#
1.129 |
|
28-Jan-2022 |
guenther |
When it's the possessive of 'it', it's spelled "its", without the apostrophe.
|
Revision tags: OPENBSD_6_6_BASE OPENBSD_6_7_BASE OPENBSD_6_8_BASE OPENBSD_6_9_BASE OPENBSD_7_0_BASE
|
#
1.128 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.127 |
|
26-Apr-2018 |
guenther |
Use <fcntl.h> instead of <sys/file.h> for open() and friends. Delete a bunch of unnecessary #includes and sort to match style(9) while doing the above cleanup.
ok deraadt@ krw@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
16-Jan-2018 |
cheloha |
Use the monotonic clock to compute the session duration.
Ensures the correct duration is logged even if the system time is changed during the session.
ok jca@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.125 |
|
29-Mar-2016 |
mestre |
- Add missing goto in order to avoid a dereference of a null object - While here remove lint comment
OK millert@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.124 |
|
08-Dec-2015 |
mmcc |
Remove a NULL-check before free().
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.123 |
|
21-Jan-2015 |
deraadt |
Include <netinet/in.h> before <net/pfvar.h>. In a future change when ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
#
1.122 |
|
15-Jan-2015 |
deraadt |
switch to PATH_MAX
|
#
1.121 |
|
08-Oct-2014 |
deraadt |
remove stupid cast
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.120 |
|
02-Apr-2014 |
deraadt |
use setresgid() ok guenther millert
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.119 |
|
02-Apr-2013 |
guenther |
Handle big time_t
ok deraadt@
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.118 |
|
19-Jan-2013 |
miod |
fix build with gcc 2
|
#
1.117 |
|
15-Jan-2013 |
beck |
Per group support for authpf rules files in /etc/authpf/groups. largely by Frank Timmers <frankt@smurfnet.eu> with fixups by me and jmc@.
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.116 |
|
07-Jul-2012 |
claudio |
Fix file descriptor leak reported by someone on the mailing list long time ago. OK beck@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.115 |
|
02-Sep-2010 |
sobrado |
remove trailing spaces and tabs; no binary change.
written with help from henning@, who suggested ensuring that there are no changes in the digests for object files, thanks!
ok henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.114 |
|
27-Jan-2010 |
todd |
search for authpf.message in $USER dirs also from Rafal Bisingier ravbc at man dot pozman dot pl, ok beck@
|
#
1.113 |
|
23-Nov-2009 |
claudio |
Make the tree compile again. Henning and I are both quite sure this is correct.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.112 |
|
10-Jan-2009 |
miod |
Uninitialized variable introduced in 1.110.
|
#
1.111 |
|
10-Jan-2009 |
todd |
variable declaration before use, found by vax, no cookie
|
#
1.110 |
|
06-Jan-2009 |
mcbride |
Support group and login class in authpf.allow (%<group>, @<class>)
ok beck
|
#
1.109 |
|
07-Oct-2008 |
deraadt |
protect better against races from incoming signals; slightly changed from 5394 by tracking the fd instead of the fp. ok beck
|
#
1.108 |
|
05-Oct-2008 |
deraadt |
grammar; PR 5394
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.107 |
|
14-Feb-2008 |
mcbride |
Add authpf-noip, which allows multiple users to connect from a single IP; forces users to write sane rulesets for this by not providing $user_ip or updating the authpf table.
testing and prodding by mtu, manpage heavily worked over by jmc ok beck dhartmei henning
|
#
1.106 |
|
01-Feb-2008 |
mcbride |
Clean anchors recursively and directly via ioctls rather than using pfctl with '-f /dev/null'. Properly clears the user's anchor even when anchors are nested inside it (And avoids having to fork() on exit to run pfctl)
ok beck@, with testing by mtu@
|
#
1.105 |
|
25-Sep-2007 |
chl |
handle empty strings returned by fgets
ok ray@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.104 |
|
24-Feb-2007 |
beck |
exit right away if the config file isn't there, rather than doing a whole bunch of needless screwing around noticed by Stefan Krah <stefan-usenet@bytereef.org>
|
#
1.103 |
|
24-Feb-2007 |
beck |
license + copyright
|
#
1.102 |
|
24-Feb-2007 |
beck |
Pr 5395 from Stefan Krah <stefan-usenet@bytereef.org> cleanup: remove unused arg no need to clear locals return -1 to allow pid cleanup to happen if fork fails
|
#
1.101 |
|
22-Feb-2007 |
beck |
this ftruncate is really not needed now, if we're just unlinking. ok millert@
|
#
1.100 |
|
22-Feb-2007 |
beck |
close 5389 and 5390, unused variable and a chance to unlink the pidfile without lock if we couldn't kill a preexisting authpf process. spotted by Stefan Krah <sfk1@bigfoot.com>.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.99 |
|
09-Aug-2006 |
dhartmei |
handle SIGQUIT instead of SIGSTOP, from Stefan Krah
|
#
1.98 |
|
17-Mar-2006 |
deraadt |
FILE * leak
|
#
1.97 |
|
14-Mar-2006 |
beck |
fix incorrect sizeof(), spotted by ckuethe ok deraadt@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.96 |
|
12-Dec-2005 |
beck |
correct err() usage and remove the do_death which is unneeded in the child proceess, (as noticed by <evol@online.ptt.ru>)
|
#
1.95 |
|
12-Dec-2005 |
beck |
Backout previous change back to 1.92 - My fault, committed diff from unclean tree.
|
#
1.94 |
|
09-Dec-2005 |
beck |
Mine, so modernize license
|
#
1.93 |
|
09-Dec-2005 |
beck |
calling do_death() after err makes us exit is not smart, and is in fact unnecessary, my usage of err() here also repeated the formatted error message twice. - We don't need do_death() here, and fix err to print the message a bit more sanely. Noticed by Andrey Matveev <evol@online.ptt.ru> - Thanks
|
#
1.92 |
|
08-Dec-2005 |
beck |
make authpf give up group privs before exec'ing pfctl - makes it so the new taint enforcement for /dev/fd/X opens don't kill it
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.91 |
|
23-May-2005 |
henning |
branches: 1.91.2; useless endpwent
|
#
1.90 |
|
02-May-2005 |
djm |
more setres[ug]id; ok deraadt@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.89 |
|
10-Feb-2005 |
joel |
branches: 1.89.2; Minor punctuation nit.
ok henning@
|
#
1.88 |
|
31-Jan-2005 |
henning |
warn(3) + _exit(2) instead of err(3) in the forked child From: Andrey Matveev <andrushock@korovino.net>
|
#
1.87 |
|
31-Jan-2005 |
henning |
-Wsign-compare clean, Andrey Matveev <andrushock@korovino.net>
|
#
1.86 |
|
16-Sep-2004 |
deraadt |
ftruncate() with ftello() instead of ftell(); ok millert
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.85 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.84 |
|
14-Jun-2004 |
cedric |
Use new ioctls. ok beck@ henning@
|
#
1.83 |
|
21-May-2004 |
dhartmei |
Use '/' instead of ':' as separator for anchor path components. Note that the parser now needs quotes around paths containing separators. ok mcbride@
|
#
1.82 |
|
19-May-2004 |
dhartmei |
Allow recursive anchors (anchors within anchors, up to 64 levels deep). More work required, but this is already functional. authpf users will need to adjust their anchor calls, but this will change again soon. ok beck@, cedric@, henning@, mcbride@
|
#
1.81 |
|
13-May-2004 |
henning |
as the authpf manpage describes, the connecting user's shell can be overloaded via login.conf. When verifying that the user's login shell is indeed authpf it is not sufficient to look at (struct passwd)->pw_shell, we also have to use login_getclass etc to check wether the shell gets overloaded. ok millert@ beck@
|
#
1.80 |
|
28-Apr-2004 |
cedric |
Put authpf user's IP addresses in the <authpf_users> table. ok deraadt@ dhartmei@ markus@ mcbride@
|
#
1.79 |
|
28-Apr-2004 |
djm |
IPv6 support; ok beck@
|
#
1.78 |
|
25-Apr-2004 |
deraadt |
clean; ok beck
|
#
1.77 |
|
25-Apr-2004 |
beck |
Make authpf exec pfctl instead of sucking in code from pfctl ok cedric@
|
#
1.76 |
|
09-Apr-2004 |
cedric |
Do not try to load directories. found+ok mpech@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.75 |
|
29-Jan-2004 |
deraadt |
MORE BULLSHIT BECAUSE THIS PIECE OF SHIT IS INTERTWINED WITH PFCTL
|
#
1.74 |
|
13-Jan-2004 |
dhartmei |
handle ruleset names containing usernames, fixes PR 3627, ok Bob
|
#
1.73 |
|
15-Dec-2003 |
mcbride |
Add initial support for pf state synchronization over the network. Implemented as an in-kernel multicast IP protocol.
Turn it on like this:
# ifconfig pfsync0 up syncif fxp0
There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls.
NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers.
Much more to come.
ok deraadt@
|
#
1.72 |
|
10-Dec-2003 |
beck |
- fix a few exit cases that would exit with no log - add username to added ruleset names when possible - add much needed example to man page showing how to use NAT with tagging to track NATed authpfed connections. ok henning@ dhartmei@, man page cleanup by jmc@
|
#
1.71 |
|
14-Nov-2003 |
henning |
catch up with pfctl changes
|
#
1.70 |
|
26-Sep-2003 |
cedric |
Rearchitecture of the userland/kernel IOCTL interface for transactions. This brings us close to 100% atomicity for a "pfctl -f pf.conf" command. (some splxxx work remain in the kernel). Basically, improvements are:
- Anchors/Rulesets cannot disappear unexpectedly anymore. - No more leftover in the kernel if "pfctl -f" fail. - Commit is now done in a single atomic IOCTL.
WARNING: The kernel code is fully backward compatible, but the new pfctl/authpf userland utilities will only run on a new kernel.
