1 CAUTION: This patch compiles, but is otherwise totally untested!
3 This patch also implements --times-only.
5 Implementation details for the --source-filter and -dest-filter options:
7 - These options open a *HUGE* security hole in daemon mode unless they
8 are refused in your rsyncd.conf!
10 - Filtering disables rsync alogrithm. (This should be fixed.)
12 - Source filter makes temporary files in /tmp. (Should be overridable.)
14 - If source filter fails, data is send unfiltered. (Should be changed
17 - Failure of destination filter, causes data loss!!! (Should be changed
20 - If filter changes size of file, you should use --times-only option to
21 prevent repeated transfers of unchanged files.
23 - If the COMMAND contains single quotes, option-passing breaks. (Needs
26 To use this patch, run these commands for a successful build:
28 patch -p1 <patches/source-filter_dest-filter.diff
30 ./configure (optional if already run)
35 @@ -61,6 +61,7 @@ extern int append_mode;
36 extern int make_backups;
37 extern int csum_length;
38 extern int ignore_times;
39 +extern int times_only;
41 extern OFF_T max_size;
42 extern OFF_T min_size;
43 @@ -624,7 +625,7 @@ void itemize(const char *fnamecmp, struc
44 /* Perform our quick-check heuristic for determining if a file is unchanged. */
45 int unchanged_file(char *fn, struct file_struct *file, STRUCT_STAT *st)
47 - if (st->st_size != F_LENGTH(file))
48 + if (!times_only && st->st_size != F_LENGTH(file))
51 /* if always checksum is set then we use the checksum instead
54 @@ -134,7 +134,7 @@ pid_t wait_process(pid_t pid, int *statu
57 /* Wait for a process to exit, calling io_flush while waiting. */
58 -static void wait_process_with_flush(pid_t pid, int *exit_code_ptr)
59 +void wait_process_with_flush(pid_t pid, int *exit_code_ptr)
65 @@ -103,6 +103,7 @@ int keep_partial = 0;
66 int safe_symlinks = 0;
67 int copy_unsafe_links = 0;
70 int daemon_bwlimit = 0;
73 @@ -160,6 +161,8 @@ char *logfile_name = NULL;
74 char *logfile_format = NULL;
75 char *stdout_format = NULL;
76 char *password_file = NULL;
77 +char *source_filter = NULL;
78 +char *dest_filter = NULL;
79 char *rsync_path = RSYNC_PATH;
80 char *backup_dir = NULL;
81 char backup_dir_buf[MAXPATHLEN];
82 @@ -380,6 +383,7 @@ void usage(enum logcode F)
83 rprintf(F," --timeout=TIME set I/O timeout in seconds\n");
84 rprintf(F," -I, --ignore-times don't skip files that match in size and mod-time\n");
85 rprintf(F," --size-only skip files that match in size\n");
86 + rprintf(F," --times-only skip files that match in mod-time\n");
87 rprintf(F," --modify-window=NUM compare mod-times with reduced accuracy\n");
88 rprintf(F," -T, --temp-dir=DIR create temporary files in directory DIR\n");
89 rprintf(F," -y, --fuzzy find similar file for basis if no dest file\n");
90 @@ -419,6 +423,8 @@ void usage(enum logcode F)
91 rprintf(F," --write-batch=FILE write a batched update to FILE\n");
92 rprintf(F," --only-write-batch=FILE like --write-batch but w/o updating destination\n");
93 rprintf(F," --read-batch=FILE read a batched update from FILE\n");
94 + rprintf(F," --source-filter=COMMAND filter file through COMMAND at source\n");
