added --existing option, similar to one suggested by Gildas Quiniou <gildas@stip.fr>

[rsync/rsync.git] / authenticate.c

diff --git a/authenticate.c b/authenticate.c
index 896366a..50c10aa 100644 (file)
--- a/authenticate.c
+++ b/authenticate.c
@@ -87,12 +87,14 @@ static int get_secret(int module, char *user, char *secret, int len)
        if (do_stat(fname, &st) == -1) {
                rprintf(FERROR,"stat(%s) : %s\n", fname, strerror(errno));
                ok = 0;
-       } else if ((st.st_mode & 06) != 0) {
-               rprintf(FERROR,"secrets file must not be other-accessible\n");
-               ok = 0;
-       } else if (am_root && (st.st_uid != 0)) {
-               rprintf(FERROR,"secrets file must be owned by root when running as root\n");
-               ok = 0;
+       } else if (lp_strict_modes(module)) {
+               if ((st.st_mode & 06) != 0) {
+                       rprintf(FERROR,"secrets file must not be other-accessible (see strict modes option)\n");
+                       ok = 0;
+               } else if (am_root && (st.st_uid != 0)) {
+                       rprintf(FERROR,"secrets file must be owned by root when running as root (see strict modes)\n");
+                       ok = 0;
+               }
        }
        if (!ok) {
                rprintf(FERROR,"continuing without secrets file\n");
@@ -170,8 +172,10 @@ static char *getpassf(char *filename)
        buffer[sizeof(buffer)-1]='\0';
        if ( (len=read(fd,buffer,sizeof(buffer)-1)) > 0)
        {
+               char *p = strtok(buffer,"\n\r");
                close(fd);
-               return strdup(strtok(buffer,"\n\r"));
+               if (p) p = strdup(p);
+               return p;
        }       
 
        return NULL;