2 * Routines common to more than one of the rsync processes.
4 * Copyright (C) 1996 Andrew Tridgell
5 * Copyright (C) 1996 Paul Mackerras
6 * Copyright (C) 2003-2020 Wayne Davison
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, visit the http://fsf.org website.
24 #if defined HAVE_LIBCHARSET_H && defined HAVE_LOCALE_CHARSET
25 #include <libcharset.h>
26 #elif defined HAVE_LANGINFO_H && defined HAVE_NL_LANGINFO
31 extern int preserve_acls;
32 extern int preserve_xattrs;
33 extern int preserve_perms;
34 extern int preserve_executability;
35 extern int preserve_times;
40 extern int am_receiver;
41 extern int am_generator;
42 extern int am_starting_up;
43 extern int allow_8bit_chars;
44 extern int protocol_version;
45 extern int got_kill_signal;
46 extern int called_from_signal_handler;
47 extern int inc_recurse;
50 extern int file_old_total;
51 extern int keep_dirlinks;
52 extern int make_backups;
53 extern int sanitize_paths;
54 extern struct file_list *cur_flist, *first_flist, *dir_flist;
55 extern struct chmod_mode_struct *daemon_chmod_modes;
57 extern char *iconv_opt;
61 iconv_t ic_chck = (iconv_t)-1;
63 iconv_t ic_send = (iconv_t)-1, ic_recv = (iconv_t)-1;
66 static const char *default_charset(void)
68 # if defined HAVE_LIBCHARSET_H && defined HAVE_LOCALE_CHARSET
69 return locale_charset();
70 # elif defined HAVE_LANGINFO_H && defined HAVE_NL_LANGINFO
71 return nl_langinfo(CODESET);
73 return ""; /* Works with (at the very least) gnu iconv... */
77 void setup_iconv(void)
79 const char *defset = default_charset();
85 if (!am_server && !allow_8bit_chars) {
86 /* It's OK if this fails... */
87 ic_chck = iconv_open(defset, defset);
89 if (DEBUG_GTE(ICONV, 2)) {
90 if (ic_chck == (iconv_t)-1) {
92 "msg checking via isprint()"
93 " (iconv_open(\"%s\", \"%s\") errno: %d)\n",
94 defset, defset, errno);
97 "msg checking charset: %s\n",
102 ic_chck = (iconv_t)-1;
108 if ((cp = strchr(iconv_opt, ',')) != NULL) {
109 if (am_server) /* A local transfer needs this. */
115 if (!*iconv_opt || (*iconv_opt == '.' && iconv_opt[1] == '\0'))
120 if ((ic_send = iconv_open(UTF8_CHARSET, charset)) == (iconv_t)-1) {
121 rprintf(FERROR, "iconv_open(\"%s\", \"%s\") failed\n",
122 UTF8_CHARSET, charset);
123 exit_cleanup(RERR_UNSUPPORTED);
126 if ((ic_recv = iconv_open(charset, UTF8_CHARSET)) == (iconv_t)-1) {
127 rprintf(FERROR, "iconv_open(\"%s\", \"%s\") failed\n",
128 charset, UTF8_CHARSET);
129 exit_cleanup(RERR_UNSUPPORTED);
132 if (DEBUG_GTE(ICONV, 1)) {
133 rprintf(FINFO, "[%s] charset: %s\n",
134 who_am_i(), *charset ? charset : "[LOCALE]");
139 /* This function converts the chars in the "in" xbuf into characters in the
140 * "out" xbuf. The ".len" chars of the "in" xbuf is used starting from its
141 * ".pos". The ".size" of the "out" xbuf restricts how many characters can
142 * be stored, starting at its ".pos+.len" position. Note that the last byte
143 * of the "out" xbuf is not used, which reserves space for a trailing '\0'
144 * (though it is up to the caller to store a trailing '\0', as needed).
146 * We return a 0 on success or a -1 on error. An error also sets errno to
147 * E2BIG, EILSEQ, or EINVAL (see below); otherwise errno will be set to 0.
148 * The "in" xbuf is altered to update ".pos" and ".len". The "out" xbuf has
149 * data appended, and its ".len" incremented (see below for a ".size" note).
151 * If ICB_CIRCULAR_OUT is set in "flags", the chars going into the "out" xbuf
152 * can wrap around to the start, and the xbuf may have its ".size" reduced
153 * (presumably by 1 byte) if the iconv code doesn't have space to store a
154 * multi-byte character at the physical end of the ".buf" (though no reducing
155 * happens if ".pos" is <= 1, since there is no room to wrap around).
