(nanosleep) breaks Apache httpd badly: his childs died quickly after
number of requests (SIGPIPE). To reproduce this bug start
gdb /usr/local/sbin/httpd
run -X
and make some bunch of concurent requests (load the server pages
from 3 different places f.e.)
After short time httpd dies via SIGPIPE. It never dies with old sleep.c
In real life it looks like lots of broken images on the pages or missing
pages. Lynx says about Network read error, etc.
It seems something wrong in nanosleep signal handling.
back as designed in *BSD
Also it not violates current standards but
1) No other Unixes have this feature
2) It broke Kerberos5 (isprint) and God knows what else
(not all vendors will agree to treat FreeBSD as special case for support
since (1))
2) Give false localization sense (programs mimic to be 8859-1
localized) which prevents true localization.
bumped only 0.1 or 1.0 between releases. (See handbook.)
Note that if you have built world in -current in the last 48 hours or
so, you should manually remove /usr/lib/libutil.so.2.3 before
rebuilding world to cleanse your system.
o Incorporated BSDI code and enhancements, better logging for error
checking (which has been shown to be a problem, and is therefore
justified, imho); also some minor things we were missing, including
better quad_t math, which checks for under/overflows.
o setusercontext() now allows user resource limit overrides, but
does this AFTER dropping root privs, to restrict the user to
droping hard limits and set soft limits within the kernel's
allowed user limits.
o umask() only set once, and only if requested.
o add _secure_path(), and use in login.conf to guard against
symlinks etc. and non-root owned or non-user owned files being
used. Derived from BSDI contributed code.
o revamped authentication code to BSDI's latest api, which
includes deleting authenticate() and adding auth_check()
and a few other functions. This is still marked as depecated
in BSDI, but is included for completeness. No other source
in the tree uses this anyway, so it is now bracketed with
#ifdef LOGIN_CAP_AUTH which is by default not defined. Only
auth_checknologin() and auth_cat() are actually used in
module login_auth.c.
o AUTH_NONE definition removed (collided with other includes
in the tree). [bde]
o BSDI's login_getclass() now accepts a char *classname
parameter rather than struct passwd *pwd. We now do likewise,
but added login_getpwclass() for (sort of) backwards
compatiblity, namely because we handle root as a special
case for the default class. This will require quite a few
changes elsewhere in the source tree.
o We no longer pretend to support rlim_t as a long type.
o Revised code formatting to be more bsd-ish style.
so that all these makefiles can be used to build libc_r too.
Added .if ${LIB} == "c" tests to restrict man page builds to libc
to avoid needlessly building them with libc_r too.
Split libc Makefile into Makefile and Makefile.inc to allow the
libc_r Makefile to include Makefile.inc too.
and FNM_LEADING_DIR were specified and the pattern ended with "*".
Example: pattern="src/usr.sbin/w*", string="src/usr.sbin/watch/watch.8,v".
This should match, but did not.
- dependencies actually work (I need this to propagate some fixes
in <machine/asm.h>)
- the cpp pipeline goes away, so errors can't leak out of it and
an ANSI cpp is automatically used.
- it's simpler - standard rules get used instead of repetitive
special rules. (This showed bugs in the strip steps in the
standard rules. The wrong strip flag was also used for *.po
here.)
Removed some ${ECHO}s and `@'s. Normal make echoing of what is
being done is now not much more verbose than the echo messages
were, and is more useful.
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
- use a slightly less bogus copyright. This file was never contributed
to Berkeley. It still claims to be copright by the Regents.
- use <machine/asm.h> instead of "DEFS.h".
- use RCSID($Id$) instead of explicit assembly code and messy ifdefs.
The rcsid won't be put into the object file until we make RCSID()
non-null. NetBSD uses a LIBC_SCCS ifdef here. We used a LIBC_RCS
instead, but I want RCSID() to be controlled directly by LIBC_RCS
(actually by LIB_RCS). This is the only difference with the NetBSD
version.
- added ifdefs to support generation of memcpy() and memmove(). The
other changes are "while I'm here" to get this.
- improved style of the copy backwards case.
TTY_NETWORK (network), TTY_DIALUP (dialup), which determine a basic
connection type. TTY_DIALUP in particular will replace the old out of
date heuristic "tty[dD]*" in login.c (and better than the current
hard-coded method).
`void __set_ospeed(long);' in the appropriate header.
The implementation still uses speed_t instead of long. This
will break properly when speed_t is fixed (speed_t shall be
unsigned ...).
the src/contrib/tcl directory existing, and also have an /etc/make.conf
override (NOTCL) to stop building libtcl. This is in similar other
things from src/Makefile, eg: NOGAMES, NOLKM, etc.
This is so that people can put in a refuse entry in their cvsup files and
not fetch the tcl code, and have it not built automatically. I'll do
something similar for perl.
common. Add one do-nothing element to each set. This ensures that
the linker realizes that they are linker sets rather than simple
commons, and makes it possible to link c++rt0.o into every shared
library regardless of whether it is a C++ library or not. Without
this change, the constructors and destructors in the main program
could be executed multiple times.
This change is going to make it possible to get rid of the
CPLUSPLUSLIB makefile variable once and for all. It is a piece of
the solution to PR gnu/3505 (gcc -shared). Finally, it fixes a
heretofore unreported bug: If CPLUSPLUSLIB was set in a makefile
for a C++ shared library that had no static constructors or
destructors in it, then the main program's constructors and
destructors would be executed multiple times.
uid/gid in question was in the cache, but did not exist
in the password file. This causes the -nouser and -nogroup
options to find(1) to only print the first file owned by
an unknown user/group in some cases.
