This changes the definitions of a few items so that structures are the
same whether or not the option itself is enabled. This allows
people to enable and disable the option without recompilng the world.
As the author says:
|I ran into a problem pulling out the VM_STACK option. I was aware of this
|when I first did the work, but then forgot about it. The VM_STACK stuff
|has some code changes in the i386 branch. There need to be corresponding
|changes in the alpha branch before it can come out completely.
what is done:
|
|1) Pull the VM_STACK option out of the header files it appears in. This
|really shouldn't affect anything that executes with or without the rest
|of the VM_STACK patches. The vm_map_entry will then always have one
|extra element (avail_ssize). It just won't be used if the VM_STACK
|option is not turned on.
|
|I've also pulled the option out of vm_map.c. This shouldn't harm anything,
|since the routines that are enabled as a result are not called unless
|the VM_STACK option is enabled elsewhere.
|
|2) Add what appears to be appropriate code the the alpha branch, still
|protected behind the VM_STACK switch. I don't have an alpha machine,
|so we would need to get some testers with alpha machines to try it out.
|
|Once there is some testing, we can consider making the change permanent
|for both i386 and alpha.
|
[..]
|
|Once the alpha code is adequately tested, we can pull VM_STACK out
|everywhere.
|
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
This takes the conditionals out of the code that has been tested by
various people for a while.
ps and friends (libkvm) will need a recompile as some proc structure
changes are made.
Submitted by: "Richard Seaman, Jr." <dick@tar.com>
- document that sysctl() and sysctlbyname() return 0 on success
- if the provided buffer is too small, set errno to ENOMEM and return -1
instead of returning ENOMEM.
is actually mounted on "/" can be determined using statfs() and is
in /dev. This fixes fsck operating on the wrong device when the
fs_spec entry is only an alias. The aliased case became more
dangerous when the ROOTSLICE_HUNT hack was committed in mount(8).
ROOTSLICE_HUNT may be unnecessary now.
Rename 'cerror' to '.cerror' so that programs which have a function or
global variable named 'cerror' don't completely break the syscall error
reporting mechanism.
#include <ieeefp.h>
to access these functions instead of the i386 specific
#include <machine/floatingpoint.h>
Submitted by: Hidetoshi Shimokawa <simokawa@sat.t.u-tokyo.ac.jp>
Submitted by: "Richard Seaman, Jr." <lists@tar.com>
Obtained from: linux :-)
Code to allow Linux Threads to run under FreeBSD.
By default not enabled
This code is dependent on the conditional
COMPAT_LINUX_THREADS (suggested by Garret)
This is not yet a 'real' option but will be within some number of hours.
an unimprovement here. I thought it would be an improvement, as in libkvm,
but here we can access the strings directly.
Use sysctlbyname() instead of sysctl() and trust it to give a nonzero
address if it succeeds.
they cannot mount a filesystem that they cannot see in getvfsbyname().
Part 1 of this is a hack, make vfsisloadable() always return true - the
ultimate decider of whether it's loadable or not is kldload() or mount().
Part 2 of this is to have vfsload() call kldload(2) and return success if
it works. This means that we will use a viable kld module in preference
to an LKM!
Ultimately, the thing to do is remove the hacks to do a vfsload in all the
mount_* commands and let the kernel do it by itself in mount(2).
vfork() can't be used. We could use alloca() in execl() so that
it can be called between vfork() and execve(), but a "portable"
popen() shouldn't depend on this. Calling execle() instead of
execl() should be fairly safe, since execle() is supposed to be
callable from signal handlers and signal handlers can't call
malloc(). However, execle() is broken.
ever saw one), and move the description of NULL behaviour out to a
'NOTES' section, with an extra note that programs should not rely up
on it.
Kinda-approve-by: bde (by not replying to the mail with the diff)
PR: 7923
Submitted by: Archie Cobbs <archie@whistle.com>
The scandir() function returns -1 if it fails.
In many cases when this happens, it does not free
the memory that it allocated, resulting in a memory
leak, or close the directory opened with opendir().
BAD DOG, BAD!
realloc functions check for recursion within the malloc code itself. In
a thread-safe library, the single spinlock ensures that no two threads
go inside the protected code at the same time. The thread implementation
is responsible for ensuring that the spinlock does in fact protect malloc.
There was a window of opportunity in which this was not the case. I'll fix
that with a commit RSN.
string. From the submitted patch:
Credit for patch: Chris Torek <torek@bsdi.com>
Tod Miller <millert@openbsd.org>
This makes us in line with SunOS 4.1.3_U1, Solaris 2.6, OpenBSD 2.3,
HP-UX 10.20, Irix 5.3. The previous behavior was in line with Ultrix 4.4.
PR: bin/7970
Submitted by: Niall Smart nialls@euristix.ie
Our spinlock implementation allows a particular thread to obtain a lock
multiple times, but release the lock with a single unlock call. Since
we're detecting recursion, we know the lock is already owned by the
current thread in a previous call and must not be released in the
current call. This is really far too dependent on this particular
spinlock implementation, so I've added commented out calls to
THREAD_UNLOCK in the appropriate places. We can activate this code when
spinlock is taught to count each lock operation.
In some cases replace if (a == null) a = malloc(x); else a =
realloc(a, x); with simple reallocf(a, x). Per ANSI-C, this is
guaranteed to be the same thing.
I've been running these on my system here w/o ill effects for some
time. However, the CTM-express is at part 6 of 34 for the CAM
changes, so I've not been able to do a build world with the CAM in the
tree with these changes. Shouldn't impact anything, but...
addresses by default.
Add a knob "icmp_bmcastecho" to "rc.network" to allow this
behaviour to be controlled from "rc.conf".
Document the controlling sysctl variable "net.inet.icmp.bmcastecho"
in sysctl(3).
Reviewed by: dg, jkh
Reminded on -hackers by: Steinar Haug <sthaug@nethelp.no>
when it returns NULL to indicate failure, it will also free the memory
that was passed to it, if that was non-null.
This does not change the semantics of realloc.
A second commit will be done to commit the conversion of those places in
the code that can safely use this to avoid memory leaks when confronted
with low memory situations.
Beaten-to-death-but-finally-approved-in: -current
to fork. It is difficult to do real vfork in libc_r, since almost every
operation with file descriptsor changes _thread_fd_table and friends.
popen(3) works much better with this change.
- Fix some style errors I made back in 1995.
- Add a new flavor of the err(3) family, which takes an explicit
errno argument rather than implicitly examining errno. This
will make it easier to use these functions in conjunction with
modern library interfaces that return an errno value explicitly.
backing file for an anonymous (memory based) btree, and I don't think
that any setuid programs actually use it, but it is better to be safe
than sorry. This has been in my tree for a long time, maybe a year or
more...
Inspired by: Similar changes in OpenBSD, if memory serves (like nearly
a year ago)
standard places ("/etc/objformat", ${OBJFORMAT}, argv) for an
indication of the user's preferred object file format. This
consolidates some code that was starting to be duplicated in more
and more places.
Use the new function in ldconfig.
Note: I don't think that gcc should use getobjformat(), even though
it could. The compiler should limit itself to functions that are
widespread, to ease porting and cross-compilation.
and res_* modules in a way that works for ELF. I moved the aliases
out of res_stubs.c and into the individual modules where the entry
points are defined. Weak aliases don't work in ELF unless that is
the case. (Actually, I'm surprised it worked for a.out.)
This should fix the undefined "inet_addr" and related symbols in
various applications that fail to include <arpa/inet.h> or
<resolv.h> as they are supposed to do.
the diff is attached below. This is done on the 3.0 source-tree.
I have test this on 2.2-stable before, but I don't have a 3.0 machine
right now.
This patch is mainly to make libc support BIG5 encoding, thus add
zh_TW.BIG5 locale to 3.0.
Submitted by: Chen Hsiung Chan <frankch@waru.life.nthu.edu.tw>
revisions to match the confusing spelling in getttyent.c (1 to
break it to match the man page and 1 in each of 2 branches to fix
it). This function seems to be orphaned and unused.
suitable for holding object pointers (ptrint_t -> uintptr_t).
Added corresponding signed type (intptr_t). Changed/added
corresponding non-C9x types for function pointers to match. Don't
use nonstandard types to implement these types, and don't comment
on them in <machine/types.h>.
least unsuitable for holding an object pointer. This should have been
used to fix warnings about casts between pointers and ints on alphas.
Moved corresponding existing general typedef (fptrint_t) for function
pointers from the i386 <machine/profile.h> to a kernel-only typedef
in <machine/types.h>. Kludged libc/gmon/mcount.c so that it can
still see this typedef.
more cleanly integrated with stdio. This should be faster and cleaner
since it doesn't memcpy() the data into a seperate buffer. This lets
stdio allocate and manage the buffer and then hand it over to the user.
Obtained from: Todd Miller <Todd.Miller@courtesan.com> via OpenBSD
Obtained from: partial merge of ADO version tzcode96h (was fully merged
in 1.10 but backed out in 1.11; the FreeBSD code for %s
was earlier, prettier but buggier).
copy to bring these files into libc from libcompat. I will enable
them and kill off the libcompat versions on the main branch soon.
PR: step one toward closing misc/6763
available and the kernel MIB setting is zero.
Return the result from getpagesize() if the p1003_1b.pagesize MIB
value is zero.
Suggested by: Joerg Schilling <schilling@fokus.gmd.de>
size we receive here should fit into the receive buffer. Unfortunately,
there's no 100% foolproof way to distinguish a ridiculously large record
size that a client actually meant to send us from a ridiculously large
record size that was sent as a spoof attempt.
The one value that we can positively identify as bogus is zero. A
zero-sized record makes absolutely no sense, and sending an endless
supply of zeroes will cause the server to loop forever trying to
fill its receive buffer.
Note that the changes made to readtcp() make it okay to revert this
sanity test since the deadlock case where a client can keep the server
occupied forever in the readtcp() select() loop can't happen anymore.
This solution is not ideal, but is relatively easy to implement. The
ideal solution would be to re-arrange the way dispatching is handled
so that the select() loop in readtcp() can be eliminated, but this is
difficult to implement. I do plan to implement the complete solution
eventually but in the meantime I don't want to leave the RPC library
totally vulnerable.
That you very much Sun, may I have another.
uses readtcp() to gather data from the network; readtcp() uses select(),
with a timeout of 35 seconds. The problem with this is that if you
connect to a TCP server, send two bytes of data, then just pause, the
server will remain blocked in readtcp() for up to 35 seconds, which is
sort of a long time. If you keep doing this every 35 seconds, you can
keep the server occupied indefinitely.
To fix this, I modified readtcp() (and its cousin, readunix() in svc_unix.c)
to monitor all service transport handles instead of just the current socket.
This allows the server to keep handling new connections that arrive while
readtcp() is running. This prevents one client from potentially monopolizing
a server.
Also, while I was here, I fixed a bug in the timeout calculations. Someone
attempted to adjust the timeout so that if select() returned EINTR and the
loop was restarted, the timeout would be reduced so that rather than waiting
for another 35 seconds, you could never wait for more than 35 seconds total.
Unfortunately, the calculation was wrong, and the timeout could expire much
sooner than 35 seconds.
recently in BUGTRAQ. The set_input_fragment() routine in the XDR record
marking code blindly trusts that the first two bytes it sees will in fact
be an actual record header and that the specified size will be sane. In
fact, if you just telnet to a listening port of an RPC service and send a
few carriage returns, set_input_fragment() will obtain a ridiculously large
record size and sit there for a long time trying to read from the network.
A sanity test is required: if the record size is larger than the receive
buffer, punt.
recently in BUGTRAQ. If a stream oriented transport fails to properly decode
an RPC message header structure where there should be one, it should mark
the stream as dead so that the connection will be dropped.
Use rpcgen's -C option, although using it for non-headers breaks K&R
support. A local copy of yp.h is built to avoid adding
-I/usr/include/rpcsvc to CFLAGS. This version of yp.h differed from
<rpcsvc/yp.h> only in not declaring prototypes.
Fixed style bugs.
but also assumes that they are 32-bits. This is one place where I don't
think it is appropriate to change 'long' to 'int'. I don't see why the
code couldn't be fixed so that using natural long variables does the
right thing. It's spaggetti code so it'll take some effort. Obviously
NetBSD thought so too because they change 'long' to 'int32_t' etc
and left it at that. As a temporary measure FreeBSD/Alpha can use the
NetBSD code and put this on the list of things to fix.
One bug was relatively harmless (select's timeout had an uninitialized
tv_usec), the other I'm not so sure.. (neglected to catch select returns
less than zero). Both of these were irrelevant on kernels with poll().
chunks of res_comp.c and replacing it with chunks of bind-8.1.1's resolver
code. (There are no interface changes though)
The other parts are better bounds checking related.
default syscall asm, so add it to NOASM. The other syscalls that manipulate
kernel threads use the default asm code, so they just get built
automatically.
file works with libpthread, but when built into libc_r which has a non-weak
symbol of the same name, the linker behaves unpredicatably and sometimes
links the wrong symbol. The linker behaviour is a byproduct of what
the program calls from object to object so it is like winning a lottery
if the program actually works. The odds are quite good - 95:1, I think.
We need a sure thing, though, so weak symbols can't be used instead
of renaming things.
Note odd `sigmask()' line in synopsis. `sigsetops(3)' is better suited
for `sigprocmask' and is already referenced from the manual page.
(`sigmask()' is useful for the older (& deprecated) `sigsetmask()' API).
PR: 6395
Reviewed by: phk
Submitted by: Joseph Koshy <koshy@india.hp.com>
leading XXX's. It could wrap an uppercase character through chars
like: [ \ ] ^ _ ` in between Z and a. The backslash and back tick
might be particularly nasty in a shell script context. Also, since
we've been using upper-case generated values for a while now, go with
the flow and use them in the pathname search rotation.
Change the FILE locking to support kernel threads when linked with
libpthread (which you haven't see yet). This requires that libc become
thread-safe and thread-aware, testing __isthreaded before attempting
to do lock/unlock calls. The impact on non-threaded programs is minor.
This change works with libc_r, so it's the best compromise.
libc to determine if locking is required. This is needed in libc
for use with kernel threads, but until a thread is created, we don't
really want to bother locking things. The variable was added here
because the crt code calls exit(main()) so all programs will get the
variable.
_KPOSIX_PRIORITY_SCHEDULING options to work. Changes:
Change all "posix4" to "p1003_1b". Misnamed files are left
as "posix4" until I'm told if I can simply delete them and add
new ones;
Add _POSIX_PRIORITY_SCHEDULING system calls for FreeBSD and Linux;
Add man pages for _POSIX_PRIORITY_SCHEDULING system calls;
Add options to LINT;
Minor fixes to P1003_1B code during testing.
__msync13. The old one got moved to compat_12. Wrap __msync13 up
to look like FreeBSD's msync and be careful to respect the fact that
MS_SYNC is 0x0000 on FreeBSD, but 0x0004 on NetBSD.
List non-default asm sources in MDASM so that they replace the defaults.
For funny or incomplete syscalls, list them in NOASM to stop them
from getting built as defaults.
Include the architecture specific sys makefile like previously, but
what this contains differs. It defines MDASM which list architecture
specific asm code that *replaces* syscalls of the same name defined
in MIASM (which gets defined by the syscall.mk or netbsd_syscall.mk
dependent of NETBSD_SYSCALLS being defined). If a syscall has a
C source implementation or something funny done to it, or just doesn't
need default asm source generated for it, then it is listed in NOASM.
syscall.mk is generated by makesyscalls.sh with other syscall files.
netbsd_syscall.mk is a hand-generated equivalent. So if a new syscall
is added and no other makefiles are edited, it will automatically have
the default asm source generated for it (whether you want it or not).
