.fmf/version

@@ -1 +0,0 @@
-1

.gitignore

@@ -1,18 +1,2 @@
-rsync-3.0.8.tar.gz
+SOURCES/rsync-3.1.3.tar.gz
-rsync-patches-3.0.8.tar.gz
+SOURCES/rsync-patches-3.1.3.tar.gz
-/rsync-3.0.9.tar.gz
-/rsync-patches-3.0.9.tar.gz
-/rsync-3.1.0pre1.tar.gz
-/rsync-patches-3.1.0pre1.tar.gz
-/rsync-3.1.0.tar.gz
-/rsync-patches-3.1.0.tar.gz
-/rsync-3.1.2.tar.gz
-/rsync-patches-3.1.2.tar.gz
-/rsync-3.1.3.tar.gz
-/rsync-patches-3.1.3.tar.gz
-/rsync-3.2.2.tar.gz
-/rsync-patches-3.2.2.tar.gz
-/rsync-3.2.3.tar.gz
-/rsync-patches-3.2.3.tar.gz
-/rsync-3.2.5.tar.gz
-/rsync-patches-3.2.5.tar.gz

.rsync.metadata

@@ -0,0 +1,2 @@
+82e7829c0b3cefbd33c233005341e2073c425629 SOURCES/rsync-3.1.3.tar.gz
+74c16510a18ef43d797f9ceba6150f0862568cc0 SOURCES/rsync-patches-3.1.3.tar.gz

Makefile

@@ -1,21 +0,0 @@
-# Makefile for source rpm: rsync
-# $Id$
-NAME := rsync
-SPECFILE = $(firstword $(wildcard *.spec))
-
-define find-makefile-common
-for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
-endef
-
-MAKEFILE_COMMON := $(shell $(find-makefile-common))
-
-ifeq ($(MAKEFILE_COMMON),)
-# attempt a checkout
-define checkout-makefile-common
-test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
-endef
-
-MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
-endif
-
-include $(MAKEFILE_COMMON)

SOURCES/rsync-3.1.2-remove-symlinks.patch

@@ -0,0 +1,33 @@
+diff --git a/sender.c b/sender.c
+index 03e4aadd..9b432ed9 100644
+--- a/sender.c
++++ b/sender.c
+@@ -32,6 +32,7 @@ extern int logfile_format_has_i;
+ extern int want_xattr_optim;
+ extern int csum_length;
+ extern int append_mode;
++extern int copy_links;
+ extern int io_error;
+ extern int flist_eof;
+ extern int allowed_lull;
+@@ -138,17 +139,16 @@ void successful_send(int ndx)
+ 		return;
+ 	f_name(file, fname);
+ 
+-	if (do_lstat(fname, &st) < 0) {
++	if ((copy_links ? do_stat(fname, &st) : do_lstat(fname, &st)) < 0) {
+ 		failed_op = "re-lstat";
+ 		goto failed;
+ 	}
+ 
+-	if (S_ISREG(file->mode) /* Symlinks & devices don't need this check: */
+-	 && (st.st_size != F_LENGTH(file) || st.st_mtime != file->modtime
++	if (st.st_size != F_LENGTH(file) || st.st_mtime != file->modtime
+ #ifdef ST_MTIME_NSEC
+ 	 || (NSEC_BUMP(file) && (uint32)st.ST_MTIME_NSEC != F_MOD_NSEC(file))
+ #endif
+-	)) {
++	) {
+ 		rprintf(FERROR_XFER, "ERROR: Skipping sender remove for changed file: %s\n", fname);
+ 		return;
+ 	}

SOURCES/rsync-3.1.2-vvv-hang.patch

@@ -0,0 +1,33 @@
+diff --git a/io.c b/io.c
+index 999c34e5..ceff3784 100644
+--- a/io.c
++++ b/io.c
+@@ -954,8 +954,17 @@ int send_msg(enum msgcode code, const char *buf, size_t len, int convert)
+ 	} else
+ #endif
+ 		needed = len + 4 + 3;
+-	if (iobuf.msg.len + needed > iobuf.msg.size)
+-		perform_io(needed, PIO_NEED_MSGROOM);
++	if (iobuf.msg.len + needed > iobuf.msg.size) {
++		if (!am_receiver)
++			perform_io(needed, PIO_NEED_MSGROOM);
++		else { /* We allow the receiver to increase their iobuf.msg size to avoid a deadlock. */
++			size_t old_size = iobuf.msg.size;
++			restore_iobuf_size(&iobuf.msg);
++			realloc_xbuf(&iobuf.msg, iobuf.msg.size * 2);
++			if (iobuf.msg.pos + iobuf.msg.len > old_size)
++				memcpy(iobuf.msg.buf + old_size, iobuf.msg.buf, iobuf.msg.pos + iobuf.msg.len - old_size);
++		}
++	}
+ 
+ 	pos = iobuf.msg.pos + iobuf.msg.len; /* Must be set after any flushing. */
+ 	if (pos >= iobuf.msg.size)
+@@ -1176,7 +1185,7 @@ int read_line(int fd, char *buf, size_t bufsiz, int flags)
+ 
+ #ifdef ICONV_OPTION
+ 	if (flags & RL_CONVERT && iconv_buf.size < bufsiz)
+-		realloc_xbuf(&iconv_buf, bufsiz + 1024);
++		realloc_xbuf(&iconv_buf, ROUND_UP_1024(bufsiz) + 1024);
+ #endif
+ 
+   start:

SOURCES/rsync-3.1.3-append-check.patch

@@ -0,0 +1,44 @@
+commit bd17c2a4e237ca1f38544db65053ecfea6054009
+Author: Tomas Korbar <tkorbar@redhat.com>
+Date:   Thu Sep 24 13:17:45 2020 +0200
+
+    Skip files for transfer that has been truncated during negotiation
+
+diff --git a/rsync.1 b/rsync.1
+index 6cabd44..855dd47 100644
+--- a/rsync.1
++++ b/rsync.1
+@@ -1004,8 +1004,10 @@ This causes rsync to update a file by appending data onto
+ the end of the file, which presumes that the data that already exists on
+ the receiving side is identical with the start of the file on the sending
+ side.  If a file needs to be transferred and its size on the receiver is
+-the same or longer than the size on the sender, the file is skipped.  This
+-does not interfere with the updating of a file\(cq\&s non\-content attributes
++the same or longer than the size on the sender, the file is skipped. It
++also skips any files whose size on the sending side gets shorter during
++the send negotiations (rsync warns about a "diminished" file when this
++happens). This does not interfere with the updating of a file\(cq\&s non\-content attributes
+ (e.g. permissions, ownership, etc.) when the file does not need to be
+ transferred, nor does it affect the updating of any non\-regular files.
+ Implies \fB\-\-inplace\fP.
+diff --git a/sender.c b/sender.c
+index 1cc28a1..e22eadd 100644
+--- a/sender.c
++++ b/sender.c
+@@ -379,6 +379,16 @@ void send_files(int f_in, int f_out)
+ 			}
+ 		}
+ 
++		if (append_mode > 0 && st.st_size < F_LENGTH(file)) {
++			rprintf(FWARNING, "skipped diminished file: %s\n",
++				full_fname(fname));
++			free_sums(s);
++			close(fd);
++			if (protocol_version >= 30)
++				send_msg_int(MSG_NO_SEND, ndx);
++			continue;
++		}
++
+ 		if (st.st_size) {
+ 			int32 read_size = MAX(s->blength * 3, MAX_MAP_SIZE);
+ 			mbuf = map_file(fd, st.st_size, read_size, s->blength);

