wireguard-openbsd/libexec/fingerd, branch masterWireGuard implementation for the OpenBSD kernelhttps://git.zx2c4.com/wireguard-openbsd/atom/libexec/fingerd?h=master2019-06-28T13:32:41ZWhen system calls indicate an error they return -1, not some arbitrary2019-06-28T13:32:41Zderaadtderaadt@openbsd.org2019-06-28T13:32:41Zurn:sha1:df69c215c7c66baf660f3f65414fd34796c96152
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
Move pledge to after getopt, when the finger program becomes known2018-08-03T15:14:18Zderaadtderaadt@openbsd.org2018-08-03T15:14:18Zurn:sha1:19a58c97c6ac669df6ffb98319f0862ab85f223b
(defaults to /usr/bin/finger, but can be redefined with -P option).
Then unveil that program for "x" (execution), and pledge as before.
No other filesystem accesses occur after that point.
4-step pledge in a program noone really uses anymore.2015-11-13T01:26:33Zderaadtderaadt@openbsd.org2015-11-13T01:26:33Zurn:sha1:6fc5b1151ffef2007462995d5414b2bd0163b53e
pledge "stdio inet dns proc exec" at startup.
In the logging codepath, "stdio dns proc exec" after getpeername()
drop to stdio proc exec(), before fork / execve
Parent moving data out of the pipe only needs "stdio"
_exit() in the child; as a result, must use syslog() directly.2015-11-13T01:23:59Zderaadtderaadt@openbsd.org2015-11-13T01:23:59Zurn:sha1:592468f08d9a79b1a946baa8151e768dbfa07692Replace <sys/param.h> with <limits.h> and other less dirty headers where2015-01-16T06:39:28Zderaadtderaadt@openbsd.org2015-01-16T06:39:28Zurn:sha1:b9fc9a728fce9c4289b7e9a992665e28d5629a54
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
remove .Tn; from Jan Stary <hans at stare dot cz>2015-01-15T19:06:31Zschwarzeschwarze@openbsd.org2015-01-15T19:06:31Zurn:sha1:12bc606974c905e41cd828804759a212d331fea1user error is not a bug. fingerd is not responsible for filtering out2014-11-20T13:21:05Ztedutedu@openbsd.org2014-11-20T13:21:05Zurn:sha1:e4a55fdf7b13239f8fd855bda9def2edc472c6e2
incorrect client garbage. ok deraadt sthen
Add STANDARDS section to finger(1)/fingerd(8).2013-11-14T08:50:04Zbentleybentley@openbsd.org2013-11-14T08:50:04Zurn:sha1:ef38614fcc9ff6ca80336734637385fa0564a26d
tweaks/ok jmc@
remove some unnecessary sys/param.h inclusions2012-12-04T02:24:45Zderaadtderaadt@openbsd.org2012-12-04T02:24:45Zurn:sha1:f4faee9106dab4458d5d3326f876cd772c8e31darcsid[] and sccsid[] and copyright[] are essentially unmaintained (and2009-10-27T23:59:19Zderaadtderaadt@openbsd.org2009-10-27T23:59:19Zurn:sha1:043fbe51c197dbbcd422e917b65f765d8b5f8874
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms