diff -Nru openbsd-inetd-0.20091229/ChangeLog openbsd-inetd-0.20140418/ChangeLog --- openbsd-inetd-0.20091229/ChangeLog 2011-06-25 21:50:07.000000000 +0000 +++ openbsd-inetd-0.20140418/ChangeLog 2014-06-03 02:17:33.000000000 +0000 @@ -1,3 +1,40 @@ +2014-04-19 00:04 jmc + + * inetd.8: remove references to rshd; + +2013-11-23 18:24 deraadt + + * inetd.c: obvious unsigned char casts for ctype + +2013-11-12 20:44 deraadt + + * inetd.c: missing protos + +2013-04-19 20:03 deraadt + + * inetd.c: for datagrams, assume other protocols should fail ok + millert + +2013-03-11 18:40 deraadt + + * inetd.c: handle ECONNABORTED errors from accept(). In many code + blocks they can be ignored silently and without aborting, much + like EINTR and EWOULDBLOCK are. ok's from various maintainers of + these directories... + +2012-04-19 16:33 gsoares + + * inetd.c: small cleanup(%hd -> %d) + + yes deraadt@ + +2012-03-06 02:25 dlg + + * inetd.8: clean up some newly created lies now that tftpd doesnt + run out of inetd. + + poke by deraadt@ + 2009-12-29 11:25 sobrado * inetd.8: replace a few remaining UNIX terms with .Ux macros; this diff -Nru openbsd-inetd-0.20091229/debian/changelog openbsd-inetd-0.20140418/debian/changelog --- openbsd-inetd-0.20091229/debian/changelog 2013-02-14 17:18:34.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/changelog 2014-10-21 01:22:48.000000000 +0000 @@ -1,22 +1,27 @@ -openbsd-inetd (0.20091229-2ubuntu3) raring; urgency=low +openbsd-inetd (0.20140418-2) unstable; urgency=medium - * Add cross-build support + * Recognize IPv6-bound sockets in the init script. (Closes: #763722) - -- Wookey Thu, 14 Feb 2013 01:13:55 +0000 + -- Marco d'Itri Tue, 21 Oct 2014 03:22:45 +0200 -openbsd-inetd (0.20091229-2ubuntu2) quantal; urgency=low +openbsd-inetd (0.20140418-1) unstable; urgency=medium - * Re-enable bindnow and pie hardening options (LP: #1039597). + * New CVS snapshot. + * Use bindnow and PIE hardening. + * Added a systemd unit file. (Closes: #716862) - -- Colin Watson Wed, 22 Aug 2012 10:55:19 +0100 + -- Marco d'Itri Thu, 05 Jun 2014 01:48:49 +0200 -openbsd-inetd (0.20091229-2ubuntu1) quantal; urgency=low +openbsd-inetd (0.20091229-3) unstable; urgency=medium - * Resynchronise with Debian. Remaining changes: - - debian/openbsd-inetd.default: Add missing default file. - * Fix typo in debian/openbsd-inetd.default. + * Updated patch libwrap: do not wrap internal services as documented, + to prevent a segfault. (Closes: #691852) + * Private implementations replaced with libbsd. (Closes: #675070) + * Removed from the maintainer scripts the code needed to handle upgrade + from netkit-inetd. + * Support cross-compilation. - -- Colin Watson Mon, 21 May 2012 10:57:57 +0100 + -- Marco d'Itri Fri, 03 Jan 2014 10:41:38 +0100 openbsd-inetd (0.20091229-2) unstable; urgency=medium @@ -24,20 +29,6 @@ -- Marco d'Itri Mon, 21 May 2012 00:17:37 +0200 -openbsd-inetd (0.20091229-1ubuntu2) quantal; urgency=low - - * Export CFLAGS and LDFLAGS, to avoid relying on dpkg-buildpackage doing - so. - - -- Colin Watson Mon, 30 Apr 2012 02:00:32 +0100 - -openbsd-inetd (0.20091229-1ubuntu1) oneiric; urgency=low - - * Merge from Debian unstable (LP: #803384). Remaining changes: - - debian/openbsd-inetd.default: Add missing default file. (LP: #527143) - - -- Adam Gandelman Sun, 03 Jul 2011 13:25:39 +0200 - openbsd-inetd (0.20091229-1) unstable; urgency=medium * New CVS snapshot. @@ -47,15 +38,6 @@ -- Marco d'Itri Sun, 26 Jun 2011 00:42:55 +0200 -openbsd-inetd (0.20080125-6ubuntu1) natty; urgency=low - - * Merge from debian unstable. Remaining changes: - - debian/openbsd-inetd.default: Add missing default file. (LP: #527143) - - Update maintainer according to spec. - - debian/rules: Add hardening. - - -- Chuck Short Thu, 02 Sep 2010 13:16:08 +0100 - openbsd-inetd (0.20080125-6) unstable; urgency=medium * Added --oknodo to the init script, this time for real. (Closes: #592582) @@ -68,19 +50,6 @@ -- Marco d'Itri Mon, 16 Aug 2010 21:33:09 +0200 -openbsd-inetd (0.20080125-4ubuntu2) lucid; urgency=low - - * debian/openbsd-inetd.default: Add missing defaults file. (LP: #527143) - - -- Chuck Short Tue, 16 Mar 2010 10:34:29 -0400 - -openbsd-inetd (0.20080125-4ubuntu1) lucid; urgency=low - - * Merge from debian testing. Remaining changes: - - Update maintainer according to spec. - - -- Chuck Short Thu, 31 Dec 2009 05:01:54 +0000 - openbsd-inetd (0.20080125-4) unstable; urgency=low * Use the hardening-includes package to build with hardening flags. @@ -89,13 +58,6 @@ -- Marco d'Itri Mon, 21 Dec 2009 03:26:02 +0100 -openbsd-inetd (0.20080125-3ubuntu1) lucid; urgency=low - - * Merge from debian testing, remaining changes: - - debian/{control,rules}: add and enable hardened build for PIE (Debian bug 542738). - - -- Chuck Short Fri, 06 Nov 2009 01:34:46 +0000 - openbsd-inetd (0.20080125-3) unstable; urgency=medium * Added support for the "status" action to the init script. (Closes: #526375) @@ -105,13 +67,6 @@ -- Marco d'Itri Sat, 04 Jul 2009 17:18:05 +0200 -openbsd-inetd (0.20080125-2ubuntu1) karmic; urgency=low - - * debian/{control,rules}: add and enable hardened build for PIE - (Debian bug 542738). - - -- Kees Cook Thu, 20 Aug 2009 19:07:35 -0700 - openbsd-inetd (0.20080125-2) unstable; urgency=high * Added dh_md5sums to debian/rules, since apparently people nowadays diff -Nru openbsd-inetd-0.20091229/debian/compat openbsd-inetd-0.20140418/debian/compat --- openbsd-inetd-0.20091229/debian/compat 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/compat 2014-06-03 02:52:27.000000000 +0000 @@ -1 +1 @@ -5 +9 diff -Nru openbsd-inetd-0.20091229/debian/control openbsd-inetd-0.20140418/debian/control --- openbsd-inetd-0.20091229/debian/control 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/control 2014-10-21 01:15:00.000000000 +0000 @@ -1,10 +1,12 @@ Source: openbsd-inetd Section: net Priority: optional -Maintainer: Ubuntu Developers -XSBC-Original-Maintainer: Marco d'Itri -Build-Depends: debhelper (>= 5.0), libwrap0-dev -Standards-Version: 3.9.3.1 +Maintainer: Marco d'Itri +Build-Depends: debhelper (>= 9), dh-systemd, + pkg-config, libbsd-dev (>= 0.6.0), libwrap0-dev +Standards-Version: 3.9.6 +Vcs-Git: git://anonscm.debian.org/users/md/openbsd-inetd.git +Vcs-Browser: http://anonscm.debian.org/cgit/users/md/openbsd-inetd.git Package: openbsd-inetd Architecture: any diff -Nru openbsd-inetd-0.20091229/debian/gbp.conf openbsd-inetd-0.20140418/debian/gbp.conf --- openbsd-inetd-0.20091229/debian/gbp.conf 1970-01-01 00:00:00.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/gbp.conf 2014-06-03 02:52:27.000000000 +0000 @@ -0,0 +1,6 @@ +[DEFAULT] +upstream-tag = v%(version)s +pristine-tar = False + +[pq] +patch-numbers = False diff -Nru openbsd-inetd-0.20091229/debian/inetd.service openbsd-inetd-0.20140418/debian/inetd.service --- openbsd-inetd-0.20091229/debian/inetd.service 1970-01-01 00:00:00.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/inetd.service 2014-10-21 01:13:07.000000000 +0000 @@ -0,0 +1,11 @@ +[Unit] +Description=Internet superserver +Documentation=man:inetd(8) +ConditionPathExists=/etc/inetd.conf + +[Service] +ExecStart=/usr/sbin/inetd -i +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff -Nru openbsd-inetd-0.20091229/debian/openbsd-inetd.default openbsd-inetd-0.20140418/debian/openbsd-inetd.default --- openbsd-inetd-0.20091229/debian/openbsd-inetd.default 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/openbsd-inetd.default 1970-01-01 00:00:00.000000000 +0000 @@ -1,2 +0,0 @@ -# openbsd-inetd settings -OPTIONS="" diff -Nru openbsd-inetd-0.20091229/debian/openbsd-inetd.init openbsd-inetd-0.20140418/debian/openbsd-inetd.init --- openbsd-inetd-0.20091229/debian/openbsd-inetd.init 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/openbsd-inetd.init 2014-10-21 01:18:57.000000000 +0000 @@ -35,7 +35,7 @@ } checknoservices () { - if ! grep -q "^[[:alnum:]/]" /etc/inetd.conf; then + if ! grep -q "^[[:alnum:][/]" /etc/inetd.conf; then log_action_msg "Not starting internet superserver: no services enabled" exit 0 fi diff -Nru openbsd-inetd-0.20091229/debian/openbsd-inetd.links openbsd-inetd-0.20140418/debian/openbsd-inetd.links --- openbsd-inetd-0.20091229/debian/openbsd-inetd.links 1970-01-01 00:00:00.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/openbsd-inetd.links 2014-10-21 01:13:07.000000000 +0000 @@ -0,0 +1,2 @@ +/usr/share/man/man8/inetd.8.gz /usr/share/man/man5/inetd.conf.5.gz +/lib/systemd/system/inetd.service /lib/systemd/system/openbsd-inetd.service diff -Nru openbsd-inetd-0.20091229/debian/openbsd-inetd.postinst openbsd-inetd-0.20140418/debian/openbsd-inetd.postinst --- openbsd-inetd-0.20091229/debian/openbsd-inetd.postinst 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/openbsd-inetd.postinst 1970-01-01 00:00:00.000000000 +0000 @@ -1,10 +0,0 @@ -#!/bin/sh -e - -if [ -x "/etc/init.d/openbsd-inetd" ] && which invoke-rc.d >/dev/null 2>&1; then - # Ignore any errors, this should be best-effort as it should not - # normally be needed in the first place. See #386469 for details. - invoke-rc.d openbsd-inetd stop || true -fi - -#DEBHELPER# - diff -Nru openbsd-inetd-0.20091229/debian/openbsd-inetd.postrm openbsd-inetd-0.20140418/debian/openbsd-inetd.postrm --- openbsd-inetd-0.20091229/debian/openbsd-inetd.postrm 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/openbsd-inetd.postrm 2014-10-21 01:18:57.000000000 +0000 @@ -1,7 +1,7 @@ #!