The character `#' introduces a comment. Leading spaces and tabs are
ignored: '^[ \t]*#.*\n$'
Count an empty line - only spaces, tabs or newline - also as a comment.
(to be compatibel with password database comments). '^[ \t]*\n$'
and small values:
hypotf(2.3819765e+38, 2.0416943e+38) was NaN instead of 3.1372484e+38
hypotf(-3.4028235e+38, 3.3886450e+38) was NaN instead of Inf
hypotf(-2.8025969e-45, -2.8025969e-45) was 0 instead of 4.2038954e-45
Found by: ucbtest
- 0 was returned instead of EOF when an input failure occured while
skipping white-space after 0 assignments. This fixes PR2606. The
diagnosis in PR2606 is wrong.
- EOF was returned instead of 0 when an input failure occurred after
zero assignments and nonzero suppressed assignments.
- EOF was spelled -1.
This should be in 2.2.
for now so that we don't lose library compatibility. Applications should
define _NEW_VFSCONF and use getvfsbyname() instead of new_getvfsbyname()
if they want the new vfsconf interface. Parts of the old interface
(enough to load vfs modules, I hope) are still available.
previous revision. Use log10f() instead of log10(). log10f() is
currently slightly slower than log10() on P5's, but it is potentially
significantly faster.
Fixed declaration of the C function used in the (unused?) KR_headers
case.
avoid easily avoidable loss of precision when |x| is nearly 1.
Extended (64-bit) precision only moves the meaning of "nearly" here.
This probably could be done better by splitting up the range into
|x| <= 0.5 and |x| > 0.5 like the C version. However, ucbtest
does't report any errors in this version. Perhaps the C version
should be used anyway. It's only 25% slower now on a P5, provided
the C version of sqrt() isn't used, and the C version could be
optimized better.
Errors checked by: ucbtest
at runtime.
etc/make.conf:
Nuked HAVE_FPU option.
lib/msun/Makefile:
Always build the i387 objects. Copy the i387 source files at build
time so that the i387 objects have different names. This is simpler
than renaming the files in the cvs repository or repeating half of
bsd.lib.mk to add explicit rules.
lib/msun/src/*.c:
Renamed all functions that have an i387-specific version by adding
`__generic_' to their names.
lib/msun/src/get_hw_float.c:
New file for getting machdep.hw_float from the kernel.
sys/i386/include/asmacros.h:
Abuse the ENTRY() macro to generate jump vectors and associated code.
This works much like PIC PLT dynamic initialization. The PIC case is
messy. The old i387 entry points are renamed. Renaming is easier
here because the names are given by macro expansions.
log10(x) = log10e * log(x). The formula would work if the RHS were
evaluated in extended precision with an extended precision log().
This actually happened with the i387 log() because it returns excess
precision.
Found by: ucbtest
This defeats the point of log1p(). ucbtest reports errors of +-5e+15
ULPs. A correct version would use the i387 fyl2xp1 instruction for
small x and maybe scale to small x. The C version does the scaling
reasonably efficiently, and fyl2px1 is slow (at least on P5s), so not
much is lost by always using the C version (only 25% for small x even
with the broken i387 version; 50% for large x).
doesn't need to be included in files that have nothing to do with
syscalls.
Added missing `.text' to START_ENTRY so that ENTRY() works when
invoked in the data section.
I notice info(1) has some problems moving back and forth through the
resulting info file, but emacs doesn't, so i figure it's rather a
problem with info(1) itself. To the least, this file installs now
finally.
allocated size not reset to 0 causing NULL dereference
on call after login_close().
2) Modify login_capsize() behaviour to match manpage, allow
concatenated sizes; ie. 10m500k
the handler with SA_RESTART set, so the system calls I wanted to have the
timeout effect will just restart instead (which is NOT what I wanted).
Sheepishly use sigaction() like a good boy and make timeouts actually do
something.
Also pass errors out more effectively so that fetch(1) actually understands
what went wrong.
- Use MAP_FAILED instead of the constant -1 to indicate
failure (required by POSIX).
- Removed flag arguments of '0' (required by POSIX).
- Fixed code which expected an error return of 0.
- Fixed code which thought any address with the high bit set
was an error.
- Check for failure where no checks were present.
Discussed with: bde
a manner consistent with other implementations. Its done in a way that
adds only a tiny amount of overhead when positional arguments are not used.
I also have a test program to go with this, but don't know where it belongs
in the tree.
Submitted-By: Bill Fenner <fenner@FreeBSD.ORG>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
of the user's timezone failed), don't bail if the specified timezone
doesn't have an offset; in this case it isn't going to. (Perhaps it would
be better to change the caller to always supply one, but this is quick
and clean and fixes the bug in the easiest possible way.)
Should be in 2.2. Fixes (properly) PR#1740.
were added with the login class stuff. This is needed since libutil.so.2.1
is what is used in RELENG_2_2 and well into the release cycle. We only
bump once per release cycle as needed.
Add descriptions of RTLD_LAZY and RTLD_NOW.
Correct the synopsis to agree with the actual function prototypes.
Add clarifications of a few things.
Clean up the wording in a few places.
was apparently overlooked at the time the member was added. Its absence
causes some error messages from the dynamic linker to begin with
"(null):" instead of with the pathname of the dynamic linker as they
should.
I am also adding a work-around to the dynamic linker, to cope with
legacy binaries that were built with older versions of crt0.
interfaces, until it's redone to use sysctl().
- bump the SIOCGIFCONF buffer size from 1K to 8K
- if we didn't find a suitable address, return a failure. Previously
if it didn't find anything it left the return address uninitialised.
Perhaps it would be better to return AF_INET/111/127.0.0.1 rather than
failing?
more manageable and convenient referencing by login.conf (login
class database) and (e.g.) login.access.
This is the first of a group of commits which implements the login
class capabilities database.
(There may be a behavior difference between the 2.1 and 2.2/3.0 kernels
in this area, it seemed to work for me but I have a horribly hacked
select() that might have a bug in the handling of this)
Submitted by: wpaul
get installed.
The `install' target should only be overridden when the default one would
do something wrong and you're too lazy to fix the default one.
Restore the clamp on the return value from rpc_dtablesize().. Some programs
(eg: ypserv) use this as an indication of how large svc_fdset is in their
hand-rolled svc_run() loops. The svc_fdset table is maintained by the
rpc library explicitly for compatability with such programs. (It uses
a different variable-sized bitmap itself internally)
- prototypes now in include files
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note: potential bug here, It looks like there could be a null pointer
dereference depending on what has already been called to initialise some
shared data.
- kill non-FD_SETSIZE code
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
Note, there was a nasty bug with our old code here. It would trash the
stack if a fd > 31 was passed in. It was using a "long" as though it
was an "fd_set", ie: it was assuming that a long was 256 bits wide. :-(
This has been lurking here for a while, since the FD_SETSIZE #ifdef's
were first implemented.
- fix timeout code
- better sequence number generation (for long running daemons)
- dont close an unopen socket
- use standard functions
- 64 bit type safe for wire protocols
- unlimited file descriptors
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- ensure we're not spoofed/confused while trying to talk to the portmapper
- handle new get_myaddress failure cases
- prototype now in include file
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- fix timeout code
- better "random" initial transaction id for long running daemons
- unlimited number of file descriptors to select().
- 64 bit type safe wire protocol
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- typo (spelling police :-)
- dont die on select() that returns time remaining (on my systems)
- improve initial "random" sequence number, to make it harder to guess
in long running daemons.
- fix timeout code.
- unlimited number of fd's in select.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- Protect against select() that returns time remaining (on my systems).
- don't exit. It's bad form for libc to exit() or abort() instead of
returning an error.
- only use loopback addresses after checking the real interfaces.
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- canonical function declaration
- use constants from includes, not magic numbers
- use standard functions
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
- 64 bit long type safe (wire protocols specified in explicit sized types)
- Support systems that don't do unaligned accesses
- Support for explicit int16 and int32 sizes in xdr
Obtained from: a diff of FreeBSD vs. OpenBSD/NetBSD rpc code.
RELENG_2_2!
This is part#2 of the previous commit to src/lib/libc/net to contain the
potential damage.
This provides stubs so that binaries linked in 2.2 will run on 3.0
needed, as he discovered when he tried to run vi. :-]
These files used to be stubs which used #ifdef PIC to decide whether to
use the real dlopen() version or the stub version from the src/contrib/tcl
sources. Now, with the our stubs gone, the .PATH directive causes them to
be compiled directly from src/contrib/tcl/{unix,generic}. You might need
to rebuild your depend rules though as they may have stale paths.
Also, this is a generated file. This should not have been edited here.
also add the missing declaration of forkpty() to libutil.h.
Btw., the calling interface for login(3) is crude. Some better
abstraction is needed, perhaps similar to logwtmp(3).
2.2 candidate, but i'll wait for the spelling police first. :)
- the .gz files are no longer used as intermediate files, it's in a pipe
now. (gunzip normally deleted them anyway, but this should not hurt)
- I accidently left a -p arg to install from testing. Bruce says it should
be ${COPY} instead, but almost everything else in the tree uses plain -c
anyway.
- Use "LINKS=" or two identical files are installed sepeately instead of
as links (doh!)
- Use "LIB..." instead of "BIN..." for install permissions. Note that we
still use bsd.prog.mk, not bsd.lib.mk because bsd.lib.mk has problems
(it can't install a library unless it compiles it).
- Define LIBCOMPATDIR in Makefile.inc instead of using BINDIR.
Mostly submitted by: bde
just return errors. This removes the need for awful hacks like that in
our build of libtcl which would get link errors when linked static.
John Polstra once mentioned that this was on his "todo" list.
Note that one can use:
cc -Wl,-Bstatic -o foo foo.o
and get an executable that has it's libraries statically linked, but has
a fully functional runtime linker so the executable can call dlopen() and
have it work. (I've tested this)
- getpwent:
o adjunctbuf should be NUL terminated after copying
o _pw_breakout_yp() needs to know the length of the buffer returned
from YP so it can properly NUL terminate its local buffer.
- getgrent:
o YP buffers should be YPMAXRECORD + 2 bytes long and NUL terminated.
(Previously they were hardcoded to 1024 bytes.)
- getnetgrent:
o YP data should be copied with snprintf(), not sprintf()
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
- getservent:
o put _yp_check() proto under #ifdef YP where it belongs
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- gethostbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long
- getnetbynis:
o local YP buffer should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying
- ether_addr:
o local YP buffers should be YPMAXRECORD + 2 bytes long and should
be NUL terminated after copying (in this case it's BUFSIZ + 2 bytes,
but it happens that BUFSIZ == YPMAXRECORD.
- gethostbydns:
o nuke stray 'return(NULL)' in __dns_getanswer() (harmless but looks silly)
These are 2.2 candidates. I will wait a few days to make sure these don't
break anything and then, if there are no objections, move them to the 2.2
branch.
line length limit anymore - now 500 members or 5000 members are
possible. For security group lines longer than 256K will be count as
an error. 256K should be enough for 65536 users.
Support comments (lines that begin with a #) if compiled with
option -DGROUP_IGNORE_COMMENTS.
Fortunately it seems that all system utilities which use getgrent()
functions are dynamically linked executables. So you need only
rebuild libc.so.3.0 if you want this change. Note: if you have
an old X server which depend on libc.so.2.* you should rebuild
libc.so.2.* too.
Not a 2.2 candidate.
lookup results. Without this, doing multiple host/addr lookups in a
single process yeilds strange results (the buffer is static, and
garbage may be left behind from previous lookups).
I just noticed this in 2.2-BETA. Unless somebody threatens to chop my
hands off with an axe, I'm going to move this to the 2.2-RELENG branch
shortly.
of BIND, we need to tweak some things to that gethostanswer() knows
whether or not we're dealing with an IPv4 or IPv6 address. (This'll
teach me to use a 2.1.0 system for NIS development -- but it's so nice
and stable I just can't being myself to upgrade it. :)
- A major 11th hour, last second, untested commit!
Build some infrastructure to clean up the compat lib distributions, and
also allow them to be installed from the source tree rather than having
to to and get the tarballs from freefall or a CD. Some tweaks to
/etc/make.conf are in the pipeline to enable it.
This came about because it became apparent that we'd have to change the
compat21.tgz tarball to fix the NIS problem with 2.1.x binaries. Since
it's tar..gz.uu, doing this would have caused a huge repository change
and we may as well try and fix it once and for all. Now, adding/removing
libraries should have MUCH less repository impact.
Peril sensative sunglasses: on!
Flame proof suit: on!
Concept reviewed by a stream of ascii representing the opinion of: jkh
Changes casually reviewed by: jkh (but not actually tested)
Without it, the last row and last column don't get their background updated.
I think this should be in 2.2.
Submitted by: Paul Koch <koch@thehub.com.au> (again)
Passing observation: The fixes that pst put in on 1996/09/22 then backed out
look like they should be put in again. If sysinstall is depending on bugs,
then it should be fixed.
_yp_dobind() checks to see if a fork() happens (by checking PIDs) and
invalidates all bindings if it finds itself in a newly created child
process. (This avoids sharing RPC client handles and socket descriptors
with the parent, which would be bad.) Unfortunately, it summarily
calls clnt_destroy() on the handles, which may result in the destruction
of a descriptor that isn't really a socket.
This is fixed by replacing the explicit call to clnt_destroy() with a
call to _yp_unbind(), which deals with potentially hosed socket descriptors
an a safe manner.
This is basically a one-liner. Once I confirm that it fixes Christoph's
problem, I'd like permission to put it in the 2.2-RELENG branch.
Vulnerable: all programs that use setlocale(LC_COLLATE),
setlocale(LC_CTYPE), or setlocale(LC_ALL). The only setuid/setgid
binary i've found for this is w(1).
Should go into 2.2.
I've added an installation from optical disk drive facility.
This enables FreeBSD to be installed from an optical disk, which
may be formatted in "super floppy" style or sliced into MSDOS-FS
and UFS partitions.
Note: ncr.c should be reviewed by Stefan Esser <se@freebsd.org>
and cd.c by Joerg Wunsch <joerg@freebsd.org> before bringing this
into 2.2.
