From owner-freebsd-audit Sun Jul 22 3:37:11 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 982C937B403; Sun, 22 Jul 2001 03:37:06 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id UAA28130; Sun, 22 Jul 2001 20:37:03 +1000 Date: Sun, 22 Jul 2001 20:33:52 +1000 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Assar Westerlund Cc: des@FreeBSD.ORG, audit@FreeBSD.ORG Subject: Re: subf_printf warnings in linprocfs.c:linprocfs_donetdev In-Reply-To: <5lofqeknrp.fsf@assaris.sics.se> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 21 Jul 2001, Assar Westerlund wrote: > This gets rid of warnings from gcc's printf. Comments? > > /assar > > Index: linprocfs.c > =================================================================== > RCS file: /home/ncvs/src/sys/compat/linprocfs/linprocfs.c,v > retrieving revision 1.33 > diff -u -w -u -w -r1.33 linprocfs.c > --- linprocfs.c 2001/07/05 17:10:41 1.33 > +++ linprocfs.c 2001/07/21 20:51:38 > @@ -663,8 +663,8 @@ > sbuf_printf(sb, > "%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu " > "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n", > - 0, 0, 0, 0, 0, 0, 0, 0, > - 0, 0, 0, 0, 0, 0, 0, 0); > + 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, > + 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL, 0UL); > } > > return (0); Changing all the %lu's to %d's would be better. Printing a literal string would be better still (the string must line up with the header, and this would be easier to see and maintain if it were literal like the header). Nearby bugs: - the header has hard tabs in it but the string in the above printf doesn't, so the string can't possibly line up with the header for all indentations. - the output is unreadably wide (119 columns). This may be necessary for bug for bug compatibility with Linux. This is obfuscated at the source level using ANSI string concatenation. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 4: 7: 0 2001 Delivered-To: freebsd-audit@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id BB56237B403; Sun, 22 Jul 2001 04:06:48 -0700 (PDT) (envelope-from des@ofug.org) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id NAA24833; Sun, 22 Jul 2001 13:06:41 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Bruce Evans Cc: Assar Westerlund , audit@FreeBSD.ORG Subject: Re: subf_printf warnings in linprocfs.c:linprocfs_donetdev References: From: Dag-Erling Smorgrav Date: 22 Jul 2001 13:06:41 +0200 In-Reply-To: Message-ID: Lines: 30 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bruce Evans writes: > Nearby bugs: > - the header has hard tabs in it but the string in the above printf doesn't, > so the string can't possibly line up with the header for all indentations. > - the output is unreadably wide (119 columns). This may be necessary for > bug for bug compatibility with Linux. This is obfuscated at the source > level using ANSI string concatenation. I think it's *supposed* to be ugly: des@mizar:~$ uname -a Linux mizar.ping.uio.no 2.2.16-devfs-raid-PING #3 SMP Thu Jun 8 16:24:02 CEST 2000 sparc unknown des@mizar:~$ cat /proc/net/dev Inter-| Receive | Transmit face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed lo:620500533 4063952 0 0 0 0 0 0 620500533 4063952 0 0 0 0 0 0 eth0:1735298856 38240294 0 0 0 55 0 0 4245594048 36996963 0 0 0 0 0 0 eth1: 7932928 76539 0 0 0 0 0 0 1787616 19132 0 0 0 0 0 0 eth2: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ...and the source code is even uglier: http://lxr.linux.no/source/net/core/dev.c?v=2.4.4#L1660 I'll rewrite our code a tad so it doesn't rely on ANSI string concatenation. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 4: 9:39 2001 Delivered-To: freebsd-audit@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 8CB5A37B405; Sun, 22 Jul 2001 04:09:32 -0700 (PDT) (envelope-from des@ofug.org) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id NAA24841; Sun, 22 Jul 2001 13:09:28 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Bruce Evans Cc: Assar Westerlund , audit@FreeBSD.ORG Subject: Re: subf_printf warnings in linprocfs.c:linprocfs_donetdev References: From: Dag-Erling Smorgrav Date: 22 Jul 2001 13:09:28 +0200 In-Reply-To: Message-ID: Lines: 9 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bruce Evans writes: > - the header has hard tabs in it but the string in the above printf doesn't, > so the string can't possibly line up with the header for all indentations. That's probably the result of a boneheaded M-x tabify. Mea culpa. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 13:17:33 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by hub.freebsd.org (Postfix) with ESMTP id 6A44B37B401 for ; Sun, 22 Jul 2001 13:17:31 -0700 (PDT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f6MKHOJ97664; Sun, 22 Jul 2001 16:17:24 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <20010718145258.1d829df6.david@phobia.ms> References: <20010718145258.1d829df6.david@phobia.ms> Date: Sun, 22 Jul 2001 16:17:22 -0400 To: David Hill , audit@FreeBSD.ORG From: Garance A Drosihn Subject: Re: strlcpy patches Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 2:52 PM -0400 7/18/01, David Hill wrote: >Greetings. >I have patched some source files replacing: > > strncpy(dst, src, sizeof(dst) - 1); > dst[sizeof(dst)-1] = '\0'; >with > strlcpy(dst, src, sizeof dst); > >They are located at http://www.phobia.ms/patches I have committed changes with similar intent to current for the files under usr.sbin/lpr, and will MFC them next weekend. I then intend to do almost no work in freebsd for the month of August (partially due to 4.4, and partially because I'll be too busy here at work). If no one else has picked up your strlcpy changes by the time I get back to making changes, I'll see about applying these patches to other source files. Usually I wouldn't wander too far outside of lpr, but strncpy() calls for destinations which ARE supposed to be null-terminated have always bugged me... -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 13:21:24 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by hub.freebsd.org (Postfix) with ESMTP id 1888C37B403 for ; Sun, 22 Jul 2001 13:21:21 -0700 (PDT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f6MKLJJ26946; Sun, 22 Jul 2001 16:21:19 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <20010720190412.5b2a8317.david@phobia.ms> References: <20010720190412.5b2a8317.david@phobia.ms> Date: Sun, 22 Jul 2001 16:21:17 -0400 To: David Hill , audit@FreeBSD.ORG From: Garance A Drosihn Subject: Re: STD*_FILENO changes Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 7:04 PM -0400 7/20/01, David Hill wrote: >Hello - > Well, I said I would be happy to do it. Let me just say I'm >happy it's done. > > The diff's can be found at this url: > http://www.phobia.ms/patches/diffs.tar.gz I committed the patches related to lpr, and will MFC them next weekend. I have never been bugged by this particular issue, so I won't be volunteering to look through the non-lpr parts of this... :-) -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 14:41:39 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (discworld.nanolink.com [195.24.48.189]) by hub.freebsd.org (Postfix) with SMTP id 9572337B406 for ; Sun, 22 Jul 2001 14:41:20 -0700 (PDT) (envelope-from roam@ringworld.nanolink.com) Received: (qmail 3493 invoked by uid 1000); 22 Jul 2001 21:40:34 -0000 Date: Mon, 23 Jul 2001 00:40:34 +0300 From: Peter Pentchev To: arch@FreeBSD.org Cc: audit@FreeBSD.org Subject: sysctl(8) enhancement: display sysctl MIB's Message-ID: <20010723004034.I882@ringworld.oblivion.bg> Mail-Followup-To: arch@FreeBSD.org, audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, During the testing of the kern_sysctl.c patches for PR xxxxx, I came across a feature missing from the sysctl user interface - there was no easy way to obtain a list of sysctl's and their MIB's to see if the PR submitter was actually correct that there were cases when dynamic sysctl's were placed amidst static ones. sysctl(8), the logical place to look for such an interface, turned out to have none. Attached is a patch which adds a new command-line flag, -m, to display MIB's before names. Since the MIB's are of arbitrary length, there is no easy way to line them up, short of buffering the entire sysctl output to determine the maximum size. Since this is only of limited use (debugging new sysctl entries' placement), people who use it could be bothered to use a standalone formatter (Perl and awk come to mind ;) to prettify the output. Comments? Yep, I know that this is only of limited use, but still, it turned out to be useful in at least one case. G'luck, Peter -- I am jealous of the first word in this sentence. Index: src/sbin/sysctl/sysctl.8 =================================================================== RCS file: /home/ncvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.36 diff -u -r1.36 sysctl.8 --- src/sbin/sysctl/sysctl.8 2001/07/13 09:09:48 1.36 +++ src/sbin/sysctl/sysctl.8 2001/07/22 21:36:26 @@ -40,7 +40,7 @@ .Nd get or set kernel state .Sh SYNOPSIS .Nm -.Op Fl bNnox +.Op Fl bmNnox .Ar name Ns Op = Ns Ar value .Ar ... .Nm @@ -71,6 +71,11 @@ Force the value of the variable(s) to be output in raw, binary format. No names are printed and no terminating newlines are output. This is mostly useful with a single variable. +.It Fl m +Specify that the MIB numerical value should be printed before the name. +This flag only takes effect if +.Fl n +is not specified. .It Fl N Show only variable names, not their values. This is particularly useful with shells that offer programmable Index: src/sbin/sysctl/sysctl.c =================================================================== RCS file: /home/ncvs/src/sbin/sysctl/sysctl.c,v retrieving revision 1.37 diff -u -r1.37 sysctl.c --- src/sbin/sysctl/sysctl.c 2001/06/18 21:06:24 1.37 +++ src/sbin/sysctl/sysctl.c 2001/07/22 21:36:28 @@ -58,10 +58,11 @@ #include #include -static int aflag, bflag, Nflag, nflag, oflag, xflag; +static int aflag, bflag, mflag, Nflag, nflag, oflag, xflag; static int oidfmt(int *, int, char *, u_int *); static void parse(char *); +static int show_varname(const char *, const int *, int); static int show_var(int *, int); static int sysctl_all (int *oid, int len); static int name2oid(char *, int *); @@ -71,8 +72,8 @@ { (void)fprintf(stderr, "%s\n%s\n", - "usage: sysctl [-bNnox] variable[=value] ...", - " sysctl [-bNnox] -a"); + "usage: sysctl [-bmNnox] variable[=value] ...", + " sysctl [-bmNnox] -a"); exit(1); } @@ -83,7 +84,7 @@ setbuf(stdout,0); setbuf(stderr,0); - while ((ch = getopt(argc, argv, "AabNnowxX")) != -1) { + while ((ch = getopt(argc, argv, "AabmNnowxX")) != -1) { switch (ch) { case 'A': /* compatibility */ @@ -95,6 +96,9 @@ case 'b': bflag = 1; break; + case 'm': + mflag = 1; + break; case 'N': Nflag = 1; break; @@ -369,6 +373,33 @@ } /* + * This formats and outputs the name of one variable. + * If the -m command-line flag was specified, the MIB value + * is also printed out. + * + * Returns zero on success. + * No error conditions yet (XXX: check printf() return value? :) + */ + +static int +show_varname(const char *name, const int *oid, int len) +{ + int i; + + if (nflag) + return (0); + + if (mflag) { + for (i = 0; i < len-1; i++) + printf("%X.", oid[i]); + printf("%X ", oid[i]); + } + + printf("%s: ", name); + return (0); +} + +/* * This formats and outputs the value of one variable * * Returns zero if anything was actually output. @@ -397,7 +428,7 @@ err(1, "sysctl name %d %d %d", i, j, errno); if (Nflag) { - printf("%s", name); + show_varname(name, oid, nlen); return (0); } @@ -430,14 +461,12 @@ p = val; switch (*fmt) { case 'A': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); printf("%s", p); return (0); case 'I': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); fmt++; val = ""; while (len >= sizeof(int)) { @@ -452,8 +481,7 @@ return (0); case 'L': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); fmt++; val = ""; while (len >= sizeof(long)) { @@ -468,8 +496,7 @@ return (0); case 'P': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); printf("%p", *(void **)p); return (0); @@ -487,16 +514,14 @@ else func = NULL; if (func) { - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); return ((*func)(len, p)); } /* FALL THROUGH */ default: if (!oflag && !xflag) return (1); - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); printf("Format:%s Length:%d Dump:0x", fmt, len); while (len-- && (xflag || p < val + 16)) printf("%02x", *p++); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 14:43:31 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (discworld.nanolink.com [195.24.48.189]) by hub.freebsd.org (Postfix) with SMTP id 5D22F37B408 for ; Sun, 22 Jul 2001 14:43:24 -0700 (PDT) (envelope-from roam@ringworld.nanolink.com) Received: (qmail 3559 invoked by uid 1000); 22 Jul 2001 21:42:38 -0000 Date: Mon, 23 Jul 2001 00:42:38 +0300 From: Peter Pentchev To: arch@FreeBSD.org Cc: audit@FreeBSD.org Subject: Re: sysctl(8) enhancement: display sysctl MIB's Message-ID: <20010723004238.J882@ringworld.oblivion.bg> Mail-Followup-To: arch@FreeBSD.org, audit@FreeBSD.org References: <20010723004034.I882@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010723004034.I882@ringworld.oblivion.bg>; from roam@orbitel.bg on Mon, Jul 23, 2001 at 12:40:34AM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jul 23, 2001 at 12:40:34AM +0300, Peter Pentchev wrote: > Hi, > > During the testing of the kern_sysctl.c patches for PR xxxxx, Errrr oops. The PR is kern/29131 :) G'luck, Peter -- I had to translate this sentence into English because I could not read the original Sanskrit. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 21:56:34 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-215.dsl.lsan03.pacbell.net [63.207.60.215]) by hub.freebsd.org (Postfix) with ESMTP id 569D737B401; Sun, 22 Jul 2001 21:56:22 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id E4D8B66CC1; Sun, 22 Jul 2001 21:56:20 -0700 (PDT) Date: Sun, 22 Jul 2001 21:56:20 -0700 From: Kris Kennaway To: Assar Westerlund Cc: Kris Kennaway , Matt Dillon , Ruslan Ermilov , audit@FreeBSD.org Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? Message-ID: <20010722215619.A94874@xor.obsecurity.org> References: <20010719205948.D67829@sunbay.com> <200107191817.f6JIHSJ76262@earth.backplane.com> <20010719215957.A74024@sunbay.com> <200107191917.f6JJHwV77405@earth.backplane.com> <20010720100029.A30828@sunbay.com> <200107200932.f6K9WgZ88552@earth.backplane.com> <20010720143742.E65677@sunbay.com> <200107201717.f6KHHGa91142@earth.backplane.com> <20010722194031.A92249@jail-3.5> <5l66ck9wm7.fsf@assaris.sics.se> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="KsGdsel6WgEHnImy" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <5l66ck9wm7.fsf@assaris.sics.se>; from assar@FreeBSD.ORG on Mon, Jul 23, 2001 at 05:01:52AM +0200 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --KsGdsel6WgEHnImy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 23, 2001 at 05:01:52AM +0200, Assar Westerlund wrote: > Kris Kennaway writes: > > Okay, I've been reviewing the patch, and this immediately stood out to > > me: > >=20 > > int > > output_data(const char *format, ...) > > { > > va_list args; > > size_t remaining, ret; > >=20 > > va_start(args, format); > > remaining =3D BUFSIZ - (nfrontp - netobuf); > > /* try a netflush() if the room is too low */ > > if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { > > ^^^^^^^^^^^^^^ > > =20 > > format is a format string which gets expanded by snprintf..how can > > that check be right to determine if the buffer is going to become > > full? >=20 > I think the point of that check is to flush the buffer if it's likely > that this output_data would otherwise fill it up. Note that the > vsnprintf() still only uses the remaining space in the buffer. Please review the following patch. I made the following changes: * output_data() and output_datalen() now guarantee that they output their entire inputs, and can handle input string which have strlen() > BUFSIZ * I removed the test against BUFSIZ / 4 -- as far as I could tell, this is only intended to pre-emptively flush the buffer if we are close to full, but not completely full yet. I'm not sure why this was needed. * Some places which called netflush() conditionally (e.g. if there is insufficient free space for the operation they're about to do) now use while() to guarantee this; previously they could overflow if the netflush() failed. Some of the netflush() calls seemed to only be 'advisory' and nothing depends on the flush actually taking place immediately. I've left these alone for now; perhaps they should be changed to flush the entire buffer. * I've commented out the -D report code in netflush() which recurses; we'll have to revisit that. I wanted to release the telnetd advisory tomorrow, so your swift review is appreciated. Thanks. Kris Index: telnetd/ext.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/ext.h,v retrieving revision 1.5 diff -u -r1.5 ext.h --- telnetd/ext.h 2001/07/19 17:48:57 1.5 +++ telnetd/ext.h 2001/07/23 03:37:03 @@ -120,7 +120,6 @@ localstat P((void)), flowstat P((void)), netclear P((void)), - netflush P((void)), #ifdef DIAGNOSTICS printoption P((char *, int)), printdata P((char *, char *, int)), @@ -159,6 +158,7 @@ getpty P((int *)), #endif login_tty P((int)), + netflush P((void)), spcset P((int, cc_t *, cc_t **)), stilloob P((int)), terminit P((void)), Index: telnetd/slc.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/slc.c,v retrieving revision 1.5 diff -u -r1.5 slc.c --- telnetd/slc.c 2000/07/16 05:52:45 1.5 +++ telnetd/slc.c 2001/07/23 03:37:20 @@ -176,7 +176,6 @@ register unsigned char **bufp; { register int len; - void netflush(); =20 /* * If a change has occured, store the new terminal control Index: telnetd/state.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/state.c,v retrieving revision 1.7 diff -u -r1.7 state.c --- telnetd/state.c 2001/07/19 18:58:31 1.7 +++ telnetd/state.c 2001/07/23 04:41:52 @@ -1615,40 +1615,69 @@ =20 /* * This function appends data to nfrontp and advances nfrontp. + * Returns the number of characters written altogether (the buffer may have + * been flushed in the process). */ =20 int output_data(const char *format, ...) { va_list args; - size_t remaining, ret; + size_t remaining, copied; + int bufremain; + char *buf, *bufp; =20 va_start(args, format); + /* calculate free space to play with */ remaining =3D BUFSIZ - (nfrontp - netobuf); - /* try a netflush() if the room is too low */ - if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { - netflush(); - remaining =3D BUFSIZ - (nfrontp - netobuf); + + if ((bufremain =3D vasprintf(&buf, format, args)) =3D=3D -1) + return -1; + bufp =3D buf; + + while (bufremain > 0) { + /* Free up enough space if the room is too low */ + while ((bufremain > BUFSIZ ? BUFSIZ : bufremain) > remaining) + remaining +=3D netflush(); + + /* Copy out as much as will fit */ + copied =3D remaining > bufremain ? bufremain : remaining; + memmove(nfrontp, bufp, copied); + nfrontp +=3D copied; + bufremain -=3D copied; + remaining -=3D copied; + bufp +=3D copied; } - ret =3D vsnprintf(nfrontp, remaining, format, args); - nfrontp +=3D ((ret < remaining - 1) ? ret : remaining - 1); va_end(args); - return ret; + bufremain =3D strlen(buf); + free(buf); + return bufremain; } =20 int output_datalen(const char *buf, size_t len) { size_t remaining; - + int bufremain, copied; + const char *bufp; +=09 remaining =3D BUFSIZ - (nfrontp - netobuf); - if (remaining < len) { - netflush(); - remaining =3D BUFSIZ - (nfrontp - netobuf); + bufremain =3D len; + bufp =3D buf; + + while (bufremain > 0) { + /* Free up enough space if the room is too low*/ + while((bufremain > BUFSIZ ? BUFSIZ : bufremain) > remaining) + remaining +=3D netflush(); + + /* Copy out as much as will fit */ + copied =3D remaining > bufremain ? bufremain : remaining; + memmove(nfrontp, bufp, copied); + nfrontp +=3D copied; + bufremain -=3D copied; + remaining -=3D copied; + bufp +=3D copied; } - if (remaining < len) - return -1; - memmove(nfrontp, buf, len); - nfrontp +=3D len; + return (len); } Index: telnetd/telnetd.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/telnetd.c,v retrieving revision 1.16 diff -u -r1.16 telnetd.c --- telnetd/telnetd.c 2001/07/19 17:48:57 1.16 +++ telnetd/telnetd.c 2001/07/23 04:44:39 @@ -952,7 +952,6 @@ char *HE; char *HN; char *IM; - void netflush(); int nfd; =20 /* @@ -1420,8 +1419,9 @@ } #endif /* defined(CRAY2) && defined(UNICOS5) */ =20 - if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0) - netflush(); + if (FD_ISSET(f, &obits)) + while ((nfrontp - nbackp) > 0) + netflush(); if (ncc > 0) telrcv(); if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0) Index: telnetd/termstat.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/termstat.c,v retrieving revision 1.7 diff -u -r1.7 termstat.c --- telnetd/termstat.c 2001/07/19 17:48:57 1.7 +++ telnetd/termstat.c 2001/07/23 03:38:03 @@ -140,7 +140,6 @@ void localstat() { - void netflush(); int need_will_echo =3D 0; =20 #if defined(CRAY2) && defined(UNICOS5) @@ -404,7 +403,6 @@ clientstat(code, parm1, parm2) register int code, parm1, parm2; { - void netflush(); =20 /* * Get a copy of terminal characteristics. Index: telnetd/utility.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/utility.c,v retrieving revision 1.8 diff -u -r1.8 utility.c --- telnetd/utility.c 2001/07/19 17:48:57 1.8 +++ telnetd/utility.c 2001/07/23 04:48:14 @@ -69,10 +69,9 @@ void ttloop() { - void netflush(); =20 DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp-nbackp) { + while ((nfrontp - nbackp) > 0) { netflush(); } ncc =3D read(net, netibuf, sizeof netibuf); @@ -249,18 +248,22 @@ /* * netflush * Send as much data as possible to the network, - * handling requests for urgent data. + * handling requests for urgent data. Not all data in the + * buffer may be sent. */ - void + int netflush() { int n; extern int not42; =20 if ((n =3D nfrontp - nbackp) > 0) { +#if 0 + /* XXX This causes output_data() to recurse and die */ DIAG(TD_REPORT, { n +=3D output_data("td: netflush %d chars\r\n", n); }); +#endif #ifdef ENCRYPTION if (encrypt_output) { char *s =3D nclearto ? nclearto : nbackp; @@ -296,7 +299,7 @@ } if (n < 0) { if (errno =3D=3D EWOULDBLOCK || errno =3D=3D EINTR) - return; + return 0; cleanup(0); } nbackp +=3D n; @@ -313,7 +316,7 @@ nclearto =3D 0; #endif /* ENCRYPTION */ } - return; + return (n); } /* end of netflush */ =20 =20 @@ -1109,7 +1112,7 @@ =20 while (cnt) { /* flush net output buffer if no room for new data) */ - if ((&netobuf[BUFSIZ] - nfrontp) < 80) { + while ((&netobuf[BUFSIZ] - nfrontp) < 80) { netflush(); } =20 --KsGdsel6WgEHnImy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7W65zWry0BWjoQKURAmK0AJ4gC0PWDr+lvGopXUeg+dYjKYw6UACg6Hc1 simSHwuN/kZOaH+phyMBBow= =fa5T -----END PGP SIGNATURE----- --KsGdsel6WgEHnImy-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 22:14:36 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-215.dsl.lsan03.pacbell.net [63.207.60.215]) by hub.freebsd.org (Postfix) with ESMTP id F059037B405; Sun, 22 Jul 2001 22:14:15 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id A24BA66CC1; Sun, 22 Jul 2001 22:14:14 -0700 (PDT) Date: Sun, 22 Jul 2001 22:14:14 -0700 From: Kris Kennaway To: Kris Kennaway Cc: Assar Westerlund , Matt Dillon , Ruslan Ermilov , audit@FreeBSD.ORG Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? Message-ID: <20010722221413.A95414@xor.obsecurity.org> References: <200107191817.f6JIHSJ76262@earth.backplane.com> <20010719215957.A74024@sunbay.com> <200107191917.f6JJHwV77405@earth.backplane.com> <20010720100029.A30828@sunbay.com> <200107200932.f6K9WgZ88552@earth.backplane.com> <20010720143742.E65677@sunbay.com> <200107201717.f6KHHGa91142@earth.backplane.com> <20010722194031.A92249@jail-3.5> <5l66ck9wm7.fsf@assaris.sics.se> <20010722215619.A94874@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="qDbXVdCdHGoSgWSk" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010722215619.A94874@xor.obsecurity.org>; from kris@obsecurity.org on Sun, Jul 22, 2001 at 09:56:20PM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --qDbXVdCdHGoSgWSk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jul 22, 2001 at 09:56:20PM -0700, Kris Kennaway wrote: > * Some places which called netflush() conditionally (e.g. if there is > insufficient free space for the operation they're about to do) now > use while() to guarantee this; previously they could overflow if the > netflush() failed. Some of the netflush() calls seemed to only be > 'advisory' and nothing depends on the flush actually taking place > immediately. I've left these alone for now; perhaps they should be > changed to flush the entire buffer. After thinking about this a bit further, I've decided to make the standalone netflush() calls flush the entire buffer. This seems like a better thing to do than to potentially do nothing at all. I'm also not sure if I diffed the last patch against the correct CVS versions. Updated patch follows. Kris Index: ext.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/ext.h,v retrieving revision 1.2.8.2 diff -u -r1.2.8.2 ext.h --- ext.h 2001/07/20 15:16:52 1.2.8.2 +++ ext.h 2001/07/23 05:05:23 @@ -120,7 +120,6 @@ localstat P((void)), flowstat P((void)), netclear P((void)), - netflush P((void)), #ifdef DIAGNOSTICS printoption P((char *, int)), printdata P((char *, char *, int)), @@ -159,6 +158,7 @@ getpty P((int *)), #endif login_tty P((int)), + netflush P((void)), spcset P((int, cc_t *, cc_t **)), stilloob P((int)), terminit P((void)), Index: slc.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/slc.c,v retrieving revision 1.4.2.1 diff -u -r1.4.2.1 slc.c --- slc.c 2001/07/20 15:16:52 1.4.2.1 +++ slc.c 2001/07/23 05:09:10 @@ -176,7 +176,6 @@ register unsigned char **bufp; { register int len; - void netflush(); =20 /* * If a change has occured, store the new terminal control @@ -205,7 +204,8 @@ slcptr +=3D 2; len =3D slcptr - slcbuf; output_datalen(slcbuf, len); - netflush(); /* force it out immediately */ + while ((nfrontp - nbackp) > 0) + netflush(); /* force it out immediately */ DIAG(TD_OPTIONS, printsub('>', slcbuf+2, len-2);); } } Index: state.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/state.c,v retrieving revision 1.4.2.1 diff -u -r1.4.2.1 state.c --- state.c 2001/07/20 15:16:52 1.4.2.1 +++ state.c 2001/07/23 05:11:24 @@ -938,7 +938,8 @@ set_my_want_state_will(TELOPT_LOGOUT); send_will(TELOPT_LOGOUT, 0); set_my_state_will(TELOPT_LOGOUT); - (void)netflush(); + while ((nfrontp - nbackp) > 0) + netflush(); cleanup(0); /* NOT REACHED */ break; @@ -1100,7 +1101,8 @@ { register int subchar; =20 - DIAG(TD_OPTIONS, {netflush(); printsub('<', subpointer, SB_LEN()+2);}); + DIAG(TD_OPTIONS, {while ((nfrontp - nbackp) > 0) netflush(); + printsub('<', subpointer, SB_LEN()+2);}); =20 subchar =3D SB_GET(); switch (subchar) { @@ -1532,7 +1534,8 @@ =20 ncp =3D statusbuf; =20 - netflush(); /* get rid of anything waiting to go out */ + while ((nfrontp - nbackp) > 0) + netflush(); /* get rid of anything waiting to go out */ =20 ADD(IAC); ADD(SB); @@ -1607,48 +1610,79 @@ ADD(SE); =20 output_datalen(statusbuf, ncp - statusbuf); - netflush(); /* Send it on its way */ + while ((nfrontp - nbackp) > 0) + netflush(); /* Send it on its way */ =20 DIAG(TD_OPTIONS, - {printsub('>', statusbuf, ncp - statusbuf); netflush();}); + {printsub('>', statusbuf, ncp - statusbuf); + while ((nfrontp - nbackp) > 0) netflush();}); } =20 /* * This function appends data to nfrontp and advances nfrontp. + * Returns the number of characters written altogether (the buffer may have + * been flushed in the process). */ =20 int output_data(const char *format, ...) { va_list args; - size_t remaining, ret; + size_t remaining, copied; + int bufremain; + char *buf, *bufp; =20 va_start(args, format); + /* calculate free space to play with */ remaining =3D BUFSIZ - (nfrontp - netobuf); - /* try a netflush() if the room is too low */ - if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { - netflush(); - remaining =3D BUFSIZ - (nfrontp - netobuf); + + if ((bufremain =3D vasprintf(&buf, format, args)) =3D=3D -1) + return -1; + bufp =3D buf; + + while (bufremain > 0) { + /* Free up enough space if the room is too low */ + while ((bufremain > BUFSIZ ? BUFSIZ : bufremain) > remaining) + remaining +=3D netflush(); + + /* Copy out as much as will fit */ + copied =3D remaining > bufremain ? bufremain : remaining; + memmove(nfrontp, bufp, copied); + nfrontp +=3D copied; + bufremain -=3D copied; + remaining -=3D copied; + bufp +=3D copied; } - ret =3D vsnprintf(nfrontp, remaining, format, args); - nfrontp +=3D (ret < remaining) ? ret : remaining; va_end(args); - return ret; + bufremain =3D strlen(buf); + free(buf); + return bufremain; } =20 int output_datalen(const char *buf, size_t len) { size_t remaining; - + int bufremain, copied; + const char *bufp; +=09 remaining =3D BUFSIZ - (nfrontp - netobuf); - if (remaining < len) { - netflush(); - remaining =3D BUFSIZ - (nfrontp - netobuf); - if (remaining < len) - return -1; + bufremain =3D len; + bufp =3D buf; + + while (bufremain > 0) { + /* Free up enough space if the room is too low*/ + while((bufremain > BUFSIZ ? BUFSIZ : bufremain) > remaining) + remaining +=3D netflush(); + + /* Copy out as much as will fit */ + copied =3D remaining > bufremain ? bufremain : remaining; + memmove(nfrontp, bufp, copied); + nfrontp +=3D copied; + bufremain -=3D copied; + remaining -=3D copied; + bufp +=3D copied; } - memmove(nfrontp, buf, len); - nfrontp +=3D len; + return (len); } Index: telnetd.