rpms/rsync
5
0
Fork 1
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c10s
rpms:a8-backports
rpms:a9-backports
rpms:c9
rpms:a10s
rpms:a9
rpms:a8
rpms:c9s
rpms:c9-beta
rpms:c8-beta
rpms:c8s
rpms:imports/c10s/rsync-3.4.1-1.el10
rpms:imports/c9/rsync-3.2.3-20.el9_5.1
rpms:imports/c8/rsync-3.1.3-20.el8_10
rpms:changed/a10s/rsync-3.3.0-6.el10.alma.1
rpms:changed/a9/rsync-3.2.5-1.el9.alma.1
rpms:imports/a9/rsync-3.2.5-1.el9
rpms:changed/a8/rsync-3.1.3-19.el8_7.1.alma.1
rpms:imports/c9/rsync-3.2.3-20.el9
rpms:imports/c10s/rsync-3.3.0-6.el10
rpms:imports/c9-beta/rsync-3.2.3-20.el9
rpms:imports/c10s/rsync-3.3.0-5.el10
rpms:imports/c10s/rsync-3.3.0-3.el10
rpms:imports/a9-backports/rsync-3.3.0-1.el9
rpms:imports/a8-backports/rsync-3.3.0-1.el8
rpms:imports/c9/rsync-3.2.3-19.el9
rpms:imports/c9-beta/rsync-3.2.3-19.el9
rpms:imports/c8-beta/rsync-3.1.3-19.el8_7.1
rpms:imports/c8/rsync-3.1.3-19.el8_7.1
rpms:imports/c9/rsync-3.2.3-18.el9
rpms:imports/c8s/rsync-3.1.3-19.el8_7.1
rpms:imports/c8/rsync-3.1.3-19.el8
rpms:imports/c9-beta/rsync-3.2.3-18.el9
rpms:imports/c8-beta/rsync-3.1.3-19.el8
rpms:imports/c8s/rsync-3.1.3-19.el8
rpms:imports/c9/rsync-3.2.3-9.el9_0.2
rpms:imports/c8/rsync-3.1.3-14.el8_6.3
rpms:imports/c8s/rsync-3.1.3-17.el8
rpms:imports/c8s/rsync-3.1.3-16.el8
rpms:imports/c9/rsync-3.2.3-9.el9_0.1
rpms:imports/c9/rsync-3.2.3-9.el9
rpms:imports/c8s/rsync-3.1.3-12.el8_5.1
rpms:imports/c8/rsync-3.1.3-14.el8_6.2
rpms:imports/c8/rsync-3.1.3-14.el8
rpms:imports/c8-beta/rsync-3.1.3-14.el8
rpms:imports/c9-beta/rsync-3.2.3-9.el9
rpms:imports/c8s/rsync-3.1.3-14.el8
rpms:imports/c8-beta/rsync-3.1.3-12.el8
rpms:imports/c8-beta/rsync-3.1.3-8.el8
rpms:imports/c8-beta/rsync-3.1.3-7.el8
rpms:imports/c8-beta/rsync-3.1.3-6.el8
rpms:imports/c8s/rsync-3.1.3-13.el8
rpms:imports/c8s/rsync-3.1.3-12.el8
rpms:imports/c8s/rsync-3.1.3-11.el8
rpms:imports/c8s/rsync-3.1.3-9.el8
rpms:imports/c8s/rsync-3.1.3-8.el8
rpms:imports/c8s/rsync-3.1.3-7.el8
rpms:imports/c8/rsync-3.1.3-12.el8
rpms:imports/c8/rsync-3.1.3-9.el8
rpms:imports/c8/rsync-3.1.3-7.el8
rpms:imports/c8/rsync-3.1.3-6.el8
rpms:imports/c8/rsync-3.1.3-4.el8
...
pull from: rpms:c9-beta
Branches Tags
rpms:c10s
rpms:a8-backports
rpms:a9-backports
rpms:c9
rpms:c8
rpms:a10s
rpms:a9
rpms:a8
rpms:c9s
rpms:c9-beta
rpms:c8-beta
rpms:c8s
rpms:imports/c10s/rsync-3.4.1-1.el10
rpms:imports/c9/rsync-3.2.3-20.el9_5.1
rpms:imports/c8/rsync-3.1.3-20.el8_10
rpms:changed/a10s/rsync-3.3.0-6.el10.alma.1
rpms:changed/a9/rsync-3.2.5-1.el9.alma.1
rpms:imports/a9/rsync-3.2.5-1.el9
rpms:changed/a8/rsync-3.1.3-19.el8_7.1.alma.1
rpms:imports/c9/rsync-3.2.3-20.el9
rpms:imports/c10s/rsync-3.3.0-6.el10
rpms:imports/c9-beta/rsync-3.2.3-20.el9
rpms:imports/c10s/rsync-3.3.0-5.el10
rpms:imports/c10s/rsync-3.3.0-3.el10
rpms:imports/a9-backports/rsync-3.3.0-1.el9
rpms:imports/a8-backports/rsync-3.3.0-1.el8
rpms:imports/c9/rsync-3.2.3-19.el9
rpms:imports/c9-beta/rsync-3.2.3-19.el9
rpms:imports/c8-beta/rsync-3.1.3-19.el8_7.1
rpms:imports/c8/rsync-3.1.3-19.el8_7.1
rpms:imports/c9/rsync-3.2.3-18.el9
rpms:imports/c8s/rsync-3.1.3-19.el8_7.1
rpms:imports/c8/rsync-3.1.3-19.el8
rpms:imports/c9-beta/rsync-3.2.3-18.el9
rpms:imports/c8-beta/rsync-3.1.3-19.el8
rpms:imports/c8s/rsync-3.1.3-19.el8
rpms:imports/c9/rsync-3.2.3-9.el9_0.2
rpms:imports/c8/rsync-3.1.3-14.el8_6.3
rpms:imports/c8s/rsync-3.1.3-17.el8
rpms:imports/c8s/rsync-3.1.3-16.el8
rpms:imports/c9/rsync-3.2.3-9.el9_0.1
rpms:imports/c9/rsync-3.2.3-9.el9
rpms:imports/c8s/rsync-3.1.3-12.el8_5.1
rpms:imports/c8/rsync-3.1.3-14.el8_6.2
rpms:imports/c8/rsync-3.1.3-14.el8
rpms:imports/c8-beta/rsync-3.1.3-14.el8
rpms:imports/c9-beta/rsync-3.2.3-9.el9
rpms:imports/c8s/rsync-3.1.3-14.el8
rpms:imports/c8-beta/rsync-3.1.3-12.el8
rpms:imports/c8-beta/rsync-3.1.3-8.el8
rpms:imports/c8-beta/rsync-3.1.3-7.el8
rpms:imports/c8-beta/rsync-3.1.3-6.el8
rpms:imports/c8s/rsync-3.1.3-13.el8
rpms:imports/c8s/rsync-3.1.3-12.el8
rpms:imports/c8s/rsync-3.1.3-11.el8
rpms:imports/c8s/rsync-3.1.3-9.el8
rpms:imports/c8s/rsync-3.1.3-8.el8
rpms:imports/c8s/rsync-3.1.3-7.el8
rpms:imports/c8/rsync-3.1.3-12.el8
rpms:imports/c8/rsync-3.1.3-9.el8
rpms:imports/c8/rsync-3.1.3-7.el8
rpms:imports/c8/rsync-3.1.3-6.el8
rpms:imports/c8/rsync-3.1.3-4.el8

No commits in common. "c8" and "c9-beta" have entirely different histories.
c8 ... c9-beta

25 changed files with 622 additions and 708 deletions
Show Stats Expand all files Collapse all files

4
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/rsync-3.1.3.tar.gz
SOURCES/rsync-patches-3.1.3.tar.gz
SOURCES/rsync-3.2.3.tar.gz
SOURCES/rsync-patches-3.2.3.tar.gz

4
.rsync.metadata
View File

@ -1,2 +1,2 @@
82e7829c0b3cefbd33c233005341e2073c425629 SOURCES/rsync-3.1.3.tar.gz
74c16510a18ef43d797f9ceba6150f0862568cc0 SOURCES/rsync-patches-3.1.3.tar.gz
00823f43901e7da39f3f0daf20ec9efae47e959e SOURCES/rsync-3.2.3.tar.gz
5c4c2866931b0f4dbb0d07567b2963c9dc66ec87 SOURCES/rsync-patches-3.2.3.tar.gz

22
SOURCES/rsync-3.0.6-iconv-logging.patch
View File

@ -1,22 +0,0 @@
diff --git a/log.c b/log.c
index 34a013b..1aca728 100644
--- a/log.c
+++ b/log.c
@@ -377,10 +377,13 @@ output_msg:
filtered_fwrite(f, convbuf, outbuf.len, 0);
outbuf.len = 0;
}
- if (!ierrno || ierrno == E2BIG)
- continue;
- fprintf(f, "\\#%03o", CVAL(inbuf.buf, inbuf.pos++));
- inbuf.len--;
+ /* Log one byte of illegal/incomplete sequence and continue with
+ * the next character. Check that the buffer is non-empty for the
+ * sake of robustness. */
+ if ((ierrno == EILSEQ || ierrno == EINVAL) && inbuf.len) {
+ fprintf(f, "\\#%03o", CVAL(inbuf.buf, inbuf.pos++));
+ inbuf.len--;
+ }
}
} else
#endif

33
SOURCES/rsync-3.1.2-remove-symlinks.patch
View File

@ -1,33 +0,0 @@
diff --git a/sender.c b/sender.c
index 03e4aadd..9b432ed9 100644
--- a/sender.c
+++ b/sender.c
@@ -32,6 +32,7 @@ extern int logfile_format_has_i;
extern int want_xattr_optim;
extern int csum_length;
extern int append_mode;
+extern int copy_links;
extern int io_error;
extern int flist_eof;
extern int allowed_lull;
@@ -138,17 +139,16 @@ void successful_send(int ndx)
return;
f_name(file, fname);
- if (do_lstat(fname, &st) < 0) {
+ if ((copy_links ? do_stat(fname, &st) : do_lstat(fname, &st)) < 0) {
failed_op = "re-lstat";
goto failed;
}
- if (S_ISREG(file->mode) /* Symlinks & devices don't need this check: */
- && (st.st_size != F_LENGTH(file) || st.st_mtime != file->modtime
+ if (st.st_size != F_LENGTH(file) || st.st_mtime != file->modtime
#ifdef ST_MTIME_NSEC
|| (NSEC_BUMP(file) && (uint32)st.ST_MTIME_NSEC != F_MOD_NSEC(file))
#endif
- )) {
+ ) {
rprintf(FERROR_XFER, "ERROR: Skipping sender remove for changed file: %s\n", fname);
return;
}