Use snprintf instead of sprintf to avoid buffer overflows
Use snprintf in uu_lockerr instead of lots of hardcoded constants
and not null-terminated strncpy
Return "" for OK and "device in use" for INUSE, it allows simple
strcpy(buf, uu_lockerr(retcode)) without testing for special OK
case (NULL was there) and obtaining meaningful result for INUSE
("" was there) without special testing for it too.
which don't provide a non-blocking interface.
This is a short term "fix" which changes a half-lose to a half-win.
The thread that accesses a device that does not provide a non-blocking
interface will block for its time slice.
A medium term solution would be to use rfork. A long-term solution
would be some sort of kernel thread/SMP implementation.
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.
Suggested by: ache@freebsd.org
passes on the status across fork/exec.
The previous version had some typos, referred to itself as link(2) in
one place :-), and didn't really match openbsd's implementation either.
Now that I've mentioned typos, hopefully our Typo Police and Xref Police
will be gentle with me. :-)
The sa_mask field specified in act is not allowed to block SIGKILL or
SIGSTOP. Any attempt to do so will be silently ignored.
Now where did I leave that pointy hat...
modern FreeBSD systems will syslog properly on older systems that
still name the logging socket "/dev/log". This includes pre-2.2
versions of FreeBSD as well as BSD/OS systems. If the connect to
"/var/run/log" fails, the function now tries to connect to
"/dev/log" as a fallback.
quoted individually. Quoting them all together sort of worked, except
for scsreq_build(), the long arg list was chopped near column 80, to
no avail since the closing parentheses was put on new line by itself.
Back out a dubious Lite2 change to "optimise" getcwd() to look at $PWD
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
The following commits already happened but the log message got lost:
Modified Files:
gen/Makefile.inc gen/getcwd.c stdlib/Makefile.inc
Removed Files:
gen/realpath.3
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
Bruce says that since NetBSD, OpenBSD and Linux currently
use ss_sp, we won't be changing it to the lite2 ss_base.
The type may change at some later date.
touch duplicate group suppression, but the merge blew away our
duplicate group suppression.
The merge also blew away the -Wall cleanup in rev.1.5, but that
was misformatted, so I didn't restore it.
but in one case the Lite2 changes were flat out wrong and
caused the man page to disagree with a header file.
There are still some *roff macro calls that were added that
I have yet to figure out what to do with in some of the man pages.
My changes to preserve errno across free() and close() and to report
fstat() errors properly were blown away.
Updated the FreeBSD changes to match the Lite2 style fixes.
Document that popen() can now create bidirectional pipes and handles.
Note that this needs to be updated since we have a native bidirectional
pipe and don't use socketpair() here.
style and b) the wrong logic. Should be strstr(s, "##") != NULL. (Note
that the passwd.adjunct stuff has not been merged into 2.2 so this bug
is not in that branch.)
The character `#' introduces a comment. Leading spaces and tabs are
ignored: '^[ \t]*#.*\n$'
Count an empty line - only spaces, tabs or newline - also as a comment.
(to be compatibel with password database comments). '^[ \t]*\n$'
and small values:
hypotf(2.3819765e+38, 2.0416943e+38) was NaN instead of 3.1372484e+38
hypotf(-3.4028235e+38, 3.3886450e+38) was NaN instead of Inf
hypotf(-2.8025969e-45, -2.8025969e-45) was 0 instead of 4.2038954e-45
Found by: ucbtest
- 0 was returned instead of EOF when an input failure occured while
skipping white-space after 0 assignments. This fixes PR2606. The
diagnosis in PR2606 is wrong.
- EOF was returned instead of 0 when an input failure occurred after
zero assignments and nonzero suppressed assignments.
- EOF was spelled -1.
This should be in 2.2.
for now so that we don't lose library compatibility. Applications should
define _NEW_VFSCONF and use getvfsbyname() instead of new_getvfsbyname()
if they want the new vfsconf interface. Parts of the old interface
(enough to load vfs modules, I hope) are still available.
previous revision. Use log10f() instead of log10(). log10f() is
currently slightly slower than log10() on P5's, but it is potentially
significantly faster.
Fixed declaration of the C function used in the (unused?) KR_headers
case.
avoid easily avoidable loss of precision when |x| is nearly 1.
Extended (64-bit) precision only moves the meaning of "nearly" here.
This probably could be done better by splitting up the range into
|x| <= 0.5 and |x| > 0.5 like the C version. However, ucbtest
does't report any errors in this version. Perhaps the C version
should be used anyway. It's only 25% slower now on a P5, provided
the C version of sqrt() isn't used, and the C version could be
optimized better.
Errors checked by: ucbtest
at runtime.
etc/make.conf:
Nuked HAVE_FPU option.
lib/msun/Makefile:
Always build the i387 objects. Copy the i387 source files at build
time so that the i387 objects have different names. This is simpler
than renaming the files in the cvs repository or repeating half of
bsd.lib.mk to add explicit rules.
lib/msun/src/*.c:
Renamed all functions that have an i387-specific version by adding
`__generic_' to their names.
lib/msun/src/get_hw_float.c:
New file for getting machdep.hw_float from the kernel.
sys/i386/include/asmacros.h:
Abuse the ENTRY() macro to generate jump vectors and associated code.
This works much like PIC PLT dynamic initialization. The PIC case is
messy. The old i387 entry points are renamed. Renaming is easier
here because the names are given by macro expansions.
log10(x) = log10e * log(x). The formula would work if the RHS were
evaluated in extended precision with an extended precision log().
