X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=server-src%2Fdumper.c;h=1c75398dc0ea006ebdbef431cf95ad5e36b59663;hb=HEAD;hp=9ce7c3562d3961ad50ba49906e786d182704b0f5;hpb=d5853102f67d85d8e169f9dbe973ad573306c215;p=debian%2Famanda diff --git a/server-src/dumper.c b/server-src/dumper.c index 9ce7c35..1c75398 100644 --- a/server-src/dumper.c +++ b/server-src/dumper.c @@ -1,6 +1,7 @@ /* * Amanda, The Advanced Maryland Automatic Network Disk Archiver * Copyright (c) 1991-1999 University of Maryland at College Park + * Copyright (c) 2007-2012 Zmanda, Inc. All Rights Reserved. * All Rights Reserved. * * Permission to use, copy, modify, distribute, and sell this software and its @@ -73,6 +74,18 @@ struct databuf { pid_t encryptpid; /* valid if fd is pipe to encrypt */ }; +struct databuf *g_databuf = NULL; + +typedef struct filter_s { + int fd; + char *name; + char *buffer; + gint64 first; /* first byte used */ + gint64 size; /* number of byte use in the buffer */ + gint64 allocated_size ; /* allocated size of the buffer */ + event_handle_t *event; +} filter_t; + static char *handle = NULL; static char *errstr = NULL; @@ -112,6 +125,9 @@ static time_t conf_dtimeout; static int indexfderror; static int set_datafd; static char *dle_str = NULL; +static char *errfname = NULL; +static int errf_lines = 0; +static int max_warnings = 0; static dumpfile_t file; @@ -152,10 +168,10 @@ static void process_dumpeof(void); static void process_dumpline(const char *); static void add_msg_data(const char *, size_t); static void parse_info_line(char *); -static void log_msgout(logtype_t); +static int log_msgout(logtype_t); static char * dumper_get_security_conf (char *, void *); -static int runcompress(int, pid_t *, comp_t); +static int runcompress(int, pid_t *, comp_t, char *); static int runencrypt(int, pid_t *, encrypt_t); static void sendbackup_response(void *, pkt_t *, security_handle_t *); @@ -275,25 +291,27 @@ xml_check_options( srvcompress = COMP_BEST; } else if (dle->compress == COMP_SERVER_CUST) { srvcompress = COMP_SERVER_CUST; - srvcompprog = dle->compprog; + srvcompprog = g_strdup(dle->compprog); } else if (dle->compress == COMP_CUST) { srvcompress = COMP_CUST; - clntcompprog = dle->compprog; + clntcompprog = g_strdup(dle->compprog); } else { srvcompress = COMP_NONE; } if (dle->encrypt == ENCRYPT_CUST) { srvencrypt = ENCRYPT_CUST; - clnt_encrypt = dle->clnt_encrypt; - clnt_decrypt_opt = dle->clnt_decrypt_opt; + clnt_encrypt = g_strdup(dle->clnt_encrypt); + clnt_decrypt_opt = g_strdup(dle->clnt_decrypt_opt); } else if (dle->encrypt == ENCRYPT_SERV_CUST) { srvencrypt = ENCRYPT_SERV_CUST; - srv_encrypt = dle->clnt_encrypt; - srv_decrypt_opt = dle->clnt_decrypt_opt; + srv_encrypt = g_strdup(dle->srv_encrypt); + srv_decrypt_opt = g_strdup(dle->srv_decrypt_opt); } else { srvencrypt = ENCRYPT_NONE; } + free_dle(dle); + amfree(o); } @@ -314,6 +332,11 @@ main( char *cfg_opt = NULL; int dumper_setuid; + if (argc > 1 && argv && argv[1] && g_str_equal(argv[1], "--version")) { + printf("dumper-%s\n", VERSION); + return (0); + } + /* * Configure program for internationalization: * 1) Only set the message locale for