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/telnetd.c,v retrieving revision 1.11.2.3 diff -u -r1.11.2.3 telnetd.c --- telnetd.c 2001/07/20 15:16:52 1.11.2.3 +++ telnetd.c 2001/07/23 05:05:23 @@ -952,7 +952,6 @@ char *HE; char *HN; char *IM; - void netflush(); int nfd; =20 /* @@ -1420,8 +1419,9 @@ } #endif /* defined(CRAY2) && defined(UNICOS5) */ =20 - if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0) - netflush(); + if (FD_ISSET(f, &obits)) + while ((nfrontp - nbackp) > 0) + netflush(); if (ncc > 0) telrcv(); if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0) Index: termstat.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/termstat.c,v retrieving revision 1.4.2.2 diff -u -r1.4.2.2 termstat.c --- termstat.c 2001/07/20 15:16:52 1.4.2.2 +++ termstat.c 2001/07/23 05:05:24 @@ -140,7 +140,6 @@ void localstat() { - void netflush(); int need_will_echo =3D 0; =20 #if defined(CRAY2) && defined(UNICOS5) @@ -404,7 +403,6 @@ clientstat(code, parm1, parm2) register int code, parm1, parm2; { - void netflush(); =20 /* * Get a copy of terminal characteristics. Index: utility.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/utility.c,v retrieving revision 1.5.2.2 diff -u -r1.5.2.2 utility.c --- utility.c 2001/07/20 15:16:52 1.5.2.2 +++ utility.c 2001/07/23 05:05:24 @@ -69,10 +69,9 @@ void ttloop() { - void netflush(); =20 DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp-nbackp) { + while ((nfrontp - nbackp) > 0) { netflush(); } ncc =3D read(net, netibuf, sizeof netibuf); @@ -249,18 +248,22 @@ /* * netflush * Send as much data as possible to the network, - * handling requests for urgent data. + * handling requests for urgent data. Not all data in the + * buffer may be sent. */ - void + int netflush() { int n; extern int not42; =20 if ((n =3D nfrontp - nbackp) > 0) { +#if 0 + /* XXX This causes output_data() to recurse and die */ DIAG(TD_REPORT, { n +=3D output_data("td: netflush %d chars\r\n", n); }); +#endif #ifdef ENCRYPTION if (encrypt_output) { char *s =3D nclearto ? nclearto : nbackp; @@ -296,7 +299,7 @@ } if (n < 0) { if (errno =3D=3D EWOULDBLOCK || errno =3D=3D EINTR) - return; + return 0; cleanup(0); } nbackp +=3D n; @@ -313,7 +316,7 @@ nclearto =3D 0; #endif /* ENCRYPTION */ } - return; + return (n); } /* end of netflush */ =20 =20 @@ -1082,7 +1085,7 @@ =20 while (cnt) { /* flush net output buffer if no room for new data) */ - if ((&netobuf[BUFSIZ] - nfrontp) < 80) { + while ((&netobuf[BUFSIZ] - nfrontp) < 80) { netflush(); } =20 --qDbXVdCdHGoSgWSk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7W7KlWry0BWjoQKURAt/7AJ0ahHx2P4erlF66H7PvjUyikErkUwCg706O M81Bq7cl29EHaBtQDK7TlEs= =1gGv -----END PGP SIGNATURE----- --qDbXVdCdHGoSgWSk-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 22 23:31:44 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.39]) by hub.freebsd.org (Postfix) with SMTP id 2929F37B407 for ; Sun, 22 Jul 2001 23:31:32 -0700 (PDT) (envelope-from roam@orbitel.bg) Received: (qmail 1857 invoked by uid 1000); 23 Jul 2001 06:30:41 -0000 Date: Mon, 23 Jul 2001 09:30:41 +0300 From: Peter Pentchev To: arch@FreeBSD.org Cc: audit@FreeBSD.org Subject: Re: kern/29131: Current hungs in sysctl -a while booting + patch Message-ID: <20010723093041.A1201@ringworld.oblivion.bg> Mail-Followup-To: arch@FreeBSD.org, audit@FreeBSD.org References: <200107220334.f6M3YRe01219@kan.dnsalias.net> <20010722110626.A819@ringworld.oblivion.bg> <20010722034233.B49508@sneakerz.org> <20010722235934.G882@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="PEIAKu/WMn1b1Hv9" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010722235934.G882@ringworld.oblivion.bg>; from roam@orbitel.bg on Sun, Jul 22, 2001 at 11:59:34PM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Sun, Jul 22, 2001 at 11:59:34PM +0300, Peter Pentchev wrote: > On Sun, Jul 22, 2001 at 03:42:33AM -0500, Alfred Perlstein wrote: > > * Peter Pentchev [010722 03:02] wrote: > > > Hi, > > > > > > Can anyone envision any side effects from committing the patch > > > in this PR? Seems like a trivial fix for a typo to me.. > > > > Shouldn't "magic" constants be put into the sysctl.h header? > > Good call! > > Attached are two patches: one to make sys/kern/kern_sysctl.c a bit > more style(9)-compliant (what made me do it was the failed search > for /^sysctl_register_oid/ when I saw it referenced), and one to put > a magic constant into sysctl.h and make kern_sysctl.c use it and > complain (albeit a bit harshly ;) about misbehaving static sysctl's. Here are the patches again (for -audit review). The second patch was modified after a suggestion from Dima - the comment about OID_AUTO in kern_sysctl.c was improved a bit. G'luck, Peter -- This would easier understand fewer had omitted. --PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="kern_sysctl.c-style.patch" Index: src/sys/kern/kern_sysctl.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_sysctl.c,v retrieving revision 1.110 diff -u -r1.110 kern_sysctl.c --- src/sys/kern/kern_sysctl.c 2001/06/22 19:54:38 1.110 +++ src/sys/kern/kern_sysctl.c 2001/07/22 20:38:15 @@ -87,7 +87,8 @@ * Order by number in each list. */ -void sysctl_register_oid(struct sysctl_oid *oidp) +void +sysctl_register_oid(struct sysctl_oid *oidp) { struct sysctl_oid_list *parent = oidp->oid_parent; struct sysctl_oid *p; @@ -135,7 +136,8 @@ SLIST_INSERT_HEAD(parent, oidp, oid_link); } -void sysctl_unregister_oid(struct sysctl_oid *oidp) +void +sysctl_unregister_oid(struct sysctl_oid *oidp) { SLIST_REMOVE(oidp->oid_parent, oidp, sysctl_oid, oid_link); } @@ -371,7 +373,8 @@ */ SET_DECLARE(sysctl_set, struct sysctl_oid); -static void sysctl_register_all(void *arg) +static void +sysctl_register_all(void *arg) { struct sysctl_oid **oidp; @@ -1084,7 +1087,8 @@ * must be in kernel space. */ int -userland_sysctl(struct proc *p, int *name, u_int namelen, void *old, size_t *oldlenp, int inkernel, void *new, size_t newlen, size_t *retval) +userland_sysctl(struct proc *p, int *name, u_int namelen, void *old, + size_t *oldlenp, int inkernel, void *new, size_t newlen, size_t *retval) { int error = 0; struct sysctl_req req, req2; --PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="sysctl-auto-start.patch" Index: src/sys/kern/kern_sysctl.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_sysctl.c,v retrieving revision 1.110 diff -u -r1.110 kern_sysctl.c --- src/sys/kern/kern_sysctl.c 2001/06/22 19:54:38 1.110 +++ src/sys/kern/kern_sysctl.c 2001/07/23 06:26:42 @@ -109,15 +109,19 @@ } /* * If this oid has a number OID_AUTO, give it a number which - * is greater than any current oid. Make sure it is at least - * 100 to leave space for pre-assigned oid numbers. + * is greater than any current oid. + * NOTE: DO NOT change the starting value here, change it in + * , and make sure it is at least 256 to + * accomodate e.g. net.inet.raw as a static sysctl node. */ if (oidp->oid_number == OID_AUTO) { - static int newoid = 100; + static int newoid = CTL_AUTO_START; oidp->oid_number = newoid++; if (newoid == 0x7fffffff) panic("out of oids"); + } else if (oidp->oid_number >= CTL_AUTO_START) { + panic("static sysctl oid too high: %d", oidp->oid_number); } /* Index: src/sys/sys/sysctl.h =================================================================== RCS file: /home/ncvs/src/sys/sys/sysctl.h,v retrieving revision 1.97 diff -u -r1.97 sysctl.h --- src/sys/sys/sysctl.h 2001/06/22 06:35:19 1.97 +++ src/sys/sys/sysctl.h 2001/07/23 06:26:42 @@ -95,6 +95,12 @@ */ #define OID_AUTO (-1) +/* + * The starting number for dynamically-assigned entries. WARNING! + * ALL static sysctl entries should have numbers LESS than this! + */ +#define CTL_AUTO_START 0x100 + #ifdef _KERNEL #define SYSCTL_HANDLER_ARGS struct sysctl_oid *oidp, void *arg1, int arg2, \ struct sysctl_req *req --PEIAKu/WMn1b1Hv9-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 1:56:50 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 7389537B403 for ; Mon, 23 Jul 2001 01:56:47 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15ObWb-000CWQ-00; Mon, 23 Jul 2001 10:57:13 +0200 From: Sheldon Hearn To: Garance A Drosihn Cc: David Hill , audit@FreeBSD.ORG Subject: Re: STD*_FILENO changes In-reply-to: Your message of "Sun, 22 Jul 2001 16:21:17 -0400." Date: Mon, 23 Jul 2001 10:57:13 +0200 Message-ID: <48137.995878633@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 22 Jul 2001 16:21:17 -0400, Garance A Drosihn wrote: > I have never been bugged by this particular issue, so I won't be > volunteering to look through the non-lpr parts of this... :-) It's fine, as long as David fixes his patchset so that it actually works. I've already warned him that his patchset uses values that aren't defined in any headers included in the affected source files. I'm waiting for a revised patchset. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 3:38:59 2001 Delivered-To: freebsd-audit@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 5EA0F37B403; Mon, 23 Jul 2001 03:38:11 -0700 (PDT) (envelope-from ru@whale.sunbay.crimea.ua) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f6NAa9889482; Mon, 23 Jul 2001 13:36:09 +0300 (EEST) (envelope-from ru) Date: Mon, 23 Jul 2001 13:36:09 +0300 From: Ruslan Ermilov To: Kris Kennaway Cc: Assar Westerlund , Matt Dillon , audit@FreeBSD.ORG Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? Message-ID: <20010723133609.A88343@sunbay.com> References: <20010719215957.A74024@sunbay.com> <200107191917.f6JJHwV77405@earth.backplane.com> <20010720100029.A30828@sunbay.com> <200107200932.f6K9WgZ88552@earth.backplane.com> <20010720143742.E65677@sunbay.com> <200107201717.f6KHHGa91142@earth.backplane.com> <20010722194031.A92249@jail-3.5> <5l66ck9wm7.fsf@assaris.sics.se> <20010722215619.A94874@xor.obsecurity.org> <20010722221413.A95414@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="k+w/mQv8wyuph6w0" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010722221413.A95414@xor.obsecurity.org>; from kris@obsecurity.org on Sun, Jul 22, 2001 at 10:14:14PM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --k+w/mQv8wyuph6w0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Sun, Jul 22, 2001 at 10:14:14PM -0700, Kris Kennaway wrote: > On Sun, Jul 22, 2001 at 09:56:20PM -0700, Kris Kennaway wrote: > > > * Some places which called netflush() conditionally (e.g. if there is > > insufficient free space for the operation they're about to do) now > > use while() to guarantee this; previously they could overflow if the > > netflush() failed. Some of the netflush() calls seemed to only be > > 'advisory' and nothing depends on the flush actually taking place > > immediately. I've left these alone for now; perhaps they should be > > changed to flush the entire buffer. > > After thinking about this a bit further, I've decided to make the > standalone netflush() calls flush the entire buffer. This seems like > a better thing to do than to potentially do nothing at all. > A yet better thing is to make netflush() flush the entire buffer. > I'm also not sure if I diffed the last patch against the correct CVS > versions. Updated patch follows. > > Index: state.c > =================================================================== > RCS file: /mnt/ncvs/src/crypto/telnet/telnetd/state.c,v > retrieving revision 1.4.2.1 > diff -u -r1.4.2.1 state.c > --- state.c 2001/07/20 15:16:52 1.4.2.1 > +++ state.c 2001/07/23 05:11:24 [...] > /* > * This function appends data to nfrontp and advances nfrontp. > + * Returns the number of characters written altogether (the buffer may have > + * been flushed in the process). > */ > > int > output_data(const char *format, ...) > { > va_list args; > - size_t remaining, ret; > + size_t remaining, copied; > + int bufremain; > + char *buf, *bufp; > > va_start(args, format); > + /* calculate free space to play with */ > remaining = BUFSIZ - (nfrontp - netobuf); > - /* try a netflush() if the room is too low */ > - if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { > - netflush(); > - remaining = BUFSIZ - (nfrontp - netobuf); > + > + if ((bufremain = vasprintf(&buf, format, args)) == -1) > + return -1; > + bufp = buf; > + > + while (bufremain > 0) { > + /* Free up enough space if the room is too low */ > + while ((bufremain > BUFSIZ ? BUFSIZ : bufremain) > remaining) > + remaining += netflush(); > + > + /* Copy out as much as will fit */ > + copied = remaining > bufremain ? bufremain : remaining; > + memmove(nfrontp, bufp, copied); > + nfrontp += copied; > + bufremain -= copied; > + remaining -= copied; > + bufp += copied; > } > - ret = vsnprintf(nfrontp, remaining, format, args); > - nfrontp += (ret < remaining) ? ret : remaining; > va_end(args); > - return ret; > + bufremain = strlen(buf); ^^^^^^^^^^^ This is bogus, `buf' may contain zero bytes [ output_data("%c", '\0') ]. > + free(buf); > + return bufremain; > } > > int > output_datalen(const char *buf, size_t len) > { [...] > return (len); > } > output_datalen() always returns `len', make it `void'? How about the attached? It mostly the same, except: - netflush() now flushes the entire buffer rather than callers ensure this. We should probably sleep until `net' is ready for output using select(2) but I have not found code that would set non-blocking I/O mode on the socket. - output_data() uses output_datalen() internally to avoid unnecessary duplication of the code. - output_datalen() simplified a bit. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --k+w/mQv8wyuph6w0 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=p Index: ext.h =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/ext.h,v retrieving revision 1.2.8.2 diff -u -p -r1.2.8.2 ext.h --- ext.h 2001/07/20 15:16:52 1.2.8.2 +++ ext.h 2001/07/23 10:13:05 @@ -190,7 +190,7 @@ extern void wontoption P((int)); int output_data __P((const char *, ...)) __printflike(1, 2); -int output_datalen __P((const char *, size_t)); +void output_datalen __P((const char *, int)); #ifdef ENCRYPTION extern void (*encrypt_output) P((unsigned char *, int)); Index: slc.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/slc.c,v retrieving revision 1.4.2.1 diff -u -p -r1.4.2.1 slc.c --- slc.c 2001/07/20 15:16:52 1.4.2.1 +++ slc.c 2001/07/23 10:13:06 @@ -176,7 +176,6 @@ end_slc(bufp) register unsigned char **bufp; { register int len; - void netflush(); /* * If a change has occured, store the new terminal control Index: state.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/state.c,v retrieving revision 1.4.2.1 diff -u -p -r1.4.2.1 state.c --- state.c 2001/07/20 15:16:52 1.4.2.1 +++ state.c 2001/07/23 10:13:13 @@ -1615,40 +1615,46 @@ send_status() /* * This function appends data to nfrontp and advances nfrontp. + * Returns the number of characters written altogether (the + * buffer may have been flushed in the process). */ int output_data(const char *format, ...) { va_list args; - size_t remaining, ret; + int len; + char *buf; va_start(args, format); - remaining = BUFSIZ - (nfrontp - netobuf); - /* try a netflush() if the room is too low */ - if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { - netflush(); - remaining = BUFSIZ - (nfrontp - netobuf); - } - ret = vsnprintf(nfrontp, remaining, format, args); - nfrontp += (ret < remaining) ? ret : remaining; + if ((len = vasprintf(&buf, format, args)) == -1) + return -1; + output_datalen(buf, len); va_end(args); - return ret; + free(buf); + return (len); } -int -output_datalen(const char *buf, size_t len) +void +output_datalen(const char *buf, int len) { - size_t remaining; - + int remaining, copied; + remaining = BUFSIZ - (nfrontp - netobuf); - if (remaining < len) { - netflush(); - remaining = BUFSIZ - (nfrontp - netobuf); - if (remaining < len) - return -1; + while (len > 0) { + /* Free up enough space if the room is too low*/ + if ((len > BUFSIZ ? BUFSIZ : len) > remaining) { + netflush(); + remaining = BUFSIZ - (nfrontp - netobuf); + } + + /* Copy out as much as will fit */ + copied = remaining > len ? len : remaining; + memmove(nfrontp, buf, copied); + nfrontp += copied; + len -= copied; + remaining -= copied; + buf += copied; } - memmove(nfrontp, buf, len); - nfrontp += len; - return (len); + return; } Index: telnetd.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/telnetd.c,v retrieving revision 1.11.2.3 diff -u -p -r1.11.2.3 telnetd.c --- telnetd.c 2001/07/20 15:16:52 1.11.2.3 +++ telnetd.c 2001/07/23 10:13:26 @@ -952,7 +952,6 @@ telnet(f, p, host) char *HE; char *HN; char *IM; - void netflush(); int nfd; /* Index: termstat.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/termstat.c,v retrieving revision 1.4.2.2 diff -u -p -r1.4.2.2 termstat.c --- termstat.c 2001/07/20 15:16:52 1.4.2.2 +++ termstat.c 2001/07/23 10:13:26 @@ -140,7 +140,6 @@ int newmap = 1; /* nonzero if \n maps to void localstat() { - void netflush(); int need_will_echo = 0; #if defined(CRAY2) && defined(UNICOS5) @@ -404,7 +403,6 @@ flowstat() clientstat(code, parm1, parm2) register int code, parm1, parm2; { - void netflush(); /* * Get a copy of terminal characteristics. Index: utility.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/utility.c,v retrieving revision 1.5.2.2 diff -u -p -r1.5.2.2 utility.c --- utility.c 2001/07/20 15:16:52 1.5.2.2 +++ utility.c 2001/07/23 10:13:26 @@ -69,10 +69,9 @@ static const char rcsid[] = void ttloop() { - void netflush(); DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp-nbackp) { + if (nfrontp - nbackp > 0) { netflush(); } ncc = read(net, netibuf, sizeof netibuf); @@ -257,10 +256,13 @@ netflush() int n; extern int not42; - if ((n = nfrontp - nbackp) > 0) { + while ((n = nfrontp - nbackp) > 0) { +#if 0 + /* XXX This causes output_data() to recurse and die */ DIAG(TD_REPORT, { n += output_data("td: netflush %d chars\r\n", n); }); +#endif #ifdef ENCRYPTION if (encrypt_output) { char *s = nclearto ? nclearto : nbackp; @@ -293,25 +295,24 @@ netflush() n = send(net, nbackp, n, MSG_OOB); /* URGENT data */ } } - } - if (n < 0) { - if (errno == EWOULDBLOCK || errno == EINTR) - return; - cleanup(0); - } - nbackp += n; + if (n == -1 && errno != EWOULDBLOCK && errno != EINTR) { + cleanup(0); + /* NOTREACHED */ + } + nbackp += n; #ifdef ENCRYPTION - if (nbackp > nclearto) - nclearto = 0; + if (nbackp > nclearto) + nclearto = 0; #endif /* ENCRYPTION */ - if (nbackp >= neturg) { - neturg = 0; - } - if (nbackp == nfrontp) { - nbackp = nfrontp = netobuf; + if (nbackp >= neturg) { + neturg = 0; + } + if (nbackp == nfrontp) { + nbackp = nfrontp = netobuf; #ifdef ENCRYPTION - nclearto = 0; + nclearto = 0; #endif /* ENCRYPTION */ + } } return; } /* end of netflush */ --k+w/mQv8wyuph6w0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 3:42: 4 2001 Delivered-To: freebsd-audit@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id CB54A37B405 for ; Mon, 23 Jul 2001 03:42:01 -0700 (PDT) (envelope-from dima@unixfreak.org) Received: from hornet.unixfreak.org (hornet [63.198.170.140]) by bazooka.unixfreak.org (Postfix) with ESMTP id 855893E2F; Mon, 23 Jul 2001 03:42:01 -0700 (PDT) To: Peter Pentchev Cc: audit@FreeBSD.org Subject: Re: sysctl(8) enhancement: display sysctl MIB's In-Reply-To: <20010723004034.I882@ringworld.oblivion.bg>; from roam@orbitel.bg on "Mon, 23 Jul 2001 00:40:34 +0300" Date: Mon, 23 Jul 2001 03:42:01 -0700 From: Dima Dorfman Message-Id: <20010723104201.855893E2F@bazooka.unixfreak.org> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Peter Pentchev writes: > @@ -369,6 +373,33 @@ > } > > /* > + * This formats and outputs the name of one variable. > + * If the -m command-line flag was specified, the MIB value > + * is also printed out. > + * > + * Returns zero on success. > + * No error conditions yet (XXX: check printf() return value? :) I don't think checking printf()'s return value does anything other than add more lines to the program. Most (none?) of the other programs don't do it. Besides, what can you do when it fails? Remember, err(3) calls it too... (well, it calls fprintf to write to stderr, but you get the idea) > + */ > + > +static int > +show_varname(const char *name, const int *oid, int len) ... > @@ -397,7 +428,7 @@ > err(1, "sysctl name %d %d %d", i, j, errno); > > if (Nflag) { > - printf("%s", name); > + show_varname(name, oid, nlen); > return (0); > } > If you're going to make show_varname() return something to indicate an error (your code doesn't do that right now, but the return type is 'int', and the comment says that it might fail in the future), you should check the return value when you call it. Actually, I think making the return type 'void' makes more sense: this is a support routine (as opposed to an interface to something), and if it detects an error, calling one of the err(3) functions would be cleaner than doing error checking all over the place. Other than that, I think it's a good idea. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 4: 7:22 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.39]) by hub.freebsd.org (Postfix) with SMTP id AA3FC37B403 for ; Mon, 23 Jul 2001 04:07:06 -0700 (PDT) (envelope-from roam@orbitel.bg) Received: (qmail 52907 invoked by uid 1000); 23 Jul 2001 11:06:20 -0000 Date: Mon, 23 Jul 2001 14:06:20 +0300 From: Peter Pentchev To: arch@FreeBSD.org Cc: audit@FreeBSD.org Subject: Re: sysctl(8) enhancement: display sysctl MIB's Message-ID: <20010723140620.A52175@ringworld.oblivion.bg> Mail-Followup-To: arch@FreeBSD.org, audit@FreeBSD.org References: <20010723004034.I882@ringworld.oblivion.bg> <20010723104201.855893E2F@bazooka.unixfreak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010723104201.855893E2F@bazooka.unixfreak.org>; from dima@unixfreak.org on Mon, Jul 23, 2001 at 03:42:01AM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jul 23, 2001 at 03:42:01AM -0700, Dima Dorfman wrote: [snip] > > I don't think checking printf()'s return value does anything other > than add more lines to the program. Most (none?) of the other > programs don't do it. Besides, what can you do when it fails? > Remember, err(3) calls it too... (well, it calls fprintf to write to > stderr, but you get the idea) [snip] > > If you're going to make show_varname() return something to indicate an > error (your code doesn't do that right now, but the return type is > 'int', and the comment says that it might fail in the future), you > should check the return value when you call it. Actually, I think > making the return type 'void' makes more sense: this is a support > routine (as opposed to an interface to something), and if it detects > an error, calling one of the err(3) functions would be cleaner than > doing error checking all over the place. > > > Other than that, I think it's a good idea. OK, a revised patch follows.. G'luck, Peter -- If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false. Index: src/sbin/sysctl/sysctl.8 =================================================================== RCS file: /home/ncvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.36 diff -u -r1.36 sysctl.8 --- src/sbin/sysctl/sysctl.8 2001/07/13 09:09:48 1.36 +++ src/sbin/sysctl/sysctl.8 2001/07/23 11:05:00 @@ -40,7 +40,7 @@ .Nd get or set kernel state .Sh SYNOPSIS .Nm -.Op Fl bNnox +.Op Fl bmNnox .Ar name Ns Op = Ns Ar value .Ar ... .Nm @@ -71,6 +71,11 @@ Force the value of the variable(s) to be output in raw, binary format. No names are printed and no terminating newlines are output. This is mostly useful with a single variable. +.It Fl m +Specify that the MIB numerical value should be printed before the name. +This flag only takes effect if +.Fl n +is not specified. .It Fl N Show only variable names, not their values. This is particularly useful with shells that offer programmable Index: src/sbin/sysctl/sysctl.c =================================================================== RCS file: /home/ncvs/src/sbin/sysctl/sysctl.c,v retrieving revision 1.37 diff -u -r1.37 sysctl.c --- src/sbin/sysctl/sysctl.c 2001/06/18 21:06:24 1.37 +++ src/sbin/sysctl/sysctl.c 2001/07/23 11:05:00 @@ -58,10 +58,11 @@ #include #include -static int aflag, bflag, Nflag, nflag, oflag, xflag; +static int aflag, bflag, mflag, Nflag, nflag, oflag, xflag; static int oidfmt(int *, int, char *, u_int *); static void parse(char *); +static void show_varname(const char *, const int *, int); static int show_var(int *, int); static int sysctl_all (int *oid, int len); static int name2oid(char *, int *); @@ -71,8 +72,8 @@ { (void)fprintf(stderr, "%s\n%s\n", - "usage: sysctl [-bNnox] variable[=value] ...", - " sysctl [-bNnox] -a"); + "usage: sysctl [-bmNnox] variable[=value] ...", + " sysctl [-bmNnox] -a"); exit(1); } @@ -83,7 +84,7 @@ setbuf(stdout,0); setbuf(stderr,0); - while ((ch = getopt(argc, argv, "AabNnowxX")) != -1) { + while ((ch = getopt(argc, argv, "AabmNnowxX")) != -1) { switch (ch) { case 'A': /* compatibility */ @@ -95,6 +96,9 @@ case 'b': bflag = 1; break; + case 'm': + mflag = 1; + break; case 'N': Nflag = 1; break; @@ -369,6 +373,30 @@ } /* + * This formats and outputs the name of one variable. + * If the -m command-line flag was specified, the MIB value + * is also printed out. + */ + +static void +show_varname(const char *name, const int *oid, int len) +{ + int i; + + if (nflag) + return; + + if (mflag) { + for (i = 0; i < len-1; i++) + printf("%X.", oid[i]); + printf("%X ", oid[i]); + } + + printf("%s: ", name); + return; +} + +/* * This formats and outputs the value of one variable * * Returns zero if anything was actually output. @@ -397,7 +425,7 @@ err(1, "sysctl name %d %d %d", i, j, errno); if (Nflag) { - printf("%s", name); + show_varname(name, oid, nlen); return (0); } @@ -430,14 +458,12 @@ p = val; switch (*fmt) { case 'A': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); printf("%s", p); return (0); case 'I': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); fmt++; val = ""; while (len >= sizeof(int)) { @@ -452,8 +478,7 @@ return (0); case 'L': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); fmt++; val = ""; while (len >= sizeof(long)) { @@ -468,8 +493,7 @@ return (0); case 'P': - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); printf("%p", *(void **)p); return (0); @@ -487,16 +511,14 @@ else func = NULL; if (func) { - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); return ((*func)(len, p)); } /* FALL THROUGH */ default: if (!oflag && !xflag) return (1); - if (!nflag) - printf("%s: ", name); + show_varname(name, oid, nlen); printf("Format:%s Length:%d Dump:0x", fmt, len); while (len-- && (xflag || p < val + 16)) printf("%02x", *p++); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 5: 0:54 2001 Delivered-To: freebsd-audit@freebsd.org Received: from assaris.sics.se (assaris.sics.se [193.10.66.234]) by hub.freebsd.org (Postfix) with