Home | History | Annotate | Download | only in inetd
History log of /src/usr.sbin/inetd/inetd.c
RevisionDateAuthorComments
 1.141  10-Aug-2022  christos PR/56963: Mark Davies: inetd not configured for rpc
Move RPC includes to inetd.h
 1.140  10-Aug-2022  dholland PR bin/56963 Mark Davies: inetd not configured for rpc

Instead of using negative flags to turn on positive flags, set -DRPC
in the makefile. Corrects a problem where the SunRPC code in parse.c
was accidentally left disabled.

This is a prime example of why we don't like negative flags...
 1.139  17-Oct-2021  ryo To an alias address, or in a multihoming environment, the internal dgram
server may respond from a different address than the destination address
sent by the client.
To solve this problem, I introduce sendfromto() and recvfromto() so that
the server can reply from the correct address, i.e., the destination address
used in the request.

This change also has the aspect of a reference implementation using the
RECVDSTADDR and PKTINFO socket options.
 1.138  12-Oct-2021  rillig inetd: remove trailing whitespace, add space after 'if' and 'for'

No functional change.
 1.137  12-Oct-2021  christos PR/56448: Solomon Ritzow: Various improvements.

Rate limiting code has been moved to ratelimit.c. I renamed
clear_ip_list to rl_clear_ip_list and broke the code up into more
functions. I have also made the per-IP rate limiting allocation more
efficient. IP addresses are now stored in their network format instead
of a string from getnameinfo (see inetd.h struct rl_ip_node). malloc
calls use only the space needed by the structure by using offsetof on
union members (I suppose this can be a bit dangerous if not done
correctly...). Per-IP rate limiting still supports textual comparison
using getnameinfo for address families other than AF_INET and AF_INET6, but I
don't think there are any that are actually compatible or used by inetd (I
haven't tested UNIX sockets with a remote bound to another file, but I did test
using IPv6 with the textual format by commenting out the IPv6 specific
code, and it works properly). Still potentially handy for the future.
The IP node list (se_rl_ip_list) now uses the <sys/queue.h> SLIST macros
instead of a custom list. I've broken rl_process up into helper functions
for each type of rate limiting and created a separate function for
address stringification, for use with printouts from the -d flag. I
tried to reduce stack memory use by moving printing code involving
string buffers into separate functions. I haven't tested rl_ipv6_eq on
a 32-bit system.

The code for the positional syntax has also been moved to parse.c.
Function try_biltin has been added to remove parse.c:parse_server's
dependency on the biltin structure definition.

File inetd.h has been updated with the proper function prototypes, and
the servtab structure has been update with the new IP node SLIST. I also
moved things around a bit. The way we (a peer and myself)
formatted inetd.h previously was somewhat confusing. Function and global
variable prototypes are now organized by the source file they are
defined in.

I also added a -f flag that I saw in another problem report
(https://gnats.netbsd.org/12823) that I thought could be useful. It
runs inetd in the foreground but without debug printouts or SO_DEBUG.
I'm not completely sure about the line "if (foreground) setsid()" that
I changed from "if (debug) setsid()".
 1.136  03-Sep-2021  rillig inetd: remove redundant tests before calling isspace
 1.135  03-Sep-2021  rillig inetd: remove redundant null check before free

No functional change.
 1.134  03-Sep-2021  rillig inetd: prepare for lint's strict bool mode

Lint's strict bool mode considers bool incompatible with the other
scalar types. This makes the type of expressions more visible in the
code. In particular, conditions of the form '!strcmp(...)' are no
longer allowed, they have to be written as 'strcmp(...) == 0'.

The operator '!' cannot be used with sep->se_wait since that has type
pid_t, not bool.

