#
1.42 |
|
12-Jul-2021 |
beck |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.41 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.40 |
|
03-Aug-2018 |
deraadt |
Move pledge to after getopt, when the finger program becomes known (defaults to /usr/bin/finger, but can be redefined with -P option). Then unveil that program for "x" (execution), and pledge as before. No other filesystem accesses occur after that point.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.39 |
|
13-Nov-2015 |
deraadt |
4-step pledge in a program noone really uses anymore. pledge "stdio inet dns proc exec" at startup. In the logging codepath, "stdio dns proc exec" after getpeername() drop to stdio proc exec(), before fork / execve Parent moving data out of the pipe only needs "stdio"
|
#
1.38 |
|
13-Nov-2015 |
deraadt |
_exit() in the child; as a result, must use syslog() directly.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.37 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.36 |
|
04-Dec-2012 |
deraadt |
remove some unnecessary sys/param.h inclusions
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.35 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.34 |
|
11-Aug-2008 |
tobias |
Prevent a buffer underrun if a line is received which only contains (multiple) @.
ok millert, otto
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.33 |
|
19-Aug-2006 |
ray |
Don't shadow err(3). Store strlen() results in a size_t. Add __dead to both usage() and logerr(). Get rid of /* NOTREACHED */. Get rid of extraneous _exit(). Calls err(3) on getpeername failure.
``reads well to me!'' avsm@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.32 |
|
17-Jan-2006 |
millert |
Incllude <sys/param.h> to get MAXHOSTNAMELEN
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.31 |
|
17-Oct-2003 |
jmc |
slight update for fingerd; sort options;
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.29 |
|
06-Sep-2002 |
deraadt |
use socklen_t more; henning ok
|
#
1.28 |
|
03-Jul-2002 |
deraadt |
KNF
|
#
1.27 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.26 |
|
19-Feb-2002 |
millert |
We live in an ANSI C world. Remove lots of gratuitous #ifdef __STDC__ cruft.
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
mpech |
kill more registers;
millert@ ok
|
#
1.23 |
|
27-Nov-2001 |
millert |
When copying command line arguments to out new argument vector, don't go past the end of the buffer. Not a security issue since root controls the fingerd arguments. Noticed by Brian Poole.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
18-Aug-2001 |
deraadt |
strlcpy invades the tree
|
#
1.21 |
|
08-Jul-2001 |
deraadt |
-Wall
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.20 |
|
25-Jan-2001 |
deraadt |
KNF
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
18-Aug-2000 |
itojun |
check error result from getnameinfo.
|
#
1.18 |
|
07-Jul-2000 |
millert |
Change fingerd back to using fgets(3), not fgetln(3). Using fgetln(3) was a mistake since it allows an attacker to trivially drive up the load on a machine. Of course, this can still be done with multiple connections but there's no reason to make it easier than it needs to be. This also simplifies the logging a bit.
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
15-Nov-1999 |
deraadt |
logging getpeername() failures is a waste of time
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.16 |
|
02-Aug-1999 |
pjanzen |
typo
|
#
1.15 |
|
20-Jul-1999 |
deraadt |
bad arguments? usage() should syslog()
|
#
1.14 |
|
03-Jul-1999 |
deraadt |
use getnameinfo()
|
Revision tags: OPENBSD_2_5_BASE
|
#
1.13 |
|
24-Feb-1999 |
aaron |
fowarding -> forwarding
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.12 |
|
21-Nov-1997 |
gene |
Remove LOG_CONS from openlog() call so every darned finger connect message doesn't go to console. Change discussed and checked with millert.
|
#
1.11 |
|
17-Nov-1997 |
millert |
1) use fgetln for arbitrary sized lines 2) do puts("foo\r") not puts("foo\r\n") as puts adds a \n itself 3) log the command given when -l is specified, replacing \r, \n, NULL with ' ' 4) with -l, log possible probes (ie: EOF) that were previously ignored
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.10 |
|
16-Aug-1997 |
millert |
<string.h> not <strings.h>
|
#
1.9 |
|
16-Aug-1997 |
millert |
OpenBSD tags and document assumption about finger(1) arg parsing.
|
#
1.8 |
|
25-Jul-1997 |
mickey |
#if __STDC__ --> #ifdef __STDC__
|
#
1.7 |
|
23-Jul-1997 |
kstailey |
tabify
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.6 |
|
15-Jan-1997 |
millert |
getopt(3) returns -1 when out of args, not EOF, whee!
