41ecca24c3f4009b84b2119befbe7945d15f8776
[rsync-patches.git] / acls.diff
1 This patch adds backward-compatibility support for the --acls option.
2 Since the main release has never had ACL support, the trunk doesn't
3 need this code.  If you want to make rsync 3.0.x communicate with an
4 older (patched) release, use this.
5
6 To use this patch, run these commands for a successful build:
7
8     patch -p1 <patches/acls.diff
9     ./configure                         (optional if already run)
10     make
11
12 --- old/acls.c
13 +++ new/acls.c
14 @@ -31,6 +31,7 @@ extern int list_only;
15  extern int orig_umask;
16  extern int numeric_ids;
17  extern int inc_recurse;
18 +extern int protocol_version;
19  
20  /* Flags used to indicate what items are being transmitted for an entry. */
21  #define XMIT_USER_OBJ (1<<0)
22 @@ -97,6 +98,18 @@ static const char *str_acl_type(SMB_ACL_
23              : "unknown SMB_ACL_TYPE_T";
24  }
25  
26 +#define OTHER_TYPE(t) (SMB_ACL_TYPE_ACCESS+SMB_ACL_TYPE_DEFAULT-(t))
27 +#define BUMP_TYPE(t) ((t = OTHER_TYPE(t)) == SMB_ACL_TYPE_DEFAULT)
28 +
29 +static int old_count_racl_entries(const rsync_acl *racl)
30 +{
31 +       return racl->names.count
32 +            + (racl->user_obj != NO_ENTRY)
33 +            + (racl->group_obj != NO_ENTRY)
34 +            + (racl->mask_obj != NO_ENTRY)
35 +            + (racl->other_obj != NO_ENTRY);
36 +}
37 +
38  static int calc_sacl_entries(const rsync_acl *racl)
39  {
40         /* A System ACL always gets user/group/other permission entries. */
41 @@ -545,6 +558,96 @@ int get_acl(const char *fname, stat_x *s
42         return 0;
43  }
44  
45 +/* === OLD Send functions === */
46 +
47 +/* Send the ida list over the file descriptor. */
48 +static void old_send_ida_entries(int f, const ida_entries *idal, char tag_char)
49 +{
50 +       id_access *ida;
51 +       size_t count = idal->count;
52 +       for (ida = idal->idas; count--; ida++) {
53 +               if (tag_char == 'U') {
54 +                       if (!(ida->access & NAME_IS_USER))
55 +                               continue;
56 +                       add_uid(ida->id);
57 +               } else {
58 +                       if (ida->access & NAME_IS_USER)
59 +                               continue;
60 +                       add_gid(ida->id);
61 +               }
62 +               write_byte(f, tag_char);
63 +               write_byte(f, ida->access);
64 +               write_int(f, ida->id);
65 +       }
66 +}
67 +
68 +/* Send an rsync ACL over the file descriptor. */
69 +static void old_send_rsync_acl(int f, const rsync_acl *racl)
70 +{
71 +       size_t count = old_count_racl_entries(racl);
72 +       write_int(f, count);
73 +       if (racl->user_obj != NO_ENTRY) {
74 +               write_byte(f, 'u');
75 +               write_byte(f, racl->user_obj);
76 +       }
77 +       old_send_ida_entries(f, &racl->names, 'U');
78 +       if (racl->group_obj != NO_ENTRY) {
79 +               write_byte(f, 'g');
80 +               write_byte(f, racl->group_obj);
81 +       }
82 +       old_send_ida_entries(f, &racl->names, 'G');
83 +       if (racl->mask_obj != NO_ENTRY) {
84 +               write_byte(f, 'm');
85 +               write_byte(f, racl->mask_obj);
86 +       }
87 +       if (racl->other_obj != NO_ENTRY) {
88 +               write_byte(f, 'o');
89 +               write_byte(f, racl->other_obj);
90 +       }
91 +}
92 +
93 +/* Send the ACL from the stat_x structure down the indicated file descriptor.
