1 CAUTION: This patch compiles, but is otherwise totally untested!
3 This patch also implements --times-only.
5 Implementation details for the --source-filter and -dest-filter options:
7 - These options open a *HUGE* security hole in daemon mode unless they
8 are refused in your rsyncd.conf!
10 - Filtering disables rsync alogrithm. (This should be fixed.)
12 - Source filter makes temporary files in /tmp. (Should be overridable.)
14 - If source filter fails, data is send unfiltered. (Should be changed
17 - Failure of destination filter, causes data loss!!! (Should be changed
20 - If filter changes size of file, you should use --times-only option to
21 prevent repeated transfers of unchanged files.
23 - If the COMMAND contains single quotes, option-passing breaks. (Needs
26 To use this patch, run these commands for a successful build:
28 patch -p1 <patches/source-filter_dest-filter.diff
30 ./configure (optional if already run)
33 based-on: 1e9ee19a716b72454dfeab663802c626b81cdf2e
34 diff --git a/generator.c b/generator.c
37 @@ -62,6 +62,7 @@ extern int append_mode;
38 extern int make_backups;
39 extern int csum_length;
40 extern int ignore_times;
41 +extern int times_only;
43 extern OFF_T max_size;
44 extern OFF_T min_size;
45 @@ -567,7 +568,7 @@ void itemize(const char *fnamecmp, struct file_struct *file, int ndx, int statre
46 /* Perform our quick-check heuristic for determining if a file is unchanged. */
47 int unchanged_file(char *fn, struct file_struct *file, STRUCT_STAT *st)
49 - if (st->st_size != F_LENGTH(file))
50 + if (!times_only && st->st_size != F_LENGTH(file))
53 /* if always checksum is set then we use the checksum instead
54 diff --git a/main.c b/main.c
57 @@ -154,7 +154,7 @@ pid_t wait_process(pid_t pid, int *status_ptr, int flags)
60 /* Wait for a process to exit, calling io_flush while waiting. */
61 -static void wait_process_with_flush(pid_t pid, int *exit_code_ptr)
62 +void wait_process_with_flush(pid_t pid, int *exit_code_ptr)
66 diff --git a/options.c b/options.c
69 @@ -106,6 +106,7 @@ int safe_symlinks = 0;
70 int copy_unsafe_links = 0;
71 int munge_symlinks = 0;
74 int daemon_bwlimit = 0;
77 @@ -165,6 +166,8 @@ char *logfile_name = NULL;
78 char *logfile_format = NULL;
79 char *stdout_format = NULL;
80 char *password_file = NULL;
81 +char *source_filter = NULL;
82 +char *dest_filter = NULL;
83 char *rsync_path = RSYNC_PATH;
84 char *backup_dir = NULL;
85 char backup_dir_buf[MAXPATHLEN];
86 @@ -756,6 +759,7 @@ void usage(enum logcode F)
87 rprintf(F," -I, --ignore-times don't skip files that match in size and mod-time\n");
88 rprintf(F," -M, --remote-option=OPTION send OPTION to the remote side only\n");
89 rprintf(F," --size-only skip files that match in size\n");
90 + rprintf(F," --times-only skip files that match in mod-time\n");
91 rprintf(F," --modify-window=NUM compare mod-times with reduced accuracy\n");
92 rprintf(F," -T, --temp-dir=DIR create temporary files in directory DIR\n");
93 rprintf(F," -y, --fuzzy find similar file for basis if no dest file\n");
94 @@ -798,6 +802,8 @@ void usage(enum logcode F)
95 rprintf(F," --write-batch=FILE write a batched update to FILE\n");
96 rprintf(F," --only-write-batch=FILE like --write-batch but w/o updating destination\n");
97 rprintf(F," --read-batch=FILE read a batched update from FILE\n");
98 + rprintf(F," --source-filter=COMMAND filter file through COMMAND at source\n");
99 + rprintf(F," --dest-filter=COMMAND filter file through COMMAND at destination\n");
