diff options
-rw-r--r-- | authenticate.c | 21 | ||||
-rw-r--r-- | clientserver.c | 19 | ||||
-rw-r--r-- | connection.c | 81 | ||||
-rw-r--r-- | loadparm.c | 14 | ||||
-rw-r--r-- | util.c | 16 |
5 files changed, 62 insertions, 89 deletions
diff --git a/authenticate.c b/authenticate.c new file mode 100644 index 00000000..28f777e1 --- /dev/null +++ b/authenticate.c @@ -0,0 +1,21 @@ +/* + Copyright (C) Andrew Tridgell 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/* support rsync authentication */ +#include "rsync.h" + diff --git a/clientserver.c b/clientserver.c index 39e5b90d..173ca0c5 100644 --- a/clientserver.c +++ b/clientserver.c @@ -67,6 +67,14 @@ int start_socket_client(char *host, char *path, int argc, char *argv[]) if (!read_line(fd, line, sizeof(line)-1)) { return -1; } + +#if 0 + if (strncmp(line,"@RSYNCD: AUTHREQD ",18) == 0) { + auth_client(fd, line+18); + continue; + } +#endif + if (strcmp(line,"@RSYNCD: OK") == 0) break; rprintf(FINFO,"%s\n", line); } @@ -101,6 +109,7 @@ static int rsync_module(int fd, int i) char *p; char *addr = client_addr(fd); char *host = client_name(fd); + char *auth; if (!allow_access(addr, host, lp_hosts_allow(i), lp_hosts_deny(i))) { rprintf(FERROR,"rsync denied on module %s from %s (%s)\n", @@ -108,6 +117,14 @@ static int rsync_module(int fd, int i) return -1; } +#if 0 + if (!auth_server(fd, "@RSYNCD: AUTHREQD ")) { + rprintf(FERROR,"auth failed on module %s from %s (%s)\n", + lp_name(i), client_name(fd), client_addr(fd)); + return -1; + } +#endif + if (!claim_connection(lp_lock_file(), lp_max_connections())) { rprintf(FERROR,"ERROR: max connections reached\n"); return -1; @@ -115,7 +132,7 @@ static int rsync_module(int fd, int i) rprintf(FINFO,"rsync on module %s from %s (%s)\n", lp_name(i), host, addr); - + module_id = i; if (lp_read_only(i)) diff --git a/connection.c b/connection.c index fc7c6667..1025c8fc 100644 --- a/connection.c +++ b/connection.c @@ -19,59 +19,6 @@ /* support the max connections option */ #include "rsync.h" -int yield_connection(char *fname, int max_connections) -{ - int fd, i; - pid_t mypid=getpid(), pid=0; - - if (max_connections <= 0) - return 1; - - fd = open(fname,O_RDWR); - if (fd == -1) { - rprintf(FERROR,"Couldn't open lock file %s (%s)\n",fname,strerror(errno)); - return 0; - } - - if (!lock_file(fd)) { - rprintf(FERROR,"failed to lock %s\n", fname); - close(fd); - return 0; - } - - /* find the right spot */ - for (i=0;i<max_connections;i++) { - if (read(fd, &pid, sizeof(pid)) != sizeof(pid)) { - unlock_file(fd); - close(fd); - return 0; - } - if (pid == mypid) break; - } - - if (i == max_connections) { - rprintf(FERROR,"Entry not found in lock file %s\n",fname); - unlock_file(fd); - close(fd); - return 0; - } - - pid = 0; - - /* remove our mark */ - if (lseek(fd,i*sizeof(pid),SEEK_SET) != i*sizeof(pid) || - write(fd, &pid,sizeof(pid)) != sizeof(pid)) { - rprintf(FERROR,"Couldn't update lock file %s (%s)\n",fname,strerror(errno)); - unlock_file(fd); - close(fd); - return 