|
#
1.5 |
|
08-Dec-1996 |
downsj |
Add -M.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
16-Jul-1996 |
millert |
Updated to 4.4BSD fingerd + Theo's @@@@ optimization and some added options to further restrict the info given out.
|
#
1.3 |
|
24-Jun-1996 |
deraadt |
add -s flag; if specified in inetd, does not allow forwarding @ requests
|
#
1.2 |
|
30-May-1996 |
deraadt |
optimize something like "finger @@@@@@@@@@@@@cvs@@@@@@cvs@@@@@@cvs' to hit fewer hosts. Basically, chew @ signs when possible.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.41 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.40 |
|
03-Aug-2018 |
deraadt |
Move pledge to after getopt, when the finger program becomes known (defaults to /usr/bin/finger, but can be redefined with -P option). Then unveil that program for "x" (execution), and pledge as before. No other filesystem accesses occur after that point.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.39 |
|
13-Nov-2015 |
deraadt |
4-step pledge in a program noone really uses anymore. pledge "stdio inet dns proc exec" at startup. In the logging codepath, "stdio dns proc exec" after getpeername() drop to stdio proc exec(), before fork / execve Parent moving data out of the pipe only needs "stdio"
|
#
1.38 |
|
13-Nov-2015 |
deraadt |
_exit() in the child; as a result, must use syslog() directly.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.37 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.36 |
|
04-Dec-2012 |
deraadt |
remove some unnecessary sys/param.h inclusions
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.35 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.34 |
|
11-Aug-2008 |
tobias |
Prevent a buffer underrun if a line is received which only contains (multiple) @.
ok millert, otto
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.33 |
|
19-Aug-2006 |
ray |
Don't shadow err(3). Store strlen() results in a size_t. Add __dead to both usage() and logerr(). Get rid of /* NOTREACHED */. Get rid of extraneous _exit(). Calls err(3) on getpeername failure.
``reads well to me!'' avsm@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.32 |
|
17-Jan-2006 |
millert |
Incllude <sys/param.h> to get MAXHOSTNAMELEN
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.31 |
|
17-Oct-2003 |
jmc |
slight update for fingerd; sort options;
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.29 |
|
06-Sep-2002 |
deraadt |
use socklen_t more; henning ok
|
#
1.28 |
|
03-Jul-2002 |
deraadt |
KNF
|
#
1.27 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.26 |
|
19-Feb-2002 |
millert |
We live in an ANSI C world. Remove lots of gratuitous #ifdef __STDC__ cruft.
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
mpech |
kill more registers;
millert@ ok
|
#
1.23 |
|
27-Nov-2001 |
millert |
When copying command line arguments to out new argument vector, don't go past the end of the buffer. Not a security issue since root controls the fingerd arguments. Noticed by Brian Poole.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
18-Aug-2001 |
deraadt |
strlcpy invades the tree
|
#
1.21 |
|
08-Jul-2001 |
deraadt |
-Wall
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.20 |
|
25-Jan-2001 |
deraadt |
KNF
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
18-Aug-2000 |
itojun |
check error result from getnameinfo.
|
#
1.18 |
|
07-Jul-2000 |
millert |
Change fingerd back to using fgets(3), not fgetln(3). Using fgetln(3) was a mistake since it allows an attacker to trivially drive up the load on a machine. Of course, this can still be done with multiple connections but there's no reason to make it easier than it needs to be. This also simplifies the logging a bit.
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
15-Nov-1999 |
deraadt |
logging getpeername() failures is a waste of time
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.16 |
|
02-Aug-1999 |
pjanzen |
typo
|
#
1.15 |
|
20-Jul-1999 |
deraadt |
bad arguments? usage() should syslog()
|
#
1.14 |
|
03-Jul-1999 |
deraadt |
use getnameinfo()
|
Revision tags: OPENBSD_2_5_BASE
|
#
1.13 |
|
24-Feb-1999 |
aaron |
fowarding -> forwarding
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.12 |
|
21-Nov-1997 |
gene |
Remove LOG_CONS from openlog() call so every darned finger connect message doesn't go to console. Change discussed and checked with millert.
