X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/ebdd24d6d08bc4ffd632a64b3781f48cc8a46eb0..91f625cee02e1db0ebd6f40d3ccfaf655b72c9ab:/util.c diff --git a/util.c b/util.c index 96b7ac4f..99dff805 100644 --- a/util.c +++ b/util.c @@ -1,12 +1,14 @@ -/* -*- c-file-style: "linux" -*- +/* + * Utility routines used in rsync. * - * Copyright (C) 1996-2000 by Andrew Tridgell - * Copyright (C) Paul Mackerras 1996 - * Copyright (C) 2001, 2002 by Martin Pool + * Copyright (C) 1996-2000 Andrew Tridgell + * Copyright (C) 1996 Paul Mackerras + * Copyright (C) 2001, 2002 Martin Pool + * Copyright (C) 2003-2008 Wayne Davison * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or + * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, @@ -14,38 +16,37 @@ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * You should have received a copy of the GNU General Public License along + * with this program; if not, visit the http://fsf.org website. */ -/** - * @file - * - * Utilities used in rsync - **/ - #include "rsync.h" +#include "ifuncs.h" extern int verbose; extern int dry_run; extern int module_id; extern int modify_window; +extern int relative_paths; +extern int human_readable; +extern char *module_dir; +extern unsigned int module_dirlen; +extern mode_t orig_umask; extern char *partial_dir; -extern struct exclude_list_struct server_exclude_list; +extern struct filter_list_struct daemon_filter_list; int sanitize_paths = 0; +char curr_dir[MAXPATHLEN]; +unsigned int curr_dir_len; +int curr_dir_depth; /* This is only set for a sanitizing daemon. */ - -/** - * Set a fd into nonblocking mode - **/ +/* Set a fd into nonblocking mode. */ void set_nonblocking(int fd) { int val; - if ((val = fcntl(fd, F_GETFL, 0)) == -1) + if ((val = fcntl(fd, F_GETFL)) == -1) return; if (!(val & NONBLOCK_FLAG)) { val |= NONBLOCK_FLAG; @@ -53,14 +54,12 @@ void set_nonblocking(int fd) } } -/** - * Set a fd into blocking mode - **/ +/* Set a fd into blocking mode. */ void set_blocking(int fd) { int val; - if ((val = fcntl(fd, F_GETFL, 0)) == -1) + if ((val = fcntl(fd, F_GETFL)) == -1) return; if (val & NONBLOCK_FLAG) { val &= ~NONBLOCK_FLAG; @@ -68,7 +67,6 @@ void set_blocking(int fd) } } - /** * Create a file descriptor pair - like pipe() but use socketpair if * possible (because of blocking issues on pipes). @@ -79,7 +77,7 @@ int fd_pair(int fd[2]) { int ret; -#if HAVE_SOCKETPAIR +#ifdef HAVE_SOCKETPAIR ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd); #else ret = pipe(fd); @@ -93,10 +91,9 @@ int fd_pair(int fd[2]) return ret; } - -void print_child_argv(char **cmd) +void print_child_argv(const char *prefix, char **cmd) { - rprintf(FINFO, "opening connection using "); + rprintf(FCLIENT, "%s ", prefix); for (; *cmd; cmd++) { /* Look for characters that ought to be quoted. This * is not a great quoting algorithm, but it's @@ -105,33 +102,32 @@ void print_child_argv(char **cmd) "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "0123456789" ",.-_=+@/") != strlen(*cmd)) { - rprintf(FINFO, "\"%s\" ", *cmd); + rprintf(FCLIENT, "\"%s\" ", *cmd); } else { - rprintf(FINFO, "%s ", *cmd); + rprintf(FCLIENT, "%s ", *cmd); } } - rprintf(FINFO, "\n"); + rprintf(FCLIENT, "\n"); } - -void out_of_memory(char *str) +NORETURN void out_of_memory(const char *str) { - rprintf(FERROR, "ERROR: out of memory in %s\n", str); + rprintf(FERROR, "ERROR: out of memory in %s [%s]\n", str, who_am_i()); exit_cleanup(RERR_MALLOC); } -void overflow(char *str) +NORETURN void overflow_exit(const char *str) { - rprintf(FERROR, "ERROR: buffer overflow in %s\n", str); + rprintf(FERROR, "ERROR: buffer overflow in %s [%s]\n", str, who_am_i()); exit_cleanup(RERR_MALLOC); } - - -int set_modtime(char *fname, time_t modtime) +int set_modtime(const char *fname, time_t modtime, mode_t mode) { - if (dry_run) - return 0; +#if !defined HAVE_LUTIMES || !defined HAVE_UTIMES + if (S_ISLNK(mode)) + return 1; +#endif if (verbose > 2) { rprintf(FINFO, "set modtime of %s to (%ld) %s", @@ -139,53 +135,78 @@ int set_modtime(char *fname, time_t modtime) asctime(localtime(&modtime))); } + if (dry_run) + return 0; + { -#ifdef HAVE_UTIMBUF +#ifdef HAVE_UTIMES + struct timeval t[2]; + t[0].tv_sec = time(NULL); + t[0].tv_usec = 0; + t[1].tv_sec = modtime; + t[1].tv_usec = 0; +# ifdef HAVE_LUTIMES + if (S_ISLNK(mode)) { + if (lutimes(fname, t) < 0) + return errno == ENOSYS ? 