+/* Returns 0 on successful rename, 1 if we successfully copied the file
+ * across filesystems, -2 if copy_file() failed, and -1 on other errors.
+ * If partialptr is not NULL and we need to do a copy, copy the file into
+ * the active partial-dir instead of over the destination file. */
+int robust_rename(const char *from, const char *to, const char *partialptr,
+ int mode)
+{
+ int tries = 4;
+
+ while (tries--) {
+ if (do_rename(from, to) == 0)
+ return 0;
+
+ switch (errno) {
+#ifdef ETXTBSY
+ case ETXTBSY:
+ if (robust_unlink(to) != 0) {
+ errno = ETXTBSY;
+ return -1;
+ }
+ errno = ETXTBSY;
+ break;
+#endif
+ case EXDEV:
+ if (partialptr) {
+ if (!handle_partial_dir(partialptr,PDIR_CREATE))
+ return -2;
+ to = partialptr;
+ }
+ if (copy_file(from, to, -1, mode, 0) != 0)
+ return -2;
+ do_unlink(from);
+ return 1;
+ default:
+ return -1;
+ }
+ }
+ return -1;
+}
+
+static pid_t all_pids[10];
+static int num_pids;
+
+/** Fork and record the pid of the child. **/
+pid_t do_fork(void)
+{
+ pid_t newpid = fork();
+
+ if (newpid != 0 && newpid != -1) {
+ all_pids[num_pids++] = newpid;
+ }
+ return newpid;
+}
+
+/**
+ * Kill all children.
+ *
+ * @todo It would be kind of nice to make sure that they are actually
+ * all our children before we kill them, because their pids may have
+ * been recycled by some other process. Perhaps when we wait for a
+ * child, we should remove it from this array. Alternatively we could
+ * perhaps use process groups, but I think that would not work on
+ * ancient Unix versions that don't support them.
+ **/
+void kill_all(int sig)
+{
+ int i;
+
+ for (i = 0; i < num_pids; i++) {
+ /* Let's just be a little careful where we
+ * point that gun, hey? See kill(2) for the
+ * magic caused by negative values. */
+ pid_t p = all_pids[i];
+
+ if (p == getpid())
+ continue;
+ if (p <= 0)
+ continue;
+
+ kill(p, sig);
+ }
+}
+
+/** Turn a user name into a uid */
+int name_to_uid(const char *name, uid_t *uid_p)
+{
+ struct passwd *pass;
+ if (!name || !*name)
+ return 0;
+ if (!(pass = getpwnam(name)))
+ return 0;
+ *uid_p = pass->pw_uid;
+ return 1;
+}
+
+/** Turn a group name into a gid */
+int name_to_gid(const char *name, gid_t *gid_p)
+{
+ struct group *grp;
+ if (!name || !*name)
+ return 0;
+ if (!(grp = getgrnam(name)))
+ return 0;
+ *gid_p = grp->gr_gid;
+ return 1;
+}
+
+/** Lock a byte range in a open file */
+int lock_range(int fd, int offset, int len)
+{
+ struct flock lock;
+
+ lock.l_type = F_WRLCK;
+ lock.l_whence = SEEK_SET;
+ lock.l_start = offset;
+ lock.l_len = len;
+ lock.l_pid = 0;
+
+ return fcntl(fd,F_SETLK,&lock) == 0;
+}
+
+#define ENSURE_MEMSPACE(buf, type, sz, req) \
+ if ((req) > sz && !(buf = realloc_array(buf, type, sz = MAX(sz * 2, req)))) \
+ out_of_memory("glob_expand")
+
+static inline void call_glob_match(const char *name, int len, int from_glob,
+ char *arg, int abpos, int fbpos);
+
+static struct glob_data {
+ char *arg_buf, *filt_buf, **argv;
+ int absize, fbsize, maxargs, argc;
+} glob;
+
+static void glob_match(char *arg, int abpos, int fbpos)
+{
+ int len;
+ char *slash;
+
+ while (*arg == '.' && arg[1] == '/') {
+ if (fbpos < 0) {
+ ENSURE_MEMSPACE(glob.filt_buf, char, glob.fbsize, glob.absize);
+ memcpy(glob.filt_buf, glob.arg_buf, abpos + 1);
+ fbpos = abpos;
+ }
+ ENSURE_MEMSPACE(glob.arg_buf, char, glob.absize, abpos + 3);
+ glob.arg_buf[abpos++] = *arg++;
+ glob.arg_buf[abpos++] = *arg++;
+ glob.arg_buf[abpos] = '\0';
+ }
+ if ((slash = strchr(arg, '/')) != NULL) {
+ *slash = '\0';
+ len = slash - arg;
+ } else
+ len = strlen(arg);
+ if (strpbrk(arg, "*?[")) {
+ struct dirent *di;
+ DIR *d;
+
+ if (!(d = opendir(abpos ? glob.arg_buf : ".")))