95 + rprintf(F," --dest-filter=COMMAND filter file through COMMAND at destination\n");
96 rprintf(F," --protocol=NUM force an older protocol version to be used\n");
98 rprintf(F," --iconv=CONVERT_SPEC request charset conversion of filesnames\n");
99 @@ -520,6 +526,7 @@ static struct poptOption long_options[]
100 {"chmod", 0, POPT_ARG_STRING, 0, OPT_CHMOD, 0, 0 },
101 {"ignore-times", 'I', POPT_ARG_NONE, &ignore_times, 0, 0, 0 },
102 {"size-only", 0, POPT_ARG_NONE, &size_only, 0, 0, 0 },
103 + {"times-only", 0, POPT_ARG_NONE, ×_only , 0, 0, 0 },
104 {"one-file-system", 'x', POPT_ARG_NONE, 0, 'x', 0, 0 },
105 {"update", 'u', POPT_ARG_NONE, &update_only, 0, 0, 0 },
106 {"existing", 0, POPT_ARG_NONE, &ignore_non_existing, 0, 0, 0 },
107 @@ -619,6 +626,8 @@ static struct poptOption long_options[]
108 {"password-file", 0, POPT_ARG_STRING, &password_file, 0, 0, 0 },
109 {"blocking-io", 0, POPT_ARG_VAL, &blocking_io, 1, 0, 0 },
110 {"no-blocking-io", 0, POPT_ARG_VAL, &blocking_io, 0, 0, 0 },
111 + {"source-filter", 0, POPT_ARG_STRING, &source_filter, 0, 0, 0 },
112 + {"dest-filter", 0, POPT_ARG_STRING, &dest_filter, 0, 0, 0 },
113 {"protocol", 0, POPT_ARG_INT, &protocol_version, 0, 0, 0 },
114 {"checksum-seed", 0, POPT_ARG_INT, &checksum_seed, 0, 0, 0 },
115 {"server", 0, POPT_ARG_NONE, 0, OPT_SERVER, 0, 0 },
116 @@ -1576,6 +1585,16 @@ int parse_arguments(int *argc_p, const c
120 + if (source_filter || dest_filter) {
121 + if (whole_file == 0) {
122 + snprintf(err_buf, sizeof err_buf,
123 + "--no-whole-file cannot be used with --%s-filter\n",
124 + source_filter ? "source" : "dest");
133 @@ -1893,6 +1912,25 @@ void server_options(char **args, int *ar
137 + if (times_only && am_sender)
138 + args[ac++] = "--times-only";
140 + if (source_filter && !am_sender) {
141 + /* Need to single quote the arg to keep the remote shell
142 + * from splitting it. FIXME: breaks if command has single quotes. */
143 + if (asprintf(&arg, "--source-filter='%s'", source_filter) < 0)
148 + if (dest_filter && am_sender) {
149 + /* Need to single quote the arg to keep the remote shell
150 + * from splitting it. FIXME: breaks if command has single quotes. */
151 + if (asprintf(&arg, "--dest-filter='%s'", dest_filter) < 0)
156 if (modify_window_set) {
157 if (asprintf(&arg, "--modify-window=%d", modify_window) < 0)
161 @@ -167,3 +167,77 @@ pid_t local_child(int argc, char **argv,
166 +pid_t run_filter(char *command[], int out, int *pipe_to_filter)
172 + print_child_argv("opening connection using:", command);
174 + if (pipe(pipefds) < 0) {
175 + rsyserr(FERROR, errno, "pipe");
176 + exit_cleanup(RERR_IPC);
181 + rsyserr(FERROR, errno, "fork");
182 + exit_cleanup(RERR_IPC);
186 + if (dup2(pipefds[0], STDIN_FILENO) < 0
187 + || close(pipefds[1]) < 0
188 + || dup2(out, STDOUT_FILENO) < 0) {
189 + rsyserr(FERROR, errno, "Failed dup/close");
190 + exit_cleanup(RERR_IPC);
193 + set_blocking(STDIN_FILENO);
195 + set_blocking(STDOUT_FILENO);
196 + execvp(command[0], command);
197 + rsyserr(FERROR, errno, "Failed to exec %s", command[0]);
198 + exit_cleanup(RERR_IPC);
201 + if (close(pipefds[0]) < 0) {
202 + rsyserr(FERROR, errno, "Failed to close");
203 + exit_cleanup(RERR_IPC);
206 + *pipe_to_filter = pipefds[1];