94 + * This also frees the ACL data. */
95 +void old_send_acl(stat_x *sxp, int f)
96 +{
97 +       SMB_ACL_TYPE_T type;
98 +       rsync_acl *racl, *new_racl;
99 +       item_list *racl_list;
100 +       int ndx;
101 +
102 +       type = SMB_ACL_TYPE_ACCESS;
103 +       racl = sxp->acc_acl;
104 +       racl_list = &access_acl_list;
105 +       do {
106 +               if (!racl) {
107 +                       racl = new(rsync_acl);
108 +                       if (!racl)
109 +                               out_of_memory("send_acl");
110 +                       *racl = empty_rsync_acl;
111 +                       if (type == SMB_ACL_TYPE_ACCESS) {
112 +                               rsync_acl_fake_perms(racl, sxp->st.st_mode);
113 +                               sxp->acc_acl = racl;
114 +                       } else
115 +                               sxp->def_acl = racl;
116 +               }
117 +
118 +               if ((ndx = find_matching_rsync_acl(racl, type, racl_list)) != -1) {
119 +                       write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'a' : 'd');
120 +                       write_int(f, ndx);
121 +               } else {
122 +                       new_racl = EXPAND_ITEM_LIST(racl_list, rsync_acl, 1000);
123 +                       write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'A' : 'D');
124 +                       old_send_rsync_acl(f, racl);
125 +                       *new_racl = *racl;
126 +                       *racl = empty_rsync_acl;
127 +               }
128 +               racl = sxp->def_acl;
129 +               racl_list = &default_acl_list;
130 +       } while (BUMP_TYPE(type) && S_ISDIR(sxp->st.st_mode));
131 +
132 +       free_acl(sxp);
133 +}
134 +
135  /* === Send functions === */
136  
137  /* Send the ida list over the file descriptor. */
138 @@ -620,6 +723,11 @@ static void send_rsync_acl(rsync_acl *ra
139   * This also frees the ACL data. */
140  void send_acl(stat_x *sxp, int f)
141  {
142 +       if (protocol_version < 30) {
143 +               old_send_acl(sxp, f);
144 +               return;
145 +       }
146 +
147         if (!sxp->acc_acl) {
148                 sxp->acc_acl = create_racl();
149                 rsync_acl_fake_perms(sxp->acc_acl, sxp->st.st_mode);
150 @@ -637,6 +745,160 @@ void send_acl(stat_x *sxp, int f)
151         }
152  }
153  
154 +/* === OLD Receive functions */
155 +
156 +static void old_recv_rsync_acl(rsync_acl *racl, int f)
157 +{
158 +       static item_list temp_ida_list = EMPTY_ITEM_LIST;
159 +       SMB_ACL_TAG_T tag_type = 0;
160 +       uchar computed_mask_bits = 0;
161 +       id_access *ida;
162 +       size_t count;
163 +
164 +       if (!(count = read_int(f)))
165 +               return;
166 +
167 +       while (count--) {
168 +               char tag = read_byte(f);
169 +               uchar access = read_byte(f);
170 +               if (access & ~ (4 | 2 | 1)) {
171 +                       rprintf(FERROR, "old_recv_rsync_acl: bogus permset %o\n",
172 +                               access);
173 +                       exit_cleanup(RERR_STREAMIO);
174 +               }
175 +               switch (tag) {
176 +               case 'u':
177 +                       if (racl->user_obj != NO_ENTRY) {
178 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate USER_OBJ entry\n");
179 +                               exit_cleanup(RERR_STREAMIO);
180 +                       }
181 +                       racl->user_obj = access;
182 +                       continue;
183 +               case 'U':
184 +                       tag_type = SMB_ACL_USER;
185 +                       break;
186 +               case 'g':
187 +                       if (racl->group_obj != NO_ENTRY) {
188 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate GROUP_OBJ entry\n");
189 +                               exit_cleanup(RERR_STREAMIO);
190 +                       }
191 +                       racl->group_obj = access;
192 +                       continue;
193 +               case 'G':
194 +                       tag_type = SMB_ACL_GROUP;
195 +                       break;
196 +               case 'm':
197 +                       if (racl->mask_obj != NO_ENTRY) {
198 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate MASK entry\n");
199 +                               exit_cleanup(RERR_STREAMIO);
200 +                       }
201 +                       racl->mask_obj = access;
202 +                       continue;
203 +               case 'o':
204 +                       if (racl->other_obj != NO_ENTRY) {
205 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate OTHER entry\n");
206 +                               exit_cleanup(RERR_STREAMIO);
207 +                       }
208 +                       racl->other_obj = access;
209 +                       continue;
210 +               default:
211 +                       rprintf(FERROR, "old_recv_rsync_acl: unknown tag %c\n",
212 +                               tag);
213 +                       exit_cleanup(RERR_STREAMIO);
214 +               }
215 +               ida = EXPAND_ITEM_LIST(&temp_ida_list, id_access, -10);
216 +               ida->access = access | (tag_type == SMB_ACL_USER ? NAME_IS_USER : 0);
217 +               ida->id = read_int(f);
218 +               computed_mask_bits |= access;
219 +       }
220 +
221 +       /* Transfer the count id_access items out of the temp_ida_list
222 +        * into the names ida_entries list in racl. */