100 rprintf(F," --protocol=NUM force an older protocol version to be used\n");
102 rprintf(F," --iconv=CONVERT_SPEC request charset conversion of filenames\n");
103 @@ -910,6 +916,7 @@ static struct poptOption long_options[] = {
104 {"chmod", 0, POPT_ARG_STRING, 0, OPT_CHMOD, 0, 0 },
105 {"ignore-times", 'I', POPT_ARG_NONE, &ignore_times, 0, 0, 0 },
106 {"size-only", 0, POPT_ARG_NONE, &size_only, 0, 0, 0 },
107 + {"times-only", 0, POPT_ARG_NONE, ×_only , 0, 0, 0 },
108 {"one-file-system", 'x', POPT_ARG_NONE, 0, 'x', 0, 0 },
109 {"no-one-file-system",0, POPT_ARG_VAL, &one_file_system, 0, 0, 0 },
110 {"no-x", 0, POPT_ARG_VAL, &one_file_system, 0, 0, 0 },
111 @@ -1031,6 +1038,8 @@ static struct poptOption long_options[] = {
112 {"password-file", 0, POPT_ARG_STRING, &password_file, 0, 0, 0 },
113 {"blocking-io", 0, POPT_ARG_VAL, &blocking_io, 1, 0, 0 },
114 {"no-blocking-io", 0, POPT_ARG_VAL, &blocking_io, 0, 0, 0 },
115 + {"source-filter", 0, POPT_ARG_STRING, &source_filter, 0, 0, 0 },
116 + {"dest-filter", 0, POPT_ARG_STRING, &dest_filter, 0, 0, 0 },
118 {"outbuf", 0, POPT_ARG_STRING, &outbuf_mode, 0, 0, 0 },
120 @@ -2281,6 +2290,16 @@ int parse_arguments(int *argc_p, const char ***argv_p)
124 + if (source_filter || dest_filter) {
125 + if (whole_file == 0) {
126 + snprintf(err_buf, sizeof err_buf,
127 + "--no-whole-file cannot be used with --%s-filter\n",
128 + source_filter ? "source" : "dest");
137 @@ -2632,6 +2651,25 @@ void server_options(char **args, int *argc_p)
138 else if (missing_args == 1 && !am_sender)
139 args[ac++] = "--ignore-missing-args";
141 + if (times_only && am_sender)
142 + args[ac++] = "--times-only";
144 + if (source_filter && !am_sender) {
145 + /* Need to single quote the arg to keep the remote shell
146 + * from splitting it. FIXME: breaks if command has single quotes. */
147 + if (asprintf(&arg, "--source-filter='%s'", source_filter) < 0)
152 + if (dest_filter && am_sender) {
153 + /* Need to single quote the arg to keep the remote shell
154 + * from splitting it. FIXME: breaks if command has single quotes. */
155 + if (asprintf(&arg, "--dest-filter='%s'", dest_filter) < 0)
160 if (modify_window_set) {
161 if (asprintf(&arg, "--modify-window=%d", modify_window) < 0)
163 diff --git a/pipe.c b/pipe.c
166 @@ -27,6 +27,7 @@ extern int am_server;
167 extern int blocking_io;
168 extern int filesfrom_fd;
169 extern int munge_symlinks;
170 +extern mode_t orig_umask;
171 extern char *logfile_name;
172 extern int remote_option_cnt;
173 extern const char **remote_options;
174 @@ -178,3 +179,77 @@ pid_t local_child(int argc, char **argv, int *f_in, int *f_out,
179 +pid_t run_filter(char *command[], int out, int *pipe_to_filter)
184 + if (DEBUG_GTE(CMD, 1))
185 + print_child_argv("opening connection using:", command);
187 + if (pipe(pipefds) < 0) {
188 + rsyserr(FERROR, errno, "pipe");
189 + exit_cleanup(RERR_IPC);
194 + rsyserr(FERROR, errno, "fork");
195 + exit_cleanup(RERR_IPC);
199 + if (dup2(pipefds[0], STDIN_FILENO) < 0
200 + || close(pipefds[1]) < 0
201 + || dup2(out, STDOUT_FILENO) < 0) {
202 + rsyserr(FERROR, errno, "Failed dup/close");
203 + exit_cleanup(RERR_IPC);
206 + set_blocking(STDIN_FILENO);
208 + set_blocking(STDOUT_FILENO);
209 + execvp(command[0], command);
210 + rsyserr(FERROR, errno, "Failed to exec %s", command[0]);
211 + exit_cleanup(RERR_IPC);
214 + if (close(pipefds[0]) < 0) {
215 + rsyserr(FERROR, errno, "Failed to close");
216 + exit_cleanup(RERR_IPC);
219 + *pipe_to_filter = pipefds[1];
224 +pid_t run_filter_on_file(char *command[], int out, int in)