No change to the resulting binary.
 1.133  03-Sep-2021  rillig inetd: normalize indentation and alignment in comments
 1.132  31-Aug-2021  rillig inetd: fix Clang build

error: implicit conversion changes signedness: 'service_type' to 'int'
 1.131  30-Aug-2021  rillig inetd: raise WARNS from 5 to 6

The necessary fixes include:
* explicit integer conversions, to get rid of mixed signedness
* function prototypes for parameterless functions

While here:
* add space after comma
* add space after 'if'
* place the '{' of a function definition on a separate line
* rename variables 'bits' and 'temp' to 'hi' and 'lo'
* in parse_quote, prefer expressions over assignments
* make hex_to_bits static

No functional change.
 1.130  30-Aug-2021  rillig inetd: remove trailing whitespace
 1.129  30-Aug-2021  mlelstv Fix reverted logic when parsing server program.
Compare pointer with NULL not 0.
 1.128  29-Aug-2021  christos fix printf formats (intmax -> j)
 1.127  29-Aug-2021  christos Inetd enhancements by James Browning, Gabe Coffland, Alex Gavin, Solomon Ritzow
Described in:
https://www.mail-archive.com/tech-userlevel@netbsd.org/msg03114.html
And developed in:
https://github.com/ritzow/src/pull/1

From their notes:

All new functionality should be explained by the updated manpage.

The manpage has been refactored a bit: A new section "Directives"
has been added and the information about default hostnames and
IPsec directives has been moved there, and the new file include
directive information is also there.

getconfigent has the most major changes. A newline is no longer
read immediately, but is called only by a "goto more" (inside an
if(false) block). This allows multiple definitions or directives
to exist on a single line for anything that doesn't terminate using
a newline. This means a key-values service definition can be followed
by another key-values service definition, a positional definition,
or an ipsec, hostname, or .include directive on the same line.

memset is no longer used explicitly to clear the servtab structure,
a function init_servtab() is used instead, which uses a C struct
initializer.

The servtab se_group field is its own allocation now, and not just
a pointer into the user:group string.

Refactored some stuff out of getconfigent to separate functions
for use by parse_v2.c. These functions in inetd.c are named with
the form parse_*()

parse_v2.c only has code for parsing a key-values service definition
into a provided servtab. It should not have anything that affects
global state other than line and line_number.

Some function prototypes, structures, and #defines have been moved
from inetd.c to inetd.h.

The function config_root replaces config as the function called on
a config file load/reload. The code removed from the end of
config(void) is now called in config_root, so it is not run on each
recursive config call.

setconfig(void) was removed and its code added into config_root
because that is the only place it is called, and redundant checks
for non-null globals were removed because they are always freed by
endconfig. The fseek code was also removed because the config files
are always closed by endconfig.

Rate limiting code was updated to add a per-service per-IP rate
limiting form. Some of that code was refactored out of other places
into functions with names in the form rl_*()

We have not added any of the license or version information to the
new files parse_v2.c, parse_v2.h, and inetd.h and we have not
updated the license or version info for inetd.c.

Security related:

The behavior when reading invalid IPsec strings has changed. Inetd
no longer exits, it quits reading the current config file instead.
Could this impact program security?

We have not checked for memory leaks. Solomon tried to use dmalloc
without success. getconfigent seemed to have a memory leak at each
"goto more". It seems like inetd has never free'd allocated strings
when throwing away erroneous service definitions during parsing
(i.e. when "goto more" is called when parsing fields). OpenBSD's
version calls freeconfig on "goto more"
(https://github.com/openbsd/src/blob/c5eae130d6c937080c3d30d124e8c8b86db7d625/usr.sbin/inetd/inetd.c#L1049)
but NetBSD only calls it when service definitions are no longer
needed. This has been fixed. freeconfig is called immediately before
any "goto more". There shouldn't be any time when a servtab is in
an invalid state where freeconfig would break.
 1.126  27-Dec-2019  msaitoh s/suport/support/
 1.125  28-Nov-2017  martin branches: 1.125.4;
Bump MAXARGV from 20 to 64 - with bozohttpd and all config on the command
line it is easy to hit the (silent) limit.
 1.124  17-Oct-2017  ozaki-r Don't setup SPs if no policy sepecifier is specified

We expect that SPs are set up iff some policy sepecifier(s) are specified.

