Matt McCutchen's Web Site / rsync / rsync.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Got rid of calls to the (soon to vanish) safe_fname() function.
[rsync/rsync.git] / util.c
... / ...
CommitLineData
1/* -*- c-file-style: "linux" -*-
2 *
3 * Copyright (C) 1996-2000 by Andrew Tridgell
4 * Copyright (C) Paul Mackerras 1996
5 * Copyright (C) 2001, 2002 by Martin Pool <mbp@samba.org>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22/**
23 * @file
24 *
25 * Utilities used in rsync
26 **/
27
28#include "rsync.h"
29
30extern int verbose;
31extern int dry_run;
32extern int module_id;
33extern int modify_window;
34extern int relative_paths;
35extern int human_readable;
36extern char *partial_dir;
37extern struct filter_list_struct server_filter_list;
38
39int sanitize_paths = 0;
40
41
42
43/**
44 * Set a fd into nonblocking mode
45 **/
46void set_nonblocking(int fd)
47{
48 int val;
49
50 if ((val = fcntl(fd, F_GETFL, 0)) == -1)
51 return;
52 if (!(val & NONBLOCK_FLAG)) {
53 val |= NONBLOCK_FLAG;
54 fcntl(fd, F_SETFL, val);
55 }
56}
57
58/**
59 * Set a fd into blocking mode
60 **/
61void set_blocking(int fd)
62{
63 int val;
64
65 if ((val = fcntl(fd, F_GETFL, 0)) == -1)
66 return;
67 if (val & NONBLOCK_FLAG) {
68 val &= ~NONBLOCK_FLAG;
69 fcntl(fd, F_SETFL, val);
70 }
71}
72
73
74/**
75 * Create a file descriptor pair - like pipe() but use socketpair if
76 * possible (because of blocking issues on pipes).
77 *
78 * Always set non-blocking.
79 */
80int fd_pair(int fd[2])
81{
82 int ret;
83
84#ifdef HAVE_SOCKETPAIR
85 ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd);
86#else
87 ret = pipe(fd);
88#endif
89
90 if (ret == 0) {
91 set_nonblocking(fd[0]);
92 set_nonblocking(fd[1]);
93 }
94
95 return ret;
96}
97
98
99void print_child_argv(char **cmd)
100{
101 rprintf(FINFO, "opening connection using ");
102 for (; *cmd; cmd++) {
103 /* Look for characters that ought to be quoted. This
104 * is not a great quoting algorithm, but it's
105 * sufficient for a log message. */
106 if (strspn(*cmd, "abcdefghijklmnopqrstuvwxyz"
107 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
108 "0123456789"
109 ",.-_=+@/") != strlen(*cmd)) {
110 rprintf(FINFO, "\"%s\" ", safe_fname(*cmd));
111 } else {
112 rprintf(FINFO, "%s ", safe_fname(*cmd));
113 }
114 }
115 rprintf(FINFO, "\n");
116}
117
118
119void out_of_memory(char *str)
120{
121 rprintf(FERROR, "ERROR: out of memory in %s\n", str);
122 exit_cleanup(RERR_MALLOC);
123}
124
125void overflow_exit(char *str)
126{
127 rprintf(FERROR, "ERROR: buffer overflow in %s\n", str);
128 exit_cleanup(RERR_MALLOC);
129}
130
131
132
133int set_modtime(char *fname, time_t modtime, mode_t mode)
134{
135#if !defined HAVE_LUTIMES || !defined HAVE_UTIMES
136 if (S_ISLNK(mode))
137 return 1;
138#endif
139
140 if (verbose > 2) {
141 rprintf(FINFO, "set modtime of %s to (%ld) %s",
142 safe_fname(fname), (long)modtime,
143 asctime(localtime(&modtime)));
144 }
145
146 if (dry_run)
147 return 0;
148
149 {
150#ifdef HAVE_UTIMES
151 struct timeval t[2];
152 t[0].tv_sec = time(NULL);
153 t[0].tv_usec = 0;
154 t[1].tv_sec = modtime;
155 t[1].tv_usec = 0;
156# ifdef HAVE_LUTIMES
157 if (S_ISLNK(mode))
158 return lutimes(fname, t);
159# endif
160 return utimes(fname, t);
161#elif defined HAVE_UTIMBUF
162 struct utimbuf tbuf;
163 tbuf.actime = time(NULL);
164 tbuf.modtime = modtime;
165 return utime(fname,&tbuf);
166#elif defined HAVE_UTIME
167 time_t t[2];
168 t[0] = time(NULL);
169 t[1] = modtime;
170 return utime(fname,t);
171#else
172#error No file-time-modification routine found!
173#endif
174 }
175}
176
177
178/**
179 Create any necessary directories in fname. Unfortunately we don't know
180 what perms to give the directory when this is called so we need to rely
181 on the umask
182**/
183int create_directory_path(char *fname, int base_umask)
184{
185 char *p;
186
187 while (*fname == '/')
188 fname++;
189 while (strncmp(fname, "./", 2) == 0)
190 fname += 2;
191
192 p = fname;
193 while ((p = strchr(p,'/')) != NULL) {
194 *p = 0;
195 do_mkdir(fname, 0777 & ~base_umask);
196 *p = '/';
197 p++;
198 }
199 return 0;
200}
201
202
203/**
204 * Write @p len bytes at @p ptr to descriptor @p desc, retrying if
205 * interrupted.
