File: CHANGES

package info (click to toggle)
ident2 1.07-1.1
  • links: PTS
  • area: main
  • in suites: buster, jessie, jessie-kfreebsd, squeeze, stretch, wheezy
  • size: 324 kB
  • ctags: 80
  • sloc: ansic: 895; sh: 227; makefile: 41
file content (113 lines) | stat: -rw-r--r-- 4,932 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
--------- [07/22/2005
+ incorporated lsof patch which adds support for
  SunOS, NetBSD, OpenBSD, OSF/1, HP-UX
  (thanks inittab@netizenweb.com (Greg Schenzel))

--------- [05/18/2004
+ buffer overflow in _getl fixed :(

--------- [11/02/2003
+ fixed using data after it has been freed in sys/m_fbsd.c:m_get_uid()
  thanks to Ilya Novoselov <nullguid@t72.ru>

--------- [08/18/2000
+ forgot to specifiy option 'n' in getopt_long
  thanks to Johan Ekenberg <johan@ekenberg.se> for pointing this out

--------- [04/11/2000
+ correctly handles errno == EINTR when accept() returns -1
+ date formats in CHANGES file now Y2K compliant!

--------- [11/2/99
+ port to FreeBSD
+ PID registration, under FreeBSD, is also /var/run

--------- [9/18/99
+ changed all sprintf's to snprintf's
+ removed all potential security hazards (strcpy, memcpy, sprint, etc)
+ moved m_register_pid AFTER the initial fork()-to-become-daemon,
  otherwise wrong pid is registered.
+ d'oh. move m_reduce_rights AFTER m_register_pid, otherwise can't
  write pid to /var/run
- NOTE, snprintf is not portable. must be removed in future.

--------- [9/3/99]
+ performing security sweep. reevaluating choices
+ merged getopt_long support
+ added getopt_long detection to ./configure
+ wrote two help outputs (short and short+long versions)
+ implemented the --license parameter
+ implemented the --usage paramater

--------- [8/30/99]
+ moved srand(time(NULL)) out of INIT_GLOBALS and into the random reply generator
  function. rand is seeded every time, which is flawed, but still harmless.
  this was moved because the parent never actually calls rand(), which sucks
  because the children will keep generating the same reply.
+ implemented new machine call, m_register_pid(), for use in daemon mode,
  on systems that wish to keep track of running system services.
+ PID registration, under Linux, in /var/run
+ switched to a ./configure based setup

--------- [8/25/99]
+ changed m_linux.c to only setuid(). Under Linux, setuid() sets the effective
  userid as well as superuser. If this would be the case, seteuid() should fail.

--------- [8/9/99]
+ added random replies
+ fixed standard unspecial replies (INIT_GLOBALS wasn't initting!)
- ripped out config file parsers
- ripped out all semblances of IP masquerading
+ rather than trying to drop userid to nobody and failing if it
  doesn't work, it only tries to change uid if uid is 0, elsewise,
  keep current uid.
+ reworded README
  
--------- [6/11/99]
- removed throttled daemon. I felt this included some very unnatural
  code and it was a pain to debug. it was a research project at most.
+ rewrote config file parser
+ rewrote command-line processor
+ included GNU information on top of all source files
+ code cleaning spree. Optimized, minimalized, etc.
+ fixed buffer handling in some areas which may have been dangerous
+ reorganized some general code into common.c
+ stablized threaded daemon
+ rewrote README
+ reorganized throttled daemon
+ moved accept() out into the child process so we don't have
  to do any nasty stuff like return file descriptors to the
  parent through exit().
+ adopted capitalize global variables convention
+ decided to start DATING these changes

---------- 0.999c
+ no idea why I thought the user of 'nobody' couldn't carry on identity
  functions. The dropping to nobody under Linux has been reenacted.
+ fixed a diverge from RFC1413. Thanks to Piotr Kucharski <chopin@sgh.waw.pl>
  for pointing out that END OF LINE is clearly defined by the RFC as CRLF
  and not LF. Apologies to anyone affected by this.
+ fixed an 'off by one' error in the throttled implementation causing a
  garbage char to appear at the end of an ident query.
+ command-line option to display compile-time options.
+ shamelessly copied a pidentd convention. If you have the file .noident
  in your home directory, it will not send a response to anyone requesting
  an ident that resolves to your username.
+ dropping userid to 'nobody' has been changed to instead drop the access
  level to a user defined variable (which SHOULD be a username).
+ moved quite a few variables out into seperate #defines. 
+ dropping userid to 'nobody' as a security measure is back, again.
+ IP masquerading works! Much love to everyone who helped the
  debugging/fixing process. Especially Hans.
  -Actually, it only sort of works. Linux 2.0 and 2.1 have
  differing levels of success. Kernel 2.2 is supposedly going to
  settle on a format once and for all.
+ rand() wasn't being seeded. 
+ for some reason I wasn't making use of #define USER_REPLIES.
+ dropping the userid to 'nobody' makes servicing ident requests
  impossible. I'm dumb. The function 'go_nobody' and all references
  to it were removed.
+ major MAJOR rewrite. This introduced some more natural (ie, not kludgy)
  code as well as more bugs! It should also be easier to extend and
  expand. Hopefully noone will get hurt this time. :)