Anything listed in MDASM gets added to SRCS and gets built. For
each syscall name in MIASM, if it doesn't exist in MDASM or NOASM,
it gets added to the ASM or ASMR lists to have code generated for it.
If the syscall name was listed in HIDDEN_SYSCALLS (intended for use
by libc_r, not libc which has it defined, but empty), then the name
is added to the ASMR list and gets renamed before being built;
otherwise it is added to the ASM list and gets built with the same
name.
I wonder if this is too complicated. But it works on both i386 and alpha.
substitution errors for variables that don't exist.
If a machine architecture dependent makefile exists, include it
to discover if libc or libc_r is being built with NetBSD syscalls
instead of FreeBSD ones.
Put a NO_QUAD thingy around the quad makefile so that 64-bit
architectures can ignore that sh*t.
In the test for MDSRCS being empty, add all MISRCS to SRCS, rather
than just ignoring them.
Define the HIDDEN_SYSCALLS macro as empty because libc doesn't have
renamed syscalls. This avoids an undefined macro error when
libc/sys/Makefile.inc goes to look though it. HIDDEN_SYSCALLS is
used by the equivalent makefile to this one in lib/libc_r to list
those syscalls that it needs to rename so that libc_r can provide
replacement functions.
prototypes for the spinlock functions that will be used for thread locks.
libc will have stubs declared with weak symbols. libpthread and libc_r
will have functions that really do something.
Changes to support building with _POSIX_SOURCE set to 199309L:
1. Add sys/_posix.h to handle those preprocessor defs that POSIX
says have effects when defined before including any header files;
2. Change POSIX4_VISIBLE back to _POSIX4_VISIBLE
3. Add _POSIX4_VISIBLE_HISTORICALLY for pre-existing BSD features now
defined in POSIX. These show up when:
_POSIX_SOURCE and _POSIX_C_SOURCE are not set or
_POSIX_C_SOURCE is set >= 199309L
and vanish when:
_POSIX_SOURCE is set or _POSIX_C_SOURCE is < 199309L.
4. Explain these in man 9 posix4;
5. Include _posix.h and conditionalize on new feature test.
- Completely recoded the ypmatch cache code. The old code could leak
memory: it would allow the cache to grow, but never
shrink. The new code imposes the following limits:
o The cache is capped at a limit of 5 entries.
o Each entry expires after five seconds, at which point
its slot is freed.
o If an insertion is to be done and all five slots
are filled, the oldest entry is forcibly expired
to release its slot.
Also, the cache is implemented on a per-binding basis rather than
having a global cache covering all bindings. This means that each
bound domain has its own 5 slot cache.
- Changed clntudp_create() to clntudp_bufcreate() so that the
xmit/recv message buffer sizes can be set explicitly. NIS transactions
are rarely much larger than 1024 bytes since YPMAXRECORD is 1024.
The defaults chosen by clntudb_create() are actually much larger
than needed. I set the xmit buffer to a little over 1024 and the
recv buffer to a little over 2048. This saves a few Kbytes for each
NIS binding.
- Add my name to the copyright. I think I've made enough changes to
this file to merit it. :)
Note: these changes should go into the 2.2.x branch, but I'm waiting
on feedback from a tester to see if the cache fixes solve the reported
memory leak problem.
fix a slight confusion about which draft of threads we are supporting.
this allows something as big and ugly as samba to be compiled with libc_r
and still work! our user-level pthreads seems amazingly robust!
implement mkdtemp
improve man page for mk*temp
use arc4random to seed extra XXX's randomly
Optionally warn of unsafe mktemp uses
From various commits by theo de raadt and Todd Miller.
Obtained from: OpenBSD
This should go into 2.2 after a testing period.
one group. Thanks to Dirk Froemberg for supplying a patch for this. I will
be closing out the PR and moving this to the 2.2.5 branch later: my login
sessions to freefall from Columbia are ridiculously spotty today.
PR: 5610
Submitted by: Dirk Froemberg <ibex@physik.TU-Berlin.DE>
into libc. This reduces the size of every dynamically linked
executable by 248 bytes, and it reduces the size of static executables
by a lesser amount. It also eliminates some global namespace
pollution.
With this change in place, the source for dlfcn.h should probably
be moved to "/usr/src/include". I'll save that for another day.
Compatibility note: Programs which use dlopen, if compiled on
systems with this change, will not run on systems with a libc from
prior to this change. Very few programs use dlopen, so I think
that is OK.
isn't a prerequisite, since it isn't required for the prototypes
and isn't always needed to call the functions (the address family
might be a variable).
and the pre-Lite2 vfsconf interfaces.
For getvfsent.c, just define _OLD_VFSCONF. This will give the
current default macro hacks in <sys/mount.h> when the default is
reversed. This is an intermediate step.
overwrites it. This actually showed up when running under an old
kernel when free() called the madvise() stub which set errno, causing
getcwd() to return EOPNOTSUPP instead of ERANGE.
that this source is compiled against. This source is referenced by
install which is needed as a build tool and must be able to compile
against NetBSD headers and libraries if we have a hope of supporting
another architecture.
With this change, that's two working programs down and 3945 (?) to go.
The other one was make, but that didn't need any changes to work under
FreeBSD/Alpha. 8-)
case has very little to do with the output size being larger than
INT_MAX.
2. The new #include of <limits.h> was disordered.
3. The new declaration of `on' was disordered (integer types go together).
4. Testing an unsigned value for > 0 was fishy.
Submitted by: bde
mlock, mmap, mprotect, msync, munlock, and munmap are defined by
POSIX as taking void *. The const modifier has been added to
mlock, munlock, and mprotect as the standard dictates.
minherit comes from OpenBSD and has been updated to conform with
their recent change to void *.
madvise and mincore are not defined by POSIX, but their arguments
have been modified to be consistent with the POSIX-defined functions.
mincore takes a const pointer, but madvise does not due to the
MADV_FREE case.
Discussed with: bde
instead of Singe Unix, thanx Bruce for explaining, I am not realize
standards war was there.
But now, fix n == 0 case to not return error and fix check for too
big n.
Things left to do: check for overflow in arguments.
Final word is Bruce's quote:
C9x specifies the BSD4.4-Lite behaviour:
[#3] ... Thus, the
null-terminated output has been completely written if and
only if the returned value is less than n.
It means that if we not have any null-terminated output as for n == 0
we can't return value less than n, so we forced to return value
equal to n i.e. 0
The next good thing is glibc compatibility, of course.
2) Do check for too big n in machine-independent way.
3) Minor optimization assuming EOF is < 0
The main argument is that it is impossible to determine if %n evaluated or not
when snprintf return 0, because it can happens for both n == 0 and n == 1.
Although EOF here is good indication of the end of process, if n is
decreased in the loop...
Since it is already supposed in many places that EOF *is* negative, f.e.
from Single Unix specs for snprintf
"return ... a negative value if an output error was encountered"
this not makes situation worse.
to pass not more than buffer size to %n agrument, old variant
always assume infinite buffer.
%n is for actually transmitted characters, not for planned ones.
"return the number of bytes needed, rather the number used"
According to Single Unix specs:
Upon successful completion, these functions return the number of bytes
transmitted excluding the terminating null
1) if buffer size is smaller than arguments size, return buffer
size, not arguments size as before.
2) if buffer size is 0, return 0, not EOF as before.
(now it is compatible with Linux and Apache implementations too).
NOTE: Single Unix specs says:
If the value of n {buffer size} is zero on a call to snprintf(), an
unspecified value less than 1 is returned.
It means we can't return EOF since EOF can take *any* value in general
not especially < 1. Better variant will be return -1 (it is less then
1 and different with n == 1 case) but -1 value is already occuped by
EOF in our implementation, so we can't distinguish true IO error
in that case. So 0 here is only possible case still conforming
to Single Unix specs.
a malloc. The signal handler creates a thread which requires a malloc...
For now, the only thing to do is to block signals. When we move user
pthreads to use the kernel threads, mutexes will be implemented in kernel
space and then malloc can revert.
on systems where long doubles are just doubles. FreeBSD hasn't
been such a system since it started using gcc-2.5 many years ago.
The fix is of low quality. It loses precision.
scanf() of long doubles doesn't seem to be used much, but gdb-4.16
uses %Lg format in its expression parser if it thinks that the
system supports printf'ing of long doubles. The symptom was that
floating point literals were usually interpreted to be 0.0.
Note this ONLY affects the function version - the macro version is always
used unless for some reason you put #undef sigismember in your code before
calling it.
PR: 3615
Submitted by: Nanbor Wang <nw1@cs.wustl.edu> (slightly amended patch)
Obtained from: Whistle Communications tree
Add an option to the way UFS works dependent on the SUID bit of directories
This changes makes things a whole lot simpler on systems running as
fileservers for PCs and MACS. to enable the new code you must
1/ enable option SUIDDIR on the kernel.
2/ mount the filesystem with option suiddir.
hopefully this makes it difficult enough for people to
do this accidentally.
see the new chmod(2) man page for detailed info.
Ever since I first say the way the mount flags were used I've hated the
fact that modes, and events, internal and exported, and short-term
and long term flags are all thrown together. Finally it's annoyed me enough..
This patch to the entire FreeBSD tree adds a second mount flag word
to the mount struct. it is not exported to userspace. I have moved
some of the non exported flags over to this word. this means that we now
have 8 free bits in the mount flags. There are another two that might
well move over, but which I'm not sure about.
The only user visible change would have been in pstat -v, except
that davidg has disabled it anyhow.
I'd still like to move the state flags and the 'command' flags
apart from each other.. e.g. MNT_FORCE really doesn't have the
same semantics as MNT_RDONLY, but that's left for another day.
PR: 4555
Submitted by: Dmitrij Tejblum <tejblum@arc.hq.cti.ru>
[0x0400 - 0xffff] [bbbbbbbb.bbbbbbbb] -> 1110bbbb, 10bbbbbb, 10bbbbbb
.Ed
.Pp
If more than a single representation of a value exists (for example,
0x00; 0xC0 0x80; 0xE0 0x80 0x80) the shortest representation is always
used (but the longer ones will be correctly decoded).
.Pp
The final three encodings provided by X-Open:
.Bd -literal
[00000000.000bbbbb.bbbbbbbb.bbbbbbbb] ->
11110bbb, 10bbbbbb, 10bbbbbb, 10bbbbbb
[000000bb.bbbbbbbb.bbbbbbbb.bbbbbbbb] ->
111110bb, 10bbbbbb, 10bbbbbb, 10bbbbbb, 10bbbbbb
[0bbbbbbb.bbbbbbbb.bbbbbbbb.bbbbbbbb] ->
1111110b, 10bbbbbb, 10bbbbbb, 10bbbbbb, 10bbbbbb, 10bbbbbb
.Ed
.Pp
which provides for the entire proposed ISO-10646 31 bit standard are currently
not implemented.
.Sh "SEE ALSO"
.Xr mklocale 1 ,
.Xr setlocale 3
@
1.4
log
@Don't use hardcoded *roff font change requests. Do it
via mdoc macros instead.
@
text
@d37 1
a37 1
.Dd "June 4, 1993"
@
1.3
log
@Very minor mdoc cleanup.
@
text
@d44 2
a45 1
\fBENCODING "UTF2"\fP
@
1.2
log
@Another round of various man page cleanups.
@
text
@d65 1
a65 1
.sp
d81 1
a81 1
.sp
@
1.2.2.1
log
@YAMFC:
Commit all of the -current changes that apply to 2.2. These fall into
several categories:
- Cosmetic/mdoc changes. They don't really afect the output
at all, but having them in 2.2 will make it easier to diff the man
pages later when looking for real changes.
- Update some man pages to reflect the current 2.2 header files.
- Sort xrefs.
- A few typo fixes.
- And a few changes that actualy added text to the man page that should
be reflected in 2.2.
- Add some missing MLINKS.
Requested by: bde
@
text
@d44 1
a44 2
.Nm ENCODING
.Qq UTF2
d65 1
a65 1
.Pp
d81 1
a81 1
.Pp
@
1.2.2.2
log
@MFC: Just the locale fixes (small doc tweaks for the most part)
and the new strptime(3) call. Having added something, does this
require a version bump? Haven't we bumped once already?
There are a *LOT* of additional 3.0 changes to be merged but I'm not
entirely comfortable with some of them so I'll take the conservative
(read: cowardly :) way out and just merge this much.
@
text
@d37 1
a37 1
.Dd June 4, 1993
@
1.1
log
@Initial revision
@
text
@d41 1
a41 1
.Nm UTF2
@
1.1.1.1
log
@BSD 4.4 Lite Lib Sources
@
text
@@
1.1.1.1.6.1
log
@Phase 2 of merge - also fix things broken in phase 1.
Watch out for falling rock until phase 3 is over!
libc completely merged except for phkmalloc & rfork (don't know if David
wants that).
Some include files in sys/ had to be updated in order to bring in libc.
@
text
@d41 1
a41 1
.Nm utf2
@
1.1.1.1.6.2
log
@This 3rd mega-commit should hopefully bring us back to where we were.
I can get it to `make world' succesfully, anyway!
@
text
@d41 1
a41 1
.Nm UTF2
@
partway through its attempt to decode the result structure sent by
the server. If this happens, it can leave the result partially
populated with dynamically allocated memory. In this event, the
xdr_replymsg() failure is detected and RPC_CANTDECODERES is returned,
but the memory in the partially populated result struct is not
free()d.
The end result is that memory is leaked when an RPC_CANTDECODERES
error occurs. (This condition can occur if a CLIENT * handle is created
using clntudp_bufcreate() with a receive buffer size that is too small
to handle the result sent by the server.)
Fixed by setting reply_xdrs.x_op to XDR_FREE and calling
xdr_replymsg() again to free the memory if an RPC_CANTDECODERES error
is detected.
I suspect that the clnt_tcp.c, clnt_unix.c and clnt_raw.c modules
may ha a similar problem, but I haven't duplicated the condition with
those yet.
Found by: dbmalloc
to fail under certain circumstances.
1. In one spot, the ifr_flags member was being examined in the
wrong structure, thus it contained garbage. On a machine in which
only the loopback interface was up, this caused everything that
wanted to talk to the portmapper to fail -- a particular problem
with laptops, where the pccard ethernet interface is likely to come
up long after the attempt to start mountd, nfsd, amd, etc.
2. Compounding the above problem, get_myaddress() returned a
successful status even though it failed to find an address that it
considered good enough.
This fixes bugs in the manual handling. abs.[cS] was handled too
specially and the wrong (.c) variant for each of div.[cS], labs.[cS]
and ldiv.[cS] was added to SRCS. This caused the .c variant to be
used if `depend' was made and the .S version to be used otherwise.
The names of m-d variants are now added (manually) to MDSRCS instead
of to SRCS, and the names of all machine-independent (m-i) variants
that can reasonably be replaced by an m-d variant are now added
(manually) to MISRCS instead of to SRCS, so that a simple substitution
can be used to discard the unused m-i variants. MISRCS is potentially
all m-i sources, but the substitution is too simple to be fast, so
MISRCS should be kept reasonably small.
libc/Makefile.inc:
Do the substitution.
libc/i386/string/Makefile.inc:
Add to MDSRCS instead of to SRCS. Add the names of all sources in this
directory, but no others.
libc/string/Makefile.inc
Add to MISRCS instead of to SRCS. Add the names of all sources in this
directory. Don't use (broken) explicit rules for special cases.
for the entire time that it was there, so obviously nothing needs it
anymore.
Note, unix98/single-unix spec v2 says that usleep() returns an int rather
than a void, to indicate whether the entire time period elapsed (0) or an
error (eg: signal handler) interrupted it (returns -1, errno = EINTR)
It is probably useful to make this change but I'll test it locally first
to see if this will break userland programs [much]...