now. @@ -516,6 +539,11 @@ main( } dataport_list = newstralloc(dataport_list, cmdargs->argv[a++]); + if(a >= cmdargs->argc) { + error(_("error [dumper PORT-DUMP: not enough args: max_warnings]")); + } + max_warnings = atoi(cmdargs->argv[a++]); + if(a >= cmdargs->argc) { error(_("error [dumper PORT-DUMP: not enough args: options]")); } @@ -557,11 +585,12 @@ main( break; } databuf_init(&db, outfd); + g_databuf = &db; if (am_has_feature(their_features, fe_req_xml)) - xml_check_options(options); + xml_check_options(options); /* note: modifies globals */ else - check_options(options); + check_options(options); /* note: modifies globals */ rc = startup_dump(hostname, diskname, @@ -593,6 +622,10 @@ main( amfree(amandad_path); amfree(client_username); amfree(client_port); + amfree(device); + amfree(b64device); + amfree(qdiskname); + amfree(b64disk); break; @@ -705,6 +738,7 @@ databuf_flush( if (written == 0) { int save_errno = errno; m = vstrallocf(_("data write: %s"), strerror(save_errno)); + amfree(errstr); errstr = quote_string(m); amfree(m); errno = save_errno; @@ -888,6 +922,7 @@ bad_line: break; } g_fprintf(errf, "%s\n", str); + errf_lines++; amfree(buf); } @@ -975,24 +1010,33 @@ add_msg_data( } -static void +static int log_msgout( logtype_t typ) { char *line; + int count = 0; + int to_unlink = 1; fflush(errf); - if (fseek(errf, 0L, SEEK_SET) < 0) { + if (fseeko(errf, 0L, SEEK_SET) < 0) { dbprintf(_("log_msgout: warning - seek failed: %s\n"), strerror(errno)); } while ((line = agets(errf)) != NULL) { + if (max_warnings > 0 && errf_lines >= max_warnings && count >= max_warnings) { + log_add(typ, "Look in the '%s' file for full error messages", errfname); + to_unlink = 0; + break; + } if (line[0] != '\0') { log_add(typ, "%s", line); } amfree(line); + count++; } + amfree(line); - afclose(errf); + return to_unlink; } /* ------------- */ @@ -1131,6 +1175,8 @@ write_tapeheader( return -1; } +int indexout = -1; + static int do_dump( struct databuf *db) @@ -1138,14 +1184,14 @@ do_dump( char *indexfile_tmp = NULL; char *indexfile_real = NULL; char level_str[NUM_STR_SIZE]; + char *time_str; char *fn; char *q; times_t runtime; double dumptime; /* Time dump took in secs */ - char *errfname = NULL; - int indexout; pid_t indexpid = -1; char *m; + int to_unlink = 1; startclock(); @@ -1156,23 +1202,29 @@ do_dump( fh_init(&file); g_snprintf(level_str, SIZEOF(level_str), "%d", level); + time_str = get_timestamp_from_time(0); fn = sanitise_filename(diskname); + errf_lines = 0; errfname = newvstralloc(errfname, - AMANDA_TMPDIR, - "/", hostname, + AMANDA_DBGDIR, + "/log.error", NULL); + mkdir(errfname, 0700); + errfname = newvstralloc(errfname, + AMANDA_DBGDIR, + "/log.error/", hostname, ".", fn, ".", level_str, + ".", time_str, ".errout", NULL); amfree(fn); + amfree(time_str); if((errf = fopen(errfname, "w+")) == NULL) { errstr = newvstrallocf(errstr, "errfile open \"%s\": %s", errfname, strerror(errno)); amfree(errfname); goto failed; } - unlink(errfname); /* so it goes away on close */ - amfree(errfname); if (streams[INDEXFD].fd != NULL) { indexfile_real = getindexfname(hostname, diskname, dumper_timestamp, level); @@ -1193,7 +1245,7 @@ do_dump( indexfile_tmp, strerror(errno)); goto failed; } else { - if (runcompress(indexout, &indexpid, COMP_BEST) < 0) { + if (runcompress(indexout, &indexpid, COMP_BEST, "index compress") < 0) { aclose(indexout); goto failed; } @@ -1249,6 +1301,95 @@ do_dump( if (!errstr) errstr = stralloc(_("got no data")); } + if (indexfile_tmp) { + amwait_t index_status; + + /*@i@*/ aclose(indexout); + waitpid(indexpid,&index_status,0); + log_add(L_INFO, "pid-done %ld", (long)indexpid); + if (rename(indexfile_tmp, indexfile_real) != 0) { + log_add(L_WARNING, _("could not rename \"%s\" to \"%s\": %s"), + indexfile_tmp, indexfile_real, strerror(errno)); + } + amfree(indexfile_tmp); + amfree(indexfile_real); + } + + /* copy the header in a file on the index dir */ + if (ISSET(status, HEADER_DONE)) { + FILE *a; + char *s; + char *f = getheaderfname(hostname, diskname, dumper_timestamp, level); + a = fopen(f,"w"); + if (a) { + s = build_header(&file, NULL, DISK_BLOCK_BYTES); + fprintf(a,"%s", s); + g_free(s); + fclose(a); + } + g_free(f); + } + + if (db->compresspid != -1 && dump_result < 2) { + amwait_t wait_status; + char *errmsg = NULL; + + waitpid(db->compresspid, &wait_status, 0); + if (WIFSIGNALED(wait_status)) { + errmsg = g_strdup_printf(_("%s terminated with signal %d"), + "compress", WTERMSIG(wait_status)); + } else if (WIFEXITED(wait_status)) { + if (WEXITSTATUS(wait_status) != 0) { + errmsg = g_strdup_printf(_("%s exited with status %d"), + "compress", WEXITSTATUS(wait_status)); + } + } else { + errmsg = g_strdup_printf(_("%s got bad exit"), + "compress"); + } + if (errmsg) { + g_fprintf(errf, _("? %s\n"), errmsg); + g_debug("%s", errmsg); + dump_result = max(dump_result, 2); + if (!errstr) + errstr = errmsg; + else + g_free(errmsg); + } + log_add(L_INFO, "pid-done %ld", (long)db->compresspid); + db->compresspid = -1; + } + + if (db->encryptpid != -1 && dump_result < 2) { + amwait_t wait_status; + char *errmsg = NULL; + + waitpid(db->encryptpid, &wait_status, 0); + if (WIFSIGNALED(wait_status)) { + errmsg = g_strdup_printf(_("%s terminated with signal %d"), + "encrypt", WTERMSIG(wait_status)); + } else if (WIFEXITED(wait_status)) { + if (WEXITSTATUS(wait_status) != 0) { + errmsg = g_strdup_printf(_("%s exited with status %d"), + "encrypt", WEXITSTATUS(wait_status)); + } + } else { + errmsg = g_strdup_printf(_("%s got bad exit"), + "encrypt"); + } + if (errmsg) { + g_fprintf(errf, _("? %s\n"), errmsg); + g_debug("%s", errmsg); + dump_result = max(dump_result, 2); + if (!errstr) + errstr = errmsg; + else + g_free(errmsg); + } + log_add(L_INFO, "pid-done %ld", (long)db->encryptpid); + db->encryptpid = -1; + } + if (dump_result > 1) goto failed; @@ -1280,40 +1421,23 @@ do_dump( case 1: log_start_multiline(); log_add(L_STRANGE, "%s %s %d [%s]", hostname, qdiskname, level, errstr); - log_msgout(L_STRANGE); + to_unlink = log_msgout(L_STRANGE); log_end_multiline(); break; } - if (errf) afclose(errf); + if (errf) + afclose(errf); + if (errfname) { + if (to_unlink) + unlink(errfname); + amfree(errfname); + } if (data_path == DATA_PATH_AMANDA) aclose(db->fd); - if (indexfile_tmp) { - amwait_t