--- /dev/null
+/*
+ Copyright (C) Andrew Tridgell 1998
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+/* support rsync authentication */
+#include "rsync.h"
+
if (!read_line(fd, line, sizeof(line)-1)) {
return -1;
}
+
+#if 0
+ if (strncmp(line,"@RSYNCD: AUTHREQD ",18) == 0) {
+ auth_client(fd, line+18);
+ continue;
+ }
+#endif
+
if (strcmp(line,"@RSYNCD: OK") == 0) break;
rprintf(FINFO,"%s\n", line);
}
char *p;
char *addr = client_addr(fd);
char *host = client_name(fd);
+ char *auth;
if (!allow_access(addr, host, lp_hosts_allow(i), lp_hosts_deny(i))) {
rprintf(FERROR,"rsync denied on module %s from %s (%s)\n",
return -1;
}
+#if 0
+ if (!auth_server(fd, "@RSYNCD: AUTHREQD ")) {
+ rprintf(FERROR,"auth failed on module %s from %s (%s)\n",
+ lp_name(i), client_name(fd), client_addr(fd));
+ return -1;
+ }
+#endif
+
if (!claim_connection(lp_lock_file(), lp_max_connections())) {
rprintf(FERROR,"ERROR: max connections reached\n");
return -1;
rprintf(FINFO,"rsync on module %s from %s (%s)\n",
lp_name(i), host, addr);
-
+
module_id = i;
if (lp_read_only(i))
/* support the max connections option */
#include "rsync.h"
-int yield_connection(char *fname, int max_connections)
-{
- int fd, i;
- pid_t mypid=getpid(), pid=0;
-
- if (max_connections <= 0)
- return 1;
-
- fd = open(fname,O_RDWR);
- if (fd == -1) {
- rprintf(FERROR,"Couldn't open lock file %s (%s)\n",fname,strerror(errno));
- return 0;
- }
-
- if (!lock_file(fd)) {
- rprintf(FERROR,"failed to lock %s\n", fname);
- close(fd);
- return 0;
- }
-
- /* find the right spot */
- for (i=0;i<max_connections;i++) {
- if (read(fd, &pid, sizeof(pid)) != sizeof(pid)) {
- unlock_file(fd);
- close(fd);
- return 0;
- }
- if (pid == mypid) break;
- }
-
- if (i == max_connections) {
- rprintf(FERROR,"Entry not found in lock file %s\n",fname);
- unlock_file(fd);
- close(fd);
- return 0;
- }
-
- pid = 0;
-
- /* remove our mark */
- if (lseek(fd,i*sizeof(pid),SEEK_SET) != i*sizeof(pid) ||
- write(fd, &pid,sizeof(pid)) != sizeof(pid)) {
- rprintf(FERROR,"Couldn't update lock file %s (%s)\n",fname,strerror(errno));
- unlock_file(fd);
- close(fd);
- return 0;
- }
-
- unlock_file(fd);
- close(fd);
- return 1;
-}
-
/****************************************************************************
simple routine to do connection counting
int claim_connection(char *fname,int max_connections)
{
int fd, i;
- pid_t pid;
if (max_connections <= 0)
return 1;
return 0;
}
- if (!lock_file(fd)) {
- rprintf(FERROR,"failed to lock %s\n", fname);
- close(fd);
- return 0;
- }
-
/* find a free spot */
for (i=0;i<max_connections;i++) {
- if (read(fd,&pid,sizeof(pid)) != sizeof(pid)) break;
- if (pid == 0 || !process_exists(pid)) break;
+ if (lock_range(fd, i*4, 4)) return 1;
}
- if (i == max_connections) {
- unlock_file(fd);
- close(fd);
- return 0;
- }
-
- pid = getpid();
-
- if (lseek(fd,i*sizeof(pid),SEEK_SET) != i*sizeof(pid) ||
- write(fd, &pid,sizeof(pid)) != sizeof(pid)) {
- unlock_file(fd);
- close(fd);
- return 0;
- }
-
- unlock_file(fd);
close(fd);
- return 1;
+ return 0;
}
/* the following are used by loadparm for option lists */
typedef enum
{
- P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL,
- P_STRING,P_GSTRING,P_ENUM,P_SEP
+ P_BOOL,P_BOOLREV,P_CHAR,P_INTEGER,P_OCTAL,
+ P_STRING,P_GSTRING,P_ENUM,P_SEP
} parm_type;
typedef enum
{
- P_LOCAL,P_GLOBAL,P_SEPARATOR,P_NONE
+ P_LOCAL,P_GLOBAL,P_SEPARATOR,P_NONE
} parm_class;
struct enum_list {
char *gid;
char *hosts_allow;
char *hosts_deny;
+ char *auth_users;
+ char *secrets_file;
} service;
"nobody",/* gid */
NULL, /* hosts allow */
NULL, /* hosts deny */
+ NULL, /* auth users */
+ NULL, /* secrets file */
};
{"gid", P_STRING, P_LOCAL, &sDefault.gid, NULL, 0},
{"hosts allow", P_STRING, P_LOCAL, &sDefault.hosts_allow, NULL, 0},
{"hosts deny", P_STRING, P_LOCAL, &sDefault.hosts_deny, NULL, 0},
+ {"auth users", P_STRING, P_LOCAL, &sDefault.auth_users, NULL, 0},
+ {"secrets file", P_STRING, P_LOCAL, &sDefault.secrets_file,NULL, 0},
{NULL, P_BOOL, P_NONE, NULL, NULL, 0}
};
FN_LOCAL_STRING(lp_gid, gid)
FN_LOCAL_STRING(lp_hosts_allow, hosts_allow)
FN_LOCAL_STRING(lp_hosts_deny, hosts_deny)
+FN_LOCAL_STRING(lp_auth_users, auth_users)
+FN_LOCAL_STRING(lp_secrets_file, secrets_file)
/* local prototypes */
static int strwicmp( char *psz1, char *psz2 );
return(kill(pid,0) == 0 || errno != ESRCH);
}
-int lock_file(int fd)
+/* lock a byte range in a open file */
+int lock_range(int fd, int offset, int len)
{
- return flock(fd, LOCK_EX) == 0;
-}
+ struct flock lock;
-int unlock_file(int fd)
-{
- return flock(fd, LOCK_UN) == 0;
+ lock.l_type = F_WRLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = offset;
+ lock.l_len = len;
+ lock.l_pid = 0;
+
+ return fcntl(fd,F_SETLK,&lock) == 0;
}
Matt McCutchen's Web Site / rsync / rsync.git / commitdiff