1 : -1; + return 0; + } +# endif + return utimes(fname, t); +#elif defined HAVE_STRUCT_UTIMBUF struct utimbuf tbuf; tbuf.actime = time(NULL); tbuf.modtime = modtime; return utime(fname,&tbuf); -#elif defined(HAVE_UTIME) +#elif defined HAVE_UTIME time_t t[2]; t[0] = time(NULL); t[1] = modtime; return utime(fname,t); #else - struct timeval t[2]; - t[0].tv_sec = time(NULL); - t[0].tv_usec = 0; - t[1].tv_sec = modtime; - t[1].tv_usec = 0; - return utimes(fname,t); +#error No file-time-modification routine found! #endif } } +/* This creates a new directory with default permissions. Since there + * might be some directory-default permissions affecting this, we can't + * force the permissions directly using the original umask and mkdir(). */ +int mkdir_defmode(char *fname) +{ + int ret; -/** - Create any necessary directories in fname. Unfortunately we don't know - what perms to give the directory when this is called so we need to rely - on the umask -**/ -int create_directory_path(char *fname, int base_umask) + umask(orig_umask); + ret = do_mkdir(fname, ACCESSPERMS); + umask(0); + + return ret; +} + +/* Create any necessary directories in fname. Any missing directories are + * created with default permissions. */ +int create_directory_path(char *fname) { char *p; + int ret = 0; while (*fname == '/') fname++; while (strncmp(fname, "./", 2) == 0) fname += 2; + umask(orig_umask); p = fname; while ((p = strchr(p,'/')) != NULL) { - *p = 0; - do_mkdir(fname, 0777 & ~base_umask); - *p = '/'; - p++; + *p = '\0'; + if (do_mkdir(fname, ACCESSPERMS) < 0 && errno != EEXIST) + ret = -1; + *p++ = '/'; } - return 0; -} + umask(0); + return ret; +} /** * Write @p len bytes at @p ptr to descriptor @p desc, retrying if @@ -197,7 +218,7 @@ int create_directory_path(char *fname, int base_umask) * * Derived from GNU C's cccp.c. */ -static int full_write(int desc, char *ptr, size_t len) +int full_write(int desc, const char *ptr, size_t len) { int total_written; @@ -216,7 +237,6 @@ static int full_write(int desc, char *ptr, size_t len) return total_written; } - /** * Read @p len bytes at @p ptr from descriptor @p desc, retrying if * interrupted. @@ -242,38 +262,41 @@ static int safe_read(int desc, char *ptr, size_t len) return n_chars; } - -/** Copy a file. +/* Copy a file. If ofd < 0, copy_file unlinks and opens the "dest" file. + * Otherwise, it just writes to and closes the provided file descriptor. * - * This is used in conjunction with the --temp-dir option */ -int copy_file(char *source, char *dest, mode_t mode) + * This is used in conjunction with the --temp-dir, --backup, and + * --copy-dest options. */ +int copy_file(const char *source, const char *dest, int ofd, + mode_t mode, int create_bak_dir) { int ifd; - int ofd; char buf[1024 * 8]; int len; /* Number of bytes read into `buf'. */ - ifd = do_open(source, O_RDONLY, 0); - if (ifd == -1) { - rsyserr(FERROR, errno, "open %s", full_fname(source)); + if ((ifd = do_open(source, O_RDONLY, 0)) < 0) { + rsyserr(FERROR_XFER, errno, "open %s", full_fname(source)); return -1; } - if (robust_unlink(dest) && errno != ENOENT) { - rsyserr(FERROR, errno, "unlink %s", full_fname(dest)); - return -1; - } + if (ofd < 0) { + if (robust_unlink(dest) && errno != ENOENT) { + rsyserr(FERROR_XFER, errno, "unlink %s", full_fname(dest)); + return -1; + } - ofd = do_open(dest, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL, mode); - if (ofd == -1) { - rsyserr(FERROR, errno, "open %s", full_fname(dest)); - close(ifd); - return -1; + if ((ofd = do_open(dest, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL, mode)) < 0 + && (!create_bak_dir || errno != ENOENT || make_bak_dir(dest) < 0 + || (ofd = do_open(dest, O_WRONLY | O_CREAT | O_TRUNC | O_EXCL, mode)) < 0)) { + rsyserr(FERROR_XFER, errno, "open %s", full_fname(dest)); + close(ifd); + return -1; + } } while ((len = safe_read(ifd, buf, sizeof buf)) > 0) { if (full_write(ofd, buf, len) < 0) { - rsyserr(FERROR, errno, "write %s", full_fname(dest)); + rsyserr(FERROR_XFER, errno, "write %s", full_fname(dest)); close(ifd); close(ofd); return -1; @@ -281,19 +304,19 @@ int copy_file(char *source, char *dest, mode_t mode) } if (len < 0) { - rsyserr(FERROR, errno, "read %s", full_fname(source)); + rsyserr(FERROR_XFER, errno, "read %s", full_fname(source)); close(ifd); close(ofd); return -1; } if (close(ifd) < 0) { - rsyserr(FINFO, errno, "close failed on %s", + rsyserr(FWARNING, errno, "close failed on %s", full_fname(source)); } if (close(ofd) < 0) { - rsyserr(FERROR, errno, "close failed on %s", + rsyserr(FERROR_XFER, errno, "close failed on %s", full_fname(dest)); return -1; } @@ -315,7 +338,7 @@ int copy_file(char *source, char *dest, mode_t mode) * --delete trying to remove old .rsyncNNN files, hence it renames it * each time. **/ -int robust_unlink(char *fname) +int robust_unlink(const char *fname) { #ifndef ETXTBSY return do_unlink(fname); @@ -343,13 +366,13 @@ int robust_unlink(char *fname) /* start where the last one left off to reduce chance of clashes */ start = counter; do { - sprintf(&path[pos], "%03d", counter); + snprintf(&path[pos], MAX_RENAMES_DIGITS+1, "%03d", counter); if (++counter >= MAX_RENAMES) counter = 1; } while ((rc = access(path, 0)) == 0 && counter != start); if (verbose > 0) { - rprintf(FINFO,"renaming %s to %s because of text busy\n", + rprintf(FWARNING, "renaming %s to %s because of text busy\n", fname, path); } @@ -362,9 +385,12 @@ int robust_unlink(char *fname) #endif } -/* Returns 0 on success, -1 on most errors, and -2 if we got an error - * trying to copy the file across file systems. */ -int robust_rename(char *from, char *to, int mode) +/* Returns 0 on successful rename, 1 if we successfully copied the file + * across filesystems, -2 if copy_file() failed, and -1 on other errors. + * If partialptr is not NULL and we