diff options
| author | Wayne Davison <wayned@samba.org> | 2011-09-06 21:18:32 -0700 |
|---|---|---|
| committer | Wayne Davison <wayned@samba.org> | 2011-09-06 21:22:22 -0700 |
| commit | 70c4bfb770a01381dfec11096b79cb0af937cde5 (patch) | |
| tree | 4b003161829ece4aa0b3329533eac0e4debd9c4d /authenticate.c | |
| parent | a470b675af97922b0af0ede71d4a8aaf947170d2 (diff) | |
| download | rsync-70c4bfb770a01381dfec11096b79cb0af937cde5.tar.gz | |
Error out if --password-file specifed and it fails.
Fixes bug 8440.
Diffstat (limited to 'authenticate.c')
| -rw-r--r-- | authenticate.c | 36 |
1 files changed, 14 insertions, 22 deletions
diff --git a/authenticate.c b/authenticate.c index 76b3cc05..94c99d21 100644 --- a/authenticate.c +++ b/authenticate.c @@ -170,36 +170,27 @@ static const char *getpassf(const char *filename) { STRUCT_STAT st; char buffer[512], *p; - int fd, n, ok = 1; - const char *envpw = getenv("RSYNC_PASSWORD"); + int fd, n; if (!filename) return NULL; if ((fd = open(filename,O_RDONLY)) < 0) { - rsyserr(FWARNING, errno, "could not open password file \"%s\"", - filename); - if (envpw) - rprintf(FINFO, "falling back to RSYNC_PASSWORD environment variable.\n"); - return NULL; + rsyserr(FERROR, errno, "could not open password file %s", filename); + exit_cleanup(RERR_SYNTAX); } if (do_stat(filename, &st) == -1) { - rsyserr(FWARNING, errno, "stat(%s)", filename); - ok = 0; - } else if ((st.st_mode & 06) != 0) { - rprintf(FWARNING, "password file must not be other-accessible\n"); - ok = 0; - } else if (MY_UID() == 0 && st.st_uid != 0) { - rprintf(FWARNING, "password file must be owned by root when running as root\n"); - ok = 0; + rsyserr(FERROR, errno, "stat(%s)", filename); + exit_cleanup(RERR_SYNTAX); } - if (!ok) { - close(fd); - rprintf(FWARNING, "continuing without password file\n"); - if (envpw) - rprintf(FINFO, "falling back to RSYNC_PASSWORD environment variable.\n"); - return NULL; + if ((st.st_mode & 06) != 0) { + rprintf(FERROR, "ERROR: password file must not be other-accessible\n"); + exit_cleanup(RERR_SYNTAX); + } + if (MY_UID() == 0 && st.st_uid != 0) { + rprintf(FERROR, "ERROR: password file must be owned by root when running as root\n"); + exit_cleanup(RERR_SYNTAX); } n = read(fd, buffer, sizeof buffer - 1); @@ -210,7 +201,8 @@ static const char *getpassf(const char *filename) return strdup(p); } - return NULL; + rprintf(FERROR, "ERROR: failed to read a password from %s\n", filename); + exit_cleanup(RERR_SYNTAX); } /* Possibly negotiate authentication with the client. Use "leader" to |