33
SOURCES/rsync-3.1.2-vvv-hang.patch
View File

@ -1,33 +0,0 @@
diff --git a/io.c b/io.c
index 999c34e5..ceff3784 100644
--- a/io.c
+++ b/io.c
@@ -954,8 +954,17 @@ int send_msg(enum msgcode code, const char *buf, size_t len, int convert)
} else
#endif
needed = len + 4 + 3;
- if (iobuf.msg.len + needed > iobuf.msg.size)
- perform_io(needed, PIO_NEED_MSGROOM);
+ if (iobuf.msg.len + needed > iobuf.msg.size) {
+ if (!am_receiver)
+ perform_io(needed, PIO_NEED_MSGROOM);
+ else { /* We allow the receiver to increase their iobuf.msg size to avoid a deadlock. */
+ size_t old_size = iobuf.msg.size;
+ restore_iobuf_size(&iobuf.msg);
+ realloc_xbuf(&iobuf.msg, iobuf.msg.size * 2);
+ if (iobuf.msg.pos + iobuf.msg.len > old_size)
+ memcpy(iobuf.msg.buf + old_size, iobuf.msg.buf, iobuf.msg.pos + iobuf.msg.len - old_size);
+ }
+ }
pos = iobuf.msg.pos + iobuf.msg.len; /* Must be set after any flushing. */
if (pos >= iobuf.msg.size)
@@ -1176,7 +1185,7 @@ int read_line(int fd, char *buf, size_t bufsiz, int flags)
#ifdef ICONV_OPTION
if (flags & RL_CONVERT && iconv_buf.size < bufsiz)
- realloc_xbuf(&iconv_buf, bufsiz + 1024);
+ realloc_xbuf(&iconv_buf, ROUND_UP_1024(bufsiz) + 1024);
#endif
start:

44
SOURCES/rsync-3.1.3-append-check.patch
View File

@ -1,44 +0,0 @@
commit bd17c2a4e237ca1f38544db65053ecfea6054009
Author: Tomas Korbar <tkorbar@redhat.com>
Date: Thu Sep 24 13:17:45 2020 +0200
Skip files for transfer that has been truncated during negotiation
diff --git a/rsync.1 b/rsync.1
index 6cabd44..855dd47 100644
--- a/rsync.1
+++ b/rsync.1
@@ -1004,8 +1004,10 @@ This causes rsync to update a file by appending data onto
the end of the file, which presumes that the data that already exists on
the receiving side is identical with the start of the file on the sending
side. If a file needs to be transferred and its size on the receiver is
-the same or longer than the size on the sender, the file is skipped. This
-does not interfere with the updating of a file\(cq\&s non\-content attributes
+the same or longer than the size on the sender, the file is skipped. It
+also skips any files whose size on the sending side gets shorter during
+the send negotiations (rsync warns about a "diminished" file when this
+happens). This does not interfere with the updating of a file\(cq\&s non\-content attributes
(e.g. permissions, ownership, etc.) when the file does not need to be
transferred, nor does it affect the updating of any non\-regular files.
Implies \fB\-\-inplace\fP.
diff --git a/sender.c b/sender.c
index 1cc28a1..e22eadd 100644
--- a/sender.c
+++ b/sender.c
@@ -379,6 +379,16 @@ void send_files(int f_in, int f_out)
}
}
+ if (append_mode > 0 && st.st_size < F_LENGTH(file)) {
+ rprintf(FWARNING, "skipped diminished file: %s\n",
+ full_fname(fname));
+ free_sums(s);
+ close(fd);
+ if (protocol_version >= 30)
+ send_msg_int(MSG_NO_SEND, ndx);
+ continue;
+ }
+
if (st.st_size) {
int32 read_size = MAX(s->blength * 3, MAX_MAP_SIZE);
mbuf = map_file(fd, st.st_size, read_size, s->blength);

57
SOURCES/rsync-3.1.3-covscan.patch
View File

@ -1,57 +0,0 @@
diff --git a/util.c b/util.c
index fbbfd8ba..235afa82 100644
--- a/util.c
+++ b/util.c
@@ -342,6 +342,7 @@ int copy_file(const char *source, const char *dest, int ofd, mode_t mode)
if (robust_unlink(dest) && errno != ENOENT) {
int save_errno = errno;
rsyserr(FERROR_XFER, errno, "unlink %s", full_fname(dest));
+ close(ifd);
errno = save_errno;
return -1;
}
diff --git a/lib/pool_alloc.c b/lib/pool_alloc.c
index 5856d591..a70a3f1a 100644
--- a/lib/pool_alloc.c
+++ b/lib/pool_alloc.c
@@ -49,15 +49,15 @@ pool_create(size_t size, size_t quantum, void (*bomb)(const char *), int flags)
{
struct alloc_pool *pool;
- if (!(pool = new0(struct alloc_pool)))
- return NULL;
-
if ((MINALIGN & (MINALIGN - 1)) != 0) {
if (bomb)
(*bomb)("Compiler error: MINALIGN is not a power of 2\n");
return NULL;
}
+ if (!(pool = new0(struct alloc_pool)))
+ return NULL;
+
if (!size)
size = POOL_DEF_EXTENT;
if (!quantum)
diff --git a/batch.c b/batch.c
index 21c632fc..1ab66e90 100644
--- a/batch.c
+++ b/batch.c
@@ -216,7 +216,7 @@ static void write_filter_rules(int fd)
void write_batch_shell_file(int argc, char *argv[], int file_arg_cnt)
{
int fd, i, len, err = 0;
- char *p, filename[MAXPATHLEN];
+ char *p, *p2, filename[MAXPATHLEN];
stringjoin(filename, sizeof filename,
batch_name, ".sh", NULL);
@@ -267,7 +267,7 @@ void write_batch_shell_file(int argc, char *argv[], int file_arg_cnt)
err = 1;
}
}
- if (!(p = check_for_hostspec(argv[argc - 1], &p, &i)))
+ if (!(p = check_for_hostspec(argv[argc - 1], &p2, &i)))
p = argv[argc - 1];
if (write(fd, " ${1:-", 6) != 6
|| write_arg(fd, p) < 0)

14
SOURCES/rsync-3.1.3-cve-2024-12085.patch
View File

@ -1,14 +0,0 @@
diff --git a/match.c b/match.c
index 36e78ed..dfd6af2 100644
--- a/match.c
+++ b/match.c
@@ -147,6 +147,9 @@ static void hash_search(int f,struct sum_struct *s,
int more;
schar *map;
+ // prevent possible memory leaks
+ memset(sum2, 0, sizeof sum2);
+
/* want_i is used to encourage adjacent matches, allowing the RLL
* coding of the output to work more efficiently. */
want_i = 0;

49
SOURCES/rsync-3.1.3-ignore-missing.patch
View File

@ -1,49 +0,0 @@
commit af6118d98b3482cbcfc223bf2a0777bc19eccb02
Author: Wayne Davison <wayne@opencoder.net>
Date: Sun Apr 26 18:02:17 2020 -0700
Allow a missing parent dir when --delete-missing-args was specified.
diff --git a/generator.c b/generator.c
index 3c50f63f..b90c7ccd 100644
--- a/generator.c
+++ b/generator.c
@@ -1277,10 +1277,16 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
&& (*dn != '.' || dn[1]) /* Avoid an issue with --relative and the "." dir. */
&& (!prior_dir_file || strcmp(dn, f_name(prior_dir_file, NULL)) != 0)
&& flist_find_name(cur_flist, dn, 1) < 0) {
- rprintf(FERROR,
- "ABORTING due to invalid path from sender: %s/%s\n",
- dn, file->basename);
- exit_cleanup(RERR_PROTOCOL);
+ /* The --delete-missing-args option can actually put invalid entries into
+ * the file list, so if that option was specified, we'll just complain about
+ * it and allow it. */
+ if (missing_args == 2 && file->mode == 0)
+ rprintf(FERROR, "WARNING: parent dir is absent in the file list: %s\n", dn);
+ else {
+ rprintf(FERROR, "ABORTING due to invalid path from sender: %s/%s\n",
+ dn, file->basename);
+ exit_cleanup(RERR_PROTOCOL);
+ }
}
if (relative_paths && !implied_dirs
&& do_stat(dn, &sx.st) < 0) {
@@ -1383,7 +1389,7 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
added_perms = 0;
if (is_dir < 0) {
if (!(preserve_times & PRESERVE_DIR_TIMES))
- return;
+ goto cleanup;
/* In inc_recurse mode we want to make sure any missing
* directories get created while we're still processing
* the parent dir (which allows us to touch the parent
@@ -1525,7 +1531,7 @@ static void recv_generator(char *fname, struct file_struct *file, int ndx,
"ignoring unsafe symlink \"%s\" -> \"%s\"\n",
fname, sl);
}
- return;
+ goto cleanup;
}
if (statret == 0) {
char lnk[MAXPATHLEN];

13
SOURCES/rsync-3.1.3-missing-xattr-filter.patch
View File

@ -1,13 +0,0 @@
diff --git a/exclude.c.old b/exclude.c
index 232249f..2f6dccc 100644
--- a/exclude.c.old
+++ b/exclude.c
@@ -1575,6 +1575,8 @@ char *get_rule_prefix(filter_rule *rule, const char *pat, int for_xfer,
}
if (rule->rflags & FILTRULE_EXCLUDE_SELF)
*op++ = 'e';
+ if (rule->rflags & FILTRULE_XATTR)
+ *op++ = 'x';
if (rule->rflags & FILTRULE_SENDER_SIDE
&& (!for_xfer || protocol_version >= 29))
*op++ = 's';

37
SOURCES/rsync-3.1.3-skip-compress.patch
View File

@ -1,37 +0,0 @@
diff --git a/loadparm.c b/loadparm.c
index 029f358f..534e7b63 100644
--- a/loadparm.c
+++ b/loadparm.c
@@ -449,7 +449,7 @@ static struct parm_struct parm_table[] =
};
/* Initialise the Default all_vars structure. */
-static void reset_all_vars(void)
+void reset_daemon_vars(void)
{
memcpy(&Vars, &Defaults, sizeof Vars);
}
@@ -872,7 +872,7 @@ int lp_load(char *pszFname, int globals_only)
{
bInGlobalSection = True;
- reset_all_vars();
+ reset_daemon_vars();
/* We get sections first, so have to start 'behind' to make up. */
iSectionIndex = -1;
diff --git a/main.c b/main.c
index 1328c504..9af9e5d3 100644
--- a/main.c
+++ b/main.c
@@ -1681,6 +1681,10 @@ int main(int argc,char *argv[])
memset(&stats, 0, sizeof(stats));
+ /* Even a non-daemon runs needs the default config values to be set, e.g.
+ * lp_dont_compress() is queried when no --skip-compress option is set. */
+ reset_daemon_vars();
+
if (argc < 2) {
usage(FERROR);
exit_cleanup(RERR_SYNTAX);