ESMTP id 34A8E37B405; Mon, 23 Jul 2001 05:00:48 -0700 (PDT) (envelope-from assar@assaris.sics.se) Received: (from assar@localhost) by assaris.sics.se (8.9.3/8.9.3) id OAA38605; Mon, 23 Jul 2001 14:00:46 +0200 (CEST) (envelope-from assar) To: Ruslan Ermilov Cc: Kris Kennaway , Matt Dillon , audit@FreeBSD.ORG Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? References: <20010719215957.A74024@sunbay.com> <200107191917.f6JJHwV77405@earth.backplane.com> <20010720100029.A30828@sunbay.com> <200107200932.f6K9WgZ88552@earth.backplane.com> <20010720143742.E65677@sunbay.com> <200107201717.f6KHHGa91142@earth.backplane.com> <20010722194031.A92249@jail-3.5> <5l66ck9wm7.fsf@assaris.sics.se> <20010722215619.A94874@xor.obsecurity.org> <20010722221413.A95414@xor.obsecurity.org> <20010723133609.A88343@sunbay.com> From: Assar Westerlund Date: 23 Jul 2001 14:00:46 +0200 In-Reply-To: Ruslan Ermilov's message of "Mon, 23 Jul 2001 13:36:09 +0300" Message-ID: <5lr8v7x3bl.fsf@assaris.sics.se> Lines: 139 User-Agent: Gnus/5.070098 (Pterodactyl Gnus v0.98) Emacs/20.6 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Ruslan Ermilov writes: > output_datalen() always returns `len', make it `void'? Or leave it as it is for symmetry with output_data? > How about the attached? It mostly the same, except: > > - netflush() now flushes the entire buffer rather than > callers ensure this. We should probably sleep until > `net' is ready for output using select(2) but I have > not found code that would set non-blocking I/O mode > on the socket. There should not be any code in telnetd that set the socket non-blocking. > - output_data() uses output_datalen() internally to > avoid unnecessary duplication of the code. Good. > + /* Free up enough space if the room is too low*/ > + if ((len > BUFSIZ ? BUFSIZ : len) > remaining) { I don't understand this. Isn't BUFSIZ always going to be larger than (or equal) than remaining? So just doing 'if (len > remaining)' woul call netflush() unnecessarily if len > remaining == BUFSIZ ? I think it's clearer: if (len > remaining) > + netflush(); > + remaining = BUFSIZ - (nfrontp - netobuf); > + } > + > + /* Copy out as much as will fit */ > + copied = remaining > len ? len : remaining; > + memmove(nfrontp, buf, copied); > + nfrontp += copied; > + len -= copied; > + remaining -= copied; > + buf += copied; > } > - memmove(nfrontp, buf, len); > - nfrontp += len; > - return (len); > + return; > } > Index: telnetd.c > =================================================================== > RCS file: /home/ncvs/src/crypto/telnet/telnetd/telnetd.c,v > retrieving revision 1.11.2.3 > diff -u -p -r1.11.2.3 telnetd.c > --- telnetd.c 2001/07/20 15:16:52 1.11.2.3 > +++ telnetd.c 2001/07/23 10:13:26 > @@ -952,7 +952,6 @@ telnet(f, p, host) > char *HE; > char *HN; > char *IM; > - void netflush(); > int nfd; > > /* > Index: termstat.c > =================================================================== > RCS file: /home/ncvs/src/crypto/telnet/telnetd/termstat.c,v > retrieving revision 1.4.2.2 > diff -u -p -r1.4.2.2 termstat.c > --- termstat.c 2001/07/20 15:16:52 1.4.2.2 > +++ termstat.c 2001/07/23 10:13:26 > @@ -140,7 +140,6 @@ int newmap = 1; /* nonzero if \n maps to > void > localstat() > { > - void netflush(); > int need_will_echo = 0; > > #if defined(CRAY2) && defined(UNICOS5) > @@ -404,7 +403,6 @@ flowstat() > clientstat(code, parm1, parm2) > register int code, parm1, parm2; > { > - void netflush(); > > /* > * Get a copy of terminal characteristics. > Index: utility.c > =================================================================== > RCS file: /home/ncvs/src/crypto/telnet/telnetd/utility.c,v > retrieving revision 1.5.2.2 > diff -u -p -r1.5.2.2 utility.c > --- utility.c 2001/07/20 15:16:52 1.5.2.2 > +++ utility.c 2001/07/23 10:13:26 > @@ -69,10 +69,9 @@ static const char rcsid[] = > void > ttloop() > { > - void netflush(); > > DIAG(TD_REPORT, output_data("td: ttloop\r\n")); > - if (nfrontp-nbackp) { > + if (nfrontp - nbackp > 0) { > netflush(); > } > ncc = read(net, netibuf, sizeof netibuf); > @@ -257,10 +256,13 @@ netflush() > int n; > extern int not42; > > - if ((n = nfrontp - nbackp) > 0) { > + while ((n = nfrontp - nbackp) > 0) { > +#if 0 > + /* XXX This causes output_data() to recurse and die */ > DIAG(TD_REPORT, { > n += output_data("td: netflush %d chars\r\n", n); > }); > +#endif > #ifdef ENCRYPTION > if (encrypt_output) { > char *s = nclearto ? nclearto : nbackp; > @@ -293,25 +295,24 @@ netflush() > n = send(net, nbackp, n, MSG_OOB); /* URGENT data */ > } > } > - } > - if (n < 0) { > - if (errno == EWOULDBLOCK || errno == EINTR) > - return; > - cleanup(0); > - } > - nbackp += n; > + if (n == -1 && errno != EWOULDBLOCK && errno != EINTR) { > + cleanup(0); > + /* NOTREACHED */ > + } > + nbackp += n; Is this good? Doesn't it mean that if we get EWOULDBLOCK or EINTR, we will subtract one from nbackp? /assar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 6:50:17 2001 Delivered-To: freebsd-audit@freebsd.org Received: from relay1.macomnet.ru (relay1.macomnet.ru [195.128.64.10]) by hub.freebsd.org (Postfix) with ESMTP id A1B0637B40A for ; Mon, 23 Jul 2001 06:49:54 -0700 (PDT) (envelope-from maxim@macomnet.ru) Received: from news1.macomnet.ru (news1.macomnet.ru [195.128.64.14]) by relay1.macomnet.ru (8.11.3/8.11.3) with ESMTP id f6NDnqD11828537; Mon, 23 Jul 2001 17:49:53 +0400 (MSD) Date: Mon, 23 Jul 2001 17:49:47 +0400 (MSD) From: Maxim Konovalov To: Cc: Maxim Konovalov Subject: 'do not fragment' flag in ping(8) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello -audit, I have made a patch for ping(8) which adds 'do not fragment' flag in it (bin/29164). This patch is mostly from OpenBSD. Could you please review it? Thanks a lot. - -maxim P.S. Please save CC:, I am not in the list. Index: ping.c =================================================================== RCS file: /home/ncvs/src/sbin/ping/ping.c,v retrieving revision 1.59 diff -u -r1.59 ping.c --- ping.c 2001/07/07 19:09:21 1.59 +++ ping.c 2001/07/20 10:47:35 @@ -81,6 +81,7 @@ #include #include +#include #include #include #include @@ -100,9 +101,9 @@ #define DEFDATALEN (64 - PHDR_LEN) /* default data length */ #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */ /* runs out of buffer space */ -#define MAXIPLEN 60 +#define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN) #define MAXICMPLEN 76 -#define MAXPACKET (65536 - 60 - 8)/* max packet size */ +#define MAXPACKET (IP_MAXPACKET - MAXIPLEN - ICMP_MINLEN) /* max packet size */ #define MAXWAIT 10 /* max seconds to wait for response */ #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ #define NROUTES 9 /* number of record route slots */ @@ -136,6 +137,7 @@ #endif /*IPSEC*/ #define F_TTL 0x8000 #define F_MISSED 0x10000 +#define F_HDRINCL 0x20000 /* * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum @@ -149,7 +151,8 @@ struct sockaddr_in whereto; /* who to ping */ int datalen = DEFDATALEN; int s; /* socket file descriptor */ -u_char outpack[MAXPACKET]; +u_char outpackhdr[IP_MAXPACKET]; /* Max packet size = 65535 */ +u_char *outpack = outpackhdr + sizeof(struct ip); char BSPACE = '\b'; /* characters written for flood */ char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ char DOT = '.'; @@ -204,7 +207,7 @@ int ch, hold, packlen, preload, sockerrno, almost_done = 0, ttl; struct in_addr ifaddr; unsigned char mttl, loop; - u_char *datap, *packet; + u_char *datap, *packet, df = 0; char *source = NULL, *target, hnamebuf[MAXHOSTNAMELEN]; char snamebuf[MAXHOSTNAMELEN]; char *ep; @@ -238,7 +241,7 @@ datap = &outpack[8 + PHDR_LEN]; while ((ch = getopt(argc, argv, - "AI:LQRS:T:c:adfi:l:m:np:qrs:t:v" + "ADI:LQRS:T:c:adfi:l:m:np:qrs:t:v" #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC "P:" @@ -261,6 +264,10 @@ optarg); npackets = ultmp; break; + case 'D': + options |= F_HDRINCL; + df = 1; + break; case 'd': options |= F_SO_DEBUG; break; @@ -315,7 +322,7 @@ break; case 'm': /* TTL */ ultmp = strtoul(optarg, &ep, 0); - if (*ep || ep == optarg || ultmp > 255) + if (*ep || ep == optarg || ultmp > MAXTTL) errx(EX_USAGE, "invalid TTL: `%s'", optarg); ttl = ultmp; @@ -369,7 +376,7 @@ break; case 'T': /* multicast TTL */ ultmp = strtoul(optarg, &ep, 0); - if (*ep || ep == optarg || ultmp > 255) + if (*ep || ep == optarg || ultmp > MAXTTL) errx(EX_USAGE, "invalid multicast TTL: `%s'", optarg); mttl = ultmp; @@ -506,6 +513,33 @@ #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ + if (options & F_HDRINCL) { + struct ip *ip = (struct ip*)outpackhdr; + +#ifdef IPCTL_DEFTTL + + if (!((options & F_TTL) || (options & F_MTTL))) { + int mib[4] = { CTL_NET, PF_INET, IPPROTO_IP, IPCTL_DEFTTL }; + size_t sz = sizeof(ttl); + + if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1) + err(1, "sysctl(net.inet.ip.ttl)"); + } + +#endif + + setsockopt(s, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold)); + ip->ip_v = IPVERSION; + ip->ip_hl = sizeof(struct ip) >> 2; + ip->ip_tos = 0; + ip->ip_id = 0; + ip->ip_off = df ? IP_DF : 0; + ip->ip_ttl = ttl; + ip->ip_p = IPPROTO_ICMP; + ip->ip_src.s_addr = source ? sin.sin_addr.s_addr : INADDR_ANY; + ip->ip_dst = to->sin_addr; + } + /* record route option */ if (options & F_RROUTE) { #ifdef IP_OPTIONS @@ -560,8 +594,11 @@ * ethernet, or just want to fill the arp cache to get some stuff for * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast * or multicast pings if they wish. + * + * We should have our buffers are at least 64K so we can ping with + * IP_MAXPACKET packet size. */ - hold = 48 * 1024; + hold = 64 * 1024; (void)setsockopt(s, SOL_SOCKET, SO_RCVBUF, (char *)&hold, sizeof(hold)); @@ -742,6 +779,7 @@ register struct icmp *icp; register int cc; int i; + char *packet = outpack; icp = (struct icmp *)outpack; icp->icmp_type = ICMP_ECHO; @@ -760,8 +798,17 @@ /* compute ICMP checksum here */ icp->icmp_cksum = in_cksum((u_short *)icp, cc); + + if (options & F_HDRINCL) { + struct ip *ip = (struct ip*)outpackhdr; + + packet = (char*)ip; + cc += sizeof(struct ip); + ip->ip_len = cc; + ip->ip_sum = in_cksum((u_short *)outpackhdr, cc); + } - i = sendto(s, (char *)outpack, cc, 0, (struct sockaddr *)&whereto, + i = sendto(s, (char *)packet, cc, 0, (struct sockaddr *)&whereto, sizeof(whereto)); if (i < 0 || i != cc) { Index: ping.8 =================================================================== RCS file: /home/ncvs/src/sbin/ping/ping.8,v retrieving revision 1.31 diff -u -r1.31 ping.8 --- ping.8 2001/07/15 07:49:16 1.31 +++ ping.8 2001/07/20 10:47:36 @@ -42,7 +42,7 @@ packets to network hosts .Sh SYNOPSIS .Nm -.Op Fl AQRadfnqrv +.Op Fl ADQRadfnqrv .Op Fl c Ar count .Op Fl i Ar wait .Op Fl l Ar preload @@ -101,6 +101,9 @@ If this option is not specified, .Nm will operate until interrupted. +.It Fl D +Set the +.Dv Don't Fragment bit. .It Fl d Set the .Dv SO_DEBUG To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 8:38:38 2001 Delivered-To: freebsd-audit@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 1288937B403 for ; Mon, 23 Jul 2001 08:37:28 -0700 (PDT) (envelope-from ru@whale.sunbay.crimea.ua) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f6NFM4B20798; Mon, 23 Jul 2001 18:22:04 +0300 (EEST) (envelope-from ru) Date: Mon, 23 Jul 2001 18:22:04 +0300 From: Ruslan Ermilov To: Assar Westerlund Cc: Kris Kennaway , Matt Dillon , audit@FreeBSD.ORG Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? Message-ID: <20010723182204.C17788@sunbay.com> References: <20010720100029.A30828@sunbay.com> <200107200932.f6K9WgZ88552@earth.backplane.com> <20010720143742.E65677@sunbay.com> <200107201717.f6KHHGa91142@earth.backplane.com> <20010722194031.A92249@jail-3.5> <5l66ck9wm7.fsf@assaris.sics.se> <20010722215619.A94874@xor.obsecurity.org> <20010722221413.A95414@xor.obsecurity.org> <20010723133609.A88343@sunbay.com> <5lr8v7x3bl.fsf@assaris.sics.se> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="0F1p//8PRICkK4MW" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <5lr8v7x3bl.fsf@assaris.sics.se>; from assar@sics.se on Mon, Jul 23, 2001 at 02:00:46PM +0200 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --0F1p//8PRICkK4MW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Jul 23, 2001 at 02:00:46PM +0200, Assar Westerlund wrote: > Ruslan Ermilov writes: > > output_datalen() always returns `len', make it `void'? > > Or leave it as it is for symmetry with output_data? > > > How about the attached? It mostly the same, except: > > > > - netflush() now flushes the entire buffer rather than > > callers ensure this. We should probably sleep until > > `net' is ready for output using select(2) but I have > > not found code that would set non-blocking I/O mode > > on the socket. > > There should not be any code in telnetd that set the socket non-blocking. > > > - output_data() uses output_datalen() internally to > > avoid unnecessary duplication of the code. > > Good. > > > + /* Free up enough space if the room is too low*/ > > + if ((len > BUFSIZ ? BUFSIZ : len) > remaining) { > > I don't understand this. Isn't BUFSIZ always going to be larger than > (or equal) than remaining? So just doing 'if (len > remaining)' > woul call netflush() unnecessarily if len > remaining == BUFSIZ ? > > I think it's clearer: > if (len > remaining) > This sucks if (len > BUFSIZ) and buffer is empty (remaining == BUFSIZ)? We would unnecessarily call netflush(). > > @@ -293,25 +295,24 @@ netflush() > > n = send(net, nbackp, n, MSG_OOB); /* URGENT data */ > > } > > } > > - } > > - if (n < 0) { > > - if (errno == EWOULDBLOCK || errno == EINTR) > > - return; > > - cleanup(0); > > - } > > - nbackp += n; > > + if (n == -1 && errno != EWOULDBLOCK && errno != EINTR) { > > + cleanup(0); > > + /* NOTREACHED */ > > + } > > + nbackp += n; > > Is this good? Doesn't it mean that if we get EWOULDBLOCK or EINTR, we > will subtract one from nbackp? > Doh, this is not what was planned, sorry. The last minute bug. An updated patch follows. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --0F1p//8PRICkK4MW Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=p2 Index: ext.h =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/ext.h,v retrieving revision 1.2.8.2 diff -u -p -r1.2.8.2 ext.h --- ext.h 2001/07/20 15:16:52 1.2.8.2 +++ ext.h 2001/07/23 15:18:43 @@ -190,7 +190,7 @@ extern void wontoption P((int)); int output_data __P((const char *, ...)) __printflike(1, 2); -int output_datalen __P((const char *, size_t)); +void output_datalen __P((const char *, int)); #ifdef ENCRYPTION extern void (*encrypt_output) P((unsigned char *, int)); Index: slc.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/slc.c,v retrieving revision 1.4.2.1 diff -u -p -r1.4.2.1 slc.c --- slc.c 2001/07/20 15:16:52 1.4.2.1 +++ slc.c 2001/07/23 15:18:54 @@ -176,7 +176,6 @@ end_slc(bufp) register unsigned char **bufp; { register int len; - void netflush(); /* * If a change has occured, store the new terminal control Index: state.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/state.c,v retrieving revision 1.4.2.1 diff -u -p -r1.4.2.1 state.c --- state.c 2001/07/20 15:16:52 1.4.2.1 +++ state.c 2001/07/23 15:19:06 @@ -1615,40 +1615,46 @@ send_status() /* * This function appends data to nfrontp and advances nfrontp. + * Returns the number of characters written altogether (the + * buffer may have been flushed in the process). */ int output_data(const char *format, ...) { va_list args; - size_t remaining, ret; + int len; + char *buf; va_start(args, format); - remaining = BUFSIZ - (nfrontp - netobuf); - /* try a netflush() if the room is too low */ - if (strlen(format) > remaining || BUFSIZ / 4 > remaining) { - netflush(); - remaining = BUFSIZ - (nfrontp - netobuf); - } - ret = vsnprintf(nfrontp, remaining, format, args); - nfrontp += (ret < remaining) ? ret : remaining; + if ((len = vasprintf(&buf, format, args)) == -1) + return -1; + output_datalen(buf, len); va_end(args); - return ret; + free(buf); + return (len); } -int -output_datalen(const char *buf, size_t len) +void +output_datalen(const char *buf, int len) { - size_t remaining; - + int remaining, copied; + remaining = BUFSIZ - (nfrontp - netobuf); - if (remaining < len) { - netflush(); - remaining = BUFSIZ - (nfrontp - netobuf); - if (remaining < len) - return -1; + while (len > 0) { + /* Free up enough space if the room is too low*/ + if ((len > BUFSIZ ? BUFSIZ : len) > remaining) { + netflush(); + remaining = BUFSIZ - (nfrontp - netobuf); + } + + /* Copy out as much as will fit */ + copied = remaining > len ? len : remaining; + memmove(nfrontp, buf, copied); + nfrontp += copied; + len -= copied; + remaining -= copied; + buf += copied; } - memmove(nfrontp, buf, len); - nfrontp += len; - return (len); + return; } Index: telnetd.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/telnetd.c,v retrieving revision 1.11.2.3 diff -u -p -r1.11.2.3 telnetd.c --- telnetd.c 2001/07/20 15:16:52 1.11.2.3 +++ telnetd.c 2001/07/23 15:19:38 @@ -952,7 +952,6 @@ telnet(f, p, host) char *HE; char *HN; char *IM; - void netflush(); int nfd; /* Index: termstat.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/termstat.c,v retrieving revision 1.4.2.2 diff -u -p -r1.4.2.2 termstat.c --- termstat.c 2001/07/20 15:16:52 1.4.2.2 +++ termstat.c 2001/07/23 15:19:43 @@ -140,7 +140,6 @@ int newmap = 1; /* nonzero if \n maps to void localstat() { - void netflush(); int need_will_echo = 0; #if defined(CRAY2) && defined(UNICOS5) @@ -404,7 +403,6 @@ flowstat() clientstat(code, parm1, parm2) register int code, parm1, parm2; { - void netflush(); /* * Get a copy of terminal characteristics. Index: utility.c =================================================================== RCS file: /home/ncvs/src/crypto/telnet/telnetd/utility.c,v retrieving revision 1.5.2.2 diff -u -p -r1.5.2.2 utility.c --- utility.c 2001/07/20 15:16:52 1.5.2.2 +++ utility.c 2001/07/23 15:19:50 @@ -69,10 +69,9 @@ static const char rcsid[] = void ttloop() { - void netflush(); DIAG(TD_REPORT, output_data("td: ttloop\r\n")); - if (nfrontp-nbackp) { + if (nfrontp - nbackp > 0) { netflush(); } ncc = read(net, netibuf, sizeof netibuf); @@ -257,10 +256,13 @@ netflush() int n; extern int not42; - if ((n = nfrontp - nbackp) > 0) { + while ((n = nfrontp - nbackp) > 0) { +#if 0 + /* XXX This causes output_data() to recurse and die */ DIAG(TD_REPORT, { n += output_data("td: netflush %d chars\r\n", n); }); +#endif #ifdef ENCRYPTION if (encrypt_output) { char *s = nclearto ? nclearto : nbackp; @@ -293,25 +295,26 @@ netflush() n = send(net, nbackp, n, MSG_OOB); /* URGENT data */ } } - } - if (n < 0) { - if (errno == EWOULDBLOCK || errno == EINTR) - return; - cleanup(0); - } - nbackp += n; + if (n == -1) { + if (errno == EWOULDBLOCK || errno == EINTR) + continue; + cleanup(0); + /* NOTREACHED */ + } + nbackp += n; #ifdef ENCRYPTION - if (nbackp > nclearto) - nclearto = 0; + if (nbackp > nclearto) + nclearto = 0; #endif /* ENCRYPTION */ - if (nbackp >= neturg) { - neturg = 0; - } - if (nbackp == nfrontp) { - nbackp = nfrontp = netobuf; + if (nbackp >= neturg) { + neturg = 0; + } + if (nbackp == nfrontp) { + nbackp = nfrontp = netobuf; #ifdef ENCRYPTION - nclearto = 0; + nclearto = 0; #endif /* ENCRYPTION */ + } } return; } /* end of netflush */ --0F1p//8PRICkK4MW-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 9:26: 3 2001 Delivered-To: freebsd-audit@freebsd.org Received: from Veronica.wmol.com (veronica.wmol.com [208.242.83.241]) by hub.freebsd.org (Postfix) with ESMTP id 0453D37B40A for ; Mon, 23 Jul 2001 09:25:59 -0700 (PDT) (envelope-from david@phobia.ms) Received: from rain.hill.hom (081bc122.chartermi.net [24.247.81.122]) by Veronica.wmol.com (Vircom SMTPRS 4.6.189) with ESMTP id for ; Mon, 23 Jul 2001 12:24:03 -0400 Date: Mon, 23 Jul 2001 12:25:35 -0400 From: David Hill To: audit@freebsd.org Subject: STD*_FILENO patches #2 Message-Id: <20010723122535.3cbd53ef.david@phobia.ms> X-Mailer: Sylpheed version 0.5.1 (GTK+ 1.2.10; i386-unknown-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ok done. NOTE: pcvt - header.h patch now contains #include window #include is in ww.h patch http://www.phobia.ms/patches/diffs.tar.gz - David To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 9:40:28 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id C2C7037B40D for ; Mon, 23 Jul 2001 09:40:21 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15OilZ-0000zN-00; Mon, 23 Jul 2001 18:41:09 +0200 From: Sheldon Hearn To: David Hill Cc: audit@freebsd.org Subject: Re: STD*_FILENO patches #2 In-reply-to: Your message of "Mon, 23 Jul 2001 12:25:35 -0400." <20010723122535.3cbd53ef.david@phobia.ms> Date: Mon, 23 Jul 2001 18:41:08 +0200 Message-ID: <3804.995906468@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 23 Jul 2001 12:25:35 -0400, David Hill wrote: > NOTE: > pcvt - > header.h patch now contains #include Wrong approach. Private (or local, or build-only) headers shouldn't be used to include all the crap that the source files that include them require. They should only include headers that are required for the things that they themselves declare and define. As an example/ pcvt's header.h includes so that the type "struct sgttyb" is available for the delcaration of sgttyOrg and sgttyNew. You should include from the file that needs it; in this case, it's main.c . > window > #include is in ww.h patch Probably the same problem here. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 10:10:39 2001 Delivered-To: freebsd-audit@freebsd.org Received: from Veronica.wmol.com (veronica.wmol.com [208.242.83.241]) by hub.freebsd.org (Postfix) with ESMTP id 2040337B401 for ; Mon, 23 Jul 2001 10:10:33 -0700 (PDT) (envelope-from david@phobia.ms) Received: from rain.hill.hom (081bc122.chartermi.net [24.247.81.122]) by Veronica.wmol.com (Vircom SMTPRS 4.6.189) with ESMTP id ; Mon, 23 Jul 2001 13:07:57 -0400 Date: Mon, 23 Jul 2001 13:09:30 -0400 From: David Hill To: Sheldon Hearn Cc: audit@freebsd.org Subject: Re: STD*_FILENO patches #2 Message-Id: <20010723130930.05f98c85.david@phobia.ms> In-Reply-To: <3804.995906468@axl.seasidesoftware.co.za> References: <20010723122535.3cbd53ef.david@phobia.ms> <3804.995906468@axl.seasidesoftware.co.za> X-Mailer: Sylpheed version 0.5.1 (GTK+ 1.2.10; i386-unknown-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 23 Jul 2001 18:41:08 +0200 Sheldon Hearn wrote: > > > On Mon, 23 Jul 2001 12:25:35 -0400, David Hill wrote: > > > NOTE: > > pcvt - > > header.h patch now contains #include > > Wrong approach. Private (or local, or build-only) headers shouldn't be > used to include all the crap that the source files that include them > require. They should only include headers that are required for the > things that they themselves declare and define. > > As an example/ pcvt's header.h includes so that the type > "struct sgttyb" is available for the delcaration of sgttyOrg and > sgttyNew. > > You should include from the file that needs it; in this case, > it's main.c . > > > window > > #include is in ww.h patch > > Probably the same problem here. > > Ciao, > Sheldon. Ok, I fixed those http://www.phobia.ms/patches/diffs.tar.gz - David Hill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 14:47:44 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-215.dsl.lsan03.pacbell.net [63.207.60.215]) by hub.freebsd.org (Postfix) with ESMTP id 5CAAD37B401; Mon, 23 Jul 2001 14:47:39 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 81B93691BA; Mon, 23 Jul 2001 14:47:36 -0700 (PDT) Date: Mon, 23 Jul 2001 14:47:34 -0700 From: Kris Kennaway To: Ruslan Ermilov Cc: Assar Westerlund , Kris Kennaway , Matt Dillon , audit@FreeBSD.ORG Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? Message-ID: <20010723144733.A459@xor.obsecurity.org> References: <200107200932.f6K9WgZ88552@earth.backplane.com> <20010720143742.E65677@sunbay.com> <200107201717.f6KHHGa91142@earth.backplane.com> <20010722194031.A92249@jail-3.5> <5l66ck9wm7.fsf@assaris.sics.se> <20010722215619.A94874@xor.obsecurity.org> <20010722221413.A95414@xor.obsecurity.org> <20010723133609.A88343@sunbay.com> <5lr8v7x3bl.fsf@assaris.sics.se> <20010723182204.C17788@sunbay.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="rwEMma7ioTxnRzrJ" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010723182204.C17788@sunbay.com>; from ru@FreeBSD.ORG on Mon, Jul 23, 2001 at 06:22:04PM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --rwEMma7ioTxnRzrJ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Jul 23, 2001 at 06:22:04PM +0300, Ruslan Ermilov wrote: > An updated patch follows. I think this version looks good. I'm going to commit it and send out the advisory shortly. Kris --rwEMma7ioTxnRzrJ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XJt0Wry0BWjoQKURAgDBAJ96JZE7vdAlPFbjonfiBgFDEYPMbACgjg7P vd2XsZuZsPE/0F3UaX9zIRE= =LJp8 -----END PGP SIGNATURE----- --rwEMma7ioTxnRzrJ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 22:11:47 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 64F2A37B403 for ; Mon, 23 Jul 2001 22:11:35 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 4422266BA6; Mon, 23 Jul 2001 22:11:34 -0700 (PDT) Date: Mon, 23 Jul 2001 22:11:33 -0700 From: Kris Kennaway To: audit@FreeBSD.org Subject: top signal handling Message-ID: <20010723221133.A814@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="huq684BweRXVnRxX" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --huq684BweRXVnRxX Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable This patch is from OpenBSD and fixes the unsafe signal handlers in top(1). Reviews please :) Kris Index: top.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/contrib/top/top.c,v retrieving revision 1.6 diff -u -r1.6 top.c --- top.c 2000/11/03 22:00:10 1.6 +++ top.c 2001/07/24 05:10:25 @@ -73,6 +73,10 @@ sigret_t winch(); #endif =20 +sig_atomic_t leaveflag; +sig_atomic_t tstopflag; +sig_atomic_t winchflag; + /* internal routines */ void quit(); =20 @@ -517,12 +521,7 @@ fputc('\n', stderr); } =20 - /* setup the jump buffer for stops */ - if (setjmp(jmp_int) !=3D 0) - { - /* control ends up here after an interrupt */ - reset_display(); - } +restart: =20 /* * main loop -- repeat while display count is positive or while it @@ -665,6 +664,52 @@ timeout.tv_sec =3D delay; timeout.tv_usec =3D 0; =20 + if (leaveflag) { + end_screen(); + exit(0); + } + + if (tstopflag) { + /* move to the lower left */ + end_screen(); + fflush(stdout); + + /* default the signal handler action */ + (void) signal(SIGTSTP, SIG_DFL); + + /* unblock the signal and send ourselves one */ +#ifdef SIGRELSE + sigrelse(SIGTSTP); +#else + (void) sigsetmask(sigblock(0) & ~(1 << (SIGTSTP - 1))); +#endif + (void) kill(0, SIGTSTP); + + /* reset the signal handler */ + (void) signal(SIGTSTP, tstop); + + /* reinit screen */ + reinit_screen(); + reset_display(); + tstopflag =3D 0; + goto restart; + } + + if (winchflag) { + /* reascertain the screen dimensions */ + get_screensize(); + + /* tell display to resize */ + max_topn =3D display_resize(); + + /* reset the signal handler */ + (void) signal(SIGWINCH, winch); + + reset_display(); + winchflag =3D 0; + goto restart; + } + /* wait for either input or the end of the delay period */ if (select(32, &readfds, (fd_set *)NULL, (fd_set *)NULL, &timeout) > 0) { @@ -949,8 +994,7 @@ sigret_t leave() /* exit under normal conditions -- INT handler */ =20 { - end_screen(); - exit(0); + leaveflag =3D 1; } =20 sigret_t tstop(i) /* SIGTSTP handler */ @@ -958,31 +1002,7 @@ int i; =20 { - /* move to the lower left */ - end_screen(); - fflush(stdout); - - /* default the signal handler action */ - (void) signal(SIGTSTP, SIG_DFL); - - /* unblock the signal and send ourselves one */ -#ifdef SIGRELSE - sigrelse(SIGTSTP); -#else - (void) sigsetmask(sigblock(0) & ~(1 << (SIGTSTP - 1))); -#endif - (void) kill(0, SIGTSTP); - - /* reset the signal handler */ - (void) signal(SIGTSTP, tstop); - - /* reinit screen */ - reinit_screen(); - - /* jump to appropriate place */ - longjmp(jmp_int, 1); - - /*NOTREACHED*/ + tstopflag =3D 1; } =20 #ifdef SIGWINCH @@ -991,17 +1011,7 @@ int i; =20 { - /* reascertain the screen dimensions */ - get_screensize(); - - /* tell display to resize */ - max_topn =3D display_resize(); - - /* reset the signal handler */ - (void) signal(SIGWINCH, winch); - - /* jump to appropriate place */ - longjmp(jmp_int, 1); + winchflag =3D 1; } #endif =20 --huq684BweRXVnRxX Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XQOFWry0BWjoQKURAqNaAKDfT3Sv+Lzi9aA0UgY6oGoQorJjJgCg66Vn 7TfytUwV4CuiHOuOlnwhJQs= =oXIe -----END PGP SIGNATURE----- --huq684BweRXVnRxX-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 22:40:12 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id CE1DF37B403 for ; Mon, 23 Jul 2001 22:39:05 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id D1E5066BA6; Mon, 23 Jul 2001 22:39:04 -0700 (PDT) Date: Mon, 23 Jul 2001 22:39:04 -0700 From: Kris Kennaway To: audit@FreeBSD.org Subject: rwhod signal fixes Message-ID: <20010723223904.A1381@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="J2SCkAp4GZ/dPZZf" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --J2SCkAp4GZ/dPZZf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Another one from OpenBSD (modulo a few local changes). I can't test this; is anyone able to do so? Kris Index: rwhod.