*/
#include "rsync.h"
-/****************************************************************************
-Set a fd into nonblocking mode. Uses POSIX O_NONBLOCK if available,
-else
-if SYSV use O_NDELAY
-if BSD use FNDELAY
-****************************************************************************/
-int set_nonblocking(int fd)
-{
- int val;
-#ifdef O_NONBLOCK
-#define FLAG_TO_SET O_NONBLOCK
-#else
-#ifdef SYSV
-#define FLAG_TO_SET O_NDELAY
-#else /* BSD */
-#define FLAG_TO_SET FNDELAY
-#endif
-#endif
-
- if((val = fcntl(fd, F_GETFL, 0)) == -1)
- return -1;
- val |= FLAG_TO_SET;
- return fcntl( fd, F_SETFL, val);
-#undef FLAG_TO_SET
-}
-
+extern int verbose;
/* this is taken from CVS */
int piped_child(char **command,int *f_in,int *f_out)
*f_in = from_child_pipe[0];
*f_out = to_child_pipe[1];
- set_nonblocking(*f_in);
- set_nonblocking(*f_out);
-
return pid;
}
char buf[1024 * 8];
int len; /* Number of bytes read into `buf'. */
- ifd = open(source, O_RDONLY);
+ ifd = do_open(source, O_RDONLY, 0);
if (ifd == -1) {
rprintf(FERROR,"open %s: %s\n",
source,strerror(errno));
return -1;
}
- if (do_unlink(dest) && errno != ENOENT) {
+ if (robust_unlink(dest) && errno != ENOENT) {
rprintf(FERROR,"unlink %s: %s\n",
dest,strerror(errno));
return -1;
return 0;
}
+/*
+ Robust unlink: some OS'es (HPUX) refuse to unlink busy files, so
+ rename to <path>/.rsyncNNN instead. Note that successive rsync runs
+ will shuffle the filenames around a bit as long as the file is still
+ busy; this is because this function does not know if the unlink call
+ is due to a new file coming in, or --delete trying to remove old
+ .rsyncNNN files, hence it renames it each time.
+*/
+/* MAX_RENAMES should be 10**MAX_RENAMES_DIGITS */
+#define MAX_RENAMES_DIGITS 3
+#define MAX_RENAMES 1000
+
+int robust_unlink(char *fname)
+{
+#ifndef ETXTBSY
+ return do_unlink(fname);
+#else
+ static int counter = 1;
+ int rc, pos, start;
+ char path[MAXPATHLEN];
+
+ rc = do_unlink(fname);
+ if ((rc == 0) || (errno != ETXTBSY))
+ return rc;
+
+ strlcpy(path, fname, MAXPATHLEN);
+
+ pos = strlen(path);
+ while((path[--pos] != '/') && (pos >= 0))
+ ;
+ ++pos;
+ strlcpy(&path[pos], ".rsync", MAXPATHLEN-pos);
+ pos += sizeof(".rsync")-1;
+
+ if (pos > (MAXPATHLEN-MAX_RENAMES_DIGITS-1)) {
+ errno = ETXTBSY;
+ return -1;
+ }
+
+ /* start where the last one left off to reduce chance of clashes */
+ start = counter;
+ do {
+ sprintf(&path[pos], "%03d", counter);
+ if (++counter >= MAX_RENAMES)
+ counter = 1;
+ } while (((rc = access(path, 0)) == 0) && (counter != start));
+
+ if (verbose > 0)
+ rprintf(FINFO,"renaming %s to %s because of text busy\n",
+ fname, path);
+
+ /* maybe we should return rename()'s exit status? Nah. */
+ if (do_rename(fname, path) != 0) {
+ errno = ETXTBSY;
+ return -1;
+ }
+ return 0;
+#endif
+}
+
+int robust_rename(char *from, char *to)
+{
+#ifndef ETXTBSY
+ return do_rename(from, to);
+#else
+ int rc = do_rename(from, to);
+ if ((rc == 0) || (errno != ETXTBSY))
+ return rc;
+ if (robust_unlink(to) != 0)
+ return -1;
+ return do_rename(from, to);
+#endif
+ }
+
+
/* sleep for a while via select */
void u_sleep(int usec)
{
}
-static void glob_expand_one(char *s, char **argv, int *argc, int maxargs, int sanitize_paths)
+static void glob_expand_one(char *s, char **argv, int *argc, int maxargs)
{
#if !(defined(HAVE_GLOB) && defined(HAVE_GLOB_H))
if (!*s) s = ".";
(*argc)++;
return;
#else
+ extern int sanitize_paths;
glob_t globbuf;
int i;
if (!*s) s = ".";
- s = strdup(s);
- sanitize_path(s);
- argv[*argc] = s;
+ argv[*argc] = strdup(s);
+ if (sanitize_paths) {
+ sanitize_path(argv[*argc], NULL);
+ }
memset(&globbuf, 0, sizeof(globbuf));
glob(argv[*argc], 0, NULL, &globbuf);
#endif
}
-void glob_expand(char *base1, char **argv, int *argc, int maxargs, int sanitize_paths)
+void glob_expand(char *base1, char **argv, int *argc, int maxargs)
{
char *s = argv[*argc];
char *p, *q;
while ((p = strstr(q,base)) && ((*argc) < maxargs)) {
/* split it at this point */
*p = 0;
- glob_expand_one(q, argv, argc, maxargs, sanitize_paths);
+ glob_expand_one(q, argv, argc, maxargs);
q = p+strlen(base);
}
- if (*q && (*argc < maxargs)) glob_expand_one(q, argv, argc, maxargs, sanitize_paths);
+ if (*q && (*argc < maxargs)) glob_expand_one(q, argv, argc, maxargs);
free(s);
free(base);
/*
* Make path appear as if a chroot had occurred:
* 1. remove leading "/" (or replace with "." if at end)
- * 2. remove leading ".." components
+ * 2. remove leading ".." components (except those allowed by "reldir")
* 3. delete any other "<dir>/.." (recursively)
+ * Can only shrink paths, so sanitizes in place.