122
SOURCES/rsync-3.1.3-sparse-block.patch
View File

@ -1,122 +0,0 @@
diff --git a/fileio.c b/fileio.c
index b183e20..72d6076 100644
--- a/fileio.c
+++ b/fileio.c
@@ -34,6 +34,7 @@
#define ALIGNED_LENGTH(len) ((((len) - 1) | (ALIGN_BOUNDRY-1)) + 1)
extern int sparse_files;
+extern int sparse_files_block_size;
OFF_T preallocated_len = 0;
@@ -147,7 +148,7 @@ int write_file(int f, int use_seek, OFF_T offset, const char *buf, int len)
while (len > 0) {
int r1;
if (sparse_files > 0) {
- int len1 = MIN(len, SPARSE_WRITE_SIZE);
+ int len1 = MIN(len, sparse_files_block_size ? sparse_files_block_size : SPARSE_WRITE_SIZE);
r1 = write_sparse(f, use_seek, offset, buf, len1);
offset += r1;
} else {
diff --git a/options.c b/options.c
index 195672e..d08c05a 100644
--- a/options.c
+++ b/options.c
@@ -76,6 +76,7 @@ int remove_source_files = 0;
int one_file_system = 0;
int protocol_version = PROTOCOL_VERSION;
int sparse_files = 0;
+long sparse_files_block_size = 0;
int preallocate_files = 0;
int do_compression = 0;
int def_compress_level = NOT_SPECIFIED;
@@ -717,6 +718,7 @@ void usage(enum logcode F)
rprintf(F," --fake-super store/recover privileged attrs using xattrs\n");
#endif
rprintf(F," -S, --sparse turn sequences of nulls into sparse blocks\n");
+ rprintf(F," --sparse-block=SIZE set block size used to handle sparse files\n");
#ifdef SUPPORT_PREALLOCATION
rprintf(F," --preallocate allocate dest files before writing them\n");
#else
@@ -927,6 +929,7 @@ static struct poptOption long_options[] = {
{"sparse", 'S', POPT_ARG_VAL, &sparse_files, 1, 0, 0 },
{"no-sparse", 0, POPT_ARG_VAL, &sparse_files, 0, 0, 0 },
{"no-S", 0, POPT_ARG_VAL, &sparse_files, 0, 0, 0 },
+ {"sparse-block", 0, POPT_ARG_LONG, &sparse_files_block_size, 0, 0, 0 },
{"preallocate", 0, POPT_ARG_NONE, &preallocate_files, 0, 0, 0},
{"inplace", 0, POPT_ARG_VAL, &inplace, 1, 0, 0 },
{"no-inplace", 0, POPT_ARG_VAL, &inplace, 0, 0, 0 },
diff --git a/options.c b/options.c
index b12da55..5a27452 100644
--- a/options.c
+++ b/options.c
@@ -2606,6 +2606,12 @@ void server_options(char **args, int *argc_p)
args[ac++] = arg;
}
+ if (sparse_files_block_size) {
+ if (asprintf(&arg, "--sparse-block=%lu", sparse_files_block_size) < 0)
+ goto oom;
+ args[ac++] = arg;
+ }
+
if (io_timeout) {
if (asprintf(&arg, "--timeout=%d", io_timeout) < 0)
goto oom;
diff --git a/rsync.yo b/rsync.yo
--- a/rsync.yo
+++ b/rsync.yo
@@ -377,6 +377,7 @@ to the detailed description below for a complete description. verb(
--super receiver attempts super-user activities
--fake-super store/recover privileged attrs using xattrs
-S, --sparse turn sequences of nulls into sparse blocks
+ --sparse-block=SIZE set block size used to handle sparse files
--preallocate allocate dest files before writing
-n, --dry-run perform a trial run with no changes made
-W, --whole-file copy files whole (w/o delta-xfer algorithm)
@@ -1299,6 +1300,15 @@ If combined with bf(--sparse), the file will only have sparse blocks (as
opposed to allocated sequences of null bytes) if the kernel version and
filesystem type support creating holes in the allocated data.
+dit(bf(--sparse-block=SIZE)) Change the block size used to handle sparse files
+to SIZE bytes. This option only has an effect if the bf(--sparse) (bf(-S))
+option was also specified. The default block size used by rsync to detect a
+file hole is 1024 bytes; when the receiver writes data to the destination file
+and option bf(--sparse) is used, rsync checks every 1024-bytes chunk to detect
+if they are actually filled with data or not. With certain filesystems,
+optimized to receive data streams for example, enlarging this block size can
+strongly increase performance. The option can be used to tune this block size.
+
dit(bf(-n, --dry-run)) This makes rsync perform a trial run that doesn't
make any changes (and produces mostly the same output as a real run). It
is most commonly used in combination with the bf(-v, --verbose) and/or
diff --git a/rsync.1 b/rsync.1
index 855dd47..1d7af3c 100644
--- a/rsync.1
+++ b/rsync.1
@@ -454,6 +454,7 @@ to the detailed description below for a complete description.
\-\-super receiver attempts super\-user activities
\-\-fake\-super store/recover privileged attrs using xattrs
\-S, \-\-sparse turn sequences of nulls into sparse blocks
+ \-\-sparse-block=SIZE set block size used to handle sparse files
\-\-preallocate allocate dest files before writing
\-n, \-\-dry\-run perform a trial run with no changes made
\-W, \-\-whole\-file copy files whole (w/o delta\-xfer algorithm)
@@ -1493,6 +1493,16 @@ If combined with \fB\-\-sparse\fP, the file will only have sparse blocks (as
opposed to allocated sequences of null bytes) if the kernel version and
filesystem type support creating holes in the allocated data.
.IP
+.IP "\fB\-\-sparse\-block=SIZE\fP"
+Change the block size used to handle sparse files
+to SIZE bytes. This option only has an effect if the \fB\-\-sparse\fP (\fB\-S\fP)
+option was also specified. The default block size used by rsync to detect a
+file hole is 1024 bytes; when the receiver writes data to the destination file
+and option \fB\-\-sparse\fP is used, rsync checks every 1024\-bytes chunk to detect
+if they are actually filled with data or not. With certain filesystems,
+optimized to receive data streams for example, enlarging this block size can
+strongly increase performance. The option can be used to tune this block size.
+.IP
.IP "\fB\-n, \-\-dry\-run\fP"
This makes rsync perform a trial run that doesn\(cq\&t
make any changes (and produces mostly the same output as a real run). It

12
SOURCES/rsync-3.2.2-runtests.patch Normal file
View File

@ -0,0 +1,12 @@
diff --git a/runtests.sh.old b/runtests.sh
index ecb383e..1cd1d1a 100755
--- a/runtests.sh.old
+++ b/runtests.sh
@@ -276,6 +276,7 @@ do
case "$testscript" in
*hardlinks*) TESTRUN_TIMEOUT=600 ;;
+ *default-acls*) continue ;;
*) TESTRUN_TIMEOUT=300 ;;
esac

22
SOURCES/rsync-3.2.2-ssl-verify-hostname.patch Normal file
View File

@ -0,0 +1,22 @@
From Mon Sep 17 00:00:00 2001
From: Matt McCutchen <matt@mattmccutchen.net>
Date: Wed, 26 Aug 2020 12:16:08 -0400
rsync-ssl: Verify the hostname in the certificate when using openssl.
---
rsync-ssl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rsync-ssl b/rsync-ssl
index 8101975a..46701af1 100755
--- a/rsync-ssl
+++ b/rsync-ssl
@@ -129,7 +129,7 @@ function rsync_ssl_helper {
fi
if [[ $RSYNC_SSL_TYPE == openssl ]]; then
- exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port
+ exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -verify_hostname $hostname -connect $hostname:$port
elif [[ $RSYNC_SSL_TYPE == gnutls ]]; then
exec $RSYNC_SSL_GNUTLS --logfile=/dev/null $gnutls_cert_opt $gnutls_opts $hostname:$port
else

36
SOURCES/rsync-3.2.3-append-mode.patch Normal file
View File

@ -0,0 +1,36 @@
diff --git a/rsync.1.md b/rsync.1.md
index ec971ecc..7bb4c5a1 100644
--- a/rsync.1.md
+++ b/rsync.1.md
@@ -949,7 +949,9 @@ your home directory (remove the '=' for that).
existing content in the file (it only verifies the content that it is
appending). Rsync skips any files that exist on the receiving side that
are not shorter than the associated file on the sending side (which means
- that new files are trasnferred).
+ that new files are trasnferred). It also skips any files whose size on the
+ sending side gets shorter during the send negotiations (rsync warns about a
+ "diminished" file when this happens).
This does not interfere with the updating of a file's non-content
attributes (e.g. permissions, ownership, etc.) when the file does not need
diff --git a/sender.c b/sender.c
index 94761c26..9cfca134 100644
--- a/sender.c
+++ b/sender.c
@@ -362,6 +362,16 @@ void send_files(int f_in, int f_out)
exit_cleanup(RERR_FILEIO);
}
+ if (append_mode > 0 && st.st_size < F_LENGTH(file)) {
+ rprintf(FWARNING, "skipped diminished file: %s\n",
+ full_fname(fname));
+ free_sums(s);
+ close(fd);
+ if (protocol_version >= 30)
+ send_msg_int(MSG_NO_SEND, ndx);
+ continue;
+ }
+
if (IS_DEVICE(st.st_mode) && st.st_size == 0)
st.st_size = get_device_size(fd, fname);

48
SOURCES/rsync-3.2.3-atimes.patch Normal file
View File

@ -0,0 +1,48 @@
diff --git a/rsync.c b/rsync.c
index bcecac63..ff9489be 100644
--- a/rsync.c
+++ b/rsync.c
@@ -63,8 +63,7 @@ extern char *iconv_opt;
#define UPDATED_ATIME (1<<3)
#define UPDATED_ACLS (1<<4)
#define UPDATED_MODE (1<<5)
-
-#define UPDATED_TIMES (UPDATED_MTIME|UPDATED_ATIME)
+#define UPDATED_CRTIME (1<<6)
#ifdef ICONV_CONST
iconv_t ic_chck = (iconv_t)-1;
@@ -576,10 +575,11 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
set_xattr(fname, file, fnamecmp, sxp);
#endif
- if (!preserve_times
- || (!(preserve_times & PRESERVE_DIR_TIMES) && S_ISDIR(sxp->st.st_mode))
- || (!(preserve_times & PRESERVE_LINK_TIMES) && S_ISLNK(sxp->st.st_mode)))
- flags |= ATTRS_SKIP_MTIME | ATTRS_SKIP_ATIME;
+ if (!preserve_times)
+ flags |= ATTRS_SKIP_MTIME | (atimes_ndx ? 0 : ATTRS_SKIP_ATIME) | (crtimes_ndx ? 0 : ATTRS_SKIP_CRTIME);
+ else if ((!(preserve_times & PRESERVE_DIR_TIMES) && S_ISDIR(sxp->st.st_mode))
+ || (!(preserve_times & PRESERVE_LINK_TIMES) && S_ISLNK(sxp->st.st_mode)))
+ flags |= ATTRS_SKIP_MTIME | ATTRS_SKIP_ATIME | ATTRS_SKIP_CRTIME;
else if (sxp != &sx2)
memcpy(&sx2.st, &sxp->st, sizeof (sx2.st));
if (!atimes_ndx || S_ISDIR(sxp->st.st_mode))
@@ -606,7 +606,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
updated |= UPDATED_ATIME;
}
}
- if (updated & UPDATED_TIMES) {
+ if (updated & (UPDATED_MTIME|UPDATED_ATIME)) {
int ret = set_times(fname, &sx2.st);
if (ret < 0) {
rsyserr(FERROR_XFER, errno, "failed to set times on %s",
@@ -614,7 +614,7 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
goto cleanup;
}
if (ret > 0) { /* ret == 1 if symlink could not be set */
- updated &= ~UPDATED_TIMES;
+ updated &= ~(UPDATED_MTIME|UPDATED_ATIME);
file->flags |= FLAG_TIME_FAILED;
}
}