The following ioctls are deprecated (i.e. will be deleted sooner or later, depending on how many 3rd party utilities use them and how soon they can be upgraded):
- DIOCBEGINRULES - DIOCCOMMITRULES - DIOCBEGINALTQS - DIOCCOMMITALTQS - DIOCRINABEGIN - DIOCRINADEFINE
They are replaced by the following ioctls (yes, PF(4) will follow) which operate on a vector of rulesets:
- DIOCXBEGIN - DIOCXCOMMIT - DIOCXROLLBACK
Ok dhartmei@ mcbride@
|
#
1.69 |
|
26-Sep-2003 |
henning |
erm, committing to teh right repository helps sometimes. don't reject usernames > 15 chars; username is not used as ruleset name any more, thus, this restriction is gone. PR3491, fix from dhartmei
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.68 |
|
21-Aug-2003 |
frantzen |
stuff needed for passive OS fingerprinting PF rules
|
#
1.67 |
|
01-Aug-2003 |
millert |
tickets are now u_int32_t, not int, fixes tree breakage; from Andrey Smagin
|
#
1.66 |
|
11-Jul-2003 |
cedric |
Better parsing and -v support for tables:
- remove the tableaddrs and tableaddr yacc production and reuse host_list instead. - produce better error messages. - do not load addresses from external file when it is not required (like with -R option). - store initializers in a new node_tinit linked list before putting them into the address buffer (see next point). - add a new print_tabledef() function, which makes "pfctl -nvf" print something useful for table definitions, which in turn makes it possible to write better regress tests (see first chunk of the diff) and bring table definition consistant with other parsed rules.
ok dhartmei@
|
#
1.65 |
|
08-Jul-2003 |
dhartmei |
Fix a bug that caused removal of previous users' rules when more then one user loggged in concurrently. And fix a smaller bug which prevented complete removal of a user's state entries on logout. Bug report and testing by Ed Powers.
|
#
1.64 |
|
03-Jul-2003 |
cedric |
Bye bye atexit(), bye bye globals... The pfctl.c part will probably need some further improvements. ok henning@
|
#
1.63 |
|
03-Jul-2003 |
cedric |
This patch finally cleanup pfctl_table.c. No more global buffer, and a couple of parsing functions moved to parse.y or pfctl_parser where they belong.
I also took the opportunity to replace "void" functions with exit(1) or err() inside by "int" functions, with the caller checking the return value for errors (much cleaner and an old request from Theo)
ok dhartmei@ henning@
|
#
1.62 |
|
28-Jun-2003 |
deraadt |
() to (void)
|
#
1.61 |
|
27-Jun-2003 |
henning |
/etc/authpf.allow -> /etc/authpf/authpf.allow in comments spotted by Joel Knight again
|
#
1.60 |
|
24-Jun-2003 |
deraadt |
clean
|
#
1.59 |
|
24-Jun-2003 |
deraadt |
(long)getpid(); andrushock@korovino.net
|
#
1.58 |
|
03-Jun-2003 |
beck |
remove term 3, with permission from Chris Kuethe for pathnames.h
|
#
1.57 |
|
10-May-2003 |
cloder |
Be polite about leaving invalid data around in globals, just in case someone comes along later, modifies the code, and runs into a problem. OK beck@
|
#
1.56 |
|
10-May-2003 |
henning |
catch up with pfctl changes
|
#
1.55 |
|
30-Apr-2003 |
cedric |
Allow tables to be loaded into anchors. Most pfctl table commands (excluding 'show' and 'flush') support the "-a" modifier. ok dhartmei@
|
#
1.54 |
|
20-Apr-2003 |
beck |
authpf is supposed to die if the /etc/authpf/authpf.conf is not present. pr # 3217, patch from frisco@blackant.net
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.53 |
|
19-Feb-2003 |
deraadt |
branches: 1.53.2; sync to pfctl; BAD HENNING BAD BAD BAD NO COOKIE
|
#
1.52 |
|
11-Feb-2003 |
henning |
adjust after pfctl changes
|
#
1.51 |
|
03-Feb-2003 |
henning |
typos and minor KNF; from andrushock, thanks!
|
#
1.50 |
|
02-Feb-2003 |
henning |
adjust after pfctl change; parse_rules doesn't take opts seperately any more
|
#
1.49 |
|
29-Jan-2003 |
deraadt |
do setprocticle; ok camield
|
#
1.48 |
|
27-Jan-2003 |
dhartmei |
remove some unused includes, from Andrey Matveev
|
#
1.47 |
|
26-Jan-2003 |
dhartmei |
mop up, from krw
|
#
1.46 |
|
25-Jan-2003 |
cedric |
Permit initialisation of a table content from a file in pf.conf. Cleaning up of the table options parsing, more flexible. idea+cleanup deraadt@, ok dhartmei@, pass all regress tests.
|
#
1.45 |
|
09-Jan-2003 |
cedric |
Add support for active/inactive tablesets in the kernel. Add table definition/initialisation construct in pfctl parser. Add and fix documentation for pf.4 and pf.conf.5. Tested on i386 and sparc64 by myself, macppc by Daniel. ok dhartmei@
|
#
1.44 |
|
07-Jan-2003 |
dhartmei |
Add function to search for and remove stale rulesets from other authpf processes which have terminated unexpectedly. ok beck@
|
#
1.43 |
|
06-Jan-2003 |
deraadt |
nicer syslog
|
#
1.42 |
|
05-Jan-2003 |
dhartmei |
Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table name. ok henning@, mcbride@, cedric@
|
#
1.41 |
|
01-Jan-2003 |
dhartmei |
Scrub and filter rules are separated now, adjust authpf accordingly.
|
#
1.40 |
|
29-Dec-2002 |
dhartmei |
Set a macro $user_id to the user name, just like $user_ip is already set to the IP address. From discussion with Michael Lucas. ok henning@
|
#
1.39 |
|
22-Dec-2002 |
henning |
KNF
|
#
1.38 |
|
22-Dec-2002 |
dhartmei |
Instead of inserting and removing rules at the top/bottom of the main ruleset, make authpf manage its rules inside anchors.
|
#
1.37 |
|
19-Dec-2002 |
henning |
redundant memset
|
#
1.36 |
|
19-Dec-2002 |
henning |
KNF
|
#
1.35 |
|
18-Dec-2002 |
mcbride |
Fix tree breakage; match changes to struct pfctl (now contains an array of pointers to pfioc_rule).
Fix from henning@
ok dhartmei@
|
#
1.34 |
|
17-Dec-2002 |
mcbride |
Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule - Move pf_compare* functions here - fix ioctls.
|
#
1.33 |
|
06-Dec-2002 |
dhartmei |
Introduce anchors and named rule sets, allowing to load additional rule sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons.
Idea and ok deraadt@
|
#
1.32 |
|
04-Dec-2002 |
deraadt |
catch up to -v -v change in pfctl(8)
|
#
1.31 |
|
01-Dec-2002 |
henning |
KNF
|
#
1.30 |
|
01-Dec-2002 |
mcbride |
Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one.
ok dhartmei@ henning@
|
#
1.29 |
|
23-Nov-2002 |
mcbride |
don't try to do ioctl with PF_OPT_NOACTION
does not impact fuction of authpf, but make it consistent with the rest of the add_* family
ok dhartmei@
|
#
1.28 |
|
23-Nov-2002 |
mcbride |
add code to load lists of redirection addresses for nat/rdr/route-to/etc.
|
#
1.27 |
|
22-Nov-2002 |
beck |
Disallow non-interactive sessions, to avoid problem of users scp'ing to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
|
#
1.26 |
|
19-Nov-2002 |
deraadt |
be more precise
|
#
1.25 |
|
19-Nov-2002 |
deraadt |
hacks to make the tree build; henning gets a carrot up the nose next time i meet him
|
#
1.24 |
|
25-Oct-2002 |
camield |
- be even more careful with data supplied from outside - check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.23 |
|
25-Jun-2002 |
henning |
hooks for options. we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@
|
#
1.22 |
|
12-Jun-2002 |
vincent |
fix a typo that could create a fd leak
ok beck@
|
#
1.21 |
|
11-Jun-2002 |
beck |
fix breakage from the stupid way theo and I commited that last big pile of changes.
|
#
1.20 |
|
11-Jun-2002 |
kjell |
I broke this. Remove separate (optional) nat calls
|
#
1.19 |
|
08-Jun-2002 |
beck |
comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu>
|
#
1.18 |
|
07-Jun-2002 |
beck |
fix a few nits in theo's commit, make this install and run setgid authpf so that it can remove the files it creates in /var/authpf
|
#
1.17 |
|
07-Jun-2002 |
deraadt |
twist time, space, and other aspects of reality so that we can revoke privs, and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes)
|
#
1.16 |
|
30-May-2002 |
form |
Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to prevent users from playing with $SSH_CLIENT.
|
#
1.15 |
|
21-May-2002 |
deraadt |
KNF before more major hacking
|
#
1.14 |
|
16-May-2002 |
deraadt |
KNF
|
#
1.13 |
|
24-Apr-2002 |
dhartmei |
Unbreak from pfvar.h change.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.12 |
|
09-Apr-2002 |
frantzen |
make sure we fflush() after a sending a message and fix a typo in a comment ok beck@ and deraadt@
|
#
1.11 |
|
09-Apr-2002 |
beck |
don't trust USER from the environment - bad, allows users to see files they shouldn't
|
#
1.10 |
|
09-Apr-2002 |
deraadt |
minor KNF
|
#
1.9 |
|
08-Apr-2002 |
mpech |
Free memory. Patch from millert@.
|
#
1.8 |
|
07-Apr-2002 |
frantzen |
fix authpf_kill_states()
|
#
1.7 |
|
05-Apr-2002 |
deraadt |
move location of per-user config files; beck ok
|
#
1.6 |
|
05-Apr-2002 |
beck |
ensure that rules files are owned and writable only by root, along their entire path, change docs accordingly. This ensures that people don't accidentally use the $HOME config files to override real settings unless root meant to do it.
|
#
1.5 |
|
01-Apr-2002 |
beck |
don't need this anymore
|
#
1.4 |
|
01-Apr-2002 |
beck |
typo in comment
|
#
1.3 |
|
01-Apr-2002 |
beck |
-Tattling is bad, users should be allowed to run anything on the system without it generating logs -exit with 0 and 1 instead of EX_FOO -make read_config (with the test and exit) the first thing that happens in main, no openlog or memset first.
|
#
1.2 |
|
01-Apr-2002 |
beck |
-Make the /etc/authpf/authpf.conf config file required. -Change authpf to install setuid by default, and exit with a tattling syslog message if a user runs it without a config file present. -Change man page to reflect this.
|
#
1.1 |
|
01-Apr-2002 |
beck |
authpf - authenticating gateway shell for use with ssh(1) to make authenticating gateway type firewalls.
caveats - needs to be setuid to opertate (but does not install that way) consult the man page for configuration issues.
|
#
1.128 |
|
28-Jun-2019 |
deraadt |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
|
Revision tags: OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.127 |
|
26-Apr-2018 |
guenther |
Use <fcntl.h> instead of <sys/file.h> for open() and friends. Delete a bunch of unnecessary #includes and sort to match style(9) while doing the above cleanup.
ok deraadt@ krw@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
16-Jan-2018 |
cheloha |
Use the monotonic clock to compute the session duration.
