#
1.31 |
|
08-Mar-2023 |
guenther |
Delete obsolete /* ARGSUSED */ lint comments.
ok miod@ millert@
|
Revision tags: OPENBSD_7_1_BASE OPENBSD_7_2_BASE
|
#
1.30 |
|
24-Oct-2021 |
deraadt |
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.29 |
|
31-May-2021 |
jan |
Convert K&R function definitions to modern C.
OK naddy@, millert@
|
#
1.28 |
|
20-May-2021 |
jan |
Removes the useless FILE* parameter of get_line(). While here fix minor whitespace mistake.
"looks fine to me" chris@
|
#
1.27 |
|
15-May-2021 |
jan |
Add pledge for ftpd's user processes.
OK tobhe@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.25 |
|
17-Apr-2017 |
deraadt |
freezero() can be used here
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.24 |
|
25-Apr-2016 |
deraadt |
prefer setres{u,g}id() rather than manipulating both real and effective ids, it clarifies these are full revocation situations. ok millert
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.23 |
|
16-Nov-2015 |
tedu |
don't need to ifdef setproctitle
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.22 |
|
06-Feb-2015 |
millert |
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
|
#
1.21 |
|
25-Aug-2014 |
doug |
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.20 |
|
04-Jun-2009 |
sthen |
...and now try again with a commit from the right tree. doh!
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
#
1.19 |
|
04-Jun-2009 |
sthen |
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.18 |
|
30-Jun-2008 |
ragge |
Include file order must be "monitor.h" before "extern.h" otherwise enum auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.17 |
|
05-Apr-2007 |
moritz |
Remove lint comment, which does not apply anymore.
|
#
1.16 |
|
26-Mar-2007 |
moritz |
Do not log when the slave gets killed because of read() returning 0. This is normal behavior and should not spam the logs. Noticed by henning@
OK henning@ millert@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.15 |
|
01-Mar-2007 |
otto |
- use proper log facility and priority in the slave sig handlers - if the monitor decides to kill the slave, log that ok millert@ moritz@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.14 |
|
21-Apr-2006 |
deraadt |
lint cleanup; ok ray moritz dhill
|
#
1.13 |
|
14-Mar-2006 |
moritz |
Allow anonymous logins without a password, which was broken by the last commit. Noticed by Armin Wolfermann. ok henning@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.12 |
|
20-Jan-2006 |
moritz |
branches: 1.12.2; fix integer overflows. ok millert@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.11 |
|
14-Jul-2005 |
moritz |
let root create the data socket. fixes PR 4287. ok millert@ henning@
|
#
1.10 |
|
24-May-2005 |
moritz |
readd endpwent()
|
#
1.9 |
|
24-May-2005 |
moritz |
no need for endpwent()
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
26-Feb-2005 |
moritz |
branches: 1.8.2; fix {send,recv}data so they don't add -1 to pos in the EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@.
ok millert@ otto@ henning@
|
#
1.7 |
|
20-Dec-2004 |
moritz |
change mail address
ok henning@
|
#
1.6 |
|
11-Dec-2004 |
moritz |
make syscalls in the monitor restartable when signals occur, as was the case before privsep and only wait() for our slave processes. with help from millert@
ok millert@ henning@
|
#
1.5 |
|
06-Dec-2004 |
moritz |
make signal blocking a lot easier. ok millert@, henning@
|
#
1.4 |
|
29-Nov-2004 |
henning |
fix nasty signal races by blocking signals in signal handlers. with moritz jodeit and theo, ok theo
|
#
1.3 |
|
28-Nov-2004 |
henning |
slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo
|
#
1.2 |
|
28-Nov-2004 |
henning |
fix ttyline setting, fixes proctitle. notice independently by theo and pval, fix from moritz jodeit
|
#
1.1 |
|
28-Nov-2004 |
henning |
privilege seperate ftpd handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com
|
#
1.30 |
|
24-Oct-2021 |
deraadt |
For open/openat, if the flags parameter does not contain O_CREAT, the 3rd (variadic) mode_t parameter is irrelevant. Many developers in the past have passed mode_t (0, 044, 0644, or such), which might lead future people to copy this broken idiom, and perhaps even believe this parameter has some meaning or implication or application. Delete them all. This comes out of a conversation where tb@ noticed that a strange (but intentional) pledge behaviour is to always knock-out high-bits from mode_t on a number of system calls as a safety factor, and his bewilderment that this appeared to be happening against valid modes (at least visually), but no sorry, they are all irrelevant junk. They could all be 0xdeafbeef. ok millert
|
Revision tags: OPENBSD_7_0_BASE
|
#
1.29 |
|
31-May-2021 |
jan |
Convert K&R function definitions to modern C.