380
SOURCES/rsync-3.1.3-cve-2022-29154.patch → SOURCES/rsync-3.2.3-cve-2022-29154.patch
View File

@ -1,8 +1,8 @@
diff --git a/exclude.c b/exclude.c
index 7989fb3..13c4253 100644
index e095744..7906caa 100644
--- a/exclude.c
+++ b/exclude.c
@@ -24,18 +24,26 @@
@@ -25,18 +25,26 @@
extern int am_server;
extern int am_sender;
@ -29,7 +29,7 @@ index 7989fb3..13c4253 100644
extern char curr_dir[MAXPATHLEN];
extern unsigned int curr_dir_len;
extern unsigned int module_dirlen;
@@ -43,8 +51,10 @@ extern unsigned int module_dirlen;
@@ -44,8 +51,10 @@ extern unsigned int module_dirlen;
filter_rule_list filter_list = { .debug_type = "" };
filter_rule_list cvs_filter_list = { .debug_type = " [global CVS]" };
filter_rule_list daemon_filter_list = { .debug_type = " [daemon]" };
@ -40,7 +40,7 @@ index 7989fb3..13c4253 100644
/* Need room enough for ":MODS " prefix plus some room to grow. */
#define MAX_RULE_PREFIX (16)
@@ -293,6 +303,233 @@ static void add_rule(filter_rule_list *listp, const char *pat, unsigned int pat_
@@ -288,6 +297,233 @@ static void add_rule(filter_rule_list *listp, const char *pat, unsigned int pat_
}
}
@ -143,9 +143,9 @@ index 7989fb3..13c4253 100644
+ arg = cp + 3;
+ } else if ((cp = strrchr(arg, '/')) != NULL) {
+ arg = cp + 1;
+ if (*arg == '.' && arg[1] == '\0')
+ arg++;
+ }
+ if (*arg == '.' && arg[1] == '\0')
+ arg++;
+ arg_len = strlen(arg);
+ if (arg_len) {
+ if (strpbrk(arg, "*[?")) {
@ -274,7 +274,7 @@ index 7989fb3..13c4253 100644
/* This frees any non-inherited items, leaving just inherited items on the list. */
static void pop_filter_list(filter_rule_list *listp)
{
@@ -709,11 +946,12 @@ static void report_filter_result(enum logcode code, char const *name,
@@ -702,11 +938,12 @@ static void report_filter_result(enum logcode code, char const *name,
filter_rule const *ent,
int name_flags, const char *type)
{
@ -290,7 +290,7 @@ index 7989fb3..13c4253 100644
static char *actions[2][2]
= { {"show", "hid"}, {"risk", "protect"} };
const char *w = who_am_i();
@@ -721,7 +959,7 @@ static void report_filter_result(enum logcode code, char const *name,
@@ -714,7 +951,7 @@ static void report_filter_result(enum logcode code, char const *name,
: name_flags & NAME_IS_DIR ? "directory"
: "file";
rprintf(code, "[%s] %sing %s %s because of pattern %s%s%s\n",
@ -299,7 +299,7 @@ index 7989fb3..13c4253 100644
t, name, ent->pattern,
ent->rflags & FILTRULE_DIRECTORY ? "/" : "", type);
}
@@ -894,6 +1132,7 @@ static filter_rule *parse_rule_tok(const char **rulestr_ptr,
@@ -886,6 +1123,7 @@ static filter_rule *parse_rule_tok(const char **rulestr_ptr,
}
switch (ch) {
case ':':
@ -308,10 +308,10 @@ index 7989fb3..13c4253 100644
| FILTRULE_FINISH_SETUP;
/* FALL THROUGH */
diff --git a/flist.c b/flist.c
index 499440c..630d685 100644
index 5a1e424..4e9dd10 100644
--- a/flist.c
+++ b/flist.c
@@ -70,6 +70,7 @@ extern int need_unsorted_flist;
@@ -72,6 +72,7 @@ extern int need_unsorted_flist;
extern int sender_symlink_iconv;
extern int output_needs_newline;
extern int sender_keeps_checksum;
@ -319,7 +319,7 @@ index 499440c..630d685 100644
extern int unsort_ndx;
extern uid_t our_uid;
extern struct stats stats;
@@ -80,8 +81,7 @@ extern char curr_dir[MAXPATHLEN];
@@ -82,8 +83,7 @@ extern char curr_dir[MAXPATHLEN];
extern struct chmod_mode_struct *chmod_modes;
@ -329,7 +329,7 @@ index 499440c..630d685 100644
#ifdef ICONV_OPTION
extern int filesfrom_convert;
@@ -904,6 +904,19 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x
@@ -971,6 +971,19 @@ static struct file_struct *recv_file_entry(int f, struct file_list *flist, int x
exit_cleanup(RERR_UNSUPPORTED);
}
@ -350,10 +350,10 @@ index 499440c..630d685 100644
if (one_file_system) {
/* Room to save the dir's device for -x */
diff --git a/io.c b/io.c
index 59105ba..3aea50f 100644
index b50a066..6d0a389 100644
--- a/io.c
+++ b/io.c
@@ -374,6 +374,7 @@ static void forward_filesfrom_data(void)
@@ -373,6 +373,7 @@ static void forward_filesfrom_data(void)
free_xbuf(&ff_xb);
if (ff_reenable_multiplex >= 0)
io_start_multiplex_out(ff_reenable_multiplex);
@ -361,7 +361,7 @@ index 59105ba..3aea50f 100644
}
return;
}
@@ -415,6 +416,7 @@ static void forward_filesfrom_data(void)
@@ -414,6 +415,7 @@ static void forward_filesfrom_data(void)
while (s != eob) {
if (*s++ == '\0') {
ff_xb.len = s - sob - 1;
@ -369,7 +369,7 @@ index 59105ba..3aea50f 100644
if (iconvbufs(ic_send, &ff_xb, &iobuf.out, flags) < 0)
exit_cleanup(RERR_PROTOCOL); /* impossible? */
write_buf(iobuf.out_fd, s-1, 1); /* Send the '\0'. */
@@ -430,6 +432,7 @@ static void forward_filesfrom_data(void)
@@ -429,6 +431,7 @@ static void forward_filesfrom_data(void)
ff_lastchar = '\0';
else {
/* Handle a partial string specially, saving any incomplete chars. */
@ -377,7 +377,7 @@ index 59105ba..3aea50f 100644
flags &= ~ICB_INCLUDE_INCOMPLETE;
if (iconvbufs(ic_send, &ff_xb, &iobuf.out, flags) < 0) {
if (errno == E2BIG)
@@ -446,13 +449,17 @@ static void forward_filesfrom_data(void)
@@ -445,13 +448,17 @@ static void forward_filesfrom_data(void)
char *f = ff_xb.buf + ff_xb.pos;
char *t = ff_xb.buf;
char *eob = f + len;
@ -396,10 +396,10 @@ index 59105ba..3aea50f 100644
if ((len = t - ff_xb.buf) != 0) {
/* This will not circle back to perform_io() because we only get
diff --git a/main.c b/main.c
index 6113563..abe2ebf 100644
index 46b97b5..f124a2d 100644
--- a/main.c
+++ b/main.c
@@ -42,6 +42,7 @@ extern int output_needs_newline;
@@ -48,6 +48,7 @@ extern int called_from_signal_handler;
extern int need_messages_from_generator;
extern int kluge_around_eof;
extern int got_xfer_error;
@ -407,15 +407,15 @@ index 6113563..abe2ebf 100644
extern int msgs2stderr;
extern int module_id;
extern int read_only;
@@ -78,6 +79,7 @@ extern BOOL flist_receiving_enabled;
extern BOOL shutting_down;
@@ -87,6 +88,7 @@ extern BOOL shutting_down;
extern int backup_dir_len;
extern int basis_dir_cnt;
extern int default_af_hint;
+extern int trust_sender_filter;
extern struct stats stats;
extern char *stdout_format;
extern char *logfile_format;
@@ -93,7 +95,7 @@ extern char curr_dir[MAXPATHLEN];
@@ -102,7 +104,7 @@ extern char curr_dir[MAXPATHLEN];
extern char backup_dir_buf[MAXPATHLEN];
extern char *basis_dir[MAX_BASIS_DIRS+1];
extern struct file_list *first_flist;
@ -424,7 +424,7 @@ index 6113563..abe2ebf 100644
uid_t our_uid;
gid_t our_gid;
@@ -503,11 +505,7 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in
@@ -611,11 +613,7 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in
rprintf(FERROR, "internal: args[] overflowed in do_cmd()\n");
exit_cleanup(RERR_SYNTAX);
}
@ -437,7 +437,7 @@ index 6113563..abe2ebf 100644
remote_argc--;
}
}
@@ -534,6 +532,7 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in
@@ -642,6 +640,7 @@ static pid_t do_cmd(char *cmd, char *machine, char *user, char **remote_argv, in
#ifdef ICONV_CONST
setup_iconv();
#endif
@ -445,7 +445,7 @@ index 6113563..abe2ebf 100644
} else if (local_server) {
/* If the user didn't request --[no-]whole-file, force
* it on, but only if we're not batch processing. */
@@ -943,6 +942,7 @@ static int do_recv(int f_in, int f_out, char *local_name)
@@ -1080,6 +1079,7 @@ static int do_recv(int f_in, int f_out, char *local_name)
}
am_generator = 1;
@ -453,8 +453,8 @@ index 6113563..abe2ebf 100644
flist_receiving_enabled = True;
io_end_multiplex_in(MPLX_SWITCHING);
@@ -1340,6 +1340,10 @@ static int start_client(int argc, char *argv[])
remote_argc = argc = 1;
@@ -1475,6 +1475,10 @@ static int start_client(int argc, char *argv[])
rsync_port = 0;
}
+ /* A local transfer doesn't unbackslash anything, so leave the args alone. */
@ -464,28 +464,28 @@ index 6113563..abe2ebf 100644
if (!rsync_port && remote_argc && !**remote_argv) /* Turn an empty arg into a dot dir. */
*remote_argv = ".";
@@ -1358,6 +1362,8 @@ static int start_client(int argc, char *argv[])
@@ -1500,6 +1504,8 @@ static int start_client(int argc, char *argv[])
char *dummy_host;
int dummy_port = rsync_port;
int i;
+ if (filesfrom_fd < 0)
+ add_implied_include(remote_argv[0], daemon_over_rsh);
+ add_implied_include(remote_argv[0], daemon_connection);
/* For remote source, any extra source args must have either
* the same hostname or an empty hostname. */
for (i = 1; i < remote_argc; i++) {
@@ -1381,6 +1387,7 @@ static int start_client(int argc, char *argv[])
@@ -1523,6 +1529,7 @@ static int start_client(int argc, char *argv[])
if (!rsync_port && !*arg) /* Turn an empty arg into a dot dir. */
arg = ".";
remote_argv[i] = arg;
+ add_implied_include(arg, daemon_over_rsh);
+ add_implied_include(arg, daemon_connection);
}
}
diff --git a/receiver.c b/receiver.c
index d6a48f1..c0aa893 100644
index 9df603f..3182e2d 100644
--- a/receiver.c
+++ b/receiver.c
@@ -577,10 +577,13 @@ int recv_files(int f_in, int f_out, char *local_name)
@@ -584,10 +584,13 @@ int recv_files(int f_in, int f_out, char *local_name)
if (DEBUG_GTE(RECV, 1))
rprintf(FINFO, "recv_files(%s)\n", fname);
@ -504,7 +504,7 @@ index d6a48f1..c0aa893 100644
#ifdef SUPPORT_XATTRS
diff --git a/options.c b/options.c
index 43e8257..aaf8cc9 100644
index 3e530c2..7582236 100644
--- a/options.c
+++ b/options.c
@@ -99,6 +99,7 @@ int filesfrom_fd = -1;
@ -514,8 +514,8 @@ index 43e8257..aaf8cc9 100644
+int old_style_args = -1;
int human_readable = 1;
int recurse = 0;
int allow_inc_recurse = 1;
@@ -277,7 +278,7 @@ static struct output_struct debug_words[COUNT_DEBUG+1] = {
int mkpath_dest_arg = 0;
@@ -287,7 +288,7 @@ static struct output_struct debug_words[COUNT_DEBUG+1] = {
DEBUG_WORD(DELTASUM, W_SND|W_REC, "Debug delta-transfer checksumming (levels 1-4)"),
DEBUG_WORD(DUP, W_REC, "Debug weeding of duplicate names"),
DEBUG_WORD(EXIT, W_CLI|W_SRV, "Debug exit events (levels 1-3)"),
@ -524,16 +524,16 @@ index 43e8257..aaf8cc9 100644
DEBUG_WORD(FLIST, W_SND|W_REC, "Debug file-list operations (levels 1-4)"),
DEBUG_WORD(FUZZY, W_REC, "Debug fuzzy scoring (levels 1-2)"),
DEBUG_WORD(GENR, W_REC, "Debug generator functions"),
@@ -824,7 +825,7 @@ enum {OPT_VERSION = 1000, OPT_DAEMON, OPT_SENDER, OPT_EXCLUDE, OPT_EXCLUDE_FROM,
OPT_INCLUDE, OPT_INCLUDE_FROM, OPT_MODIFY_WINDOW, OPT_MIN_SIZE, OPT_CHMOD,
@@ -575,7 +576,7 @@ enum {OPT_SERVER = 1000, OPT_DAEMON, OPT_SENDER, OPT_EXCLUDE, OPT_EXCLUDE_FROM,
OPT_READ_BATCH, OPT_WRITE_BATCH, OPT_ONLY_WRITE_BATCH, OPT_MAX_SIZE,
OPT_NO_D, OPT_APPEND, OPT_NO_ICONV, OPT_INFO, OPT_DEBUG,
- OPT_USERMAP, OPT_GROUPMAP, OPT_CHOWN, OPT_BWLIMIT,
+ OPT_USERMAP, OPT_GROUPMAP, OPT_CHOWN, OPT_BWLIMIT, OPT_OLD_ARGS,
OPT_SERVER, OPT_REFUSED_BASE = 9000};
OPT_NO_D, OPT_APPEND, OPT_NO_ICONV, OPT_INFO, OPT_DEBUG, OPT_BLOCK_SIZE,
