From owner-cvs-libexec Tue Nov 19 10:03:50 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA20943 for cvs-libexec-outgoing; Tue, 19 Nov 1996 10:03:50 -0800 (PST) Received: (from pst@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA20910; Tue, 19 Nov 1996 10:03:17 -0800 (PST) Date: Tue, 19 Nov 1996 10:03:17 -0800 (PST) From: Paul Traina Message-Id: <199611191803.KAA20910@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/rexecd rexecd.8 rexecd.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk pst 96/11/19 10:03:17 Modified: libexec/rexecd rexecd.8 rexecd.c Log: Do not attempt to open reverse channel until authentication phase has succeeded. Never allow the reverse channel to be to a privileged port. Cannidate for: 2.1 and 2.2 branches Reviewed by: pst (with local cleanups) Submitted by: Cy Shubert Obtained from: Jaeger via BUGTRAQ Revision Changes Path 1.4 +6 -3 src/libexec/rexecd/rexecd.8 1.9 +24 -14 src/libexec/rexecd/rexecd.c From owner-cvs-libexec Wed Nov 20 13:44:51 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA12412 for cvs-libexec-outgoing; Wed, 20 Nov 1996 13:44:51 -0800 (PST) Received: (from pst@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id NAA12354; Wed, 20 Nov 1996 13:44:14 -0800 (PST) Date: Wed, 20 Nov 1996 13:44:14 -0800 (PST) From: Paul Traina Message-Id: <199611202144.NAA12354@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/rexecd rexecd.8 rexecd.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk pst 96/11/20 13:44:12 Branch: libexec/rexecd RELENG_2_1_0 Modified: libexec/rexecd rexecd.8 rexecd.c Log: Sync with HEAD for 2.1.6 PSU1 Revision Changes Path 1.2.6.1 +6 -2 src/libexec/rexecd/rexecd.8 1.5.4.3 +25 -13 src/libexec/rexecd/rexecd.c From owner-cvs-libexec Wed Nov 20 14:13:26 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA14360 for cvs-libexec-outgoing; Wed, 20 Nov 1996 14:13:26 -0800 (PST) Received: (from pst@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA14298; Wed, 20 Nov 1996 14:12:55 -0800 (PST) Date: Wed, 20 Nov 1996 14:12:55 -0800 (PST) From: Paul Traina Message-Id: <199611202212.OAA14298@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/ftpd popen.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk pst 96/11/20 14:12:53 Modified: libexec/ftpd popen.c Log: Truncate argument list to avoid buffer overflows. Cannidate for: 2.1 and 2.2 Revision Changes Path 1.5 +9 -5 src/libexec/ftpd/popen.c From owner-cvs-libexec Wed Nov 20 14:14:27 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA14878 for cvs-libexec-outgoing; Wed, 20 Nov 1996 14:14:27 -0800 (PST) Received: (from pst@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA14608; Wed, 20 Nov 1996 14:13:57 -0800 (PST) Date: Wed, 20 Nov 1996 14:13:57 -0800 (PST) From: Paul Traina Message-Id: <199611202213.OAA14608@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/ftpd ftpd.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk pst 96/11/20 14:13:55 Modified: libexec/ftpd ftpd.c Log: Conditionalize setsockopt IP_PORTRANGE to make ftpd portable. Revision Changes Path 1.26 +11 -6 src/libexec/ftpd/ftpd.c From owner-cvs-libexec Wed Nov 20 14:26:06 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA17715 for cvs-libexec-outgoing; Wed, 20 Nov 1996 14:26:06 -0800 (PST) Received: (from pst@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA17672; Wed, 20 Nov 1996 14:25:43 -0800 (PST) Date: Wed, 20 Nov 1996 14:25:43 -0800 (PST) From: Paul Traina Message-Id: <199611202225.OAA17672@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/ftpd popen.