| 1 | This patch adds backward-compatibility support for the --acls option. |
| 2 | Since the main release has never had ACL support, the trunk doesn't |
| 3 | need this code. If you want to make rsync 3.0.x communicate with an |
| 4 | older (patched) release, use this. |
| 5 | |
| 6 | To use this patch, run these commands for a successful build: |
| 7 | |
| 8 | patch -p1 <patches/acls.diff |
| 9 | ./configure (optional if already run) |
| 10 | make |
| 11 | |
| 12 | --- old/acls.c |
| 13 | +++ new/acls.c |
| 14 | @@ -31,6 +31,7 @@ extern int list_only; |
| 15 | extern int orig_umask; |
| 16 | extern int numeric_ids; |
| 17 | extern int inc_recurse; |
| 18 | +extern int protocol_version; |
| 19 | |
| 20 | /* Flags used to indicate what items are being transmitted for an entry. */ |
| 21 | #define XMIT_USER_OBJ (1<<0) |
| 22 | @@ -97,6 +98,18 @@ static const char *str_acl_type(SMB_ACL_ |
| 23 | : "unknown SMB_ACL_TYPE_T"; |
| 24 | } |
| 25 | |
| 26 | +#define OTHER_TYPE(t) (SMB_ACL_TYPE_ACCESS+SMB_ACL_TYPE_DEFAULT-(t)) |
| 27 | +#define BUMP_TYPE(t) ((t = OTHER_TYPE(t)) == SMB_ACL_TYPE_DEFAULT) |
| 28 | + |
| 29 | +static int old_count_racl_entries(const rsync_acl *racl) |
| 30 | +{ |
| 31 | + return racl->names.count |
| 32 | + + (racl->user_obj != NO_ENTRY) |
| 33 | + + (racl->group_obj != NO_ENTRY) |
| 34 | + + (racl->mask_obj != NO_ENTRY) |
| 35 | + + (racl->other_obj != NO_ENTRY); |
| 36 | +} |
| 37 | + |
| 38 | static int calc_sacl_entries(const rsync_acl *racl) |
| 39 | { |
| 40 | /* A System ACL always gets user/group/other permission entries. */ |
| 41 | @@ -545,6 +558,96 @@ int get_acl(const char *fname, stat_x *s |
| 42 | return 0; |
| 43 | } |
| 44 | |
| 45 | +/* === OLD Send functions === */ |
| 46 | + |
| 47 | +/* Send the ida list over the file descriptor. */ |
| 48 | +static void old_send_ida_entries(int f, const ida_entries *idal, char tag_char) |
| 49 | +{ |
| 50 | + id_access *ida; |
| 51 | + size_t count = idal->count; |
| 52 | + for (ida = idal->idas; count--; ida++) { |
| 53 | + if (tag_char == 'U') { |
| 54 | + if (!(ida->access & NAME_IS_USER)) |
| 55 | + continue; |
| 56 | + add_uid(ida->id); |
| 57 | + } else { |
| 58 | + if (ida->access & NAME_IS_USER) |
| 59 | + continue; |
| 60 | + add_gid(ida->id); |
| 61 | + } |
| 62 | + write_byte(f, tag_char); |
| 63 | + write_byte(f, ida->access); |
| 64 | + write_int(f, ida->id); |
| 65 | + } |
| 66 | +} |
| 67 | + |
| 68 | +/* Send an rsync ACL over the file descriptor. */ |
| 69 | +static void old_send_rsync_acl(int f, const rsync_acl *racl) |
| 70 | +{ |
| 71 | + size_t count = old_count_racl_entries(racl); |
| 72 | + write_int(f, count); |
| 73 | + if (racl->user_obj != NO_ENTRY) { |
| 74 | + write_byte(f, 'u'); |
| 75 | + write_byte(f, racl->user_obj); |
| 76 | + } |
| 77 | + old_send_ida_entries(f, &racl->names, 'U'); |
| 78 | + if (racl->group_obj != NO_ENTRY) { |
| 79 | + write_byte(f, 'g'); |
| 80 | + write_byte(f, racl->group_obj); |
| 81 | + } |
| 82 | + old_send_ida_entries(f, &racl->names, 'G'); |
| 83 | + if (racl->mask_obj != NO_ENTRY) { |
| 84 | + write_byte(f, 'm'); |
| 85 | + write_byte(f, racl->mask_obj); |
