CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: wiz Date: Mon Mar 30 17:32:22 UTC 2020 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: New sentence, new line. To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.10 src/external/bsd/blacklist/lib/libblacklist.3:1.11 --- src/external/bsd/blacklist/lib/libblacklist.3:1.10 Mon Mar 30 15:47:15 2020 +++ src/external/bsd/blacklist/lib/libblacklist.3 Mon Mar 30 17:32:22 2020 @@ -1,4 +1,4 @@ -.\" $NetBSD: libblacklist.3,v 1.10 2020/03/30 15:47:15 christos Exp $ +.\" $NetBSD: libblacklist.3,v 1.11 2020/03/30 17:32:22 wiz Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -96,11 +96,13 @@ There was an unsuccessful authentication A user successfully authenticated. .It Va BLACKLIST_ABUSIVE_BEHAVIOR The sending daemon has detected abusive behavior -from the remote system. The remote address should +from the remote system. +The remote address should be blocked as soon as possible. .It Va BLACKLIST_BAD_USER The sending daemon has determined the username -presented for authentication is invalid. The +presented for authentication is invalid. +The .Xr blacklistd 8 daemon compares the username to a configured list of forbidden usernames and
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Mon Mar 30 15:47:15 UTC 2020 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: Clarify that we always need a valid socket To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.9 src/external/bsd/blacklist/lib/libblacklist.3:1.10 --- src/external/bsd/blacklist/lib/libblacklist.3:1.9 Wed Nov 6 15:50:01 2019 +++ src/external/bsd/blacklist/lib/libblacklist.3 Mon Mar 30 11:47:15 2020 @@ -1,4 +1,4 @@ -.\" $NetBSD: libblacklist.3,v 1.9 2019/11/06 20:50:01 christos Exp $ +.\" $NetBSD: libblacklist.3,v 1.10 2020/03/30 15:47:15 christos Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -27,7 +27,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd May 5, 2017 +.Dd March 30, 2020 .Dt LIBBLACKLIST 3 .Os .Sh NAME @@ -122,6 +122,14 @@ functions can be used with unconnected s .Xr getpeername 2 will not work, the server will pass the peer name in the message. .Pp +In all cases the file descriptor passed in the +.Fa fd +argument must be pointing to a valid socket so that +.Xr blacklistd 8 +can establish ownership of the local endpoint +using +.Xr getsockname 2 . +.Pp By default, .Xr syslogd 8 is used for message logging.
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Fri Mar 8 20:40:05 UTC 2019 Modified Files: src/external/bsd/blacklist/lib: Makefile Log Message: We don't need to depend on pthreads. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/external/bsd/blacklist/lib/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/Makefile diff -u src/external/bsd/blacklist/lib/Makefile:1.6 src/external/bsd/blacklist/lib/Makefile:1.7 --- src/external/bsd/blacklist/lib/Makefile:1.6 Tue Jan 5 08:07:46 2016 +++ src/external/bsd/blacklist/lib/Makefile Fri Mar 8 15:40:05 2019 @@ -1,11 +1,11 @@ -# $NetBSD: Makefile,v 1.6 2016/01/05 13:07:46 christos Exp $ +# $NetBSD: Makefile,v 1.7 2019/03/08 20:40:05 christos Exp $ .include USE_SHLIBDIR= yes CPPFLAGS+=-D_REENTRANT -LIBDPLIBS+=pthread ${NETBSDSRCDIR}/lib/libpthread +#LIBDPLIBS+=pthread ${NETBSDSRCDIR}/lib/libpthread LIB=blacklist SRCS=bl.c blacklist.c MAN=libblacklist.3
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: abhinav Date: Sun Oct 22 10:31:57 UTC 2017 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: Add comma between Nm entries To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.7 src/external/bsd/blacklist/lib/libblacklist.3:1.8 --- src/external/bsd/blacklist/lib/libblacklist.3:1.7 Sat Feb 4 23:33:56 2017 +++ src/external/bsd/blacklist/lib/libblacklist.3 Sun Oct 22 10:31:57 2017 @@ -1,4 +1,4 @@ -.\" $NetBSD: libblacklist.3,v 1.7 2017/02/04 23:33:56 wiz Exp $ +.\" $NetBSD: libblacklist.3,v 1.8 2017/10/22 10:31:57 abhinav Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -35,7 +35,7 @@ .Nm blacklist_close , .Nm blacklist_r , .Nm blacklist , -.Nm blacklist_sa +.Nm blacklist_sa , .Nm blacklist_sa_r .Nd Blacklistd notification library .Sh LIBRARY
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: wiz Date: Sat Feb 4 23:33:56 UTC 2017 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: Quote - to make it a minus. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.6 src/external/bsd/blacklist/lib/libblacklist.3:1.7 --- src/external/bsd/blacklist/lib/libblacklist.3:1.6 Tue Jan 31 16:55:04 2017 +++ src/external/bsd/blacklist/lib/libblacklist.3 Sat Feb 4 23:33:56 2017 @@ -1,4 +1,4 @@ -.\" $NetBSD: libblacklist.3,v 1.6 2017/01/31 16:55:04 abhinav Exp $ +.\" $NetBSD: libblacklist.3,v 1.7 2017/02/04 23:33:56 wiz Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -121,7 +121,7 @@ and return .Dv 0 on success and -.Dv -1 +.Dv \-1 on failure setting .Dv errno to an appropriate value.