SOURCES/rsync-3.1.3-covscan.patch

@@ -0,0 +1,57 @@
+diff --git a/util.c b/util.c
+index fbbfd8ba..235afa82 100644
+--- a/util.c
++++ b/util.c
+@@ -342,6 +342,7 @@ int copy_file(const char *source, const char *dest, int ofd, mode_t mode)
+ 		if (robust_unlink(dest) && errno != ENOENT) {
+ 			int save_errno = errno;
+ 			rsyserr(FERROR_XFER, errno, "unlink %s", full_fname(dest));
++			close(ifd);
+ 			errno = save_errno;
+ 			return -1;
+ 		}
+diff --git a/lib/pool_alloc.c b/lib/pool_alloc.c
+index 5856d591..a70a3f1a 100644
+--- a/lib/pool_alloc.c
++++ b/lib/pool_alloc.c
+@@ -49,15 +49,15 @@ pool_create(size_t size, size_t quantum, void (*bomb)(const char *), int flags)
+ {
+ 	struct alloc_pool *pool;
+ 
+-	if (!(pool = new0(struct alloc_pool)))
+-		return NULL;
+-
+ 	if ((MINALIGN & (MINALIGN - 1)) != 0) {
+ 		if (bomb)
+ 			(*bomb)("Compiler error: MINALIGN is not a power of 2\n");
+ 		return NULL;
+ 	}
+ 
++	if (!(pool = new0(struct alloc_pool)))
++		return NULL;
++
+ 	if (!size)
+ 		size = POOL_DEF_EXTENT;
+ 	if (!quantum)
+diff --git a/batch.c b/batch.c
+index 21c632fc..1ab66e90 100644
+--- a/batch.c
++++ b/batch.c
+@@ -216,7 +216,7 @@ static void write_filter_rules(int fd)
+ void write_batch_shell_file(int argc, char *argv[], int file_arg_cnt)
+ {
+ 	int fd, i, len, err = 0;
+-	char *p, filename[MAXPATHLEN];
++	char *p, *p2, filename[MAXPATHLEN];
+ 
+ 	stringjoin(filename, sizeof filename,
+ 		   batch_name, ".sh", NULL);
+@@ -267,7 +267,7 @@ void write_batch_shell_file(int argc, char *argv[], int file_arg_cnt)
+ 				err = 1;
+ 		}
+ 	}
+-	if (!(p = check_for_hostspec(argv[argc - 1], &p, &i)))
++	if (!(p = check_for_hostspec(argv[argc - 1], &p2, &i)))
+ 		p = argv[argc - 1];
+ 	if (write(fd, " ${1:-", 6) != 6
+ 	 || write_arg(fd, p) < 0)

