* Copyright (C) 1996 Andrew Tridgell
* Copyright (C) 1996 Paul Mackerras
* Copyright (C) 2001, 2002 Martin Pool <mbp@samba.org>
- * Copyright (C) 2002-2009 Wayne Davison
+ * Copyright (C) 2002-2014 Wayne Davison
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
extern int filesfrom_fd;
extern int one_file_system;
extern int copy_dirlinks;
-extern int keep_dirlinks;
extern int preserve_uid;
extern int preserve_gid;
extern int preserve_acls;
extern int preserve_hard_links;
extern int preserve_devices;
extern int preserve_specials;
+extern int delete_during;
extern int missing_args;
-extern int sock_f_in;
-extern int uid_ndx;
-extern int gid_ndx;
extern int eol_nulls;
extern int relative_paths;
extern int implied_dirs;
-extern int file_extra_cnt;
extern int ignore_perishable;
extern int non_perishable_cnt;
extern int prune_empty_dirs;
extern int protocol_version;
extern int sanitize_paths;
extern int munge_symlinks;
+extern int use_safe_inc_flist;
extern int need_unsorted_flist;
extern int sender_symlink_iconv;
extern int output_needs_newline;
extern int sender_keeps_checksum;
extern int unsort_ndx;
+extern uid_t our_uid;
extern struct stats stats;
extern char *filesfrom_host;
extern char *usermap, *groupmap;
extern iconv_t ic_send, ic_recv;
#endif
-#ifdef HAVE_UTIMENSAT
-#ifdef HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC
-#define ST_MTIME_NSEC st_mtim.tv_nsec
-#elif defined(HAVE_STRUCT_STAT_ST_MTIMENSEC)
-#define ST_MTIME_NSEC st_mtimensec
-#endif
-#endif
-
#define PTR_SIZE (sizeof (struct file_struct *))
int io_error;
#define NORMAL_NAME 0
#define SLASH_ENDING_NAME 1
#define DOTDIR_NAME 2
+#define MISSING_NAME 3
/* Starting from protocol version 26, we always use 64-bit ino_t and dev_t
* internally, even if this platform does not allow files to have 64-bit inums.
* will survive just long enough to be used by send_file_entry(). */
static dev_t tmp_rdev;
#ifdef SUPPORT_HARD_LINKS
-static int64 tmp_dev, tmp_ino;
+static int64 tmp_dev = -1, tmp_ino;
#endif
static char tmp_sum[MAX_DIGEST_LEN];
xflags |= XMIT_MOD_NSEC;
#ifdef SUPPORT_HARD_LINKS
- if (tmp_dev != 0) {
+ if (tmp_dev != -1) {
if (protocol_version >= 30) {
struct ht_int64_node *np = idev_find(tmp_dev, tmp_ino);
first_hlink_ndx = (int32)(long)np->data - 1;
#endif
#ifdef SUPPORT_HARD_LINKS
- if (tmp_dev != 0 && protocol_version < 30) {
+ if (tmp_dev != -1 && protocol_version < 30) {
+ /* Older protocols expect the dev number to be transmitted
+ * 1-incremented so that it is never zero. */
if (protocol_version < 26) {
/* 32-bit dev_t and ino_t */
- write_int(f, (int32)dev);
+ write_int(f, (int32)(dev+1));
write_int(f, (int32)tmp_ino);
} else {
/* 64-bit dev_t and ino_t */
if (!(xflags & XMIT_SAME_DEV_pre30))
- write_longint(f, dev);
+ write_longint(f, dev+1);
write_longint(f, tmp_ino);
}
}
}
#endif
- if (*thisname)
- clean_fname(thisname, 0);
+ if (*thisname
