X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/279b1c1ebb1ce80d6a3cd24e05738a0374d2f4fd..09e2bbce8a300a65d34d8f74dffbaa34de1955c7:/NEWS diff --git a/NEWS b/NEWS index ed7af040..23238c55 100644 --- a/NEWS +++ b/NEWS @@ -1,186 +1,252 @@ -NEWS for rsync 2.6.1 (UNRELEASED) -Protocol: 27 (unchanged) -Changes since 2.6.0: +NEWS for rsync 2.6.3 (30 Sep 2004) +Protocol: 28 (unchanged) +Changes since 2.6.2: + + SECURITY FIXES: + + - A bug in the sanitize_path routine (which affects a non-chrooted + rsync daemon) could allow a user to craft a pathname that would get + transformed into an absolute path for certain options (but not for + file-transfer names). If you're running an rsync daemon with chroot + disabled, *please upgrade*, ESPECIALLY if the user privs you run + rsync under is anything above "nobody". + + OUTPUT CHANGES (ATTN: those using a script to parse the verbose output): + + - Please note that the 2-line footer (output when verbose) now uses the + term "sent" instead of "wrote" and "received" instead of "read". If + you are not parsing the numeric values out of this footer, a script + would be better off using the empty line prior to the footer as the + indicator that the verbose output is over. + + - The output from the --stats option was similarly affected to change + "written" to "sent" and "read" to "received". - ENHANCEMENTS: + - Rsync ensures that a filename that contains a newline gets mentioned + with each newline transformed into a question mark (which prevents a + filename from causing an empty line to be output). - * The RSYNC_PROXY environment variable can now contain a - "USER:PASS@" prefix before the "HOST:PORT" information. - (Bardur Arantsson) + - The "backed up ..." message that is output when at least 2 --verbose + options are specified is now the same both with and without the + --backup-dir option. BUG FIXES: - * The --link-dest code now works properly for a non-root user - when the UIDs of the source and destination differ and -u was - specified, and when the group of the source can't be used on - the destination and -g was specified. (Wayne Davison) + - Fixed a crash bug that might appear when --delete was used and + multiple source directories were specified. - * Fixed a bug in the handling of -H (hard-links) that might - cause the expanded PATH/NAME value of the current item to - get overwritten (due to an expanded-name caching bug). - (Wayne Davison) - - * Keep per-file track of the sending of literal data with - --partial so that an interrupted transfer doesn't keep a - shorter temp file when no new data has been transfered over - the wire. + - Fixed a 32-bit truncation of the file length when generating the + checksums. - * Fixed a byte-order problem in --batch-mode on big-endian - machines. (Jay Fenlason) + - The --backup code no longer attempts to create some directories + over and over again (generating warnings along the way). - INTERNAL: + - Fixed a bug in the reading of the secrets file (by the daemon) and + the password file (by the client): the files no longer need to be + terminated by a newline for their content to be read in. - * Most of the I/O is now buffered, which results in a pretty - large speedup when running under MS Windows. (Craig Barratt) + - If a file has a read error on the sending side or the reconstructed + data doesn't match the expected checksum (perhaps due to the basis + file changing during the transfer), the receiver will no longer + retain the resulting file unless the --partial option was specified. + (Note: for the read-error detection to work, neither side can be + older than 2.6.3 -- older receivers will always retain the file, and + older senders don't tell the receiver that the file had a read + error.) - * Optimizations to the name-handling/comparing code have made - some significant reductions in user CPU time for large file - sets. (Wayne Davison) + - If a file gets resent in a single transfer and the --backup option + is enabled, rsync no longer performs a duplicate backup (it used to + overwrite the original file in the backup area). - * Some variable-type cleanup that makes the code more consistent. - (Wayne Davison) + - Files specified in the daemon's "exclude" or "exclude from" config + items are now excluded from being uploaded (assuming that the module + allows uploading at all) in addition to the old download exclusion. - * Reduced memory requirements of hard link preservation. - (J.W. Schultz) + - Got rid of a potential hang in the receiver when near the end of a + phase. - -NEWS for rsync 2.6.0 (1 