need to do a copy, copy the file into + * the active partial-dir instead of over the destination file. */ +int robust_rename(const char *from, const char *to, const char *partialptr, + int mode) { int tries = 4; @@ -380,10 +406,15 @@ int robust_rename(char *from, char *to, int mode) break; #endif case EXDEV: - if (copy_file(from, to, mode) != 0) + if (partialptr) { + if (!handle_partial_dir(partialptr,PDIR_CREATE)) + return -1; + to = partialptr; + } + if (copy_file(from, to, -1, mode, 0) != 0) return -2; do_unlink(from); - return 0; + return 1; default: return -1; } @@ -391,7 +422,6 @@ int robust_rename(char *from, char *to, int mode) return -1; } - static pid_t all_pids[10]; static int num_pids; @@ -435,36 +465,30 @@ void kill_all(int sig) } } - /** Turn a user name into a uid */ -int name_to_uid(char *name, uid_t *uid) +int name_to_uid(const char *name, uid_t *uid_p) { struct passwd *pass; if (!name || !*name) return 0; - pass = getpwnam(name); - if (pass) { - *uid = pass->pw_uid; - return 1; - } - return 0; + if (!(pass = getpwnam(name))) + return 0; + *uid_p = pass->pw_uid; + return 1; } /** Turn a group name into a gid */ -int name_to_gid(char *name, gid_t *gid) +int name_to_gid(const char *name, gid_t *gid_p) { struct group *grp; if (!name || !*name) return 0; - grp = getgrnam(name); - if (grp) { - *gid = grp->gr_gid; - return 1; - } - return 0; + if (!(grp = getgrnam(name))) + return 0; + *gid_p = grp->gr_gid; + return 1; } - /** Lock a byte range in a open file */ int lock_range(int fd, int offset, int len) { @@ -479,110 +503,213 @@ int lock_range(int fd, int offset, int len) return fcntl(fd,F_SETLK,&lock) == 0; } -static int exclude_server_path(char *arg) -{ - char *s; +#define ENSURE_MEMSPACE(buf, type, sz, req) \ + if ((req) >= sz && !(buf = realloc_array(buf, type, sz *= 2))) \ + out_of_memory("ENSURE_MEMSPACE") - if (server_exclude_list.head) { - for (s = arg; (s = strchr(s, '/')) != NULL; ) { - *s = '\0'; - if (check_exclude(&server_exclude_list, arg, 1) < 0) { - /* We must leave arg truncated! */ - return 1; +static inline void call_glob_match(const char *name, int len, int from_glob, + char *arg, int abpos, int fbpos); + +static struct glob_data { + char *arg_buf, *filt_buf, **argv; + int absize, fbsize, maxargs, argc; +} glob; + +static void glob_match(char *arg, int abpos, int fbpos) +{ + int len; + char *slash; + + while (*arg == '.' && arg[1] == '/') { + if (fbpos < 0) { + if (glob.fbsize < glob.absize) { + glob.filt_buf = realloc_array(glob.filt_buf, + char, glob.fbsize = glob.absize); } - *s++ = '/'; + memcpy(glob.filt_buf, glob.arg_buf, abpos + 1); + fbpos = abpos; } + ENSURE_MEMSPACE(glob.arg_buf, char, glob.absize, abpos + 2); + glob.arg_buf[abpos++] = *arg++; + glob.arg_buf[abpos++] = *arg++; + glob.arg_buf[abpos] = '\0'; } - return 0; + if ((slash = strchr(arg, '/')) != NULL) { + *slash = '\0'; + len = slash - arg; + } else + len = strlen(arg); + if (strpbrk(arg, "*?[")) { + struct dirent *di; + DIR *d; + + if (!(d = opendir(abpos ? glob.arg_buf : "."))) + return; + while ((di = readdir(d)) != NULL) { + char *dname = d_name(di); + if (dname[0] == '.' && (dname[1] == '\0' + || (dname[1] == '.' && dname[2] == '\0'))) + continue; + if (!wildmatch(arg, dname)) + continue; + call_glob_match(dname, strlen(dname), 1, + slash ? arg + len + 1 : NULL, + abpos, fbpos); + } + closedir(d); + } else { + call_glob_match(arg, len, 0, + slash ? arg + len + 1 : NULL, + abpos, fbpos); + } + if (slash) + *slash = '/'; } -static void glob_expand_one(char *s, char ***argv_ptr, int *argc_ptr, - int *maxargs_ptr) +static inline void call_glob_match(const char *name, int len, int from_glob, + char *arg, int abpos, int fbpos) { - char **argv = *argv_ptr; - int argc = *argc_ptr; - int maxargs = *maxargs_ptr; -#if !(defined(HAVE_GLOB) && defined(HAVE_GLOB_H)) - if (argc == maxargs) { - maxargs += MAX_ARGS; - if (!(argv = realloc_array(argv, char *, maxargs))) - out_of_memory("glob_expand_one"); - *argv_ptr = argv; - *maxargs_ptr = maxargs; + char *use_buf; + + ENSURE_MEMSPACE(glob.arg_buf, char, glob.absize, abpos + len + 2); + memcpy(glob.arg_buf + abpos, name, len); + abpos += len; + glob.arg_buf[abpos] = '\0'; + + if (fbpos >= 0) { + ENSURE_MEMSPACE(glob.filt_buf, char, glob.fbsize, fbpos + len + 2); + memcpy(glob.filt_buf + fbpos, name, len); + fbpos += len; + glob.filt_buf[fbpos] = '\0'; + use_buf = glob.filt_buf; + } else + use_buf = glob.arg_buf; + + if (from_glob || arg) { + STRUCT_STAT st; + int is_dir; + + if (do_stat(glob.arg_buf, &st) != 0) { + if (from_glob) + return; + is_dir = 0; + } else { + is_dir = S_ISDIR(st.st_mode) != 0; + if (arg && !is_dir) + return; + } + + if (daemon_filter_list.head + && check_filter(&daemon_filter_list, use_buf, is_dir) < 0) { + if (from_glob) + return; + arg = NULL; + } } - if (!*s) - s = "."; - s = argv[argc++] = strdup(s); - exclude_server_path(s); -#else - glob_t globbuf; - int i; - if (maxargs <= argc) - return; - if (!