Submitted-By: Shunsuke Akiyama <akiyama@kme.mei.co.jp>
in lots of unrelated junk from <net/if.h> and <net/if_ether.h>. These
functions still aren't prototyped anywhere (but should be in
<net/ethernet.h>---got that, Bill?).
and he said:
The 3rd agrument is new; looks like it was part of the upgrade to
a new BIND with some IPv6 support. The third argument here should be
AF_INET. In order for it to be anything else, I'd have to add new
NIS functions to support IPv6 lookups. I don't even know what those
look like yet.
So there ya go, add AF_INET as the 3rd argument to the call.
Submitted-by: wpaul
copy of insure++, too bad the runtime only works for BSD/OS. :-(
Maybe they'll be so impressed by my initial 15 entry bug report for it
that they'll take the FreeBSD version more seriously. :-) :-)
NIS map which is present on SunOS NIS servers with the SunOS C2 security
hack^Woption installed. I'm convinced that the C2 security option restricts
access to the passwd.adjunct.byname map in the same way that I restrict
access to the master.passwd.{byname,buid} maps (checking for reserved ports),
which means that we should be able to handle passwd.adjunct.byname map
correctly.
If _havemaster() doesn't find a master.passwd.byname map, it will now
test for a passwd.adjunct.byname map before defaulting back to the
standard non-shadowed passwd.{byname,byuid} maps. If _pw_breakout_yp()
sees that the adjunct map was found and the password from the standard
maps starts with ##, it will try to grab the correct password field
from the adjunct map. As with the master.passwd maps, this only happens
if the caller is root, so the shadowing feature is preserved; non-root
users just get back ##username as the encrypted password.
Note that all we do is grab the second field from the passwd.adjunct.byname
entry, which is designated to be the real encrypted password. There are
other auditing fields in the entry but they aren't of much use to us.
Also switched back to using yp_order() to probe for the maps (instead
of yp_first()). The original problem with yp_order() was that it barfed
with NIS+ servers in YP compat mode since they don't support the
YPPROC_ORDER procedure. This condition is handled a bit more gracefully
in yplib now: we can detect the error and just punt on the probing.
Since locale reading code not resistent against stack overflowing or
similar intruder attacks, don't allow PATH_LOCALE env variable action
for s-bit programs (non-standard locale path setting)
strdup() it to prevent unsetenv() or setenv() effects. Check its length to
not allow user to overflow internal locale buffer. Move PATH_LOCALE
handling code into one place.
POSIX: make better stub for LC_MONETARY & LC_NUMERIC, now it check
locale directory existance instead of refusing all non-C non-POSIX
locales. POSIX treats empty locale env variable as unset variable
while our old code treats it as "C" locale, fix it. Implement previous locale
restoring, if locale setting fails. Old code assumes success if some
of LC_ALL subset is successed even other fails, POSIX treats it as
failure with previous locale restoring, fix it.
Remove unneccessary length checking in currentlocale()
Garbage in `eacces' caused the wrong errno to be set for non-EACCES errors.
Garbage in `etxtbsy' caused a semi-random retry strategy for ETXTBSY errors.
Found by: NIST-PCTS. gcc -Wall reported the problem, but -Wall is not
enabled for libc.
FTP error return code because
1) They return NULL, it means that ftpErrno can't be used because
it takes file pointer
2) They don't have FILE-type argument as f.e. ftpGet/ftpPut to use
it for ftpErrno instead.
For that functions I add yet one int* type argument to store
FTP error return code. It is impossible to add some global variable
for that reason, because user can have multiply FTP connections
opened at the same time.
So, interface changed, major number bumped.
Userland changes will follows.
Minor bugfixes, the code:
Forget to close file in few places, when failure occurse
Forget to NULL cached host name, multiply free is possible
When malloc fails. don't try to memset NULL pointer, it cause core dump
Replace malloc+memset with calloc, theoretically it can do some
optimization of zeroing process internally
Improve error diagnostic
dealing w/the fixit floppy.
Also added the MNT_RELOAD, MNT_WANTRDWR, MNT_ASYNC, MNT_NOATIME,
MOUNT_UNION flags. Someone might want to check my description of MNT_RELOAD.
2.2-R candidate. Not a 2.1.6-R candidate -- some current flags aren't in
2.1.5-R's version.
for NULL RPC client handles. This should hopefully fix the problems
Satoshi reported on -current.
- Add socket descriptor sanity checks to _yp_unbind().
- Fix yp_order() so that it handles the RPC_PROCUNAVAIL error gracefully.
NIS+ in YP compat mode doesn't support the YPPROC_ORDER procedure.
This is a 2.2 candidate with bells on.
inside libc. Add collate_range_cmp as alias to __collate_range_cmp
for temp. backward compatibility.
collate_range_cmp will be replaced with direct code for each
external program for compatibility with the rest of world
No changes other than "instructions" for what other tools that use this
.. "interesting" .. system should name their shared libraries. This was
broken for some tools (eg: expect-5.21) even for the native tcl build (ie,
it would end up using libexpect521.so, not libexpect521.so.1.0)
1) Rename FNM_ICASE to FNM_CASEFOLD
2) Add FNM_LEADING_DIR
Add proper (unsigned char) casts to tolower().
Use 'char' function argument for proper sign extension
Add progname to warning/error message layout. (joerg)
Remove inline assembler, no speed impact, not need for the obfuscation (bde)
Remove on the fly calculation of parameters, no longer critical.
Make D & U flags valid even if we don't support them.
Don't call imalloc until we're done initializing.
Zap contents on free() if we have "Junk" set. [*]
Various nitpicking.
[*] As a sideeffect of this change, if you are worried about
sensitive data lingering in memory, you can use the 'Junk' option
now to make sure phkmalloc zaps memory when it is returned. add
char * malloc_options = "J";
to your source. Obviously there is a performance impact.
Somehow, I also managed to get quite some other changes in this file at
the same time. All I did was checkout the file and made a single change.
If someone has an explanation how these PURIFFY defines got in...
API and non-API functions and giving _sk_ prefix for all non-API
functions. Old names will be available by _SKEY_INTERNAL define
it allows not change anything in keyinit & key, only -D_SKEY_INTERNAL required.
Staticise some things.
dead kernel debugging. The previous code was a "do nothing".
The most obvious side effect of this is that you can now do things like
this and reasonably expect them to work:
dmesg -M /var/crash/vmcore.3 -N /var/crash/kernel.3
ps -axl -M /var/crash/vmcore.3 -N /var/crash/kernel.3
A good deal of this was lifted from the gdb code to do this, as well as
from NetBSD's libkvm (which has completely different VM macros)
and forwards compatable with version 3. This is needed to enable storing
a run-time library path in the dynamic linking headers. The crt startup
tries version 4 first, and falls back to version 3, so an executable that
is linked on -current will work with the ld.so on 2.1.x and less.
Reviewed by: nate, jdp
Obtained from: NetBSD
- removed references to nonexistent pathconf-related variables.
- document everything in CTL_MACHDEP(more than in sysctl.8) and
80% of the things in CTL_KERN (same as in sysctl.8).
- old static non-profiled libraries were removed in the wrong directory
if ${ORIG_SHLIBDIR} != ${LIBDIR}.
- old profiled libraries weren't removed.
- new shared compat libraries were installed in the wrong directory if
${ORIG_SHLIBDIR} != /usr/lib.
- some lines were too long.
Added some comments about cases that have caused problems. Changed
libfoo to ${LIB} so that libresolv/Makefile and libgnumalloc/Makefile
are almost identical.
complaints and suggestions about this over the last few days that I
cannot remember who has said what anymore. :-(
There is also a comment here about the intent of the process and another
explicit pointer to the etc/etc/rc change to that has been ignored by
quite a few people it seems.
stuff and detection for the "gnumalloc" port which doesn't exist and
nobody has cared enough about for the past 6 months or so to implement.
As has been pointed out to me (quite a few times) in email, the people
that had been bitten by the changes had failed to follow the instructions
about updating /etc/rc.
Bruce also pointed out that after my last commit, it was no longer
removing /usr/lib/libgnumalloc.so.2.0 as it should have been.
Hopefully this (and the comments in the Makefile) should defuse the problem
a bit.
Various neat features added. More documentation in the manpage.
If your machine has very little RAM, I guess that would be < 16M
these days :-(, you may want to try this:
ln -fs 'H<' /etc/malloc.conf
check the manpage.
Major version bumped (by me) since the ftpGet() public interface has
changed (an "int *" becomes and "off_t *")
Submitted by: Jason Thorpe <thorpej@nas.nasa.gov>, PR#1640
as done after a quasi-recursive call to free() had modified what we
thought we knew about the last chunk of pages.
This bug manifested itself when I did a "make obj" from src/usr.sbin/lpr,
then make would coredump in the lpd directory.
for gcc >= 2.5 and no-ops for gcc >= 2.6. Converted to use __dead2
or __pure2 where it wasn't already done, except in math.h where use
of __pure was mostly wrong.
conflict with the other declarations in other files. tputs() is
traditionally declared to return int, not void. curses.h has it as int.
ncurses has int and actually sets the return value. This problem has
been causing the ircII port to not compile.
(I've only minimally tested this, I do not have libtermcap on my systems)
as a PR to GNATs but it evidently went astray somehow since I can't find
it in the database now, nor does an assigned PR# appear on the mail I got.
Sorry about that, Danny!
Submitted-By: Danny R. Johnston <danny@simn.com>
built early enough to always be installed by the `includes' target
in /usr/src/Makefile. This is supposed to be handled by not
installing it if it doesn't exist. However, a stale, uninstallable
copy sometimes exists in the source directory, and the existence
test sometimes found the wrong copy.
"." means the object directory, so it is just confusing to use it
when nothing is included from the object directory unless the object
directory is also the source directory. It is confusing for "."
not to mean the source directory anyway, so used `-I.'s should be
replaced by `-I${.OBJDIR}'.
traditional BSD4.4 behavior (_POSIX_SAVED_IDS are OFF) was described
before.
Add some hooks to easily change this text when
POSIX_SAVED_IDS model will be changed.
routines from contrib/bind directly. There were too many problems,
including having to add -DUSE_OPTIONS_H to the entire libc source in
order for the contrib code to pick up it's options, and so on.
Instead, I've merged the changes, libc is now self contained again.
was compiled with -O) by the precision bug in the i386 version of
gcc (assignments and casts don't clip the precision). E.g.,
rintf(12.3456789) was 12.125.
Avoid the same bug in rint(). It was only broken for the unusual
case when the i387 precision is 64 bits. FreeBSD defaults to 53
bit precision to avoid problems like this, but the standard math
emulator always uses 64 bit precision.
in a bunch of man pages.
Use the correct .Bx (BSD UNIX) or .At (AT&T UNIX) macros
instead of explicitly specifying the version in the text
in a bunch of man pages.
note that at_shutdown has a new parameter to indicate When
during a shutdown the callout should be made. also
add a RB_POWEROFF flag to reboot "howto" parameter..
tells the reboot code in our at_shutdown module to turn off the UPS
and kill the power. bound to be useful eventually on laptops
Here are the diffs for libc_r to get it one step closer to P1003.1c
These make most of the thread/mutex/condvar structures opaque to the
user. There are three functions which have been renamed with _np
suffixes because they are extensions to P1003.1c (I did them for JAVA,
which needs to suspend/resume threads and also start threads suspended).
I've created a new header (pthread_np.h) for the non-POSIX stuff.
The egrep tags stuff in /usr/src/lib/libc_r/Makefile that I uncommented
doesn't work. I think its best to delete it. I don't think libc_r needs
tags anyway, 'cause most of the source is in libc which does have tags.
also:
Here's the first batch of man pages for the thread functions.
The diff to /usr/src/lib/libc_r/Makefile removes some stuff that was
inherited from /usr/src/lib/libc/Makefile that should only be done with
libc.
also:
I should have sent this diff with the pthread(3) man page.
It allows people to type
make -DWANT_LIBC_R world
to get libc_r built with the rest of the world. I put this in the
pthread(3) man page. The default is still not to build libc_r.
also:
The diff attached adds a pthread(3) man page to /usr/src/share/man/man3.
The idea is that without libc_r installed, this man page will give people
enough info to know that they have to build libc_r.
I was perplexed when an example I'd written to show the values for these
variables changing as an xterm window was resized didn't work, and looking
into it I see that size tracking for LINES and COLS seems to be one SVR4
enhancement which didn't come across with libncurses.
refilled) a file that was either line- or un-buffered, all files were
flushed. According to the code comment, the flush (according to ANSI)
is supposed to happen on write + line buffered output files, not _all_
files.
Obtained from: OpenBSD / Theo de Raadt, possibly from proven@cygnus.com
set sin_len
close one ftp port bounce attack
have rresvport() use bindresvport() rather than duplicate the code,
rresvport() is a superset of bindresvport().
Obtained from: OpenBSD / Jason Downs / Theo de Raadt, minor tweaks by me.
this man page to prevent half of it from coming out with underlines.
This man page needs to be gone over to fully convert it to mdoc format.
This closes PR#1440.
Submitted by: Jens Schweikhardt <schweikhardt@rus.uni-stuttgart.de>
2. Remove pkg_* support - tcl7.5's channel interface has rendered this
almost entirely unsupportable (at least in the way it currently stands).
Submitted-By: jmz & jkh
- buffer expansions were not working right due to a return code botch.
- signed types instead of size_t's meant somebody else went and put
casts in, I've changed the types to what they should have been.
part that does zic(8)/zdump(8) is still yet to be imported (but the old
zic and zdump will work just fine with these header files and the
data format has not changed).
directly in order to obtain binding information, check that the local
ypbind is using a reserved port and return YPERR_YPBIND if it isn't.
We should not trust any ypbind running on a port >= IPPORT_RESERVED;
it may have been started by a malicious user hoping to trick us into
talking to a bogus ypserv.
Note that we do not check the ypserv port returned to us from ypbind.
It is assumed that ypbind has already done a reserved port test (or not,
depending on whether or not it was started with -s); if we trust the
authenticity of the local ypbind, we should also trust its judgement.
Obtained from: OpenBSD
option to pwd_mkdb and adding this option to utilities invoking it.
Further, the filling of both the secure and insecure databases has been
merged into one loop giving also a performance improvemnet.
Note that I did *not* change the adduser command. I don't read perl
(it is a write only language anyway).