Found on investigating an issue reported by Robert Swindells
 1.123  15-Feb-2017  elric branches: 1.123.4;
Increase buffer size reported to strlcpy() to be one larger than the
length of the string we copy in so that there is space for the '\0'.
 1.122  05-Apr-2014  khorben branches: 1.122.2; 1.122.6; 1.122.10;
Use base 10 when logging the exit status or exit signal for sub-processes,
instead of hexadecimal.
 1.121  13-Dec-2012  christos branches: 1.121.6;
PR/47318: Henning Petersen: Replace (r)index with str(r)chr in inetd.c
And while here strncpy with strlcpy
 1.120  04-Jan-2012  drochner branches: 1.120.6;
include <netipsec/ipsec.h> rather than <netinet6/ipsec.h> from userland
where possible, for consistency and compatibility to FreeBSD
(exception: KAME specific statistics gathering in netstat(1) and systat(1))
 1.119  31-Aug-2011  joerg branches: 1.119.2;
Use __dead
 1.118  15-Dec-2010  pooka RLIMIT_NOFILE stabilized in NetBSD 17 years ago, so it's safe now
to remove the #ifdef's from around code which uses it.
 1.117  15-Dec-2010  pooka Nuke conditionally compiled MULOG stuff. Itojun wanted to do it
already 8 years ago when he fixed the compilation last time, and
again it hasn't been buildable in years.
 1.116  25-Mar-2010  dholland Avoid SIGSEGV in forked child process for (some?) instant-disconnect clients.
 1.115  22-Oct-2009  tsarna Back out mDNS changes which were not discussed.
There is design work that needs to be done first.
 1.114  22-Oct-2009  jkunz Add mDNS Service Directory support to inetd(8).
inetd(8) can now advertize services in the mDNS-SD.
(Per service configuration option in inetd.conf(5).)
 1.113  13-Jul-2009  roy Rename internal getline() function to get_line() so it does
conflict with the soon to be added getline(3) libc function.
 1.112  23-May-2009  christos print the proper client address (ryo shimizu)
 1.111  15-Apr-2009  lukem Fix -Wsign-compare issue
 1.110  08-Jan-2009  christos branches: 1.110.2;
- when we close an se_fd, set it to -1
- fix int/ssize_t/size_t/socklen_t issues
- fix casts
- remove unused variables
- fix prototypes
- fix const
- remove unneeded casts
 1.109  08-Jan-2009  christos PR/40340: Ed Ravin: Print the numeric address in addition to the hostname.
 1.108  08-Jan-2009  christos Print the numeric address of the host.
 1.107  04-Aug-2008  tls Add accept filters, ported from FreeBSD by Coyote Point Systems. Add inetd
support for specifying an accept filter for a service (mostly as a usage
example, but it can be handy for other things). Manual pages to follow
in a day or so.

OK core@.
 1.106  21-Jul-2008  lukem Remove the \n and tabs from the __COPYRIGHT() strings.
Tweak to use a consistent format.
 1.105  26-May-2008  dholland When running a builtin service (a what? yeah, a piece of useless
legacy code), if the builtin service forks (not all do), avoid leaking
listening sockets into the child process.

If the child process were to keep copies of the listening sockets
around and then hang about for a long time, it would prevent inetd
from being able to re-bind them upon restart.

The listening sockets are tagged close-on-exec, but that doesn't help
when one doesn't exec.

Patch from my own very old PR 8253.
 1.104  28-Apr-2008  martin branches: 1.104.2;
Remove clause 3 and 4 from TNF licenses
 1.103  16-Jan-2007  hubertf branches: 1.103.10;
* Don't include headers twice
* Remove a few trailing whitespaces
* Rearrange and join to one #if for some headers

Patch contributed by Slava Semushin <slava.semushin@gmail.com>
in private mail.
 1.102  02-Jan-2007  rillig Fixed gcc warnings about comparison between signed and unsigned, as well
as one case where a variable had been used for two different purposes
(which also required different types).
 1.101  11-May-2006  mrg - use socklen_t where appropriate
- avoid lvalue casts
 1.100  09-Apr-2005  christos Don't ignore SIGCHLD, because we are not going to get kqueue notifications
about it if we do.
 1.99  28-Nov-2004  christos Simplify code a bit, and whitespace.
 1.98  29-Oct-2004  dsl Add (unsigned char) cast to ctype functions
 1.97  20-Oct-2004  pk Add two missing `#ifdef INET6's.
 1.96  14-Sep-2004  rumble Change the log that is produced when the maximum spawn count per
last 60 second interval is reached to more accurately reflect
what has happened.

