| 1 | This patch adds backward-compatibility support for the --acls option. |
| 2 | Since the main release has never had ACL support, the trunk doesn't |
| 3 | need this code. If you want to make rsync 3.0.x communicate with an |
| 4 | older (patched) release, use this. |
| 5 | |
| 6 | To use this patch, run these commands for a successful build: |
| 7 | |
| 8 | patch -p1 <patches/acls.diff |
| 9 | ./configure (optional if already run) |
| 10 | make |
| 11 | |
| 12 | --- old/acls.c |
| 13 | +++ new/acls.c |
| 14 | @@ -98,6 +98,18 @@ static const char *str_acl_type(SMB_ACL_ |
| 15 | : "unknown SMB_ACL_TYPE_T"; |
| 16 | } |
| 17 | |
| 18 | +#define OTHER_TYPE(t) (SMB_ACL_TYPE_ACCESS+SMB_ACL_TYPE_DEFAULT-(t)) |
| 19 | +#define BUMP_TYPE(t) ((t = OTHER_TYPE(t)) == SMB_ACL_TYPE_DEFAULT) |
| 20 | + |
| 21 | +static int old_count_racl_entries(const rsync_acl *racl) |
| 22 | +{ |
| 23 | + return racl->names.count |
| 24 | + + (racl->user_obj != NO_ENTRY) |
| 25 | + + (racl->group_obj != NO_ENTRY) |
| 26 | + + (racl->mask_obj != NO_ENTRY) |
| 27 | + + (racl->other_obj != NO_ENTRY); |
| 28 | +} |
| 29 | + |
| 30 | static int calc_sacl_entries(const rsync_acl *racl) |
| 31 | { |
| 32 | /* A System ACL always gets user/group/other permission entries. */ |
| 33 | @@ -522,6 +534,96 @@ int get_acl(const char *fname, statx *sx |
| 34 | return 0; |
| 35 | } |
| 36 | |
| 37 | +/* === OLD Send functions === */ |
| 38 | + |
| 39 | +/* Send the ida list over the file descriptor. */ |
| 40 | +static void old_send_ida_entries(int f, const ida_entries *idal, char tag_char) |
| 41 | +{ |
| 42 | + id_access *ida; |
| 43 | + size_t count = idal->count; |
| 44 | + for (ida = idal->idas; count--; ida++) { |
| 45 | + if (tag_char == 'U') { |
| 46 | + if (!(ida->access & NAME_IS_USER)) |
| 47 | + continue; |
| 48 | + add_uid(ida->id); |
| 49 | + } else { |
| 50 | + if (ida->access & NAME_IS_USER) |
| 51 | + continue; |
| 52 | + add_gid(ida->id); |
| 53 | + } |
| 54 | + write_byte(f, tag_char); |
| 55 | + write_byte(f, ida->access); |
| 56 | + write_int(f, ida->id); |
| 57 | + } |
| 58 | +} |
| 59 | + |
| 60 | +/* Send an rsync ACL over the file descriptor. */ |
| 61 | +static void old_send_rsync_acl(int f, const rsync_acl *racl) |
| 62 | +{ |
| 63 | + size_t count = old_count_racl_entries(racl); |
| 64 | + write_int(f, count); |
| 65 | + if (racl->user_obj != NO_ENTRY) { |
| 66 | + write_byte(f, 'u'); |
| 67 | + write_byte(f, racl->user_obj); |
| 68 | + } |
| 69 | + old_send_ida_entries(f, &racl->names, 'U'); |
| 70 | + if (racl->group_obj != NO_ENTRY) { |
| 71 | + write_byte(f, 'g'); |
| 72 | + write_byte(f, racl->group_obj); |
| 73 | + } |
| 74 | + old_send_ida_entries(f, &racl->names, 'G'); |
| 75 | + if (racl->mask_obj != NO_ENTRY) { |
| 76 | + write_byte(f, 'm'); |
| 77 | + write_byte(f, racl->mask_obj); |
| 78 | + } |
| 79 | + if (racl->other_obj != NO_ENTRY) { |
| 80 | + write_byte(f, 'o'); |
| 81 | + write_byte(f, racl->other_obj); |
| 82 | + } |
| 83 | +} |
| 84 | + |
| 85 | +/* Send the ACL from the statx structure down the indicated file descriptor. |