index_status; - - /*@i@*/ aclose(indexout); - waitpid(indexpid,&index_status,0); - log_add(L_INFO, "pid-done %ld", (long)indexpid); - if (rename(indexfile_tmp, indexfile_real) != 0) { - log_add(L_WARNING, _("could not rename \"%s\" to \"%s\": %s"), - indexfile_tmp, indexfile_real, strerror(errno)); - } - amfree(indexfile_tmp); - amfree(indexfile_real); - } - - if(db->compresspid != -1) { - waitpid(db->compresspid,NULL,0); - log_add(L_INFO, "pid-done %ld", (long)db->compresspid); - } - if(db->encryptpid != -1) { - waitpid(db->encryptpid,NULL,0); - log_add(L_INFO, "pid-done %ld", (long)db->encryptpid); - } - amfree(errstr); dumpfile_free_data(&file); @@ -1380,11 +1504,17 @@ failed: log_add(L_FAIL, _("%s %s %s %d [%s]"), hostname, qdiskname, dumper_timestamp, level, errstr); if (errf) { - log_msgout(L_FAIL); + to_unlink = log_msgout(L_FAIL); } log_end_multiline(); - if (errf) afclose(errf); + if (errf) + afclose(errf); + if (errfname) { + if (to_unlink) + unlink(errfname); + amfree(errfname); + } if (indexfile_tmp) { unlink(indexfile_tmp); @@ -1392,6 +1522,9 @@ failed: amfree(indexfile_real); } + amfree(errstr); + dumpfile_free_data(&file); + return 0; } @@ -1434,7 +1567,6 @@ read_mesgfd( default: assert(buf != NULL); add_msg_data(buf, (size_t)size); - security_stream_read(streams[MESGFD].fd, read_mesgfd, cookie); break; } @@ -1442,7 +1574,11 @@ read_mesgfd( /* Use the first in the dataport_list */ in_port_t data_port; char *data_host = dataport_list; - char *s= strchr(dataport_list, ':'); + char *s; + + s = strchr(dataport_list, ','); + if (s) *s = '\0'; /* use first data_port */ + s = strrchr(dataport_list, ':'); *s = '\0'; s++; data_port = atoi(s); @@ -1457,40 +1593,9 @@ read_mesgfd( stop_dump(); return; } - close(db->fd); + aclose(db->fd); if (data_path == DATA_PATH_AMANDA) { - char buffer[32770]; - if (strcmp(data_host, "255.255.255.255") == 0) { - int size; - char *s; - g_debug(_("Using indirect-tcp from port %d"), data_port); - db->fd = stream_client("127.0.0.1", data_port, - STREAM_BUFSIZE, 0, NULL, 0); - if (db->fd == -1) { - errstr = newvstrallocf(errstr, - _("Can't open indirect-tcp stream: %s"), - strerror(errno)); - dump_result = 2; - stop_dump(); - return; - } - size = full_read(db->fd, buffer, 32768); - if (size <= 0) { - errstr = newvstrallocf(errstr, - _("Can't read from indirect-tcp stream: %s"), - strerror(errno)); - dump_result = 2; - stop_dump(); - return; - } - buffer[size] = '\0'; - s = strchr(buffer, ':'); - *s++ = '\0'; - data_host = buffer; - data_port = atoi(s); - aclose(db->fd); - } - g_debug(_("Sending data to %s:%d"), data_host, data_port); + g_debug(_("Sending data to %s:%d\n"), data_host, data_port); db->fd = stream_client(data_host, data_port, STREAM_BUFSIZE, 0, NULL, 0); if (db->fd == -1) { @@ -1518,7 +1623,7 @@ read_mesgfd( * reading the datafd. */ if ((srvcompress != COMP_NONE) && (srvcompress != COMP_CUST)) { - if (runcompress(db->fd, &db->compresspid, srvcompress) < 0) { + if (runcompress(db->fd, &db->compresspid, srvcompress, "data compress") < 0) { dump_result = 2; stop_dump(); return; @@ -1554,6 +1659,7 @@ read_datafd( errstr = newvstrallocf(errstr, _("data