#
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
3a166b33 |
|
06-Apr-2020 |
Kyle Evans <kevans@FreeBSD.org> |
yp*: fix -fno-common build This is mostly two problems spread out far and wide: - ypldap_process should be declared properly - debug is defined differently in many programs For the latter, just extern it and define it everywhere that actually needs it. This mostly works out nicely for ^/libexec/ypxfr, which can remove the assignment at the beginning of main in favor of defining it properly. -fno-common will become the default in GCC10/LLVM11. MFC after: 3 days
|
#
df57947f |
|
18-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
spdx: initial adoption of licensing ID tags. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. Special thanks to Wind River for providing access to "The Duke of Highlander" tool: an older (2014) run over FreeBSD tree was useful as a starting point. Initially, only tag files that use BSD 4-Clause "Original" license. RelNotes: yes Differential Revision: https://reviews.freebsd.org/D13133
|
#
650dae44 |
|
15-Nov-2015 |
Marcelo Araujo <araujo@FreeBSD.org> |
Don't need cast malloc. Approved by: rodrigc (mentor) Differential Revision: D4175
|
#
033af09d |
|
27-Jul-2015 |
Marcelo Araujo <araujo@FreeBSD.org> |
Staticfy and constify some variables and clean up the code a bit to make it more readable. No functional change. Differential Revision: D3166 Reviewed by: kib Sponsored by: gandi.net
|
#
47d9f3f4 |
|
14-Jul-2013 |
Hiroki Sato <hrs@FreeBSD.org> |
Fix compiler warnings.
|
#
3df5ecac |
|
30-Dec-2011 |
Ulrich Spörlein <uqs@FreeBSD.org> |
Spelling fixes for usr.sbin/
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
53c40578 |
|
25-Jun-2009 |
Brian Somers <brian@FreeBSD.org> |
Support shadow.byname and shadow.byuid maps, protecting them by insisting on privileged port access. Include /var/yp/Makefile.local if it exists and suggest using it to override /var/yp/Makefile behaviour. Approved by: re (kib) MFC after: 3 weeks
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
72f6a0fa |
|
31-May-2006 |
Colin Percival <cperciva@FreeBSD.org> |
Enable inadvertantly disabled "securenet" access controls in ypserv. [1] Correct a bug in the handling of backslash characters in smbfs which can allow an attacker to escape from a chroot(2). [2] Security: FreeBSD-SA-06:15.ypserv [1] Security: FreeBSD-SA-06:16.smbfs [2]
|
#
b728350e |
|
03-May-2003 |
David E. O'Brien <obrien@FreeBSD.org> |
Use __FBSDID over rcsid[]. Protect copyright[] where needed.
|
#
e009976a |
|
08-May-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Fix a boatload of format errors and constness violations. Sponsored by: DARPA, NAI Labs
|
#
dc584ddb |
|
06-Feb-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
ANSIfy and remove some dead code. Sponsored by: DARPA, NAI Labs
|
#
ed4d1c46 |
|
06-Feb-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Apply the following mechanical transformations in preparation for ansification and constification: s{\s+__P\((\(.*?\))\)}{$1}g; s{\(\s+}{\(}g; s{\s+\)}{\)}g; s{\s+,}{,}g; s{(\s+)(for|if|switch|while)\(}{$1$2 \(}g; s{return ([^\(].*?);}{return ($1);}g; s{([\w\)])([!=+/\*-]?=)([\w\(+-])}{$1 $2 $3}g; s{\s+$}{\n};g Also add $FreeBSD$ where needed. MFC after: 1 week
|
#
1a6e52d0 |
|
06-Feb-2001 |
Jeroen Ruigrok van der Werven <asmodai@FreeBSD.org> |
Fix typo: seperate -> separate. Seperate does not exist in the english language.
|
#
97d92980 |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
19111ad3 |
|
15-Jul-1998 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Allow blank lines in /var/yp/securenets.
|
#
98834523 |
|
29-Oct-1997 |
Philippe Charnier <charnier@FreeBSD.org> |
Typos in man page. Cosmetics in error strings.
|
#
476602a9 |
|
22-Feb-1997 |
Peter Wemm <peter@FreeBSD.org> |
Revert $FreeBSD$ to $Id$
|
#
1130b656 |
|
14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$ This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
#
cb73ffc8 |
|
05-Jan-1997 |
Bill Paul <wpaul@FreeBSD.org> |
Eek: the 'check for / in map names' test I added a while back detects slashes in map names but doesn't return failure if it finds them. Add missing return(1) to fix this.
