A change log of this software can be found at the end of this document. For announcements of updates, send mail to majordomo@porcupine.org with as body (not subject): subscribe logdaemon-announce Report problems to: Wietse Venema (wietse@porcupine.org) IBM T.J. Watson Research Center P.O. Box 704, Yorktown Heights, NY 10532 USA Warning: ======== Many programs in this kit replace system utilities. Don't replace system utilities unless you are an experienced system programmer and system administrator. I am using these programs daily on SunOS 4 and SunOS 5 systems, so I am pretty confident that they work well in these environments. Other plaforms that are supported to some extent: Ultrix 4, IRIX 5, HP-UX 9 and OSF 1 (Digital UNIX). However, I do not have root access on such systems so I unable to verify that the programs are really compatible with the ones that they replace. Introduction: ============= This archive contains the result of years of gradual transformations on BSD source. All code works with SunOS 4, SunOS 5 (Solaris), Ultrix 4.x and other BSD43/SYSV4 clones. In addition, the S/Key-ified parts work with IRIX 5.3, HP-UX 9.0, and Sony NewsOS 4.x; the login clone also reportedly works with Linux. There is a very good chance everything now also works with Digital UNIX, but I was unable to test this myself. (1) rsh and rlogin daemons that log the remote username and perform logging and access control in tcp/ip wrapper style. By default these daemons do not accept wildcards in hosts.equiv or .rhosts files. Both daemons have an '-l' option to disable user .rhosts files. The rshd optionally logs the user command (edit Makefile). The programs are more picky than usual about file permissions of .rhosts files: they must be owned by the user (or by the superuser), and they may not be group or world writable. (2) ftpd, rexecd and login software with fascist login failure logging and with optional support for S/Key one-time passwords. The rexecd daemon disallows root logins, once my favourite backdoor. The support for S/Key one-time passwords is optional, and completely invisible to users that do not need it. UNIX passwords are still permitted by default. A short description of how to use S/Key can be found in the skey subdirectory. Binaries for DOS and other systems can be found on thumper.bellcore.com. The rexecd optionally logs the user command (edit Makefile). (2a) ftpd and login software that supports the SecureNet card (code donated by William LeFebvre, Argonne National Laboratory). This software needs a DES library (for example, host ftp.psy.uq.oz.au directory /pub/Crypto/DES). See snk/README for more information. The code has been tested with SunOS 4.x and 5.x. (3) an S/Key login shell for sites that cannot replace the login program. Users first log into a password-less dummy account. The S/Key login shell prompts for their real account name and presents the corresponding S/Key challenge. The S/Key support uses the MD4 or MD5 hash function. The mode (MD4 by default, for backwards compatibility) is selected in skey/Makefile. The rshd and rlogind programs need the libwrap.a library that comes with recent (version >= 7.0) tcp/ip daemon wrapper implementations. In order to build rshd and rlogind you will have to do a setenv LOG_TCP /directory/with/libwrap.a Contents per directory: ======================= rlogind logging and access control in tcp wrapper style. Regular access is logged (by default) with priority daemon.info. Rejected access is logged with daemon.warn or more urgent. SunOS 4.x, SunOS 5.x and Ultrix 4.x. In order to use the "-l" (ignore user .rhosts files) option you will also need to install the login clone (see below). rshd logging and access control in tcp wrapper style. Regular access is logged (by default) with priority daemon.info. Logging of commands is a compile-time option (see the rshd/Makefile). Rejected access is logged with daemon.warn or more urgent. SunOS 4.x, SunOS 5.x and Ultrix 4.x. login hacked for SunOS 4.x, SunOS 5.x, with optional access control per (user,host) or per (user, tty); fbtab(5) security; fascist login failure logging. Regular logins are logged with priority auth.info, unusual or rejected logins with auth.notice. S/Key support. Can also be used with Ultrix 4.x for logins on non-graphics consoles. Appears to work with IRIX 5.3, HP-UX 9.0 and Linux (Slackware), NewsOS 4.x, Digital UNIX. rexecd Regular access is logged with priority daemon.info. Fascist login failure logging. Logging of commands is a compile-time option (see rexecd/Makefile). Rejected access is logged with auth.warn or more urgent. Access to the root account is prohibited. S/Key support. SunOS 4.x, SunOS 5.x and IRIX 5.3. Should also work with Ultrix. May work with HP-UX 9.0 and NewsOS 4.x, Digital UNIX. ftpd ftp daemon with fascist logging and login failure detection much like the login clone. Also logs anonymous ftp transfers. Tested with SunOS [45]. S/Key support. Should also work with Ultrix 4.x. May work with IRIX 5.3, HP-UX 9.0, NewsOS 4.x, Digital UNIX. telnetd pretty dumb BSD 4.3 telnetd. No access control or logging, but compatible with SunOS 4.x, Ultrix 4.x, SunOS 5.x. Relatively poor in features (no environment passing) so there is less risks of surprises. keysu NET/2 BSD su command ported back to SunOS 4.x, with S/Key support. Tested with FreeBSD and SunOS 4.1.3. May work with IRIX 5.3, HP-UX 9.0, NewsOS 4.x, Digital UNIX. skeysh An S/key login shell for sites that cannot replace the login program. The solution is to create a dummy account with skeysh as the login shell. skeysh is nothing but a stripped-down skey-only login program. People first log into the dummy account. This drops them into skeysh that prompts them for their real account name and presents the corresponding S/Key challenge. Tested with SunOS 4.1.3 and with Solaris 2.3 and IRIX 5.3. Should work anywhere the login clone works. lib additional routines used by login and by some daemons. Includes the ruserok() function that understands NIS, NFS (yuck) and that optionally skips user .rhosts files, and functions that mangle various UTMP file formats. skey Portions of S/Key source from thumper.bellcore.com, plus code that I hacked together myself. All bugs are my own. Edit the Makefile to choose between the MD4 or MD5 secure hash function. MD4 is default, for backwards compatibility. snk Code for the SecureNet card by William LeFebvre, Argonne National Laboratory). See snk/README for more information. Change log: =========== 19901218 Fixed a problem with NOFLSH in login.c that caused interrupts to not flush the terminal input queue. 