Imported Upstream version 3.2.0

[debian/amanda] / amandad-src / amandad.c

diff --git a/amandad-src/amandad.c b/amandad-src/amandad.c
index 1c47ae446467868dfb2dbb49ef9a04e1bb08e4e5..5c15e0442efbae2afca8eeb3f762f25d442aa190 100644 (file)
--- a/amandad-src/amandad.c
+++ b/amandad-src/amandad.c
@@ -212,6 +212,17 @@ main(
     safe_fd(-1, 0);
     safe_cd();
 
+    /*
+     * Nexenta needs the SUN_PERSONALITY env variable to be unset, otherwise
+     * the Sun version of tar in /usr/sun/sbin/tar is called instead.
+     *
+     * On other operating systems this will have no effect.
+     */
+
+#ifdef HAVE_UNSETENV
+    unsetenv("SUN_PERSONALITY");
+#endif
+
     /*
      * When called via inetd, it is not uncommon to forget to put the
      * argv[0] value on the config line.  On some systems (e.g. Solaris)
@@ -549,7 +560,7 @@ protocol_accept(
     }
 
     /*
-     * If we have errors (not warnings) from the config file, let the server
+     * If we have errors (not warnings) from the config file, let the remote system
      * know immediately.  Unfortunately, we only get one ERROR line, so if there
      * are multiple errors, we just show the first.
      */
@@ -574,6 +585,8 @@ protocol_accept(
        return;
     }
 
+    g_debug("authenticated peer name is '%s'", security_get_authenticated_peer_name(handle));
+
     /*
      * If pkt is NULL, then there was a problem with the new connection.
      */
@@ -1403,6 +1416,7 @@ process_readnetfd(
 
        /* fill info_end_buf from the tail end of combined_buf */
        memcpy(as->info_end_buf, combined_buf + n, INFO_END_LEN);
+       amfree(combined_buf);
 
        /* if we did see info_end_str, start reading the data fd (fd 0) */
        if (as->seen_info_end) {
@@ -1519,6 +1533,8 @@ service_new(
     struct active_service *as;
     pid_t pid;
     int newfd;
+    char *peer_name;
+    char *amanda_remote_host_env[2];
 
     assert(security_handle != NULL);
     assert(cmd != NULL);
@@ -1632,6 +1648,16 @@ service_new(
         * and start up.
         */
 
+       /* set up the AMANDA_AUTHENTICATED_PEER env var so child services
+        * can use it to authenticate */
+       peer_name = security_get_authenticated_peer_name(security_handle);
+       amanda_remote_host_env[0] = NULL;
+       amanda_remote_host_env[1] = NULL;
+       if (*peer_name) {
+           amanda_remote_host_env[0] =
+               g_strdup_printf("AMANDA_AUTHENTICATED_PEER=%s", peer_name);
+       }
+
        /*
         * The data stream is stdin in the new process
         */
@@ -1721,7 +1747,7 @@ service_new(
         aclose(data_write[STDERR_PIPE][1]);
        safe_fd(DATA_FD_OFFSET, DATA_FD_COUNT*2);
 
-       execle(cmd, cmd, "amandad", auth, (char *)NULL, safe_env());
+       execle(cmd, cmd, "amandad", auth, (char *)NULL, safe_env_full(amanda_remote_host_env));
        error(_("could not exec service %s: %s\n"), cmd, strerror(errno));
        /*NOTREACHED*/
     }