Reviewed by: ache, bde
back to the original single nanosleep() implementation. This is POSIX and
Unix98 (aka single-unix spec v2) compliant behavior. If a program sets
alarm(2) or an interval timer (setitimer(2)) without a SIGALRM handler
being active, sleep(3) will no longer absorb it, and the program will get
what it asked for..... :-]
The original reason for this in the first place (apache) doesn't seem to
need it anymore, according to Andrey.
Reviewed by: ache, bde
made to the RPC code some months ago. The value of __svc_fdsetsize is being
calculated incorrectly.
Logically, one would assume that __svc_fdsetsize is being used as a
substitute for FD_SETSIZE, with the difference being that __svc_fdsetsize
can be expanded on the fly to accomodate more descriptors if need be.
There are two problems: first, __svc_fdsetsize is not initialized to 0.
Second, __svc_fdsetsize is being calculated in svc.c:xprt_registere() as:
__svc_fdsetsize = howmany(sock+1, NFDBITS);
This is wrong. If we are adding a socket with index value 4 to the
descriptor set, then __svc_fdsetsize will be 1 (since fds_bits is
an unsigned long, it can support any descriptor from 0 to 31, so we
only need one of them). In order for this to make sense with the
rest of the code though, it should be:
__svc_fdsetsize = howmany(sock+1, NFDBITS) * NFDBITS;
Now if sock == 4, __svc_fdsetsize will be 32.
This bug causes 2 errors to occur. First, in xprt_register(), it
causes the __svc_fdset descriptor array to be freed and reallocated
unnecessarily. The code checks if it needs to expand the array using
the test: if (sock + 1 > __svc_fdsetsize). The very first time through,
__svc_fdsetsize is 0, which is fine: an array has to be allocated the
first time out. However __svc_fdsetsize is incorrectly set to 1, so
on the second time through, the test (sock + 1 > __svc_fdsetsize)
will still succeed, and the __svc_fdset array will be destroyed and
reallocated for no reason.
Second, the code in svc_run.c:svc_run() can become hopelessly confused.
The svc_run() routine malloc()s its own fd_set array using the value
of __svc_fdsetsize to decide how much memory to allocate. Once the
xprt_register() function expands the __svc_fdset array the first time,
the value for __svc_fdsetsize becomes 2, which is too small: the resulting
calculation causes the code to allocate an array that's only 32 bits wide
when it actually needs 64 bits. It also uses the valuse of __svc_fdsetsize
when copying the contents of the __svc_fdset array into the new array.
The end result is that all but the first 32 file descriptors get lost.
Note: from what I can tell, this bug originated in OpenBSD and was
brought over to us when the code was merged. The bug is still there
in the OpenBSD source.
Total nervous breakdown averted by: Electric Fence 2.0.5
to POSIX.2. In particular:
- don't retry for ETXTBSY. This matches what sh(1) does. The retry code
was broken anyway. It only slept for several seconds for the first few
retries. Then it retried without sleeping.
- don't abort the search for errors related to the path prefix, in
particular for ENAMETOOLONG, ENOTDIR, ELOOP. This fixes PR1487. sh(1)
gets this wrong in the opposite direction by never aborting the search.
- don't confuse EACCES for errors related to the path prefix with EACCES
for errors related to the file. sh(1) gets this wrong.
- don't return a stale errno when the search terminates normally without
finding anything. The errno for the last unsuccessful execve() was
usually returned. This gave too much precedence to pathologies in the
last component of $PATH. This bug is irrelevant for sh(1).
The implementation still uses the optimization/race-inhibitor of trying
to execve() things first. POSIX.2 seems to require looking at file
permissions using stat(). We now use stat() after execve() if execve()
fails with an ambiguous error. Trying execve() first may actually be a
pessimization, since failing execve()s are fundamentally a little slower
than stat(), and are significantly slower when a file is found but has
unsuitable permissions or points to an unsuitable interpreter.
PR: 1487
'slow' lookup if we get a YPERR_MAP (no such map in server's domain) error
instead of failing over on any error. In the latter case, if the 'fast'
search fails legitimately (i.e. the user or host really isn't a member
of the specified netgroup) then we end up doing the 'slow' search and
failing all over again. The result is still correct, but cycles are
consumed for no good reason.
Also removed the #ifdef CHARITABLE since the compat kludge is no longer
optional.
that if searching through the special netgroup.byhost or netgroup.byuser
maps didn't work, we would roll over to the 'slow' method of grovelling
though the netgroup map and working out the dependencies on the fly.
But I left this option hidden inside an #ifdef CHARITABLE since I
didn't think I'd ever need it.
Well, the Sun rpc.nisd NIS+ server in YP compat mode doesn't support
the .byhost and .byuser reverse maps, so the failover is necessary
in order to be compatible. *sigh*
This closes PR #3891, and should be merged into RELENG_2_2.
plain 0 should be used. This happens to work because we #define
NULL to 0, but is stylistically wrong and can cause problems
for people trying to port bits of code to other environments.
PR: 2752
Submitted by: Arne Henrik Juul <arnej@imf.unit.no>
an unimplemented syscall returned ENOSYS, rather than EINVAL. I have run
statically linked code with this wrapper and it does appear to work fine
on 2.2-stable which doesn't have poll(). ktrace shows the poll syscall fail
once and the fallback to select() working.
if necessary. This removes the need to malloc large fd_set's for selecting
on high fd's (larger than FD_SETSIZE at libc compile time).
The syscall adaptive stuff only happens on the very first call. SIGSYS
is masked, and if the call to poll fails with ENOSYS, then we use select
for the life of the program. If poll does not fail with ENOSYS, then we
always use poll and skip the once-off signal masking gunk.
This may be overkill, but it saved my neck a few times while working on
multiple different sets of kernel sources, some with poll, some without.
#defines that are compatable with ours). I made some some minor tweaks
to the leading '_' tests.
Again, this is off by default for the moment. This probably should be
split into seperate files (like some of our other libc files that could
do with some splitting).
Obtained from: OpenBSD (plus some minor tweaks)
tree. Also merge in fix to NetBSD PR #1495. These represent 1.3-1.9 in
the OpenBSD tree. Make minor KNF changes to new code (which is in the
OpenBSD as 1.10). This avoids the symlink race problems.
These patches should go into 2.2.5 before the ship if they don't
break anything in -current.
Reviewed by: Bruce Evans
Obtained from: OpenBSD
undefined symbol referenced from libc. Without the stub, it is
impossible to execute any program using the shared library if
LD_BIND_NOW=1 is in the environment. The stub always returns
failure, but it can be overridden outside the library when necessary.
I don't know whether this is the "correct" fix, but it is intolerable
to have any undefined symbols referenced from libc.
and return to previous Peter's variant.
POSIX says that this place is implementation defined and old variant allows
application block SIGALRM and sleep and not be killed by external SIGALRMs.
BTW, GNU sleep f.e. sleeps forever in blocked SIGALRM :-)
acceptable range for tv_sec to the magic number 100000000 (which at
least ought to be declared in a header file, and explained in the
non-existing man page, as well as in the existing man pages for
nanosleep(2) & Co.).
PR: bin/4259
modify the original `no modifications' copyright message, and i've
included his mail into the source file.
The common localization functions between strptime(3) and strftime(3)
have been broken out into timelocal.[ch].
lifetime of the call, just like the old implementation did. Previously,
we were only eating them if the application did not call sleep()/usleep()
with SIGALRM masked.
Submitted by: ache
and forgot what I was trying to do originally and accidently zapped
a feature. :-] The problem is that we are converting a counted buffer in
a malloc pool into a null terminated C-style string. I was calling realloc
originally to shrink the buffer to the desired size. If realloc failed, we
still returned the valid buffer - the only thing wrong was it was a tad
too large. The previous commit disabled this.
This commit now handles the three cases..
1: the buffer is exactly right for the null byte to terminate the
string (we don't call realloc).
2: it's got h.left = 0, so we must expand it to make room. If realloc
fails here, it's fatal.
3: if there's too much room, we realloc to shrink it - a failed realloc
is not fatal, we use the original buffer which is still valid.
Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Various cleanup from Keith Bostic
Reinstate calloc() as a separate funtion, in its own source/object file.
leave the manpage integrated with malloc.3 and friends. Too many things
were broken in this respect.
PR: 4002
Reviewed by: phk
Submitted by: Dmitrij Tejblum <dima@tejblum.dnttm.rssi.ru>
Submitted by: Keith Bostic <bostic@bostic.com>
Only call malloc() if the fd is too big for the compiled in fd_set size,
and don't use calloc either. This should reduce the impact of conflicts
with private malloc implementations etc. When using the fd_set on the
stack, only zero what is needed rather than all 1024 bits like FD_ZERO did.
Various portability and stylistic cleanups.
Kill MALLOC_STATS & the 'D' option.
Fix the 'V' option.
Major overhaul of the man-page.
You milage should not vary.
Reviewed by: Keith Bostic <bostic@bostic.com>
Submitted by: Keith Bostic <bostic@bostic.com>
The logic in get_myaddress() is broken: it always returns the loopback
address due to the following rule:
if ((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET &&
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
The idea is that we want to select the interface address only if it's
up and it's in the AF_INET family. If it turns uout we don't have
such an interface available, we make a second pass through the loop,
this time settling for the loopback interface. But the logic inadvertently
locks out all cases when loopback == 0, so nothing is ever selected until
the second pass (when loopback == 1).
This is changed to:
if (((ifreq.ifr_flags & IFF_UP) &&
ifr->ifr_addr.sa_family == AF_INET) ||
(loopback == 1 && (ifreq.ifr_flags & IFF_LOOPBACK))) {
which I think does the right thing.
This is yet another bogon I discovered during NIS+ testing; I need
get_myaddress() to work correctly so that the callback code in the
client library will work.
srandomdev(), but can be used inside libraries. random() can't be used
inside libraries because it breaks its possible predictable sequence.
arc4random() is true random as designed, so its usage is library-safe.
Obtained from: OpenBSD
implement (better) falback code inside srandomdev() itself.
Change return type from int to void (binary compatibility surprisely
achieved). Userland code will be changed soon.
Malloc cannot use pthread_mutex_init() to initialize a mutex because
the mutex initialization process does a malloc!
libc_r internals skip the malloc and assign an initializer to a static
structure and point the opaque type (pthread_mutex_t in this case) to
that structure. This is done on the assumption that the mutex will never
be destroyed. This style of initialization is only valid inside libc_r
because the structure that is assigned is opaque to the user.
This fix allows a simple program to get to main() again. 8-)
semantics of the old sleep for compatability with a few decades of expected
side effects. Apache breaks if we just use nanosleep() for some reason,
here we use a new signanosleep() syscall which is kinda like a hybrid of
sigsuspend and nanosleep..
Reviewed by: ache (and tested on his apache that was failing when
sleep used plain nanosleep)
These changes add the ability to specify that a UFS file/directory
cannot be unlinked. This is basically a scaled back version
of the IMMUTABLE flag. The reason is to allow an administrator
to create a directory hierarchy that a group of users
can arbitrarily add/delete files from, but that the hierarchy
itself is safe from removal by them.
If the NOUNLINK definition is set to 0
then this results in no change to what happens normally.
(and results in identical binary (in the kernel)).
It can be proven that if this bit is never set by the admin,
no new behaviour is introduced..
Several "good idea" comments from reviewers plus one grumble
about creeping featurism.
This code is in production in 2.2 based systems
-DUSE_NANOSLEEP. Also, seperate the code for _THREAD_SAFE so that it uses
the simpler threaded nanosleep() call in libc_r.. We don't go to the same
extremes for emulating traditional sleep semantics (ie: eating any SIGALRM
that might happen) which things like apache seem to depend on.
- bde's change to includes section in getrpcent.3
- Lost comment in svc_run.c (the code here was actually the same since
I had fixed the 'fds + 1' bug in my stuff at home before mailing
Peter about it, but I didn't notce that he'd made a change to the
comment right above the changed line).
Also pointed out by the ever vigilant: bde
This concludes tonight's entertainment. Once I'm sure I haven't destroyed
the world with all these changes, I'll import the utilities. Everything
should continue to work as before. If it doesn't let me know.
Special thanks to Mark Murray for running a test 'make world' for me to
shake out the bugs, which, hopefully, I have fixed.
(And there was much rejoicing.)
Note: you'll need to rinstalkl all your includes before compiling libc
the next time you update your sources in order for all this to work.
Reviewed by: Mark Murray
value, it appears as though the semantics of usleep are that it doesn't
return early. (only in the nanosleep code - the setitimer code does this
already)
(nanosleep) breaks Apache httpd badly: his childs died quickly after
number of requests (SIGPIPE). To reproduce this bug start
gdb /usr/local/sbin/httpd
run -X
and make some bunch of concurent requests (load the server pages
from 3 different places f.e.)
After short time httpd dies via SIGPIPE. It never dies with old sleep.c
In real life it looks like lots of broken images on the pages or missing
pages. Lynx says about Network read error, etc.
It seems something wrong in nanosleep signal handling.
back as designed in *BSD
Also it not violates current standards but
1) No other Unixes have this feature
2) It broke Kerberos5 (isprint) and God knows what else
(not all vendors will agree to treat FreeBSD as special case for support
since (1))
2) Give false localization sense (programs mimic to be 8859-1
localized) which prevents true localization.
so that all these makefiles can be used to build libc_r too.
Added .if ${LIB} == "c" tests to restrict man page builds to libc
to avoid needlessly building them with libc_r too.
Split libc Makefile into Makefile and Makefile.inc to allow the
libc_r Makefile to include Makefile.inc too.
and FNM_LEADING_DIR were specified and the pattern ended with "*".
Example: pattern="src/usr.sbin/w*", string="src/usr.sbin/watch/watch.8,v".
This should match, but did not.
- dependencies actually work (I need this to propagate some fixes
in <machine/asm.h>)
- the cpp pipeline goes away, so errors can't leak out of it and
an ANSI cpp is automatically used.
- it's simpler - standard rules get used instead of repetitive
special rules. (This showed bugs in the strip steps in the
standard rules. The wrong strip flag was also used for *.po
here.)
Removed some ${ECHO}s and `@'s. Normal make echoing of what is
being done is now not much more verbose than the echo messages
were, and is more useful.
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
the (buggy) support for alternative entry points. ALTENTRY() was only
used for memmove(). Optimizing for space was particularly silly because
memcpy() is rarely used (gcc normally inlines it).
Obtained from: NetBSD
- use a slightly less bogus copyright. This file was never contributed
to Berkeley. It still claims to be copright by the Regents.
- use <machine/asm.h> instead of "DEFS.h".
- use RCSID($Id$) instead of explicit assembly code and messy ifdefs.
The rcsid won't be put into the object file until we make RCSID()
non-null. NetBSD uses a LIBC_SCCS ifdef here. We used a LIBC_RCS
instead, but I want RCSID() to be controlled directly by LIBC_RCS
(actually by LIB_RCS). This is the only difference with the NetBSD
version.
- added ifdefs to support generation of memcpy() and memmove(). The
other changes are "while I'm here" to get this.
- improved style of the copy backwards case.
TTY_NETWORK (network), TTY_DIALUP (dialup), which determine a basic
connection type. TTY_DIALUP in particular will replace the old out of
date heuristic "tty[dD]*" in login.c (and better than the current
hard-coded method).
uid/gid in question was in the cache, but did not exist
in the password file. This causes the -nouser and -nogroup
options to find(1) to only print the first file owned by
an unknown user/group in some cases.
passes on the status across fork/exec.
The previous version had some typos, referred to itself as link(2) in
one place :-), and didn't really match openbsd's implementation either.
Now that I've mentioned typos, hopefully our Typo Police and Xref Police
will be gentle with me. :-)
The sa_mask field specified in act is not allowed to block SIGKILL or
SIGSTOP. Any attempt to do so will be silently ignored.