206 *
207 * @retval len upon success
208 *
209 * @retval <0 write's (negative) error code
210 *
211 * Derived from GNU C's cccp.c.
212 */
213int full_write(int desc, char *ptr, size_t len)
214{
215 int total_written;
216
217 total_written = 0;
218 while (len > 0) {
219 int written = write(desc, ptr, len);
220 if (written < 0) {
221 if (errno == EINTR)
222 continue;
223 return written;
224 }
225 total_written += written;
226 ptr += written;
227 len -= written;
228 }
229 return total_written;
230}
231
232
233/**
234 * Read @p len bytes at @p ptr from descriptor @p desc, retrying if
235 * interrupted.
236 *
237 * @retval >0 the actual number of bytes read
238 *
239 * @retval 0 for EOF
240 *
241 * @retval <0 for an error.
242 *
243 * Derived from GNU C's cccp.c. */
244static int safe_read(int desc, char *ptr, size_t len)
245{
246 int n_chars;
247
248 if (len == 0)
249 return len;
250
251 do {
252 n_chars = read(desc, ptr, len);
253 } while (n_chars < 0 && errno == EINTR);
254
255 return n_chars;
256}
257
258
259/** Copy a file.
260 *
261 * This is used in conjunction with the --temp-dir, --backup, and
262 * --copy-dest options. */
263int copy_file(char *source, char *dest, mode_t mode)
264{
265 int ifd;
266 int ofd;
267 char buf[1024 * 8];
268 int len; /* Number of bytes read into `buf'. */
269
270 ifd = do_open(source, O_RDONLY, 0);
271 if (ifd == -1) {
272 rsyserr(FERROR, errno, "open %s", full_fname(source));
273 return -1;
274 }
275
276 if (robust_unlink(dest) && errno != ENOENT) {
277 rsyserr(FERROR, errno, "unlink %s", full_fname(dest));
278 return -1;
279 }
280
281 ofd = do_open(dest, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL, mode);
282 if (ofd == -1) {
283 rsyserr(FERROR, errno, "open %s", full_fname(dest));
284 close(ifd);
285 return -1;
286 }
287
288 while ((len = safe_read(ifd, buf, sizeof buf)) > 0) {
289 if (full_write(ofd, buf, len) < 0) {
290 rsyserr(FERROR, errno, "write %s", full_fname(dest));
291 close(ifd);
292 close(ofd);
293 return -1;
294 }
295 }
296
297 if (len < 0) {
298 rsyserr(FERROR, errno, "read %s", full_fname(source));
299 close(ifd);
300 close(ofd);
301 return -1;
302 }
303
304 if (close(ifd) < 0) {
305 rsyserr(FINFO, errno, "close failed on %s",
306 full_fname(source));
307 }
308
309 if (close(ofd) < 0) {
310 rsyserr(FERROR, errno, "close failed on %s",
311 full_fname(dest));
312 return -1;
313 }
314
315 return 0;
316}
317
318/* MAX_RENAMES should be 10**MAX_RENAMES_DIGITS */
319#define MAX_RENAMES_DIGITS 3
320#define MAX_RENAMES 1000
321
322/**
323 * Robust unlink: some OS'es (HPUX) refuse to unlink busy files, so
324 * rename to <path>/.rsyncNNN instead.
325 *
326 * Note that successive rsync runs will shuffle the filenames around a
327 * bit as long as the file is still busy; this is because this function
328 * does not know if the unlink call is due to a new file coming in, or
329 * --delete trying to remove old .rsyncNNN files, hence it renames it
330 * each time.
331 **/
332int robust_unlink(char *fname)
333{
334#ifndef ETXTBSY
335 return do_unlink(fname);
336#else
337 static int counter = 1;
338 int rc, pos, start;
339 char path[MAXPATHLEN];
340
341 rc = do_unlink(fname);
342 if (rc == 0 || errno != ETXTBSY)
343 return rc;
344
345 if ((pos = strlcpy(path, fname, MAXPATHLEN)) >= MAXPATHLEN)
346 pos = MAXPATHLEN - 1;
347
348 while (pos > 0 && path[pos-1] != '/')
349 pos--;
350 pos += strlcpy(path+pos, ".rsync", MAXPATHLEN-pos);
351
352 if (pos > (MAXPATHLEN-MAX_RENAMES_DIGITS-1)) {
353 errno = ETXTBSY;
354 return -1;
355 }
356
357 /* start where the last one left off to reduce chance of clashes */
358 start = counter;
359 do {
360 sprintf(&path[pos], "%03d", counter);
361 if (++counter >= MAX_RENAMES)
362 counter = 1;
363 } while ((rc = access(path, 0)) == 0 && counter != start);
364
365 if (verbose > 0) {
366 rprintf(FINFO,"renaming %s to %s because of text busy\n",
367 safe_fname(fname), safe_fname(path));
368 }
369
370 /* maybe we should return rename()'s exit status? Nah. */
371 if (do_rename(fname, path) != 0) {
372 errno = ETXTBSY;
373 return -1;
374 }
375 return 0;
376#endif
377}
378
379/* Returns 0 on successful rename, 1 if we successfully copied the file
380 * across filesystems, -2 if copy_file() failed, and -1 on other errors. */
381int robust_rename(char *from, char *to, int mode)
382{
383 int tries = 4;
384
385 while (tries--) {
386 if (do_rename(from, to) == 0)
387 return 0;
388
389 switch (errno) {
390#ifdef ETXTBSY
391 case ETXTBSY:
392 if (robust_unlink(to) != 0)
393 return -1;
394 break;
395#endif
396 case EXDEV:
397 if (copy_file(from, to, mode) != 0)
398 return -2;
399 do_unlink(from);
400 return 1;
401 default:
402 return -1;
403 }
404 }
405 return -1;
406}
407
408
409static pid_t all_pids[10];
410static int num_pids;
411
412/** Fork and record the pid of the child. **/
413pid_t do_fork(void)
414{
415 pid_t newpid = fork();
416
417 if (newpid != 0 && newpid != -1) {
418 all_pids[num_pids++] = newpid;
419 }
420 return newpid;
421}
422
423/**
424 * Kill all children.