228 + if (DEBUG_GTE(CMD, 1))
229 + print_child_argv("opening connection using:", command);
233 + rsyserr(FERROR, errno, "fork");
234 + exit_cleanup(RERR_IPC);
238 + if (dup2(in, STDIN_FILENO) < 0
239 + || dup2(out, STDOUT_FILENO) < 0) {
240 + rsyserr(FERROR, errno, "Failed to dup2");
241 + exit_cleanup(RERR_IPC);
244 + set_blocking(STDOUT_FILENO);
245 + execvp(command[0], command);
246 + rsyserr(FERROR, errno, "Failed to exec %s", command[0]);
247 + exit_cleanup(RERR_IPC);
252 diff --git a/receiver.c b/receiver.c
255 @@ -55,6 +55,7 @@ extern int delay_updates;
256 extern mode_t orig_umask;
257 extern struct stats stats;
259 +extern char *dest_filter;
260 extern char *partial_dir;
261 extern char *basis_dir[MAX_BASIS_DIRS+1];
262 extern char sender_file_sum[MAX_DIGEST_LEN];
263 @@ -530,6 +531,8 @@ int recv_files(int f_in, int f_out, char *local_name)
264 const char *parent_dirname = "";
268 + char *filter_argv[MAX_FILTER_ARGS + 1];
270 if (DEBUG_GTE(RECV, 1))
271 rprintf(FINFO, "recv_files(%d) starting\n", cur_flist->used);
272 @@ -537,6 +540,23 @@ int recv_files(int f_in, int f_out, char *local_name)
274 delayed_bits = bitbag_create(cur_flist->used + 1);
280 + for (p = strtok(dest_filter, sep), i = 0;
281 + p && i < MAX_FILTER_ARGS;
282 + p = strtok(0, sep))
283 + filter_argv[i++] = p;
284 + filter_argv[i] = NULL;
287 + "Too many arguments to dest-filter (> %d)\n",
289 + exit_cleanup(RERR_SYNTAX);
296 @@ -841,6 +861,9 @@ int recv_files(int f_in, int f_out, char *local_name)
297 else if (!am_server && INFO_GTE(NAME, 1) && INFO_EQ(PROGRESS, 1))
298 rprintf(FINFO, "%s\n", fname);
301 + pid = run_filter(filter_argv, fd2, &fd2);
304 recv_ok = receive_data(f_in, fnamecmp, fd1, st.st_size,
305 fname, fd2, F_LENGTH(file));
306 @@ -855,6 +878,16 @@ int recv_files(int f_in, int f_out, char *local_name)
307 exit_cleanup(RERR_FILEIO);
312 + wait_process_with_flush(pid, &status);
314 + rprintf(FERROR, "filter %s exited code: %d\n",
315 + dest_filter, status);
320 if ((recv_ok && (!delay_updates || !partialptr)) || inplace) {
321 if (partialptr == fname)
323 diff --git a/rsync.h b/rsync.h
327 #define IOERR_DEL_LIMIT (1<<2)
329 #define MAX_ARGS 1000
330 +#define MAX_FILTER_ARGS 100
331 #define MAX_BASIS_DIRS 20
332 #define MAX_SERVER_ARGS (MAX_BASIS_DIRS*2 + 100)
334 diff --git a/rsync.yo b/rsync.yo
337 @@ -410,6 +410,7 @@ to the detailed description below for a complete description. verb(
338 --contimeout=SECONDS set daemon connection timeout in seconds
339 -I, --ignore-times don't skip files that match size and time
340 --size-only skip files that match in size
341 + --times-only skip files that match in mod-time
342 --modify-window=NUM compare mod-times with reduced accuracy
343 -T, --temp-dir=DIR create temporary files in directory DIR
344 -y, --fuzzy find similar file for basis if no dest file
345 @@ -451,6 +452,8 @@ to the detailed description below for a complete description. verb(
346 --write-batch=FILE write a batched update to FILE
347 --only-write-batch=FILE like --write-batch but w/o updating dest
348 --read-batch=FILE read a batched update from FILE
349 + --source-filter=COMMAND filter file through COMMAND at source
350 + --dest-filter=COMMAND filter file through COMMAND at destination
351 --protocol=NUM force an older protocol version to be used
352 --iconv=CONVERT_SPEC request charset conversion of filenames
353 --checksum-seed=NUM set block/file checksum seed (advanced)
354 @@ -2504,6 +2507,33 @@ file previously generated by bf(--write-batch).