Now where did I leave that pointy hat...
modern FreeBSD systems will syslog properly on older systems that
still name the logging socket "/dev/log". This includes pre-2.2
versions of FreeBSD as well as BSD/OS systems. If the connect to
"/var/run/log" fails, the function now tries to connect to
"/dev/log" as a fallback.
Back out a dubious Lite2 change to "optimise" getcwd() to look at $PWD
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
The following commits already happened but the log message got lost:
Modified Files:
gen/Makefile.inc gen/getcwd.c stdlib/Makefile.inc
Removed Files:
gen/realpath.3
because it's potentially dangerous (think: symlink races). Move
realpath() back to it's original location, and remove getcwd_physical()
by renaming it back to getcwd() and zapping the original getcwd wrapper.
Noticed by: bde
Bruce says that since NetBSD, OpenBSD and Linux currently
use ss_sp, we won't be changing it to the lite2 ss_base.
The type may change at some later date.
touch duplicate group suppression, but the merge blew away our
duplicate group suppression.
The merge also blew away the -Wall cleanup in rev.1.5, but that
was misformatted, so I didn't restore it.
but in one case the Lite2 changes were flat out wrong and
caused the man page to disagree with a header file.
There are still some *roff macro calls that were added that
I have yet to figure out what to do with in some of the man pages.
My changes to preserve errno across free() and close() and to report
fstat() errors properly were blown away.
Updated the FreeBSD changes to match the Lite2 style fixes.
Document that popen() can now create bidirectional pipes and handles.
Note that this needs to be updated since we have a native bidirectional
pipe and don't use socketpair() here.
style and b) the wrong logic. Should be strstr(s, "##") != NULL. (Note
that the passwd.adjunct stuff has not been merged into 2.2 so this bug
is not in that branch.)
The character `#' introduces a comment. Leading spaces and tabs are
ignored: '^[ \t]*#.*\n$'
Count an empty line - only spaces, tabs or newline - also as a comment.
(to be compatibel with password database comments). '^[ \t]*\n$'
- 0 was returned instead of EOF when an input failure occured while
skipping white-space after 0 assignments. This fixes PR2606. The
diagnosis in PR2606 is wrong.
- EOF was returned instead of 0 when an input failure occurred after
zero assignments and nonzero suppressed assignments.
- EOF was spelled -1.
This should be in 2.2.
for now so that we don't lose library compatibility. Applications should
define _NEW_VFSCONF and use getvfsbyname() instead of new_getvfsbyname()
if they want the new vfsconf interface. Parts of the old interface
(enough to load vfs modules, I hope) are still available.
doesn't need to be included in files that have nothing to do with
syscalls.
Added missing `.text' to START_ENTRY so that ENTRY() works when
invoked in the data section.
- Use MAP_FAILED instead of the constant -1 to indicate
failure (required by POSIX).
- Removed flag arguments of '0' (required by POSIX).
- Fixed code which expected an error return of 0.
- Fixed code which thought any address with the high bit set
was an error.
- Check for failure where no checks were present.
Discussed with: bde
a manner consistent with other implementations. Its done in a way that
adds only a tiny amount of overhead when positional arguments are not used.
I also have a test program to go with this, but don't know where it belongs
in the tree.
Submitted-By: Bill Fenner <fenner@FreeBSD.ORG>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
of the user's timezone failed), don't bail if the specified timezone
doesn't have an offset; in this case it isn't going to. (Perhaps it would
be better to change the caller to always supply one, but this is quick
and clean and fixes the bug in the easiest possible way.)
Should be in 2.2. Fixes (properly) PR#1740.
interfaces, until it's redone to use sysctl().
- bump the SIOCGIFCONF buffer size from 1K to 8K
- if we didn't find a suitable address, return a failure. Previously
if it didn't find anything it left the return address uninitialised.
Perhaps it would be better to return AF_INET/111/127.0.0.1 rather than
failing?
more manageable and convenient referencing by login.conf (login
class database) and (e.g.) login.access.
This is the first of a group of commits which implements the login
class capabilities database.
(There may be a behavior difference between the 2.1 and 2.2/3.0 kernels
in this area, it seemed to work for me but I have a horribly hacked
select() that might have a bug in the handling of this)
Submitted by: wpaul
Restore the clamp on the return value from rpc_dtablesize().. Some programs
(eg: ypserv) use this as an indication of how large svc_fdset is in their
hand-rolled svc_run() loops. The svc_fdset table is maintained by the
rpc library explicitly for compatability with such programs. (It uses
a different variable-sized bitmap itself internally)
- prototypes now in include files
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note: potential bug here, It looks like there could be a null pointer
dereference depending on what has already been called to initialise some
shared data.
- kill non-FD_SETSIZE code
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note, there was a nasty bug with our old code here. It would trash the
stack if a fd > 31 was passed in. It was using a "long" as though it
was an "fd_set", ie: it was assuming that a long was 256 bits wide. :-(
This has been lurking here for a while, since the FD_SETSIZE #ifdef's
were first implemented.
- fix timeout code
- better sequence number generation (for long running daemons)
- dont close an unopen socket
- use standard functions
- 64 bit type safe for wire protocols
- unlimited file descriptors
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- ensure we're not spoofed/confused while trying to talk to the portmapper
- handle new get_myaddress failure cases
- prototype now in include file
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- fix timeout code
- better "random" initial transaction id for long running daemons
- unlimited number of file descriptors to select().
- 64 bit type safe wire protocol
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- typo (spelling police :-)
- dont die on select() that returns time remaining (on my systems)
- improve initial "random" sequence number, to make it harder to guess
in long running daemons.
- fix timeout code.
- unlimited number of fd's in select.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- Protect against select() that returns time remaining (on my systems).
- don't exit. It's bad form for libc to exit() or abort() instead of
returning an error.
- only use loopback addresses after checking the real interfaces.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- canonical function declaration
- use constants from includes, not magic numbers
- use standard functions
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- 64 bit long type safe (wire protocols specified in explicit sized types)
- Support systems that don't do unaligned accesses
- Support for explicit int16 and int32 sizes in xdr
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
RELENG_2_2!
This is part#2 of the previous commit to src/lib/libc/net to contain the
potential damage.
This provides stubs so that binaries linked in 2.2 will run on 3.0
- getpwent:
o adjunctbuf should be NUL terminated after copying
o _pw_breakout_yp() needs to know the length of the buffer returned
from YP so it can properly NUL terminate its local buffer.
- getgrent:
o YP buffers should be YPMAXRECORD + 2 bytes long and NUL terminated.
(Previously they were hardcoded to 1024 bytes.)
- getnetgrent:
o YP data should be copied with snprintf(), not sprintf()
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
- getservent:
o put _yp_check() proto under #ifdef YP where it belongs
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- gethostbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long
- getnetbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- ether_addr:
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying (in this case it's BUFSIZ + 2 bytes,
but it happens that BUFSIZ == YPMAXRECORD.
- gethostbydns:
o nuke stray 'return(NULL)' in __dns_getanswer() (harmless but looks silly)
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
line length limit anymore - now 500 members or 5000 members are
possible. For security group lines longer than 256K will be count as
an error. 256K should be enough for 65536 users.
Support comments (lines that begin with a #) if compiled with
option -DGROUP_IGNORE_COMMENTS.
Fortunately it seems that all system utilities which use getgrent()
functions are dynamically linked executables. So you need only
rebuild libc.so.3.0 if you want this change. Note: if you have
an old X server which depend on libc.so.2.* you should rebuild
libc.so.2.* too.
Not a 2.2 candidate.
lookup results. Without this, doing multiple host/addr lookups in a
single process yeilds strange results (the buffer is static, and
garbage may be left behind from previous lookups).
I just noticed this in 2.2-BETA. Unless somebody threatens to chop my
hands off with an axe, I'm going to move this to the 2.2-RELENG branch
shortly.
of BIND, we need to tweak some things to that gethostanswer() knows
whether or not we're dealing with an IPv4 or IPv6 address. (This'll
teach me to use a 2.1.0 system for NIS development -- but it's so nice
and stable I just can't being myself to upgrade it. :)
_yp_dobind() checks to see if a fork() happens (by checking PIDs) and
invalidates all bindings if it finds itself in a newly created child
process. (This avoids sharing RPC client handles and socket descriptors
with the parent, which would be bad.) Unfortunately, it summarily
calls clnt_destroy() on the handles, which may result in the destruction
of a descriptor that isn't really a socket.
This is fixed by replacing the explicit call to clnt_destroy() with a
call to _yp_unbind(), which deals with potentially hosed socket descriptors
an a safe manner.
This is basically a one-liner. Once I confirm that it fixes Christoph's
problem, I'd like permission to put it in the 2.2-RELENG branch.
Vulnerable: all programs that use setlocale(LC_COLLATE),
setlocale(LC_CTYPE), or setlocale(LC_ALL). The only setuid/setgid
binary i've found for this is w(1).
Should go into 2.2.
in lots of unrelated junk from <net/if.h> and <net/if_ether.h>. These
functions still aren't prototyped anywhere (but should be in
<net/ethernet.h>---got that, Bill?).
and he said:
The 3rd agrument is new; looks like it was part of the upgrade to
a new BIND with some IPv6 support. The third argument here should be
AF_INET. In order for it to be anything else, I'd have to add new
NIS functions to support IPv6 lookups. I don't even know what those
look like yet.
So there ya go, add AF_INET as the 3rd argument to the call.
Submitted-by: wpaul
copy of insure++, too bad the runtime only works for BSD/OS. :-(
Maybe they'll be so impressed by my initial 15 entry bug report for it
that they'll take the FreeBSD version more seriously. :-) :-)
NIS map which is present on SunOS NIS servers with the SunOS C2 security
hack^Woption installed. I'm convinced that the C2 security option restricts
access to the passwd.adjunct.byname map in the same way that I restrict
access to the master.passwd.{byname,buid} maps (checking for reserved ports),
which means that we should be able to handle passwd.adjunct.byname map
correctly.
If _havemaster() doesn't find a master.passwd.byname map, it will now
test for a passwd.adjunct.byname map before defaulting back to the
standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
sees that the adjunct map was found and the password from the standard
maps starts with ##, it will try to grab the correct password field
from the adjunct map. As with the master.passwd maps, this only happens
if the caller is root, so the shadowing feature is preserved; non-root
users just get back ##username as the encrypted password.
Note that all we do is grab the second field from the passwd.adjunct.byname
entry, which is designated to be the real encrypted password. There are
other auditing fields in the entry but they aren't of much use to us.
Also switched back to using yp_order() to probe for the maps (instead
of yp_first()). The original problem with yp_order() was that it barfed
with NIS+ servers in YP compat mode since they don't support the
YPPROC_ORDER procedure. This condition is handled a bit more gracefully
in yplib now: we can detect the error and just punt on the probing.
Since locale reading code not resistent against stack overflowing or
similar intruder attacks, don't allow PATH_LOCALE env variable action
for s-bit programs (non-standard locale path setting)
strdup() it to prevent unsetenv() or setenv() effects. Check its length to
not allow user to overflow internal locale buffer. Move PATH_LOCALE
handling code into one place.
POSIX: make better stub for LC_MONETARY & LC_NUMERIC, now it check
locale directory existance instead of refusing all non-C non-POSIX
locales. POSIX treats empty locale env variable as unset variable
while our old code treats it as "C" locale, fix it. Implement previous locale
restoring, if locale setting fails. Old code assumes success if some
of LC_ALL subset is successed even other fails, POSIX treats it as
failure with previous locale restoring, fix it.
Remove unneccessary length checking in currentlocale()
Garbage in `eacces' caused the wrong errno to be set for non-EACCES errors.
Garbage in `etxtbsy' caused a semi-random retry strategy for ETXTBSY errors.
Found by: NIST-PCTS. gcc -Wall reported the problem, but -Wall is not
enabled for libc.
dealing w/the fixit floppy.
Also added the MNT_RELOAD, MNT_WANTRDWR, MNT_ASYNC, MNT_NOATIME,
MOUNT_UNION flags. Someone might want to check my description of MNT_RELOAD.
2.2-R candidate. Not a 2.1.6-R candidate -- some current flags aren't in
2.1.5-R's version.
for NULL RPC client handles. This should hopefully fix the problems
Satoshi reported on -current.
- Add socket descriptor sanity checks to _yp_unbind().
- Fix yp_order() so that it handles the RPC_PROCUNAVAIL error gracefully.
NIS+ in YP compat mode doesn't support the YPPROC_ORDER procedure.
This is a 2.2 candidate with bells on.
inside libc. Add collate_range_cmp as alias to __collate_range_cmp
for temp. backward compatibility.
collate_range_cmp will be replaced with direct code for each
external program for compatibility with the rest of world
1) Rename FNM_ICASE to FNM_CASEFOLD
2) Add FNM_LEADING_DIR
Add proper (unsigned char) casts to tolower().
Use 'char' function argument for proper sign extension
Add progname to warning/error message layout. (joerg)
Remove inline assembler, no speed impact, not need for the obfuscation (bde)
Remove on the fly calculation of parameters, no longer critical.
Make D & U flags valid even if we don't support them.
Don't call imalloc until we're done initializing.
Zap contents on free() if we have "Junk" set. [*]
Various nitpicking.
[*] As a sideeffect of this change, if you are worried about
sensitive data lingering in memory, you can use the 'Junk' option
now to make sure phkmalloc zaps memory when it is returned. add
char * malloc_options = "J";
to your source. Obviously there is a performance impact.
Somehow, I also managed to get quite some other changes in this file at
the same time. All I did was checkout the file and made a single change.
If someone has an explanation how these PURIFFY defines got in...
- removed references to nonexistent pathconf-related variables.
- document everything in CTL_MACHDEP(more than in sysctl.8) and
80% of the things in CTL_KERN (same as in sysctl.8).
Various neat features added. More documentation in the manpage.
If your machine has very little RAM, I guess that would be < 16M
these days :-(, you may want to try this:
ln -fs 'H<' /etc/malloc.conf
check the manpage.
as done after a quasi-recursive call to free() had modified what we
thought we knew about the last chunk of pages.
This bug manifested itself when I did a "make obj" from src/usr.sbin/lpr,
then make would coredump in the lpd directory.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
traditional BSD4.4 behavior (_POSIX_SAVED_IDS are OFF) was described
before.
Add some hooks to easily change this text when
POSIX_SAVED_IDS model will be changed.
routines from contrib/bind directly. There were too many problems,
including having to add -DUSE_OPTIONS_H to the entire libc source in
order for the contrib code to pick up it's options, and so on.
Instead, I've merged the changes, libc is now self contained again.
in a bunch of man pages.
Use the correct .Bx (BSD UNIX) or .At (AT&T UNIX) macros
instead of explicitly specifying the version in the text
in a bunch of man pages.
note that at_shutdown has a new parameter to indicate When
during a shutdown the callout should be made. also
add a RB_POWEROFF flag to reboot "howto" parameter..
tells the reboot code in our at_shutdown module to turn off the UPS
and kill the power. bound to be useful eventually on laptops
Here are the diffs for libc_r to get it one step closer to P1003.1c
These make most of the thread/mutex/condvar structures opaque to the
user. There are three functions which have been renamed with _np
suffixes because they are extensions to P1003.1c (I did them for JAVA,
which needs to suspend/resume threads and also start threads suspended).
I've created a new header (pthread_np.h) for the non-POSIX stuff.
The egrep tags stuff in /usr/src/lib/libc_r/Makefile that I uncommented
doesn't work. I think its best to delete it. I don't think libc_r needs
tags anyway, 'cause most of the source is in libc which does have tags.
also:
Here's the first batch of man pages for the thread functions.