425 *
426 * @todo It would be kind of nice to make sure that they are actually
427 * all our children before we kill them, because their pids may have
428 * been recycled by some other process. Perhaps when we wait for a
429 * child, we should remove it from this array. Alternatively we could
430 * perhaps use process groups, but I think that would not work on
431 * ancient Unix versions that don't support them.
432 **/
433void kill_all(int sig)
434{
435 int i;
436
437 for (i = 0; i < num_pids; i++) {
438 /* Let's just be a little careful where we
439 * point that gun, hey? See kill(2) for the
440 * magic caused by negative values. */
441 pid_t p = all_pids[i];
442
443 if (p == getpid())
444 continue;
445 if (p <= 0)
446 continue;
447
448 kill(p, sig);
449 }
450}
451
452
453/** Turn a user name into a uid */
454int name_to_uid(char *name, uid_t *uid)
455{
456 struct passwd *pass;
457 if (!name || !*name)
458 return 0;
459 pass = getpwnam(name);
460 if (pass) {
461 *uid = pass->pw_uid;
462 return 1;
463 }
464 return 0;
465}
466
467/** Turn a group name into a gid */
468int name_to_gid(char *name, gid_t *gid)
469{
470 struct group *grp;
471 if (!name || !*name)
472 return 0;
473 grp = getgrnam(name);
474 if (grp) {
475 *gid = grp->gr_gid;
476 return 1;
477 }
478 return 0;
479}
480
481
482/** Lock a byte range in a open file */
483int lock_range(int fd, int offset, int len)
484{
485 struct flock lock;
486
487 lock.l_type = F_WRLCK;
488 lock.l_whence = SEEK_SET;
489 lock.l_start = offset;
490 lock.l_len = len;
491 lock.l_pid = 0;
492
493 return fcntl(fd,F_SETLK,&lock) == 0;
494}
495
496static int filter_server_path(char *arg)
497{
498 char *s;
499
500 if (server_filter_list.head) {
501 for (s = arg; (s = strchr(s, '/')) != NULL; ) {
502 *s = '\0';
503 if (check_filter(&server_filter_list, arg, 1) < 0) {
504 /* We must leave arg truncated! */
505 return 1;
506 }
507 *s++ = '/';
508 }
509 }
510 return 0;
511}
512
513static void glob_expand_one(char *s, char ***argv_ptr, int *argc_ptr,
514 int *maxargs_ptr)
515{
516 char **argv = *argv_ptr;
517 int argc = *argc_ptr;
518 int maxargs = *maxargs_ptr;
519#if !defined HAVE_GLOB || !defined HAVE_GLOB_H
520 if (argc == maxargs) {
521 maxargs += MAX_ARGS;
522 if (!(argv = realloc_array(argv, char *, maxargs)))
523 out_of_memory("glob_expand_one");
524 *argv_ptr = argv;
525 *maxargs_ptr = maxargs;
526 }
527 if (!*s)
528 s = ".";
529 s = argv[argc++] = strdup(s);
530 filter_server_path(s);
531#else
532 glob_t globbuf;
533
534 if (maxargs <= argc)
535 return;
536 if (!*s)
537 s = ".";
538
539 if (sanitize_paths)
540 s = sanitize_path(NULL, s, "", 0);
541 else
542 s = strdup(s);
543
544 memset(&globbuf, 0, sizeof globbuf);
545 if (!filter_server_path(s))
546 glob(s, 0, NULL, &globbuf);
547 if (MAX((int)globbuf.gl_pathc, 1) > maxargs - argc) {
548 maxargs += globbuf.gl_pathc + MAX_ARGS;
549 if (!(argv = realloc_array(argv, char *, maxargs)))
550 out_of_memory("glob_expand_one");
551 *argv_ptr = argv;
552 *maxargs_ptr = maxargs;
553 }
554 if (globbuf.gl_pathc == 0)
555 argv[argc++] = s;
556 else {
557 int i;
558 free(s);
559 for (i = 0; i < (int)globbuf.gl_pathc; i++) {
560 if (!(argv[argc++] = strdup(globbuf.gl_pathv[i])))
561 out_of_memory("glob_expand_one");
562 }
563 }
564 globfree(&globbuf);
565#endif
566 *argc_ptr = argc;
567}
568
569/* This routine is only used in daemon mode. */
570void glob_expand(char *base1, char ***argv_ptr, int *argc_ptr, int *maxargs_ptr)
571{
572 char *s = (*argv_ptr)[*argc_ptr];
573 char *p, *q;
574 char *base = base1;
575 int base_len = strlen(base);
576
577 if (!s || !*s)
578 return;
579
580 if (strncmp(s, base, base_len) == 0)
581 s += base_len;
582
583 if (!(s = strdup(s)))
584 out_of_memory("glob_expand");
585
586 if (asprintf(&base," %s/", base1) <= 0)
587 out_of_memory("glob_expand");
588 base_len++;
589
590 for (q = s; *q; q = p + base_len) {
591 if ((p = strstr(q, base)) != NULL)
592 *p = '\0'; /* split it at this point */
593 glob_expand_one(q, argv_ptr, argc_ptr, maxargs_ptr);
594 if (!p)
