From rsync-cvs at lists.samba.org Sun Mar 25 17:37:25 2018 From: rsync-cvs at lists.samba.org (Rsync CVS commit messages) Date: Sun, 25 Mar 2018 19:37:25 +0200 (CEST) Subject: [SCM] The rsync repository. - branch master updated Message-ID: The branch, master has been updated via fb7a162 Prepare the repository for more development. from d73762e Preparing for release of 3.1.3 https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit fb7a162f535a12b8f79d6e2b7c3adbb720385297 Author: Wayne Davison Date: Sun Mar 25 10:04:14 2018 -0700 Prepare the repository for more development. ----------------------------------------------------------------------- Summary of changes: NEWS | 44 ++++---------------------------------------- OLDNEWS | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ configure.ac | 2 +- 3 files changed, 53 insertions(+), 41 deletions(-) Changeset truncated at 500 lines: diff --git a/NEWS b/NEWS index e6239ff..fd3c314 100644 --- a/NEWS +++ b/NEWS @@ -1,47 +1,11 @@ -NEWS for rsync 3.1.3 (28 Jan 2018) +NEWS for rsync 3.1.4 (UNRELEASED) Protocol: 31 (unchanged) -Changes since 3.1.2: - - SECURITY FIXES: - - Fixed a buffer overrun in the protocol's handling of xattr names and - ensure that the received name is null terminated. - - Fix an issue with --protect-args where the user could specify the arg in - the protected-arg list and short-circuit some of the arg-sanitizing code. +Changes since 3.1.3: BUG FIXES: - - Don't output about a new backup dir without appropriate info verbosity. - - Fixed some issues with the sort functions in support/rsyncstats script. - - Added a way to specify daemon config lists (e.g. users, groups, etc) that - contain spaces (see "auth users" in the latest rsyncd.conf manpage). - - If a backup fails (e.g. full disk) rsync exits with an error. - - Fixed a problem with a doubled --fuzzy option combined with --link-dest. - - Avoid invalid output in the summary if either the start or end time had - an error. - - We don't allow a popt alias to affect the --daemon or --server options. - - Fix daemon exclude code to disallow attribute changes in addition to - disallowing transfers. - - Don't force nanoseconds to match if a non-transferred, non-checksummed - file only passed the quick-check w/o comparing nanosecods. + - ... ENHANCEMENTS: - - Added the ability for rsync to compare nanosecond times in its file-check - comparisons, and added support nanosecond times on Mac OS X. - - Added a short-option (-@) for --modify-window. - - Added the --checksum-choice=NAME[,NAME] option to choose the checksum - algorithms. - - Added hashing of xattr names (with using -X) to improve the handling of - files with large numbers of xattrs. - - Added a way to filter xattr names using include/exclude/filter rules (see - the --xattrs option in the manpage for details). - - Added "daemon chroot|uid|gid" to the daemon config (in addition to the - old chroot|uid|gid settings that affect the daemon's transfer process). - - Added "syslog tag" to the daemon configuration. - - Some manpage improvements. - - DEVELOPER RELATED: - - - Tweak the "make" output when yodl isn't around to create the man pages. - - Changed an obsolete autoconf compile macro. - - Support newer yodl versions when converting man pages. + - ... diff --git a/OLDNEWS b/OLDNEWS index 3665794..7bc36ee 100644 --- a/OLDNEWS +++ b/OLDNEWS @@ -1,3 +1,51 @@ +NEWS for rsync 3.1.3 (28 Jan 2018) +Protocol: 31 (unchanged) +Changes since 3.1.2: + + SECURITY FIXES: + - Fixed a buffer overrun in the protocol's handling of xattr names and + ensure that the received name is null terminated. + - Fix an issue with --protect-args where the user could specify the arg in + the protected-arg list and short-circuit some of the arg-sanitizing code. + + BUG FIXES: + + - Don't output about a new backup dir without appropriate info verbosity. + - Fixed some issues with the sort functions in support/rsyncstats script. + - Added a way to specify daemon config lists (e.g. users, groups, etc) that + contain spaces (see "auth users" in the latest rsyncd.conf manpage). + - If a backup fails (e.g. full disk) rsync exits with an error. + - Fixed a problem with a doubled --fuzzy option combined with --link-dest. + - Avoid invalid output in the summary if either the start or end time had + an error. + - We don't allow a popt alias to affect the --daemon or --server options. + - Fix daemon exclude code to disallow attribute changes in addition to + disallowing transfers. + - Don't force nanoseconds to match if a non-transferred, non-checksummed + file only passed the quick-check w/o comparing nanosecods. + + ENHANCEMENTS: + + - Added the ability for rsync to compare nanosecond times in its file-check + comparisons, and added support nanosecond times on Mac OS X. + - Added a short-option (-@) for --modify-window. + - Added the --checksum-choice=NAME[,NAME] option to choose the checksum + algorithms. + - Added hashing of xattr names (with using -X) to improve the handling of + files with large numbers of xattrs. + - Added a way to filter xattr names using include/exclude/filter rules (see + the --xattrs option in the manpage for details). + - Added "daemon chroot|uid|gid" to the daemon config (in addition to the + old chroot|uid|gid settings that affect the daemon's transfer process). + - Added "syslog tag" to the daemon configuration. + - Some manpage improvements. + + DEVELOPER RELATED: + + - Tweak the "make" output when yodl isn't around to create the man pages. + - Changed an obsolete autoconf compile macro. + - Support newer yodl versions when converting man pages. + NEWS for rsync 3.1.2 (21 Dec 2015) Protocol: 31 (unchanged) Changes since 3.1.1: diff --git a/configure.ac b/configure.ac index 07ce800..45a9663 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ dnl Process this file with autoconf to produce a configure script. -AC_INIT([rsync],[3.1.3],[http://rsync.samba.org/bugzilla.html]) +AC_INIT([rsync],[3.1.4dev],[http://rsync.samba.org/bugzilla.html]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_SRCDIR([byteorder.h]) -- The rsync repository. From rsync-cvs at lists.samba.org Mon Mar 26 02:12:00 2018 From: rsync-cvs at lists.samba.org (Rsync CVS commit messages) Date: Mon, 26 Mar 2018 04:12:00 +0200 (CEST) Subject: [SCM] The rsync repository. - branch master updated Message-ID: The branch, master has been updated via eec6ab7 Avoid a compiler error/warning about shifting a negative value. Fixes bug #13268. via 5df9847 Allow some pre-/post-xfer exec shell restrictions. from fb7a162 Prepare the repository for more development. https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit eec6ab7615535e02cfcb691d44575268bdcf656f Author: Wayne Davison Date: Sun Mar 25 19:07:22 2018 -0700 Avoid a compiler error/warning about shifting a negative value. Fixes bug #13268. commit 5df9847f0610113fae06d82c17f3622d60fb57f6 Author: Wayne Davison Date: Sun Mar 25 11:02:50 2018 -0700 Allow some pre-/post-xfer exec shell restrictions. Support both RSYNC_SHELL & RSYNC_NO_XFER_EXEC environment variables. ----------------------------------------------------------------------- Summary of changes: NEWS | 6 ++++-- clientserver.c | 6 +++--- main.c | 27 +++++++++++++++++++++++---- rsync.yo | 4 ++++ rsyncd.conf.yo | 4 ++++ socket.c | 2 +- zlib/inflate.c | 2 +- 7 files changed, 40 insertions(+), 11 deletions(-) Changeset truncated at 500 lines: diff --git a/NEWS b/NEWS index fd3c314..792df23 100644 --- a/NEWS +++ b/NEWS @@ -4,8 +4,10 @@ Changes since 3.1.3: BUG FIXES: - - ... + - Fix a compiler error/warning about shifting a negative value (in the zlib + code). ENHANCEMENTS: - - ... + - Added support for RSYNC_SHELL & RSYNC_NO_XFER_EXEC environment variables + that affect the pre-xfer exec and post-xfer exec rsync daemon options. diff --git a/clientserver.c b/clientserver.c index e2e2dc0..93c4457 100644 --- a/clientserver.c +++ b/clientserver.c @@ -688,7 +688,7 @@ static int rsync_module(int f_in, int f_out, int i, const