View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000245 | Rsync | Bug | public | 2008-04-18 03:11 | 2020-08-24 12:44 |
Reporter | Steven Levine | Assigned To | Steven Levine | ||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | closed | Resolution | fixed | ||
Fixed in Version | 3.0.4 | ||||
Summary | 0000245: rsync getpassf() should check strict_modes setting | ||||
Description | The 3.0 codebase added mode checks to getpassf() (authenticate.c). However, unlike get_secret(), code was not added to bypass the check based on the strict_modes setting. This makes it impossible to use the --password-file option on the client side. | ||||
Tags | No tags attached. | ||||
Attached Files | 3.0.3pre2-shl.diff (8,598 bytes)
Only in .: 3.0.3pre2-shl.diff Only in .: Makefile Only in .: access.o Only in .: acls.o diff -u ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/authenticate.c ./authenticate.c --- ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/authenticate.c 2008-03-01 12:01:40.000000000 -0800 +++ ./authenticate.c 2008-06-12 15:17:50.000000000 -0700 @@ -173,13 +173,16 @@ if (do_stat(filename, &st) == -1) { rsyserr(FWARNING, errno, "stat(%s)", filename); ok = 0; - } else if ((st.st_mode & 06) != 0) { + } +#ifndef __OS2__ /* 12 Jun 08 SHL ignore unsupported mode checks */ + else if ((st.st_mode & 06) != 0) { rprintf(FWARNING, "password file must not be other-accessible\n"); ok = 0; } else if (MY_UID() == 0 && st.st_uid != 0) { rprintf(FWARNING, "password file must be owned by root when running as root\n"); ok = 0; } +#endif /* __OS2__ */ if (!ok) { close(fd); rprintf(FWARNING, "continuing without password file\n"); Only in .: authenticate.o Only in .: backup.o Only in .: batch.o Only in .: cfg_shl Only in .: checksum.o Only in .: chmod.o Only in .: cleanup.o Only in .: clientname.o Only in .: clientserver.# diff -u ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/clientserver.c ./clientserver.c --- ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/clientserver.c 2008-04-15 08:34:16.000000000 -0700 +++ ./clientserver.c 2008-06-12 15:43:36.000000000 -0700 @@ -469,6 +469,7 @@ am_root = (MY_UID() == 0); +#ifndef __OS2__ if (am_root) { p = lp_uid(i); if (!name_to_uid(p, &uid)) { @@ -491,6 +492,7 @@ } } +#endif /* TODO: If we're not root, but the configuration requests * that we change to some uid other than the current one, then * log a warning. */ @@ -1044,10 +1046,14 @@ exit_cleanup(RERR_SYNTAX); } +#ifndef __OS2__ if (no_detach) create_pid_file(); else become_daemon(); +#else + create_pid_file(); +#endif if (rsync_port == 0 && (rsync_port = lp_rsync_port()) == 0) rsync_port = RSYNC_PORT; Only in .: clientserver.o Only in .: clientserver.~ Only in .: compat.o Only in .: config.h Only in .: config.log Only in .: config.status diff -u ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/configure.sh ./configure.sh --- ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/configure.sh 2008-05-17 10:26:16.000000000 -0700 +++ ./configure.sh 2008-06-11 17:30:40.000000000 -0700 @@ -16624,6 +16624,15 @@ _ACEOF ;; + *os2*) + { echo "$as_me:$LINENO: result: Using OS/2 extattrs" >&5 +echo "${ECHO_T}Using OS/2 extattrs" >&6; } + cat >>confdefs.h <<\_ACEOF +#define SUPPORT_XATTRS 1 +_ACEOF + + ;; + *) if test x"$enable_xattr_support" = x"yes"; then { { echo "$as_me:$LINENO: error: Failed to find extended attribute support" >&5 Only in .: configure.sh~ Only in .: connection.o Only in .: diff_shl.cmd Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/doc