157 * If ICB_EXPAND_OUT is set in "flags", the "out" xbuf will be allocated if
158 * empty, and (as long as ICB_CIRCULAR_OUT is not set) expanded if too small.
159 * This prevents the return of E2BIG (except for a circular xbuf).
161 * If ICB_INCLUDE_BAD is set in "flags", any badly-encoded chars are included
162 * verbatim in the "out" xbuf, so EILSEQ will not be returned.
164 * If ICB_INCLUDE_INCOMPLETE is set in "flags", any incomplete multi-byte
165 * chars are included, which ensures that EINVAL is not returned.
167 * If ICB_INIT is set, the iconv() conversion state is initialized prior to
168 * processing the characters. */
169 int iconvbufs(iconv_t ic, xbuf *in, xbuf *out, int flags)
171 ICONV_CONST char *ibuf;
172 size_t icnt, ocnt, opos;
175 if (!out->size && flags & ICB_EXPAND_OUT) {
176 size_t siz = ROUND_UP_1024(in->len * 2);
177 alloc_xbuf(out, siz);
178 } else if (out->len+1 >= out->size) {
179 /* There is no room to even start storing data. */
180 if (!(flags & ICB_EXPAND_OUT) || flags & ICB_CIRCULAR_OUT) {
184 realloc_xbuf(out, out->size + ROUND_UP_1024(in->len * 2));
187 if (flags & ICB_INIT)
188 iconv(ic, NULL, 0, NULL, 0);
190 ibuf = in->buf + in->pos;
193 opos = out->pos + out->len;
194 if (flags & ICB_CIRCULAR_OUT) {
195 if (opos >= out->size) {
197 /* We know that out->pos is not 0 due to the "no room" check
198 * above, so this can't go "negative". */
199 ocnt = out->pos - opos - 1;
201 /* Allow the use of all bytes to the physical end of the buffer
202 * unless pos is 0, in which case we reserve our trailing '\0'. */
203 ocnt = out->size - opos - (out->pos ? 0 : 1);
206 ocnt = out->size - opos - 1;
207 obuf = out->buf + opos;
210 while (iconv(ic, &ibuf, &icnt, &obuf, &ocnt) == (size_t)-1) {
213 if (errno == EINVAL) {
214 if (!(flags & ICB_INCLUDE_INCOMPLETE))
218 } else if (errno == EILSEQ) {
219 if (!(flags & ICB_INCLUDE_BAD))
223 } else if (errno == E2BIG) {
226 opos = obuf - out->buf;
227 if (flags & ICB_CIRCULAR_OUT && out->pos > 1 && opos > out->pos) {
228 /* We are in a divided circular buffer at the physical
229 * end with room to wrap to the start. If iconv() refused
230 * to use one or more trailing bytes in the buffer, we
231 * set the size to ignore the unused bytes. */
232 if (opos < out->size)
233 reduce_iobuf_size(out, opos);
238 if (!(flags & ICB_EXPAND_OUT) || flags & ICB_CIRCULAR_OUT) {
242 siz = ROUND_UP_1024(in->len * 2);
243 realloc_xbuf(out, out->size + siz);
244 obuf = out->buf + opos;
248 rsyserr(FERROR, errno, "unexpected error from iconv()");
249 exit_cleanup(RERR_UNSUPPORTED);
261 opos = obuf - out->buf;
262 if (flags & ICB_CIRCULAR_OUT && opos < out->pos)
264 out->len = opos - out->pos;
267 in->pos = ibuf - in->buf;
269 return errno ? -1 : 0;
273 void send_protected_args(int fd, char *args[])
277 int convert = ic_send != (iconv_t)-1;
281 alloc_xbuf(&outbuf, 1024);
284 for (i = 0; args[i]; i++) {} /* find first NULL */
285 args[i] = "rsync"; /* set a new arg0 */
286 if (DEBUG_GTE(CMD, 1))
287 print_child_argv("protected args:", args + i + 1);
290 write_buf(fd, ".", 2);
293 INIT_XBUF_STRLEN(inbuf, args[i]);
294 iconvbufs(ic_send, &inbuf, &outbuf,
295 ICB_EXPAND_OUT | ICB_INCLUDE_BAD | ICB_INCLUDE_INCOMPLETE | ICB_INIT);
296 outbuf.buf[outbuf.len] = '\0';
297 write_buf(fd, outbuf.buf, outbuf.len + 1);
302 write_buf(fd, args[i], strlen(args[i]) + 1);
312 int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
313 char *buf, int *len_ptr)
316 struct file_list *flist;
317 uchar fnamecmp_type = FNAMECMP_FNAME;
322 ndx = read_ndx(f_in);
328 if (ndx == NDX_DEL_STATS) {
329 read_del_stats(f_in);
330 if (am_sender && am_server)
331 write_del_stats(f_out);
334 if (!inc_recurse || am_sender) {
337 last = first_flist->prev->ndx_start + first_flist->prev->used - 1;