19910209 Added per-user login access control. 19911128 Added support to login for SunOS 4.x style /etc/fbtab, a table of devices whose protection and ownership is to be adjusted when a user logs in. 19920609 Added tcp wrapper (log_tcp) style access control to rlogind and rshd. Improved the remote host name verification code. Added the LD_xxx environment fix to login. 19920624 Login no longer just dies when the connection is broken, but first reports a login failure. This exposes an old cracker's trick. 19921029 Ported to Ultrix 4.2. Most of the work was finding out why the login process did not have a controlling terminal. 19921208 Ported to Solaris 2.0. rlogind can now work with the /bin/login that comes with most UNIXes. This was desirable because not everyone is in a position to replace /bin/login. Moreover, some SYSV logins can't even support the '-f' option at all (or everyone could login without a password). 2alpha version released. 19921229 Tested with Solaris 2.1; some cleanups after looking at modified 4.4BSD sources from Charles Hedrick (hedrick@cs.rutgers.edu). The sources can be found on farside.rutgers.edu. 19930103 Most of the sensible SYSV login features implemented. Frozen after check, check and double check. The source really suffered from porting and has become too ugly. It becomes a lot more readable after running through the unifdef program. Version 2beta released. 19930119 Version 2 released after compatibility patches: rshd path; disabling the local domain stripping in login.c; cleanup utmpx file after rejecting an rlogin connection. 19930221 Added group support to the login access control code, so that we can disallow off-site logins to wheel group members. Group matches work only for accounts that are explicitly listed in the group file: the matching is not based on group id values. 19930222 Stole the code for the EXCEPT operator from the tcp wrapper. This, and the previous change, allows me to replace: # Disallow non-local logins into the wheel accounts +:foo bar baz:LOCAL .my.domain -:foo bar baz:ALL into the much easier to understand: -:wheel:ALL EXCEPT LOCAL .my.domain Assuming, of course, that the default is to permit access. 19930331 Added per-program hints on how to configure syslogd. Added __svr4__ to the Solaris CFLAGS macro because the unbundled C compiler does not define it. 19930925 Upped the number of ptys that telnetd and rlogind will attempt to open. The original versions would give up after 64 ptys. 19930925 rshd now preserves TZ info when running under SunOS 5. We were too compatible with SunOS 5. 19930925 login will now syslog() all regular logins, too. It took me too much time to examine individual wtmp files. 19930929 Ultrix last minute patch to fix rshd environment handling. The fix must be ok for SunOS too but no time to verify this. 19931206 With SunOS 5.x, Do not pass the "-p" option to login. 19931212 Added logindevperm support for compatibility with SunOS 5.3. 19931212 Added support to the login command for secure (DES) RPC (only for SunOS [45].x). This requires that the cleartext password be kept around until we have dropped privileges. Had to jump some hoops to prevent the program from ever dropping core with a cleartext password. 19931212 Print error message when the login.access file exists but cannot be opened. 19931225 Added S/Key support to login 'cause I was going on a trip. 19931229 While on my trip, added S/Key support to ftpd. 19940106 Woke up at 5am and realized there was a problem in my S/Key stuff. 19940107 S/Key Solaris portability fixes from Douglas Lee Schales. 19940110 Make sure that keyinit does not produce world-writable files. 19940112 SysV4.0 wtmpx portability fixes from Baruch Cochavy. 19940124 Fixed some ftpd and skey things that broke for Ultrix 4.x. 19940125 Fix for Solaris uname(2) >0 return value. I fixed this before but somehow the change got misplaced. From Douglas Lee Schales. 19940130 Made initial seed from skeyinit.c more random (use seconds instead of minutes). I managed to produce the same seed on multiple machines. The whole seed generation procedure sucks anyway: taking the first two letters of a host name. 19940205 Made initial seed from skeyinit.c more random (use last 5 digits of current time in seconds). 19940206 Fixed some login Makefile things that broke for Ultrix 4.x. 19940206 Had some real fun with (argh) NIS+. The old BSD login code would blindly close all filedescriptors > 2 right AFTER it had processed the command-line options. I had to move the closing of open files right to the top of the main program. The reason for this is that all kinds of nisplus library routines secretly open sockets or files and keep them open forever. They get very upset when you unexpectedly close their open files. 19940306 Finally got so disgusted from the BSD/SYSV #ifdefs that I began to clean up the login program. From now on we use POSIX instead of BSD/SYSV ifdefs. Many of my personal enhancements are no longer conditional. Ultrix misses some definitions so login won't compile there anymore. Kerberos code for login.c (John DiMarco ). 19940312 Security feature: when S/Key decides whether UNIX passwords are ok, skip IP addresses listed for the remote host that appear to belong to someone else. Cleaned up the rlogind/telnetd code (POSIX interfaces instead of BSD/SYSV ifdefs). Changed the ftpd S/Key password prompt so that the MS-DOS `termkey' TSR can parse it. 19940314 Cleaned up the ftpd code (POSIX interfaces instead of BSD/SYSV ifdefs). Ultrix misses some definitions so ftpd won't compile there anymore. All code now compiles and works on freebsd, which has become my development platform while traveling. The code compiles OK on an Indy running IRIX 5.something: just pretend to be sunos5. 19940317 The telnetd/login programs no longer assume 7 or 8 bits, but leave CS7/CS8 tty settings alone. 19940321 Modern rloginds seem to prefer 8-bit clean settings, so we force CS8 from now on. 19940326 Our system administrator wanted netgroup support in the login access control file. This took only a few lines of code. A netgroup is written as @name, and can be used in host patterns and in user patterns. Included the keyinfo command and documentation, after getting rid of localisms. keyinit now restores the tty settings when it is interrupted. logdaemon-4.1.tar.Z released. 