read: %s"), security_stream_geterror(streams[DATAFD].fd)); dump_result = 2; + aclose(db->fd); stop_dump(); return; } @@ -1571,6 +1677,7 @@ read_datafd( } security_stream_close(streams[DATAFD].fd); streams[DATAFD].fd = NULL; + aclose(db->fd); /* * If the mesg fd and index fd has also shut down, then we're done. */ @@ -1596,8 +1703,6 @@ read_datafd( * Reset the timeout for future reads */ timeout(conf_dtimeout); - - security_stream_read(streams[DATAFD].fd, read_datafd, cookie); } /* @@ -1634,6 +1739,7 @@ read_indexfd( if ((set_datafd == 0 || streams[DATAFD].fd == NULL) && streams[MESGFD].fd == NULL) stop_dump(); + aclose(indexout); return; } @@ -1649,32 +1755,104 @@ read_indexfd( log_add(L_INFO, _("Index corrupted for %s:%s"), hostname, qdiskname); } } - security_stream_read(streams[INDEXFD].fd, read_indexfd, cookie); +} + +static void +handle_filter_stderr( + void *cookie) +{ + filter_t *filter = cookie; + ssize_t nread; + char *b, *p; + gint64 len; + + if (filter->buffer == NULL) { + /* allocate initial buffer */ + filter->buffer = g_malloc(2048); + filter->first = 0; + filter->size = 0; + filter->allocated_size = 2048; + } else if (filter->first > 0) { + if (filter->allocated_size - filter->size - filter->first < 1024) { + memmove(filter->buffer, filter->buffer + filter->first, + filter->size); + filter->first = 0; + } + } else if (filter->allocated_size - filter->size < 1024) { + /* double the size of the buffer */ + filter->allocated_size *= 2; + filter->buffer = g_realloc(filter->buffer, filter->allocated_size); + } + + nread = read(filter->fd, filter->buffer + filter->first + filter->size, + filter->allocated_size - filter->first - filter->size - 2); + + if (nread <= 0) { + event_release(filter->event); + aclose(filter->fd); + if (filter->size > 0 && filter->buffer[filter->first + filter->size - 1] != '\n') { + /* Add a '\n' at end of buffer */ + filter->buffer[filter->first + filter->size] = '\n'; + filter->size++; + } + } else { + filter->size += nread; + } + + /* process all complete lines */ + b = filter->buffer + filter->first; + filter->buffer[filter->first + filter->size] = '\0'; + while (b < filter->buffer + filter->first + filter->size && + (p = strchr(b, '\n')) != NULL) { + *p = '\0'; + g_fprintf(errf, _("? %s: %s\n"), filter->name, b); + if (errstr == NULL) { + errstr = stralloc(b); + } + len = p - b + 1; + filter->first += len; + filter->size -= len; + b = p + 1; + dump_result = max(dump_result, 1); + } + + if (nread <= 0) { + g_free(filter->buffer); + g_free(filter); + } } /* * Startup a timeout in the event handler. If the arg is 0, * then remove the timeout. */ +static event_handle_t *ev_timeout = NULL; +static time_t timeout_time; + static void timeout( time_t seconds) { - static event_handle_t *ev_timeout = NULL; + timeout_time = time(NULL) + seconds; /* - * First, remove a timeout if one is active. + * remove a timeout if seconds is 0 */ - if (ev_timeout != NULL) { - event_release(ev_timeout); - ev_timeout = NULL; + if (seconds == 0) { + if (ev_timeout != NULL) { + event_release(ev_timeout); + ev_timeout = NULL; + } + return; } /* - * Now, schedule a new one if 'seconds' is