* While we're at it, remove double slashes and "." components like
* clean_fname does(), but DON'T remove a trailing slash because that
* is sometimes significant on command line arguments.
- * Can only shrink paths, so sanitizes in place.
+ * If "reldir" is non-null, it is a sanitized directory that the path will be
+ * relative to, so allow as many ".." at the beginning of the path as
+ * there are components in reldir. This is used for symbolic link targets.
+ * If reldir is non-null and the path began with "/", to be completely like
+ * a chroot we should add in depth levels of ".." at the beginning of the
+ * path, but that would blow the assumption that the path doesn't grow and
+ * it is not likely to end up being a valid symlink anyway, so just do
+ * the normal removal of the leading "/" instead.
* Contributed by Dave Dykstra <dwd@bell-labs.com>
*/
-void sanitize_path(char *p)
+void sanitize_path(char *p, char *reldir)
{
char *start, *sanp;
+ int depth = 0;
+ int allowdotdot = 0;
+ if (reldir) {
+ depth++;
+ while (*reldir) {
+ if (*reldir++ == '/') {
+ depth++;
+ }
+ }
+ }
start = p;
sanp = p;
while (*p == '/') {
/* skip following slashes */
;
}
- } else if ((*p == '.') && (*(p+1) == '.') &&
+ continue;
+ }
+ allowdotdot = 0;
+ if ((*p == '.') && (*(p+1) == '.') &&
((*(p+2) == '/') || (*(p+2) == '\0'))) {
- /* skip ".." component followed by slash or end */
- p += 2;
- if (*p == '/')
- p++;
- if (sanp != start) {
- /* back up sanp one level */
- --sanp; /* now pointing at slash */
- while ((sanp > start) && (*(sanp - 1) != '/')) {
- /* skip back up to slash */
- sanp--;
+ /* ".." component followed by slash or end */
+ if ((depth > 0) && (sanp == start)) {
+ /* allow depth levels of .. at the beginning */
+ --depth;
+ allowdotdot = 1;
+ } else {
+ p += 2;
+ if (*p == '/')
+ p++;
+ if (sanp != start) {
+ /* back up sanp one level */
+ --sanp; /* now pointing at slash */
+ while ((sanp > start) && (*(sanp - 1) != '/')) {
+ /* skip back up to slash */
+ sanp--;
+ }
}
+ continue;
}
- } else {
- while (1) {
- /* copy one component through next slash */
- *sanp++ = *p++;
- if ((*p == '\0') || (*(p-1) == '/')) {
- while (*p == '/') {
- /* skip multiple slashes */
- p++;
- }
- break;
+ }
+ while (1) {
+ /* copy one component through next slash */
+ *sanp++ = *p++;
+ if ((*p == '\0') || (*(p-1) == '/')) {
+ while (*p == '/') {
+ /* skip multiple slashes */
+ p++;
}
+ break;
}
}
+ if (allowdotdot) {
+ /* move the virtual beginning to leave the .. alone */
+ start = sanp;
+ }
}
- if (sanp == start) {
+ if ((sanp == start) && !allowdotdot) {
/* ended up with nothing, so put in "." component */
+ /*
+ * note that the !allowdotdot doesn't prevent this from
+ * happening in all allowed ".." situations, but I didn't
+ * think it was worth putting in an extra variable to ensure
+ * it since an extra "." won't hurt in those situations.
+ */
*sanp++ = '.';
}
*sanp = '\0';