|
#
44519760 |
|
24-Oct-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Add support for handling the YP_SECURE and YP_INTERDOMAIN keys from any maps that may have them. If the YP_SECURE key is present, ypserv will only allow access to the map from clients on reserved ports. If the YP_INTERDOMAIN key is present, the server will do DNS lookups for hostnames that it can't find in hosts.byname or hosts.byaddr. This is the same as the -d flag (which is retained for backwards compatibility) but it can be set on a per-map/per-domain basis. Also modified /var/yp/Makefile to add YP_INTERDOMAIN to the hosts.* maps and YP_SECURE to master.passwd.* maps by default.
|
#
42c70363 |
|
30-Sep-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Close a potential security hole: if yp_access() is passed a map name, have it check to see that it doesn't contain any '/' characters. This prevents possible silliness like ypcat "../../../kernel". We already test the domain name for this in yp_validdomain(), and ypserv itself tests the map name in yp_open_db(), but it doesn't hurt to be paranoid and test for it in the generic access routine too. rpc.ypxfrd does not test the map name for slashes, but it does call yp_access() with the map name, so this removes a potential vulnerability from there. Also make the tests for IPPORT_RESERVED a little more selective: make sure it trips when map == master.passwd.*, prog == YPPROC and proc == YPPROC_XFR, and prog == YPXFRD_FREEBSD_PROG and proc == YPXFRD_GETMAP. Also use IPPORT_RESERVED instead of hard-coded value.
|
#
b3e93234 |
|
04-Jun-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Makefile.yp: - Add a 'pushpw' target that only yppushes the various passwd maps and sends a YPPROC_CLEAR to the local ypserv. This will be used by rpc.yppasswdd once I merge in the in-place update changes. yp_access.c: - Make the yp_access() function print RPC program and procedure numbers that it doesn't know about in literal form. This will allow it to work with other prgrams that it doesn't know about, like rpc.ypxfrd I'm going to import shortly. yp_dblookup.c: - Take out the __inline keywords. They weren't really helping me anyway. - Somehow I broke yp_next() when DB_CACHE wasn't #defined. Fix it. - Also fix potential case where yp_next() might loop forever; make sure it checks the return values of all the (dbp->seq)()/R_NEXT calls that it does as well as comparing keys.
|
#
1fbdac93 |
|
31-May-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Small touch-ups -- no functional changes. Fix some comments to reflect reality (in some cases I made changes to code but not to the comments). Change some instances of 'inline' to '__inline' to pacify gcc -ansi -pedantic. Use rcsid strings more consistently. Make 'oldaddr' static in yp_access(). Use strcpy()/strcat() in yp_open_db_cache() instead of snprintf(). (Seems to be a little faster this way.)
|
#
b2264be8 |
|
27-Apr-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Performance enhancements (I hope) and new stuff: yp_dblookup.c: - Implement database handle caching. What this means is that instead of opening and closing map databases for each request, we open a database and save the handle (and, if requested, the key index) in an array. This saves a bit of overhead on things like repeated YPPROC_NEXT calls, such as you'd get from getpwent(). Normally, each YPPROC_NEXT would require open()ing the database, seeking to the location supplied by the caller (which is time consuming with hash databases as the R_CURSOR flag doesn't work), reading the data, close()ing the database and then shipping the data off to the caller. The system call overhead is prohibitive, especially with very large maps. By caching the handle to an open database, we elimitate at least the open()/close() system calls, as well as the associated DB setup and tear-down operations, for a large percentage of the time. This improves performance substantially at the cost of consuming a little more memory than before. Note that all the caching support is surrounded by #ifdef DB_CACHE so that this same source module can still be used by other programs that don't need it. - Make yp_open_db() call yp_validdomain(). Doing it here saves cycles when caching is enabled since a hit on the map cache list by definition means that the domain being referenced is valid. - Also make yp_open_db() check for exhaustion of file descriptors, just in case. yp_server.c: - Reorganize things a little to take advantage of the database handle caching. Add a call to yp_flush_all() in ypproc_clear_2_svc(). - Remove calls to yp_validdomain() from some of the service procedures. yp_validdomain() is called inside yp_open_db() now, so procedures that call into the database package don't need to use yp_validdomain() themselves. - Fix a bogosity in ypproc_maplist_2_svc(): don't summarily initiallize the result.maps pointer to NULL. This causes yp_maplist_free() to fail and leaks memory. - Make ypproc_master_2_svc() copy the string it gets from the database package into a private static buffer before trying to NUL terminate it. This is necessary with the DB handle caching: stuffing a NUL into the data returned by DB package will goof it up internally. yp_main.c: - Stuff for DB handle caching: call yp_init_dbs() to clear the handle array and add call to yp_flush_all() to the SIGHUP signal handler. Makefile.yp: - Reorganize to deal with database caching. yp_mkdb(8) can now be used to send a YPPROC_CLEAR signal to ypserv(8). Call it after each map is created to refresh ypserv's cache. - Add support for mail.alias map. Contributed by Mike Murphy (mrm@sceard.com). - Make default location for the netgroups source file be /var/yp/netgroup instead of /etc/netgroup. mkaliases: - New file: script to generate mail.alias map. Contributed by Mike Murphy (mrm@sceard.com). Makefile: - Install Makefile.yp as /var/yp/Makefile.dist and link it to /var/yp/Makefile only if /var/yp/Makefile doesn't already exist. Suggested by Peter Wemm. - Install new mkaliases script in /usr/libexec along with mknetid. - Use somewhat saner approach to generating rpcgen-dependent files as suggested by Garrett Wollman.