595 break;
596 }
597
598 free(s);
599 free(base);
600}
601
602/**
603 * Convert a string to lower case
604 **/
605void strlower(char *s)
606{
607 while (*s) {
608 if (isupper(*(unsigned char *)s))
609 *s = tolower(*(unsigned char *)s);
610 s++;
611 }
612}
613
614/* Join strings p1 & p2 into "dest" with a guaranteed '/' between them. (If
615 * p1 ends with a '/', no extra '/' is inserted.) Returns the length of both
616 * strings + 1 (if '/' was inserted), regardless of whether the null-terminated
617 * string fits into destsize. */
618size_t pathjoin(char *dest, size_t destsize, const char *p1, const char *p2)
619{
620 size_t len = strlcpy(dest, p1, destsize);
621 if (len < destsize - 1) {
622 if (!len || dest[len-1] != '/')
623 dest[len++] = '/';
624 if (len < destsize - 1)
625 len += strlcpy(dest + len, p2, destsize - len);
626 else {
627 dest[len] = '\0';
628 len += strlen(p2);
629 }
630 }
631 else
632 len += strlen(p2) + 1; /* Assume we'd insert a '/'. */
633 return len;
634}
635
636/* Join any number of strings together, putting them in "dest". The return
637 * value is the length of all the strings, regardless of whether the null-
638 * terminated whole fits in destsize. Your list of string pointers must end
639 * with a NULL to indicate the end of the list. */
640size_t stringjoin(char *dest, size_t destsize, ...)
641{
642 va_list ap;
643 size_t len, ret = 0;
644 const char *src;
645
646 va_start(ap, destsize);
647 while (1) {
648 if (!(src = va_arg(ap, const char *)))
649 break;
650 len = strlen(src);
651 ret += len;
652 if (destsize > 1) {
653 if (len >= destsize)
654 len = destsize - 1;
655 memcpy(dest, src, len);
656 destsize -= len;
657 dest += len;
658 }
659 }
660 *dest = '\0';
661 va_end(ap);
662
663 return ret;
664}
665
666int count_dir_elements(const char *p)
667{
668 int cnt = 0, new_component = 1;
669 while (*p) {
670 if (*p++ == '/')
671 new_component = 1;
672 else if (new_component) {
673 new_component = 0;
674 cnt++;
675 }
676 }
677 return cnt;
678}
679
680/* Turns multiple adjacent slashes into a single slash, gets rid of "./"
681 * elements (but not a trailing dot dir), removes a trailing slash, and
682 * optionally collapses ".." elements (except for those at the start of the
683 * string). If the resulting name would be empty, change it into a ".". */
684unsigned int clean_fname(char *name, BOOL collapse_dot_dot)
685{
686 char *limit = name - 1, *t = name, *f = name;
687 int anchored;
688
689 if (!name)
690 return 0;
691
692 if ((anchored = *f == '/') != 0)
693 *t++ = *f++;
694 while (*f) {
695 /* discard extra slashes */
696 if (*f == '/') {
697 f++;
698 continue;
699 }
700 if (*f == '.') {
701 /* discard "." dirs (but NOT a trailing '.'!) */
702 if (f[1] == '/') {
703 f += 2;
704 continue;
705 }
706 /* collapse ".." dirs */
707 if (collapse_dot_dot
708 && f[1] == '.' && (f[2] == '/' || !f[2])) {
709 char *s = t - 1;
710 if (s == name && anchored) {
711 f += 2;
712 continue;
713 }
714 while (s > limit && *--s != '/') {}
715 if (s != t - 1 && (s < name || *s == '/')) {
716 t = s + 1;
717 f += 2;
718 continue;
719 }
720 limit = t + 2;
721 }
722 }
723 while (*f && (*t++ = *f++) != '/') {}
724 }
725
726 if (t > name+anchored && t[-1] == '/')
727 t--;
728 if (t == name)
729 *t++ = '.';
730 *t = '\0';
731
732 return t - name;
733}
734
735/* Make path appear as if a chroot had occurred. This handles a leading
736 * "/" (either removing it or expanding it) and any leading or embedded
737 * ".." components that attempt to escape past the module's top dir.
738 *
739 * If dest is NULL, a buffer is allocated to hold the result. It is legal
740 * to call with the dest and the path (p) pointing to the same buffer, but
741 * rootdir will be ignored to avoid expansion of the string.
742 *
743 * The rootdir string contains a value to use in place of a leading slash.
744 * Specify NULL to get the default of lp_path(module_id).
745 *
746 * If depth is >= 0, it is a count of how many '..'s to allow at the start
747 * of the path. Use -1 to allow unlimited depth.