| 86 | + * This also frees the ACL data. */ |
| 87 | +void old_send_acl(statx *sxp, int f) |
| 88 | +{ |
| 89 | + SMB_ACL_TYPE_T type; |
| 90 | + rsync_acl *racl, *new_racl; |
| 91 | + item_list *racl_list; |
| 92 | + int ndx; |
| 93 | + |
| 94 | + type = SMB_ACL_TYPE_ACCESS; |
| 95 | + racl = sxp->acc_acl; |
| 96 | + racl_list = &access_acl_list; |
| 97 | + do { |
| 98 | + if (!racl) { |
| 99 | + racl = new(rsync_acl); |
| 100 | + if (!racl) |
| 101 | + out_of_memory("send_acl"); |
| 102 | + *racl = empty_rsync_acl; |
| 103 | + if (type == SMB_ACL_TYPE_ACCESS) { |
| 104 | + rsync_acl_fake_perms(racl, sxp->st.st_mode); |
| 105 | + sxp->acc_acl = racl; |
| 106 | + } else |
| 107 | + sxp->def_acl = racl; |
| 108 | + } |
| 109 | + |
| 110 | + if ((ndx = find_matching_rsync_acl(racl, type, racl_list)) != -1) { |
| 111 | + write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'a' : 'd'); |
| 112 | + write_int(f, ndx); |
| 113 | + } else { |
| 114 | + new_racl = EXPAND_ITEM_LIST(racl_list, rsync_acl, 1000); |
| 115 | + write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'A' : 'D'); |
| 116 | + old_send_rsync_acl(f, racl); |
| 117 | + *new_racl = *racl; |
| 118 | + *racl = empty_rsync_acl; |
| 119 | + } |
| 120 | + racl = sxp->def_acl; |
| 121 | + racl_list = &default_acl_list; |
| 122 | + } while (BUMP_TYPE(type) && S_ISDIR(sxp->st.st_mode)); |
| 123 | + |
| 124 | + free_acl(sxp); |
| 125 | +} |
| 126 | + |
| 127 | /* === Send functions === */ |
| 128 | |
| 129 | /* The general strategy with the tag_type <-> character mapping is that |
| 130 | @@ -604,6 +706,11 @@ static void send_rsync_acl(rsync_acl *ra |
| 131 | * This also frees the ACL data. */ |
| 132 | void send_acl(statx *sxp, int f) |
| 133 | { |
| 134 | + if (protocol_version < 30) { |
| 135 | + old_send_acl(sxp, f); |
| 136 | + return; |
| 137 | + } |
| 138 | + |
| 139 | if (!sxp->acc_acl) { |
| 140 | sxp->acc_acl = create_racl(); |
| 141 | rsync_acl_fake_perms(sxp->acc_acl, sxp->st.st_mode); |
| 142 | @@ -621,6 +728,160 @@ void send_acl(statx *sxp, int f) |
| 143 | } |
| 144 | } |
| 145 | |
| 146 | +/* === OLD Receive functions */ |
| 147 | + |
| 148 | +static void old_recv_rsync_acl(rsync_acl *racl, int f) |
| 149 | +{ |
| 150 | + static item_list temp_ida_list = EMPTY_ITEM_LIST; |
| 151 | + SMB_ACL_TAG_T tag_type = 0; |
| 152 | + uchar computed_mask_bits = 0; |
| 153 | + id_access *ida; |
| 154 | + size_t count; |
| 155 | + |
| 156 | + if (!(count = read_int(f))) |
| 157 | + return; |
| 158 | + |
| 159 | + while (count--) { |
| 160 | + char tag = read_byte(f); |
| 161 | + uchar access = read_byte(f); |
| 162 | + if (access & ~ (4 | 2 | 1)) { |
| 163 | + rprintf(FERROR, "old_recv_rsync_acl: bogus permset %o\n", |
| 164 | + access); |
| 165 | + exit_cleanup(RERR_STREAMIO); |
| 166 | + } |
| 167 | + switch (tag) { |
| 168 | + case 'u': |
| 169 | + if (racl->user_obj != NO_ENTRY) { |
| 170 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate USER_OBJ entry\n"); |
| 171 | + exit_cleanup(RERR_STREAMIO); |