*s) - s = "."; + if (arg) { + glob.arg_buf[abpos++] = '/'; + glob.arg_buf[abpos] = '\0'; + if (fbpos >= 0) { + glob.filt_buf[fbpos++] = '/'; + glob.filt_buf[fbpos] = '\0'; + } + glob_match(arg, abpos, fbpos); + } else { + ENSURE_MEMSPACE(glob.argv, char *, glob.maxargs, glob.argc + 1); + if (!(glob.argv[glob.argc++] = strdup(glob.arg_buf))) + out_of_memory("glob_match"); + } +} - if (sanitize_paths) - s = sanitize_path(NULL, s, NULL); - else - s = strdup(s); - - memset(&globbuf, 0, sizeof globbuf); - if (!exclude_server_path(s)) - glob(s, 0, NULL, &globbuf); - if (MAX((int)globbuf.gl_pathc, 1) > maxargs - argc) { - maxargs += globbuf.gl_pathc + MAX_ARGS; - if (!(argv = realloc_array(argv, char *, maxargs))) - out_of_memory("glob_expand_one"); - *argv_ptr = argv; - *maxargs_ptr = maxargs; +/* This routine performs wild-card expansion of the pathname in "arg". Any + * daemon-excluded files/dirs will not be matched by the wildcards. Returns 0 + * if a wild-card string is the only returned item (due to matching nothing). */ +int glob_expand(const char *arg, char ***argv_p, int *argc_p, int *maxargs_p) +{ + int ret, save_argc; + char *s; + + if (!arg) { + if (glob.filt_buf) + free(glob.filt_buf); + free(glob.arg_buf); + memset(&glob, 0, sizeof glob); + return -1; } - if (globbuf.gl_pathc == 0) - argv[argc++] = s; + + if (sanitize_paths) + s = sanitize_path(NULL, arg, "", 0, SP_KEEP_DOT_DIRS); else { - int j = globbuf.gl_pathc; + s = strdup(arg); + if (!s) + out_of_memory("glob_expand"); + clean_fname(s, CFN_KEEP_DOT_DIRS + | CFN_KEEP_TRAILING_SLASH + | CFN_COLLAPSE_DOT_DOT_DIRS); + } + + if (glob.absize < MAXPATHLEN + && !(glob.arg_buf = realloc_array(glob.arg_buf, char, glob.absize = MAXPATHLEN))) + out_of_memory("glob_expand"); + *glob.arg_buf = '\0'; + + glob.argc = save_argc = *argc_p; + glob.argv = *argv_p; + glob.maxargs = *maxargs_p; + + if (glob.maxargs < 100 + && !(glob.argv = realloc_array(glob.argv, char *, glob.maxargs = 100))) + out_of_memory("glob_expand"); + + glob_match(s, 0, -1); + + /* The arg didn't match anything, so add the failed arg to the list. */ + if (glob.argc == save_argc) { + ENSURE_MEMSPACE(glob.argv, char *, glob.maxargs, glob.argc + 1); + glob.argv[glob.argc++] = s; + ret = 0; + } else { free(s); - for (i = 0; i < j; i++) { - if (!(argv[argc++] = strdup(globbuf.gl_pathv[i]))) - out_of_memory("glob_expand_one"); - } + ret = 1; } - globfree(&globbuf); -#endif - *argc_ptr = argc; + + *maxargs_p = glob.maxargs; + *argv_p = glob.argv; + *argc_p = glob.argc; + + return ret; } /* This routine is only used in daemon mode. */ -void glob_expand(char *base1, char ***argv_ptr, int *argc_ptr, int *maxargs_ptr) +void glob_expand_module(char *base1, char *arg, char ***argv_p, int *argc_p, int *maxargs_p) { - char *s = (*argv_ptr)[*argc_ptr]; - char *p, *q; + char *p, *s; char *base = base1; int base_len = strlen(base); - if (!s || !*s) + if (!arg || !*arg) return; - if (strncmp(s, base, base_len) == 0) - s += base_len; + if (strncmp(arg, base, base_len) == 0) + arg += base_len; - if (!(s = strdup(s))) - out_of_memory("glob_expand"); + if (!(arg = strdup(arg))) + out_of_memory("glob_expand_module"); if (asprintf(&base," %s/", base1) <= 0) - out_of_memory("glob_expand"); + out_of_memory("glob_expand_module"); base_len++; - for (q = s; *q; q = p + base_len) { - if ((p = strstr(q, base)) != NULL) + for (s = arg; *s; s = p + base_len) { + if ((p = strstr(s, base)) != NULL) *p = '\0'; /* split it at this point */ - glob_expand_one(q, argv_ptr, argc_ptr, maxargs_ptr); + glob_expand(s, argv_p, argc_p, maxargs_p); if (!p) break; } - free(s); + free(arg); free(base); } @@ -592,8 +719,8 @@ void glob_expand(char *base1, char ***argv_ptr, int *argc_ptr, int *maxargs_ptr) void strlower(char *s) { while (*s) { - if (isupper(*(unsigned char *)s)) - *s = tolower(*(unsigned char *)s); + if (isUpper(s)) + *s = toLower(s); s++; } } @@ -650,16 +777,41 @@ size_t stringjoin(char *dest, size_t destsize, ...) return ret; } -void clean_fname(char *name) +int count_dir_elements(const char *p) { - char *limit = name, *t = name, *f = name; + int cnt = 0, new_component = 1; + while (*p) { + if (*p++ == '/') + new_component = (*p != '.' || (p[1] != '/' && p[1] != '\0')); + else if (new_component) { + new_component = 0; + cnt++; + } + } + return cnt; +} + +/* Turns multiple adjacent slashes into a single slash, drops all leading or + * interior "." elements unless CFN_KEEP_DOT_DIRS is flagged. Will also drop + * a trailing '.' after a '/' if CFN_DROP_TRAILING_DOT_DIR is flagged, removes + * a trailing slash (perhaps after removing the aforementioned dot) unless + * CFN_KEEP_TRAILING_SLASH is flagged, and will also collapse ".." elements + * (except at the start) if CFN_COLLAPSE_DOT_DOT_DIRS is flagged. If the + * resulting name would be empty, returns ".". */ +unsigned int clean_fname(char *name, int flags) +{ + char *limit = name - 1, *t = name, *f = name; int anchored; if (!name) - return; + return 0; if ((anchored = *f == '/') != 0) *t++ = *f++; + else if (flags & CFN_KEEP_DOT_DIRS && *f == '.' && f[1] == '/') { + *t++ = *f++; + *t++ = *f++; + } while (*f) { /* discard extra slashes */ if (*f == '/') { @@ -667,74 +819,77 @@ void clean_fname(char *name) continue; } if (*f == '.') { - /* discard "." dirs (but NOT a trailing '.'