748 *
749 * We also clean the path in a manner similar to clean_fname() but with a
750 * few differences:
751 *
752 * Turns multiple adjacent slashes into a single slash, gets rid of "." dir
753 * elements (INCLUDING a trailing dot dir), PRESERVES a trailing slash, and
754 * ALWAYS collapses ".." elements (except for those at the start of the
755 * string up to "depth" deep). If the resulting name would be empty,
756 * change it into a ".". */
757char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth)
758{
759 char *start, *sanp;
760 int rlen = 0, leave_one_dotdir = relative_paths;
761
762 if (dest != p) {
763 int plen = strlen(p);
764 if (*p == '/') {
765 if (!rootdir)
766 rootdir = lp_path(module_id);
767 rlen = strlen(rootdir);
768 depth = 0;
769 p++;
770 }
771 if (dest) {
772 if (rlen + plen + 1 >= MAXPATHLEN)
773 return NULL;
774 } else if (!(dest = new_array(char, rlen + plen + 1)))
775 out_of_memory("sanitize_path");
776 if (rlen) {
777 memcpy(dest, rootdir, rlen);
778 if (rlen > 1)
779 dest[rlen++] = '/';
780 }
781 }
782
783 start = sanp = dest + rlen;
784 while (*p != '\0') {
785 /* discard leading or extra slashes */
786 if (*p == '/') {
787 p++;
788 continue;
789 }
790 /* this loop iterates once per filename component in p.
791 * both p (and sanp if the original had a slash) should
792 * always be left pointing after a slash
793 */
794 if (*p == '.' && (p[1] == '/' || p[1] == '\0')) {
795 if (leave_one_dotdir && p[1])
796 leave_one_dotdir = 0;
797 else {
798 /* skip "." component */
799 p++;
800 continue;
801 }
802 }
803 if (*p == '.' && p[1] == '.' && (p[2] == '/' || p[2] == '\0')) {
804 /* ".." component followed by slash or end */
805 if (depth <= 0 || sanp != start) {
806 p += 2;
807 if (sanp != start) {
808 /* back up sanp one level */
809 --sanp; /* now pointing at slash */
810 while (sanp > start && sanp[-1] != '/') {
811 /* skip back up to slash */
812 sanp--;
813 }
814 }
815 continue;
816 }
817 /* allow depth levels of .. at the beginning */
818 depth--;
819 /* move the virtual beginning to leave the .. alone */
820 start = sanp + 3;
821 }
822 /* copy one component through next slash */
823 while (*p && (*sanp++ = *p++) != '/') {}
824 }
825 if (sanp == dest) {
826 /* ended up with nothing, so put in "." component */
827 *sanp++ = '.';
828 }
829 *sanp = '\0';
830
831 return dest;
832}
833
834char curr_dir[MAXPATHLEN];
835unsigned int curr_dir_len;
836
837/**
838 * Like chdir(), but it keeps track of the current directory (in the
839 * global "curr_dir"), and ensures that the path size doesn't overflow.
840 * Also cleans the path using the clean_fname() function.
841 **/
842int push_dir(char *dir)
843{
844 static int initialised;
845 unsigned int len;
846
847 if (!initialised) {
848 initialised = 1;
849 getcwd(curr_dir, sizeof curr_dir - 1);
850 curr_dir_len = strlen(curr_dir);
851 }
852
853 if (!dir) /* this call was probably just to initialize */
854 return 0;
855
856 len = strlen(dir);
857 if (len == 1 && *dir == '.')
858 return 1;
859
860 if ((*dir == '/' ? len : curr_dir_len + 1 + len) >= sizeof curr_dir)
861 return 0;
862
863 if (chdir(dir))
864 return 0;
865
866 if (*dir == '/') {
867 memcpy(curr_dir, dir, len + 1);
868 curr_dir_len = len;
869 } else {
870 curr_dir[curr_dir_len++] = '/';
871 memcpy(curr_dir + curr_dir_len, dir, len + 1);
872 curr_dir_len += len;
873 }
874
875 curr_dir_len = clean_fname(curr_dir, 1);
876
877 return 1;
878}
879
880/**
881 * Reverse a push_dir() call. You must pass in an absolute path
882 * that was copied from a prior value of "curr_dir".
883 **/
884int pop_dir(char *dir)
885{
886 if (chdir(dir))
887 return 0;
888
889 curr_dir_len = strlcpy(curr_dir, dir, sizeof curr_dir);
890 if (curr_dir_len >= sizeof curr_dir)
891 curr_dir_len = sizeof curr_dir - 1;
892
893 return 1;
894}
895
896/* Return the filename, turning any non-printable characters into escaped
897 * characters (e.g. \n -> \012, \ -> \\). This ensures that outputting it
898 * cannot generate an empty line nor corrupt the screen. This function can
899 * return only MAX_SAFE_NAMES values at a time! The returned value can be
900 * longer than MAXPATHLEN (because we may be trying to output an error about
901 * a too-long filename)! */
902char *safe_fname(const char *fname)
903{
904#define MAX_SAFE_NAMES 4
905 static char fbuf[MAX_SAFE_NAMES][MAXPATHLEN*2];
906 static int ndx = 0;
907 int limit = sizeof fbuf / MAX_SAFE_NAMES - 1;
908 char *t;
909
910 ndx = (ndx + 1) % MAX_SAFE_NAMES;
911 for (t = fbuf[ndx]; *fname; fname++) {
912 if (*fname == '\\') {
913 if ((limit -= 2) < 0)
914 break;
915 *t++ = '\\';
916 *t++ = '\\';
917 } else if (!isprint(*(uchar*)fname)) {
918 if ((limit -= 4) < 0)
919 break;
920 sprintf(t, "\\%03o", *(uchar*)fname);
921 t += 4;
922 } else {
923 if (--limit < 0)
924 break;
925 *t++ = *fname;
926 }
927 }
928 *t = '\0';
929
930 return fbuf[ndx];
931}
932
933/**
934 * Return a quoted string with the full pathname of the indicated filename.