OPT_USERMAP, OPT_GROUPMAP, OPT_CHOWN, OPT_BWLIMIT, OPT_STDERR,
- OPT_OLD_COMPRESS, OPT_NEW_COMPRESS, OPT_NO_COMPRESS,
+ OPT_OLD_COMPRESS, OPT_NEW_COMPRESS, OPT_NO_COMPRESS, OPT_OLD_ARGS,
OPT_STOP_AFTER, OPT_STOP_AT,
OPT_REFUSED_BASE = 9000};
static struct poptOption long_options[] = {
@@ -1011,6 +1012,8 @@ static struct poptOption long_options[] = {
@@ -779,6 +780,8 @@ static struct poptOption long_options[] = {
{"files-from", 0, POPT_ARG_STRING, &files_from, 0, 0, 0 },
{"from0", '0', POPT_ARG_VAL, &eol_nulls, 1, 0, 0},
{"no-from0", 0, POPT_ARG_VAL, &eol_nulls, 0, 0, 0},
@ -542,8 +542,8 @@ index 43e8257..aaf8cc9 100644
{"protect-args", 's', POPT_ARG_VAL, &protect_args, 1, 0, 0},
{"no-protect-args", 0, POPT_ARG_VAL, &protect_args, 0, 0, 0},
{"no-s", 0, POPT_ARG_VAL, &protect_args, 0, 0, 0},
@@ -1577,6 +1580,13 @@ int parse_arguments(int *argc_p, const char ***argv_p)
do_compression++;
@@ -1605,6 +1608,13 @@ int parse_arguments(int *argc_p, const char ***argv_p)
compress_choice = NULL;
break;
+ case OPT_OLD_ARGS:
@ -556,8 +556,8 @@ index 43e8257..aaf8cc9 100644
case 'M':
arg = poptGetOptArg(pc);
if (*arg != '-') {
@@ -1829,6 +1839,21 @@ int parse_arguments(int *argc_p, const char ***argv_p)
}
@@ -1914,6 +1924,21 @@ int parse_arguments(int *argc_p, const char ***argv_p)
max_alloc = size;
}
+ if (old_style_args < 0) {
@ -578,7 +578,7 @@ index 43e8257..aaf8cc9 100644
if (protect_args < 0) {
if (am_server)
protect_args = 0;
@@ -2381,6 +2406,71 @@ int parse_arguments(int *argc_p, const char ***argv_p)
@@ -2451,6 +2476,71 @@ int parse_arguments(int *argc_p, const char ***argv_p)
}
@ -650,7 +650,7 @@ index 43e8257..aaf8cc9 100644
/**
* Construct a filtered list of options to pass through from the
* client to the server.
@@ -2556,9 +2646,7 @@ void server_options(char **args, int *argc_p)
@@ -2633,9 +2723,7 @@ void server_options(char **args, int *argc_p)
set++;
else
set = iconv_opt;
@ -661,7 +661,7 @@ index 43e8257..aaf8cc9 100644
}
#endif
@@ -2625,23 +2713,17 @@ void server_options(char **args, int *argc_p)
@@ -2701,33 +2789,24 @@ void server_options(char **args, int *argc_p)
}
if (backup_dir) {
@ -689,9 +689,21 @@ index 43e8257..aaf8cc9 100644
+ if (checksum_choice)
+ args[ac++] = safe_arg("--checksum-choice", checksum_choice);
if (do_compression == CPRES_ZLIBX)
args[ac++] = "--new-compress";
else if (compress_choice && do_compression == CPRES_ZLIB)
args[ac++] = "--old-compress";
- else if (compress_choice) {
- if (asprintf(&arg, "--compress-choice=%s", compress_choice) < 0)
- goto oom;
- args[ac++] = arg;
- }
+ else if (compress_choice)
+ args[ac++] = safe_arg("--compress-choice", compress_choice);
if (am_sender) {
if (max_delete > 0) {
@@ -2650,14 +2732,10 @@ void server_options(char **args, int *argc_p)
@@ -2736,14 +2815,10 @@ void server_options(char **args, int *argc_p)
args[ac++] = arg;
} else if (max_delete == 0)
args[ac++] = "--max-delete=-1";
@ -710,7 +722,7 @@ index 43e8257..aaf8cc9 100644
if (delete_before)
args[ac++] = "--delete-before";
else if (delete_during == 2)
@@ -2681,11 +2759,8 @@ void server_options(char **args, int *argc_p)
@@ -2767,17 +2842,12 @@ void server_options(char **args, int *argc_p)
if (do_stats)
args[ac++] = "--stats";
} else {
@ -723,8 +735,16 @@ index 43e8257..aaf8cc9 100644
+ args[ac++] = safe_arg("--skip-compress", skip_compress);
}
- if (max_alloc_arg && max_alloc != DEFAULT_MAX_ALLOC) {
- args[ac++] = "--max-alloc";
- args[ac++] = max_alloc_arg;
- }
+ if (max_alloc_arg && max_alloc != DEFAULT_MAX_ALLOC)
+ args[ac++] = safe_arg("--max-alloc", max_alloc_arg);
/* --delete-missing-args needs the cooperation of both sides, but
@@ -2711,7 +2786,7 @@ void server_options(char **args, int *argc_p)
* the sender can handle --ignore-missing-args by itself. */
@@ -2802,7 +2872,7 @@ void server_options(char **args, int *argc_p)
if (partial_dir && am_sender) {
if (partial_dir != tmp_partialdir) {
args[ac++] = "--partial-dir";
@ -733,7 +753,7 @@ index 43e8257..aaf8cc9 100644
}
if (delay_updates)
args[ac++] = "--delay-updates";
@@ -2734,17 +2809,11 @@ void server_options(char **args, int *argc_p)
@@ -2825,17 +2895,11 @@ void server_options(char **args, int *argc_p)
args[ac++] = "--use-qsort";
if (am_sender) {
@ -755,7 +775,7 @@ index 43e8257..aaf8cc9 100644
if (ignore_existing)
args[ac++] = "--ignore-existing";
@@ -2755,7 +2824,7 @@ void server_options(char **args, int *argc_p)
@@ -2846,7 +2910,7 @@ void server_options(char **args, int *argc_p)
if (tmpdir) {
args[ac++] = "--temp-dir";
@ -764,16 +784,16 @@ index 43e8257..aaf8cc9 100644
}
if (basis_dir[0]) {
@@ -2765,7 +2834,7 @@ void server_options(char **args, int *argc_p)
@@ -2856,7 +2920,7 @@ void server_options(char **args, int *argc_p)
*/
for (i = 0; i < basis_dir_cnt; i++) {
args[ac++] = dest_option;
args[ac++] = alt_dest_opt(0);
- args[ac++] = basis_dir[i];
+ args[ac++] = safe_arg("", basis_dir[i]);
}
}
}
@@ -2790,7 +2859,7 @@ void server_options(char **args, int *argc_p)
@@ -2877,7 +2941,7 @@ void server_options(char **args, int *argc_p)
if (files_from && (!am_sender || filesfrom_host)) {
if (filesfrom_host) {
args[ac++] = "--files-from";
@ -782,7 +802,7 @@ index 43e8257..aaf8cc9 100644
if (eol_nulls)
args[ac++] = "--from0";
} else {
@@ -2830,7 +2899,7 @@ void server_options(char **args, int *argc_p)
@@ -2923,7 +2987,7 @@ void server_options(char **args, int *argc_p)
exit_cleanup(RERR_SYNTAX);
}
for (j = 1; j <= remote_option_cnt; j++)
@ -792,10 +812,10 @@ index 43e8257..aaf8cc9 100644
*argc_p = ac;
diff --git a/clientserver.c b/clientserver.c
index e2e2dc0..c18c024 100644
index 48c15a6..feca9c8 100644
--- a/clientserver.c
+++ b/clientserver.c
@@ -45,6 +45,7 @@ extern int protocol_version;
@@ -47,6 +47,7 @@ extern int protocol_version;
extern int io_timeout;
extern int no_detach;
extern int write_batch;
@ -803,7 +823,7 @@ index e2e2dc0..c18c024 100644
extern int default_af_hint;
extern int logfile_format_has_i;
extern int logfile_format_has_o_or_i;
@@ -255,20 +256,45 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
@@ -288,20 +289,45 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
sargs[sargc++] = ".";
@ -857,87 +877,90 @@ index e2e2dc0..c18c024 100644
argc--;
}
diff --git a/rsync.1 b/rsync.1
index cf2f573..839f5ad 100644
index e0e13cf..e363827 100644
--- a/rsync.1
+++ b/rsync.1
@@ -197,7 +197,7 @@ or with the hostname omitted. For instance, all these work:
.br
\f(CWrsync \-av host::modname/file{1,2} host::modname/file3 /dest/\fP
.br
-\f(CWrsync \-av host::modname/file1 ::modname/file{3,4}\fP
+\f(CWrsync \-av host::modname/file1 ::modname/file{3,4} /dest/\fP
@@ -194,32 +194,27 @@ the hostname omitted. For instance, all these work:
.nf
rsync -av host:file1 :file2 host:file{3,4} /dest/
rsync -av host::modname/file{1,2} host::modname/file3 /dest/
-rsync -av host::modname/file1 ::modname/file{3,4}
+rsync -av host::modname/file1 ::modname/file{3,4} /dest/
.fi
.RE
.PP
@@ -211,18 +211,23 @@ examples:
.RE
.PP
-This word\-splitting still works (by default) in the latest rsync, but is
-not as easy to use as the first method.
-.PP
-If you need to transfer a filename that contains whitespace, you can either
-specify the \fB\-\-protect\-args\fP (\fB\-s\fP) option, or you\(cq\&ll need to escape
-the whitespace in a way that the remote shell will understand. For
-instance:
-.PP
-.RS
-\f(CWrsync \-av host:'\&file\e name\e with\e spaces'\& /dest\fP
.P
-Older versions of rsync required using quoted spaces in the SRC, like these
-examples:
+Starting this version of rsync, filenames are passed to a remote shell
+in such a way as to preserve the characters you give it.
+Thus, if you ask for a file with spaces in the name, that's what the
+remote rsync looks for:
+.PP
+.RS
+\f(CWrsync \-aiv host:'\&a simple file.pdf'\& /dest/\fP
.RS 4
.P
.nf
-rsync -av host:'dir1/file1 dir2/file2' /dest
-rsync host::'modname/dir1/file1 modname/dir2/file2' /dest
+rsync -aiv host:'a simple file.pdf' /dest/
.fi
.RE
+.PP
.P
-This word-splitting still works (by default) in the latest rsync, but is not as
-easy to use as the first method.
-.P
-If you need to transfer a filename that contains whitespace, you can either
-specify the \fB\-\-protect-args\fP (\fB\-s\fP) option, or you'll need to escape the
-whitespace in a way that the remote shell will understand. For instance:
-.RS 4
-.P
-.nf
-rsync -av host:'file\\ name\\ with\\ spaces' /dest
-.fi
-.RE
+If you use scripts that have been written to manually apply extra quoting to
+the remote rsync args (or to require remote arg splitting), you can ask rsync
+to let your script handle the extra escaping. This is done by either adding
+the \fB\-\-old\-args\fP option to the rsync runs in the script (which requires
+a new rsync) or exporting \fBRSYNC_OLD_ARGS\fP=1 and \fBRSYNC_PROTECT_ARGS\fP=0
+(which works with old or new rsync versions).
+
.PP
.P
.SH "CONNECTING TO AN RSYNC DAEMON"
@@ -429,6 +434,7 @@ to the detailed description below for a complete description.
\-\-append append data onto shorter files
\-\-append\-verify \-\-append w/old data in file checksum
\-d, \-\-dirs transfer directories without recursing
+ \-\-old\-dirs, \-\-old\-d works like --dirs when talking to old rsync
\-l, \-\-links copy symlinks as symlinks
\-L, \-\-copy\-links transform symlink into referent file/dir
\-\-copy\-unsafe\-links only \(dq\&unsafe\(dq\& symlinks are transformed
@@ -511,6 +517,7 @@ to the detailed description below for a complete description.
\-\-include\-from=FILE read include patterns from FILE
\-\-files\-from=FILE read list of source\-file names from FILE
\-0, \-\-from0 all *from/filter files are delimited by 0s
+ \-\-old\-args disable the modern arg-protection idiom
\-s, \-\-protect\-args no space\-splitting; wildcard chars only
\-\-address=ADDRESS bind address for outgoing socket to daemon
\-\-port=PORT specify double\-colon alternate port number
@@ -1857,10 +1864,10 @@ Be cautious using this, as it is possible to toggle an option that will cause
rsync to have a different idea about what data to expect next over the socket,
and that will make it fail in a cryptic fashion.
.IP
-Note that it is best to use a separate \fB\-\-remote\-option\fP for each option you
-want to pass. This makes your useage compatible with the \fB\-\-protect\-args\fP
-option. If that option is off, any spaces in your remote options will be split
-by the remote shell unless you take steps to protect them.
.P
@@ -427,6 +422,7 @@ detailed description below for a complete description.
--append append data onto shorter files
--append-verify --append w/old data in file checksum
--dirs, -d transfer directories without recursing
