acls.diff

   1 This patch adds backward-compatibility support for the --acls option.
   2 Since the main release has never had ACL support, the trunk doesn't
   3 need this code.  If you want to make rsync 3.0.x communicate with an
   4 older (patched) release, use this.
   5
   6 To use this patch, run these commands for a successful build:
   7
   8     patch -p1 <patches/acls.diff
   9     ./configure                         (optional if already run)
  10     make
  11
  12 based-on: 3bd9f51917ed5718275c6132006be155239a0550
  13 diff --git a/acls.c b/acls.c
  14 --- a/acls.c
  15 +++ b/acls.c
  16 @@ -31,6 +31,7 @@ extern int list_only;
  17  extern int orig_umask;
  18  extern int numeric_ids;
  19  extern int inc_recurse;
  20 +extern int protocol_version;
  21  extern int preserve_devices;
  22  extern int preserve_specials;
  23
  24 @@ -112,6 +113,18 @@ static const char *str_acl_type(SMB_ACL_TYPE_T type)
  25         return "unknown ACL type!";
  26  }
  27
  28 +#define OTHER_TYPE(t) (SMB_ACL_TYPE_ACCESS+SMB_ACL_TYPE_DEFAULT-(t))
  29 +#define BUMP_TYPE(t) ((t = OTHER_TYPE(t)) == SMB_ACL_TYPE_DEFAULT)
  30 +
  31 +static int old_count_racl_entries(const rsync_acl *racl)
  32 +{
  33 +       return racl->names.count
  34 +            + (racl->user_obj != NO_ENTRY)
  35 +            + (racl->group_obj != NO_ENTRY)
  36 +            + (racl->mask_obj != NO_ENTRY)
  37 +            + (racl->other_obj != NO_ENTRY);
  38 +}
  39 +
  40  static int calc_sacl_entries(const rsync_acl *racl)
  41  {
  42         /* A System ACL always gets user/group/other permission entries. */
  43 @@ -574,6 +587,96 @@ int get_acl(const char *fname, stat_x *sxp)
  44         return 0;
  45  }
  46
  47 +/* === OLD Send functions === */
  48 +
  49 +/* Send the ida list over the file descriptor. */
  50 +static void old_send_ida_entries(int f, const ida_entries *idal, char tag_char)
  51 +{
  52 +       id_access *ida;
  53 +       size_t count = idal->count;
  54 +       for (ida = idal->idas; count--; ida++) {
  55 +               if (tag_char == 'U') {
  56 +                       if (!(ida->access & NAME_IS_USER))
  57 +                               continue;
  58 +                       add_uid(ida->id);
  59 +               } else {
  60 +                       if (ida->access & NAME_IS_USER)
  61 +                               continue;
  62 +                       add_gid(ida->id);
  63 +               }
  64 +               write_byte(f, tag_char);
  65 +               write_byte(f, ida->access);
  66 +               write_int(f, ida->id);
  67 +       }
  68 +}
  69 +
  70 +/* Send an rsync ACL over the file descriptor. */
  71 +static void old_send_rsync_acl(int f, const rsync_acl *racl)
  72 +{
  73 +       size_t count = old_count_racl_entries(racl);
  74 +       write_int(f, count);
  75 +       if (racl->user_obj != NO_ENTRY) {
  76 +               write_byte(f, 'u');
  77 +               write_byte(f, racl->user_obj);
  78 +       }
  79 +       old_send_ida_entries(f, &racl->names, 'U');
  80 +       if (racl->group_obj != NO_ENTRY) {
  81 +               write_byte(f, 'g');
  82 +               write_byte(f, racl->group_obj);
  83 +       }
  84 +       old_send_ida_entries(f, &racl->names, 'G');
  85 +       if (racl->mask_obj != NO_ENTRY) {
  86 +               write_byte(f, 'm');
  87 +               write_byte(f, racl->mask_obj);
  88 +       }
  89 +       if (racl->other_obj != NO_ENTRY) {
  90 +               write_byte(f, 'o');
  91 +               write_byte(f, racl->other_obj);
  92 +       }
  93 +}
  94 +
  95 +/* Send the ACL from the stat_x structure down the indicated file descriptor.