OK naddy@, millert@
|
#
1.28 |
|
20-May-2021 |
jan |
Removes the useless FILE* parameter of get_line(). While here fix minor whitespace mistake.
"looks fine to me" chris@
|
#
1.27 |
|
15-May-2021 |
jan |
Add pledge for ftpd's user processes.
OK tobhe@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.25 |
|
17-Apr-2017 |
deraadt |
freezero() can be used here
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.24 |
|
25-Apr-2016 |
deraadt |
prefer setres{u,g}id() rather than manipulating both real and effective ids, it clarifies these are full revocation situations. ok millert
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.23 |
|
16-Nov-2015 |
tedu |
don't need to ifdef setproctitle
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.22 |
|
06-Feb-2015 |
millert |
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
|
#
1.21 |
|
25-Aug-2014 |
doug |
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.20 |
|
04-Jun-2009 |
sthen |
...and now try again with a commit from the right tree. doh!
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
#
1.19 |
|
04-Jun-2009 |
sthen |
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.18 |
|
30-Jun-2008 |
ragge |
Include file order must be "monitor.h" before "extern.h" otherwise enum auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.17 |
|
05-Apr-2007 |
moritz |
Remove lint comment, which does not apply anymore.
|
#
1.16 |
|
26-Mar-2007 |
moritz |
Do not log when the slave gets killed because of read() returning 0. This is normal behavior and should not spam the logs. Noticed by henning@
OK henning@ millert@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.15 |
|
01-Mar-2007 |
otto |
- use proper log facility and priority in the slave sig handlers - if the monitor decides to kill the slave, log that ok millert@ moritz@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.14 |
|
21-Apr-2006 |
deraadt |
lint cleanup; ok ray moritz dhill
|
#
1.13 |
|
14-Mar-2006 |
moritz |
Allow anonymous logins without a password, which was broken by the last commit. Noticed by Armin Wolfermann. ok henning@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.12 |
|
20-Jan-2006 |
moritz |
branches: 1.12.2; fix integer overflows. ok millert@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.11 |
|
14-Jul-2005 |
moritz |
let root create the data socket. fixes PR 4287. ok millert@ henning@
|
#
1.10 |
|
24-May-2005 |
moritz |
readd endpwent()
|
#
1.9 |
|
24-May-2005 |
moritz |
no need for endpwent()
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
26-Feb-2005 |
moritz |
branches: 1.8.2; fix {send,recv}data so they don't add -1 to pos in the EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@.
ok millert@ otto@ henning@
|
#
1.7 |
|
20-Dec-2004 |
moritz |
change mail address
ok henning@
|
#
1.6 |
|
11-Dec-2004 |
moritz |
make syscalls in the monitor restartable when signals occur, as was the case before privsep and only wait() for our slave processes. with help from millert@
ok millert@ henning@
|
#
1.5 |
|
06-Dec-2004 |
moritz |
make signal blocking a lot easier. ok millert@, henning@
|
#
1.4 |
|
29-Nov-2004 |
henning |
fix nasty signal races by blocking signals in signal handlers. with moritz jodeit and theo, ok theo
|
#
1.3 |
|
28-Nov-2004 |
henning |
slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo
|
#
1.2 |
|
28-Nov-2004 |
henning |
fix ttyline setting, fixes proctitle. notice independently by theo and pval, fix from moritz jodeit
|
#
1.1 |
|
28-Nov-2004 |
henning |
privilege seperate ftpd handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com
|
#
1.29 |
|
31-May-2021 |
jan |
Convert K&R function definitions to modern C.
OK naddy@, millert@
|
#
1.28 |
|
20-May-2021 |
jan |
Removes the useless FILE* parameter of get_line(). While here fix minor whitespace mistake.