SOURCES/rsync-3.1.3-cve-2018-25032.patch

@@ -0,0 +1,343 @@
+From 5c44459c3b28a9bd3283aaceab7c615f8020c531 Mon Sep 17 00:00:00 2001
+From: Mark Adler <madler@alumni.caltech.edu>
+Date: Tue, 17 Apr 2018 22:09:22 -0700
+Subject: [PATCH] Fix a bug that can crash deflate on some input when using
+ Z_FIXED.
+
+This bug was reported by Danilo Ramos of Eideticom, Inc. It has
+lain in wait 13 years before being found! The bug was introduced
+in zlib 1.2.2.2, with the addition of the Z_FIXED option. That
+option forces the use of fixed Huffman codes. For rare inputs with
+a large number of distant matches, the pending buffer into which
+the compressed data is written can overwrite the distance symbol
+table which it overlays. That results in corrupted output due to
+invalid distances, and can result in out-of-bound accesses,
+crashing the application.
+
+The fix here combines the distance buffer and literal/length
+buffers into a single symbol buffer. Now three bytes of pending
+buffer space are opened up for each literal or length/distance
+pair consumed, instead of the previous two bytes. This assures
+that the pending buffer cannot overwrite the symbol table, since
+the maximum fixed code compressed length/distance is 31 bits, and
+since there are four bytes of pending space for every three bytes
+of symbol space.
+---
+ deflate.c | 74 ++++++++++++++++++++++++++++++++++++++++---------------
+ deflate.h | 25 +++++++++----------
+ trees.c   | 50 +++++++++++--------------------------
+ 3 files changed, 79 insertions(+), 70 deletions(-)
+
+diff --git a/zlib/deflate.c b/zlib/deflate.c
+index 425babc00..19cba873a 100644
+--- a/zlib/deflate.c
++++ b/zlib/deflate.c
+@@ -255,11 +255,6 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+     int wrap = 1;
+     static const char my_version[] = ZLIB_VERSION;
+ 
+-    ushf *overlay;
+-    /* We overlay pending_buf and d_buf+l_buf. This works since the average
+-     * output size for (length,distance) codes is <= 24 bits.
+-     */
+-
+     if (version == Z_NULL || version[0] != my_version[0] ||
+         stream_size != sizeof(z_stream)) {
+         return Z_VERSION_ERROR;
+@@ -329,9 +324,47 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+ 
+     s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */
+ 
+-    overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2);
+-    s->pending_buf = (uchf *) overlay;
+-    s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L);
++    /* We overlay pending_buf and sym_buf. This works since the average size
++     * for length/distance pairs over any compressed block is assured to be 31
++     * bits or less.
++     *
++     * Analysis: The longest fixed codes are a length code of 8 bits plus 5
++     * extra bits, for lengths 131 to 257. The longest fixed distance codes are
++     * 5 bits plus 13 extra bits, for distances 16385 to 32768. The longest
++     * possible fixed-codes length/distance pair is then 31 bits total.
++     *
++     * sym_buf starts one-fourth of the way into pending_buf. So there are
++     * three bytes in sym_buf for every four bytes in pending_buf. Each symbol
++     * in sym_buf is three bytes -- two for the distance and one for the
++     * literal/length. As each symbol is consumed, the pointer to the next
++     * sym_buf value to read moves forward three bytes. From that symbol, up to
++     * 31 bits are written to pending_buf. The closest the written pending_buf
++     * bits gets to the next sym_buf symbol to read is just before the last
++     * code is written. At that time, 31*(n-2) bits have been written, just
++     * after 24*(n-2) bits have been consumed from sym_buf. sym_buf starts at
++     * 8*n bits into pending_buf. (Note that the symbol buffer fills when n-1
++     * symbols are written.) The closest the writing gets to what is unread is
++     * then n+14 bits. Here n is lit_bufsize, which is 16384 by default, and
++     * can range from 128 to 32768.
++     *
++     * Therefore, at a minimum, there are 142 bits of space between what is
++     * written and what is read in the overlain buffers, so the symbols cannot
++     * be overwritten by the compressed data. That space is actually 139 bits,
++     * due to the three-bit fixed-code block header.
++     *
++     * That covers the case where either Z_FIXED is specified, forcing fixed
++     * codes, or when the use of fixed codes is chosen, because that choice
++     * results in a smaller compressed block than dynamic codes. That latter
++     * condition then assures that the above analysis also covers all dynamic
++     * blocks. A dynamic-code block will only be chosen to be emitted if it has
++     * fewer bits than a fixed-code block would for the same set of symbols.
++     * Therefore its average symbol length is assured to be less than 31. So
++     * the compressed data for a dynamic block also cannot overwrite the
++     * symbols from which it is being constructed.
++     */
++
++    s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4);
++    s->pending_buf_size = (ulg)s->lit_bufsize * 4;
+ 
+     if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL ||
+         s->pending_buf == Z_NULL) {
+@@ -340,8 +373,12 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy,
+         deflateEnd (strm);
+         return Z_MEM_ERROR;
+     }
+-    s->d_buf = overlay + s->lit_bufsize/sizeof(ush);
+-    s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize;
++    s->sym_buf = s->pending_buf + s->lit_bufsize;
++    s->sym_end = (s->lit_bufsize - 1) * 3;
++    /* We avoid equality with lit_bufsize*3 because of wraparound at 64K
++     * on 16 bit machines and because stored blocks are restricted to
++     * 64K-1 bytes.
++     */
+ 
+     s->level = level;
+     s->strategy = strategy;
+@@ -552,7 +589,7 @@ int ZEXPORT deflatePrime (strm, bits, value)
+ 
+     if (strm == Z_NULL || strm->state == Z_NULL) return Z_STREAM_ERROR;
+     s = strm->state;
+-    if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3))
++    if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3))
+         return Z_BUF_ERROR;
+     do {
+         put = Buf_size - s->bi_valid;
+@@ -1113,7 +1150,6 @@ int ZEXPORT deflateCopy (dest, source)
+ #else
+     deflate_state *ds;
+     deflate_state *ss;
+-    ushf *overlay;
+ 
+ 
+     if (source == Z_NULL || dest == Z_NULL || source->state == Z_NULL) {
+@@ -1133,8 +1169,7 @@ int ZEXPORT deflateCopy (dest, source)
+     ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte));
+     ds->prev   = (Posf *)  ZALLOC(dest, ds->w_size, sizeof(Pos));
+     ds->head   = (Posf *)  ZALLOC(dest, ds->hash_size, sizeof(Pos));
+-    overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2);
+-    ds->pending_buf = (uchf *) overlay;
++    ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4);
+ 
+     if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL ||
+         ds->pending_buf == Z_NULL) {
+@@ -1148,8 +1183,7 @@ int ZEXPORT deflateCopy (dest, source)
+     zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size);
+ 
+     ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf);
+-    ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush);
+-    ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize;
++    ds->sym_buf = ds->pending_buf + ds->lit_bufsize;
+ 
+     ds->l_desc.dyn_tree = ds->dyn_ltree;
+     ds->d_desc.dyn_tree = ds->dyn_dtree;
+@@ -1771,7 +1771,7 @@ local block_state deflate_fast(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+@@ -1912,7 +1912,7 @@ local block_state deflate_slow(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+@@ -1987,7 +1987,7 @@ local block_state deflate_rle(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+@@ -2026,7 +2026,7 @@ local block_state deflate_huff(s, flush)
+         FLUSH_BLOCK(s, 1);
+         return finish_done;
+     }
+-    if (s->last_lit)
++    if (s->sym_next)
+         FLUSH_BLOCK(s, 0);
+     return block_done;
+ }
+diff --git a/zlib/deflate.h b/zlib/deflate.h
+index 23ecdd312..d4cf1a98b 100644
+--- a/zlib/deflate.h
++++ b/zlib/deflate.h
+@@ -217,7 +217,7 @@ typedef struct internal_state {
+     /* Depth of each subtree used as tie breaker for trees of equal frequency
+      */
+ 
+-    uchf *l_buf;          /* buffer for literals or lengths */
++    uchf *sym_buf;        /* buffer for distances and literals/lengths */
+ 
+     uInt  lit_bufsize;
+     /* Size of match buffer for literals/lengths.  There are 4 reasons for
+@@ -239,13 +239,8 @@ typedef struct internal_state {
+      *   - I can't count above 4
+      */
+ 
+-    uInt last_lit;      /* running index in l_buf */
+-
+-    ushf *d_buf;
+-    /* Buffer for distances. To simplify the code, d_buf and l_buf have
+-     * the same number of elements. To use different lengths, an extra flag
+-     * array would be necessary.
+-     */
++    uInt sym_next;      /* running index in sym_buf */
++    uInt sym_end;       /* symbol table full when sym_next reaches this */
+ 
+     ulg opt_len;        /* bit length of current block with optimal trees */
+     ulg static_len;     /* bit length of current block with static trees */
+@@ -317,20 +317,22 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf,
+ 
+ # define _tr_tally_lit(s, c, flush) \
+   { uch cc = (c); \
+-    s->d_buf[s->last_lit] = 0; \
+-    s->l_buf[s->last_lit++] = cc; \
++    s->sym_buf[s->sym_next++] = 0; \
++    s->sym_buf[s->sym_next++] = 0; \
++    s->sym_buf[s->sym_next++] = cc; \
+     s->dyn_ltree[cc].Freq++; \
+-    flush = (s->last_lit == s->lit_bufsize-1); \
++    flush = (s->sym_next == s->sym_end); \
+    }
+ # define _tr_tally_dist(s, distance, length, flush) \
+   { uch len = (length); \
+     ush dist = (distance); \
+-    s->d_buf[s->last_lit] = dist; \
+-    s->l_buf[s->last_lit++] = len; \
++    s->sym_buf[s->sym_next++] = dist; \
++    s->sym_buf[s->sym_next++] = dist >> 8; \
++    s->sym_buf[s->sym_next++] = len; \
+     dist--; \
+     s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \
+     s->dyn_dtree[d_code(dist)].Freq++; \
+-    flush = (s->last_lit == s->lit_bufsize-1); \
++    flush = (s->sym_next == s->sym_end); \
+   }
+ #else
+ # define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c)
+diff --git a/zlib/trees.c b/zlib/trees.c
+index 4f4a65011..decaeb7c3 100644
+--- a/zlib/trees.c
++++ b/zlib/trees.c
+@@ -416,7 +416,7 @@ local void init_block(s)
+ 
+     s->dyn_ltree[END_BLOCK].Freq = 1;
+     s->opt_len = s->static_len = 0L;
+-    s->last_lit = s->matches = 0;
++    s->sym_next = s->matches = 0;
+ }
+ 
+ #define SMALLEST 1
+@@ -948,7 +948,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last)
+ 
+         Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ",
+                 opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len,
+-                s->last_lit));
++                s->sym_next / 3));
+ 
+         if (static_lenb <= opt_lenb) opt_lenb = static_lenb;
+ 
+@@ -1017,8 +1017,9 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+     unsigned dist;  /* distance of matched string */
+     unsigned lc;    /* match length-MIN_MATCH or unmatched char (if dist==0) */
+ {
+-    s->d_buf[s->last_lit] = (ush)dist;
+-    s->l_buf[s->last_lit++] = (uch)lc;
++    s->sym_buf[s->sym_next++] = dist;
++    s->sym_buf[s->sym_next++] = dist >> 8;
++    s->sym_buf[s->sym_next++] = lc;
+     if (dist == 0) {
+         /* lc is the unmatched char */
+         s->dyn_ltree[lc].Freq++;
+@@ -1033,30 +1034,7 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc)
+         s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++;
+         s->dyn_dtree[d_code(dist)].Freq++;
+     }
+-
+-#ifdef TRUNCATE_BLOCK
+-    /* Try to guess if it is profitable to stop the current block here */
+-    if ((s->last_lit & 0x1fff) == 0 && s->level > 2) {
+-        /* Compute an upper bound for the compressed length */
+-        ulg out_length = (ulg)s->last_lit*8L;
+-        ulg in_length = (ulg)((long)s->strstart - s->block_start);
+-        int dcode;
+-        for (dcode = 0; dcode < D_CODES; dcode++) {
+-            out_length += (ulg)s->dyn_dtree[dcode].Freq *
+-                (5L+extra_dbits[dcode]);
+-        }
+-        out_length >>= 3;
+-        Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ",
+-               s->last_lit, in_length, out_length,
+-               100L - out_length*100L/in_length));
+-        if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1;
+-    }
+-#endif
+-    return (s->last_lit == s->lit_bufsize-1);
+-    /* We avoid equality with lit_bufsize because of wraparound at 64K
+-     * on 16 bit machines and because stored blocks are restricted to
+-     * 64K-1 bytes.
+-     */
++    return (s->sym_next == s->sym_end);
+ }
+ 
+ /* ===========================================================================
+@@ -1069,13 +1047,14 @@ local void compress_block(s, ltree, dtree)
+ {
+     unsigned dist;      /* distance of matched string */
+     int lc;             /* match length or unmatched char (if dist == 0) */
+-    unsigned lx = 0;    /* running index in l_buf */
++    unsigned sx = 0;    /* running index in sym_buf */
+     unsigned code;      /* the code to send */
+     int extra;          /* number of extra bits to send */
+ 
+-    if (s->last_lit != 0) do {
+-        dist = s->d_buf[lx];
+-        lc = s->l_buf[lx++];
++    if (s->sym_next != 0) do {
++        dist = s->sym_buf[sx++] & 0xff;
++        dist += (unsigned)(s->sym_buf[sx++] & 0xff) << 8;
++        lc = s->sym_buf[sx++];
+         if (dist == 0) {
+             send_code(s, lc, ltree); /* send a literal byte */
+             Tracecv(isgraph(lc), (stderr," '%c' ", lc));
+@@ -1100,11 +1079,10 @@ local void compress_block(s, ltree, dtree)
+             }
+         } /* literal or match pair ? */
+ 
+-        /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */
+-        Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx,
+-               "pendingBuf overflow");
++        /* Check that the overlay between pending_buf and sym_buf is ok: */
++        Assert(s->pending < s->lit_bufsize + sx, "pendingBuf overflow");
+ 
+-    } while (lx < s->last_lit);
++    } while (sx < s->sym_next);
+ 
+     send_code(s, END_BLOCK, ltree);
+ }