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: abhinav Date: Tue Jan 31 16:55:04 UTC 2017 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: Correct the function names in the RETURN VALUES section and use markup for errno. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.5 src/external/bsd/blacklist/lib/libblacklist.3:1.6 --- src/external/bsd/blacklist/lib/libblacklist.3:1.5 Tue Jan 31 16:31:21 2017 +++ src/external/bsd/blacklist/lib/libblacklist.3 Tue Jan 31 16:55:04 2017 @@ -1,4 +1,4 @@ -.\" $NetBSD: libblacklist.3,v 1.5 2017/01/31 16:31:21 abhinav Exp $ +.\" $NetBSD: libblacklist.3,v 1.6 2017/01/31 16:55:04 abhinav Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -106,18 +106,25 @@ All functions log errors to .Xr syslogd 8 . .Sh RETURN VALUES The function -.Fn bl_open +.Fn blacklist_open returns a cookie on success and .Dv NULL -on failure setting errno to an appropriate value. -.Pp -The -.Fn bl_send -function returns +on failure setting +.Dv errno +to an appropriate value. +.Pp +The functions +.Fn blacklist , +.Fn blacklist_sa , +and +.Fn blacklist_sa_r +return .Dv 0 on success and .Dv -1 -on failure setting errno to an appropriate value. +on failure setting +.Dv errno +to an appropriate value. .Sh SEE ALSO .Xr blacklistd.conf 5 , .Xr blacklistd 8
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: abhinav Date: Tue Jan 31 16:31:21 UTC 2017 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: Fix a sentence. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.4 src/external/bsd/blacklist/lib/libblacklist.3:1.5 --- src/external/bsd/blacklist/lib/libblacklist.3:1.4 Tue Jan 31 16:23:18 2017 +++ src/external/bsd/blacklist/lib/libblacklist.3 Tue Jan 31 16:31:21 2017 @@ -1,4 +1,4 @@ -.\" $NetBSD: libblacklist.3,v 1.4 2017/01/31 16:23:18 abhinav Exp $ +.\" $NetBSD: libblacklist.3,v 1.5 2017/01/31 16:31:21 abhinav Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -62,7 +62,7 @@ block or release port access to prevent .Pp The function .Fn blacklist_open -creates a the necessary state to communicate with +creates the necessary state to communicate with .Xr blacklistd 8 and returns a pointer to it, or .Dv NULL
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: abhinav Date: Tue Jan 31 16:23:19 UTC 2017 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: Remove comma after the last Nm entry. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.3 src/external/bsd/blacklist/lib/libblacklist.3:1.4 --- src/external/bsd/blacklist/lib/libblacklist.3:1.3 Sun Jan 25 23:09:28 2015 +++ src/external/bsd/blacklist/lib/libblacklist.3 Tue Jan 31 16:23:18 2017 @@ -1,4 +1,4 @@ -.\" $NetBSD: libblacklist.3,v 1.3 2015/01/25 23:09:28 wiz Exp $ +.\" $NetBSD: libblacklist.3,v 1.4 2017/01/31 16:23:18 abhinav Exp $ .\" .\" Copyright (c) 2015 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -36,7 +36,7 @@ .Nm blacklist_r , .Nm blacklist , .Nm blacklist_sa -.Nm blacklist_sa_r , +.Nm blacklist_sa_r .Nd Blacklistd notification library .Sh LIBRARY .Lb libblacklist