+--old-dirs, --old-d works like --dirs when talking to old rsync
--mkpath create the destination's path component
--links, -l copy symlinks as symlinks
--copy-links, -L transform symlink into referent file/dir
@@ -515,6 +511,7 @@ detailed description below for a complete description.
--include-from=FILE read include patterns from FILE
--files-from=FILE read list of source-file names from FILE
--from0, -0 all *-from/filter files are delimited by 0s
+--old-args disable the modern arg-protection idiom
--protect-args, -s no space-splitting; wildcard chars only
--copy-as=USER[:GROUP] specify user & optional group for the copy
--address=ADDRESS bind address for outgoing socket to daemon
@@ -1950,11 +1947,10 @@ Be cautious using this, as it is possible to toggle an option that will
cause rsync to have a different idea about what data to expect next over
the socket, and that will make it fail in a cryptic fashion.
.IP
-Note that it is best to use a separate \fB\-\-remote-option\fP for each option
-you want to pass. This makes your usage compatible with the
-\fB\-\-protect-args\fP option. If that option is off, any spaces in your remote
-options will be split by the remote shell unless you take steps to protect
-them.
+Note that you should use a separate \fB\-M\fP for each remote option you
+want to pass. On older rsync versions, the presence of any spaces in the
+remote-option arg could cause it to be split into separate remote args, but
+this requires the use of \fB\-\-old\-args\fP in this version of rsync.
.IP
When performing a local transfer, the \(dq\&local\(dq\& side is the sender and the
\(dq\&remote\(dq\& side is the receiver.
@@ -2054,32 +2061,64 @@ merged files specified in a \fB\-\-filter\fP rule.
It does not affect \fB\-\-cvs\-exclude\fP (since all names read from a .cvsignore
file are split on whitespace).
.IP
.IP
When performing a local transfer, the "local" side is the sender and the
"remote" side is the receiver.
@@ -2169,26 +2165,64 @@ terminated by a null ('\\0') character, not a NL, CR, or CR+LF. This
affects \fB\-\-exclude-from\fP, \fB\-\-include-from\fP, \fB\-\-files-from\fP, and any merged
files specified in a \fB\-\-filter\fP rule. It does not affect \fB\-\-cvs-exclude\fP
(since all names read from a .cvsignore file are split on whitespace).
+.IP "\fB\-\-old\-args\fP"
+This option tells rsync to stop trying to protect the arg values from
+unintended word-splitting or other misinterpretation by using its new
@ -967,42 +990,38 @@ index cf2f573..839f5ad 100644
+.IP
+This option conflicts with the \fB\-\-protect\-args\fP option.
+.IP
.IP "\fB\-s, \-\-protect\-args\fP"
-This option sends all filenames and most options to
-the remote rsync without allowing the remote shell to interpret them. This
-means that spaces are not split in names, and any non\-wildcard special
-characters are not translated (such as ~, $, ;, &, etc.). Wildcards are
-expanded on the remote host by rsync (instead of the shell doing it).
+This option sends all filenames and most options to the remote rsync
.IP "\fB\-\-protect-args\fP, \fB\-s\fP"
This option sends all filenames and most options to the remote rsync
-without allowing the remote shell to interpret them. This means that
-spaces are not split in names, and any non-wildcard special characters are
-not translated (such as \fB~\fP, \fB$\fP, \fB;\fP, \fB&\fP, etc.). Wildcards are expanded
-on the remote host by rsync (instead of the shell doing it).
+without allowing the remote shell to interpret them. Wildcards are
+expanded on the remote host by rsync instead of the shell doing it.
+.IP
+This is similar to the new-style backslash-escaping of args that was added
+in this version of rsync, but supports some extra features and doesn't
+rely on backslash escaping in the remote shell.
.IP
If you use this option with \fB\-\-iconv\fP, the args related to the remote
side will also be translated
from the local to the remote character\-set. The translation happens before
wild\-cards are expanded. See also the \fB\-\-files\-from\fP option.
.IP
.IP
If you use this option with \fB\-\-iconv\fP, the args related to the remote side
will also be translated from the local to the remote character-set. The
translation happens before wild-cards are expanded. See also the
\fB\-\-files-from\fP option.
.IP
-You may also control this option via the RSYNC_PROTECT_ARGS environment
-variable. If this variable has a non\-zero value, this option will be enabled
-variable. If this variable has a non-zero value, this option will be
-enabled by default, otherwise it will be disabled by default. Either state
+You may also control this setting via the RSYNC_PROTECT_ARGS environment
+variable. If it has a non-zero value, this setting will be enabled
by default, otherwise it will be disabled by default. Either state is
overridden by a manually specified positive or negative version of this option
(note that \fB\-\-no\-s\fP and \fB\-\-no\-protect\-args\fP are the negative versions).
-Since this option was first introduced in 3.0.0, you\(cq\&ll need to make sure it\(cq\&s
-disabled if you ever need to interact with a remote rsync that is older than
-that.
-.IP
-Rsync can also be configured (at build time) to have this option enabled by
-default (with is overridden by both the environment and the command\-line).
-This option will eventually become a new default setting at some
-as\-yet\-undetermined point in the future.
+This environment variable is also superseded by a non-zero \fBRSYNC_OLD_ARGS\fP export.
.IP
+by default, otherwise it will be disabled by default. Either state
is overridden by a manually specified positive or negative version of this
option (note that \fB\-\-no-s\fP and \fB\-\-no-protect-args\fP are the negative
-versions). Since this option was first introduced in 3.0.0, you'll need to
-make sure it's disabled if you ever need to interact with a remote rsync
-that is older than that.
+versions). This environment variable is also superseded by a non-zero
+\fBRSYNC_OLD_ARGS\fP export.
+.IP
+You may need to disable this option when interacting with an older rsync
+(one prior to 3.0.0).
+.IP
@ -1010,38 +1029,39 @@ index cf2f573..839f5ad 100644
+.IP
+Note that this option is incompatible with the use of the restricted rsync
+script (`rrsync`) since it hides options from the script's inspection.
+.IP
.IP "\fB\-T, \-\-temp\-dir=DIR\fP"
This option instructs rsync to use DIR as a
scratch directory when creating temporary copies of the files transferred
@@ -2371,7 +2410,11 @@ as a super\-user (see also the \fB\-\-fake\-super\fP option). For the \fB\-\-gr
option to have any effect, the \fB\-g\fP (\fB\-\-groups\fP) option must be used
(or implied), and the receiver will need to have permissions to set that
group.
-.IP
+.IP
.IP
Rsync can also be configured (at build time) to have this option enabled by
default (with is overridden by both the environment and the command-line).
@@ -2675,7 +2708,10 @@ super-user (see also the \fB\-\-fake-super\fP option). For the \fB\-\-groupmap\
option to have any effect, the \fB\-g\fP (\fB\-\-groups\fP) option must be used (or
implied), and the receiver will need to have permissions to set that group.
.IP
-If your shell complains about the wildcards, use \fB\-\-protect-args\fP (\fB\-s\fP).
+An older rsync client may need to use \fB\-\-protect\-args\fP (\fB\-s\fP)
+to avoid a complaint about wildcard characters, but a modern rsync handles
+this automatically.
+.IP
.IP "\fB\-\-chown=USER:GROUP\fP"
This option forces all files to be owned by USER
with group GROUP. This is a simpler interface than using \fB\-\-usermap\fP and
@@ -2382,6 +2425,10 @@ be omitted, but if USER is empty, a leading colon must be supplied.
.IP
If you specify \(dq\&\-\-chown=foo:bar, this is exactly the same as specifying
\(dq\&\-\-usermap=*:foo \-\-groupmap=*:bar\(dq\&, only easier.
This option forces all files to be owned by USER with group GROUP. This is
a simpler interface than using \fB\-\-usermap\fP and \fB\-\-groupmap\fP directly, but
@@ -2685,8 +2721,11 @@ will occur. If GROUP is empty, the trailing colon may be omitted, but if
USER is empty, a leading colon must be supplied.
.IP
If you specify "\fB\-\-chown=foo:bar\fP", this is exactly the same as specifying
-"\fB\-\-usermap=*:foo\ \-\-groupmap=*:bar\fP", only easier. If your shell complains
-about the wildcards, use \fB\-\-protect-args\fP (\fB\-s\fP).
+"\fB\-\-usermap=*:foo\ \-\-groupmap=*:bar\fP", only easier.
+.IP
+An older rsync client may need to use \fB\-\-protect\-args\fP (\fB\-s\fP) to avoid a
+complaint about wildcard characters, but a modern rsync handles this
+automatically.
.IP
.IP "\fB\-\-timeout=TIMEOUT\fP"
This option allows you to set a maximum I/O
@@ -3983,10 +4030,24 @@ more details.
.IP "\fB\-\-timeout=SECONDS\fP"
This option allows you to set a maximum I/O timeout in seconds. If no data
is transferred for the specified time then rsync will exit. The default is
@@ -4233,10 +4272,24 @@ The CVSIGNORE environment variable supplements any ignore patterns in
.IP "\fBRSYNC_ICONV\fP"
Specify a default \fB\-\-iconv\fP setting using this
environment variable. (First supported in 3.0.0.)
Specify a default \fB\-\-iconv\fP setting using this environment variable. (First
supported in 3.0.0.)
+.IP "\fBRSYNC_OLD_ARGS\fP"
+Specify a "1" if you want the \fB\-\-old\-args\fP option to be enabled by default,
+a "2" (or more) if you want it to be enabled in the option-repeated state,
@ -1052,14 +1072,14 @@ index cf2f573..839f5ad 100644
+This variable is ignored if \fB\-\-old\-args\fP, \fB\-\-no\-old\-args\fP, or
+\fB\-\-protect\-args\fP is specified on the command line.
.IP "\fBRSYNC_PROTECT_ARGS\fP"
Specify a non\-zero numeric value if you want the
\fB\-\-protect\-args\fP option to be enabled by default, or a zero value to make
sure that it is disabled by default. (First supported in 3.1.0.)
Specify a non-zero numeric value if you want the \fB\-\-protect-args\fP option to
be enabled by default, or a zero value to make sure that it is disabled by
default. (First supported in 3.1.0.)
+.IP
+This variable is ignored if \fB\-\-protect\-args\fP, \fB\-\-no\-protect\-args\fP,
+or \fB\-\-old\-args\fP is specified on the command line.
+.IP
+This variable is ignored if \fBRSYNC_OLD_ARGS\fP is set to a non-zero value.
.IP "\fBRSYNC_RSH\fP"
The RSYNC_RSH environment variable allows you to
override the default shell used as the transport for rsync. Command line
The RSYNC_RSH environment variable allows you to override the default shell
used as the transport for rsync. Command line options are permitted after