!) */ - if (f[1] == '/') { - f++; /* not += 2! */ + /* discard interior "." dirs */ + if (f[1] == '/' && !(flags & CFN_KEEP_DOT_DIRS)) { + f += 2; continue; } + if (f[1] == '\0' && flags & CFN_DROP_TRAILING_DOT_DIR) + break; /* collapse ".." dirs */ - if (f[1] == '.' && (f[2] == '/' || !f[2])) { + if (flags & CFN_COLLAPSE_DOT_DOT_DIRS + && f[1] == '.' && (f[2] == '/' || !f[2])) { char *s = t - 1; if (s == name && anchored) { f += 2; continue; } while (s > limit && *--s != '/') {} - if (s != t - 1 && *s == '/') { + if (s != t - 1 && (s < name || *s == '/')) { t = s + 1; f += 2; continue; } - *t++ = *f++; - *t++ = *f++; - limit = t; + limit = t + 2; } } while (*f && (*t++ = *f++) != '/') {} } - if (t > name+anchored && t[-1] == '/') + if (t > name+anchored && t[-1] == '/' && !(flags & CFN_KEEP_TRAILING_SLASH)) t--; if (t == name) *t++ = '.'; *t = '\0'; + + return t - name; } /* Make path appear as if a chroot had occurred. This handles a leading * "/" (either removing it or expanding it) and any leading or embedded * ".." components that attempt to escape past the module's top dir. * - * If dest is NULL, a buffer is allocated to hold the result. If dest is - * the same buffer as p (the path) OR if reldir is NULL, a leading slash - * is dropped instead of being expanded to be the module's top dir. + * If dest is NULL, a buffer is allocated to hold the result. It is legal + * to call with the dest and the path (p) pointing to the same buffer, but + * rootdir will be ignored to avoid expansion of the string. * - * If reldir is non-NULL (and non-empty), it is a sanitized directory that - * the path will be relative to, so allow as many '..'s at the beginning of - * the path as there are components in reldir. This is used for symbolic - * link targets. If reldir is non-null and the path began with "/", to be - * completely like a chroot we should add in depth levels of ".." at the - * beginning of the path, but that would blow the assumption that the path - * doesn't grow and it is not likely to end up being a valid symlink - * anyway, so just do the normal removal of the leading "/" instead. + * The rootdir string contains a value to use in place of a leading slash. + * Specify NULL to get the default of "module_dir". * - * While we're at it, remove double slashes and "." components like - * clean_fname() does, but DON'T remove a trailing slash because that is - * sometimes significant on command line arguments. + * The depth var is a count of how many '..'s to allow at the start of the + * path. * - * If the resulting path would be empty, change it into ".". - */ -char *sanitize_path(char *dest, const char *p, const char *reldir) + * We also clean the path in a manner similar to clean_fname() but with a + * few differences: + * + * Turns multiple adjacent slashes into a single slash, gets rid of "." dir + * elements (INCLUDING a trailing dot dir), PRESERVES a trailing slash, and + * ALWAYS collapses ".." elements (except for those at the start of the + * string up to "depth" deep). If the resulting name would be empty, + * change it into a ".". */ +char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth, + int flags) { char *start, *sanp; - int depth = 0; - int allowdotdot = 0; - int rlen = 0; + int rlen = 0, drop_dot_dirs = !relative_paths || !(flags & SP_KEEP_DOT_DIRS); if (dest != p) { int plen = strlen(p); - if (*p == '/' && reldir) { - rlen = strlen(lp_path(module_id)); - reldir = NULL; + if (*p == '/') { + if (!rootdir) + rootdir = module_dir; + rlen = strlen(rootdir); + depth = 0; p++; } if (dest) { @@ -743,79 +898,52 @@ char *sanitize_path(char *dest, const char *p, const char *reldir) } else if (!(dest = new_array(char, rlen + plen + 1))) out_of_memory("sanitize_path"); if (rlen) { - memcpy(dest, lp_path(module_id), rlen); + memcpy(dest, rootdir, rlen); if (rlen > 1) dest[rlen++] = '/'; } } - if (reldir) { - int new_component = 1; - while (*reldir) { - if (*reldir++ == '/') - new_component = 1; - else if (new_component) { - new_component = 0; - depth++; - } - } + if (drop_dot_dirs) { + while (*p == '.' && p[1] == '/') + p += 2; } start = sanp = dest + rlen; - while (*p == '/') { - /* remove leading slashes */ - p++; - } - while (*p != '\0') { - /* this loop iterates once per filename component in p. - * both p (and sanp if the original had a slash) should - * always be left pointing after a slash - */ - if (*p == '.' && (p[1] == '/' || p[1] == '\0')) { - /* skip "." component */ - while (*++p == '/') { - /* skip following slashes */ - ; - } + /* This loop iterates once per filename component in p, pointing at + * the start of the name (past any prior slash) for each iteration. */ + while (*p) { + /* discard leading or extra slashes */ + if (*p == '/') { + p++; continue; } - allowdotdot = 0; + if (drop_dot_dirs) { + if (*p == '.' && (p[1] == '/' || p[1] == '\0')) { + /* skip "." component */ + p++; + continue; + } + } if (*p == '.' && p[1] == '.' && (p[2] == '/' || p[2] == '\0')) { /* ".." component followed by