src - OpenBSD base system

Age	Commit message (Collapse)	Author
2010-08-01	Properly reset states when a login phase is interrupted by another one.	Tobias Stoeckmann
	Prevents ftpd from letting regular users logging in during anonymous-only mode (-A). ok millert, ray
2010-07-30	Don't set "success" flags before error checks.	Ray Lai
	Add check for login_getclass() failure, pointed out by tobias. OK tobias
2010-06-18	Prevent a segmentation fault on ftpd_popen error (memory, file descriptor,	Tobias Stoeckmann
	pipe ...) during status command. ok millert
2010-06-13	Adjust FTP reply codes (in error conditions) to conform to RFC 959.	Tobias Stoeckmann
	ok millert, schwarze
2010-03-08	Check that gl_pathc is bigger than zero before derefencing gl_pathv. While	Mark Kettenis
	this shouldn't happen since we specifiy GLOB_NOMAGIC, it doesn't hurt to be paranoid, even if we fix the bug in glob(3) that causes gl_pathc to be zero even if we specify GLOB_NOMAGIC. ok deraadt@
2009-10-28	rcsid[] and sccsid[] and copyright[] are essentially unmaintained (and	Theo de Raadt
	unmaintainable). these days, people use source. these id's do not provide any benefit, and do hurt the small install media (the 33,000 line diff is essentially mechanical) ok with the idea millert, ok dms
2009-06-04	...and now try again with a commit from the right tree. doh!	Stuart Henderson
	ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
2009-06-04	ftp uses its own ugly "sockunion" to hold addresses, but with CMD_BIND	Stuart Henderson
	the monitor treats it as if it were a sockaddr. this is fine for v4 but fails for v6, so active connections break. problem reported and diff tested by Maurice Janssen. looks sensible to deraadt@.
2009-04-20	When receiving a new connection, log the remote IP number	Ingo Schwarze
	in addition to the remote hostname. Feature requested by Mark Bucciarelli mkbucc at gmail dot com on misc@. "seems OK" millert@
2008-09-30	Always say "User %s access denied", in all cases, to avoid some stupid	Theo de Raadt
	spinny things which parse those messages. Do not close the connection as requested by Josh Grosse, since a 530 is not supposed to do that. ok millert
2008-09-13	Fix minor bug in the previous commit, which could hang the	Moritz Jodeit
	current session, when the last character of an overly long line was a newline character. Additionally reply with 500 "Command too long" for commands, which are too large. Issue found and proposed fix by Luke Mewburn <lukem@NetBSD.org>. ok millert@
2008-09-12	Don't split large commands into multiple commands on a 512-byte	Moritz Jodeit
	boundary but just fail on them. This prevents CSRF-like attacks, when a web browser is used to access an ftp server. Reported by Maksymilian Arciemowicz <cxib@securityreason.com>. ok millert@ martynas@
2008-06-30	Include file order must be "monitor.h" before "extern.h" otherwise enum	Anders Magnusson
	auth_ret is referenced before it is declared, which is not allowed by C99. Ok krw@, millert@, gilles@
2008-04-13	Use arc4random_buf() when requesting more than a single word of output	Damien Miller
	Use arc4random_uniform() when the desired random number upper bound is not a power of two ok deraadt@ millert@
2008-03-24	msg_controllen has to be CMSG_SPACE so that the kernel can account for	Theo de Raadt
	each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This works now that kernel fd passing has been fixed to accept a bit of sloppiness because of this ABI repair. lots of discussion with kettenis
2008-03-15	Repair the simple cases for msg_controllen where it should just be	Theo de Raadt
	CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because of alignment; ok kettenis hshoexer
2008-03-13	Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to	Theo de Raadt
	an extensive discussion with otto, kettenis, millert, and hshoexer
2007-09-02	use calloc() to avoid malloc(n * m) overflows; checked by djm canacar jsg	Theo de Raadt