SOURCES/rsync-3.1.3-cve-2022-37434.patch

@@ -0,0 +1,16 @@
+diff --git a/zlib/inflate.c b/zlib/inflate.c
+index e43abd9..bd33c19 100644
+--- a/zlib/inflate.c
++++ b/zlib/inflate.c
+@@ -740,8 +740,9 @@ int flush;
+                 if (copy > have) copy = have;
+                 if (copy) {
+                     if (state->head != Z_NULL &&
+-                        state->head->extra != Z_NULL) {
+-                        len = state->head->extra_len - state->length;
++                        state->head->extra != Z_NULL &&
++                        (len = state->head->extra_len - state->length) <
++			    state->head->extra_max) {
+                         zmemcpy(state->head->extra + len, next,
+                                 len + copy > state->head->extra_max ?
+                                 state->head->extra_max - len : copy);

SOURCES/rsync-3.1.3-filtering-rules.patch

@@ -40,7 +40,7 @@ index 13c4253..232249f 100644
 +	int slash_cnt = 0;
  	const char *cp;
  	char *p;
- 	if (trust_sender_args)
+ 	if (am_server || old_style_args || list_only || read_batch || filesfrom_host != NULL)
 @@ -407,6 +413,7 @@ void add_implied_include(const char *arg, int skip_daemon_module)
  		arg++;
  	arg_len = strlen(arg);
@@ -287,6 +287,21 @@ index 13c4253..232249f 100644
  }
  
  /* This is only called by the client. */
+diff --git a/options.c b/options.c
+index afc33ce..4d0a1a6 100644
+--- a/options.c
++++ b/options.c
+@@ -2426,7 +2426,9 @@ char *safe_arg(const char *opt, const char *arg)
+ 	char *ret;
+ 	if (!protect_args && old_style_args < 2 && (!old_style_args || (!is_filename_arg && opt != SPLIT_ARG_WHEN_OLD))) {
+ 		const char *f;
+-		if (!old_style_args && *arg == '~' && (relative_paths || !strchr(arg, '/'))) {
++		if (!old_style_args && *arg == '~' 
++				&& ((relative_paths && !strstr(arg, "/./")) 
++				|| !strchr(arg, '/'))) {
+ 			extras++;
+ 			escape_leading_tilde = 1;
+ 		}
 diff --git a/flist.c b/flist.c
 index 630d685..8c2397b 100644
 --- a/flist.c

SOURCES/rsync-3.1.3-ignore-missing.patch

@@ -0,0 +1,49 @@
+commit af6118d98b3482cbcfc223bf2a0777bc19eccb02
+Author: Wayne Davison <wayne@opencoder.net>
+Date:   Sun Apr 26 18:02:17 2020 -0700
+
+    Allow a missing parent dir when --delete-missing-args was specified.
+
+diff --git a/generator.c b/generator.c
+index 3c50f63f..b90c7ccd 100644
+--- a/generator.c
++++ b/generator.c
+@@ -1277,10 +1277,16 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
+ 			 && (*dn != '.' || dn[1]) /* Avoid an issue with --relative and the "." dir. */
+ 			 && (!prior_dir_file || strcmp(dn, f_name(prior_dir_file, NULL)) != 0)
+ 			 && flist_find_name(cur_flist, dn, 1) < 0) {
+-				rprintf(FERROR,
+-					"ABORTING due to invalid path from sender: %s/%s\n",
+-					dn, file->basename);
+-				exit_cleanup(RERR_PROTOCOL);
++				/* The --delete-missing-args option can actually put invalid entries into
++				 * the file list, so if that option was specified, we'll just complain about
++				 * it and allow it. */
++				if (missing_args == 2 && file->mode == 0)
++					rprintf(FERROR, "WARNING: parent dir is absent in the file list: %s\n", dn);
++				else {
++					rprintf(FERROR, "ABORTING due to invalid path from sender: %s/%s\n",
++						dn, file->basename);
++					exit_cleanup(RERR_PROTOCOL);
++				}
+ 			}
+ 			if (relative_paths && !implied_dirs
+ 			 && do_stat(dn, &sx.st) < 0) {
+@@ -1383,7 +1389,7 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
+ 			added_perms = 0;
+ 		if (is_dir < 0) {
+ 			if (!(preserve_times & PRESERVE_DIR_TIMES))
+-				return;
++				goto cleanup;
+ 			/* In inc_recurse mode we want to make sure any missing
+ 			 * directories get created while we're still processing
+ 			 * the parent dir (which allows us to touch the parent
+@@ -1525,7 +1531,7 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
+ 					"ignoring unsafe symlink \"%s\" -> \"%s\"\n",
+ 					fname, sl);
+ 			}
+-			return;
++			goto cleanup;
+ 		}
+ 		if (statret == 0) {
+ 			char lnk[MAXPATHLEN];

SOURCES/rsync-3.1.3-missing-xattr-filter.patch

@@ -0,0 +1,13 @@
+diff --git a/exclude.c.old b/exclude.c
+index 232249f..2f6dccc 100644
+--- a/exclude.c.old
++++ b/exclude.c
+@@ -1575,6 +1575,8 @@ char *get_rule_prefix(filter_rule *rule, const char *pat, int for_xfer,
+ 	}
+ 	if (rule->rflags & FILTRULE_EXCLUDE_SELF)
+ 		*op++ = 'e';
++	if (rule->rflags & FILTRULE_XATTR)
++		*op++ = 'x';
+ 	if (rule->rflags & FILTRULE_SENDER_SIDE
+ 	    && (!for_xfer || protocol_version >= 29))
+ 		*op++ = 's';

SOURCES/rsync-3.1.3-skip-compress.patch

@@ -0,0 +1,37 @@
+diff --git a/loadparm.c b/loadparm.c
+index 029f358f..534e7b63 100644
+--- a/loadparm.c
++++ b/loadparm.c
+@@ -449,7 +449,7 @@ static struct parm_struct parm_table[] =
+ };
+ 
+ /* Initialise the Default all_vars structure. */
+-static void reset_all_vars(void)
++void reset_daemon_vars(void)
+ {
+ 	memcpy(&Vars, &Defaults, sizeof Vars);
+ }
+@@ -872,7 +872,7 @@ int lp_load(char *pszFname, int globals_only)
+ {
+ 	bInGlobalSection = True;
+ 
+-	reset_all_vars();
++	reset_daemon_vars();
+ 
+ 	/* We get sections first, so have to start 'behind' to make up. */
+ 	iSectionIndex = -1;
+diff --git a/main.c b/main.c
+index 1328c504..9af9e5d3 100644
+--- a/main.c
++++ b/main.c
+@@ -1681,6 +1681,10 @@ int main(int argc,char *argv[])
+ 
+ 	memset(&stats, 0, sizeof(stats));
+ 
++	/* Even a non-daemon runs needs the default config values to be set, e.g.
++	 * lp_dont_compress() is queried when no --skip-compress option is set. */
++	reset_daemon_vars();
++
+ 	if (argc < 2) {
+ 		usage(FERROR);
+ 		exit_cleanup(RERR_SYNTAX);

