From: Wayne Davison Date: Sun, 11 Sep 2022 04:30:46 +0000 (-0700) Subject: Talk about the new daemon greeting line. X-Git-Tag: v3.2.7pre1~26 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=418e38a8789fd9b668961f945382c78806f2fb20;p=thirdparty%2Frsync.git Talk about the new daemon greeting line. --- diff --git a/csprotocol.txt b/csprotocol.txt index c8dadd41..4c7ec5b8 100644 --- a/csprotocol.txt +++ b/csprotocol.txt @@ -7,39 +7,54 @@ basically a summary of clientserver.c and authenticate.c. This is the protocol used for rsync --daemon; i.e. connections to port 873 rather than invocations over a remote shell. -When the server accepts a connection, it prints a greeting +When the server accepts a connection, it prints a newline-terminated +greeting line: - @RSYNCD: . + @RSYNCD: . -where is the numeric version (see PROTOCOL_VERSION in rsync.h) -'.' is a literal period, and is the numeric subprotocol -version (see SUBPROTOCOL_VERSION -- it will be 0 for final releases). -Protocols prior to 30 only output alone. The daemon expects -to see a similar greeting back from the client. For protocols prior to -30, an absent "." value is assumed to be 0. For protocol -30, an absent value is a fatal error. The daemon then follows this line -with a free-format text message-of-the-day (if any is defined). +The is the numeric version (see PROTOCOL_VERSION in rsync.h) +The is the numeric subprotocol version (which is 0 for a +final protocol version, as the SUBPROTOCOL_VERSION define discusses). +The names are the authentication digest algorithms that the +daemon supports, listed in order of preference. + +An rsync prior to 3.2.7 omits the digest names. An rsync prior to 3.0.0 +also omits the period and the value. Since a final +protocol has a subprotocol value of 0, a missing subprotocol value is +assumed to be 0 for any protocol prior to 30. It is considered a fatal +error for protocol 30 and above to omit it. It is considered a fatal +error for protocol 32 and above to omit the digest name list (currently +31 is the newest protocol). + +The daemon expects to see a similar greeting line back from the client. +Once received, the daemon follows the opening line with a free-format +text message-of-the-day (if any is defined). The server is now in the connected state. The client can either send -the command +the command: #list -to get a listing of modules, or the name of a module. After this, the +(to get a listing of modules) or the name of a module. After this, the connection is now bound to a particular module. Access per host for this module is now checked, as is per-module connection limits. -If authentication is required to use this module, the server will say +If authentication is required to use this module, the server will say: @RSYNCD: AUTHREQD where is a random string of base64 characters. The client -must respond with +must respond with: -where is the username they claim to be, and is the -base64 form of the MD4 hash of challenge+password. +The is the username they claim to be. The is the +base64 form of the digest hash of the challenge+password string. The +chosen digest method is the most preferred client method that is also in +the server's list. If no digest list was explicitly provided, the side +expecting a list assumes the other side provided either the single name +"md5" (for a negotiated protocol 30), or the single name "md4" (for an +older protocol). At this point the server applies all remaining constraints before handing control to the client, including switching uid/gid, setting up @@ -76,6 +91,11 @@ stay tuned (or write it yourself!). ------------ Protocol version changes +31 (2022-09-10, 3.2.7dev) + + The use of a suffixed list of digest names was added as an + optional suffix to the greeting line. + 30 (2007-10-04, 3.0.0pre1) The use of a "." number was added to