| 86 | + } |
| 87 | + if (racl->other_obj != NO_ENTRY) { |
| 88 | + write_byte(f, 'o'); |
| 89 | + write_byte(f, racl->other_obj); |
| 90 | + } |
| 91 | +} |
| 92 | + |
| 93 | +/* Send the ACL from the stat_x structure down the indicated file descriptor. |
| 94 | + * This also frees the ACL data. */ |
| 95 | +void old_send_acl(stat_x *sxp, int f) |
| 96 | +{ |
| 97 | + SMB_ACL_TYPE_T type; |
| 98 | + rsync_acl *racl, *new_racl; |
| 99 | + item_list *racl_list; |
| 100 | + int ndx; |
| 101 | + |
| 102 | + type = SMB_ACL_TYPE_ACCESS; |
| 103 | + racl = sxp->acc_acl; |
| 104 | + racl_list = &access_acl_list; |
| 105 | + do { |
| 106 | + if (!racl) { |
| 107 | + racl = new(rsync_acl); |
| 108 | + if (!racl) |
| 109 | + out_of_memory("send_acl"); |
| 110 | + *racl = empty_rsync_acl; |
| 111 | + if (type == SMB_ACL_TYPE_ACCESS) { |
| 112 | + rsync_acl_fake_perms(racl, sxp->st.st_mode); |
| 113 | + sxp->acc_acl = racl; |
| 114 | + } else |
| 115 | + sxp->def_acl = racl; |
| 116 | + } |
| 117 | + |
| 118 | + if ((ndx = find_matching_rsync_acl(racl, type, racl_list)) != -1) { |
| 119 | + write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'a' : 'd'); |
| 120 | + write_int(f, ndx); |
| 121 | + } else { |
| 122 | + new_racl = EXPAND_ITEM_LIST(racl_list, rsync_acl, 1000); |
| 123 | + write_byte(f, type == SMB_ACL_TYPE_ACCESS ? 'A' : 'D'); |
| 124 | + old_send_rsync_acl(f, racl); |
| 125 | + *new_racl = *racl; |
| 126 | + *racl = empty_rsync_acl; |
| 127 | + } |
| 128 | + racl = sxp->def_acl; |
| 129 | + racl_list = &default_acl_list; |
| 130 | + } while (BUMP_TYPE(type) && S_ISDIR(sxp->st.st_mode)); |
| 131 | + |
| 132 | + free_acl(sxp); |
| 133 | +} |
| 134 | + |
| 135 | /* === Send functions === */ |
| 136 | |
| 137 | /* Send the ida list over the file descriptor. */ |
| 138 | @@ -620,6 +723,11 @@ static void send_rsync_acl(rsync_acl *ra |
| 139 | * This also frees the ACL data. */ |
| 140 | void send_acl(stat_x *sxp, int f) |
| 141 | { |
| 142 | + if (protocol_version < 30) { |
| 143 | + old_send_acl(sxp, f); |
| 144 | + return; |
| 145 | + } |
| 146 | + |
| 147 | if (!sxp->acc_acl) { |
| 148 | sxp->acc_acl = create_racl(); |
| 149 | rsync_acl_fake_perms(sxp->acc_acl, sxp->st.st_mode); |
| 150 | @@ -637,6 +745,160 @@ void send_acl(stat_x *sxp, int f) |
| 151 | } |
| 152 | } |
| 153 | |
| 154 | +/* === OLD Receive functions */ |
| 155 | + |
| 156 | +static void old_recv_rsync_acl(rsync_acl *racl, int f) |
| 157 | +{ |
| 158 | + static item_list temp_ida_list = EMPTY_ITEM_LIST; |
| 159 | + SMB_ACL_TAG_T tag_type = 0; |
| 160 | + uchar computed_mask_bits = 0; |
| 161 | + id_access *ida; |
| 162 | + size_t count; |
| 163 | + |
| 164 | + if (!(count = read_int(f))) |
| 165 | + return; |
| 166 | + |
| 167 | + while (count--) { |
| 168 | + char tag = read_byte(f); |
| 169 | + uchar access = read_byte(f); |
| 170 | + if (access & ~ (4 | 2 | 1)) { |
| 171 | + rprintf(FERROR, "old_recv_rsync_acl: bogus permset %o\n", |
| 172 | + access); |
| 173 | + exit_cleanup(RERR_STREAMIO); |
| 174 | + } |
| 175 | + switch (tag) { |
| 176 | + case 'u': |
| 177 | + if (racl->user_obj != NO_ENTRY) { |