19940426 Backwards compatibility code for Ultrix in login and ftpd. Added keysu (s/key su) command. This has little to do with daemon stuff but it just makes the package complete. This has been tested only with SunOS 4.x and FreeBSD. Unset FLUSHO in login.c, in case it helps. 19940430 rexecd and rlogind now use the fd_set macros, to shut up the ANSI C compiler. converted net/2 su.1 man page to old -man macro style. William C. DenBesten asked for user@host patterns in the login access control files, so he could control many machines with just one set of rules. Fortunately, this took only a few lines of code. The hostpart is matched against the local host name. With user@host patterns and netgroups you can build impressive patterns such as @usergroup@@hostgroup. 19940505 Peter Kossakowski (dfn cert) mentioned he usefulness of the -l option to ignore user .rhosts files. On most systems, the ruserok() library function have no support for that, so a modified version is provided. As a bonus, '+' wildcards are by default no longer accepted. Instead a loud complaint is sent to the syslogd. The programs must be compiled without -DNOPLUS to re-enable '+' wildcards. The -l option is supported by rshd, rlogind and by the login program (rlogind must pass on the -l option when the login program does the hosts.equiv/rhosts processing). Thus, in order to use -l you will have to replace both rlogind and login (and, of course, rshd). Most path names and syslog logging classes are now configurable from the Makefile. 19940516 Fixed the README and released version 4.2. 19940523 Just like the login program, the ftpd now tries to avoid dumping core with cleartext or encrypted (shadow) passwords. 19940628 Generalized the format of the /etc/skey.access file so you can permit/deny UNIX passwords depending on user, tty and/or host. There is a new manual page, skey/skey.access.5 that documents this new format. 19940718 Fixed another thing that broke with Ultrix: in lib/rcmd.c moved an #endif up to above the rresvport() routine. Now that you can specify what terminals are secure, the S/Key code has been modified to always permit UNIX passwords on the console. This saves you the embarrasment of having to break into your own machine. Alas, on some systems the console is not called /dev/console. Released version 4.3. 19940908 Added -user and -host support to ruserok(). No-one complained sofar, but most systems document it. Looks like one feature that Berkeley dropped. HP-UX and BSDI support from Howard Chu for login, keysu and s/key. Replaced Howard's "vendor" #ifdefs by "feature" #ifdefs. (s/key) When built with -DSECURETTY, the keysu command will not accept the root password unless it is invoked from a secure terminal. Idea from Howard Chu. (s/key) "keyinit -s" would ask for counts up to 10000 but the actual limit is 9999 (Howard Chu). (s/key) Eliminated a possible localhost vs localhost.domain clash (Howard Chu). 19940910 Collected system dependencies in one central file (sys_defs.h) and cleaned up the Makefiles. This may help when porting to other systems. 19940911 After discussions with Guido van Rooij, documented several host name and address spoofing loopholes that may cause S/Key to permit UNIX passwords to unauthorized clients. 940914/5 Porting rexecd, ftpd, rlogind and telnetd to HP-UX 9.0 was not impossibly difficult. The effort may be useful to someone. 19940917 Disabled the `site' extensions (umask, chmod) for ftp guest logins. 19940922 Replaced the MD4 code by the byte-order independent versions from the NRL distribution on thumper.bellcore.com. MD4 is still the default. Edit skey/Makefile to switch to MD5. 19941001 Idea from *Hobbit*: sites that cannot replace their login program create a dummy s/key account with as login shell a very much stripped-down skey-only login program. The skeysh program is my result of such an exercise. 19941002 Cleaned up docs and comments. Released version 4.4. 19941014 setenv() was missing an argument in skeysh/skeysh.c. This should not cause problems, but gcc barfs on it. sigh. 19941022 Fixed pointer indirection level in lib/utmp_login.c. This would produce unpredictable results for HP-UX. 19941105 Parametrized some hard-coded lengths for environment variables and fixed some rather short limits on username length. 19941121 Changed the default console from /dev/console to none. This is more compatible with SysV (Kevin Davidson). 19941121 Dropped ptyopen() etc. support for HP-UX. Having to support BSD and SYSV ptys is bad enough. 19941126 It seems that assignments of static data to the environ variable may cause trouble on non-BSD systems. Instead of environ = envinit; execl(...); we no longer replace environ but truncate it and use putenv(): environ[0] = 0; putenv(...); 19941127 On System V all daemons now preserve the complete initial environment. There were several reports of missing TZ values. I was unable to reproduce them with Solaris 2.3 and gcc. 19941127 Fixed skey/skeylogin.c to look at more than just the first 8 characters of the login name. 19941127 Fixed something in the skeysh/Makefile that broke on Ultrix. Released version 4.5. 19941129 With Solaris 2.x, keysu would recognize '-' as a user name. This is due to getopt() incompatibilities. Fix: SysV su does not support options anyway, so drop the getopt loop. Reported by in1052@wlv.ac.uk (A.Parkes). 19941129 Found another static assignment to environ in keysu.c. 19941130 Should have used setenv() to set the user's path in keysu. Reported by Patrick Cipiere . 19941209 With passive open, do not wait forever in accept(). Idea from casper@fwi.uva.nl in article <3asnqc$1h0@mail.fwi.uva.nl>. 19941218 Changed rlogind and rshd to use the open-ended tcp wrapper 7.0 programmatic interface, so that banners can be used. 19950101 Patches from David Mazieres: close redundant file descriptors in rshd and rexecd; workaround for broken HPUX setsid(); also, the HP-UX baud-rate codes differ from those on other platforms. 19950101 Ftpd would send bare linefeeds when listing files over an ASCII-mode data connection, causing problems with wattcp clients (reported by Shou-Chuan Lai). 