| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Building telnet with clang 18 results in the following warning:
contrib/telnet/telnet/telnet.c:231:5: error: 'snprintf' will always be truncated; specified size is 10, but format string expands to at least 11 [-Werror,-Wformat-truncation]
231 | snprintf(temp2, sizeof(temp2), "%c%c%c%c....%c%c", IAC, SB, TELOPT_COMPORT,
| ^
The temp2 buffer is 10 chars, while the format string also consists of
10 chars. Therefore, snprintf(3) will truncate the last character, 'SE'
(end sub negotation) in this case.
Bump the buffer to 11 chars to avoid truncation.
MFC after: 3 days
|
|
|
|
|
|
|
| |
This partially reverts 77b7cdf1999ee965ad494fddd184b18f532ac91a.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D42704
|
|
|
|
|
| |
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D39528
|
|
|
|
|
|
| |
- s/addreess/address/
MFC after: 3 days
|
|
|
|
| |
Differential Revision: https://reviews.freebsd.org/D36621
|
|
|
|
| |
Differential Revision: https://reviews.freebsd.org/D36592
|
|
|
|
|
|
|
|
|
|
| |
Mostly remove from the SEE ALSO section, adding a mention of the port
where not removed. Elsewhere, remove as appropriate and change from .Xr
to .Nm where a mention of telnetd continues to make sense (or removing
it would require significant reworking of the surrounding text).
Reviewed by: imp, delphij, emaste
Differential Revision: https://reviews.freebsd.org/D36785
|
|
|
|
|
|
|
| |
Reviewed by: emaste
Obtained from: NetBSD 6cc1539c8028b
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D36732
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move initialization of the slc table earlier so it doesn't get
accessed before that happens.
For details on the issue, see:
https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
Reviewed by: cy
Obtained from: NetBSD via cy
Differential Revision: https://reviews.freebsd.org/D36680
|
|
|
|
|
|
|
|
|
|
|
| |
The telnetd codebase is old, unmaintained, and has a number of quality
issues. Users wishing to provide telnetd service should find a
maintained implementation. The telnet client is NOT deprecated as it
is lower risk.
Reviewed by: pauamma, kevans, kp, melifaro
MFC After: 3 days
Differential Revision: https://reviews.freebsd.org/D36619
|
|
|
|
|
|
|
|
|
|
|
| |
Silently ignore invalid set ' ' and invalid help help commands.
This is the same fix applied by NetBSD in hg commit 1019940:4f248823eaff.
PR: 265097
Reported by: Simon Josefsson <simon@josefsson.org>
Obtained from: NetBSD hg commit 1019940:4f248823eaff
NetBSD PR/56918
MFC after: 1 week
|
|
|
|
|
|
|
|
| |
Reviewed By: imp, phk
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
X-NetApp-PR: #54
Differential Revision: https://reviews.freebsd.org/D30819
|
|
|
|
|
|
| |
also shows up when output is redirected:
telnet |& tee _log
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PR: 248157
Submitted by: Juraj Lutter <juraj at lutter dot sk>
Reviewed by: bcr
Approved by: bcr
Obtained from: NetBSD
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25794
Notes:
svn path=/head/; revision=364005
|
|
|
|
| |
Notes:
svn path=/head/; revision=359406
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
line and auth_level's redefinitions are just extraneous
telnetd will #define extern and then include ext.h to allocate storage for
all of these extern'd vars; however, two of them are actually defined in
libtelnet instead. Instead of doing an #ifdef extern dance around those
function pointers, just add an EXTERN macro to make it easier to
differentiate by sight which ones will get allocated in globals.c and which
ones are defined elsewhere.
MFC after: 3 days
Notes:
svn path=/head/; revision=359404
|
|
|
|
|
|
|
|
| |
There was a large misfire from my local diff that I need to investigate, and
this version committed did not build.
Notes:
svn path=/head/; revision=359403
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of these were already properly declared and defined elsewhere, this is
effectively just a minor cleanup that fixes the -fno-common build.
-fno-common will become the default in GCC10/LLVM11.