| 178 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate USER_OBJ entry\n"); |
| 179 | + exit_cleanup(RERR_STREAMIO); |
| 180 | + } |
| 181 | + racl->user_obj = access; |
| 182 | + continue; |
| 183 | + case 'U': |
| 184 | + tag_type = SMB_ACL_USER; |
| 185 | + break; |
| 186 | + case 'g': |
| 187 | + if (racl->group_obj != NO_ENTRY) { |
| 188 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate GROUP_OBJ entry\n"); |
| 189 | + exit_cleanup(RERR_STREAMIO); |
| 190 | + } |
| 191 | + racl->group_obj = access; |
| 192 | + continue; |
| 193 | + case 'G': |
| 194 | + tag_type = SMB_ACL_GROUP; |
| 195 | + break; |
| 196 | + case 'm': |
| 197 | + if (racl->mask_obj != NO_ENTRY) { |
| 198 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate MASK entry\n"); |
| 199 | + exit_cleanup(RERR_STREAMIO); |
| 200 | + } |
| 201 | + racl->mask_obj = access; |
| 202 | + continue; |
| 203 | + case 'o': |
| 204 | + if (racl->other_obj != NO_ENTRY) { |
| 205 | + rprintf(FERROR, "old_recv_rsync_acl: error: duplicate OTHER entry\n"); |
| 206 | + exit_cleanup(RERR_STREAMIO); |
| 207 | + } |
| 208 | + racl->other_obj = access; |
| 209 | + continue; |
| 210 | + default: |
| 211 | + rprintf(FERROR, "old_recv_rsync_acl: unknown tag %c\n", |
| 212 | + tag); |
| 213 | + exit_cleanup(RERR_STREAMIO); |
| 214 | + } |
| 215 | + ida = EXPAND_ITEM_LIST(&temp_ida_list, id_access, -10); |
| 216 | + ida->access = access | (tag_type == SMB_ACL_USER ? NAME_IS_USER : 0); |
| 217 | + ida->id = read_int(f); |
| 218 | + computed_mask_bits |= access; |
| 219 | + } |
| 220 | + |
| 221 | + /* Transfer the count id_access items out of the temp_ida_list |
| 222 | + * into the names ida_entries list in racl. */ |
| 223 | + if (temp_ida_list.count) { |
| 224 | +#ifdef SMB_ACL_NEED_SORT |
| 225 | + if (temp_ida_list.count > 1) { |
| 226 | + qsort(temp_ida_list.items, temp_ida_list.count, |
| 227 | + sizeof (id_access), id_access_sorter); |
| 228 | + } |
| 229 | +#endif |
| 230 | + if (!(racl->names.idas = new_array(id_access, temp_ida_list.count))) |
| 231 | + out_of_memory("unpack_smb_acl"); |
| 232 | + memcpy(racl->names.idas, temp_ida_list.items, |
| 233 | + temp_ida_list.count * sizeof (id_access)); |
| 234 | + } else |
| 235 | + racl->names.idas = NULL; |
| 236 | + |
| 237 | + racl->names.count = temp_ida_list.count; |
| 238 | + |
| 239 | + /* Truncate the temporary list now that its idas have been saved. */ |
| 240 | + temp_ida_list.count = 0; |
| 241 | + |
| 242 | + if (!racl->names.count) { |
| 243 | + /* If we received a superfluous mask, throw it away. */ |
| 244 | + if (racl->mask_obj != NO_ENTRY) { |
| 245 | + /* Mask off the group perms with it first. */ |
| 246 | + racl->group_obj &= racl->mask_obj | NO_ENTRY; |
| 247 | + racl->mask_obj = NO_ENTRY; |
| 248 | + } |
| 249 | + } else if (racl->mask_obj == NO_ENTRY) /* Must be non-empty with lists. */ |
| 250 | + racl->mask_obj = (computed_mask_bits | racl->group_obj) & 7; |
| 251 | +} |
| 252 | + |
| 253 | +/* Receive the ACL info the sender has included for this file-list entry. */ |
| 254 | +void old_recv_acl(struct file_struct *file, int f) |