This actually happened with the i387 log() because it returns excess
precision.
Found by: ucbtest
This defeats the point of log1p(). ucbtest reports errors of +-5e+15
ULPs. A correct version would use the i387 fyl2xp1 instruction for
small x and maybe scale to small x. The C version does the scaling
reasonably efficiently, and fyl2px1 is slow (at least on P5s), so not
much is lost by always using the C version (only 25% for small x even
with the broken i387 version; 50% for large x).
doesn't need to be included in files that have nothing to do with
syscalls.
Added missing `.text' to START_ENTRY so that ENTRY() works when
invoked in the data section.
I notice info(1) has some problems moving back and forth through the
resulting info file, but emacs doesn't, so i figure it's rather a
problem with info(1) itself. To the least, this file installs now
finally.
allocated size not reset to 0 causing NULL dereference
on call after login_close().
2) Modify login_capsize() behaviour to match manpage, allow
concatenated sizes; ie. 10m500k
the handler with SA_RESTART set, so the system calls I wanted to have the
timeout effect will just restart instead (which is NOT what I wanted).
Sheepishly use sigaction() like a good boy and make timeouts actually do
something.
Also pass errors out more effectively so that fetch(1) actually understands
what went wrong.
- Use MAP_FAILED instead of the constant -1 to indicate
failure (required by POSIX).
- Removed flag arguments of '0' (required by POSIX).
- Fixed code which expected an error return of 0.
- Fixed code which thought any address with the high bit set
was an error.
- Check for failure where no checks were present.
Discussed with: bde
a manner consistent with other implementations. Its done in a way that
adds only a tiny amount of overhead when positional arguments are not used.
I also have a test program to go with this, but don't know where it belongs
in the tree.
Submitted-By: Bill Fenner <fenner@FreeBSD.ORG>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
of the user's timezone failed), don't bail if the specified timezone
doesn't have an offset; in this case it isn't going to. (Perhaps it would
be better to change the caller to always supply one, but this is quick
and clean and fixes the bug in the easiest possible way.)
Should be in 2.2. Fixes (properly) PR#1740.
were added with the login class stuff. This is needed since libutil.so.2.1
is what is used in RELENG_2_2 and well into the release cycle. We only
bump once per release cycle as needed.
Add descriptions of RTLD_LAZY and RTLD_NOW.
Correct the synopsis to agree with the actual function prototypes.
Add clarifications of a few things.
Clean up the wording in a few places.
was apparently overlooked at the time the member was added. Its absence
causes some error messages from the dynamic linker to begin with
"(null):" instead of with the pathname of the dynamic linker as they
should.
I am also adding a work-around to the dynamic linker, to cope with
legacy binaries that were built with older versions of crt0.
interfaces, until it's redone to use sysctl().
- bump the SIOCGIFCONF buffer size from 1K to 8K
- if we didn't find a suitable address, return a failure. Previously
if it didn't find anything it left the return address uninitialised.
Perhaps it would be better to return AF_INET/111/127.0.0.1 rather than
failing?
more manageable and convenient referencing by login.conf (login
class database) and (e.g.) login.access.
This is the first of a group of commits which implements the login
class capabilities database.
(There may be a behavior difference between the 2.1 and 2.2/3.0 kernels
in this area, it seemed to work for me but I have a horribly hacked
select() that might have a bug in the handling of this)
Submitted by: wpaul
get installed.
The `install' target should only be overridden when the default one would
do something wrong and you're too lazy to fix the default one.
Restore the clamp on the return value from rpc_dtablesize().. Some programs
(eg: ypserv) use this as an indication of how large svc_fdset is in their
hand-rolled svc_run() loops. The svc_fdset table is maintained by the
rpc library explicitly for compatability with such programs. (It uses
a different variable-sized bitmap itself internally)
- prototypes now in include files
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note: potential bug here, It looks like there could be a null pointer
dereference depending on what has already been called to initialise some
shared data.
- kill non-FD_SETSIZE code
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note, there was a nasty bug with our old code here. It would trash the
stack if a fd > 31 was passed in. It was using a "long" as though it
was an "fd_set", ie: it was assuming that a long was 256 bits wide. :-(
This has been lurking here for a while, since the FD_SETSIZE #ifdef's
were first implemented.
- fix timeout code
- better sequence number generation (for long running daemons)
- dont close an unopen socket
- use standard functions
- 64 bit type safe for wire protocols
- unlimited file descriptors
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- ensure we're not spoofed/confused while trying to talk to the portmapper
- handle new get_myaddress failure cases
- prototype now in include file
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- fix timeout code
- better "random" initial transaction id for long running daemons
- unlimited number of file descriptors to select().
- 64 bit type safe wire protocol
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- typo (spelling police :-)
- dont die on select() that returns time remaining (on my systems)
- improve initial "random" sequence number, to make it harder to guess
in long running daemons.
- fix timeout code.
- unlimited number of fd's in select.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- Protect against select() that returns time remaining (on my systems).
- don't exit. It's bad form for libc to exit() or abort() instead of
returning an error.
- only use loopback addresses after checking the real interfaces.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- canonical function declaration
- use constants from includes, not magic numbers
- use standard functions
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- 64 bit long type safe (wire protocols specified in explicit sized types)
- Support systems that don't do unaligned accesses
- Support for explicit int16 and int32 sizes in xdr
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
RELENG_2_2!
This is part#2 of the previous commit to src/lib/libc/net to contain the
potential damage.