Ensures the correct duration is logged even if the system time is changed during the session.
ok jca@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.125 |
|
29-Mar-2016 |
mestre |
- Add missing goto in order to avoid a dereference of a null object - While here remove lint comment
OK millert@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.124 |
|
08-Dec-2015 |
mmcc |
Remove a NULL-check before free().
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.123 |
|
21-Jan-2015 |
deraadt |
Include <netinet/in.h> before <net/pfvar.h>. In a future change when ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
#
1.122 |
|
15-Jan-2015 |
deraadt |
switch to PATH_MAX
|
#
1.121 |
|
08-Oct-2014 |
deraadt |
remove stupid cast
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.120 |
|
02-Apr-2014 |
deraadt |
use setresgid() ok guenther millert
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.119 |
|
02-Apr-2013 |
guenther |
Handle big time_t
ok deraadt@
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.118 |
|
19-Jan-2013 |
miod |
fix build with gcc 2
|
#
1.117 |
|
15-Jan-2013 |
beck |
Per group support for authpf rules files in /etc/authpf/groups. largely by Frank Timmers <frankt@smurfnet.eu> with fixups by me and jmc@.
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.116 |
|
07-Jul-2012 |
claudio |
Fix file descriptor leak reported by someone on the mailing list long time ago. OK beck@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.115 |
|
02-Sep-2010 |
sobrado |
remove trailing spaces and tabs; no binary change.
written with help from henning@, who suggested ensuring that there are no changes in the digests for object files, thanks!
ok henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.114 |
|
27-Jan-2010 |
todd |
search for authpf.message in $USER dirs also from Rafal Bisingier ravbc at man dot pozman dot pl, ok beck@
|
#
1.113 |
|
23-Nov-2009 |
claudio |
Make the tree compile again. Henning and I are both quite sure this is correct.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.112 |
|
10-Jan-2009 |
miod |
Uninitialized variable introduced in 1.110.
|
#
1.111 |
|
10-Jan-2009 |
todd |
variable declaration before use, found by vax, no cookie
|
#
1.110 |
|
06-Jan-2009 |
mcbride |
Support group and login class in authpf.allow (%<group>, @<class>)
ok beck
|
#
1.109 |
|
07-Oct-2008 |
deraadt |
protect better against races from incoming signals; slightly changed from 5394 by tracking the fd instead of the fp. ok beck
|
#
1.108 |
|
05-Oct-2008 |
deraadt |
grammar; PR 5394
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.107 |
|
14-Feb-2008 |
mcbride |
Add authpf-noip, which allows multiple users to connect from a single IP; forces users to write sane rulesets for this by not providing $user_ip or updating the authpf table.
testing and prodding by mtu, manpage heavily worked over by jmc ok beck dhartmei henning
|
#
1.106 |
|
01-Feb-2008 |
mcbride |
Clean anchors recursively and directly via ioctls rather than using pfctl with '-f /dev/null'. Properly clears the user's anchor even when anchors are nested inside it (And avoids having to fork() on exit to run pfctl)
ok beck@, with testing by mtu@
|
#
1.105 |
|
25-Sep-2007 |
chl |
handle empty strings returned by fgets
ok ray@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.104 |
|
24-Feb-2007 |
beck |
exit right away if the config file isn't there, rather than doing a whole bunch of needless screwing around noticed by Stefan Krah <stefan-usenet@bytereef.org>
|
#
1.103 |
|
24-Feb-2007 |
beck |
license + copyright
|
#
1.102 |
|
24-Feb-2007 |
beck |
Pr 5395 from Stefan Krah <stefan-usenet@bytereef.org> cleanup: remove unused arg no need to clear locals return -1 to allow pid cleanup to happen if fork fails
|
#
1.101 |
|
22-Feb-2007 |
beck |
this ftruncate is really not needed now, if we're just unlinking. ok millert@
|
#
1.100 |
|
22-Feb-2007 |
beck |
close 5389 and 5390, unused variable and a chance to unlink the pidfile without lock if we couldn't kill a preexisting authpf process. spotted by Stefan Krah <sfk1@bigfoot.com>.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.99 |
|
09-Aug-2006 |
dhartmei |
handle SIGQUIT instead of SIGSTOP, from Stefan Krah
|
#
1.98 |
|
17-Mar-2006 |
deraadt |
FILE * leak
|
#
1.97 |
|
14-Mar-2006 |
beck |
fix incorrect sizeof(), spotted by ckuethe ok deraadt@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.96 |
|
12-Dec-2005 |
beck |
correct err() usage and remove the do_death which is unneeded in the child proceess, (as noticed by <evol@online.ptt.ru>)
|
#
1.95 |
|
12-Dec-2005 |
beck |
Backout previous change back to 1.92 - My fault, committed diff from unclean tree.
|
#
1.94 |
|
09-Dec-2005 |
beck |
Mine, so modernize license
|
#
1.93 |
|
09-Dec-2005 |
beck |
calling do_death() after err makes us exit is not smart, and is in fact unnecessary, my usage of err() here also repeated the formatted error message twice. - We don't need do_death() here, and fix err to print the message a bit more sanely. Noticed by Andrey Matveev <evol@online.ptt.ru> - Thanks
|
#
1.92 |
|
08-Dec-2005 |
beck |
make authpf give up group privs before exec'ing pfctl - makes it so the new taint enforcement for /dev/fd/X opens don't kill it
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.91 |
|
23-May-2005 |
henning |
branches: 1.91.2; useless endpwent
|
#
1.90 |
|
02-May-2005 |
djm |
more setres[ug]id; ok deraadt@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.89 |
|
10-Feb-2005 |
joel |
branches: 1.89.2; Minor punctuation nit.
ok henning@
|
#
1.88 |
|
31-Jan-2005 |
henning |
warn(3) + _exit(2) instead of err(3) in the forked child From: Andrey Matveev <andrushock@korovino.net>
|
#
1.87 |
|
31-Jan-2005 |
henning |
-Wsign-compare clean, Andrey Matveev <andrushock@korovino.net>
|
#
1.86 |
|
16-Sep-2004 |
deraadt |
ftruncate() with ftello() instead of ftell(); ok millert
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.85 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.84 |
|
14-Jun-2004 |
cedric |
Use new ioctls. ok beck@ henning@
|
#
1.83 |
|
21-May-2004 |
dhartmei |
Use '/' instead of ':' as separator for anchor path components. Note that the parser now needs quotes around paths containing separators. ok mcbride@
|
#
1.82 |
|
19-May-2004 |
dhartmei |
Allow recursive anchors (anchors within anchors, up to 64 levels deep). More work required, but this is already functional. authpf users will need to adjust their anchor calls, but this will change again soon. ok beck@, cedric@, henning@, mcbride@
|
#
1.81 |
|
13-May-2004 |
henning |
as the authpf manpage describes, the connecting user's shell can be overloaded via login.conf. When verifying that the user's login shell is indeed authpf it is not sufficient to look at (struct passwd)->pw_shell, we also have to use login_getclass etc to check wether the shell gets overloaded. ok millert@ beck@
|
#
1.80 |
|
28-Apr-2004 |
cedric |
Put authpf user's IP addresses in the <authpf_users> table. ok deraadt@ dhartmei@ markus@ mcbride@
|
#
1.79 |
|
28-Apr-2004 |
djm |
IPv6 support; ok beck@
|
#
1.78 |
|
25-Apr-2004 |
deraadt |
clean; ok beck
|
#
1.77 |
|
25-Apr-2004 |
beck |
Make authpf exec pfctl instead of sucking in code from pfctl ok cedric@
|
#
1.76 |
|
09-Apr-2004 |
cedric |
Do not try to load directories. found+ok mpech@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.75 |
|
29-Jan-2004 |
deraadt |
MORE BULLSHIT BECAUSE THIS PIECE OF SHIT IS INTERTWINED WITH PFCTL
|
#
1.74 |
|
13-Jan-2004 |
dhartmei |
handle ruleset names containing usernames, fixes PR 3627, ok Bob
|
#
1.73 |
|
15-Dec-2003 |
mcbride |
Add initial support for pf state synchronization over the network. Implemented as an in-kernel multicast IP protocol.
Turn it on like this:
# ifconfig pfsync0 up syncif fxp0
There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls.
NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers.
Much more to come.
ok deraadt@
|
#
1.72 |
|
10-Dec-2003 |
beck |
- fix a few exit cases that would exit with no log - add username to added ruleset names when possible - add much needed example to man page showing how to use NAT with tagging to track NATed authpfed connections. ok henning@ dhartmei@, man page cleanup by jmc@
|
#
1.71 |
|
14-Nov-2003 |
henning |
catch up with pfctl changes
|
#
1.70 |
|
26-Sep-2003 |
cedric |
Rearchitecture of the userland/kernel IOCTL interface for transactions. This brings us close to 100% atomicity for a "pfctl -f pf.conf" command. (some splxxx work remain in the kernel). Basically, improvements are:
- Anchors/Rulesets cannot disappear unexpectedly anymore. - No more leftover in the kernel if "pfctl -f" fail. - Commit is now done in a single atomic IOCTL.
WARNING: The kernel code is fully backward compatible, but the new pfctl/authpf userland utilities will only run on a new kernel.
The following ioctls are deprecated (i.e. will be deleted sooner or later, depending on how many 3rd party utilities use them and how soon they can be upgraded):
- DIOCBEGINRULES - DIOCCOMMITRULES - DIOCBEGINALTQS - DIOCCOMMITALTQS - DIOCRINABEGIN - DIOCRINADEFINE
They are replaced by the following ioctls (yes, PF(4) will follow) which operate on a vector of rulesets:
- DIOCXBEGIN - DIOCXCOMMIT - DIOCXROLLBACK
Ok dhartmei@ mcbride@
|
#
1.69 |
|
26-Sep-2003 |
henning |
erm, committing to teh right repository helps sometimes. don't reject usernames > 15 chars; username is not used as ruleset name any more, thus, this restriction is gone. PR3491, fix from dhartmei
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.68 |
|
21-Aug-2003 |
frantzen |
stuff needed for passive OS fingerprinting PF rules
|
#
1.67 |
|
01-Aug-2003 |
millert |
tickets are now u_int32_t, not int, fixes tree breakage; from Andrey Smagin
|
#
1.66 |
|
11-Jul-2003 |
cedric |
Better parsing and -v support for tables:
- remove the tableaddrs and tableaddr yacc production and reuse host_list instead. - produce better error messages. - do not load addresses from external file when it is not required (like with -R option). - store initializers in a new node_tinit linked list before putting them into the address buffer (see next point). - add a new print_tabledef() function, which makes "pfctl -nvf" print something useful for table definitions, which in turn makes it possible to write better regress tests (see first chunk of the diff) and bring table definition consistant with other parsed rules.
ok dhartmei@
|
#
1.65 |
|
08-Jul-2003 |
dhartmei |
Fix a bug that caused removal of previous users' rules when more then one user loggged in concurrently. And fix a smaller bug which prevented complete removal of a user's state entries on logout. Bug report and testing by Ed Powers.
|
#
1.64 |
|
03-Jul-2003 |
cedric |
Bye bye atexit(), bye bye globals... The pfctl.c part will probably need some further improvements. ok henning@
|
#
1.63 |
|
03-Jul-2003 |
cedric |
This patch finally cleanup pfctl_table.c. No more global buffer, and a couple of parsing functions moved to parse.y or pfctl_parser where they belong.
