The branch, master has been updated via d0f34b5a Allow a "%scope" suffix on the client's ipv6 addr. Hopefully fixes bug #239. via 84498104 Linux: Handle protected_regular in inplace writes (#241) via 378a0a63 Add more skipped verifications. [buildall] via ac08fa74 Tweak output about skipped tests. via d5d4ae51 Change RSYNX_MAX_SKIPPED to RSYNC_EXPECT_SKIPPED. from 0f87eafa A couple minor tweaks.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d0f34b5a76a49d315786cf8301053c9cf07c6a9c Author: Wayne Davison <wa...@opencoder.net> Date: Sun Oct 17 13:35:29 2021 -0700 Allow a "%scope" suffix on the client's ipv6 addr. Hopefully fixes bug #239. commit 84498104bfe2a4662221992951e71d2a2f5ceffc Author: Achim Leitner <g...@fjl.de> Date: Sun Oct 17 22:00:24 2021 +0200 Linux: Handle protected_regular in inplace writes (#241) The Linux fs.protected_regular sysctl setting could cause rsync to fail to write a file in-place with the O_CREAT flag set, so the code now tries an open without O_CREAT when it might help to avoid an EACCES error. A testsuite script is included (and slightly improved by Wayne to ensure that it outputs a SKIP when fs.protected_regular is turned off). commit 378a0a634fa7dc71e2646b8eb88b46853fada463 Author: Wayne Davison <wa...@opencoder.net> Date: Sun Oct 17 12:40:24 2021 -0700 Add more skipped verifications. [buildall] commit ac08fa74f37a74d8d162b7fb806ff3fee67124d8 Author: Wayne Davison <wa...@opencoder.net> Date: Sun Oct 17 11:56:58 2021 -0700 Tweak output about skipped tests. commit d5d4ae51ee60222033ba8fbb352a17c7491e349e Author: Wayne Davison <wa...@opencoder.net> Date: Sun Oct 17 11:32:06 2021 -0700 Change RSYNX_MAX_SKIPPED to RSYNC_EXPECT_SKIPPED. ----------------------------------------------------------------------- Summary of changes: .cirrus.yml | 2 +- .github/workflows/build.yml | 10 +++---- clientname.c | 26 +++++++++++------- itypes.h | 6 +++++ receiver.c | 6 +++++ runtests.sh | 20 +++++++++++--- testsuite/{default-acls.test => acls-default.test} | 0 testsuite/protected-regular.test | 31 ++++++++++++++++++++++ 8 files changed, 83 insertions(+), 18 deletions(-) rename testsuite/{default-acls.test => acls-default.test} (100%) create mode 100644 testsuite/protected-regular.test Changeset truncated at 500 lines: diff --git a/.cirrus.yml b/.cirrus.yml index 7842fc2e..5112ef88 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -18,6 +18,6 @@ freebsd_task: info_script: - rsync --version test_script: - - RSYNC_MAX_SKIPPED=3 make check + - RSYNC_EXPECT_SKIPPED=acls-default,acls,crtimes,protected-regular make check ssl_file_list_script: - rsync-ssl --no-motd download.samba.org::rsyncftp/ || true diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1647fd2a..9e34b4c9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -30,11 +30,11 @@ jobs: - name: info run: rsync --version - name: check - run: sudo RSYNC_MAX_SKIPPED=1 make check + run: sudo RSYNC_EXPECT_SKIPPED=crtimes make check - name: check30 - run: sudo RSYNC_MAX_SKIPPED=1 make check30 + run: sudo RSYNC_EXPECT_SKIPPED=crtimes make check30 - name: check29 - run: sudo RSYNC_MAX_SKIPPED=1 make check29 + run: sudo RSYNC_EXPECT_SKIPPED=crtimes make check29 - name: ssl file list run: rsync-ssl --no-motd download.samba.org::rsyncftp/ || true - name: save artifact @@ -67,7 +67,7 @@ jobs: - name: info run: rsync --version - name: check - run: sudo make check + run: sudo RSYNC_EXPECT_SKIPPED=acls-default,chmod-temp-dir,chown-fake,devices-fake,dir-sgid,protected-regular,xattrs-hlink,xattrs make check - name: ssl file list run: rsync-ssl --no-motd download.samba.org::rsyncftp/ || true - name: save artifact @@ -105,7 +105,7 @@ jobs: - name: info run: bash -c '/usr/local/bin/rsync --version' - name: check - run: bash -c 'make check' + run: bash -c 'RSYNC_EXPECT_SKIPPED=acls-default,acls,chown,devices,dir-sgid,protected-regular make check' - name: ssl file list run: bash -c 'PATH="/usr/local/bin:$PATH" rsync-ssl --no-motd download.samba.org::rsyncftp/ || true' - name: save artifact diff --git a/clientname.c b/clientname.c index 0222f8eb..1572f3ef 100644 --- a/clientname.c +++ b/clientname.c @@ -49,7 +49,7 @@ static char ipaddr_buf[100]; static void client_sockaddr(int fd, struct sockaddr_storage *ss, socklen_t *ss_len); static int check_name(const char *ipaddr, const struct sockaddr_storage *ss, char *name_buf, size_t name_buf_size); -static int valid_ipaddr(const char *s); +static int valid_ipaddr(const char *s, int allow_scope); /* Return the IP addr of the client as a string. */ char *client_addr(int fd) @@ -73,7 +73,7 @@ char *client_addr(int fd) if ((p = strchr(ipaddr_buf, ' ')) != NULL) *p = '\0'; } - if (valid_ipaddr(ipaddr_buf)) + if (valid_ipaddr(ipaddr_buf, True)) return ipaddr_buf; } @@ -213,13 +213,13 @@ int read_proxy_protocol_header(int fd) if (size != sizeof hdr.v2.addr.ip4) return 0; inet_ntop(AF_INET, hdr.v2.addr.ip4.src_addr, ipaddr_buf, sizeof ipaddr_buf); - return valid_ipaddr(ipaddr_buf); + return valid_ipaddr(ipaddr_buf, False); #ifdef INET6 case PROXY_FAM_TCPv6: if (size != sizeof hdr.v2.addr.ip6) return 0; inet_ntop(AF_INET6, hdr.v2.addr.ip6.src_addr, ipaddr_buf, sizeof ipaddr_buf); - return valid_ipaddr(ipaddr_buf); + return valid_ipaddr(ipaddr_buf, False); #endif default: break; @@ -276,7 +276,7 @@ int read_proxy_protocol_header(int fd) if ((sp = strchr(p, ' ')) == NULL) return 0; *sp = '\0'; - if (!valid_ipaddr(p)) + if (!valid_ipaddr(p, False)) return 0; strlcpy(ipaddr_buf, p, sizeof ipaddr_buf); /* It will always fit when valid. */ @@ -284,7 +284,7 @@ int read_proxy_protocol_header(int fd) if ((sp = strchr(p, ' ')) == NULL) return 0; *sp = '\0'; - if (!valid_ipaddr(p)) + if (!valid_ipaddr(p, False)) return 0; /* Ignore destination address. */ @@ -466,7 +466,7 @@ static int check_name(const char *ipaddr, const struct sockaddr_storage *ss, cha } /* Returns 1 for a valid IPv4 or IPv6 addr, or 0 for a bad one. */ -static int valid_ipaddr(const char *s) +static int valid_ipaddr(const char *s, int allow_scope) { int i; @@ -484,6 +484,11 @@ static int valid_ipaddr(const char *s) for (count = 0; count < 8; count++) { if (!*s) return saw_double_colon; + if (allow_scope && *s == '%') { + if (saw_double_colon) + break; + return 0; + } if (strchr(s, ':') == NULL && strchr(s, '.') != NULL) { if ((!saw_double_colon && count != 6) || (saw_double_colon && count > 6)) @@ -509,8 +514,11 @@ static int valid_ipaddr(const char *s) } } - if (!ipv4_at_end) - return !*s; + if (!ipv4_at_end) { + if (allow_scope && *s == '%') + for (s++; isAlNum(s); s++) { } + return !*s && s[-1] != '%'; + } } /* IPv4 */ diff --git a/itypes.h b/itypes.h index db997bba..a78300b3 100644 --- a/itypes.h +++ b/itypes.h @@ -40,6 +40,12 @@ isSpace(const char *ptr) return isspace(*(unsigned char *)ptr); } +static inline int +isAlNum(const char *ptr) +{ + return isalnum(*(unsigned char *)ptr); +} + static inline int isLower(const char *ptr) { diff --git a/receiver.c b/receiver.c index 091fcd6f..2cd84351 100644 --- a/receiver.c +++ b/receiver.c @@ -835,6 +835,12 @@ int recv_files(int f_in, int f_out, char *local_name) if (inplace || one_inplace) { fnametmp = one_inplace ? partialptr : fname; fd2 = do_open(fnametmp, O_WRONLY|O_CREAT, 0600); +#ifdef linux + if (fd2 == -1 && errno == EACCES) { + /* Maybe the error was due to protected_regular