This provides stubs so that binaries linked in 2.2 will run on 3.0
needed, as he discovered when he tried to run vi. :-]
These files used to be stubs which used #ifdef PIC to decide whether to
use the real dlopen() version or the stub version from the src/contrib/tcl
sources. Now, with the our stubs gone, the .PATH directive causes them to
be compiled directly from src/contrib/tcl/{unix,generic}. You might need
to rebuild your depend rules though as they may have stale paths.
Also, this is a generated file. This should not have been edited here.
also add the missing declaration of forkpty() to libutil.h.
Btw., the calling interface for login(3) is crude. Some better
abstraction is needed, perhaps similar to logwtmp(3).
2.2 candidate, but i'll wait for the spelling police first. :)
- the .gz files are no longer used as intermediate files, it's in a pipe
now. (gunzip normally deleted them anyway, but this should not hurt)
- I accidently left a -p arg to install from testing. Bruce says it should
be ${COPY} instead, but almost everything else in the tree uses plain -c
anyway.
- Use "LINKS=" or two identical files are installed sepeately instead of
as links (doh!)
- Use "LIB..." instead of "BIN..." for install permissions. Note that we
still use bsd.prog.mk, not bsd.lib.mk because bsd.lib.mk has problems
(it can't install a library unless it compiles it).
- Define LIBCOMPATDIR in Makefile.inc instead of using BINDIR.
Mostly submitted by: bde
just return errors. This removes the need for awful hacks like that in
our build of libtcl which would get link errors when linked static.
John Polstra once mentioned that this was on his "todo" list.
Note that one can use:
cc -Wl,-Bstatic -o foo foo.o
and get an executable that has it's libraries statically linked, but has
a fully functional runtime linker so the executable can call dlopen() and
have it work. (I've tested this)
- getpwent:
o adjunctbuf should be NUL terminated after copying
o _pw_breakout_yp() needs to know the length of the buffer returned
from YP so it can properly NUL terminate its local buffer.
- getgrent:
o YP buffers should be YPMAXRECORD + 2 bytes long and NUL terminated.
(Previously they were hardcoded to 1024 bytes.)
- getnetgrent:
o YP data should be copied with snprintf(), not sprintf()
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
- getservent:
o put _yp_check() proto under #ifdef YP where it belongs
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- gethostbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long
- getnetbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- ether_addr:
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying (in this case it's BUFSIZ + 2 bytes,
but it happens that BUFSIZ == YPMAXRECORD.
- gethostbydns:
o nuke stray 'return(NULL)' in __dns_getanswer() (harmless but looks silly)
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
line length limit anymore - now 500 members or 5000 members are
possible. For security group lines longer than 256K will be count as
an error. 256K should be enough for 65536 users.
Support comments (lines that begin with a #) if compiled with
option -DGROUP_IGNORE_COMMENTS.
Fortunately it seems that all system utilities which use getgrent()
functions are dynamically linked executables. So you need only
rebuild libc.so.3.0 if you want this change. Note: if you have
an old X server which depend on libc.so.2.* you should rebuild
libc.so.2.* too.
Not a 2.2 candidate.
lookup results. Without this, doing multiple host/addr lookups in a
single process yeilds strange results (the buffer is static, and
garbage may be left behind from previous lookups).
I just noticed this in 2.2-BETA. Unless somebody threatens to chop my
hands off with an axe, I'm going to move this to the 2.2-RELENG branch
shortly.
of BIND, we need to tweak some things to that gethostanswer() knows
whether or not we're dealing with an IPv4 or IPv6 address. (This'll
teach me to use a 2.1.0 system for NIS development -- but it's so nice
and stable I just can't being myself to upgrade it. :)
- A major 11th hour, last second, untested commit!
Build some infrastructure to clean up the compat lib distributions, and
also allow them to be installed from the source tree rather than having
to to and get the tarballs from freefall or a CD. Some tweaks to
/etc/make.conf are in the pipeline to enable it.
This came about because it became apparent that we'd have to change the
compat21.tgz tarball to fix the NIS problem with 2.1.x binaries. Since
it's tar..gz.uu, doing this would have caused a huge repository change
and we may as well try and fix it once and for all. Now, adding/removing
libraries should have MUCH less repository impact.
Peril sensative sunglasses: on!
Flame proof suit: on!
Concept reviewed by a stream of ascii representing the opinion of: jkh
Changes casually reviewed by: jkh (but not actually tested)
Without it, the last row and last column don't get their background updated.
I think this should be in 2.2.
Submitted by: Paul Koch <koch@thehub.com.au> (again)
Passing observation: The fixes that pst put in on 1996/09/22 then backed out
look like they should be put in again. If sysinstall is depending on bugs,
then it should be fixed.
_yp_dobind() checks to see if a fork() happens (by checking PIDs) and
invalidates all bindings if it finds itself in a newly created child
process. (This avoids sharing RPC client handles and socket descriptors
with the parent, which would be bad.) Unfortunately, it summarily
calls clnt_destroy() on the handles, which may result in the destruction
of a descriptor that isn't really a socket.
This is fixed by replacing the explicit call to clnt_destroy() with a
call to _yp_unbind(), which deals with potentially hosed socket descriptors
an a safe manner.
This is basically a one-liner. Once I confirm that it fixes Christoph's
problem, I'd like permission to put it in the 2.2-RELENG branch.
Vulnerable: all programs that use setlocale(LC_COLLATE),
setlocale(LC_CTYPE), or setlocale(LC_ALL). The only setuid/setgid
binary i've found for this is w(1).
Should go into 2.2.
I've added an installation from optical disk drive facility.