+ && (clean_fname(thisname, CFN_REFUSE_DOT_DOT_DIRS) < 0 || (!relative_paths && *thisname == '/'))) {
+ rprintf(FERROR, "ABORTING due to unsafe pathname from sender: %s\n", thisname);
+ exit_cleanup(RERR_PROTOCOL);
+ }
if (sanitize_paths)
sanitize_path(thisname, thisname, "", 0, SP_DEFAULT);
memcpy(bp, basename, basename_len);
#ifdef SUPPORT_HARD_LINKS
- if (xflags & XMIT_HLINKED)
+ if (xflags & XMIT_HLINKED
+#ifndef CAN_HARDLINK_SYMLINK
+ && !S_ISLNK(mode)
+#endif
+#ifndef CAN_HARDLINK_SPECIAL
+ && !IS_SPECIAL(mode) && !IS_DEVICE(mode)
+#endif
+ )
file->flags |= FLAG_HLINKED;
#endif
file->modtime = (time_t)modtime;
if (sanitize_paths)
sanitize_path(thisname, thisname, "", 0, SP_DEFAULT);
- if (stp && (S_ISDIR(stp->st_mode) || stp->st_mode == 0)) {
+ if (stp && (S_ISDIR(stp->st_mode) || IS_MISSING_FILE(*stp))) {
/* This is needed to handle a "symlink/." with a --relative
* dir, or a request to delete a specific file. */
st = *stp;
full_fname(thisname));
}
return NULL;
- } else if (st.st_mode == 0) {
+ } else if (IS_MISSING_FILE(st)) {
io_error |= IOERR_GENERAL;
rprintf(FINFO, "skipping file with bogus (zero) st_mode: %s\n",
full_fname(thisname));
#endif
if (always_checksum && am_sender && S_ISREG(st.st_mode)) {
- file_checksum(thisname, tmp_sum, st.st_size);
+ file_checksum(thisname, &st, tmp_sum);
if (sender_keeps_checksum)
extra_len += SUM_EXTRA_CNT * EXTRA_LEN;
}
if (protocol_version >= 28
? (!S_ISDIR(st.st_mode) && st.st_nlink > 1)
: S_ISREG(st.st_mode)) {
- tmp_dev = (int64)st.st_dev + 1;
+ tmp_dev = (int64)st.st_dev;
tmp_ino = (int64)st.st_ino;
} else
- tmp_dev = 0;
+ tmp_dev = -1;
}
#endif
}
#endif
file->mode = st.st_mode;
- if (uid_ndx) /* Check uid_ndx instead of preserve_uid for del support */
+ if (preserve_uid)
F_OWNER(file) = st.st_uid;
- if (gid_ndx) /* Check gid_ndx instead of preserve_gid for del support */
+ if (preserve_gid)
F_GROUP(file) = st.st_gid;
+ if (am_generator && st.st_uid == our_uid)
+ file->flags |= FLAG_OWNED_BY_US;
if (basename != thisname)
file->dirname = lastdir;
unsigned int len = strlen(fbuf);
if (len > 1 && fbuf[len-1] == '/')
fbuf[--len] = '\0';
- if (len >= MAXPATHLEN - 1) {
- io_error |= IOERR_GENERAL;
- rprintf(FERROR_XFER, "skipping long-named directory: %s\n",
- full_fname(fbuf));
- return;
- }
save_filters = push_local_filters(fbuf, len);
send_directory(f, flist, fbuf, len, flags);
pop_local_filters(save_filters);
}
p = fbuf + len;
- if (len != 1 || *fbuf != '/')
+ if (len == 1 && *fbuf == '/')
+ remainder = MAXPATHLEN - 1;
+ else if (len < MAXPATHLEN-1) {
*p++ = '/';
- *p = '\0';
- remainder = MAXPATHLEN - (p - fbuf);
+ *p = '\0';
+ remainder = MAXPATHLEN - (len + 1);
+ } else
+ remainder = 0;
for (errno = 0, di = readdir(d); di; errno = 0, di = readdir(d)) {
+ unsigned name_len;
char *dname = d_name(di);
if (dname[0] == '.' && (dname[1] == '\0'
|| (dname[1] == '.' && dname[2] == '\0')))