211 +pid_t run_filter_on_file(char *command[], int out, int in)
216 + print_child_argv("opening connection using:", command);
220 + rsyserr(FERROR, errno, "fork");
221 + exit_cleanup(RERR_IPC);
225 + if (dup2(in, STDIN_FILENO) < 0
226 + || dup2(out, STDOUT_FILENO) < 0) {
227 + rsyserr(FERROR, errno, "Failed to dup2");
228 + exit_cleanup(RERR_IPC);
231 + set_blocking(STDOUT_FILENO);
232 + execvp(command[0], command);
233 + rsyserr(FERROR, errno, "Failed to exec %s", command[0]);
234 + exit_cleanup(RERR_IPC);
241 @@ -52,6 +52,7 @@ extern int delay_updates;
242 extern mode_t orig_umask;
243 extern struct stats stats;
245 +extern char *dest_filter;
246 extern char *partial_dir;
247 extern char *basis_dir[];
248 extern struct file_list *cur_flist, *first_flist, *dir_flist;
249 @@ -394,6 +395,8 @@ int recv_files(int f_in, char *local_nam
250 const char *parent_dirname = "";
254 + char *filter_argv[MAX_FILTER_ARGS + 1];
257 rprintf(FINFO, "recv_files(%d) starting\n", cur_flist->used);
258 @@ -401,6 +404,23 @@ int recv_files(int f_in, char *local_nam
260 delayed_bits = bitbag_create(cur_flist->used + 1);
266 + for (p = strtok(dest_filter, sep), i = 0;
267 + p && i < MAX_FILTER_ARGS;
268 + p = strtok(0, sep))
269 + filter_argv[i++] = p;
270 + filter_argv[i] = NULL;
273 + "Too many arguments to dest-filter (> %d)\n",
275 + exit_cleanup(RERR_SYNTAX);
282 @@ -665,6 +685,9 @@ int recv_files(int f_in, char *local_nam
283 else if (!am_server && verbose && do_progress)
284 rprintf(FINFO, "%s\n", fname);
287 + pid = run_filter(filter_argv, fd2, &fd2);
290 recv_ok = receive_data(f_in, fnamecmp, fd1, st.st_size,
291 fname, fd2, F_LENGTH(file));
292 @@ -679,6 +702,16 @@ int recv_files(int f_in, char *local_nam
293 exit_cleanup(RERR_FILEIO);
298 + wait_process_with_flush(pid, &status);
300 + rprintf(FERROR, "filter %s exited code: %d\n",
301 + dest_filter, status);
306 if ((recv_ok && (!delay_updates || !partialptr)) || inplace) {
307 char *temp_copy_name;
308 if (partialptr == fname)
312 #define IOERR_DEL_LIMIT (1<<2)
314 #define MAX_ARGS 1000
315 +#define MAX_FILTER_ARGS 100
316 #define MAX_BASIS_DIRS 20
317 #define MAX_SERVER_ARGS (MAX_BASIS_DIRS*2 + 100)
321 @@ -381,6 +381,7 @@ to the detailed description below for a
322 --timeout=TIME set I/O timeout in seconds
323 -I, --ignore-times don't skip files that match size and time
324 --size-only skip files that match in size
325 + --times-only skip files that match in mod-time
326 --modify-window=NUM compare mod-times with reduced accuracy
327 -T, --temp-dir=DIR create temporary files in directory DIR
328 -y, --fuzzy find similar file for basis if no dest file
329 @@ -420,6 +421,8 @@ to the detailed description below for a
330 --write-batch=FILE write a batched update to FILE
331 --only-write-batch=FILE like --write-batch but w/o updating dest
332 --read-batch=FILE read a batched update from FILE
333 + --source-filter=COMMAND filter file through COMMAND at source
334 + --dest-filter=COMMAND filter file through COMMAND at destination
335 --protocol=NUM force an older protocol version to be used
336 --iconv=CONVERT_SPEC request charset conversion of filesnames
337 --checksum-seed=NUM set block/file checksum seed (advanced)