935 * The string " (in MODNAME)" may also be appended. The returned pointer
936 * remains valid until the next time full_fname() is called.
937 **/
938char *full_fname(const char *fn)
939{
940 static char *result = NULL;
941 char *m1, *m2, *m3;
942 char *p1, *p2;
943
944 if (result)
945 free(result);
946
947 fn = safe_fname(fn);
948 if (*fn == '/')
949 p1 = p2 = "";
950 else {
951 p1 = curr_dir;
952 for (p2 = p1; *p2 == '/'; p2++) {}
953 if (*p2)
954 p2 = "/";
955 }
956 if (module_id >= 0) {
957 m1 = " (in ";
958 m2 = lp_name(module_id);
959 m3 = ")";
960 if (p1 == curr_dir) {
961 if (!lp_use_chroot(module_id)) {
962 char *p = lp_path(module_id);
963 if (*p != '/' || p[1])
964 p1 += strlen(p);
965 }
966 }
967 } else
968 m1 = m2 = m3 = "";
969
970 asprintf(&result, "\"%s%s%s\"%s%s%s", p1, p2, fn, m1, m2, m3);
971
972 return result;
973}
974
975static char partial_fname[MAXPATHLEN];
976
977char *partial_dir_fname(const char *fname)
978{
979 char *t = partial_fname;
980 int sz = sizeof partial_fname;
981 const char *fn;
982
983 if ((fn = strrchr(fname, '/')) != NULL) {
984 fn++;
985 if (*partial_dir != '/') {
986 int len = fn - fname;
987 strncpy(t, fname, len); /* safe */
988 t += len;
989 sz -= len;
990 }
991 } else
992 fn = fname;
993 if ((int)pathjoin(t, sz, partial_dir, fn) >= sz)
994 return NULL;
995 if (server_filter_list.head) {
996 static int len;
997 if (!len)
998 len = strlen(partial_dir);
999 t[len] = '\0';
1000 if (check_filter(&server_filter_list, partial_fname, 1) < 0)
1001 return NULL;
1002 t[len] = '/';
1003 if (check_filter(&server_filter_list, partial_fname, 0) < 0)
1004 return NULL;
1005 }
1006
1007 return partial_fname;
1008}
1009
1010/* If no --partial-dir option was specified, we don't need to do anything
1011 * (the partial-dir is essentially '.'), so just return success. */
1012int handle_partial_dir(const char *fname, int create)
1013{
1014 char *fn, *dir;
1015
1016 if (fname != partial_fname)
1017 return 1;
1018 if (!create && *partial_dir == '/')
1019 return 1;
1020 if (!(fn = strrchr(partial_fname, '/')))
1021 return 1;
1022
1023 *fn = '\0';
1024 dir = partial_fname;
1025 if (create) {
1026 STRUCT_STAT st;
1027 int statret = do_lstat(dir, &st);
1028 if (statret == 0 && !S_ISDIR(st.st_mode)) {
1029 if (do_unlink(dir) < 0)
1030 return 0;
1031 statret = -1;
1032 }
1033 if (statret < 0 && do_mkdir(dir, 0700) < 0)
1034 return 0;
1035 } else
1036 do_rmdir(dir);
1037 *fn = '/';
1038
1039 return 1;
1040}
1041
1042/** We need to supply our own strcmp function for file list comparisons
1043 to ensure that signed/unsigned usage is consistent between machines. */
1044int u_strcmp(const char *cs1, const char *cs2)
1045{
1046 const uchar *s1 = (const uchar *)cs1;
1047 const uchar *s2 = (const uchar *)cs2;
1048
1049 while (*s1 && *s2 && (*s1 == *s2)) {
1050 s1++; s2++;
1051 }
1052
1053 return (int)*s1 - (int)*s2;
1054}
1055
1056
1057
1058/**
1059 * Determine if a symlink points outside the current directory tree.
1060 * This is considered "unsafe" because e.g. when mirroring somebody
1061 * else's machine it might allow them to establish a symlink to
1062 * /etc/passwd, and then read it through a web server.
1063 *
1064 * Null symlinks and absolute symlinks are always unsafe.
1065 *
1066 * Basically here we are concerned with symlinks whose target contains
1067 * "..", because this might cause us to walk back up out of the
1068 * transferred directory. We are not allowed to go back up and
1069 * reenter.
1070 *
1071 * @param dest Target of the symlink in question.
1072 *
1073 * @param src Top source directory currently applicable. Basically this
1074 * is the first parameter to rsync in a simple invocation, but it's
1075 * modified by flist.c in slightly complex ways.