223 +       if (temp_ida_list.count) {
224 +#ifdef SMB_ACL_NEED_SORT
225 +               if (temp_ida_list.count > 1) {
226 +                       qsort(temp_ida_list.items, temp_ida_list.count,
227 +                             sizeof (id_access), id_access_sorter);
228 +               }
229 +#endif
230 +               if (!(racl->names.idas = new_array(id_access, temp_ida_list.count)))
231 +                       out_of_memory("unpack_smb_acl");
232 +               memcpy(racl->names.idas, temp_ida_list.items,
233 +                      temp_ida_list.count * sizeof (id_access));
234 +       } else
235 +               racl->names.idas = NULL;
236 +
237 +       racl->names.count = temp_ida_list.count;
238 +
239 +       /* Truncate the temporary list now that its idas have been saved. */
240 +       temp_ida_list.count = 0;
241 +
242 +       if (!racl->names.count) {
243 +               /* If we received a superfluous mask, throw it away. */
244 +               if (racl->mask_obj != NO_ENTRY) {
245 +                       /* Mask off the group perms with it first. */
246 +                       racl->group_obj &= racl->mask_obj | NO_ENTRY;
247 +                       racl->mask_obj = NO_ENTRY;
248 +               }
249 +       } else if (racl->mask_obj == NO_ENTRY) /* Must be non-empty with lists. */
250 +               racl->mask_obj = (computed_mask_bits | racl->group_obj) & 7;
251 +}
252 +
253 +/* Receive the ACL info the sender has included for this file-list entry. */
254 +void old_recv_acl(struct file_struct *file, int f)
255 +{
256 +       SMB_ACL_TYPE_T type;
257 +       item_list *racl_list;
258 +
259 +       if (S_ISLNK(file->mode))
260 +               return;
261 +
262 +       type = SMB_ACL_TYPE_ACCESS;
263 +       racl_list = &access_acl_list;
264 +       do {
265 +               char tag = read_byte(f);
266 +               int ndx;
267 +
268 +               if (tag == 'A' || tag == 'a') {
269 +                       if (type != SMB_ACL_TYPE_ACCESS) {
270 +                               rprintf(FERROR, "receive_acl %s: duplicate access ACL\n",
271 +                                       f_name(file, NULL));
272 +                               exit_cleanup(RERR_STREAMIO);
273 +                       }
274 +               } else if (tag == 'D' || tag == 'd') {
275 +                       if (type == SMB_ACL_TYPE_ACCESS) {
276 +                               rprintf(FERROR, "receive_acl %s: expecting access ACL; got default\n",
277 +                                       f_name(file, NULL));
278 +                               exit_cleanup(RERR_STREAMIO);
279 +                       }
280 +               } else {
281 +                       rprintf(FERROR, "receive_acl %s: unknown ACL type tag: %c\n",
282 +                               f_name(file, NULL), tag);
283 +                       exit_cleanup(RERR_STREAMIO);
284 +               }
285 +               if (tag == 'A' || tag == 'D') {
286 +                       acl_duo *duo_item;
287 +                       ndx = racl_list->count;
288 +                       duo_item = EXPAND_ITEM_LIST(racl_list, acl_duo, 1000);
289 +                       duo_item->racl = empty_rsync_acl;
290 +                       old_recv_rsync_acl(&duo_item->racl, f);
291 +                       duo_item->sacl = NULL;
292 +               } else {
293 +                       ndx = read_int(f);
294 +                       if (ndx < 0 || (size_t)ndx >= racl_list->count) {
295 +                               rprintf(FERROR, "receive_acl %s: %s ACL index %d out of range\n",
296 +                                       f_name(file, NULL), str_acl_type(type), ndx);
297 +                               exit_cleanup(RERR_STREAMIO);
298 +                       }
299 +               }
300 +               if (type == SMB_ACL_TYPE_ACCESS)
301 +                       F_ACL(file) = ndx;
302 +               else
303 +                       F_DIR_DEFACL(file) = ndx;
304 +               racl_list = &default_acl_list;
305 +       } while (BUMP_TYPE(type) && S_ISDIR(file->mode));
306 +}
307 +
308  /* === Receive functions === */
309  
310  static uint32 recv_acl_access(uchar *name_follows_ptr, int f)
311 @@ -759,6 +1021,11 @@ static int recv_rsync_acl(item_list *rac
312  /* Receive the ACL info the sender has included for this file-list entry. */
313  void receive_acl(struct file_struct *file, int f)
314  {
315 +       if (protocol_version < 30) {
316 +               old_recv_acl(file, f);
317 +               return;
318 +       }
319 +
320         F_ACL(file) = recv_rsync_acl(&access_acl_list, SMB_ACL_TYPE_ACCESS, f);
321  
322         if (S_ISDIR(file->mode))
323 --- old/compat.c
324 +++ new/compat.c
325 @@ -160,13 +160,6 @@ void setup_protocol(int f_out,int f_in)
326         if (protocol_version < 30) {
327                 if (append_mode == 1)
328                         append_mode = 2;
329 -               if (preserve_acls && !local_server) {
330 -                       rprintf(FERROR,
331 -                           "--acls requires protocol 30 or higher"
332 -                           " (negotiated %d).\n",
333 -                           protocol_version);
334 -                       exit_cleanup(RERR_PROTOCOL);
335 -               }
336                 if (preserve_xattrs && !local_server) {
337                         rprintf(FERROR,
338                             "--xattrs requires protocol 30 or higher"