Age | Commit message (Collapse) | Author | |
---|---|---|---|
2007-09-02 | use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsg | Theo de Raadt | |
2007-07-31 | From Gilles Chehade: | Ray Lai | |
- Use strtonum instead of atoi. - Improve strtol error checking. - Change strchr calls to strcspn and eliminating some unused variables as a result. OK moritz | |||
2007-07-27 | Fix potential memory leak, when snprintf(3) returns an empty buffer. | Moritz Jodeit | |
OK ray@ | |||
2007-06-21 | Adjust spacing, combine malloc + strlcpy + strlcat into a single | Ray Lai | |
asprintf call. OK moritz | |||
2007-06-19 | Make sure perror_reply() is only called when errno is set. When | Ray Lai | |
changing perror_reply() -> reply(), increase error message detail for ftp client. Move free() statement to prevent errno clobbering. OK moritz | |||
2007-05-31 | convert to new .Dd format; | Jason McIntyre | |
2007-04-05 | Remove lint comment, which does not apply anymore. | Moritz Jodeit | |
2007-03-26 | Do not log when the slave gets killed because of read() | Moritz Jodeit | |
returning 0. This is normal behavior and should not spam the logs. Noticed by henning@ OK henning@ millert@ | |||
2007-03-22 | Do not advertise version in the ftp banner, because there is no reason to. | Chad Loder | |
OK mbalmer@, xsa@, henning@, idea prompted by deraadt | |||
2007-03-01 | - use proper log facility and priority in the slave sig handlers | Otto Moerbeek | |
- if the monitor decides to kill the slave, log that ok millert@ moritz@ | |||
2006-12-21 | 'tranfer' -> 'transfer' in comments. | Kenneth R Westerback | |
2006-10-18 | Avoid double fclose() of a file if we exceed retries. Coverity ID 2669. | Todd C. Miller | |
OK cloder@ | |||
2006-10-18 | you do not call fclose() on a file descriptor; ok cloder | Theo de Raadt | |
2006-04-21 | lint cleanup; ok ray moritz dhill | Theo de Raadt | |
2006-04-02 | malloc(x * y) -> calloc(x, y) from adobriyan AT gmail.com, with tweaks | Damien Miller | |
suggested by kjell@; ok otto@ pat@ millert@ jaredy@ | |||
2006-03-14 | Allow anonymous logins without a password, which was broken | Moritz Jodeit | |
by the last commit. Noticed by Armin Wolfermann. ok henning@ | |||
2006-01-20 | fix integer overflows. ok millert@ | Moritz Jodeit | |
2005-12-03 | remove shadowing variables; ok pval | Theo de Raadt | |
2005-12-01 | fix double var declarations in same scope, found by lint; ok deraadt cloder | Peter Valchev | |
2005-09-09 | uppercase `FTP' when talking about the protocol rather than the | Jason McIntyre | |
ftp(1) binary...this is in line with what ftp(1) already does... | |||
2005-08-22 | EOF in ascii mode may also mean EOF so avoid printing a bogus error and ↵ | Michael Shalayeff | |
behave same as bin mode; beck@ deraadt@ millert@ ok | |||
2005-07-14 | let root create the data socket. fixes PR 4287. | Moritz Jodeit | |
ok millert@ henning@ | |||
2005-06-15 | remove y.tab.c on make clean too | Michael Shalayeff | |
2005-05-27 | include sys/time.h to get struct timeval | Todd C. Miller | |
2005-05-24 | readd endpwent() | Moritz Jodeit | |
2005-05-24 | no need for endpwent() | Moritz Jodeit | |
2005-04-21 | make code prettier so we can tell it is safe when we read it; ok beck cloder | Theo de Raadt | |
2005-03-15 | better handling of cases where getnameinfo() returns non-zero. | Niall O'Higgins | |
upon failure, don't try to print the contents of the char buffers we passed it. ok & feedback henning@, moritz@ (thanks!) | |||
2005-02-26 | fix {send,recv}data so they don't add -1 to pos in the | Moritz Jodeit | |
EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@. ok millert@ otto@ henning@ | |||
2004-12-22 | some -Wimplicit-function-declaration cleaning; ok millert@ | David Krause | |
2004-12-20 | change mail address | Moritz Jodeit | |
ok henning@ | |||
2004-12-11 | make syscalls in the monitor restartable when signals occur, as was | Moritz Jodeit | |
the case before privsep and only wait() for our slave processes. with help from millert@ ok millert@ henning@ | |||
2004-12-06 | seperate reply_r, like earlier change but safer; moritz ok | Theo de Raadt | |
2004-12-06 | make signal blocking a lot easier. | Moritz Jodeit | |
ok millert@, henning@ | |||
2004-12-04 | reply() used to play a lot with stdout, expecially fflush(stdout). | Theo de Raadt | |
The recent change is to avoid stdio. That's good, except there are nearly 130 calls to this function, yet what if one of them depended on fflush() or something else in this code? The semantic change was never checked. That is not how we do development -- back this out until we know that checking work has been done. | |||
2004-12-03 | make reply() reentrant. fixes a signal race. | Moritz Jodeit | |
ok henning@ | |||
2004-11-29 | fix nasty signal races by blocking signals in signal handlers. | Henning Brauer | |
with moritz jodeit and theo, ok theo | |||
2004-11-28 | logging fixes: | Henning Brauer | |
-don't prefix ftpd: in syslog(), it does that for us -replace a bad (too late) err() by syslog + exit from moritz | |||
2004-11-28 | use gettimeofday() instead of time() in functions called from signal ↵ | Theo de Raadt | |
handlers; henning ok | |||
2004-11-28 | slave_pid -1 by default, not 0, and reset to -1 when it goes away, with theo | Henning Brauer | |
2004-11-28 | bump version | Henning Brauer | |
2004-11-28 | remove no longer appropriate bugs section | Henning Brauer | |
2004-11-28 | fix ttyline setting, fixes proctitle. | Henning Brauer | |
notice independently by theo and pval, fix from moritz jodeit | |||
2004-11-28 | privilege seperate ftpd | Henning Brauer | |
handle the pre-authentication phase (minus a tiny tiny tiny amount of code after accept()) in an unprivileged process, asking the privileged monitor for help where needed. work by Moritz Jodeit <moritz@jodeit.org> with help from theo and me tests theo ian@ matthieu@ ben@networkinsanity.com a.schlichting@lemarit.com | |||
2004-11-22 | More sensible error when both the -n and -A flags are used. Text OK jmc@ | Todd C. Miller | |
2004-11-21 | clarify -A option; | Jason McIntyre | |
from a discussion on misc@ | |||
2004-09-30 | cope nicer with accept() failures, from freebsd; millert ok | Theo de Raadt | |
2004-01-05 | include path fixes for gcc3. | Marc Espie | |
tests otto@, okay millert@ | |||
2003-12-12 | knf | Theo de Raadt | |
2003-12-10 | spacing | Theo de Raadt | |