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk pst 96/11/20 14:25:42 Branch: libexec/ftpd RELENG_2_1_0 Modified: libexec/ftpd popen.c Log: Merge from head Revision Changes Path 1.1.1.1.6.1 +12 -5 src/libexec/ftpd/popen.c From owner-cvs-libexec Wed Nov 20 14:26:10 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA17732 for cvs-libexec-outgoing; Wed, 20 Nov 1996 14:26:10 -0800 (PST) Received: (from pst@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA17701; Wed, 20 Nov 1996 14:26:01 -0800 (PST) Date: Wed, 20 Nov 1996 14:26:01 -0800 (PST) From: Paul Traina Message-Id: <199611202226.OAA17701@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/ftpd ftpcmd.y Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk pst 96/11/20 14:26:00 Branch: libexec/ftpd RELENG_2_1_0 Modified: libexec/ftpd ftpcmd.y Log: Disable certain commands before login. Revision Changes Path 1.4.6.1 +21 -16 src/libexec/ftpd/ftpcmd.y From owner-cvs-libexec Thu Nov 21 08:36:30 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA03164 for cvs-libexec-outgoing; Thu, 21 Nov 1996 08:36:30 -0800 (PST) Received: (from phk@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA03136; Thu, 21 Nov 1996 08:36:19 -0800 (PST) Date: Thu, 21 Nov 1996 08:36:19 -0800 (PST) From: Poul-Henning Kamp Message-Id: <199611211636.IAA03136@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/rexecd rexecd.8 rexecd.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk phk 96/11/21 08:36:18 Branch: libexec/rexecd RELENG_2_2 Modified: libexec/rexecd rexecd.8 rexecd.c Log: YAMFC Revision Changes Path 1.3.2.1 +6 -3 src/libexec/rexecd/rexecd.8 1.8.2.1 +24 -14 src/libexec/rexecd/rexecd.c From owner-cvs-libexec Thu Nov 21 08:36:28 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA03153 for cvs-libexec-outgoing; Thu, 21 Nov 1996 08:36:28 -0800 (PST) Received: (from phk@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA03027; Thu, 21 Nov 1996 08:35:58 -0800 (PST) Date: Thu, 21 Nov 1996 08:35:58 -0800 (PST) From: Poul-Henning Kamp Message-Id: <199611211635.IAA03027@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/ftpd ftpd.c popen.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk phk 96/11/21 08:35:56 Branch: libexec/ftpd RELENG_2_2 Modified: libexec/ftpd ftpd.c popen.c Log: YAMFC Revision Changes Path 1.25.2.1 +11 -6 src/libexec/ftpd/ftpd.c 1.4.2.1 +9 -5 src/libexec/ftpd/popen.c From owner-cvs-libexec Fri Nov 22 00:59:18 1996 Return-Path: owner-cvs-libexec Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA07010 for cvs-libexec-outgoing; Fri, 22 Nov 1996 00:59:18 -0800 (PST) Received: (from pst@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id AAA06993; Fri, 22 Nov 1996 00:59:08 -0800 (PST) Date: Fri, 22 Nov 1996 00:59:08 -0800 (PST) From: Paul Traina Message-Id: <199611220859.AAA06993@freefall.freebsd.org> To: CVS-committers, cvs-all, cvs-libexec Subject: cvs commit: src/libexec/rexecd rexecd.8 rexecd.c Sender: owner-cvs-libexec@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk pst 96/11/22 00:59:08 Modified: libexec/rexecd rexecd.8 rexecd.c Log: Back out recent security patch for rexecd. After more careful analysis, it is both uneeded and breaks certain lock-step timing in the rexec protocol. Yes, an attacker can "relay" connections using this trick, but a properly configured firewall that would make this sort of subterfuge necessary in the first place (instead of direct packet spoofing) would also thwart useful attacks based on this. Revision Changes Path 1.5 +2 -5 src/libexec/rexecd/rexecd.8 1.10 +13 -23 src/libexec/rexecd/rexecd.c