|
#
1.11 |
|
17-Nov-1997 |
millert |
1) use fgetln for arbitrary sized lines 2) do puts("foo\r") not puts("foo\r\n") as puts adds a \n itself 3) log the command given when -l is specified, replacing \r, \n, NULL with ' ' 4) with -l, log possible probes (ie: EOF) that were previously ignored
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.10 |
|
16-Aug-1997 |
millert |
<string.h> not <strings.h>
|
#
1.9 |
|
16-Aug-1997 |
millert |
OpenBSD tags and document assumption about finger(1) arg parsing.
|
#
1.8 |
|
25-Jul-1997 |
mickey |
#if __STDC__ --> #ifdef __STDC__
|
#
1.7 |
|
23-Jul-1997 |
kstailey |
tabify
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.6 |
|
15-Jan-1997 |
millert |
getopt(3) returns -1 when out of args, not EOF, whee!
|
#
1.5 |
|
08-Dec-1996 |
downsj |
Add -M.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
16-Jul-1996 |
millert |
Updated to 4.4BSD fingerd + Theo's @@@@ optimization and some added options to further restrict the info given out.
|
#
1.3 |
|
24-Jun-1996 |
deraadt |
add -s flag; if specified in inetd, does not allow forwarding @ requests
|
#
1.2 |
|
30-May-1996 |
deraadt |
optimize something like "finger @@@@@@@@@@@@@cvs@@@@@@cvs@@@@@@cvs' to hit fewer hosts. Basically, chew @ signs when possible.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
#
1.40 |
|
03-Aug-2018 |
deraadt |
Move pledge to after getopt, when the finger program becomes known (defaults to /usr/bin/finger, but can be redefined with -P option). Then unveil that program for "x" (execution), and pledge as before. No other filesystem accesses occur after that point.
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE OPENBSD_6_3_BASE
|
#
1.39 |
|
13-Nov-2015 |
deraadt |
4-step pledge in a program noone really uses anymore. pledge "stdio inet dns proc exec" at startup. In the logging codepath, "stdio dns proc exec" after getpeername() drop to stdio proc exec(), before fork / execve Parent moving data out of the pipe only needs "stdio"
|
#
1.38 |
|
13-Nov-2015 |
deraadt |
_exit() in the child; as a result, must use syslog() directly.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.37 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.36 |
|
04-Dec-2012 |
deraadt |
remove some unnecessary sys/param.h inclusions
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.35 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.34 |
|
11-Aug-2008 |
tobias |
Prevent a buffer underrun if a line is received which only contains (multiple) @.
ok millert, otto
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.33 |
|
19-Aug-2006 |
ray |
Don't shadow err(3). Store strlen() results in a size_t. Add __dead to both usage() and logerr(). Get rid of /* NOTREACHED */. Get rid of extraneous _exit(). Calls err(3) on getpeername failure.
``reads well to me!'' avsm@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.32 |
|
17-Jan-2006 |
millert |
Incllude <sys/param.h> to get MAXHOSTNAMELEN
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.31 |
|
17-Oct-2003 |
jmc |
slight update for fingerd; sort options;
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.29 |
|
06-Sep-2002 |
deraadt |
use socklen_t more; henning ok
|
#
1.28 |
|
03-Jul-2002 |
deraadt |
KNF
|
#
1.27 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.26 |
|
19-Feb-2002 |
millert |
We live in an ANSI C world. Remove lots of gratuitous #ifdef __STDC__ cruft.
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
mpech |
kill more registers;
millert@ ok
|
#
1.23 |
|
27-Nov-2001 |
millert |
When copying command line arguments to out new argument vector, don't go past the end of the buffer. Not a security issue since root controls the fingerd arguments. Noticed by Brian Poole.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
18-Aug-2001 |
deraadt |
strlcpy invades the tree
|
#
1.21 |
|
08-Jul-2001 |
deraadt |
-Wall
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.20 |
|
25-Jan-2001 |
deraadt |
KNF
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
18-Aug-2000 |
itojun |
check error result from getnameinfo.
|
#
1.18 |
|
07-Jul-2000 |
millert |
Change fingerd back to using fgets(3), not fgetln(3). Using fgetln(3) was a mistake since it allows an attacker to trivially drive up the load on a machine. Of course, this can still be done with multiple connections but there's no reason to make it easier than it needs to be. This also simplifies the logging a bit.