"looks fine to me" chris@
|
#
1.27 |
|
15-May-2021 |
jan |
Add pledge for ftpd's user processes.
OK tobhe@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.25 |
|
17-Apr-2017 |
deraadt |
freezero() can be used here
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.24 |
|
25-Apr-2016 |
deraadt |
prefer setres{u,g}id() rather than manipulating both real and effective ids, it clarifies these are full revocation situations. ok millert
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.23 |
|
16-Nov-2015 |
tedu |
don't need to ifdef setproctitle
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.22 |
|
06-Feb-2015 |
millert |
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
|
#
1.21 |
|
25-Aug-2014 |
doug |
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.20 |
|
04-Jun-2009 |
sthen |
...and now try again with a commit from the right tree. doh!
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
#
1.19 |
|
04-Jun-2009 |
sthen |
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.18 |
|
30-Jun-2008 |
ragge |
Include file order must be "monitor.h" before "extern.h" otherwise enum auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.17 |
|
05-Apr-2007 |
moritz |
Remove lint comment, which does not apply anymore.
|
#
1.16 |
|
26-Mar-2007 |
moritz |
Do not log when the slave gets killed because of read() returning 0. This is normal behavior and should not spam the logs. Noticed by henning@
OK henning@ millert@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.15 |
|
01-Mar-2007 |
otto |
- use proper log facility and priority in the slave sig handlers - if the monitor decides to kill the slave, log that ok millert@ moritz@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.14 |
|
21-Apr-2006 |
deraadt |
lint cleanup; ok ray moritz dhill
|
#
1.13 |
|
14-Mar-2006 |
moritz |
Allow anonymous logins without a password, which was broken by the last commit. Noticed by Armin Wolfermann. ok henning@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.12 |
|
20-Jan-2006 |
moritz |
branches: 1.12.2; fix integer overflows. ok millert@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.11 |
|
14-Jul-2005 |
moritz |
let root create the data socket. fixes PR 4287. ok millert@ henning@
|
#
1.10 |
|
24-May-2005 |
moritz |
readd endpwent()
|
#
1.9 |
|
24-May-2005 |
moritz |
no need for endpwent()
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
26-Feb-2005 |
moritz |
branches: 1.8.2; fix {send,recv}data so they don't add -1 to pos in the EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@.
ok millert@ otto@ henning@
|
#
1.7 |
|
20-Dec-2004 |
moritz |
change mail address
ok henning@
|
#
1.6 |
|
11-Dec-2004 |
moritz |
make syscalls in the monitor restartable when signals occur, as was the case before privsep and only wait() for our slave processes. with help from millert@
ok millert@ henning@
|
#
1.5 |
|
06-Dec-2004 |
moritz |
make signal blocking a lot easier. ok millert@, henning@
|
#
1.4 |
|
29-Nov-2004 |
henning |
fix nasty signal races by blocking signals in signal handlers. with moritz jodeit and theo, ok theo
|
#
1.3 |
|
28-Nov-2004 |
henning |
slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo
|
#
1.2 |
|
28-Nov-2004 |
henning |
fix ttyline setting, fixes proctitle. notice independently by theo and pval, fix from moritz jodeit
|
#
1.1 |
|
28-Nov-2004 |
henning |
privilege seperate ftpd handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com
|
#
1.28 |
|
20-May-2021 |
jan |
Removes the useless FILE* parameter of get_line(). While here fix minor whitespace mistake.
"looks fine to me" chris@
|
#
1.27 |
|
15-May-2021 |
jan |
Add pledge for ftpd's user processes.
OK tobhe@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.25 |
|
17-Apr-2017 |
deraadt |
freezero() can be used here
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.24 |
|
25-Apr-2016 |
deraadt |
prefer setres{u,g}id() rather than manipulating both real and effective ids, it clarifies these are full revocation situations. ok millert
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.23 |
|
16-Nov-2015 |
tedu |
don't need to ifdef setproctitle
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.22 |
|
06-Feb-2015 |
millert |
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
|
#
1.21 |
|
25-Aug-2014 |
doug |
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.20 |
|
04-Jun-2009 |
sthen |
...and now try again with a commit from the right tree. doh!