| 255 | +{ |
| 256 | + SMB_ACL_TYPE_T type; |
| 257 | + item_list *racl_list; |
| 258 | + |
| 259 | + if (S_ISLNK(file->mode)) |
| 260 | + return; |
| 261 | + |
| 262 | + type = SMB_ACL_TYPE_ACCESS; |
| 263 | + racl_list = &access_acl_list; |
| 264 | + do { |
| 265 | + char tag = read_byte(f); |
| 266 | + int ndx; |
| 267 | + |
| 268 | + if (tag == 'A' || tag == 'a') { |
| 269 | + if (type != SMB_ACL_TYPE_ACCESS) { |
| 270 | + rprintf(FERROR, "receive_acl %s: duplicate access ACL\n", |
| 271 | + f_name(file, NULL)); |
| 272 | + exit_cleanup(RERR_STREAMIO); |
| 273 | + } |
| 274 | + } else if (tag == 'D' || tag == 'd') { |
| 275 | + if (type == SMB_ACL_TYPE_ACCESS) { |
| 276 | + rprintf(FERROR, "receive_acl %s: expecting access ACL; got default\n", |
| 277 | + f_name(file, NULL)); |
| 278 | + exit_cleanup(RERR_STREAMIO); |
| 279 | + } |
| 280 | + } else { |
| 281 | + rprintf(FERROR, "receive_acl %s: unknown ACL type tag: %c\n", |
| 282 | + f_name(file, NULL), tag); |
| 283 | + exit_cleanup(RERR_STREAMIO); |
| 284 | + } |
| 285 | + if (tag == 'A' || tag == 'D') { |
| 286 | + acl_duo *duo_item; |
| 287 | + ndx = racl_list->count; |
| 288 | + duo_item = EXPAND_ITEM_LIST(racl_list, acl_duo, 1000); |
| 289 | + duo_item->racl = empty_rsync_acl; |
| 290 | + old_recv_rsync_acl(&duo_item->racl, f); |
| 291 | + duo_item->sacl = NULL; |
| 292 | + } else { |
| 293 | + ndx = read_int(f); |
| 294 | + if (ndx < 0 || (size_t)ndx >= racl_list->count) { |
| 295 | + rprintf(FERROR, "receive_acl %s: %s ACL index %d out of range\n", |
| 296 | + f_name(file, NULL), str_acl_type(type), ndx); |
| 297 | + exit_cleanup(RERR_STREAMIO); |
| 298 | + } |
| 299 | + } |
| 300 | + if (type == SMB_ACL_TYPE_ACCESS) |
| 301 | + F_ACL(file) = ndx; |
| 302 | + else |
| 303 | + F_DIR_DEFACL(file) = ndx; |
| 304 | + racl_list = &default_acl_list; |
| 305 | + } while (BUMP_TYPE(type) && S_ISDIR(file->mode)); |
| 306 | +} |
| 307 | + |
| 308 | /* === Receive functions === */ |
| 309 | |
| 310 | static uint32 recv_acl_access(uchar *name_follows_ptr, int f) |
| 311 | @@ -759,6 +1021,11 @@ static int recv_rsync_acl(item_list *rac |
| 312 | /* Receive the ACL info the sender has included for this file-list entry. */ |
| 313 | void receive_acl(struct file_struct *file, int f) |
| 314 | { |
| 315 | + if (protocol_version < 30) { |
| 316 | + old_recv_acl(file, f); |
| 317 | + return; |
| 318 | + } |
| 319 | + |
| 320 | F_ACL(file) = recv_rsync_acl(&access_acl_list, SMB_ACL_TYPE_ACCESS, f); |
| 321 | |
| 322 | if (S_ISDIR(file->mode)) |
| 323 | --- old/compat.c |
| 324 | +++ new/compat.c |
| 325 | @@ -160,13 +160,6 @@ void setup_protocol(int f_out,int f_in) |
| 326 | if (protocol_version < 30) { |
| 327 | if (append_mode == 1) |
| 328 | append_mode = 2; |
| 329 | - if (preserve_acls && !local_server) { |
| 330 | - rprintf(FERROR, |
| 331 | - "--acls requires protocol 30 or higher" |
| 332 | - " (negotiated %d).\n", |
| 333 | - protocol_version); |
| 334 | - exit_cleanup(RERR_PROTOCOL); |
| 335 | - } |
| 336 | if (preserve_xattrs && !local_server) { |
| 337 | rprintf(FERROR, |
| 338 | "--xattrs requires protocol 30 or higher" |