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
15-Nov-1999 |
deraadt |
logging getpeername() failures is a waste of time
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.16 |
|
02-Aug-1999 |
pjanzen |
typo
|
#
1.15 |
|
20-Jul-1999 |
deraadt |
bad arguments? usage() should syslog()
|
#
1.14 |
|
03-Jul-1999 |
deraadt |
use getnameinfo()
|
Revision tags: OPENBSD_2_5_BASE
|
#
1.13 |
|
24-Feb-1999 |
aaron |
fowarding -> forwarding
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.12 |
|
21-Nov-1997 |
gene |
Remove LOG_CONS from openlog() call so every darned finger connect message doesn't go to console. Change discussed and checked with millert.
|
#
1.11 |
|
17-Nov-1997 |
millert |
1) use fgetln for arbitrary sized lines 2) do puts("foo\r") not puts("foo\r\n") as puts adds a \n itself 3) log the command given when -l is specified, replacing \r, \n, NULL with ' ' 4) with -l, log possible probes (ie: EOF) that were previously ignored
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.10 |
|
16-Aug-1997 |
millert |
<string.h> not <strings.h>
|
#
1.9 |
|
16-Aug-1997 |
millert |
OpenBSD tags and document assumption about finger(1) arg parsing.
|
#
1.8 |
|
25-Jul-1997 |
mickey |
#if __STDC__ --> #ifdef __STDC__
|
#
1.7 |
|
23-Jul-1997 |
kstailey |
tabify
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.6 |
|
15-Jan-1997 |
millert |
getopt(3) returns -1 when out of args, not EOF, whee!
|
#
1.5 |
|
08-Dec-1996 |
downsj |
Add -M.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
16-Jul-1996 |
millert |
Updated to 4.4BSD fingerd + Theo's @@@@ optimization and some added options to further restrict the info given out.
|
#
1.3 |
|
24-Jun-1996 |
deraadt |
add -s flag; if specified in inetd, does not allow forwarding @ requests
|
#
1.2 |
|
30-May-1996 |
deraadt |
optimize something like "finger @@@@@@@@@@@@@cvs@@@@@@cvs@@@@@@cvs' to hit fewer hosts. Basically, chew @ signs when possible.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.39 |
|
13-Nov-2015 |
deraadt |
4-step pledge in a program noone really uses anymore. pledge "stdio inet dns proc exec" at startup. In the logging codepath, "stdio dns proc exec" after getpeername() drop to stdio proc exec(), before fork / execve Parent moving data out of the pipe only needs "stdio"
|
#
1.38 |
|
13-Nov-2015 |
deraadt |
_exit() in the child; as a result, must use syslog() directly.
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.37 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.36 |
|
04-Dec-2012 |
deraadt |
remove some unnecessary sys/param.h inclusions
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE
|
#
1.35 |
|
27-Oct-2009 |
deraadt |
rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.34 |
|
11-Aug-2008 |
tobias |
Prevent a buffer underrun if a line is received which only contains (multiple) @.
ok millert, otto
|
Revision tags: OPENBSD_4_0_BASE OPENBSD_4_1_BASE OPENBSD_4_2_BASE OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.33 |
|
19-Aug-2006 |
ray |
Don't shadow err(3). Store strlen() results in a size_t. Add __dead to both usage() and logerr(). Get rid of /* NOTREACHED */. Get rid of extraneous _exit(). Calls err(3) on getpeername failure.
``reads well to me!'' avsm@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.32 |
|
17-Jan-2006 |
millert |
Incllude <sys/param.h> to get MAXHOSTNAMELEN
|
Revision tags: OPENBSD_3_5_BASE OPENBSD_3_6_BASE OPENBSD_3_7_BASE OPENBSD_3_8_BASE
|
#
1.31 |
|
17-Oct-2003 |
jmc |
slight update for fingerd; sort options;
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.30 |
|
02-Jun-2003 |
millert |
Remove the advertising clause in the UCB license which Berkeley rescinded 22 July 1999. Proofed by myself and Theo.
|
Revision tags: OPENBSD_3_2_BASE OPENBSD_3_3_BASE
|
#
1.29 |
|
06-Sep-2002 |
deraadt |
use socklen_t more; henning ok
|
#
1.28 |
|
03-Jul-2002 |
deraadt |
KNF
|
#
1.27 |
|
02-Jun-2002 |
deraadt |
minor KNF
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.26 |
|
19-Feb-2002 |
millert |
We live in an ANSI C world. Remove lots of gratuitous #ifdef __STDC__ cruft.