continue;
- if (strlcpy(p, dname, remainder) >= remainder) {
+ name_len = strlcpy(p, dname, remainder);
+ if (name_len >= remainder) {
+ char save = fbuf[len];
+ fbuf[len] = '\0';
io_error |= IOERR_GENERAL;
rprintf(FERROR_XFER,
- "cannot send long-named file %s\n",
- full_fname(fbuf));
+ "filename overflows max-path len by %u: %s/%s\n",
+ name_len - remainder + 1, fbuf, dname);
+ fbuf[len] = save;
continue;
}
if (dname[0] == '\0') {
filter_list = save_filter_list;
}
+static NORETURN void fatal_unsafe_io_error(void)
+{
+ /* This (sadly) can only happen when pushing data because
+ * the sender does not know about what kind of delete
+ * is in effect on the receiving side when pulling. */
+ rprintf(FERROR_XFER, "FATAL I/O ERROR: dying to avoid a --delete-%s issue with a pre-3.0.7 receiver.\n",
+ delete_during == 2 ? "delay" : "during");
+ exit_cleanup(RERR_UNSUPPORTED);
+}
+
static void send1extra(int f, struct file_struct *file, struct file_list *flist)
{
char fbuf[MAXPATHLEN];
if (name_type != NORMAL_NAME) {
STRUCT_STAT st;
- if (link_stat(fbuf, &st, 1) != 0) {
+ if (name_type == MISSING_NAME)
+ memset(&st, 0, sizeof st);
+ else if (link_stat(fbuf, &st, 1) != 0) {
interpret_stat_error(fbuf, True);
continue;
}
dp = F_DIR_NODE_P(file);
}
- if (protocol_version < 31 || io_error == save_io_error || ignore_errors)
+ if (io_error == save_io_error || ignore_errors)
write_byte(f, 0);
- else {
+ else if (use_safe_inc_flist) {
write_shortint(f, XMIT_EXTENDED_FLAGS|XMIT_IO_ERROR_ENDLIST);
write_varint(f, io_error);
+ } else {
+ if (delete_during)
+ fatal_unsafe_io_error();
+ write_byte(f, 0);
}
if (need_unsorted_flist) {
struct timeval start_tv, end_tv;
int64 start_write;
int use_ff_fd = 0;
- int disable_buffering;
+ int disable_buffering, reenable_multiplex = -1;
int flags = recurse ? FLAG_CONTENT_DIR : 0;
int reading_remotely = filesfrom_host != NULL;
int rl_flags = (reading_remotely ? 0 : RL_DUMP_COMMENTS)
full_fname(argv[0]));
exit_cleanup(RERR_FILESELECT);
}
- if (protocol_version == 30) {
- /* Older protocols send the files-from data w/o packaging it in
- * multiplexed I/O packets, but protocol 30 messed up and did
- * this after starting multiplexing. We'll temporarily switch
+ if (protocol_version < 31) {
+ /* Older protocols send the files-from data w/o packaging
+ * it in multiplexed I/O packets, so temporarily switch
* to buffered I/O to match this behavior. */
- io_end_multiplex_in(MPLX_TO_BUFFERED);
+ reenable_multiplex = io_end_multiplex_in(MPLX_TO_BUFFERED);
}
use_ff_fd = 1;
}
fn = fbuf;
/* A leading ./ can be used in relative mode to affect
* the dest dir without its name being in the path. */
- if (*fn == '.' && fn[1] == '/' && !implied_dot_dir) {
- send_file_name(f, flist, ".", NULL,
- (flags | FLAG_IMPLIED_DIR) & ~FLAG_CONTENT_DIR,
- ALL_FILTERS);
- implied_dot_dir = 1;
- }
+ if (*fn == '.' && fn[1] == '/' && fn[2] && !implied_dot_dir)