  96 + * This also frees the ACL data. */
  97 +void old_send_acl(stat_x *sxp, int f)
  98 +{
  99 +       SMB_ACL_TYPE_T type;
 100 +       rsync_acl *racl, *new_racl;
 101 +       item_list *racl_list;
 102 +       int ndx;
 103 +
 104 +       type = SMB_ACL_TYPE_ACCESS;
 105 +       racl = sxp->acc_acl;
 106 +       racl_list = &access_acl_list;
 107 +       do {
 108 +               if (!racl) {
 109 +                       racl = new(rsync_acl);
 110 +                       if (!racl)
 111 +                               out_of_memory("send_acl");
 112 +                       *racl = empty_rsync_acl;
 113 +                       if (type == SMB_ACL_TYPE_ACCESS) {
 114 +                               rsync_acl_fake_perms(racl, sxp->st.st_mode);
 115 +                               sxp->acc_acl = racl;
 116 +                       } else
 117 +                               sxp->def_acl = racl;
 118 +               }
 119 +
 120 +               if ((ndx = find_matching_rsync_acl(racl, type, racl_list)) != -1) {
 121 +                       write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'a' : 'd');
 122 +                       write_int(f, ndx);
 123 +               } else {
 124 +                       new_racl = EXPAND_ITEM_LIST(racl_list, rsync_acl, 1000);
 125 +                       write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'A' : 'D');
 126 +                       old_send_rsync_acl(f, racl);
 127 +                       *new_racl = *racl;
 128 +                       *racl = empty_rsync_acl;
 129 +               }
 130 +               racl = sxp->def_acl;
 131 +               racl_list = &default_acl_list;
 132 +       } while (BUMP_TYPE(type) && S_ISDIR(sxp->st.st_mode));
 133 +
 134 +       free_acl(sxp);
 135 +}
 136 +
 137  /* === Send functions === */
 138
 139  /* Send the ida list over the file descriptor. */
 140 @@ -649,6 +752,11 @@ static void send_rsync_acl(int f, rsync_acl *racl, SMB_ACL_TYPE_T type,
 141   * This also frees the ACL data. */
 142  void send_acl(int f, stat_x *sxp)
 143  {
 144 +       if (protocol_version < 30) {
 145 +               old_send_acl(sxp, f);
 146 +               return;
 147 +       }
 148 +
 149         if (!sxp->acc_acl) {
 150                 sxp->acc_acl = create_racl();
 151                 rsync_acl_fake_perms(sxp->acc_acl, sxp->st.st_mode);
 152 @@ -666,6 +774,160 @@ void send_acl(int f, stat_x *sxp)
 153         }
 154  }
 155
 156 +/* === OLD Receive functions */
 157 +
 158 +static void old_recv_rsync_acl(rsync_acl *racl, int f)
 159 +{
 160 +       static item_list temp_ida_list = EMPTY_ITEM_LIST;
 161 +       SMB_ACL_TAG_T tag_type = 0;
 162 +       uchar computed_mask_bits = 0;
 163 +       id_access *ida;
 164 +       size_t count;
 165 +
 166 +       if (!(count = read_int(f)))
 167 +               return;
 168 +
 169 +       while (count--) {
 170 +               char tag = read_byte(f);
 171 +               uchar access = read_byte(f);
 172 +               if (access & ~ (4 | 2 | 1)) {
 173 +                       rprintf(FERROR, "old_recv_rsync_acl: bogus permset %o\n",
 174 +                               access);
 175 +                       exit_cleanup(RERR_STREAMIO);
 176 +               }
 177 +               switch (tag) {
 178 +               case 'u':
 179 +                       if (racl->user_obj != NO_ENTRY) {
 180 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate USER_OBJ entry\n");
 181 +                               exit_cleanup(RERR_STREAMIO);
 182 +                       }
 183 +                       racl->user_obj = access;
 184 +                       continue;
 185 +               case 'U':
 186 +                       tag_type = SMB_ACL_USER;
 187 +                       break;