1076 *
1077 * @retval True if unsafe
1078 * @retval False is unsafe
1079 *
1080 * @sa t_unsafe.c
1081 **/
1082int unsafe_symlink(const char *dest, const char *src)
1083{
1084 const char *name, *slash;
1085 int depth = 0;
1086
1087 /* all absolute and null symlinks are unsafe */
1088 if (!dest || !*dest || *dest == '/')
1089 return 1;
1090
1091 /* find out what our safety margin is */
1092 for (name = src; (slash = strchr(name, '/')) != 0; name = slash+1) {
1093 if (strncmp(name, "../", 3) == 0) {
1094 depth = 0;
1095 } else if (strncmp(name, "./", 2) == 0) {
1096 /* nothing */
1097 } else {
1098 depth++;
1099 }
1100 }
1101 if (strcmp(name, "..") == 0)
1102 depth = 0;
1103
1104 for (name = dest; (slash = strchr(name, '/')) != 0; name = slash+1) {
1105 if (strncmp(name, "../", 3) == 0) {
1106 /* if at any point we go outside the current directory
1107 then stop - it is unsafe */
1108 if (--depth < 0)
1109 return 1;
1110 } else if (strncmp(name, "./", 2) == 0) {
1111 /* nothing */
1112 } else {
1113 depth++;
1114 }
1115 }
1116 if (strcmp(name, "..") == 0)
1117 depth--;
1118
1119 return (depth < 0);
1120}
1121
1122/* Return the int64 number as a string. If the --human-readable option was
1123 * specified, we may output the number in K, M, or G units. We can return
1124 * up to 4 buffers at a time. */
1125char *human_num(int64 num)
1126{
1127 static char bufs[4][128]; /* more than enough room */
1128 static unsigned int n;
1129 char *s;
1130
1131 n = (n + 1) % (sizeof bufs / sizeof bufs[0]);
1132
1133 if (human_readable) {
1134 char units = '\0';
1135 int mult = human_readable == 1 ? 1024 : 1000;
1136 double dnum = 0;
1137 if (num > mult*mult*mult) {
1138 dnum = (double)num / (mult*mult*mult);
1139 units = 'G';
1140 } else if (num > mult*mult) {
1141 dnum = (double)num / (mult*mult);
1142 units = 'M';
1143 } else if (num > mult) {
1144 dnum = (double)num / mult;
1145 units = 'K';
1146 }
1147 if (units) {
1148 sprintf(bufs[n], "%.2f%c", dnum, units);
1149 return bufs[n];
1150 }
1151 }
1152
1153 s = bufs[n] + sizeof bufs[0] - 1;
1154 *s = '\0';
1155
1156 if (!num)
1157 *--s = '0';
1158 while (num) {
1159 *--s = (num % 10) + '0';
1160 num /= 10;
1161 }
1162 return s;
1163}
1164
1165/* Return the double number as a string. If the --human-readable option was
1166 * specified, we may output the number in K, M, or G units. We use a buffer
1167 * from human_num() to return our result. */
1168char *human_dnum(double dnum, int decimal_digits)
1169{
1170 char *buf = human_num(dnum);
1171 int len = strlen(buf);
1172 if (isdigit(*(uchar*)(buf+len-1))) {
1173 /* There's extra room in buf prior to the start of the num. */
1174 buf -= decimal_digits + 1;
1175 snprintf(buf, len + decimal_digits + 2, "%.*f", decimal_digits, dnum);
1176 }
1177 return buf;
1178}
1179
1180/**
1181 * Return the date and time as a string
1182 **/
1183char *timestring(time_t t)
1184{
1185 static char TimeBuf[200];
1186 struct tm *tm = localtime(&t);
1187
1188#ifdef HAVE_STRFTIME
1189 strftime(TimeBuf, sizeof TimeBuf - 1, "%Y/%m/%d %H:%M:%S", tm);
1190#else
1191 strlcpy(TimeBuf, asctime(tm), sizeof TimeBuf);
1192#endif
1193
1194 if (TimeBuf[strlen(TimeBuf)-1] == '\n') {
1195 TimeBuf[strlen(TimeBuf)-1] = 0;
1196 }
1197
1198 return(TimeBuf);
1199}
1200
1201
1202/**
1203 * Sleep for a specified number of milliseconds.
1204 *
1205 * Always returns TRUE. (In the future it might return FALSE if
1206 * interrupted.)
1207 **/
1208int msleep(int t)
1209{
1210 int tdiff = 0;
1211 struct timeval tval, t1, t2;
1212
1213 gettimeofday(&t1, NULL);
1214
1215 while (tdiff < t) {
1216 tval.tv_sec = (t-tdiff)/1000;
1217 tval.tv_usec = 1000*((t-tdiff)%1000);
1218
1219 errno = 0;
1220 select(0,NULL,NULL, NULL, &tval);
1221
1222 gettimeofday(&t2, NULL);
1223 tdiff = (t2.tv_sec - t1.tv_sec)*1000 +
1224 (t2.tv_usec - t1.tv_usec)/1000;
1225 }
1226
1227 return True;
1228}
1229
1230
1231/**
1232 * Determine if two file modification times are equivalent (either
1233 * exact or in the modification timestamp window established by
1234 * --modify-window).
1235 *
1236 * @retval 0 if the times should be treated as the same
1237 *
1238 * @retval +1 if the first is later
1239 *
1240 * @retval -1 if the 2nd is later
1241 **/
1242int cmp_modtime(time_t file1, time_t file2)
1243{
1244 if (file2 > file1) {
1245 if (file2 - file1 <= modify_window)
1246 return 0;
1247 return -1;
1248 }
1249 if (file1 - file2 <= modify_window)
1250 return 0;
1251 return 1;
1252}
1253
1254
1255#ifdef __INSURE__XX
1256#include <dlfcn.h>
1257
1258/**
1259 This routine is a trick to immediately catch errors when debugging
1260 with insure. A xterm with a gdb is popped up when insure catches
1261 a error. It is Linux specific.
