aboutsummaryrefslogtreecommitdiff
path: root/libexec/rexecd
Commit message (Collapse)AuthorAgeFilesLines
* Remove rexecd(8), a server that implements a particularly insecureJacques Vidrine2005-06-103-507/+0
| | | | | | | | | | method of executing commands remotely. There are no rexec clients in the FreeBSD tree, and the client function rexec(3) is present only in libcompat. It has been documented as "obsolete" since 4.3BSD, and its use has been discouraged in the man page for over 10 years. Notes: svn path=/head/; revision=147270
* s/int/size_t/ as appropriate.David Schultz2005-04-171-4/+4
| | | | | | | Noticed by: bde Notes: svn path=/head/; revision=145177
* Revert parts of previous commits and use a temporary variable to avoidDag-Erling Smørgrav2005-04-081-37/+8
| | | | | | | an invalid type pun. Notes: svn path=/head/; revision=144795
* An array was mistaken for a pointer in the previous commit.Jacques Vidrine2005-04-071-3/+4
| | | | | | | | Noticed by: tinderbox, stefanf Pointy hat to: nectar Notes: svn path=/head/; revision=144754
* Correct type mismatch introduced in last commit.Jacques Vidrine2005-04-051-1/+1
| | | | | | | Noticed by: Steve Kargl <sgk@troutmask.apl.washington.edu> Notes: svn path=/head/; revision=144680
* DES pointed out that the PAM layer may change the target user nameJacques Vidrine2005-04-051-15/+32
| | | | | | | | | during authentication. Thus we need to call getpwnam *after* the user has been authenticated. Colin mentioned that we should also move the check for root in that case. Notes: svn path=/head/; revision=144668
* When PAM support was added to rexecd in revision 1.29 (just prior toJacques Vidrine2005-03-271-2/+17
| | | | | | | | | | | | | | | | | | | | | | | | 5.0-RELEASE), a visually elusive bug was introduced. A comparison operator was changed to assignment. As a result, rexecd behaved always as if the `-i' option had been specified. It would allow root logins. This commit corrects the situation in the obvious way. A separate bug was introduced at the same time. The PAM library functions are called between the invocation of getpwnam(3) and the use of the returned static object. Since many PAM library functions result in additional getpwnam(3) calls, the contents of the returned static object could be changed from under rexecd. With this commit, getpwnam_r(3) is used instead. Other PAM-using applications should be reviewed for similar errors in getpw* usage. Security: rexecd's documented default policy of disallowing root logins was not enforced. Reviewed by: cperciva Notes: svn path=/head/; revision=144180
* Use sysconf(_SC_ARG_MAX) instead of NCARGS.David Schultz2005-03-211-2/+7
| | | | Notes: svn path=/head/; revision=143907
* correct WARNS=6 fix to use cast to (void *).Hajimu UMEMOTO2005-03-011-10/+10
| | | | | | | use of struct sockaddr_strage * is thought as not good manner. :) Notes: svn path=/head/; revision=142900
* If what we have is a struct sockaddr_storage * and what we want is aDag-Erling Smørgrav2005-02-231-8/+8
| | | | | | | | struct sockaddr_storage *, there's no point in casting it prematurely to a struct sockaddr *. This unbreaks WARNS=6 on sparc64. Notes: svn path=/head/; revision=142329
* Make WARNS=6-clean.Dag-Erling Smørgrav2005-02-232-12/+13
| | | | Notes: svn path=/head/; revision=142317
* Fix most cases where the address of an int is passed to a function expecting aStefan Farfeleder2005-02-141-1/+1
| | | | | | | socklen_t * argument. Notes: svn path=/head/; revision=141918
* Sort sections.Ruslan Ermilov2005-01-181-3/+3
| | | | Notes: svn path=/head/; revision=140414
* Mechanically kill hard sentence breaks.Ruslan Ermilov2004-07-021-4/+8
| | | | Notes: svn path=/head/; revision=131487
* Include <stdlib.h> for exit() and abort() prototypes.Stefan Farfeleder2004-05-241-0/+1
| | | | | | | Approved by: das (mentor) Notes: svn path=/head/; revision=129658
* Add section number to .XrPhilippe Charnier2003-06-081-1/+1
| | | | Notes: svn path=/head/; revision=116034
* The .Nm utilityPhilippe Charnier2002-07-061-11/+16
| | | | Notes: svn path=/head/; revision=99500
* Unbreak static build and remove usage() that isn't usage().Dag-Erling Smørgrav2002-05-031-15/+8
| | | | | | | Reviewed by: bde Notes: svn path=/head/; revision=95980
* PAMify rexecd(8).Dag-Erling Smørgrav2002-05-022-116/+89
| | | | | | | Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=95915
* When opieverify() is fail, fallback to try unix password.Hajimu UMEMOTO2002-04-161-4/+9
| | | | | | | Tested by: kuriyama Notes: svn path=/head/; revision=94830
* Add an IPv6 support.Hajimu UMEMOTO2002-04-161-10/+23
| | | | | | | | | | I dunno if there is an IPv6 supported rexec client. So, it was tested that this change doesn't break an IPv4. Tested by: kuriyama (IPv4 only) Notes: svn path=/head/; revision=94828
* Make this compilable without -DOPIE.Jun Kuriyama2002-04-161-1/+1
| | | | | | | Hint by: ume Notes: svn path=/head/; revision=94824
* o __P removalWarner Losh2002-02-071-27/+20
| | | | | | | | o register removal o use new style prototypes and function definitions Notes: svn path=/head/; revision=90377
* Lock down with WFORMAT?=1, with overrides in the subdirectories whichKris Kennaway2002-02-041-0/+1