I also took the opportunity to replace "void" functions with exit(1) or err() inside by "int" functions, with the caller checking the return value for errors (much cleaner and an old request from Theo)
ok dhartmei@ henning@
|
#
1.62 |
|
28-Jun-2003 |
deraadt |
() to (void)
|
#
1.61 |
|
27-Jun-2003 |
henning |
/etc/authpf.allow -> /etc/authpf/authpf.allow in comments spotted by Joel Knight again
|
#
1.60 |
|
24-Jun-2003 |
deraadt |
clean
|
#
1.59 |
|
24-Jun-2003 |
deraadt |
(long)getpid(); andrushock@korovino.net
|
#
1.58 |
|
03-Jun-2003 |
beck |
remove term 3, with permission from Chris Kuethe for pathnames.h
|
#
1.57 |
|
10-May-2003 |
cloder |
Be polite about leaving invalid data around in globals, just in case someone comes along later, modifies the code, and runs into a problem. OK beck@
|
#
1.56 |
|
10-May-2003 |
henning |
catch up with pfctl changes
|
#
1.55 |
|
30-Apr-2003 |
cedric |
Allow tables to be loaded into anchors. Most pfctl table commands (excluding 'show' and 'flush') support the "-a" modifier. ok dhartmei@
|
#
1.54 |
|
20-Apr-2003 |
beck |
authpf is supposed to die if the /etc/authpf/authpf.conf is not present. pr # 3217, patch from frisco@blackant.net
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.53 |
|
19-Feb-2003 |
deraadt |
branches: 1.53.2; sync to pfctl; BAD HENNING BAD BAD BAD NO COOKIE
|
#
1.52 |
|
11-Feb-2003 |
henning |
adjust after pfctl changes
|
#
1.51 |
|
03-Feb-2003 |
henning |
typos and minor KNF; from andrushock, thanks!
|
#
1.50 |
|
02-Feb-2003 |
henning |
adjust after pfctl change; parse_rules doesn't take opts seperately any more
|
#
1.49 |
|
29-Jan-2003 |
deraadt |
do setprocticle; ok camield
|
#
1.48 |
|
27-Jan-2003 |
dhartmei |
remove some unused includes, from Andrey Matveev
|
#
1.47 |
|
26-Jan-2003 |
dhartmei |
mop up, from krw
|
#
1.46 |
|
25-Jan-2003 |
cedric |
Permit initialisation of a table content from a file in pf.conf. Cleaning up of the table options parsing, more flexible. idea+cleanup deraadt@, ok dhartmei@, pass all regress tests.
|
#
1.45 |
|
09-Jan-2003 |
cedric |
Add support for active/inactive tablesets in the kernel. Add table definition/initialisation construct in pfctl parser. Add and fix documentation for pf.4 and pf.conf.5. Tested on i386 and sparc64 by myself, macppc by Daniel. ok dhartmei@
|
#
1.44 |
|
07-Jan-2003 |
dhartmei |
Add function to search for and remove stale rulesets from other authpf processes which have terminated unexpectedly. ok beck@
|
#
1.43 |
|
06-Jan-2003 |
deraadt |
nicer syslog
|
#
1.42 |
|
05-Jan-2003 |
dhartmei |
Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table name. ok henning@, mcbride@, cedric@
|
#
1.41 |
|
01-Jan-2003 |
dhartmei |
Scrub and filter rules are separated now, adjust authpf accordingly.
|
#
1.40 |
|
29-Dec-2002 |
dhartmei |
Set a macro $user_id to the user name, just like $user_ip is already set to the IP address. From discussion with Michael Lucas. ok henning@
|
#
1.39 |
|
22-Dec-2002 |
henning |
KNF
|
#
1.38 |
|
22-Dec-2002 |
dhartmei |
Instead of inserting and removing rules at the top/bottom of the main ruleset, make authpf manage its rules inside anchors.
|
#
1.37 |
|
19-Dec-2002 |
henning |
redundant memset
|
#
1.36 |
|
19-Dec-2002 |
henning |
KNF
|
#
1.35 |
|
18-Dec-2002 |
mcbride |
Fix tree breakage; match changes to struct pfctl (now contains an array of pointers to pfioc_rule).
Fix from henning@
ok dhartmei@
|
#
1.34 |
|
17-Dec-2002 |
mcbride |
Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule - Move pf_compare* functions here - fix ioctls.
|
#
1.33 |
|
06-Dec-2002 |
dhartmei |
Introduce anchors and named rule sets, allowing to load additional rule sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons.
Idea and ok deraadt@
|
#
1.32 |
|
04-Dec-2002 |
deraadt |
catch up to -v -v change in pfctl(8)
|
#
1.31 |
|
01-Dec-2002 |
henning |
KNF
|
#
1.30 |
|
01-Dec-2002 |
mcbride |
Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one.
ok dhartmei@ henning@
|
#
1.29 |
|
23-Nov-2002 |
mcbride |
don't try to do ioctl with PF_OPT_NOACTION
does not impact fuction of authpf, but make it consistent with the rest of the add_* family
ok dhartmei@
|
#
1.28 |
|
23-Nov-2002 |
mcbride |
add code to load lists of redirection addresses for nat/rdr/route-to/etc.
|
#
1.27 |
|
22-Nov-2002 |
beck |
Disallow non-interactive sessions, to avoid problem of users scp'ing to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
|
#
1.26 |
|
19-Nov-2002 |
deraadt |
be more precise
|
#
1.25 |
|
19-Nov-2002 |
deraadt |
hacks to make the tree build; henning gets a carrot up the nose next time i meet him
|
#
1.24 |
|
25-Oct-2002 |
camield |
- be even more careful with data supplied from outside - check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.23 |
|
25-Jun-2002 |
henning |
hooks for options. we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@
|
#
1.22 |
|
12-Jun-2002 |
vincent |
fix a typo that could create a fd leak
ok beck@
|
#
1.21 |
|
11-Jun-2002 |
beck |
fix breakage from the stupid way theo and I commited that last big pile of changes.
|
#
1.20 |
|
11-Jun-2002 |
kjell |
I broke this. Remove separate (optional) nat calls
|
#
1.19 |
|
08-Jun-2002 |
beck |
comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu>
|
#
1.18 |
|
07-Jun-2002 |
beck |
fix a few nits in theo's commit, make this install and run setgid authpf so that it can remove the files it creates in /var/authpf
|
#
1.17 |
|
07-Jun-2002 |
deraadt |
twist time, space, and other aspects of reality so that we can revoke privs, and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes)
|
#
1.16 |
|
30-May-2002 |
form |
Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to prevent users from playing with $SSH_CLIENT.
|
#
1.15 |
|
21-May-2002 |
deraadt |
KNF before more major hacking
|
#
1.14 |
|
16-May-2002 |
deraadt |
KNF
|
#
1.13 |
|
24-Apr-2002 |
dhartmei |
Unbreak from pfvar.h change.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.12 |
|
09-Apr-2002 |
frantzen |
make sure we fflush() after a sending a message and fix a typo in a comment ok beck@ and deraadt@
|
#
1.11 |
|
09-Apr-2002 |
beck |
don't trust USER from the environment - bad, allows users to see files they shouldn't
|
#
1.10 |
|
09-Apr-2002 |
deraadt |
minor KNF
|
#
1.9 |
|
08-Apr-2002 |
mpech |
Free memory. Patch from millert@.
|
#
1.8 |
|
07-Apr-2002 |
frantzen |
fix authpf_kill_states()
|
#
1.7 |
|
05-Apr-2002 |
deraadt |
move location of per-user config files; beck ok
|
#
1.6 |
|
05-Apr-2002 |
beck |
ensure that rules files are owned and writable only by root, along their entire path, change docs accordingly. This ensures that people don't accidentally use the $HOME config files to override real settings unless root meant to do it.
|
#
1.5 |
|
01-Apr-2002 |
beck |
don't need this anymore
|
#
1.4 |
|
01-Apr-2002 |
beck |
typo in comment
|
#
1.3 |
|
01-Apr-2002 |
beck |
-Tattling is bad, users should be allowed to run anything on the system without it generating logs -exit with 0 and 1 instead of EX_FOO -make read_config (with the test and exit) the first thing that happens in main, no openlog or memset first.
|
#
1.2 |
|
01-Apr-2002 |
beck |
-Make the /etc/authpf/authpf.conf config file required. -Change authpf to install setuid by default, and exit with a tattling syslog message if a user runs it without a config file present. -Change man page to reflect this.
|
#
1.1 |
|
01-Apr-2002 |
beck |
authpf - authenticating gateway shell for use with ssh(1) to make authenticating gateway type firewalls.
caveats - needs to be setuid to opertate (but does not install that way) consult the man page for configuration issues.
|
#
1.127 |
|
26-Apr-2018 |
guenther |
Use <fcntl.h> instead of <sys/file.h> for open() and friends. Delete a bunch of unnecessary #includes and sort to match style(9) while doing the above cleanup.
ok deraadt@ krw@
|
Revision tags: OPENBSD_6_3_BASE
|
#
1.126 |
|
16-Jan-2018 |
cheloha |
Use the monotonic clock to compute the session duration.
Ensures the correct duration is logged even if the system time is changed during the session.
ok jca@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.125 |
|
29-Mar-2016 |
mestre |
- Add missing goto in order to avoid a dereference of a null object - While here remove lint comment
OK millert@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.124 |
|
08-Dec-2015 |
mmcc |
Remove a NULL-check before free().
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.123 |
|
21-Jan-2015 |
deraadt |
Include <netinet/in.h> before <net/pfvar.h>. In a future change when ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
#
1.122 |
|
15-Jan-2015 |
deraadt |
switch to PATH_MAX
|
#
1.121 |
|
08-Oct-2014 |
deraadt |
remove stupid cast
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.120 |
|
02-Apr-2014 |
deraadt |
use setresgid() ok guenther millert
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.119 |
|
02-Apr-2013 |
guenther |
Handle big time_t
ok deraadt@
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.118 |
|
19-Jan-2013 |
miod |
fix build with gcc 2
|
#
1.117 |
|
15-Jan-2013 |
beck |
Per group support for authpf rules files in /etc/authpf/groups. largely by Frank Timmers <frankt@smurfnet.eu> with fixups by me and jmc@.