341 "Invalid file index: %d (%d - %d) [%s]\n",
342 ndx, NDX_DONE, last, who_am_i());
343 exit_cleanup(RERR_PROTOCOL);
345 if (ndx == NDX_FLIST_EOF) {
347 if (DEBUG_GTE(FLIST, 3))
348 rprintf(FINFO, "[%s] flist_eof=1\n", who_am_i());
349 write_int(f_out, NDX_FLIST_EOF);
352 ndx = NDX_FLIST_OFFSET - ndx;
353 if (ndx < 0 || ndx >= dir_flist->used) {
354 ndx = NDX_FLIST_OFFSET - ndx;
356 "Invalid dir index: %d (%d - %d) [%s]\n",
357 ndx, NDX_FLIST_OFFSET,
358 NDX_FLIST_OFFSET - dir_flist->used + 1,
360 exit_cleanup(RERR_PROTOCOL);
363 if (DEBUG_GTE(FLIST, 2)) {
364 rprintf(FINFO, "[%s] receiving flist for dir %d\n",
367 /* Send all the data we read for this flist to the generator. */
368 start_flist_forward(ndx);
369 flist = recv_file_list(f_in, ndx);
370 flist->parent_ndx = ndx;
371 stop_flist_forward();
374 iflags = protocol_version >= 29 ? read_shortint(f_in)
375 : ITEM_TRANSFER | ITEM_MISSING_DATA;
377 /* Support the protocol-29 keep-alive style. */
378 if (protocol_version < 30 && ndx == cur_flist->used && iflags == ITEM_IS_NEW) {
380 maybe_send_keepalive(time(NULL), MSK_ALLOW_FLUSH);
384 flist = flist_for_ndx(ndx, "read_ndx_and_attrs");
385 if (flist != cur_flist) {
388 file_old_total = cur_flist->used;
389 for (flist = first_flist; flist != cur_flist; flist = flist->next)
390 file_old_total += flist->used;
394 if (iflags & ITEM_BASIS_TYPE_FOLLOWS)
395 fnamecmp_type = read_byte(f_in);
396 *type_ptr = fnamecmp_type;
398 if (iflags & ITEM_XNAME_FOLLOWS) {
399 if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0)
400 exit_cleanup(RERR_PROTOCOL);
402 if (sanitize_paths) {
403 sanitize_path(buf, buf, "", 0, SP_DEFAULT);
412 if (iflags & ITEM_TRANSFER) {
413 int i = ndx - cur_flist->ndx_start;
414 if (i < 0 || !S_ISREG(cur_flist->files[i]->mode)) {
416 "received request to transfer non-regular file: %d [%s]\n",
418 exit_cleanup(RERR_PROTOCOL);
429 void free_sums(struct sum_struct *s)
431 if (s->sums) free(s->sums);
435 /* This is only called when we aren't preserving permissions. Figure out what
436 * the permissions should be and return them merged back into the mode. */
437 mode_t dest_mode(mode_t flist_mode, mode_t stat_mode, int dflt_perms,
441 /* If the file already exists, we'll return the local permissions,
442 * possibly tweaked by the --executability option. */
444 new_mode = (flist_mode & ~CHMOD_BITS) | (stat_mode & CHMOD_BITS);
445 if (preserve_executability && S_ISREG(flist_mode)) {
446 /* If the source file is executable, grant execute
447 * rights to everyone who can read, but ONLY if the
448 * file isn't already executable. */
449 if (!(flist_mode & 0111))
451 else if (!(stat_mode & 0111))
452 new_mode |= (new_mode & 0444) >> 2;
455 /* Apply destination default permissions and turn
456 * off special permissions. */
457 new_mode = flist_mode & (~CHMOD_BITS | dflt_perms);
462 int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
463 const char *fnamecmp, int flags)
467 int change_uid, change_gid;
468 mode_t new_mode = file->mode;
474 if (link_stat(fname, &sx2.st, 0) < 0) {
475 rsyserr(FERROR_XFER, errno, "stat %s failed",
481 inherit = !preserve_perms;
483 inherit = !preserve_perms && file->flags & FLAG_DIR_CREATED;
485 if (inherit && S_ISDIR(new_mode) && sxp->st.st_mode & S_ISGID) {
486 /* We just created this directory and its setgid
487 * bit is on, so make sure it stays on. */
491 if (daemon_chmod_modes && !S_ISLNK(new_mode))
492 new_mode = tweak_mode(new_mode, daemon_chmod_modes);
495 if (preserve_acls && !S_ISLNK(file->mode) && !ACL_READY(*sxp))
499 change_uid = am_root && uid_ndx && sxp->st.st_uid != (uid_t)F_OWNER(file);
500 change_gid = gid_ndx && !(file->flags & FLAG_SKIP_GROUP)
501 && sxp->st.st_gid != (gid_t)F_GROUP(file);
502 #ifndef CAN_CHOWN_SYMLINK