+ implied_dot_dir = -1;
len = clean_fname(fn, CFN_KEEP_TRAILING_SLASH
| CFN_DROP_TRAILING_DOT_DIR);
if (len == 1) {
dirlen = dir ? strlen(dir) : 0;
if (dirlen != lastdir_len || memcmp(lastdir, dir, dirlen) != 0) {
if (!change_pathname(NULL, dir, -dirlen))
- continue;
+ goto bad_path;
lastdir = pathname;
lastdir_len = pathname_len;
- } else if (!change_pathname(NULL, lastdir, lastdir_len))
+ } else if (!change_pathname(NULL, lastdir, lastdir_len)) {
+ bad_path:
+ if (implied_dot_dir < 0)
+ implied_dot_dir = 0;
continue;
+ }
+
+ if (implied_dot_dir < 0) {
+ implied_dot_dir = 1;
+ send_file_name(f, flist, ".", NULL, (flags | FLAG_IMPLIED_DIR) & ~FLAG_CONTENT_DIR, ALL_FILTERS);
+ }
if (fn != fbuf)
memmove(fbuf, fn, len + 1);
p = fn;
} else
fn = p;
- send_implied_dirs(f, flist, fbuf, fbuf, p, flags, name_type);
+ send_implied_dirs(f, flist, fbuf, fbuf, p, flags,
+ IS_MISSING_FILE(st) ? MISSING_NAME : name_type);
if (fn == p)
continue;
}
send_file_name(f, flist, fbuf, &st, flags, NO_FILTERS);
}
- if (use_ff_fd && protocol_version == 30)
- io_start_multiplex_in(sock_f_in);
+ if (reenable_multiplex >= 0)
+ io_start_multiplex_in(reenable_multiplex);
gettimeofday(&end_tv, NULL);
stats.flist_buildtime = (int64)(end_tv.tv_sec - start_tv.tv_sec) * 1000
start_tv = end_tv;
/* Indicate end of file list */
- if (protocol_version < 31 || io_error == 0 || ignore_errors)
+ if (io_error == 0 || ignore_errors)
write_byte(f, 0);
- else {
+ else if (use_safe_inc_flist) {
write_shortint(f, XMIT_EXTENDED_FLAGS|XMIT_IO_ERROR_ENDLIST);
write_varint(f, io_error);
+ } else {
+ if (delete_during && inc_recurse)
+ fatal_unsafe_io_error();
+ write_byte(f, 0);
}
#ifdef SUPPORT_HARD_LINKS
flist->sorted = flist->files;
flist_sort_and_clean(flist, 0);
file_total += flist->used;
+ file_old_total += flist->used;
if (numeric_ids <= 0 && !inc_recurse)
send_id_list(f);
/* send the io_error flag */
if (protocol_version < 30)
write_int(f, ignore_errors ? 0 : io_error);
- else if (io_error && protocol_version == 30 && !ignore_errors)
+ else if (!use_safe_inc_flist && io_error && !ignore_errors)
send_msg_int(MSG_IO_ERROR, io_error);
if (disable_buffering)
return flist;
}
-struct file_list *recv_file_list(int f)
+struct file_list *recv_file_list(int f, int dir_ndx)
{
+ const char *good_dirname = NULL;
struct file_list *flist;
int dstart, flags;
int64 start_read;
if (flags == (XMIT_EXTENDED_FLAGS|XMIT_IO_ERROR_ENDLIST)) {
int err;
- if (protocol_version < 31) {
+ if (!use_safe_inc_flist) {
rprintf(FERROR, "Invalid flist flag: %x\n", flags);
exit_cleanup(RERR_PROTOCOL);
}
flist_expand(flist, 1);
file = recv_file_entry(f, flist, flags);
+ if (inc_recurse) {
+ static const char empty_dir[] = "\0";
+ const char *cur_dir = file->dirname ? file->dirname : empty_dir;
+ if (relative_paths && *cur_dir == '/')
+ cur_dir++;
+ if (cur_dir != good_dirname) {