This enables FreeBSD to be installed from an optical disk, which
may be formatted in "super floppy" style or sliced into MSDOS-FS
and UFS partitions.
Note: ncr.c should be reviewed by Stefan Esser <se@freebsd.org>
and cd.c by Joerg Wunsch <joerg@freebsd.org> before bringing this
into 2.2.
Submitted-By: Shunsuke Akiyama <akiyama@kme.mei.co.jp>
in lots of unrelated junk from <net/if.h> and <net/if_ether.h>. These
functions still aren't prototyped anywhere (but should be in
<net/ethernet.h>---got that, Bill?).
and he said:
The 3rd agrument is new; looks like it was part of the upgrade to
a new BIND with some IPv6 support. The third argument here should be
AF_INET. In order for it to be anything else, I'd have to add new
NIS functions to support IPv6 lookups. I don't even know what those
look like yet.
So there ya go, add AF_INET as the 3rd argument to the call.
Submitted-by: wpaul
copy of insure++, too bad the runtime only works for BSD/OS. :-(
Maybe they'll be so impressed by my initial 15 entry bug report for it
that they'll take the FreeBSD version more seriously. :-) :-)
NIS map which is present on SunOS NIS servers with the SunOS C2 security
hack^Woption installed. I'm convinced that the C2 security option restricts
access to the passwd.adjunct.byname map in the same way that I restrict
access to the master.passwd.{byname,buid} maps (checking for reserved ports),
which means that we should be able to handle passwd.adjunct.byname map
correctly.
If _havemaster() doesn't find a master.passwd.byname map, it will now
test for a passwd.adjunct.byname map before defaulting back to the
standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
sees that the adjunct map was found and the password from the standard
maps starts with ##, it will try to grab the correct password field
from the adjunct map. As with the master.passwd maps, this only happens
if the caller is root, so the shadowing feature is preserved; non-root
users just get back ##username as the encrypted password.
Note that all we do is grab the second field from the passwd.adjunct.byname
entry, which is designated to be the real encrypted password. There are
other auditing fields in the entry but they aren't of much use to us.
Also switched back to using yp_order() to probe for the maps (instead
of yp_first()). The original problem with yp_order() was that it barfed
with NIS+ servers in YP compat mode since they don't support the
YPPROC_ORDER procedure. This condition is handled a bit more gracefully
in yplib now: we can detect the error and just punt on the probing.
Since locale reading code not resistent against stack overflowing or
similar intruder attacks, don't allow PATH_LOCALE env variable action
for s-bit programs (non-standard locale path setting)
strdup() it to prevent unsetenv() or setenv() effects. Check its length to
not allow user to overflow internal locale buffer. Move PATH_LOCALE
handling code into one place.
POSIX: make better stub for LC_MONETARY & LC_NUMERIC, now it check
locale directory existance instead of refusing all non-C non-POSIX
locales. POSIX treats empty locale env variable as unset variable
while our old code treats it as "C" locale, fix it. Implement previous locale
restoring, if locale setting fails. Old code assumes success if some
of LC_ALL subset is successed even other fails, POSIX treats it as
failure with previous locale restoring, fix it.
Remove unneccessary length checking in currentlocale()
Garbage in `eacces' caused the wrong errno to be set for non-EACCES errors.
Garbage in `etxtbsy' caused a semi-random retry strategy for ETXTBSY errors.
Found by: NIST-PCTS. gcc -Wall reported the problem, but -Wall is not
enabled for libc.
FTP error return code because
1) They return NULL, it means that ftpErrno can't be used because
it takes file pointer
2) They don't have FILE-type argument as f.e. ftpGet/ftpPut to use
it for ftpErrno instead.
For that functions I add yet one int* type argument to store
FTP error return code. It is impossible to add some global variable
for that reason, because user can have multiply FTP connections
opened at the same time.
So, interface changed, major number bumped.
Userland changes will follows.
Minor bugfixes, the code:
Forget to close file in few places, when failure occurse
Forget to NULL cached host name, multiply free is possible
When malloc fails. don't try to memset NULL pointer, it cause core dump
Replace malloc+memset with calloc, theoretically it can do some
optimization of zeroing process internally
Improve error diagnostic
dealing w/the fixit floppy.
Also added the MNT_RELOAD, MNT_WANTRDWR, MNT_ASYNC, MNT_NOATIME,
MOUNT_UNION flags. Someone might want to check my description of MNT_RELOAD.
2.2-R candidate. Not a 2.1.6-R candidate -- some current flags aren't in
2.1.5-R's version.
for NULL RPC client handles. This should hopefully fix the problems
Satoshi reported on -current.
- Add socket descriptor sanity checks to _yp_unbind().
- Fix yp_order() so that it handles the RPC_PROCUNAVAIL error gracefully.
NIS+ in YP compat mode doesn't support the YPPROC_ORDER procedure.
This is a 2.2 candidate with bells on.
inside libc. Add collate_range_cmp as alias to __collate_range_cmp
for temp. backward compatibility.
collate_range_cmp will be replaced with direct code for each
external program for compatibility with the rest of world
No changes other than "instructions" for what other tools that use this
.. "interesting" .. system should name their shared libraries. This was
broken for some tools (eg: expect-5.21) even for the native tcl build (ie,
it would end up using libexpect521.so, not libexpect521.so.1.0)
1) Rename FNM_ICASE to FNM_CASEFOLD
2) Add FNM_LEADING_DIR
Add proper (unsigned char) casts to tolower().
Use 'char' function argument for proper sign extension
Add progname to warning/error message layout. (joerg)
Remove inline assembler, no speed impact, not need for the obfuscation (bde)
Remove on the fly calculation of parameters, no longer critical.