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.116 |
|
07-Jul-2012 |
claudio |
Fix file descriptor leak reported by someone on the mailing list long time ago. OK beck@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.115 |
|
02-Sep-2010 |
sobrado |
remove trailing spaces and tabs; no binary change.
written with help from henning@, who suggested ensuring that there are no changes in the digests for object files, thanks!
ok henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.114 |
|
27-Jan-2010 |
todd |
search for authpf.message in $USER dirs also from Rafal Bisingier ravbc at man dot pozman dot pl, ok beck@
|
#
1.113 |
|
23-Nov-2009 |
claudio |
Make the tree compile again. Henning and I are both quite sure this is correct.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.112 |
|
10-Jan-2009 |
miod |
Uninitialized variable introduced in 1.110.
|
#
1.111 |
|
10-Jan-2009 |
todd |
variable declaration before use, found by vax, no cookie
|
#
1.110 |
|
06-Jan-2009 |
mcbride |
Support group and login class in authpf.allow (%<group>, @<class>)
ok beck
|
#
1.109 |
|
07-Oct-2008 |
deraadt |
protect better against races from incoming signals; slightly changed from 5394 by tracking the fd instead of the fp. ok beck
|
#
1.108 |
|
05-Oct-2008 |
deraadt |
grammar; PR 5394
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.107 |
|
14-Feb-2008 |
mcbride |
Add authpf-noip, which allows multiple users to connect from a single IP; forces users to write sane rulesets for this by not providing $user_ip or updating the authpf table.
testing and prodding by mtu, manpage heavily worked over by jmc ok beck dhartmei henning
|
#
1.106 |
|
01-Feb-2008 |
mcbride |
Clean anchors recursively and directly via ioctls rather than using pfctl with '-f /dev/null'. Properly clears the user's anchor even when anchors are nested inside it (And avoids having to fork() on exit to run pfctl)
ok beck@, with testing by mtu@
|
#
1.105 |
|
25-Sep-2007 |
chl |
handle empty strings returned by fgets
ok ray@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.104 |
|
24-Feb-2007 |
beck |
exit right away if the config file isn't there, rather than doing a whole bunch of needless screwing around noticed by Stefan Krah <stefan-usenet@bytereef.org>
|
#
1.103 |
|
24-Feb-2007 |
beck |
license + copyright
|
#
1.102 |
|
24-Feb-2007 |
beck |
Pr 5395 from Stefan Krah <stefan-usenet@bytereef.org> cleanup: remove unused arg no need to clear locals return -1 to allow pid cleanup to happen if fork fails
|
#
1.101 |
|
22-Feb-2007 |
beck |
this ftruncate is really not needed now, if we're just unlinking. ok millert@
|
#
1.100 |
|
22-Feb-2007 |
beck |
close 5389 and 5390, unused variable and a chance to unlink the pidfile without lock if we couldn't kill a preexisting authpf process. spotted by Stefan Krah <sfk1@bigfoot.com>.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.99 |
|
09-Aug-2006 |
dhartmei |
handle SIGQUIT instead of SIGSTOP, from Stefan Krah
|
#
1.98 |
|
17-Mar-2006 |
deraadt |
FILE * leak
|
#
1.97 |
|
14-Mar-2006 |
beck |
fix incorrect sizeof(), spotted by ckuethe ok deraadt@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.96 |
|
12-Dec-2005 |
beck |
correct err() usage and remove the do_death which is unneeded in the child proceess, (as noticed by <evol@online.ptt.ru>)
|
#
1.95 |
|
12-Dec-2005 |
beck |
Backout previous change back to 1.92 - My fault, committed diff from unclean tree.
|
#
1.94 |
|
09-Dec-2005 |
beck |
Mine, so modernize license
|
#
1.93 |
|
09-Dec-2005 |
beck |
calling do_death() after err makes us exit is not smart, and is in fact unnecessary, my usage of err() here also repeated the formatted error message twice. - We don't need do_death() here, and fix err to print the message a bit more sanely. Noticed by Andrey Matveev <evol@online.ptt.ru> - Thanks
|
#
1.92 |
|
08-Dec-2005 |
beck |
make authpf give up group privs before exec'ing pfctl - makes it so the new taint enforcement for /dev/fd/X opens don't kill it
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.91 |
|
23-May-2005 |
henning |
branches: 1.91.2; useless endpwent
|
#
1.90 |
|
02-May-2005 |
djm |
more setres[ug]id; ok deraadt@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.89 |
|
10-Feb-2005 |
joel |
branches: 1.89.2; Minor punctuation nit.
ok henning@
|
#
1.88 |
|
31-Jan-2005 |
henning |
warn(3) + _exit(2) instead of err(3) in the forked child From: Andrey Matveev <andrushock@korovino.net>
|
#
1.87 |
|
31-Jan-2005 |
henning |
-Wsign-compare clean, Andrey Matveev <andrushock@korovino.net>
|
#
1.86 |
|
16-Sep-2004 |
deraadt |
ftruncate() with ftello() instead of ftell(); ok millert
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.85 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.84 |
|
14-Jun-2004 |
cedric |
Use new ioctls. ok beck@ henning@
|
#
1.83 |
|
21-May-2004 |
dhartmei |
Use '/' instead of ':' as separator for anchor path components. Note that the parser now needs quotes around paths containing separators. ok mcbride@
|
#
1.82 |
|
19-May-2004 |
dhartmei |
Allow recursive anchors (anchors within anchors, up to 64 levels deep). More work required, but this is already functional. authpf users will need to adjust their anchor calls, but this will change again soon. ok beck@, cedric@, henning@, mcbride@
|
#
1.81 |
|
13-May-2004 |
henning |
as the authpf manpage describes, the connecting user's shell can be overloaded via login.conf. When verifying that the user's login shell is indeed authpf it is not sufficient to look at (struct passwd)->pw_shell, we also have to use login_getclass etc to check wether the shell gets overloaded. ok millert@ beck@
|
#
1.80 |
|
28-Apr-2004 |
cedric |
Put authpf user's IP addresses in the <authpf_users> table. ok deraadt@ dhartmei@ markus@ mcbride@
|
#
1.79 |
|
28-Apr-2004 |
djm |
IPv6 support; ok beck@
|
#
1.78 |
|
25-Apr-2004 |
deraadt |
clean; ok beck
|
#
1.77 |
|
25-Apr-2004 |
beck |
Make authpf exec pfctl instead of sucking in code from pfctl ok cedric@
|
#
1.76 |
|
09-Apr-2004 |
cedric |
Do not try to load directories. found+ok mpech@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.75 |
|
29-Jan-2004 |
deraadt |
MORE BULLSHIT BECAUSE THIS PIECE OF SHIT IS INTERTWINED WITH PFCTL
|
#
1.74 |
|
13-Jan-2004 |
dhartmei |
handle ruleset names containing usernames, fixes PR 3627, ok Bob
|
#
1.73 |
|
15-Dec-2003 |
mcbride |
Add initial support for pf state synchronization over the network. Implemented as an in-kernel multicast IP protocol.
Turn it on like this:
# ifconfig pfsync0 up syncif fxp0
There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls.
NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers.
Much more to come.
ok deraadt@
|
#
1.72 |
|
10-Dec-2003 |
beck |
- fix a few exit cases that would exit with no log - add username to added ruleset names when possible - add much needed example to man page showing how to use NAT with tagging to track NATed authpfed connections. ok henning@ dhartmei@, man page cleanup by jmc@
|
#
1.71 |
|
14-Nov-2003 |
henning |
catch up with pfctl changes
|
#
1.70 |
|
26-Sep-2003 |
cedric |
Rearchitecture of the userland/kernel IOCTL interface for transactions. This brings us close to 100% atomicity for a "pfctl -f pf.conf" command. (some splxxx work remain in the kernel). Basically, improvements are:
- Anchors/Rulesets cannot disappear unexpectedly anymore. - No more leftover in the kernel if "pfctl -f" fail. - Commit is now done in a single atomic IOCTL.
WARNING: The kernel code is fully backward compatible, but the new pfctl/authpf userland utilities will only run on a new kernel.
The following ioctls are deprecated (i.e. will be deleted sooner or later, depending on how many 3rd party utilities use them and how soon they can be upgraded):
- DIOCBEGINRULES - DIOCCOMMITRULES - DIOCBEGINALTQS - DIOCCOMMITALTQS - DIOCRINABEGIN - DIOCRINADEFINE
They are replaced by the following ioctls (yes, PF(4) will follow) which operate on a vector of rulesets:
- DIOCXBEGIN - DIOCXCOMMIT - DIOCXROLLBACK
Ok dhartmei@ mcbride@
|
#
1.69 |
|
26-Sep-2003 |
henning |
erm, committing to teh right repository helps sometimes. don't reject usernames > 15 chars; username is not used as ruleset name any more, thus, this restriction is gone. PR3491, fix from dhartmei
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.68 |
|
21-Aug-2003 |
frantzen |
stuff needed for passive OS fingerprinting PF rules
|
#
1.67 |
|
01-Aug-2003 |
millert |
tickets are now u_int32_t, not int, fixes tree breakage; from Andrey Smagin
|
#
1.66 |
|
11-Jul-2003 |
cedric |
Better parsing and -v support for tables:
- remove the tableaddrs and tableaddr yacc production and reuse host_list instead. - produce better error messages. - do not load addresses from external file when it is not required (like with -R option). - store initializers in a new node_tinit linked list before putting them into the address buffer (see next point). - add a new print_tabledef() function, which makes "pfctl -nvf" print something useful for table definitions, which in turn makes it possible to write better regress tests (see first chunk of the diff) and bring table definition consistant with other parsed rules.
ok dhartmei@
|
#
1.65 |
|
08-Jul-2003 |
dhartmei |
Fix a bug that caused removal of previous users' rules when more then one user loggged in concurrently. And fix a smaller bug which prevented complete removal of a user's state entries on logout. Bug report and testing by Ed Powers.
|
#
1.64 |
|
03-Jul-2003 |
cedric |
Bye bye atexit(), bye bye globals... The pfctl.c part will probably need some further improvements. ok henning@
|
#
1.63 |
|
03-Jul-2003 |
cedric |
This patch finally cleanup pfctl_table.c. No more global buffer, and a couple of parsing functions moved to parse.y or pfctl_parser where they belong.