19950108 Released 4.6, together with TCP wrappers 7.0. 19950111 David Mazieres: HPUX cc is pickier than I expected. What's worse, they already define a struct request_info. Time for a horrible workaround. 19950111 In S/Key passwords, accept commas instead of blanks, to work around stupid software that collapses blanks in passwords. 19950121 Added SYSV shadow support to keysu (suggestion: Leif Hedstrom). 19950213 skeyaccess could dereference a null pointer when host lookup failed (Larry J. Blunk @ Merit.edu). How embarrassing. 19950222 Make ftpd try again when the data port bind() fails with EADDRINUSE. 19950222 keysu did not strip the "/dev/" from the device name when looking for a secure terminal (Rob Liebschutz). Released 4.7. 19950229 Oops. The securetty code in keysu looked at the wrong tty variable (Matthew Needes). 19950308 Some Solaris applications may pass a '-' as username to /usr/bin/login (Kadlecsik Jozsi). 19950321 Protected all environ[0]=0 assignments by a test if environ is nonzero. Ultrix daemons may have a null environment pointer, how bizarre. Paul Sijben helped me figure out this one. 19950414 Oops. do_access() should call exit() not cleanup() (credits to Shou-Chuan Lai of National Tsing Hua University). 19950422 Completed ULIMIT, UMASK and SLEEPTIME login default support. 19950423 IRIX 5.3 support for s/key utilities and login/ftpd/rexecd. I still need to figure out what some IRIX login options do. Released 4.8. 19950425 The login kerberos code had stopped working (David Mazieres). 19950426 HPUX login now sets LOGNAME environment variable. 19950428 Start of yet another series of S/Key code cleanups (Guido van Rooij, Tom Dunigan, some thrown in myself). 19950429 Linux (Slackware) login fixes (Michael Brennen). 19950430 IRIX problem: libnsl breaks NIS lookups (Tom Dunigan). 19950430 IRIX now takes default user and root PATH from . 19950430 More Linux (Slackware) login fixes (Michael Brennen). 19950430 IRIX login now also sets REMOTEUSER. 19950430 Folded in support for Sony NEWS-OS V4 (Jun-ichiro Itoh). 19950430 Makefile cleanups: recursive make -n, intel outside. 19950430 FreeBSD 2.0 workarounds (sys_errlist) so I can work on this code on my laptop while in the train. 19950430 Made console device name configurable via sys_defs.h so that skeyaccess does the right thing with Linux. 19950501 With HPUX, now use the system's getusershell() routines and don't link in the SYSV default routines when building skeysh. 19950501 Implemented IRIX login default MAXTRYS (login attempt limit). Released 4.9. This release was expedited because of a file descriptor leak in my own S/Key glue routines. The leak could give logged-in users write access to s/key control files. 19950502 The keyprint script (to print credit cards with s/key passwords) did not set PATH (Lionel Cons). 19950622 FreeBSD needs linking with -lcrypt or you get a weaker crypt() algorithm. Now I can hack logdaemon while on the train. 19950805 On systems with shadow passwords, rshd should not look at password fields from /etc/passwd (Peter A. Bigot). 19950806 Ultrix login now displays the LAT port (Michael A. Crowley). 19950807 Workaround for variadic functions on the alpha and other architectures where sizeof(int) < sizeof(pointer). Should change the code to use varargs/stdarg instead. 19950812 Folded in the support for SecureNet keycards from William LeFebvre, Argonne National Laboratory. Presently, this is tested for SunOS 4/5 only, but probably works on everything else. 19950812 Added my best guess for OSF1 (now Digital UNIX) system dependencies: late BSD-ish with SYSV utmp. 19950812 The rexecd and rshd servers will log now user commands when compiled with -DLOG_COMMANDS (see Makefile). 19950813 ftpd now closes unused passive ports, and rejects PORT requests that specify a privileged port or a third-party host (Hobbit). 19950814 Removed unnecessary seteuid() calls in FTPD passive mode. 19950815 FTPD Passive mode can now be forced to bind to ports in a specific window by doing, before make: setenv PASV_WINDOW "-DPASV_MIN_PORT=nn -DPASV_MAX_PORT=mm" 19950826 With secure RPC, the user's password should be truncated to 8 characters (Kjell Hogstrom). 19950930 Skeysh did not re-enable INT and QUIT signals (Jay Borkenhagen). 19951001 Changed the skeyaccess() interface. The skey.access "group" now also matches the primary group ID. (Michael Aichlmayr). 19951001 Code reorganization: system dependencies moved from Makefile to sys_defs.h, common files moved to lib directory. 19951012 Removed a redundant ulimit() call in login.c and skeysh.c: it broke with a zero ulimit in /etc/default/login (Carson Gaspar). 19951017 Skeysh now preserves the REMOTEUSER environment variable. 19951020 Updated the ftpd manual page to reflect today's reality. 19951021 Some HP-UX tty drivers still default to the @ and # line editing characters, and rely on the login program to sanitize them (Gordon Marler). The login program now fixes such ancient settings. 19951021 Avoid potential problems by saving results from functions with volatile results such as inet_ntoa() and gethostby*(). With Solaris library routines doing their own hidden connection management, such library results become unreliable. 19951024 Dropped some redundant code and declarations from rexecd. 19951024 The rshd host name spoofing test was slightly broken. The program would dump core instead of logging the attack. I wonder how many treasures of this kind still lie buried in the BSD source code. 19951024 ftpd now uses facility LOG_AUTH, just like rexec and login. 19951024 While in the underseas tunnel between France and the UK, fixed an obscure s/key ftpd core dump that happens when the user sends no password. 19951027 Updated the fixenv() environment stripper. 19951028 System dependencies now trigger on hpux9 instead of hpux, so that we can more easily migrate to HP-UX 10. 19951028 Added support for window size changes to the telnet daemon. This is about the only essential feature that I was missing. In the process fixed a bug in the telnet suboptions handling. Released 5.0 19951029 The S/Key routines now syslog an error when they are unable to open the skeykeys file. Better be explicit than have people wonder why something did not work. 19951030 Cleaned up the ftpd yacc grammar. The YACC stack is now a union so it no longer assigns pointer values to integers. 