Make D & U flags valid even if we don't support them.
Don't call imalloc until we're done initializing.
Zap contents on free() if we have "Junk" set. [*]
Various nitpicking.
[*] As a sideeffect of this change, if you are worried about
sensitive data lingering in memory, you can use the 'Junk' option
now to make sure phkmalloc zaps memory when it is returned. add
char * malloc_options = "J";
to your source. Obviously there is a performance impact.
Somehow, I also managed to get quite some other changes in this file at
the same time. All I did was checkout the file and made a single change.
If someone has an explanation how these PURIFFY defines got in...
API and non-API functions and giving _sk_ prefix for all non-API
functions. Old names will be available by _SKEY_INTERNAL define
it allows not change anything in keyinit & key, only -D_SKEY_INTERNAL required.
Staticise some things.
dead kernel debugging. The previous code was a "do nothing".
The most obvious side effect of this is that you can now do things like
this and reasonably expect them to work:
dmesg -M /var/crash/vmcore.3 -N /var/crash/kernel.3
ps -axl -M /var/crash/vmcore.3 -N /var/crash/kernel.3
A good deal of this was lifted from the gdb code to do this, as well as
from NetBSD's libkvm (which has completely different VM macros)
and forwards compatable with version 3. This is needed to enable storing
a run-time library path in the dynamic linking headers. The crt startup
tries version 4 first, and falls back to version 3, so an executable that
is linked on -current will work with the ld.so on 2.1.x and less.
Reviewed by: nate, jdp
Obtained from: NetBSD
- removed references to nonexistent pathconf-related variables.
- document everything in CTL_MACHDEP(more than in sysctl.8) and
80% of the things in CTL_KERN (same as in sysctl.8).
- old static non-profiled libraries were removed in the wrong directory
if ${ORIG_SHLIBDIR} != ${LIBDIR}.
- old profiled libraries weren't removed.
- new shared compat libraries were installed in the wrong directory if
${ORIG_SHLIBDIR} != /usr/lib.
- some lines were too long.
Added some comments about cases that have caused problems. Changed
libfoo to ${LIB} so that libresolv/Makefile and libgnumalloc/Makefile
are almost identical.
complaints and suggestions about this over the last few days that I
cannot remember who has said what anymore. :-(
There is also a comment here about the intent of the process and another
explicit pointer to the etc/etc/rc change to that has been ignored by
quite a few people it seems.
stuff and detection for the "gnumalloc" port which doesn't exist and
nobody has cared enough about for the past 6 months or so to implement.
As has been pointed out to me (quite a few times) in email, the people
that had been bitten by the changes had failed to follow the instructions
about updating /etc/rc.
Bruce also pointed out that after my last commit, it was no longer
removing /usr/lib/libgnumalloc.so.2.0 as it should have been.
Hopefully this (and the comments in the Makefile) should defuse the problem
a bit.
Various neat features added. More documentation in the manpage.
If your machine has very little RAM, I guess that would be < 16M
these days :-(, you may want to try this:
ln -fs 'H<' /etc/malloc.conf
check the manpage.
Major version bumped (by me) since the ftpGet() public interface has
changed (an "int *" becomes and "off_t *")
Submitted by: Jason Thorpe <thorpej@nas.nasa.gov>, PR#1640
as done after a quasi-recursive call to free() had modified what we
thought we knew about the last chunk of pages.
This bug manifested itself when I did a "make obj" from src/usr.sbin/lpr,
then make would coredump in the lpd directory.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
conflict with the other declarations in other files. tputs() is
traditionally declared to return int, not void. curses.h has it as int.
ncurses has int and actually sets the return value. This problem has
been causing the ircII port to not compile.
(I've only minimally tested this, I do not have libtermcap on my systems)
as a PR to GNATs but it evidently went astray somehow since I can't find
it in the database now, nor does an assigned PR# appear on the mail I got.
Sorry about that, Danny!
Submitted-By: Danny R. Johnston <danny@simn.com>
built early enough to always be installed by the `includes' target
in /usr/src/Makefile. This is supposed to be handled by not
installing it if it doesn't exist. However, a stale, uninstallable
copy sometimes exists in the source directory, and the existence
test sometimes found the wrong copy.
"." means the object directory, so it is just confusing to use it
when nothing is included from the object directory unless the object
directory is also the source directory. It is confusing for "."
not to mean the source directory anyway, so used `-I.'s should be
replaced by `-I${.OBJDIR}'.
traditional BSD4.4 behavior (_POSIX_SAVED_IDS are OFF) was described
before.
Add some hooks to easily change this text when
POSIX_SAVED_IDS model will be changed.
routines from contrib/bind directly. There were too many problems,
including having to add -DUSE_OPTIONS_H to the entire libc source in
order for the contrib code to pick up it's options, and so on.
Instead, I've merged the changes, libc is now self contained again.
was compiled with -O) by the precision bug in the i386 version of
gcc (assignments and casts don't clip the precision). E.g.,
rintf(12.3456789) was 12.125.
Avoid the same bug in rint(). It was only broken for the unusual
case when the i387 precision is 64 bits. FreeBSD defaults to 53
bit precision to avoid problems like this, but the standard math
emulator always uses 64 bit precision.
in a bunch of man pages.
