X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=libatalk%2Futil%2Fnetatalk_conf.c;h=a08ddebd44dafacaf84a7d8b87fc735e627392a3;hb=be799718387d2e6029cccee369b25ba85bb2fade;hp=6b98673c965c9e1a347f286ec9b2c4362966fea8;hpb=ecfef7fa7a4f7031bbf0fe097eb8f8f337beb44d;p=netatalk.git diff --git a/libatalk/util/netatalk_conf.c b/libatalk/util/netatalk_conf.c index 6b98673c..a08ddebd 100644 --- a/libatalk/util/netatalk_conf.c +++ b/libatalk/util/netatalk_conf.c @@ -31,6 +31,12 @@ #include #include #include +#if HAVE_LOCALE_H +#include +#endif +#if HAVE_LANGINFO_H +#include +#endif #include #include @@ -164,26 +170,28 @@ static char *get_vol_uuid(const AFPObj *obj, const char *volname) As we can't check (requires write access) on ro-volumes, we switch ea:auto volumes that are options:ro to ea:none. */ +#define EABUFSZ 4 static int do_check_ea_support(const struct vol *vol) { int haseas; - char eaname[] = {"org.netatalk.supports-eas.XXXXXX"}; + const char *eaname = "org.netatalk.has-Extended-Attributes"; const char *eacontent = "yes"; + char buf[EABUFSZ]; - if ((vol->v_flags & AFPVOL_RO) == AFPVOL_RO) { - LOG(log_note, logtype_afpd, "read-only volume '%s', can't test for EA support, assuming yes", vol->v_localname); + if (sys_lgetxattr(vol->v_path, eaname, buf, EABUFSZ) != -1) return 1; - } - mktemp(eaname); + if (vol->v_flags & AFPVOL_RO) { + LOG(log_debug, logtype_afpd, "read-only volume '%s', can't test for EA support, assuming yes", vol->v_localname); + return 1; + } become_root(); - if ((sys_setxattr(vol->v_path, eaname, eacontent, 4, 0)) == 0) { - sys_removexattr(vol->v_path, eaname); + if ((sys_setxattr(vol->v_path, eaname, eacontent, strlen(eacontent) + 1, 0)) == 0) { haseas = 1; } else { - LOG(log_warning, logtype_afpd, "volume \"%s\" does not support Extended Attributes or read-only volume root", + LOG(log_warning, logtype_afpd, "volume \"%s\" does not support Extended Attributes or read-only volume", vol->v_localname); haseas = 0; } @@ -196,25 +204,14 @@ static int do_check_ea_support(const struct vol *vol) static void check_ea_support(struct vol *vol) { int haseas; - char eaname[] = {"org.netatalk.supports-eas.XXXXXX"}; - const char *eacontent = "yes"; haseas = do_check_ea_support(vol); if (vol->v_vfs_ea == AFPVOL_EA_AUTO) { - if ((vol->v_flags & AFPVOL_RO) == AFPVOL_RO) { - LOG(log_info, logtype_afpd, "read-only volume '%s', can't test for EA support, disabling EAs", vol->v_localname); - vol->v_vfs_ea = AFPVOL_EA_NONE; - return; - } - - if (haseas) { + if (haseas) vol->v_vfs_ea = AFPVOL_EA_SYS; - } else { - LOG(log_warning, logtype_afpd, "volume \"%s\" does not support Extended Attributes, using ea:ad instead", - vol->v_localname); - vol->v_vfs_ea = AFPVOL_EA_AD; - } + else + vol->v_vfs_ea = AFPVOL_EA_NONE; } if (vol->v_adouble == AD_VERSION_EA) { @@ -333,15 +330,14 @@ static char *volxlate(const AFPObj *obj, q++; } } else if (IS_VAR(p, "$c")) { - DSI *dsi = obj->dsi; - if (obj->username[0]) { + if (IS_AFP_SESSION(obj)) { + DSI *dsi = obj->dsi; len = sprintf(dest, "%s:%u", getip_string((struct sockaddr *)&dsi->client), getip_port((struct sockaddr *)&dsi->client)); - } else { + dest += len; + destlen -= len; } - dest += len; - destlen -= len; } else if (IS_VAR(p, "$d")) { q = path; } else if (pwd && IS_VAR(p, "$f")) { @@ -566,8 +562,8 @@ static struct vol *creatvol(AFPObj *obj, { EC_INIT; struct vol *volume = NULL; - int suffixlen, vlen, tmpvlen, u8mvlen, macvlen; - char tmpname[AFPVOL_U8MNAMELEN+1]; + int i, suffixlen, vlen, tmpvlen, u8mvlen, macvlen; + char *tmpname; ucs2_t u8mtmpname[(AFPVOL_U8MNAMELEN+1)*2], mactmpname[(AFPVOL_MACNAMELEN+1)*2]; char suffix[6]; /* max is #FFFF */ uint16_t flags; @@ -627,20 +623,33 @@ static struct vol *creatvol(AFPObj *obj, EC_NULL( volume->v_veto = strdup(val) ); /* vol charset is in [G] and [V] */ - if (val = getoption(obj->iniconfig, section, "vol charset", preset, NULL)) + if (val = getoption(obj->iniconfig, section, "vol charset", preset, NULL)) { + if (strcasecmp(val, "UTF-8") == 0) { + val = strdup("UTF8"); + } EC_NULL( volume->v_volcodepage = strdup(val) ); + } else EC_NULL( volume->v_volcodepage = strdup(obj->options.volcodepage) ); /* mac charset is in [G] and [V] */ - if (val = getoption(obj->iniconfig, section, "mac charset", preset, NULL)) + if (val = getoption(obj->iniconfig, section, "mac charset", preset, NULL)) { + if (strncasecmp(val, "MAC", 3) != 0) { + LOG(log_warning, logtype_afpd, "Is '%s' really mac charset? ", val); + } EC_NULL( volume->v_maccodepage = strdup(val) ); + } else - EC_NULL( volume->v_maccodepage = strdup(obj->options.maccodepage) ); + EC_NULL( volume->v_maccodepage = strdup(obj->options.maccodepage) ); + + vlen = strlen(name); + tmpname = strdup(name); + for(i = 0; i < vlen; i++) + if(tmpname[i] == '/') tmpname[i] = ':'; bstring dbpath; EC_NULL_LOG( val = iniparser_getstring(obj->iniconfig, INISEC_GLOBAL, "vol dbpath", _PATH_STATEDIR "CNID/") ); - EC_NULL_LOG( dbpath = bformat("%s/%s/", val, name) ); + EC_NULL_LOG( dbpath = bformat("%s/%s/", val, tmpname) ); EC_NULL_LOG( volume->v_dbpath = strdup(bdata(dbpath)) ); bdestroy(dbpath); @@ -739,7 +748,7 @@ static struct vol *creatvol(AFPObj *obj, if (getoption_bool(obj->iniconfig, section, "acls", preset, 1)) volume->v_flags |= AFPVOL_ACLS; #endif - if (!getoption_bool(obj->iniconfig, section, "convert adouble", preset, 1)) + if (!getoption_bool(obj->iniconfig, section, "convert appledouble", preset, 1)) volume->v_flags |= AFPVOL_NOV2TOEACONV; if (getoption_bool(obj->iniconfig, section, "preexec close", preset, 0)) @@ -752,12 +761,15 @@ static struct vol *creatvol(AFPObj *obj, * 1) neither the rolist nor the rwlist exist -> rw * 2) rolist exists -> ro if user is in it. * 3) rwlist exists -> ro unless user is in it. + * 4) cnid scheme = last -> ro forcibly. */ if (pwd) { if (accessvol(obj, getoption(obj->iniconfig, section, "rolist", preset, NULL), pwd->pw_name) == 1 || accessvol(obj, getoption(obj->iniconfig, section, "rwlist", preset, NULL), pwd->pw_name) == 0) volume->v_flags |= AFPVOL_RO; } + if (0 == strcmp(volume->v_cnidscheme, "last")) + volume->v_flags |= AFPVOL_RO; if ((volume->v_flags & AFPVOL_NODEV)) volume->v_ad_options |= ADVOL_NODEV; @@ -788,12 +800,9 @@ static struct vol *creatvol(AFPObj *obj, /* because v_vid has not been decided yet. */ suffixlen = sprintf(suffix, "#%X", lastvid + 1 ); - - vlen = strlen( name ); - /* Unicode Volume Name */ /* Firstly convert name from unixcharset to UTF8-MAC */ - flags = CONV_IGNORE; + flags = CONV_IGNORE | CONV_ALLOW_SLASH; tmpvlen = convert_charset(obj->options.unixcharset, CH_UTF8_MAC, 0, name, vlen, tmpname, AFPVOL_U8MNAMELEN, &flags); if (tmpvlen <= 0) { strcpy(tmpname, "???"); @@ -803,7 +812,7 @@ static struct vol *creatvol(AFPObj *obj, /* Do we have to mangle ? */ if ( (flags & CONV_REQMANGLE) || (tmpvlen > obj->options.volnamelen)) { if (tmpvlen + suffixlen > obj->options.volnamelen) { - flags = CONV_FORCE; + flags = CONV_FORCE | CONV_ALLOW_SLASH; tmpvlen = convert_charset(obj->options.unixcharset, CH_UTF8_MAC, 0, name, vlen, tmpname, obj->options.volnamelen - suffixlen, &flags); tmpname[tmpvlen >= 0 ? tmpvlen : 0] = 0; } @@ -819,7 +828,7 @@ static struct vol *creatvol(AFPObj *obj, /* Maccharset Volume Name */ /* Firsty convert name from unixcharset to maccharset */ - flags = CONV_IGNORE; + flags = CONV_IGNORE | CONV_ALLOW_SLASH; tmpvlen = convert_charset(obj->options.unixcharset, obj->options.maccharset, 0, name, vlen, tmpname, AFPVOL_U8MNAMELEN, &flags); if (tmpvlen <= 0) { strcpy(tmpname, "???"); @@ -829,7 +838,7 @@ static struct vol *creatvol(AFPObj *obj, /* Do we have to mangle ? */ if ( (flags & CONV_REQMANGLE) || (tmpvlen > AFPVOL_MACNAMELEN)) { if (tmpvlen + suffixlen > AFPVOL_MACNAMELEN) { - flags = CONV_FORCE; + flags = CONV_FORCE | CONV_ALLOW_SLASH; tmpvlen = convert_charset(obj->options.unixcharset, obj->options.maccharset, 0, @@ -884,16 +893,16 @@ static struct vol *creatvol(AFPObj *obj, initvol_vfs(volume); /* get/store uuid from file in afpd master*/ - if (!(pwd) && (volume->v_flags & AFPVOL_TM)) { - char *uuid = get_vol_uuid(obj, volume->v_localname); - if (!uuid) { - LOG(log_error, logtype_afpd, "Volume '%s': couldn't get UUID", - volume->v_localname); - } else { - volume->v_uuid = uuid; - LOG(log_debug, logtype_afpd, "Volume '%s': UUID '%s'", - volume->v_localname, volume->v_uuid); - } + become_root(); + char *uuid = get_vol_uuid(obj, volume->v_localname); + unbecome_root(); + if (!uuid) { + LOG(log_error, logtype_afpd, "Volume '%s': couldn't get UUID", + volume->v_localname); + } else { + volume->v_uuid = uuid; + LOG(log_debug, logtype_afpd, "Volume '%s': UUID '%s'", + volume->v_localname, volume->v_uuid); } /* no errors shall happen beyond this point because the cleanup would mess the volume chain up */ @@ -942,13 +951,16 @@ static int vol_section(const char *sec) static int readvolfile(AFPObj *obj, const struct passwd *pwent) { EC_INIT; + static int regexerr = -1; + static regex_t reg; char path[MAXPATHLEN + 1]; char volname[AFPVOL_U8MNAMELEN + 1]; char tmp[MAXPATHLEN + 1]; - const char *preset, *default_preset, *p; + const char *preset, *default_preset, *p, *basedir; char *q, *u; int i; struct passwd *pw; + regmatch_t match[1]; LOG(log_debug, logtype_afpd, "readvolfile: BEGIN"); @@ -967,10 +979,33 @@ static int readvolfile(AFPObj *obj, const struct passwd *pwent) continue; if (STRCMP(secname, ==, INISEC_HOMES)) { have_uservol = 1; - if (obj->username[0] == 0 + if (!IS_AFP_SESSION(obj) || strcmp(obj->username, obj->options.guest) == 0) /* not an AFP session, but cnid daemon, dbd or ad util, or guest login */ continue; + if (pwent->pw_dir == NULL || STRCMP("", ==, pwent->pw_dir)) + /* no user home */ + continue; + + /* check if user home matches our "basedir regex" */ + if ((basedir = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "basedir regex", NULL)) == NULL) { + LOG(log_error, logtype_afpd, "\"basedir regex =\" must be defined in [Homes] section"); + continue; + } + LOG(log_debug, logtype_afpd, "readvolfile: basedir regex: '%s'", basedir); + + if (regexerr != 0 && (regexerr = regcomp(®, basedir, REG_EXTENDED)) != 0) { + char errbuf[1024]; + regerror(regexerr, ®, errbuf, sizeof(errbuf)); + LOG(log_debug, logtype_default, "readvolfile: bad basedir regex: %s", errbuf); + } + + if (regexec(®, pwent->pw_dir, 1, match, 0) == REG_NOMATCH) { + LOG(log_debug, logtype_default, "readvolfile: user home \"%s\" doesn't match basedir regex \"%s\"", + pwent->pw_dir, basedir); + continue; + } + strlcpy(tmp, pwent->pw_dir, MAXPATHLEN); strlcat(tmp, "/", MAXPATHLEN); if (p = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "path", NULL)) @@ -987,10 +1022,16 @@ static int readvolfile(AFPObj *obj, const struct passwd *pwent) /* do variable substitution for volume name */ if (STRCMP(secname, ==, INISEC_HOMES)) { - if (p = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "home name", "$u's home")) - strlcpy(tmp, p, MAXPATHLEN); - else - strlcpy(tmp, p, MAXPATHLEN); + p = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "home name", "$u's home"); + if (strstr(p, "$u") == NULL) { + LOG(log_warning, logtype_afpd, "home name must contain $u."); + p = "$u's home"; + } + if (strchr(p, ':') != NULL) { + LOG(log_warning, logtype_afpd, "home name must not contain \":\"."); + p = "$u's home"; + } + strlcpy(tmp, p, MAXPATHLEN); } else { strlcpy(tmp, secname, AFPVOL_U8MNAMELEN); } @@ -1087,7 +1128,7 @@ int load_charset(struct vol *vol) * @param obj (r) handle * @param delvol_fn (r) callback called for deleted volumes */ -int load_volumes(AFPObj *obj, void (*delvol_fn)(struct vol *)) +int load_volumes(AFPObj *obj, void (*delvol_fn)(const AFPObj *obj, struct vol *)) { EC_INIT; int fd = -1; @@ -1143,7 +1184,7 @@ int load_volumes(AFPObj *obj, void (*delvol_fn)(struct vol *)) if (vol->v_deleted) { LOG(log_debug, logtype_afpd, "load_volumes: deleted: %s", vol->v_localname); if (delvol_fn) - delvol_fn(vol); + delvol_fn(obj, vol); vol = Volumes; } } @@ -1215,6 +1256,8 @@ struct vol *getvolbyvid(const uint16_t vid ) struct vol *getvolbypath(AFPObj *obj, const char *path) { EC_INIT; + static int regexerr = -1; + static regex_t reg; struct vol *vol; struct vol *tmp; const struct passwd *pw; @@ -1224,8 +1267,6 @@ struct vol *getvolbypath(AFPObj *obj, const char *path) char tmpbuf[MAXPATHLEN + 1]; const char *secname, *basedir, *p = NULL, *subpath = NULL, *subpathconfig; char *user = NULL, *prw; - int regexerr = -1; - static regex_t reg; regmatch_t