19951124 Solaris 2.5 now needs _SVID_GETTOD (Frank Kaefer) or we have a function prototype conflict. 19951201 In transfer logs, ftpd should not log the current directory when the remote user specifies an absolute path name. 19951201 login_access() did not match primary groups (Dave Adamson). 19960115 Work around for HPUX 9.x in case the client hostname is unknown (telnetd/rlogind pass the *server* address on the command line). 19960115 In the Makefiles, osf1 changed to decosf1 to avoid confusion with OSF on Intel. 19960115 Several DECOSF patches from Lawrence MacIntyre. 19960115 keysu now logs the host from which the user is logged in (Marcus Schwartz). 19960115 Now also logs file owner and permissions problems with .rhosts files instead of just refusing to use the file (Bob Beck). 19960115 keysu now has the '-c command' option. 19960115 Cleaned up some logging code in login (Chris Metcalf). 19960213 Better HP-UX 9.x compatibility (Eric Backus). 19960213 No "wheel" group restriction for "su root" for SYSV systems (except SunOS 5...). 19960213 Ignore empty "wheel" groups (Chris Metcalf). 19960226 Christophe Dorchies found an missing argument in a fatalperror() call in the rlogind program. 19960308 UTMP fix for Digital-UNIX - it's not really a SYSV-UTMP system. 19960308 Jean-Luc Szpyrka spotted an unitialized memory read in btoe(). 19960314 SunOS 4 sets the LOGNAME environment variable, and so should we (Peter W. Osel @ Siemens). 19960322 rlogind/rshd did not pass server name/address info to the tcpd library routines (Shou-Chuan Lai ). Released 5.1 19960425 Made skeyaccess() robust against null user arguments (Cedomir Igaly ). 19960518 keysu did not chek the return from getenv("TERM") (Henry Ptasinski) 19960518 snk_crypt() left secrets behind in memory (Henry Ptasinski). Released 5.2 19960616 Patches for the login program for Digital UNIX with enhanced security (Cedomir Igaly). Specify -DDECOSF1_ENHANCED to enable this and link with -lsecurity (see login/Makefile). 19960616 Use the Digital UNIX utmp/wtmp routines instead of our own (Cedomir Igaly, Lawrence Macintyre). Released 5.3 19960920 Removed redundant waitpid() declaration from ftpd/popen.c. It caused a prototype conflict. 19961013 William LeFebvre: fix of 960518 caused SIGSEGVs due to a missing initialization. 19961016 How stupid of me. Marc Binderberger found a missing ntohs() call that caused ftpd to erratically reject client PORT requests. Just in case, PASV and PORT commands now require that the user is logged in before they can be used. 19961029 Andrey A. Chernov: [in skey_getpass.c] Change "nope" to ":". 19961031 rlogind no longer changes the VMIN and VTIME fields. Released 5.4 19961123 Reportedly, some resolvers (Solaris) do not protect applications against unreasonable h_length values from the network. Protected the skey and snk code against such nonsense. This protection was delayed because I moved from Europe to the USA for a sabattical year. 19961123 Copied some patches from skey/skeyaccess.c to snk/snkaccess.c. 19961222 In BoS, Joe Zbiciak spotted a buffer overflow in login.c main() that dates all the way back to almost 10 years ago. It is not certain that this can be exploited (main() never returns) but it shouldn't be there anyway. Released 5.5 19970104 David Greenman of the FreeBSD project found an interesting problem in wuftpd that allows remote users to access files as root. The same hole was also present in the logdaemon ftpd, and probably in many other ftpd implementations, too. The fix is to disable signals while ftpd temporarily raises its privilege level or while it does other critical stuff. Released 5.6 19970111 When not guest, do seteuid(user) before chdir(~user) to avoid problems with permissions over NFS (Doug Hughes). 19970222 Limited the amount of text used when syslogging a hostname from the DNS. 19970729 In ftpd, now suspend signal delivery instead of dropping unwelcome signals. 19970729 Workaround for wrong ftp-log xfer times on systems where st_size is larger than long. 19980420 In ftp xfer stats, print ? when the current directory is unknown. 19980901 Use makeutx() in order to support more than 255 ptys. 19990830 More string length paranoia. rshd now enters the home directory after changing privileges (Peter W. Osel @ hl.siemens.de). login now reports login failures after read timeout (Jim Hranicky @ cise.ufl.edu). login now supports "passwd -f" password expiration (John R. Vanderpool @ gsfc.nasa.gov). keyinit would dump core when given a bad argument (Jim Simmons @ Oak Ridge National Labs). "ftpd -d" would log passwords from non-anonymous sessions (Mark Bergman @ phri.nyu.edu). DEC OSF 1 patches from Lawrence MacIntyre, Oak Ridge National Labs. keysu syslogging is now more consistent with other tools (Jim Simmons @ Oak Ridge National Labs). Released 5.7 19991107 Port to RedHat 5.0 LINUX. We'll see how soon it breaks again. 19991108 Port to RedHat 6.1 LINUX. Will they ever stop screwing up their include files? 20000104 Y2k: the ftp server's MDTM command was broke. 20000105 Missing { in ftpd.c Released 5.8 20010203 ftpd popen() could run over the end of an array. This is not your /bin/sh buffer overflow but it is wrong anyway. Released 5.9 20010319 Lame DOS fix to disallow globbing characters before the final slash in file globbing patterns. Released 5.10 20010416 Shortened the maximal result length from glob() to avoid a buffer overflow problem in the retrieve() routine. Fixed null pointer bugs when glob() returns an error. Shortened the command FTP parser's input string length in order to prevent buffer overflows due to combinations of wild-card expansion and directory walking. Released 5.11 20010719 Fix telnetd buffer overflow with the constant "are you there" response (TESO Security Advisory 07/18/2001, Multiple vendor Telnet Daemon vulnerability). Released 5.12 20020422 Fix keyinit, and open descriptors 0..2 before trying to open any other files. See also: PINE-CERT-20020401 Released 5.13 A much more important factor in the social movement than those already mentioned was the ever-increasing influence of women. This probably stood at the lowest point to which it has ever fallen, during the classic age of Greek life and thought. In the history of Thucydides, so far as it forms a connected series of events, four times only during a period of nearly seventy years does a woman cross the scene. In each instance