Also, break up a few long strings, obey 80 columns, and remove a
superfluous newline passed to syslog(3).
 1.95  25-Jan-2004  cube Allow quoting using single or double quotes inside inetd.conf. Closes
PR 24192 by Tyler Retzlaff.
 1.94  21-Oct-2003  fvdl Don't assign NULL to an integer.
 1.93  07-Aug-2003  agc Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22366, verified by myself.
 1.92  13-Jul-2003  itojun use strlcpy
 1.91  22-Apr-2003  itojun "user:group=foo.bar" is weird. use colon on both sides
 1.90  22-Apr-2003  itojun always configure IPV6_FAITH explicitly to avoid misconfiguring it on SIGHUP.
sync w/kame
 1.89  16-Feb-2003  tron Because signals are delivered synchronously via kqueue(2) there is no
reason to block and release them at various places.
 1.88  16-Feb-2003  tron Now that signal handling is done via kqueue(2) we need to enter
the event loop even if no sockets were created. This should fix
PR bin/20369 by Martin Husemann.
 1.87  13-Feb-2003  tron Improve kqueue(2) utilization:
- Don't invoke kevent(2) for every single event change. Instead collect
event changes and try to do them in the event loop.
- Handle signals via kevent(2) to avoid race conditions for SIGHUP (which
probably exist in the select(2) based implementation, too).
 1.86  12-Feb-2003  tron KNF.
 1.85  12-Feb-2003  tron Rewrite inetd(8) to use kqueue(2) for enhanced performance and scalability.
 1.84  19-Sep-2002  mycroft If we can't set FD_CLOEXEC on a listening socket, close it rather than allowing
it to be passed down to inetd's children.
Note: Setting FD_CLOEXEC can't actually fail, but we did check for the error
anyway...
 1.83  04-Jul-2002  itojun correct udp-from-broadcast check. From: andre@ae-35.com
 1.82  05-Jun-2002  itojun on internal udp echoback service, reject request if source address is a
broadcast address.
 1.81  01-Jun-2002  itojun no need for inetd_dummy variable. from openbsd
 1.80  01-Jun-2002  itojun minor KNF
 1.79  01-Jun-2002  itojun cleanup main() by splitting it up in two. inspired by openbsd change
 1.78  01-Jun-2002  itojun socklen_t cleanup. make MULOG code actually compile (is there anyone using
it? otherwise, i'd like to nuke it)
 1.77  31-May-2002  christos use setproctitle(3); from itojun.
 1.76  21-Jan-2002  wiz deamon -> daemon
 1.75  26-Dec-2001  abs Convert some 'long's to 'uint32_t's. Now rdate works against an LP64 box.
 1.74  06-Apr-2001  wiz Negative exit code cleanup: Replace exit(-x) with exit(x).
As seen on tech-userlevel.
 1.73  19-Feb-2001  cgd convert to use getprogname()
 1.72  11-Jan-2001  lukem use explicit name rather than __progname in openlog
 1.71  01-Aug-2000  itojun be more paranoid about UDP-based echo services validation. namely,
reject the following sources:
0.0.0.0/8 127.0.0.0/8 240.0.0.0/4 255.0.0.0/8
ff00::/8 ::/128
::ffff:0.0.0.0/96 and ::0.0.0.0/96 obeys IPv4 rule.
hint from deraadt.
 1.70  23-Jul-2000  mycroft Remove bogus typeof hack, and just use the type directly.
 1.69  08-Jul-2000  itojun permit square-bracket notation (as in RFC2732) for the first element
in inetd.conf. otherwise, we'll have (minor) problem putting IPv6 address in.
sync with kame.

[::1]:ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -ll
 1.68  07-Jul-2000  itojun explicitly check if the address family is supported, by using socket(2).
 1.67  05-Jul-2000  itojun more change on getaddrinfo error handling.

XXX enami, I admit it is not a good thing to check the error code from
getaddrinfo. it is sometimes mandatory, however. gai_strerror message
can be too generic in some cases. we can't really extend getaddrinfo,
as it was not invented by kame (see RFC2553)
 1.66  04-Jul-2000  itojun add faithd(8) support. with "faith/tcp6" protocol specification,
it will open a socket with setsockopt(IPV6_FAITH).
 1.65  04-Jul-2000  itojun emit more friendly message on nonexistent service name.
From: enami
 1.64  03-Jul-2000  itojun check for mux service by ISMUX(), not by != NORM_TYPE
(the assumption can bite us if we extend se_type to have more cases).
 1.63  03-Jul-2000  itojun remove duplicated ipsec setup code. we always call setup() on
socket reinitialization (like SIGHUP).
sync with kame.
 1.62  02-Jun-2000  fvdl branches: 1.62.2;
Modify to support RPC over IPv6.
 1.61  13-May-2000  itojun branches: 1.61.2;
use LOG_WARNING for syslog output for address family mismatch.
suggested by: thorpej
 1.60  13-May-2000  itojun correct extremely unfriendly error message when the kernel does not
support the address family (like including "tcp6" in inetd.conf, on
non-IPv6 kernel).