2007-07-31	From Gilles Chehade:	Ray Lai
	- Use strtonum instead of atoi. - Improve strtol error checking. - Change strchr calls to strcspn and eliminating some unused variables as a result. OK moritz
2007-07-27	Fix potential memory leak, when snprintf(3) returns an empty buffer.	Moritz Jodeit
	OK ray@
2007-06-21	Adjust spacing, combine malloc + strlcpy + strlcat into a single	Ray Lai
	asprintf call. OK moritz
2007-06-19	Make sure perror_reply() is only called when errno is set. When	Ray Lai
	changing perror_reply() -> reply(), increase error message detail for ftp client. Move free() statement to prevent errno clobbering. OK moritz
2007-05-31	convert to new .Dd format;	Jason McIntyre

2007-04-05	Remove lint comment, which does not apply anymore.	Moritz Jodeit

2007-03-26	Do not log when the slave gets killed because of read()	Moritz Jodeit
	returning 0. This is normal behavior and should not spam the logs. Noticed by henning@ OK henning@ millert@
2007-03-22	Do not advertise version in the ftp banner, because there is no reason to.	Chad Loder
	OK mbalmer@, xsa@, henning@, idea prompted by deraadt
2007-03-01	- use proper log facility and priority in the slave sig handlers	Otto Moerbeek
	- if the monitor decides to kill the slave, log that ok millert@ moritz@
2006-12-21	'tranfer' -> 'transfer' in comments.	Kenneth R Westerback

2006-10-18	Avoid double fclose() of a file if we exceed retries. Coverity ID 2669.	Todd C. Miller
	OK cloder@
2006-10-18	you do not call fclose() on a file descriptor; ok cloder	Theo de Raadt

2006-04-21	lint cleanup; ok ray moritz dhill	Theo de Raadt

2006-04-02	malloc(x * y) -> calloc(x, y) from adobriyan AT gmail.com, with tweaks	Damien Miller
	suggested by kjell@; ok otto@ pat@ millert@ jaredy@
2006-03-14	Allow anonymous logins without a password, which was broken	Moritz Jodeit
	by the last commit. Noticed by Armin Wolfermann. ok henning@
2006-01-20	fix integer overflows. ok millert@	Moritz Jodeit

2005-12-03	remove shadowing variables; ok pval	Theo de Raadt

2005-12-01	fix double var declarations in same scope, found by lint; ok deraadt cloder	Peter Valchev

2005-09-09	uppercase `FTP' when talking about the protocol rather than the	Jason McIntyre
	ftp(1) binary...this is in line with what ftp(1) already does...
2005-08-22	EOF in ascii mode may also mean EOF so avoid printing a bogus error and ↵	Michael Shalayeff
	behave same as bin mode; beck@ deraadt@ millert@ ok
2005-07-14	let root create the data socket. fixes PR 4287.	Moritz Jodeit
	ok millert@ henning@
2005-06-15	remove y.tab.c on make clean too	Michael Shalayeff

2005-05-27	include sys/time.h to get struct timeval	Todd C. Miller

2005-05-24	readd endpwent()	Moritz Jodeit

2005-05-24	no need for endpwent()	Moritz Jodeit

2005-04-21	make code prettier so we can tell it is safe when we read it; ok beck cloder	Theo de Raadt

2005-03-15	better handling of cases where getnameinfo() returns non-zero.	Niall O'Higgins
	upon failure, don't try to print the contents of the char buffers we passed it. ok & feedback henning@, moritz@ (thanks!)
2005-02-26	fix {send,recv}data so they don't add -1 to pos in the	Moritz Jodeit
	EINTR/EAGAIN case as found by otto@. also make them more quiet as requested by deraadt@. ok millert@ otto@ henning@
2004-12-22	some -Wimplicit-function-declaration cleaning; ok millert@	David Krause

2004-12-20	change mail address	Moritz Jodeit
	ok henning@
2004-12-11	make syscalls in the monitor restartable when signals occur, as was	Moritz Jodeit
	the case before privsep and only wait() for our slave processes. with help from millert@ ok millert@ henning@
2004-12-06	seperate reply_r, like earlier change but safer; moritz ok	Theo de Raadt