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Fri Jul 29 17:13:09 UTC 2016 Modified Files: src/external/bsd/blacklist/lib: bl.c Log Message: Use %s+strerro(errno) instead of %m (From Kurt Lidl) To generate a diff of this commit: cvs rdiff -u -r1.27 -r1.28 src/external/bsd/blacklist/lib/bl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/bl.c diff -u src/external/bsd/blacklist/lib/bl.c:1.27 src/external/bsd/blacklist/lib/bl.c:1.28 --- src/external/bsd/blacklist/lib/bl.c:1.27 Wed Dec 30 11:42:48 2015 +++ src/external/bsd/blacklist/lib/bl.c Fri Jul 29 13:13:09 2016 @@ -1,4 +1,4 @@ -/* $NetBSD: bl.c,v 1.27 2015/12/30 16:42:48 christos Exp $ */ +/* $NetBSD: bl.c,v 1.28 2016/07/29 17:13:09 christos Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #endif #include -__RCSID("$NetBSD: bl.c,v 1.27 2015/12/30 16:42:48 christos Exp $"); +__RCSID("$NetBSD: bl.c,v 1.28 2016/07/29 17:13:09 christos Exp $"); #include #include @@ -152,8 +152,8 @@ bl_init(bl_t b, bool srv) b->b_fd = socket(PF_LOCAL, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK|SOCK_NOSIGPIPE, 0); if (b->b_fd == -1) { - bl_log(b->b_fun, LOG_ERR, "%s: socket failed (%m)", - __func__); + bl_log(b->b_fun, LOG_ERR, "%s: socket failed (%s)", + __func__, strerror(errno)); BL_UNLOCK(b); return -1; } @@ -200,8 +200,8 @@ bl_init(bl_t b, bool srv) */ if (b->b_connected != 1) { bl_log(b->b_fun, LOG_DEBUG, -"%s: connect failed for `%s' (%m)", -__func__, sun->sun_path); +"%s: connect failed for `%s' (%s)", +__func__, sun->sun_path, strerror(errno)); b->b_connected = 1; } BL_UNLOCK(b); @@ -220,8 +220,8 @@ bl_init(bl_t b, bool srv) errno = serrno; if (rv == -1) { bl_log(b->b_fun, LOG_ERR, - "%s: bind failed for `%s' (%m)", - __func__, sun->sun_path); + "%s: bind failed for `%s' (%s)", + __func__, sun->sun_path, strerror(errno)); goto out; } } @@ -260,7 +260,8 @@ bl_init(bl_t b, bool srv) if (setsockopt(b->b_fd, CRED_LEVEL, CRED_NAME, , (socklen_t)sizeof(one)) == -1) { bl_log(b->b_fun, LOG_ERR, "%s: setsockopt %s " - "failed (%m)", __func__, __STRING(CRED_NAME)); + "failed (%s)", __func__, __STRING(CRED_NAME), + strerror(errno)); goto out; } #endif @@ -296,7 +297,8 @@ bl_create(bool srv, const char *path, vo return b; out: free(b); - bl_log(fun, LOG_ERR, "%s: malloc failed (%m)", __func__); + bl_log(fun, LOG_ERR, "%s: malloc failed (%s)", __func__, + strerror(errno)); return NULL; } @@ -451,7 +453,8 @@ bl_recv(bl_t b) rlen = recvmsg(b->b_fd, , 0); if (rlen == -1) { - bl_log(b->b_fun, LOG_ERR, "%s: recvmsg failed (%m)", __func__); + bl_log(b->b_fun, LOG_ERR, "%s: recvmsg failed (%s)", __func__, + strerror(errno)); return NULL; }
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Wed Dec 30 16:42:48 UTC 2015 Modified Files: src/external/bsd/blacklist/lib: Makefile bl.c Log Message: Add a mutex to prevent races during initialization code from multiple threads. Found in named. To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/bsd/blacklist/lib/Makefile cvs rdiff -u -r1.26 -r1.27 src/external/bsd/blacklist/lib/bl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/Makefile diff -u src/external/bsd/blacklist/lib/Makefile:1.3 src/external/bsd/blacklist/lib/Makefile:1.4 --- src/external/bsd/blacklist/lib/Makefile:1.3 Thu Jan 22 13:46:15 2015 +++ src/external/bsd/blacklist/lib/Makefile Wed Dec 30 11:42:48 2015 @@ -1,7 +1,10 @@ -# $NetBSD: Makefile,v 1.3 2015/01/22 