SOURCES/rsync-3.1.3-sparse-block.patch

@@ -0,0 +1,122 @@
+diff --git a/fileio.c b/fileio.c
+index b183e20..72d6076 100644
+--- a/fileio.c
++++ b/fileio.c
+@@ -34,6 +34,7 @@
+ #define ALIGNED_LENGTH(len) ((((len) - 1) | (ALIGN_BOUNDRY-1)) + 1)
+ 
+ extern int sparse_files;
++extern int sparse_files_block_size;
+ 
+ OFF_T preallocated_len = 0;
+ 
+@@ -147,7 +148,7 @@ int write_file(int f, int use_seek, OFF_T offset, const char *buf, int len)
+ 	while (len > 0) {
+ 		int r1;
+ 		if (sparse_files > 0) {
+-			int len1 = MIN(len, SPARSE_WRITE_SIZE);
++			int len1 = MIN(len, sparse_files_block_size ? sparse_files_block_size : SPARSE_WRITE_SIZE);
+ 			r1 = write_sparse(f, use_seek, offset, buf, len1);
+ 			offset += r1;
+ 		} else {
+diff --git a/options.c b/options.c
+index 195672e..d08c05a 100644
+--- a/options.c
++++ b/options.c
+@@ -76,6 +76,7 @@ int remove_source_files = 0;
+ int one_file_system = 0;
+ int protocol_version = PROTOCOL_VERSION;
+ int sparse_files = 0;
++long sparse_files_block_size = 0;
+ int preallocate_files = 0;
+ int do_compression = 0;
+ int def_compress_level = NOT_SPECIFIED;
+@@ -717,6 +718,7 @@ void usage(enum logcode F)
+   rprintf(F,"     --fake-super            store/recover privileged attrs using xattrs\n");
+ #endif
+   rprintf(F," -S, --sparse                turn sequences of nulls into sparse blocks\n");
++  rprintf(F,"     --sparse-block=SIZE     set block size used to handle sparse files\n");
+ #ifdef SUPPORT_PREALLOCATION
+   rprintf(F,"     --preallocate           allocate dest files before writing them\n");
+ #else
+@@ -927,6 +929,7 @@ static struct poptOption long_options[] = {
+   {"sparse",          'S', POPT_ARG_VAL,    &sparse_files, 1, 0, 0 },
+   {"no-sparse",        0,  POPT_ARG_VAL,    &sparse_files, 0, 0, 0 },
+   {"no-S",             0,  POPT_ARG_VAL,    &sparse_files, 0, 0, 0 },
++  {"sparse-block",     0,  POPT_ARG_LONG,   &sparse_files_block_size, 0, 0, 0 },
+   {"preallocate",      0,  POPT_ARG_NONE,   &preallocate_files, 0, 0, 0},
+   {"inplace",          0,  POPT_ARG_VAL,    &inplace, 1, 0, 0 },
+   {"no-inplace",       0,  POPT_ARG_VAL,    &inplace, 0, 0, 0 },
+diff --git a/options.c b/options.c
+index b12da55..5a27452 100644
+--- a/options.c
++++ b/options.c
+@@ -2606,6 +2606,12 @@ void server_options(char **args, int *argc_p)
+ 		args[ac++] = arg;
+ 	}
+ 
++	if (sparse_files_block_size) {
++		if (asprintf(&arg, "--sparse-block=%lu", sparse_files_block_size) < 0)
++			goto oom;
++		args[ac++] = arg;
++	}
++
+ 	if (io_timeout) {
+ 		if (asprintf(&arg, "--timeout=%d", io_timeout) < 0)
+ 			goto oom;
+diff --git a/rsync.yo b/rsync.yo
+--- a/rsync.yo
++++ b/rsync.yo
+@@ -377,6 +377,7 @@ to the detailed description below for a complete description.  verb(
+      --super                 receiver attempts super-user activities
+      --fake-super            store/recover privileged attrs using xattrs
+  -S, --sparse                turn sequences of nulls into sparse blocks
++     --sparse-block=SIZE     set block size used to handle sparse files
+      --preallocate           allocate dest files before writing
+  -n, --dry-run               perform a trial run with no changes made
+  -W, --whole-file            copy files whole (w/o delta-xfer algorithm)
+@@ -1299,6 +1300,15 @@ If combined with bf(--sparse), the file will only have sparse blocks (as
+ opposed to allocated sequences of null bytes) if the kernel version and
+ filesystem type support creating holes in the allocated data.
+
++dit(bf(--sparse-block=SIZE)) Change the block size used to handle sparse files
++to SIZE bytes.  This option only has an effect if the bf(--sparse) (bf(-S))
++option was also specified.  The default block size used by rsync to detect a
++file hole is 1024 bytes; when the receiver writes data to the destination file
++and option bf(--sparse) is used, rsync checks every 1024-bytes chunk to detect
++if they are actually filled with data or not.  With certain filesystems,
++optimized to receive data streams for example, enlarging this block size can
++strongly increase performance.  The option can be used to tune this block size.
++
+ dit(bf(-n, --dry-run)) This makes rsync perform a trial run that doesn't
+ make any changes (and produces mostly the same output as a real run).  It
+ is most commonly used in combination with the bf(-v, --verbose) and/or
+diff --git a/rsync.1 b/rsync.1
+index 855dd47..1d7af3c 100644
+--- a/rsync.1
++++ b/rsync.1
+@@ -454,6 +454,7 @@ to the detailed description below for a complete description.
+      \-\-super                 receiver attempts super\-user activities
+      \-\-fake\-super            store/recover privileged attrs using xattrs
+  \-S, \-\-sparse                turn sequences of nulls into sparse blocks
++     \-\-sparse-block=SIZE      set block size used to handle sparse files
+      \-\-preallocate           allocate dest files before writing
+  \-n, \-\-dry\-run               perform a trial run with no changes made
+  \-W, \-\-whole\-file            copy files whole (w/o delta\-xfer algorithm)
+@@ -1493,6 +1493,16 @@ If combined with \fB\-\-sparse\fP, the file will only have sparse blocks (as
+ opposed to allocated sequences of null bytes) if the kernel version and
+ filesystem type support creating holes in the allocated data.
+ .IP 
++.IP "\fB\-\-sparse\-block=SIZE\fP"
++Change the block size used to handle sparse files
++to SIZE bytes.  This option only has an effect if the \fB\-\-sparse\fP (\fB\-S\fP)
++option was also specified.  The default block size used by rsync to detect a
++file hole is 1024 bytes; when the receiver writes data to the destination file
++and option \fB\-\-sparse\fP is used, rsync checks every 1024\-bytes chunk to detect
++if they are actually filled with data or not.  With certain filesystems,
++optimized to receive data streams for example, enlarging this block size can
++strongly increase performance.  The option can be used to tune this block size.
++.IP
+ .IP "\fB\-n, \-\-dry\-run\fP"
+ This makes rsync perform a trial run that doesn\(cq\&t
+ make any changes (and produces mostly the same output as a real run).  It

