[Rsync-patches] [PATCH 3/3] Daemon: Don't reverse-lookup the client's hostname if "hosts allow" and "hosts deny" are both unset. Update rsyncd.conf(5) accordingly.

Tue Jan 13 22:57:25 PST 2009

---
 clientserver.c |   11 ++++++++++-
 rsyncd.conf.yo |   11 ++++++++---
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/clientserver.c b/clientserver.c
index 6fc3bbe..5f8ed48 100644
--- a/clientserver.c
+++ b/clientserver.c
@@ -405,6 +405,11 @@ static int path_failure(int f_out, const char *dir, BOOL was_chdir)
 	return -1;
 }
 
+/* We only reverse-lookup the client's hostname if at least one of
+ * "hosts allow" or "hosts deny" is specified. */
+const char *undetermined_hostname = "UNDETERMINED";
+#define SHOULD_LOOKUP_HOSTNAME(i) (*lp_hosts_allow(i) || *lp_hosts_deny(i))
+
 static int rsync_module(int f_in, int f_out, int i, const char *addr, const char *host)
 {
 	int argc;
@@ -427,6 +432,9 @@ static int rsync_module(int f_in, int f_out, int i, const char *addr, const char
 	iconv_opt = NULL;
 #endif
 
+	if (host == undetermined_hostname && SHOULD_LOOKUP_HOSTNAME(i))
+		host = client_name(f_in);
+
 	if (!allow_access(addr, host, lp_hosts_allow(i), lp_hosts_deny(i))) {
 		rprintf(FLOG, "rsync denied on module %s from %s (%s)\n",
 			name, host, addr);
@@ -927,7 +935,8 @@ int start_daemon(int f_in, int f_out)
 		exit_cleanup(RERR_SYNTAX);
 
 	addr = client_addr(f_in);
-	host = client_name(f_in);
+	host = SHOULD_LOOKUP_HOSTNAME(-1) ? client_name(f_in)
+			: undetermined_hostname;
 	rprintf(FLOG, "connect from %s (%s)\n", host, addr);
 
 	if (!am_server) {
diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo
index 06768e9..df3f46d 100644
--- a/rsyncd.conf.yo
+++ b/rsyncd.conf.yo
@@ -305,9 +305,12 @@ will be possible if file permissions on the daemon side allow them.  The
 default is for this parameter to be disabled.
 
 dit(bf(list)) This parameter determines if this module should be
-listed when the client asks for a listing of available modules. By
-setting this to false you can create hidden modules. The default is
-for modules to be listable.
+listed when the client asks for a listing of available modules.  In addition,
+if this is false, rsync will pretend the module does not exist when a client
+blocked by "hosts allow" or "hosts deny" attempts to access it; but realize
+that if these two parameters are unset globally, the client may still be able
+to probe the module's existence by watching for the reverse lookup caused by
+the module-specific parameters.  The default is for modules to be listable.
 
 dit(bf(uid)) This parameter specifies the user name or user ID that
 file transfers to and from that module should take place as when the daemon
@@ -473,6 +476,8 @@ that the host is rejected. If the host does not match either the
 connect.
 
 The default is no "hosts allow" parameter, which means all hosts can connect.
+If neither "hosts allow" nor "hosts deny" is specified (globally or for the
+requested module), the reverse lookup is not performed.
 
 dit(bf(hosts deny)) This parameter allows you to specify a
 list of patterns that are matched against a connecting clients
-- 
1.6.1.86.g57f37