18:46:15 christos Exp $ +# $NetBSD: Makefile,v 1.4 2015/12/30 16:42:48 christos Exp $ USE_SHLIBDIR= yes +CPPFLAGS+=-D_REENTRANT +DPADD+=${LIBPTHREAD} +LPADD+=-lpthread LIB=blacklist SRCS=bl.c blacklist.c MAN=libblacklist.3 Index: src/external/bsd/blacklist/lib/bl.c diff -u src/external/bsd/blacklist/lib/bl.c:1.26 src/external/bsd/blacklist/lib/bl.c:1.27 --- src/external/bsd/blacklist/lib/bl.c:1.26 Wed May 27 21:01:37 2015 +++ src/external/bsd/blacklist/lib/bl.c Wed Dec 30 11:42:48 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: bl.c,v 1.26 2015/05/28 01:01:37 christos Exp $ */ +/* $NetBSD: bl.c,v 1.27 2015/12/30 16:42:48 christos Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #endif #include -__RCSID("$NetBSD: bl.c,v 1.26 2015/05/28 01:01:37 christos Exp $"); +__RCSID("$NetBSD: bl.c,v 1.27 2015/12/30 16:42:48 christos Exp $"); #include #include @@ -53,6 +53,9 @@ __RCSID("$NetBSD: bl.c,v 1.26 2015/05/28 #include #include #include +#ifdef _REENTRANT +#include +#endif #include "bl.h" @@ -66,6 +69,16 @@ typedef struct { } bl_message_t; struct blacklist { +#ifdef _REENTRANT + pthread_mutex_t b_mutex; +# define BL_INIT(b) pthread_mutex_init(>b_mutex, NULL) +# define BL_LOCK(b) pthread_mutex_lock(>b_mutex) +# define BL_UNLOCK(b) pthread_mutex_unlock(>b_mutex) +#else +# define BL_INIT(b) do {} while(/*CONSTCOND*/0) +# define BL_LOCK(b) BL_INIT(b) +# define BL_UNLOCK(b) BL_INIT(b) +#endif int b_fd; int b_connected; struct sockaddr_un b_sun; @@ -88,13 +101,17 @@ bl_getfd(bl_t b) } static void -bl_reset(bl_t b) +bl_reset(bl_t b, bool locked) { int serrno = errno; + if (!locked) + BL_LOCK(b); close(b->b_fd); errno = serrno; b->b_fd = -1; b->b_connected = -1; + if (!locked) + BL_UNLOCK(b); } static void @@ -129,12 +146,15 @@ bl_init(bl_t b, bool srv) #define SOCK_NOSIGPIPE 0 #endif + BL_LOCK(b); + if (b->b_fd == -1) { b->b_fd = socket(PF_LOCAL, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK|SOCK_NOSIGPIPE, 0); if (b->b_fd == -1) { bl_log(b->b_fun, LOG_ERR, "%s: socket failed (%m)", __func__); + BL_UNLOCK(b); return -1; } #if SOCK_CLOEXEC == 0 @@ -153,9 +173,16 @@ bl_init(bl_t b, bool srv) #endif } - if (bl_isconnected(b)) + if (bl_isconnected(b)) { + BL_UNLOCK(b); return 0; + } + /* + * We try to connect anyway even when we are a server to verify + * that no other server is listening to the socket. If we succeed + * to connect and we are a server, someone else owns it. + */ rv = connect(b->b_fd, (const void *)sun, (socklen_t)sizeof(*sun)); if (rv == 0) { if (srv) { @@ -177,6 +204,7 @@ bl_init(bl_t b, bool srv) __func__, sun->sun_path); b->b_connected = 1; } + BL_UNLOCK(b); return -1; } bl_log(b->b_fun, LOG_DEBUG, "Connected to blacklist server", @@ -237,9 +265,11 @@ bl_init(bl_t b, bool srv) } #endif + BL_UNLOCK(b); return 0; out: - bl_reset(b); + bl_reset(b, true); + BL_UNLOCK(b); return -1; } @@ -252,6 +282,7 @@ bl_create(bool srv, const char *path, vo b->b_fun = fun == NULL ? vsyslog : fun; b->b_fd = -1; b->b_connected = -1; + BL_INIT(b); memset(>b_sun, 0, sizeof(b->b_sun)); b->b_sun.sun_family = AF_LOCAL; @@ -272,7 +303,7 @@ out: void bl_destroy(bl_t b) { - bl_reset(b); + bl_reset(b, false); free(b); } @@ -377,7 +408,7 @@ again: return -1; if ((sendmsg(b->b_fd, , 0) == -1) && tried++ < NTRIES) { - bl_reset(b); + bl_reset(b, false); goto again; } return tried >= NTRIES ? -1 : 0;
