} else
set_uid = 0;
- p = *lp_gid(i) ? strtok(lp_gid(i), ", ") : NULL;
+ p = *lp_gid(i) ? conf_strtok(lp_gid(i)) : NULL;
if (p) {
/* The "*" gid must be the first item in the list. */
if (strcmp(p, "*") == 0) {
#endif
} else if (add_a_group(f_out, p) < 0)
return -1;
- while ((p = strtok(NULL, ", ")) != NULL) {
+ while ((p = conf_strtok(NULL)) != NULL) {
#if defined HAVE_INITGROUPS && !defined HAVE_GETGROUPLIST
if (pw) {
rprintf(FLOG, "This rsync cannot add groups after \"*\".\n");
access. Finally, users susan, joe, and sam get the ro/rw setting of the
module, but only if the user didn't match an earlier group-matching rule.
+If you need to specify a user or group name with a space in it, start your list
+with a comma to indicate that the list should only be split on commas (though
+leading and trailing whitespace will also be removed, and empty entries are
+just ignored). For example:
+
+verb( auth users = , joe:deny, @Some Group:deny, admin:rw, @RO Group:ro )
+
See the description of the secrets file for how you can have per-user passwords
as well as per-group passwords. It also explains how a user can authenticate
using their user password or (when applicable) a group password, depending on
false, the check is not performed. The default is true. This parameter
was added to accommodate rsync running on the Windows operating system.
-dit(bf(hosts allow)) This parameter allows you to specify a
-list of patterns that are matched against a connecting clients
-hostname and IP address. If none of the patterns match then the
+dit(bf(hosts allow)) This parameter allows you to specify a list of comma-
+and/or whitespace-separated patterns that are matched against a connecting
+client's hostname and IP address. If none of the patterns match, then the
connection is rejected.
Each pattern can be in one of five forms:
The default is no "hosts allow" parameter, which means all hosts can connect.
-dit(bf(hosts deny)) This parameter allows you to specify a
-list of patterns that are matched against a connecting clients
-hostname and IP address. If the pattern matches then the connection is
+dit(bf(hosts deny)) This parameter allows you to specify a list of comma-
+and/or whitespace-separated patterns that are matched against a connecting
+clients hostname and IP address. If the pattern matches then the connection is
rejected. See the "hosts allow" parameter for more information.
The default is no "hosts deny" parameter, which means all hosts can connect.
}
}
+/**
+ * Split a string into tokens based (usually) on whitespace & commas. If the
+ * string starts with a comma (after skipping any leading whitespace), then
+ * splitting is done only on commas. No empty tokens are ever returned. */
+char *conf_strtok(char *str)
+{
+ static int commas_only = 0;
+
+ if (str) {
+ while (isSpace(str)) str++;
+ if (*str == ',') {
+ commas_only = 1;
+ str++;
+ } else
+ commas_only = 0;
+ }
+
+ while (commas_only) {
+ char *end, *tok = strtok(str, ",");
+ if (!tok)
+ return NULL;
+ /* Trim just leading and trailing whitespace. */
+ while (isSpace(tok))
+ tok++;
+ end = tok + strlen(tok);
+ while (end > tok && isSpace(end-1))
+ *--end = '\0';
+ if (*tok)
+ return tok;
+ str = NULL;
+ }
+
+ return strtok(str, " ,\t\r\n");
+}
+
/* Join strings p1 & p2 into "dest" with a guaranteed '/' between them. (If
* p1 ends with a '/', no extra '/' is inserted.) Returns the length of both
* strings + 1 (if '/' was inserted), regardless of whether the null-terminated
projects / thirdparty / rsync.git / commitdiff