was:
inetd[185]: ftp/tcp6: *: hostname nor servname provided, or not known
now:
inetd[315]: ftp/tcp6: *: the address family is not supported by the kernel
 1.59  06-Mar-2000  itojun fix IPsec policy parser. #@ should affect multiple lines as documented.
 1.58  31-Jan-2000  itojun sync with latest libipsec.
since outgoing and incoming policy is separated, inetd can take multiple
policy specification, separated by ";".
 1.57  27-Jan-2000  itojun make error check against getnameinfo().
 1.56  13-Jan-2000  itojun call sigsetmask() on ipsec initialization failure.
 1.55  06-Oct-1999  ad A colon is the preferred way to split a user and group name pair; make this
possible and depreciate the use of dot.
 1.54  15-Sep-1999  itojun branches: 1.54.2;
fix internal servers (like echo) so that they can accept AF_INET6 connections.
add AF_INET6 support for port_good_dg().
 1.53  02-Aug-1999  sommerfeld Fix PR7739: correct -DRPC rot in inetd.c
 1.52  28-Jul-1999  itojun query service name properly on libwrap warnings.

NetBSD PR: 8101
 1.51  19-Jul-1999  ghudson se_wait stores pids; make it a pid_t.
 1.50  04-Jul-1999  itojun be more friendly with non-IPsec kernel (hide warnings).
 1.49  02-Jul-1999  itojun dual-stack inetd. you can write "tcp6" or "tcp4" into "protocol" field.
(the style is the rough consensus among v6 implementers so it will be
the standard style)

TODO: test rpc and tcpmux on IPv6.
TODO: test identd over IPv6.
 1.48  06-Jun-1999  thorpej Use pidfile(3).
 1.47  11-Apr-1999  hwr Prevent sending udp data to the obvious bad ports that are used for
DoS attacks (e.g. looping packets between two echo ports).
This should "fix" PR bin/2455.
Could please anyone with an appropriate "hacker tools" check this?
 1.46  20-Jan-1999  mycroft Revert previous.
 1.45  20-Jan-1999  mycroft Make all listening sockets non-blocking.
 1.44  18-Jul-1998  lukem use AF_LOCAL instead of AF_UNIX
 1.43  16-Jul-1998  tron From "buqtraq": avoid file descriptor leak if service is looping.
 1.42  01-May-1998  thorpej Add support for specifying the send and receive socket buffer sizes. This
is especially useful for TCP servers which must specify the receive
socket buffer size before the connection is made so that the connection's
window scale factor can be properly advertised.

Example /etc/inetd.conf configuration line:

