MFH: r543580 r543582 r543637 r544331 r545124

net/rsync upgrade to 3.2.2 Major changes and bugfixes: 3.1.3 -> 3.2.0 * Avoid potential out-of-bounds read in daemon mode * Fix defaul list list of skip-compress files for non-daemon transfers * Fix xattr filter rules losing an 'x' attribute in a non-local transfer * zlib fixes for CVE-2016-9843, CVE-2016-9842, CVE-2016-9841, and CVE-2016-9840 * Fixed a crash in the --iconv code * Checksum enhancements, including the addition of xxhash * The checksum preference order of the negotiation can be customized or forced * Compression enhancements, including the addition of zstd and lz4 compression algorithms * Added openssl & preliminary gnutls support to the rsync-ssl script * Added the proxy protocol daemon parameter that allows your rsyncd to know the real remote IP when it is setup behind a proxy 3.2.0 -> 3.2.1 * Fix potential issue with MD5 assembly-language code * option --backup-dir=STR now implies --backup 3.2.1 -> 3.2.2 * Avoid a crash when a daemon module enables transfer logging without setting a log format value Full release message: https://download.samba.org/pub/rsync/NEWS#3.2.2 Security: CVE-2016-9843 CVE-2016-9842 CVE-2016-9841 CVE-2016-9840 MFH after: 2 weeks rsync: Unbreak fetch rsync: Unbreak and fix depends rsync now depends on stuff in LOCALBASE. Previously, clang only needed to know about LOCALBASE if POPT or ICONV was enabled. When those options are off, xxhash and zstd were not found by configure. Also, a depend on libssl was missing, and there were some noop reinplaces. With hat: portmgr - Fix fetch - Fix license and add LICENSE_FILE - Add missing dependency on liblz4 - Whitespace fixes - Switch to options helpers Approved by: portmgr blanket net/rsync upgrade to 3.2.3 major changes: - Fix multiple bugs in xattr code. - Restored the ability to use --bwlimit=0 to specify no bandwidth limit. - Fix a bug when combining --delete-missing-args with --no-implied-dirs & -R where rsync might create the destination path of a missing arg. - Fixed an issue where hard-linked devices could cause the rdev_major value to get out of sync between the sender and the receiver. - Rsync now complains about a missing --temp-dir before starting any file transfers. - A completely empty source arg is now a fatal error. See full changelog: https://download.samba.org/pub/rsync/NEWS#3.2.3 Also, fix build issue with ACL option (patch is not required anymore) PR: 248318 247795 Approved by: ports-secteam (joenum)
author: Rodrigo Osorio <rodrigo@FreeBSD.org> 2020-08-20 07:17:51 +0000
committer: Rodrigo Osorio <rodrigo@FreeBSD.org> 2020-08-20 07:17:51 +0000
commit: 02550833165ff532f24d4d134b6728f5555763a5 (patch)
tree: 4d9e3e250b4e6a0716e1c0bfc47080e63b592e7c /net
parent: f11f67649197fd8697774fdaa81e0bc533053b30 (diff)
download: ports-02550833165ff532f24d4d134b6728f5555763a5.tar.gz
ports-02550833165ff532f24d4d134b6728f5555763a5.zip
5 files changed, 33 insertions, 648 deletions
diff --git a/net/rsync/Makefile b/net/rsync/Makefile
index e8088435e620..50c9694a142e 100644
--- a/net/rsync/Makefile
+++ b/net/rsync/Makefile
@@ -2,10 +2,10 @@
 # $FreeBSD$
 
 PORTNAME=	rsync
-DISTVERSION=	3.1.3
-PORTREVISION=	1
+DISTVERSION=	3.2.3
 CATEGORIES=	net
 MASTER_SITES=	https://rsync.samba.org/ftp/rsync/ \
+		https://rsync.samba.org/ftp/rsync/src/ \
 		https://www.mirrorservice.org/sites/rsync.samba.org/ \
 		http://rsync.samba.org/ftp/rsync/ \
 		ftp://ftp.fu-berlin.de/pub/unix/network/rsync/ \
@@ -15,9 +15,14 @@ DISTFILES=	${DISTNAME}${EXTRACT_SUFX}
 MAINTAINER=	rodrigo@FreeBSD.org
 COMMENT=	Network file distribution/synchronization utility
 