503 if (S_ISLNK(sxp->st.st_mode)) {
507 if (change_uid || change_gid) {
508 if (DEBUG_GTE(OWN, 1)) {
511 "set uid of %s from %u to %u\n",
512 fname, (unsigned)sxp->st.st_uid, F_OWNER(file));
516 "set gid of %s from %u to %u\n",
517 fname, (unsigned)sxp->st.st_gid, F_GROUP(file));
521 uid_t uid = change_uid ? (uid_t)F_OWNER(file) : sxp->st.st_uid;
522 gid_t gid = change_gid ? (gid_t)F_GROUP(file) : sxp->st.st_gid;
523 if (do_lchown(fname, uid, gid) != 0) {
524 /* We shouldn't have attempted to change uid
525 * or gid unless have the privilege. */
526 rsyserr(FERROR_XFER, errno, "%s %s failed",
527 change_uid ? "chown" : "chgrp",
531 if (uid == (uid_t)-1 && sxp->st.st_uid != (uid_t)-1)
532 rprintf(FERROR_XFER, "uid 4294967295 (-1) is impossible to set on %s\n", full_fname(fname));
533 if (gid == (gid_t)-1 && sxp->st.st_gid != (gid_t)-1)
534 rprintf(FERROR_XFER, "gid 4294967295 (-1) is impossible to set on %s\n", full_fname(fname));
535 /* A lchown had been done, so we need to re-stat if
536 * the destination had the setuid or setgid bits set
537 * (due to the side effect of the chown call). */
538 if (sxp->st.st_mode & (S_ISUID | S_ISGID)) {
539 link_stat(fname, &sxp->st,
540 keep_dirlinks && S_ISDIR(sxp->st.st_mode));
546 #ifdef SUPPORT_XATTRS
548 set_stat_xattr(fname, file, new_mode);
549 if (preserve_xattrs && fnamecmp)
550 set_xattr(fname, file, fnamecmp, sxp);
554 || (!(preserve_times & PRESERVE_DIR_TIMES) && S_ISDIR(sxp->st.st_mode))
555 || (!(preserve_times & PRESERVE_LINK_TIMES) && S_ISLNK(sxp->st.st_mode)))
556 flags |= ATTRS_SKIP_MTIME;
557 if (!(flags & ATTRS_SKIP_MTIME)
558 && (sxp->st.st_mtime != file->modtime
560 || (flags & ATTRS_SET_NANO && NSEC_BUMP(file) && (uint32)sxp->st.ST_MTIME_NSEC != F_MOD_NSEC(file))
563 int ret = set_modtime(fname, file->modtime, F_MOD_NSEC_or_0(file), sxp->st.st_mode);
565 rsyserr(FERROR_XFER, errno, "failed to set times on %s",
569 if (ret == 0) /* ret == 1 if symlink could not be set */
572 file->flags |= FLAG_TIME_FAILED;
576 /* It's OK to call set_acl() now, even for a dir, as the generator
577 * will enable owner-writability using chmod, if necessary.
579 * If set_acl() changes permission bits in the process of setting
580 * an access ACL, it changes sxp->st.st_mode so we know whether we
581 * need to chmod(). */
582 if (preserve_acls && !S_ISLNK(new_mode)) {
583 if (set_acl(fname, file, sxp, new_mode) > 0)
589 if (!BITS_EQUAL(sxp->st.st_mode, new_mode, CHMOD_BITS)) {
590 int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode);
592 rsyserr(FERROR_XFER, errno,
593 "failed to set permissions on %s",
597 if (ret == 0) /* ret == 1 if symlink could not be set */
602 if (INFO_GTE(NAME, 2) && flags & ATTRS_REPORT) {
604 rprintf(FCLIENT, "%s\n", fname);
606 rprintf(FCLIENT, "%s is uptodate\n", fname);
614 /* This is only called for SIGINT, SIGHUP, and SIGTERM. */
615 void sig_int(int sig_num)
617 called_from_signal_handler = 1;
619 /* KLUGE: if the user hits Ctrl-C while ssh is prompting
620 * for a password, then our cleanup's sending of a SIGUSR1
621 * signal to all our children may kill ssh before it has a
622 * chance to restore the tty settings (i.e. turn echo back
623 * on). By sleeping for a short time, ssh gets a bigger
624 * chance to do the right thing. If child processes are
625 * not ssh waiting for a password, then this tiny delay
626 * shouldn't hurt anything. */
629 /* If we're an rsync daemon listener (not a daemon server),
630 * we'll exit with status 0 if we received SIGTERM. */
631 if (am_daemon && !am_server && sig_num == SIGTERM)
634 /* If the signal arrived on the server side (or for the receiver
635 * process on the client), we want to try to do a controlled shutdown
636 * that lets the client side (generator process) know what happened.
