=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/Attic/porting.html,v retrieving revision 1.9 retrieving revision 1.10 diff -c -r1.9 -r1.10 *** www/Attic/porting.html 1998/08/12 22:13:02 1.9 --- www/Attic/porting.html 1998/08/13 23:11:18 1.10 *************** *** 67,92 ****
-lcrypt
.libc
.
! mktemp
warnings to be fixed.
! This is not as simple as s/mktemp/mkstemp/g
. If
you are not absolutely sure of what you are doing please request
help from the ports mailing
list.
strcat/strcpy/strcmp/sprintf
. In general,
sprintf
should be replaced with snprintf
.
! $
OpenBSD$
CVS tag to
! the Makefile. If importing a port from another system be sure to
! leave their tag in the Makefile, too. However, replace the FreeBSD
! $
Id$
tag with the
! $
FreeBSD$
tag.
! /usr/local/bin
or
--- 67,258 ----
-lcrypt
.libc
.
! $
OpenBSD$
CVS tag to
! the Makefile. If importing a port from another system be sure to
! leave their tag in the Makefile, too. However, replace the FreeBSD
! $
Id$
tag with the
! $
FreeBSD$
tag.
! strcat/strcpy/strcmp/sprintf
. In general,
sprintf
should be replaced with snprintf
.
!
! /tmp
with symbolic links to more strategic files, such as
! /etc/passwd
. For instance, the bsd linker warns about
! mktemp
uses. These must be fixed.
! This is not quite as simple as s/mktemp/mkstemp/g
.
!
! startx
problem. As a setuid program,
! you could launch startx with any file as a script. If the file was not
! a valid shell script, a syntax error message would follow, along with the
! first line of the offending file, without any further permission check.
! Pretty handy to grab the first line of a shadow passwd file, considering
! these often start with root entry. Once again, don't trust filenames:
! open your file, and do an fstat
on the open descriptor to
! check the actual rights.
!
! popen
and system
.
! Use fork
, pipe
and execve
instead.
!
! /dev/fd/0
.
!
! inetd
! control and just add the relevant entries to inetd.conf
.
! You must know the appropriate magic for writing daemons to achieve that.
! It could be argued that you have no business writing setuid programs if you don't
! know how to do that.
!
! xkobo
port for an instance of such a change.
!
! PATH
! (never use system
with an unqualified name), but also more subtle items
! such as your locale, timezone, termcap, and so on. Be aware of transitivity: even though you're
! taking full precautions, programs you call directly won't necessarily. Never
! use system
in privileged programs, build your command line, a controlled environment,
! and call execvp
directly. The perlsec
man page is a good tutorial on
! such problems.
!
! issetugid
addresses this problem, from the library writer point
! of view. Don't try to port libraries unless you understand this issue thoroughly.
__OpenBSD__
should be used sparingly, if at all.
+ Constructs that look like
+ + #if defined(__NetBSD__) || defined(__FreeBSD__) ++ are often inappropriate. Don't add blindly
__OpenBSD__
+ to it. Instead, try to figure out what's going on, and what actual
+ feature is needed. Manual pages are often useful, as they include
+ historic comments, stating when a particular feature was incorporated
+ into BSD. Checking the numeric value of BSD
against known
+ releases is often the right way. See
+ the NetBSD package guide
+ for more information.
+ BSD
is a bad idea. Try to include sys/param.h
.
+ This not only defines BSD
, it also gives it a proper value.
+ The right code fragment should look like:
+ + #if (defined(__unix__) || defined(unix)) && !defined(USG) + #include <sys/param.h> + #endif ++
tcgetattr
works than whether you're running
+ under BSD 4.3 or later, or SystemVR4. These kind of tests just confuse the
+ issue. The way to go about it is, for instance, to test for one particular
+ system, set up a slew of HAVE_TCGETATTR
defines, then proceed to
+ the next system. This technique separates features tests from specific OSes.
+ In a hurry, another porter can just add the whole set of -DHAVE_XXX
+ defines to the Makefile. One may also write or add to a configure script to check for
+ that feature and add it automatically. As an example not to follow, check nethack 3.2.2
+ source: it assumes loads of things based on the system type. Most of these assumptions
+ are obsolete and no longer reflect reality: POSIX functions are more useful than older
+ BSD versus SystemV differences, to the point that some traditional bsd functions are
+ now only supported through compatibility libraries.
+
+ #define POSIX_C_SOURCE
+ throughout the whole project, not when you feel like it.
+
+ unistd.h
, fcntl.h
or termios.h
.
+ The man page frequently states where the prototype lies. You might need
+ another slew of HAVE_XXX
macros to procure the right file.
+ Don't worry about including the same file twice, include files have guards
+ that prevent all kinds of nastiness.unsigned long
instead of size_t
), or get some
+ const
status wrong. Also, some compilers, such as OpenBSD's own gcc,
+ are able to do a better job with some very frequent functions such as
+ strlen
if you include the right header file.
+
+ + /* prototype part */ + #ifdef USE_OWN_GCVT + char *foo_gcvt(double number, size_t ndigit, char *buf); + #else + /* include correct file */ + #include <stdlib.h> + /* use system function */ + #define foo_gcvt gcvt + #endif + + /* definition part */ + #ifdef USE_OWN_GCVT + char *foo_gcvt(double number, size_t ndigit, char *buf) + { + /* proper definition */ + } + + /* typical use */ + s = foo_gcvt(n, 15, b); ++
/usr/local/bin
or
***************
*** 101,110 ****
ncurses.h ==> curses.h
-lncurses ==> -lcurses
ocurses.h/libocurses
.