 188 +               case 'g':
 189 +                       if (racl->group_obj != NO_ENTRY) {
 190 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate GROUP_OBJ entry\n");
 191 +                               exit_cleanup(RERR_STREAMIO);
 192 +                       }
 193 +                       racl->group_obj = access;
 194 +                       continue;
 195 +               case 'G':
 196 +                       tag_type = SMB_ACL_GROUP;
 197 +                       break;
 198 +               case 'm':
 199 +                       if (racl->mask_obj != NO_ENTRY) {
 200 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate MASK entry\n");
 201 +                               exit_cleanup(RERR_STREAMIO);
 202 +                       }
 203 +                       racl->mask_obj = access;
 204 +                       continue;
 205 +               case 'o':
 206 +                       if (racl->other_obj != NO_ENTRY) {
 207 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate OTHER entry\n");
 208 +                               exit_cleanup(RERR_STREAMIO);
 209 +                       }
 210 +                       racl->other_obj = access;
 211 +                       continue;
 212 +               default:
 213 +                       rprintf(FERROR, "old_recv_rsync_acl: unknown tag %c\n",
 214 +                               tag);
 215 +                       exit_cleanup(RERR_STREAMIO);
 216 +               }
 217 +               ida = EXPAND_ITEM_LIST(&temp_ida_list, id_access, -10);
 218 +               ida->access = access | (tag_type == SMB_ACL_USER ? NAME_IS_USER : 0);
 219 +               ida->id = read_int(f);
 220 +               computed_mask_bits |= access;
 221 +       }
 222 +
 223 +       /* Transfer the count id_access items out of the temp_ida_list
 224 +        * into the names ida_entries list in racl. */
 225 +       if (temp_ida_list.count) {
 226 +#ifdef SMB_ACL_NEED_SORT
 227 +               if (temp_ida_list.count > 1) {
 228 +                       qsort(temp_ida_list.items, temp_ida_list.count,
 229 +                             sizeof (id_access), id_access_sorter);
 230 +               }
 231 +#endif
 232 +               if (!(racl->names.idas = new_array(id_access, temp_ida_list.count)))
 233 +                       out_of_memory("unpack_smb_acl");
 234 +               memcpy(racl->names.idas, temp_ida_list.items,
 235 +                      temp_ida_list.count * sizeof (id_access));
 236 +       } else
 237 +               racl->names.idas = NULL;
 238 +
 239 +       racl->names.count = temp_ida_list.count;
 240 +
 241 +       /* Truncate the temporary list now that its idas have been saved. */
 242 +       temp_ida_list.count = 0;
 243 +
 244 +       if (!racl->names.count) {
 245 +               /* If we received a superfluous mask, throw it away. */
 246 +               if (racl->mask_obj != NO_ENTRY) {
 247 +                       /* Mask off the group perms with it first. */
 248 +                       racl->group_obj &= racl->mask_obj | NO_ENTRY;
 249 +                       racl->mask_obj = NO_ENTRY;
 250 +               }
 251 +       } else if (racl->mask_obj == NO_ENTRY) /* Must be non-empty with lists. */
 252 +               racl->mask_obj = (computed_mask_bits | racl->group_obj) & 7;
 253 +}
 254 +
 255 +/* Receive the ACL info the sender has included for this file-list entry. */
 256 +void old_recv_acl(struct file_struct *file, int f)
 257 +{
 258 +       SMB_ACL_TYPE_T type;
 259 +       item_list *racl_list;
 260 +
 261 +       if (S_ISLNK(file->mode))
 262 +               return;
 263 +
 264 +       type = SMB_ACL_TYPE_ACCESS;
 265 +       racl_list = &access_acl_list;
 266 +       do {
 267 +               char tag = read_byte(f);