338 @@ -1986,6 +1989,33 @@ file previously generated by bf(--write-
339 If em(FILE) is bf(-), the batch data will be read from standard input.
340 See the "BATCH MODE" section for details.
342 +dit(bf(--source-filter=COMMAND)) This option allows the user to specify a
343 +filter program that will be applied to the contents of all transferred
344 +regular files before the data is sent to destination. COMMAND will receive
345 +the data on its standard input and it should write the filtered data to
346 +standard output. COMMAND should exit non-zero if it cannot process the
347 +data or if it encounters an error when writing the data to stdout.
349 +Example: --source-filter="gzip -9" will cause remote files to be
351 +Use of --source-filter automatically enables --whole-file.
352 +If your filter does not output the same number of bytes that it received on
353 +input, you should use --times-only to disable size and content checks on
354 +subsequent rsync runs.
356 +dit(bf(--dest-filter=COMMAND)) This option allows you to specify a filter
357 +program that will be applied to the contents of all transferred regular
358 +files before the data is written to disk. COMMAND will receive the data on
359 +its standard input and it should write the filtered data to standard
360 +output. COMMAND should exit non-zero if it cannot process the data or if
361 +it encounters an error when writing the data to stdout.
363 +Example: --dest-filter="gzip -9" will cause remote files to be compressed.
364 +Use of --dest-filter automatically enables --whole-file.
365 +If your filter does not output the same number of bytes that it
366 +received on input, you should use --times-only to disable size and
367 +content checks on subsequent rsync runs.
369 dit(bf(--protocol=NUM)) Force an older protocol version to be used. This
370 is useful for creating a batch file that is compatible with an older
371 version of rsync. For instance, if rsync 2.6.4 is being used with the
374 @@ -43,6 +43,7 @@ extern int do_progress;
377 extern int write_batch;
378 +extern char *source_filter;
379 extern struct stats stats;
380 extern struct file_list *cur_flist, *first_flist, *dir_flist;
382 @@ -181,6 +182,26 @@ void send_files(int f_in, int f_out)
383 enum logcode log_code = log_before_transfer ? FLOG : FINFO;
384 int f_xfer = write_batch < 0 ? batch_fd : f_out;
386 + char *filter_argv[MAX_FILTER_ARGS + 1];
388 + int unlink_tmp = 0;
390 + if (source_filter) {
394 + for (p = strtok(source_filter, sep), i = 0;
395 + p && i < MAX_FILTER_ARGS;
396 + p = strtok(0, sep))
397 + filter_argv[i++] = p;
398 + filter_argv[i] = NULL;
401 + "Too many arguments to source-filter (> %d)\n",
403 + exit_cleanup(RERR_SYNTAX);
408 rprintf(FINFO, "send_files starting\n");
409 @@ -284,6 +305,7 @@ void send_files(int f_in, int f_out)
410 exit_cleanup(RERR_PROTOCOL);
414 fd = do_open(fname, O_RDONLY, 0);
416 if (errno == ENOENT) {
417 @@ -305,6 +327,33 @@ void send_files(int f_in, int f_out)
421 + if (source_filter) {
423 + char *tmpl = "/tmp/rsync-filtered_sourceXXXXXX";
425 + tmp = strdup(tmpl);
426 + fd2 = mkstemp(tmp);
428 + rprintf(FERROR, "mkstemp %s failed: %s\n",
429 + tmp, strerror(errno));
432 + pid_t pid = run_filter_on_file(filter_argv, fd2, fd);
435 + wait_process_with_flush(pid, &status);
438 + "bypassing source filter %s; exited with code: %d\n",
439 + source_filter, status);
440 + fd = do_open(fname, O_RDONLY, 0);
442 + fd = do_open(tmp, O_RDONLY, 0);
448 /* map the local file */
449 if (do_fstat(fd, &st) != 0) {
450 io_error |= IOERR_GENERAL;
451 @@ -355,6 +404,8 @@ void send_files(int f_in, int f_out)