I also took the opportunity to replace "void" functions with exit(1) or err() inside by "int" functions, with the caller checking the return value for errors (much cleaner and an old request from Theo)
ok dhartmei@ henning@
|
#
1.62 |
|
28-Jun-2003 |
deraadt |
() to (void)
|
#
1.61 |
|
27-Jun-2003 |
henning |
/etc/authpf.allow -> /etc/authpf/authpf.allow in comments spotted by Joel Knight again
|
#
1.60 |
|
24-Jun-2003 |
deraadt |
clean
|
#
1.59 |
|
24-Jun-2003 |
deraadt |
(long)getpid(); andrushock@korovino.net
|
#
1.58 |
|
03-Jun-2003 |
beck |
remove term 3, with permission from Chris Kuethe for pathnames.h
|
#
1.57 |
|
10-May-2003 |
cloder |
Be polite about leaving invalid data around in globals, just in case someone comes along later, modifies the code, and runs into a problem. OK beck@
|
#
1.56 |
|
10-May-2003 |
henning |
catch up with pfctl changes
|
#
1.55 |
|
30-Apr-2003 |
cedric |
Allow tables to be loaded into anchors. Most pfctl table commands (excluding 'show' and 'flush') support the "-a" modifier. ok dhartmei@
|
#
1.54 |
|
20-Apr-2003 |
beck |
authpf is supposed to die if the /etc/authpf/authpf.conf is not present. pr # 3217, patch from frisco@blackant.net
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.53 |
|
19-Feb-2003 |
deraadt |
branches: 1.53.2; sync to pfctl; BAD HENNING BAD BAD BAD NO COOKIE
|
#
1.52 |
|
11-Feb-2003 |
henning |
adjust after pfctl changes
|
#
1.51 |
|
03-Feb-2003 |
henning |
typos and minor KNF; from andrushock, thanks!
|
#
1.50 |
|
02-Feb-2003 |
henning |
adjust after pfctl change; parse_rules doesn't take opts seperately any more
|
#
1.49 |
|
29-Jan-2003 |
deraadt |
do setprocticle; ok camield
|
#
1.48 |
|
27-Jan-2003 |
dhartmei |
remove some unused includes, from Andrey Matveev
|
#
1.47 |
|
26-Jan-2003 |
dhartmei |
mop up, from krw
|
#
1.46 |
|
25-Jan-2003 |
cedric |
Permit initialisation of a table content from a file in pf.conf. Cleaning up of the table options parsing, more flexible. idea+cleanup deraadt@, ok dhartmei@, pass all regress tests.
|
#
1.45 |
|
09-Jan-2003 |
cedric |
Add support for active/inactive tablesets in the kernel. Add table definition/initialisation construct in pfctl parser. Add and fix documentation for pf.4 and pf.conf.5. Tested on i386 and sparc64 by myself, macppc by Daniel. ok dhartmei@
|
#
1.44 |
|
07-Jan-2003 |
dhartmei |
Add function to search for and remove stale rulesets from other authpf processes which have terminated unexpectedly. ok beck@
|
#
1.43 |
|
06-Jan-2003 |
deraadt |
nicer syslog
|
#
1.42 |
|
05-Jan-2003 |
dhartmei |
Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table name. ok henning@, mcbride@, cedric@
|
#
1.41 |
|
01-Jan-2003 |
dhartmei |
Scrub and filter rules are separated now, adjust authpf accordingly.
|
#
1.40 |
|
29-Dec-2002 |
dhartmei |
Set a macro $user_id to the user name, just like $user_ip is already set to the IP address. From discussion with Michael Lucas. ok henning@
|
#
1.39 |
|
22-Dec-2002 |
henning |
KNF
|
#
1.38 |
|
22-Dec-2002 |
dhartmei |
Instead of inserting and removing rules at the top/bottom of the main ruleset, make authpf manage its rules inside anchors.
|
#
1.37 |
|
19-Dec-2002 |
henning |
redundant memset
|
#
1.36 |
|
19-Dec-2002 |
henning |
KNF
|
#
1.35 |
|
18-Dec-2002 |
mcbride |
Fix tree breakage; match changes to struct pfctl (now contains an array of pointers to pfioc_rule).
Fix from henning@
ok dhartmei@
|
#
1.34 |
|
17-Dec-2002 |
mcbride |
Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule - Move pf_compare* functions here - fix ioctls.
|
#
1.33 |
|
06-Dec-2002 |
dhartmei |
Introduce anchors and named rule sets, allowing to load additional rule sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons.
Idea and ok deraadt@
|
#
1.32 |
|
04-Dec-2002 |
deraadt |
catch up to -v -v change in pfctl(8)
|
#
1.31 |
|
01-Dec-2002 |
henning |
KNF
|
#
1.30 |
|
01-Dec-2002 |
mcbride |
Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one.
ok dhartmei@ henning@
|
#
1.29 |
|
23-Nov-2002 |
mcbride |
don't try to do ioctl with PF_OPT_NOACTION
does not impact fuction of authpf, but make it consistent with the rest of the add_* family
ok dhartmei@
|
#
1.28 |
|
23-Nov-2002 |
mcbride |
add code to load lists of redirection addresses for nat/rdr/route-to/etc.
|
#
1.27 |
|
22-Nov-2002 |
beck |
Disallow non-interactive sessions, to avoid problem of users scp'ing to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
|
#
1.26 |
|
19-Nov-2002 |
deraadt |
be more precise
|
#
1.25 |
|
19-Nov-2002 |
deraadt |
hacks to make the tree build; henning gets a carrot up the nose next time i meet him
|
#
1.24 |
|
25-Oct-2002 |
camield |
- be even more careful with data supplied from outside - check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.23 |
|
25-Jun-2002 |
henning |
hooks for options. we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@
|
#
1.22 |
|
12-Jun-2002 |
vincent |
fix a typo that could create a fd leak
ok beck@
|
#
1.21 |
|
11-Jun-2002 |
beck |
fix breakage from the stupid way theo and I commited that last big pile of changes.
|
#
1.20 |
|
11-Jun-2002 |
kjell |
I broke this. Remove separate (optional) nat calls
|
#
1.19 |
|
08-Jun-2002 |
beck |
comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu>
|
#
1.18 |
|
07-Jun-2002 |
beck |
fix a few nits in theo's commit, make this install and run setgid authpf so that it can remove the files it creates in /var/authpf
|
#
1.17 |
|
07-Jun-2002 |
deraadt |
twist time, space, and other aspects of reality so that we can revoke privs, and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes)
|
#
1.16 |
|
30-May-2002 |
form |
Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to prevent users from playing with $SSH_CLIENT.
|
#
1.15 |
|
21-May-2002 |
deraadt |
KNF before more major hacking
|
#
1.14 |
|
16-May-2002 |
deraadt |
KNF
|
#
1.13 |
|
24-Apr-2002 |
dhartmei |
Unbreak from pfvar.h change.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.12 |
|
09-Apr-2002 |
frantzen |
make sure we fflush() after a sending a message and fix a typo in a comment ok beck@ and deraadt@
|
#
1.11 |
|
09-Apr-2002 |
beck |
don't trust USER from the environment - bad, allows users to see files they shouldn't
|
#
1.10 |
|
09-Apr-2002 |
deraadt |
minor KNF
|
#
1.9 |
|
08-Apr-2002 |
mpech |
Free memory. Patch from millert@.
|
#
1.8 |
|
07-Apr-2002 |
frantzen |
fix authpf_kill_states()
|
#
1.7 |
|
05-Apr-2002 |
deraadt |
move location of per-user config files; beck ok
|
#
1.6 |
|
05-Apr-2002 |
beck |
ensure that rules files are owned and writable only by root, along their entire path, change docs accordingly. This ensures that people don't accidentally use the $HOME config files to override real settings unless root meant to do it.
|
#
1.5 |
|
01-Apr-2002 |
beck |
don't need this anymore
|
#
1.4 |
|
01-Apr-2002 |
beck |
typo in comment
|
#
1.3 |
|
01-Apr-2002 |
beck |
-Tattling is bad, users should be allowed to run anything on the system without it generating logs -exit with 0 and 1 instead of EX_FOO -make read_config (with the test and exit) the first thing that happens in main, no openlog or memset first.
|
#
1.2 |
|
01-Apr-2002 |
beck |
-Make the /etc/authpf/authpf.conf config file required. -Change authpf to install setuid by default, and exit with a tattling syslog message if a user runs it without a config file present. -Change man page to reflect this.
|
#
1.1 |
|
01-Apr-2002 |
beck |
authpf - authenticating gateway shell for use with ssh(1) to make authenticating gateway type firewalls.
caveats - needs to be setuid to opertate (but does not install that way) consult the man page for configuration issues.
|
#
1.126 |
|
16-Jan-2018 |
cheloha |
Use the monotonic clock to compute the session duration.
Ensures the correct duration is logged even if the system time is changed during the session.
ok jca@
|
Revision tags: OPENBSD_6_0_BASE OPENBSD_6_1_BASE OPENBSD_6_2_BASE
|
#
1.125 |
|
29-Mar-2016 |
mestre |
- Add missing goto in order to avoid a dereference of a null object - While here remove lint comment
OK millert@
|
Revision tags: OPENBSD_5_9_BASE
|
#
1.124 |
|
08-Dec-2015 |
mmcc |
Remove a NULL-check before free().
|
Revision tags: OPENBSD_5_7_BASE OPENBSD_5_8_BASE
|
#
1.123 |
|
21-Jan-2015 |
deraadt |
Include <netinet/in.h> before <net/pfvar.h>. In a future change when ports is ready, <net/pfvar.h> will stop including a pile of balony.
|
#
1.122 |
|
15-Jan-2015 |
deraadt |
switch to PATH_MAX
|
#
1.121 |
|
08-Oct-2014 |
deraadt |
remove stupid cast
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.120 |
|
02-Apr-2014 |
deraadt |
use setresgid() ok guenther millert
|
Revision tags: OPENBSD_5_4_BASE OPENBSD_5_5_BASE
|
#
1.119 |
|
02-Apr-2013 |
guenther |
Handle big time_t
ok deraadt@
|
Revision tags: OPENBSD_5_3_BASE
|
#
1.118 |
|
19-Jan-2013 |
miod |
fix build with gcc 2
|
#
1.117 |
|
15-Jan-2013 |
beck |
Per group support for authpf rules files in /etc/authpf/groups. largely by Frank Timmers <frankt@smurfnet.eu> with fixups by me and jmc@.
|
Revision tags: OPENBSD_5_2_BASE
|
#
1.116 |
|
07-Jul-2012 |
claudio |
Fix file descriptor leak reported by someone on the mailing list long time ago. OK beck@
|
Revision tags: OPENBSD_4_9_BASE OPENBSD_5_0_BASE OPENBSD_5_1_BASE
|
#
1.115 |
|
02-Sep-2010 |
sobrado |
remove trailing spaces and tabs; no binary change.