greater than 0 + * schedule a timeout if it not already scheduled */ - if (seconds > 0) - ev_timeout = event_register((event_id_t)seconds, EV_TIME, timeout_callback, NULL); + if (ev_timeout == NULL) { + ev_timeout = event_register((event_id_t)seconds, EV_TIME, + timeout_callback, NULL); + } } /* @@ -1685,8 +1863,20 @@ static void timeout_callback( void * unused) { + time_t now = time(NULL); (void)unused; /* Quiet unused parameter warning */ + if (ev_timeout != NULL) { + event_release(ev_timeout); + ev_timeout = NULL; + } + + if (timeout_time > now) { /* not a data timeout yet */ + ev_timeout = event_register((event_id_t)(timeout_time-now), EV_TIME, + timeout_callback, NULL); + return; + } + assert(unused == NULL); errstr = newstralloc(errstr, _("data timeout")); dump_result = 2; @@ -1707,8 +1897,9 @@ stop_dump(void) cmdargs = get_pending_cmd(); if (cmdargs) { if (cmdargs->cmd != ABORT) { - error(_("beurk")); + error(_("beurk %d"), cmdargs->cmd); } + amfree(errstr); errstr = stralloc(cmdargs->argv[1]); free_cmdargs(cmdargs); } @@ -1719,6 +1910,8 @@ stop_dump(void) streams[i].fd = NULL; } } + aclose(indexout); + aclose(g_databuf->fd); timeout(0); } @@ -1733,9 +1926,12 @@ static int runcompress( int outfd, pid_t * pid, - comp_t comptype) + comp_t comptype, + char *name) { int outpipe[2], rval; + int errpipe[2]; + filter_t *filter; assert(outfd >= 0); assert(pid != NULL); @@ -1746,11 +1942,25 @@ runcompress( return (-1); } + /* errpipe[0] is pipe's output, outpipe[1] is input. */ + if (pipe(errpipe) < 0) { + errstr = newvstrallocf(errstr, _("pipe: %s"), strerror(errno)); + return (-1); + } + + if (comptype != COMP_SERVER_CUST) { + g_debug("execute: %s %s", COMPRESS_PATH, + comptype == COMP_BEST ? COMPRESS_BEST_OPT : COMPRESS_FAST_OPT); + } else { + g_debug("execute: %s", srvcompprog); + } switch (*pid = fork()) { case -1: errstr = newvstrallocf(errstr, _("couldn't fork: %s"), strerror(errno)); aclose(outpipe[0]); aclose(outpipe[1]); + aclose(errpipe[0]); + aclose(errpipe[1]); return (-1); default: rval = dup2(outpipe[1], outfd); @@ -1758,8 +1968,19 @@ runcompress( errstr = newvstrallocf(errstr, _("couldn't dup2: %s"), strerror(errno)); aclose(outpipe[1]); aclose(outpipe[0]); + aclose(errpipe[1]); + filter = g_new0(filter_t, 1); + filter->fd = errpipe[0]; + filter->name = name; + filter->buffer = NULL; + filter->size = 0; + filter->allocated_size = 0; + filter->event = event_register((event_id_t)filter->fd, EV_READFD, + handle_filter_stderr, filter); return (rval); case 0: + close(outpipe[1]); + close(errpipe[0]); if (dup2(outpipe[0], 0) < 0) { error(_("err dup2 in: %s"), strerror(errno)); /*NOTREACHED*/ @@ -1768,11 +1989,16 @@ runcompress( error(_("err dup2 out: %s"), strerror(errno)); /*NOTREACHED*/ } + if (dup2(errpipe[1], 2) == -1) { + error(_("err dup2 err: %s"), strerror(errno)); + /*NOTREACHED*/ + } if (comptype != COMP_SERVER_CUST) { char *base = stralloc(COMPRESS_PATH); log_add(L_INFO, "%s pid %ld", basename(base), (long)getpid()); amfree(base); safe_fd(-1, 0); + set_root_privs(-1); execlp(COMPRESS_PATH, COMPRESS_PATH, ( comptype == COMP_BEST ? COMPRESS_BEST_OPT : COMPRESS_FAST_OPT), (char *)NULL); error(_("error: couldn't exec %s: %s"), COMPRESS_PATH, strerror(errno)); @@ -1782,8 +2008,9 @@ runcompress( log_add(L_INFO, "%s pid %ld", basename(base), (long)getpid()); amfree(base); safe_fd(-1, 0); + set_root_privs(-1); execlp(srvcompprog, srvcompprog, (char *)0); - error(_("error: couldn't exec server custom filter%s.