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.sbin/rwhod/rwhod.c,v retrieving revision 1.15 diff -u -r1.15 rwhod.c --- rwhod.c 2000/12/22 21:30:15 1.15 +++ rwhod.c 2001/07/24 05:35:56 @@ -63,6 +63,7 @@ #include #include #include +#include #include #include #include @@ -149,16 +150,20 @@ struct servent *sp; int s, utmpf; =20 +int gothup; + #define WHDRSIZE (sizeof(mywd) - sizeof(mywd.wd_we)) =20 -void run_as __P((uid_t *, gid_t *)); int configure __P((int)); -void getboottime __P((int)); -void onalrm __P((int)); +void getboottime __P((void)); +void handleread __P((int s)); +void hup __P((int)); void quit __P((char *)); void rt_xaddrs __P((caddr_t, caddr_t, struct rt_addrinfo *)); -int verify __P((char *, int)); +void run_as __P((uid_t *, gid_t *)); +void timer __P((void)); static void usage __P((void)); +int verify __P((char *, int)); #ifdef DEBUG char *interval __P((int, char *)); void Sendto __P((int, const void *, size_t, int, @@ -166,17 +171,23 @@ #define sendto Sendto #endif =20 +void +hup(signo) + int signo; +{ + gothup =3D 1; +} + int main(argc, argv) int argc; char *argv[]; { - struct sockaddr_in from; - struct stat st; - char path[64]; + struct pollfd pfd[1]; int on =3D 1; char *cp; struct sockaddr_in sin; + struct timeval start, next, delta, now; uid_t unpriv_uid; gid_t unpriv_gid; =20 @@ -213,7 +224,7 @@ #ifndef DEBUG daemon(1, 0); #endif - (void) signal(SIGHUP, getboottime); + (void) signal(SIGHUP, hup); openlog("rwhod", LOG_PID, LOG_DAEMON); sp =3D getservbyname("who", "udp"); if (sp =3D=3D NULL) { @@ -240,7 +251,7 @@ syslog(LOG_ERR, "%s: %m", _PATH_UTMP); exit(1); } - getboottime(0); + getboottime(); if ((s =3D socket(AF_INET, SOCK_DGRAM, 0)) < 0) { syslog(LOG_ERR, "socket: %m"); exit(1); @@ -263,74 +274,109 @@ if (!configure(s)) exit(1); if (!quiet_mode) { - signal(SIGALRM, onalrm); - onalrm(0); + timer(); + gettimeofday(&start, NULL); + delta.tv_sec =3D AL_INTERVAL; + delta.tv_usec =3D 0; + timeradd(&start, &delta, &next); } + + pfd[0].fd =3D s; + pfd[0].revents =3D POLLIN; for (;;) { - struct whod wd; - int cc, whod, len =3D sizeof(from); + int n; =20 - cc =3D recvfrom(s, (char *)&wd, sizeof(struct whod), 0, - (struct sockaddr *)&from, &len); - if (cc <=3D 0) { - if (cc < 0 && errno !=3D EINTR) - syslog(LOG_WARNING, "recv: %m"); - continue; - } - if (from.sin_port !=3D sp->s_port && !insecure_mode) { - syslog(LOG_WARNING, "%d: bad source port from %s", - ntohs(from.sin_port), inet_ntoa(from.sin_addr)); - continue; - } - if (cc < WHDRSIZE) { - syslog(LOG_WARNING, "short packet from %s", - inet_ntoa(from.sin_addr)); - continue; - } - if (wd.wd_vers !=3D WHODVERSION) - continue; - if (wd.wd_type !=3D WHODTYPE_STATUS) - continue; - if (!verify(wd.wd_hostname, sizeof wd.wd_hostname)) { - syslog(LOG_WARNING, "malformed host name from %s", - inet_ntoa(from.sin_addr)); - continue; - } - (void) snprintf(path, sizeof path, "whod.%s", wd.wd_hostname); - /* - * Rather than truncating and growing the file each time, - * use ftruncate if size is less than previous size. - */ - whod =3D open(path, O_WRONLY | O_CREAT, 0644); - if (whod < 0) { - syslog(LOG_WARNING, "%s: %m", path); - continue; + n =3D poll(pfd, 1, 1000); + + if (gothup) { + gothup =3D 0; + getboottime(); + } + + if (n =3D=3D 1) + handleread(s); + if (!quiet_mode) { + gettimeofday(&now, NULL); + if (timercmp(&now, &next, >)) { + timer(); + timeradd(&now, &delta, &next); + } } + =09 + } +} + +void +handleread(s) + int s; +{ + struct sockaddr_in from; + struct stat st; + char path[64]; + struct whod wd; + int cc, whod, len =3D sizeof(from); + + cc =3D recvfrom(s, (char *)&wd, sizeof(struct whod), 0, + (struct sockaddr *)&from, &len); + if (cc <=3D 0) { + if (cc < 0 && errno !=3D EINTR) + syslog(LOG_WARNING, "recv: %m"); + return; + } + if (from.sin_port !=3D sp->s_port && !insecure_mode) { + syslog(LOG_WARNING, "%d: bad source port from %s", + ntohs(from.sin_port), inet_ntoa(from.sin_addr)); + return; + } + if (cc < WHDRSIZE) { + syslog(LOG_WARNING, "short packet from %s", + inet_ntoa(from.sin_addr)); + return; + } + if (wd.wd_vers !=3D WHODVERSION) + return; + if (wd.wd_type !=3D WHODTYPE_STATUS) + return; + wd.wd_hostname[sizeof(wd.wd_hostname)-1] =3D '\0'; + if (!verify(wd.wd_hostname, sizeof wd.wd_hostname)) { + syslog(LOG_WARNING, "malformed host name from %s", + inet_ntoa(from.sin_addr)); + return; + } + (void) snprintf(path, sizeof path, "whod.%s", wd.wd_hostname); + /* + * Rather than truncating and growing the file each time, + * use ftruncate if size is less than previous size. + */ + whod =3D open(path, O_WRONLY | O_CREAT, 0644); + if (whod < 0) { + syslog(LOG_WARNING, "%s: %m", path); + return; + } #if ENDIAN !=3D BIG_ENDIAN - { - int i, n =3D (cc - WHDRSIZE)/sizeof(struct whoent); - struct whoent *we; - - /* undo header byte swapping before writing to file */ - wd.wd_sendtime =3D ntohl(wd.wd_sendtime); - for (i =3D 0; i < 3; i++) - wd.wd_loadav[i] =3D ntohl(wd.wd_loadav[i]); - wd.wd_boottime =3D ntohl(wd.wd_boottime); - we =3D wd.wd_we; - for (i =3D 0; i < n; i++) { - we->we_idle =3D ntohl(we->we_idle); - we->we_utmp.out_time =3D - ntohl(we->we_utmp.out_time); - we++; - } + { + int i, n =3D (cc - WHDRSIZE)/sizeof(struct whoent); + struct whoent *we; + + /* undo header byte swapping before writing to file */ + wd.wd_sendtime =3D ntohl(wd.wd_sendtime); + for (i =3D 0; i < 3; i++) + wd.wd_loadav[i] =3D ntohl(wd.wd_loadav[i]); + wd.wd_boottime =3D ntohl(wd.wd_boottime); + we =3D wd.wd_we; + for (i =3D 0; i < n; i++) { + we->we_idle =3D ntohl(we->we_idle); + we->we_utmp.out_time =3D + ntohl(we->we_utmp.out_time); + we++; } -#endif - (void) time((time_t *)&wd.wd_recvtime); - (void) write(whod, (char *)&wd, cc); - if (fstat(whod, &st) < 0 || st.st_size > cc) - ftruncate(whod, cc); - (void) close(whod); } +#endif + (void) time((time_t *)&wd.wd_recvtime); + (void) write(whod, (char *)&wd, cc); + if (fstat(whod, &st) < 0 || st.st_size > cc) + ftruncate(whod, cc); + (void) close(whod); } =20 static void @@ -391,8 +437,7 @@ int alarmcount; =20 void -onalrm(signo) - int signo; +timer() { register struct neighbor *np; register struct whoent *we =3D mywd.wd_we, *wlast; @@ -404,7 +449,7 @@ =20 now =3D time(NULL); if (alarmcount % 10 =3D=3D 0) - getboottime(0); + getboottime(); alarmcount++; (void) fstat(utmpf, &stb); if ((stb.st_mtime !=3D utmptime) || (stb.st_size > utmpsize)) { @@ -418,14 +463,14 @@ if (! utmp) { syslog(LOG_WARNING, "malloc failed"); utmpsize =3D 0; - goto done; + return; } } (void) lseek(utmpf, (off_t)0, L_SET); cc =3D read(utmpf, (char *)utmp, stb.st_size); if (cc < 0) { syslog(LOG_ERR, "read(%s): %m", _PATH_UTMP); - goto done; + return; } wlast =3D &mywd.wd_we[1024 / sizeof(struct whoent) - 1]; utmpent =3D cc / sizeof(struct utmp); @@ -493,13 +538,10 @@ syslog(LOG_ERR, "chdir(%s): %m", _PATH_RWHODIR); exit(1); } -done: - (void) alarm(AL_INTERVAL); } =20 void -getboottime(signo) - int signo; +getboottime() { int mib[2]; size_t size; @@ -691,10 +733,10 @@ register struct whoent *we; struct sockaddr_in *sin =3D (struct sockaddr_in *)to; =20 - printf("sendto %x.%d\n", ntohl(sin->sin_addr.s_addr), - ntohs(sin->sin_port)); + printf("sendto %s.%d\n", inet_ntoa(sin->sin_addr), + ntohs(sin->sin_port)); printf("hostname %s %s\n", w->wd_hostname, - interval(ntohl(w->wd_sendtime) - ntohl(w->wd_boottime), " up")); + interval(ntohl(w->wd_sendtime) - ntohl(w->wd_boottime), " up")); printf("load %4.2f, %4.2f, %4.2f\n", ntohl(w->wd_loadav[0]) / 100.0, ntohl(w->wd_loadav[1]) / 100.0, ntohl(w->wd_loadav[2]) / 100.0); @@ -702,9 +744,9 @@ for (we =3D w->wd_we, cc /=3D sizeof(struct whoent); cc > 0; cc--, we++) { time_t t =3D ntohl(we->we_utmp.out_time); printf("%-8.8s %s:%s %.12s", - we->we_utmp.out_name, - w->wd_hostname, we->we_utmp.out_line, - ctime(&t)+4); + we->we_utmp.out_name, + w->wd_hostname, we->we_utmp.out_line, + ctime(&t)+4); we->we_idle =3D ntohl(we->we_idle) / 60; if (we->we_idle) { if (we->we_idle >=3D 100*60) @@ -728,18 +770,19 @@ int days, hours, minutes; =20 if (time < 0 || time > 3*30*24*60*60) { - (void) sprintf(resbuf, " %s ??:??", updown); + (void) snprintf(resbuf, sizeof(resbuf), + " %s ??:??", updown); return (resbuf); } minutes =3D (time + 59) / 60; /* round to minutes */ hours =3D minutes / 60; minutes %=3D 60; days =3D hours / 24; hours %=3D 24; if (days) - (void) sprintf(resbuf, "%s %2d+%02d:%02d", - updown, days, hours, minutes); + (void) snprintf(resbuf, sizeof(resbuf), + "%s %2d+%02d:%02d", updown, days, hours, minutes); else - (void) sprintf(resbuf, "%s %2d:%02d", - updown, hours, minutes); + (void) snprintf(resbuf, sizeof(resbuf), + "%s %2d:%02d", updown, hours, minutes); return (resbuf); } #endif --J2SCkAp4GZ/dPZZf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XQn3Wry0BWjoQKURArY3AJsGycSh05K0Q3szHse/o8eRkOccIQCg4eoO 5O8+xbwyYyjp+nQfX4pFwYg= =H8VJ -----END PGP SIGNATURE----- --J2SCkAp4GZ/dPZZf-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 23:30: 0 2001 Delivered-To: freebsd-audit@freebsd.org Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13]) by hub.freebsd.org (Postfix) with ESMTP id A896237B405 for ; Mon, 23 Jul 2001 23:29:55 -0700 (PDT) (envelope-from ben@FreeBSD.org) Received: from strontium.shef.vinosystems.com ([192.168.91.36] ident=root) by scientia.demon.co.uk with esmtp (Exim 3.30 #1) id 15OvhZ-000Hvl-00; Tue, 24 Jul 2001 07:29:53 +0100 Received: (from ben@localhost) by strontium.shef.vinosystems.com (8.11.4/8.11.4) id f6O6Trv94792; Tue, 24 Jul 2001 07:29:53 +0100 (BST) (envelope-from ben@FreeBSD.org) X-Authentication-Warning: strontium.shef.vinosystems.com: ben set sender to ben@FreeBSD.org using -f Date: Tue, 24 Jul 2001 07:29:53 +0100 From: Ben Smithurst To: Kris Kennaway Cc: audit@FreeBSD.org Subject: Re: rwhod signal fixes Message-ID: <20010724072952.A14233@strontium.shef.vinosystems.com> References: <20010723223904.A1381@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="Qxx1br4bt0+wmkIi" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010723223904.A1381@xor.obsecurity.org> X-PGP-Key: http://www.smithurst.org/ben/pgp-key.txt Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --Qxx1br4bt0+wmkIi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Kris Kennaway wrote: > + n =3D poll(pfd, 1, 1000); Is it really necessary to have rwhod go round in a loop like this wasting CPU time? What was wrong with using alarm() ? It doesn't seem to work either -- it doesn't see any of the broadcast messages, while the old rwhod works just fine. =2E.. Ah, I see the problem, that pfd[0].revents =3D POLLIN line should be pfd[0].revents =3D pfd[0].events =3D POLLIN, I think. After making that change it works, but I still don't see why it has to sit in a loop waking up every second to do bugger all. --=20 Ben Smithurst / ben@FreeBSD.org FreeBSD: The Power To Serve http://www.FreeBSD.org/ --Qxx1br4bt0+wmkIi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XRXgbPzJ+yzvRCwRAmlVAKCMKfo+TzvZEheqsFU1htQCl7F1uwCferrI eeA3JVhEnHhnS2KUJTWpMZ8= =859f -----END PGP SIGNATURE----- --Qxx1br4bt0+wmkIi-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 23:31: 4 2001 Delivered-To: freebsd-audit@freebsd.org Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13]) by hub.freebsd.org (Postfix) with ESMTP id E2EB537B401 for ; Mon, 23 Jul 2001 23:30:59 -0700 (PDT) (envelope-from ben@smithurst.org) Received: from strontium.shef.vinosystems.com ([192.168.91.36] ident=root) by scientia.demon.co.uk with esmtp (Exim 3.30 #1) id 15Ovic-000JT1-00; Tue, 24 Jul 2001 07:30:58 +0100 Received: (from ben@localhost) by strontium.shef.vinosystems.com (8.11.4/8.11.4) id f6O6Uwd04903; Tue, 24 Jul 2001 07:30:58 +0100 (BST) (envelope-from ben@smithurst.org) X-Authentication-Warning: strontium.shef.vinosystems.com: ben set sender to ben@smithurst.org using -f Date: Tue, 24 Jul 2001 07:30:58 +0100 From: Ben Smithurst To: Kris Kennaway Cc: audit@FreeBSD.org Subject: Re: rwhod signal fixes Message-ID: <20010724073058.B14233@strontium.shef.vinosystems.com> References: <20010723223904.A1381@xor.obsecurity.org> <20010724072952.A14233@strontium.shef.vinosystems.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="GRPZ8SYKNexpdSJ7" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010724072952.A14233@strontium.shef.vinosystems.com> X-PGP-Key: http://www.smithurst.org/ben/pgp-key.txt Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --GRPZ8SYKNexpdSJ7 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > Is it really necessary to have rwhod go round in a loop like this > wasting CPU time? What was wrong with using alarm() ? >=20 > It doesn't seem to work either -- it doesn't see any of the broadcast > messages, while the old rwhod works just fine. >=20 > ... >=20 > Ah, I see the problem, that pfd[0].revents =3D POLLIN line should be > pfd[0].revents =3D pfd[0].events =3D POLLIN, I think. After making that > change it works, but I still don't see why it has to sit in a loop > waking up every second to do bugger all. This was tested on RELENG_4, not -current, by the way. --=20 Ben Smithurst / ben@smithurst.org --GRPZ8SYKNexpdSJ7 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XRYhbPzJ+yzvRCwRAo1bAKDJbuXFDv0YEG1L8VKWizB3Ov0wQQCgs9FK la8vjSW3ELfu0xJnsX9qabw= =WTMX -----END PGP SIGNATURE----- --GRPZ8SYKNexpdSJ7-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 23 23:40: 5 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 0F29337B405; Mon, 23 Jul 2001 23:40:02 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 7BA8C66BA6; Mon, 23 Jul 2001 23:40:01 -0700 (PDT) Date: Mon, 23 Jul 2001 23:40:01 -0700 From: Kris Kennaway To: Ben Smithurst Cc: Kris Kennaway , audit@FreeBSD.org Subject: Re: rwhod signal fixes Message-ID: <20010723234000.A2691@xor.obsecurity.org> References: <20010723223904.A1381@xor.obsecurity.org> <20010724072952.A14233@strontium.shef.vinosystems.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="y0ulUmNC+osPPQO6" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010724072952.A14233@strontium.shef.vinosystems.com>; from ben@FreeBSD.org on Tue, Jul 24, 2001 at 07:29:53AM +0100 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --y0ulUmNC+osPPQO6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 24, 2001 at 07:29:53AM +0100, Ben Smithurst wrote: > Kris Kennaway wrote: >=20 > > + n =3D poll(pfd, 1, 1000); >=20 > Is it really necessary to have rwhod go round in a loop like this > wasting CPU time? What was wrong with using alarm() ? It was already using alarm() to wake up every second, but it was doing unsafe work in the signal handler. > Ah, I see the problem, that pfd[0].revents =3D POLLIN line should be > pfd[0].revents =3D pfd[0].events =3D POLLIN, I think. After making that > change it works, but I still don't see why it has to sit in a loop > waking up every second to do bugger all. Noted, thanks. Kris --y0ulUmNC+osPPQO6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XRg/Wry0BWjoQKURAoreAKCTyMiS3yd16/2R4J0qko46EJ7dCQCeKEO2 ospdm/VDWaQQlJnR7Q8T66U= =LJZX -----END PGP SIGNATURE----- --y0ulUmNC+osPPQO6-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 0:35:51 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 728B437B406 for ; Tue, 24 Jul 2001 00:35:31 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 7631D66BA6; Tue, 24 Jul 2001 00:35:30 -0700 (PDT) Date: Tue, 24 Jul 2001 00:35:29 -0700 From: Kris Kennaway To: audit@FreeBSD.org Subject: syslogd signal/string patch Message-ID: <20010724003529.A3687@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="k1lZvvs/B4yU6o8G" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --k1lZvvs/B4yU6o8G Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Another one adapted from OpenBSD. It seems to work :) Kris Index: syslogd.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.sbin/syslogd/syslogd.c,v retrieving revision 1.79 diff -u -r1.79 syslogd.c --- syslogd.c 2001/07/02 15:26:47 1.79 +++ syslogd.c 2001/07/24 07:33:15 @@ -282,6 +282,9 @@ /* 0=3Dno, 1=3Dnumeric, 2=3Dnames */ int KeepKernFac =3D 0; /* Keep remotely logged kernel facility */ =20 +sig_atomic_t MarkSet; +sig_atomic_t WantDie; + int allowaddr __P((char *)); void cfline __P((char *, struct filed *, char *, char *)); char *cvthname __P((struct sockaddr *)); @@ -289,6 +292,7 @@ int deadq_remove __P((pid_t)); int decode __P((const char *, CODE *)); void die __P((int)); +void dodie __P((int)); void domark __P((int)); void fprintlog __P((struct filed *, int, char *)); int* socksetup __P((int)); @@ -296,6 +300,7 @@ void logerror __P((const char *)); void logmsg __P((int, char *, char *, int)); void log_deadchild __P((pid_t, int, const char *)); +void markit __P((void)); void printline __P((char *, char *)); void printsys __P((char *)); int p_open __P((char *, pid_t *)); @@ -314,14 +319,15 @@ int argc; char *argv[]; { - int ch, i, l; + int ch, i, l, fdsrmax =3D 0; struct sockaddr_un sunx, fromunix; struct sockaddr_storage frominet; + fd_set *fdsr =3D NULL; FILE *fp; char *p, *hname, line[MAXLINE + 1]; - struct timeval tv, *tvp; struct sigaction sact; sigset_t mask; + struct timeval tv, *tvp; pid_t ppid =3D 1; socklen_t len; =20 @@ -397,17 +403,18 @@ endservent(); =20 consfile.f_type =3D F_CONSOLE; - (void)strcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1); + (void)strlcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1, + sizeof(consfile.f_un.f_fname)); (void)gethostname(LocalHostName, sizeof(LocalHostName)); if ((p =3D strchr(LocalHostName, '.')) !=3D NULL) { *p++ =3D '\0'; LocalDomain =3D p; } else LocalDomain =3D ""; - (void)strcpy(bootfile, getbootfile()); - (void)signal(SIGTERM, die); - (void)signal(SIGINT, Debug ? die : SIG_IGN); - (void)signal(SIGQUIT, Debug ? die : SIG_IGN); + (void)strlcpy(bootfile, getbootfile(), sizeof(bootfile)); + (void)signal(SIGTERM, dodie); + (void)signal(SIGINT, Debug ? dodie : SIG_IGN); + (void)signal(SIGQUIT, Debug ? dodie : SIG_IGN); /* * We don't want the SIGCHLD and SIGHUP handlers to interfere * with each other; they are likely candidates for being called @@ -432,7 +439,7 @@ for (i =3D 0; i < nfunix; i++) { memset(&sunx, 0, sizeof(sunx)); sunx.sun_family =3D AF_UNIX; - (void)strncpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path)); + (void)strlcpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path)); funix[i] =3D socket(AF_UNIX, SOCK_DGRAM, 0); if (funix[i] < 0 || bind(funix[i], (struct sockaddr *)&sunx, @@ -490,53 +497,64 @@ tvp =3D &tv; tv.tv_sec =3D tv.tv_usec =3D 0; =20 + if (fklog !=3D -1 && fklog > fdsrmax) + fdsrmax =3D fklog; + if (finet && !SecureMode) { + for (i =3D 0; i < *finet; i++) { + if (finet[i+1] !=3D -1 && finet[i+1] > fdsrmax) + fdsrmax =3D finet[i+1]; + } + } + for (i =3D 0; i < nfunix; i++) { + if (funix[i] !=3D -1 && funix[i] > fdsrmax) + fdsrmax =3D funix[i]; + } + + fdsr =3D (fd_set *)calloc(howmany(fdsrmax+1, NFDBITS), + sizeof(fd_mask)); + if (fdsr =3D=3D NULL) + errx(1, "calloc fd_set"); + for (;;) { - fd_set readfds; - int nfds =3D 0; + if (MarkSet) + markit(); + if (WantDie) + die(WantDie); =20 - FD_ZERO(&readfds); - if (fklog !=3D -1) { - FD_SET(fklog, &readfds); - if (fklog > nfds) - nfds =3D fklog; - } + bzero(fdsr, howmany(fdsrmax+1, NFDBITS) * + sizeof(fd_mask)); + + if (fklog !=3D -1) + FD_SET(fklog, fdsr); if (finet && !SecureMode) { for (i =3D 0; i < *finet; i++) { - FD_SET(finet[i+1], &readfds); - if (finet[i+1] > nfds) - nfds =3D finet[i+1]; + if (finet[i+1] !=3D -1) + FD_SET(finet[i], fdsr); } } for (i =3D 0; i < nfunix; i++) { - if (funix[i] !=3D -1) { - FD_SET(funix[i], &readfds); - if (funix[i] > nfds) - nfds =3D funix[i]; - } + if (funix[i] !=3D -1) + FD_SET(funix[i], fdsr); } =20 - /*dprintf("readfds =3D %#x\n", readfds);*/ - nfds =3D select(nfds+1, &readfds, (fd_set *)NULL, - (fd_set *)NULL, tvp); - if (nfds =3D=3D 0) { + switch (select(fdsrmax+1, fdsr, NULL, NULL, tvp)) { + case 0: if (tvp) { tvp =3D NULL; if (ppid !=3D 1) kill(ppid, SIGALRM); } continue; - } - if (nfds < 0) { + case -1: if (errno !=3D EINTR) logerror("select"); continue; } - /*dprintf("got a message (%d, %#x)\n", nfds, readfds);*/ - if (fklog !=3D -1 && FD_ISSET(fklog, &readfds)) + if (fklog !=3D -1 && FD_ISSET(fklog, fdsr)) readklog(); if (finet && !SecureMode) { for (i =3D 0; i < *finet; i++) { - if (FD_ISSET(finet[i+1], &readfds)) { + if (FD_ISSET(finet[i+1], fdsr)) { len =3D sizeof(frominet); l =3D recvfrom(finet[i+1], line, MAXLINE, 0, (struct sockaddr *)&frominet, @@ -553,7 +571,7 @@ } } for (i =3D 0; i < nfunix; i++) { - if (funix[i] !=3D -1 && FD_ISSET(funix[i], &readfds)) { + if (funix[i] !=3D -1 && FD_ISSET(funix[i], fdsr)) { len =3D sizeof(fromunix); l =3D recvfrom(funix[i], line, MAXLINE, 0, (struct sockaddr *)&fromunix, &len); @@ -565,6 +583,8 @@ } } } + if (fdsr) + free(fdsr); } =20 static void @@ -843,7 +863,7 @@ if ((flags & MARK) =3D=3D 0 && msglen =3D=3D f->f_prevlen && !strcmp(msg, f->f_prevline) && !strcasecmp(from, f->f_prevhost)) { - (void)strncpy(f->f_lasttime, timestamp, 15); + (void)strlcpy(f->f_lasttime, timestamp, 16); f->f_prevcount++; dprintf("msg repeated %d times, %ld sec of %d\n", f->f_prevcount, (long)(now - f->f_time), @@ -864,13 +884,12 @@ fprintlog(f, 0, (char *)NULL); f->f_repeatcount =3D 0; f->f_prevpri =3D pri; - (void)strncpy(f->f_lasttime, timestamp, 15); - (void)strncpy(f->f_prevhost, from, - sizeof(f->f_prevhost)-1); - f->f_prevhost[sizeof(f->f_prevhost)-1] =3D '\0'; + strlcpy(f->f_lasttime, timestamp, 16); + strlcpy(f->f_prevhost, from, + sizeof(f->f_prevhost)); if (msglen < MAXSVLINE) { f->f_prevlen =3D msglen; - (void)strcpy(f->f_prevline, msg); + strlcpy(f->f_prevline, msg, sizeof(f->f_prevline)); fprintlog(f, flags, (char *)NULL); } else { f->f_prevline[0] =3D 0; @@ -968,8 +987,8 @@ v->iov_len =3D strlen(msg); } else if (f->f_prevcount > 1) { v->iov_base =3D repbuf; - v->iov_len =3D sprintf(repbuf, "last message repeated %d times", - f->f_prevcount); + v->iov_len =3D snprintf(repbuf, sizeof repbuf, + "last message repeated %d times", f->f_prevcount); } else { v->iov_base =3D f->f_prevline; v->iov_len =3D f->f_prevlen; @@ -1124,8 +1143,7 @@ while (fread((char *)&ut, sizeof(ut), 1, uf) =3D=3D 1) { if (ut.ut_name[0] =3D=3D '\0') continue; - strncpy(line, ut.ut_line, sizeof(ut.ut_line)); - line[sizeof(ut.ut_line)] =3D '\0'; + strlcpy(line, ut.ut_line, sizeof(line)); if (f->f_type =3D=3D F_WALL) { if ((p =3D ttymsg(iov, 7, line, TTYMSGTIME)) !=3D NULL) { errno =3D 0; /* already in msg */ @@ -1227,56 +1245,17 @@ } =20 void -domark(signo) +dodie(signo) int signo; { - struct filed *f; - dq_t q; - - now =3D time((time_t *)NULL); - MarkSeq +=3D TIMERINTVL; - if (MarkSeq >=3D MarkInterval) { - logmsg(LOG_INFO, "-- MARK --", LocalHostName, ADDDATE|MARK); - MarkSeq =3D 0; - } - - for (f =3D Files; f; f =3D f->f_next) { - if (f->f_prevcount && now >=3D REPEATTIME(f)) { - dprintf("flush %s: repeated %d times, %d sec.\n", - TypeNames[f->f_type], f->f_prevcount, - repeatinterval[f->f_repeatcount]); - fprintlog(f, 0, (char *)NULL); - BACKOFF(f); - } - } - - /* Walk the dead queue, and see if we should signal somebody. */ - for (q =3D TAILQ_FIRST(&deadq_head); q !=3D NULL; q =3D TAILQ_NEXT(q, dq_= entries)) - switch (q->dq_timeout) { - case 0: - /* Already signalled once, try harder now. */ - if (kill(q->dq_pid, SIGKILL) !=3D 0) - (void)deadq_remove(q->dq_pid); - break; - - case 1: - /* - * Timed out on dead queue, send terminate - * signal. Note that we leave the removal - * from the dead queue to reapchild(), which - * will also log the event (unless the process - * didn't even really exist, in case we simply - * drop it from the dead queue). - */ - if (kill(q->dq_pid, SIGTERM) !=3D 0) - (void)deadq_remove(q->dq_pid); - /* FALLTHROUGH */ - - default: - q->dq_timeout--; - } + WantDie =3D signo; +} =20 - (void)alarm(TIMERINTVL); +void +domark(signo) + int signo; +{ + MarkSet =3D 1; } =20 /* @@ -1319,7 +1298,7 @@ Initialized =3D was_initialized; if (signo) { dprintf("syslogd: exiting on signal %d\n", signo); - (void)sprintf(buf, "exiting on signal %d", signo); + (void)snprintf(buf, sizeof buf, "exiting on signal %d", signo); errno =3D 0; logerror(buf); } @@ -1393,8 +1372,8 @@ * Foreach line in the conf table, open that file. */ f =3D NULL; - strcpy(host, "*"); - strcpy(prog, "*"); + strlcpy(host, "*", sizeof(host)); + strlcpy(prog, "*", sizeof(prog)); while (fgets(cline, sizeof(cline), cf) !=3D NULL) { /* * check for end-of-section, comments, strip off trailing @@ -1414,7 +1393,7 @@ host[0] =3D *p++; while (isspace(*p)) p++; if ((!*p) || (*p =3D=3D '*')) { - strcpy(host, "*"); + strlcpy(host, "*", sizeof(host)); continue; } if (*p =3D=3D '@') @@ -1431,7 +1410,7 @@ p++; while (isspace(*p)) p++; if ((!*p) || (*p =3D=3D '*')) { - strcpy(prog, "*"); + strlcpy(prog, "*", sizeof(prog)); continue; } for (i =3D 0; i < NAME_MAX; i++) { @@ -1629,9 +1608,8 @@ switch (*p) { case '@': - (void)strncpy(f->f_un.f_forw.f_hname, ++p, - sizeof(f->f_un.f_forw.f_hname)-1); - f->f_un.f_forw.f_hname[sizeof(f->f_un.f_forw.f_hname)-1] =3D '\0'; + (void)strlcpy(f->f_un.f_forw.f_hname, ++p, + sizeof(f->f_un.f_forw.f_hname)); memset(&hints, 0, sizeof(hints)); hints.ai_family =3D family; hints.ai_socktype =3D SOCK_DGRAM; @@ -1656,16 +1634,17 @@ f->f_type =3D F_CONSOLE; else f->f_type =3D F_TTY; - (void)strcpy(f->f_un.f_fname, p + sizeof _PATH_DEV - 1); + (void)strlcpy(f->f_un.f_fname, p + sizeof _PATH_DEV - 1, + sizeof(f->f_un.f_fname)); } else { - (void)strcpy(f->f_un.f_fname, p); + (void)strlcpy(f->f_un.f_fname, p, sizeof(f->f_un.f_fname)); f->f_type =3D F_FILE; } break; =20 case '|': f->f_un.f_pipe.f_pid =3D 0; - (void)strcpy(f->f_un.f_pipe.f_pname, p + 1); + (void)strlcpy(f->f_un.f_fname, p + 1, sizeof(f->f_un.f_fname)); f->f_type =3D F_PIPE; break; =20 @@ -1718,6 +1697,59 @@ return (c->c_val); =20 return (-1); +} + +void +markit(void) +{ + struct filed *f; + dq_t q; + + now =3D time((time_t *)NULL); + MarkSeq +=3D TIMERINTVL; + if (MarkSeq >=3D MarkInterval) { + logmsg(LOG_INFO, "-- MARK --", + LocalHostName, ADDDATE|MARK); + MarkSeq =3D 0; + } + + for (f =3D Files; f; f =3D f->f_next) { + if (f->f_prevcount && now >=3D REPEATTIME(f)) { + dprintf("flush %s: repeated %d times, %d sec.\n", + TypeNames[f->f_type], f->f_prevcount, + repeatinterval[f->f_repeatcount]); + fprintlog(f, 0, (char *)NULL); + BACKOFF(f); + } + } + + /* Walk the dead queue, and see if we should signal somebody. */ + for (q =3D TAILQ_FIRST(&deadq_head); q !=3D NULL; q =3D TAILQ_NEXT(q, dq_= entries)) + switch (q->dq_timeout) { + case 0: + /* Already signalled once, try harder now. */ + if (kill(q->dq_pid, SIGKILL) !=3D 0) + (void)deadq_remove(q->dq_pid); + break; + + case 1: + /* + * Timed out on dead queue, send terminate + * signal. Note that we leave the removal + * from the dead queue to reapchild(), which + * will also log the event (unless the process + * didn't even really exist, in case we simply + * drop it from the dead queue). + */ + if (kill(q->dq_pid, SIGTERM) !