0; - } - - unlock_file(fd); - close(fd); - return 1; -} - /**************************************************************************** simple routine to do connection counting @@ -79,7 +26,6 @@ simple routine to do connection counting int claim_connection(char *fname,int max_connections) { int fd, i; - pid_t pid; if (max_connections <= 0) return 1; @@ -90,34 +36,11 @@ int claim_connection(char *fname,int max_connections) return 0; } - if (!lock_file(fd)) { - rprintf(FERROR,"failed to lock %s\n", fname); - close(fd); - return 0; - } - /* find a free spot */ for (i=0;i<max_connections;i++) { - if (read(fd,&pid,sizeof(pid)) != sizeof(pid)) break; - if (pid == 0 || !process_exists(pid)) break; + if (lock_range(fd, i*4, 4)) return 1; } - if (i == max_connections) { - unlock_file(fd); - close(fd); - return 0; - } - - pid = getpid(); - - if (lseek(fd,i*sizeof(pid),SEEK_SET) != i*sizeof(pid) || - write(fd, &pid,sizeof(pid)) != sizeof(pid)) { - unlock_file(fd); - close(fd); - return 0; - } - - unlock_file(fd); close(fd); - return 1; + return 0; } @@ -57,13 +57,13 @@ typedef char pstring[1024]; /* the following are used by loadparm for option lists */ typedef enum { - P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL, - P_STRING,P_GSTRING,P_ENUM,P_SEP + P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL, + P_STRING,P_GSTRING,P_ENUM,P_SEP } parm_type; typedef enum { - P_LOCAL,P_GLOBAL,P_SEPARATOR,P_NONE + P_LOCAL,P_GLOBAL,P_SEPARATOR,P_NONE } parm_class; struct enum_list { @@ -121,6 +121,8 @@ typedef struct char *gid; char *hosts_allow; char *hosts_deny; + char *auth_users; + char *secrets_file; } service; @@ -136,6 +138,8 @@ static service sDefault = "nobody",/* gid */ NULL, /* hosts allow */ NULL, /* hosts deny */ + NULL, /* auth users */ + NULL, /* secrets file */ }; @@ -165,6 +169,8 @@ static struct parm_struct parm_table[] = {"gid", P_STRING, P_LOCAL, &sDefault.gid, NULL, 0}, {"hosts allow", P_STRING, P_LOCAL, &sDefault.hosts_allow, NULL, 0}, {"hosts deny", P_STRING, P_LOCAL, &sDefault.hosts_deny, NULL, 0}, + {"auth users", P_STRING, P_LOCAL, &sDefault.auth_users, NULL, 0}, + {"secrets file", P_STRING, P_LOCAL, &sDefault.secrets_file,NULL, 0}, {NULL, P_BOOL, P_NONE, NULL, NULL, 0} }; @@ -225,6 +231,8 @@ FN_LOCAL_STRING(lp_uid, uid) FN_LOCAL_STRING(lp_gid, gid) FN_LOCAL_STRING(lp_hosts_allow, hosts_allow) FN_LOCAL_STRING(lp_hosts_deny, hosts_deny) +FN_LOCAL_STRING(lp_auth_users, auth_users) +FN_LOCAL_STRING(lp_secrets_file, secrets_file) /* local prototypes */ static int strwicmp( char *psz1, char *psz2 ); @@ -491,12 +491,16 @@ int process_exists(int pid) return(kill(pid,0) == 0 || errno != ESRCH); } -int lock_file(int fd) +/* lock a byte range in a open file */ +int lock_range(int fd, int offset, int len) { - return flock(fd, LOCK_EX) == 0; -} + struct flock lock; -int unlock_file(int fd) -{ - return flock(fd, LOCK_UN) == 0; + lock.l_type = F_WRLCK; + lock.l_whence = SEEK_SET; + lock.l_start = offset; + lock.l_len = len; + lock.l_pid = 0; + + return fcntl(fd,F_SETLK,&lock) == 0; } |