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Wed Dec 30 17:57:20 UTC 2015 Modified Files: src/external/bsd/blacklist/lib: Makefile Log Message: typo To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/bsd/blacklist/lib/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/Makefile diff -u src/external/bsd/blacklist/lib/Makefile:1.4 src/external/bsd/blacklist/lib/Makefile:1.5 --- src/external/bsd/blacklist/lib/Makefile:1.4 Wed Dec 30 11:42:48 2015 +++ src/external/bsd/blacklist/lib/Makefile Wed Dec 30 12:57:20 2015 @@ -1,10 +1,10 @@ -# $NetBSD: Makefile,v 1.4 2015/12/30 16:42:48 christos Exp $ +# $NetBSD: Makefile,v 1.5 2015/12/30 17:57:20 christos Exp $ USE_SHLIBDIR= yes CPPFLAGS+=-D_REENTRANT DPADD+=${LIBPTHREAD} -LPADD+=-lpthread +LDADD+=-lpthread LIB=blacklist SRCS=bl.c blacklist.c MAN=libblacklist.3
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Thu May 28 01:01:37 UTC 2015 Modified Files: src/external/bsd/blacklist/lib: bl.c Log Message: put back setting uid and gid to -1 if they are not available. To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/external/bsd/blacklist/lib/bl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/bl.c diff -u src/external/bsd/blacklist/lib/bl.c:1.25 src/external/bsd/blacklist/lib/bl.c:1.26 --- src/external/bsd/blacklist/lib/bl.c:1.25 Wed May 27 18:37:13 2015 +++ src/external/bsd/blacklist/lib/bl.c Wed May 27 21:01:37 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: bl.c,v 1.25 2015/05/27 22:37:13 christos Exp $ */ +/* $NetBSD: bl.c,v 1.26 2015/05/28 01:01:37 christos Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #endif #include sys/cdefs.h -__RCSID($NetBSD: bl.c,v 1.25 2015/05/27 22:37:13 christos Exp $); +__RCSID($NetBSD: bl.c,v 1.26 2015/05/28 01:01:37 christos Exp $); #include sys/param.h #include sys/types.h @@ -483,6 +483,10 @@ bl_recv(bl_t b) bi-bi_type = ub.bl.bl_type; bi-bi_slen = ub.bl.bl_salen; bi-bi_ss = ub.bl.bl_ss; +#ifndef CRED_MESSAGE + bi-bi_uid = -1; + bi-bi_gid = -1; +#endif strlcpy(bi-bi_msg, ub.bl.bl_data, MIN(sizeof(bi-bi_msg), ((size_t)rlen - sizeof(ub.bl) + 1))); return bi;
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Wed May 27 22:37:13 UTC 2015 Modified Files: src/external/bsd/blacklist/lib: bl.c Log Message: Make sure that we get the socket messages we expect, otherwise return NULL. To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 src/external/bsd/blacklist/lib/bl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/bl.c diff -u src/external/bsd/blacklist/lib/bl.c:1.24 src/external/bsd/blacklist/lib/bl.c:1.25 --- src/external/bsd/blacklist/lib/bl.c:1.24 Mon Feb 2 20:22:08 2015 +++ src/external/bsd/blacklist/lib/bl.c Wed May 27 18:37:13 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: bl.c,v 1.24 2015/02/03 01:22:08 christos Exp $ */ +/* $NetBSD: bl.c,v 1.25 2015/05/27 22:37:13 christos Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #endif #include sys/cdefs.h -__RCSID($NetBSD: bl.c,v 1.24 2015/02/03 01:22:08 christos Exp $); +__RCSID($NetBSD: bl.c,v 1.25 2015/05/27 22:37:13 