|
24-Jun-2001 |
dwmalone |
Fix most of the warnings given by WARNS=2.
|
#
77685 |
|
04-Jun-2001 |
dwmalone |
Correct a comment - the time service returns seconds since 1900 not 1970.
Submitted by: ru
|
#
77684 |
|
04-Jun-2001 |
dwmalone |
This patch cleans up the ident stuff in inetd. The code which has been patched so many times it was a bit of a mess. There are style, code and man page cleanups. The following are the functional changes:
The RFC only permits the returning of 4 possible error codes, make sure we only return these (PR 27636).
Use MAXLOGNAME to determine the longest usernames.
Add a -i flag, which returns the uid instead of the username (this is from a PR 25787, which also contained alot of the cleanups in this patch).
PR: 25787, 27636 Partially Submitted by: Arne.Dag.Fidjestol@idi.ntnu.no Reviewed by: Arne.Dag.Fidjestol@idi.ntnu.no, green MFC after: 3 weeks
|
#
77231 |
|
26-May-2001 |
dwmalone |
Make dg_echo return up to the first 65536 bytes of a datagram. The patch I used isn't quite the one Lars suggested, but the size of the largest datagram you can recv isn't #defined anywhere, and probably isn't even bounded for some protocols.
PR: 25050 Submitted by: Lars Eggert <larse@isi.edu>
|
#
74934 |
|
28-Mar-2001 |
dwmalone |
Allow ident requests with trailing junk following the terminating "\n".
Reviewed by: ben Approved by: green
|
#
72650 |
|
18-Feb-2001 |
green |
Switch to using a struct xucred instead of a struct xucred when not actually in the kernel. This structure is a different size than what is currently in -CURRENT, but should hopefully be the last time any application breakage is caused there. As soon as any major inconveniences are removed, the definition of the in-kernel struct ucred should be conditionalized upon defined(_KERNEL).
This also changes struct export_args to remove dependency on the constantly-changing struct ucred, as well as limiting the bounds of the size fields to the correct size. This means: a) mountd and friends won't break all the time, b) mountd and friends won't crash the kernel all the time if they don't know what they're doing wrt actual struct export_args layout.
Reviewed by: bde
|
#
69620 |
|
05-Dec-2000 |
dwmalone |
Add a -F option to the builtin ident service, which allows .fakeid files to contain the name of other valid users.
PR: 22837 Submitted by: Andreas Gerstenberg <andy@andy.de> Reviewed by: green Reviewed by: sheldonh
|
#
69546 |
|
03-Dec-2000 |
dwmalone |
Tidy up some prototypes: make sure there is exactly one prototype for each function, use K&R style definitions everywhere to match dominant style, make flag_signal take an int to avoid problems if we have ANSI prototypes and K&R definitions.
|
#
69532 |
|
02-Dec-2000 |
green |
Make some style changes to the ident_stream() code.
Partially submitted by: alfred Reviewed by: alfred
|
#
69144 |
|
25-Nov-2000 |
green |
Security fix: correctly set groups according to the user. Previously, root's groups' permissions were being used, so a user could read up to 16 (excluding initial whitespace) bytes of e.g. a wheel-accessible file.
Also, don't allow blocking on the opening of ~/.fakeid, so replace a fopen() with open() and fdopen(). I knew I'd be going to hell for using C file streams instead of POSIX syscalls...
|
#
66543 |
|
02-Oct-2000 |
dwmalone |
Stop internal ident service spinning until the timeout if the connection goes away. Spotted by people on -STABLE about 2 weeks ago.
Submitted by: Based on a patch by alfred and Maxime Henrion <mux@qualys.com>
|
#
63045 |
|
12-Jul-2000 |
dwmalone |
Make builtin ident service work if the request arrives in more than one packet. Also check that the whole request has been recieved before processing it.
The patch isn't the exact one from the PR, but a slight varient suggested by Brian.
PR: 16086 Submitted by: Hajimu UMEMOTO <ume@mahoroba.org> Reviewed by: green
|
#
61099 |
|
30-May-2000 |
green |
Fix the ident server up more: use ssize_t/size_t/socklen_t/int all in the proper places and make the fakeid parsing code a bit less stupid. Also, remove an "Rflag" that snuck in there (-R wouldn't be accepted by it, anyway).
|
#
61098 |
|
30-May-2000 |
jhb |
Fix a 64-bit'ism in the handling of the ident service. sysctlbyname() takes a size_t as its 3rd argument, which is 64-bits on the alpha. The 'len' variable used was a int, which is only 32-bits. Use size_t as the type for 'len' to work-around this.
|
#
58735 |
|
28-Mar-2000 |
sheldonh |
Optimize those services that send only one block of data: use send(2) with the MSG_EOF flag set instead of write(2).
