#
1.40 |
|
03-Jul-2019 |
deraadt |
snprintf/vsnprintf return < 0 on error, rather than -1.
|
Revision tags: OPENBSD_6_3_BASE OPENBSD_6_4_BASE OPENBSD_6_5_BASE
|
#
1.39 |
|
05-Jan-2018 |
mpi |
Remove useless <sys/socketvar.h> includes.
ok kettenis@, visa@, claudio@, deraadt@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.38 |
|
04-Jul-2017 |
dlg |
consistently use the evtimer wrappers around the connection timeout.
this is instead of setting the timeout up with event_set and event_add, but removing it with evtimer_del. this uses evtimer_set and evtimer_add.
|
#
1.37 |
|
04-Jul-2017 |
dlg |
include stdarg.h explicitly instead of relying on event.h to bring it in.
|
#
1.36 |
|
26-May-2017 |
florian |
Sync the severity of the syslog_* functions shared between identd, slowcgi, tftp-proxy and tftpd to the severity used in log.c style loggers. This also fixes an issue where syslog_err and syslog_errx logged with different severities.
Sure deraadt@
|
#
1.35 |
|
18-Apr-2017 |
deraadt |
removed unused function; from Edgar Pettijohn
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.34 |
|
04-Sep-2016 |
florian |
Add format attribute to logger functions. Input & OK benno@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.33 |
|
24-Oct-2015 |
jca |
Fix pledge request to allow for setgroups.
setgroups needed "proc" before the introduction of "id" on 2015/10/17. Initial patch from Gregor Best, from which I further removed "proc".
|
#
1.32 |
|
16-Oct-2015 |
doug |
Pledge support for the parent/resolver in identd(8).
This limits the resolver to just "stdio getpw" or "stdio getpw rpath" depending on whether ~/.noident files are checked.
The child/listener cannot use pledge yet because it calls a sysctl that hasn't been whitelisted.
"commit" deraadt@
|
#
1.31 |
|
20-Aug-2015 |
dlg |
avoid ioctl FIONBIO by passing SOCK_NONBLOCK to the things we get sockets out of.
for guenther@
|
#
1.30 |
|
20-Aug-2015 |
dlg |
ignore SIGPIPE so we can handle the write(2) failures.
instead of exiting on an unknown write failure, close the client connection on EPIPE from write and warn and close the connection on any other failure.
ok jmatthew@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.29 |
|
04-Aug-2015 |
dlg |
consider the default failure handling for errors on socket operations to close the socket rather than kill the program.
tested for a few days on the student shell box at work.
based on discussion with guenther@
|
#
1.28 |
|
27-Mar-2015 |
dlg |
f the parent builts up a list of replies for the child, it helps to readd the write event if there's still items on the list.
this lets things that do a lot of requests in parallel (like npm) work betterer through a squid proxy using ident for auth.
ok jmatthew@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.27 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.26 |
|
13-Jul-2014 |
claudio |
Use errx() after getpwnam() failure since errno may not be set. All other privsep / privdrop daemons do this the same way. OK florian@ some time ago
|
#
1.25 |
|
08-Jul-2014 |
tobias |
Cleanup of getopt argument: -p is not supported anymore.
ok deraadt@, dlg@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.24 |
|
07-Jan-2014 |
dlg |
the return from asprintf does NOT include the space used by the terminating \0 character. if i want to use it as a c string i have to take that into account.
found by simon kuhnle who supplied a good bug report. prodded by deraadt@
|
#
1.23 |
|
21-Nov-2013 |
dlg |
get bytes off the wire as unsigned char so we can pass them to identd_parse() and then isspace()/isdigit() as appropriately promoted values.
based on discussion with deraadt@ and guenther@
|
#
1.22 |
|
12-Nov-2013 |
deraadt |
handle lack of prototype
|
#
1.21 |
|
24-Oct-2013 |
deraadt |
no need for netinet/ip_var.h (and friends)
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.20 |
|
17-Jul-2013 |
okan |
implement -H, which hides existing and non-existent users, as well as implying -h.