/bin/sh -e if [ "$1" = "purge" ]; then - if [ -e /etc/inetd.conf ] && ! egrep -q '^[[:alnum:]/]' /etc/inetd.conf; then + if [ -e /etc/inetd.conf ] && ! grep -q '^[[:alnum:][/]' /etc/inetd.conf; then rm /etc/inetd.conf fi fi diff -Nru openbsd-inetd-0.20091229/debian/openbsd-inetd.preinst openbsd-inetd-0.20140418/debian/openbsd-inetd.preinst --- openbsd-inetd-0.20091229/debian/openbsd-inetd.preinst 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/openbsd-inetd.preinst 2014-06-03 02:52:27.000000000 +0000 @@ -48,25 +48,9 @@ chmod 644 /etc/inetd.conf } -upgrade_from_netkit_inetd() { - if [ -e /etc/cron.daily/netkit-inetd ]; then - rm -f /etc/cron.daily/netkit-inetd - fi - if [ -e /etc/init.d/inetd ]; then - rm -f /etc/init.d/inetd /etc/rc[2345].d/S20inetd - fi - - # be sure to kill the netkit-inetd daemon, which may still be active if - # the moon is wrongly aligned - if [ -e /var/run/inetd.pid ]; then - start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/inetd.pid - fi -} - case "$1" in install) create_inetd - upgrade_from_netkit_inetd ;; upgrade|abort-upgrade) diff -Nru openbsd-inetd-0.20091229/debian/patches/discard_env openbsd-inetd-0.20140418/debian/patches/discard_env --- openbsd-inetd-0.20091229/debian/patches/discard_env 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/patches/discard_env 2014-06-03 02:52:27.000000000 +0000 @@ -1,6 +1,6 @@ --- a/inetd.c +++ b/inetd.c -@@ -293,6 +293,7 @@ int bump_nofile(void); +@@ -290,6 +290,7 @@ int bump_nofile(void); struct servtab *enter(struct servtab *); int matchconf(struct servtab *, struct servtab *); int dg_broadcast(struct in_addr *in); @@ -8,14 +8,12 @@ #define NUMINT (sizeof(intab) / sizeof(struct inent)) char *CONFIG = _PATH_INETDCONF; -@@ -324,17 +325,21 @@ main(int argc, char *argv[], char *envp[ +@@ -321,15 +322,19 @@ main(int argc, char *argv[], char *envp[ { fd_set *fdsrp = NULL; int readablen = 0, ch; + int keepenv = 0; struct servtab *sep; - extern char *optarg; - extern int optind; initsetproctitle(argc, argv, envp); @@ -31,7 +29,7 @@ case 'R': { /* invocation rate */ char *p; int val; -@@ -352,12 +357,16 @@ main(int argc, char *argv[], char *envp[ +@@ -347,12 +352,16 @@ main(int argc, char *argv[], char *envp[ case '?': default: fprintf(stderr, @@ -49,7 +47,7 @@ uid = getuid(); if (uid != 0) CONFIG = NULL; -@@ -2057,3 +2066,45 @@ spawn(struct servtab *sep, int ctrl) +@@ -2052,3 +2061,45 @@ spawn(struct servtab *sep, int ctrl) if (!sep->se_wait && sep->se_socktype == SOCK_STREAM) close(ctrl); } @@ -105,7 +103,7 @@ .Op Fl R Ar rate .Op Ar configuration_file .Sh DESCRIPTION -@@ -62,6 +63,13 @@ The options are as follows: +@@ -58,6 +59,13 @@ The options are as follows: .Bl -tag -width Ds .It Fl d Turns on debugging. @@ -113,7 +111,7 @@ +Prevents +.Nm inetd +from laundering the environment. Without this option a selection of -+potentially harmful environent variables, including ++potentially harmful environment variables, including +.Pa PATH , +will be removed and not inherited by services. .It Fl R Ar rate diff -Nru openbsd-inetd-0.20091229/debian/patches/libwrap openbsd-inetd-0.20140418/debian/patches/libwrap --- openbsd-inetd-0.20091229/debian/patches/libwrap 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/patches/libwrap 2014-06-03 02:52:27.000000000 +0000 @@ -1,6 +1,6 @@ --- a/inetd.c +++ b/inetd.c -@@ -164,6 +164,11 @@ size_t strlcpy(char *, const char *, siz +@@ -161,6 +161,11 @@ #define CNT_INTVL 60 /* servers in CNT_INTVL sec. */ #define RETRYTIME (60*10) /* retry after bind or server fail */ @@ -12,7 +12,7 @@ int debug = 0; int nsock, maxsock; fd_set *allsockp; -@@ -332,7 +337,7 @@ main(int argc, char *argv[], char *envp[ +@@ -327,7 +332,7 @@ main(int argc, char *argv[], char *envp[ initsetproctitle(argc, argv, envp); @@ -21,7 +21,7 @@ switch (ch) { case 'd': debug = 1; -@@ -340,6 +345,15 @@ main(int argc, char *argv[], char *envp[ +@@ -335,6 +340,15 @@ main(int argc, char *argv[], char *envp[ case 'E': keepenv = 1; break; @@ -37,7 +37,7 @@ case 'R': { /* invocation rate */ char *p; int val; -@@ -357,7 +371,7 @@ main(int argc, char *argv[], char *envp[ +@@ -352,7 +366,7 @@ main(int argc, char *argv[], char *envp[ case '?': default: fprintf(stderr, @@ -46,12 +46,12 @@ exit(1); } argc -= optind; -@@ -1952,6 +1966,47 @@ spawn(struct servtab *sep, int ctrl) +@@ -1947,6 +1961,47 @@ spawn(struct servtab *sep, int ctrl) } sigprocmask(SIG_SETMASK, &emptymask, NULL); if (pid == 0) { +#ifdef LIBWRAP -+ if (lflag && !sep->se_wait && sep->se_socktype == SOCK_STREAM) { ++ if (lflag && !sep->se_wait && !sep->se_bi && sep->se_socktype == SOCK_STREAM) { + struct request_info req; + char *service; + @@ -104,8 +104,8 @@ .Op Fl R Ar rate .Op Ar configuration_file .Sh DESCRIPTION -@@ -70,6 +71,13 @@ from laundering the environment. Withou - potentially harmful environent variables, including +@@ -66,6 +67,13 @@ from laundering the environment. Withou + potentially harmful environment variables, including .Pa PATH , will be removed and not inherited by services. +.It Fl l @@ -118,7 +118,7 @@ .It Fl R Ar rate Specify the maximum number of times a service can be invoked in one minute; the default is 256. -@@ -353,6 +361,23 @@ is reread. +@@ -349,6 +357,23 @@ is reread. creates a file .Em /var/run/inetd.pid that contains its process identifier. diff -Nru openbsd-inetd-0.20091229/debian/patches/makefile openbsd-inetd-0.20140418/debian/patches/makefile --- openbsd-inetd-0.20091229/debian/patches/makefile 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/patches/makefile 2014-06-03 02:52:27.000000000 +0000 @@ -3,12 +3,12 @@ @@ -0,0 +1,20 @@ +CFLAGS ?= -g -O2 + -+DEFS := -DLIBWRAP -+LIBS := -lwrap ++DEFS := -DLIBWRAP $(shell pkg-config --cflags libbsd-overlay) ++LIBS := -lwrap $(shell pkg-config --libs libbsd-overlay) + +CPPFLAGS += $(DEFS) + -+inetd_OBJECTS := inetd.o setproctitle.o strlcpy.o bsd-closefrom.o ++inetd_OBJECTS := inetd.o + +all: inetd + @@ -19,5 +19,5 @@ + $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LIBS) + +clean: -+ rm -f inetd inetd.o setproctitle.o strlcpy.o ++ rm -f inetd inetd.o + diff -Nru openbsd-inetd-0.20091229/debian/patches/misc_portability openbsd-inetd-0.20140418/debian/patches/misc_portability --- openbsd-inetd-0.20091229/debian/patches/misc_portability 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/patches/misc_portability 2014-10-21 01:13:07.000000000 +0000 @@ -42,7 +42,7 @@ Examples might be .Dq tcp or -@@ -377,9 +375,7 @@ If you have only one server on +@@ -368,9 +366,7 @@ If you have only one server on only IPv6 traffic will be routed to the server. .El .Sh SEE ALSO @@ -51,8 +51,8 @@ -.Xr ftp-proxy 8 , .Xr ftpd 8 , .Xr identd 8 , - .Xr rshd 8 , -@@ -394,7 +390,23 @@ Support for Sun-RPC + .Xr talkd 8 +@@ -383,7 +379,23 @@ Support for Sun-RPC based services is modelled after that provided by SunOS 4.1. IPv6 support was added by the KAME project in 1999. @@ -86,7 +86,7 @@ #include #include -@@ -146,13 +147,18 @@ +@@ -146,11 +147,14 @@ #include #include #include @@ -101,12 +101,15 @@ -#include #include "pathnames.h" -+size_t strlcpy(char *, const char *, size_t); -+ #define TOOMANY 256 /* don't start more than TOOMANY */ - #define CNT_INTVL 60 /* servers in CNT_INTVL sec. */ - #define RETRYTIME (60*10) /* retry after bind or server fail */ -@@ -325,7 +331,6 @@ main(int argc, char *argv[]) +@@ -324,14 +328,11 @@ main(int argc, char *argv[]) + fd_set *fdsrp = NULL; + int readablen = 0, ch; + struct servtab *sep; +- extern char *optarg; +- extern int optind; + + while ((ch = getopt(argc, argv, "dR:")) != -1) switch (ch) { case 'd': debug = 1; @@ -114,7 +117,7 @@ break; case 'R': { /* invocation rate */ char *p; -@@ -367,9 +372,13 @@ main(int argc, char *argv[]) +@@ -373,9 +374,13 @@ main(int argc, char *argv[]) umask(022); if (debug == 0) { daemon(0, 0); @@ -128,7 +131,7 @@ if (uid == 0) { gid_t gid = getgid(); -@@ -414,6 +423,15 @@ main(int argc, char *argv[]) +@@ -420,6 +425,15 @@ main(int argc, char *argv[]) sa.sa_handler = SIG_IGN; sigaction(SIGPIPE, &sa, &sapipe); @@ -144,8 +147,8 @@ for (;;) { int n, ctrl = -1; -@@ -569,9 +587,6 @@ dg_badinput(struct sockaddr *sa) - return 0; +@@ -576,9 +590,6 @@ dg_badinput(struct sockaddr *sa) + goto bad; } - if (port < IPPORT_RESERVED || port == NFS_PORT) @@ -154,7 +157,7 @@ return (0); bad: -@@ -581,6 +596,7 @@ bad: +@@ -588,6 +599,7 @@ bad: int dg_broadcast(struct in_addr *in) { @@ -162,7 +165,7 @@ struct ifaddrs *ifa, *ifap; struct sockaddr_in *sin; -@@ -597,6 +613,7 @@ dg_broadcast(struct in_addr *in) +@@ -604,6 +616,7 @@ dg_broadcast(struct in_addr *in) } } freeifaddrs(ifap); @@ -170,16 +173,16 @@ return (0); } -@@ -1843,7 +1860,7 @@ print_service(char *action, struct servt +@@ -1852,7 +1865,7 @@ print_service(char *action, struct servt fprintf(stderr, - " wait.max=%hd.%d user:group=%s:%s builtin=%lx server=%s\n", + " wait.max=%d.