|
#
6dc00a94 |
|
29-Feb-1996 |
Adam David <adam@FreeBSD.org> |
sense of 'mask' was reversed in default case of no securenets file.
|
#
9573c1f1 |
|
25-Feb-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Add support for NIS v1 client procedures. The following procedures are currently implemented: YPOLDPROC_NULL YPOLDPROC_DOMAIN YPOLDPROC_DOMAIN_NONACK YPOLDPROC_FIRST YPOLDPROC_NEXT YPOLDPROC_MATCH YPOLDPROC_POLL These are all implemented as wrappers around their v2 counterparts. The YPOLDPROC_PUSH, PULL and GET procedures are not implemented since a) I couldn't figure out exactly what to have them do, and b) I suspect they're used for doing map transfers between master and slave servers, which we already do using the v2 protocol anyway. This means we can server NIS v1 clients but can't be a master or slave with NIS v1-only servers. I think I'll get over it. :) The -k (sunos_4_kludge) flag and associated code has been removed since it is no longer needed. Also tweaked yp_access() to handle both sets of procedures and updated the man page.
|
#
66c201ea |
|
25-Feb-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Duh: remember to #include <stdlib.h> to pick up declarations for malloc() and free().
|
#
f7f470a8 |
|
24-Feb-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Add real securenets support. By default, ypserv now uses /var/yp/securenets in the same was as the SunOS ypserv (same format, described in ypserv man page). If the user wants tcpwrapper style access control, they can recompile ypserv to use that instead. This way we get securenets without having to ship libwrap.a and tcpd.h with core FreeBSD distribution. If /var/yp/securenets doesn't exist, ypserv allows all connections.
|
#
009790d1 |
|
10-Jan-1996 |
Bill Paul <wpaul@FreeBSD.org> |
More changes brought about by testing of yppush (which is almost finished): In yp_server.c: - Modify ypproc_xfr_2_svc() so that it sends both a return status and a yppush callback (if necessary: normally ypxfr is supposed to send the callback once it's done transfering a map, but if we can't get ypxfr off the ground for some reason, we have to send it here instead) and do it in the right order: have to send the reply to the ypproc_xfr request first, then send callback. This requires us to cheat a bit: you're supposed to just return() and let the RPC dispatcher send the reply for you, but we wouldn't be able to send the callback message if we did that, so we have to call svc_sendreply() ourselves, then send the callback, and then return NULL so that the RPC dispatcher won't call svc_sendreply() itself. - Also modify ypproc_xfr_2_svc() so that it doesn't invoke ypxfr with the -f flag: this overrides the order number checks, which prevents us from ever refusing maps that aren't newer than then ones we already have. In yp_access.c: - Fix a typo in the TCP_WRAPPER support code (which is #ifdef'ed out by default): a close paren somehow vanished into the ether.
|
#
778c7b1c |
|
16-Dec-1995 |
Bill Paul <wpaul@FreeBSD.org> |
Import the new, non-GPL ypserv, written by yours truly. Functionally equivalent to the old ypserv, except that it doesn't support the -p [port] option to force the server to use a particular port. The server stubs and yp.h header file are auto-generated from the yp.x protocol definition file. The auto-generated XDR routines in libc/yp are also used. The database access code has been broken out into a seperate module so that other NIS utilities (ypxfr in particular) can use it. Note that the old mknetid script is being temporarily moved here; it will be replaced by an mknetid program which will eventually have a home under /usr/src/libexec. (The existing script is actually somewhat broken -- it doesn't handle hosts -- but this isn't a big deal at this point since the netid.byname map is really only useful fopr Secure RPC, which we don't have yet.)
|