slash or end */ - if (depth > 0 && sanp == start) { - /* allow depth levels of .. at the beginning */ - --depth; - allowdotdot = 1; - } else { + if (depth <= 0 || sanp != start) { p += 2; - if (*p == '/') - p++; if (sanp != start) { /* back up sanp one level */ --sanp; /* now pointing at slash */ - while (sanp > start && sanp[-1] != '/') { - /* skip back up to slash */ + while (sanp > start && sanp[-1] != '/') sanp--; - } } continue; } - } - while (1) { - /* copy one component through next slash */ - *sanp++ = *p++; - if (*p == '\0' || p[-1] == '/') { - while (*p == '/') { - /* skip multiple slashes */ - p++; - } - break; - } - } - if (allowdotdot) { + /* allow depth levels of .. at the beginning */ + depth--; /* move the virtual beginning to leave the .. alone */ - start = sanp; + start = sanp + 3; } + /* copy one component through next slash */ + while (*p && (*sanp++ = *p++) != '/') {} } if (sanp == dest) { /* ended up with nothing, so put in "." component */ @@ -826,15 +954,10 @@ char *sanitize_path(char *dest, const char *p, const char *reldir) return dest; } -char curr_dir[MAXPATHLEN]; -unsigned int curr_dir_len; - -/** - * Like chdir(), but it keeps track of the current directory (in the +/* Like chdir(), but it keeps track of the current directory (in the * global "curr_dir"), and ensures that the path size doesn't overflow. - * Also cleans the path using the clean_fname() function. - **/ -int push_dir(char *dir) + * Also cleans the path using the clean_fname() function. */ +int push_dir(const char *dir, int set_path_only) { static int initialised; unsigned int len; @@ -852,10 +975,12 @@ int push_dir(char *dir) if (len == 1 && *dir == '.') return 1; - if ((*dir == '/' ? len : curr_dir_len + 1 + len) >= sizeof curr_dir) + if ((*dir == '/' ? len : curr_dir_len + 1 + len) >= sizeof curr_dir) { + errno = ENAMETOOLONG; return 0; + } - if (chdir(dir)) + if (!set_path_only && chdir(dir)) return 0; if (*dir == '/') { @@ -867,7 +992,15 @@ int push_dir(char *dir) curr_dir_len += len; } - clean_fname(curr_dir); + curr_dir_len = clean_fname(curr_dir, CFN_COLLAPSE_DOT_DOT_DIRS); + if (sanitize_paths) { + if (module_dirlen > curr_dir_len) + module_dirlen = curr_dir_len; + curr_dir_depth = count_dir_elements(curr_dir + module_dirlen); + } + + if (verbose >= 5 && !set_path_only) + rprintf(FINFO, "[%s] push_dir(%s)\n", who_am_i(), curr_dir); return 1; } @@ -876,7 +1009,7 @@ int push_dir(char *dir) * Reverse a push_dir() call. You must pass in an absolute path * that was copied from a prior value of "curr_dir". **/ -int pop_dir(char *dir) +int pop_dir(const char *dir) { if (chdir(dir)) return 0; @@ -884,32 +1017,13 @@ int pop_dir(char *dir) curr_dir_len = strlcpy(curr_dir, dir, sizeof curr_dir); if (curr_dir_len >= sizeof curr_dir) curr_dir_len = sizeof curr_dir - 1; + if (sanitize_paths) + curr_dir_depth = count_dir_elements(curr_dir + module_dirlen); - return 1; -} - -/** - * Return the filename, turning any newlines into '?'s. This ensures that - * outputting it on a line of its own cannot generate an empty line. This - * function can handle only 2 names at a time! - **/ -const char *safe_fname(const char *fname) -{ - static char fbuf1[MAXPATHLEN], fbuf2[MAXPATHLEN]; - static char *fbuf = fbuf2; - char *nl = strchr(fname, '\n'); - - if (!nl) - return fname; - - fbuf = fbuf == fbuf1 ? fbuf2 : fbuf1; - strlcpy(fbuf, fname, MAXPATHLEN); - nl = fbuf + (nl - (char *)fname); - do { - *nl = '?'; - } while ((nl = strchr(nl+1, '\n')) != NULL); + if (verbose >= 5) + rprintf(FINFO, "[%s] pop_dir(%s)\n", who_am_i(), curr_dir); - return fbuf; + return 1; } /** @@ -926,34 +1040,23 @@ char *full_fname(const char *fn) if (result) free(result); - fn = safe_fname(fn); if (*fn == '/') p1 = p2 = ""; else { - p1 = curr_dir; - p2 = "/"; + p1 = curr_dir + module_dirlen; + for (p2 = p1; *p2 == '/'; p2++) {} + if (*p2) + p2 = "/"; } if (module_id >= 0) { m1 = " (in "; m2 = lp_name(module_id); m3 = ")"; - if (*p1) { - if (!lp_use_chroot(module_id)) { - char *p = lp_path(module_id); - if (*p != '/' || p[1]) - p1 += strlen(p); - } - if (!*p1) - p2++; - else - p1++; - } - else - fn++; } else m1 = m2 = m3 = ""; - asprintf(&result, "\"%s%s%s\"%s%s%s", p1, p2, fn, m1, m2, m3); + if (asprintf(&result, "\"%s%s%s\"%s%s%s", p1, p2, fn, m1, m2, m3) <= 0) + out_of_memory("full_fname"); return result; } @@ -978,9 +1081,15 @@ char *partial_dir_fname(const char *fname) fn = fname; if ((int)pathjoin(t, sz, partial_dir, fn) >= sz) return NULL; - if (server_exclude_list.head - && check_exclude(&server_exclude_list, partial_fname, 0) < 0) - return NULL; + if (daemon_filter_list.head) { + t = strrchr(partial_fname, '/'); + *t = '\0'; + if (check_filter(&daemon_filter_list, partial_fname, 1) < 0) + return NULL; + *t = '/'; + if (check_filter(&daemon_filter_list, partial_fname, 0) < 0) + return NULL; + } return partial_fname; } @@ -1002,11 +1111,7 @@ int handle_partial_dir(const char *fname, int create) dir = partial_fname; if (create) { STRUCT_STAT st; -#if SUPPORT_LINKS int statret = do_lstat(dir, &st); -#else - int statret = do_stat(dir, &st); -#endif