Submitted by: David Malone <dwmalone@maths.tcd.ie> Reviewed by: wollman
|
#
58712 |
|
27-Mar-2000 |
green |
Allow using "-d username" without "-r". Example: auth stream tcp nowait root internal auth -d "Only fools trust ident"
|
#
57906 |
|
11-Mar-2000 |
shin |
Make inetd compilable without INET6.
Approved by: jkh
Submitted by: jhb
|
#
57857 |
|
09-Mar-2000 |
shin |
Fix addr length argument value passed to sendto(). Some inetd internal udp servers didn't worked with problem. Also fix recvfrom() "fromlen" arg type from int * to socklen_t *.
Approved by: jkh
Submitted by: bde
|
#
56590 |
|
25-Jan-2000 |
shin |
several tcp apps IPv6 update -inetd -rshd -rlogind -telnetd -rsh -rlogin
Reviewed by: freebsd-arch, cvs-committers Obtained from: KAME project
|
#
56303 |
|
19-Jan-2000 |
green |
I like base-36 better.
|
#
56298 |
|
19-Jan-2000 |
green |
Implement -g and -d options in my ident code. The -g flag uses a random garbage value for the username (hex garbage, that is), and the -d flag provides a default username for fallback purposes if the user cannot be looked up. That is very useful for the case where inetd auth is running on a NAT box.
While I'm here updating the manpage, clean up an English error and a few small nits.
|
#
50479 |
|
27-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
#
49104 |
|
26-Jul-1999 |
green |
Here goes, the "clear up any possible confusion" commit. I've taken time to write up comments for the ident code tonight, so there should no longer be any confusion about the purpouse of whatever is in there. Wow, me commenting code... who'd have thought that would happen?
Reviewed by: DES
|
#
49089 |
|
25-Jul-1999 |
green |
More cleanups to ident_stream. Variables moved around, changed. Got rid of an extra variable or two, while making corrections to problems (that would probably not be a problem anyway, and worked.)
Partially Obtained from: David Malone <dwmalone@maths.tcd.ie>
|
#
49057 |
|
24-Jul-1999 |
green |
More cleanups, asprintf() usage (proper, as opposed to using snprintf()), and addition of a -n .noident-checking flag.
|
#
49054 |
|
24-Jul-1999 |
green |
Clean up to match style(9) more closely. This should fix the problem of people having ants in their pants ;)
|
#
49052 |
|
24-Jul-1999 |
sheldonh |
Use comments to group functions by service more clearly. I've used the excuse of providing the RFC numbers for the associated services.
|
#
49051 |
|
24-Jul-1999 |
sheldonh |
Style nits: * Bring memory allocation failure handling in line with that of the rest of the code. * Nestle block curlies between case statements correctly.
I've left the in-block declarations alone, since style(9) says we should conform to the existing style within the code, and inetd already does this. I've left the asprintf()'s in there because that's how Brian wants it.
|
#
49033 |
|
23-Jul-1999 |
green |
Ahem. Put things back a bit. I declare variables in the scope they're used! I don't declare every variable at the top of a function because that wastes stack space. I've clarified the error a bit (for if asprintf() filas.)
|
#
49030 |
|
23-Jul-1999 |
sheldonh |
Style cleanups for iderror() and ident_stream(). Looks like c++ hang-over. ;-)
|
#
49029 |
|
23-Jul-1999 |
sheldonh |
Fix auth -t argument handling. It was broken for the "sec.usec" case. Add a warning for bogus -t arguments for the (debug) case.
|
#
49015 |
|
23-Jul-1999 |
green |
Fixed a braino: lack of spaces in sscanf caused ident parsing to fail. Sorry, guys.
|
#
49005 |
|
22-Jul-1999 |
green |
"knobs are cheap". Here's a -t timeout option for the internal ident service. It takes a number (w/ or w/out .usec) as an argument.
|
#
49004 |
|
22-Jul-1999 |
green |
This commit encompasses the following changes to inetd: 1. Cleanups of ident_stream. "Evil" stdio is less used. 2. The BSD Copyright was added to the top of builtins.c. 3. As suggested, a timeout is now implemented in the ident service. It defaults to 10 seconds. If enough people want it, I'll make it configurable.
Suggested by: msmith
|
#
48981 |
|
22-Jul-1999 |
sheldonh |
Move code for all builtin services from inetd.c to builtins.c, including the Green Piece. :-)
In future, new builtin services are less likely to need to touch the already tangled inetd.c .
|