| | | | | | | are not yet warning-clean. Tested on i386 and alpha. Notes: svn path=/head/; revision=90164
* Don't clobber the default for CFLAGS.Bruce Evans2001-08-031-1/+1
| | | | Notes: svn path=/head/; revision=81118
* Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. TheSheldon Hearn2001-07-261-3/+3
| | | | | | | | | | definitions are more readable, and it's possible that they're more portable to pathalogical platforms. Submitted by: David Hill <david@phobia.ms> Notes: svn path=/head/; revision=80381
* Remove whitespace at EOL.Dima Dorfman2001-07-151-6/+6
| | | | Notes: svn path=/head/; revision=79754
* mdoc(7) police: removed HISTORY info from the .Os call.Ruslan Ermilov2001-07-101-1/+1
| | | | Notes: svn path=/head/; revision=79529
* Goodbye S/Key, Hello OPIE.Mark Murray2001-07-092-13/+17
| | | | | | | | I believe I have done due dilligence on this, but I'd appreciate decent test scenarios and sucess (or failure) reports. Notes: svn path=/head/; revision=79466
* Fix the type of the NULL arg to execl()Brian Somers2001-07-091-1/+1
| | | | | | | Idea from: Theo de Raadt <deraadt@openbsd.org> Notes: svn path=/head/; revision=79452
* Avoid a warning by making a variable a const char *.David Malone2001-05-011-1/+2
| | | | Notes: svn path=/head/; revision=76183
* - Backout botched attempt to intoduce MANSECT feature.Ruslan Ermilov2001-03-261-0/+1
| | | | | | | - MAN[1-9] -> MAN. Notes: svn path=/head/; revision=74814
* Set the default manual section for libexec/ to 8.Ruslan Ermilov2001-03-201-1/+0
| | | | Notes: svn path=/head/; revision=74529
* Remove unused #include. Use getopt(3). Add usage() with syslog(3) cap.Philippe Charnier2000-11-281-8/+22
| | | | Notes: svn path=/head/; revision=69313
* mdoc(7) police: use the new features of the Nm macro.Ruslan Ermilov2000-11-201-2/+2
| | | | Notes: svn path=/head/; revision=68949
* Man page fixupsNick Sayer2000-05-151-4/+7
| | | | | | | Submitted by: sheldonh@uunet.co.za Notes: svn path=/head/; revision=60594
* Add -i (insecure) flag to rexecd, which allows uid == 0 loginsNick Sayer2000-05-132-4/+11
| | | | | | | | (presuming that the user in question is not in /etc/ftpusers and does not have a null password). Notes: svn path=/head/; revision=60507
* $Id$ -> $FreeBSD$Peter Wemm1999-08-283-3/+3
| | | | Notes: svn path=/head/; revision=50476
* Ensure that things returned by gethostname() andBrian Somers1999-04-071-3/+3
| | | | | | | | | | | | | friends are terminated and allow for a maximum host name length of MAXHOSTNAMELEN - 1. Put parenthesis around sizeof args. Make some variables static. Fix telnetd -u (broken by my last commit) Prompted by: bde Notes: svn path=/head/; revision=45422
* Link with libutilBrian Somers1999-04-061-3/+3
| | | | Notes: svn path=/head/; revision=45396
* Use realhostname() rather than various combinations ofBrian Somers1999-04-061-6/+4
| | | | | | | | | gethostbyaddr() & gethostbyname(). Remove brokeness in ftpd for hosts of MAXHOSTNAMELEN length. Notes: svn path=/head/; revision=45393
* Use err(3). -Wall cleaning. Use Pa for file names and add section in Xrefs.Philippe Charnier1997-11-262-23/+29
| | | | Notes: svn path=/head/; revision=31419
* Julian A's fix. Do chdir as user rather than as root. Fixes a minor NFSWarner Losh1997-03-241-8/+8
| | | | | | | | | | | | compatibility problem at the same time. Some buffer made large enough for worst case hostname. fixes PR 2593. Reviewed by: Dan Cross and maybe others Notes: svn path=/head/; revision=24189
* Revert $FreeBSD$ to $Id$Peter Wemm1997-02-223-3/+3
| | | | Notes: svn path=/head/; revision=22989
* Buffer Overflow from OpenBSDWarner Losh1997-02-091-1/+1
| | | | | | | | | rev 1.7 deraadt: buf oflow Obtained from: OpenBSD Notes: svn path=/head/; revision=22457
* Make the long-awaited change from $Id$ to $FreeBSD$Jordan K. Hubbard1997-01-143-3/+3
| | | | | | | | | | | This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise. Notes: svn path=/head/; revision=21673
* Back out recent security patch for rexecd. After more careful analysis,Paul Traina1996-11-222-28/+15
| | | | | | | | | | | | | it is both uneeded and breaks certain lock-step timing in the rexec protocol. Yes, an attacker can "relay" connections using this trick, but a properly configured firewall that would make this sort of subterfuge necessary in the first place (instead of direct packet spoofing) would also thwart useful attacks based on this. Notes: svn path=/head/; revision=19924
* Do not attempt to open reverse channel until authentication phase hasPaul Traina1996-11-192-17/+30
| | | | | | | | | | | | | | | succeeded. Never allow the reverse channel to be to a privileged port. Cannidate for: 2.1 and 2.2 branches Reviewed by: pst (with local cleanups) Submitted by: Cy Shubert <cy@cwsys.cwent.com> Obtained from: Jaeger <jaeger@dhp.com> via BUGTRAQ Notes: svn path=/head/; revision=19871
* add forgotten $Id$Wolfram Schneider1996-09-223-0/+4
| | | | Notes: svn path=/head/; revision=18471
* Check for expired passwords before allowing access to the system.Mike Pritchard1995-08-281-1/+2
| | | | Notes: svn path=/head/; revision=10401
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-19 19:43:35 +0000