feedback and ok from jmc@ and dlg@
|
#
1.19 |
|
29-Apr-2013 |
jmc |
add -h to usage();
|
#
1.18 |
|
29-Apr-2013 |
dlg |
implement -h from libexec/identd, which hides usernames/uids.
|
#
1.17 |
|
23-Apr-2013 |
sthen |
support src/libexec/identd's -e option in src/usr.sbin/identd, ok dlg@
|
#
1.16 |
|
23-Apr-2013 |
dlg |
sizeof(&foo) isnt as good as sizeof(foo).
found by sthen@
|
#
1.15 |
|
23-Apr-2013 |
dlg |
use stat to see if ~/.noident is there to avoid reimplementing a security issue from 1988 when using open.
pointed out by deraadt@
|
#
1.14 |
|
23-Apr-2013 |
dlg |
fix usage to reflect the currently accepted getopt things.
|
#
1.13 |
|
23-Apr-2013 |
dlg |
remove support for specifying which port you want to run on. there's no point.
well argued by deraadt@
|
#
1.12 |
|
23-Apr-2013 |
dlg |
add support for returning uids instead of usernames via -n, like libexec identd.
|
#
1.11 |
|
23-Apr-2013 |
dlg |
add support for -N as per libexec/identd. this lets users put .noident in their homedir to have this identd return HIDDEN-USER instead of their username.
|
#
1.10 |
|
22-Apr-2013 |
dlg |
handle ENOBUFS on the SEQPACKET socketpair between the child and the parent procs. if this happens it would mean the parent has a backlog of work cos of slow username resolutions. in that situation the child should tell the client theres an error, but not die.
this factors out a bit of code to handle generating errors for the client and closing the socket.
reviewed by jmatthew@
|
#
1.9 |
|
05-Apr-2013 |
florian |
kill redundant prototype OK dlg@
|
#
1.8 |
|
20-Mar-2013 |
deraadt |
7 #include which are not needed
|
#
1.7 |
|
20-Mar-2013 |
deraadt |
a tiny bit of knf; mostly whitespace
|
#
1.6 |
|
19-Mar-2013 |
dlg |
dont need to event_add the parent to child writing events twice. especially if something stops you from having something to write after the first event_add but before the second one.
thank you to Henri Kemppainen for the find.
|
#
1.5 |
|
18-Mar-2013 |
dlg |
whitespace fixes. no functional change
|
#
1.4 |
|
18-Mar-2013 |
dlg |
limit the client to 256 bytes of input. if they send too much we just close the connection.
requested by deraadt@
|
#
1.3 |
|
18-Mar-2013 |
dlg |
switch from having a timeout after every read/write for the client connection to a timeout for the whole session. means a client cant sit there feeding us a byte at a time for long periods, consuming fds on the server.
it seems to simplify the code a bit too.
requested by deraadt@
|
#
1.2 |
|
18-Mar-2013 |
dlg |
handle EMFILE/ENFILE from accept by disabling handling of events on the listeners for a second. modelled on how this has been solved in other network daemons.
|
#
1.1 |
|
18-Mar-2013 |
dlg |
this is a new identd daemon to replace the libexec one that can be run from inetd. it is an event driven non-blocking implemention using libevent.
it features support for privilege separation and revocation. network connections are handled by a chrooted and unprivileged process, while the username lookups are handled by an unprivileged process. the lookups can block while the network handling can continue.
it also features support for handling concurrent client connections.
its currently lacking support for handling dotfiles in homedirs like the libexec one, and some error handling on accept. its going into the tree so it can be worked on with a history of changes.
|
#
1.39 |
|
05-Jan-2018 |
mpi |
Remove useless <sys/socketvar.h> includes.