The change will drastically improve performance for passwd and
friends with large passwd files. Vipw's performance won't change.
In order to do that some kind of diff should be made between the
old and new master.passwd and depending the amount of changes, an
incremental or complete update of the databases should be agreed
upon.
aren't silently converted to minbrk. This stops malloc(INT_MAX) from
dumping core. Small values are still silently converted. They should
be an error. sbrk() doesn't do any range checking or conversions or
overflow checking.
Moved PIC_EPILOGUE invocation to a more natural place where it
obviously doesn't interfere with the comparison.
Document the fact that the tracefile argument must lead to a regular file.
Also took the opportunity to remove the spurious "Errors" entry
relating to filenames with the high-order bit set and add $Id$.
(More of the same to follow if there are no objections).
Added $Id$'s to files that were lacking them (gpalmer), made some
cosmetic changes to conform to style guidelines (bde) and checked
against NetBSD and Lite2 to remove unnecessary divergences (hsu, bde)
One last code cleanup:-
Removed spurious casts in fseek.c and stdio.c.
Added missing function argument in fwalk.c.
Added missing header include in flags.c and rget.c.
Put in casts where int's were being passed as size_t's.
Put in missing prototypes for static functions.
Changed second args of __sflags() inflags.c and writehook() in vasprintf.c
from char * to const char * to conform to prototypes.
This directory now compiles with no warnings with -Wall under
gcc-2.6.3 and with considerably less warnings than before with the
ultra-pedantic script I used for testing. (Most of the remaining ones
are due to const poisoning).
This will do as a stop-gap until I figure out a more fault-tolerant
way of having deferred closes against the control connection work
without blocking.
from jmz was a hopeless kludge (sorry Jean-Marc :) and handled the problem
in the wrong way. ftpRestart() has now gone away and ftpGet() has grown a
new parameter.
The usual stuff, adding missing function prototypes, argument types,
return values, etc.
This directory now compiles with no warnings with -Wall on gcc2.6.3!
The usual stuff, adding missing function prototypes, argument types,
return values, etc. In mktemp.c, convert pid from u_int to pid_t, and
get rid of "extern int errno".
Fixed a couple of nitpick warnings, plus one that slipped through the
net earlier.
This directory now compiles without any warnings with -Wall! (Until
the next gcc upgrade...)
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Corrected format specifier in printf().
6. Added extra parentheses around assignment used as truth value.
7. Added missing "default" cases in switch statements.
8. Added casts for function pointers.
9. Did *not* change int declarations of uid and gid to uid_t/gid_t
because I don't know if that would affect the protocol. Put in
explicit casts to int instead, to make things more obvious.
10. Moved declarations of variables that are only used if YP is
defined inside the '#ifdef YP' conditionals.
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Corrected casts in select() args.
6. Got rid of more "extern int errno" rubbish.
7. Added extra parentheses around assignment used as truth value.
8. Fixed bug in clnt_{tcp, udp}create() where pointers could be free'd
even if they hadn't been successfully malloc()'d.
1. Added missing function prototypes.
2. Added missing function return types.
3. Added missing function argument types.
4. Added missing headers for system function prototypes.
5. Got rid of "extern int errno" rubbish.
by W.Richard Ste vens. EINTR handling suggested by bde@freebsd.org).
Code cleanup:
1. Add missing return type.
2. Replace 'union wait' by int.
3. Use Posix-style signal handling instead of signal().
4. Use fork() instead of deprecated vfork().
5. Block signals before fork()'ing, instead of after.
6. Return -1 if fork() fails, instead of 0.
7. Add EINTR handling for waitpid() call.
Also add claim of Posix conformance to man page.
Now that we preserve RPC handles instead of rebuilding them each time
a ypcln function is called, we have to be careful about keeping our sockets
in a sane state. It's possible that the caller may call a ypclnt
function, and then decide to close all its file descriptors. This would
also close the socket descriptor held by the yplib code. Worse, it
could re-open the same descriptor number for its own use. If it then calls
another ypclnt function, the subsequent RPC will fail because the socket
will either be gone or replaced with Something Completely Different. The
yplib code will recover by rebinding, but it doing so it may wreck the
descriptor which now belongs to the caller.
To fix this, _yp_dobind() needs to label the descriptor somehow so
that it can test it later to make sure it hasn't been altered between
ypclnt calls. It does this by binding the socket, thus associating a port
number with it. It then saves this port number in the dom_local_port member
of the dom_binding structure for the given domain. When _yp_dobind() is
called again (which it is at the start of each ypclnt function), it checks
to see if the domain is already bound, and if it is, it does a getsockname()
on the socket and compares the port number to the one it saved. If the
getsockname() fails, or the port number doesn't match, it abandons the
socket and sets up a new client handle.
This still incurs some syscall overhead, which is what I was trying to
avoid, but it's still not as bad as before.
functions are implimented as wrappers around getservent(), which means it's
up to getservent() to do all the work. The NIS support in getservent()
only allows it to scan through the services.byname map one entry at a
time until it finds the requested service name/port. This can be painfully
slow due to the overhead involved (lots and lots of successive RPCs).
To fix this, we allow getservbyname() and getservbyport() to signal
getservent() that if NIS is turned on (there's a '+' in /etc/services),
the usual yp_first()/yp_next() linear search should be abandoned and
yp_match() used instead. This causes getservent() to immediately
locate the requested entry instead of wasting time groping through the
whole map.
The downside is that this trick is accomplished by exporting a couple of
pointers from getservent.c which getservbyname.c and getservbyport.c can
preset in order to tell getservent() what to do. If all three functions
were in the same source module, then the extra cruft could be delcared
static to avoid poluting the global symbol space. Maybe they should be
combined anyway. For now I've settled on prepending lots of underscores.
privileged port within a single bind(), rather than looping through
attempts to bind over and over again over progressively lower ports.
This should speed up rlogin/rsh etc, and will probably cure some of the
strange rlogin hangs that have been reported in the past where rresvport()
managed to bind() to a port address that it shouldn't have.
not based on gpl'ed code, just prototype and usage. I'm not 100% certain
they behave the same while the system is in trouble (eg: malloc() failing)
but in those circumstances all bets would be off anyway.
These routines work like sprintf() and vsprintf(), except that instead of
using a fixed buffer, they allocate memory and return it to the user
and it's the user's responsibility to free() it. They have allocate as
much memory as they need (and can get), so the size of strings it can deal
with is limited only by the amount of memory it can malloc() on your
behalf.
There are a few gpl'ed programs starting to use this interface, and it's
becoming more common with the scares about security risks with sprintf().
I dont like the look of the code that the various programs (including
cvs, gdb, libg++, etc) provide if configure can't find it on the system.
It should be possible to modify the stdio core code to provide this
interface more efficiently, I was more worried about having something
that worked and was secure. :-) (I noticed that there was once intended
to be a smprintf() routine when our stdio was written for 4.4BSD, but it
looks pretty stillborn, and it's intended interface is not clear). Since
Linux and gnu libc have this interface, it seemed silly to bring yet
another one onto the scene.
to call clnt_destroy() on a potentially NULL RPC handle. Somebody should
bang on this a bit to make sure the problem is really gone; I seem to
have difficulty reproducing it. Patch provided by Peter Wemm and
slightly tweaked by me.
- Don't call _yp_unbind() in individual ypclnt functions unless we encounter
an RPC error while making a clnt_call().
bugs in your code is to put it in the -stable branch. (Corollary: the
day you discover the bug is the day the Internet decides to route your
telnet session to the repository box via Zimbabwe.)
Remove one bogus free(result) (from _havemaster()) that slipped by me.
Flagged by: phkmalloc
Pointed out to me by: Stefan Esser
In a nutshell, this macroizes the local/global symbol scoping rules
that are different in a.out and ELF. It also makes the i386 assembler
stubs conform to i386 PIC calling conventions - the a.out ld.so didn't
object, but the ELF one needs it as it implements PIC jumps via PLT's as
well as calls. The a.out rtld only worked because it was accidently
snooping the grandparent calling function's return address off the stack..
This also affects the libc_r code a little, because of cpp macro nesting.
Each of the ypclnt functions does a _yp_dobind() when it starts and then
a _yp_unbind() when it finishes. This is not strictly necessary and it
wastes cycles: it means we do a new clnt_create() and clnt_destroy()
for each yp_whatever() call. In fact, you can do multiple clnt_call()s
using a single RPC client handle returned by clnt_create(). Ideally we only
have to create a handle to ypserv once (the first time we call a ypclnt
function) and then destroy it and rebind only if a call to ypserv fails.
- Modify _yp_dobind() so that it only creates a new RPC client handle
when establishing a new binding or when one of the ypclnt calls
invalidates an existing binding and calls _yp_dobind() to establish
a new one.
- Modify the various ypclnt functions to only call _yp_unbind() if a
call to ypserv fails.
If _ANSI_SOURCE or _POSIX_SOURCE is defined, then <ctype.h> had to
be included before <stddef.h> or <stdlib.h> to get rune_t declared.
Now rune_t is declared perfectly bogusly in all cases when <ctype.h>
is included.
This change breaks similar (but more convoluted) convolutions in the
stddef.h in gcc distributions. Ports of gcc should avoid using the
gcc headers.
In __initdb(), a failure to open the local password database is supposed
to result in a warning message being syslog()ed. This warning is only
supposed to be generated as long as the 'warned' flag hasn't been yet;
once the warning is generated, the flag should be set so that the message
is only syslog()ed once. However, while the state of the flag is checked
properly, the flag's state is never changed, so you always get multiple
warnings instead of just one.
Pointed out by: Peter Wemm
Set_Boot_Blocks(). Boy, this one had me tearing my hair out!
I hate how the loader distinguishes between `extern char *foo' and
`extern char foo[]' sometimes! :-)
as any non-shadowed /etc/passwd. Ironically, all programs using S/Key
have already been setuid root except keyinfo(1).
This modification creates /etc/skeykeys with mode 0600 to prevent it
from being examined by ordinary users.
This commit covers the man pages for most of the ANSI library functions.
A few others such as strtol.3 have to mention <sys/types.h> because they
mix ANSI interfaces with less well designed extensions.
getnetgrent.c:
- Catch one bogon that snuck by: in _listmatch(), check for '\0'
rather than '\n'; strings returned from yp_match() are terminated
with a nul, not a newline.
getpwent.c:
- Rip out all of the +inclusion/-exclusion stuff from before and
replace it with something a little less grotty. The main problem
with the old mechanism was that it wasted many cycles processing
NIS entries even after it already knew they were to be exlcuded
(or not included, depending on your pointof view). The highlights
of these changes include:
o Uses an in-memory hash database table to keep track of all the
-@netgroup, -user, and -@group exclusions.
o Tries harder to duplicate the behavior normally obtained when using
NIS inclusions/exclusions on a flat /etc/passwd file (meaning things
come out in much the same order).
o Uses seperate methods for handling getpwent() and getpwnam()/getpwuid()
operations instead of trying to do everything with one general
function, which didn't work as well as I thought it would.
o Uses both getnetgrent() and innetgr() to try to save time where
possible.
o Use only one special token in the local password database
(_PW_KEYYPBYNUM) instead of seperate tokens to mark + and -
entries (and stop using the counter tokens too). If this new
token doesn't exist, the code will make due with the standard
_PW_KEYBYNUM token in order to support older databases that
won't have the new token in them.
All this is an attempt to make this stuff work better in environments
with large NIS passwd databases.
- Clear the _yp_innetgr flag immediately after calling setnetgrent() from
innetgr(). We only need the flag set to temporarily alter setnetgrent()'s
behavior. Previously, it was being cleared too late.
- When in NIS-only mode, innetgr() was wasting time doing unecessary
extra processing after it had already found a match.
- Remember to free memory allocated by the NIS functions during innetgr()
searches.
man pages up to mdoc guidelines and fix some minor formatting glitches.
Also fixed a number of man pages to not abuse the .Xr macro to
display functions and path names and a lot of other junk.
nonstandard normal version and the standard threaded version.
Removed a bogus L in a constant. fpos_t's aren't longs, and casting to
fpos_t would be verbose.
- add __BEGIN_DECLS and __END_DECLS,
- add a bunch of ``const'' qualifiers all over the place,
- rename the `private' struct member into `private_data' to avoid the
clash with the C++ keyword.
/var/run resides on an NFS filesystem (flock() always returns 0 in
this case, so we falsely assume that ypbind is dead and bail out).
Settle instead for better failure checking when using clnttcp_create()
and clnt_call() to interact with ypbind. We still try to flock()
/var/yp/binding/$DOMAINNAME.2, but if this doesn't work, we drop into
the code that retrieves the binding information from ypbind directly.
If that also fails, then we're toast. On NFS filesystems, this means
we'll be ignoring the binding file for no reason and always talking to
ypbind even though we don't have to, but at least things will work.
(I could just replace the flock(/var/run/ypbind.lock) check with
an RPC call to ypbind's NULLPROC procedure, but if the flock() of
the binding file doesn't pan out we're going to try to talk to
ypbind later anyway. *sigh* Is NFS file locking ever going to work?)
broken. The translation from network number to ASCII string was not
working correctly (you would sometimes get things like 0.244.0.0 instead
of 244.0.0).
Also copied results of yp_match() to a static buffer for consistency
with gethostbynis.c.
Note: _getnetbynisaddr() chops off trailing .0's, i.e. 244.0.0 is
truncated to 244. By contrast, getnetbyht.c code (for local /etc/networks
lookups) leaves the traling .0's in place. This means that the NIS
and local file lookups will match different things when looking up the
same network number. I'm not sure which is the correct behavior. (I
think the DNS lookup code tries all combinations -- should the NIS
and local host lookup routines do that too?)
the precision; ANSI X3J11 is not crystal clear but certainly says
that the precision specifies the number of /digits/, and signs
and "0x" aren't really digits.
NetBSD already has a similar patch.
There needs to be a better way of doing this..
preferably we could add another pass to the
normal libc makefiles to do _r versions as well as _p versions
of a successful map retrieval. (This has to do with a previous change
to xdr_ypresp_all_seq() and ypxfr_get_map(); originally, yp_all()
would look for a return value of YP_FALSE to signal success, but now
it should be looking for YP_NOMORE. It should not be passing YP_NOMORE
back up to the caller though.)