The diff to /usr/src/lib/libc_r/Makefile removes some stuff that was
inherited from /usr/src/lib/libc/Makefile that should only be done with
libc.
also:
I should have sent this diff with the pthread(3) man page.
It allows people to type
make -DWANT_LIBC_R world
to get libc_r built with the rest of the world. I put this in the
pthread(3) man page. The default is still not to build libc_r.
also:
The diff attached adds a pthread(3) man page to /usr/src/share/man/man3.
The idea is that without libc_r installed, this man page will give people
enough info to know that they have to build libc_r.
refilled) a file that was either line- or un-buffered, all files were
flushed. According to the code comment, the flush (according to ANSI)
is supposed to happen on write + line buffered output files, not _all_
files.
Obtained from: OpenBSD / Theo de Raadt, possibly from proven@cygnus.com
set sin_len
close one ftp port bounce attack
have rresvport() use bindresvport() rather than duplicate the code,
rresvport() is a superset of bindresvport().
Obtained from: OpenBSD / Jason Downs / Theo de Raadt, minor tweaks by me.
this man page to prevent half of it from coming out with underlines.
This man page needs to be gone over to fully convert it to mdoc format.
This closes PR#1440.
Submitted by: Jens Schweikhardt <schweikhardt@rus.uni-stuttgart.de>
- buffer expansions were not working right due to a return code botch.
- signed types instead of size_t's meant somebody else went and put
casts in, I've changed the types to what they should have been.
part that does zic(8)/zdump(8) is still yet to be imported (but the old
zic and zdump will work just fine with these header files and the
data format has not changed).
directly in order to obtain binding information, check that the local
ypbind is using a reserved port and return YPERR_YPBIND if it isn't.
We should not trust any ypbind running on a port >= IPPORT_RESERVED;
it may have been started by a malicious user hoping to trick us into
talking to a bogus ypserv.
Note that we do not check the ypserv port returned to us from ypbind.
It is assumed that ypbind has already done a reserved port test (or not,
depending on whether or not it was started with -s); if we trust the
authenticity of the local ypbind, we should also trust its judgement.
Obtained from: OpenBSD
aren't silently converted to minbrk. This stops malloc(INT_MAX) from
dumping core. Small values are still silently converted. They should
be an error. sbrk() doesn't do any range checking or conversions or
overflow checking.
Moved PIC_EPILOGUE invocation to a more natural place where it
obviously doesn't interfere with the comparison.
Document the fact that the tracefile argument must lead to a regular file.
Also took the opportunity to remove the spurious "Errors" entry
relating to filenames with the high-order bit set and add $Id$.
(More of the same to follow if there are no objections).
Added $Id$'s to files that were lacking them (gpalmer), made some
cosmetic changes to conform to style guidelines (bde) and checked
against NetBSD and Lite2 to remove unnecessary divergences (hsu, bde)
One last code cleanup:-
Removed spurious casts in fseek.c and stdio.c.
Added missing function argument in fwalk.c.
Added missing header include in flags.c and rget.c.
Put in casts where int's were being passed as size_t's.
Put in missing prototypes for static functions.
Changed second args of __sflags() inflags.c and writehook() in vasprintf.c
from char * to const char * to conform to prototypes.
This directory now compiles with no warnings with -Wall under
gcc-2.6.3 and with considerably less warnings than before with the
ultra-pedantic script I used for testing. (Most of the remaining ones
are due to const poisoning).
The usual stuff, adding missing function prototypes, argument types,
return values, etc.
This directory now compiles with no warnings with -Wall on gcc2.6.3!
The usual stuff, adding missing function prototypes, argument types,
return values, etc. In mktemp.c, convert pid from u_int to pid_t, and
get rid of "extern int errno".
Fixed a couple of nitpick warnings, plus one that slipped through the
net earlier.
This directory now compiles without any warnings with -Wall! (Until
the next gcc upgrade...)
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Corrected format specifier in printf().
6. Added extra parentheses around assignment used as truth value.
7. Added missing "default" cases in switch statements.
8. Added casts for function pointers.
9. Did *not* change int declarations of uid and gid to uid_t/gid_t
because I don't know if that would affect the protocol. Put in
explicit casts to int instead, to make things more obvious.
10. Moved declarations of variables that are only used if YP is
defined inside the '#ifdef YP' conditionals.
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Corrected casts in select() args.
6. Got rid of more "extern int errno" rubbish.
7. Added extra parentheses around assignment used as truth value.
8. Fixed bug in clnt_{tcp, udp}create() where pointers could be free'd
even if they hadn't been successfully malloc()'d.
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Got rid of "extern int errno" rubbish.
by W.Richard Ste vens. EINTR handling suggested by bde@freebsd.org).
Code cleanup:
1. Add missing return type.
2. Replace 'union wait' by int.
3. Use Posix-style signal handling instead of signal().
4. Use fork() instead of deprecated vfork().
5. Block signals before fork()'ing, instead of after.
6. Return -1 if fork() fails, instead of 0.
7. Add EINTR handling for waitpid() call.
Also add claim of Posix conformance to man page.
Now that we preserve RPC handles instead of rebuilding them each time
a ypcln function is called, we have to be careful about keeping our sockets
in a sane state. It's possible that the caller may call a ypclnt
function, and then decide to close all its file descriptors. This would
also close the socket descriptor held by the yplib code. Worse, it
could re-open the same descriptor number for its own use. If it then calls
another ypclnt function, the subsequent RPC will fail because the socket
will either be gone or replaced with Something Completely Different. The
yplib code will recover by rebinding, but it doing so it may wreck the
descriptor which now belongs to the caller.
To fix this, _yp_dobind() needs to label the descriptor somehow so
that it can test it later to make sure it hasn't been altered between
ypclnt calls. It does this by binding the socket, thus associating a port
number with it. It then saves this port number in the dom_local_port member
of the dom_binding structure for the given domain. When _yp_dobind() is
called again (which it is at the start of each ypclnt function), it checks
to see if the domain is already bound, and if it is, it does a getsockname()
on the socket and compares the port number to the one it saved. If the
getsockname() fails, or the port number doesn't match, it abandons the
socket and sets up a new client handle.
This still incurs some syscall overhead, which is what I was trying to
avoid, but it's still not as bad as before.
functions are implimented as wrappers around getservent(), which means it's
up to getservent() to do all the work. The NIS support in getservent()
only allows it to scan through the services.byname map one entry at a
time until it finds the requested service name/port. This can be painfully
slow due to the overhead involved (lots and lots of successive RPCs).
To fix this, we allow getservbyname() and getservbyport() to signal
getservent() that if NIS is turned on (there's a '+' in /etc/services),
the usual yp_first()/yp_next() linear search should be abandoned and
yp_match() used instead. This causes getservent() to immediately
locate the requested entry instead of wasting time groping through the
whole map.
The downside is that this trick is accomplished by exporting a couple of
pointers from getservent.c which getservbyname.c and getservbyport.c can
preset in order to tell getservent() what to do. If all three functions
were in the same source module, then the extra cruft could be delcared
static to avoid poluting the global symbol space. Maybe they should be
combined anyway. For now I've settled on prepending lots of underscores.
privileged port within a single bind(), rather than looping through
attempts to bind over and over again over progressively lower ports.
This should speed up rlogin/rsh etc, and will probably cure some of the
strange rlogin hangs that have been reported in the past where rresvport()
managed to bind() to a port address that it shouldn't have.
not based on gpl'ed code, just prototype and usage. I'm not 100% certain
they behave the same while the system is in trouble (eg: malloc() failing)
but in those circumstances all bets would be off anyway.
These routines work like sprintf() and vsprintf(), except that instead of
using a fixed buffer, they allocate memory and return it to the user
and it's the user's responsibility to free() it. They have allocate as
much memory as they need (and can get), so the size of strings it can deal
with is limited only by the amount of memory it can malloc() on your
behalf.
There are a few gpl'ed programs starting to use this interface, and it's
becoming more common with the scares about security risks with sprintf().
I dont like the look of the code that the various programs (including
cvs, gdb, libg++, etc) provide if configure can't find it on the system.
It should be possible to modify the stdio core code to provide this
interface more efficiently, I was more worried about having something
that worked and was secure. :-) (I noticed that there was once intended
to be a smprintf() routine when our stdio was written for 4.4BSD, but it
looks pretty stillborn, and it's intended interface is not clear). Since
Linux and gnu libc have this interface, it seemed silly to bring yet
another one onto the scene.
to call clnt_destroy() on a potentially NULL RPC handle. Somebody should
bang on this a bit to make sure the problem is really gone; I seem to
have difficulty reproducing it. Patch provided by Peter Wemm and
slightly tweaked by me.
- Don't call _yp_unbind() in individual ypclnt functions unless we encounter
an RPC error while making a clnt_call().
bugs in your code is to put it in the -stable branch. (Corollary: the
day you discover the bug is the day the Internet decides to route your
telnet session to the repository box via Zimbabwe.)
Remove one bogus free(result) (from _havemaster()) that slipped by me.
Flagged by: phkmalloc
Pointed out to me by: Stefan Esser
In a nutshell, this macroizes the local/global symbol scoping rules
that are different in a.out and ELF. It also makes the i386 assembler
stubs conform to i386 PIC calling conventions - the a.out ld.so didn't
object, but the ELF one needs it as it implements PIC jumps via PLT's as
well as calls. The a.out rtld only worked because it was accidently
snooping the grandparent calling function's return address off the stack..
This also affects the libc_r code a little, because of cpp macro nesting.
Each of the ypclnt functions does a _yp_dobind() when it starts and then
a _yp_unbind() when it finishes. This is not strictly necessary and it
wastes cycles: it means we do a new clnt_create() and clnt_destroy()
for each yp_whatever() call. In fact, you can do multiple clnt_call()s
using a single RPC client handle returned by clnt_create(). Ideally we only
have to create a handle to ypserv once (the first time we call a ypclnt
function) and then destroy it and rebind only if a call to ypserv fails.
- Modify _yp_dobind() so that it only creates a new RPC client handle
when establishing a new binding or when one of the ypclnt calls
invalidates an existing binding and calls _yp_dobind() to establish
a new one.
- Modify the various ypclnt functions to only call _yp_unbind() if a
call to ypserv fails.
If _ANSI_SOURCE or _POSIX_SOURCE is defined, then <ctype.h> had to
be included before <stddef.h> or <stdlib.h> to get rune_t declared.
Now rune_t is declared perfectly bogusly in all cases when <ctype.h>
is included.
This change breaks similar (but more convoluted) convolutions in the
stddef.h in gcc distributions. Ports of gcc should avoid using the
gcc headers.
In __initdb(), a failure to open the local password database is supposed
to result in a warning message being syslog()ed. This warning is only
supposed to be generated as long as the 'warned' flag hasn't been yet;
once the warning is generated, the flag should be set so that the message
is only syslog()ed once. However, while the state of the flag is checked
properly, the flag's state is never changed, so you always get multiple
warnings instead of just one.
Pointed out by: Peter Wemm
This commit covers the man pages for most of the ANSI library functions.
A few others such as strtol.3 have to mention <sys/types.h> because they
mix ANSI interfaces with less well designed extensions.
getnetgrent.c:
- Catch one bogon that snuck by: in _listmatch(), check for '\0'
rather than '\n'; strings returned from yp_match() are terminated
with a nul, not a newline.
getpwent.c:
- Rip out all of the +inclusion/-exclusion stuff from before and
replace it with something a little less grotty. The main problem
with the old mechanism was that it wasted many cycles processing
NIS entries even after it already knew they were to be exlcuded
(or not included, depending on your pointof view). The highlights
of these changes include:
o Uses an in-memory hash database table to keep track of all the
-@netgroup, -user, and -@group exclusions.
o Tries harder to duplicate the behavior normally obtained when using
NIS inclusions/exclusions on a flat /etc/passwd file (meaning things
come out in much the same order).
o Uses seperate methods for handling getpwent() and getpwnam()/getpwuid()
operations instead of trying to do everything with one general
function, which didn't work as well as I thought it would.
o Uses both getnetgrent() and innetgr() to try to save time where
possible.
o Use only one special token in the local password database
(_PW_KEYYPBYNUM) instead of seperate tokens to mark + and -
entries (and stop using the counter tokens too). If this new
token doesn't exist, the code will make due with the standard
_PW_KEYBYNUM token in order to support older databases that
won't have the new token in them.
All this is an attempt to make this stuff work better in environments
with large NIS passwd databases.
- Clear the _yp_innetgr flag immediately after calling setnetgrent() from
innetgr(). We only need the flag set to temporarily alter setnetgrent()'s
behavior. Previously, it was being cleared too late.
- When in NIS-only mode, innetgr() was wasting time doing unecessary
extra processing after it had already found a match.
- Remember to free memory allocated by the NIS functions during innetgr()
searches.
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
nonstandard normal version and the standard threaded version.
Removed a bogus L in a constant. fpos_t's aren't longs, and casting to
fpos_t would be verbose.
/var/run resides on an NFS filesystem (flock() always returns 0 in
this case, so we falsely assume that ypbind is dead and bail out).
Settle instead for better failure checking when using clnttcp_create()
and clnt_call() to interact with ypbind. We still try to flock()
/var/yp/binding/$DOMAINNAME.2, but if this doesn't work, we drop into
the code that retrieves the binding information from ypbind directly.
If that also fails, then we're toast. On NFS filesystems, this means
we'll be ignoring the binding file for no reason and always talking to
ypbind even though we don't have to, but at least things will work.
(I could just replace the flock(/var/run/ypbind.lock) check with
an RPC call to ypbind's NULLPROC procedure, but if the flock() of
the binding file doesn't pan out we're going to try to talk to
ypbind later anyway. *sigh* Is NFS file locking ever going to work?)
broken. The translation from network number to ASCII string was not
working correctly (you would sometimes get things like 0.244.0.0 instead
of 244.0.0).
Also copied results of yp_match() to a static buffer for consistency
with gethostbynis.c.
Note: _getnetbynisaddr() chops off trailing .0's, i.e. 244.0.0 is
truncated to 244. By contrast, getnetbyht.c code (for local /etc/networks
lookups) leaves the traling .0's in place. This means that the NIS
and local file lookups will match different things when looking up the
same network number. I'm not sure which is the correct behavior. (I
think the DNS lookup code tries all combinations -- should the NIS
and local host lookup routines do that too?)
the precision; ANSI X3J11 is not crystal clear but certainly says
that the precision specifies the number of /digits/, and signs
and "0x" aren't really digits.
NetBSD already has a similar patch.
of a successful map retrieval. (This has to do with a previous change
to xdr_ypresp_all_seq() and ypxfr_get_map(); originally, yp_all()
would look for a return value of YP_FALSE to signal success, but now
it should be looking for YP_NOMORE. It should not be passing YP_NOMORE
back up to the caller though.)
Noticed by: <aagero@aage.priv.no>
There is also another small bug here, which is that the call to
xdr_free() that happens immediately after the clnt_call() in yp_all()
clobbers the return status value. I've worked around this for now,
but I think the xdr_free() is actually bogus and should be removed.
I want to check some more before I do that though.
a machine with aliase ip addresses on the same subnet of an
interfaces' `real' ip addresses would generate <n> duplicate
broadcasts in clnt_broadcast().
Basically, this fix does a purge on the list of bradcast addresses.
- Fix problem described in PR #1079: _gethostbynisaddr() doesn't
work. Make it accept the same arguments as all the other
gethostby*addr() functions and properly convert the supplied IP
address into a text string so that yp_match() can find it in the
hosts.byaddr map.