and ./doc Only in .: exclude.o Only in .: fileio.o Only in .: flist.o Only in .: generator.o Only in .: hashtable.o Only in .: hlink.o Only in .: init_shl Only in .: init_shl.cmd Only in .: io.o Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/lib and ./lib Only in .: loadparm.o Only in .: log.o Only in .: m_shl Only in .: main.o Only in .: match.o diff -u ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/options.c ./options.c --- ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/options.c 2008-03-30 08:05:50.000000000 -0700 +++ ./options.c 2008-06-11 17:30:40.000000000 -0700 @@ -51,7 +51,12 @@ int preserve_links = 0; int preserve_hard_links = 0; int preserve_acls = 0; +#ifndef __OS2__ int preserve_xattrs = 0; +#else +/* OS/2 uses Extended attributes extensively - make preserving them the default */ +int preserve_xattrs = 1; +#endif int preserve_perms = 0; int preserve_executability = 0; int preserve_devices = 0; @@ -1033,6 +1038,7 @@ case OPT_EXCLUDE_FROM: case OPT_INCLUDE_FROM: arg = poptGetOptArg(pc); +printf("PS - pc = %s\n",arg); if (sanitize_paths) arg = sanitize_path(NULL, arg, NULL, 0, SP_DEFAULT); if (daemon_filter_list.head) { @@ -2118,7 +2124,11 @@ *host_ptr = new_array(char, hostlen + 1); strlcpy(*host_ptr, s, hostlen + 1); - +#ifdef __EMX__ + if ((p[0] == ':')&&((p[1] == '\\')||(p[1] == '/'))) { + return NULL; + } +#endif if (p[1] == ':') { if (port_ptr && !*port_ptr) *port_ptr = RSYNC_PORT; Only in .: options.c.orig Only in .: options.o Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/packaging and ./packaging Only in .: params.o Only in .: patch_shl.cmd Only in .: patch_shl.out Only in .: pipe.o Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/popt and ./popt Only in .: progress.o Only in .: receiver.o Only in .: rounding.h Only in .: rsync-3.0.0pre10.diff Only in .: rsync.exe Only in .: rsync.o Only in .: sender.o Only in .: shconfig Only in .: socket.o Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/support and ./support Only in .: syscall.o Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/testhelp and ./testhelp Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/testsuite and ./testsuite Only in .: token.o Only in .: uidlist.o diff -u ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/util.c ./util.c --- ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/util.c 2008-05-17 09:35:46.000000000 -0700 +++ ./util.c 2008-06-12 15:53:42.000000000 -0700 @@ -191,6 +191,11 @@ char *p; int ret = 0; +#ifdef __OS2__ /* 25 Sep 07 */ + if (*(fname + 1) == ':' && isalpha(*fname)) + fname += 2; /* Bypass drive letter */ +#endif /* __OS2__ */ + while (*fname == '/') fname++; while (strncmp(fname, "./", 2) == 0) @@ -821,8 +826,17 @@ if (!name) return 0; +#ifdef __OS2__ /* 25 Sep 07 SHL */ + if (*(f + 1) == ':' && isalpha(*f)) + f += 2; /* Bypass drive letter */ +#endif /* __OS2__ */ + if ((anchored = *f == '/') != 0) *t++ = *f++; +#ifdef __OS2__ + else if ((anchored = *(f+1) == ':') != 0) + *t++ = *f++; +#endif else if (flags & CFN_KEEP_DOT_DIRS && *f == '.' && f[1] == '/') { *t++ = *f++; *t++ = *f++; @@ -900,6 +914,15 @@ if (dest != p) { int plen = strlen(p); +#ifdef __OS2__ /* 25 Sep 07 SHL */ + if (*(p + 1) == ':' && isalpha(*p)) { + if (!rootdir) + rootdir = module_dir; + rlen = strlen(rootdir); + depth = 0; + p += 2; /* Bypass drive letter */ + } +#endif if (*p == '/') { if (!rootdir) rootdir = module_dir; @@ -966,6 +989,9 @@ } *sanp = '\0'; +#if 0 + printf("santize_path - dest2 = %s\n",dest); /* 25 Sep 07 SHL */ +#endif return dest; } @@ -990,7 +1016,11 @@ if (len == 1 && *dir == '.') return 1; +#ifndef __OS2__ if (*dir == '/') { +#else + if (*(dir + 1) == ':' && isalpha(*dir)) { +#endif if (len >= sizeof curr_dir) { errno = ENAMETOOLONG; return 0; @@ -1041,6 +1071,12 @@ if (*fn == '/') p1 = p2 = ""; +#ifdef __OS2__ /* 25 Sep 07 SHL */ + else if (*(fn + 1) == ':' && + *(fn + 2) == '/' && + isalpha(*fn)) + p1 = p2 = ""; /* Got d:/ */ +#endif else { p1 = curr_dir + module_dirlen; for (p2 = p1; *p2 == '/'; p2++) {} Only in .: util.c.orig Only in .: util.c.rej Only in .: util.o diff -u ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/xattrs.c ./xattrs.c --- ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/xattrs.c 2008-05-17 09:35:46.000000000 -0700 +++ ./xattrs.c 2008-06-11 17:30:40.000000000 -0700 @@ -48,17 +48,28 @@ #define XSTATE_DONE 1 #define XSTATE_TODO 2 +#ifndef __OS2__ #define USER_PREFIX "user." #define UPRE_LEN ((int)sizeof USER_PREFIX - 1) #define SYSTEM_PREFIX "system." #define SPRE_LEN ((int)sizeof SYSTEM_PREFIX - 1) +#else +#define USER_PREFIX "" +#define UPRE_LEN ((int)sizeof USER_PREFIX - 1) +#define SYSTEM_PREFIX "" +#define SPRE_LEN ((int)sizeof SYSTEM_PREFIX - 1) +#endif #ifdef HAVE_LINUX_XATTRS #define MIGHT_NEED_RPRE (am_root < 0) #define RSYNC_PREFIX USER_PREFIX "rsync." #else #define MIGHT_NEED_RPRE am_root -#define RSYNC_PREFIX "rsync." +#ifndef __OS2__ +# define RSYNC_PREFIX "rsync." +#else +# define RSYNC_PREFIX "" +#endif #endif #define RPRE_LEN ((int)sizeof RSYNC_PREFIX - 1) Only in .: xattrs.o Common subdirectories: ../../../sla_dev2_browse/rsync/rsync-3.0.3pre2/zlib and ./zlib | ||||
|
This looks like a cross-platform problem - should possibly be reported via the rsync site? |
|
I am not sure: the program complains that the password file shouldn.t be user-accessible. On linux you can chmod 600 the password file to make it non user-accessible. The problem seems that in os/2 we can't chmod the file effectively. |
|
This was reported to the rsync team as https://bugzilla.samba.org/show_bug.cgi?id=5401 As was pointed out by the maintainers, I goofed on my suggested fix. What's really needed is to #ifdef the code based on a configure variable. If might be sufficient to just use __OS2__. |
|
Here's a patch against the 3.0.3pre2 codebase that should fix the issue. It includes your rsync-3.0.0pre10.diff patches and works to the level I have tested it. |
|
Should be fixed in 3.0.4 (Patch provided by Steven) |
|
Patched source to not check ownership. |
Date Modified | Username | Field | Change |
---|---|---|---|
2008-04-18 03:11 | Steven Levine | New Issue | |
2008-05-05 18:51 | psmedley | Note Added: 0000852 | |
2008-06-12 01:23 | piesse | Note Added: 0000864 | |
2008-06-12 02:59 | Steven Levine | Note Added: 0000865 | |
2008-06-26 07:38 | Steven Levine | File Added: 3.0.3pre2-shl.diff | |
2008-06-26 07:40 | Steven Levine | Note Added: 0000898 | |
2008-09-14 07:52 | psmedley | Project | Other Unix Port => Rsync |
2008-09-14 08:28 | psmedley | Note Added: 0000962 | |
2008-09-14 08:28 | psmedley | Assigned To | => Steven Levine |
2008-09-14 08:28 | psmedley | Status | new => feedback |
2009-02-13 14:13 | Steven Levine | Note Added: 0001125 | |
2009-02-13 14:13 | Steven Levine | Status | feedback => resolved |
2009-02-13 14:13 | Steven Levine | Fixed in Version | => 3.0.4 |
2009-02-13 14:13 | Steven Levine | Resolution | open => fixed |
2020-08-24 12:44 | psmedley | Status | resolved => closed |