Noticed by: <aagero@aage.priv.no>
There is also another small bug here, which is that the call to
xdr_free() that happens immediately after the clnt_call() in yp_all()
clobbers the return status value. I've worked around this for now,
but I think the xdr_free() is actually bogus and should be removed.
I want to check some more before I do that though.
a machine with aliase ip addresses on the same subnet of an
interfaces' `real' ip addresses would generate <n> duplicate
broadcasts in clnt_broadcast().
Basically, this fix does a purge on the list of bradcast addresses.
discussion on -core about disk partitioning tools etc.
Add NOPIC=yes to Makefile to prevent any possibility of version mismatch
because of the potential grave consequences. (as suggested by phk)
Note that this is also on RELENG_2_1_0, since the sysinstall stuff is
hopefully going to remain in sync.
- Fix problem described in PR #1079: _gethostbynisaddr() doesn't
work. Make it accept the same arguments as all the other
gethostby*addr() functions and properly convert the supplied IP
address into a text string so that yp_match() can find it in the
hosts.byaddr map.
- Also fix potential memory leak: copy the results of yp_match() to
a static buffer and free the result (yp_match() returns dynamically
allocated memory).
ether_addr.c:
- Since I was in the neighborhood, fix ether_ntohost() and
ether_hostton() so that they don't bogusly for a free(result)
when yp_match() fails.
matter much on some systems, but on ftp servers (like wcarchive) where
you run with special stripped group and pwd.db files in the anonymous
ftp /etc, this can be a major speedup for ls(1).
ss_flags to SS_DISABLE and SS_ONSTACK. SA_ONSTACK is still used in
struct sigaction. Nowhere in our entire source tree could I find a
single place these were used.
reconnect once using the saved openlog() parameters.
This helps one of the system startup race conditions. If syslogd takes too
long to get going, some daemons can fail the connection and forever log
to the console even though the syslogd is running. That is ..unfortunate..
the statically compiled PS_STRINGS and USRSTACK variables. This prevents
programs using setproctitle from coredumping if the kernel VM is increased,
and stops libkvm users (w, ps, etc) from needing to be recompiled if only
the VM layout changes.
explicit that it is global to the entire "session", and that setsid() or
daemon() are need to have been called at some point.
The most notable offender of setlogin() misuse is XFree86's xdm.
to 2. This makes them agree with the declarations in libgcc, and
clears the way once again for linking c++rt0.o into all libraries,
and eliminating CPLUSPLUSLIB from <bsd.lib.mk>. (I have not made
that change yet, because there is still a bootstrapping problem
for "make world".)
Also, removed a check which ensured that the constructor count in
the first word of __CTOR_LIST__ was greater than zero before
traversing the list. I had added that check earlier, but it is no
longer necessary, now that there is guaranteed to be at least 2
words in __CTOR_LIST__.
It uses a static constructor to call _thread_init() at program start-up
time. That eliminates the need for any initialization hooks in crt0.o.
Added a symbol reference in "uthread_init.c", to ensure that the new
module will always be pulled in when the archive version of the library
is used.
In "Makefile.inc", defined CPLUSPLUSLIB, so that the constructor will be
properly invoked in the shared library.
Suggested by: Christopher Provenzano, Peter Wemm, and others.
for "fts_open" was wrong. Also, the "fts_info" field of the FTSENT
structure was misleadingly described as containing "flags". Actually, it
contains a single integer value.
in the main text of various man pages.
Thanks to Warner Losh for adding an option to manck to allow
it to scan the entire man page looking for bogus xrefs, instead
of just checking the SEE ALSO section.
resides in read-only memory is going to cause the program to core dump,
and this is commmon with older pre-ANSI C programs.
(I've scratched my head over this one at 3 in the morning before
while trying to port some ancient program)
Suggested by: Gary Kline <kline@tera.com>
- shared libraries are in ${SHLIBDIR}, not necessarily in ${LIBDIR}.
- don't remove or create any shared library versions except 2.0.
and improvements:
- don't use rm -r.
- indent the long shell command.
Submitted by: bde
Corrected some bogus cross references to man pages that we don't/won't
have and either deleted them, or found a more appropriate man page
that we do have. Various other minor changes to silence manck.
Manck is currently down to about 200 lines of errors, down from
the 500 - 600+ when I started all this.
Also corrected a few minor formatting errors, file location and cross
references in some of the section 3 man pages.
This shuts up a lot of the output from "manck" for section 3.
the loop that invokes the static constructors. That makes it safe
to link c++rt0.o into any shared library, even one that does not
have any static constructors. Formerly, doing that would cause a
bus error. If the library has no static constructors, __CTOR_LIST__
comes out as a simple 4-byte COMMON region, and it does not have
the usual NULL word that terminates the list of constructors. This
caused the old code to "call" a garbage address via the non-existent
entry __CTOR_LIST__[1].
The analogous code that invokes the static destructors was already safe.
This change is fully backward-compatible.
Reviewed by: dfr@render.com (Doug Rabson)
Install (optional) libutil.h with prototypes for the functions and
document this in the man page.
minor cleanups to the various routines, include the prototype file, declare
return codes etc.
of signals. Signals are now properly caught, tty state is being
restored, and the previous sigaction triggered. Upon receipt of a
sigcont, echo is turned off again.
SIGTSTP causes a buffer flush, the man page mentions this. (Although
i rather think of it as a feature than a bug.)
This is likely to be my last FreeBSD action for 1995, xearth shows
me that our .au guys must already write 1996. :-)
looking at a high resolution clock for each of the following events:
function call, function return, interrupt entry, interrupt exit,
and interesting branches. The differences between the times of
these events are added at appropriate places in a ordinary histogram
(as if very fast statistical profiling sampled the pc at those
places) so that ordinary gprof can be used to analyze the times.
gmon.h:
Histogram counters need to be 4 bytes for microsecond resolutions.
They will need to be larger for the 586 clock.
The comments were vax-centric and wrong even on vaxes. Does anyone
disagree?
gprof4.c:
The standard gprof should support counters of all integral sizes
and the size of the counter should be in the gmon header. This
hack will do until then. (Use gprof4 -u to examine the results
of non-statistical profiling.)
config/*:
Non-statistical profiling is configured with `config -pp'.
`config -p' still gives ordinary profiling.
kgmon/*:
Non-statistical profiling is enabled with `kgmon -B'. `kgmon -b'
still enables ordinary profiling (and distables non-statistical
profiling) if non-statistical profiling is configured.
is really necessary. Going backwards on a P6 is much slower than forwards
and it's a little slower on a P5. Also moved the count mask and 'std'
down a few lines - it's a couple percent faster this way on a P5.
replace the dozen other various hacks in the code that do all sorts
of crude things including spamming the envrionment strings with the new
argv string.
This version is mainly inspired by the sendmail version, with a couple of
ideas taken from the NetBSD implementation as well.
XDR routines auto-generated by rpcgen don't quite match the format of
the original ones even though tey have the same names (that was one of
the things wrong with the old XDR routines).
rpcgen-erated on the fly (just like librpcsvc).
Makefile: Add rule for generating yp_xdr.c and yp.h.
xdryp.c: gut everything except the special ypresp_all XDR function
needed to to handle yp_all() (this one can't be created on
the fly), and xdr_datum(), which isn't used internally by
libc, but which as documented as being there in yp_prot.h,
so what the hell. We now get everything else from yp_xdr.c.
yplib.c: change a few structure member names to match those found in
yp.h instead of those declared in yp_prot.h.
via mmap() up around the shared library area. Previously the directory
was allocated from space from it's own memory pool. Because of the way it
was being extended on processes with large malloced data segments (ie: inn)
once the page directory was extended for some reason, it was not possible
to lower the heap size any more to return pages to the OS.
(If my understanding is correct, page directory expansion occurs at 4MB,
12MB, 20MB, 28MB, etc.) I was seeing INN allocate a large amount of short
term memory, pushing it over the 28MB mark, and once it's transient demands
hit 28MB, it never freed it's pages and swap space again.)
I've been running this in my libc for about a month...
Also, seperate MALLOC_STATS from EXTRA_SANITY.. I found it useful to call
malloc_dump() from within INN from a ctlinnd command to see where the hell
all the memory was going.. :-) I've left MALLOC_STATS enabled, as it has
no run-time or data storage cost.
Reviewed by: phk
static executables that depend on this will need to be relinked (ie: do
this before 'ps'), but the dynamic linked stuff should be OK (ie: 'w')
Obtained from: NetBSD (not much point reinventing the wheel.. :-)
in particular circumstances. (malloc() does not zero memory, but usually
does by coincidenct that sbrk() returns zeroed pages)
Submitted-by: John Hood <cgull@smoke.marlboro.vt.us>
it before before trying to establish a binding. If /var/run/ypbind.lock
doesn't exist, or if it exists and isn't locked, then ypbind isn't
running, which means NIS is either turned off or hosed.
- Have _yp_check() call yp_unbind() after it sucessfully calls yp_bind()
to make sure it frees resources correctly. (I don't think there's really
a memory leak here, but it seems somehow wrong to call yp_bind() without
making a corresponding call to yp_unbind() afterwards.)
This makes the NIS code behave a little better in cases where libc makes
calls to NIS, but it isn't running correctly (i.e. there's no ypbind).
This cleans up some strange libc behavior that manifests itself if
you have the system domain name set, but aren't actually running NIS.
In this event, the getrpcent(3) code could try to call into NIS and
cause several inexplicable "clnttcp_create error: RPC program not
registered" messages to appear. This happens because _yp_check() checks
if the system domain name is set and, if it is, proceeds to call
yp_bind() to attempt to establish a binding. Since there is no
binding file (remember: ypbind isn't running, so /var/yp/binding
will be empty), _yp_dobind() will attempt to contact ypbind to
prod it into binding the domain. And because ypbind isn't running,
the code generates the 'clnttcp_create' error. Ultimately the
_yp_check() fails and the getrpcent(3) code rolls over to the /etc/rpc
file, but the error messages are annoying, and the code should be
smart enough to forgo the binding attempt when NIS is turned off.
both call getservent() to do most of the work, so we only need to modify
this file to take care of everybody).
Note that there is only one NIS services map (services.byname) even
though there are getservbyname() and getservbyport() library functions.
Submitted by: Mike Mitchell, supervisor@alb.asctmd.com
This is a bulk mport of Mike's IPX/SPX protocol stacks and all the
related gunf that goes with it..
it is not guaranteed to work 100% correctly at this time
but as we had several people trying to work on it
I figured it would be better to get it checked in so
they could all get teh same thing to work on..
Mikes been using it for a year or so
but on 2.0
more changes and stuff will be merged in from other developers now that this is in.
Mike Mitchell, Network Engineer
AMTECH Systems Corporation, Technology and Manufacturing
8600 Jefferson Street, Albuquerque, New Mexico 87113 (505) 856-8000
supervisor@alb.asctmd.com
Fixed description of domain of y*().
Fixed description of error domain. (This description is still half
redundant and half wrong, as in many other math man pages. fdlibm
doesn't support the VAX or Tahoe.)
Fixed capitalization of `Bessel'.
but a commit mail got lost, it's the same as for this commit:
lib/libc/gen confstr.c crypt.c disklabel.c fstab.c getcap.c
getgrent.c getgrouplist.c getpass.c getpwent.c
initgroups.c nlist.c psignal.c pwcache.c setmode.c
sleep.c sysconf.c sysctl.c syslog.c usleep.c
lib/libc/locale none.c read_runemagi.c setlocale.c
lib/libc/net gethostbydns.c getnetbydns.c getnetbynis.c
lib/libc/nls msgcat.c
lib/libc/quad Makefile.inc
lib/libc/regex engine.c regcomp.c regerror.c
Minor cleanup, mostly unused vars and missing #includes.
Limit the number of quad functions we pull in for 'i386'.
I still belive the quad stuff should go back into gcc.
Add compile-time warnings about crypt functions.
- Fix buffer overflow problem once and for all: do away with the buffer
copies to 'user' prior to calling _scancaches() and just pass a pointer
to the buffer returned by yp_match()/yp_first()/yp_next()/whatever.
(We turn the first ':' to a NUL first so strcmp() works, then change it
back later. Submitted by Bill Fenner <fenner@parc.xerox.com> and
tweaked slightly by me.
- Give _pw_breakout_yp() the 'more elegant solution' I promised way back when.
Eliminate several copies to static buffers and replace them with just
one copy. (The buffer returned by the NIS functions is at most
YPMAXRECORD bytes long, so we should only need one static buffer of
the same length (plus 2 for paranoia's sake).)
- Also in _pw_breakout_yp(): always set pw.pw_passwd to the username
obtained via NIS regardless of what pw_fields says: usernames cannot
be overridden so we have no choice but to use the name returned by
NIS.
- _Again_ in _pw_breakout_yp(): before doing anything else, check that
the first character of the NIS-returned buffer is not a '+' or '-'.
If it is, drop the entry. (#define EXTRA_PARANOIA 1 :)
- Probe for the master.passwd.* maps once during __initdb() instead
of doing it each time _getyppass() or _nextyppass() is called.
- Don't copy the NIS data buffers to static memory in _getyppass()
and _nextyppass(): this is done in _pw_breakout_yp() now.
- Test against phkmalloc and phkmalloc/2 (TNG!) to make sure we're
free()ing the yp buffers sanely.
- Put _havemaster(), _getyppass() and nextyppass() prototypes under
#ifdef YP. (Somehow they ended up on the wrong side of the #endif.)
- Remove unused variable ___yp_only.
- In some cases, we don't properly resolve _all_ possible group memberships.
If a user is a member of both local and NIS groups, we sometimes lose some
of the membership info from NIS. (Reported by: Thorsten Kukuk
<kukuk@uni-paderborn.de>)
- Make NIS +groupname overrides actually work the way the SunOS group(5)
man page says they should (make them work for all cases: getgrent(),
getgrnam() and getgrgid()).
- When not compiled with -DYP, grscan() should ignore entries that
begin with a '+'. When compiled _with_ -DYP, grscan() should ignore
+groupname entries that don't refer to real NIS groups.
- Remove redundant redeclaration of fgets(), strsep() and index() inside
grscan(). We already #include all the right header files for these.