shell stream tcp,rcvbuf=1m nowait root /usr/libexec/rshd rshd

That line will cause the rshd to advertise a 1 megabyte window, which could
improve the performance of an rcp in some situations.
 1.41  21-Mar-1998  mycroft Reset the SIGPIPE handler to SIG_DFL after forking.
 1.40  20-Jan-1998  christos PR/4837: Jeff Thieleke: inetd does not compile without libwrap.
 1.39  04-Dec-1997  mycroft Ignore SIGPIPE, which may be caused by non-forking internal TCP services if
the remote side closes the connection before we answer.
 1.38  17-Oct-1997  lukem branches: 1.38.2;
fix use of unix domain socketname length, and signal error if this
is exceeded. from enami tsugutomo <enami@ba2.so-net.or.jp> [bin/3369]
 1.37  08-Oct-1997  mycroft Don't sleep if we get EINTR from select(2) (e.g. because we got
a SIGCHLD when something died). From PR 4056, by David Holland.
 1.36  05-Oct-1997  mrg WARNS?=1
 1.35  05-Oct-1997  mrg merge lite2 [actually, just update ucb sccs id's]
 1.34  20-Apr-1997  mycroft Don't do libwrap checking for UDP services; they must do it internally on
every packet to be correct.
 1.33  19-Mar-1997  mycroft Don't attempt to use libwrap for `stream wait' services, where
we only have the listening socket.
 1.32  18-Mar-1997  mycroft Oops; for waiting stream services, we don't do an accept(); we
pass down the fd of the listening socket.
 1.31  14-Mar-1997  mycroft Output a + line for the tcpmux `help' service, and list itself.
 1.30  13-Mar-1997  mycroft Move all of the libwrap checking and subprocess startup into a separate
function. Arrange for tcpmux() to be called like other builtins, and have it
call the aforementioned function recursively. This allows tcpmux to be
wrapped, and always runs it after forking, so we don't freeze everything
else.
Also, use FD_CLOEXEC to close file descriptors, rather than iterating through
them ourself.
 1.29  13-Mar-1997  mycroft Fix typo.
 1.28  13-Mar-1997  mycroft Make the previous dependent on LIBWRAP_INTERNAL, which is not defined by
default.
 1.27  13-Mar-1997  mycroft If we forked for an internal service, make sure we always exit afterward.
 1.26  13-Mar-1997  mycroft If we're using libwrap. always fork. This only affects the time and daytime
services anyway.
 1.25  13-Mar-1997  mycroft Slight rearrangement to forking code. Also, always close the new descriptor
after a fork failure, even for a waiting service.
 1.24  13-Mar-1997  mycroft Another bug fix to tcpmux.
 1.23  13-Mar-1997  mycroft Merge changes from Lite2 (with bug fixes). Adds tcpmux.
 1.22  13-Mar-1997  mycroft When rejecting a UDP connection, make sure to flush the right socket.
 1.21  13-Mar-1997  mycroft Oops; subprocess must exit when rejecting connection.
 1.20  13-Mar-1997  mycroft Do libwrap access checking *after* forking.
 1.19  04-Mar-1997  mikel set proper length for sockaddr_un. fixes PR bin/3281 from Enami
Tsugutomo, but slightly differently; the code I added is basically
identical to SUN_LEN(), but avoids the unecessary strlen() call.
 1.18  12-Jan-1997  mikel fix problem with restarting service after SIGHUP (PR 3093)
indicate proper invocation point and RCS ID police (PR 3098)
 1.17  02-Jan-1997  mouse Per mail from Herb Peyerl, use LOG_AUTH for libwrap logging.
 1.16  30-Dec-1996  mouse Get the local-address-part code in here (instead of "comsat" you can
use "127.0.0.1:comsat"). While I'm here, do trailing whitespace
cleanup, .Nm usage police in the manpage, and a couple of trivial text
typo fixes.
 1.15  07-Dec-1996  mrg if se_argv[0] is NULL, use se_service.
 1.14  06-Dec-1996  mrg syslog allow/deny at the right severity.
 1.13  04-Dec-1996  mrg allow allow/deny severity to be compile-time configurable, use getservbyport()
correctly, and log the proto. from <jbernard@tater.Mines.EDU> in several PR's.
 1.12  26-Nov-1996  mrg use the new libwrap functionality to provide tcpd-like functionality
as part of inetd. uses /etc/hosts.{allow,deny} as tcpd does, etc. it
is basically exactly like tcpd except that you don't need to change
the server to /usr/local/sbin/tcpd.