written with help from henning@, who suggested ensuring that there are no changes in the digests for object files, thanks!
ok henning@
|
Revision tags: OPENBSD_4_7_BASE OPENBSD_4_8_BASE
|
#
1.114 |
|
27-Jan-2010 |
todd |
search for authpf.message in $USER dirs also from Rafal Bisingier ravbc at man dot pozman dot pl, ok beck@
|
#
1.113 |
|
23-Nov-2009 |
claudio |
Make the tree compile again. Henning and I are both quite sure this is correct.
|
Revision tags: OPENBSD_4_5_BASE OPENBSD_4_6_BASE
|
#
1.112 |
|
10-Jan-2009 |
miod |
Uninitialized variable introduced in 1.110.
|
#
1.111 |
|
10-Jan-2009 |
todd |
variable declaration before use, found by vax, no cookie
|
#
1.110 |
|
06-Jan-2009 |
mcbride |
Support group and login class in authpf.allow (%<group>, @<class>)
ok beck
|
#
1.109 |
|
07-Oct-2008 |
deraadt |
protect better against races from incoming signals; slightly changed from 5394 by tracking the fd instead of the fp. ok beck
|
#
1.108 |
|
05-Oct-2008 |
deraadt |
grammar; PR 5394
|
Revision tags: OPENBSD_4_3_BASE OPENBSD_4_4_BASE
|
#
1.107 |
|
14-Feb-2008 |
mcbride |
Add authpf-noip, which allows multiple users to connect from a single IP; forces users to write sane rulesets for this by not providing $user_ip or updating the authpf table.
testing and prodding by mtu, manpage heavily worked over by jmc ok beck dhartmei henning
|
#
1.106 |
|
01-Feb-2008 |
mcbride |
Clean anchors recursively and directly via ioctls rather than using pfctl with '-f /dev/null'. Properly clears the user's anchor even when anchors are nested inside it (And avoids having to fork() on exit to run pfctl)
ok beck@, with testing by mtu@
|
#
1.105 |
|
25-Sep-2007 |
chl |
handle empty strings returned by fgets
ok ray@
|
Revision tags: OPENBSD_4_1_BASE OPENBSD_4_2_BASE
|
#
1.104 |
|
24-Feb-2007 |
beck |
exit right away if the config file isn't there, rather than doing a whole bunch of needless screwing around noticed by Stefan Krah <stefan-usenet@bytereef.org>
|
#
1.103 |
|
24-Feb-2007 |
beck |
license + copyright
|
#
1.102 |
|
24-Feb-2007 |
beck |
Pr 5395 from Stefan Krah <stefan-usenet@bytereef.org> cleanup: remove unused arg no need to clear locals return -1 to allow pid cleanup to happen if fork fails
|
#
1.101 |
|
22-Feb-2007 |
beck |
this ftruncate is really not needed now, if we're just unlinking. ok millert@
|
#
1.100 |
|
22-Feb-2007 |
beck |
close 5389 and 5390, unused variable and a chance to unlink the pidfile without lock if we couldn't kill a preexisting authpf process. spotted by Stefan Krah <sfk1@bigfoot.com>.
|
Revision tags: OPENBSD_4_0_BASE
|
#
1.99 |
|
09-Aug-2006 |
dhartmei |
handle SIGQUIT instead of SIGSTOP, from Stefan Krah
|
#
1.98 |
|
17-Mar-2006 |
deraadt |
FILE * leak
|
#
1.97 |
|
14-Mar-2006 |
beck |
fix incorrect sizeof(), spotted by ckuethe ok deraadt@
|
Revision tags: OPENBSD_3_9_BASE
|
#
1.96 |
|
12-Dec-2005 |
beck |
correct err() usage and remove the do_death which is unneeded in the child proceess, (as noticed by <evol@online.ptt.ru>)
|
#
1.95 |
|
12-Dec-2005 |
beck |
Backout previous change back to 1.92 - My fault, committed diff from unclean tree.
|
#
1.94 |
|
09-Dec-2005 |
beck |
Mine, so modernize license
|
#
1.93 |
|
09-Dec-2005 |
beck |
calling do_death() after err makes us exit is not smart, and is in fact unnecessary, my usage of err() here also repeated the formatted error message twice. - We don't need do_death() here, and fix err to print the message a bit more sanely. Noticed by Andrey Matveev <evol@online.ptt.ru> - Thanks
|
#
1.92 |
|
08-Dec-2005 |
beck |
make authpf give up group privs before exec'ing pfctl - makes it so the new taint enforcement for /dev/fd/X opens don't kill it
|
Revision tags: OPENBSD_3_8_BASE
|
#
1.91 |
|
23-May-2005 |
henning |
branches: 1.91.2; useless endpwent
|
#
1.90 |
|
02-May-2005 |
djm |
more setres[ug]id; ok deraadt@
|
Revision tags: OPENBSD_3_7_BASE
|
#
1.89 |
|
10-Feb-2005 |
joel |
branches: 1.89.2; Minor punctuation nit.
ok henning@
|
#
1.88 |
|
31-Jan-2005 |
henning |
warn(3) + _exit(2) instead of err(3) in the forked child From: Andrey Matveev <andrushock@korovino.net>
|
#
1.87 |
|
31-Jan-2005 |
henning |
-Wsign-compare clean, Andrey Matveev <andrushock@korovino.net>
|
#
1.86 |
|
16-Sep-2004 |
deraadt |
ftruncate() with ftello() instead of ftell(); ok millert
|
Revision tags: OPENBSD_3_6_BASE
|
#
1.85 |
|
08-Aug-2004 |
deraadt |
spacing
|
#
1.84 |
|
14-Jun-2004 |
cedric |
Use new ioctls. ok beck@ henning@
|
#
1.83 |
|
21-May-2004 |
dhartmei |
Use '/' instead of ':' as separator for anchor path components. Note that the parser now needs quotes around paths containing separators. ok mcbride@
|
#
1.82 |
|
19-May-2004 |
dhartmei |
Allow recursive anchors (anchors within anchors, up to 64 levels deep). More work required, but this is already functional. authpf users will need to adjust their anchor calls, but this will change again soon. ok beck@, cedric@, henning@, mcbride@
|
#
1.81 |
|
13-May-2004 |
henning |
as the authpf manpage describes, the connecting user's shell can be overloaded via login.conf. When verifying that the user's login shell is indeed authpf it is not sufficient to look at (struct passwd)->pw_shell, we also have to use login_getclass etc to check wether the shell gets overloaded. ok millert@ beck@
|
#
1.80 |
|
28-Apr-2004 |
cedric |
Put authpf user's IP addresses in the <authpf_users> table. ok deraadt@ dhartmei@ markus@ mcbride@
|
#
1.79 |
|
28-Apr-2004 |
djm |
IPv6 support; ok beck@
|
#
1.78 |
|
25-Apr-2004 |
deraadt |
clean; ok beck
|
#
1.77 |
|
25-Apr-2004 |
beck |
Make authpf exec pfctl instead of sucking in code from pfctl ok cedric@
|
#
1.76 |
|
09-Apr-2004 |
cedric |
Do not try to load directories. found+ok mpech@
|
Revision tags: OPENBSD_3_5_BASE
|
#
1.75 |
|
29-Jan-2004 |
deraadt |
MORE BULLSHIT BECAUSE THIS PIECE OF SHIT IS INTERTWINED WITH PFCTL
|
#
1.74 |
|
13-Jan-2004 |
dhartmei |
handle ruleset names containing usernames, fixes PR 3627, ok Bob
|
#
1.73 |
|
15-Dec-2003 |
mcbride |
Add initial support for pf state synchronization over the network. Implemented as an in-kernel multicast IP protocol.
Turn it on like this:
# ifconfig pfsync0 up syncif fxp0
There is not yet any authentication on this protocol, so the syncif must be on a trusted network. ie, a crossover cable between the two firewalls.
NOTABLE CHANGES: - A new index based on a unique (creatorid, stateid) tuple has been added to the state tree. - Updates now appear on the pfsync(4) interface; multiple updates may be compressed into a single update. - Applications which use bpf on pfsync(4) will need modification; packets on pfsync no longer contains regular pf_state structs, but pfsync_state structs which contain no pointers.
Much more to come.
ok deraadt@
|
#
1.72 |
|
10-Dec-2003 |
beck |
- fix a few exit cases that would exit with no log - add username to added ruleset names when possible - add much needed example to man page showing how to use NAT with tagging to track NATed authpfed connections. ok henning@ dhartmei@, man page cleanup by jmc@
|
#
1.71 |
|
14-Nov-2003 |
henning |
catch up with pfctl changes
|
#
1.70 |
|
26-Sep-2003 |
cedric |
Rearchitecture of the userland/kernel IOCTL interface for transactions. This brings us close to 100% atomicity for a "pfctl -f pf.conf" command. (some splxxx work remain in the kernel). Basically, improvements are:
- Anchors/Rulesets cannot disappear unexpectedly anymore. - No more leftover in the kernel if "pfctl -f" fail. - Commit is now done in a single atomic IOCTL.
WARNING: The kernel code is fully backward compatible, but the new pfctl/authpf userland utilities will only run on a new kernel.
The following ioctls are deprecated (i.e. will be deleted sooner or later, depending on how many 3rd party utilities use them and how soon they can be upgraded):
- DIOCBEGINRULES - DIOCCOMMITRULES - DIOCBEGINALTQS - DIOCCOMMITALTQS - DIOCRINABEGIN - DIOCRINADEFINE
They are replaced by the following ioctls (yes, PF(4) will follow) which operate on a vector of rulesets:
- DIOCXBEGIN - DIOCXCOMMIT - DIOCXROLLBACK
Ok dhartmei@ mcbride@
|
#
1.69 |
|
26-Sep-2003 |
henning |
erm, committing to teh right repository helps sometimes. don't reject usernames > 15 chars; username is not used as ruleset name any more, thus, this restriction is gone. PR3491, fix from dhartmei
|
Revision tags: OPENBSD_3_4_BASE
|
#
1.68 |
|
21-Aug-2003 |
frantzen |
stuff needed for passive OS fingerprinting PF rules
|
#
1.67 |
|
01-Aug-2003 |
millert |
tickets are now u_int32_t, not int, fixes tree breakage; from Andrey Smagin
|
#
1.66 |
|
11-Jul-2003 |
cedric |
Better parsing and -v support for tables:
- remove the tableaddrs and tableaddr yacc production and reuse host_list instead. - produce better error messages. - do not load addresses from external file when it is not required (like with -R option). - store initializers in a new node_tinit linked list before putting them into the address buffer (see next point). - add a new print_tabledef() function, which makes "pfctl -nvf" print something useful for table definitions, which in turn makes it possible to write better regress tests (see first chunk of the diff) and bring table definition consistant with other parsed rules.
ok dhartmei@
|
#
1.65 |
|
08-Jul-2003 |
dhartmei |
Fix a bug that caused removal of previous users' rules when more then one user loggged in concurrently. And fix a smaller bug which prevented complete removal of a user's state entries on logout. Bug report and testing by Ed Powers.
|
#
1.64 |
|
03-Jul-2003 |
cedric |
Bye bye atexit(), bye bye globals... The pfctl.c part will probably need some further improvements. ok henning@
|
#
1.63 |
|
03-Jul-2003 |
cedric |
This patch finally cleanup pfctl_table.c. No more global buffer, and a couple of parsing functions moved to parse.y or pfctl_parser where they belong.