=3D 0) + (void)deadq_remove(q->dq_pid); + /* FALLTHROUGH */ + + default: + q->dq_timeout--; + } + MarkSet =3D 0; + (void)alarm(TIMERINTVL); } =20 /* --k1lZvvs/B4yU6o8G Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XSVBWry0BWjoQKURAqUgAJ9jE5eIsGrMOK3AwAmztKt+g4JBnACg52Gy IEeP5zmom2nO3s18ocz5sZ0= =tz2H -----END PGP SIGNATURE----- --k1lZvvs/B4yU6o8G-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 0:47: 5 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 4BF7437B405 for ; Tue, 24 Jul 2001 00:47:00 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15Owuu-0001ax-00; Tue, 24 Jul 2001 09:47:44 +0200 From: Sheldon Hearn To: David Hill Cc: audit@freebsd.org Subject: Re: STD*_FILENO patches #2 In-reply-to: Your message of "Mon, 23 Jul 2001 13:09:30 -0400." <20010723130930.05f98c85.david@phobia.ms> Date: Tue, 24 Jul 2001 09:47:44 +0200 Message-ID: <6134.995960864@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 23 Jul 2001 13:09:30 -0400, David Hill wrote: > Ok, I fixed those > http://www.phobia.ms/patches/diffs.tar.gz I'll take a look at these and commit them some time before Friday. Thanks, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 0:50: 0 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id CE5F037B407 for ; Tue, 24 Jul 2001 00:49:57 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id B972166BA6; Tue, 24 Jul 2001 00:49:56 -0700 (PDT) Date: Tue, 24 Jul 2001 00:49:56 -0700 From: Kris Kennaway To: Kris Kennaway Cc: audit@FreeBSD.ORG Subject: Re: syslogd signal/string patch Message-ID: <20010724004956.A4293@xor.obsecurity.org> References: <20010724003529.A3687@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="ibTvN161/egqYuK8" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010724003529.A3687@xor.obsecurity.org>; from kris@obsecurity.org on Tue, Jul 24, 2001 at 12:35:29AM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --ibTvN161/egqYuK8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Jul 24, 2001 at 12:35:29AM -0700, Kris Kennaway wrote: > It seems to work :) No it doesn't (looks like the child process is spinning on the CPU). Kris --ibTvN161/egqYuK8 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XSihWry0BWjoQKURArWtAJ0TT1c5tPrcnfgaZmBl+qA5VMZecQCgqpCZ 446rL4wj6Dy82rg1fvNY0D0= =k1EQ -----END PGP SIGNATURE----- --ibTvN161/egqYuK8-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 1:12:30 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 7C0B337B406 for ; Tue, 24 Jul 2001 01:12:14 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 7970466BA6; Tue, 24 Jul 2001 01:12:13 -0700 (PDT) Date: Tue, 24 Jul 2001 01:12:13 -0700 From: Kris Kennaway To: Kris Kennaway Cc: audit@FreeBSD.ORG Subject: Re: syslogd signal/string patch Message-ID: <20010724011213.A4758@xor.obsecurity.org> References: <20010724003529.A3687@xor.obsecurity.org> <20010724004956.A4293@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="LQksG6bCIzRHxTLp" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010724004956.A4293@xor.obsecurity.org>; from kris@obsecurity.org on Tue, Jul 24, 2001 at 12:49:56AM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --LQksG6bCIzRHxTLp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 24, 2001 at 12:49:56AM -0700, Kris Kennaway wrote: > On Tue, Jul 24, 2001 at 12:35:29AM -0700, Kris Kennaway wrote: > > It seems to work :) >=20 > No it doesn't (looks like the child process is spinning on the CPU). Stupid off-by-one bug :) I also changed an exit() in a signal handler introduced by FreeBSD to _exit(), which I think is correct. There's an errx() in there as well; is that okay? Kris Index: syslogd.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.sbin/syslogd/syslogd.c,v retrieving revision 1.79 diff -u -r1.79 syslogd.c --- syslogd.c 2001/07/02 15:26:47 1.79 +++ syslogd.c 2001/07/24 08:10:42 @@ -282,6 +282,9 @@ /* 0=3Dno, 1=3Dnumeric, 2=3Dnames */ int KeepKernFac =3D 0; /* Keep remotely logged kernel facility */ =20 +sig_atomic_t MarkSet; +sig_atomic_t WantDie; + int allowaddr __P((char *)); void cfline __P((char *, struct filed *, char *, char *)); char *cvthname __P((struct sockaddr *)); @@ -289,6 +292,7 @@ int deadq_remove __P((pid_t)); int decode __P((const char *, CODE *)); void die __P((int)); +void dodie __P((int)); void domark __P((int)); void fprintlog __P((struct filed *, int, char *)); int* socksetup __P((int)); @@ -296,6 +300,7 @@ void logerror __P((const char *)); void logmsg __P((int, char *, char *, int)); void log_deadchild __P((pid_t, int, const char *)); +void markit __P((void)); void printline __P((char *, char *)); void printsys __P((char *)); int p_open __P((char *, pid_t *)); @@ -314,14 +319,15 @@ int argc; char *argv[]; { - int ch, i, l; + int ch, i, l, fdsrmax =3D 0; struct sockaddr_un sunx, fromunix; struct sockaddr_storage frominet; + fd_set *fdsr =3D NULL; FILE *fp; char *p, *hname, line[MAXLINE + 1]; - struct timeval tv, *tvp; struct sigaction sact; sigset_t mask; + struct timeval tv, *tvp; pid_t ppid =3D 1; socklen_t len; =20 @@ -397,17 +403,18 @@ endservent(); =20 consfile.f_type =3D F_CONSOLE; - (void)strcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1); + (void)strlcpy(consfile.f_un.f_fname, ctty + sizeof _PATH_DEV - 1, + sizeof(consfile.f_un.f_fname)); (void)gethostname(LocalHostName, sizeof(LocalHostName)); if ((p =3D strchr(LocalHostName, '.')) !=3D NULL) { *p++ =3D '\0'; LocalDomain =3D p; } else LocalDomain =3D ""; - (void)strcpy(bootfile, getbootfile()); - (void)signal(SIGTERM, die); - (void)signal(SIGINT, Debug ? die : SIG_IGN); - (void)signal(SIGQUIT, Debug ? die : SIG_IGN); + (void)strlcpy(bootfile, getbootfile(), sizeof(bootfile)); + (void)signal(SIGTERM, dodie); + (void)signal(SIGINT, Debug ? dodie : SIG_IGN); + (void)signal(SIGQUIT, Debug ? dodie : SIG_IGN); /* * We don't want the SIGCHLD and SIGHUP handlers to interfere * with each other; they are likely candidates for being called @@ -432,7 +439,7 @@ for (i =3D 0; i < nfunix; i++) { memset(&sunx, 0, sizeof(sunx)); sunx.sun_family =3D AF_UNIX; - (void)strncpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path)); + (void)strlcpy(sunx.sun_path, funixn[i], sizeof(sunx.sun_path)); funix[i] =3D socket(AF_UNIX, SOCK_DGRAM, 0); if (funix[i] < 0 || bind(funix[i], (struct sockaddr *)&sunx, @@ -490,53 +497,65 @@ tvp =3D &tv; tv.tv_sec =3D tv.tv_usec =3D 0; =20 + if (fklog !=3D -1 && fklog > fdsrmax) + fdsrmax =3D fklog; + if (finet && !SecureMode) { + for (i =3D 0; i < *finet; i++) { + if (finet[i+1] !=3D -1 && finet[i+1] > fdsrmax) + fdsrmax =3D finet[i+1]; + } + } + for (i =3D 0; i < nfunix; i++) { + if (funix[i] !=3D -1 && funix[i] > fdsrmax) + fdsrmax =3D funix[i]; + } + + fdsr =3D (fd_set *)calloc(howmany(fdsrmax+1, NFDBITS), + sizeof(fd_mask)); + if (fdsr =3D=3D NULL) + errx(1, "calloc fd_set"); + for (;;) { - fd_set readfds; - int nfds =3D 0; + if (MarkSet) + markit(); + if (WantDie) + die(WantDie); =20 - FD_ZERO(&readfds); - if (fklog !=3D -1) { - FD_SET(fklog, &readfds); - if (fklog > nfds) - nfds =3D fklog; - } + bzero(fdsr, howmany(fdsrmax+1, NFDBITS) * + sizeof(fd_mask)); + + if (fklog !=3D -1) + FD_SET(fklog, fdsr); if (finet && !SecureMode) { for (i =3D 0; i < *finet; i++) { - FD_SET(finet[i+1], &readfds); - if (finet[i+1] > nfds) - nfds =3D finet[i+1]; + if (finet[i+1] !=3D -1) + FD_SET(finet[i+1], fdsr); } } for (i =3D 0; i < nfunix; i++) { - if (funix[i] !=3D -1) { - FD_SET(funix[i], &readfds); - if (funix[i] > nfds) - nfds =3D funix[i]; - } + if (funix[i] !=3D -1) + FD_SET(funix[i], fdsr); } =20 - /*dprintf("readfds =3D %#x\n", readfds);*/ - nfds =3D select(nfds+1, &readfds, (fd_set *)NULL, - (fd_set *)NULL, tvp); - if (nfds =3D=3D 0) { + i =3D select(fdsrmax+1, fdsr, NULL, NULL, tvp); + switch (i) { + case 0: if (tvp) { tvp =3D NULL; if (ppid !=3D 1) kill(ppid, SIGALRM); } continue; - } - if (nfds < 0) { + case -1: if (errno !=3D EINTR) logerror("select"); continue; } - /*dprintf("got a message (%d, %#x)\n", nfds, readfds);*/ - if (fklog !=3D -1 && FD_ISSET(fklog, &readfds)) + if (fklog !=3D -1 && FD_ISSET(fklog, fdsr)) readklog(); if (finet && !SecureMode) { for (i =3D 0; i < *finet; i++) { - if (FD_ISSET(finet[i+1], &readfds)) { + if (FD_ISSET(finet[i+1], fdsr)) { len =3D sizeof(frominet); l =3D recvfrom(finet[i+1], line, MAXLINE, 0, (struct sockaddr *)&frominet, @@ -553,7 +572,7 @@ } } for (i =3D 0; i < nfunix; i++) { - if (funix[i] !=3D -1 && FD_ISSET(funix[i], &readfds)) { + if (funix[i] !=3D -1 && FD_ISSET(funix[i], fdsr)) { len =3D sizeof(fromunix); l =3D recvfrom(funix[i], line, MAXLINE, 0, (struct sockaddr *)&fromunix, &len); @@ -565,6 +584,8 @@ } } } + if (fdsr) + free(fdsr); } =20 static void @@ -843,7 +864,7 @@ if ((flags & MARK) =3D=3D 0 && msglen =3D=3D f->f_prevlen && !strcmp(msg, f->f_prevline) && !strcasecmp(from, f->f_prevhost)) { - (void)strncpy(f->f_lasttime, timestamp, 15); + (void)strlcpy(f->f_lasttime, timestamp, 16); f->f_prevcount++; dprintf("msg repeated %d times, %ld sec of %d\n", f->f_prevcount, (long)(now - f->f_time), @@ -864,13 +885,12 @@ fprintlog(f, 0, (char *)NULL); f->f_repeatcount =3D 0; f->f_prevpri =3D pri; - (void)strncpy(f->f_lasttime, timestamp, 15); - (void)strncpy(f->f_prevhost, from, - sizeof(f->f_prevhost)-1); - f->f_prevhost[sizeof(f->f_prevhost)-1] =3D '\0'; + strlcpy(f->f_lasttime, timestamp, 16); + strlcpy(f->f_prevhost, from, + sizeof(f->f_prevhost)); if (msglen < MAXSVLINE) { f->f_prevlen =3D msglen; - (void)strcpy(f->f_prevline, msg); + strlcpy(f->f_prevline, msg, sizeof(f->f_prevline)); fprintlog(f, flags, (char *)NULL); } else { f->f_prevline[0] =3D 0; @@ -968,8 +988,8 @@ v->iov_len =3D strlen(msg); } else if (f->f_prevcount > 1) { v->iov_base =3D repbuf; - v->iov_len =3D sprintf(repbuf, "last message repeated %d times", - f->f_prevcount); + v->iov_len =3D snprintf(repbuf, sizeof repbuf, + "last message repeated %d times", f->f_prevcount); } else { v->iov_base =3D f->f_prevline; v->iov_len =3D f->f_prevlen; @@ -1124,8 +1144,7 @@ while (fread((char *)&ut, sizeof(ut), 1, uf) =3D=3D 1) { if (ut.ut_name[0] =3D=3D '\0') continue; - strncpy(line, ut.ut_line, sizeof(ut.ut_line)); - line[sizeof(ut.ut_line)] =3D '\0'; + strlcpy(line, ut.ut_line, sizeof(line)); if (f->f_type =3D=3D F_WALL) { if ((p =3D ttymsg(iov, 7, line, TTYMSGTIME)) !=3D NULL) { errno =3D 0; /* already in msg */ @@ -1227,56 +1246,17 @@ } =20 void -domark(signo) +dodie(signo) int signo; { - struct filed *f; - dq_t q; - - now =3D time((time_t *)NULL); - MarkSeq +=3D TIMERINTVL; - if (MarkSeq >=3D MarkInterval) { - logmsg(LOG_INFO, "-- MARK --", LocalHostName, ADDDATE|MARK); - MarkSeq =3D 0; - } - - for (f =3D Files; f; f =3D f->f_next) { - if (f->f_prevcount && now >=3D REPEATTIME(f)) { - dprintf("flush %s: repeated %d times, %d sec.\n", - TypeNames[f->f_type], f->f_prevcount, - repeatinterval[f->f_repeatcount]); - fprintlog(f, 0, (char *)NULL); - BACKOFF(f); - } - } - - /* Walk the dead queue, and see if we should signal somebody. */ - for (q =3D TAILQ_FIRST(&deadq_head); q !=3D NULL; q =3D TAILQ_NEXT(q, dq_= entries)) - switch (q->dq_timeout) { - case 0: - /* Already signalled once, try harder now. */ - if (kill(q->dq_pid, SIGKILL) !=3D 0) - (void)deadq_remove(q->dq_pid); - break; - - case 1: - /* - * Timed out on dead queue, send terminate - * signal. Note that we leave the removal - * from the dead queue to reapchild(), which - * will also log the event (unless the process - * didn't even really exist, in case we simply - * drop it from the dead queue). - */ - if (kill(q->dq_pid, SIGTERM) !=3D 0) - (void)deadq_remove(q->dq_pid); - /* FALLTHROUGH */ - - default: - q->dq_timeout--; - } + WantDie =3D signo; +} =20 - (void)alarm(TIMERINTVL); +void +domark(signo) + int signo; +{ + MarkSet =3D 1; } =20 /* @@ -1319,7 +1299,7 @@ Initialized =3D was_initialized; if (signo) { dprintf("syslogd: exiting on signal %d\n", signo); - (void)sprintf(buf, "exiting on signal %d", signo); + (void)snprintf(buf, sizeof buf, "exiting on signal %d", signo); errno =3D 0; logerror(buf); } @@ -1393,8 +1373,8 @@ * Foreach line in the conf table, open that file. */ f =3D NULL; - strcpy(host, "*"); - strcpy(prog, "*"); + strlcpy(host, "*", sizeof(host)); + strlcpy(prog, "*", sizeof(prog)); while (fgets(cline, sizeof(cline), cf) !=3D NULL) { /* * check for end-of-section, comments, strip off trailing @@ -1414,7 +1394,7 @@ host[0] =3D *p++; while (isspace(*p)) p++; if ((!*p) || (*p =3D=3D '*')) { - strcpy(host, "*"); + strlcpy(host, "*", sizeof(host)); continue; } if (*p =3D=3D '@') @@ -1431,7 +1411,7 @@ p++; while (isspace(*p)) p++; if ((!*p) || (*p =3D=3D '*')) { - strcpy(prog, "*"); + strlcpy(prog, "*", sizeof(prog)); continue; } for (i =3D 0; i < NAME_MAX; i++) { @@ -1629,9 +1609,8 @@ switch (*p) { case '@': - (void)strncpy(f->f_un.f_forw.f_hname, ++p, - sizeof(f->f_un.f_forw.f_hname)-1); - f->f_un.f_forw.f_hname[sizeof(f->f_un.f_forw.f_hname)-1] =3D '\0'; + (void)strlcpy(f->f_un.f_forw.f_hname, ++p, + sizeof(f->f_un.f_forw.f_hname)); memset(&hints, 0, sizeof(hints)); hints.ai_family =3D family; hints.ai_socktype =3D SOCK_DGRAM; @@ -1656,16 +1635,17 @@ f->f_type =3D F_CONSOLE; else f->f_type =3D F_TTY; - (void)strcpy(f->f_un.f_fname, p + sizeof _PATH_DEV - 1); + (void)strlcpy(f->f_un.f_fname, p + sizeof _PATH_DEV - 1, + sizeof(f->f_un.f_fname)); } else { - (void)strcpy(f->f_un.f_fname, p); + (void)strlcpy(f->f_un.f_fname, p, sizeof(f->f_un.f_fname)); f->f_type =3D F_FILE; } break; =20 case '|': f->f_un.f_pipe.f_pid =3D 0; - (void)strcpy(f->f_un.f_pipe.f_pname, p + 1); + (void)strlcpy(f->f_un.f_fname, p + 1, sizeof(f->f_un.f_fname)); f->f_type =3D F_PIPE; break; =20 @@ -1720,6 +1700,59 @@ return (-1); } =20 +void +markit(void) +{ + struct filed *f; + dq_t q; + + now =3D time((time_t *)NULL); + MarkSeq +=3D TIMERINTVL; + if (MarkSeq >=3D MarkInterval) { + logmsg(LOG_INFO, "-- MARK --", + LocalHostName, ADDDATE|MARK); + MarkSeq =3D 0; + } + + for (f =3D Files; f; f =3D f->f_next) { + if (f->f_prevcount && now >=3D REPEATTIME(f)) { + dprintf("flush %s: repeated %d times, %d sec.\n", + TypeNames[f->f_type], f->f_prevcount, + repeatinterval[f->f_repeatcount]); + fprintlog(f, 0, (char *)NULL); + BACKOFF(f); + } + } + + /* Walk the dead queue, and see if we should signal somebody. */ + for (q =3D TAILQ_FIRST(&deadq_head); q !=3D NULL; q =3D TAILQ_NEXT(q, dq_= entries)) + switch (q->dq_timeout) { + case 0: + /* Already signalled once, try harder now. */ + if (kill(q->dq_pid, SIGKILL) !=3D 0) + (void)deadq_remove(q->dq_pid); + break; + + case 1: + /* + * Timed out on dead queue, send terminate + * signal. Note that we leave the removal + * from the dead queue to reapchild(), which + * will also log the event (unless the process + * didn't even really exist, in case we simply + * drop it from the dead queue). + */ + if (kill(q->dq_pid, SIGTERM) !=3D 0) + (void)deadq_remove(q->dq_pid); + /* FALLTHROUGH */ + + default: + q->dq_timeout--; + } + MarkSet =3D 0; + (void)alarm(TIMERINTVL); +} + /* * fork off and become a daemon, but wait for the child to come online * before returing to the parent, or we get disk thrashing at boot etc. @@ -1789,7 +1822,7 @@ if (left =3D=3D 0) errx(1, "timed out waiting for child"); else - exit(0); + _exit(0); } =20 /* --LQksG6bCIzRHxTLp Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XS3cWry0BWjoQKURAgCEAJ0Q7n6LQGJ70vAUs4Vsw6doQw99ZACfaKtT O6Pg/euqMlhnO+Rqqr2c7d0= =3mgD -----END PGP SIGNATURE----- --LQksG6bCIzRHxTLp-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 1:17:21 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 9905C37B405 for ; Tue, 24 Jul 2001 01:17:11 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id E6DAF66BA6; Tue, 24 Jul 2001 01:17:10 -0700 (PDT) Date: Tue, 24 Jul 2001 01:17:10 -0700 From: Kris Kennaway To: audit@FreeBSD.org Subject: comsat signal/string fixes Message-ID: <20010724011710.A4926@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="BOKacYhQ+x31HxR3" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --BOKacYhQ+x31HxR3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Another one for review. Kris Index: comsat.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/libexec/comsat/comsat.c,v retrieving revision 1.13 diff -u -r1.13 comsat.c --- comsat.c 1999/08/28 00:09:27 1.13 +++ comsat.c 2001/07/24 08:15:53 @@ -78,12 +78,15 @@ time_t lastmsgtime; int nutmp, uf; =20 +void doreadutmp __P((void)); void jkfprintf __P((FILE *, char[], char[], off_t)); void mailfor __P((char *)); void notify __P((struct utmp *, char[], off_t, int)); -void onalrm __P((int)); +void readutmp __P((int)); void reapchildren __P((int)); =20 +sig_atomic_t wantreadutmp; + int main(argc, argv) int argc; @@ -111,16 +114,20 @@ } (void)time(&lastmsgtime); (void)gethostname(hostname, sizeof(hostname)); - onalrm(0); - (void)signal(SIGALRM, onalrm); + doreadutmp(); + (void)signal(SIGALRM, readutmp); (void)signal(SIGTTOU, SIG_IGN); (void)signal(SIGCHLD, reapchildren); for (;;) { + if (wantreadutmp) { + doreadutmp(); + wantreadutmp =3D 0; + } + cc =3D recv(0, msgbuf, sizeof(msgbuf) - 1, 0); if (cc <=3D 0) { if (errno !=3D EINTR) sleep(1); - errno =3D 0; continue; } if (!nutmp) /* no one has logged in yet */ @@ -141,9 +148,15 @@ } =20 void -onalrm(signo) +readutmp(signo) int signo; { + wantreadutmp =3D 1; +} + +void +doreadutmp(void) +{ static u_int utmpsize; /* last malloced size for utmp */ static u_int utmpmtime; /* last modification time for utmp */ struct stat statbf; @@ -235,8 +248,7 @@ } (void)tcgetattr(fileno(tp), &tio); cr =3D ((tio.c_oflag & (OPOST|ONLCR)) =3D=3D (OPOST|ONLCR)) ? "\n" : "\n= \r"; - (void)strncpy(name, utp->ut_name, sizeof(utp->ut_name)); - name[sizeof(name) - 1] =3D '\0'; + (void)strlcpy(name, utp->ut_name, sizeof(name)); (void)fprintf(tp, "%s\007New mail for %s@%.*s\007 has arrived%s%s%s:%s---= -%s", cr, name, (int)sizeof(hostname), hostname, folder ? cr : "", folder ? "to " : "", folder ? file : "", --BOKacYhQ+x31HxR3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XS8GWry0BWjoQKURAggdAKDcG7Z5jWu+kje3TP2kd4cLlXiW0wCgl9YS KgO58RqXLq4sueDSr3rLitE= =USIC -----END PGP SIGNATURE----- --BOKacYhQ+x31HxR3-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 1:46: 9 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 283DD37B407 for ; Tue, 24 Jul 2001 01:46:04 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 5227566E04; Tue, 24 Jul 2001 01:46:03 -0700 (PDT) Date: Tue, 24 Jul 2001 01:46:02 -0700 From: Kris Kennaway To: audit@FreeBSD.org Subject: finger strdup patch Message-ID: <20010724014602.A5532@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="45Z9DzgjV8m4Oswq" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable This is a slight consolidation from OpenBSD: it checks the return values of a few more strdup()s and saves a few bytes on the binary size, as a bonus :-) Kris Index: extern.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.bin/finger/extern.h,v retrieving revision 1.4 diff -u -r1.4 extern.h --- extern.h 2001/03/21 18:43:49 1.4 +++ extern.h 2001/07/24 08:40:58 @@ -42,6 +42,7 @@ void enter_lastlog __P((PERSON *)); PERSON *enter_person __P((struct passwd *)); void enter_where __P((struct utmp *, PERSON *)); +char *estrdup __P((char *)); PERSON *find_person __P((char *)); int hide __P((struct passwd *)); void lflag_print __P((void)); Index: finger.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.bin/finger/finger.c,v retrieving revision 1.24 diff -u -r1.24 finger.c --- finger.c 2001/03/21 18:43:49 1.24 +++ finger.c 2001/07/24 08:41:23 @@ -311,9 +311,7 @@ *conf_realname =3D '\0'; /* Replace : with NUL */ for (p =3D argv; *p; ++p) { if (strcmp(*p, conf_alias) =3D=3D NULL) { - if ((*p =3D strdup(conf_realname+1)) =3D=3D NULL) { - err(1, NULL); - } + *p =3D estrdup(conf_realname+1); } } } Index: util.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /mnt/ncvs/src/usr.bin/finger/util.c,v retrieving revision 1.13 diff -u -r1.13 util.c --- util.c 2001/03/01 05:52:38 1.13 +++ util.c 2001/07/24 08:38:04 @@ -104,6 +104,17 @@ return(0); } =20 +char *estrdup(char *); + +char * +estrdup(char *s) +{ + char *p =3D strdup(s); + if (p) + err(1, "strdup failed"); + return (p); +} + void enter_lastlog(pn) register PERSON *pn; @@ -351,12 +362,9 @@ pn->realname =3D pn->office =3D pn->officephone =3D pn->homephone =3D NUL= L; =20 pn->uid =3D pw->pw_uid; - if ((pn->name =3D strdup(pw->pw_name)) =3D=3D NULL) - err(1, "strdup failed"); - if ((pn->dir =3D strdup(pw->pw_dir)) =3D=3D NULL) - err(1, "strdup failed"); - if ((pn->shell =3D strdup(pw->pw_shell)) =3D=3D NULL) - err(1, "strdup failed"); + pn->name =3D estrdup(pw->pw_name); + pn->dir =3D estrdup(pw->pw_dir); + pn->shell =3D estrdup(pw->pw_shell); =20 /* why do we skip asterisks!?!? */ (void)strncpy(bp =3D tbuf, pw->pw_gecos, sizeof(tbuf)); @@ -381,14 +389,13 @@ } } *t =3D '\0'; - if ((pn->realname =3D strdup(name)) =3D=3D NULL) - err(1, "strdup failed"); + pn->realname =3D estrdup(name); pn->office =3D ((p =3D strsep(&bp, ",")) && *p) ? - strdup(p) : NULL; + estrdup(p) : NULL; pn->officephone =3D ((p =3D strsep(&bp, ",")) && *p) ? - strdup(p) : NULL; + estrdup(p) : NULL; pn->homephone =3D ((p =3D strsep(&bp, ",")) && *p) ? - strdup(p) : NULL; + estrdup(p) : NULL; (void)snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pw->pw_name); pn->mailrecv =3D -1; /* -1 =3D=3D not_valid */ if (stat(tbuf, &sb) < 0) { --45Z9DzgjV8m4Oswq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XTXKWry0BWjoQKURArixAKCfo/621aPdsTVl43slb/JxUupMlACbBUyp BaxS4h2evfWUKewd5Ax7jMg= =vLxB -----END PGP SIGNATURE----- --45Z9DzgjV8m4Oswq-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 1:56:52 2001 Delivered-To: freebsd-audit@freebsd.org Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13]) by hub.freebsd.org (Postfix) with ESMTP id 9C33837B401 for ; Tue, 24 Jul 2001 01:56:19 -0700 (PDT) (envelope-from ben@FreeBSD.org) Received: from strontium.shef.vinosystems.com ([192.168.91.36] ident=root) by scientia.demon.co.uk with esmtp (Exim 3.30 #1) id 15OwNu-000A5e-00; Tue, 24 Jul 2001 08:13:38 +0100 Received: (from ben@localhost) by strontium.shef.vinosystems.com (8.11.4/8.11.4) id f6O7DcE01509; Tue, 24 Jul 2001 08:13:38 +0100 (BST) (envelope-from ben@FreeBSD.org) X-Authentication-Warning: strontium.shef.vinosystems.com: ben set sender to ben@FreeBSD.org using -f Date: Tue, 24 Jul 2001 08:13:37 +0100 From: Ben Smithurst To: Kris Kennaway Cc: audit@FreeBSD.org Subject: Re: rwhod signal fixes Message-ID: <20010724081337.D14233@strontium.shef.vinosystems.com> References: <20010723223904.A1381@xor.obsecurity.org> <20010724072952.A14233@strontium.shef.vinosystems.com> <20010723234000.A2691@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="sfyO1m2EN8ZOtJL6" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010723234000.A2691@xor.obsecurity.org> X-PGP-Key: http://www.smithurst.org/ben/pgp-key.txt Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --sfyO1m2EN8ZOtJL6 Content-Type: multipart/mixed; boundary="d01dLTUuW90fS44H" Content-Disposition: inline --d01dLTUuW90fS44H Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Kris Kennaway wrote: > On Tue, Jul 24, 2001 at 07:29:53AM +0100, Ben Smithurst wrote: >> Kris Kennaway wrote: >>=20 >>> + n =3D poll(pfd, 1, 1000); >>=20 >> Is it really necessary to have rwhod go round in a loop like this >> wasting CPU time? What was wrong with using alarm() ? >=20 > It was already using alarm() to wake up every second, but it was doing > unsafe work in the signal handler. As far as I could see it was using alarm() to wake up every three minutes, which is quite different... What do you think of the attached patch which (I hope) makes it use SIGALRM in a safe way? It's basically mostly the same as your patch. I've attached a diff -b version as well since it's easier to see what's actually changed there... --=20 Ben Smithurst / ben@FreeBSD.org FreeBSD: The Power To Serve http://www.FreeBSD.org/ --d01dLTUuW90fS44H Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="rwhod.diff" Content-Transfer-Encoding: quoted-printable Index: rwhod.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/cvs/src/usr.sbin/rwhod/rwhod.c,v retrieving revision 1.15 diff -u -r1.15 rwhod.c --- rwhod.c 2000/12/22 21:30:15 1.15 +++ rwhod.c 2001/07/24 07:03:37 @@ -149,16 +149,21 @@ struct servent *sp; int s, utmpf; =20 +sig_atomic_t gothup, gotalrm; + #define WHDRSIZE (sizeof(mywd) - sizeof(mywd.wd_we)) =20 -void run_as __P((uid_t *, gid_t *)); +void alrm __P((int)); int configure __P((int)); -void getboottime __P((int)); -void onalrm __P((int)); +void getboottime __P((void)); +void handleread __P((int s)); +void hup __P((int)); void quit __P((char *)); void rt_xaddrs __P((caddr_t, caddr_t, struct rt_addrinfo *)); -int verify __P((char *, int)); +void run_as __P((uid_t *, gid_t *)); +void timer __P((void)); static void usage __P((void)); +int verify __P((char *, int)); #ifdef DEBUG char *interval __P((int, char *)); void Sendto __P((int, const void *, size_t, int, @@ -166,17 +171,28 @@ #define sendto Sendto #endif =20 +void +hup(signo) + int signo; +{ + gothup =3D 1; +} + +void +alrm(int signo) { + gotalrm =3D 1; +} + int main(argc, argv) int argc; char *argv[]; { - struct sockaddr_in from; - struct stat st; - char path[64]; + fd_set rset; int on =3D 1; char *cp; struct sockaddr_in sin; + struct itimerval it; uid_t unpriv_uid; gid_t unpriv_gid; =20 @@ -213,7 +229,8 @@ #ifndef DEBUG daemon(1, 0); #endif - (void) signal(SIGHUP, getboottime); + (void) signal(SIGHUP, hup); + (void) signal(SIGALRM, alrm); openlog("rwhod", LOG_PID, LOG_DAEMON); sp =3D getservbyname("who", "udp"); if (sp =3D=3D NULL) { @@ -240,7 +257,7 @@ syslog(LOG_ERR, "%s: %m", _PATH_UTMP); exit(1); } - getboottime(0); + getboottime(); if ((s =3D socket(AF_INET, SOCK_DGRAM, 0)) < 0) { syslog(LOG_ERR, "socket: %m"); exit(1); @@ -263,74 +280,104 @@ if (!configure(s)) exit(1); if (!quiet_mode) { - signal(SIGALRM, onalrm); - onalrm(0); + it.it_value.tv_sec =3D it.it_interval.tv_sec =3D AL_INTERVAL; + it.it_value.tv_usec =3D it.it_interval.tv_usec =3D 0; + setitimer(ITIMER_REAL, &it, NULL); + timer(); } + for (;;) { - struct whod wd; - int cc, whod, len =3D sizeof(from); + int n; =20 - cc =3D recvfrom(s, (char *)&wd, sizeof(struct whod), 0, - (struct sockaddr *)&from, &len); - if (cc <=3D 0) { - if (cc < 0 && errno !=3D EINTR) - syslog(LOG_WARNING, "recv: %m"); - continue; - } - if (from.sin_port !=3D sp->s_port && !insecure_mode) { - syslog(LOG_WARNING, "%d: bad source port from %s", - ntohs(from.sin_port), inet_ntoa(from.sin_addr)); - continue; - } - if (cc < WHDRSIZE) { - syslog(LOG_WARNING, "short packet from %s", - inet_ntoa(from.sin_addr)); - continue; - } - if (wd.wd_vers !=3D WHODVERSION) - continue; - if (wd.wd_type !=3D WHODTYPE_STATUS) - continue; - if (!verify(wd.wd_hostname, sizeof wd.wd_hostname)) { - syslog(LOG_WARNING, "malformed host name from %s", - inet_ntoa(from.sin_addr)); - continue; - } - (void) snprintf(path, sizeof path, "whod.%s", wd.wd_hostname); - /* - * Rather than truncating and growing the file each time, - * use ftruncate if size is less than previous size. - */ - whod =3D open(path, O_WRONLY | O_CREAT, 0644); - if (whod < 0) { - syslog(LOG_WARNING, "%s: %m", path); - continue; + FD_ZERO(&rset); + FD_SET(s, &rset); + n =3D select(s + 1, &rset, NULL, NULL, NULL); + + if (gothup) { + gothup =3D 0; + getboottime(); + } + + if (n =3D=3D 1) + handleread(s); + if (!quiet_mode && gotalrm) { + timer(); + gotalrm =3D 0; } + } +} + +void +handleread(s) + int s; +{ + struct sockaddr_in from; + struct stat st; + char path[64]; + struct whod wd; + int cc, whod, len =3D sizeof(from); + + cc =3D recvfrom(s, (char *)&wd, sizeof(struct whod), 0, + (struct sockaddr *)&from, &len); + if (cc <=3D 0) { + if (cc < 0 && errno !=3D EINTR) + syslog(LOG_WARNING, "recv: %m"); + return; + } + if (from.sin_port !=3D sp->s_port && !insecure_mode) { + syslog(LOG_WARNING, "%d: bad source port from %s", + ntohs(from.sin_port), inet_ntoa(from.sin_addr)); + return; + } + if (cc < WHDRSIZE) { + syslog(LOG_WARNING, "short packet from %s", + inet_ntoa(from.sin_addr)); + return; + } + if (wd.wd_vers !=3D WHODVERSION) + return; + if (wd.wd_type !=3D WHODTYPE_STATUS) + return; + wd.wd_hostname[sizeof(wd.wd_hostname)-1] =3D '\0'; + if (!verify(wd.wd_hostname, sizeof wd.wd_hostname)) { + syslog(LOG_WARNING, "malformed host name from %s", + inet_ntoa(from.sin_addr)); + return; + } + (void) snprintf(path, sizeof path, "whod.