- changed the log messages to show the requested path

- some more paranoid buffer size checks
- separate open syslog call
- handle systems without LOG_NDELAY

authenticate.c

@@ -107,12 +107,7 @@ static int get_secret(int module, char *user, char *secret, int len)
 	close(fd);
 	if (!found) return 0;
 
-	if (strlen(pass) > len-1) {
-		memset(line, 0, sizeof(line));
-		return 0;
-	}
-
-	strcpy(secret, pass);
+	strlcpy(secret, pass, len);
 	return 1;
 }
 

clientserver.c

@@ -103,8 +103,8 @@ static int rsync_module(int fd, int i)
 	char *argv[MAX_ARGS];
 	char **argp;
 	char line[MAXPATHLEN];
-	uid_t uid;
-	gid_t gid;
+	uid_t uid = (uid_t)-2;
+	gid_t gid = (gid_t)-2;
 	char *p;
 	char *addr = client_addr(fd);
 	char *host = client_name(fd);
@@ -133,8 +133,6 @@ static int rsync_module(int fd, int i)
 		return -1;
 	}
 
-	rprintf(FINFO,"rsync on module %s from %s (%s)\n",
-		name, host, addr);
 	
 	module_id = i;
 
@@ -167,22 +165,28 @@ static int rsync_module(int fd, int i)
 	p = lp_exclude(i);
 	add_exclude_line(p);
 
+	log_open();
+
 	if (chroot(lp_path(i))) {
+		rprintf(FERROR,"chroot %s failed\n", lp_path(i));
 		io_printf(fd,"@ERROR: chroot failed\n");
 		return -1;
 	}
 
 	if (chdir("/")) {
+		rprintf(FERROR,"chdir %s failed\n", lp_path(i));
 		io_printf(fd,"@ERROR: chdir failed\n");
 		return -1;
 	}
 
-	if (setgid(gid)) {
+	if (setgid(gid) || getgid() != gid) {
+		rprintf(FERROR,"setgid %d failed\n", gid);
 		io_printf(fd,"@ERROR: setgid failed\n");
 		return -1;
 	}
 
-	if (setuid(uid)) {
+	if (setuid(uid) || getuid() != uid) {
+		rprintf(FERROR,"setuid %d failed\n", uid);
 		io_printf(fd,"@ERROR: setuid failed\n");
 		return -1;
 	}
@@ -206,7 +210,11 @@ static int rsync_module(int fd, int i)
 		}
 
 		if (start_glob) {
-			rprintf(FINFO,"transferring %s\n",p);
+			if (start_glob == 1) {
+				rprintf(FINFO,"rsync on %s from %s (%s)\n",
+					p, host, addr);
+				start_glob++;
+			}
 			glob_expand(name, argv, &argc, MAX_ARGS);
 		} else {
 			argc++;
@@ -319,6 +327,8 @@ static int start_daemon(int fd)
 
 int daemon_main(void)
 {
+	log_open();
+
 	if (is_a_socket(STDIN_FILENO)) {
 		/* we are running via inetd */
 		return start_daemon(STDIN_FILENO);

flist.c

@@ -616,7 +616,7 @@ struct file_list *send_file_list(int f,int argc,char *argv[])
 			   thus getting their permissions right */
 			*p = 0;
 			if (strcmp(lastpath,fname)) {
-				strcpy(lastpath, fname);
+				strlcpy(lastpath, fname, sizeof(lastpath)-1);
 				*p = '/';
 				for (p=fname+1; (p=strchr(p,'/')); p++) {
 					*p = 0;

loadparm.c

@@ -583,7 +583,7 @@ static BOOL lp_do_parameter(int snum, char *parmname, char *parmvalue)
        break;
 
      case P_GSTRING:
-       strcpy((char *)parm_ptr,parmvalue);
+       strlcpy((char *)parm_ptr,parmvalue,sizeof(pstring)-1);
        break;
 
      case P_ENUM:

log.c

@@ -24,6 +24,30 @@
 #include "rsync.h"
 
 
+void log_open(void)
+{
+	static int initialised;
+	int options = LOG_PID;
+
+	if (initialised) return;
+	initialised = 1;
+
+#ifdef LOG_NDELAY
+	options |= LOG_NDELAY;
+#endif
+
+#ifdef LOG_DAEMON
+	openlog("rsyncd", options, lp_syslog_facility());
+#else
+	openlog("rsyncd", options);
+#endif
+
+#ifndef LOG_NDELAY
+	syslog(LOG_INFO,"rsyncd started\n");
+#endif
+}
+		
+
 /* this is the rsync debugging function. Call it with FINFO or FERROR */
 void rprintf(int fd, const char *format, ...)
 {
@@ -44,19 +68,10 @@ void rprintf(int fd, const char *format, ...)
 	buf[len] = 0;
 
 	if (am_daemon) {
-		static int initialised;
 		int priority = LOG_INFO;
 		if (fd == FERROR) priority = LOG_WARNING;
 
-		if (!initialised) {
-			initialised = 1;
-#ifdef LOG_DAEMON
-			openlog("rsyncd", LOG_PID, lp_syslog_facility());
-#else
-			openlog("rsyncd", LOG_PID);
-#endif
-		}
-		
+		log_open();
 		syslog(priority, "%s", buf);
 		return;
 	}