X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/9bcb25958de5e2b6a852f67122472cc66471525f..3fac51e21e7635a87687288ee7da821c41d72031:/clientserver.c diff --git a/clientserver.c b/clientserver.c index 58a2f2c2..01112b48 100644 --- a/clientserver.c +++ b/clientserver.c @@ -27,33 +27,36 @@ #include "rsync.h" +extern int verbose; +extern int list_only; extern int am_sender; extern int am_server; extern int am_daemon; extern int am_root; -extern int module_id; -extern int read_only; -extern int verbose; extern int rsync_port; -extern int kludge_around_eof; +extern int kluge_around_eof; extern int daemon_over_rsh; -extern int list_only; extern int sanitize_paths; extern int filesfrom_fd; extern int remote_protocol; extern int protocol_version; extern int io_timeout; -extern int select_timeout; extern int orig_umask; extern int no_detach; extern int default_af_hint; extern char *bind_address; -extern struct exclude_list_struct server_exclude_list; -extern char *exclude_path_prefix; +extern struct filter_list_struct server_filter_list; extern char *config_file; extern char *files_from; char *auth_user; +int read_only = 0; +int daemon_log_format_has_i = 0; +int daemon_log_format_has_o_or_i = 0; +int module_id = -1; + +/* Length of lp_path() string when in daemon mode & not chrooted, else 0. */ +unsigned int module_dirlen = 0; /** * Run a client connected to an rsyncd. The alternative to this @@ -83,15 +86,12 @@ int start_socket_client(char *host, char *path, int argc, char *argv[]) return -1; } - if ((p = strchr(host, '@')) != NULL) { + if ((p = strrchr(host, '@')) != NULL) { user = host; host = p+1; *p = '\0'; } - if (rsync_port == 0) - rsync_port = RSYNC_PORT; - fd = open_socket_out_wrapped(host, rsync_port, bind_address, default_af_hint); if (fd == -1) @@ -99,7 +99,7 @@ int start_socket_client(char *host, char *path, int argc, char *argv[]) ret = start_inband_exchange(user, path, fd, fd, argc); - return ret < 0? ret : client_run(fd, fd, -1, argc, argv); + return ret ? ret : client_run(fd, fd, -1, argc, argv); } int start_inband_exchange(char *user, char *path, int f_in, int f_out, @@ -167,7 +167,7 @@ int start_inband_exchange(char *user, char *path, int f_in, int f_out, /* Old servers may just drop the connection here, rather than sending a proper EXIT command. Yuck. */ - kludge_around_eof = list_only && (protocol_version < 25); + kluge_around_eof = list_only && protocol_version < 25 ? 1 : 0; while (1) { if (!read_line(f_in, line, sizeof line - 1)) { @@ -195,12 +195,12 @@ int start_inband_exchange(char *user, char *path, int f_in, int f_out, rprintf(FERROR, "%s\n", line); /* This is always fatal; the server will now * close the socket. */ - return RERR_STARTCLIENT; - } else { - rprintf(FINFO,"%s\n", line); + return -1; } + + rprintf(FINFO, "%s\n", line); } - kludge_around_eof = False; + kluge_around_eof = 0; for (i = 0; i < sargc; i++) { io_printf(f_out, "%s\n", sargs[i]); @@ -227,6 +227,9 @@ static int rsync_module(int f_in, int f_out, int i) uid_t uid = (uid_t)-2; /* canonically "nobody" */ gid_t gid = (gid_t)-2; char *p; +#ifdef HAVE_PUTENV + char *s; +#endif char *addr = client_addr(f_in); char *host = client_name(f_in); char *name = lp_name(i); @@ -256,29 +259,37 @@ static int rsync_module(int f_in, int f_out, int i) if (!claim_connection(lp_lock_file(i), lp_max_connections(i))) { if (errno) { rsyserr(FLOG, errno, "failed to open lock file %s", - lp_lock_file(i)); - io_printf(f_out, "@ERROR: failed to open lock file %s\n", - lp_lock_file(i)); + safe_fname(lp_lock_file(i))); + io_printf(f_out, "@ERROR: failed to open lock file\n"); } else { rprintf(FLOG, "max connections (%d) reached\n", lp_max_connections(i)); - io_printf(f_out, "@ERROR: max connections (%d) reached - try again later\n", + io_printf(f_out, "@ERROR: max connections (%d) reached -- try again later\n", lp_max_connections(i)); } return -1; } - auth_user = auth_server(f_in, f_out, i, addr, "@RSYNCD: AUTHREQD "); + auth_user = auth_server(f_in, f_out, i, host, addr, "@RSYNCD: AUTHREQD "); if (!auth_user) { - rprintf(FLOG, "auth failed on module %s from %s (%s)\n", - name, host, addr); io_printf(f_out, "@ERROR: auth failed on module %s\n", name); return -1; } module_id = i; + if (lp_read_only(i)) + read_only = 1; + + if (lp_transfer_logging(i)) { + if (log_format_has(lp_log_format(i), 'i')) + daemon_log_format_has_i = 1; + if (daemon_log_format_has_i + || log_format_has(lp_log_format(i), 'o')) + daemon_log_format_has_o_or_i = 1; + } + am_root = (MY_UID() == 0); if (am_root) { @@ -310,29 +321,87 @@ static int rsync_module(int f_in, int f_out, int i) /* TODO: Perhaps take a list of gids, and make them into the * supplementary groups. */ - exclude_path_prefix = use_chroot? "" : lp_path(i); - if (*exclude_path_prefix == '/' && !exclude_path_prefix[1]) - exclude_path_prefix = ""; + if (use_chroot || (module_dirlen = strlen(lp_path(i))) == 1) { + module_dirlen = 0; + set_filter_dir("/", 1); + } else + set_filter_dir(lp_path(i), module_dirlen); + + p = lp_filter(i); + parse_rule(&server_filter_list, p, MATCHFLG_WORD_SPLIT, + XFLG_ANCHORED2ABS); p = lp_include_from(i); - add_exclude_file(&server_exclude_list, p, - XFLG_FATAL_ERRORS | XFLG_DEF_INCLUDE); + parse_filter_file(&server_filter_list, p, MATCHFLG_INCLUDE, + XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES | XFLG_FATAL_ERRORS); p = lp_include(i); - add_exclude(&server_exclude_list, p, - XFLG_WORD_SPLIT | XFLG_DEF_INCLUDE); + parse_rule(&server_filter_list, p, + MATCHFLG_INCLUDE | MATCHFLG_WORD_SPLIT, + XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES); p = lp_exclude_from(i); - add_exclude_file(&server_exclude_list, p, - XFLG_FATAL_ERRORS); + parse_filter_file(&server_filter_list, p, 0, + XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES | XFLG_FATAL_ERRORS); p = lp_exclude(i); - add_exclude(&server_exclude_list, p, XFLG_WORD_SPLIT); - - exclude_path_prefix = NULL; + parse_rule(&server_filter_list, p, MATCHFLG_WORD_SPLIT, + XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES); log_init(); +#ifdef HAVE_PUTENV + s = lp_prexfer_exec(i); + p = lp_postxfer_exec(i); + if ((s && *s) || (p && *p)) { + char *modname, *modpath, *hostaddr, *hostname, *username; + int status; + if (asprintf(&modname, "RSYNC_MODULE_NAME=%s", name) < 0 + || asprintf(&modpath, "RSYNC_MODULE_PATH=%s", lp_path(i)) < 0 + || asprintf(&hostaddr, "RSYNC_HOST_ADDR=%s", addr) < 0 + || asprintf(&hostname, "RSYNC_HOST_NAME=%s", host) < 0 + || asprintf(&username, "RSYNC_USER_NAME=%s", auth_user) < 0) + out_of_memory("rsync_module"); + putenv(modname); + putenv(modpath); + putenv(hostaddr); + putenv(hostname); + putenv(username); + umask(orig_umask); + if (s && *s) { + status = system(s); + if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) { + rprintf(FLOG, "prexfer-exec failed\n"); + io_printf(f_out, "@ERROR: prexfer-exec