if (statret == 0 && !S_ISDIR(st.st_mode)) { if (do_unlink(dir) < 0) return 0; @@ -1021,22 +1126,6 @@ int handle_partial_dir(const char *fname, int create) return 1; } -/** We need to supply our own strcmp function for file list comparisons - to ensure that signed/unsigned usage is consistent between machines. */ -int u_strcmp(const char *cs1, const char *cs2) -{ - const uchar *s1 = (const uchar *)cs1; - const uchar *s2 = (const uchar *)cs2; - - while (*s1 && *s2 && (*s1 == *s2)) { - s1++; s2++; - } - - return (int)*s1 - (int)*s2; -} - - - /** * Determine if a symlink points outside the current directory tree. * This is considered "unsafe" because e.g. when mirroring somebody @@ -1101,14 +1190,70 @@ int unsafe_symlink(const char *dest, const char *src) return (depth < 0); } +/* Return the int64 number as a string. If the --human-readable option was + * specified, we may output the number in K, M, or G units. We can return + * up to 4 buffers at a time. */ +char *human_num(int64 num) +{ + static char bufs[4][128]; /* more than enough room */ + static unsigned int n; + char *s; -/** - * Return the date and time as a string - **/ + n = (n + 1) % (sizeof bufs / sizeof bufs[0]); + + if (human_readable) { + char units = '\0'; + int mult = human_readable == 1 ? 1000 : 1024; + double dnum = 0; + if (num > mult*mult*mult) { + dnum = (double)num / (mult*mult*mult); + units = 'G'; + } else if (num > mult*mult) { + dnum = (double)num / (mult*mult); + units = 'M'; + } else if (num > mult) { + dnum = (double)num / mult; + units = 'K'; + } + if (units) { + snprintf(bufs[n], sizeof bufs[0], "%.2f%c", dnum, units); + return bufs[n]; + } + } + + s = bufs[n] + sizeof bufs[0] - 1; + *s = '\0'; + + if (!num) + *--s = '0'; + while (num) { + *--s = (char)(num % 10) + '0'; + num /= 10; + } + return s; +} + +/* Return the double number as a string. If the --human-readable option was + * specified, we may output the number in K, M, or G units. We use a buffer + * from human_num() to return our result. */ +char *human_dnum(double dnum, int decimal_digits) +{ + char *buf = human_num(dnum); + int len = strlen(buf); + if (isDigit(buf + len - 1)) { + /* There's extra room in buf prior to the start of the num. */ + buf -= decimal_digits + 1; + snprintf(buf, len + decimal_digits + 2, "%.*f", decimal_digits, dnum); + } + return buf; +} + +/* Return the date and time as a string. Some callers tweak returned buf. */ char *timestring(time_t t) { static char TimeBuf[200]; struct tm *tm = localtime(&t); + char *p; #ifdef HAVE_STRFTIME strftime(TimeBuf, sizeof TimeBuf - 1, "%Y/%m/%d %H:%M:%S", tm); @@ -1116,14 +1261,12 @@ char *timestring(time_t t) strlcpy(TimeBuf, asctime(tm), sizeof TimeBuf); #endif - if (TimeBuf[strlen(TimeBuf)-1] == '\n') { - TimeBuf[strlen(TimeBuf)-1] = 0; - } + if ((p = strchr(TimeBuf, '\n')) != NULL) + *p = '\0'; - return(TimeBuf); + return TimeBuf; } - /** * Sleep for a specified number of milliseconds. * @@ -1152,11 +1295,8 @@ int msleep(int t) return True; } - -/** - * Determine if two file modification times are equivalent (either - * exact or in the modification timestamp window established by - * --modify-window). +/* Determine if two time_t values are equivalent (either exact, or in + * the modification timestamp window established by --modify-window). * * @retval 0 if the times should be treated as the same * @@ -1164,7 +1304,7 @@ int msleep(int t) * * @retval -1 if the 2nd is later **/ -int cmp_modtime(time_t file1, time_t file2) +int cmp_time(time_t file1, time_t file2) { if (file2 > file1) { if (file2 - file1 <= modify_window) @@ -1210,22 +1350,247 @@ int _Insure_trap_error(int a1, int a2, int a3, int a4, int a5, int a6) } #endif - #define MALLOC_MAX 0x40000000 -void *_new_array(unsigned int size, unsigned long num) +void *_new_array(unsigned long num, unsigned int size, int use_calloc) { if (num >= MALLOC_MAX/size) return NULL; - return malloc(size * num); + return use_calloc ? calloc(num, size) : malloc(num * size); } void *_realloc_array(void *ptr, unsigned int size, unsigned long num) { if (num >= MALLOC_MAX/size) return NULL; - /* No realloc should need this, but just in case... */ if (!ptr) return malloc(size * num); return realloc(ptr, size * num); } + +/* Take a filename and filename length and return the most significant + * filename suffix we can find. This ignores suffixes such as "~", + * ".bak", ".orig", ".