git.samba.org / rsync-patches.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
This patch will make rsync 3.0.x able to exchange ACLs with an older
[rsync-patches.git] / acls.diff
1 This patch adds backward-compatibility support for the --acls option.
2 Since the main release has never had ACL support, the trunk doesn't
3 need this code.  If you want to make rsync 3.0.x communicate with an
4 older (patched) release, use this.
5
6 To use this patch, run these commands for a successful build:
7
8     patch -p1 <patches/acls.diff
9     ./configure                         (optional if already run)
10     make
11
12 --- old/acls.c
13 +++ new/acls.c
14 @@ -90,6 +90,18 @@ static const char *str_acl_type(SMB_ACL_
15              : "unknown SMB_ACL_TYPE_T";
16  }
17  
18 +#define OTHER_TYPE(t) (SMB_ACL_TYPE_ACCESS+SMB_ACL_TYPE_DEFAULT-(t))
19 +#define BUMP_TYPE(t) ((t = OTHER_TYPE(t)) == SMB_ACL_TYPE_DEFAULT)
20 +
21 +static int old_count_racl_entries(const rsync_acl *racl)
22 +{
23 +       return racl->users.count + racl->groups.count
24 +            + (racl->user_obj != NO_ENTRY)
25 +            + (racl->group_obj != NO_ENTRY)
26 +            + (racl->mask_obj != NO_ENTRY)
27 +            + (racl->other_obj != NO_ENTRY);
28 +}
29 +
30  static int calc_sacl_entries(const rsync_acl *racl)
31  {
32         /* A System ACL always gets user/group/other permission entries. */
33 @@ -545,6 +557,91 @@ int get_acl(const char *fname, statx *sx
34         return 0;
35  }
36  
37 +/* === OLD Send functions === */
38 +
39 +/* Send the ida list over the file descriptor. */
40 +static void old_send_ida_entries(int f, const ida_entries *idal, char tag_char)
41 +{
42 +       id_access *ida;
43 +       size_t count = idal->count;
44 +       for (ida = idal->idas; count--; ida++) {
45 +               write_byte(f, tag_char);
46 +               write_byte(f, ida->access);
47 +               write_int(f, ida->id);
48 +               if (tag_char == 'U')
49 +                       add_uid(ida->id);
50 +               else
51 +                       add_gid(ida->id);
52 +       }
53 +}
54 +
55 +/* Send an rsync ACL over the file descriptor. */
56 +static void old_send_rsync_acl(int f, const rsync_acl *racl)
57 +{
58 +       size_t count = old_count_racl_entries(racl);
59 +       write_int(f, count);
60 +       if (racl->user_obj != NO_ENTRY) {
61 +               write_byte(f, 'u');
62 +               write_byte(f, racl->user_obj);
63 +       }
64 +       old_send_ida_entries(f, &racl->users, 'U');
65 +       if (racl->group_obj != NO_ENTRY) {
66 +               write_byte(f, 'g');
67 +               write_byte(f, racl->group_obj);
68 +       }
69 +       old_send_ida_entries(f, &racl->groups, 'G');
70 +       if (racl->mask_obj != NO_ENTRY) {
71 +               write_byte(f, 'm');
72 +               write_byte(f, racl->mask_obj);
73 +       }
74 +       if (racl->other_obj != NO_ENTRY) {
75 +               write_byte(f, 'o');
76 +               write_byte(f, racl->other_obj);
77 +       }
78 +}
79 +
80 +/* Send the ACL from the statx structure down the indicated file descriptor.