355 If em(FILE) is bf(-), the batch data will be read from standard input.
356 See the "BATCH MODE" section for details.
358 +dit(bf(--source-filter=COMMAND)) This option allows the user to specify a
359 +filter program that will be applied to the contents of all transferred
360 +regular files before the data is sent to destination. COMMAND will receive
361 +the data on its standard input and it should write the filtered data to
362 +standard output. COMMAND should exit non-zero if it cannot process the
363 +data or if it encounters an error when writing the data to stdout.
365 +Example: --source-filter="gzip -9" will cause remote files to be
367 +Use of --source-filter automatically enables --whole-file.
368 +If your filter does not output the same number of bytes that it received on
369 +input, you should use --times-only to disable size and content checks on
370 +subsequent rsync runs.
372 +dit(bf(--dest-filter=COMMAND)) This option allows you to specify a filter
373 +program that will be applied to the contents of all transferred regular
374 +files before the data is written to disk. COMMAND will receive the data on
375 +its standard input and it should write the filtered data to standard
376 +output. COMMAND should exit non-zero if it cannot process the data or if
377 +it encounters an error when writing the data to stdout.
379 +Example: --dest-filter="gzip -9" will cause remote files to be compressed.
380 +Use of --dest-filter automatically enables --whole-file.
381 +If your filter does not output the same number of bytes that it
382 +received on input, you should use --times-only to disable size and
383 +content checks on subsequent rsync runs.
385 dit(bf(--protocol=NUM)) Force an older protocol version to be used. This
386 is useful for creating a batch file that is compatible with an older
387 version of rsync. For instance, if rsync 2.6.4 is being used with the
388 diff --git a/sender.c b/sender.c
391 @@ -43,6 +43,7 @@ extern int inplace;
393 extern int write_batch;
394 extern int file_old_total;
395 +extern char *source_filter;
396 extern struct stats stats;
397 extern struct file_list *cur_flist, *first_flist, *dir_flist;
399 @@ -200,6 +201,26 @@ void send_files(int f_in, int f_out)
400 int f_xfer = write_batch < 0 ? batch_fd : f_out;
401 int save_io_error = io_error;
403 + char *filter_argv[MAX_FILTER_ARGS + 1];
405 + int unlink_tmp = 0;
407 + if (source_filter) {
411 + for (p = strtok(source_filter, sep), i = 0;
412 + p && i < MAX_FILTER_ARGS;
413 + p = strtok(0, sep))
414 + filter_argv[i++] = p;
415 + filter_argv[i] = NULL;
418 + "Too many arguments to source-filter (> %d)\n",
420 + exit_cleanup(RERR_SYNTAX);
424 if (DEBUG_GTE(SEND, 1))
425 rprintf(FINFO, "send_files starting\n");
426 @@ -334,6 +355,7 @@ void send_files(int f_in, int f_out)
427 exit_cleanup(RERR_PROTOCOL);
431 fd = do_open(fname, O_RDONLY, 0);
433 if (errno == ENOENT) {
434 @@ -355,6 +377,33 @@ void send_files(int f_in, int f_out)
438 + if (source_filter) {
440 + char *tmpl = "/tmp/rsync-filtered_sourceXXXXXX";
442 + tmp = strdup(tmpl);
443 + fd2 = mkstemp(tmp);
445 + rprintf(FERROR, "mkstemp %s failed: %s\n",
446 + tmp, strerror(errno));
449 + pid_t pid = run_filter_on_file(filter_argv, fd2, fd);
452 + wait_process_with_flush(pid, &status);
455 + "bypassing source filter %s; exited with code: %d\n",
456 + source_filter, status);
457 + fd = do_open(fname, O_RDONLY, 0);
459 + fd = do_open(tmp, O_RDONLY, 0);
465 /* map the local file */
466 if (do_fstat(fd, &st) != 0) {
467 io_error |= IOERR_GENERAL;
468 @@ -405,6 +454,8 @@ void send_files(int f_in, int f_out)