Jan 2004) -Protocol: 27 (changed) -Changes since 2.5.7: + - When using --backup without a --backup-dir, rsync no longer preserves + the modify time on directories. This avoids confusing NFS. - ENHANCEMENTS: + - When --copy-links (-L) is specified, we now output a separate error + for a symlink that has no referent instead of claiming that a file + "vanished". - * "ssh" is now the default remote shell for rsync. If you want to - change this, configure like this: "./configure --with-rsh=rsh". + - The --copy-links (-L) option no longer has the side-effect of telling + the receiving side to follow symlinks. See the --keep-dirlinks + option (mentioned below) for a way to specify that behavior. - * Added --files-from, --no-relative, --no-implied-dirs, and --from0. - Note that --from0 affects the line-ending character for all the - files read by the --*-from options. (Wayne Davison) + - Error messages from the daemon server's option-parsing (such as + refused options) are now successfully transferred back to the client + (the server used to fail to send the message because the socket + wasn't in the right state for the message to get through). - * Length of csum2 is now per-file starting with protocol version - 27. (J.W. Schultz) + - Most transfer errors that occur during a daemon transfer are now + returned to the user in addition to being logged (some messages are + intended to be daemon-only and are not affected by this). - * Per-file dynamic block size is now sqrt(file length). The - per-file checksum size is determined according to an algorithm - provided by Donovan Baarda which reduces the probability of rsync - algorithm corrupting data and falling back using the whole md4 - checksums. (J.W. Schultz, Donovan Baarda) + - Fixed a bug in the daemon authentication code when using one of the + batch-processing options. - * The --stats option no longer includes the (debug) malloc summary - unless the verbose option was specified at least twice. + - We try to work around some buggy IPv6 implementations that fail to + implement IPV6_V6ONLY. This should fix the "address in use" error + that some daemons get when running on an OS with a buggy IPv6 + implementation. Also, if the new code gets this error, we might + suggest that the user specify --ipv4 or --ipv6 (if we think it will + help). - * Added a new error/warning code for when files vanish from the - sending side. Made vanished source files not interfere with the - file-deletion pass when --delete-after was specified. + - When the remote rsync dies, make a better effort to recover any error + messages it may have sent before dying (the local rsync used to just + die with a socket-write error). - * Various trailing-info sections are now preceded by a newline. + - When using --delete and a --backup-dir that contains files that are + hard-linked to their destination equivalents, rsync now makes sure + that removed files really get removed (avoids a really weird rename() + behavior). - BUG FIXES: + - Avoid a bogus run-time complaint about a lack of 64-bit integers when + the int64 type is defined as an off_t and it actually has 64-bits. - * Fixed several exclude/include matching bugs when using wild-cards. - This has a several user-visible effects, all of which make the - matching more consistent and intuitive. This should hopefully not - cause anyone problems since it makes the matching work more like - what people are expecting. (Wayne Davison) + - Added a configure check for open64() without mkstemp64() so that we + can avoid using mkstemp() when such a combination is encountered. + This bypasses a problem writing out large temp files on OSes such as + AIX and HP-UX. - - A pattern with a "**" no longer causes a "*" to match slashes. - For example, with "/*/foo/**", "foo" must be 2 levels deep. - [If your string has BOTH "*" and "**" wildcards, changing the - "*" wildcards to "**" will provide the old behavior in all - versions.] + - Fixed an age-old crash problem with --read-batch on a local copy + (rsync was improperly assuming --whole-file for the local copy). - - "**/foo" now matches at the base of the transfer (like /foo - does). [Use "/**/foo" to get the old behavior in all versions.] + - When --dry-run (-n) is used and the destination directory does not + exist, rsync now produces a correct report of files that would be + sent instead of dying with a chdir() error. - - A non-anchored wildcard term floats to match beyond the base of - the transfer. E.g. "CVS/R*" matches at the end of the path, - just like the non-wildcard term "CVS/Root" does. [Use "/CVS/R*" - to get the old behavior in all versions.] + - Fixed a bug that could cause a slow-to-connect rsync daemon to die + with an error instead of waiting for the connection to finish. - - Including a "**" in the match term causes it to be matched - against the entire path, not just the name portion, even if - there aren't any interior slashes in the term. E.g. "foo**bar" - would exclude "/path/foo-bar" (just like before) as well as - "/foo-path/baz-bar" (unlike before). [Use "foo*bar" to get the - old behavior in all versions.] + - Fixed an ssh interaction that could cause output to be lost when the + user chose to combine the output of rsync's stdout and stderr (e.g. + using the "2>&1"). - * The exclude list specified in the daemon's config file is now - properly applied to the pulled items no matter how deep the - user's file-args are in the source tree. (Wayne Davison) + ENHANCEMENTS: - * For protocol version >= 27, mdfour_tail() is called when the - block size (including checksum_seed) is a multiple of 64. - Previously it was not called, giving the wrong MD4 checksum. - (Craig Barratt) + - Added the --partial-dir=DIR option that lets you specify where to + (temporarily) put a partially transferred file (instead of over- + writing the destination file). E.g. --partial-dir=.rsync-partial + Also added support for the RSYNC_PARTIAL_DIR environment variable + that, when found, transforms a regular --partial option (such as + the convenient -P option) into one that also specifies a directory. - * For protocol version >= 27, a 64 bit bit counter is used in - mdfour.c as required by the RFC. Previously only a 32 bit bit - counter was used, causing incorrect MD4 file checksums for - file sizes >= 512MB - 4. (Craig Barratt) + - Added --keep-dirlinks (-K), which allows you to symlink a directory + onto another partition on the receiving side and have rsync treat it + as matching a normal directory from the sender. - * Fixed a crash bug when interacting with older rsync versions and - multiple files of the same name are destined for the same dir. - (Wayne Davison) + - Added the --inplace option that tells rsync to write each destination + file without using a temporary file. The matching of existing data + in the destination file can be severely limited by this, but there + are also cases where this is more efficient (such as appending data). + Use only when needed (see the man page for more details). - * Keep tmp names from overflowing MAXPATHLEN. + - Added the "write only" option for the daemon's config file. - * Make --link-dest honor the absence of -p, -o, and -g. + - Added long-option names for -4 and -6 (namely --ipv4 and --ipv6) + and documented all these options in the man page. - * Made rsync treat a trailing slash in the destination in a more - consistent manner. + - Improved the handling of the --bwlimit option so that it's less + bursty, more accurate, and works properly over a larger range of + values. - * Fixed file I/O error detection. (John Van Essen) + - The rsync daemon-over-ssh code now looks for SSH_CONNECTION and + SSH2_CLIENT in addition to SSH_CLIENT to figure out the IP address. - * Fixed bogus "malformed address {hostname}" message in rsyncd log - when checking IP address against hostnames from "hosts allow" - and "hosts deny" parameters in config file. + - Added the --checksum-seed=N option for advanced users. - * Print heap statistics when verbose >= 2 instead of when >= 1. + - Batch writing/reading has a brand-new implementation that is simpler, + fixes a few weird problems with the old code (such as no longer + sprinkling the batch files into different dirs or even onto different + systems), and is much less intrusive into the code (making it easier + to maintain for the future). The new code generates just one data + file instead of three, which makes it possible to read the batch on + stdin via a remote shell. Also, the old requirement of forcing the + same fixed checksum-seed for all batch processing has been removed. - * Fixed a compression (-z) bug when syncing a mostly-matching file - that contains already-compressed data. (Yasuoka Masahiko and - Wayne Davison) + - If an rsync daemon has a module set with "list = no" (which hides its + presence in the list of available modules), a user that fails to + authenticate gets the same "unknown module" error that they would get + if the module were actually unknown (while still logging the real + error to the daemon's log file). This prevents fishing for module + names. - * Fixed a bug in the --backup code