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
#
1.19 |
|
04-Jun-2009 |
sthen |
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.18 |
|
30-Jun-2008 |
ragge |
Include file order must be "monitor.h" before "extern.h" otherwise enum auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.17 |
|
05-Apr-2007 |
moritz |
Remove lint comment, which does not apply anymore.
|
#
1.16 |
|
26-Mar-2007 |
moritz |
Do not log when the slave gets killed because of read() returning 0. This is normal behavior and should not spam the logs. Noticed by henning@
OK henning@ millert@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.15 |
|
01-Mar-2007 |
otto |
- use proper log facility and priority in the slave sig handlers - if the monitor decides to kill the slave, log that ok millert@ moritz@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.14 |
|
21-Apr-2006 |
deraadt |
lint cleanup; ok ray moritz dhill
|
#
1.13 |
|
14-Mar-2006 |
moritz |
Allow anonymous logins without a password, which was broken by the last commit. Noticed by Armin Wolfermann. ok henning@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.12 |
|
20-Jan-2006 |
moritz |
branches: 1.12.2; fix integer overflows. ok millert@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.11 |
|
14-Jul-2005 |
moritz |
let root create the data socket. fixes PR 4287. ok millert@ henning@
|
#
1.10 |
|
24-May-2005 |
moritz |
readd endpwent()
|
#
1.9 |
|
24-May-2005 |
moritz |
no need for endpwent()
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
26-Feb-2005 |
moritz |
branches: 1.8.2; fix {send,recv}data so they don't add -1 to pos in the EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@.
ok millert@ otto@ henning@
|
#
1.7 |
|
20-Dec-2004 |
moritz |
change mail address
ok henning@
|
#
1.6 |
|
11-Dec-2004 |
moritz |
make syscalls in the monitor restartable when signals occur, as was the case before privsep and only wait() for our slave processes. with help from millert@
ok millert@ henning@
|
#
1.5 |
|
06-Dec-2004 |
moritz |
make signal blocking a lot easier. ok millert@, henning@
|
#
1.4 |
|
29-Nov-2004 |
henning |
fix nasty signal races by blocking signals in signal handlers. with moritz jodeit and theo, ok theo
|
#
1.3 |
|
28-Nov-2004 |
henning |
slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo
|
#
1.2 |
|
28-Nov-2004 |
henning |
fix ttyline setting, fixes proctitle. notice independently by theo and pval, fix from moritz jodeit
|
#
1.1 |
|
28-Nov-2004 |
henning |
privilege seperate ftpd handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com
|
#
1.27 |
|
15-May-2021 |
jan |
Add pledge for ftpd's user processes.
OK tobhe@
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE
|
#
1.26 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.25 |
|
17-Apr-2017 |
deraadt |
freezero() can be used here
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.24 |
|
25-Apr-2016 |
deraadt |
prefer setres{u,g}id() rather than manipulating both real and effective ids, it clarifies these are full revocation situations. ok millert
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.23 |
|
16-Nov-2015 |
tedu |
don't need to ifdef setproctitle
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.22 |
|
06-Feb-2015 |
millert |
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
|
#
1.21 |
|
25-Aug-2014 |
doug |
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.20 |
|
04-Jun-2009 |
sthen |
...and now try again with a commit from the right tree. doh!
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
#
1.19 |
|
04-Jun-2009 |
sthen |
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.18 |
|
30-Jun-2008 |
ragge |
Include file order must be "monitor.h" before "extern.h" otherwise enum auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.17 |
|
05-Apr-2007 |
moritz |
Remove lint comment, which does not apply anymore.
|
#
1.16 |
|
26-Mar-2007 |
moritz |
Do not log when the slave gets killed because of read() returning 0. This is normal behavior and should not spam the logs. Noticed by henning@
OK henning@ millert@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.15 |
|
01-Mar-2007 |
otto |
- use proper log facility and priority in the slave sig handlers - if the monitor decides to kill the slave, log that ok millert@ moritz@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.14 |
|
21-Apr-2006 |
deraadt |
lint cleanup; ok ray moritz dhill
|
#
1.13 |
|
14-Mar-2006 |
moritz |
Allow anonymous logins without a password, which was broken by the last commit. Noticed by Armin Wolfermann. ok henning@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.12 |
|
20-Jan-2006 |
moritz |
branches: 1.12.2; fix integer overflows. ok millert@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.11 |
|
14-Jul-2005 |
moritz |
let root create the data socket. fixes PR 4287. ok millert@ henning@
|
#
1.10 |
|
24-May-2005 |
moritz |
readd endpwent()
|
#
1.9 |
|
24-May-2005 |
moritz |
no need for endpwent()
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
26-Feb-2005 |
moritz |
branches: 1.8.2; fix {send,recv}data so they don't add -1 to pos in the EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@.