match[1]; LOG(log_debug, logtype_afpd, "getvolbypath(\"%s\")", path); @@ -1297,8 +1338,8 @@ struct vol *getvolbypath(AFPObj *obj, const char *path) if (prw != 0) subpath = prw; - strlcpy(obj->username, user, MAXUSERLEN); strlcat(tmpbuf, user, MAXPATHLEN); + strlcpy(obj->username, user, MAXUSERLEN); strlcat(tmpbuf, "/", MAXPATHLEN); /* (6) */ @@ -1322,6 +1363,8 @@ struct vol *getvolbypath(AFPObj *obj, const char *path) /* do variable substitution for volume name */ p = iniparser_getstring(obj->iniconfig, INISEC_HOMES, "home name", "$u's home"); + if (strstr(p, "$u") == NULL) + p = "$u's home"; strlcpy(tmpbuf, p, AFPVOL_U8MNAMELEN); EC_NULL_LOG( volxlate(obj, volname, sizeof(volname) - 1, tmpbuf, pw, volpath, NULL) ); @@ -1357,7 +1400,7 @@ struct vol *getvolbyname(const char *name) /*! * Initialize an AFPObj and options from ini config file */ -int afp_config_parse(AFPObj *AFPObj) +int afp_config_parse(AFPObj *AFPObj, char *processname) { EC_INIT; dictionary *config; @@ -1367,11 +1410,14 @@ int afp_config_parse(AFPObj *AFPObj) char *q, *r; char val[MAXVAL]; + if (processname != NULL) + set_processname(processname); + AFPObj->afp_version = 11; options->configfile = AFPObj->cmdlineconfigfile ? strdup(AFPObj->cmdlineconfigfile) : strdup(_PATH_CONFDIR "afp.conf"); options->sigconffile = strdup(_PATH_STATEDIR "afp_signature.conf"); options->uuidconf = strdup(_PATH_STATEDIR "afp_voluuid.conf"); - options->flags = OPTION_ACL2MACCESS | OPTION_UUID | OPTION_SERVERNOTIF | AFPObj->cmdlineflags; + options->flags = OPTION_UUID | AFPObj->cmdlineflags; if ((config = iniparser_load(AFPObj->options.configfile)) == NULL) return -1; @@ -1381,11 +1427,11 @@ int afp_config_parse(AFPObj *AFPObj) options->logconfig = iniparser_getstrdup(config, INISEC_GLOBAL, "log level", "default:note"); options->logfile = iniparser_getstrdup(config, INISEC_GLOBAL, "log file", NULL); + setuplog(options->logconfig, options->logfile); + /* "server options" boolean options */ if (!iniparser_getboolean(config, INISEC_GLOBAL, "zeroconf", 1)) options->flags |= OPTION_NOZEROCONF; - if (iniparser_getboolean(config, INISEC_GLOBAL, "icon", 0)) - options->flags |= OPTION_CUSTOMICON; if (iniparser_getboolean(config, INISEC_GLOBAL, "advertise ssh", 0)) options->flags |= OPTION_ANNOUNCESSH; if (iniparser_getboolean(config, INISEC_GLOBAL, "map acls", 1)) @@ -1394,17 +1440,21 @@ int afp_config_parse(AFPObj *AFPObj) options->flags |= OPTION_KEEPSESSIONS; if (iniparser_getboolean(config, INISEC_GLOBAL, "close vol", 0)) options->flags |= OPTION_CLOSEVOL; - if (!iniparser_getboolean(config, INISEC_GLOBAL, "client polling", 1)) + if (!iniparser_getboolean(config, INISEC_GLOBAL, "client polling", 0)) options->flags |= OPTION_SERVERNOTIF; if (!iniparser_getboolean(config, INISEC_GLOBAL, "use sendfile", 1)) options->flags |= OPTION_NOSENDFILE; + if (iniparser_getboolean(config, INISEC_GLOBAL, "solaris share reservations", 1)) + options->flags |= OPTION_SHARE_RESERV; + if (iniparser_getboolean(config, INISEC_GLOBAL, "afp read locks", 0)) + options->flags |= OPTION_AFP_READ_LOCK; if (!iniparser_getboolean(config, INISEC_GLOBAL, "save password", 