I also took the opportunity to replace "void" functions with exit(1) or err() inside by "int" functions, with the caller checking the return value for errors (much cleaner and an old request from Theo)
ok dhartmei@ henning@
|
#
1.62 |
|
28-Jun-2003 |
deraadt |
() to (void)
|
#
1.61 |
|
27-Jun-2003 |
henning |
/etc/authpf.allow -> /etc/authpf/authpf.allow in comments spotted by Joel Knight again
|
#
1.60 |
|
24-Jun-2003 |
deraadt |
clean
|
#
1.59 |
|
24-Jun-2003 |
deraadt |
(long)getpid(); andrushock@korovino.net
|
#
1.58 |
|
03-Jun-2003 |
beck |
remove term 3, with permission from Chris Kuethe for pathnames.h
|
#
1.57 |
|
10-May-2003 |
cloder |
Be polite about leaving invalid data around in globals, just in case someone comes along later, modifies the code, and runs into a problem. OK beck@
|
#
1.56 |
|
10-May-2003 |
henning |
catch up with pfctl changes
|
#
1.55 |
|
30-Apr-2003 |
cedric |
Allow tables to be loaded into anchors. Most pfctl table commands (excluding 'show' and 'flush') support the "-a" modifier. ok dhartmei@
|
#
1.54 |
|
20-Apr-2003 |
beck |
authpf is supposed to die if the /etc/authpf/authpf.conf is not present. pr # 3217, patch from frisco@blackant.net
|
Revision tags: OPENBSD_3_3_BASE
|
#
1.53 |
|
19-Feb-2003 |
deraadt |
branches: 1.53.2; sync to pfctl; BAD HENNING BAD BAD BAD NO COOKIE
|
#
1.52 |
|
11-Feb-2003 |
henning |
adjust after pfctl changes
|
#
1.51 |
|
03-Feb-2003 |
henning |
typos and minor KNF; from andrushock, thanks!
|
#
1.50 |
|
02-Feb-2003 |
henning |
adjust after pfctl change; parse_rules doesn't take opts seperately any more
|
#
1.49 |
|
29-Jan-2003 |
deraadt |
do setprocticle; ok camield
|
#
1.48 |
|
27-Jan-2003 |
dhartmei |
remove some unused includes, from Andrey Matveev
|
#
1.47 |
|
26-Jan-2003 |
dhartmei |
mop up, from krw
|
#
1.46 |
|
25-Jan-2003 |
cedric |
Permit initialisation of a table content from a file in pf.conf. Cleaning up of the table options parsing, more flexible. idea+cleanup deraadt@, ok dhartmei@, pass all regress tests.
|
#
1.45 |
|
09-Jan-2003 |
cedric |
Add support for active/inactive tablesets in the kernel. Add table definition/initialisation construct in pfctl parser. Add and fix documentation for pf.4 and pf.conf.5. Tested on i386 and sparc64 by myself, macppc by Daniel. ok dhartmei@
|
#
1.44 |
|
07-Jan-2003 |
dhartmei |
Add function to search for and remove stale rulesets from other authpf processes which have terminated unexpectedly. ok beck@
|
#
1.43 |
|
06-Jan-2003 |
deraadt |
nicer syslog
|
#
1.42 |
|
05-Jan-2003 |
dhartmei |
Move ifname from pf_addr to pf_addr_wrap, prepare pf_addr_wrap for table name. ok henning@, mcbride@, cedric@
|
#
1.41 |
|
01-Jan-2003 |
dhartmei |
Scrub and filter rules are separated now, adjust authpf accordingly.
|
#
1.40 |
|
29-Dec-2002 |
dhartmei |
Set a macro $user_id to the user name, just like $user_ip is already set to the IP address. From discussion with Michael Lucas. ok henning@
|
#
1.39 |
|
22-Dec-2002 |
henning |
KNF
|
#
1.38 |
|
22-Dec-2002 |
dhartmei |
Instead of inserting and removing rules at the top/bottom of the main ruleset, make authpf manage its rules inside anchors.
|
#
1.37 |
|
19-Dec-2002 |
henning |
redundant memset
|
#
1.36 |
|
19-Dec-2002 |
henning |
KNF
|
#
1.35 |
|
18-Dec-2002 |
mcbride |
Fix tree breakage; match changes to struct pfctl (now contains an array of pointers to pfioc_rule).
Fix from henning@
ok dhartmei@
|
#
1.34 |
|
17-Dec-2002 |
mcbride |
Match merge of pf_nat/pf_binat/pf_rdr structs into pf_rule - Move pf_compare* functions here - fix ioctls.
|
#
1.33 |
|
06-Dec-2002 |
dhartmei |
Introduce anchors and named rule sets, allowing to load additional rule sets with pfctl and evaluate them from the main rule set using a new type of rule (which will support conditional evaluation soon). Makes maintenance of sub-rulesets simpler for pfctl and daemons.
Idea and ok deraadt@
|
#
1.32 |
|
04-Dec-2002 |
deraadt |
catch up to -v -v change in pfctl(8)
|
#
1.31 |
|
01-Dec-2002 |
henning |
KNF
|
#
1.30 |
|
01-Dec-2002 |
mcbride |
Match pf_ioctl.c cleanup; if we're doing a DIOCCHANGE* operation which uses old*, we need to call DIOCBEGINADDRS twice: once for the old rule/rdr/nat, and once for the new one.
ok dhartmei@ henning@
|
#
1.29 |
|
23-Nov-2002 |
mcbride |
don't try to do ioctl with PF_OPT_NOACTION
does not impact fuction of authpf, but make it consistent with the rest of the add_* family
ok dhartmei@
|
#
1.28 |
|
23-Nov-2002 |
mcbride |
add code to load lists of redirection addresses for nat/rdr/route-to/etc.
|
#
1.27 |
|
22-Nov-2002 |
beck |
Disallow non-interactive sessions, to avoid problem of users scp'ing to authpf gateway - noticed by Devan Reade <gdr@gno.org>, ok henning
|
#
1.26 |
|
19-Nov-2002 |
deraadt |
be more precise
|
#
1.25 |
|
19-Nov-2002 |
deraadt |
hacks to make the tree build; henning gets a carrot up the nose next time i meet him
|
#
1.24 |
|
25-Oct-2002 |
camield |
- be even more careful with data supplied from outside - check explicitly for negative values from snprintf (-pedantic) - use MAXLOGNAME - use parentheses with all sizeof's for consistency
|
Revision tags: OPENBSD_3_2_BASE
|
#
1.23 |
|
25-Jun-2002 |
henning |
hooks for options. we don't support setting pf options via authpf, but need the hooks here, too. ok dhartmei@, kjell@
|
#
1.22 |
|
12-Jun-2002 |
vincent |
fix a typo that could create a fd leak
ok beck@
|
#
1.21 |
|
11-Jun-2002 |
beck |
fix breakage from the stupid way theo and I commited that last big pile of changes.
|
#
1.20 |
|
11-Jun-2002 |
kjell |
I broke this. Remove separate (optional) nat calls
|
#
1.19 |
|
08-Jun-2002 |
beck |
comment and error message cleanup, from Brian Poole <raj@cerias.purdue.edu>
|
#
1.18 |
|
07-Jun-2002 |
beck |
fix a few nits in theo's commit, make this install and run setgid authpf so that it can remove the files it creates in /var/authpf
|
#
1.17 |
|
07-Jun-2002 |
deraadt |
twist time, space, and other aspects of reality so that we can revoke privs, and... as early as possible. (this does not work, beck has the next half of this coming in a few minutes)
|
#
1.16 |
|
30-May-2002 |
form |
Do not allow user to run authpf if user's shell is not /usr/sbin/authpf to prevent users from playing with $SSH_CLIENT.
|
#
1.15 |
|
21-May-2002 |
deraadt |
KNF before more major hacking
|
#
1.14 |
|
16-May-2002 |
deraadt |
KNF
|
#
1.13 |
|
24-Apr-2002 |
dhartmei |
Unbreak from pfvar.h change.
|
Revision tags: OPENBSD_3_1_BASE
|
#
1.12 |
|
09-Apr-2002 |
frantzen |
make sure we fflush() after a sending a message and fix a typo in a comment ok beck@ and deraadt@
|
#
1.11 |
|
09-Apr-2002 |
beck |
don't trust USER from the environment - bad, allows users to see files they shouldn't
|
#
1.10 |
|
09-Apr-2002 |
deraadt |
minor KNF
|
#
1.9 |
|
08-Apr-2002 |
mpech |
Free memory. Patch from millert@.
|
#
1.8 |
|
07-Apr-2002 |
frantzen |
fix authpf_kill_states()
|
#
1.7 |
|
05-Apr-2002 |
deraadt |
move location of per-user config files; beck ok
|
#
1.6 |
|
05-Apr-2002 |
beck |
ensure that rules files are owned and writable only by root, along their entire path, change docs accordingly. This ensures that people don't accidentally use the $HOME config files to override real settings unless root meant to do it.
|
#
1.5 |
|
01-Apr-2002 |
beck |
don't need this anymore
|
#
1.4 |
|
01-Apr-2002 |
beck |
typo in comment
|
#
1.3 |
|
01-Apr-2002 |
beck |
-Tattling is bad, users should be allowed to run anything on the system without it generating logs -exit with 0 and 1 instead of EX_FOO -make read_config (with the test and exit) the first thing that happens in main, no openlog or memset first.
|
#
1.2 |
|
01-Apr-2002 |
beck |
-Make the /etc/authpf/authpf.conf config file required. -Change authpf to install setuid by default, and exit with a tattling syslog message if a user runs it without a config file present. -Change man page to reflect this.
|
#
1.1 |
|
01-Apr-2002 |
beck |
authpf - authenticating gateway shell for use with ssh(1) to make authenticating gateway type firewalls.
caveats - needs to be setuid to opertate (but does not install that way) consult the man page for configuration issues.
|