 268 +               int ndx;
 269 +
 270 +               if (tag == 'A' || tag == 'a') {
 271 +                       if (type != SMB_ACL_TYPE_ACCESS) {
 272 +                               rprintf(FERROR, "receive_acl %s: duplicate access ACL\n",
 273 +                                       f_name(file, NULL));
 274 +                               exit_cleanup(RERR_STREAMIO);
 275 +                       }
 276 +               } else if (tag == 'D' || tag == 'd') {
 277 +                       if (type == SMB_ACL_TYPE_ACCESS) {
 278 +                               rprintf(FERROR, "receive_acl %s: expecting access ACL; got default\n",
 279 +                                       f_name(file, NULL));
 280 +                               exit_cleanup(RERR_STREAMIO);
 281 +                       }
 282 +               } else {
 283 +                       rprintf(FERROR, "receive_acl %s: unknown ACL type tag: %c\n",
 284 +                               f_name(file, NULL), tag);
 285 +                       exit_cleanup(RERR_STREAMIO);
 286 +               }
 287 +               if (tag == 'A' || tag == 'D') {
 288 +                       acl_duo *duo_item;
 289 +                       ndx = racl_list->count;
 290 +                       duo_item = EXPAND_ITEM_LIST(racl_list, acl_duo, 1000);
 291 +                       duo_item->racl = empty_rsync_acl;
 292 +                       old_recv_rsync_acl(&duo_item->racl, f);
 293 +                       duo_item->sacl = NULL;
 294 +               } else {
 295 +                       ndx = read_int(f);
 296 +                       if (ndx < 0 || (size_t)ndx >= racl_list->count) {
 297 +                               rprintf(FERROR, "receive_acl %s: %s ACL index %d out of range\n",
 298 +                                       f_name(file, NULL), str_acl_type(type), ndx);
 299 +                               exit_cleanup(RERR_STREAMIO);
 300 +                       }
 301 +               }
 302 +               if (type == SMB_ACL_TYPE_ACCESS)
 303 +                       F_ACL(file) = ndx;
 304 +               else
 305 +                       F_DIR_DEFACL(file) = ndx;
 306 +               racl_list = &default_acl_list;
 307 +       } while (BUMP_TYPE(type) && S_ISDIR(file->mode));
 308 +}
 309 +
 310  /* === Receive functions === */
 311
 312  static uint32 recv_acl_access(int f, uchar *name_follows_ptr)
 313 @@ -787,6 +1049,11 @@ static int recv_rsync_acl(int f, item_list *racl_list, SMB_ACL_TYPE_T type, mode
 314  /* Receive the ACL info the sender has included for this file-list entry. */
 315  void receive_acl(int f, struct file_struct *file)
 316  {
 317 +       if (protocol_version < 30) {
 318 +               old_recv_acl(file, f);
 319 +               return;
 320 +       }
 321 +
 322         F_ACL(file) = recv_rsync_acl(f, &access_acl_list, SMB_ACL_TYPE_ACCESS, file->mode);
 323
 324         if (S_ISDIR(file->mode))
 325 diff --git a/compat.c b/compat.c
 326 --- a/compat.c
 327 +++ b/compat.c
 328 @@ -192,13 +192,6 @@ void setup_protocol(int f_out,int f_in)
 329         if (protocol_version < 30) {
 330                 if (append_mode == 1)
 331                         append_mode = 2;
 332 -               if (preserve_acls && !local_server) {
 333 -                       rprintf(FERROR,
 334 -                           "--acls requires protocol 30 or higher"
 335 -                           " (negotiated %d).\n",
 336 -                           protocol_version);
 337 -                       exit_cleanup(RERR_PROTOCOL);
 338 -               }
 339                 if (preserve_xattrs && !local_server) {
 340                         rprintf(FERROR,
 341                             "--xattrs requires protocol 30 or higher"