Note: -groupname exclusion as specified in the Sun documentation still
isn't supported. This'll be a 2.2 addition. Right now I just want this
stuff to work.
What was happening, is if syslogd was not running, syslog() would do
a strcat("\r\n") on a non-null-terminated buffer, and write it to the console.
This meant that sometimes extra characters could be written to the console
during boot, depending on the stack contents.
This totally avoids the potential problem by using writev() like the rest
of the does, and avoid modifying the buffer after the trouble we've gone to
to carefully protect it.
This is actually a trivial fix, in spite of the long commit message.. :-)
It only appeared during boot and shutdown with syslogd stopped.
symbols.
An easy example to see this is to develop an X program which links
against Xt, but doesn't add -lX11 to the link line. It will link fine,
but cause run-time errors by ld.so because of missing symbols used by Xt
defined in X11. This patch makes the errors more readable.
Submitted by: jdp@polstra.com (John Polstra)
running on a tty. (Same as isatty()) The old-style TIOCGETP ioctl
wouldn't fly if the kernel didn't have COMPAT_43.
Submitted by: Carl Fongheiser <cmf@netins.net>
Performance is comparable to gnumalloc if you have sufficient RAM, and
it screams around it if you don't.
Compiled with "EXTRA_SANITY" until further notice.
see malloc.3 for more details.
control hooks.
It is similar to an unrolled multi-part snprintf(), in that a "FILE *" is
attached to a string buffer. There is also an optimisation for the case
where the syslog format string does not contain %m, which should improve
performance of "informational" logging, like from ftpd.
the group map after encountering a badly formatted entry.
getpwent.c: same as above for _nextyppass(), and also turn a couple of
sprintf()s into snprintf()s to avoid potential buffer overruns. (The
other day I nearly went mad because of a username in my NIS database
that's actually 9 characters long instead of 8. Stuffing a 9-character
username into an 8-character buffer can do some strange things.)
(This reminds me: I hope somebody's planning to fix the buffer overrun
security hole in syslog(3) before 2.1 ships.)
on, which is fine, except that _yp_dobind() is called before we check
the cache. The means we can return from the cache check (if we have
a hit) without calling _yp_unbind().
We should do the cache check first and _then_ drop into the section
that binds the server and does the yp_match query.
seperate function to avoid duplication. Also fix getpwent() a
small bit to properly handle the case where the magic NIS '+'
entry appears before the end of the password file.
getgrent.c: be a little more SunOS-ish. Make it look like the NIS
group map is 'inserted' at the the point(s) where the magic NIS '+'
entry/entries appear.
getgrent: fix a file descriptor leak: remember to close the netgroup
file after we determine that we're using NIS-only innetgr() lookups.
Since Bruce changed the #include <res_config.h> to #include "res_config.h"
this is no longer needed, and only makes the 'make' more verbose for
no real reason.
Note that this was done by selective patching from diffs, to not conflict
with the 4.4bsd base code.. This was *not* a trivial task.. I have been
testing this code (apart from cosmetic changes) in my libc for a while now.
Obtained from: Paul Vixie <paul@vix.com>
/usr/include/ufs/ufs/quota (#include <ufs/ufs/quota.h>) that seems to work
ok though.
Closes PR # docs/670: quotactl man page incorr...
Submitted by: evans@scnc.k12.mi.us (Jeffrey Evans)
Fix for PR #510. The original problem was that __ivaliduser() was
failing to grant access to a machine listed in a +@netgroup specified
in /etc/hosts.equiv, even though the host being checked was most
certainly in the +@netgroup.
The /etc/hosts.equiv file in question looked like this:
localhost
+@netgroup
The reason for the failure was had to do with gethostbyaddr(). Inside
the __ivaliduser() routine, we need to do a gethostbyaddr() in order
to get back the actual name of the host we're trying to validate since
we're only passed its IP address. The hostname returned by gethostbyaddr()
is later passed as an argument to innetgr(). The problem is that
__icheckhost() later does a gethostbyname() of its own, which clobbers
the buffer returned by gethostbyaddr().
The fix is just to copy the hostname into a private buffer and use
_that_ as the 'host' argument that gets passed to innetgr().
And here I was crawling all over the innetgr() code thinking the
problem was there. *sigh*
'NIS information unchanged' or '/etc/master.passwd unchanged'
depending on which was is being modified (conditional on -DYP).
This is to save me the trouble of writing a whole other error
routine (nis_error()?) for the upcoming changes to passwd and
chpass.
bump it again if something else is added before 2.2.
The xdr_* functions are enabled only in the 2.2 (-current) branch
so far. If that modification is moved to the 2.1 (-stable) branch,
this one should, too.
Reviewed by: the mailing lists
- getnetgrent.c: address some NIS compatibility problems. We really need
to use the netgroup.byuser and netgroup.byhost maps to speed up innetgr()
when using NIS. Also, change the NIS interaction in the following way:
If /etc/netgroup does not exist or is empty (or contains only the
NIS '+' token), we now use NIS exclusively. This lets us use the
'reverse netgroup' maps and is more or less the behavior of other
platforms.
If /etc/netgroup exists and contains local netgroup data (but no '+').
we use only lthe local stuff and ignore NIS.
If /etc/netgroup exists and contains both local data and the '+',
we use the local data nd the netgroup map as a single combined
database (which, unfortunately, can be slow when the netgroup
database is large). This is what we have been doing up until now.
Head off a potential NULL pointer dereference in the old innetgr()
matching code.
Also fix the way the NIS netgroup map is incorporated into things:
adding the '+' is supposed to make it seem as though the netgroup
database is 'inserted' wherever the '+' is placed. We didn't quite
do it that way before.
(The NetBSD people apparently use a real, honest-to-gosh, netgroup.db
database that works just like the password database. This is
actually a neat idea since netgroups is the sort of thing that
can really benefit from having multi-key search capability,
particularly since reverse lookups require more than a trivial
amount of processing. Should we do something like this too?)
- netgroup.5: document all this stuff.
- rcmd.c: some sleuthing with some test programs linked with my own
version of innetgr() has revealed that SunOS always passes the NIS
domain name to innetgr() in the 'domain' argument. We might as well
do the same (if YP is defined).
- ether_addr.c: also fix the NIS interaction so that placing the
'+' token in the /etc/ethers file makes it seem like the NIS
ethers data is 'inserted' at that point. (Chances are nobody will
notice the effect of this change, which is just te way I like it. :)
specified in the top level Makefiles.
Previously I missed dozens of Makefiles that skip the install after
using `cmp -s' to decide that the install isn't necessary.
variable directly in tgetent by stderr or stdout output speed.
It helps hide in non-standard __set_ospeed function and remove it
from other sources (coming soon).
Do prototype cleanup too.
changeover, so we have to extend the format of timezone files (in a backward-
compatible way, of course). This probably means that libc needs a minor
version number bump before 2.2 is released (or maybe not).
by me). This probably loses for multibyte characters, but I have no
way of telling. I'll let ache decide whether to add this support to
startup_setlocale. Note that for this to make any sense at all, the
symlinks in /usr/share/locale must go. (For the moment, this doesn't
make any difference since there are no locales supplied.)
Obtained from: Arthur David Olson <ado@elsie.nci.nih.gov>
Basically all termios+termcap pgms needs it.
It set ospeed variable using nearest-matched stty speeds,
which helps termcap pgms works with non-fixed termios speeds
and not duplicate ospeed switch into every pgm.
Also it isn't standard function, its source code is too big to include it
in whole to every termcap+termios pgm.
Back out the 'help NIS rebind faster' hack. This change used a
connect()/send() pair rather than the original sendto() to allow
RPC to pass ICMP host unreachable and similar errors up to RPC
programs that use UDP. This is not a terrible thing by itself, but it can
cause trouble in environments with multi-homed hosts: if the portmapper
on the multi-homed machine sends a reply with a source address
that's different than the one associated with the connection by
connect(), the kernel will send a port unreachable message and
drop the reply. For the sake of compatibility with everybody else
on the planet, it's best to revert to the old behavior.
*long, heavy sigh*
like 38400<any 8bit char, isalpha> it not detect this stuff and
produce very big number instead. Fixed by operating with unsigned char
and checking for isascii. (secure/telnetd hits by it f.e.)
the comment before checking for long lines, so there was a possibility
that the wrap-around might be used as an exploitable hostname.
Reviewed by:
Submitted by:
Obtained from:
Strange as it sounds, it should map to YPERR_DOMAIN instead.
The YP_NODOM protocol error code is generally returned by ypserv when you
ask it for data from a domain that it doesn't support. By contrast,
the YPERR_NODOM error code means 'local domain name not set.'
Consequently, this incorrect mapping leads to yperr_string() generating
a very confusing error message. YPERR_DOMAIN says 'couldn't
bind to a server which serves this domain' which is much closer
to the truth.
1) Do dependencies.
2) Install all appropriate links to manual pages.
3) Install header file in `beforeinstall' like all the rest.
4) Install header file only if changed.
5) Install object files only if changed.
on dlclose. Also correctly call constructors and destructors for libraries
linked with /usr/lib/c++rt0.o.
Change interpretation of dlopen manpage to call _init() rather than init()
for dlopened objects.
Change c++rt0.o to avoid using atexit to call destructors, allowing dlclose to
call destructors when an object is unloaded.
Change interface between crt0 and ld.so to allow crt0 to call a function on
exit to call destructors for shared libraries explicitly.
These changes are backwards compatible. Old binaries will work with the new
ld.so and new binaries will work with the old ld.so. A version number has
been introduced in the crt0-ld.so interface to allow for future changes.
Reviewed by: GAWollman, Craig Struble <cstruble@singularity.bevc.blacksburg.va.us>
_gr_breakout_yp(): if we encounter a NULL pointer generated as the
result of a badly formatted NIS passwd entry (e.g. missing fields),
we punt and return an error code, thereby silently skipping the
bad entry.
last night:
_gr_breakout_yp() doesn't check for badly formatted NIS group entries.
For example, a bogus entry like this:
bootp::user1,user2,user3
will lead to a null pointer dereference and a SEGV (note that the GID
field is missing -- this results in one of the strsep(&result, ":")
returning NULL). The symtpom of this problem is programs dumping
core left and right the moment you add a + entry to /etc/group.
Note that while this is similar to an earlier bug, it's caused by a
different set of circumstances.
The fix is to check for the NULL pointers and have _gr_breakout_yp()
punt and return a failure code if it catches one. This is more or
less the behavior of SunOS: if a bad NIS group entry is encountered,
it's silently ignored. I don't think our standard (non-NIS) group
parsing code behaves the same way. It doesn't crash though, so I'm
citing the 'it ain't broken, don't fix it' rule and leaving it alone.
I'll probably have to add similar checks to _pw_breakout_yp() in
getpwent.c to ward off the same problems. It's rare that bad NIS
map entries like this occur, but we should handle them gracefully
when they do.
'cycle in netgroup check too greedy').
PR #508 is apparently due to an inconsistency in the way the 4.4BSD
netgroup code deals with bad netgroups. When 4.4BSD code encounters
a badly formed netgroup entry (e.g. (somehost,-somedomain), which,
because of the missing comma between the '-' and 'somedomain,' has
only 2 fields instead of 3), it generates an error message and
then bails out without doing any more processing on the netgroup
containing the bad entry. Conversely, every other *NIX in the world
that usees netgroups just tries to parse the entry as best it can
and then silently continues on its way.
The result is that two bad things happen: 1) we ignore other valid entries
within the netgroup containing the bogus entry, which prevents
us from interoperating with other systems that don't behave this way,
and 2) by printing an error to stderr from inside libc, we hose certain
programs, in this case rlogind. In the problem report, Bill Fenner
noted that the 'B' from 'Bad' was missing, and that rlogind exited
immediately after generating the error. The missing 'B' is apparently
not caused by any problem in getnetgrent.c; more likely it's getting
swallowed up by rlogind somehow, and the error message itself causes
rlogind to become confused. I was able to duplicate this problem and
discovered that running a simple test program on my FreeBSD system
resulted in a properly formatted (if confusing) error, whereas triggering
the error by trying to rlogin to the machine yielded the missing 'B'
problem.
Anyway, the fixes for this are as follows:
- The error message has been reformatted so that it prints out more useful
information (e.g. Bad entry (somehost,-somedomain) in netgroup "foo").
We check for NULL entries so that we don't print '(null)' anymore too. :)
- Rearranged things in parse_netgrp() so that we make a best guess at
what bad entries are supposed to look like and then continue processing
instead of bailing out.
- Even though the error message has been cleaned up, it's wrapped inside
a #ifdef DEBUG. This way we match the behavior of other systems. Since we
now handle the error condition better anyway, this error message becomes
less important.
PR #507 is another case of inconsistency. The code that handles
duplicate/circular netgroup entries isn't really 'too greedy; -- it's
just too noisy. If you have a netgroup containing duplicate entries,
the code actually does the right thing, but it also generates an error
message. As with the 'Bad netgroup' message, spewing this out from
inside libc can also hose certain programs (like rlogind). Again, no
other system generates an error message in this case.
The only change here is to hide the error message inside an #ifdef DEBUG.
Like the other message, it's largely superfluous since the code handles
the condition correctly.
Note that PR #510 (+@netgroup host matching in /etc/hosts.equiv) is still
being investigated. I haven't been able to duplicate it myself, and I
strongly suspect it to be a configuration problem of some kind. However,
I'm leaving all three PRs open until I get 510 resolved just for the
sake of paranoia.
ypbind.c:
Make fewer assumtions about the state of the dom_alive and dom_broadcasting
flags in roc_received().
If select() fails, use syslog() to report the error rather than perror().
Check that all our malloc()s succeed. Report malloc() failure in
ypbindproc_setdom_2() to callers.
yplib.c:
Use #defined constants in ypbinderr_string() rather than hard-coded values.
Remove bogus targets.
Allocate partition letters as follows:
lowest offset "flags & CHUNK_IS_ROOT" gets 'a',
lowest offset "subtype==FS_SWAP" gets 'b'
the rest is allocated in offset order from this sequence "defghab".
This will generally make sense.
Added rules to complain if more than one CHUNK_IS_ROOT or more than one
FS_SWAP per FreeBSD chunk.