81 + * This also frees the ACL data. */
82 +void old_send_acl(statx *sxp, int f)
83 +{
84 +       SMB_ACL_TYPE_T type;
85 +       rsync_acl *racl, *new_racl;
86 +       item_list *racl_list;
87 +       int ndx;
88 +
89 +       type = SMB_ACL_TYPE_ACCESS;
90 +       racl = sxp->acc_acl;
91 +       racl_list = &access_acl_list;
92 +       do {
93 +               if (!racl) {
94 +                       racl = new(rsync_acl);
95 +                       if (!racl)
96 +                               out_of_memory("send_acl");
97 +                       *racl = empty_rsync_acl;
98 +                       if (type == SMB_ACL_TYPE_ACCESS) {
99 +                               rsync_acl_fake_perms(racl, sxp->st.st_mode);
100 +                               sxp->acc_acl = racl;
101 +                       } else
102 +                               sxp->def_acl = racl;
103 +               }
104 +
105 +               if ((ndx = find_matching_rsync_acl(racl, type, racl_list)) != -1) {
106 +                       write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'a' : 'd');
107 +                       write_int(f, ndx);
108 +               } else {
109 +                       new_racl = EXPAND_ITEM_LIST(racl_list, rsync_acl, 1000);
110 +                       write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'A' : 'D');
111 +                       old_send_rsync_acl(f, racl);
112 +                       *new_racl = *racl;
113 +                       *racl = empty_rsync_acl;
114 +               }
115 +               racl = sxp->def_acl;
116 +               racl_list = &default_acl_list;
117 +       } while (BUMP_TYPE(type) && S_ISDIR(sxp->st.st_mode));
118 +
119 +       free_acl(sxp);
120 +}
121 +
122  /* === Send functions === */
123  
124  /* The general strategy with the tag_type <-> character mapping is that
125 @@ -631,6 +728,10 @@ static void send_rsync_acl(rsync_acl *ra
126   * This also frees the ACL data. */
127  void send_acl(statx *sxp, int f)
128  {
129 +       if (protocol_version < 30) {
130 +               old_send_acl(sxp, f);
131 +               return;
132 +       }
133  
134         if (!sxp->acc_acl) {
135                 sxp->acc_acl = create_racl();
136 @@ -649,6 +750,146 @@ void send_acl(statx *sxp, int f)
137         }
138  }
139  
140 +/* === OLD Receive functions */
141 +
142 +static void old_recv_rsync_acl(rsync_acl *racl, int f)
143 +{
144 +       static item_list temp_ida_list = EMPTY_ITEM_LIST;
145 +       SMB_ACL_TAG_T tag_type = 0, prior_list_type = 0;
146 +       uchar computed_mask_bits = 0;
147 +       id_access *ida;
148 +       size_t count;
149 +
150 +       if (!(count = read_int(f)))
151 +               return;
152 +
153 +       while (count--) {
154 +               char tag = read_byte(f);
155 +               uchar access = read_byte(f);
156 +               if (access & ~ (4 | 2 | 1)) {
157 +                       rprintf(FERROR, "old_recv_rsync_acl: bogus permset %o\n",
158 +                               access);
159 +                       exit_cleanup(RERR_STREAMIO);
160 +               }
161 +               switch (tag) {
162 +               case 'u':
163 +                       if (racl->user_obj != NO_ENTRY) {
164 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate USER_OBJ entry\n");
165 +                               exit_cleanup(RERR_STREAMIO);
166 +                       }
167 +                       racl->user_obj = access;
168 +                       continue;
169 +               case 'U':
170 +                       tag_type = SMB_ACL_USER;
171 +                       break;
172 +               case 'g':
173 +                       if (racl->group_obj != NO_ENTRY) {
174 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate GROUP_OBJ entry\n");
175 +                               exit_cleanup(RERR_STREAMIO);
176 +                       }
177 +                       racl->group_obj = access;
178 +                       continue;
179 +               case 'G':
180 +                       tag_type = SMB_ACL_GROUP;
181 +                       break;
182 +               case 'm':
183 +                       if (racl->mask_obj != NO_ENTRY) {
184 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate MASK entry\n");
185 +                               exit_cleanup(RERR_STREAMIO);
186 +                       }
187 +                       racl->mask_obj = access;
188 +                       continue;
189 +               case 'o':
190 +                       if (racl->other_obj != NO_ENTRY) {
191 +                               rprintf(FERROR, "old_recv_rsync_acl: error: duplicate OTHER entry\n");
192 +                               exit_cleanup(RERR_STREAMIO);
193 +                       }
194 +                       racl->other_obj = access;
195 +                       continue;
196 +               default:
197 +                       rprintf(FERROR, "old_recv_rsync_acl: unknown tag %c\n",
198 +                               tag);
199 +                       exit_cleanup(RERR_STREAMIO);
200 +               }
201 +               if (tag_type != prior_list_type) {
202 +                       if (prior_list_type)
203 +                               save_idas(racl, prior_list_type, &temp_ida_list);
204 +                       prior_list_type = tag_type;
205 +               }
206 +               ida = EXPAND_ITEM_LIST(&temp_ida_list, id_access, -10);
207 +               ida->access = access;
208 +               ida->id = read_int(f);
209 +               computed_mask_bits |= access;
210 +       }
