]>
Commit | Line | Data |
---|---|---|
81cacf5d AM |
1 | From 0dedfbce2c1b851684ba658861fe9d620636c56a Mon Sep 17 00:00:00 2001 |
2 | From: Wayne Davison <wayned@samba.org> | |
3 | Date: Sun, 13 Apr 2014 13:44:58 -0700 | |
4 | Subject: [PATCH] Avoid infinite wait reading secrets file. | |
5 | ||
6 | --- | |
7 | authenticate.c | 24 +++++++++++++----------- | |
8 | 1 files changed, 13 insertions(+), 11 deletions(-) | |
9 | ||
10 | diff --git a/authenticate.c b/authenticate.c | |
11 | index 3381b8c..c92746c 100644 | |
12 | --- rsync/authenticate.c | |
13 | +++ rsync/authenticate.c | |
14 | @@ -102,15 +102,16 @@ static const char *check_secret(int module, const char *user, const char *group, | |
15 | char pass2[MAX_DIGEST_LEN*2]; | |
16 | const char *fname = lp_secrets_file(module); | |
17 | STRUCT_STAT st; | |
18 | - int fd, ok = 1; | |
19 | + int ok = 1; | |
20 | int user_len = strlen(user); | |
21 | int group_len = group ? strlen(group) : 0; | |
22 | char *err; | |
23 | + FILE *fh; | |
24 | ||
25 | - if (!fname || !*fname || (fd = open(fname, O_RDONLY)) < 0) | |
26 | + if (!fname || !*fname || (fh = fopen(fname, "r")) == NULL) | |
27 | return "no secrets file"; | |
28 | ||
29 | - if (do_fstat(fd, &st) == -1) { | |
30 | + if (do_fstat(fileno(fh), &st) == -1) { | |
31 | rsyserr(FLOG, errno, "fstat(%s)", fname); | |
32 | ok = 0; | |
33 | } else if (lp_strict_modes(module)) { | |
34 | @@ -123,29 +124,30 @@ static const char *check_secret(int module, const char *user, const char *group, | |
35 | } | |
36 | } | |
37 | if (!ok) { | |
38 | - close(fd); | |
39 | + fclose(fh); | |
40 | return "ignoring secrets file"; | |
41 | } | |
42 | ||
43 | if (*user == '#') { | |
44 | /* Reject attempt to match a comment. */ | |
45 | - close(fd); | |
46 | + fclose(fh); | |
47 | return "invalid username"; | |
48 | } | |
49 | ||
50 | /* Try to find a line that starts with the user (or @group) name and a ':'. */ | |
51 | err = "secret not found"; | |
52 | - while ((user || group) && read_line_old(fd, line, sizeof line, 1)) { | |
53 | - const char **ptr, *s; | |
54 | + while ((user || group) && fgets(line, sizeof line, fh) != NULL) { | |
55 | + const char **ptr, *s = strtok(line, "\n\r"); | |
56 | int len; | |
57 | - if (*line == '@') { | |
58 | + if (!s) | |
59 | + continue; | |
60 | + if (*s == '@') { | |
61 | ptr = &group; | |
62 | len = group_len; | |
63 | - s = line+1; | |
64 | + s++; | |
65 | } else { | |
66 | ptr = &user; | |
67 | len = user_len; | |
68 | - s = line; | |
69 | } | |
70 | if (!*ptr || strncmp(s, *ptr, len) != 0 || s[len] != ':') | |
71 | continue; | |
72 | @@ -158,7 +160,7 @@ static const char *check_secret(int module, const char *user, const char *group, | |
73 | *ptr = NULL; /* Don't look for name again. */ | |
74 | } | |
75 | ||
76 | - close(fd); | |
77 | + fclose(fh); | |
78 | ||
79 | memset(line, 0, sizeof line); | |
80 | memset(pass2, 0, sizeof pass2); | |
81 | -- | |
82 | 1.7.0.4 | |
83 | ||
84 |