- Also fix potential memory leak: copy the results of yp_match() to
a static buffer and free the result (yp_match() returns dynamically
allocated memory).
ether_addr.c:
- Since I was in the neighborhood, fix ether_ntohost() and
ether_hostton() so that they don't bogusly for a free(result)
when yp_match() fails.
matter much on some systems, but on ftp servers (like wcarchive) where
you run with special stripped group and pwd.db files in the anonymous
ftp /etc, this can be a major speedup for ls(1).
ss_flags to SS_DISABLE and SS_ONSTACK. SA_ONSTACK is still used in
struct sigaction. Nowhere in our entire source tree could I find a
single place these were used.
reconnect once using the saved openlog() parameters.
This helps one of the system startup race conditions. If syslogd takes too
long to get going, some daemons can fail the connection and forever log
to the console even though the syslogd is running. That is ..unfortunate..
the statically compiled PS_STRINGS and USRSTACK variables. This prevents
programs using setproctitle from coredumping if the kernel VM is increased,
and stops libkvm users (w, ps, etc) from needing to be recompiled if only
the VM layout changes.
explicit that it is global to the entire "session", and that setsid() or
daemon() are need to have been called at some point.
The most notable offender of setlogin() misuse is XFree86's xdm.
for "fts_open" was wrong. Also, the "fts_info" field of the FTSENT
structure was misleadingly described as containing "flags". Actually, it
contains a single integer value.
in the main text of various man pages.
Thanks to Warner Losh for adding an option to manck to allow
it to scan the entire man page looking for bogus xrefs, instead
of just checking the SEE ALSO section.
resides in read-only memory is going to cause the program to core dump,
and this is commmon with older pre-ANSI C programs.
(I've scratched my head over this one at 3 in the morning before
while trying to port some ancient program)
Suggested by: Gary Kline <kline@tera.com>
Also corrected a few minor formatting errors, file location and cross
references in some of the section 3 man pages.
This shuts up a lot of the output from "manck" for section 3.
Install (optional) libutil.h with prototypes for the functions and
document this in the man page.
minor cleanups to the various routines, include the prototype file, declare
return codes etc.
of signals. Signals are now properly caught, tty state is being
restored, and the previous sigaction triggered. Upon receipt of a
sigcont, echo is turned off again.
SIGTSTP causes a buffer flush, the man page mentions this. (Although
i rather think of it as a feature than a bug.)
This is likely to be my last FreeBSD action for 1995, xearth shows
me that our .au guys must already write 1996. :-)
looking at a high resolution clock for each of the following events:
function call, function return, interrupt entry, interrupt exit,
and interesting branches. The differences between the times of
these events are added at appropriate places in a ordinary histogram
(as if very fast statistical profiling sampled the pc at those
places) so that ordinary gprof can be used to analyze the times.
gmon.h:
Histogram counters need to be 4 bytes for microsecond resolutions.
They will need to be larger for the 586 clock.
The comments were vax-centric and wrong even on vaxes. Does anyone
disagree?
gprof4.c:
The standard gprof should support counters of all integral sizes
and the size of the counter should be in the gmon header. This
hack will do until then. (Use gprof4 -u to examine the results
of non-statistical profiling.)
config/*:
Non-statistical profiling is configured with `config -pp'.
`config -p' still gives ordinary profiling.
kgmon/*:
Non-statistical profiling is enabled with `kgmon -B'. `kgmon -b'
still enables ordinary profiling (and distables non-statistical
profiling) if non-statistical profiling is configured.
is really necessary. Going backwards on a P6 is much slower than forwards
and it's a little slower on a P5. Also moved the count mask and 'std'
down a few lines - it's a couple percent faster this way on a P5.
replace the dozen other various hacks in the code that do all sorts
of crude things including spamming the envrionment strings with the new
argv string.
This version is mainly inspired by the sendmail version, with a couple of
ideas taken from the NetBSD implementation as well.
XDR routines auto-generated by rpcgen don't quite match the format of
the original ones even though tey have the same names (that was one of
the things wrong with the old XDR routines).
rpcgen-erated on the fly (just like librpcsvc).
Makefile: Add rule for generating yp_xdr.c and yp.h.
xdryp.c: gut everything except the special ypresp_all XDR function
needed to to handle yp_all() (this one can't be created on
the fly), and xdr_datum(), which isn't used internally by
libc, but which as documented as being there in yp_prot.h,
so what the hell. We now get everything else from yp_xdr.c.
yplib.c: change a few structure member names to match those found in
yp.h instead of those declared in yp_prot.h.
via mmap() up around the shared library area. Previously the directory
was allocated from space from it's own memory pool. Because of the way it
was being extended on processes with large malloced data segments (ie: inn)
once the page directory was extended for some reason, it was not possible
to lower the heap size any more to return pages to the OS.
(If my understanding is correct, page directory expansion occurs at 4MB,
12MB, 20MB, 28MB, etc.) I was seeing INN allocate a large amount of short
term memory, pushing it over the 28MB mark, and once it's transient demands
hit 28MB, it never freed it's pages and swap space again.)
I've been running this in my libc for about a month...
Also, seperate MALLOC_STATS from EXTRA_SANITY.. I found it useful to call
malloc_dump() from within INN from a ctlinnd command to see where the hell
all the memory was going.. :-) I've left MALLOC_STATS enabled, as it has
no run-time or data storage cost.
Reviewed by: phk
it before before trying to establish a binding. If /var/run/ypbind.lock
doesn't exist, or if it exists and isn't locked, then ypbind isn't
running, which means NIS is either turned off or hosed.
- Have _yp_check() call yp_unbind() after it sucessfully calls yp_bind()
to make sure it frees resources correctly. (I don't think there's really
a memory leak here, but it seems somehow wrong to call yp_bind() without
making a corresponding call to yp_unbind() afterwards.)
This makes the NIS code behave a little better in cases where libc makes
calls to NIS, but it isn't running correctly (i.e. there's no ypbind).
This cleans up some strange libc behavior that manifests itself if
you have the system domain name set, but aren't actually running NIS.
In this event, the getrpcent(3) code could try to call into NIS and
cause several inexplicable "clnttcp_create error: RPC program not
registered" messages to appear. This happens because _yp_check() checks
if the system domain name is set and, if it is, proceeds to call
yp_bind() to attempt to establish a binding. Since there is no
binding file (remember: ypbind isn't running, so /var/yp/binding
will be empty), _yp_dobind() will attempt to contact ypbind to
prod it into binding the domain. And because ypbind isn't running,
the code generates the 'clnttcp_create' error. Ultimately the
_yp_check() fails and the getrpcent(3) code rolls over to the /etc/rpc
file, but the error messages are annoying, and the code should be
smart enough to forgo the binding attempt when NIS is turned off.
both call getservent() to do most of the work, so we only need to modify
this file to take care of everybody).
Note that there is only one NIS services map (services.byname) even
though there are getservbyname() and getservbyport() library functions.
but a commit mail got lost, it's the same as for this commit:
lib/libc/gen confstr.c crypt.c disklabel.c fstab.c getcap.c
getgrent.c getgrouplist.c getpass.c getpwent.c
initgroups.c nlist.c psignal.c pwcache.c setmode.c
sleep.c sysconf.c sysctl.c syslog.c usleep.c
lib/libc/locale none.c read_runemagi.c setlocale.c
lib/libc/net gethostbydns.c getnetbydns.c getnetbynis.c
lib/libc/nls msgcat.c
lib/libc/quad Makefile.inc
lib/libc/regex engine.c regcomp.c regerror.c
Minor cleanup, mostly unused vars and missing #includes.
Limit the number of quad functions we pull in for 'i386'.
I still belive the quad stuff should go back into gcc.
Add compile-time warnings about crypt functions.
- Fix buffer overflow problem once and for all: do away with the buffer
copies to 'user' prior to calling _scancaches() and just pass a pointer
to the buffer returned by yp_match()/yp_first()/yp_next()/whatever.
(We turn the first ':' to a NUL first so strcmp() works, then change it
back later. Submitted by Bill Fenner <fenner@parc.xerox.com> and
tweaked slightly by me.
- Give _pw_breakout_yp() the 'more elegant solution' I promised way back when.
Eliminate several copies to static buffers and replace them with just
one copy. (The buffer returned by the NIS functions is at most
YPMAXRECORD bytes long, so we should only need one static buffer of
the same length (plus 2 for paranoia's sake).)
- Also in _pw_breakout_yp(): always set pw.pw_passwd to the username
obtained via NIS regardless of what pw_fields says: usernames cannot
be overridden so we have no choice but to use the name returned by
NIS.
- _Again_ in _pw_breakout_yp(): before doing anything else, check that
the first character of the NIS-returned buffer is not a '+' or '-'.
If it is, drop the entry. (#define EXTRA_PARANOIA 1 :)
- Probe for the master.passwd.* maps once during __initdb() instead
of doing it each time _getyppass() or _nextyppass() is called.
- Don't copy the NIS data buffers to static memory in _getyppass()
and _nextyppass(): this is done in _pw_breakout_yp() now.
- Test against phkmalloc and phkmalloc/2 (TNG!) to make sure we're
free()ing the yp buffers sanely.
- Put _havemaster(), _getyppass() and nextyppass() prototypes under
#ifdef YP. (Somehow they ended up on the wrong side of the #endif.)
- Remove unused variable ___yp_only.
- In some cases, we don't properly resolve _all_ possible group memberships.
If a user is a member of both local and NIS groups, we sometimes lose some
of the membership info from NIS. (Reported by: Thorsten Kukuk
<kukuk@uni-paderborn.de>)
- Make NIS +groupname overrides actually work the way the SunOS group(5)
man page says they should (make them work for all cases: getgrent(),
getgrnam() and getgrgid()).
- When not compiled with -DYP, grscan() should ignore entries that
begin with a '+'. When compiled _with_ -DYP, grscan() should ignore
+groupname entries that don't refer to real NIS groups.
- Remove redundant redeclaration of fgets(), strsep() and index() inside
grscan(). We already #include all the right header files for these.
Note: -groupname exclusion as specified in the Sun documentation still
isn't supported. This'll be a 2.2 addition. Right now I just want this
stuff to work.
What was happening, is if syslogd was not running, syslog() would do
a strcat("\r\n") on a non-null-terminated buffer, and write it to the console.
This meant that sometimes extra characters could be written to the console
during boot, depending on the stack contents.
This totally avoids the potential problem by using writev() like the rest
of the does, and avoid modifying the buffer after the trouble we've gone to
to carefully protect it.
This is actually a trivial fix, in spite of the long commit message.. :-)
It only appeared during boot and shutdown with syslogd stopped.
running on a tty. (Same as isatty()) The old-style TIOCGETP ioctl
wouldn't fly if the kernel didn't have COMPAT_43.
Submitted by: Carl Fongheiser <cmf@netins.net>
Performance is comparable to gnumalloc if you have sufficient RAM, and
it screams around it if you don't.
Compiled with "EXTRA_SANITY" until further notice.
see malloc.3 for more details.
control hooks.
It is similar to an unrolled multi-part snprintf(), in that a "FILE *" is
attached to a string buffer. There is also an optimisation for the case
where the syslog format string does not contain %m, which should improve
performance of "informational" logging, like from ftpd.
the group map after encountering a badly formatted entry.
getpwent.c: same as above for _nextyppass(), and also turn a couple of
sprintf()s into snprintf()s to avoid potential buffer overruns. (The
other day I nearly went mad because of a username in my NIS database
that's actually 9 characters long instead of 8. Stuffing a 9-character
username into an 8-character buffer can do some strange things.)
(This reminds me: I hope somebody's planning to fix the buffer overrun
security hole in syslog(3) before 2.1 ships.)
on, which is fine, except that _yp_dobind() is called before we check
the cache. The means we can return from the cache check (if we have
a hit) without calling _yp_unbind().
We should do the cache check first and _then_ drop into the section
that binds the server and does the yp_match query.
seperate function to avoid duplication. Also fix getpwent() a
small bit to properly handle the case where the magic NIS '+'
entry appears before the end of the password file.
getgrent.c: be a little more SunOS-ish. Make it look like the NIS
group map is 'inserted' at the the point(s) where the magic NIS '+'
entry/entries appear.
getgrent: fix a file descriptor leak: remember to close the netgroup
file after we determine that we're using NIS-only innetgr() lookups.
Since Bruce changed the #include <res_config.h> to #include "res_config.h"
this is no longer needed, and only makes the 'make' more verbose for
no real reason.
Note that this was done by selective patching from diffs, to not conflict
with the 4.4bsd base code.. This was *not* a trivial task.. I have been
testing this code (apart from cosmetic changes) in my libc for a while now.
Obtained from: Paul Vixie <paul@vix.com>
/usr/include/ufs/ufs/quota (#include <ufs/ufs/quota.h>) that seems to work
ok though.
Closes PR # docs/670: quotactl man page incorr...
Submitted by: evans@scnc.k12.mi.us (Jeffrey Evans)
Fix for PR #510. The original problem was that __ivaliduser() was
failing to grant access to a machine listed in a +@netgroup specified
in /etc/hosts.equiv, even though the host being checked was most
certainly in the +@netgroup.
The /etc/hosts.equiv file in question looked like this:
localhost
+@netgroup
The reason for the failure was had to do with gethostbyaddr(). Inside
the __ivaliduser() routine, we need to do a gethostbyaddr() in order
to get back the actual name of the host we're trying to validate since
we're only passed its IP address. The hostname returned by gethostbyaddr()
is later passed as an argument to innetgr(). The problem is that
__icheckhost() later does a gethostbyname() of its own, which clobbers
the buffer returned by gethostbyaddr().
The fix is just to copy the hostname into a private buffer and use
_that_ as the 'host' argument that gets passed to innetgr().
And here I was crawling all over the innetgr() code thinking the
problem was there. *sigh*
bump it again if something else is added before 2.2.
The xdr_* functions are enabled only in the 2.2 (-current) branch
so far. If that modification is moved to the 2.1 (-stable) branch,
this one should, too.
Reviewed by: the mailing lists
- getnetgrent.c: address some NIS compatibility problems. We really need
to use the netgroup.byuser and netgroup.byhost maps to speed up innetgr()
when using NIS. Also, change the NIS interaction in the following way:
If /etc/netgroup does not exist or is empty (or contains only the
NIS '+' token), we now use NIS exclusively. This lets us use the
'reverse netgroup' maps and is more or less the behavior of other
platforms.
If /etc/netgroup exists and contains local netgroup data (but no '+').
we use only lthe local stuff and ignore NIS.
If /etc/netgroup exists and contains both local data and the '+',
we use the local data nd the netgroup map as a single combined
database (which, unfortunately, can be slow when the netgroup
database is large). This is what we have been doing up until now.
Head off a potential NULL pointer dereference in the old innetgr()
matching code.
Also fix the way the NIS netgroup map is incorporated into things:
adding the '+' is supposed to make it seem as though the netgroup
database is 'inserted' wherever the '+' is placed. We didn't quite
do it that way before.
(The NetBSD people apparently use a real, honest-to-gosh, netgroup.db
database that works just like the password database. This is
actually a neat idea since netgroups is the sort of thing that
can really benefit from having multi-key search capability,
particularly since reverse lookups require more than a trivial
amount of processing. Should we do something like this too?)
- netgroup.5: document all this stuff.
- rcmd.c: some sleuthing with some test programs linked with my own
version of innetgr() has revealed that SunOS always passes the NIS
domain name to innetgr() in the 'domain' argument. We might as well
do the same (if YP is defined).
- ether_addr.c: also fix the NIS interaction so that placing the
'+' token in the /etc/ethers file makes it seem like the NIS
ethers data is 'inserted' at that point. (Chances are nobody will
notice the effect of this change, which is just te way I like it. :)
specified in the top level Makefiles.