| 172 | + } |
| 173 | + racl->user_obj = access; |
| 174 | + continue; |
| 175 | + case 'U': |
| 176 | + tag_type = SMB_ACL_USER; |
| 177 | + break; |
| 178 | + case 'g': |
| 179 | + if (racl->group_obj != NO_ENTRY) { |
| 180 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate GROUP_OBJ entry\n"); |
| 181 | + exit_cleanup(RERR_STREAMIO); |
| 182 | + } |
| 183 | + racl->group_obj = access; |
| 184 | + continue; |
| 185 | + case 'G': |
| 186 | + tag_type = SMB_ACL_GROUP; |
| 187 | + break; |
| 188 | + case 'm': |
| 189 | + if (racl->mask_obj != NO_ENTRY) { |
| 190 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate MASK entry\n"); |
| 191 | + exit_cleanup(RERR_STREAMIO); |
| 192 | + } |
| 193 | + racl->mask_obj = access; |
| 194 | + continue; |
| 195 | + case 'o': |
| 196 | + if (racl->other_obj != NO_ENTRY) { |
| 197 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate OTHER entry\n"); |
| 198 | + exit_cleanup(RERR_STREAMIO); |
| 199 | + } |
| 200 | + racl->other_obj = access; |
| 201 | + continue; |
| 202 | + default: |
| 203 | + rprintf(FERROR, "old_recv_rsync_acl: unknown tag %c\n", |
| 204 | + tag); |
| 205 | + exit_cleanup(RERR_STREAMIO); |
| 206 | + } |
| 207 | + ida = EXPAND_ITEM_LIST(&temp_ida_list, id_access, -10); |
| 208 | + ida->access = access | (tag_type == SMB_ACL_USER ? NAME_IS_USER : 0); |
| 209 | + ida->id = read_int(f); |
| 210 | + computed_mask_bits |= access; |
| 211 | + } |
| 212 | + |
| 213 | + /* Transfer the count id_access items out of the temp_ida_list |
| 214 | + * into the names ida_entries list in racl. */ |
| 215 | + if (temp_ida_list.count) { |
| 216 | +#ifdef SMB_ACL_NEED_SORT |
| 217 | + if (temp_ida_list.count > 1) { |
| 218 | + qsort(temp_ida_list.items, temp_ida_list.count, |
| 219 | + sizeof (id_access), id_access_sorter); |
| 220 | + } |
| 221 | +#endif |
| 222 | + if (!(racl->names.idas = new_array(id_access, temp_ida_list.count))) |
| 223 | + out_of_memory("unpack_smb_acl"); |
| 224 | + memcpy(racl->names.idas, temp_ida_list.items, |
| 225 | + temp_ida_list.count * sizeof (id_access)); |
| 226 | + } else |
| 227 | + racl->names.idas = NULL; |
| 228 | + |
| 229 | + racl->names.count = temp_ida_list.count; |
| 230 | + |
| 231 | + /* Truncate the temporary list now that its idas have been saved. */ |
| 232 | + temp_ida_list.count = 0; |
| 233 | + |
| 234 | + if (!racl->names.count) { |
| 235 | + /* If we received a superfluous mask, throw it away. */ |
| 236 | + if (racl->mask_obj != NO_ENTRY) { |
| 237 | + /* Mask off the group perms with it first. */ |
| 238 | + racl->group_obj &= racl->mask_obj | NO_ENTRY; |
| 239 | + racl->mask_obj = NO_ENTRY; |
| 240 | + } |
| 241 | + } else if (racl->mask_obj == NO_ENTRY) /* Must be non-empty with lists. */ |
| 242 | + racl->mask_obj = (computed_mask_bits | racl->group_obj) & 7; |
| 243 | +} |
| 244 | + |
| 245 | +/* Receive the ACL info the sender has included for this file-list entry. */ |
| 246 | +void old_recv_acl(struct file_struct *file, int f) |
| 247 | +{ |
| 248 | + SMB_ACL_TYPE_T type; |