%s", wd.wd_hostname); + /* + * Rather than truncating and growing the file each time, + * use ftruncate if size is less than previous size. + */ + whod =3D open(path, O_WRONLY | O_CREAT, 0644); + if (whod < 0) { + syslog(LOG_WARNING, "%s: %m", path); + return; + } #if ENDIAN !=3D BIG_ENDIAN - { - int i, n =3D (cc - WHDRSIZE)/sizeof(struct whoent); - struct whoent *we; - - /* undo header byte swapping before writing to file */ - wd.wd_sendtime =3D ntohl(wd.wd_sendtime); - for (i =3D 0; i < 3; i++) - wd.wd_loadav[i] =3D ntohl(wd.wd_loadav[i]); - wd.wd_boottime =3D ntohl(wd.wd_boottime); - we =3D wd.wd_we; - for (i =3D 0; i < n; i++) { - we->we_idle =3D ntohl(we->we_idle); - we->we_utmp.out_time =3D - ntohl(we->we_utmp.out_time); - we++; - } + { + int i, n =3D (cc - WHDRSIZE)/sizeof(struct whoent); + struct whoent *we; + + /* undo header byte swapping before writing to file */ + wd.wd_sendtime =3D ntohl(wd.wd_sendtime); + for (i =3D 0; i < 3; i++) + wd.wd_loadav[i] =3D ntohl(wd.wd_loadav[i]); + wd.wd_boottime =3D ntohl(wd.wd_boottime); + we =3D wd.wd_we; + for (i =3D 0; i < n; i++) { + we->we_idle =3D ntohl(we->we_idle); + we->we_utmp.out_time =3D + ntohl(we->we_utmp.out_time); + we++; } -#endif - (void) time((time_t *)&wd.wd_recvtime); - (void) write(whod, (char *)&wd, cc); - if (fstat(whod, &st) < 0 || st.st_size > cc) - ftruncate(whod, cc); - (void) close(whod); } +#endif + (void) time((time_t *)&wd.wd_recvtime); + (void) write(whod, (char *)&wd, cc); + if (fstat(whod, &st) < 0 || st.st_size > cc) + ftruncate(whod, cc); + (void) close(whod); } =20 static void @@ -391,8 +438,7 @@ int alarmcount; =20 void -onalrm(signo) - int signo; +timer() { register struct neighbor *np; register struct whoent *we =3D mywd.wd_we, *wlast; @@ -404,7 +450,7 @@ =20 now =3D time(NULL); if (alarmcount % 10 =3D=3D 0) - getboottime(0); + getboottime(); alarmcount++; (void) fstat(utmpf, &stb); if ((stb.st_mtime !=3D utmptime) || (stb.st_size > utmpsize)) { @@ -418,14 +464,14 @@ if (! utmp) { syslog(LOG_WARNING, "malloc failed"); utmpsize =3D 0; - goto done; + return; } } (void) lseek(utmpf, (off_t)0, L_SET); cc =3D read(utmpf, (char *)utmp, stb.st_size); if (cc < 0) { syslog(LOG_ERR, "read(%s): %m", _PATH_UTMP); - goto done; + return; } wlast =3D &mywd.wd_we[1024 / sizeof(struct whoent) - 1]; utmpent =3D cc / sizeof(struct utmp); @@ -493,13 +539,10 @@ syslog(LOG_ERR, "chdir(%s): %m", _PATH_RWHODIR); exit(1); } -done: - (void) alarm(AL_INTERVAL); } =20 void -getboottime(signo) - int signo; +getboottime() { int mib[2]; size_t size; @@ -691,10 +734,10 @@ register struct whoent *we; struct sockaddr_in *sin =3D (struct sockaddr_in *)to; =20 - printf("sendto %x.%d\n", ntohl(sin->sin_addr.s_addr), - ntohs(sin->sin_port)); + printf("sendto %s.%d\n", inet_ntoa(sin->sin_addr), + ntohs(sin->sin_port)); printf("hostname %s %s\n", w->wd_hostname, - interval(ntohl(w->wd_sendtime) - ntohl(w->wd_boottime), " up")); + interval(ntohl(w->wd_sendtime) - ntohl(w->wd_boottime), " up")); printf("load %4.2f, %4.2f, %4.2f\n", ntohl(w->wd_loadav[0]) / 100.0, ntohl(w->wd_loadav[1]) / 100.0, ntohl(w->wd_loadav[2]) / 100.0); @@ -702,9 +745,9 @@ for (we =3D w->wd_we, cc /=3D sizeof(struct whoent); cc > 0; cc--, we++) { time_t t =3D ntohl(we->we_utmp.out_time); printf("%-8.8s %s:%s %.12s", - we->we_utmp.out_name, - w->wd_hostname, we->we_utmp.out_line, - ctime(&t)+4); + we->we_utmp.out_name, + w->wd_hostname, we->we_utmp.out_line, + ctime(&t)+4); we->we_idle =3D ntohl(we->we_idle) / 60; if (we->we_idle) { if (we->we_idle >=3D 100*60) @@ -728,18 +771,19 @@ int days, hours, minutes; =20 if (time < 0 || time > 3*30*24*60*60) { - (void) sprintf(resbuf, " %s ??:??", updown); + (void) snprintf(resbuf, sizeof(resbuf), + " %s ??:??", updown); return (resbuf); } minutes =3D (time + 59) / 60; /* round to minutes */ hours =3D minutes / 60; minutes %=3D 60; days =3D hours / 24; hours %=3D 24; if (days) - (void) sprintf(resbuf, "%s %2d+%02d:%02d", - updown, days, hours, minutes); + (void) snprintf(resbuf, sizeof(resbuf), + "%s %2d+%02d:%02d", updown, days, hours, minutes); else - (void) sprintf(resbuf, "%s %2d:%02d", - updown, hours, minutes); + (void) snprintf(resbuf, sizeof(resbuf), + "%s %2d:%02d", updown, hours, minutes); return (resbuf); } #endif --d01dLTUuW90fS44H Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="rwhod.diff-b" Content-Transfer-Encoding: quoted-printable Index: rwhod.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/cvs/src/usr.sbin/rwhod/rwhod.c,v retrieving revision 1.15 diff -u -b -r1.15 rwhod.c --- rwhod.c 2000/12/22 21:30:15 1.15 +++ rwhod.c 2001/07/24 07:03:37 @@ -149,16 +149,21 @@ struct servent *sp; int s, utmpf; =20 +sig_atomic_t gothup, gotalrm; + #define WHDRSIZE (sizeof(mywd) - sizeof(mywd.wd_we)) =20 -void run_as __P((uid_t *, gid_t *)); +void alrm __P((int)); int configure __P((int)); -void getboottime __P((int)); -void onalrm __P((int)); +void getboottime __P((void)); +void handleread __P((int s)); +void hup __P((int)); void quit __P((char *)); void rt_xaddrs __P((caddr_t, caddr_t, struct rt_addrinfo *)); -int verify __P((char *, int)); +void run_as __P((uid_t *, gid_t *)); +void timer __P((void)); static void usage __P((void)); +int verify __P((char *, int)); #ifdef DEBUG char *interval __P((int, char *)); void Sendto __P((int, const void *, size_t, int, @@ -166,17 +171,28 @@ #define sendto Sendto #endif =20 +void +hup(signo) + int signo; +{ + gothup =3D 1; +} + +void +alrm(int signo) { + gotalrm =3D 1; +} + int main(argc, argv) int argc; char *argv[]; { - struct sockaddr_in from; - struct stat st; - char path[64]; + fd_set rset; int on =3D 1; char *cp; struct sockaddr_in sin; + struct itimerval it; uid_t unpriv_uid; gid_t unpriv_gid; =20 @@ -213,7 +229,8 @@ #ifndef DEBUG daemon(1, 0); #endif - (void) signal(SIGHUP, getboottime); + (void) signal(SIGHUP, hup); + (void) signal(SIGALRM, alrm); openlog("rwhod", LOG_PID, LOG_DAEMON); sp =3D getservbyname("who", "udp"); if (sp =3D=3D NULL) { @@ -240,7 +257,7 @@ syslog(LOG_ERR, "%s: %m", _PATH_UTMP); exit(1); } - getboottime(0); + getboottime(); if ((s =3D socket(AF_INET, SOCK_DGRAM, 0)) < 0) { syslog(LOG_ERR, "socket: %m"); exit(1); @@ -263,10 +280,40 @@ if (!configure(s)) exit(1); if (!quiet_mode) { - signal(SIGALRM, onalrm); - onalrm(0); + it.it_value.tv_sec =3D it.it_interval.tv_sec =3D AL_INTERVAL; + it.it_value.tv_usec =3D it.it_interval.tv_usec =3D 0; + setitimer(ITIMER_REAL, &it, NULL); + timer(); } + for (;;) { + int n; + + FD_ZERO(&rset); + FD_SET(s, &rset); + n =3D select(s + 1, &rset, NULL, NULL, NULL); + + if (gothup) { + gothup =3D 0; + getboottime(); + } + + if (n =3D=3D 1) + handleread(s); + if (!quiet_mode && gotalrm) { + timer(); + gotalrm =3D 0; + } + } +} + +void +handleread(s) + int s; +{ + struct sockaddr_in from; + struct stat st; + char path[64]; struct whod wd; int cc, whod, len =3D sizeof(from); =20 @@ -275,26 +322,27 @@ if (cc <=3D 0) { if (cc < 0 && errno !=3D EINTR) syslog(LOG_WARNING, "recv: %m"); - continue; + return; } if (from.sin_port !=3D sp->s_port && !insecure_mode) { syslog(LOG_WARNING, "%d: bad source port from %s", ntohs(from.sin_port), inet_ntoa(from.sin_addr)); - continue; + return; } if (cc < WHDRSIZE) { syslog(LOG_WARNING, "short packet from %s", inet_ntoa(from.sin_addr)); - continue; + return; } if (wd.wd_vers !=3D WHODVERSION) - continue; + return; if (wd.wd_type !=3D WHODTYPE_STATUS) - continue; + return; + wd.wd_hostname[sizeof(wd.wd_hostname)-1] =3D '\0'; if (!verify(wd.wd_hostname, sizeof wd.wd_hostname)) { syslog(LOG_WARNING, "malformed host name from %s", inet_ntoa(from.sin_addr)); - continue; + return; } (void) snprintf(path, sizeof path, "whod.%s", wd.wd_hostname); /* @@ -304,7 +352,7 @@ whod =3D open(path, O_WRONLY | O_CREAT, 0644); if (whod < 0) { syslog(LOG_WARNING, "%s: %m", path); - continue; + return; } #if ENDIAN !=3D BIG_ENDIAN { @@ -330,7 +378,6 @@ if (fstat(whod, &st) < 0 || st.st_size > cc) ftruncate(whod, cc); (void) close(whod); - } } =20 static void @@ -391,8 +438,7 @@ int alarmcount; =20 void -onalrm(signo) - int signo; +timer() { register struct neighbor *np; register struct whoent *we =3D mywd.wd_we, *wlast; @@ -404,7 +450,7 @@ =20 now =3D time(NULL); if (alarmcount % 10 =3D=3D 0) - getboottime(0); + getboottime(); alarmcount++; (void) fstat(utmpf, &stb); if ((stb.st_mtime !=3D utmptime) || (stb.st_size > utmpsize)) { @@ -418,14 +464,14 @@ if (! utmp) { syslog(LOG_WARNING, "malloc failed"); utmpsize =3D 0; - goto done; + return; } } (void) lseek(utmpf, (off_t)0, L_SET); cc =3D read(utmpf, (char *)utmp, stb.st_size); if (cc < 0) { syslog(LOG_ERR, "read(%s): %m", _PATH_UTMP); - goto done; + return; } wlast =3D &mywd.wd_we[1024 / sizeof(struct whoent) - 1]; utmpent =3D cc / sizeof(struct utmp); @@ -493,13 +539,10 @@ syslog(LOG_ERR, "chdir(%s): %m", _PATH_RWHODIR); exit(1); } -done: - (void) alarm(AL_INTERVAL); } =20 void -getboottime(signo) - int signo; +getboottime() { int mib[2]; size_t size; @@ -691,7 +734,7 @@ register struct whoent *we; struct sockaddr_in *sin =3D (struct sockaddr_in *)to; =20 - printf("sendto %x.%d\n", ntohl(sin->sin_addr.s_addr), + printf("sendto %s.%d\n", inet_ntoa(sin->sin_addr), ntohs(sin->sin_port)); printf("hostname %s %s\n", w->wd_hostname, interval(ntohl(w->wd_sendtime) - ntohl(w->wd_boottime), " up")); @@ -728,18 +771,19 @@ int days, hours, minutes; =20 if (time < 0 || time > 3*30*24*60*60) { - (void) sprintf(resbuf, " %s ??:??", updown); + (void) snprintf(resbuf, sizeof(resbuf), + " %s ??:??", updown); return (resbuf); } minutes =3D (time + 59) / 60; /* round to minutes */ hours =3D minutes / 60; minutes %=3D 60; days =3D hours / 24; hours %=3D 24; if (days) - (void) sprintf(resbuf, "%s %2d+%02d:%02d", - updown, days, hours, minutes); + (void) snprintf(resbuf, sizeof(resbuf), + "%s %2d+%02d:%02d", updown, days, hours, minutes); else - (void) sprintf(resbuf, "%s %2d:%02d", - updown, hours, minutes); + (void) snprintf(resbuf, sizeof(resbuf), + "%s %2d:%02d", updown, hours, minutes); return (resbuf); } #endif --d01dLTUuW90fS44H-- --sfyO1m2EN8ZOtJL6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XSAgbPzJ+yzvRCwRAm50AKC4ahKwoDkLRVCxzFDGKr5bGCAV6QCgy2mP Y60/9RCV1khtgEyCLV9c41o= =nVIM -----END PGP SIGNATURE----- --sfyO1m2EN8ZOtJL6-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 2:25:31 2001 Delivered-To: freebsd-audit@freebsd.org Received: from obsecurity.dyndns.org (adsl-64-169-104-149.dsl.lsan03.pacbell.net [64.169.104.149]) by hub.freebsd.org (Postfix) with ESMTP id 73A2F37B405 for ; Tue, 24 Jul 2001 02:25:28 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 8F14066E04; Tue, 24 Jul 2001 02:25:27 -0700 (PDT) Date: Tue, 24 Jul 2001 02:25:27 -0700 From: Kris Kennaway To: audit@FreeBSD.org Subject: Updated openbsd commit mailbox Message-ID: <20010724022527.A6925@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="ReaqsoxgOBHFXBhH" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --ReaqsoxgOBHFXBhH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In case anyone is looking for a project: http://www.freebsd.org/~kris/mboxes/openbsd-cvs.mbox Enjoy.. Kris --ReaqsoxgOBHFXBhH Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7XT8GWry0BWjoQKURAp++AJ4/y8Tmgh4Ht5TThbzK9qdMcup94QCgwAoQ hvG8y5U2tASwnsRa//po/Vc= =dDbx -----END PGP SIGNATURE----- --ReaqsoxgOBHFXBhH-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 4: 7:56 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id EB4B737B405 for ; Tue, 24 Jul 2001 04:07:49 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15P03H-0002S1-00; Tue, 24 Jul 2001 13:08:35 +0200 From: Sheldon Hearn To: Kris Kennaway Cc: audit@FreeBSD.org Subject: Re: finger strdup patch In-reply-to: Your message of "Tue, 24 Jul 2001 01:46:02 MST." <20010724014602.A5532@xor.obsecurity.org> Date: Tue, 24 Jul 2001 13:08:35 +0200 Message-ID: <9424.995972915@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 24 Jul 2001 01:46:02 MST, Kris Kennaway wrote: > This is a slight consolidation from OpenBSD: it checks the return > values of a few more strdup()s and saves a few bytes on the binary > size, as a bonus :-) But it introdoces a new and mostly useless error message that isn't documented anywhere. It should complain with: * "Memory allocation failure" * "Cannot allocate memory" * One of the other memoray failure messages that users are used to seeing. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 4:11: 5 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 6A5A437B401 for ; Tue, 24 Jul 2001 04:11:02 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15P06K-0002Sk-00; Tue, 24 Jul 2001 13:11:44 +0200 From: Sheldon Hearn To: Kris Kennaway Cc: audit@FreeBSD.org Subject: Re: finger strdup patch In-reply-to: Your message of "Tue, 24 Jul 2001 13:08:35 +0200." <9424.995972915@axl.seasidesoftware.co.za> Date: Tue, 24 Jul 2001 13:11:44 +0200 Message-ID: <9469.995973104@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 24 Jul 2001 13:08:35 +0200, Sheldon Hearn wrote: > But it introdoces a new and mostly useless error message that isn't > documented anywhere. It should complain with: > > * "Memory allocation failure" > * "Cannot allocate memory" > * One of the other memoray failure messages that users are used to > seeing. Ignore that. I misunderstood. You're using err, not errx. I thought you were using errx. This reduces my complaint to a matter of personal preference, which is noise this list can do without. :-) Sorry, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 4:47:15 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 77DB837B401 for ; Tue, 24 Jul 2001 04:47:13 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id VAA30665; Tue, 24 Jul 2001 21:47:09 +1000 Date: Tue, 24 Jul 2001 21:43:54 +1000 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Kris Kennaway Cc: audit@FreeBSD.ORG Subject: Re: syslogd signal/string patch In-Reply-To: <20010724011213.A4758@xor.obsecurity.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 24 Jul 2001, Kris Kennaway wrote: > I also changed an exit() in a signal handler introduced by FreeBSD to > _exit(), which I think is correct. Perhaps the exit shouldn't be in a signal handler. Then exit() could be used. > There's an errx() in there as > well; is that okay? No. errx() uses stdio (to write on stderr by default) and then calls exit(). Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 9:39:21 2001 Delivered-To: freebsd-audit@freebsd.org Received: from assaris.sics.se (assaris.sics.se [193.10.66.234]) by hub.freebsd.org (Postfix) with ESMTP id 783BC37B405; Tue, 24 Jul 2001 09:39:17 -0700 (PDT) (envelope-from assar@assaris.sics.se) Received: (from assar@localhost) by assaris.sics.se (8.9.3/8.9.3) id SAA01511; Tue, 24 Jul 2001 18:39:13 +0200 (CEST) (envelope-from assar) From: assar@FreeBSD.ORG To: Ruslan Ermilov Cc: Kris Kennaway , Matt Dillon , audit@FreeBSD.ORG Subject: Re: [PATCH] Re: FreeBSD remote root exploit ? References: <20010720100029.A30828@sunbay.com> <200107200932.f6K9WgZ88552@earth.backplane.com> <20010720143742.E65677@sunbay.com> <200107201717.f6KHHGa91142@earth.backplane.com> <20010722194031.A92249@jail-3.5> <5l66ck9wm7.fsf@assaris.sics.se> <20010722215619.A94874@xor.obsecurity.org> <20010722221413.A95414@xor.obsecurity.org> <20010723133609.A88343@sunbay.com> <5lr8v7x3bl.fsf@assaris.sics.se> <20010723182204.C17788@sunbay.com> Date: 24 Jul 2001 18:39:13 +0200 In-Reply-To: Ruslan Ermilov's message of "Mon, 23 Jul 2001 18:22:04 +0300" Message-ID: <5ld76qe0y6.fsf@assaris.sics.se> Lines: 6 User-Agent: Gnus/5.070098 (Pterodactyl Gnus v0.98) Emacs/20.6 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Ruslan Ermilov writes: > An updated patch follows. Looks fine to me. /assar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 20:20:48 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.chem.msu.ru (mail.chem.msu.ru [195.208.208.19]) by hub.freebsd.org (Postfix) with ESMTP id B3A0F37B408 for ; Tue, 24 Jul 2001 20:20:44 -0700 (PDT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su ([158.250.32.97]) by mail.chem.msu.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id NHPRV029; Wed, 25 Jul 2001 07:13:51 +0400 Received: (from yar@localhost) by comp.chem.msu.su (8.11.1/8.11.1) id f6P3KgD25148 for audit@freebsd.org; Wed, 25 Jul 2001 07:20:42 +0400 (MSD) (envelope-from yar) Date: Wed, 25 Jul 2001 07:20:42 +0400 From: Yar Tikhiy To: audit@freebsd.org Subject: vlan(4) manpage Message-ID: <20010725072042.A24573@comp.chem.msu.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi there, It seems we don't have the vlan(4) manpage yet. Here's its first approximation. Please review it. Thank you. -- Yar .\" .\" $FreeBSD$ .\" .Dd July 25, 2001 .Dt VLAN 4 .Os .Sh NAME .Nm vlan .Nd IEEE 802.1Q VLAN network interface .Sh SYNOPSIS .Cd pseudo-device vlan Op Ar count .Sh DESCRIPTION The .Nm driver demultiplexes frames tagged according to the IEEE 802.1Q standard into logical .Nm network interfaces, which allows for routing/bridging between multiple VLANs through a single switch trunk port. .Pp To function, a .Nm interface must be assigned a parent interface and numeric VLAN tag using .Xr ifconfig 8 . A single parent can be assigned to multiple .Nm interfaces provided they have different tags. The parent interface is likely to be an ethernet one connected to a properly configured switch port. The VLAN tag should match one of those set up in the switched network. .Sh SEE ALSO .Xr ifconfig 8 .Sh BUGS Most ethernet NICs supported by FreeBSD lack the capability of transmitting and/or receiving oversized frames. Using such a NIC as a parent interface for .Nm implies reduced MTU on the corresponding .Nm interfaces. In the modern Internet, the latter is likely to cause .Xr tcp 4 connectivity problems due to massive, inadequate .Xr icmp 4 filtering that breaks the Path MTU Discovery mechanism. .Pp No 802.1Q features except VLAN tagging are implemented. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 20:23:41 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 251C437B407; Tue, 24 Jul 2001 20:23:26 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f6P3fB275733; Tue, 24 Jul 2001 23:41:11 -0400 (EDT) (envelope-from mike) Date: Tue, 24 Jul 2001 23:41:11 -0400 From: Mike Barcroft To: audit@FreeBSD.org Cc: ache@FreeBSD.org, des@FreeBSD.org, phantom@FreeBSD.org, jabley@automagic.org Subject: whois(1) new features for review Message-ID: <20010724234111.A75705@coffee.q9media.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I would appreciate reviews of the following changes I intend to make to whois(1). If there are no objection I'd like to commit this in two days. Patch also available at: http://people.FreeBSD.org/~mike/patches/whois.20010724.patch Best regards, Mike Barcroft ---------------------------------------------------------------------- whois.20010724.patch o Move APNIC flag from -p to -A. Since, -p is usually associated with specifying a port. o Add the -p flag for specifying a port. (PR: 28790) This is useful for querying rwhois servers. Example: whois -h rwhois.exodus.net -p 4321 216.136.180.0 o Add the -c flag which allows one to get the same whois server that would normally be determined if no arguments were specified. (Concept based on work by phantom, requested by ache) Example: whois -c ru TCNET-MNT-RIPN o Deprecate -R flag in favour of -c ru. Index: whois/whois.1 =================================================================== RCS file: /home/ncvs/src/usr.bin/whois/whois.1,v retrieving revision 1.20 diff -u -r1.20 whois.1 --- whois/whois.1 2001/06/27 23:08:57 1.20 +++ whois/whois.1 2001/07/25 02:48:25 @@ -40,8 +40,9 @@ .Nd "Internet domain name and network number directory service" .Sh SYNOPSIS .Nm -.Op Fl adgimpQrR6 -.Op Fl h Ar host +.Op Fl aAdgimQr6 +.Op Fl c Ar country-code | Fl h Ar host +.Op Fl p Ar port .Ar name ... .Sh DESCRIPTION .Nm @@ -65,6 +66,17 @@ .Pp .Dl "$ whois -a foo3-ARIN" .Pp +.It Fl A +Use the Asia/Pacific Network Information Center +.Pq Tn APNIC +database. +It contains network numbers used in East Asia, Australia, +New Zealand, and the Pacific islands. +.It Fl c Ar country-code +This is the equivalent of using the +.Fl h +option with an argument of +.Qq Ar country-code Ns Li .whois-servers.net . .It Fl d Use the US Department of Defense database. @@ -139,12 +151,12 @@ database. It contains route policy specifications for a large number of operators' networks. -.It Fl p -Use the Asia/Pacific Network Information Center -.Pq Tn APNIC -database. -It contains network numbers used in East Asia, Australia, -New Zealand, and the Pacific islands. +.It Fl p Ar port +Connect to the whois server on +.Ar port . +If this option is not specified, +.Nm +defaults to port 43. .It Fl Q Do a quick lookup. This means that @@ -159,13 +171,6 @@ database. It contains network numbers and domain contact information for Europe. -.It Fl R -Use the Russia Network Information Center -.Pq Tn RIPN -database. -It contains network numbers and domain contact information -for subdomains of -.Pa .RU . .It Fl 6 Use the IPv6 Resource Center .Pq Tn 6bone Index: whois/whois.c =================================================================== RCS file: /home/ncvs/src/usr.bin/whois/whois.c,v retrieving revision 1.23 diff -u -r1.23 whois.c --- whois/whois.c 2001/07/22 18:23:24 1.23 +++ whois/whois.c 2001/07/25 02:48:25 @@ -66,11 +66,10 @@ #define ANICHOST "whois.arin.net" #define RNICHOST "whois.ripe.net" #define PNICHOST "whois.apnic.net" -#define RUNICHOST "whois.ripn.net" #define MNICHOST "whois.ra.net" #define QNICHOST_TAIL ".whois-servers.net" #define SNICHOST "whois.6bone.net" -#define WHOIS_PORT 43 +#define DEFAULT_PORT "whois" #define WHOIS_SERVER_ID "Whois Server: " #define NO_MATCH_ID "No match for \"" @@ -79,6 +78,7 @@ #define WHOIS_QUICK 0x04 const char *ip_whois[] = { RNICHOST, PNICHOST, NULL }; +const char *port = DEFAULT_PORT; static char *choose_server(char *); static struct addrinfo *gethostinfo(char const *host, int exit_on_error); @@ -90,7 +90,7 @@ main(int argc, char *argv[]) { struct addrinfo *res; - const char *host; + const char *country, *host; char *qnichost; int ch, flags, use_qnichost; @@ -98,15 +98,19 @@ SOCKSinit(argv[0]); #endif - host = NULL; - qnichost = NULL; - flags = 0; - use_qnichost = 0; - while ((ch = getopt(argc, argv, "adgh:impQrR6")) != -1) { + country = host = qnichost = NULL; + flags = use_qnichost = 0; + while ((ch = getopt(argc, argv, "aAc:dgh:imp:QrR6")) != -1) { switch (ch) { case 'a': host = ANICHOST; break; + case 'A': + host = PNICHOST; + break; + case 'c': + country = optarg; + break; case 'd': host = DNICHOST; break; @@ -123,7 +127,7 @@ host = MNICHOST; break; case 'p': - host = PNICHOST; + port = optarg; break; case 'Q': flags |= WHOIS_QUICK; @@ -132,7 +136,7 @@ host = RNICHOST; break; case 'R': - host = RUNICHOST; + errx(EX_USAGE, "deprecated: use -c ru"); break; case '6': host = SNICHOST; @@ -146,23 +150,26 @@ argc -= optind; argv += optind; - if (!argc) + if (!argc || (country != NULL && host != NULL)) usage(); /* - * If no nic host is specified determine the top level domain from - * the query. If the TLD is a number, query ARIN. Otherwise, use + * If no host or country is specified determine the top level domain + * from the query. If the TLD is a number, query ARIN. Otherwise, use * TLD.whois-server.net. If the domain does not contain '.', fall * back to NICHOST. */ - if (host == NULL) { + if (host == NULL && country == NULL) { use_qnichost = 1; host = NICHOST; if (!(flags & WHOIS_QUICK)) flags |= WHOIS_INIC_FALLBACK | WHOIS_RECURSE; } while (argc--) { - if (use_qnichost) + if (country != NULL) { + s_asprintf(&qnichost, "%s%s", country, QNICHOST_TAIL); + res = gethostinfo(qnichost, 1); + } else if (use_qnichost) if ((qnichost = choose_server(*argv)) != NULL) res = gethostinfo(qnichost, 1); if (qnichost == NULL) @@ -212,7 +219,7 @@ hints.ai_flags = 0; hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; - error = getaddrinfo(host, "whois", &hints, &res); + error = getaddrinfo(host, port, &hints, &res); if (error) { warnx("%s: %s", host, gai_strerror(error)); if (exit_on_error) @@ -319,6 +326,7 @@ usage(void) { fprintf(stderr, - "usage: whois [-adgimpQrR6] [-h hostname] name ...\n"); + "usage: whois [-adgimpQrR6] [-c country-code | -h hostname] " + "[-p port] name ...\n"); exit(EX_USAGE); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Tue Jul 24 21:32:59 2001 Delivered-To: freebsd-audit@freebsd.org Received: from netau1.alcanet.com.au (ntp.alcanet.com.au [203.62.196.27]) by hub.freebsd.org (Postfix) with ESMTP id DCD0C37B405; Tue, 24 Jul 2001 21:32:54 -0700 (PDT) (envelope-from jeremyp@gsmx07.alcatel.com.au) Received: from mfg1.cim.alcatel.com.au (mfg1.cim.alcatel.com.au [139.188.23.1]) by netau1.alcanet.com.au (8.9.3 (PHNE_22672)/8.9.3) with ESMTP id OAA26633; Wed, 25 Jul 2001 14:32:51 +1000 (EST) Received: from gsmx07.alcatel.com.au by cim.alcatel.com.au (PMDF V5.2-32 #37641) with ESMTP id <01K6CNRE1WC0VFCELD@cim.alcatel.com.au>; Wed, 25 Jul 2001 14:32:48 +1000 Received: (from jeremyp@localhost) by gsmx07.alcatel.com.au (8.11.1/8.11.1) id f6P4Wnj65043; Wed, 25 Jul 2001 14:32:49 +1000 (EST envelope-from jeremyp) Content-return: prohibited Date: Wed, 25 Jul 2001 14:32:49 +1000 From: Peter Jeremy Subject: Re: vlan(4) manpage In-reply-to: <20010725072042.A24573@comp.chem.msu.su>; from yar@FreeBSD.ORG on Wed, Jul 25, 2001 at 07:20:42AM +0400 To: Yar Tikhiy Cc: audit@FreeBSD.ORG Mail-Followup-To: Yar Tikhiy , audit@FreeBSD.ORG Message-id: <20010725143249.N506@gsmx07.alcatel.com.au> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline User-Agent: Mutt/1.2.5i References: <20010725072042.A24573@comp.chem.msu.su> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 2001-Jul-25 07:20:42 +0400, Yar Tikhiy wrote: >It seems we don't have the vlan(4) manpage yet. Good point. Thanks for writing one. >.Sh BUGS >Most ethernet NICs supported by FreeBSD lack the capability of >transmitting and/or receiving oversized frames. Using such a NIC as a >parent interface for a >.Nm >implies reduced MTU on the corresponding ^ a >.Nm >interfaces. It would be useful to list those NICs that can handle oversized frames. I'm aware of Intel 82559 (fxp), TI ThunderLAN aka Compaq Netelligent (tl), SMC EtherPower II aka SMC9432TX (tx) and later 3Com 3C905's (xl). (Not all of these drivers have the necessary hooks in standard -CURRENT and I don't think oversized frames are supported by kld's as standard). Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 0:43:45 2001 Delivered-To: freebsd-audit@freebsd.org Received: from columbus.cris.net (columbus.cris.net [212.110.128.65]) by hub.freebsd.org (Postfix) with ESMTP id D55A337B407; Wed, 25 Jul 2001 00:43:33 -0700 (PDT) (envelope-from phantom@ark.cris.net) Received: from ark.cris.net (ns2.cris.net [212.110.128.68]) by columbus.cris.net (8.9.3/8.9.3) with ESMTP id KAA93128; Wed, 25 Jul 2001 10:43:20 +0300 (EEST) Received: (from phantom@localhost) by ark.cris.net (8.11.1/8.11.1) id f6P7gmr42987; Wed, 25 Jul 2001 10:42:48 +0300 (EEST) Date: Wed, 25 Jul 2001 10:42:48 +0300 From: Alexey Zelkin To: Mike Barcroft Cc: audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010725104248.A38544@ark.cris.net> References: <20010724234111.A75705@coffee.q9media.