211 +       if (prior_list_type)
212 +               save_idas(racl, prior_list_type, &temp_ida_list);
213 +
214 +       if (!racl->users.count && !racl->groups.count) {
215 +               /* If we received a superfluous mask, throw it away. */
216 +               if (racl->mask_obj != NO_ENTRY) {
217 +                       /* Mask off the group perms with it first. */
218 +                       racl->group_obj &= racl->mask_obj | NO_ENTRY;
219 +                       racl->mask_obj = NO_ENTRY;
220 +               }
221 +       } else if (racl->mask_obj == NO_ENTRY) /* Must be non-empty with lists. */
222 +               racl->mask_obj = computed_mask_bits | (racl->group_obj & 7);
223 +}
224 +
225 +/* Receive the ACL info the sender has included for this file-list entry. */
226 +void old_recv_acl(struct file_struct *file, int f)
227 +{
228 +       SMB_ACL_TYPE_T type;
229 +       item_list *racl_list;
230 +
231 +       if (S_ISLNK(file->mode))
232 +               return;
233 +
234 +       type = SMB_ACL_TYPE_ACCESS;
235 +       racl_list = &access_acl_list;
236 +       do {
237 +               char tag = read_byte(f);
238 +               int ndx;
239 +
240 +               if (tag == 'A' || tag == 'a') {
241 +                       if (type != SMB_ACL_TYPE_ACCESS) {
242 +                               rprintf(FERROR, "receive_acl %s: duplicate access ACL\n",
243 +                                       f_name(file, NULL));
244 +                               exit_cleanup(RERR_STREAMIO);
245 +                       }
246 +               } else if (tag == 'D' || tag == 'd') {
247 +                       if (type == SMB_ACL_TYPE_ACCESS) {
248 +                               rprintf(FERROR, "receive_acl %s: expecting access ACL; got default\n",
249 +                                       f_name(file, NULL));
250 +                               exit_cleanup(RERR_STREAMIO);
251 +                       }
252 +               } else {
253 +                       rprintf(FERROR, "receive_acl %s: unknown ACL type tag: %c\n",
254 +                               f_name(file, NULL), tag);
255 +                       exit_cleanup(RERR_STREAMIO);
256 +               }
257 +               if (tag == 'A' || tag == 'D') {
258 +                       acl_duo *duo_item;
259 +                       ndx = racl_list->count;
260 +                       duo_item = EXPAND_ITEM_LIST(racl_list, acl_duo, 1000);
261 +                       duo_item->racl = empty_rsync_acl;
262 +                       old_recv_rsync_acl(&duo_item->racl, f);
263 +                       duo_item->sacl = NULL;
264 +               } else {
265 +                       ndx = read_int(f);
266 +                       if (ndx < 0 || (size_t)ndx >= racl_list->count) {
267 +                               rprintf(FERROR, "receive_acl %s: %s ACL index %d out of range\n",
268 +                                       f_name(file, NULL), str_acl_type(type), ndx);
269 +                               exit_cleanup(RERR_STREAMIO);
270 +                       }
271 +               }
272 +               if (type == SMB_ACL_TYPE_ACCESS)
273 +                       F_ACL(file) = ndx;
274 +               else
275 +                       F_DEF_ACL(file) = ndx;
276 +               racl_list = &default_acl_list;
277 +       } while (BUMP_TYPE(type) && S_ISDIR(file->mode));
278 +}
279 +
280  /* === Receive functions === */
281  
282  static uchar recv_acl_access(uchar *name_follows_val, int f)
283 @@ -768,6 +1009,11 @@ static int recv_rsync_acl(item_list *rac
284  /* Receive the ACL info the sender has included for this file-list entry. */
285  void receive_acl(struct file_struct *file, int f)
286  {
287 +       if (protocol_version < 30) {
288 +               old_recv_acl(file, f);
289 +               return;
290 +       }
291 +
292         F_ACL(file) = recv_rsync_acl(&access_acl_list, SMB_ACL_TYPE_ACCESS, f);
293  
294         if (S_ISDIR(file->mode))
295 --- old/compat.c
296 +++ new/compat.c
297 @@ -111,13 +111,6 @@ void setup_protocol(int f_out,int f_in)
298                             protocol_version);
299                         exit_cleanup(RERR_PROTOCOL);
300                 }
301 -               if (preserve_acls) {
302 -                       rprintf(FERROR,
303 -                           "--acls requires protocol 30 or higher"
304 -                           " (negotiated %d).\n",
305 -                           protocol_version);
306 -                       exit_cleanup(RERR_PROTOCOL);
307 -               }
308         }
309  
310         if (delete_mode && !(delete_before+delete_during+delete_after)) {
311 --- old/testsuite/acls.test
312 +++ new/testsuite/acls.test
313 @@ -9,10 +9,6 @@
314  
315  $RSYNC --version | grep ", ACLs" >/dev/null || test_skipped "Rsync is configured without ACL support"
316  
317 -case "$RSYNC" in
318 -*protocol=29*) test_skipped "ACLs require protocol 30" ;;
319 -esac
320 -
321  case "$setfacl_nodef" in
322  true) test_skipped "I don't know how to use your setfacl command" ;;
323  esac
324 --- old/testsuite/default-acls.test
325 +++ new/testsuite/default-acls.test
326 @@ -9,10 +9,6 @@
327  
328  $RSYNC --version | grep ", ACLs" >/dev/null || test_skipped "Rsync is configured without ACL support"
329  
330 -case "$RSYNC" in
331 -*protocol=29*) test_skipped "ACLs require protocol 30" ;;
332 -esac
333 -
334  case "$setfacl_nodef" in
335  true) test_skipped "I don't know how to use your setfacl command" ;;
336  *-k*) opts='-dm u::7,g::5,o:5' ;;
Rsync's patches repository.