SOURCES/rsync-3.1.3-xattr.patch

@@ -0,0 +1,38 @@
+diff --git a/xattrs.c b/xattrs.c
+index 508649c0..3c549192 100644
+--- a/xattrs.c
++++ b/xattrs.c
+@@ -1055,7 +1055,7 @@ int set_xattr(const char *fname, const struct file_struct *file, const char *fna
+ {
+ 	rsync_xa_list *glst = rsync_xal_l.items;
+ 	item_list *lst;
+-	int ndx;
++	int ndx, added_write_perm = 0;
+ 
+ 	if (dry_run)
+ 		return 1; /* FIXME: --dry-run needs to compute this value */
+@@ -1084,10 +1084,23 @@ int set_xattr(const char *fname, const struct file_struct *file, const char *fna
+ 	}
+ #endif
+ 
++	/* If the target file lacks write permission, we try to add it
++	 * temporarily so we can change the extended attributes. */
++	if (!am_root
++#ifdef SUPPORT_LINKS
++	 && !S_ISLNK(sxp->st.st_mode)
++#endif
++	 && access(fname, W_OK) < 0
++	 && do_chmod(fname, (sxp->st.st_mode & CHMOD_BITS) | S_IWUSR) == 0)
++		added_write_perm = 1;
++
+ 	ndx = F_XATTR(file);
+ 	glst += ndx;
+ 	lst = &glst->xa_items;
+-	return rsync_xal_set(fname, lst, fnamecmp, sxp);
++	int return_value = rsync_xal_set(fname, lst, fnamecmp, sxp);
++	if (added_write_perm) /* remove the temporary write permission */
++		do_chmod(fname, sxp->st.st_mode);
++	return return_value;
+ }
+ 
+ #ifdef SUPPORT_ACLS

SPECS/rsync.spec

@@ -1,7 +1,6 @@
 %global _hardened_build 1
 
 %define isprerelease 0
-%define _lto_cflags %{nil}
 
 %if %isprerelease
 %define prerelease pre1
@@ -9,9 +8,10 @@
 
 Summary: A program for synchronizing files over a network
 Name: rsync
-Version: 3.2.5
+Version: 3.1.3
-Release: 1%{?dist}
+Release: 19%{?dist}.1
-URL: https://rsync.samba.org/
+Group: Applications/Internet
+URL: http://rsync.samba.org/
 
 Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
 Source1: https://download.samba.org/pub/rsync/src/rsync-patches-%{version}%{?prerelease}.tar.gz
@@ -21,27 +21,27 @@ Source4: rsyncd.conf
 Source5: rsyncd.sysconfig
 Source6: rsyncd@.service
 
-BuildRequires: make
+BuildRequires: libacl-devel, libattr-devel, autoconf, popt-devel, systemd
-BuildRequires: gcc
+#Requires: zlib
-BuildRequires: gcc-c++
-BuildRequires: libacl-devel
-BuildRequires: libattr-devel
-BuildRequires: autoconf
-BuildRequires: popt-devel
-BuildRequires: systemd
-BuildRequires: lz4-devel
-BuildRequires: openssl-devel
-BuildRequires: libzstd-devel
 #Added virtual provide for zlib due to https://fedoraproject.org/wiki/Bundled_Libraries?rd=Packaging:Bundled_Libraries
 Provides: bundled(zlib) = 1.2.8
 License: GPLv3+
 
-#Added due to rhbz#1873975 - default-acls test fail on s390x due to libacl
+Patch0: rsync-man.patch
-Patch1: rsync-3.2.2-runtests.patch
+Patch1: rsync-3.0.6-iconv-logging.patch
-#commonmark would be needed to generate manpage, so we simply copy it
+Patch2: rsync-3.1.3-covscan.patch
-Patch2: rsync-3.2.5-rrsync-man.patch
+Patch3: rsync-3.1.2-remove-symlinks.patch
-#A couple of fixes for the new filtering code
+Patch4: rsync-3.1.2-vvv-hang.patch
-Patch3: rsync-3.2.3-filtering-rules.patch
+Patch5: rsync-3.1.3-ignore-missing.patch
+Patch6: rsync-3.1.3-append-check.patch
+Patch7: rsync-3.1.3-skip-compress.patch
+Patch8: rsync-3.1.3-xattr.patch
+Patch9: rsync-3.1.3-cve-2018-25032.patch
+Patch10: rsync-3.1.3-sparse-block.patch
+Patch11: rsync-3.1.3-cve-2022-29154.patch
+Patch12: rsync-3.1.3-cve-2022-37434.patch
+Patch13: rsync-3.1.3-filtering-rules.patch
+Patch14: rsync-3.1.3-missing-xattr-filter.patch
 
 %description
 Rsync uses a reliable algorithm to bring remote and host files into
@@ -72,22 +72,37 @@ package provides the anonymous rsync service.
 %setup -q -b 1
 %endif
 
-%patch1 -p1 -b .runtests
+#Needed for compatibility with previous patched rsync versions
-%patch2 -p1 -b .rrsync-man
+patch -p1 -i patches/acls.diff
-%patch3 -p1 -b .filtering-rules
+patch -p1 -i patches/xattrs.diff
+
+#Enable --copy-devices parameter
+patch -p1 -i patches/copy-devices.diff
+
+%patch0 -p1 -b .man
+%patch1 -p1 -b .iconv
+%patch2 -p1 -b .covscan
+%patch3 -p1 -b .symlinks
+%patch4 -p1 -b .vvv
+%patch5 -p1 -b .missing
+%patch6 -p1 -b .append
+%patch7 -p1 -b .skip-compress
+%patch8 -p1 -b .xattr
+%patch9 -p1 -b .cve-2018-25032
+%patch10 -p1 -b .spars-block
+%patch11 -p1 -b .cve-2022-29154
+%patch12 -p1 -b .cve-2022-37434
+%patch13 -p1 -b .filtering-rules
+%patch14 -p1 -b .xattr-filter
 
 %build
-%configure --disable-xxhash --with-rrsync
+%configure
 # --with-included-zlib=no temporary disabled because of #1043965
 
-%{make_build}
+make %{?_smp_mflags}
-
-%check
-make check
-chmod -x support/*
 
 %install
-%{make_install} INSTALLCMD='install -p' INSTALLMAN='install -p'
+%makeinstall INSTALLCMD='install -p' INSTALLMAN='install -p'
 
 install -D -m644 %{SOURCE3} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd.service
 install -D -m644 %{SOURCE2} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd.socket
@@ -95,19 +110,21 @@ install -D -m644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/rsyncd.conf
 install -D -m644 %{SOURCE5} $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/rsyncd
 install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
 
+%check
+make check
+#scripts in support/* are needed to run upstream tests but after install these should not be executable
+chmod -x support/*
+
 %files
+%{!?_licensedir:%global license %%doc}
 %license COPYING
-%doc support/ tech_report.tex
+%doc NEWS OLDNEWS README support/ tech_report.tex
 %{_bindir}/%{name}
-%{_bindir}/r%{name}
-%{_bindir}/%{name}-ssl
 %{_mandir}/man1/%{name}.1*
-%{_mandir}/man1/r%{name}.1*
-%{_mandir}/man1/%{name}-ssl.1*
-%{_mandir}/man5/rsyncd.conf.5*
-%config(noreplace) %{_sysconfdir}/rsyncd.conf
 
 %files daemon
+%{_mandir}/man5/rsyncd.conf.5*
+%config(noreplace) %{_sysconfdir}/rsyncd.conf
 %config(noreplace) %{_sysconfdir}/sysconfig/rsyncd
 %{_unitdir}/rsyncd.socket
 %{_unitdir}/rsyncd.service
@@ -123,111 +140,57 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
 %systemd_postun_with_restart rsyncd.service
 
 %changelog
-* Mon Dec 09 2024 Michal Ruprich <mruprich@redhat.com> - 3.2.3-21
+* Wed Nov 02 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-19.1
-- Resolves: RHEL-70265 - Rebase rsync to 3.2.5
+- Resolves: #2139118 - rsync-daemon fail on 3.1.3
-- Resolves: RHEL-67142 - Wrong progress reported by rsync when using copy-devices
-- Resolves: RHEL-29340 - Slowness in rsync due to extra validation steps.
-- Resolves: RHEL-18216 - rysnc script /usr/share/doc/rsync/support/rrsync is unsecure
 