Set CHUNK_IS_ROOT on the 'a' partition in Open_Disk.
Run Fixup_Names in Open_Disk.
Add mbr and bteasy17 to tst01
read partitions from kernel instead of disk.
Still problems with writing labels, discussing with Bruce.
Extended slices doesn't get written yet.
- If you take the wheel entry out of /etc/group and turn on NIS,
the '+:*::' line is incorrectly flagged as the entry for wheel (the
empty gid section is translated to 0), hence getgrgid() returns '+'
as the name of the group instead of 'wheel.'
- Using just '+:' as the 'turn on NIS' switch in /etc/group makes
getgrgid() dump core because of a null pointer dereference. (Last
time I was in here, I foolishly assumed that fixing the core dump
problems with getgrnam() and getgrent() would fix getgrgid() too.
Silly me.)
Made an All_FreeBSD() function.
Added a cmd-line interface (lowest rank) to the tst01 program.
The tst01 program is harmless (worst it can do is coredump), but it
is instructive to run, you can see what the slice-code things of your
disk...
- Moved to a more client-driven model. We aggressively attempt to keep
the default domain bound (as before) but we give up on non-default
domains if we lose contact with a server and fail to get a response
after one round of broadcasting. This helps drastically reduce the
amount of network bandwitdh that ypbind consumes: if a client references
the secondary domain at some later point, this will prod ypbind into
establishing a new binding anyway, so continuously broadcasting without
need is pointless.
Note that we still actively seek out a binding for our default domain
even if no client program has queried us yet. I'm not exactly sure if
this matches SunOS's behavior or not, but I decided to do it this way
since we can get into all sorts of trouble if our default domain comes
unbound. Even so, we're still much quieter than we used to be.
- Removed a bunch of no-longer pertinent comments and a couple of
chunks of #ifdef 0'ed code that no longer fit in to the new layout.
- Theo deRaadt must have become frustrated with the callback mechanism
in clnt_broadcast(), because he shamelessly stole the clnt_broadcast()
code right out of the RPC library and hacked it up to suit his needs.
(Comments and all! :)
I can understand why: clnt_broadcast() blocks while awaiting replies.
Changing this behavior requires surgery. However, you can work around
this: fork the broadcast into a child process and relay the results
back to the parent via a pipe. (Careful obervation has shown that the
SunOS ypbind forks children for broadcasting too, though I can only
guess what sort of interprocess communication it uses. pipe() seems to
do the job well enough.)
This may seem like the long way around, but it's not really that
hard to implement, and I'd prefer to use documented RPC library functions
wherever possible. We're careful to limit the number of simultaneous
broadcasters to avoid swamping the system (the current limit is 5).
Each clnt_broadcast() call only sends out a small number of packets
at increasing intervals. We're also careful not to spawn more than one
bradcaster for a given domain.
- Used clntudp_bufcreate() and clnt_call() to implement a ping()
function for directly querying a particular server so that we can
check if it's still alive. This lets me completely remove the old
bradcasting code and use actual RPC library calls instead, at the
cost of more than a few handfulls of torn-out hair. (Make no mistake
folks: I *HATE* RPC.) Currently, the ping interval is one minute.
- Fixed another potential 'nfds too big for select()' bug: use
_rpc_dtablesize() instead of getdtablesize().
- Quieted gcc -Wall a bit.
- Probably a bunch of other stuff that I've forgotten.
ypbind.8:
- Updated man page to reflect modifications.
ypwhich.c:
- Small mind-o fix from last time: decode error results from
ypbind correctly (*groan*)
yplib.c:
- same as above
- Change behavior of _yp_dobind() a little: if we get back a 'Domain
not bound' error for a given domain, retry a few times before giving
up and passing the error back to the caller. We have to sleep for a
few seconds between tries since the 'Domain not bound' error comes
back immediately (by repeatedly looping, we end up pounding on ypbind).
We retry at most 20 times at 5 second intervals. This gives us a full
minute to get a response. This seems to deviate a bit from SunOS
behavior -- it appears to wait forever -- but I don't like the idea
of perpetually hanging inside a library call.
Note that this should fix the problems some people have with bindings
not being established fast enough at boot time; sometimes amd is started
in /etc/rc after ypbind has run but before it gets a binding set up. The
automounter gets annoyed at this and tends to exit. By pausing ther YP
calls until a binding is ready, we avoid this situation.
- Another _yp_dobind() change: if we determine that our binding files
are unlocked or nonexistent, jump directly to code that pokes ypbind
into restablishing the binding. Again, if it fails, we'll time out
eventually and return.
components of the system.
The license is poorly worded, though I have an (email only) release
from the author for unlimited FreeBSD use. I will try to get something
more concrete, though the author's remote location makes this difficult.
Submitted by: Oleg Orel <orel@oea.ihep.su>
ypbind.c: if a client program asks ypbind for the name of the server
for a particular domain, and there isn't a binding for that domain
available yet, ypbind needs to supply a status value along with its
failure message. Set yprespbody.ypbind_error before returning from
a ypbindproc_domain request.
yplib.c: properly handle the error status messages ypbind now has the
ability to send us. Add a ypbinderr_string() function to decode the
error values.
ypwhich.c: handle ypbind errors correctly: yperr_string() can't handle
ypbind_status messages -- use ypbinderr_string instead.
- it succeeded on non-directories (see POSIX 5.1.2.4).
- it hung on (non-open) named pipes.
- it leaked memory if the second malloc() failed.
- it didn't preserve errno across errors in close().
of the plus or minus lists at all, reject him. This lets you create
a +@netgroup list of users that you want to admit and reject everybody
else. If you end your +@netgroup list with the wildcard line
(+:::::::::) then you'll have a +@netgroup list that remaps the
specified people but leaves people not in any netgroup unaffected.
link stage fell over for any program that attempted to use rexec().
Ruserpass() remains undocumented; i could not find any documentation
for it on other systems.
Also added a BUGS section to the man page, stating that this function
constitutes a potential security hole (as well as the underlying
"exec" service).
Submitted by: rgrimes
Originally submitted by: agc@uts.amdahl.com (Alistair G. Crooks)
Obtained from: netbsd-bugs@NetBSD.ORG
o add missing man pages
o make all man pages clearly refer to the libcompat thingie
o add the information to the vtimes(3) and vlimit(3) man pages
that nobody has reimplemented the functions by now
o add the missing getpw.c
o add code and man pages for cftime(3) and
ascftime(3) -- i found them somewhere in old
unfinished work
where one or more of the non-default domains are not yet bound.
If we make a YP request for a domain other than the default domain,
and there is no binding for the new domain yet, _yp_dobind() sees
that the /var/yp/binding/DOMAIN.VERS file for the unbound domain is
not locked (by ypbind) and from this it concludes that the NIS system
is dead, so it gives up.
This behavior has been changed: before giving up in this case, we now
make a second check to see if the binding file for the *default* domain
is also not locked. Only if the default domain binding file is also
unlocked to we now assume that ypbind has bought the farm and bail out.
(Note: this assumes that the user hasn't changed the default domain
while ypbind is running.)
With this change, _do_ypbind() is allowed to proceed into the next
section of code wherein it prods ypbind into establishing a binding
for the new domain. This first call times out after ten seconds,
after which it should retry and succeed. From then on, the binding
for the second domain should be handled normally.
Second part of update to fdlibm 5.2: speed up argument reduction for trig
functions in the case pi/4 < |x| < 3pi/4.
Remove unused static constants ("one").
isctype.c:
o The tolower() and toupper() functions duplicated too much code
and were out of date (surprise). This didn't matter because
it was difficult to call them.
o Change formatting to be more like that in <ctype.h> (with
extra parentheses as in the macros). Perhaps this file should
be machine generated or everything should be handled like
__tolower() so that no code is repeated.
nomacros.c:
o Instead of looking at _USE_CTYPE_INLINE_ to see what <ctype.h>
has done, set _EXTERNALIZE_CTYPE_INLINES_ to tell <ctype.h>
what to do, so that we don't have anything left to do. Note
that code is now generated even if inlines are used by default.
This allows users to switch to non-inline versions.
select() returns EINVAL if you try to feed it a value of FD_SETSIZE greater
that 256. You can apparently adjust this by specifying a larger value of
FD_SETSIZE when configuring your kernel. However, if you set the maximum
number of open file descriptors per process to some value greater than
the FD_SETSIZE value that select() expects, many selects() within the RPC
library code will be botched because _rpc_dtablesize() will return
invalid numbers. This is to say that it will return the upper descriptor
table size limit which can be much higher than 256. Unless select() is
prepared to expect this 'unusually' high value, it will fail. (A good
example of this can be seen with NIS enabled: if you type 'unlimit' at
the shell prompt and then run any command that does NIS calls, you'll
be bombarded with errors from clnttcp_create().)
A temporary fix for this is to clamp the value returned by _rpc_dtablesize()
at FD_SETSIZE (as defined in <sys/types.h> (256)). I suppose the Right
Thing would be to provide some mechanism for select() to dynamically
adjust itself to handle FD_SETSIZE values larger than 256, but it's a
bit late in the game for that. Hopefully 256 file descriptors will be enough
to keep RPC happy for now.
add #includes for YP headers when compiling with -DYP to avoid some implicit
declarations.
getgrent.c & getnetgrent.c: add some #includes to avoid implicit declarations
of YP functions.
Obtained from: Casper H. Dik (by vay of Usenet)
Small patch to help improve NIS rebinding times (among other things):
>From: casper@fwi.uva.nl (Casper H.S. Dik)
>Newsgroups: comp.sys.sun.misc,comp.sys.sun.admin
>Subject: FIX for slow rebinding of NIS.
>Summary: a small change in libc makes life with NIS a lot easier.
>Message-ID: <1992Jan17.173905.11727@fwi.uva.nl>
>Date: 17 Jan 92 17:39:05 GMT
>Sender: news@fwi.uva.nl
>Organization: FWI, University of Amsterdam
>Lines: 138
>Nntp-Posting-Host: halo.fwi.uva.nl
Have you been plagued by long waits when your NIS server is rebooted?
READ ON!
Sun has a patch, but the README says:
********************* WARNING ******************************
This is a new version of ypbind that never uses the NIS
binding file to cache the servers binding. This will have
the effect of fixing the current symptom. However, it might
degrade the overall performance of the system when the
server is available. This is most likely to happen on an
overloaded server, which will cause the network to produce
a broadcast storm.
*************************************************************
Therefor, I have produced another fix.
o What goes wrong.
When the NIS server is rebooted, ypserv will obtain different ports
to listen for RPC requests. All clients will continue to use the old
binding they obtained earlier. The NIS server will send ICMP dst unreachable
messages for the RPC requests that arrive at the old port. These ICMPs
are dropped on the floor and the client code will continue sending the
requests until the timer has expired. The small fix at the end of this
message will pick up these ICMP messages and deliver them to the RPC layer.
o Before and after.
I've tested this on some machines and this is the result:
(kill and restart ypserv on the server)
original% time ypmatch user passwd
user:....
0.040u 0.090s 2:35.64 0.0% 0+126k 0+0io 0pf+0w (155 seconds elapsed time)
fixedhost% time ypmatch user passwd
user:....
0.050u 0.050s 0:10.20 0.9% 0+136k 0+0io 0pf+0w (10 seconds elapsed time)
Rebinding is almost instantaneous.
o Other benefits.
RPC calls that use UDP as transport will no longer time out but
will abort much sooner. (E.g., the remote host is unreachable or
111/udp is filtered by an intermediate router)
Grrr. If the dbhash routines weren't grossly overengineered I wouldn't
even need to do this! :-(
Also now export the hash_stats routine. Manpage coming RSN - I promise.
Forms now have their own local bindings table so that anything
declared within a form is local to that form. This means you can
have fields of the same name in different forms.
Added inlined attribute setting for strings e.g. "This is \bold bold"
Added entry and exit functions for fields.
1) Eliminate spaces and double ':'.
2) Remove duplicated capabilities from tc= expansion.
It is needed to not overflow historycal 1024 limit.
Add range check and return -1 if entry is too big instead
of corrupting user memory.
Make sure all arguments to the yp_*() functions are valid before sending
them off to the server. This is somewhat distressing: once again my
FreeBSD box brought down my entire network because of NIS bogosities.
I *think* the poor argument checking in this module is the cause, but
I still haven't been able to reproduce the exact series of events that
lead to the ypserv crashes. For now I've resorted to sticking my FreeBSD
box in a seprate domain. Hopefully a weekend of heavy testing will
uncover the problem.
Change strtok() to strsep(), cause memory corruption for all
programs which use strtok() too in the same time.
Fix potential NULL reference, depends of /etc/hosts.conf format
Fix the bug when service name fetched always from beginning of the line,
not from parsed token.
programs which use strtok() too in the same time.
Fix potential NULL reference, depends of /etc/hosts.conf format
Fix the bug when service name fetched always from beginning of the line,
not from parsed token.
remapping mechanism in the following manner: if given an entry +@foo
and there is no netgroup named 'foo,' try searching for a regular
user group called 'foo' and build the cache using the members of
group 'foo' instead. If both a netgroup 'foo' and a user group 'foo'
exist, the 'foo' netgroup takes precedence, since we're primarily
interested in netgroup matching anyway.
This allows access control schemes based on ordinary user groups
(which are also available via NIS) rather than netgroups, since
netgroups on some systems are limited in really brain-damaged ways.
ypserv to do a yp_match() with an a null or empty key causes much havok.
(Note that this could be construed as a denial of service attack if used
maliciously.)
my network because setnetgrent() was trying to do a lookup on group "".
It seems that an attempt to do a yp_match() (and possible yp_next())
on a null or empty key causes Sun's ypserv in SunOS 4.1.3 to exit
suddenly (and without warning). Our ypserv behaves badly in this
situation too, thoush it doesn't appear to crash. In any event, getpwent,
getnetgrent and yp_match() and yp_next() are now extra careful not to
accidentally pass on null or empty arguments.
Also made a small change to getpwent.c to allow +::::::::: wildcarding,
which I had disabled previously.
- Have the +@netgroup/-@netgroup caches handle the +user/-user cases too.
- Clean up getpwent() to take advantage of the improved +user/-user handling.