ok kettenis@, visa@, claudio@, deraadt@
|
Revision tags: OPENBSD_6_2_BASE
|
#
1.38 |
|
04-Jul-2017 |
dlg |
consistently use the evtimer wrappers around the connection timeout.
this is instead of setting the timeout up with event_set and event_add, but removing it with evtimer_del. this uses evtimer_set and evtimer_add.
|
#
1.37 |
|
04-Jul-2017 |
dlg |
include stdarg.h explicitly instead of relying on event.h to bring it in.
|
#
1.36 |
|
26-May-2017 |
florian |
Sync the severity of the syslog_* functions shared between identd, slowcgi, tftp-proxy and tftpd to the severity used in log.c style loggers. This also fixes an issue where syslog_err and syslog_errx logged with different severities.
Sure deraadt@
|
#
1.35 |
|
18-Apr-2017 |
deraadt |
removed unused function; from Edgar Pettijohn
|
Revision tags: OPENBSD_6_1_BASE
|
#
1.34 |
|
04-Sep-2016 |
florian |
Add format attribute to logger functions. Input & OK benno@
|
Revision tags: OPENBSD_5_9_BASE OPENBSD_6_0_BASE
|
#
1.33 |
|
24-Oct-2015 |
jca |
Fix pledge request to allow for setgroups.
setgroups needed "proc" before the introduction of "id" on 2015/10/17. Initial patch from Gregor Best, from which I further removed "proc".
|
#
1.32 |
|
16-Oct-2015 |
doug |
Pledge support for the parent/resolver in identd(8).
This limits the resolver to just "stdio getpw" or "stdio getpw rpath" depending on whether ~/.noident files are checked.
The child/listener cannot use pledge yet because it calls a sysctl that hasn't been whitelisted.
"commit" deraadt@
|
#
1.31 |
|
20-Aug-2015 |
dlg |
avoid ioctl FIONBIO by passing SOCK_NONBLOCK to the things we get sockets out of.
for guenther@
|
#
1.30 |
|
20-Aug-2015 |
dlg |
ignore SIGPIPE so we can handle the write(2) failures.
instead of exiting on an unknown write failure, close the client connection on EPIPE from write and warn and close the connection on any other failure.
ok jmatthew@
|
Revision tags: OPENBSD_5_8_BASE
|
#
1.29 |
|
04-Aug-2015 |
dlg |
consider the default failure handling for errors on socket operations to close the socket rather than kill the program.
tested for a few days on the student shell box at work.
based on discussion with guenther@
|
#
1.28 |
|
27-Mar-2015 |
dlg |
f the parent builts up a list of replies for the child, it helps to readd the write event if there's still items on the list.
this lets things that do a lot of requests in parallel (like npm) work betterer through a squid proxy using ident for auth.
ok jmatthew@
|
Revision tags: OPENBSD_5_7_BASE
|
#
1.27 |
|
16-Jan-2015 |
deraadt |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
|
Revision tags: OPENBSD_5_6_BASE
|
#
1.26 |
|
13-Jul-2014 |
claudio |
Use errx() after getpwnam() failure since errno may not be set. All other privsep / privdrop daemons do this the same way. OK florian@ some time ago
|
#
1.25 |
|
08-Jul-2014 |
tobias |
Cleanup of getopt argument: -p is not supported anymore.
ok deraadt@, dlg@
|
Revision tags: OPENBSD_5_5_BASE
|
#
1.24 |
|
07-Jan-2014 |
dlg |
the return from asprintf does NOT include the space used by the terminating \0 character. if i want to use it as a c string i have to take that into account.
found by simon kuhnle who supplied a good bug report. prodded by deraadt@
|
#
1.23 |
|
21-Nov-2013 |
dlg |
get bytes off the wire as unsigned char so we can pass them to identd_parse() and then isspace()/isdigit() as appropriately promoted values.