MFC after: 3 days
Notes:
svn path=/head/; revision=359399
|
|
|
|
|
|
|
|
|
|
|
| |
pair"
I'm pretty skeptical that any crypto in telnet is worth using, but if we're
ostensibly generating keys, arc4random is strictly better than the previous
construct.
Notes:
svn path=/head/; revision=355699
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per the July 22, 1999 letter (in /COPYRIGHT) from
William Hoskins
Director, Office of Technology Licensing
University of California, Berkeley
MFC after: 1 week
Notes:
svn path=/head/; revision=351070
|
|
|
|
|
|
|
|
|
| |
Suggested by: imp
MFC after: 3 weeks
Sponsored by: The FreeBSD Foundation
Notes:
svn path=/head/; revision=350498
|
|
|
|
|
|
|
|
|
| |
While here also fix a very unlikely NULL pointer dereference.
Submitted by: Shawn Webb <shawn.webb@hardenedbsd.org>
Notes:
svn path=/head/; revision=349896
|
|
|
|
|
|
|
|
| |
Obtained from: Juniper Networks
MFC after: 1 week
Notes:
svn path=/head/; revision=349890
|
|
|
|
| |
Notes:
svn path=/projects/openssl111/; revision=338777
|
|
|
|
| |
Notes:
svn path=/projects/openssl111/; revision=338775
|
|
|
|
| |
Notes:
svn path=/projects/openssl111/; revision=338774
|
|
|
|
|
|
|
|
| |
Reported by: Coverity
Sponsored by: Dell EMC Isilon
Notes:
svn path=/head/; revision=331074
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The problem is that when the parameter 'pat' is null, the function locally
allocates a NULL string but never frees it.
Instead of tracking the local alloc, it is noted that the while(*pat) never
enters when there is a local alloc.
So instead of doing the local alloc, check that 'pat' is null before the
while(*pat) loop.
Found using clang's static analyzer - scan-build
Submitted by: Thomas Rix <trix@juniper.net>
Reviewed by: markm
Approved by: sjg (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D9689
Notes:
svn path=/head/; revision=319453
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
of memory allocation failures combined with insufficient error checking
could result in the construction and execution of an argument sequence that
was not intended.
Fix that treating malloc(3) failures as fatal condition.
Submitted by: brooks
Security: FreeBSD-SA-16:36.telnetd
Notes:
svn path=/head/; revision=309638
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
contrib/telnet/telnet/commands.c:2914:13: error: implicit conversion
from 'int' to 'char' changes value from 137 to -119
[-Werror,-Wconstant-conversion]
*lsrp++ = IPOPT_SSRR;
~ ^~~~~~~~~~
/usr/include/netinet/ip.h:152:21: note: expanded from macro 'IPOPT_SSRR'
#define IPOPT_SSRR 137 /* strict source route */
^~~
contrib/telnet/telnet/commands.c:2916:13: error: implicit conversion
from 'int' to 'char' changes value from 131 to -125
[-Werror,-Wconstant-conversion]
*lsrp++ = IPOPT_LSRR;
~ ^~~~~~~~~~
/usr/include/netinet/ip.h:148:21: note: expanded from macro 'IPOPT_LSRR'
#define IPOPT_LSRR 131 /* loose source route */
^~~
Use unsigned char buffers instead.
MFC after: 1 week
Notes:
svn path=/head/; revision=305086
|
|
|
|
|
|
|
|
|
|
|
| |
to -32768 when it is used as an argument to mp_itom(), in both libtelnet
and newkey. This code has been wrong since r26238 (!), so after almost
20 years it is rather useless to try to correct it.
MFC after: 1 week
Notes:
svn path=/head/; revision=305077
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This implements part of RFC-2217
It's based off a patch originally written by Sujal Patel at Isilon, and
contributions from other Isilon employees.
PR: 173728
Phabric: D995
Reviewed by: markj, markm
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
Notes:
svn path=/head/; revision=274364
|
|
|
|
|
|
|
|
|
|
|
| |
1. Check return of mmap(2) (*)
2. Avoid FD leak when fstat fails.
3. Fix style(9).
(*) Pointed out by jmg@
Notes:
svn path=/head/; revision=262679
|
|
|
|
|
|
|
| |
Obtained from: Juniper Networks, Inc.