+ return;
+ while ((di = readdir(d)) != NULL) {
+ char *dname = d_name(di);
+ if (dname[0] == '.' && (dname[1] == '\0'
+ || (dname[1] == '.' && dname[2] == '\0')))
+ continue;
+ if (!wildmatch(arg, dname))
+ continue;
+ call_glob_match(dname, strlen(dname), 1,
+ slash ? arg + len + 1 : NULL,
+ abpos, fbpos);
+ }
+ closedir(d);
+ } else {
+ call_glob_match(arg, len, 0,
+ slash ? arg + len + 1 : NULL,
+ abpos, fbpos);
+ }
+ if (slash)
+ *slash = '/';
+}
+
+static inline void call_glob_match(const char *name, int len, int from_glob,
+ char *arg, int abpos, int fbpos)
+{
+ char *use_buf;
+
+ ENSURE_MEMSPACE(glob.arg_buf, char, glob.absize, abpos + len + 2);
+ memcpy(glob.arg_buf + abpos, name, len);
+ abpos += len;
+ glob.arg_buf[abpos] = '\0';
+
+ if (fbpos >= 0) {
+ ENSURE_MEMSPACE(glob.filt_buf, char, glob.fbsize, fbpos + len + 2);
+ memcpy(glob.filt_buf + fbpos, name, len);
+ fbpos += len;
+ glob.filt_buf[fbpos] = '\0';
+ use_buf = glob.filt_buf;
+ } else
+ use_buf = glob.arg_buf;
+
+ if (from_glob || (arg && len)) {
+ STRUCT_STAT st;
+ int is_dir;
+
+ if (do_stat(glob.arg_buf, &st) != 0)
+ return;
+ is_dir = S_ISDIR(st.st_mode) != 0;
+ if (arg && !is_dir)
+ return;
+
+ if (daemon_filter_list.head
+ && check_filter(&daemon_filter_list, FLOG, use_buf, is_dir) < 0)
+ return;
+ }
+
+ if (arg) {
+ glob.arg_buf[abpos++] = '/';
+ glob.arg_buf[abpos] = '\0';
+ if (fbpos >= 0) {
+ glob.filt_buf[fbpos++] = '/';
+ glob.filt_buf[fbpos] = '\0';
+ }
+ glob_match(arg, abpos, fbpos);
+ } else {
+ ENSURE_MEMSPACE(glob.argv, char *, glob.maxargs, glob.argc + 1);
+ if (!(glob.argv[glob.argc++] = strdup(glob.arg_buf)))
+ out_of_memory("glob_match");
+ }
+}
+
+/* This routine performs wild-card expansion of the pathname in "arg". Any
+ * daemon-excluded files/dirs will not be matched by the wildcards. Returns 0
+ * if a wild-card string is the only returned item (due to matching nothing). */
+int glob_expand(const char *arg, char ***argv_p, int *argc_p, int *maxargs_p)
+{
+ int ret, save_argc;
+ char *s;
+
+ if (!arg) {
+ if (glob.filt_buf)
+ free(glob.filt_buf);
+ free(glob.arg_buf);
+ memset(&glob, 0, sizeof glob);
+ return -1;
+ }
+
+ if (sanitize_paths)
+ s = sanitize_path(NULL, arg, "", 0, SP_KEEP_DOT_DIRS);
+ else {
+ s = strdup(arg);
+ if (!s)
+ out_of_memory("glob_expand");
+ clean_fname(s, CFN_KEEP_DOT_DIRS
+ | CFN_KEEP_TRAILING_SLASH
+ | CFN_COLLAPSE_DOT_DOT_DIRS);
+ }
+
+ ENSURE_MEMSPACE(glob.arg_buf, char, glob.absize, MAXPATHLEN);
+ *glob.arg_buf = '\0';