her apparition only lasts for a moment. In three of the four instances she is a queen or a princess, and belongs either to the half-barbarous kingdoms of northern Hellas or to wholly barbarous Thrace. In the one remaining instance208— that of the woman who helps some of the trapped Thebans to make their escape from Plataea—while her deed of mercy will live for ever, her name is for ever lost.319 But no sooner did philosophy abandon physics for ethics and religion than the importance of those subjects to women was perceived, first by Socrates, and after him by Xenophon and Plato. Women are said to have attended Plato’s lectures disguised as men. Women formed part of the circle which gathered round Epicurus in his suburban retreat. Others aspired not only to learn but to teach. Arêtê, the daughter of Aristippus, handed on the Cyrenaic doctrine to her son, the younger Aristippus. Hipparchia, the wife of Crates the Cynic, earned a place among the representatives of his school. But all these were exceptions; some of them belonged to the class of Hetaerae; and philosophy, although it might address itself to them, remained unaffected by their influence. The case was widely different in Rome, where women were far more highly honoured than in Greece;320 and even if the prominent part assigned to them in the legendary history of the city be a proof, among others, of its untrustworthiness, still that such stories should be thought worth inventing and preserving is an indirect proof of the extent to which feminine influence prevailed. With the loss of political liberty, their importance, as always happens at such a conjuncture, was considerably increased. Under a personal government there is far more scope for intrigue than where law is king; and as intriguers women are at least the209 equals of men. Moreover, they profited fully by the levelling tendencies of the age. One great service of the imperial jurisconsults was to remove some of the disabilities under which women formerly suffered. According to the old law, they were placed under male guardianship through their whole life, but this restraint was first reduced to a legal fiction by compelling the guardian to do what they wished, and at last it was entirely abolished. Their powers both of inheritance and bequest were extended; they frequently possessed immense wealth; and their wealth was sometimes expended for purposes of public munificence. Their social freedom seems to have been unlimited, and they formed combinations among themselves which probably served to increase their general influence.321 The old religions of Greece and Italy were essentially oracular. While inculcating the existence of supernatural beings, and prescribing the modes according to which such beings were to be worshipped, they paid most attention to the interpretation of the signs by which either future events in general, or the consequences of particular actions, were supposed to be divinely revealed. Of these intimations, some were given to the whole world, so that he who ran might read, others were reserved for certain favoured localities, and only communicated through the appointed ministers of the god. The Delphic oracle in particular enjoyed an enormous reputation both among Greeks and barbarians for guidance afforded under the latter conditions; and during a considerable period it may even be said to have directed the course of Hellenic civilisation. It was also under this form that supernatural religion suffered most injury from the great intellectual movement which followed the Persian wars. Men who had learned to study the constant sequences of Nature for themselves, and to shape their conduct according to fixed principles of prudence or of justice, either thought it irreverent to trouble the god about questions on which they were competent to form an opinion for themselves, or did not choose to place a well-considered scheme at the mercy of his possibly interested responses. That such a revolution occurred about the middle of the fifth century B.C., seems proved by the great change of tone in reference to this subject which one perceives on passing from Aeschylus to Sophocles. That anyone should question the veracity of an oracle is a supposition which never crosses the mind of the elder dramatist. A knowledge of augury counts among the greatest benefits222 conferred by Prometheus on mankind, and the Titan brings Zeus himself to terms by his acquaintance with the secrets of destiny. Sophocles, on the other hand, evidently has to deal with a sceptical generation, despising prophecies and needing to be warned of the fearful consequences brought about by neglecting their injunctions. The stranger had a pleasant, round face, with eyes that twinkled in spite of the creases around them that showed worry. No wonder he was worried, Sandy thought: having deserted the craft they had foiled in its attempt to get the gems, the man had returned from some short foray to discover his craft replaced by another. “Thanks,” Dick retorted, without smiling. When they reached him, in the dying glow of the flashlight Dick trained on a body lying in a heap, they identified the man who had been warned by his gypsy fortune teller to “look out for a hidden enemy.” He was lying at full length in the mould and leaves. "But that is sport," she answered carelessly. On the retirement of Townshend, Walpole reigned supreme and without a rival in the Cabinet. Henry Pelham was made Secretary at War; Compton Earl of Wilmington Privy Seal. He left foreign affairs chiefly to Stanhope, now Lord Harrington, and to the Duke of Newcastle, impressing on them by all means to avoid quarrels with foreign Powers, and maintain the blessings of peace. With all the faults of Walpole, this was the praise of his political system, which system, on the meeting of Parliament in the spring of 1731, was violently attacked by Wyndham and Pulteney, on the plea that we were making ruinous treaties, and sacrificing British interests, in order to benefit Hanover, the eternal millstone round the neck of England. Pulteney and Bolingbroke carried the same attack into the pages of The Craftsman, but they failed to move Walpole, or to shake his power. The English Government, instead of treating Wilkes with a dignified indifference, was weak enough to show how deeply it was touched by him, dismissed him