%d user:group=%s:%s builtin=%lx server=%s\n", sep->se_wait, sep->se_max, sep->se_user, - sep->se_group ? sep->se_group : "wheel", + sep->se_group ? sep->se_group : "(default)", (long)sep->se_bi, sep->se_server); } -@@ -1951,6 +1968,7 @@ spawn(struct servtab *sep, int ctrl) +@@ -1960,6 +1973,7 @@ spawn(struct servtab *sep, int ctrl) if (uid != pwd->pw_uid) exit(1); } else { @@ -187,7 +190,7 @@ tmpint = LOGIN_SETALL & ~(LOGIN_SETGROUP|LOGIN_SETLOGIN); if (pwd->pw_uid) -@@ -1966,6 +1984,53 @@ spawn(struct servtab *sep, int ctrl) +@@ -1975,6 +1989,53 @@ spawn(struct servtab *sep, int ctrl) sep->se_service, sep->se_proto); exit(1); } @@ -241,187 +244,3 @@ } if (debug) fprintf(stderr, "%ld execv %s\n", ---- /dev/null -+++ b/strlcpy.c -@@ -0,0 +1,63 @@ -+/* $OpenBSD: strlcpy.c,v 1.4 1999/05/01 18:56:41 millert Exp $ */ -+ -+/* -+ * Copyright (c) 1998 Todd C. Miller -+ * All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. The name of the author may not be used to endorse or promote products -+ * derived from this software without specific prior written permission. -+ * -+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, -+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY -+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL -+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, -+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -+ * -+ * (Old style prototype traslated) -+ */ -+ -+#include -+#include -+ -+/* -+ * Copy src to string dst of size siz. At most siz-1 characters -+ * will be copied. Always NUL terminates (unless siz == 0). -+ * Returns strlen(src); if retval >= siz, truncation occurred. -+ */ -+size_t strlcpy(char *dst, const char *src, size_t siz) -+{ -+ register char *d = dst; -+ register const char *s = src; -+ register size_t n = siz; -+ -+ /* Copy as many bytes as will fit */ -+ if (n != 0 && --n != 0) { -+ do { -+ if ((*d++ = *s++) == 0) -+ break; -+ } while (--n != 0); -+ } -+ -+ /* Not enough room in dst, add NUL and traverse rest of src */ -+ if (n == 0) { -+ if (siz != 0) -+ *d = '\0'; /* NUL-terminate dst */ -+ while (*s++) -+ ; -+ } -+ -+ return(s - src - 1); /* count does not include NUL */ -+} ---- /dev/null -+++ b/bsd-closefrom.c -@@ -0,0 +1,115 @@ -+/* -+ * Copyright (c) 2004-2005 Todd C. Miller -+ * -+ * Permission to use, copy, modify, and distribute this software for any -+ * purpose with or without fee is hereby granted, provided that the above -+ * copyright notice and this permission notice appear in all copies. -+ * -+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ */ -+ -+#define HAVE_FCNTL_H -+#define HAVE_DIRENT_H -+#ifdef linux -+#define HAVE_DIRFD -+#define HAVE_PROC_PID -+#endif -+#define HAVE_SYSCONF -+ -+#ifndef HAVE_CLOSEFROM -+ -+#include -+#include -+#include -+#include -+#ifdef HAVE_FCNTL_H -+# include -+#endif -+#include -+#include -+#include -+#include -+#include -+#ifdef HAVE_DIRENT_H -+# include -+# define NAMLEN(dirent) strlen((dirent)->d_name) -+#else -+# define dirent direct -+# define NAMLEN(dirent) (dirent)->d_namlen -+# ifdef HAVE_SYS_NDIR_H -+# include -+# endif -+# ifdef HAVE_SYS_DIR_H -+# include -+# endif -+# ifdef HAVE_NDIR_H -+# include -+# endif -+#endif -+ -+#ifndef OPEN_MAX -+# define OPEN_MAX 256 -+#endif -+ -+#if 0 -+__unused static const char rcsid[] = "$Sudo: closefrom.c,v 1.11 2006/08/17 15:26:54 millert Exp $"; -+#endif /* lint */ -+ -+/* -+ * Close all file descriptors greater than or equal to lowfd. -+ */ -+#ifdef HAVE_FCNTL_CLOSEM -+void -+closefrom(int lowfd) -+{ -+ (void) fcntl(lowfd, F_CLOSEM, 0); -+} -+#else -+void -+closefrom(int lowfd) -+{ -+ long fd, maxfd; -+#if defined(HAVE_DIRFD) && defined(HAVE_PROC_PID) -+ char fdpath[PATH_MAX], *endp; -+ struct dirent *dent; -+ DIR *dirp; -+ int len; -+ -+ /* Check for a /proc/$$/fd directory. */ -+ len = snprintf(fdpath, sizeof(fdpath), "/proc/%ld/fd", (long)getpid()); -+ if (len > 0 && (size_t)len <= sizeof(fdpath) && (dirp = opendir(fdpath))) { -+ while ((dent = readdir(dirp)) != NULL) { -+ fd = strtol(dent->d_name, &endp, 10); -+ if (dent->d_name != endp && *endp == '\0' && -+ fd >= 0 && fd < INT_MAX && fd >= lowfd && fd != dirfd(dirp)) -+ (void) close((int) fd); -+ } -+ (void) closedir(dirp); -+ } else -+#endif -+ { -+ /* -+ * Fall back on sysconf() or getdtablesize(). We avoid checking -+ * resource limits since it is possible to open a file descriptor -+ * and then drop the rlimit such that it is below the open fd. -+ */ -+#ifdef HAVE_SYSCONF -+ maxfd = sysconf(_SC_OPEN_MAX); -+#else -+ maxfd = getdtablesize(); -+#endif /* HAVE_SYSCONF */ -+ if (maxfd < 0) -+ maxfd = OPEN_MAX; -+ -+ for (fd = lowfd; fd < maxfd; fd++) -+ (void) close((int) fd); -+ } -+} -+#endif /* !HAVE_FCNTL_CLOSEM */ -+#endif /* HAVE_CLOSEFROM */ diff -Nru openbsd-inetd-0.20091229/debian/patches/nodaemon openbsd-inetd-0.20140418/debian/patches/nodaemon --- openbsd-inetd-0.20091229/debian/patches/nodaemon 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/patches/nodaemon 2014-06-03 02:52:27.000000000 +0000 @@ -8,8 +8,8 @@ .Op Fl l .Op Fl R Ar rate .Op Ar configuration_file -@@ -71,6 +72,8 @@ from laundering the environment. Withou - potentially harmful environent variables, including +@@ -67,6 +68,8 @@ from laundering the environment. Withou + potentially harmful environment variables, including .Pa PATH , will be removed and not inherited by services. +.It Fl i @@ -19,14 +19,12 @@ Internal services cannot be wrapped. When enabled, --- a/inetd.c +++ b/inetd.c -@@ -331,13 +331,14 @@ main(int argc, char *argv[], char *envp[ +@@ -328,11 +328,12 @@ main(int argc, char *argv[], char *envp[ fd_set *fdsrp = NULL; int readablen = 0, ch; int keepenv = 0; + int nodaemon = 0; struct servtab *sep; - extern char *optarg; - extern int optind; initsetproctitle(argc, argv, envp); @@ -35,7 +33,7 @@ switch (ch) { case 'd': debug = 1; -@@ -345,6 +346,9 @@ main(int argc, char *argv[], char *envp[ +@@ -340,6 +341,9 @@ main(int argc, char *argv[], char *envp[ case 'E': keepenv = 1; break; @@ -45,7 +43,7 @@ case 'l': #ifdef LIBWRAP lflag = 1; -@@ -371,7 +375,7 @@ main(int argc, char *argv[], char *envp[ +@@ -366,7 +370,7 @@ main(int argc, char *argv[], char *envp[ case '?': default: fprintf(stderr, @@ -54,7 +52,7 @@ exit(1); } argc -= optind; -@@ -397,7 +401,11 @@ main(int argc, char *argv[], char *envp[ +@@ -392,7 +396,11 @@ main(int argc, char *argv[], char *envp[ umask(022); if (debug == 0) { diff -Nru openbsd-inetd-0.20091229/debian/patches/setproctitle openbsd-inetd-0.20140418/debian/patches/setproctitle --- openbsd-inetd-0.20091229/debian/patches/setproctitle 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/patches/setproctitle 2014-06-03 02:52:27.000000000 +0000 @@ -1,14 +1,6 @@ --- a/inetd.c +++ b/inetd.c -@@ -156,6 +156,7 @@ - #include - #include - #include "pathnames.h" -+#include "setproctitle.h" - - size_t strlcpy(char *, const char *, size_t); - -@@ -319,7 +320,7 @@ fd_grow(fd_set **fdsp, int *bytes, int f +@@ -317,12 +317,14 @@ fd_grow(fd_set **fdsp, int *bytes, int f struct sigaction sa, sapipe; int @@ -17,168 +9,10 @@ { fd_set *fdsrp = NULL; int readablen = 0, ch; -@@ -327,6 +328,8 @@ main(int argc, char *argv[]) - extern char *optarg; - extern int optind; + struct servtab *sep; + initsetproctitle(argc, argv, envp); + while ((ch = getopt(argc, argv, "dR:")) != -1) switch (ch) { case 'd': ---- /dev/null -+++ b/setproctitle.c -@@ -0,0 +1,146 @@ -+/* -+ * setproctitle implementation for linux. -+ * Stolen from sendmail 8.7.4 and bashed around by David A. Holland -+ */ -+ -+/* -+ * Copyright (c) 1983, 1995 Eric P. Allman -+ * Copyright (c) 1988, 1993 -+ * The Regents of the University of California. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in the -+ * documentation and/or other materials provided with the distribution. -+ * 3. All advertising materials mentioning features or use of this software -+ * must display the following acknowledgement: -+ * This product includes software developed by the University of -+ * California, Berkeley and its contributors. -+ * 4. Neither the name of the University nor the names of its contributors -+ * may be used to endorse or promote products derived from this software -+ * without specific prior written permission. -+ * -+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -+ * SUCH DAMAGE. -+ * -+ * From: @(#)conf.c 8.243 (Berkeley) 11/20/95 -+ */ -+char setproctitle_rcsid[] = -+ "$Id: setproctitle.c,v 1.3 1997/05/19 12:58:15 dholland Exp $"; -+ -+#include -+#include -+#include -+#include -+#include -+ -+#include "setproctitle.h" -+/* -+** SETPROCTITLE -- set process title for ps -+** -+** Parameters: -+** fmt -- a printf style format string. -+** a, b, c -- possible parameters to fmt. -+** -+** Returns: -+** none. -+** -+** Side Effects: -+** Clobbers argv of our main procedure so ps(1) will -+** display the title. -+*/ -+ -+ -+/* -+** Pointers for setproctitle. -+** This allows "ps" listings to give more useful information. -+*/ -+ -+static char **Argv = NULL; /* pointer to argument vector */ -+static char *LastArgv = NULL; /* end of argv */ -+static char Argv0[128]; /* program name */ -+ -+void -+initsetproctitle(int argc, char **argv, char **envp) -+{ -+ register int i; -+ char *tmp; -+ -+ /* -+ ** Move the environment so setproctitle can use the space at -+ ** the top of memory. -+ */ -+ -+ for (i = 0; envp[i] != NULL; i++) -+ continue; -+ __environ = (char **) malloc(sizeof (char *) * (i + 1)); -+ for (i = 0; envp[i] != NULL; i++) -+ __environ[i] = strdup(envp[i]); -+ __environ[i] = NULL; -+ -+ /* -+ ** Save start and extent of argv for setproctitle. -+ */ -+ -+ Argv = argv; -+ if (i > 0) -+ LastArgv = envp[i - 1] + strlen(envp[i - 1]); -+ else -+ LastArgv = argv[argc - 1] + strlen(argv[argc - 1]); -+ -+ tmp = strrchr(argv[0], '/'); -+ if (!tmp) tmp = argv[0]; -+ else tmp++; -+ strncpy(Argv0, tmp, sizeof(Argv0)); -+ /* remember to take away one or we go outside the array space */ -+ Argv0[sizeof(Argv0) - 1] = 0; -+} -+ -+void -+setproctitle(const char *fmt, ...) -+{ -+ register char *p; -+ register int i; -+ static char buf[2048]; -+ va_list ap; -+ -+ p = buf; -+ -+ /* print progname: heading for grep */ -+ /* This can't overflow buf due to the relative size of Argv0. */ -+ (void) strcpy(p, Argv0); -+ (void) strcat(p, ": "); -+ p += strlen(p); -+ -+ /* print the argument string */ -+ va_start(ap, fmt); -+ (void) vsnprintf(p, sizeof(buf) - (p - buf), fmt, ap); -+ va_end(ap); -+ -+ i = strlen(buf); -+ -+ if (i > LastArgv - Argv[0] - 2) -+ { -+ i = LastArgv - Argv[0] - 2; -+ buf[i] = '\0'; -+ } -+ (void) strcpy(Argv[0], buf); -+ p = &Argv[0][i]; -+ while (p < LastArgv) -+ *p++ = ' '; -+ Argv[1] = NULL; -+} -+ ---- /dev/null -+++ b/setproctitle.h -@@ -0,0 +1,4 @@ -+/* Call this from main. */ -+void initsetproctitle(int argc, char **argv, char **envp); -+ -+void setproctitle(const char *fmt, ...); diff -Nru openbsd-inetd-0.20091229/debian/patches/tcp46 openbsd-inetd-0.20140418/debian/patches/tcp46 --- openbsd-inetd-0.20091229/debian/patches/tcp46 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/patches/tcp46 2014-10-21 01:13:07.000000000 +0000 @@ -1,6 +1,6 @@ --- a/inetd.8 +++ b/inetd.8 -@@ -413,6 +413,11 @@ and IPv6 traffic will go to server on +@@ -405,6 +405,11 @@ and IPv6 traffic will go to server on If you have only one server on .Dq tcp6 , only IPv6 traffic will be routed to the server. @@ -14,16 +14,18 @@ .Xr fingerd 8 , --- a/inetd.c +++ b/inetd.c -@@ -814,10 +814,14 @@ doconfig(void) +@@ -816,11 +816,15 @@ doconfig(void) if (!port) { /* XXX */ -+ char *p; ++ unsigned char *p; strncpy(protoname, sep->se_proto, sizeof(protoname)); -- if (isdigit(protoname[strlen(protoname) - 1])) +- if (isdigit((unsigned char) +- protoname[strlen(protoname) - 1])) - protoname[strlen(protoname) - 1] = '\0'; -+ for (p = protoname; *p; p++) ++ for (p = (unsigned char *) ++ protoname; *p; p++) + if (isdigit(*p)) { + *p = '\0'; + break; @@ -31,7 +33,7 @@ sp = getservbyname(sep->se_service, protoname); if (sp == 0) { -@@ -1011,6 +1015,16 @@ setup(struct servtab *sep) +@@ -1015,6 +1019,16 @@ setup(struct servtab *sep) sep->se_service, sep->se_proto); return; } diff -Nru openbsd-inetd-0.20091229/debian/README.source openbsd-inetd-0.20140418/debian/README.source --- openbsd-inetd-0.20091229/debian/README.source 2012-08-22 09:49:31.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/README.source 2014-10-21 01:13:07.000000000 +0000 @@ -1,7 +1,24 @@ -mkdir openbsd-inetd -cd openbsd-inetd +# how to import a new upstream snapshot: + +mkdir TEMP +cd TEMP cvs -d anoncvs@anoncvs1.usa.openbsd.org:/cvs/src/usr.sbin/inetd/ co . cvs2cl rm -rf CVS +VERSION="$(head -1 ChangeLog | sed -re 's/-//g; s/ .*//; s/^/0./')" cd .. -mv openbsd-inetd openbsd-inetd-0... +mv openbsd-inetd-0.* openbsd-inetd-$VERSION + +cd openbsd-inetd-$VERSION +git checkout upstream +mv ../TEMP/* . +git add . +git commit -m "Imported Upstream version $VERSION" +git tag -s -m "Upstream version $VERSION" v$VERSION" +cd .. +tar cJvvf openbsd-inetd_$VERSION.orig.tar.xz openbsd-inetd-$VERSION/ \ + --exclude=.git --exclude=.pc + +cd openbsd-inetd-$VERSION +git checkout master +git merge -m "Merge upstream release v$VERSION" diff -Nru openbsd-inetd-0.20091229/debian/rules openbsd-inetd-0.20140418/debian/rules --- openbsd-inetd-0.20091229/debian/rules 2013-02-14 17:18:24.000000000 +0000 +++ openbsd-inetd-0.20140418/debian/rules 2014-10-21 01:13:07.000000000 +0000 @@ -1,12 +1,14 @@ #!