Use the correct .Bx (BSD UNIX) or .At (AT&T UNIX) macros
instead of explicitly specifying the version in the text
in a bunch of man pages.
note that at_shutdown has a new parameter to indicate When
during a shutdown the callout should be made. also
add a RB_POWEROFF flag to reboot "howto" parameter..
tells the reboot code in our at_shutdown module to turn off the UPS
and kill the power. bound to be useful eventually on laptops
Here are the diffs for libc_r to get it one step closer to P1003.1c
These make most of the thread/mutex/condvar structures opaque to the
user. There are three functions which have been renamed with _np
suffixes because they are extensions to P1003.1c (I did them for JAVA,
which needs to suspend/resume threads and also start threads suspended).
I've created a new header (pthread_np.h) for the non-POSIX stuff.
The egrep tags stuff in /usr/src/lib/libc_r/Makefile that I uncommented
doesn't work. I think its best to delete it. I don't think libc_r needs
tags anyway, 'cause most of the source is in libc which does have tags.
also:
Here's the first batch of man pages for the thread functions.
The diff to /usr/src/lib/libc_r/Makefile removes some stuff that was
inherited from /usr/src/lib/libc/Makefile that should only be done with
libc.
also:
I should have sent this diff with the pthread(3) man page.
It allows people to type
make -DWANT_LIBC_R world
to get libc_r built with the rest of the world. I put this in the
pthread(3) man page. The default is still not to build libc_r.
also:
The diff attached adds a pthread(3) man page to /usr/src/share/man/man3.
The idea is that without libc_r installed, this man page will give people
enough info to know that they have to build libc_r.
I was perplexed when an example I'd written to show the values for these
variables changing as an xterm window was resized didn't work, and looking
into it I see that size tracking for LINES and COLS seems to be one SVR4
enhancement which didn't come across with libncurses.
refilled) a file that was either line- or un-buffered, all files were
flushed. According to the code comment, the flush (according to ANSI)
is supposed to happen on write + line buffered output files, not _all_
files.
Obtained from: OpenBSD / Theo de Raadt, possibly from proven@cygnus.com
set sin_len
close one ftp port bounce attack
have rresvport() use bindresvport() rather than duplicate the code,
rresvport() is a superset of bindresvport().
Obtained from: OpenBSD / Jason Downs / Theo de Raadt, minor tweaks by me.
this man page to prevent half of it from coming out with underlines.
This man page needs to be gone over to fully convert it to mdoc format.
This closes PR#1440.
Submitted by: Jens Schweikhardt <schweikhardt@rus.uni-stuttgart.de>
2. Remove pkg_* support - tcl7.5's channel interface has rendered this
almost entirely unsupportable (at least in the way it currently stands).
Submitted-By: jmz & jkh
- buffer expansions were not working right due to a return code botch.
- signed types instead of size_t's meant somebody else went and put
casts in, I've changed the types to what they should have been.
part that does zic(8)/zdump(8) is still yet to be imported (but the old
zic and zdump will work just fine with these header files and the
data format has not changed).
directly in order to obtain binding information, check that the local
ypbind is using a reserved port and return YPERR_YPBIND if it isn't.
We should not trust any ypbind running on a port >= IPPORT_RESERVED;
it may have been started by a malicious user hoping to trick us into
talking to a bogus ypserv.
Note that we do not check the ypserv port returned to us from ypbind.
It is assumed that ypbind has already done a reserved port test (or not,
depending on whether or not it was started with -s); if we trust the
authenticity of the local ypbind, we should also trust its judgement.
Obtained from: OpenBSD
option to pwd_mkdb and adding this option to utilities invoking it.
Further, the filling of both the secure and insecure databases has been
merged into one loop giving also a performance improvemnet.
Note that I did *not* change the adduser command. I don't read perl
(it is a write only language anyway).
The change will drastically improve performance for passwd and
friends with large passwd files. Vipw's performance won't change.
In order to do that some kind of diff should be made between the
old and new master.passwd and depending the amount of changes, an
incremental or complete update of the databases should be agreed
upon.
aren't silently converted to minbrk. This stops malloc(INT_MAX) from
dumping core. Small values are still silently converted. They should
be an error. sbrk() doesn't do any range checking or conversions or
overflow checking.
Moved PIC_EPILOGUE invocation to a more natural place where it
obviously doesn't interfere with the comparison.
Document the fact that the tracefile argument must lead to a regular file.
Also took the opportunity to remove the spurious "Errors" entry
relating to filenames with the high-order bit set and add $Id$.
(More of the same to follow if there are no objections).
Added $Id$'s to files that were lacking them (gpalmer), made some
cosmetic changes to conform to style guidelines (bde) and checked
against NetBSD and Lite2 to remove unnecessary divergences (hsu, bde)
One last code cleanup:-
Removed spurious casts in fseek.c and stdio.c.
Added missing function argument in fwalk.c.
Added missing header include in flags.c and rget.c.
Put in casts where int's were being passed as size_t's.
Put in missing prototypes for static functions.
Changed second args of __sflags() inflags.c and writehook() in vasprintf.c
from char * to const char * to conform to prototypes.
This directory now compiles with no warnings with -Wall under
gcc-2.6.3 and with considerably less warnings than before with the
ultra-pedantic script I used for testing. (Most of the remaining ones
are due to const poisoning).
This will do as a stop-gap until I figure out a more fault-tolerant
way of having deferred closes against the control connection work
without blocking.
from jmz was a hopeless kludge (sorry Jean-Marc :) and handled the problem
in the wrong way. ftpRestart() has now gone away and ftpGet() has grown a
new parameter.
The usual stuff, adding missing function prototypes, argument types,
return values, etc.
This directory now compiles with no warnings with -Wall on gcc2.6.3!
The usual stuff, adding missing function prototypes, argument types,
return values, etc. In mktemp.c, convert pid from u_int to pid_t, and
get rid of "extern int errno".