\n"), srvcompprog); + error(_("error: couldn't exec server custom compression '%s'.\n"), srvcompprog); /*NOTREACHED*/ } } @@ -1804,6 +2031,8 @@ runencrypt( encrypt_t encrypttype) { int outpipe[2], rval; + int errpipe[2]; + filter_t *filter; assert(outfd >= 0); assert(pid != NULL); @@ -1814,19 +2043,41 @@ runencrypt( return (-1); } + /* errpipe[0] is pipe's output, outpipe[1] is input. */ + if (pipe(errpipe) < 0) { + errstr = newvstrallocf(errstr, _("pipe: %s"), strerror(errno)); + return (-1); + } + + g_debug("execute: %s", srv_encrypt); switch (*pid = fork()) { case -1: errstr = newvstrallocf(errstr, _("couldn't fork: %s"), strerror(errno)); aclose(outpipe[0]); aclose(outpipe[1]); + aclose(errpipe[0]); + aclose(errpipe[1]); return (-1); - default: + default: { + char *base; rval = dup2(outpipe[1], outfd); if (rval < 0) errstr = newvstrallocf(errstr, _("couldn't dup2: %s"), strerror(errno)); aclose(outpipe[1]); aclose(outpipe[0]); + aclose(errpipe[1]); + filter = g_new0(filter_t, 1); + filter->fd = errpipe[0]; + base = g_strdup(srv_encrypt); + filter->name = g_strdup(basename(base)); + amfree(base); + filter->buffer = NULL; + filter->size = 0; + filter->allocated_size = 0; + filter->event = event_register((event_id_t)filter->fd, EV_READFD, + handle_filter_stderr, filter); return (rval); + } case 0: { char *base; if (dup2(outpipe[0], 0) < 0) { @@ -1837,13 +2088,19 @@ runencrypt( error(_("err dup2 out: %s"), strerror(errno)); /*NOTREACHED*/ } + if (dup2(errpipe[1], 2) == -1) { + error(_("err dup2 err: %s"), strerror(errno)); + /*NOTREACHED*/ + } + close(errpipe[0]); base = stralloc(srv_encrypt); log_add(L_INFO, "%s pid %ld", basename(base), (long)getpid()); amfree(base); safe_fd(-1, 0); if ((encrypttype == ENCRYPT_SERV_CUST) && *srv_encrypt) { + set_root_privs(-1); execlp(srv_encrypt, srv_encrypt, (char *)0); - error(_("error: couldn't exec server encryption%s.\n"), srv_encrypt); + error(_("error: couldn't exec server custom encryption '%s'.\n"), srv_encrypt); /*NOTREACHED*/ } } @@ -1975,6 +2232,7 @@ bad_nak: *p++ = '\0'; if(strncmp_const_skip(tok, "features=", tok, ch) == 0) { char *u = strchr(tok, ';'); + ch = ch; if (u) *u = '\0'; am_release_feature_set(their_features); @@ -2105,7 +2363,6 @@ startup_dump( { char level_string[NUM_STR_SIZE]; char *req = NULL; - char *authopt; int response_error; const security_driver_t *secdrv; char *application_api; @@ -2171,7 +2428,7 @@ startup_dump( } vstrextend(&p, " ", level_string, "\n", NULL); vstrextend(&p, options+1, "\n", NULL); - pclean = clean_dle_str_for_client(p); + pclean = clean_dle_str_for_client(p, their_features); vstrextend(&req, pclean, NULL); amfree(pclean); dle_str = p; @@ -2181,7 +2438,6 @@ startup_dump( amfree(req); return 2; } else { - authopt = strstr(options, "auth="); if (auth == NULL) { auth = "BSD"; }