+ const char *d = dir_ndx >= 0 ? f_name(dir_flist->files[dir_ndx], NULL) : empty_dir;
+ if (strcmp(cur_dir, d) != 0) {
+ rprintf(FERROR,
+ "ABORTING due to invalid path from sender: %s/%s\n",
+ cur_dir, file->basename);
+ exit_cleanup(RERR_PROTOCOL);
+ }
+ good_dirname = cur_dir;
+ }
+ }
+
if (S_ISREG(file->mode)) {
/* Already counted */
} else if (S_ISDIR(file->mode)) {
rprintf(FINFO, "[%s] flist_eof=1\n", who_am_i());
}
+ /* The --relative option sends paths with a leading slash, so we need
+ * to specify the strip_root option here. We rejected leading slashes
+ * for a non-relative transfer in recv_file_entry(). */
flist_sort_and_clean(flist, relative_paths);
if (protocol_version < 30) {
rprintf(FINFO, "[%s] receiving flist for dir %d\n",
who_am_i(), ndx);
}
- flist = recv_file_list(f);
+ flist = recv_file_list(f, ndx);
flist->parent_ndx = ndx;
}
}
return -1;
}
+/* Search for a name in the file list. You must specify want_dir_match as:
+ * 1=match directories, 0=match non-directories, or -1=match either. */
+int flist_find_name(struct file_list *flist, const char *fname, int want_dir_match)
+{
+ struct { /* We have to create a temporary file_struct for the search. */
+ struct file_struct f;
+ char name_space[MAXPATHLEN];
+ } t;
+ char fbuf[MAXPATHLEN];
+ const char *slash = strrchr(fname, '/');
+ const char *basename = slash ? slash+1 : fname;
+
+ memset(&t.f, 0, FILE_STRUCT_LEN);
+ memcpy((void *)t.f.basename, basename, strlen(basename)+1);
+
+ if (slash) {
+ strlcpy(fbuf, fname, slash - fname + 1);
+ t.f.dirname = fbuf;
+ } else
+ t.f.dirname = NULL;
+
+ t.f.mode = want_dir_match > 0 ? S_IFDIR : S_IFREG;
+
+ if (want_dir_match < 0)
+ return flist_find_ignore_dirness(flist, &t.f);
+ return flist_find(flist, &t.f);
+}
+
/* Search for an identically-named item in the file list. Differs from
* flist_find in that an item that agrees with "f" in directory-ness is
* preferred but one that does not is still found. */
* of the dirname string, and also indicates that "dirname" is a MAXPATHLEN
* buffer (the functions we call will append names onto the end, but the old
* dir value will be restored on exit). */
-struct file_list *get_dirlist(char *dirname, int dlen, int ignore_filter_rules)
+struct file_list *get_dirlist(char *dirname, int dlen, int flags)
{
struct file_list *dirlist;
char dirbuf[MAXPATHLEN];
int save_recurse = recurse;
int save_xfer_dirs = xfer_dirs;
int save_prune_empty_dirs = prune_empty_dirs;
+ int senddir_fd = flags & GDL_IGNORE_FILTER_RULES ? -2 : -1;
if (dlen < 0) {
dlen = strlcpy(dirbuf, dirname, MAXPATHLEN);
recurse = 0;
xfer_dirs = 1;
- send_directory(ignore_filter_rules ? -2 : -1, dirlist, dirname, dlen, FLAG_CONTENT_DIR);
+ send_directory(senddir_fd, dirlist, dirname, dlen, FLAG_CONTENT_DIR);
xfer_dirs = save_xfer_dirs;
recurse = save_recurse;
if (INFO_GTE(PROGRESS, 1))
git.samba.org / rsync.git / blobdiff