based on discussion with deraadt@ and guenther@
|
#
1.22 |
|
12-Nov-2013 |
deraadt |
handle lack of prototype
|
#
1.21 |
|
24-Oct-2013 |
deraadt |
no need for netinet/ip_var.h (and friends)
|
Revision tags: OPENBSD_5_4_BASE
|
#
1.20 |
|
17-Jul-2013 |
okan |
implement -H, which hides existing and non-existent users, as well as implying -h.
feedback and ok from jmc@ and dlg@
|
#
1.19 |
|
29-Apr-2013 |
jmc |
add -h to usage();
|
#
1.18 |
|
29-Apr-2013 |
dlg |
implement -h from libexec/identd, which hides usernames/uids.
|
#
1.17 |
|
23-Apr-2013 |
sthen |
support src/libexec/identd's -e option in src/usr.sbin/identd, ok dlg@
|
#
1.16 |
|
23-Apr-2013 |
dlg |
sizeof(&foo) isnt as good as sizeof(foo).
found by sthen@
|
#
1.15 |
|
23-Apr-2013 |
dlg |
use stat to see if ~/.noident is there to avoid reimplementing a security issue from 1988 when using open.
pointed out by deraadt@
|
#
1.14 |
|
23-Apr-2013 |
dlg |
fix usage to reflect the currently accepted getopt things.
|
#
1.13 |
|
23-Apr-2013 |
dlg |
remove support for specifying which port you want to run on. there's no point.
well argued by deraadt@
|
#
1.12 |
|
23-Apr-2013 |
dlg |
add support for returning uids instead of usernames via -n, like libexec identd.
|
#
1.11 |
|
23-Apr-2013 |
dlg |
add support for -N as per libexec/identd. this lets users put .noident in their homedir to have this identd return HIDDEN-USER instead of their username.
|
#
1.10 |
|
22-Apr-2013 |
dlg |
handle ENOBUFS on the SEQPACKET socketpair between the child and the parent procs. if this happens it would mean the parent has a backlog of work cos of slow username resolutions. in that situation the child should tell the client theres an error, but not die.
this factors out a bit of code to handle generating errors for the client and closing the socket.
reviewed by jmatthew@
|
#
1.9 |
|
05-Apr-2013 |
florian |
kill redundant prototype OK dlg@
|
#
1.8 |
|
20-Mar-2013 |
deraadt |
7 #include which are not needed
|
#
1.7 |
|
20-Mar-2013 |
deraadt |
a tiny bit of knf; mostly whitespace
|
#
1.6 |
|
19-Mar-2013 |
dlg |
dont need to event_add the parent to child writing events twice. especially if something stops you from having something to write after the first event_add but before the second one.
thank you to Henri Kemppainen for the find.
|
#
1.5 |
|
18-Mar-2013 |
dlg |
whitespace fixes. no functional change
|
#
1.4 |
|
18-Mar-2013 |
dlg |
limit the client to 256 bytes of input. if they send too much we just close the connection.
requested by deraadt@
|
#
1.3 |
|
18-Mar-2013 |
dlg |
switch from having a timeout after every read/write for the client connection to a timeout for the whole session. means a client cant sit there feeding us a byte at a time for long periods, consuming fds on the server.
it seems to simplify the code a bit too.
requested by deraadt@
|
#
1.2 |
|
18-Mar-2013 |
dlg |
handle EMFILE/ENFILE from accept by disabling handling of events on the listeners for a second. modelled on how this has been solved in other network daemons.
|
#
1.1 |
|
18-Mar-2013 |
dlg |
this is a new identd daemon to replace the libexec one that can be run from inetd. it is an event driven non-blocking implemention using libevent.
it features support for privilege separation and revocation. network connections are handled by a chrooted and unprivileged process, while the username lookups are handled by an unprivileged process. the lookups can block while the network handling can continue.
it also features support for handling concurrent client connections.
its currently lacking support for handling dotfiles in homedirs like the libexec one, and some error handling on accept. its going into the tree so it can be worked on with a history of changes.
|