X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=amandad-src%2Famandad.c;fp=amandad-src%2Famandad.c;h=5c15e0442efbae2afca8eeb3f762f25d442aa190;hb=b116e9366c7b2ea2c2eb53b0a13df4090e176235;hp=1c47ae446467868dfb2dbb49ef9a04e1bb08e4e5;hpb=fd48f3e498442f0cbff5f3606c7c403d0566150e;p=debian%2Famanda

diff --git a/amandad-src/amandad.c b/amandad-src/amandad.c
index 1c47ae4..5c15e04 100644
--- a/amandad-src/amandad.c
+++ b/amandad-src/amandad.c
@@ -212,6 +212,17 @@ main(
     safe_fd(-1, 0);
     safe_cd();
 
+    /*
+     * Nexenta needs the SUN_PERSONALITY env variable to be unset, otherwise
+     * the Sun version of tar in /usr/sun/sbin/tar is called instead.
+     *
+     * On other operating systems this will have no effect.
+     */
+
+#ifdef HAVE_UNSETENV
+    unsetenv("SUN_PERSONALITY");
+#endif
+
     /*
      * When called via inetd, it is not uncommon to forget to put the
      * argv[0] value on the config line.  On some systems (e.g. Solaris)
@@ -549,7 +560,7 @@ protocol_accept(
     }
 
     /*
-     * If we have errors (not warnings) from the config file, let the server
+     * If we have errors (not warnings) from the config file, let the remote system
      * know immediately.  Unfortunately, we only get one ERROR line, so if there
      * are multiple errors, we just show the first.
      */
@@ -574,6 +585,8 @@ protocol_accept(
 	return;
     }
 
+    g_debug("authenticated peer name is '%s'", security_get_authenticated_peer_name(handle));
+
     /*
      * If pkt is NULL, then there was a problem with the new connection.
      */
@@ -1403,6 +1416,7 @@ process_readnetfd(
 
 	/* fill info_end_buf from the tail end of combined_buf */
 	memcpy(as->info_end_buf, combined_buf + n, INFO_END_LEN);
+	amfree(combined_buf);
 
 	/* if we did see info_end_str, start reading the data fd (fd 0) */
 	if (as->seen_info_end) {
@@ -1519,6 +1533,8 @@ service_new(
     struct active_service *as;
     pid_t pid;
     int newfd;
+    char *peer_name;
+    char *amanda_remote_host_env[2];
 
     assert(security_handle != NULL);
     assert(cmd != NULL);
@@ -1632,6 +1648,16 @@ service_new(
 	 * and start up.
 	 */
 
+	/* set up the AMANDA_AUTHENTICATED_PEER env var so child services
+	 * can use it to authenticate */
+	peer_name = security_get_authenticated_peer_name(security_handle);
+	amanda_remote_host_env[0] = NULL;
+	amanda_remote_host_env[1] = NULL;
+	if (*peer_name) {
+	    amanda_remote_host_env[0] =
+		g_strdup_printf("AMANDA_AUTHENTICATED_PEER=%s", peer_name);
+	}
+
 	/*
 	 * The data stream is stdin in the new process
 	 */
@@ -1721,7 +1747,7 @@ service_new(
         aclose(data_write[STDERR_PIPE][1]);
 	safe_fd(DATA_FD_OFFSET, DATA_FD_COUNT*2);
 
-	execle(cmd, cmd, "amandad", auth, (char *)NULL, safe_env());
+	execle(cmd, cmd, "amandad", auth, (char *)NULL, safe_env_full(amanda_remote_host_env));
 	error(_("could not exec service %s: %s\n"), cmd, strerror(errno));
 	/*NOTREACHED*/
     }