0
SOURCES/rsync-3.1.3-cve-2022-37434.patch → SOURCES/rsync-3.2.3-cve-2022-37434.patch
View File

96
SOURCES/rsync-3.2.3-delay-updates.patch Normal file
View File

@ -0,0 +1,96 @@
From ce51c1b0ae4c0cc35fa14f69271776e3e3ae6354 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 21 Jul 2021 16:38:22 +0200
Subject: [PATCH 1/3] Add regression test for --delay-updates (#192)
to test https://github.com/WayneD/rsync/issues/192
---
testsuite/delay-updates.test | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
create mode 100644 testsuite/delay-updates.test
diff --git a/testsuite/delay-updates.test b/testsuite/delay-updates.test
new file mode 100644
index 000000000..54961dfa9
--- /dev/null
+++ b/testsuite/delay-updates.test
@@ -0,0 +1,21 @@
+#! /bin/sh
+
+# Test rsync --delay-updates
+
+. "$suitedir/rsync.fns"
+
+mkdir "$fromdir"
+
+echo 1 > "$fromdir/foo"
+
+checkit "$RSYNC -avvv --delay-updates \"$fromdir/\" \"$todir/\"" "$fromdir" "$todir"
+
+mkdir "$todir/.~tmp~"
+echo 2 > "$todir/.~tmp~/foo"
+touch -r .. "$todir/.~tmp~/foo" "$todir/foo"
+echo 3 > "$fromdir/foo"
+
+checkit "$RSYNC -avvv --delay-updates \"$fromdir/\" \"$todir/\"" "$fromdir" "$todir"
+
+# The script would have aborted on error, so getting here means we've won.
+exit 0
From 5a4ea7e468ae53c09b98803da3519727becb48ad Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Thu, 22 Jul 2021 13:30:17 +0200
Subject: [PATCH 2/3] Fix regression with --delay-updates (#192)
Fixes regression introduced with commit 3a7bf54ad520 (A resumed
partial-dir file is transferred in-place.)
Fixes https://github.com/WayneD/rsync/issues/192
---
receiver.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/receiver.c b/receiver.c
index e85c4779c..b5020d074 100644
--- a/receiver.c
+++ b/receiver.c
@@ -881,7 +881,7 @@ int recv_files(int f_in, int f_out, char *local_name)
do_unlink(partialptr);
handle_partial_dir(partialptr, PDIR_DELETE);
}
- } else if (keep_partial && partialptr && !one_inplace) {
+ } else if (keep_partial && partialptr && (!one_inplace || delay_updates)) {
if (!handle_partial_dir(partialptr, PDIR_CREATE)) {
rprintf(FERROR,
"Unable to create partial-dir for %s -- discarding %s.\n",
From 15ec7de5503c57860fb73ea6e4a349f1e70b72db Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayne@opencoder.net>
Date: Wed, 28 Jul 2021 09:03:10 -0700
Subject: [PATCH 3/3] Tweak rsync options.
---
testsuite/delay-updates.test | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/testsuite/delay-updates.test b/testsuite/delay-updates.test
index 54961dfa9..5896a9c7c 100644
--- a/testsuite/delay-updates.test
+++ b/testsuite/delay-updates.test
@@ -8,14 +8,14 @@ mkdir "$fromdir"
echo 1 > "$fromdir/foo"
-checkit "$RSYNC -avvv --delay-updates \"$fromdir/\" \"$todir/\"" "$fromdir" "$todir"
+checkit "$RSYNC -aiv --delay-updates \"$fromdir/\" \"$todir/\"" "$fromdir" "$todir"
mkdir "$todir/.~tmp~"
echo 2 > "$todir/.~tmp~/foo"
touch -r .. "$todir/.~tmp~/foo" "$todir/foo"
echo 3 > "$fromdir/foo"
-checkit "$RSYNC -avvv --delay-updates \"$fromdir/\" \"$todir/\"" "$fromdir" "$todir"
+checkit "$RSYNC -aiv --delay-updates \"$fromdir/\" \"$todir/\"" "$fromdir" "$todir"
# The script would have aborted on error, so getting here means we've won.
exit 0

2
SOURCES/rsync-3.1.3-filtering-rules.patch → SOURCES/rsync-3.2.3-filtering-rules.patch
View File

@ -42,7 +42,7 @@ index 13c4253..232249f 100644
char *p;
if (am_server || old_style_args || list_only || read_batch || filesfrom_host != NULL)
@@ -407,6 +413,7 @@ void add_implied_include(const char *arg, int skip_daemon_module)
arg++;
}
arg_len = strlen(arg);
if (arg_len) {
+ char *new_pat;

53
SOURCES/rsync-3.2.3-lchmod.patch Normal file
View File

@ -0,0 +1,53 @@
diff --git a/syscall.c b/syscall.c
index b9c3b4ef..11d10e4a 100644
--- a/syscall.c
+++ b/syscall.c
@@ -227,27 +227,35 @@ int do_open(const char *pathname, int flags, mode_t mode)
#ifdef HAVE_CHMOD
int do_chmod(const char *path, mode_t mode)
{
+ static int switch_step = 0;
int code;
if (dry_run) return 0;
RETURN_ERROR_IF_RO_OR_LO;
+ switch (switch_step) {
#ifdef HAVE_LCHMOD
- code = lchmod(path, mode & CHMOD_BITS);
-#else
- if (S_ISLNK(mode)) {
+#include "case_N.h"
+ if ((code = lchmod(path, mode & CHMOD_BITS)) == 0 || errno != ENOTSUP)
+ break;
+ switch_step++;
+#endif
+
+#include "case_N.h"
+ if (S_ISLNK(mode)) {
# if defined HAVE_SETATTRLIST
- struct attrlist attrList;
- uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
+ struct attrlist attrList;
+ uint32_t m = mode & CHMOD_BITS; /* manpage is wrong: not mode_t! */
- memset(&attrList, 0, sizeof attrList);
- attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
- attrList.commonattr = ATTR_CMN_ACCESSMASK;
- code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
+ memset(&attrList, 0, sizeof attrList);
+ attrList.bitmapcount = ATTR_BIT_MAP_COUNT;
+ attrList.commonattr = ATTR_CMN_ACCESSMASK;
+ code = setattrlist(path, &attrList, &m, sizeof m, FSOPT_NOFOLLOW);
# else
- code = 1;
+ code = 1;
# endif
- } else
- code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
-#endif /* !HAVE_LCHMOD */
+ } else
+ code = chmod(path, mode & CHMOD_BITS); /* DISCOURAGED FUNCTION */
+ break;
+ }
if (code != 0 && (preserve_perms || preserve_executability))
return code;
return 0;

24
SOURCES/rsync-3.2.3-segfault.patch Normal file
View File

@ -0,0 +1,24 @@
From f5a9a1013873580d0ad2ae4f5c5038c324d71bfe Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayne@opencoder.net>
Date: Mon, 21 Feb 2022 14:19:31 -0800
Subject: [PATCH] Fix possible array deref using invalid index.
---
copy-devices.diff | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/patches/copy-devices.diff b/patches/copy-devices.diff
index 797d046..4138474 100644
--- a/patches/copy-devices.diff
+++ b/patches/copy-devices.diff
@@ -111,8 +111,8 @@ diff --git a/rsync.c b/rsync.c
if (iflags & ITEM_TRANSFER) {
int i = ndx - cur_flist->ndx_start;
- if (i < 0 || !S_ISREG(cur_flist->files[i]->mode)) {
-+ struct file_struct *file = cur_flist->files[i];
-+ if (i < 0 || !(S_ISREG(file->mode) || (copy_devices && IS_DEVICE(file->mode)))) {
++ if (i < 0
++ || !(S_ISREG(cur_flist->files[i]->mode) || (copy_devices && IS_DEVICE(cur_flist->files[i]->mode)))) {
rprintf(FERROR,
"received request to transfer non-regular file: %d [%s]\n",
ndx, who_am_i());

0
SOURCES/rsync-3.1.3-xattr.patch → SOURCES/rsync-3.2.3-xattr.patch
View File

10
SOURCES/rsync-man.patch
View File

@ -1,10 +0,0 @@
--- rsync-3.0.9/rsync.1 2011-09-23 18:42:26.000000000 +0200
+++ rsync-3.0.9/rsync.1 2012-09-19 10:40:19.698802861 +0200
@@ -445,6 +445,7 @@
\-o, \-\-owner preserve owner (super\-user only)
\-g, \-\-group preserve group
\-\-devices preserve device files (super\-user only)
+ \-\-copy-devices copy device contents as regular file
\-\-specials preserve special files
\-D same as \-\-devices \-\-specials
\-t, \-\-times preserve modification times