ok millert@ otto@ henning@
|
#
1.7 |
|
20-Dec-2004 |
moritz |
change mail address
ok henning@
|
#
1.6 |
|
11-Dec-2004 |
moritz |
make syscalls in the monitor restartable when signals occur, as was the case before privsep and only wait() for our slave processes. with help from millert@
ok millert@ henning@
|
#
1.5 |
|
06-Dec-2004 |
moritz |
make signal blocking a lot easier. ok millert@, henning@
|
#
1.4 |
|
29-Nov-2004 |
henning |
fix nasty signal races by blocking signals in signal handlers. with moritz jodeit and theo, ok theo
|
#
1.3 |
|
28-Nov-2004 |
henning |
slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo
|
#
1.2 |
|
28-Nov-2004 |
henning |
fix ttyline setting, fixes proctitle. notice independently by theo and pval, fix from moritz jodeit
|
#
1.1 |
|
28-Nov-2004 |
henning |
privilege seperate ftpd handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com
|
#
1.26 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_2_BASE OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.25 |
|
17-Apr-2017 |
deraadt |
freezero() can be used here
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.24 |
|
25-Apr-2016 |
deraadt |
prefer setres{u,g}id() rather than manipulating both real and effective ids, it clarifies these are full revocation situations. ok millert
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.23 |
|
16-Nov-2015 |
tedu |
don't need to ifdef setproctitle
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.22 |
|
06-Feb-2015 |
millert |
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
|
#
1.21 |
|
25-Aug-2014 |
doug |
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.20 |
|
04-Jun-2009 |
sthen |
...and now try again with a commit from the right tree. doh!
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
#
1.19 |
|
04-Jun-2009 |
sthen |
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.18 |
|
30-Jun-2008 |
ragge |
Include file order must be "monitor.h" before "extern.h" otherwise enum auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.17 |
|
05-Apr-2007 |
moritz |
Remove lint comment, which does not apply anymore.
|
#
1.16 |
|
26-Mar-2007 |
moritz |
Do not log when the slave gets killed because of read() returning 0. This is normal behavior and should not spam the logs. Noticed by henning@
OK henning@ millert@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.15 |
|
01-Mar-2007 |
otto |
- use proper log facility and priority in the slave sig handlers - if the monitor decides to kill the slave, log that ok millert@ moritz@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.14 |
|
21-Apr-2006 |
deraadt |
lint cleanup; ok ray moritz dhill
|
#
1.13 |
|
14-Mar-2006 |
moritz |
Allow anonymous logins without a password, which was broken by the last commit. Noticed by Armin Wolfermann. ok henning@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.12 |
|
20-Jan-2006 |
moritz |
branches: 1.12.2; fix integer overflows. ok millert@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.11 |
|
14-Jul-2005 |
moritz |
let root create the data socket. fixes PR 4287. ok millert@ henning@
|
#
1.10 |
|
24-May-2005 |
moritz |
readd endpwent()
|
#
1.9 |
|
24-May-2005 |
moritz |
no need for endpwent()
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
26-Feb-2005 |
moritz |
branches: 1.8.2; fix {send,recv}data so they don't add -1 to pos in the EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@.