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20010724234111.A75705@coffee.q9media.com>; from mike@FreeBSD.org on Tue, Jul 24, 2001 at 11:41:11PM -0400 X-Operating-System: FreeBSD 3.5-STABLE i386 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG hi, On Tue, Jul 24, 2001 at 11:41:11PM -0400, Mike Barcroft wrote: > I would appreciate reviews of the following changes I intend to make > to whois(1). If there are no objection I'd like to commit this in two > days. > > Patch also available at: > http://people.FreeBSD.org/~mike/patches/whois.20010724.patch > > ---------------------------------------------------------------------- > > whois.20010724.patch > > o Move APNIC flag from -p to -A. Since, -p is usually associated > with specifying a port. Hmm... Looks like you did not exactly that in this patch... > o Add the -p flag for specifying a port. (PR: 28790) This is > useful for querying rwhois servers. Example: > whois -h rwhois.exodus.net -p 4321 216.136.180.0 > o Add the -c flag which allows one to get the same whois server > that would normally be determined if no arguments were specified. > (Concept based on work by phantom, requested by ache) Example: I think more appropriate is "suggested by: ache". Main idea was adding this feature to avoid polluting whois's command line options. > whois -c ru TCNET-MNT-RIPN > o Deprecate -R flag in favour of -c ru. Isn't '-R' worth complete removing ? Andrey ? What do you think ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 1:46:26 2001 Delivered-To: freebsd-audit@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 0BE8037B40A; Wed, 25 Jul 2001 01:45:38 -0700 (PDT) (envelope-from ache@nagual.pp.ru) Received: (from ache@localhost) by nagual.pp.ru (8.11.4/8.11.4) id f6P8jJA05719; Wed, 25 Jul 2001 12:45:19 +0400 (MSD) (envelope-from ache) Date: Wed, 25 Jul 2001 12:45:17 +0400 From: "Andrey A. Chernov" To: Alexey Zelkin Cc: Mike Barcroft , audit@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010725124517.A5270@nagual.pp.ru> References: <20010724234111.A75705@coffee.q9media.com> <20010725104248.A38544@ark.cris.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010725104248.A38544@ark.cris.net> User-Agent: Mutt/1.3.19i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 10:42:48 +0300, Alexey Zelkin wrote: > > > whois -c ru TCNET-MNT-RIPN > > o Deprecate -R flag in favour of -c ru. > > Isn't '-R' worth complete removing ? Andrey ? What do you think ? I think it worth complete removing. BTW, NetBSD use -R for some other purpose, don't remember, useful or not so. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 4:53:30 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.39]) by hub.freebsd.org (Postfix) with SMTP id CAF3237B405 for ; Wed, 25 Jul 2001 04:53:24 -0700 (PDT) (envelope-from roam@orbitel.bg) Received: (qmail 19148 invoked by uid 1000); 25 Jul 2001 11:52:36 -0000 Date: Wed, 25 Jul 2001 14:52:36 +0300 From: Peter Pentchev To: Alexey Zelkin Cc: Mike Barcroft , audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010725145236.B84551@ringworld.oblivion.bg> Mail-Followup-To: Alexey Zelkin , Mike Barcroft , audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org References: <20010724234111.A75705@coffee.q9media.com> <20010725104248.A38544@ark.cris.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725104248.A38544@ark.cris.net>; from phantom@FreeBSD.org on Wed, Jul 25, 2001 at 10:42:48AM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 10:42:48AM +0300, Alexey Zelkin wrote: > hi, > > On Tue, Jul 24, 2001 at 11:41:11PM -0400, Mike Barcroft wrote: > > I would appreciate reviews of the following changes I intend to make > > to whois(1). If there are no objection I'd like to commit this in two > > days. > > > > Patch also available at: > > http://people.FreeBSD.org/~mike/patches/whois.20010724.patch > > > > ---------------------------------------------------------------------- > > > > whois.20010724.patch > > > > o Move APNIC flag from -p to -A. Since, -p is usually associated > > with specifying a port. > > Hmm... Looks like you did not exactly that in this patch... > > > o Add the -p flag for specifying a port. (PR: 28790) This is > > useful for querying rwhois servers. Example: > > whois -h rwhois.exodus.net -p 4321 216.136.180.0 > > o Add the -c flag which allows one to get the same whois server > > that would normally be determined if no arguments were specified. > > (Concept based on work by phantom, requested by ache) Example: > > I think more appropriate is "suggested by: ache". Main idea was adding > this feature to avoid polluting whois's command line options. > > > whois -c ru TCNET-MNT-RIPN > > o Deprecate -R flag in favour of -c ru. > > Isn't '-R' worth complete removing ? Andrey ? What do you think ? I'd think 'deprecated' means 'scheduled for complete removal, but let's not remove it just yet, so we can give people some time; some people are probably used to typing "whois -R", let's give a meaningful error message in the meantime'. I guess it will be removed in the future. G'luck, Peter -- Do you think anybody has ever had *precisely this thought* before? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 5:22:35 2001 Delivered-To: freebsd-audit@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id 5C70B37B403; Wed, 25 Jul 2001 05:22:31 -0700 (PDT) (envelope-from dima@unixfreak.org) Received: from hornet.unixfreak.org (hornet [63.198.170.140]) by bazooka.unixfreak.org (Postfix) with ESMTP id 0F7643E28; Wed, 25 Jul 2001 05:22:31 -0700 (PDT) To: Yar Tikhiy Cc: audit@freebsd.org Subject: Re: vlan(4) manpage In-Reply-To: <20010725072042.A24573@comp.chem.msu.su>; from yar@freebsd.org on "Wed, 25 Jul 2001 07:20:42 +0400" Date: Wed, 25 Jul 2001 05:22:31 -0700 From: Dima Dorfman Message-Id: <20010725122231.0F7643E28@bazooka.unixfreak.org> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Yar Tikhiy writes: > .\" > .\" $FreeBSD$ > .\" > .Dd July 25, 2001 > .Dt VLAN 4 > .Os > .Sh NAME > .Nm vlan > .Nd IEEE 802.1Q VLAN network interface > .Sh SYNOPSIS > .Cd pseudo-device vlan Op Ar count `pseudo-device' doesn't exist in -current; it's just `device'. > A single parent can be assigned to multiple > .Nm > interfaces provided they have different tags. > The parent interface is likely to be an ethernet one connected to > a properly configured switch port. The VLAN tag should match one of ^^^^ Please start new sentences on new lines. I.e., your man page should look like: This is your first sentence. This is your second sentence. It yields better output in some cases, and makes diffs easier to read. > those set up in the switched network. > .Sh SEE ALSO > .Xr ifconfig 8 > .Sh BUGS > Most ethernet NICs supported by FreeBSD lack the capability of > transmitting and/or receiving oversized frames. Using such a NIC as a ^^^^^ Same as above. Other than that, it looks okay. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 8:21:58 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.chem.msu.ru (mail.chem.msu.ru [195.208.208.19]) by hub.freebsd.org (Postfix) with ESMTP id 8FFD537B91A for ; Wed, 25 Jul 2001 08:17:48 -0700 (PDT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su ([158.250.32.97]) by mail.chem.msu.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id NHPRWACK; Wed, 25 Jul 2001 19:11:05 +0400 Received: (from yar@localhost) by comp.chem.msu.su (8.11.1/8.11.1) id f6PFHjs90467; Wed, 25 Jul 2001 19:17:45 +0400 (MSD) (envelope-from yar) Date: Wed, 25 Jul 2001 19:17:45 +0400 From: Yar Tikhiy To: audit@FreeBSD.ORG Cc: Dima Dorfman , Peter Jeremy Subject: Re: vlan(4) manpage Message-ID: <20010725191744.A77305@comp.chem.msu.su> References: <20010725072042.A24573@comp.chem.msu.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725072042.A24573@comp.chem.msu.su>; from yar@FreeBSD.ORG on Wed, Jul 25, 2001 at 07:20:42AM +0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, Thank Dima and Peter for your valuable comments. The next revision of the vlan(4) man page includes corrections and additions suggested by you. Moreover, I've added a paragraph on VLAN firmware support and written a whole subsection of tips on how to select and configure the right NIC to use with VLANs. -- Yar .\" .\" $FreeBSD$ .\" .Dd July 25, 2001 .Dt VLAN 4 .Os .Sh NAME .Nm vlan .Nd IEEE 802.1Q VLAN network interface .Sh SYNOPSIS .\" In -stable: .Cd pseudo-device vlan Op Ar count .Cd device vlan Op Ar count .\" .Sh DESCRIPTION The .Nm driver demultiplexes frames tagged according to the IEEE 802.1Q standard into logical .Nm network interfaces, which allows for routing/bridging between multiple VLANs through a single switch trunk port. .Pp To function, a .Nm interface must be assigned a parent interface and numeric VLAN tag using .Xr ifconfig 8 . A single parent can be assigned to multiple .Nm interfaces provided they have different tags. The parent interface is likely to be an ethernet one connected to a properly configured switch port. The VLAN tag should match one of those set up in the switched network. .Pp The .Nm driver supports physical devices that do the VLAN demultiplexing in firmware. The .Ar link0 flag should be set on a .Nm interface .Pq Em not on its parent using .Xr ifconfig 8 in that case to indicate that the hardware support for the 802.1Q VLANs is present in its parent. .\" .Ss "Selecting the right network interface card to run VLANs through" By now, the only NIC that has hardware support for the 802.1Q VLAN technology in FreeBSD is .Xr ti 4 . .Pp The rest of ethernet NICs supported by FreeBSD can run VLANs using the software emulation in the .Nm driver. However, most of them lack the capability of transmitting and/or receiving oversized frames. Using such a NIC as a parent interface for a .Nm implies a reduced MTU on the corresponding .Nm interfaces. In the modern Internet, the latter is likely to cause .Xr tcp 4 connectivity problems due to massive, inadequate .Xr icmp 4 filtering that breaks the Path MTU Discovery mechanism. .Pp The NICs that support oversized frames are as follows: .Bl -tag -width "fxp(4)" -compact -offset indent .It Xr de 4 requires defining .Dv BIG_PACKET in the .Pa /usr/src/sys/pci/if_de.c source file and rebuilding the kernel or the module. .It Xr fxp 4 supports oversized frames if both itself and the .Nm driver are compiled into the kernel, or if the .Dv FXP_FLAG_LONG_PKT_EN .Pq 0x20 device flag is set on it. .It Xr tl 4 may or may not work with the existing driver. .It Xr tx 4 may or may not work with the existing driver. .It Xr xl 4 works well only if the card has newer firmware .Pq 3c905C and above . .El .Sh SEE ALSO .Xr ifconfig 8 .Sh BUGS No 802.1Q features except VLAN tagging are implemented. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 8:42:35 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 62DCB37B409; Wed, 25 Jul 2001 08:42:16 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f6PG0Bq77029; Wed, 25 Jul 2001 12:00:11 -0400 (EDT) (envelope-from mike) Date: Wed, 25 Jul 2001 12:00:11 -0400 From: Mike Barcroft To: Alexey Zelkin Cc: audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010725120011.A77004@coffee.q9media.com> References: <20010724234111.A75705@coffee.q9media.com> <20010725104248.A38544@ark.cris.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725104248.A38544@ark.cris.net>; from phantom@FreeBSD.org on Wed, Jul 25, 2001 at 10:42:48AM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 10:42:48AM +0300, Alexey Zelkin wrote: > On Tue, Jul 24, 2001 at 11:41:11PM -0400, Mike Barcroft wrote: > > whois.20010724.patch > > > > o Move APNIC flag from -p to -A. Since, -p is usually associated > > with specifying a port. > > Hmm... Looks like you did not exactly that in this patch... Would you care to explain? It seems to me, I did exactly that. > > o Add the -p flag for specifying a port. (PR: 28790) This is > > useful for querying rwhois servers. Example: > > whois -h rwhois.exodus.net -p 4321 216.136.180.0 > > o Add the -c flag which allows one to get the same whois server > > that would normally be determined if no arguments were specified. > > (Concept based on work by phantom, requested by ache) Example: > > I think more appropriate is "suggested by: ache". Main idea was adding > this feature to avoid polluting whois's command line options. Actually, ache did indeed request I add this feature before removing the -R flag. Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 8:52: 1 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id CA80A37B405; Wed, 25 Jul 2001 08:51:58 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f6PG9rZ77043; Wed, 25 Jul 2001 12:09:53 -0400 (EDT) (envelope-from mike) Date: Wed, 25 Jul 2001 12:09:52 -0400 From: Mike Barcroft To: Peter Pentchev Cc: phantom@FreeBSD.org, audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010725120952.B77004@coffee.q9media.com> References: <20010724234111.A75705@coffee.q9media.com> <20010725104248.A38544@ark.cris.net> <20010725145236.B84551@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725145236.B84551@ringworld.oblivion.bg>; from roam@orbitel.bg on Wed, Jul 25, 2001 at 02:52:36PM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 02:52:36PM +0300, Peter Pentchev wrote: > I'd think 'deprecated' means 'scheduled for complete removal, but let's > not remove it just yet, so we can give people some time; some people > are probably used to typing "whois -R", let's give a meaningful error > message in the meantime'. I guess it will be removed in the future. Peter is correct. It was my intention to slowly phase it out, but now that I think about it, if I completely remove the -R option, getopt(3) will tell the user that it's an illegal option and display the usage. I think this is enough to motivate a user to read the man page, so I'm going to completely remove the -R option before committing. Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 9: 5:59 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id DB4FC37B41C; Wed, 25 Jul 2001 09:03:43 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15PR9J-0001o1-00; Wed, 25 Jul 2001 18:04:37 +0200 From: Sheldon Hearn To: Mike Barcroft Cc: Peter Pentchev , phantom@FreeBSD.org, audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review In-reply-to: Your message of "Wed, 25 Jul 2001 12:09:52 -0400." <20010725120952.B77004@coffee.q9media.com> Date: Wed, 25 Jul 2001 18:04:37 +0200 Message-ID: <6944.996077077@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, 25 Jul 2001 12:09:52 -0400, Mike Barcroft wrote: > Peter is correct. It was my intention to slowly phase it out, but now > that I think about it, if I completely remove the -R option, getopt(3) > will tell the user that it's an illegal option and display the usage. That's not how things get deprecated. The way it used to work was, I think: 1) Mention is made in the manual page that the option, utility or interface is deprecated. 2) The option, utility or interface is preserved until the next major release. 3) The option, utility or interface is removed and no longer documented. It is now obsolete. In addition to this, two ideas that I like are 1) Use of deprecated features causes warnings to be generated until the feature is obsoleted. 2) Release notes warn about both deprecation and obsoletion. I think this willy-nilly instantaneous removal of features usually just annoys users for the sake of gratifying the impatience of committers. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 9:50:43 2001 Delivered-To: freebsd-audit@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id C7E9A37B409; Wed, 25 Jul 2001 09:50:27 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6PGoNA29623; Wed, 25 Jul 2001 09:50:23 -0700 Date: Wed, 25 Jul 2001 09:50:23 -0700 From: Brooks Davis To: Yar Tikhiy Cc: audit@FreeBSD.ORG, Dima Dorfman , Peter Jeremy Subject: Re: vlan(4) manpage Message-ID: <20010725095023.A21817@Odin.AC.HMC.Edu> References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="cNdxnHkX5QqsyA0e" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725191744.A77305@comp.chem.msu.su>; from yar@FreeBSD.ORG on Wed, Jul 25, 2001 at 07:17:45PM +0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --cNdxnHkX5QqsyA0e Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 25, 2001 at 07:17:45PM +0400, Yar Tikhiy wrote: > Thank Dima and Peter for your valuable comments. The next revision > of the vlan(4) man page includes corrections and additions suggested > by you. Moreover, I've added a paragraph on VLAN firmware support > and written a whole subsection of tips on how to select and configure > the right NIC to use with VLANs. Excelent. I had written something up just to fill void, but this is way better. A couple comments below. > The parent interface is likely to be an ethernet one connected > to a properly configured switch port. The use of one confused me for a moment. That might just be me though. ;-) > .\" > .Ss "Selecting the right network interface card to run VLANs through" > By now, the only NIC that has hardware support for > the 802.1Q VLAN technology in FreeBSD is > .Xr ti 4 . nge(4) supports this as well. > .It Xr fxp 4 > supports oversized frames if both itself and the > .Nm > driver are compiled into the kernel, or if the > .Dv FXP_FLAG_LONG_PKT_EN > .Pq 0x20 > device flag is set on it. I'm looking at fixing this. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --cNdxnHkX5QqsyA0e Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7XvjOXY6L6fI4GtQRArrGAKDEbABk6WfhiWMCrRgmkkl1l+r2XQCghUmm okC49sXmYxFgE6VTY+1qs4o= =ixLR -----END PGP SIGNATURE----- --cNdxnHkX5QqsyA0e-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 9:52:39 2001 Delivered-To: freebsd-audit@freebsd.org Received: from prism.flugsvamp.com (cb58709-a.mdsn1.wi.home.com [24.17.241.9]) by hub.freebsd.org (Postfix) with ESMTP id 30D7B37B408; Wed, 25 Jul 2001 09:52:37 -0700 (PDT) (envelope-from jlemon@flugsvamp.com) Received: (from jlemon@localhost) by prism.flugsvamp.com (8.11.0/8.11.0) id f6PGpY077618; Wed, 25 Jul 2001 11:51:34 -0500 (CDT) (envelope-from jlemon) Date: Wed, 25 Jul 2001 11:51:34 -0500 From: Jonathan Lemon To: Brooks Davis Cc: Yar Tikhiy , audit@FreeBSD.ORG, Dima Dorfman , Peter Jeremy Subject: Re: vlan(4) manpage Message-ID: <20010725115134.E7716@prism.flugsvamp.com> References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> <20010725095023.A21817@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre2i In-Reply-To: <20010725095023.A21817@Odin.AC.HMC.Edu> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 09:50:23AM -0700, Brooks Davis wrote: > On Wed, Jul 25, 2001 at 07:17:45PM +0400, Yar Tikhiy wrote: > > .It Xr fxp 4 > > supports oversized frames if both itself and the > > .Nm > > driver are compiled into the kernel, or if the The fxp driver does support vlan now. -- Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 9:58:33 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.39]) by hub.freebsd.org (Postfix) with SMTP id E1E2837B40D for ; Wed, 25 Jul 2001 09:58:24 -0700 (PDT) (envelope-from roam@orbitel.bg) Received: (qmail 56757 invoked by uid 1000); 25 Jul 2001 16:57:35 -0000 Date: Wed, 25 Jul 2001 19:57:35 +0300 From: Peter Pentchev To: Sheldon Hearn Cc: Mike Barcroft , phantom@FreeBSD.org, audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010725195735.F47466@ringworld.oblivion.bg> Mail-Followup-To: Sheldon Hearn , Mike Barcroft , phantom@FreeBSD.org, audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org References: <20010725120952.B77004@coffee.q9media.com> <6944.996077077@axl.seasidesoftware.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <6944.996077077@axl.seasidesoftware.co.za>; from sheldonh@starjuice.net on Wed, Jul 25, 2001 at 06:04:37PM +0200 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 06:04:37PM +0200, Sheldon Hearn wrote: > > > On Wed, 25 Jul 2001 12:09:52 -0400, Mike Barcroft wrote: > > > Peter is correct. It was my intention to slowly phase it out, but now > > that I think about it, if I completely remove the -R option, getopt(3) > > will tell the user that it's an illegal option and display the usage. > > That's not how things get deprecated. The way it used to work was, I > think: [snip removal-on-next-release description] FWIW, I like this a lot. > In addition to this, two ideas that I like are > > 1) Use of deprecated features causes warnings to be generated until the > feature is obsoleted. > > 2) Release notes warn about both deprecation and obsoletion. FWIW, I like this, too, a lot :) > I think this willy-nilly instantaneous removal of features usually just > annoys users for the sake of gratifying the impatience of committers. This has been my experience, too - both personal and from others asking me questions. G'luck, Peter -- I had to translate this sentence into English because I could not read the original Sanskrit. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 10:36: 5 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.chem.msu.ru (mail.chem.msu.ru [195.208.208.19]) by hub.freebsd.org (Postfix) with ESMTP id 60BAB37B406 for ; Wed, 25 Jul 2001 10:36:01 -0700 (PDT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su ([158.250.32.97]) by mail.chem.msu.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id NHPRWAF0; Wed, 25 Jul 2001 21:29:20 +0400 Received: (from yar@localhost) by comp.chem.msu.su (8.11.1/8.11.1) id f6PHXas03704; Wed, 25 Jul 2001 21:33:36 +0400 (MSD) (envelope-from yar) Date: Wed, 25 Jul 2001 21:33:35 +0400 From: Yar Tikhiy To: Jonathan Lemon Cc: Brooks Davis , audit@FreeBSD.ORG, Dima Dorfman , Peter Jeremy Subject: Re: vlan(4) manpage Message-ID: <20010725213335.D92208@comp.chem.msu.su> References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> <20010725095023.A21817@Odin.AC.HMC.Edu> <20010725115134.E7716@prism.flugsvamp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725115134.E7716@prism.flugsvamp.com>; from jlemon@flugsvamp.com on Wed, Jul 25, 2001 at 11:51:34AM -0500 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 11:51:34AM -0500, Jonathan Lemon wrote: > On Wed, Jul 25, 2001 at 09:50:23AM -0700, Brooks Davis wrote: > > On Wed, Jul 25, 2001 at 07:17:45PM +0400, Yar Tikhiy wrote: > > > .It Xr fxp 4 > > > supports oversized frames if both itself and the > > > .Nm > > > driver are compiled into the kernel, or if the > > The fxp driver does support vlan now. I knew it, just "supports" wasn't the right word there. I'll try to say that in a different way, like ============================================================ .It Xr fxp 4 supports oversized frames. No additional tweaking is necessary to transmit them. To enable receiving them, both the .Xr fxp 4 and .Nm drivers must be compiled into the kernel, or the .Dv FXP_FLAG_LONG_PKT_EN .Pq 0x20 device flag must be set on .Xr fxp 4 . ============================================================ Does that make sense? -- Yar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 10:41:33 2001 Delivered-To: freebsd-audit@freebsd.org Received: from prism.flugsvamp.com (cb58709-a.mdsn1.wi.home.com [24.17.241.9]) by hub.freebsd.org (Postfix) with ESMTP id 2D28937B403; Wed, 25 Jul 2001 10:41:30 -0700 (PDT) (envelope-from jlemon@flugsvamp.com) Received: (from jlemon@localhost) by prism.flugsvamp.com (8.11.0/8.11.0) id f6PHeUh79651; Wed, 25 Jul 2001 12:40:30 -0500 (CDT) (envelope-from jlemon) Date: Wed, 25 Jul 2001 12:40:30 -0500 From: Jonathan Lemon To: Yar Tikhiy Cc: Jonathan Lemon , Brooks Davis , audit@FreeBSD.ORG, Dima Dorfman , Peter Jeremy Subject: Re: vlan(4) manpage Message-ID: <20010725124030.F7716@prism.flugsvamp.com> References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> <20010725095023.A21817@Odin.AC.HMC.Edu> <20010725115134.E7716@prism.flugsvamp.com> <20010725213335.D92208@comp.chem.msu.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre2i In-Reply-To: <20010725213335.D92208@comp.chem.msu.su> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 09:33:35PM +0400, Yar Tikhiy wrote: > On Wed, Jul 25, 2001 at 11:51:34AM -0500, Jonathan Lemon wrote: > > On Wed, Jul 25, 2001 at 09:50:23AM -0700, Brooks Davis wrote: > > > On Wed, Jul 25, 2001 at 07:17:45PM +0400, Yar Tikhiy wrote: > > > > .It Xr fxp 4 > > > > supports oversized frames if both itself and the > > > > .Nm > > > > driver are compiled into the kernel, or if the > > > > The fxp driver does support vlan now. > > I knew it, just "supports" wasn't the right word there. > I'll try to say that in a different way, like > ============================================================ > .It Xr fxp 4 > supports oversized frames. No additional tweaking is necessary > to transmit them. To enable receiving them, both the > .Xr fxp 4 > and > .Nm > drivers must be compiled into the kernel, or the > .Dv FXP_FLAG_LONG_PKT_EN > .Pq 0x20 > device flag must be set on > .Xr fxp 4 . > ============================================================ > Does that make sense? No - the fxp driver supports vlan natively now, all that is needed is for the user to add 'options VLAN' to their kernel build. The module is already built with vlan support enabled (MFC to -stable in a few minutes). The user should never see the 'LONG_PKT_EN' flag, which the 82557 does not support anyway. -- Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 10:56:52 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.chem.msu.ru (mail.chem.msu.ru [195.208.208.19]) by hub.freebsd.org (Postfix) with ESMTP id F1CCE37B406 for ; Wed, 25 Jul 2001 10:56:43 -0700 (PDT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su ([158.250.32.97]) by mail.chem.msu.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id NHPRWAG2; Wed, 25 Jul 2001 21:50:05 +0400 Received: (from yar@localhost) by comp.chem.msu.su (8.11.1/8.11.1) id f6PHqAw05714; Wed, 25 Jul 2001 21:52:10 +0400 (MSD) (envelope-from yar) Date: Wed, 25 Jul 2001 21:52:10 +0400 From: Yar Tikhiy To: Jonathan Lemon Cc: Brooks Davis , audit@FreeBSD.ORG, Dima Dorfman , Peter Jeremy Subject: Re: vlan(4) manpage Message-ID: <20010725215210.F92208@comp.chem.msu.su> References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> <20010725095023.A21817@Odin.AC.HMC.Edu> <20010725115134.E7716@prism.flugsvamp.com> <20010725213335.D92208@comp.chem.msu.su> <20010725124030.F7716@prism.flugsvamp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725124030.F7716@prism.flugsvamp.com>; from jlemon@flugsvamp.com on Wed, Jul 25, 2001 at 12:40:30PM -0500 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 12:40:30PM -0500, Jonathan Lemon wrote: > > No - the fxp driver supports vlan natively now, all that is needed > is for the user to add 'options VLAN' to their kernel build. The > module is already built with vlan support enabled (MFC to -stable > in a few minutes). The user should never see the 'LONG_PKT_EN' flag, > which the 82557 does not support anyway. I see your point. How about .It Xr fxp 4 supports oversized frames for the .Nm natively. ? -- Yar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 10:57:22 2001 Delivered-To: freebsd-audit@freebsd.org Received: from prism.flugsvamp.com (cb58709-a.mdsn1.wi.home.com [24.17.241.9]) by hub.freebsd.org (Postfix) with ESMTP id 7D7D237B405; Wed, 25 Jul 2001 10:57:19 -0700 (PDT) (envelope-from jlemon@flugsvamp.com) Received: (from jlemon@localhost) by prism.flugsvamp.com (8.11.0/8.11.0) id f6PHuJT80200; Wed, 25 Jul 2001 12:56:19 -0500 (CDT) (envelope-from jlemon) Date: Wed, 25 Jul 2001 12:56:19 -0500 From: Jonathan Lemon To: Yar Tikhiy Cc: Jonathan Lemon , Brooks Davis , audit@FreeBSD.ORG, Dima Dorfman , Peter Jeremy Subject: Re: vlan(4) manpage Message-ID: <20010725125619.G7716@prism.flugsvamp.com> References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> <20010725095023.A21817@Odin.AC.HMC.Edu> <20010725115134.E7716@prism.flugsvamp.com> <20010725213335.D92208@comp.chem.msu.su> <20010725124030.F7716@prism.flugsvamp.com> <20010725215210.F92208@comp.chem.msu.