failed\n"); + return -1; + } + } + if (p && *p) { + pid_t pid = fork(); + if (pid < 0) { + rsyserr(FLOG, errno, "fork failed"); + io_printf(f_out, "@ERROR: fork failed\n"); + return -1; + } + if (pid) { + char *ret1, *ret2; + waitpid(pid, &status, 0); + if (asprintf(&ret1, "RSYNC_RAW_STATUS=%d", status) > 0) + putenv(ret1); + if (WIFEXITED(status)) + status = WEXITSTATUS(status); + else + status = -1; + if (asprintf(&ret2, "RSYNC_EXIT_STATUS=%d", status) > 0) + putenv(ret2); + system(p); + _exit(status); + } + } + umask(0); + } +#endif + if (use_chroot) { /* * XXX: The 'use chroot' flag is a fairly reliable @@ -347,20 +416,23 @@ static int rsync_module(int f_in, int f_out, int i) * in which case we fail. */ if (chroot(lp_path(i))) { - rsyserr(FLOG, errno, "chroot %s failed", lp_path(i)); + rsyserr(FLOG, errno, "chroot %s failed", + safe_fname(lp_path(i))); io_printf(f_out, "@ERROR: chroot failed\n"); return -1; } if (!push_dir("/")) { - rsyserr(FLOG, errno, "chdir %s failed\n", lp_path(i)); + rsyserr(FLOG, errno, "chdir %s failed\n", + safe_fname(lp_path(i))); io_printf(f_out, "@ERROR: chdir failed\n"); return -1; } } else { if (!push_dir(lp_path(i))) { - rsyserr(FLOG, errno, "chdir %s failed\n", lp_path(i)); + rsyserr(FLOG, errno, "chdir %s failed\n", + safe_fname(lp_path(i))); io_printf(f_out, "@ERROR: chdir failed\n"); return -1; } @@ -439,6 +511,7 @@ static int rsync_module(int f_in, int f_out, int i) start_glob = 1; } + verbose = 0; /* future verbosity is controlled by client options */ argp = argv; ret = parse_arguments(&argc, (const char ***) &argp, 0); @@ -460,8 +533,8 @@ static int rsync_module(int f_in, int f_out, int i) #ifndef DEBUG /* don't allow the logs to be flooded too fast */ - if (verbose > lp_max_verbosity()) - verbose = lp_max_verbosity(); + if (verbose > lp_max_verbosity(i)) + verbose = lp_max_verbosity(i); #endif if (protocol_version < 23 @@ -472,8 +545,24 @@ static int rsync_module(int f_in, int f_out, int i) * get the error back to the client. This means getting * the protocol setup finished first in later versions. */ setup_protocol(f_out, f_in); - if (files_from && !am_sender && strcmp(files_from, "-") != 0) - write_byte(f_out, 0); + if (!am_sender) { + /* Since we failed in our option parsing, we may not + * have finished parsing that the client sent us a + * --files-from option, so look for it manually. + * Without this, the socket would be in the wrong + * state for the upcoming error message. */ + if (!files_from) { + int i; + for (i = 0; i < argc; i++) { + if (strncmp(argv[i], "--files-from", 12) == 0) { + files_from = ""; + break; + } + } + } + if (files_from) + write_byte(f_out, 0); + } io_start_multiplex_out(); } @@ -483,11 +572,8 @@ static int rsync_module(int f_in, int f_out, int i) exit_cleanup(RERR_UNSUPPORTED); } - if (lp_timeout(i)) { - io_timeout = lp_timeout(i); - if (io_timeout < select_timeout) - select_timeout = io_timeout; - } + if (lp_timeout(i) && lp_timeout(i) > io_timeout) + set_io_timeout(lp_timeout(i)); start_server(f_in, f_out, argc, argp); @@ -632,7 +718,8 @@ int daemon_main(void) if ((fd = do_open(lp_pid_file(), O_WRONLY|O_CREAT|O_TRUNC, 0666 & ~orig_umask)) == -1) { cleanup_set_pid(0); - rsyserr(FLOG, errno, "failed to create pid file %s", pid_file); + rsyserr(FLOG, errno, "failed to create pid file %s", + safe_fname(pid_file)); exit_cleanup(RERR_FILEIO); } snprintf(pidbuf, sizeof pidbuf, "%ld\n", (long)pid);