christos Exp $); #include sys/param.h #include sys/types.h @@ -199,6 +199,7 @@ bl_init(bl_t b, bool srv) } b-b_connected = 0; +#define GOT_FD 1 #if defined(LOCAL_CREDS) #define CRED_LEVEL 0 #define CRED_NAME LOCAL_CREDS @@ -207,6 +208,7 @@ bl_init(bl_t b, bool srv) #define CRED_MESSAGE SCM_CREDS #define CRED_SIZE SOCKCREDSIZE(NGROUPS_MAX) #define CRED_TYPE struct sockcred +#define GOT_CRED 2 #elif defined(SO_PASSCRED) #define CRED_LEVEL SOL_SOCKET #define CRED_NAME SO_PASSCRED @@ -215,7 +217,9 @@ bl_init(bl_t b, bool srv) #define CRED_MESSAGE SCM_CREDENTIALS #define CRED_SIZE sizeof(struct ucred) #define CRED_TYPE struct ucred +#define GOT_CRED 2 #else +#define GOT_CRED 0 /* * getpeereid() and LOCAL_PEERCRED don't help here * because we are not a stream socket! @@ -395,9 +399,13 @@ bl_recv(bl_t b) bl_message_t bl; char buf[512]; } ub; + int got; ssize_t rlen; bl_info_t *bi = b-b_info; + got = 0; + memset(bi, 0, sizeof(*bi)); + iov.iov_base = ub.buf; iov.iov_len = sizeof(ub); @@ -433,12 +441,14 @@ bl_recv(bl_t b) continue; } memcpy(bi-bi_fd, CMSG_DATA(cmsg), sizeof(bi-bi_fd)); + got |= GOT_FD; break; #ifdef CRED_MESSAGE case CRED_MESSAGE: sc = (void *)CMSG_DATA(cmsg); bi-bi_uid = sc-CRED_SC_UID; bi-bi_gid = sc-CRED_SC_GID; + got |= GOT_CRED; break; #endif default: @@ -450,6 +460,16 @@ bl_recv(bl_t b) } + if (got != (GOT_CRED|GOT_FD)) { + bl_log(b-b_fun, LOG_ERR, message missing %s %s, +#if GOT_CRED != 0 + (got GOT_CRED) == 0 ? cred : +#endif + , (got GOT_FD) == 0 ? fd : ); + + return NULL; + } + if ((size_t)rlen = sizeof(ub.bl)) { bl_log(b-b_fun, LOG_ERR, message too short %zd, rlen); return NULL; @@ -463,10 +483,6 @@ bl_recv(bl_t b) bi-bi_type = ub.bl.bl_type; bi-bi_slen = ub.bl.bl_salen; bi-bi_ss = ub.bl.bl_ss; -#ifndef CRED_MESSAGE - bi-bi_uid = -1; - bi-bi_gid = -1; -#endif strlcpy(bi-bi_msg, ub.bl.bl_data, MIN(sizeof(bi-bi_msg), ((size_t)rlen - sizeof(ub.bl) + 1))); return bi;
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Mon Feb 2 22:03:45 UTC 2015 Modified Files: src/external/bsd/blacklist/lib: bl.c Log Message: CID/126787{0,1}: Uninitialized msg_flags To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/external/bsd/blacklist/lib/bl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/bl.c diff -u src/external/bsd/blacklist/lib/bl.c:1.22 src/external/bsd/blacklist/lib/bl.c:1.23 --- src/external/bsd/blacklist/lib/bl.c:1.22 Thu Jan 22 15:11:33 2015 +++ src/external/bsd/blacklist/lib/bl.c Mon Feb 2 17:03:45 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: bl.c,v 1.22 2015/01/22 20:11:33 christos Exp $ */ +/* $NetBSD: bl.c,v 1.23 2015/02/02 22:03:45 christos Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #endif #include sys/cdefs.h -__RCSID($NetBSD: bl.c,v 1.22 2015/01/22 20:11:33 christos Exp $); +__RCSID($NetBSD: bl.c,v 1.23 2015/02/02 22:03:45 christos Exp $); #include sys/param.h #include sys/types.h @@ -355,6 +355,7 @@ bl_send(bl_t b, bl_type_t e, int pfd, co msg.msg_namelen = 0; msg.msg_iov = iov; msg.msg_iovlen = 1; + msg.msg_flags = 0; msg.msg_control = ua.ctrl; msg.msg_controllen = sizeof(ua.ctrl); @@ -404,6 +405,7 @@ bl_recv(bl_t b) msg.msg_namelen = 0; msg.msg_iov = iov; msg.msg_iovlen = 1; + msg.msc_flags = 0; msg.msg_control = ua.ctrl; msg.msg_controllen = sizeof(ua.ctrl) + 100;
