From: yoe Date: Tue, 2 Sep 2003 12:47:49 +0000 (+0000) Subject: r35: Added an option to allow for selecting the .allow file on the command X-Git-Url: http://git.alex.org.uk r35: Added an option to allow for selecting the .allow file on the command line, instead of relying on compile-time directive. --- diff --git a/nbd-server.1.sgml b/nbd-server.1.sgml index d96b919..f2de5cf 100644 --- a/nbd-server.1.sgml +++ b/nbd-server.1.sgml @@ -64,6 +64,7 @@ manpage.1: manpage.sgml + @@ -168,6 +169,23 @@ manpage.1: manpage.sgml this option is strongly recommended. + + + + This argument should contain a list of IP-addresses + for hosts that may connect to the server. Wildcards are + not allowed. If the file does not + exist, it is ignored (and any host can connect); If the file + does exist, but is empty, no host can connect. By default, + the name 'nbd_server.allow' is used, and looked for in the + current directory, unless nbd-server is compiled as a + daemon, in which case it is looked for in the + root-directory. + + + + + @@ -192,22 +210,6 @@ manpage.1: manpage.sgml - FILES - - - - nbd_server.allow - - This file, which must be in the directory where - nbd-server is invoked, can contain a list of IP-addresses - for hosts that may connect to the server. Wildcards are - not allowed. - - - - - - SEE ALSO nbd-client (8). @@ -215,8 +217,12 @@ manpage.1: manpage.sgml AUTHOR - The NBD kernel module and the NBD tools were written by - Pavel Machek (pavel@ucw.cz) + The NBD kernel module and the NBD tools were originally + written by Pavel Machek (pavel@ucw.cz) + + The kernel module is now maintained by Paul Clements + (Paul.Clements@steeleye.com), while the userland tools are + maintained by &dhusername; (&dhemail;) This manual page was written by &dhusername; (&dhemail;) for the &debian; system (but may be used by others). Permission is diff --git a/nbd-server.c b/nbd-server.c index bd46507..b94e2ba 100644 --- a/nbd-server.c +++ b/nbd-server.c @@ -57,14 +57,6 @@ // #define ISSERVER #define MY_NAME "nbd_server" -/* Authorization file should contain lines with IP addresses of - clients authorized to use the server. If it does not exist, - access is permitted. - - You may want to set this to an absolute path if you're not using - -DNODAEMON, since if you don't, nbd-server will look for this file - in the root-directory ("/"). */ -#define AUTH_FILE "nbd_server.allow" /* how much space for child PIDs we have by default. Dynamically allocated, and will be realloc()ed if out of space, so this should probably be fair for most situations. */ @@ -74,7 +66,6 @@ //#undef _IO /* Deep magic: ioctl.h defines _IO macro (at least on linux) */ - /* Debugging macros, now nothing goes to syslog unless you say ISSERVER */ #ifdef ISSERVER #define msg2(a,b) syslog(a,b) @@ -86,7 +77,6 @@ #define msg4(a,b,c,d) do { fprintf(stderr,b,c,d); fputs("\n",stderr) ; } while(0) #endif - #include #include /* For BLKGETSIZE */ @@ -108,6 +98,7 @@ void set_peername(int net,char *clientname); char difffilename[256]; unsigned int timeout = 0; int autoreadonly = 0; +char *auth_file="nbd_server.allow"; int authorized_client(char *name) /* 0 - authorization refused, 1 - OK @@ -118,9 +109,9 @@ int authorized_client(char *name) char line[LINELEN] ; - if ((f=fopen(AUTH_FILE,"r"))==NULL) { + if ((f=fopen(auth_file,"r"))==NULL) { msg4(LOG_INFO,"Can't open authorization file %s (%s).", - AUTH_FILE,strerror(errno)) ; + auth_file,strerror(errno)) ; return 1 ; } @@ -193,6 +184,7 @@ void cmdline(int argc, char *argv[]) " -r read only\n" " -m multiple file\n" " -c copy on write\n" + " -l file with list of hosts that are allowed to connect.\n" " -a maximum idle seconds, terminates when idle time exceeded\n" " if port is set to 0, stdin is used (for running from inetd)\n" " if file_to_export contains '%%s', it is substituted with IP\n" @@ -212,6 +204,14 @@ void cmdline(int argc, char *argv[]) break; case 'c': flags |=F_COPYONWRITE; break; + case 'l': + free(auth_file); + if (i+1