From: Andrew Tridgell Date: Thu, 19 Nov 1998 06:35:49 +0000 (+0000) Subject: added "refuse options" option X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/commitdiff_plain/cd8185f2bd87206d9d41b8b3445202b3344080bf added "refuse options" option --- diff --git a/clientserver.c b/clientserver.c index 7dee5441..299e771e 100644 --- a/clientserver.c +++ b/clientserver.c @@ -310,8 +310,7 @@ static int rsync_module(int fd, int i) io_start_multiplex_out(fd); if (!ret) { - rprintf(FERROR,"Error parsing options (unsupported option?) - aborting\n"); - exit_cleanup(RERR_SYNTAX); + option_error(); } if (lp_timeout(i)) { diff --git a/loadparm.c b/loadparm.c index 09fdd5aa..ea0f9be8 100644 --- a/loadparm.c +++ b/loadparm.c @@ -130,6 +130,7 @@ typedef struct char *exclude; char *exclude_from; char *log_format; + char *refuse_options; int timeout; } service; @@ -153,6 +154,7 @@ static service sDefault = NULL, /* exclude */ NULL, /* exclude from */ "%o %h [%a] %m (%u) %f %l", /* log format */ + NULL, /* refuse options */ 0 /* timeout */ }; @@ -261,6 +263,7 @@ static struct parm_struct parm_table[] = {"exclude from", P_STRING, P_LOCAL, &sDefault.exclude_from,NULL, 0}, {"transfer logging", P_BOOL, P_LOCAL, &sDefault.transfer_logging,NULL,0}, {"log format", P_STRING, P_LOCAL, &sDefault.log_format, NULL, 0}, + {"refuse options", P_STRING, P_LOCAL, &sDefault.refuse_options,NULL, 0}, {NULL, P_BOOL, P_NONE, NULL, NULL, 0} }; @@ -333,6 +336,7 @@ FN_LOCAL_STRING(lp_secrets_file, secrets_file) FN_LOCAL_STRING(lp_exclude, exclude) FN_LOCAL_STRING(lp_exclude_from, exclude_from) FN_LOCAL_STRING(lp_log_format, log_format) +FN_LOCAL_STRING(lp_refuse_options, refuse_options) FN_LOCAL_INTEGER(lp_timeout, timeout) /* local prototypes */ diff --git a/options.c b/options.c index 58f0f3f0..6fa59636 100644 --- a/options.c +++ b/options.c @@ -205,14 +205,62 @@ static struct option long_options[] = { {0,0,0,0}}; +static char err_buf[100]; + +void option_error(void) +{ + if (err_buf[0]) { + rprintf(FLOG,"%s", err_buf); + rprintf(FERROR,"%s", err_buf); + } else { + rprintf(FLOG,"Error parsing options - unsupported option?\n"); + rprintf(FERROR,"Error parsing options - unsupported option?\n"); + } + exit_cleanup(RERR_UNSUPPORTED); +} + +/* check to see if we should refuse this option */ +static int check_refuse_options(char *ref, int opt) +{ + int i, len; + char *p; + const char *name; + + for (i=0; long_options[i].name; i++) { + if (long_options[i].val == opt) break; + } + + if (!long_options[i].name) return 0; + + name = long_options[i].name; + len = strlen(name); + + while ((p = strstr(ref,name))) { + if (p[len] == ' ' || p[len] == 0) { + slprintf(err_buf,sizeof(err_buf), + "The '%s' option is not supported by this server\n", name); + return 1; + } + ref += len; + } + return 0; +} + + int parse_arguments(int argc, char *argv[]) { int opt; int option_index; + char *ref = lp_refuse_options(module_id); while ((opt = getopt_long(argc, argv, short_options, long_options, &option_index)) != -1) { + + if (ref) { + if (check_refuse_options(ref, opt)) return 0; + } + switch (opt) { case OPT_VERSION: rprintf(FINFO,"rsync version %s protocol version %d\n\n", @@ -308,6 +356,7 @@ int parse_arguments(int argc, char *argv[]) #if SUPPORT_HARD_LINKS preserve_hard_links=1; #else + slprintf(err_buf,sizeof(err_buf),"hard links are not supported on this server\n"); rprintf(FERROR,"ERROR: hard links not supported on this platform\n"); return 0; #endif @@ -428,6 +477,7 @@ int parse_arguments(int argc, char *argv[]) break; default: + slprintf(err_buf,sizeof(err_buf),"unrecognised option\n"); return 0; } } diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo index a6a6b72e..58082a08 100644 --- a/rsyncd.conf.yo +++ b/rsyncd.conf.yo @@ -286,6 +286,14 @@ is specified in seconds. A value of zero means no timeout and is the default. A good choice for anonymous rsync servers may be 600 (giving a 10 minute timeout). +dit(bf(refuse options)) The "refuse options" option allows you to +specify a space separated list of rsync command line options that will +be refused by your rsync server. When an option is refused the server +prints an error message and exits. + +The full names of the options must be used (ie. you must use +"compress" not "z" to disable compression). + enddit() manpagesection(AUTHENTICATION STRENGTH)