Previously I missed dozens of Makefiles that skip the install after
using `cmp -s' to decide that the install isn't necessary.
changeover, so we have to extend the format of timezone files (in a backward-
compatible way, of course). This probably means that libc needs a minor
version number bump before 2.2 is released (or maybe not).
by me). This probably loses for multibyte characters, but I have no
way of telling. I'll let ache decide whether to add this support to
startup_setlocale. Note that for this to make any sense at all, the
symlinks in /usr/share/locale must go. (For the moment, this doesn't
make any difference since there are no locales supplied.)
Obtained from: Arthur David Olson <ado@elsie.nci.nih.gov>
Back out the 'help NIS rebind faster' hack. This change used a
connect()/send() pair rather than the original sendto() to allow
RPC to pass ICMP host unreachable and similar errors up to RPC
programs that use UDP. This is not a terrible thing by itself, but it can
cause trouble in environments with multi-homed hosts: if the portmapper
on the multi-homed machine sends a reply with a source address
that's different than the one associated with the connection by
connect(), the kernel will send a port unreachable message and
drop the reply. For the sake of compatibility with everybody else
on the planet, it's best to revert to the old behavior.
*long, heavy sigh*
like 38400<any 8bit char, isalpha> it not detect this stuff and
produce very big number instead. Fixed by operating with unsigned char
and checking for isascii. (secure/telnetd hits by it f.e.)
the comment before checking for long lines, so there was a possibility
that the wrap-around might be used as an exploitable hostname.
Reviewed by:
Submitted by:
Obtained from:
Strange as it sounds, it should map to YPERR_DOMAIN instead.
The YP_NODOM protocol error code is generally returned by ypserv when you
ask it for data from a domain that it doesn't support. By contrast,
the YPERR_NODOM error code means 'local domain name not set.'
Consequently, this incorrect mapping leads to yperr_string() generating
a very confusing error message. YPERR_DOMAIN says 'couldn't
bind to a server which serves this domain' which is much closer
to the truth.
_gr_breakout_yp(): if we encounter a NULL pointer generated as the
result of a badly formatted NIS passwd entry (e.g. missing fields),
we punt and return an error code, thereby silently skipping the
bad entry.
last night:
_gr_breakout_yp() doesn't check for badly formatted NIS group entries.
For example, a bogus entry like this:
bootp::user1,user2,user3
will lead to a null pointer dereference and a SEGV (note that the GID
field is missing -- this results in one of the strsep(&result, ":")
returning NULL). The symtpom of this problem is programs dumping
core left and right the moment you add a + entry to /etc/group.
Note that while this is similar to an earlier bug, it's caused by a
different set of circumstances.
The fix is to check for the NULL pointers and have _gr_breakout_yp()
punt and return a failure code if it catches one. This is more or
less the behavior of SunOS: if a bad NIS group entry is encountered,
it's silently ignored. I don't think our standard (non-NIS) group
parsing code behaves the same way. It doesn't crash though, so I'm
citing the 'it ain't broken, don't fix it' rule and leaving it alone.
I'll probably have to add similar checks to _pw_breakout_yp() in
getpwent.c to ward off the same problems. It's rare that bad NIS
map entries like this occur, but we should handle them gracefully
when they do.
'cycle in netgroup check too greedy').
PR #508 is apparently due to an inconsistency in the way the 4.4BSD
netgroup code deals with bad netgroups. When 4.4BSD code encounters
a badly formed netgroup entry (e.g. (somehost,-somedomain), which,
because of the missing comma between the '-' and 'somedomain,' has
only 2 fields instead of 3), it generates an error message and
then bails out without doing any more processing on the netgroup
containing the bad entry. Conversely, every other *NIX in the world
that usees netgroups just tries to parse the entry as best it can
and then silently continues on its way.
The result is that two bad things happen: 1) we ignore other valid entries
within the netgroup containing the bogus entry, which prevents
us from interoperating with other systems that don't behave this way,
and 2) by printing an error to stderr from inside libc, we hose certain
programs, in this case rlogind. In the problem report, Bill Fenner
noted that the 'B' from 'Bad' was missing, and that rlogind exited
immediately after generating the error. The missing 'B' is apparently
not caused by any problem in getnetgrent.c; more likely it's getting
swallowed up by rlogind somehow, and the error message itself causes
rlogind to become confused. I was able to duplicate this problem and
discovered that running a simple test program on my FreeBSD system
resulted in a properly formatted (if confusing) error, whereas triggering
the error by trying to rlogin to the machine yielded the missing 'B'
problem.
Anyway, the fixes for this are as follows:
- The error message has been reformatted so that it prints out more useful
information (e.g. Bad entry (somehost,-somedomain) in netgroup "foo").
We check for NULL entries so that we don't print '(null)' anymore too. :)
- Rearranged things in parse_netgrp() so that we make a best guess at
what bad entries are supposed to look like and then continue processing
instead of bailing out.
- Even though the error message has been cleaned up, it's wrapped inside
a #ifdef DEBUG. This way we match the behavior of other systems. Since we
now handle the error condition better anyway, this error message becomes
less important.
PR #507 is another case of inconsistency. The code that handles
duplicate/circular netgroup entries isn't really 'too greedy; -- it's
just too noisy. If you have a netgroup containing duplicate entries,
the code actually does the right thing, but it also generates an error
message. As with the 'Bad netgroup' message, spewing this out from
inside libc can also hose certain programs (like rlogind). Again, no
other system generates an error message in this case.
The only change here is to hide the error message inside an #ifdef DEBUG.
Like the other message, it's largely superfluous since the code handles
the condition correctly.
Note that PR #510 (+@netgroup host matching in /etc/hosts.equiv) is still
being investigated. I haven't been able to duplicate it myself, and I
strongly suspect it to be a configuration problem of some kind. However,
I'm leaving all three PRs open until I get 510 resolved just for the
sake of paranoia.
ypbind.c:
Make fewer assumtions about the state of the dom_alive and dom_broadcasting
flags in roc_received().
If select() fails, use syslog() to report the error rather than perror().
Check that all our malloc()s succeed. Report malloc() failure in
ypbindproc_setdom_2() to callers.
yplib.c:
Use #defined constants in ypbinderr_string() rather than hard-coded values.
- If you take the wheel entry out of /etc/group and turn on NIS,
the '+:*::' line is incorrectly flagged as the entry for wheel (the
empty gid section is translated to 0), hence getgrgid() returns '+'
as the name of the group instead of 'wheel.'
- Using just '+:' as the 'turn on NIS' switch in /etc/group makes
getgrgid() dump core because of a null pointer dereference. (Last
time I was in here, I foolishly assumed that fixing the core dump
problems with getgrnam() and getgrent() would fix getgrgid() too.
Silly me.)
- Moved to a more client-driven model. We aggressively attempt to keep
the default domain bound (as before) but we give up on non-default
domains if we lose contact with a server and fail to get a response
after one round of broadcasting. This helps drastically reduce the
amount of network bandwitdh that ypbind consumes: if a client references
the secondary domain at some later point, this will prod ypbind into
establishing a new binding anyway, so continuously broadcasting without
need is pointless.
Note that we still actively seek out a binding for our default domain
even if no client program has queried us yet. I'm not exactly sure if
this matches SunOS's behavior or not, but I decided to do it this way
since we can get into all sorts of trouble if our default domain comes
unbound. Even so, we're still much quieter than we used to be.
- Removed a bunch of no-longer pertinent comments and a couple of
chunks of #ifdef 0'ed code that no longer fit in to the new layout.
- Theo deRaadt must have become frustrated with the callback mechanism
in clnt_broadcast(), because he shamelessly stole the clnt_broadcast()
code right out of the RPC library and hacked it up to suit his needs.
(Comments and all! :)
I can understand why: clnt_broadcast() blocks while awaiting replies.
Changing this behavior requires surgery. However, you can work around
this: fork the broadcast into a child process and relay the results
back to the parent via a pipe. (Careful obervation has shown that the
SunOS ypbind forks children for broadcasting too, though I can only
guess what sort of interprocess communication it uses. pipe() seems to
do the job well enough.)
This may seem like the long way around, but it's not really that
hard to implement, and I'd prefer to use documented RPC library functions
wherever possible. We're careful to limit the number of simultaneous
broadcasters to avoid swamping the system (the current limit is 5).
Each clnt_broadcast() call only sends out a small number of packets
at increasing intervals. We're also careful not to spawn more than one
bradcaster for a given domain.
- Used clntudp_bufcreate() and clnt_call() to implement a ping()
function for directly querying a particular server so that we can
check if it's still alive. This lets me completely remove the old
bradcasting code and use actual RPC library calls instead, at the
cost of more than a few handfulls of torn-out hair. (Make no mistake
folks: I *HATE* RPC.) Currently, the ping interval is one minute.
- Fixed another potential 'nfds too big for select()' bug: use
_rpc_dtablesize() instead of getdtablesize().
- Quieted gcc -Wall a bit.
- Probably a bunch of other stuff that I've forgotten.
ypbind.8:
- Updated man page to reflect modifications.
ypwhich.c:
- Small mind-o fix from last time: decode error results from
ypbind correctly (*groan*)
yplib.c:
- same as above
- Change behavior of _yp_dobind() a little: if we get back a 'Domain
not bound' error for a given domain, retry a few times before giving
up and passing the error back to the caller. We have to sleep for a
few seconds between tries since the 'Domain not bound' error comes
back immediately (by repeatedly looping, we end up pounding on ypbind).
We retry at most 20 times at 5 second intervals. This gives us a full
minute to get a response. This seems to deviate a bit from SunOS
behavior -- it appears to wait forever -- but I don't like the idea
of perpetually hanging inside a library call.
Note that this should fix the problems some people have with bindings
not being established fast enough at boot time; sometimes amd is started
in /etc/rc after ypbind has run but before it gets a binding set up. The
automounter gets annoyed at this and tends to exit. By pausing ther YP
calls until a binding is ready, we avoid this situation.
- Another _yp_dobind() change: if we determine that our binding files
are unlocked or nonexistent, jump directly to code that pokes ypbind
into restablishing the binding. Again, if it fails, we'll time out
eventually and return.
ypbind.c: if a client program asks ypbind for the name of the server
for a particular domain, and there isn't a binding for that domain
available yet, ypbind needs to supply a status value along with its
failure message. Set yprespbody.ypbind_error before returning from
a ypbindproc_domain request.
yplib.c: properly handle the error status messages ypbind now has the
ability to send us. Add a ypbinderr_string() function to decode the
error values.
ypwhich.c: handle ypbind errors correctly: yperr_string() can't handle
ypbind_status messages -- use ypbinderr_string instead.
- it succeeded on non-directories (see POSIX 5.1.2.4).
- it hung on (non-open) named pipes.
- it leaked memory if the second malloc() failed.
- it didn't preserve errno across errors in close().
of the plus or minus lists at all, reject him. This lets you create
a +@netgroup list of users that you want to admit and reject everybody
else. If you end your +@netgroup list with the wildcard line
(+:::::::::) then you'll have a +@netgroup list that remaps the
specified people but leaves people not in any netgroup unaffected.
where one or more of the non-default domains are not yet bound.
If we make a YP request for a domain other than the default domain,
and there is no binding for the new domain yet, _yp_dobind() sees
that the /var/yp/binding/DOMAIN.VERS file for the unbound domain is
not locked (by ypbind) and from this it concludes that the NIS system
is dead, so it gives up.
This behavior has been changed: before giving up in this case, we now
make a second check to see if the binding file for the *default* domain
is also not locked. Only if the default domain binding file is also
unlocked to we now assume that ypbind has bought the farm and bail out.
(Note: this assumes that the user hasn't changed the default domain
while ypbind is running.)
With this change, _do_ypbind() is allowed to proceed into the next
section of code wherein it prods ypbind into establishing a binding
for the new domain. This first call times out after ten seconds,
after which it should retry and succeed. From then on, the binding
for the second domain should be handled normally.
isctype.c:
o The tolower() and toupper() functions duplicated too much code
and were out of date (surprise). This didn't matter because
it was difficult to call them.
o Change formatting to be more like that in <ctype.h> (with
extra parentheses as in the macros). Perhaps this file should
be machine generated or everything should be handled like
__tolower() so that no code is repeated.
nomacros.c:
o Instead of looking at _USE_CTYPE_INLINE_ to see what <ctype.h>
has done, set _EXTERNALIZE_CTYPE_INLINES_ to tell <ctype.h>
what to do, so that we don't have anything left to do. Note
that code is now generated even if inlines are used by default.
This allows users to switch to non-inline versions.
select() returns EINVAL if you try to feed it a value of FD_SETSIZE greater
that 256. You can apparently adjust this by specifying a larger value of
FD_SETSIZE when configuring your kernel. However, if you set the maximum
number of open file descriptors per process to some value greater than
the FD_SETSIZE value that select() expects, many selects() within the RPC
library code will be botched because _rpc_dtablesize() will return
invalid numbers. This is to say that it will return the upper descriptor
table size limit which can be much higher than 256. Unless select() is
prepared to expect this 'unusually' high value, it will fail. (A good
example of this can be seen with NIS enabled: if you type 'unlimit' at
the shell prompt and then run any command that does NIS calls, you'll
be bombarded with errors from clnttcp_create().)
A temporary fix for this is to clamp the value returned by _rpc_dtablesize()
at FD_SETSIZE (as defined in <sys/types.h> (256)). I suppose the Right
Thing would be to provide some mechanism for select() to dynamically
adjust itself to handle FD_SETSIZE values larger than 256, but it's a
bit late in the game for that. Hopefully 256 file descriptors will be enough
to keep RPC happy for now.
add #includes for YP headers when compiling with -DYP to avoid some implicit
declarations.
getgrent.c & getnetgrent.c: add some #includes to avoid implicit declarations
of YP functions.
Obtained from: Casper H. Dik (by vay of Usenet)
Small patch to help improve NIS rebinding times (among other things):
>From: casper@fwi.uva.nl (Casper H.S. Dik)
>Newsgroups: comp.sys.sun.misc,comp.sys.sun.admin
>Subject: FIX for slow rebinding of NIS.
>Summary: a small change in libc makes life with NIS a lot easier.
>Message-ID: <1992Jan17.173905.11727@fwi.uva.nl>
>Date: 17 Jan 92 17:39:05 GMT
>Sender: news@fwi.uva.nl
>Organization: FWI, University of Amsterdam
>Lines: 138
>Nntp-Posting-Host: halo.fwi.uva.nl
Have you been plagued by long waits when your NIS server is rebooted?
READ ON!
Sun has a patch, but the README says:
********************* WARNING ******************************
This is a new version of ypbind that never uses the NIS
binding file to cache the servers binding. This will have
the effect of fixing the current symptom. However, it might
degrade the overall performance of the system when the
server is available. This is most likely to happen on an
overloaded server, which will cause the network to produce
a broadcast storm.
*************************************************************
Therefor, I have produced another fix.
o What goes wrong.
When the NIS server is rebooted, ypserv will obtain different ports
to listen for RPC requests. All clients will continue to use the old
binding they obtained earlier. The NIS server will send ICMP dst unreachable
messages for the RPC requests that arrive at the old port. These ICMPs
are dropped on the floor and the client code will continue sending the
requests until the timer has expired. The small fix at the end of this
message will pick up these ICMP messages and deliver them to the RPC layer.
o Before and after.
I've tested this on some machines and this is the result:
(kill and restart ypserv on the server)
original% time ypmatch user passwd
user:....
0.040u 0.090s 2:35.64 0.0% 0+126k 0+0io 0pf+0w (155 seconds elapsed time)
fixedhost% time ypmatch user passwd
user:....
0.050u 0.050s 0:10.20 0.9% 0+136k 0+0io 0pf+0w (10 seconds elapsed time)
Rebinding is almost instantaneous.
o Other benefits.
