[packages/rsync.git] / rsync-dos.patch

From 0dedfbce2c1b851684ba658861fe9d620636c56a Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayned@samba.org>
Date: Sun, 13 Apr 2014 13:44:58 -0700
Subject: [PATCH] Avoid infinite wait reading secrets file.

---
 authenticate.c |   24 +++++++++++++-----------
 1 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/authenticate.c b/authenticate.c
index 3381b8c..c92746c 100644
--- rsync/authenticate.c
+++ rsync/authenticate.c
@@ -102,15 +102,16 @@ static const char *check_secret(int module, const char *user, const char *group,
 	char pass2[MAX_DIGEST_LEN*2];
 	const char *fname = lp_secrets_file(module);
 	STRUCT_STAT st;
-	int fd, ok = 1;
+	int ok = 1;
 	int user_len = strlen(user);
 	int group_len = group ? strlen(group) : 0;
 	char *err;
+	FILE *fh;
 
-	if (!fname || !*fname || (fd = open(fname, O_RDONLY)) < 0)
+	if (!fname || !*fname || (fh = fopen(fname, "r")) == NULL)
 		return "no secrets file";
 
-	if (do_fstat(fd, &st) == -1) {
+	if (do_fstat(fileno(fh), &st) == -1) {
 		rsyserr(FLOG, errno, "fstat(%s)", fname);
 		ok = 0;
 	} else if (lp_strict_modes(module)) {
@@ -123,29 +124,30 @@ static const char *check_secret(int module, const char *user, const char *group,
 		}
 	}
 	if (!ok) {
-		close(fd);
+		fclose(fh);
 		return "ignoring secrets file";
 	}
 
 	if (*user == '#') {
 		/* Reject attempt to match a comment. */
-		close(fd);
+		fclose(fh);
 		return "invalid username";
 	}
 
 	/* Try to find a line that starts with the user (or @group) name and a ':'. */
 	err = "secret not found";
-	while ((user || group) && read_line_old(fd, line, sizeof line, 1)) {
-		const char **ptr, *s;
+	while ((user || group) && fgets(line, sizeof line, fh) != NULL) {
+		const char **ptr, *s = strtok(line, "\n\r");
 		int len;
-		if (*line == '@') {
+		if (!s)
+			continue;
+		if (*s == '@') {
 			ptr = &group;
 			len = group_len;
-			s = line+1;
+			s++;
 		} else {
 			ptr = &user;
 			len = user_len;
-			s = line;
 		}
 		if (!*ptr || strncmp(s, *ptr, len) != 0 || s[len] != ':')
 			continue;
@@ -158,7 +160,7 @@ static const char *check_secret(int module, const char *user, const char *group,
 		*ptr = NULL; /* Don't look for name again. */
 	}
 
-	close(fd);
+	fclose(fh);
 
 	memset(line, 0, sizeof line);
 	memset(pass2, 0, sizeof pass2);
-- 
1.7.0.4
Commit	Line	Data
81cacf5d AM	1	From 0dedfbce2c1b851684ba658861fe9d620636c56a Mon Sep 17 00:00:00 2001
	2	From: Wayne Davison <wayned@samba.org>
	3	Date: Sun, 13 Apr 2014 13:44:58 -0700
	4	Subject: [PATCH] Avoid infinite wait reading secrets file.
	5
	6	---
	7	authenticate.c \| 24 +++++++++++++-----------
	8	1 files changed, 13 insertions(+), 11 deletions(-)
	9
	10	diff --git a/authenticate.c b/authenticate.c
	11	index 3381b8c..c92746c 100644
	12	--- rsync/authenticate.c
	13	+++ rsync/authenticate.c
	14	@@ -102,15 +102,16 @@ static const char check_secret(int module, const char user, const char *group,
	15	char pass2[MAX_DIGEST_LEN*2];
	16	const char *fname = lp_secrets_file(module);
	17	STRUCT_STAT st;
	18	- int fd, ok = 1;
	19	+ int ok = 1;
	20	int user_len = strlen(user);
	21	int group_len = group ? strlen(group) : 0;
	22	char *err;
	23	+ FILE *fh;
	24
	25	- if (!fname \|\| !*fname \|\| (fd = open(fname, O_RDONLY)) < 0)
	26	+ if (!fname \|\| !*fname \|\| (fh = fopen(fname, "r")) == NULL)
	27	return "no secrets file";
	28
	29	- if (do_fstat(fd, &st) == -1) {
	30	+ if (do_fstat(fileno(fh), &st) == -1) {
	31	rsyserr(FLOG, errno, "fstat(%s)", fname);
	32	ok = 0;
	33	} else if (lp_strict_modes(module)) {
	34	@@ -123,29 +124,30 @@ static const char check_secret(int module, const char user, const char *group,
	35	}
	36	}
	37	if (!ok) {
	38	- close(fd);
	39	+ fclose(fh);
	40	return "ignoring secrets file";
	41	}
	42
	43	if (*user == '#') {
	44	/* Reject attempt to match a comment. */
	45	- close(fd);
	46	+ fclose(fh);
	47	return "invalid username";
	48	}
	49
	50	/* Try to find a line that starts with the user (or @group) name and a ':'. */
	51	err = "secret not found";
	52	- while ((user \|\| group) && read_line_old(fd, line, sizeof line, 1)) {
	53	- const char *ptr, s;
	54	+ while ((user \|\| group) && fgets(line, sizeof line, fh) != NULL) {
	55	+ const char *ptr, s = strtok(line, "\n\r");
	56	int len;
	57	- if (*line == '@') {
	58	+ if (!s)
	59	+ continue;
	60	+ if (*s == '@') {
	61	ptr = &group;
	62	len = group_len;
	63	- s = line+1;
	64	+ s++;
65	} else {
66	ptr = &user;
67	len = user_len;
68	- s = line;
69	}
70	if (!ptr \|\| strncmp(s, ptr, len) != 0 \|\| s[len] != ':')
71	continue;
72	@@ -158,7 +160,7 @@ static const char check_secret(int module, const char user, const char *group,
73	ptr = NULL; / Don't look for name again. */
74	}
75
76	- close(fd);
77	+ fclose(fh);
78
79	memset(line, 0, sizeof line);
80	memset(pass2, 0, sizeof pass2);
81	--
82	1.7.0.4
83
84