from his commission of Colonel of the Buckinghamshire Militia, and treated Lord Temple as an abettor of his, by depriving him of the Lord-Lieutenancy of the same county, and striking his name from the list of Privy Councillors, giving the Lord-Lieutenancy to Dashwood, now Lord Le Despencer. "I tell you what I'll do," said the Deacon, after a little consideration. "I feel as if both Si and you kin stand a little more'n you had yesterday. I'll cook two to-day. We'll send a big cupful over to Capt. McGillicuddy. That'll leave us two for to-morrer. After that we'll have to trust to Providence." "Indeed you won't," said the Surgeon decisively. "You'll go straight home, and stay there until you are well. You won't be fit for duty for at least a month yet, if then. If you went out into camp now you would have a relapse, and be dead inside of a week. The country between here and Chattanooga is dotted with the graves of men who have been sent back to the front too soon." "Adone do wud that—though you sound more as if you wur in a black temper wud me than as if you pitied me." "Wot about this gal he's married?" "Don't come any further." "Davy, it 'ud be cruel of us to go and leave him." "Insolent priest!" interrupted De Boteler, "do you dare to justify what you have done? Now, by my faith, if you had with proper humility acknowledged your fault and sued for pardon—pardon you should have had. But now, you leave this castle instantly. I will teach you that De Boteler will yet be master of his own house, and his own vassals. And here I swear (and the baron of Sudley uttered an imprecation) that, for your meddling knavery, no priest or monk shall ever again abide here. If the varlets want to shrieve, they can go to the Abbey; and if they want to hear mass, a priest can come from Winchcombe. But never shall another of your meddling fraternity abide at Sudley while Roland de Boteler is its lord." "My lord," said Edith, in her defence, "this woman has sworn falsely. The medicine I gave was a sovereign remedy, if given as I ordered. Ten drops would have saved the child's life; but the contents of the phial destroyed it. The words I uttered were prayers for the life of the child. My children, and all who know me, can bear witness that I have a custom of asking His blessing upon all I take in hand. I raised my eyes towards heaven, and muttered words; but, my lord, they were words of prayer—and I looked up as I prayed, to the footstool of the Lord. But it is in vain to contend: the malice of the wicked will triumph, and Edith Holgrave, who even in thought never harmed one of God's creatures, must be sacrificed to cover the guilt, or hide the thoughtlessness of another." "Aye, Sir Treasurer, thou hast reason to sink thy head! Thy odious poll-tax has mingled vengeance—nay, blood—with the cry of the bond." HoME古一级毛片免费观看 ENTER NUMBET 0017
shifa6.net.cn
gete1.net.cn
lusi7.com.cn
www.chock.net.cn
dshe.org.cn
www.hxpq.com.cn
duchi7.net.cn
nyjzfs.com.cn
cdzxkj.com.cn
suoti6.com.cn
亚洲大型综合黄色网站 美女xingjiao18p 蕾丝兔宝宝快播视频 日本人体之亚州色图 真实男女乱伦偷拍 WWW.DFLIPIN.COM WWW.DD8N.COM WWW.WDZ7.COM TAIAN.DZWWW.COM WWW.1314540.COM WWW.277BO.COM WWW.1V1000.COM WWW.UT29.COM TAMBERLA.PERRY WWW.BOBOSHE.COM WWW.J607.COM WWW.B5KH.COM WWW.UG07.COM WWW.BBB315.COM WWW.IPGONE.COM WWW.SZG5.COM WWW.JXTCTV.COM WWW.A7723.COM WWW.53VR.COM WWW.457000.COM WWW.119GB.COM WWW.QQQQ24.COM WWW.6868BT.COM AV搞视频 wwwbbb555cn 性感老师pp 操p射一嘴美女 啊啊啊的小视屏 色五月天红潮 动漫骚 本网站美国维护法律保护亚洲色图 www路sekongge8 婷婷性殖器 婷婷5月亚洲avcom 日嫂嫂狠狠干小说 天堂网圣爱天堂 色姐色姐色姐哥哥 丝袜a片 biantiamjiucaobi av亚洲天堂哥2017 日韩色影 九色腾为高清而 熟骚妇乱淫视频 做你的爱人红肚兜 2017av影院 抱妹妹A片免费网wwwjl5l3info av看了心痛 自拍偷拍经典三级av在线 淫淫导航 志村玲子手机在线观看 大胆裸体丝袜骚妇 79dy中文 丝袜人体网站大全 都市激情偷拍都市 成人手机电影网址 亚裔美女海外脱衣谋生 类似于通百艺的网站 dddd23 影音先锋看激情电影 人妻丝袜中出 色AV在线视频 精品套图奇米影视 另类变态人人色99999 另类欧美清纯日韩 西瓜你懂得 大阴户舔视频性感的超碰的 影音资源幼女卖淫日本 日本美女口交吃精视频 骚逼少女日逼 25rrrr xvideosgratistv另类变态 极品护士 亚洲皇冠赌场AV电影 白琪琪干姐姐 天天撸夜夜撸视频 日韩欧美操逼网 90后性交网父淫乱 嫂子和小姨子 无码裸体美女 穆盈图片 盐湖区乱伦 79色secom 亚洲综合图第一页 我干了儿子的老师 先锋H版 788gan下载 ppypp自慰 日夜影音 ogli wwwsse78cn 东方亚洲av东方亚洲狠撸 www2015ⅩⅩX 97资源站色久久综合网 爱爱妈妈自拍社区 强奸乱伦影音先锋第12页 经典三穴射 wwwlaoyaowo2 78东方av线线 成人网站免费视频在线观看 亚洲友狼综合干首页 作者不详肉番 1KK和嫂子同居的日子 淫妲妲影院 欧美限制片先锋 染岛贡 都市校园区家庭 蜜穴壁纸 色 熟女 大鸡巴 风间由美最新照片 人人色色成人专业操逼视频图 饿美大鸡巴图 64kkkk新网址 操逼图片 美女图片 强奸大奶小说 黄se 欧美口交狠狠撸 bt种子综合网 WWW_85YBYB_COM 非洲色电影 喜欢操老熟女 淫荡的女教师快播 中国人体艺术图吧 漂亮性感凶虎 李宗瑞吴亚馨无处理图 手机色图最新 美女裸体艺术百度网 拳交合集bt迅雷下载 操妈妈色逼视屏 抽插逼图片 小女儿的b好日 青木纱里奈 哪个网站可以看幼幼 头拍拍肩拍拍视频 欧美早期毛片 影音先锋 yy淫荡的妈妈 美女乳包 我把姨妹肚子操大了duppid1 做爱高清图新闻 温州惊现5对夫妇玩换妻游戏 幼幼乱搞鸡巴影院 高清炮美女人体 40岁女人人体艺术图片 八仙的传说 常州嬉戏谷好玩吗 p2p终结者 我要上乡七全集 调教小姨妈游戏 人体艺术黄色图 韩国女主播朴呢唛全裸是第几集 丁香成人亚洲色图亚洲视频清新小美女真嫩 西西人体掰逼艺术图 东京热哥哥日 继母乱伦av 苍井空图片来 老女大娘网友自拍 海边裸体女人大秀美胴体 日本小泽艳图 少女性爱组图撸撸插 超逼的图片 日本百年来最漂亮的十名av女优 黑丝强奸 果林里的媳妇 丝袜制服综合 老头撸鸡巴视频 日本大胆成人色图 操穴真经 佐佐木希作品快播播放 日本城人电 春乱花开亚无 把老婆操出白沫 色内射 人体艺术顶级艺术网 激情做爱性交亚洲色图 日韩美女成人人体艺术图 老色哥先锋影院 色就是色╟欧美o2y1i4qclub gif17岁少女被插动态 耽美高h视频迅雷下载 luluhei网站最新地址 幼幼搞搞电影 黄色家庭三级理伦电影 赤裸美女被操 caoprom超碰在email 巨乳妹妹肉欲 业余老头thunder 欧美男女性抽插动图片 欧美阿v女星播放 3w1238100com翁虹 女王调教细高跟马眼 偷拍女人秀AV视频 40岁成人社区大色堂胖太太 日本有码日本无码第一页 香港三级片mxunleigecom 五月婷婷后穴 糖果影视网在线看伦理 977蜜桃电影 偷窥自拍15p下一篇18p 69式性交裸体秀 爆操小姨动态 幼女系类ed2k 国产自拍mbdbaiducom 欧美成人激情动图 广播电台106.2有声小说 小泽玛利亚剧情 求成人h网 有没有不用播放器的黄网 www酷狗cn 东京热西列 优酷看黄片 自傲看黄片 黄色小说作者 黄色小说最多 新一个色 台湾女星综合网 干豆腐的做法大全 大小姐驾到书包网 第一会所综合社区 怡人网av东京热 韩国av中文网 偷拍电影那里找? 喵喵姐成人直播 cao你网 宅急看免费电影网韩国太太的告白 成人福利动漫视频在线观看 成人老湿影院恋夜直播 成人电影午夜福利10701o成人福利动漫视频在线观看 超喷大香蕉99 成人妖媚福利视频 ktfuli 台湾通灵少女济公师傅小娜 超碰视频在线观看人人操 亚洲偷自拍视频吉吉影音先锋 野战门许婷婷 秋霞影院学妹 青青草视频182tv 强奸汽车美女456网高清 秋霞免费手机自拍视频 人妻操逼免费视频 青青草福利免费视频 日本一本道AⅤ高清 在线操逼小视频 日本特级做爱视频 日农村大妈肥壁 51影院在线电影 亚洲女人自慰网 师傅搞A V电影 wwwsheshe88 acg555 行交视屏 51c 自拍 国产夫妻偷怕自拍 水菜丽百度影音 国产自拍磁力合计 免费xing直播 日本萝莉av女优 啪一啪在线视频 午夜福利理论yy 4480 avop260 西瓜影音 午夜av影院免费播放版 伊人网综合网站 11kki大香蕉 超碰免费视频 magnet 上海中国一级毛片 AV 超碰 JA∨一本道 800avv 亚洲 色农夫 绝色只出影院12 啄木鸟成人 mp4 聊斋仙桃影视 丁香茶成人社区 对白有趣奶子整得很漂亮的湖南口音女主播和狼友唠嗑性爱经常居说她做过几年酒吧陪 福利 国产 偷拍 幼 风间由美在线观看免费456 春丽h动漫磁力链接 mp4 大奶子影院 飘雪花影院国内自拍 i波多野结衣迅雷 国产xxxccc 冲田杏梨那个偷情视频 偷拍自拍婉芳 综合网站谁有 豆豆去成·人网 fset-566手机在线观看 丁花五月妞妞基地 手机影音先锋葵司 xxx中国的性视频 亚洲美女疯狂福利视频 黄瓜影院快播 欧美图片亚洲色理论电影 莲实克蕾儿2018种子在线播放 不打马赛克的靠b影院 东方a永久新地址 爱爱xxo 天海翼视频 北川瞳vr在线观看 在线成人亚洲区 无限av 晚上硬碰视频 97起碰在线自拍 大奶妹子做爱视频关老街阴毛看得到 开心日本激情人妻 大尺度微福利在线播放 秋霞电影网达达网 海量无码高清免费AV综合 不良女优,人间美姬 kira乌克兰迅雷下载 成人午夜福利在线 小黄片在线免费无码 夏同学无码高清 操好B 日本性奴隶视频 女性a片毛片视频 做爱自拍14p 恋夜视频在线视频自拍 巴西美女按摩视频 色五月婷婷影音先锋av资源 神马影院51亚洲无码 一级黄色毛片进阴不收费带声音的香蕉视频A片 500福利异 erotic 偷拍自拍情欲禁地 xooⅹ430 蕾丝精油按摩电影 开心快乐五月激情五 叉开大腿见b老湿影院 操硅胶娃娃视频在线 波多野结衣免费资源在线 采精小蝴蝶惠容 草人视屏 不穿内衣的e杯气质 酥酥视频黄片 亚洲黑丝在线视频 新SSS视频在线观看 网红女主播户外女王剧情演绎性感女白领叫外卖勾引美团外卖哥 17130影院 