~1~", etc. */ +const char *find_filename_suffix(const char *fn, int fn_len, int *len_ptr) +{ + const char *suf, *s; + BOOL had_tilde; + int s_len; + + /* One or more dots at the start aren't a suffix. */ + while (fn_len && *fn == '.') fn++, fn_len--; + + /* Ignore the ~ in a "foo~" filename. */ + if (fn_len > 1 && fn[fn_len-1] == '~') + fn_len--, had_tilde = True; + else + had_tilde = False; + + /* Assume we don't find an suffix. */ + suf = ""; + *len_ptr = 0; + + /* Find the last significant suffix. */ + for (s = fn + fn_len; fn_len > 1; ) { + while (*--s != '.' && s != fn) {} + if (s == fn) + break; + s_len = fn_len - (s - fn); + fn_len = s - fn; + if (s_len == 4) { + if (strcmp(s+1, "bak") == 0 + || strcmp(s+1, "old") == 0) + continue; + } else if (s_len == 5) { + if (strcmp(s+1, "orig") == 0) + continue; + } else if (s_len > 2 && had_tilde + && s[1] == '~' && isDigit(s + 2)) + continue; + *len_ptr = s_len; + suf = s; + if (s_len == 1) + break; + /* Determine if the suffix is all digits. */ + for (s++, s_len--; s_len > 0; s++, s_len--) { + if (!isDigit(s)) + return suf; + } + /* An all-digit suffix may not be that signficant. */ + s = suf; + } + + return suf; +} + +/* This is an implementation of the Levenshtein distance algorithm. It + * was implemented to avoid needing a two-dimensional matrix (to save + * memory). It was also tweaked to try to factor in the ASCII distance + * between changed characters as a minor distance quantity. The normal + * Levenshtein units of distance (each signifying a single change between + * the two strings) are defined as a "UNIT". */ + +#define UNIT (1 << 16) + +uint32 fuzzy_distance(const char *s1, int len1, const char *s2, int len2) +{ + uint32 a[MAXPATHLEN], diag, above, left, diag_inc, above_inc, left_inc; + int32 cost; + int i1, i2; + + if (!len1 || !len2) { + if (!len1) { + s1 = s2; + len1 = len2; + } + for (i1 = 0, cost = 0; i1 < len1; i1++) + cost += s1[i1]; + return (int32)len1 * UNIT + cost; + } + + for (i2 = 0; i2 < len2; i2++) + a[i2] = (i2+1) * UNIT; + + for (i1 = 0; i1 < len1; i1++) { + diag = i1 * UNIT; + above = (i1+1) * UNIT; + for (i2 = 0; i2 < len2; i2++) { + left = a[i2]; + if ((cost = *((uchar*)s1+i1) - *((uchar*)s2+i2)) != 0) { + if (cost < 0) + cost = UNIT - cost; + else + cost = UNIT + cost; + } + diag_inc = diag + cost; + left_inc = left + UNIT + *((uchar*)s1+i1); + above_inc = above + UNIT + *((uchar*)s2+i2); + a[i2] = above = left < above + ? (left_inc < diag_inc ? left_inc : diag_inc) + : (above_inc < diag_inc ? above_inc : diag_inc); + diag = left; + } + } + + return a[len2-1]; +} + +#define BB_SLOT_SIZE (16*1024) /* Desired size in bytes */ +#define BB_PER_SLOT_BITS (BB_SLOT_SIZE * 8) /* Number of bits per slot */ +#define BB_PER_SLOT_INTS (BB_SLOT_SIZE / 4) /* Number of int32s per slot */ + +struct bitbag { + uint32 **bits; + int slot_cnt; +}; + +struct bitbag *bitbag_create(int max_ndx) +{ + struct bitbag *bb = new(struct bitbag); + bb->slot_cnt = (max_ndx + BB_PER_SLOT_BITS - 1) / BB_PER_SLOT_BITS; + + if (!(bb->bits = (uint32**)calloc(bb->slot_cnt, sizeof (uint32*)))) + out_of_memory("bitbag_create"); + + return bb; +} + +void bitbag_set_bit(struct bitbag *bb, int ndx) +{ + int slot = ndx / BB_PER_SLOT_BITS; + ndx %= BB_PER_SLOT_BITS; + + if (!bb->bits[slot]) { + if (!(bb->bits[slot] = (uint32*)calloc(BB_PER_SLOT_INTS, 4))) + out_of_memory("bitbag_set_bit"); + } + + bb->bits[slot][ndx/32] |= 1u << (ndx % 32); +} + +#if 0 /* not needed yet */ +void bitbag_clear_bit(struct bitbag *bb, int ndx) +{ + int slot = ndx / BB_PER_SLOT_BITS; + ndx %= BB_PER_SLOT_BITS; + + if (!bb->bits[slot]) + return; + + bb->bits[slot][ndx/32] &= ~(1u << (ndx % 32)); +} + +int bitbag_check_bit(struct bitbag *bb, int ndx) +{ + int slot = ndx / BB_PER_SLOT_BITS; + ndx %= BB_PER_SLOT_BITS; + + if (!bb->bits[slot]) + return 0; + + return bb->bits[slot][ndx/32] & (1u << (ndx % 32)) ? 1 : 0; +} +#endif + +/* Call this with -1 to start checking from 0. Returns -1 at the end. */ +int bitbag_next_bit(struct bitbag *bb, int after) +{ + uint32 bits, mask; + int i, ndx = after + 1; + int slot = ndx / BB_PER_SLOT_BITS; + ndx %= BB_PER_SLOT_BITS; + + mask = (1u << (ndx % 32)) - 1; + for (i = ndx / 32; slot < bb->slot_cnt; slot++, i = mask = 0) { + if (!bb->bits[slot]) + continue; + for ( ; i < BB_PER_SLOT_INTS; i++, mask = 0) { + if (!(bits = bb->bits[slot][i] & ~mask)) + continue; + /* The xor magic figures out the lowest enabled bit in + * bits, and the switch quickly computes log2(bit). */ + switch (bits ^ (bits & (bits-1))) { +#define LOG2(n) case 1u << n: return slot*BB_PER_SLOT_BITS + i*32 + n + LOG2(0); LOG2(1); LOG2(2); LOG2(3); + LOG2(4); LOG2(5); LOG2(6); LOG2(7); + LOG2(8); LOG2(9); LOG2(10); LOG2(11); + LOG2(12); LOG2(13); LOG2(14); LOG2(15); + LOG2(16); LOG2(17); LOG2(18); LOG2(19); + LOG2(20); LOG2(21); LOG2(22); LOG2(23); + LOG2(24); LOG2(25); LOG2(26); LOG2(27); + LOG2(28); LOG2(29); LOG2(30); LOG2(31); + } + return -1; /* impossible... */ + } + } + + return -1; +} + +void *expand_item_list(item_list *lp, size_t item_size, + const char *desc, int incr) +{ + /* First time through, 0 <= 0, so list is expanded. */ + if (lp->malloced <= lp->count) { + void *new_ptr; + size_t new_size = lp->malloced; + if (incr < 0) + new_size += -incr; /* increase slowly */ + else if (new_size < (size_t)incr) + new_size += incr; + else + new_size *= 2; + new_ptr = realloc_array(lp->items, char, new_size * item_size); + if (verbose >= 4) { + rprintf(FINFO, "[%s] expand %s to %.0f bytes, did%s move\n", + who_am_i(), desc, (double)new_size * item_size, + new_ptr == lp->items ? " not" : ""); + } + if (!new_ptr) + out_of_memory("expand_item_list"); + + lp->items = new_ptr; + lp->malloced = new_size; + } + return (char*)lp->items + (lp->count++ * item_size); +}