637 * To do this, we set a flag and let the normal process handle the
638 * shutdown. We only attempt this if multiplexed IO is in effect and
639 * we didn't already set the flag. */
640 if (!got_kill_signal && (am_server || am_receiver)) {
641 got_kill_signal = sig_num;
642 called_from_signal_handler = 0;
646 exit_cleanup(RERR_SIGNAL);
649 /* Finish off a file transfer: renaming the file and setting the file's
650 * attributes (e.g. permissions, ownership, etc.). If the robust_rename()
651 * call is forced to copy the temp file and partialptr is both non-NULL and
652 * not an absolute path, we stage the file into the partial-dir and then
653 * rename it into place. This returns 1 on succcess or 0 on failure. */
654 int finish_transfer(const char *fname, const char *fnametmp,
655 const char *fnamecmp, const char *partialptr,
656 struct file_struct *file, int ok_to_set_time,
657 int overwriting_basis)
660 const char *temp_copy_name = partialptr && *partialptr != '/' ? partialptr : NULL;
663 if (DEBUG_GTE(RECV, 1))
664 rprintf(FINFO, "finishing %s\n", fname);
666 goto do_set_file_attrs;
669 if (make_backups > 0 && overwriting_basis) {
670 int ok = make_backup(fname, False);
672 exit_cleanup(RERR_FILEIO);
673 if (ok == 1 && fnamecmp == fname)
674 fnamecmp = get_backup_name(fname);
677 /* Change permissions before putting the file into place. */
678 set_file_attrs(fnametmp, file, NULL, fnamecmp,
679 ok_to_set_time ? ATTRS_SET_NANO : ATTRS_SKIP_MTIME);
681 /* move tmp file over real file */
682 if (DEBUG_GTE(RECV, 1))
683 rprintf(FINFO, "renaming %s to %s\n", fnametmp, fname);
684 ret = robust_rename(fnametmp, fname, temp_copy_name, file->mode);
686 rsyserr(FERROR_XFER, errno, "%s %s -> \"%s\"",
687 ret == -2 ? "copy" : "rename",
688 full_fname(fnametmp), fname);
689 if (!partialptr || (ret == -2 && temp_copy_name)
690 || robust_rename(fnametmp, partialptr, NULL, file->mode) < 0)
695 /* The file was moved into place (not copied), so it's done. */
698 /* The file was copied, so tweak the perms of the copied file. If it
699 * was copied to partialptr, move it into its final destination. */
700 fnametmp = temp_copy_name ? temp_copy_name : fname;
703 set_file_attrs(fnametmp, file, NULL, fnamecmp,
704 ok_to_set_time ? ATTRS_SET_NANO : ATTRS_SKIP_MTIME);
706 if (temp_copy_name) {
707 if (do_rename(fnametmp, fname) < 0) {
708 rsyserr(FERROR_XFER, errno, "rename %s -> \"%s\"",
709 full_fname(fnametmp), fname);
712 handle_partial_dir(temp_copy_name, PDIR_DELETE);
717 struct file_list *flist_for_ndx(int ndx, const char *fatal_error_loc)
719 struct file_list *flist = cur_flist;
721 if (!flist && !(flist = first_flist))
724 while (ndx < flist->ndx_start-1) {
725 if (flist == first_flist)
729 while (ndx >= flist->ndx_start + flist->used) {
730 if (!(flist = flist->next))
736 if (fatal_error_loc) {
739 first = first_flist->ndx_start - 1;
740 last = first_flist->prev->ndx_start + first_flist->prev->used - 1;
746 "File-list index %d not in %d - %d (%s) [%s]\n",
747 ndx, first, last, fatal_error_loc, who_am_i());
748 exit_cleanup(RERR_PROTOCOL);
753 const char *who_am_i(void)
756 return am_server ? "server" : "client";
757 return am_sender ? "sender"
758 : am_generator ? "generator"
759 : am_receiver ? "receiver"
760 : "Receiver"; /* pre-forked receiver */