|
#
1.25 |
|
16-Feb-2002 |
millert |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
|
#
1.24 |
|
07-Dec-2001 |
mpech |
kill more registers;
millert@ ok
|
#
1.23 |
|
27-Nov-2001 |
millert |
When copying command line arguments to out new argument vector, don't go past the end of the buffer. Not a security issue since root controls the fingerd arguments. Noticed by Brian Poole.
|
Revision tags: OPENBSD_3_0_BASE
|
#
1.22 |
|
18-Aug-2001 |
deraadt |
strlcpy invades the tree
|
#
1.21 |
|
08-Jul-2001 |
deraadt |
-Wall
|
Revision tags: OPENBSD_2_9_BASE
|
#
1.20 |
|
25-Jan-2001 |
deraadt |
KNF
|
Revision tags: OPENBSD_2_8_BASE
|
#
1.19 |
|
18-Aug-2000 |
itojun |
check error result from getnameinfo.
|
#
1.18 |
|
07-Jul-2000 |
millert |
Change fingerd back to using fgets(3), not fgetln(3). Using fgetln(3) was a mistake since it allows an attacker to trivially drive up the load on a machine. Of course, this can still be done with multiple connections but there's no reason to make it easier than it needs to be. This also simplifies the logging a bit.
|
Revision tags: OPENBSD_2_7_BASE
|
#
1.17 |
|
15-Nov-1999 |
deraadt |
logging getpeername() failures is a waste of time
|
Revision tags: OPENBSD_2_6_BASE
|
#
1.16 |
|
02-Aug-1999 |
pjanzen |
typo
|
#
1.15 |
|
20-Jul-1999 |
deraadt |
bad arguments? usage() should syslog()
|
#
1.14 |
|
03-Jul-1999 |
deraadt |
use getnameinfo()
|
Revision tags: OPENBSD_2_5_BASE
|
#
1.13 |
|
24-Feb-1999 |
aaron |
fowarding -> forwarding
|
Revision tags: OPENBSD_2_3_BASE OPENBSD_2_4_BASE
|
#
1.12 |
|
21-Nov-1997 |
gene |
Remove LOG_CONS from openlog() call so every darned finger connect message doesn't go to console. Change discussed and checked with millert.
|
#
1.11 |
|
17-Nov-1997 |
millert |
1) use fgetln for arbitrary sized lines 2) do puts("foo\r") not puts("foo\r\n") as puts adds a \n itself 3) log the command given when -l is specified, replacing \r, \n, NULL with ' ' 4) with -l, log possible probes (ie: EOF) that were previously ignored
|
Revision tags: OPENBSD_2_2_BASE
|
#
1.10 |
|
16-Aug-1997 |
millert |
<string.h> not <strings.h>
|
#
1.9 |
|
16-Aug-1997 |
millert |
OpenBSD tags and document assumption about finger(1) arg parsing.
|
#
1.8 |
|
25-Jul-1997 |
mickey |
#if __STDC__ --> #ifdef __STDC__
|
#
1.7 |
|
23-Jul-1997 |
kstailey |
tabify
|
Revision tags: OPENBSD_2_1_BASE
|
#
1.6 |
|
15-Jan-1997 |
millert |
getopt(3) returns -1 when out of args, not EOF, whee!
|
#
1.5 |
|
08-Dec-1996 |
downsj |
Add -M.
|
Revision tags: OPENBSD_2_0_BASE
|
#
1.4 |
|
16-Jul-1996 |
millert |
Updated to 4.4BSD fingerd + Theo's @@@@ optimization and some added options to further restrict the info given out.
|
#
1.3 |
|
24-Jun-1996 |
deraadt |
add -s flag; if specified in inetd, does not allow forwarding @ requests
|
#
1.2 |
|
30-May-1996 |
deraadt |
optimize something like "finger @@@@@@@@@@@@@cvs@@@@@@cvs@@@@@@cvs' to hit fewer hosts. Basically, chew @ signs when possible.
|
#
1.1 |
|
18-Oct-1995 |
deraadt |
branches: 1.1.1; Initial revision
|