that could cause deleted files - to not get backed up. + - The daemon's "refuse options" config item now allows you to match + option names using wildcards and/or the single-letter option names. - * When the backup code makes new directories, create them with mode - 0700 instead of 0755 (since the directory permissions in the - backup tree are not yet copied from the main tree). + - Each transferred file now gets its permissions and modified-time + updated before the temp-file gets moved into place. Previously, the + finished file would have a very brief window where its permissions + disallowed all group and world access. - * Call setgroups() in a more portable manner. + - Added the ability to parse a literal IPv6 address in an "rsync:" URL + (e.g. rsync://[2001:638:500:101::21]:873/module/dir). - * Improved file-related error messages to better indicate exactly - what pathname failed. (Wayne Davison) + - The daemon's wildcard expanding code can now handle more than 1000 + filenames (it's now limited by memory instead of having a hard-wired + limit). - * Fixed some bugs in the handling of --delete and --exclude when - using the --relative (-R) option. (Wayne Davison) + INTERNAL: - * Fixed bug that prevented regular files from replacing - special files and caused a directory in --link-dest or - --compare-dest to block the creation of a file with the - same path. A directory still cannot be replaced by a - regular file unless --delete specified. (J.W. Schultz) + - Some cleanup in the exclude code has saved some per-exclude memory + and made the code easier to maintain. - * Detect and report when open or opendir succeed but read and - readdir fail caused by network filesystem issues and truncated - files. (David Norwood, Michael Brown, J.W. Schultz) + - Improved the argv-overflow checking for a remote command that has a + lot of args. - * Added a fix that should give ssh time to restore the tty settings - if the user presses Ctrl-C at an ssh password prompt. + - Use rsyserr() in the various places that were still calling rprintf() + with strerror() as an arg. - INTERNAL: + - If an rsync daemon is listening on multiple sockets (to handle both + IPv4 and IPv6 to a single port), we now close all the unneeded file + handles after we accept a connection (we used to close just one of + them). + + - Optimized the handling of larger block sizes (rsync used to slow to a + crawl if the block size got too large). + + - Optimized away a loop in hash_search(). + + - Some improvements to the sanitize_path() and clean_fname() functions + makes them more efficient and produce better results (while still + being compatible with the file-name cleaning that gets done on both + sides when sending the file-list). + + - Got rid of alloc_sanitize_path() after adding a destination-buffer + arg to sanitize_path() made it possible to put all the former's + functionality into the latter. + + - The file-list that is output when at least 4 verbose options are + specified reports the uid value on the sender even when rsync is + not running as root (since we might be sending to a root receiver). + + BUILD CHANGES: + + - Added a "gen" target to rebuild most of the generated files, + including configure, config.h.in, the man pages, and proto.h. + + - If "make proto" doesn't find some changes in the prototypes, the + proto.h file is left untouched (its time-stamp used to always be + updated). + + - The variable $STRIP (that is optionally set by the install-strip + target's rule) was changed to $INSTALL_STRIP because some systems + have $STRIP already set in the environment. + + - Fixed a build problem when SUPPORT_HARD_LINKS isn't defined. + + - When cross-compiling, the gettimeofday() function is now assumed to + be a modern version that takes two-args (since we can't test it). - * Eliminated vestigial support for old versions that we stopped - supporting. (J.W. Schultz) + DEVELOPER RELATED: - * Simplified some of the option-parsing code. (Wayne Davison) + - The scripts in the testsuite dir were cleaned up a bit and a few + new tests added. - * Some cleanup made to the exclude code, as well as some new - defines added to enhance readability. (Wayne Davison) + - Some new diffs were added to the patches dir, and some accepted + ones were removed. - * Changed the protocol-version code so that it can interact at a - lower protocol level than the maximum supported by both sides. - Added an undocumented option, --protocol=N, to force the value - we advertise to the other side (primarily for testing purposes). - (Wayne Davison)