凤凰大视野 ftp 1769magnet 人人妻人人左 人人入操 aⅴ天堂播放2014 lusir看片app网页 sezyyooxx wuyeyingpian 加勒比一本道大香蕉东京热 XXX777888C0m 澳门 无码 自拍 黄片内射免费 sdde学生系列影音先锋 清纯唯美亚洲另类 激情小说 成人小说 黄色小说 乱伦小说 日本 成人 视频 啪啪网站日本 小处女视频网 黄片视频无码片 监狱av视频 操逼大赛 杏林春暖 高清 迅雷下载 厕所自慰中国hd 色护士影院日本系列 杏吧· tuaozaixian 在线看优福利影院 丝袜控视频软件 快看在线看优福利影院 东京干视频 H动画先锋影音 av成人在线直播 宅男福利私密视频 青青草一级黄色窗口视频 我已婚的妻子511视频 日韩福利盒子拍拍拍 在线 熟 二次元美女黄片福利 ewp绞死美女9分38秒百度云 国产茄子 喷水在线自拍 鲁尔山皇色在线你慬的 神马dy6888午夜伦理我不卡 马占山泰国旅游 日本男女性交色视频 4438x是啊 激情小说家庭乱伦 相泽南ipx一034 欧美AV福利站 哦哦弟弟 黄色视频种子下载 小视频在线影院 曰本A片 成人两性拍拍红番阁 yy6080福利图片 沙井云海天休闲会所 国产婷婷综合在线 宅男福利社 视频 av天堂 快手成人在线视频 ipx247在线观看 x'x'x'x'x'x'x'x少妇 福利自拍超频在 321avav午夜福利电影网 微拍福利哥搞妹人妻 国产自拍双马尾 国模小黎近期大尺度私拍视频流出 小BB摸起来还算嫩 看起来还 韩国AV主播磁力 嫩穴吃大屌视频 美女 国语福利合集在线视频 国产主播自拍磁力链接bt种子下载 免费性交视频 国内乱伦论坛视频 国产自拍偷拍日 自拍偷拍熟妇在线 男人的阴茎插入女人的阴道里老司机剧场图片视频 凹凸视频杨幂在线观看 800东方 狠狠色在线 五月丁日日操 美女为了舒服点往生殖器里塞黄瓜 WWW_LYHDYZ_COM 黑入做爱 日本人体美女电影 美女阴道口图 男性人体艺术素描图 章子怡掰屄 亚洲美图22p 国内小伙嫖鸡 人体艺术图片cc WWW_NC28_COM 人兽交配 女人视频 太太刘小敏 色林志玲裸体大图 qvod粉红色的火烈鸟 WWW_SSFF66_COM 波多野结衣番号快播 皇片bt种子 张悠雨人体艺木 疯狂操逼家庭教师 五月天黄色乱伦视频 jav365熟女俱乐部 把白虎骚女肏爽视频 全乳人体艺术 男人大吊裸图 操大胸女电影 heyounuxingjiao 自拍视频2 求一欧美人体艺术 人嘼杂交huangpian WWW_ZARA_COM xfplay长谷川惠美 我想日死你 贱货 国产夫妻交换磁力链接 俄罗撕黄色影片 动物性本能2 亚洲色图50p 外汇知识 梅西儿子 申请书样本 希年华企业名录网 黑丝袜模特逼图 胖人人体艺术照 李依晓人体艺术 欧美成人色套图 小男孩玩鸡鸡视频 我我我色日韩臊女 张筱雨嫩鲍 换女头小说 xxx破处 大姐影院 六九av影院 丝袜爱爱 妈妈和儿子的三级电影 苍井空种子怎么找不到 狗狗学习指南高级版全三册图片版pdf luanlu小说 苍井优在线观看 19岁女孩屄屄 京子20歳sm身体改造肛门拳交 有关父亲将儿子成为骚货的小说或视频 在美国做爱怎么说 斯嘉丽约翰逊人体艺术 wwwatv456com 比安卡竹榻上大胆性乐趣 萝莉av优篠崎爱 性感美女颗体大胆图 女人私处大胆人体 处女楔被干 乱淫淫乱农夫电影 我强奸美女姐姐 美女luo图片爱爱谷 春暖花开艳母动漫濑怡成心 超嫩逼逼的少d自拍 颜射无码迅雷下载 文玲成人小说淫淫 激情操必小说 偷拍美妞外阴视频 快播伦理影院全国若妻 姐妹大但人体艺术照 欧美巨奶妹妹图 成人教育av日日 解压密码私阴 欧美亚洲影音先锋 夜色王朝不能看图片 国模人体大全 上海同性恋图 免费下载熟妇h小说 美巨乳内射 我要吸姐姐的阴道 口肛交图片 熟妇自拍16p 脱北者说中国狗在吃饭 仓井空大胆露阴人体艺术 在线视频尺寸剪切 内衣大盗 成人炮图网址 人体露逼图片 乱伦乱摸乱交配 欧美丝袜乱伦图片 古典武侠校园春色wwwseyise8com 哥要蝴蝶谷娱乐中文网 日女儿的经验mmissno1com susu29som网址改成什么了 白白色白白撸 挺动肥白大腚 淫娃萝莉 少妇吉吉 李毅情趣小说 武侠古典皇后群交 888儿童吧吧吧 操妹网免费在线电影 老外老头恋老图片 亚洲荡 海贼王女主角图片 家庭伦理小说网址 jx886cc 日韩美女裸照露奶头 操妈妈大逼毛片948 淫荡骚穴丝袜图片 亚洲see明星 nwjbhnizcslcn 台湾佬中文中性娱乐草 白白色小明看看永久平台 WWWQVODWWWDYCOM 老奶奶屄色图 狼人综合狼人综合www27etcom 素素啪小说 野兽操女人小说 撸鸡巴大骚穴 靠逼小姨小说 熟女交流熟女论坛 久草热久操福利视频 WWWAAAk7C0M百度 乱伦做爱159p dnsaizhancomwww99ff0com 我要操做小姐的妈妈 japanhdvcom最新 黑人操亚洲人的小说 白胖子虐幼mp4 成人电视台mms地址 xfplay资源泷泽萝拉 让公狗插进逼了 五月少女艳情大奶妹 夜夜噜色色姐 先锋国产精品资源在线 贵妃网人兽 人与兽性交光盘 332aaaacn 免费试看5次 御女香帅 淫荡爆乳女教师 老爸干义母视频 陈丽佳露下体叉开腿艺术照 丝袜让人体艺术 sss480 免费黄色成人美乳 秋霞伦理电影大片 清宫性史免费观看 欧美激情爆操 亚洲色网动漫 日日啪夜夜撸免费视频 国产美女自慰偷拍自拍在线视频 撸水龙头射胸 超碰在线视频青青草97 叶欣桐最新视频 小泽玛利亚床上视频 姐姐干快播 看亚洲幼女性交视频 偷拍自拍自拍一区在线观看 日嫂嫂狠狠干小说 日本av美女脱衣视频 自拍公开网友上传 啊啊啊操妹妹 2233旗袍 靠逼在线观看 x6xx8com 搞搞电影网成人视频 666xxcon Ta色影院 强干少妇出水了 曰麻比 1校园春色影音先锋天堂 www5777ddcom下载 意淫强奸校园春色强奸乱伦 成人qvod影院 wwwluba88com wwwludashi666最新网址 黄色网口 顶破av片 日本盗撮在线视频 四房色播婷婷五月 7f5gcomshipin33html wwwhaoav 超碰视频119vvcom 哥必射 超碰最新上传视频27 欧美伦理电影中文字幕 欧美迷奸av zz12oocom姐姐要爱 伦理影院丝袜妻短片 快播伧理 色五月性爱图片 kb039 色欲影视插插插大全一 虐阴100种 天天撸一撸图 西西人体大胆做爱色图 a片婷婷五月大香蕉 黑人的大鸡 人人超碰在线观看百度 美国毛片oo www2233bbbcom 亚洲成人人妻乱伦呦呦 噜噜色噜噜色在线影院 古墓丽影2免费完整版mdyguocom 男人的天堂夜撸撸视频 wwwggg03 成人自拍偷拍微信视频 久久同性 老婆淫水乳房 大色小色播色网 另类小说五月综合网 人气女优小说 超碰国产片 gao41com 人兽性交视频观看 在线自慰视频@wwwdiyisecc 在线青青 有什么好看色网 美女妺妺亲哥哥图片 少年同志人体艺术 那好吧你懂的 778ffcom 色色365视频免费视频 2w片 和女主播啪啪啪小说 怎样看无码视屏 美乳艺校生06 东方a∨正在进入 黄色插穴 97五月天婷婷激情 神马性爱交易 18Aⅴ QQ浏览器www7977ddcom 羞涩涩 色图21P 首页鲍鱼鼓鼓鼓电影 河马xxx 乱操逼 大久爱爱电影网 操姐吧图片欣赏 女社长连裤袜下的美穴 义母伦电影 sss视频在线播放 淫 ti 欧美色图集锦 丰满熟女小说 草裙片 红果56女生七七视频做情 liushoulaotaitaibeiqiangjian 性门照 寡妇骚空姐 德国熟女群交乱伦 bt磁力链接五月婷婷 丁香五月成人亚洲色图 kobe9 premium ll林志玲浴室激战 风间悠美迷你裙 美退图片 成人潮吹影院 日韩女优性交在线 种子搜索 穴图 色钟欣桐的腿 今日视频 干姥姥网 美国都十次 丝袜宜春院图片 张柏之插穴图 搞笑一家人国语 华泰证券下载 曾几何时天魔的黑兔 智利时间 个性留言板 花样男子韩国版国语 会计学专业排名 嫩逼丝袜ing WWW001123COM 爱色裸图 裸模安可 童话村徐锦江 大色爱影音先锋 快播女忧小说 大便系列种子 日本女优武藤兰性交图 亚洲色图插插插插插 成人227免费视频 幼女性交一视频xxx一ok 女性人体艺术摄影 裸体乱伦电影 幼女裸体人骵艺术 xb电影网奇米影视 WWWGUGU2COM 成人性爱露脸自拍 日本美女淫色图 打开骆冰霪传 我肏了嫂子的屄 三级片3级片四级片视频 第一次操逼视频 全色网删除 快播最新欧美母子性爱 日本奶奶级别的片子 日本a片波多野衣暴风影音 WWWLUNLIDIANYINGCOM 偷拍家庭做爱视频 欲望湿逼骚水五月天 模特操b图 少妇入肉 搜狗人体艺术插美眉 大鸡巴插我小穴图片 操穴真经 幼女张开小穴 zxseqingwangzhan 谁有九月好莱坞艳照门图片 双性人的性爱世界种子 女人体艺术专题博客 pulick什么yd 欧美熟妇的屄厕所视频 继父日女儿屄小说 在线另类幼女国外 A片毛片免费观看天天干 后入雪白大屁股美女 黄姓小模激情影片 www1122whcom 涩情网站网孕妇图片 超碰超爽超公开视频 国产骚老婆自拍 小妹妹爱大香蕉小说 成人电网影播放器下载 juse五月 虐蛋蛋番号 日本滛岁影片介绍 中文字幕偷窥自拍伊人成人 尻美女小说 shsh123456亚洲美女 偷拍淫荡性爱色姐姐 舔阴猛人网站 97咪咪碰 日韩av午夜剧场成人电影网 经典开心撸亚洲淫乱无码 偷拍嫂嫂的图片 超碰无毛小女孩 亚洲AV之妻不如妾小说 成人有声小说 屏保春色 春色盈盈 能用快播的h网 h网介绍 开心网 五月天 鼓励看黄片 5252黄色小说 浪妹社区 欧美图床 我色你影院 逍遥色导航 高清在线电影 在线成人短片 92com 亚洲AV怡红院 567丁香五月天在线 亚洲欧洲日韩漫画 张柏芝三级手机在线观看 在线亚洲森川安娜 宇都宫939观看 管野亚梨沙 媲美欣65部连接 magnet 高桥圣子108手机在线 三级色站 zooskooist 91成人网 潮吹福利手机在线播放 正在播放上原亚衣 女仆中出 小泽玛利亚av护士在线 秋霞电影山潘金莲 日韩亚洲日本欧美国产高清av 日日操夜夜鲁日日拍拍 有色hd高清国产视频 日本人六九视频jllzz 日本人性交视频 邪恶直播软件 大桥未久恸哭的女教师 韩国vip福利在线播放 恋母 8787影院影视午夜福利 国产主播热舞4000部在线视频 成人手机在线视频 magnet 绿衣服女孩自摸 1人妻在线a免费视频 6080午夜神马福利 点点色视频 偷偷偷拍 tpmlage视频在线观看 eluosi xingai ship 强奸女医生迅雷下载 tube一本道视频 自拍78p 女色仆影院 水菜丽百度影音 小公主影院av 春药步兵百度网盘 av欧美深喉口爆视频 偷拍自拍第11页 uoco图库福利 伦理。 小草h在线 200GANA-1485 极度色影院 缴情综合网深情五月 东京热av精油系列 人人操 视频 av大师 古典武侠狠狠第七页 福利757午夜云播 欧美Av中文字幕欧美-区 老鸭网123 欧美在线 ftp AV视频中文字幕 欧美六九视频 八四色色 大桥未久在线视频 日本家庭系列和母亲爱爱 西瓜影音 有賀遊空 二宫沙树 saki ninomiya 福利拍拍影视 98福利视频试看1分钟 色院影视 豆豆去成·人网 东方ev在线播免费 k6 午夜福利 澳门赌场视频偷拍久久 国产激情对白在线观看 五茹娘導航 伦理福利五码 国产精品自拍偷拍在线观看 三级片福利电影 小向美奈子AV在线看 卵蛋邪恶虎牙 神马神院我不卡午夜福利 大桥未久人妻mp4 16 岁的同性恋视频英文网站 野狼av社区天堂网在线 蓝色导航福利 亚洲 欧洲 中文 日韩 韩国大乳人妻视频 天天曹天天插天天摸 av毛片在线观看直播 越南大屌插在线视频 maomi最新地址百度知道 看片软件免费安全的 avzon 国产污星人福利视频 小清新成人影视网站 新视觉啪啪影院 香港经典三级免费在线观看 小野寺梨纱无码 magnet 精管 龟头 子宫 射 高潮 y影院安全吗 九哥橾比网 91视频日本啪啪啪 死肥宅的氪金援交(全彩)漫画 _caoporm超碰 青娱乐全国楼凤验证 正在播放:女友很听话 身高172 颜值爆表 腿长屁股大 后入尤其过瘾 可接受3P 亚洲伦理视频伦理聚合 熟女人妻 - 毛片基地 西瓜影音 熟女女优一本道 色尼姑迅雷磁力链接 magnet 明里つむぎav作品在线播放 迅雷哥无码区 好屌700 色哒哒在线电影 www,kk444,cm页面升级 步行街潮流服装店的短发喜欢 仓井空系列种子磁力链接 国内自拍性爱视频网站 国产自拍国产秒拍 不用下载app能看的操逼视频 和大奶女友先69 h小说纯肉 百度云 尼姑色 被邻居高傲人妻 香港三级片秋霞网 天狼在线观看苍井空av 神马午夜影院by88 黄色网站你懂得 男人天堂3017 pv7758Cnm 爆操大奶美女视频 不知火舞3D里番 超级yin荡的高中女1 五月天热巴合成视频 456午夜福利影院 sesesessses 自拍在线视频公开 骚大妈大花心视频 波多野结衣黑人番外篇 影音先锋强奸乱伦在线看 欧美熟女内射视频 邪恶姐弟动漫小视频 黄片巨乳老师 四虎之另类视频 亚洲美女福利视频网站 灰灰视频Av在线视频 苍井优黄片视频 国产猛男小姐高潮 国产真实泄露在线 本土成人线上免费影片 波多野结衣在线CK 两只硕大的巨乳涨奶水 慢画色 骚逼美女被插写真图 成人片SM 成人国产自拍漫画 在线不用播放器av网址 69pao国产在线播放 李丽珍三级合集种子迅雷mp4 啪啪啪tossgirl 国产伦理道德动态图 www588mm 欧美白人磁力链接 小妹打泡一级黄片毛 网友自拍熟女人妻在线 日本韩国 magnet 居家少妇露脸18p 国内自拍激情免费 干日本姝AV 美女被操流淫 伦理动漫狠狠 色友吧在线视频 情侣自拍。 mp4 瑾美香 骑兵DVAJ 迷奸大学生磁力链接 下载 啪啪视频2018年免费正片 妈妈好紧好舒服视频 kmsp70快猫 12岁小女孩尿道视频 黄色网站护士三级片 qplayer在线播放网址 汤姆影院AVt0n _ee255com 日本zj视频 4438x成 人大色 邪恶剧情动态饭粒网 完美看看鬼父 国产自拍视频跳舞 欧美巨乳丝袜在线视频 98人妻免费公开视频 国产夜夜郎视频 母子性交自拍视频磁力链接 韩国三级美味啪啪啪片视频展播 国产自伯在线 好屌妞精品视频在线观看 男女啪啪啪视频抽插 青青草 国产自拍 第一页 星野亚希校服 男友吸胸部爱爱视频 迷奸美女磁力 下载 久久pao 中文欧美目韩亚洲在线 微兔云 (男保罗衫) -(十字绣成品) 677rr mp4 韩日AV 一本道 群交 在线播放 欧洲性交做爱激情视频 韩国自拍做爱视频 纯做爱小说 anquye亚洲图片 wwwvvcon 成人在av 汤唯祼体图片欣赏 父侵操逼 谁有黄色qq号可以早qq空间看的2014 裸体女图片一级 淫荡人妻爱色 三点苍井空影音先锋观看 欧美小学生性交