ok millert@ otto@ henning@
|
#
1.7 |
|
20-Dec-2004 |
moritz |
change mail address
ok henning@
|
#
1.6 |
|
11-Dec-2004 |
moritz |
make syscalls in the monitor restartable when signals occur, as was the case before privsep and only wait() for our slave processes. with help from millert@
ok millert@ henning@
|
#
1.5 |
|
06-Dec-2004 |
moritz |
make signal blocking a lot easier. ok millert@, henning@
|
#
1.4 |
|
29-Nov-2004 |
henning |
fix nasty signal races by blocking signals in signal handlers. with moritz jodeit and theo, ok theo
|
#
1.3 |
|
28-Nov-2004 |
henning |
slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo
|
#
1.2 |
|
28-Nov-2004 |
henning |
fix ttyline setting, fixes proctitle. notice independently by theo and pval, fix from moritz jodeit
|
#
1.1 |
|
28-Nov-2004 |
henning |
privilege seperate ftpd handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.25 |
|
17-Apr-2017 |
deraadt |
freezero() can be used here
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE
|
#
1.24 |
|
25-Apr-2016 |
deraadt |
prefer setres{u,g}id() rather than manipulating both real and effective ids, it clarifies these are full revocation situations. ok millert
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.23 |
|
16-Nov-2015 |
tedu |
don't need to ifdef setproctitle
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.22 |
|
06-Feb-2015 |
millert |
SIZE_MAX is standard, we should be using it in preference to the obsolete SIZE_T_MAX. OK miod@ beck@
|
#
1.21 |
|
25-Aug-2014 |
doug |
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
|
Revision tags: OPENBSD_4_6_BASE OPENBSD_4_7_BASE OPENBSD_4_8_BASE OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE OPENBSD_5_2_BASE OPENBSD_5_3_BASE OPENBSD_5_4_BASE OPENBSD_5_5_BASE OPENBSD_5_6_BASE
|
#
1.20 |
|
04-Jun-2009 |
sthen |
...and now try again with a commit from the right tree. doh!
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
#
1.19 |
|
04-Jun-2009 |
sthen |
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
|
Revision tags: OPENBSD_4_4_BASE OPENBSD_4_5_BASE
|
#
1.18 |
|
30-Jun-2008 |
ragge |
Include file order must be "monitor.h" before "extern.h" otherwise enum auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
Revision tags: OPENBSD_4_2_BASE OPENBSD_4_3_BASE
|
#
1.17 |
|
05-Apr-2007 |
moritz |
Remove lint comment, which does not apply anymore.
|
#
1.16 |
|
26-Mar-2007 |
moritz |
Do not log when the slave gets killed because of read() returning 0. This is normal behavior and should not spam the logs. Noticed by henning@
OK henning@ millert@
|
Revision tags: OPENBSD_4_1_BASE
|
#
1.15 |
|
01-Mar-2007 |
otto |
- use proper log facility and priority in the slave sig handlers - if the monitor decides to kill the slave, log that ok millert@ moritz@
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.14 |
|
21-Apr-2006 |
deraadt |
lint cleanup; ok ray moritz dhill
|
#
1.13 |
|
14-Mar-2006 |
moritz |
Allow anonymous logins without a password, which was broken by the last commit. Noticed by Armin Wolfermann. ok henning@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.12 |
|
20-Jan-2006 |
moritz |
branches: 1.12.2; fix integer overflows. ok millert@
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.11 |
|
14-Jul-2005 |
moritz |
let root create the data socket. fixes PR 4287. ok millert@ henning@
|
#
1.10 |
|
24-May-2005 |
moritz |
readd endpwent()
|
#
1.9 |
|
24-May-2005 |
moritz |
no need for endpwent()
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.8 |
|
26-Feb-2005 |
moritz |
branches: 1.8.2; fix {send,recv}data so they don't add -1 to pos in the EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@.
ok millert@ otto@ henning@
|
#
1.7 |
|
20-Dec-2004 |
moritz |
change mail address
ok henning@
|
#
1.6 |
|
11-Dec-2004 |
moritz |
make syscalls in the monitor restartable when signals occur, as was the case before privsep and only wait() for our slave processes. with help from millert@
ok millert@ henning@
|
#
1.5 |
|
06-Dec-2004 |
moritz |
make signal blocking a lot easier. ok millert@, henning@
|
#
1.4 |
|
29-Nov-2004 |
henning |
fix nasty signal races by blocking signals in signal handlers. with moritz jodeit and theo, ok theo
|
#
1.3 |
|
28-Nov-2004 |
henning |
slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo
|
#
1.2 |
|
28-Nov-2004 |
henning |
fix ttyline setting, fixes proctitle. notice independently by theo and pval, fix from moritz jodeit
|
#
1.1 |
|
28-Nov-2004 |
henning |
privilege seperate ftpd handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com
|