added "refuse options" option

clientserver.c

@@ -310,8 +310,7 @@ static int rsync_module(int fd, int i)
 		io_start_multiplex_out(fd);
 
 	if (!ret) {
-		rprintf(FERROR,"Error parsing options (unsupported option?) - aborting\n");
-		exit_cleanup(RERR_SYNTAX);
+		option_error();
 	}
 
 	if (lp_timeout(i)) {

loadparm.c

@@ -130,6 +130,7 @@ typedef struct
 	char *exclude;
 	char *exclude_from;
 	char *log_format;
+	char *refuse_options;
 	int timeout;
 } service;
 
@@ -153,6 +154,7 @@ static service sDefault =
 	NULL,    /* exclude */
 	NULL,    /* exclude from */
 	"%o %h [%a] %m (%u) %f %l",    /* log format */
+	NULL,    /* refuse options */
 	0        /* timeout */
 };
 
@@ -261,6 +263,7 @@ static struct parm_struct parm_table[] =
   {"exclude from",     P_STRING,  P_LOCAL,  &sDefault.exclude_from,NULL,   0},
   {"transfer logging", P_BOOL,    P_LOCAL,  &sDefault.transfer_logging,NULL,0},
   {"log format",       P_STRING,  P_LOCAL,  &sDefault.log_format,  NULL,   0},
+  {"refuse options",   P_STRING,  P_LOCAL,  &sDefault.refuse_options,NULL, 0},
   {NULL,               P_BOOL,    P_NONE,   NULL,                  NULL,   0}
 };
 
@@ -333,6 +336,7 @@ FN_LOCAL_STRING(lp_secrets_file, secrets_file)
 FN_LOCAL_STRING(lp_exclude, exclude)
 FN_LOCAL_STRING(lp_exclude_from, exclude_from)
 FN_LOCAL_STRING(lp_log_format, log_format)
+FN_LOCAL_STRING(lp_refuse_options, refuse_options)
 FN_LOCAL_INTEGER(lp_timeout, timeout)
 
 /* local prototypes */

options.c

@@ -205,14 +205,62 @@ static struct option long_options[] = {
   {0,0,0,0}};
 
 
+static char err_buf[100];
+
+void option_error(void)
+{
+	if (err_buf[0]) {
+		rprintf(FLOG,"%s", err_buf);
+		rprintf(FERROR,"%s", err_buf);
+	} else {
+		rprintf(FLOG,"Error parsing options - unsupported option?\n");
+		rprintf(FERROR,"Error parsing options - unsupported option?\n");
+	}
+	exit_cleanup(RERR_UNSUPPORTED);
+}
+
+/* check to see if we should refuse this option */
+static int check_refuse_options(char *ref, int opt)
+{
+	int i, len;
+	char *p;
+	const char *name;
+
+	for (i=0; long_options[i].name; i++) {
+		if (long_options[i].val == opt) break;
+	}
+	
+	if (!long_options[i].name) return 0;
+
+	name = long_options[i].name;
+	len = strlen(name);
+
+	while ((p = strstr(ref,name))) {
+		if (p[len] == ' ' || p[len] == 0) {
+			slprintf(err_buf,sizeof(err_buf),
+				 "The '%s' option is not supported by this server\n", name);
+			return 1;
+		}
+		ref += len;
+	}
+	return 0;
+}
+
+
 int parse_arguments(int argc, char *argv[])
 {
 	int opt;
 	int option_index;
+	char *ref = lp_refuse_options(module_id);
 
 	while ((opt = getopt_long(argc, argv, 
 				  short_options, long_options, &option_index)) 
 	       != -1) {
+
+		if (ref) {
+			if (check_refuse_options(ref, opt)) return 0;
+		}
+
 		switch (opt) {
 		case OPT_VERSION:
 			rprintf(FINFO,"rsync version %s  protocol version %d\n\n",
@@ -308,6 +356,7 @@ int parse_arguments(int argc, char *argv[])
 #if SUPPORT_HARD_LINKS
 			preserve_hard_links=1;
 #else 
+			slprintf(err_buf,sizeof(err_buf),"hard links are not supported on this server\n");
 			rprintf(FERROR,"ERROR: hard links not supported on this platform\n");
 			return 0;
 #endif
@@ -428,6 +477,7 @@ int parse_arguments(int argc, char *argv[])
 			break;
 
 		default:
+			slprintf(err_buf,sizeof(err_buf),"unrecognised option\n");
 			return 0;
 		}
 	}

rsyncd.conf.yo

@@ -286,6 +286,14 @@ is specified in seconds. A value of zero means no timeout and is the
 default. A good choice for anonymous rsync servers may be 600 (giving
 a 10 minute timeout).
 
+dit(bf(refuse options)) The "refuse options" option allows you to
+specify a space separated list of rsync command line options that will
+be refused by your rsync server. When an option is refused the server
+prints an error message and exits.
+
+The full names of the options must be used (ie. you must use
+"compress" not "z" to disable compression).
+
 enddit()
 
 manpagesection(AUTHENTICATION STRENGTH)