-* Thu Oct 19 2023 Alex Iribarren <Alex.Iribarren@cern.ch> - 3.2.3-20
+* Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-19
-- Resolves: RHEL-14228 - rsync regression with --delay-updates
+- Resolves: #2116668 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
 
-* Wed Nov 02 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-19
+* Mon Aug 15 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-18
-- Resolves: #2139349 - rsync error: protocol incompatibility when using rsync-3.2.3-18.el9
+- Resolves: #2111175 - remote arbitrary files write inside the directories of connecting peers
 
-* Thu Aug 25 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-18
+* Mon Aug 08 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-17
-- Resolves: #2111177 - remote arbitrary files write inside the directories of connecting peers
+- Related: #2043753 - New option should not be sent to the server every time
 
-* Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-17
+* Thu Jul 28 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-16
-- Resolves: #2116669 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
+- Resolves: #2043753 - [RFE] Improve defaults for sparse file buffering
 
-* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-16
+* Tue Apr 12 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-15
-- Related: #2081296 - Adding ci.fmf for separation of testing results
+- Resolves: #2071513 - A flaw in zlib-1.2.11 when compressing (not decompressing!) certain inputs
 
-* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-15
+* Mon Oct 11 2021 Michal Ruprich <mruprich@redhat.com> - 3.1.3-14
-- Related: #2081296 - Disabling STI
+- Related: #1907443 - Adding fmf plans to run tests with tmt
 
-* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-14
+* Mon Sep 27 2021 Tomas Korbar <tkorbar@redhat.com> - 3.1.3-13
-- Resolves: #2071514 - A flaw found in zlib when compressing (not decompressing) certain inputs
+- Resolves: #1907443 - Read-only files that have changed xattrs fail to allow xattr changes
 
-* Wed May 11 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-13
+* Fri Dec 18 2020 Michal Ruprich <mruprich@redhat.com> - 3.1.3-12
-- Resolves: #2079639 - rsync --atimes doesn't work
+- Resolves: #1816528 - Defaults for --skip-compress are not working, everything is being compressed
 
-* Tue May 03 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-12
+* Thu Nov 05 2020 Tomas Korbar <tkorbar@redhat.com> - 3.1.3-11
-- Resolves: #2081296 - Enable fmf tests in centos stream
+- Resolves: #1855981 - rsync segfaults in --append mode
 
-* Tue Apr 26 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-11
+* Thu Nov 05 2020 Tomas Korbar <tkorbar@redhat.com> - 3.1.3-10
-- Resolves: #2053198 - rsync segmentation fault
+- Resolves: #1727093 - rsync: "ABORTING due to invalid path from sender"
 
-* Fri Apr 22 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-10
+* Mon Aug 24 2020 Michal Ruprich <mruprich@redhat.com> - 3.1.3-9
-- Resolves: #2077431 - Read-only files that have changed xattrs fail to allow xattr changes
+- Resolves: #1667436 - rsyncd.service fails to start at boot if address is configured
 
-* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.3-9
+* Wed Jun 10 2020 Michal Ruprich <mruprich@redhat.com> - 3.1.3-8
-- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- Resolves: #1775561 - rsync 3.1.2 hangs when run with -vvv to sync a large repository
-  Related: rhbz#1991688
 
-* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.3-8
+* Tue Oct 29 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-7
-- Rebuilt for RHEL 9 BETA for openssl 3.0
+- Resolves: #1693162 - remove-source-files fails with symlinks
-  Related: rhbz#1971065
 
-* Mon May 31 2021 Michal Ruprich <mruprich@redhat.com> - 3.2.3-7
+* Tue Apr 16 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-6
-- Resolves: #1955008 - rsync segfaults in --append mode when file on sender is large (> 2GB) and gets truncated
+- Resolves: #1602683 - Please review important issues found by covscan
 
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.3-6
+* Tue Apr 16 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-5
-- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+- Resolves: #1656761 - [FJ8.0 Bug]: [REG] The rsync command is terminated with SIGSEGV
 
-* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.3-5
+* Wed Oct 03 2018 Michal Ruprich <mruprich@redhat.com> - 3.1.3-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+- Resolves: #1635631 - Remove --noatime option from rsync
-
+  Cleaning spec file
-* Tue Dec 08 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-4
-- Resolves: #1894485 - rsync is unable to set permissions when chrooted
-- Getting rid of deprecated makeinstall macro
-
-* Fri Nov 20 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-3
-- Disabling LTO as a temporary measure for rhbz#1898912
-
-* Thu Nov 19 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-2
-- Use make macros
-- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
-
-* Mon Aug 31 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-1
-- New version 3.2.3
-- Removed upstream patches acls.diff and xattrs.diff
-
-* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.2-3
-- Second attempt - Rebuilt for
-  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.2-2
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Tue Jul 21 2020 Michal Ruprich <michalruprich@gmail.com> - 3.2.2-1
-- New version 3.2.2
-
-* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-11
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Thu Oct 10 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-10
-- Enabling upstream test suite during build rhbz#1533846
-
-* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-9
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Mon Apr 15 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-8
-- Resolves: #1452187 - move man page rsyncd.conf(5) from rsync-daemon to rsync package
-- Moving the config file as well
-
-* Tue Mar 19 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-7
-- Resolves: #1683737 - [abrt] rsync: utf8_internal_loop(): rsync killed by SIGSEGV
-
-* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-6
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Wed Jan 02 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-5
-- Fix for rhbz#1586346 - rsyncd.service fails to start at boot if address is configured
-
-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-4
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
 
 * Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 3.1.3-3
 - Escape macros in %%changelog

ci.fmf

@@ -1 +0,0 @@
-resultsdb-testcase: separate

gating.yaml

@@ -1,11 +0,0 @@
---- !Policy
-product_versions:
-  - rhel-9
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
-  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier2.functional}
-  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier3.functional}
-  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tedude.validation}
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/tier1-internal.functional}
-  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/public.functional}

plans/public.fmf

@@ -1,7 +0,0 @@
-summary: Test plan that runs all tests from tests repo.
-discover:
-    how: fmf
-    url: https://src.fedoraproject.org/tests/rsync.git
-execute:
-    how: tmt
-

plans/tier1-internal.fmf

@@ -1,11 +0,0 @@
-summary: CI plan, picks Tier1 tests, runs in beakerlib.
-discover:
-  - name: rhel
-    how: fmf
-    filter: 'tier: 1'
-    url: git://pkgs.devel.redhat.com/tests/rsync
-execute:
-    how: tmt
-adjust:     
-    enabled: false     
-    when: distro == centos-stream-9

rpminspect.yaml

@@ -1,3 +0,0 @@
----
-inspections:
-    badfuncs: off

rsync-3.2.2-runtests.patch

@@ -1,12 +0,0 @@
-diff --git a/runtests.sh.old b/runtests.sh
-index ecb383e..1cd1d1a 100755
---- a/runtests.sh.old
-+++ b/runtests.sh
-@@ -276,6 +276,7 @@ do
- 
-     case "$testscript" in
-     *hardlinks*) TESTRUN_TIMEOUT=600 ;;
-+    *default-acls*) continue ;;
-     *) TESTRUN_TIMEOUT=300 ;;
-     esac
- 