1262**/
1263int _Insure_trap_error(int a1, int a2, int a3, int a4, int a5, int a6)
1264{
1265 static int (*fn)();
1266 int ret;
1267 char *cmd;
1268
1269 asprintf(&cmd, "/usr/X11R6/bin/xterm -display :0 -T Panic -n Panic -e /bin/sh -c 'cat /tmp/ierrs.*.%d ; gdb /proc/%d/exe %d'",
1270 getpid(), getpid(), getpid());
1271
1272 if (!fn) {
1273 static void *h;
1274 h = dlopen("/usr/local/parasoft/insure++lite/lib.linux2/libinsure.so", RTLD_LAZY);
1275 fn = dlsym(h, "_Insure_trap_error");
1276 }
1277
1278 ret = fn(a1, a2, a3, a4, a5, a6);
1279
1280 system(cmd);
1281
1282 free(cmd);
1283
1284 return ret;
1285}
1286#endif
1287
1288
1289#define MALLOC_MAX 0x40000000
1290
1291void *_new_array(unsigned int size, unsigned long num)
1292{
1293 if (num >= MALLOC_MAX/size)
1294 return NULL;
1295 return malloc(size * num);
1296}
1297
1298void *_realloc_array(void *ptr, unsigned int size, unsigned long num)
1299{
1300 if (num >= MALLOC_MAX/size)
1301 return NULL;
1302 /* No realloc should need this, but just in case... */
1303 if (!ptr)
1304 return malloc(size * num);
1305 return realloc(ptr, size * num);
1306}
1307
1308/* Take a filename and filename length and return the most significant
1309 * filename suffix we can find. This ignores suffixes such as "~",
1310 * ".bak", ".orig", ".~1~", etc. */
1311const char *find_filename_suffix(const char *fn, int fn_len, int *len_ptr)
1312{
1313 const char *suf, *s;
1314 BOOL had_tilde;
1315 int s_len;
1316
1317 /* One or more dots at the start aren't a suffix. */
1318 while (fn_len && *fn == '.') fn++, fn_len--;
1319
1320 /* Ignore the ~ in a "foo~" filename. */
1321 if (fn_len > 1 && fn[fn_len-1] == '~')
1322 fn_len--, had_tilde = True;
1323 else
1324 had_tilde = False;
1325
1326 /* Assume we don't find an suffix. */
1327 suf = "";
1328 *len_ptr = 0;
1329
1330 /* Find the last significant suffix. */
1331 for (s = fn + fn_len; fn_len > 1; ) {
1332 while (*--s != '.' && s != fn) {}
1333 if (s == fn)
1334 break;
1335 s_len = fn_len - (s - fn);
1336 fn_len = s - fn;
1337 if (s_len == 4) {
1338 if (strcmp(s+1, "bak") == 0
1339 || strcmp(s+1, "old") == 0)
1340 continue;
1341 } else if (s_len == 5) {
1342 if (strcmp(s+1, "orig") == 0)
1343 continue;
1344 } else if (s_len > 2 && had_tilde
1345 && s[1] == '~' && isdigit(*(uchar*)(s+2)))
1346 continue;
1347 *len_ptr = s_len;
1348 suf = s;
1349 if (s_len == 1)
1350 break;
1351 /* Determine if the suffix is all digits. */
1352 for (s++, s_len--; s_len > 0; s++, s_len--) {
1353 if (!isdigit(*(uchar*)s))
1354 return suf;
1355 }
1356 /* An all-digit suffix may not be that signficant. */
1357 s = suf;
1358 }
1359
1360 return suf;
1361}
1362
1363/* This is an implementation of the Levenshtein distance algorithm. It
1364 * was implemented to avoid needing a two-dimensional matrix (to save
1365 * memory). It was also tweaked to try to factor in the ASCII distance
1366 * between changed characters as a minor distance quantity. The normal
1367 * Levenshtein units of distance (each signifying a single change between
1368 * the two strings) are defined as a "UNIT". */
1369
1370#define UNIT (1 << 16)
1371
1372uint32 fuzzy_distance(const char *s1, int len1, const char *s2, int len2)
1373{
1374 uint32 a[MAXPATHLEN], diag, above, left, diag_inc, above_inc, left_inc;
1375 int32 cost;
1376 int i1, i2;
1377
1378 if (!len1 || !len2) {
1379 if (!len1) {
1380 s1 = s2;
1381 len1 = len2;
1382 }
1383 for (i1 = 0, cost = 0; i1 < len1; i1++)
1384 cost += s1[i1];
1385 return (int32)len1 * UNIT + cost;
1386 }
1387
1388 for (i2 = 0; i2 < len2; i2++)
1389 a[i2] = (i2+1) * UNIT;
1390
1391 for (i1 = 0; i1 < len1; i1++) {
1392 diag = i1 * UNIT;
1393 above = (i1+1) * UNIT;
1394 for (i2 = 0; i2 < len2; i2++) {
1395 left = a[i2];
1396 if ((cost = *((uchar*)s1+i1) - *((uchar*)s2+i2)) != 0) {
1397 if (cost < 0)
1398 cost = UNIT - cost;
1399 else
1400 cost = UNIT + cost;
1401 }
1402 diag_inc = diag + cost;
1403 left_inc = left + UNIT + *((uchar*)s1+i1);
1404 above_inc = above + UNIT + *((uchar*)s2+i2);
1405 a[i2] = above = left < above
1406 ? (left_inc < diag_inc ? left_inc : diag_inc)
1407 : (above_inc < diag_inc ? above_inc : diag_inc);
1408 diag = left;
1409 }
1410 }
1411
1412 return a[len2-1];
1413}
Matt McCutchen's repository for rsync, the fast and versatile remote file copier