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre2i In-Reply-To: <20010725215210.F92208@comp.chem.msu.su> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jul 25, 2001 at 09:52:10PM +0400, Yar Tikhiy wrote: > On Wed, Jul 25, 2001 at 12:40:30PM -0500, Jonathan Lemon wrote: > > > > No - the fxp driver supports vlan natively now, all that is needed > > is for the user to add 'options VLAN' to their kernel build. The > > module is already built with vlan support enabled (MFC to -stable > > in a few minutes). The user should never see the 'LONG_PKT_EN' flag, > > which the 82557 does not support anyway. > > I see your point. How about > > .It Xr fxp 4 > supports oversized frames for the > .Nm > natively. Sounds good to me. -- Jonathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 15:27: 4 2001 Delivered-To: freebsd-audit@freebsd.org Received: from netau1.alcanet.com.au (ntp.alcanet.com.au [203.62.196.27]) by hub.freebsd.org (Postfix) with ESMTP id 6183E37B40A; Wed, 25 Jul 2001 15:26:51 -0700 (PDT) (envelope-from jeremyp@gsmx07.alcatel.com.au) Received: from mfg1.cim.alcatel.com.au (mfg1.cim.alcatel.com.au [139.188.23.1]) by netau1.alcanet.com.au (8.9.3 (PHNE_22672)/8.9.3) with ESMTP id IAA10575; Thu, 26 Jul 2001 08:26:45 +1000 (EST) Received: from gsmx07.alcatel.com.au by cim.alcatel.com.au (PMDF V5.2-32 #37645) with ESMTP id <01K6DP9WCZ80VO0RBA@cim.alcatel.com.au>; Thu, 26 Jul 2001 08:26:46 +1000 Received: (from jeremyp@localhost) by gsmx07.alcatel.com.au (8.11.1/8.11.1) id f6PMQgn73669; Thu, 26 Jul 2001 08:26:42 +1000 (EST envelope-from jeremyp) Content-return: prohibited Date: Thu, 26 Jul 2001 08:26:42 +1000 From: Peter Jeremy Subject: Re: vlan(4) manpage In-reply-to: <20010725191744.A77305@comp.chem.msu.su>; from yar@FreeBSD.ORG on Wed, Jul 25, 2001 at 07:17:45PM +0400 To: Yar Tikhiy Cc: audit@FreeBSD.ORG Mail-Followup-To: Yar Tikhiy , audit@FreeBSD.ORG Message-id: <20010726082642.U506@gsmx07.alcatel.com.au> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline User-Agent: Mutt/1.2.5i References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 2001-Jul-25 19:17:45 +0400, Yar Tikhiy wrote: >.It Xr de 4 >requires defining >.Dv BIG_PACKET >in the >.Pa /usr/src/sys/pci/if_de.c >source file and rebuilding the kernel or the module. According to Donald Becker , only the later 21143 chip versions, the 21143-TD, support VLAN. It's possible that the BIG_PACKET code handles long packets via a back-door approach that works on (some?) older chips. Note that there isn't a de(4) module in -STABLE. >.It Xr tl 4 >may or may not work with the existing driver. I checked and I'm running a VLAN trunk into the standard -STABLE tl driver, so this driver didn't need any mods. >.It Xr tx 4 >may or may not work with the existing driver. Patches for tx support are in kern/29235 (just submitted). >.It Xr xl 4 >works well only if the card has newer firmware >.Pq 3c905C and above . According to Bill Paul , the relevant register (MaxPktSize) exists in the 3c905B and later. Note that these are different chips, not just different firmware. And `works well' isn't really specific to the older 3c905's - all the ethernet drivers will support VLANs with a 1496 byte MTU, this list should document those chips/drivers that can handle a 1500 byte MTU in a VLAN trunk (ie support long ethernet frames). Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Wed Jul 25 17:44: 7 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 2F8F937B405 for ; Wed, 25 Jul 2001 17:43:58 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15PZGa-0001fS-00; Thu, 26 Jul 2001 02:44:40 +0200 From: Sheldon Hearn To: David Hill Cc: audit@freebsd.org Subject: Re: STD*_FILENO patches #2 In-reply-to: Your message of "Tue, 24 Jul 2001 09:47:44 +0200." <6134.995960864@axl.seasidesoftware.co.za> Date: Thu, 26 Jul 2001 02:44:40 +0200 Message-ID: <6413.996108280@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 24 Jul 2001 09:47:44 +0200, Sheldon Hearn wrote: > > Ok, I fixed those > > http://www.phobia.ms/patches/diffs.tar.gz > > I'll take a look at these and commit them some time before Friday. Right, they're running through a buildworld now. Some comments: 1) Please submit patches in a uniform way. Some were context diffs, some unified diffs. Some used full pathnames, some relative pathnames. The patchset wasn't as easy to apply as it could have been. 2) I've ommitted your rcorder patch, because rcorder is vendor software. We put vendor code in places other than contrib/ just to confuse the shit out of our contributors. Please submit that patch to the NetBSD maintainer for rcorder, Luke Mewburn . 3) Well spotted on usr.sbin/ctm/ctm_rmail/options.h. This file is already missing all sorts of includes, so adding would have introduced inconsistency. :-) Thanks for the contribution. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 26 2:34:13 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 406FC37B401 for ; Thu, 26 Jul 2001 02:34:11 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15PhXq-000JAZ-00; Thu, 26 Jul 2001 11:35:02 +0200 From: Sheldon Hearn To: David Hill Cc: audit@freebsd.org Subject: Re: STD*_FILENO patches #2 In-reply-to: Your message of "Thu, 26 Jul 2001 02:44:40 +0200." <6413.996108280@axl.seasidesoftware.co.za> Date: Thu, 26 Jul 2001 11:35:02 +0200 Message-ID: <73690.996140102@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, 26 Jul 2001 02:44:40 +0200, Sheldon Hearn wrote: > Right, they're running through a buildworld now. > > Some comments: [...] 3) Please test your changes before you submit them. Your change to usr.sbin/pcvt/vttest/main.c breaks the buildworld target: In file included from /usr/src/usr.sbin/pcvt/vttest/main.c:20: /usr/include/unistd.h:124: syntax error before `char' Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 26 4: 5:11 2001 Delivered-To: freebsd-audit@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id AFA8E37B406 for ; Thu, 26 Jul 2001 04:05:06 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15Pixr-000Jh0-00; Thu, 26 Jul 2001 13:05:59 +0200 From: Sheldon Hearn To: David Hill Cc: audit@freebsd.org Subject: Re: STD*_FILENO patches #2 In-reply-to: Your message of "Thu, 26 Jul 2001 11:35:02 +0200." <73690.996140102@axl.seasidesoftware.co.za> Date: Thu, 26 Jul 2001 13:05:59 +0200 Message-ID: <75701.996145559@axl.seasidesoftware.co.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Right, your patches have been committed with some modifications: 1) I removed your patch against strings.c, because you _can't_ replace fileno(stdin) with STDIN_FILENO without first checking that stdin isn't reopened. In this case it is. 2) Hacked up your vttest patches so that they actually build (seems gcc -traditional chokes horribly on ) and adjust the style to be compatible with the (horrible) existing style. By the way, you were right to include in header.h originally. I suggested that you shouldn't, but your first call was better in terms of the existing style of the code. 3) Made a marginal whitespace change to usr.sbin/rtadvd/advcap.c to keep it in line with the non-style(9) but existing style for line continuations. 4) Added $FreeBSD$ where appropriate, checking all the way that I wasn't taking anything off the vendor branch. 5) I didn't touch any vendor branch code, as already discussed. I think this resulted in my dropping two of your patches. I know this sounds a little like looking a gift horse in the mouth, but please check in future that your changes make it through a buildworld before submitting in future. An md5 before-and-after check would have caught the strings problem as well. That said, thanks for doing the work! :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 26 7:37:40 2001 Delivered-To: freebsd-audit@freebsd.org Received: from columbus.cris.net (ns.cris.net [212.110.128.65]) by hub.freebsd.org (Postfix) with ESMTP id 817BB37B407; Thu, 26 Jul 2001 07:37:30 -0700 (PDT) (envelope-from phantom@ark.cris.net) Received: from ark.cris.net (ns2.cris.net [212.110.128.68]) by columbus.cris.net (8.9.3/8.9.3) with ESMTP id RAA45271; Thu, 26 Jul 2001 17:37:21 +0300 (EEST) Received: (from phantom@localhost) by ark.cris.net (8.11.1/8.11.1) id f6QEalF30139; Thu, 26 Jul 2001 17:36:47 +0300 (EEST) Date: Thu, 26 Jul 2001 17:36:47 +0300 From: Alexey Zelkin To: Mike Barcroft Cc: audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010726173647.A28536@ark.cris.net> References: <20010724234111.A75705@coffee.q9media.com> <20010725104248.A38544@ark.cris.net> <20010725120011.A77004@coffee.q9media.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20010725120011.A77004@coffee.q9media.com>; from mike@FreeBSD.org on Wed, Jul 25, 2001 at 12:00:11PM -0400 X-Operating-System: FreeBSD 3.5-STABLE i386 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG hi, On Wed, Jul 25, 2001 at 12:00:11PM -0400, Mike Barcroft wrote: > > > whois.20010724.patch > > > > > > o Move APNIC flag from -p to -A. Since, -p is usually associated > > > with specifying a port. > > > > Hmm... Looks like you did not exactly that in this patch... > > Would you care to explain? It seems to me, I did exactly that. Oops! I tought that you was speaking about ANICHOST, but after reading of manpage I see that APNIC is actualy PNIC, not ANIC. My first look was too fast. :( Actually I think that '-p' -> '-P' transition is more better than '-p' -> '-A'. It will be more consistent with previous flags state and, not craete misunderstanding like mine. > > > o Add the -p flag for specifying a port. (PR: 28790) This is > > > useful for querying rwhois servers. Example: > > > whois -h rwhois.exodus.net -p 4321 216.136.180.0 > > > o Add the -c flag which allows one to get the same whois server > > > that would normally be determined if no arguments were specified. > > > (Concept based on work by phantom, requested by ache) Example: > > > > I think more appropriate is "suggested by: ache". Main idea was adding > > this feature to avoid polluting whois's command line options. > > Actually, ache did indeed request I add this feature before removing > the -R flag. Ok. Different people... Different reasons... Different story... ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 26 7:41: 9 2001 Delivered-To: freebsd-audit@freebsd.org Received: from columbus.cris.net (ns.cris.net [212.110.128.65]) by hub.freebsd.org (Postfix) with ESMTP id EF69F37B401; Thu, 26 Jul 2001 07:40:58 -0700 (PDT) (envelope-from phantom@ark.cris.net) Received: from ark.cris.net (ark.cris.net [212.110.128.68]) by columbus.cris.net (8.9.3/8.9.3) with ESMTP id RAA45918; Thu, 26 Jul 2001 17:40:48 +0300 (EEST) Received: (from phantom@localhost) by ark.cris.net (8.11.1/8.11.1) id f6QEeIO30991; Thu, 26 Jul 2001 17:40:18 +0300 (EEST) Date: Thu, 26 Jul 2001 17:40:18 +0300 From: Alexey Zelkin To: Sheldon Hearn Cc: Mike Barcroft , Peter Pentchev , audit@FreeBSD.org, ache@FreeBSD.org, des@FreeBSD.org, jabley@automagic.org Subject: Re: whois(1) new features for review Message-ID: <20010726174018.B28536@ark.cris.net> References: <20010725120952.B77004@coffee.q9media.com> <6944.996077077@axl.seasidesoftware.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <6944.996077077@axl.seasidesoftware.co.za>; from sheldonh@starjuice.net on Wed, Jul 25, 2001 at 06:04:37PM +0200 X-Operating-System: FreeBSD 3.5-STABLE i386 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG hi, Good list :) I think we need a secretary for each FreeBSD mailing list who will be writing down all "thinks" like that to allow it to be reused some time later :-) According '-R' flag. I suggest to just document deprecation of '-R' flag in manpage for 5.x branch. But in 4.x branch make it in way proposed by Mike (runtime deprecation message) and document it in manpage as well. On Wed, Jul 25, 2001 at 06:04:37PM +0200, Sheldon Hearn wrote: > > > On Wed, 25 Jul 2001 12:09:52 -0400, Mike Barcroft wrote: > > > Peter is correct. It was my intention to slowly phase it out, but now > > that I think about it, if I completely remove the -R option, getopt(3) > > will tell the user that it's an illegal option and display the usage. > > That's not how things get deprecated. The way it used to work was, I > think: > > 1) Mention is made in the manual page that the option, utility or > interface is deprecated. > > 2) The option, utility or interface is preserved until the next major > release. > > 3) The option, utility or interface is removed and no longer documented. > It is now obsolete. > > In addition to this, two ideas that I like are > > 1) Use of deprecated features causes warnings to be generated until the > feature is obsoleted. > > 2) Release notes warn about both deprecation and obsoletion. > > I think this willy-nilly instantaneous removal of features usually just > annoys users for the sake of gratifying the impatience of committers. > :-) > > Ciao, > Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 27 4:58: 9 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail.chem.msu.ru (mail.chem.msu.ru [195.208.208.19]) by hub.freebsd.org (Postfix) with ESMTP id 9D66F37B403 for ; Fri, 27 Jul 2001 04:58:03 -0700 (PDT) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su ([158.250.32.97]) by mail.chem.msu.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2650.21) id NHPRWCDR; Fri, 27 Jul 2001 15:51:02 +0400 Received: (from yar@localhost) by comp.chem.msu.su (8.11.1/8.11.1) id f6RBvjV35854; Fri, 27 Jul 2001 15:57:45 +0400 (MSD) (envelope-from yar) Date: Fri, 27 Jul 2001 15:57:45 +0400 From: Yar Tikhiy To: Peter Jeremy Cc: audit@FreeBSD.ORG Subject: Re: vlan(4) manpage Message-ID: <20010727155744.E14779@comp.chem.msu.su> References: <20010725072042.A24573@comp.chem.msu.su> <20010725191744.A77305@comp.chem.msu.su> <20010726082642.U506@gsmx07.alcatel.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010726082642.U506@gsmx07.alcatel.com.au>; from peter.jeremy@alcatel.com.au on Thu, Jul 26, 2001 at 08:26:42AM +1000 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jul 26, 2001 at 08:26:42AM +1000, Peter Jeremy wrote: > > According to Donald Becker , only the later 21143 > chip versions, the 21143-TD, support VLAN. Anyway, there is no direct support for VLAN in de(4) right now. > It's possible that the > BIG_PACKET code handles long packets via a back-door approach that > works on (some?) older chips. Yes, according to if_de.c, the hack works on the 21140, 21140A, and 21041 chips. It's reflected in the vlan(4) page now. The rest of your comments weren't in vain, too. Thank you. To everybody: Here's the latest revision. If no more serious errors found, I'll commit it tomorrow. Sorry for spoiling the list with such a long audit of a single manpage, but you see, it is being written way too late and depends on poorly documented features of quite a few other drivers. And people out there seem to need it badly nowadays. -- Yar .\" .\" $FreeBSD$ .\" .Dd July 25, 2001 .Dt VLAN 4 .Os .Sh NAME .Nm vlan .Nd IEEE 802.1Q VLAN network interface .Sh SYNOPSIS .\" In -stable: .Cd pseudo-device vlan Op Ar count .Cd device vlan Op Ar count .\" .Sh DESCRIPTION The .Nm driver demultiplexes frames tagged according to the IEEE 802.1Q standard into logical .Nm network interfaces, which allows routing/bridging between multiple VLANs through a single switch trunk port. .Pp To function, a .Nm interface must be assigned a parent interface and numeric VLAN tag using .Xr ifconfig 8 . A single parent can be assigned to multiple .Nm interfaces provided they have different tags. The parent interface is likely to be an ethernet card connected to a properly configured switch port. The VLAN tag should match one of those set up in the switched network. .Pp The .Nm driver supports physical devices that do the VLAN demultiplexing in firmware. The .Ar link0 flag should be set on a .Nm interface .Pq Em not on its parent using .Xr ifconfig 8 in that case to indicate that the hardware support for the 802.1Q VLANs is present in its parent. .\" .Ss "Selecting the right network interface card to run VLANs through" By now, the only NICs that have both hardware support and proper driver hooks for the 802.1Q VLAN technology in .Fx are .Xr nge 4 , .Xr ti 4 , and .\" not in -stable .Xr txp 4 . .Pp The rest of ethernet NICs supported by .Fx can run VLANs using the software emulation in the .Nm driver. However, most of them lack the capability of transmitting and/or receiving oversized frames. Using such a NIC as a parent interface for a .Nm implies a reduced MTU on the corresponding .Nm interfaces. In the modern Internet, the latter is likely to cause .Xr tcp 4 connectivity problems due to massive, inadequate .Xr icmp 4 filtering that breaks the Path MTU Discovery mechanism. .Pp The NICs that support oversized frames are as follows: .Bl -tag -width "fxp(4)" -compact -offset indent .It Xr de 4 requires defining .Dv BIG_PACKET in the .Pa /usr/src/sys/pci/if_de.c source file and rebuilding the kernel .\" not in -stable or module. The hack works only for the 21041, 21140, and 21140A chips. .It Xr fxp 4 supports long frames for the .Nm natively. .It Xr tl 4 does support long frames. .It Xr tx 4 may begin supporting long frames soon. .It Xr xl 4 supports long frames only if the card is built on a newer chip .Pq Cyclone and above . .El Note: All of the above cards' drivers except .Xr fxp 4 don't indicate yet they support long frames. Just fix the MTU of a .Nm interface if it appears to be lower that 1500 bytes after attaching the .Nm to an above parent. .Sh SEE ALSO .Xr ifconfig 8 .Sh BUGS No 802.1Q features except VLAN tagging are implemented. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 27 5:43:21 2001 Delivered-To: freebsd-audit@freebsd.org Received: from freebsd.org.ru (sweet.etrust.ru [194.84.67.5]) by hub.freebsd.org (Postfix) with ESMTP id 6026037B403 for ; Fri, 27 Jul 2001 05:43:16 -0700 (PDT) (envelope-from osa@freebsd.org.ru) Received: by freebsd.org.ru (Postfix, from userid 1000) id 986A0208; Fri, 27 Jul 2001 16:43:13 +0400 (MSD) Date: Fri, 27 Jul 2001 16:43:13 +0400 From: "Sergey A. Osokin" To: "Kenneth D. Merry" Cc: audit@FreeBSD.org Subject: Re: new devstat statistics function Message-ID: <20010727164313.A65944@freebsd.org.ru> References: <20010715204336.A60429@panzer.kdm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20010715204336.A60429@panzer.kdm.org> User-Agent: Mutt/1.3.20i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jul 15, 2001 at 08:43:36PM -0600, Kenneth D. Merry wrote: > > Attached is a patch to add a new devstat(3) statistics calculation > function. The code was developed by Sergey Osokin > and myself. > > It includes a patch to iostat(8) to change over to the new statistics > calculation function. > > Anyway, comments would be appreciated. > > This is likely a portion of the devstat changes that will be coming down > the pipe in the near term. Thomas Moestl has some > patches to allow devstat use on core files/kernels, and we're talking about > some more changes besides. [skip] Almost 2 weeks gone. When it will be commited? -- Rgdz, /"\ Sergey Osokin aka oZZ, \ / ASCII RIBBON CAMPAIGN osa@freebsd.org.ru X AGAINST HTML MAIL http://freebsd.org.ru/~osa/ / \ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 27 8:43:46 2001 Delivered-To: freebsd-audit@freebsd.org Received: from panzer.kdm.org (panzer.kdm.org [216.160.178.169]) by hub.freebsd.org (Postfix) with ESMTP id 0366837B401 for ; Fri, 27 Jul 2001 08:43:43 -0700 (PDT) (envelope-from ken@panzer.kdm.org) Received: (from ken@localhost) by panzer.kdm.org (8.9.3/8.9.1) id JAA56745; Fri, 27 Jul 2001 09:43:20 -0600 (MDT) (envelope-from ken) Date: Fri, 27 Jul 2001 09:43:20 -0600 From: "Kenneth D. Merry" To: "Sergey A. Osokin" Cc: audit@FreeBSD.org Subject: Re: new devstat statistics function Message-ID: <20010727094320.A56675@panzer.kdm.org> References: <20010715204336.A60429@panzer.kdm.org> <20010727164313.A65944@freebsd.org.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20010727164313.A65944@freebsd.org.ru>; from osa@freebsd.org.ru on Fri, Jul 27, 2001 at 04:43:13PM +0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, Jul 27, 2001 at 16:43:13 +0400, Sergey A. Osokin wrote: > On Sun, Jul 15, 2001 at 08:43:36PM -0600, Kenneth D. Merry wrote: > > > > Attached is a patch to add a new devstat(3) statistics calculation > > function. The code was developed by Sergey Osokin > > and myself. > > > > It includes a patch to iostat(8) to change over to the new statistics > > calculation function. > > > > Anyway, comments would be appreciated. > > > > This is likely a portion of the devstat changes that will be coming down > > the pipe in the near term. Thomas Moestl has some > > patches to allow devstat use on core files/kernels, and we're talking about > > some more changes besides. > > [skip] > > Almost 2 weeks gone. When it will be commited? Well, I sent my patches out for review with no response, and Thomas sent a message out about the proposed function renaming with no response. Now Thomas has sent me the function name changes, so I've got to review it, integrate it into my patches, and then he'll need to update the man page for his kvm changes and the function name changes. So it isn't quite ready to commit. Ken -- Kenneth Merry ken@kdm.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 28 4:52: 7 2001 Delivered-To: freebsd-audit@freebsd.org Received: from snark.rinet.ru (snark.rinet.ru [195.54.192.73]) by hub.freebsd.org (Postfix) with ESMTP id A015337B403 for ; Sat, 28 Jul 2001 04:52:00 -0700 (PDT) (envelope-from yar@snark.rinet.ru) Received: (from yar@localhost) by snark.rinet.ru (8.11.4/8.11.4) id f6SBpxX35807 for audit@freebsd.org; Sat, 28 Jul 2001 15:51:59 +0400 (MSD) (envelope-from yar) Date: Sat, 28 Jul 2001 15:51:59 +0400 From: Yar Tikhiy To: audit@freebsd.org Subject: finger(1) & fingerd(8) Message-ID: <20010728155159.A35483@snark.rinet.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, Currently, finger(1) reveals user information if the user has created the ``.nofinger'' file, but his home directory is unreadable for finger(1). In the case of local access, it's no problem, since anyone may read /etc/passwd directly. OTOH, letting remote folks peek at user information even if the user wants to hide himself is a bad thing. Therefore, a patch is proposed that adds an option telling finger(1) fingerd(1) not to show users whose home directories are unreadable. Another way is not to do the bad thing by default. Any comments? -- Yar Index: finger/finger.c =================================================================== RCS file: /home/ncvs/src/usr.bin/finger/finger.c,v retrieving revision 1.24 diff -u -r1.24 finger.c --- finger/finger.c 2001/03/21 18:43:49 1.24 +++ finger/finger.c 2001/07/28 11:33:16 @@ -88,7 +88,7 @@ DB *db; time_t now; -int entries, lflag, mflag, pplan, sflag, oflag, Tflag; +int entries, lflag, mflag, pplan, sflag, oflag, Hflag, Tflag; int d_first = -1; char tbuf[1024]; @@ -105,7 +105,7 @@ optind = 1; /* reset getopt */ - while ((ch = getopt(argc, argv, "lmpshoT")) != -1) + while ((ch = getopt(argc, argv, "lmpshoHT")) != -1) switch(ch) { case 'l': lflag = 1; /* long format */ @@ -125,6 +125,9 @@ case 'o': oflag = 1; /* office info */ break; + case 'H': + Hflag = 1; /* hide if home unreadable */ + break; case 'T': Tflag = 1; /* disable T/TCP */ break; @@ -139,7 +142,7 @@ static void usage() { - (void)fprintf(stderr, "usage: finger [-lmpshoT] [login ...]\n"); + (void)fprintf(stderr, "usage: finger [-lmpshoHT] [login ...]\n"); exit(1); } Index: finger/pathnames.h =================================================================== RCS file: /home/ncvs/src/usr.bin/finger/pathnames.h,v retrieving revision 1.4 diff -u -r1.4 pathnames.h --- finger/pathnames.h 2001/01/04 10:03:44 1.4 +++ finger/pathnames.h 2001/07/28 11:33:16 @@ -29,6 +29,7 @@ #ifndef PATHNAMES_H #define _PATH_FORWARD ".forward" +#define _PATH_NOFINGER ".nofinger" #define _PATH_PLAN ".plan" #define _PATH_PROJECT ".project" #define _PATH_PUBKEY ".pubkey" Index: finger/util.c =================================================================== RCS file: /home/ncvs/src/usr.bin/finger/util.c,v retrieving revision 1.13 diff -u -r1.13 util.c --- finger/util.c 2001/03/01 05:52:38 1.13 +++ finger/util.c 2001/07/28 11:33:16 @@ -57,7 +57,10 @@ #include #include #include "finger.h" +#include "pathnames.h" +extern int Hflag; + static void find_idle_and_ttywrite __P((WHERE *)); static void userinfo __P((PERSON *, struct passwd *)); static WHERE *walloc __P((PERSON *)); @@ -415,8 +418,11 @@ if (!pw->pw_dir) return 0; + + if (Hflag && access(pw->pw_dir, R_OK) == -1) + return 1; - snprintf(buf, sizeof(buf), "%s/.nofinger", pw->pw_dir); + snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, _PATH_NOFINGER); if (access(buf, F_OK) == 0) return 1; Index: fingerd/fingerd.c =================================================================== RCS file: /home/ncvs/src/libexec/fingerd/fingerd.c,v retrieving revision 1.17 diff -u -r1.17 fingerd.c --- fingerd/fingerd.c 2001/01/20 00:29:31 1.17 +++ fingerd/fingerd.c 2001/07/28 11:33:16 @@ -73,16 +73,16 @@ register int ch; register char *lp; struct sockaddr_storage ss; - int p[2], logging, secure, sval; + int p[2], hideprotected, logging, secure, sval; #define ENTRIES 50 - char **ap, *av[ENTRIES + 1], **comp, line[1024], *prog; + char **ap, *av[ENTRIES + 1], **avlast, **comp, line[1024], *prog; char rhost[MAXHOSTNAMELEN]; prog = _PATH_FINGER; - logging = secure = 0; + hideprotected = logging = secure = 0; openlog("fingerd", LOG_PID | LOG_CONS, LOG_DAEMON); opterr = 0; - while ((ch = getopt(argc, argv, "slp:")) != -1) + while ((ch = getopt(argc, argv, "slp:H")) != -1) switch (ch) { case 'l': logging = 1; @@ -93,6 +93,9 @@ case 's': secure = 1; break; + case 'H': + hideprotected = 1; + break; case '?': default: logerr("illegal option -- %c", optopt); @@ -140,12 +143,15 @@ syslog(LOG_NOTICE, "query from %s: `%s'", rhost, t); } - comp = &av[1]; - av[2] = "--"; - for (lp = line, ap = &av[3];;) { + avlast = &av[1]; + comp = avlast++; + if (hideprotected) + *avlast++ = "-H"; + *avlast++ = "--"; + for (lp = line, ap = avlast;;) { *ap = strtok(lp, " \t\r\n"); if (!*ap) { - if (secure && ap == &av[3]) { + if (secure && ap == avlast) { puts("must provide username\r\n"); exit(1); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 28 5:30:20 2001 Delivered-To: freebsd-audit@freebsd.org Received: from bazooka.unixfreak.org (bazooka.unixfreak.org [63.198.170.138]) by hub.freebsd.org (Postfix) with ESMTP id 154A937B403; Sat, 28 Jul 2001 05:30:18 -0700 (PDT) (envelope-from dima@unixfreak.org) Received: by bazooka.unixfreak.org (Postfix, from userid 1000) id E88223E2F; Sat, 28 Jul 2001 05:30:13 -0700 (PDT) Received: from bazooka.unixfreak.org (localhost [127.0.0.1]) by bazooka.unixfreak.org (Postfix) with ESMTP id D85BF3C12C; Sat, 28 Jul 2001 05:30:13 -0700 (PDT) To: Yar Tikhiy Cc: audit@freebsd.org Subject: Re: finger(1) & fingerd(8) In-Reply-To: <20010728155159.A35483@snark.rinet.ru>; from yar@freebsd.org on "Sat, 28 Jul 2001 15:51:59 +0400" Date: Sat, 28 Jul 2001 05:30:08 -0700 From: Dima Dorfman Message-Id: <20010728123013.E88223E2F@bazooka.unixfreak.org> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Yar Tikhiy writes: > Hi, > > Currently, finger(1) reveals user information if the user > has created the ``.nofinger'' file, but his home directory > is unreadable for finger(1). > > In the case of local access, it's no problem, since anyone may read > /etc/passwd directly. OTOH, letting remote folks peek at user > information even if the user wants to hide himself is a bad thing. > > Therefore, a patch is proposed that adds an option telling finger(1) > fingerd(1) not to show users whose home directories are unreadable. > > Another way is not to do the bad thing by default. Any comments? This is just a review list, so it isn't the right place to propose something like this. -arch or -hackers would be better. On another note, I think you should do the ".nofinger" -> _PATH_NOFINGER separately. That part (most likely) doesn't need a discussion, so you can apply that now so your diff is less cluttered. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 28 11:27:29 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id C927F37B401; Sat, 28 Jul 2001 11:27:26 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f6SIjs987013; Sat, 28 Jul 2001 14:45:54 -0400 (EDT) (envelope-from mike) Date: Sat, 28 Jul 2001 14:45:54 -0400 From: Mike Barcroft To: Yar Tikhiy Cc: audit@FreeBSD.ORG Subject: Re: finger(1) & fingerd(8) Message-ID: <20010728144554.C86837@coffee.q9media.com> References: <20010728155159.A35483@snark.rinet.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010728155159.A35483@snark.rinet.ru>; from yar@FreeBSD.ORG on Sat, Jul 28, 2001 at 03:51:59PM +0400 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Jul 28, 2001 at 03:51:59PM +0400, Yar Tikhiy wrote: [...] > @@ -415,8 +418,11 @@ > > if (!pw->pw_dir) > return 0; > + > + if (Hflag && access(pw->pw_dir, R_OK) == -1) > + return 1; [...] Excessive whitespace. Also, I'd prefer to see you use open(2) here instead of using access(2). Eg: int fd; if (Hflag && (fd = open(pw->pw_dir, O_RDONLY)) == -1) return (1); close(fd); [...] > if (access(buf, F_OK) == 0) > return 1; [...] I know this isn't your code, but this should also probably use open(2) as well. The rest of the code looks good. Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message