| 249 | + item_list *racl_list; |
| 250 | + |
| 251 | + if (S_ISLNK(file->mode)) |
| 252 | + return; |
| 253 | + |
| 254 | + type = SMB_ACL_TYPE_ACCESS; |
| 255 | + racl_list = &access_acl_list; |
| 256 | + do { |
| 257 | + char tag = read_byte(f); |
| 258 | + int ndx; |
| 259 | + |
| 260 | + if (tag == 'A' || tag == 'a') { |
| 261 | + if (type != SMB_ACL_TYPE_ACCESS) { |
| 262 | + rprintf(FERROR, "receive_acl %s: duplicate access ACL\n", |
| 263 | + f_name(file, NULL)); |
| 264 | + exit_cleanup(RERR_STREAMIO); |
| 265 | + } |
| 266 | + } else if (tag == 'D' || tag == 'd') { |
| 267 | + if (type == SMB_ACL_TYPE_ACCESS) { |
| 268 | + rprintf(FERROR, "receive_acl %s: expecting access ACL; got default\n", |
| 269 | + f_name(file, NULL)); |
| 270 | + exit_cleanup(RERR_STREAMIO); |
| 271 | + } |
| 272 | + } else { |
| 273 | + rprintf(FERROR, "receive_acl %s: unknown ACL type tag: %c\n", |
| 274 | + f_name(file, NULL), tag); |
| 275 | + exit_cleanup(RERR_STREAMIO); |
| 276 | + } |
| 277 | + if (tag == 'A' || tag == 'D') { |
| 278 | + acl_duo *duo_item; |
| 279 | + ndx = racl_list->count; |
| 280 | + duo_item = EXPAND_ITEM_LIST(racl_list, acl_duo, 1000); |
| 281 | + duo_item->racl = empty_rsync_acl; |
| 282 | + old_recv_rsync_acl(&duo_item->racl, f); |
| 283 | + duo_item->sacl = NULL; |
| 284 | + } else { |
| 285 | + ndx = read_int(f); |
| 286 | + if (ndx < 0 || (size_t)ndx >= racl_list->count) { |
| 287 | + rprintf(FERROR, "receive_acl %s: %s ACL index %d out of range\n", |
| 288 | + f_name(file, NULL), str_acl_type(type), ndx); |
| 289 | + exit_cleanup(RERR_STREAMIO); |
| 290 | + } |
| 291 | + } |
| 292 | + if (type == SMB_ACL_TYPE_ACCESS) |
| 293 | + F_ACL(file) = ndx; |
| 294 | + else |
| 295 | + F_DEF_ACL(file) = ndx; |
| 296 | + racl_list = &default_acl_list; |
| 297 | + } while (BUMP_TYPE(type) && S_ISDIR(file->mode)); |
| 298 | +} |
| 299 | + |
| 300 | /* === Receive functions === */ |
| 301 | |
| 302 | static uint32 recv_acl_access(uchar *name_follows_ptr, int f) |
| 303 | @@ -738,6 +999,11 @@ static int recv_rsync_acl(item_list *rac |
| 304 | /* Receive the ACL info the sender has included for this file-list entry. */ |
| 305 | void receive_acl(struct file_struct *file, int f) |
| 306 | { |
| 307 | + if (protocol_version < 30) { |
| 308 | + old_recv_acl(file, f); |
| 309 | + return; |
| 310 | + } |
| 311 | + |
| 312 | F_ACL(file) = recv_rsync_acl(&access_acl_list, SMB_ACL_TYPE_ACCESS, f); |
| 313 | |
| 314 | if (S_ISDIR(file->mode)) |
| 315 | --- old/compat.c |
| 316 | +++ new/compat.c |
| 317 | @@ -147,13 +147,6 @@ void setup_protocol(int f_out,int f_in) |
| 318 | protocol_version); |
| 319 | exit_cleanup(RERR_PROTOCOL); |
| 320 | } |
| 321 | - if (preserve_acls && !local_server) { |
| 322 | - rprintf(FERROR, |
| 323 | - "--acls requires protocol 30 or higher" |
| 324 | - " (negotiated %d).\n", |
| 325 | - protocol_version); |
| 326 | - exit_cleanup(RERR_PROTOCOL); |
| 327 | - } |
| 328 | if (preserve_xattrs && !local_server) { |
| 329 | rprintf(FERROR, |
| 330 | "--xattrs requires protocol 30 or higher" |