Submitted by: Sebastian Strollo <seb@erix.ericsson.se>
- In /usr/src/lib/libc/yp/yplib.c, function yp_first when clnt_call
fails with (r != RPC_SUCCESS) ysd->dom_vers should be set to 0! This
ensures that /var/yp/bindings/dom.vers will be read again on retry.
What happens now is that when our server is down and someone tries to
use yp they will continue to try until kingdom come. So:
if(r != RPC_SUCCESS) {
clnt_perror(ysd->dom_client, "yp_first: clnt_call");
ysd->dom_vers = -1;
^^^^ change to 0
goto again;
}
that everyone else does: you can now use +host/-host, +user,-user and
+@netgroup/-@netgroup in /etc/hosts.equiv, /.rhosts, /etc/hosts.lpd and
~/.rhosts. Previously, __ivaliduser would only do host/user matches,
which was lame. This affects all the r-commands, lpd, and any other
program/service that uses ruserok().
An example of the usefullness of this feature would be a hosts.equiv
file that looks like this:
+@equiv-hosts
Since the netgroup database can now be accessed via NIS, this lets you
set up client machines once and then never have to worry about them
again: all hosts.equiv changes can now be done through NIS. Once I
finish with getpwent.c, we'll be able to do similar wacky things
with login authentication too. (Our password field substitution
will finally be on par with everyone else's, and I'll finally be
able to fully integrate my FreeBSD machine into my network without
having to worry about the grad students sneaking into it when I'm
not looking. :)
Danger Will Robinson! I tested this thing every which way I could, but
Murphy's Law applies! If anybody spots a potential security problem with
the way my matching algorithm works, tell me immediately! I don't want
crackers snickering and calling me names behind my back. :)
work because parse_netgrp() doesn't recurse properly. Fixed by
changing
if (parse_netgrp(spos))
return(1);
to
if (parse_netgrp(spos))
continue;
inside parse_netgrp(). (Lucky for me I happen to have a fairly complex
'live' netgroup database to test this stuff with.)
as tn3270 can replace _putchar(0 with their own routine and still keep
using the __cputchar() routine used by all of the other curses routines.
Reviewed by: "Andrey A. Chernov, Black Mage" <ache@astral.msk.su>
in all other places here.
This is a hack, the interface should be changed to use off_t's
everywhere around, but this will require to update all the programs
that happen to use libkvm.
- Added support for reading netgroups from NIS/YP in addition to the
local /etc/netgroups file. (Note that SunOS and many other systems only
support reading netgroups via NIS, which is a bit odd.)
- Fix Evil Null Pointer Dereferences From Hell (tm) that caused
parse_netgrp() to SEGV when expanding netgroups that include
references to other netgroups. Funny how nobody else noticed this.
This is the first step in implimenting +@netgroup substitution in
getpwent.c and any other places that could use it and don't already
support it (which is probably everywhere).
by heading off possible null pointer dereferences in grscan(). Also
change getgrnam() slightly to properly handle the change: if grscan()
returns an rval of 1 and leaves a '+' in the gr_name field and YP is
enabled, poll the YP group.byname map before giving up. This should
insure that we make every effort to find a match in the local and
YP group databases before bailing out.
when I'm not sure whether or not that directory exists."
Today I discovered that rebuilding /usr/include completely from scratch
doesn't work, because the libss Makefile tries to install headers into
/usr/include/ss, which 'make includes' does not create. The result is that
the libss Makefile plants the header files in /usr/include as individual
files called 'ss,' with the second one overwriting the first, and the
third one overwriting the second. So instead of a directory called
/usr/include/ss, you end up with just one file called /usr/include/ss with
only the last header file in it. Check out /usr/include/ss on freefall
and you'll see what I mean.
I've modified the beforeinstall target in the libss Makefile to check
for the presence of the ${DESTDIR}/usr/include/lbss directory and to
create it if it isn't already there. Hopefully I did it right.
commit by bde.
Fix bugs in floating point formatting. The 4.4lite version is similar
to revision 1.3 in old-cvs and is missing all of jtc's fixes in revision
1.4 in old-cvs. Revision 1.2 in ncvs fixed one of the old bugs but
introduced at least one new one (for %.0e).
old-cvs log:
revision 1.4
date: 1993/11/04 19:38:22; author: jtc; state: Exp; lines: +33 -20
My work from NetBSD to make printf() & friends ANSI C compliant.
Fixes several bugs in floating point formatting:
1. Trailing zeros were being stripped with %e format.
2. %g/%G formats incorrect.
3. Lots of other nits.
the copy built from here was overwritten by the other copy and the other
copy was put in library-building command lines twice. ld now objects to
duplicated modules.
from the code in strftime.c . This affects both the library code
and all the commands using it (e.g. date +%s).
Note that %s is not required by ANSI, but we've already got it in 1.1.5.1.
Suggested by: luigi@labinfo.iet.unipi.it (Luigi Rizzo)
than at compile time.
Should have same functionality as old libforms but with new mechanism.
Lots of new features that use the new mechanism are still to be added.
Since functions will come and go from libcompat as they are deprecated
it makes no sense to build a shared library out of it as it will change.
Based on freedback from Terry and Jonas on the mailing lists.
in an (unlikely) border case (maxgroups==1 and the user is on
an /etc/group line for the same group and that group only ...).
Now this case is dealt with as before ...
Add a missing apostrophe that suggests inverting the frequency to get
tick size. It read better before because `CLK_TCK' suggests a tick
size although it is actually a frequency.
as an NIS client. The pw_breakout_yp routines that are used to populate the
_pw_passwd structire only do anything if the bits in the pw_fields member
_pw_passwd are cleared. Unfortunately, we can get into a state where
pw_fields has garbage in it right before the YP lookup functions are
called, which causes the breakout functions to screw up in a big way.
Here's how to duplicate the problem:
- Configure FreeBSD as an NIS client
- Log in as a user who's password database records reside only in
the NIS passwd maps.
- Type ps -aux
Result: your processes appear to be owned by 'root' or 'deamon.'
/bin/ls can exhibit the same problem.
The reason this happens:
- When ps(1) needs to match a username to a UID, it calls getpwuid().
- root is in the local password file, so getpwuid() calls __hashpw()
and __hashpw() populates the _pw_passwd struct, including the pw_fields
member. This happens before NIS lookups take place because, by coincidence,
ps(1) tends to display processes owned by root before it happens upon
a proccess owned by you.
- When your UID comes up, __hashpw() fails to find your entry in the
local password database, so it bails out, BUT THE BITS IN THE pw_fields
STRUCTURE OF _pw_passwd ARE NEVER CLEARED AND STILL CONTAIN INFORMATION
FROM THE PREVIOUS CALL TO __hash_pw()!!
- If we have NIS enabled, the NIS lookup functions are called.
- The pw_breakout_yp routines see that the pw_fields bits are set and
decline to place the data retrieved from the NIS passwd maps into the
_pw_passwd structure.
- getpwuid() returns the results of the last __hashpw() lookup instead
of the valid NIS data.
- Hijinxs ensue when user_from_uid() caches this bogus information and
starts handing out the wrong usernames.
AAAARRRRRRRRRGGGGGGHHHHHHHHHH!!!
*Please* don't tell me I'm the only person to have noticed this.
Fixed by having __hashpw() check the state of pw_fields just before
bailing out on a failed lookup and clearing away any leftover garbage.
What a fun way to spend an afternoon.
one line long.
Fixed a bug in the input field with cursor positioning at the end of
the field.
Make the print_status function available to apps so they can print
status messages.
Updated the example for the new fib parser.
- FreeBSD's NIS server can supply a master.passwd map, which has
more fields in it than a standard passwd map, so we need a
_master_pw_breakout() fuction.
- When doing passwd map lookups, look for master.passwd.* by attempting
a _yp_first() on master.passwd.byname. If it exists, we're being served
by a FreeBSD NIS server and we should use this map.
- If we aren't the superuser, retrieve only the standard passwd maps.
If we're being served by a FreeBSD system, then the passwd map has
no passwords in it, and it won't serve us the master.passwd map unless
we're superuser anyway.
There's a small speed hit for the superuser inherent in the check for
the master.passwd map, but this lets us dynamically decide what to do
rather than rely on a non-standard config file somewhere. Since all
of this is bypassed for normal users, they shouldn't notice the
difference.
You can now specify separate attributes for selected/not selected
cases individually for each field and also an attr for the form as
a whole so you can now have colored backgrounds for the form and
different coloured fields etc.
Update the example.
Change the copyright to a BSD style one.
1) Link against object directory version of libcom_err.so.
2) Don't try to install ss_err.h if we haven't made it yet. It's not
on the critical path for `make world' at this point.
1) Changed LIB_SCCS and SYSLIB_SCCS to LIB_RCS and SYSLIB_RCS.
2) Changed sccsid[] variables to rcsid[]
3) Moved all RCSID strings into .text
4) Converted all SCCSID's to RCS $Id$'s
5) Added missing $Id$'s after copyright.
YP by disallowing `+' entries as logins in all cases. (This handles the
case of a `+' entry in the password file but YP not running, which should
never happen but is easy enough to check for so we'll apply some
prophylaxis.)
1) Don't spit out an error message if Kerberos is installed but not yet
set up.
2) Don't attempt to verify the ticket you got back, as workstations
are not intended to have srvtab files of their own.
Both behaviors can be re-enabled with KLOGIN_PARANOID.
a number of (ex-)Athena programs. Breaking my own rules for importing
somewhat, as this code does not appear to be actively maintained by anyone
(not that it really needs it).
input forms. It has the following simple fields:
Text fields: Just titles, labels etc.
Input fields: An editable text field that may or may not have an
initial default value.
Labelled input field: This is an input field that has an initial
informative entry in it but it vanishes when you start editing the
field.
Toggle fields: These are fields with a pre-defined list of options
which you cycle through using the space bar.
Action fields: These are button type fields that call functions when
they are selected.
A simple demo is included in examples.
Embalm. Rewrite to do things much the same as gcc-2: use fistpq for speed
and elegance, and mishandle overflow consistently. __fixunsdfsi() is no
longer called by gcc.
getcwd() has two off-by-one bugs in FreeBSD-2.0:
1. getcwd(buf, size) fails when the size is just large enough.
2. getcwd(buf + 1, 1) incorrectly succeeds when the current directory
is "/". buf[0] and buf[2] are clobbered.
(I modified Bruce's original patch to return the proper error code
[ERANGE] in the case of #2, but otherwise... -DG)
This program demonstrates the bug:
---
#include <stdlib.h>
#include <string.h>
#include <stdio.h>
#include <unistd.h>
int main(void)
{
char buf[5];
int errors;
errors = 0;
if (chdir("/tmp") != 0) {
perror("chdir");
abort();
}
if (getcwd(buf, 5) == NULL) {
perror("oops, getcwd failed for buffer size = size required");
++errors;
}
if (chdir("/") != 0) {
perror("chdir");
abort();
}
buf[0] = 0;
buf[2] = 1;
if (getcwd(buf + 1, 1) != NULL) {
fprintf(stderr,
"oops, getcwd succeeded for buffer size = one too small\n");
++errors;
}
if (buf[0] != 0) {
fprintf(stderr,
"oops, getcwd scribbled on memory before start of buffer\n");
++errors;
}
if (buf[2] != 1) {
fprintf(stderr,
"oops, getcwd scribbled on memory after end of buffer\n");
++errors;
}
exit(errors == 0 ? 0 : 1);
}
pointer returned by realloc(). All callers free the pointer if the
execve fails. Nuke the caching. This essentially restores buildargv()
to the 1.1.5 version. Also fix a memory leak if realloc() fails. Also
nuke similar but non-broken caching in execvp(). malloc() should be
efficient enough.
command available yet.
Changed an entry in getprcent.3 from rpcinfo(8C) to rpcinfo(8).
Changed an entry in getrpcport.3 from 3R to 3.
Changed two entries in rpc.3 from 3N to 3.
incredibly obnoxious, but also makes inverse mappings work when the local
resolver is in a cache-only configuration. (Maybe this is actually
a bug in BIND?)
pointer if len is 0. I should have looked at the revision history - I would
have found that Bruce already fixed the bug with len=0 over a month ago.
Whoever said that the bug was in 2.0 was wrong.
Change the reference for the libtermcap libtermlib link from SHLIBDIR
to LIBDIR. SHLIBDIR is undefined in the standard case.
termcap.c:
Initialize a local variable to zero. Otherwise an erroneous free call
can happen and clobber the calling program.
Seen with vi and gdb. If you have TERMCAP set with a terminal entry and
set TERM with something like huhu, vi and gdb core dumps.
for Wine support. The current snapshot of wine works fine with this.
This should go into the beta as the code which it calls in the kernel is
already there, and works fine.
$(DESTDIR)/$(LIBDIR) (I need SHLIBDIR. The / was a bug and the
$(...) style was inconsistent.)
Install ordinary libraries in ${DESTDIR}${LIBDIR} instead of in
$(DESTDIR)/$(LIBDIR).
Change remaining $(...) to ${...}.
later be applied to a number of programs (inetd for instance) to clean
out the bogus code doing the same thing, modulus all the bugs.
If you need to read a '#'-is-a-comment-file, please use these routines.
I realize that the shlib# should be bumped (for the non-US world:
increased by something), but will defer this until something significant
happens.
input fields. It reads a template file passed to init_forms(char *)
and creates a curses based form editor. See the examples directory
for a basic demo.
This effectively changes the non-DES password algoritm.
If you have the "securedist" installed you will have no problems with this.
(Though you might want to consider using this password-encryption instead
of the DES-based if your system is likely to be hacked)
If you are running a -current system without the "securedist" installed:
YOU WILL NEED TO CHANGE ALL PASSWORDS !! There is no backwards mode.
Suggested procedure is:
Update your sources
cd /usr/src/lib/libcrypt
make clean
make all
make install
passwd root
<set roots new password>
change password for any other users on the system.
This algorithm is expected to be much better than the traditional DES-
based algorithm. It uses the MD5 algorithm at what it is best at, as
opposed to the DES algorithm at something it isn't good at at all. The
algorithm is designed such that it should very hard to shortcut the
calculations needed to build a dictionary, and to make partial knowledge
(Hmm, his password starts with a 'P'...) useless. Of course if somebody
breaks the MD5 algorithm this looses too.