1)) options->passwdbits |= PASSWD_NOSAVE; if (iniparser_getboolean(config, INISEC_GLOBAL, "set password", 0)) options->passwdbits |= PASSWD_SET; /* figure out options w values */ - options->loginmesg = iniparser_getstrdup(config, INISEC_GLOBAL, "login message", ""); + options->loginmesg = iniparser_getstrdup(config, INISEC_GLOBAL, "login message", NULL); options->guest = iniparser_getstrdup(config, INISEC_GLOBAL, "guest account", "nobody"); options->passwdfile = iniparser_getstrdup(config, INISEC_GLOBAL, "passwd file",_PATH_AFPDPWFILE); options->uampath = iniparser_getstrdup(config, INISEC_GLOBAL, "uam path", _PATH_AFPDUAMPATH); @@ -1490,38 +1540,52 @@ int afp_config_parse(AFPObj *AFPObj) /* unix charset is in [G] only */ if (!(p = iniparser_getstring(config, INISEC_GLOBAL, "unix charset", NULL))) { - options->unixcharset = CH_UNIX; - options->unixcodepage = strdup("LOCALE"); + options->unixcodepage = strdup("UTF8"); + set_charset_name(CH_UNIX, "UTF8"); } else { - if ((options->unixcharset = add_charset(p)) == (charset_t)-1) { - options->unixcharset = CH_UNIX; - options->unixcodepage = strdup("LOCALE"); - LOG(log_warning, logtype_afpd, "Setting unix charset to '%s' failed", p); - } else { - options->unixcodepage = strdup(p); + if (strcasecmp(p, "LOCALE") == 0) { +#if defined(CODESET) + setlocale(LC_ALL, ""); + p = nl_langinfo(CODESET); + LOG(log_debug, logtype_afpd, "Locale charset is '%s'", p); +#else /* system doesn't have LOCALE support */ + LOG(log_warning, logtype_afpd, "system doesn't have LOCALE support"); + p = strdup("UTF8"); +#endif } + if (strcasecmp(p, "UTF-8") == 0) { + p = strdup("UTF8"); + } + options->unixcodepage = strdup(p); + set_charset_name(CH_UNIX, p); } + options->unixcharset = CH_UNIX; + LOG(log_debug, logtype_afpd, "Global unix charset is %s", options->unixcodepage); - /* vol charset is in [G[ and [V] */ + /* vol charset is in [G] and [V] */ if (!(p = iniparser_getstring(config, INISEC_GLOBAL, "vol charset", NULL))) { - options->volcodepage = strdup("UTF8"); + options->volcodepage = strdup(options->unixcodepage); } else { + if (strcasecmp(p, "UTF-8") == 0) { + p = strdup("UTF8"); + } options->volcodepage = strdup(p); } - + LOG(log_debug, logtype_afpd, "Global vol charset is %s", options->volcodepage); + /* mac charset is in [G] and [V] */ if (!(p = iniparser_getstring(config, INISEC_GLOBAL, "mac charset", NULL))) { - options->maccharset = CH_MAC; options->maccodepage = strdup("MAC_ROMAN"); + set_charset_name(CH_MAC, "MAC_ROMAN"); } else { - if ((options->maccharset = add_charset(p)) == (charset_t)-1) { - options->maccharset = CH_MAC; - options->maccodepage = strdup("MAC_ROMAN"); - LOG(log_warning, logtype_afpd, "Setting mac charset to '%s' failed", p); - } else { - options->maccodepage = strdup(p); + if (strncasecmp(p, "MAC", 3) != 0) { + LOG(log_warning, logtype_afpd, "Is '%s' really mac charset? ", p); } + options->maccodepage = strdup(p); + set_charset_name(CH_MAC, p); } + options->maccharset = CH_MAC; + LOG(log_debug, logtype_afpd, "Global mac charset is %s", options->maccodepage); /* Check for sane values */ if (options->tickleval <= 0)