rsync-3.2.5-rrsync-man.patch

@@ -1,23 +0,0 @@
-diff --git a/Makefile.in b/Makefile.in
-index 3cde955..06232f1 100644
---- a/Makefile.in
-+++ b/Makefile.in
-@@ -106,6 +106,9 @@ rsync$(EXEEXT): $(OBJS)
- rrsync: support/rrsync
- 	cp -p $(srcdir)/support/rrsync rrsync
- 
-+rrsync.1.md: support/rrsync.1.md
-+	cp -p $(srcdir)/support/rrsync.1.md rrsync.1.md
-+
- $(OBJS): $(HEADERS)
- $(CHECK_OBJS): $(HEADERS)
- tls.o xattrs.o: lib/sysxattrs.h
-@@ -269,7 +269,7 @@ rsyncd.conf.5: rsyncd.conf.5.md md-convert version.h Makefile
- 	@$(srcdir)/maybe-make-man rsyncd.conf.5.md
- 
- rrsync.1: support/rrsync.1.md md-convert Makefile
--	@$(srcdir)/maybe-make-man support/rrsync.1.md
-+	@$(srcdir)/maybe-make-man rrsync.1.md
- 
- .PHONY: clean
- clean: cleantests

rsync-noatime.patch

@@ -1,147 +0,0 @@
-Optionally preserve atimes.
-    
-Based on https://bugzilla.samba.org/show_bug.cgi?id=7249#c1 by Nicolas George.
-
-Index: rsync-3.1.0/options.c
-===================================================================
---- rsync-3.1.0.orig/options.c
-+++ rsync-3.1.0/options.c
-@@ -125,6 +125,7 @@ int delay_updates = 0;
- long block_size = 0; /* "long" because popt can't set an int32. */
- char *skip_compress = NULL;
- item_list dparam_list = EMPTY_ITEM_LIST;
-+int noatime = 0;
- 
- /** Network address family. **/
- int default_af_hint
-@@ -802,6 +803,7 @@ void usage(enum logcode F)
-   rprintf(F,"     --iconv=CONVERT_SPEC    request charset conversion of filenames\n");
- #endif
-   rprintf(F,"     --checksum-seed=NUM     set block/file checksum seed (advanced)\n");
-+  rprintf(F,"     --noatime               do not alter atime when opening source files\n");
-   rprintf(F," -4, --ipv4                  prefer IPv4\n");
-   rprintf(F," -6, --ipv6                  prefer IPv6\n");
-   rprintf(F,"     --version               print version number\n");
-@@ -1019,6 +1021,7 @@ static struct poptOption long_options[]
-   {"iconv",            0,  POPT_ARG_STRING, &iconv_opt, 0, 0, 0 },
-   {"no-iconv",         0,  POPT_ARG_NONE,   0, OPT_NO_ICONV, 0, 0 },
- #endif
-+  {"noatime",          0,  POPT_ARG_VAL,    &noatime, 1, 0, 0 },
-   {"ipv4",            '4', POPT_ARG_VAL,    &default_af_hint, AF_INET, 0, 0 },
-   {"ipv6",            '6', POPT_ARG_VAL,    &default_af_hint, AF_INET6, 0, 0 },
-   {"8-bit-output",    '8', POPT_ARG_VAL,    &allow_8bit_chars, 1, 0, 0 },
-@@ -2739,6 +2742,12 @@ void server_options(char **args, int *ar
- 	if (preallocate_files && am_sender)
- 		args[ac++] = "--preallocate";
- 
-+	/*
-+	 * Do we want remote atime preservation when we preserve local ones?
-+	if (noatime)
-+		args[ac++] = "--noatime";
-+	*/
-+
- 	if (ac > MAX_SERVER_ARGS) { /* Not possible... */
- 		rprintf(FERROR, "argc overflow in server_options().\n");
- 		exit_cleanup(RERR_MALLOC);
-Index: rsync-3.1.0/rsync.yo
-===================================================================
---- rsync-3.1.0.orig/rsync.yo
-+++ rsync-3.1.0/rsync.yo
-@@ -454,6 +454,7 @@ to the detailed description below for a
-      --protocol=NUM          force an older protocol version to be used
-      --iconv=CONVERT_SPEC    request charset conversion of filenames
-      --checksum-seed=NUM     set block/file checksum seed (advanced)
-+     --noatime               do not alter atime when opening source files
-  -4, --ipv4                  prefer IPv4
-  -6, --ipv6                  prefer IPv6
-      --version               print version number
-@@ -2543,6 +2544,13 @@ daemon uses the charset specified in its
- regardless of the remote charset you actually pass.  Thus, you may feel free to
- specify just the local charset for a daemon transfer (e.g. bf(--iconv=utf8)).
- 
-+dit(bf(--noatime)) Use the O_NOATIME open flag on systems that support it.
-+The effect of this flag is to avoid altering the access time (atime) of the
-+opened files.
-+If the system does not support the O_NOATIME flag, this option does nothing.
-+Currently, systems known to support O_NOATIME are Linux >= 2.6.8 with glibc
-+>= 2.3.4.
-+
- dit(bf(-4, --ipv4) or bf(-6, --ipv6)) Tells rsync to prefer IPv4/IPv6
- when creating sockets.  This only affects sockets that rsync has direct
- control over, such as the outgoing socket when directly contacting an
-diff --git a/syscall.c b/syscall.c
-index c46a8b4..6620563 100644
---- a/syscall.c
-+++ b/syscall.c
-@@ -42,6 +42,7 @@ extern int inplace;
- extern int preallocate_files;
- extern int preserve_perms;
- extern int preserve_executability;
-+extern int noatime;
- 
- #ifndef S_BLKSIZE
- # if defined hpux || defined __hpux__ || defined __hpux
-@@ -189,6 +190,10 @@ int do_open(const char *pathname, int fl
- 		RETURN_ERROR_IF(dry_run, 0);
- 		RETURN_ERROR_IF_RO_OR_LO;
- 	}
-+#ifdef O_NOATIME
-+	if (noatime)
-+		flags |= O_NOATIME;
-+#endif
- 
- 	return open(pathname, flags | O_BINARY, mode);
- }
-Index: rsync/tls.c
-===================================================================
---- rsync.orig/tls.c
-+++ rsync/tls.c
-@@ -53,6 +53,7 @@ int preserve_perms = 0;
- int preserve_executability = 0;
- int preallocate_files = 0;
- int inplace = 0;
-+int noatime = 0;
- 
- #ifdef SUPPORT_XATTRS
- 
-Index: rsync/t_unsafe.c
-===================================================================
---- rsync.orig/t_unsafe.c
-+++ rsync/t_unsafe.c
-@@ -33,6 +33,10 @@ int preserve_perms = 0;
- int preserve_executability = 0;
- short info_levels[COUNT_INFO], debug_levels[COUNT_DEBUG];
- 
-+/* This is to make syscall.o shut up. */
-+int noatime = 0;
-+
-+
- int
- main(int argc, char **argv)
- {
-Index: rsync/wildtest.c
-===================================================================
---- rsync.orig/wildtest.c
-+++ rsync/wildtest.c
-@@ -32,6 +32,9 @@ int fnmatch_errors = 0;
- 
- int wildmatch_errors = 0;
- 
-+/* This is to make syscall.o shut up. */
-+int noatime = 0;
-+
- typedef char bool;
- 
- int output_iterations = 0;
-Index: rsync/trimslash.c
-===================================================================
---- rsync.orig/trimslash.c
-+++ rsync/trimslash.c
-@@ -30,6 +30,7 @@ int preserve_perms = 0;
- int preserve_executability = 0;
- int preallocate_files = 0;
- int inplace = 0;
-+int noatime = 0;
- 
- int
- main(int argc, char **argv)

sources

@@ -1,2 +0,0 @@
-SHA512 (rsync-3.2.5.tar.gz) = 6d115acb5bae546cd2b5df2c11390f8609107b7a45aa649158d8daa0c9290ab5f15640fdd4000b21d1ab39f7385b85d77cd8fe4628fa13b2adeea6fcd53d057a
-SHA512 (rsync-patches-3.2.5.tar.gz) = e8e36567f2ce9a155639bafecc361db635abff718b321fbd52c925632b87502ad022cf8238e39539a4f9e45dce37513395fd481abfa2ccb78e8af2047e1a4cf6