The salt is 48 bits (8 char @ base64).
The encrypted password is 128 bits.
And I am positively delighted to say that it takes 34 msec to crypt() a
password on a Pentium/60Mhz, so building a dictionary is not really an
option for hackers at the moment.
Given the right circumstances, a call to kvm_open can result in a core
dump.
The diff belows fixes this (note that this change is already in the
NetBSD code). Could somebody apply this?
Gary J.
Submitted by: gj
From: Chris Torek <torek@bsdi.com>
Here is a semi-official patch (apply to /usr/src/lib/libc/stdio/fseek.c,
rebuild libc, install). The current code fails when the seek:
- is optimized, and
- is to just past the end of the block currently in the buffer, and
- is followed by another seek with no intervening read operation, and
- the destination of subsequent seek is within the block left in the
buffer (seeking to the beginning of a block does not force a read,
so the buffer still contains the previous block)
so it is indeed rather obscure.
I may have a different `final' fix, as this one `loses' the buffer
contents on a seek that goes just past the end of the current block.
[Footnote: seeks are optimized only on read-only opens of regular
files that are buffered by the file's optimal I/O size. This is
what you get with fopen(path, "r") and no call to setvbuf().]
Obtained from: [ BSDI mailing list ]
I know that many of these entries are bogus and need to be revisited,
but let's get the tree working again for now and then do a pass through
looking at all the __FreeBSD__ entries, shall we?
While trying to figure out why rlogind wasn't working right for root,
I noticed that man wouldn't come back with a man page for iruserok, but
it would for ruserok. Checking the lib/net directory's Makefile.inc
file shows that the link to the rcmd man page just isn't getting
created.
>How-To-Repeat:
Do a 'man iruserok' and notihing will come back, where a 'man ruserok'
will.
Submitted by: Brian Moore <ziff@houdini.eecs.umich.edu>
Obtained from: NetBSD-bugs mailing list
on terminals with no pad char (cons25) and quote from tputs.c says so too:
! * Too bad there are no user program accessible programmed delays.
! * Transmitting pad characters slows many
! * terminals down and also loads the system.
and don't return error, if non-terminals. This fix allows curses
to work into full duplex pipes under control of main program,
like good old curses does.
getnet* configuration. (It's highly unlikely that you'd want to do
something different, and network lookups aren't common enough to justify
their own configuration file.)
DANGER WILL ROBINSON!
_PATH_UNIX is currently defined as the literal string "don't use this".
I am of two minds about this myself, but wanted to get something into the
tree as quickly as possible.
!!!!!!!!
NB
!!!!!!!!
You MUST pwd_mkdb /etc/master.passwd before attempting to use the new
libc, or things may go wrong. (I doubt anything actually /will/ go
wrong, but the actual behavior is undefined. YOU HAVE BEEN WARNED.)
The database format is, however, backwards-compatible, so old executables
will still work.
(void) setlocale(LC_ALL, "");
It will be easiest way now to make national chars available
for all ctype-oriented programs at once by simple:
setenv LANG Your_National_Charset
Default case (without "LANG" environment
variable) will be fully ANSI compatible (got "C" locale).
If "LANG" variable present, extention becomes active.
Effect of this extention is great: in one time all ctype
oriented programs can accept/print national characters
without any touching source/binary code, it is big win, IMHO.
This method is fully compatible with ISO8859-* and russian koi8-r
too (in general -- with all 8-bit character sets). I think
it is very useful.
I got this idea from Xenix locale implementation.
This extention is even never compiled in, unless you set
setenv STARTUP_LOCALE
before rebuilding crt0.c or corresponding variable in /etc/make.conf
>From: jtk@atria.com (John T. Kohl)
in rcmd:
It calls select() with a hardcoded "number of file descriptors" argument
of 32, rather than computing it based on the sockets about which it
cares.
- Now we work out the nfds arg, and do some error checking
Submitted by: Geoff.
and tiny*tiny at compile time. The evaluations are supposed to be done
at run time to set the IEEE exception flags. Many other source files
in libm and msun are missing this fix. Fixing them is not urgent since
the default IEEE exception masks don't allow use of the overflow
exception flag.
Don't add to POBJS or SOBJS. bsd.lib.mk does it. Some objects were
duplicated.
Don't add to CLEANFILES. bsd.lib.mk does it. Some objects were
quadruplicated.
Define variables that are only used once close to where they are
used.
The ifdefs for avoiding building of profiled/shared objects when
NOPROFILE/NOPIC are set were not actually committed. The ifdefs
belong in bsd.lib.mk anyway.
o __FULLINE added for AL/DL/CS optimization with __noqch.
refresh.c
o Attributes does not turned off before clearing screen, cause
highlighted screen.
o Proper usage of 'affcnt' tputs parameter, affects terminals with
padding.
o make AL/DL/CS optimize not only for __FULLWIN but for __FULLLINE.
ATTENTION: original code works _only_for_ FULLWIN, i.e. if you
use two FULLLINE windows like in 'talk', you have full slow repaint with
original code, I enhance this thing. All other fixes marked
with phrase 'wrong for non-full windows' or WFNFW is continue of this fix.
I rewrite scroll code too for proper working (see below and tty.c
changes).
o DEBUG code always use 'i' index from 0 to curscr->maxy instead of
'i - win->begy', fixed
o check added into DEBUG to be shure that index inside current window.
o ->hash assigment code is WFNFW (forget win->begy).
o when CE usage required, and last spaces number counted, code don't check
attributes, so last standouted space will be incorrectly cleared.
o cep (start pointer) forget to add win->begy/win->begx, code WFNFW.
o clsp (last space) wrong in two places at once: forget to add win->begy
(WFNFW) and incorrectly use 'win->begx * __LDATASIZE' in pointer
arithmetics.
o clsp check incorrect: was 'clsp < win->maxx * __LDATASIZE', need to
be 'clsp < win->maxx
o Attributes does not turned off before clearing end of line, cause
highlighted end of line.
o When find how many lines from the top/bottom of the screen are unchanged,
code always forget '- win->begy', WFNFW.
o NO_JERKINESS code forgets to add win->begy, WFNFW.
o Curw & Curs changed in comment description
o In search for the largest block of text not changed forget to add
'- win->begy' (several places), WFNFW.
o Forget to add '- win->begy' for non-dirty lines, WFNFW.
o touchline forget to add '- win->begy', WFNFW.
o rewrite scrolln():
* remove win parameter, we deal with whole screen (curscr) now;
* use NL or '\n' instead of sf, it is faster in any case;
(imagine: cat written on curses now use '\n' for scroll
like standard cat, no ugly escapes)
* use dl (if present) instead of DL, if abs(n) == 1, the same
about al/sr, it is faster;
* change win->maxy to 'curscr->maxy - 1', we deal with whole screen
here, WFNFW.
* SF can be correctly issued only if cursor at bottom of scroll
region (whole screen region included too), fix this;
* sr/SR can be correctly issued only if cursor at top of scroll
region (whole screen region included too), fix this;
* use pre-calculaded (in setterm.c) __usecs variable to determine
usage of CS or AL/DL;
* completely rewrite scroll region stuff using __set_scroll_region
from tty.c (see below);
tty.c
o Added __set_scroll_region function which set CS region and stays
back in old position. Use SC/RC (save/restore cursor) if possible,
else use HO and __mvcur.
o __startwin: added __set_scroll_region(whole screen) at program
startup, if __usecs;
o endwin: added __set_scroll_region(whole screen) at program
exit, if __usecs;
o Fix all tc{set/get}attrs to works properly, when stdin redirected,
use /dev/tty in this case (needed for some applications).
setterm.c
o Add new variable __usecs, if (!AL/al || !Dl/dl) && CS && (SC && RC || HO)
(save/restore cursor used in __set_scroll_region in tty.c).
o Set __noqch, if !__usecs && (!AL/al || !DL/dl).
o Proper ospeed initialization for tputs, i.e. if speed == B9600,
ospeed = 13
curses.c
o Add __usecs variable that indicates usage of CS (if AL/DL absent).
curses.h
o Allow translation with applications which includes <sgtty.h>,
undef BXXX manually to avoid redefinition and include termios
to define proper ones.
o Define old-style names curx/begx/maxx/etc. for old applications.
Define _tty like __baset too.
o Typedef SGTTY type for old applications (SGTTY == struct termios).
o wstandout/wstandend should be int and not char*, some old
applications relay on this fact. See standout.c too.
o __FULLINE added indicated line width == terminal width, needed
for refresh using AL/DL/CS with __noqch, see refresh.c changes.
o Add extern __usecs variable that indicates usage of CS (if AL/DL absent).
o Add __set_scroll_region() prototype, see tty.c and refresh.c changes
for details.
o Change winch() character mask from 0177 to 0377, we don't need to
strip high bit on national characters.
o Allow translate on systems with _BSD_VA_LIST_ undefined, such as
FreeBSD 1.1.5.1
o __tty_fileno added to allows work with stdin redirected, see tty.c
o Privately declare tputs (..., void) and externally tputs(..., int),
many applications require this. Maybe not nice thing, but needed.
o Remove _putchar definition and replace it to proper _putchar
prototype, some old apps declares: 'extern int _putchar()'
and don't even include curses.h in such modules. See putchar.c
cr_put.c
o __mvcur: if destline == destcol && outline == outcol do nothing,
i.e. don't issue any escapes.
o Proper usage of 'affcnt' tputs parameter, affects terminals with
padding.
cur_hash.c
o Change char->unsigned char for proper sum 8-bit national characters.
getch.c
o check for inp == EOF added, don't add EOF to window.
getstr.c
o check for EOF added, don't add EOF to str.
insertln.c
o add cast to (int) in comparation of y and win->cury, this produce
big number (cast to (unsigned)) if y < 0
tstp.c
o Fix all tc{set/get}attrs to works properly, when stdin redirected,
use /dev/tty in this case (needed for some applications).
o add tstp() function for compatibility, some applications wants it.
standout.c
o Some old applications relay in fact that wstandout/wstandend
returns int instead of char*, change return type to OK/ERR.
putchar.c
o Add _putchar function (which calls __cputchar),
some old apps declares: 'extern int _putchar()'
and don't even include curses.h in such modules.
automagically. -lfoo has to be right to work, but ${LIBFO0} is too
easy to forget or misspell; nothing checks it and it should be
different for shared libraries.
because libmd builds a test program before installation and if
you've used CLOBBER there's no crt.0 to link with. This ensures
that in a make world the csu objects will get installed before
reaching the libmd directory.
Reviewed by:
Submitted by:
<machine/profile.h>. The old version was writing an incomplete
header without the profrate field that is necessary to handle the
current faster profiling clock. The counters that are where the
the profrate should be are usually 0 and gprof converts a profrate
of 0 to hz so the old version gave times too large by a factor of
profhz/hz = 10.24.
The fyl2xp1 instruction has such a limited range:
-(1 - (sqrt(2) / 2)) <= x <= sqrt(2) - 1
it's not worth trying to use it.
Also, I'm not sure fyl2xp1's extra precision will
matter once the result is converted from extended
real (80 bits) back to double real (64 bits).
Reviewed by: jkh
Submitted by: jtc
-- Begin comments from J.T. Conklin:
The most significant improvement is the addition of "float" versions
of the math functions that take float arguments, return floats, and do
all operations in floating point. This doesn't help (performance)
much on the i386, but they are still nice to have.
The float versions were orginally done by Cygnus' Ian Taylor when
fdlibm was integrated into the libm we support for embedded systems.
I gave Ian a copy of my libm as a starting point since I had already
fixed a lot of bugs & problems in Sun's original code. After he was
done, I cleaned it up a bit and integrated the changes back into my
libm.
-- End comments
Reviewed by: jkh
Submitted by: jtc
distributed in keith bostic's nvi (got his permission first). Most changes
are cosmetic, but a few errors (mostly in tty..c) were cleared up.
Reviewed by: Sean Eric Fagan
long long. Done by plugging both eax and edx with -1. This will clobber
edx unnecessarily when the return value is only 32bit...though probably
always an okay thing to do, it could stand a better fix.
This was the cause of gawk being broken (boy was THAT ever a subtle
bug!!!).
Securedist can be sorted out later - getting these bits exportable
is top priority.
The libtelnet with encryption has been moved to src/secure/lib.
It will either become part of libsecure, or or be made available
under another name, once the securedist strategy has been completely
worked out.
Submitted by: Geoff Rehmet
are running under. Here's how to bootstrap (order is important):
1) Re-compile gcc (just the driver is all you need).
2) Re-compile libc.
3) Re-compile your kernel. Reboot.
4) cd /usr/src/include; make install
You can now detect the compilation environment with the following code:
#if !defined(__FreeBSD__)
#define __FreeBSD_version 199401
#elif __FreeBSD__ == 1
#define __FreeBSD_version 199405
#else
#include <osreldate.h>
#endif
You can determine the run-time environment by calling the new C library
function getosreldate(), or by examining the MIB variable kern.osreldate.
For the time being, the release date is defined as 199409, which we have
already established as our target.
1.1.5 support for YP, fixing a bug in 1.1.5 that prevented YP from ever
working reliably. (I'm amazed that there were no bug reports.)
IWBRNI someone could write a host.conf(5) manual page. Please look at
the code before doing so; this version is somewhat more flexible in the
format of its input.
1. Copyright files looked for in the wrong place
2. cmp was looking in wrong place for test data.
3. Driver for test not linked static, thus dynamic resolution of library
not working.
4. Man page installation not consistent with source.
Reviewed by:
Submitted by: jkh
Imported libmd. This library contains MD2, MD4 and MD5.
These three boggers pop up all over the place all of the time, so I
decided we needed a library with them. In general they are used for
security checks, so if you use them you want to link them static.
2 Added optional excessive login logging.
3) Added login acces control on a per host/tty base.
4) See skey(1) for skey descriptions and src/usr.bin/login/README
for the logging and access control features.
-Guido
This fixes the problems Warner's having with ctors not being called
again with the latest round of ld changes and updates the file-names to what
Paul is using now.
The name change will not affect anything as we are not (yet) using it.
program. The idea was that these are 'alignment' crap, but the image
is 16byte-aligned without these. Location 0 still doesn't have a 0,
but who cares, binaries wil be built with page zero unmapped in the
near future.