Notes:
svn path=/head/; revision=262673
|
|
|
|
|
|
|
|
|
| |
Use of -h is not supposed to depend on AUTHENTICATION being defined.
Reviewed by: markm
Notes:
svn path=/head/; revision=257773
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "automatic" login feature is described as follows:
The USER environment variable holds the name of the person telnetting in.
This is the username of the person on the client machine. The traditional
behaviour is to execute login(1) with this username first, meaning that
login(1) will prompt for the password only. If login fails, login(1) will
retry, but now prompt for the username before prompting for the password.
This feature got broken by how the environment got scrubbed. Before the
change in r69825 we removed variables that we deemed dangerous. Starting
with r69825 we only keep those variable we know to be safe.
The USER environment variable fell through the cracks. It suddenly got
scrubbed (i.e. removed from the environment) while still being checked
for. It also got explicitly removed from the environment to handle the
failed login case.
The fix is to obtain the value of the USER environment variable before
we scrub the environment and used the "cached" in subsequent checks.
This guarantees that the environment does not contain the USER variable
in the end, while still being able to implement "automatic" login.
Obtained from: Juniper Networks, Inc.
Notes:
svn path=/head/; revision=251188
|
|
|
|
|
|
|
| |
especially in error cases.
Notes:
svn path=/head/; revision=241021
|
|
|
|
| |
Notes:
svn path=/head/; revision=237190
|
|
|
|
| |
Notes:
svn path=/head/; revision=233932
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
Notes:
svn path=/head/; revision=228843
|
|
|
|
|
|
|
|
|
| |
strings not being literals.
MFC after: 1 week
Notes:
svn path=/head/; revision=228651
|
|
|
|
|
|
|
|
|
| |
strings not being literals.
MFC after: 1 week
Notes:
svn path=/head/; revision=228589
|
|
|
|
|
|
|
|
|
| |
zero the password buffer.
MFC after: 1 week
Notes:
svn path=/head/; revision=228559
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of catching SIGPIPE and jumping out of the signal handler with
longjmp, ignore it and handle write errors to the local output by exiting
from there. I have changed the error message to mention the local output
instead of NetBSD's wrong "Connection closed by foreign host". Write errors
to the network were already handled by exiting immediately and this now
applies to EPIPE too.
The code assumed that SIGPIPE could only be generated by the network
connection; if it was generated by the local output, it would longjmp out of
the signal handler and write an error message which caused another SIGPIPE.
PR: 19773
Obtained from: NetBSD
MFC after: 1 week
Notes:
svn path=/head/; revision=207449
|
|
|
|
|
|
|
|
| |
There is no need to call trimdomain() anymore now that ut_host is big
enough to fit decent hostnames.
Notes:
svn path=/head/; revision=202214
|
|
|
|
|
|
|
|
|
|
| |
Just like rlogind, there is no need to change the ownership of the
terminal during shutdown anymore. Also don't call logwtmp, because the
login(1)/PAM is responsible for doing this. Also use SHUT_RDWR instead
of 2.
Notes:
svn path=/head/; revision=202212
|
|
|
|
| |
Notes:
svn path=/head/; revision=201047
|
|
|
|
|
|
|
| |
<sys/termios.h> only works on FreeBSD by accident.
Notes:
svn path=/head/; revision=199874
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The function pow() in libmp(3) clashes with pow(3) in libm. We could
rename this single function, but we can just take the same approach as
the Solaris folks did, which is to prefix all function names with mp_.
libmp(3) isn't really popular nowadays. I suspect not a single
application in ports depends on it. There's still a chance, so I've
increased the SHLIB_MAJOR and __FreeBSD_version.
Reviewed by: deischen, rdivacky
Notes:
svn path=/head/; revision=189092
|
|
|
|
|
|
|
|
| |
Approved by: so (cperciva)
Security: FreeBSD-SA-09:05.telnetd
Notes:
svn path=/head/; revision=188699
|