- changed the log messages to show the requested path

- some more paranoid buffer size checks
- separate open syslog call
- handle systems without LOG_NDELAY

diff --git a/authenticate.c b/authenticate.c
index 351c8a0..6a389db 100644 (file)
--- a/authenticate.c
+++ b/authenticate.c
@@ -107,12 +107,7 @@ static int get_secret(int module, char *user, char *secret, int len)
        close(fd);
        if (!found) return 0;
 
-       if (strlen(pass) > len-1) {
-               memset(line, 0, sizeof(line));
-               return 0;
-       }
-
-       strcpy(secret, pass);
+       strlcpy(secret, pass, len);
        return 1;
 }
 

diff --git a/clientserver.c b/clientserver.c
index 1c0bd7e..9cac2ef 100644 (file)
--- a/clientserver.c
+++ b/clientserver.c
@@ -103,8 +103,8 @@ static int rsync_module(int fd, int i)
        char *argv[MAX_ARGS];
        char **argp;
        char line[MAXPATHLEN];
-       uid_t uid;
-       gid_t gid;
+       uid_t uid = (uid_t)-2;
+       gid_t gid = (gid_t)-2;
        char *p;
        char *addr = client_addr(fd);
        char *host = client_name(fd);
@@ -133,8 +133,6 @@ static int rsync_module(int fd, int i)
                return -1;
        }
 
-       rprintf(FINFO,"rsync on module %s from %s (%s)\n",
-               name, host, addr);
        
        module_id = i;
 
@@ -167,22 +165,28 @@ static int rsync_module(int fd, int i)
        p = lp_exclude(i);
        add_exclude_line(p);
 
+       log_open();
+
        if (chroot(lp_path(i))) {
+               rprintf(FERROR,"chroot %s failed\n", lp_path(i));
                io_printf(fd,"@ERROR: chroot failed\n");
                return -1;
        }
 
        if (chdir("/")) {
+               rprintf(FERROR,"chdir %s failed\n", lp_path(i));
                io_printf(fd,"@ERROR: chdir failed\n");
                return -1;
        }
 
-       if (setgid(gid)) {
+       if (setgid(gid) || getgid() != gid) {
+               rprintf(FERROR,"setgid %d failed\n", gid);
                io_printf(fd,"@ERROR: setgid failed\n");
                return -1;
        }
 
-       if (setuid(uid)) {
+       if (setuid(uid) || getuid() != uid) {
+               rprintf(FERROR,"setuid %d failed\n", uid);
                io_printf(fd,"@ERROR: setuid failed\n");
                return -1;
        }
@@ -206,7 +210,11 @@ static int rsync_module(int fd, int i)
                }
 
                if (start_glob) {
-                       rprintf(FINFO,"transferring %s\n",p);
+                       if (start_glob == 1) {
+                               rprintf(FINFO,"rsync on %s from %s (%s)\n",
+                                       p, host, addr);
+                               start_glob++;
+                       }
                        glob_expand(name, argv, &argc, MAX_ARGS);
                } else {
                        argc++;
@@ -319,6 +327,8 @@ static int start_daemon(int fd)
 
 int daemon_main(void)
 {
+       log_open();
+
        if (is_a_socket(STDIN_FILENO)) {
                /* we are running via inetd */
                return start_daemon(STDIN_FILENO);

diff --git a/flist.c b/flist.c
index bc1ceba..cf40151 100644 (file)
--- a/flist.c
+++ b/flist.c
@@ -616,7 +616,7 @@ struct file_list *send_file_list(int f,int argc,char *argv[])
                           thus getting their permissions right */
                        *p = 0;
                        if (strcmp(lastpath,fname)) {
-                               strcpy(lastpath, fname);
+                               strlcpy(lastpath, fname, sizeof(lastpath)-1);
                                *p = '/';
                                for (p=fname+1; (p=strchr(p,'/')); p++) {
                                        *p = 0;

diff --git a/loadparm.c b/loadparm.c
index 52fdaa8..bf764d5 100644 (file)
--- a/loadparm.c
+++ b/loadparm.c
@@ -583,7 +583,7 @@ static BOOL lp_do_parameter(int snum, char *parmname, char *parmvalue)
        break;
 
      case P_GSTRING:
-       strcpy((char *)parm_ptr,parmvalue);
+       strlcpy((char *)parm_ptr,parmvalue,sizeof(pstring)-1);
        break;
 
      case P_ENUM:

diff --git a/log.c b/log.c
index 8be3605..90b287e 100644 (file)
--- a/log.c
+++ b/log.c
@@ -24,6 +24,30 @@
 #include "rsync.h"
 
 
+void log_open(void)
+{
+       static int initialised;
+       int options = LOG_PID;
+
+       if (initialised) return;
+       initialised = 1;
+
+#ifdef LOG_NDELAY
+       options |= LOG_NDELAY;
+#endif
+
+#ifdef LOG_DAEMON
+       openlog("rsyncd", options, lp_syslog_facility());
+#else
+       openlog("rsyncd", options);
+#endif
+
+#ifndef LOG_NDELAY
+       syslog(LOG_INFO,"rsyncd started\n");
+#endif
+}
+               
+
 /* this is the rsync debugging function. Call it with FINFO or FERROR */
 void rprintf(int fd, const char *format, ...)
 {
@@ -44,19 +68,10 @@ void rprintf(int fd, const char *format, ...)
        buf[len] = 0;
 
        if (am_daemon) {
-               static int initialised;
                int priority = LOG_INFO;
                if (fd == FERROR) priority = LOG_WARNING;
 
-               if (!initialised) {
-                       initialised = 1;
-#ifdef LOG_DAEMON
-                       openlog("rsyncd", LOG_PID, lp_syslog_facility());
-#else
-                       openlog("rsyncd", LOG_PID);
-#endif
-               }
-               
+               log_open();
                syslog(priority, "%s", buf);
                return;
        }