XXX should document better somewhere
 1.11  22-Feb-1996  mycroft Always swap most of the fields when updating a config file entry; otherwise
we can get weird lossage when deleting a field (e.g. the group).
 1.10  02-Jun-1995  pk Remove local declarations of ctime().
 1.9  23-Dec-1994  cgd includes, for necessary prototypes, and avoid name collisions with the
include.
 1.8  25-May-1994  cgd kill stupidity
 1.7  17-May-1994  pk Keep up with changed rlimit structure.
 1.6  14-Dec-1993  pk RLIMIT_OFILE => RLIMIT_NOFILE
Do something sensible when current RLIMIT_NOFILE turns out to be infinity.
 1.5  13-Oct-1993  pk Allow for a group name to be specified in the ``user'' field: user[.group]
Allow for max # of invocations to be specified; appended to ``wait''
field: wait/nowait[.max]
Allow for RPC specifications in numeric format.
Inetd now stores its pid in `/var/run/inetd.pid'.
Support for AF_UNIX family.
 1.4  11-Oct-1993  mycroft Don't core dump on blank lines.
 1.3  01-Aug-1993  mycroft Add RCS identifiers.
 1.2  11-Jun-1993  brezak Add support for starting RPC servers.
 1.1  21-Mar-1993  cgd branches: 1.1.1;
Initial revision
 1.1.1.2  05-Oct-1997  mrg lite2
 1.1.1.1  21-Mar-1993  cgd initial import of 386bsd-0.1 sources
 1.38.2.5  25-Jan-1999  cgd revert pull up rev 1.45 from trunk (mycroft)
 1.38.2.4  20-Jan-1999  cgd pull up rev 1.45 from trunk (mycroft)
 1.38.2.3  27-Sep-1998  cgd pull up rev 1.43 from trunk (tron).
 1.38.2.2  05-May-1998  mycroft Pull up 1.41, per request of mycroft.
 1.38.2.1  15-Dec-1997  mellon Pull rev 1.39 up from trunk (mycroft)
 1.54.2.1  27-Dec-1999  wrstuden Pull up to last week's -current.
 1.61.2.1  22-Jun-2000  minoura Sync w/ netbsd-1-5-base.
 1.62.2.4  26-Jul-2000  mycroft Approved by thorpej:
Avoid using the `typeof' operator.

basesrc/usr.sbin/gspa/gspa/gsp_ass.h 1.5 -> 1.6
basesrc/usr.sbin/gspa/gspa/gspa.c 1.5 -> 1.6
basesrc/usr.sbin/inetd/inetd.c 1.69 -> 1.70
 1.62.2.3  13-Jul-2000  itojun pullup the following (approved by releng-1-5)
1.64 -> 1.65, 1.66 -> 1.69
 1.62.2.2  04-Jul-2000  thorpej Pull up rev. 1.64:
check for mux service by ISMUX(), not by != NORM_TYPE
(the assumption can bite us if we extend se_type to have more cases).
 1.62.2.1  04-Jul-2000  thorpej Pull up rev. 1.63:
remove duplicated ipsec setup code. we always call setup() on
socket reinitialization (like SIGHUP).
sync with kame.
 1.103.10.2  04-Jun-2008  yamt sync with head
 1.103.10.1  18-May-2008  yamt sync with head.
 1.104.2.2  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.104.2.1  23-Jun-2008  wrstuden Sync w/ -current. 34 merge conflicts to follow.
 1.110.2.1  13-May-2009  jym Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
 1.119.2.3  22-May-2014  yamt sync with head.

for a reference, the tree before this commit was tagged
as yamt-pagecache-tag8.

this commit was splitted into small chunks to avoid
a limitation of cvs. ("Protocol error: too many arguments")
 1.119.2.2  23-Jan-2013  yamt sync with head
 1.119.2.1  17-Apr-2012  yamt sync with head
 1.120.6.2  20-Aug-2014  tls Rebase to HEAD as of a few days ago.
 1.120.6.1  25-Feb-2013  tls resync with head
 1.121.6.1  10-Aug-2014  tls Rebase.
 1.122.10.1  21-Apr-2017  bouyer Sync with HEAD
 1.122.6.1  20-Mar-2017  pgoyette Sync with HEAD
 1.122.2.1  03-Jan-2018  snj Pull up following revision(s) (requested by martin in ticket #1534):
usr.sbin/inetd/inetd.c: revision 1.125
Bump MAXARGV from 20 to 64 - with bozohttpd and all config on the command
line it is easy to hit the (silent) limit.
 1.123.4.2  04-Dec-2017  snj Pull up following revision(s) (requested by martin in ticket #410):
usr.sbin/inetd/inetd.c: revision 1.125
Bump MAXARGV from 20 to 64 - with bozohttpd and all config on the command
line it is easy to hit the (silent) limit.
 1.123.4.1  21-Oct-2017  snj Pull up following revision(s) (requested by ozaki-r in ticket #331):
usr.sbin/inetd/inetd.c: revision 1.124
Don't setup SPs if no policy sepecifier is specified
We expect that SPs are set up iff some policy sepecifier(s) are specified.
Found on investigating an issue reported by Robert Swindells
 1.125.4.1  08-Apr-2020  martin Merge changes from current as of 20200406

RSS XML Feed