| Age | Commit message (Collapse) | Author |
|---|
|
|
|
What's worse, the tzfile.h that gets installed is over 20 years old
and doesn't match the real tzfile.h in libc/time. This makes the
tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE
define has been moved to time.h temporarily until its usage is
replaced by 1900 in the tree. Actual removal of tzfile.h is pending
a ports build. Based on a diff from deraadt@
|
|
obsolete SIZE_T_MAX. OK miod@ beck@
|
|
golly gee, ftpd can handle that itself due to the glorious old practice
of #ifndef #define. Remove that junk.
ok guenther
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
|
|
ok millert@
|
|
concept ok deraadt@
diff looks ok tedu@
|
|
|
|
|
|
|
|
|
|
number (idea borrowed from pure-ftpd). Enabled by default with minimum uid
1000 to prevent access to admin accounts. tweak/OK millert@, OK deraadt@,
gsoares@ and aja@ like it too.
|
|
|
|
syslog with mmap failures. Noticed by and ok henning@, "looks right"
deraadt@
|
|
ok okan kettenis
|
|
|
|
suggestions and ok millert@
|
|
read-beyond-end in get_line().
Analysis and patch by Maxime Villard (rustyBSD (at) gmx.fr)
ok millert@ deraadt@
|
|
|
|
references into a STANDARDS section;
|
|
RFCs in "SEE ALSO".
ok jmc@
|
|
|
|
occurrences to get_line().
Based on a diff from Jan Klemkow <j-dot-klemkow-at-wemelug-dot-de> to tech.
|
|
from Steffen Daode Nurpmeso with a tweak from jmc@
ok jmc@
|
|
This can become pretty handy on busy anonymous servers to avoid filling
up /var with unused wtmp records.
Note that 'U' and 'W' are mutually exclusive.
ok sthen@ millert@
|
|
"Makes sense" markus@ and "i don't see a reason not to" henning@
|
|
ok and suggestion from jmc@ ok tobias@
|
|
meaningful usage when a snprintf call was removed, rendering ident useless. Time to remove remaining code.
ok tobias@
|
|
Prevents ftpd from letting regular users logging in during anonymous-only
mode (-A).
ok millert, ray
|
|
Add check for login_getclass() failure, pointed out by tobias.
OK tobias
|
|
pipe ...) during status command.
ok millert
|
|
ok millert, schwarze
|
|
this shouldn't happen since we specifiy GLOB_NOMAGIC, it doesn't hurt to be
paranoid, even if we fix the bug in glob(3) that causes gl_pathc to be zero
even if we specify GLOB_NOMAGIC.
ok deraadt@
|
|
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms
|
|
ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND
the monitor treats it as if it were a sockaddr. this is fine for v4 but
fails for v6, so active connections break. problem reported and diff
tested by Maurice Janssen. looks sensible to deraadt@.
|
|
the monitor treats it as if it were a sockaddr. this is fine for v4 but
fails for v6, so active connections break. problem reported and diff
tested by Maurice Janssen. looks sensible to deraadt@.
|
|
in addition to the remote hostname.
Feature requested by Mark Bucciarelli mkbucc at gmail dot com on misc@.
"seems OK" millert@
|
|
spinny things which parse those messages. Do not close the connection
as requested by Josh Grosse, since a 530 is not supposed to do that.
ok millert
|
|
current session, when the last character of an overly long line
was a newline character. Additionally reply with
500 "Command too long" for commands, which are too large.
Issue found and proposed fix by Luke Mewburn <lukem@NetBSD.org>.
ok millert@
|
|
boundary but just fail on them. This prevents CSRF-like attacks,
when a web browser is used to access an ftp server.
Reported by Maksymilian Arciemowicz <cxib@securityreason.com>.
ok millert@ martynas@
|
|
auth_ret is referenced before it is declared, which is not allowed by C99.
Ok krw@, millert@, gilles@
|
|
Use arc4random_uniform() when the desired random number upper bound
is not a power of two
ok deraadt@ millert@
|
|
each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This
works now that kernel fd passing has been fixed to accept a bit of
sloppiness because of this ABI repair.
lots of discussion with kettenis
|
|
CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
of alignment; ok kettenis hshoexer
|
|
an extensive discussion with otto, kettenis, millert, and hshoexer
|
|
|
|
- Use strtonum instead of atoi.
- Improve strtol error checking.
- Change strchr calls to strcspn and eliminating some unused
variables as a result.
OK moritz
|
|
OK ray@
|
|
asprintf call.
OK moritz
|