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: christos Date: Tue Feb 3 01:22:08 UTC 2015 Modified Files: src/external/bsd/blacklist/lib: bl.c Log Message: fix typo. To generate a diff of this commit: cvs rdiff -u -r1.23 -r1.24 src/external/bsd/blacklist/lib/bl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/bl.c diff -u src/external/bsd/blacklist/lib/bl.c:1.23 src/external/bsd/blacklist/lib/bl.c:1.24 --- src/external/bsd/blacklist/lib/bl.c:1.23 Mon Feb 2 17:03:45 2015 +++ src/external/bsd/blacklist/lib/bl.c Mon Feb 2 20:22:08 2015 @@ -1,4 +1,4 @@ -/* $NetBSD: bl.c,v 1.23 2015/02/02 22:03:45 christos Exp $ */ +/* $NetBSD: bl.c,v 1.24 2015/02/03 01:22:08 christos Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #endif #include sys/cdefs.h -__RCSID($NetBSD: bl.c,v 1.23 2015/02/02 22:03:45 christos Exp $); +__RCSID($NetBSD: bl.c,v 1.24 2015/02/03 01:22:08 christos Exp $); #include sys/param.h #include sys/types.h @@ -405,7 +405,7 @@ bl_recv(bl_t b) msg.msg_namelen = 0; msg.msg_iov = iov; msg.msg_iovlen = 1; - msg.msc_flags = 0; + msg.msg_flags = 0; msg.msg_control = ua.ctrl; msg.msg_controllen = sizeof(ua.ctrl) + 100;
CVS commit: src/external/bsd/blacklist/lib
Module Name:src Committed By: wiz Date: Sun Jan 25 23:09:28 UTC 2015 Modified Files: src/external/bsd/blacklist/lib: libblacklist.3 Log Message: Minor fixes. XXX: libblacklist needs to be defined. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/bsd/blacklist/lib/libblacklist.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/blacklist/lib/libblacklist.3 diff -u src/external/bsd/blacklist/lib/libblacklist.3:1.2 src/external/bsd/blacklist/lib/libblacklist.3:1.3 --- src/external/bsd/blacklist/lib/libblacklist.3:1.2 Thu Jan 22 05:40:34 2015 +++ src/external/bsd/blacklist/lib/libblacklist.3 Sun Jan 25 23:09:28 2015 @@ -1,4 +1,4 @@ -.\ $NetBSD: libblacklist.3,v 1.2 2015/01/22 05:40:34 christos Exp $ +.\ $NetBSD: libblacklist.3,v 1.3 2015/01/25 23:09:28 wiz Exp $ .\ .\ Copyright (c) 2015 The NetBSD Foundation, Inc. .\ All rights reserved. @@ -26,17 +26,17 @@ .\ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) .\ ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\ POSSIBILITY OF SUCH DAMAGE. -.\ -.Dd January 22, 2016 +.\ +.Dd January 22, 2015 .Dt LIBBLACKLIST 3 .Os .Sh NAME .Nm blacklist_open , .Nm blacklist_close , -.Nm blacklist_r , +.Nm blacklist_r , .Nm blacklist , .Nm blacklist_sa -.Nm blacklist_sa_r , +.Nm blacklist_sa_r , .Nd Blacklistd notification library .Sh LIBRARY .Lb libblacklist @@ -98,7 +98,7 @@ The .Fn blacklist_sa and .Fn blacklist_sa_r -can be used with unconnected sockets, where +functions can be used with unconnected sockets, where .Xr getpeername 2 will not work, the server will pass the peer name in the message. .Pp @@ -112,14 +112,14 @@ returns a cookie on success and on failure setting errno to an appropriate value. .Pp The -.Fn bl_send , +.Fn bl_send function returns .Dv 0 on success and .Dv -1 on failure setting errno to an appropriate value. .Sh SEE ALSO -.Xr blacklistd 8 , -.Xr blacklistd.conf 5 +.Xr blacklistd.conf 5 , +.Xr blacklistd 8 .Sh AUTHORS .An Christos Zoulas