setting? */ + fd2 = do_open(fname, O_WRONLY, 0600); + } +#endif if (fd2 == -1) { rsyserr(FERROR_XFER, errno, "open %s failed", full_fname(fnametmp)); diff --git a/runtests.sh b/runtests.sh index eb108706..38f814d2 100755 --- a/runtests.sh +++ b/runtests.sh @@ -226,6 +226,8 @@ if [ ! -d "$srcdir" ]; then exit 2 fi +expect_skipped="${RSYNC_EXPECT_SKIPPED-IGNORE}" +skipped_list='' skipped=0 missing=0 passed=0 @@ -265,10 +267,12 @@ maybe_discard_scratch() { if [ "x$whichtests" = x ]; then whichtests="*.test" + full_run=yes +else + full_run=no fi -for testscript in $suitedir/$whichtests -do +for testscript in $suitedir/$whichtests; do testbase=`echo $testscript | sed -e 's!.*/!!' -e 's/.test\$//'` scratchdir="$scratchbase/$testbase" @@ -306,6 +310,7 @@ do # backticks will fill the whole file onto one line, which is a feature whyskipped=`cat "$scratchdir/whyskipped"` echo "SKIP $testbase ($whyskipped)" + skipped_list="$skipped_list,$testbase" skipped=`expr $skipped + 1` maybe_discard_scratch ;; @@ -331,6 +336,15 @@ echo " $passed passed" [ "$failed" -gt 0 ] && echo " $failed failed" [ "$skipped" -gt 0 ] && echo " $skipped skipped" [ "$missing" -gt 0 ] && echo " $missing missing" +if [ "$full_run" = yes -a "$expect_skipped" != IGNORE ]; then + skipped_list=`echo "$skipped_list" | sed 's/^,//'` + echo "----- skipped results:" + echo " expected: $expect_skipped" + echo " got: $skipped_list" +else + skipped_list='' + expect_skipped='' +fi echo '------------------------------------------------------------' # OK, so expr exits with 0 if the result is neither null nor zero; and @@ -339,7 +353,7 @@ echo '------------------------------------------------------------' # because -e is set. result=`expr $failed + $missing || true` -if [ "$result" = 0 -a "$skipped" -gt "${RSYNC_MAX_SKIPPED:-9999}" ]; then +if [ "$result" = 0 -a "$skipped_list" != "$expect_skipped" ]; then result=1 fi echo "overall result is $result" diff --git a/testsuite/default-acls.test b/testsuite/acls-default.test similarity index 100% rename from testsuite/default-acls.test rename to testsuite/acls-default.test diff --git a/testsuite/protected-regular.test b/testsuite/protected-regular.test new file mode 100644 index 00000000..40416b0d --- /dev/null +++ b/testsuite/protected-regular.test @@ -0,0 +1,31 @@ +#!/bin/sh + +# Copyright (C) 2021 by Achim Leitner <aleit...@lis-engineering.de> +# This program is distributable under the terms of the GNU GPL (see COPYING) +# +# Modern linux systems have the protected_regular feature set to 1 or 2 +# See https://www.kernel.org/doc/Documentation/sysctl/fs.txt +# Make sure we can still write these files in --inplace mode + +. "$suitedir/rsync.fns" + +test -f /proc/sys/fs/protected_regular || test_skipped "Can't find protected_regular setting (only available on Linux)" +pr_lvl=`cat /proc/sys/fs/protected_regular 2>/dev/null` || test_skipped "Can't check if fs.protected_regular is enabled (probably need root)" +test "$pr_lvl" != 0 || test_skipped "fs.protected_regular is not enabled" + +workdir="$tmpdir/files" +mkdir "$workdir" +chmod 1777 "$workdir" + +echo "Source" > "$workdir/src" +echo "" > "$workdir/dst" +chown 5001 "$workdir/dst" || test_skipped "Can't chown (probably need root)" + +# Output is only shown in case of an error +echo "Contents of $workdir:" +ls -al "$workdir" + +$RSYNC --inplace "$workdir/src" "$workdir/dst" || test_fail + +# The script would have aborted on error, so getting here means we've won. +exit 0 -- The rsync repository. _______________________________________________ rsync-cvs mailing list rsync-cvs@lists.samba.org https://lists.samba.org/mailman/listinfo/rsync-cvs