Fixed a couple of nitpick warnings, plus one that slipped through the
net earlier.
This directory now compiles without any warnings with -Wall! (Until
the next gcc upgrade...)
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Corrected format specifier in printf().
6. Added extra parentheses around assignment used as truth value.
7. Added missing "default" cases in switch statements.
8. Added casts for function pointers.
9. Did *not* change int declarations of uid and gid to uid_t/gid_t
because I don't know if that would affect the protocol. Put in
explicit casts to int instead, to make things more obvious.
10. Moved declarations of variables that are only used if YP is
defined inside the '#ifdef YP' conditionals.
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Corrected casts in select() args.
6. Got rid of more "extern int errno" rubbish.
7. Added extra parentheses around assignment used as truth value.
8. Fixed bug in clnt_{tcp, udp}create() where pointers could be free'd
even if they hadn't been successfully malloc()'d.
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Got rid of "extern int errno" rubbish.
by W.Richard Ste vens. EINTR handling suggested by bde@freebsd.org).
Code cleanup:
1. Add missing return type.
2. Replace 'union wait' by int.
3. Use Posix-style signal handling instead of signal().
4. Use fork() instead of deprecated vfork().
5. Block signals before fork()'ing, instead of after.
6. Return -1 if fork() fails, instead of 0.
7. Add EINTR handling for waitpid() call.
Also add claim of Posix conformance to man page.
Now that we preserve RPC handles instead of rebuilding them each time
a ypcln function is called, we have to be careful about keeping our sockets
in a sane state. It's possible that the caller may call a ypclnt
function, and then decide to close all its file descriptors. This would
also close the socket descriptor held by the yplib code. Worse, it
could re-open the same descriptor number for its own use. If it then calls
another ypclnt function, the subsequent RPC will fail because the socket
will either be gone or replaced with Something Completely Different. The
yplib code will recover by rebinding, but it doing so it may wreck the
descriptor which now belongs to the caller.
To fix this, _yp_dobind() needs to label the descriptor somehow so
that it can test it later to make sure it hasn't been altered between
ypclnt calls. It does this by binding the socket, thus associating a port
number with it. It then saves this port number in the dom_local_port member
of the dom_binding structure for the given domain. When _yp_dobind() is
called again (which it is at the start of each ypclnt function), it checks
to see if the domain is already bound, and if it is, it does a getsockname()
on the socket and compares the port number to the one it saved. If the
getsockname() fails, or the port number doesn't match, it abandons the
socket and sets up a new client handle.
This still incurs some syscall overhead, which is what I was trying to
avoid, but it's still not as bad as before.
functions are implimented as wrappers around getservent(), which means it's
up to getservent() to do all the work. The NIS support in getservent()
only allows it to scan through the services.byname map one entry at a
time until it finds the requested service name/port. This can be painfully
slow due to the overhead involved (lots and lots of successive RPCs).
To fix this, we allow getservbyname() and getservbyport() to signal
getservent() that if NIS is turned on (there's a '+' in /etc/services),
the usual yp_first()/yp_next() linear search should be abandoned and
yp_match() used instead. This causes getservent() to immediately
locate the requested entry instead of wasting time groping through the
whole map.
The downside is that this trick is accomplished by exporting a couple of
pointers from getservent.c which getservbyname.c and getservbyport.c can
preset in order to tell getservent() what to do. If all three functions
were in the same source module, then the extra cruft could be delcared
static to avoid poluting the global symbol space. Maybe they should be
combined anyway. For now I've settled on prepending lots of underscores.
privileged port within a single bind(), rather than looping through
attempts to bind over and over again over progressively lower ports.
This should speed up rlogin/rsh etc, and will probably cure some of the
strange rlogin hangs that have been reported in the past where rresvport()
managed to bind() to a port address that it shouldn't have.
not based on gpl'ed code, just prototype and usage. I'm not 100% certain
they behave the same while the system is in trouble (eg: malloc() failing)
but in those circumstances all bets would be off anyway.
These routines work like sprintf() and vsprintf(), except that instead of
using a fixed buffer, they allocate memory and return it to the user
and it's the user's responsibility to free() it. They have allocate as
much memory as they need (and can get), so the size of strings it can deal
with is limited only by the amount of memory it can malloc() on your
behalf.
There are a few gpl'ed programs starting to use this interface, and it's
becoming more common with the scares about security risks with sprintf().
I dont like the look of the code that the various programs (including
cvs, gdb, libg++, etc) provide if configure can't find it on the system.
It should be possible to modify the stdio core code to provide this
interface more efficiently, I was more worried about having something
that worked and was secure. :-) (I noticed that there was once intended
to be a smprintf() routine when our stdio was written for 4.4BSD, but it
looks pretty stillborn, and it's intended interface is not clear). Since
Linux and gnu libc have this interface, it seemed silly to bring yet
another one onto the scene.
to call clnt_destroy() on a potentially NULL RPC handle. Somebody should
bang on this a bit to make sure the problem is really gone; I seem to
have difficulty reproducing it. Patch provided by Peter Wemm and
slightly tweaked by me.
- Don't call _yp_unbind() in individual ypclnt functions unless we encounter
an RPC error while making a clnt_call().
bugs in your code is to put it in the -stable branch. (Corollary: the
day you discover the bug is the day the Internet decides to route your
telnet session to the repository box via Zimbabwe.)
Remove one bogus free(result) (from _havemaster()) that slipped by me.
Flagged by: phkmalloc
Pointed out to me by: Stefan Esser