215
SPECS/rsync.spec
View File

@ -1,6 +1,7 @@
%global _hardened_build 1
%define isprerelease 0
%define _lto_cflags %{nil}
%if %isprerelease
%define prerelease pre1
@ -8,10 +9,9 @@
Summary: A program for synchronizing files over a network
Name: rsync
Version: 3.1.3
Version: 3.2.3
Release: 20%{?dist}
Group: Applications/Internet
URL: http://rsync.samba.org/
URL: https://rsync.samba.org/
Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
Source1: https://download.samba.org/pub/rsync/src/rsync-patches-%{version}%{?prerelease}.tar.gz
@ -21,28 +21,28 @@ Source4: rsyncd.conf
Source5: rsyncd.sysconfig
Source6: rsyncd@.service
BuildRequires: make
BuildRequires: gcc gcc-c++
BuildRequires: libacl-devel, libattr-devel, autoconf, popt-devel, systemd
#Requires: zlib
BuildRequires: lz4-devel openssl-devel libzstd-devel
#Added virtual provide for zlib due to https://fedoraproject.org/wiki/Bundled_Libraries?rd=Packaging:Bundled_Libraries
Provides: bundled(zlib) = 1.2.8
License: GPLv3+
Patch0: rsync-man.patch
Patch1: rsync-3.0.6-iconv-logging.patch
Patch2: rsync-3.1.3-covscan.patch
Patch3: rsync-3.1.2-remove-symlinks.patch
Patch4: rsync-3.1.2-vvv-hang.patch
Patch5: rsync-3.1.3-ignore-missing.patch
Patch6: rsync-3.1.3-append-check.patch
Patch7: rsync-3.1.3-skip-compress.patch
Patch8: rsync-3.1.3-xattr.patch
Patch9: rsync-3.1.3-cve-2018-25032.patch
Patch10: rsync-3.1.3-sparse-block.patch
Patch11: rsync-3.1.3-cve-2022-29154.patch
Patch12: rsync-3.1.3-cve-2022-37434.patch
Patch13: rsync-3.1.3-filtering-rules.patch
Patch14: rsync-3.1.3-missing-xattr-filter.patch
Patch15: rsync-3.1.3-cve-2024-12085.patch
#Added temporarily until new rebase
Patch0: rsync-3.2.2-ssl-verify-hostname.patch
#Added due to rhbz#1873975 - default-acls test fail on s390x due to libacl
Patch1: rsync-3.2.2-runtests.patch
Patch2: rsync-3.2.3-lchmod.patch
Patch3: rsync-3.2.3-append-mode.patch
Patch4: rsync-3.2.3-xattr.patch
Patch5: rsync-3.2.3-segfault.patch
Patch6: rsync-3.2.3-atimes.patch
Patch7: rsync-3.1.3-cve-2018-25032.patch
Patch8: rsync-3.2.3-cve-2022-37434.patch
Patch9: rsync-3.2.3-cve-2022-29154.patch
Patch10: rsync-3.2.3-filtering-rules.patch
Patch11: rsync-3.2.3-delay-updates.patch
%description
Rsync uses a reliable algorithm to bring remote and host files into
@ -73,38 +73,34 @@ package provides the anonymous rsync service.
%setup -q -b 1
%endif
#Needed for compatibility with previous patched rsync versions
patch -p1 -i patches/acls.diff
patch -p1 -i patches/xattrs.diff
#Enable --copy-devices parameter
patch -p1 -i patches/copy-devices.diff
%patch0 -p1 -b .man
%patch1 -p1 -b .iconv
%patch2 -p1 -b .covscan
%patch3 -p1 -b .symlinks
%patch4 -p1 -b .vvv
%patch5 -p1 -b .missing
%patch6 -p1 -b .append
%patch7 -p1 -b .skip-compress
%patch8 -p1 -b .xattr
%patch9 -p1 -b .cve-2018-25032
%patch10 -p1 -b .spars-block
%patch11 -p1 -b .cve-2022-29154
%patch12 -p1 -b .cve-2022-37434
%patch13 -p1 -b .filtering-rules
%patch14 -p1 -b .xattr-filter
%patch15 -p1 -b .cve-2024-12085
%patch0 -p1 -b .verify-hostname
%patch1 -p1 -b .runtests
%patch2 -p1 -b .lchmod
%patch3 -p1 -b .append-mode
%patch4 -p1 -b .xattr
%patch5 -p1 -b .segfault
%patch6 -p1 -b .atimes
%patch7 -p1 -b .cve-2018-25032
%patch8 -p1 -b .cve-2022-37434
%patch9 -p1 -b .cve-2022-29154
%patch10 -p1 -b .filtering-rules
%patch11 -p1 -b .delay-updates
%build
%configure
%configure --disable-xxhash
# --with-included-zlib=no temporary disabled because of #1043965
make %{?_smp_mflags}
%{make_build}
%check
make check
chmod -x support/*
%install
%makeinstall INSTALLCMD='install -p' INSTALLMAN='install -p'
%{make_install} INSTALLCMD='install -p' INSTALLMAN='install -p'
install -D -m644 %{SOURCE3} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd.service
install -D -m644 %{SOURCE2} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd.socket
@ -112,21 +108,17 @@ install -D -m644 %{SOURCE4} $RPM_BUILD_ROOT/%{_sysconfdir}/rsyncd.conf
install -D -m644 %{SOURCE5} $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/rsyncd
install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
%check
make check
#scripts in support/* are needed to run upstream tests but after install these should not be executable
chmod -x support/*
%files
%{!?_licensedir:%global license %%doc}
%license COPYING
%doc NEWS OLDNEWS README support/ tech_report.tex
%doc support/ tech_report.tex
%{_bindir}/%{name}
%{_bindir}/%{name}-ssl
%{_mandir}/man1/%{name}.1*
%files daemon
%{_mandir}/man1/%{name}-ssl.1*
%{_mandir}/man5/rsyncd.conf.5*
%config(noreplace) %{_sysconfdir}/rsyncd.conf
%files daemon
%config(noreplace) %{_sysconfdir}/sysconfig/rsyncd
%{_unitdir}/rsyncd.socket
%{_unitdir}/rsyncd.service
@ -142,60 +134,105 @@ chmod -x support/*
%systemd_postun_with_restart rsyncd.service
%changelog
* Fri Jan 03 2025 Michal Ruprich <mruprich@redhat.com> - 3.1.3-20
- Resolves: RHEL-70157 - Info Leak via Uninitialized Stack Contents
* Thu Oct 19 2023 Alex Iribarren <Alex.Iribarren@cern.ch> - 3.2.3-20
- Resolves: RHEL-14228 - rsync regression with --delay-updates
* Wed Nov 02 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-19.1
- Resolves: #2139118 - rsync-daemon fail on 3.1.3
* Wed Nov 02 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-19
- Resolves: #2139349 - rsync error: protocol incompatibility when using rsync-3.2.3-18.el9
* Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-19
- Resolves: #2116668 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
* Thu Aug 25 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-18
- Resolves: #2111177 - remote arbitrary files write inside the directories of connecting peers
* Mon Aug 15 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-18
- Resolves: #2111175 - remote arbitrary files write inside the directories of connecting peers
* Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-17
- Resolves: #2116669 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
* Mon Aug 08 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-17
- Related: #2043753 - New option should not be sent to the server every time
* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-16
- Related: #2081296 - Adding ci.fmf for separation of testing results
* Thu Jul 28 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-16
- Resolves: #2043753 - [RFE] Improve defaults for sparse file buffering
* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-15
- Related: #2081296 - Disabling STI
* Tue Apr 12 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-15
- Resolves: #2071513 - A flaw in zlib-1.2.11 when compressing (not decompressing!) certain inputs
* Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-14
- Resolves: #2071514 - A flaw found in zlib when compressing (not decompressing) certain inputs
* Mon Oct 11 2021 Michal Ruprich <mruprich@redhat.com> - 3.1.3-14
- Related: #1907443 - Adding fmf plans to run tests with tmt
* Wed May 11 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-13
- Resolves: #2079639 - rsync --atimes doesn't work
* Mon Sep 27 2021 Tomas Korbar <tkorbar@redhat.com> - 3.1.3-13
- Resolves: #1907443 - Read-only files that have changed xattrs fail to allow xattr changes
* Tue May 03 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-12
- Resolves: #2081296 - Enable fmf tests in centos stream
* Fri Dec 18 2020 Michal Ruprich <mruprich@redhat.com> - 3.1.3-12
- Resolves: #1816528 - Defaults for --skip-compress are not working, everything is being compressed
* Tue Apr 26 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-11
- Resolves: #2053198 - rsync segmentation fault
* Thu Nov 05 2020 Tomas Korbar <tkorbar@redhat.com> - 3.1.3-11
- Resolves: #1855981 - rsync segfaults in --append mode
* Fri Apr 22 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-10
- Resolves: #2077431 - Read-only files that have changed xattrs fail to allow xattr changes
* Thu Nov 05 2020 Tomas Korbar <tkorbar@redhat.com> - 3.1.3-10
- Resolves: #1727093 - rsync: "ABORTING due to invalid path from sender"
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.3-9
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Mon Aug 24 2020 Michal Ruprich <mruprich@redhat.com> - 3.1.3-9
- Resolves: #1667436 - rsyncd.service fails to start at boot if address is configured
* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.3-8
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Wed Jun 10 2020 Michal Ruprich <mruprich@redhat.com> - 3.1.3-8
- Resolves: #1775561 - rsync 3.1.2 hangs when run with -vvv to sync a large repository
* Mon May 31 2021 Michal Ruprich <mruprich@redhat.com> - 3.2.3-7
- Resolves: #1955008 - rsync segfaults in --append mode when file on sender is large (> 2GB) and gets truncated
* Tue Oct 29 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-7
- Resolves: #1693162 - remove-source-files fails with symlinks
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.3-6
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Apr 16 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-6
- Resolves: #1602683 - Please review important issues found by covscan
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Apr 16 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-5
- Resolves: #1656761 - [FJ8.0 Bug]: [REG] The rsync command is terminated with SIGSEGV
* Tue Dec 08 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-4
- Resolves: #1894485 - rsync is unable to set permissions when chrooted
- Getting rid of deprecated makeinstall macro
* Wed Oct 03 2018 Michal Ruprich <mruprich@redhat.com> - 3.1.3-4
- Resolves: #1635631 - Remove --noatime option from rsync
Cleaning spec file
* Fri Nov 20 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-3
- Disabling LTO as a temporary measure for rhbz#1898912
* Thu Nov 19 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-2
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Mon Aug 31 2020 Michal Ruprich <mruprich@redhat.com> - 3.2.3-1
- New version 3.2.3
- Removed upstream patches acls.diff and xattrs.diff
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.2-3
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Tue Jul 21 2020 Michal Ruprich <michalruprich@gmail.com> - 3.2.2-1
- New version 3.2.2
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Oct 10 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-10
- Enabling upstream test suite during build rhbz#1533846
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Apr 15 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-8
- Resolves: #1452187 - move man page rsyncd.conf(5) from rsync-daemon to rsync package
- Moving the config file as well
* Tue Mar 19 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-7
- Resolves: #1683737 - [abrt] rsync: utf8_internal_loop(): rsync killed by SIGSEGV
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 02 2019 Michal Ruprich <mruprich@redhat.com> - 3.1.3-5
- Fix for rhbz#1586346 - rsyncd.service fails to start at boot if address is configured
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 3.1.3-3
- Escape macros in %%changelog