RPC calls that use UDP as transport will no longer time out but
will abort much sooner. (E.g., the remote host is unreachable or
111/udp is filtered by an intermediate router)
Grrr. If the dbhash routines weren't grossly overengineered I wouldn't
even need to do this! :-(
Also now export the hash_stats routine. Manpage coming RSN - I promise.
Make sure all arguments to the yp_*() functions are valid before sending
them off to the server. This is somewhat distressing: once again my
FreeBSD box brought down my entire network because of NIS bogosities.
I *think* the poor argument checking in this module is the cause, but
I still haven't been able to reproduce the exact series of events that
lead to the ypserv crashes. For now I've resorted to sticking my FreeBSD
box in a seprate domain. Hopefully a weekend of heavy testing will
uncover the problem.
Change strtok() to strsep(), cause memory corruption for all
programs which use strtok() too in the same time.
Fix potential NULL reference, depends of /etc/hosts.conf format
Fix the bug when service name fetched always from beginning of the line,
not from parsed token.
programs which use strtok() too in the same time.
Fix potential NULL reference, depends of /etc/hosts.conf format
Fix the bug when service name fetched always from beginning of the line,
not from parsed token.
remapping mechanism in the following manner: if given an entry +@foo
and there is no netgroup named 'foo,' try searching for a regular
user group called 'foo' and build the cache using the members of
group 'foo' instead. If both a netgroup 'foo' and a user group 'foo'
exist, the 'foo' netgroup takes precedence, since we're primarily
interested in netgroup matching anyway.
This allows access control schemes based on ordinary user groups
(which are also available via NIS) rather than netgroups, since
netgroups on some systems are limited in really brain-damaged ways.
ypserv to do a yp_match() with an a null or empty key causes much havok.
(Note that this could be construed as a denial of service attack if used
maliciously.)
my network because setnetgrent() was trying to do a lookup on group "".
It seems that an attempt to do a yp_match() (and possible yp_next())
on a null or empty key causes Sun's ypserv in SunOS 4.1.3 to exit
suddenly (and without warning). Our ypserv behaves badly in this
situation too, thoush it doesn't appear to crash. In any event, getpwent,
getnetgrent and yp_match() and yp_next() are now extra careful not to
accidentally pass on null or empty arguments.
Also made a small change to getpwent.c to allow +::::::::: wildcarding,
which I had disabled previously.
- Have the +@netgroup/-@netgroup caches handle the +user/-user cases too.
- Clean up getpwent() to take advantage of the improved +user/-user handling.
Submitted by: Sebastian Strollo <seb@erix.ericsson.se>
- In /usr/src/lib/libc/yp/yplib.c, function yp_first when clnt_call
fails with (r != RPC_SUCCESS) ysd->dom_vers should be set to 0! This
ensures that /var/yp/bindings/dom.vers will be read again on retry.
What happens now is that when our server is down and someone tries to
use yp they will continue to try until kingdom come. So:
if(r != RPC_SUCCESS) {
clnt_perror(ysd->dom_client, "yp_first: clnt_call");
ysd->dom_vers = -1;
^^^^ change to 0
goto again;
}
that everyone else does: you can now use +host/-host, +user,-user and
+@netgroup/-@netgroup in /etc/hosts.equiv, /.rhosts, /etc/hosts.lpd and
~/.rhosts. Previously, __ivaliduser would only do host/user matches,
which was lame. This affects all the r-commands, lpd, and any other
program/service that uses ruserok().
An example of the usefullness of this feature would be a hosts.equiv
file that looks like this:
+@equiv-hosts
Since the netgroup database can now be accessed via NIS, this lets you
set up client machines once and then never have to worry about them
again: all hosts.equiv changes can now be done through NIS. Once I
finish with getpwent.c, we'll be able to do similar wacky things
with login authentication too. (Our password field substitution
will finally be on par with everyone else's, and I'll finally be
able to fully integrate my FreeBSD machine into my network without
having to worry about the grad students sneaking into it when I'm
not looking. :)
Danger Will Robinson! I tested this thing every which way I could, but
Murphy's Law applies! If anybody spots a potential security problem with
the way my matching algorithm works, tell me immediately! I don't want
crackers snickering and calling me names behind my back. :)
work because parse_netgrp() doesn't recurse properly. Fixed by
changing
if (parse_netgrp(spos))
return(1);
to
if (parse_netgrp(spos))
continue;
inside parse_netgrp(). (Lucky for me I happen to have a fairly complex
'live' netgroup database to test this stuff with.)
- Added support for reading netgroups from NIS/YP in addition to the
local /etc/netgroups file. (Note that SunOS and many other systems only
support reading netgroups via NIS, which is a bit odd.)
- Fix Evil Null Pointer Dereferences From Hell (tm) that caused
parse_netgrp() to SEGV when expanding netgroups that include
references to other netgroups. Funny how nobody else noticed this.
This is the first step in implimenting +@netgroup substitution in
getpwent.c and any other places that could use it and don't already
support it (which is probably everywhere).
by heading off possible null pointer dereferences in grscan(). Also
change getgrnam() slightly to properly handle the change: if grscan()
returns an rval of 1 and leaves a '+' in the gr_name field and YP is
enabled, poll the YP group.byname map before giving up. This should
insure that we make every effort to find a match in the local and
YP group databases before bailing out.
commit by bde.
Fix bugs in floating point formatting. The 4.4lite version is similar
to revision 1.3 in old-cvs and is missing all of jtc's fixes in revision
1.4 in old-cvs. Revision 1.2 in ncvs fixed one of the old bugs but
introduced at least one new one (for %.0e).
old-cvs log:
revision 1.4
date: 1993/11/04 19:38:22; author: jtc; state: Exp; lines: +33 -20
My work from NetBSD to make printf() & friends ANSI C compliant.
Fixes several bugs in floating point formatting:
1. Trailing zeros were being stripped with %e format.
2. %g/%G formats incorrect.
3. Lots of other nits.
the copy built from here was overwritten by the other copy and the other
copy was put in library-building command lines twice. ld now objects to
duplicated modules.
from the code in strftime.c . This affects both the library code
and all the commands using it (e.g. date +%s).
Note that %s is not required by ANSI, but we've already got it in 1.1.5.1.
Suggested by: luigi@labinfo.iet.unipi.it (Luigi Rizzo)
in an (unlikely) border case (maxgroups==1 and the user is on
an /etc/group line for the same group and that group only ...).
Now this case is dealt with as before ...
Add a missing apostrophe that suggests inverting the frequency to get
tick size. It read better before because `CLK_TCK' suggests a tick
size although it is actually a frequency.
as an NIS client. The pw_breakout_yp routines that are used to populate the
_pw_passwd structire only do anything if the bits in the pw_fields member
_pw_passwd are cleared. Unfortunately, we can get into a state where
pw_fields has garbage in it right before the YP lookup functions are
called, which causes the breakout functions to screw up in a big way.
Here's how to duplicate the problem:
- Configure FreeBSD as an NIS client
- Log in as a user who's password database records reside only in
the NIS passwd maps.
- Type ps -aux
Result: your processes appear to be owned by 'root' or 'deamon.'
/bin/ls can exhibit the same problem.
The reason this happens:
- When ps(1) needs to match a username to a UID, it calls getpwuid().
- root is in the local password file, so getpwuid() calls __hashpw()
and __hashpw() populates the _pw_passwd struct, including the pw_fields
member. This happens before NIS lookups take place because, by coincidence,
ps(1) tends to display processes owned by root before it happens upon
a proccess owned by you.
- When your UID comes up, __hashpw() fails to find your entry in the
local password database, so it bails out, BUT THE BITS IN THE pw_fields
STRUCTURE OF _pw_passwd ARE NEVER CLEARED AND STILL CONTAIN INFORMATION
FROM THE PREVIOUS CALL TO __hash_pw()!!
- If we have NIS enabled, the NIS lookup functions are called.
- The pw_breakout_yp routines see that the pw_fields bits are set and
decline to place the data retrieved from the NIS passwd maps into the
_pw_passwd structure.
- getpwuid() returns the results of the last __hashpw() lookup instead
of the valid NIS data.
- Hijinxs ensue when user_from_uid() caches this bogus information and
starts handing out the wrong usernames.
AAAARRRRRRRRRGGGGGGHHHHHHHHHH!!!
*Please* don't tell me I'm the only person to have noticed this.
Fixed by having __hashpw() check the state of pw_fields just before
bailing out on a failed lookup and clearing away any leftover garbage.
What a fun way to spend an afternoon.
- FreeBSD's NIS server can supply a master.passwd map, which has
more fields in it than a standard passwd map, so we need a
_master_pw_breakout() fuction.
- When doing passwd map lookups, look for master.passwd.* by attempting
a _yp_first() on master.passwd.byname. If it exists, we're being served
by a FreeBSD NIS server and we should use this map.
- If we aren't the superuser, retrieve only the standard passwd maps.
If we're being served by a FreeBSD system, then the passwd map has
no passwords in it, and it won't serve us the master.passwd map unless
we're superuser anyway.
There's a small speed hit for the superuser inherent in the check for
the master.passwd map, but this lets us dynamically decide what to do
rather than rely on a non-standard config file somewhere. Since all
of this is bypassed for normal users, they shouldn't notice the
difference.
1) Changed LIB_SCCS and SYSLIB_SCCS to LIB_RCS and SYSLIB_RCS.
2) Changed sccsid[] variables to rcsid[]
3) Moved all RCSID strings into .text
4) Converted all SCCSID's to RCS $Id$'s
5) Added missing $Id$'s after copyright.
YP by disallowing `+' entries as logins in all cases. (This handles the
case of a `+' entry in the password file but YP not running, which should
never happen but is easy enough to check for so we'll apply some
prophylaxis.)
Embalm. Rewrite to do things much the same as gcc-2: use fistpq for speed
and elegance, and mishandle overflow consistently. __fixunsdfsi() is no
longer called by gcc.
getcwd() has two off-by-one bugs in FreeBSD-2.0:
1. getcwd(buf, size) fails when the size is just large enough.
2. getcwd(buf + 1, 1) incorrectly succeeds when the current directory
is "/". buf[0] and buf[2] are clobbered.
(I modified Bruce's original patch to return the proper error code
[ERANGE] in the case of #2, but otherwise... -DG)
This program demonstrates the bug:
---
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include <unistd.h>
int main(void)
{
char buf[5];
int errors;
errors = 0;
if (chdir("/tmp") != 0) {
perror("chdir");
abort();
}
if (getcwd(buf, 5) == NULL) {
perror("oops, getcwd failed for buffer size = size required");
++errors;
}
if (chdir("/") != 0) {
perror("chdir");
abort();
}
buf[0] = 0;
buf[2] = 1;
if (getcwd(buf + 1, 1) != NULL) {
fprintf(stderr,
"oops, getcwd succeeded for buffer size = one too small\n");
++errors;
}
if (buf[0] != 0) {
fprintf(stderr,
"oops, getcwd scribbled on memory before start of buffer\n");
++errors;
}
if (buf[2] != 1) {
fprintf(stderr,
"oops, getcwd scribbled on memory after end of buffer\n");
++errors;
}
exit(errors == 0 ? 0 : 1);
}
pointer returned by realloc(). All callers free the pointer if the
execve fails. Nuke the caching. This essentially restores buildargv()
to the 1.1.5 version. Also fix a memory leak if realloc() fails. Also
nuke similar but non-broken caching in execvp(). malloc() should be
efficient enough.
command available yet.
Changed an entry in getprcent.3 from rpcinfo(8C) to rpcinfo(8).
Changed an entry in getrpcport.3 from 3R to 3.
Changed two entries in rpc.3 from 3N to 3.
incredibly obnoxious, but also makes inverse mappings work when the local
resolver is in a cache-only configuration. (Maybe this is actually
a bug in BIND?)
pointer if len is 0. I should have looked at the revision history - I would
have found that Bruce already fixed the bug with len=0 over a month ago.
Whoever said that the bug was in 2.0 was wrong.
for Wine support. The current snapshot of wine works fine with this.
This should go into the beta as the code which it calls in the kernel is
already there, and works fine.
later be applied to a number of programs (inetd for instance) to clean
out the bogus code doing the same thing, modulus all the bugs.
If you need to read a '#'-is-a-comment-file, please use these routines.
I realize that the shlib# should be bumped (for the non-US world:
increased by something), but will defer this until something significant
happens.
From: Chris Torek <torek@bsdi.com>
Here is a semi-official patch (apply to /usr/src/lib/libc/stdio/fseek.c,
rebuild libc, install). The current code fails when the seek:
- is optimized, and
- is to just past the end of the block currently in the buffer, and
- is followed by another seek with no intervening read operation, and
- the destination of subsequent seek is within the block left in the
buffer (seeking to the beginning of a block does not force a read,
so the buffer still contains the previous block)
so it is indeed rather obscure.
I may have a different `final' fix, as this one `loses' the buffer
contents on a seek that goes just past the end of the current block.
[Footnote: seeks are optimized only on read-only opens of regular
files that are buffered by the file's optimal I/O size. This is
what you get with fopen(path, "r") and no call to setvbuf().]
Obtained from: [ BSDI mailing list ]
While trying to figure out why rlogind wasn't working right for root,
I noticed that man wouldn't come back with a man page for iruserok, but
it would for ruserok. Checking the lib/net directory's Makefile.inc
file shows that the link to the rcmd man page just isn't getting
created.
>How-To-Repeat:
Do a 'man iruserok' and notihing will come back, where a 'man ruserok'
will.
Submitted by: Brian Moore <ziff@houdini.eecs.umich.edu>
Obtained from: NetBSD-bugs mailing list
getnet* configuration. (It's highly unlikely that you'd want to do
something different, and network lookups aren't common enough to justify
their own configuration file.)
!!!!!!!!
NB
!!!!!!!!
You MUST pwd_mkdb /etc/master.passwd before attempting to use the new
libc, or things may go wrong. (I doubt anything actually /will/ go
wrong, but the actual behavior is undefined. YOU HAVE BEEN WARNED.)
The database format is, however, backwards-compatible, so old executables
will still work.
>From: jtk@atria.com (John T. Kohl)
in rcmd:
It calls select() with a hardcoded "number of file descriptors" argument
of 32, rather than computing it based on the sockets about which it
cares.
- Now we work out the nfds arg, and do some error checking
Submitted by: Geoff.
Don't add to POBJS or SOBJS. bsd.lib.mk does it. Some objects were
duplicated.
Don't add to CLEANFILES. bsd.lib.mk does it. Some objects were
quadruplicated.
Define variables that are only used once close to where they are
used.
The ifdefs for avoiding building of profiled/shared objects when
NOPROFILE/NOPIC are set were not actually committed. The ifdefs
belong in bsd.lib.mk anyway.
long long. Done by plugging both eax and edx with -1. This will clobber
edx unnecessarily when the return value is only 32bit...though probably
always an okay thing to do, it could stand a better fix.
This was the cause of gawk being broken (boy was THAT ever a subtle
bug!!!).
are running under. Here's how to bootstrap (order is important):
1) Re-compile gcc (just the driver is all you need).
2) Re-compile libc.
3) Re-compile your kernel. Reboot.
4) cd /usr/src/include; make install
You can now detect the compilation environment with the following code:
#if !defined(__FreeBSD__)
#define __FreeBSD_version 199401
#elif __FreeBSD__ == 1
#define __FreeBSD_version 199405
#else
#include <osreldate.h>
#endif
You can determine the run-time environment by calling the new C library
function getosreldate(), or by examining the MIB variable kern.osreldate.
For the time being, the release date is defined as 199409, which we have
already established as our target.
1.1.5 support for YP, fixing a bug in 1.1.5 that prevented YP from ever
working reliably. (I'm amazed that there were no bug reports.)
IWBRNI someone could write a host.conf(5) manual page. Please look at
the code before doing so; this version is somewhat more flexible in the
format of its input.