char *addr, const char log_init(1); #ifdef HAVE_PUTENV - if (*lp_prexfer_exec(i) || *lp_postxfer_exec(i)) { + if ((*lp_prexfer_exec(i) || *lp_postxfer_exec(i)) && !getenv("RSYNC_NO_XFER_EXEC")) { int status; /* For post-xfer exec, fork a new process to run the rsync @@ -714,7 +714,7 @@ static int rsync_module(int f_in, int f_out, int i, const char *addr, const char else status = -1; set_env_num("RSYNC_EXIT_STATUS", status); - if (system(lp_postxfer_exec(i)) < 0) + if (shell_exec(lp_postxfer_exec(i)) < 0) status = -1; _exit(status); } @@ -758,7 +758,7 @@ static int rsync_module(int f_in, int f_out, int i, const char *addr, const char close(STDIN_FILENO); dup2(pre_exec_error_fd, STDOUT_FILENO); close(pre_exec_error_fd); - status = system(lp_prexfer_exec(i)); + status = shell_exec(lp_prexfer_exec(i)); if (!WIFEXITED(status)) _exit(1); _exit(WEXITSTATUS(status)); diff --git a/main.c b/main.c index ee9630f..99dae1c 100644 --- a/main.c +++ b/main.c @@ -154,6 +154,27 @@ pid_t wait_process(pid_t pid, int *status_ptr, int flags) return waited_pid; } +int shell_exec(const char *cmd) +{ + char *shell = getenv("RSYNC_SHELL"); + int status; + pid_t pid; + + if (!shell) + return system(cmd); + + if ((pid = fork()) < 0) + return -1; + + if (pid == 0) { + execlp(shell, shell, "-c", cmd, NULL); + _exit(1); + } + + int ret = wait_process(pid, &status, 0); + return ret < 0 ? -1 : status; +} + /* Wait for a process to exit, calling io_flush while waiting. */ static void wait_process_with_flush(pid_t pid, int *exit_code_ptr) { @@ -1497,9 +1518,7 @@ const char *get_panic_action(void) if (cmd_fmt) return cmd_fmt; - else - return "xterm -display :0 -T Panic -n Panic " - "-e gdb /proc/%d/exe %d"; + return "xterm -display :0 -T Panic -n Panic -e gdb /proc/%d/exe %d"; } @@ -1520,7 +1539,7 @@ static void rsync_panic_handler(UNUSED(int whatsig)) /* Unless we failed to execute gdb, we allow the process to * continue. I'm not sure if that's right. */ - ret = system(cmd_buf); + ret = shell_exec(cmd_buf); if (ret) _exit(ret); } diff --git a/rsync.yo b/rsync.yo index 48d5da1..7100857 100644 --- a/rsync.yo +++ b/rsync.yo @@ -236,6 +236,10 @@ The command specified above uses ssh to run nc (netcat) on a proxyhost, which forwards all data to port 873 (the rsync daemon) on the targethost (%H). +Note also that if the RSYNC_SHELL environment varibable is set, that +program will be used to run the RSYNC_CONNECT_PROG command instead of +using the default shell of the system() call. + manpagesection(USING RSYNC-DAEMON FEATURES VIA A REMOTE-SHELL CONNECTION) It is sometimes useful to use various features of an rsync daemon (such as diff --git a/rsyncd.conf.yo b/rsyncd.conf.yo index 7326b42..3076a49 100644 --- a/rsyncd.conf.yo +++ b/rsyncd.conf.yo @@ -812,6 +812,10 @@ Even though the commands can be associated with a particular module, they are run using the permissions of the user that started the daemon (not the module's uid/gid setting) without any chroot restrictions. +These settings honor 2 environment variables: use RSYNC_SHELL to set a shell to +use when running the command (which otherwise uses your system() call's default +shell), and use RSYNC_NO_XFER_EXEC to disable both options completely. + ) manpagesection(CONFIG DIRECTIVES) diff --git a/socket.c b/socket.c index 16c3c5f..4cc88fd 100644 --- a/socket.c +++ b/socket.c @@ -847,7 +847,7 @@ static int sock_exec(const char *prog) fprintf(stderr, "Failed to run \"%s\"\n", prog); exit(1); } - exit(system(prog)); + exit(shell_exec(prog)); } close(fd[1]); diff --git a/zlib/inflate.c b/zlib/inflate.c index a755573..cea8e7e 100644 --- a/zlib/inflate.c +++ b/zlib/inflate.c @@ -1525,7 +1525,7 @@ z_streamp strm; { struct inflate_state FAR *state; - if (strm == Z_NULL || strm->state == Z_NULL) return -1L << 16; + if (strm == Z_NULL || strm->state == Z_NULL) return -(1L << 16); state = (struct inflate_state FAR *)strm->state; return ((long)(state->back) << 16) + (state->mode == COPY ? state->length : -- The rsync repository.