/usr/bin/make -f SHELL+= -e -export DEB_BUILD_MAINT_OPTIONS := hardening=+bindnow,+pie DPKG_EXPORT_BUILDFLAGS = 1 +DEB_BUILD_MAINT_OPTIONS=hardening=+bindnow,+pie -include /usr/share/dpkg/buildflags.mk +-include /usr/share/dpkg/architecture.mk -include /usr/share/dpkg/architecture.mk -CC:=$(DEB_HOST_GNU_TYPE)-gcc +ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE)) + export CC := $(DEB_HOST_GNU_TYPE)-gcc +endif D := $(CURDIR)/debian/openbsd-inetd @@ -21,21 +23,23 @@ build-indep: debian/.stamp-build debian/.stamp-build: dh_testdir - $(MAKE) -f Makefile.debian CC=$(CC) + $(MAKE) -f Makefile.debian touch $@ binary-arch: checkroot build dh_testdir dh_prep - dh_installdirs usr/sbin/ usr/share/man/man5 + dh_installdirs usr/sbin/ usr/share/man/man5/ lib/systemd/system/ dh_installdocs dh_installman inetd.8 dh_installchangelogs ChangeLog - dh_link usr/share/man/man8/inetd.8.gz \ - usr/share/man/man5/inetd.conf.5.gz + dh_link install --mode=755 inetd $D/usr/sbin/ - dh_installinit --update-rcd-params="defaults 20" + cp debian/inetd.service $D/lib/systemd/system/ + dh_systemd_enable + dh_installinit --restart-after-upgrade + dh_systemd_start --restart-after-upgrade dh_strip dh_compress dh_fixperms @@ -44,7 +48,7 @@ dh_gencontrol dh_md5sums dh_builddeb - + binary: binary-arch binary-indep: diff -Nru openbsd-inetd-0.20091229/inetd.8 openbsd-inetd-0.20140418/inetd.8 --- openbsd-inetd-0.20091229/inetd.8 2011-06-25 21:50:01.000000000 +0000 +++ openbsd-inetd-0.20140418/inetd.8 2014-06-03 02:26:07.000000000 +0000 @@ -1,4 +1,4 @@ -.\" $OpenBSD: inetd.8,v 1.33 2008/06/28 10:54:45 sobrado Exp $ +.\" $OpenBSD: inetd.8,v 1.35 2012/03/06 01:25:47 dlg Exp $ .\" Copyright (c) 1985, 1991 The Regents of the University of California. .\" All rights reserved. .\" @@ -28,7 +28,7 @@ .\" .\" from: @(#)inetd.8 6.7 (Berkeley) 3/16/91 .\" -.Dd $Mdocdate: December 29 2009 $ +.Dd $Mdocdate: April 18 2014 $ .Dt INETD 8 .Os .Sh NAME @@ -240,15 +240,6 @@ .Xr talkd 8 are both examples of the latter type of datagram server. -.Xr tftpd 8 -is an exception; it is a datagram server that establishes pseudo-connections. -It must be listed as -.Dq wait -in order to avoid a race; -the server reads the first packet, creates a new socket, -and then forks and exits to allow -.Nm inetd -to check for new service requests to spawn new servers. The optional .Dq max suffix (separated from @@ -382,9 +373,7 @@ .Xr ftp-proxy 8 , .Xr ftpd 8 , .Xr identd 8 , -.Xr rshd 8 , -.Xr talkd 8 , -.Xr tftpd 8 +.Xr talkd 8 .Sh HISTORY The .Nm diff -Nru openbsd-inetd-0.20091229/inetd.c openbsd-inetd-0.20140418/inetd.c --- openbsd-inetd-0.20091229/inetd.c 2011-06-25 21:50:02.000000000 +0000 +++ openbsd-inetd-0.20140418/inetd.c 2014-06-03 02:26:07.000000000 +0000 @@ -1,4 +1,4 @@ -/* $OpenBSD: inetd.c,v 1.131 2009/10/27 23:59:51 deraadt Exp $ */ +/* $OpenBSD: inetd.c,v 1.136 2013/11/12 19:44:44 deraadt Exp $ */ /* * Copyright (c) 1983,1991 The Regents of the University of California. @@ -290,6 +290,12 @@ #define NUMINT (sizeof(intab) / sizeof(struct inent)) char *CONFIG = _PATH_INETDCONF; +void fd_grow(fd_set **fdsp, int *bytes, int fd); +int dg_badinput(struct sockaddr *sa); +void inetd_setproctitle(char *a, int s); +void initring(void); +u_int32_t machtime(void); + void fd_grow(fd_set **fdsp, int *bytes, int fd) { @@ -496,9 +502,10 @@ if (debug) fprintf(stderr, "accept, ctrl %d\n", ctrl); if (ctrl < 0) { - if (errno == EINTR) - return -1; - syslog(LOG_WARNING, "accept (for %s): %m", sep->se_service); + if (errno != EWOULDBLOCK && errno != EINTR && + errno != ECONNABORTED) + syslog(LOG_WARNING, "accept (for %s): %m", + sep->se_service); return -1; } if ((sep->se_family == AF_INET || sep->se_family == AF_INET6) && @@ -565,8 +572,8 @@ } break; default: - /* XXX unsupported af, is it safe to assume it to be safe? */ - return 0; + /* Unsupported AF */ + goto bad; } if (port < IPPORT_RESERVED || port == NFS_PORT) @@ -759,7 +766,8 @@ /* XXX */ strncpy(protoname, sep->se_proto, sizeof(protoname)); - if (isdigit(protoname[strlen(protoname) - 1])) + if (isdigit((unsigned char) + protoname[strlen(protoname) - 1])) protoname[strlen(protoname) - 1] = '\0'; sp = getservbyname(sep->se_service, protoname); @@ -814,7 +822,8 @@ /* XXX */ strncpy(protoname, sep->se_proto, sizeof(protoname)); - if (isdigit(protoname[strlen(protoname) - 1])) + if (isdigit((unsigned char) + protoname[strlen(protoname) - 1])) protoname[strlen(protoname) - 1] = '\0'; sp = getservbyname(sep->se_service, protoname); @@ -1663,7 +1672,7 @@ endring = ring; for (i = 0; i <= sizeof ring; ++i) - if (isprint(i)) + if (isprint((unsigned char)i)) *endring++ = i; } @@ -1841,7 +1850,7 @@ fprintf(stderr, "proto=%s,", sep->se_proto); fprintf(stderr, - " wait.max=%hd.%d user:group=%s:%s builtin=%lx server=%s\n", + " wait.max=%d.%d user:group=%s:%s builtin=%lx server=%s\n", sep->se_wait, sep->se_max, sep->se_user, sep->se_group ? sep->se_group : "wheel", (long)sep->se_bi, sep->se_server);