-LICENSE=	GPLv3
+LICENSE=	GPLv3+
+LICENSE_FILE=	${WRKSRC}/COPYING
 
-USES=		cpe shebangfix
+LIB_DEPENDS=	libxxhash.so:devel/xxhash \
+		libzstd.so:archivers/zstd \
+		liblz4.so:archivers/liblz4
+
+USES=		cpe shebangfix ssl
 SHEBANG_FILES=	support/rrsync
 
 CPE_VENDOR=	samba
@@ -33,8 +38,10 @@ TEST_TARGET=	check
 
 CONFIGURE_ARGS=	--disable-debug --enable-ipv6 \
 		--with-rsyncd-conf=${ETCDIR}/rsyncd.conf
+CPPFLAGS+=	-I${LOCALBASE}/include
+LDFLAGS+=	-L${LOCALBASE}/lib
 
-PORTDOCS=	NEWS README csprotocol.txt tech_report.tex
+PORTDOCS=	NEWS.md README.md csprotocol.txt tech_report.tex
 
 # define options
 OPTIONS_DEFINE=		DOCS POPT_PORT ZLIB_BASE SSH ICONV
@@ -55,7 +62,7 @@ ATIMES_DESC=	Preserve access times, adds --atimes (BROKEN)
 ACL_DESC=	Add backward-compatibility for the --acls option
 
 # define default options
-OPTIONS_DEFAULT=FLAGS ICONV SSH
+OPTIONS_DEFAULT=FLAGS ICONV SSH ZLIB_BASE
 
 ZLIB_BASE_CONFIGURE_ON=	--with-included-zlib=no
 TIMELIMIT_EXTRA_PATCHES=	${WRKSRC}/patches/time-limit.diff
@@ -63,32 +70,27 @@ ATIMES_EXTRA_PATCHES=		${WRKSRC}/patches/atimes.diff
 FLAGS_EXTRA_PATCHES=		${WRKSRC}/patches/fileflags.diff \
 				${FILESDIR}/extrapatch-main.c
 RENAMED_EXTRA_PATCHES=		${WRKSRC}/patches/detect-renamed.diff
-ACL_EXTRA_PATCHES=		${WRKSRC}/patches/acls.diff \
-				${FILESDIR}/extrapatch-acl
+ACL_EXTRA_PATCHES=		${WRKSRC}/patches/acls.diff
 
 ICONV_USES=	iconv:translit
-ICONV_CPPFLAGS=	-I${LOCALBASE}/include
-ICONV_LDFLAGS=	-L${LOCALBASE}/lib
 ICONV_CONFIGURE_ENABLE=	iconv iconv-open
 
 POPT_PORT_LIB_DEPENDS=	libpopt.so:devel/popt
-POPT_PORT_CPPFLAGS=	-I${LOCALBASE}/include
-POPT_PORT_LDFLAGS=	-L${LOCALBASE}/lib
 
 POPT_PORT_CONFIGURE_OFF=	--with-included-popt
 
 SSH_CONFIGURE_ON=	--with-rsh=ssh
 SSH_CONFIGURE_OFF=	--with-rsh=rsh
 
-ACL_DISTFILES=		${PORTNAME}-patches-${PORTVERSION}${EXTRACT_SUFX}
-ATIMES_DISTFILES=	${PORTNAME}-patches-${PORTVERSION}${EXTRACT_SUFX}
-FLAGS_DISTFILES=	${PORTNAME}-patches-${PORTVERSION}${EXTRACT_SUFX}
-ICONV_DISTFILES=	${PORTNAME}-patches-${PORTVERSION}${EXTRACT_SUFX}
-RENAMED_DISTFILES=	${PORTNAME}-patches-${PORTVERSION}${EXTRACT_SUFX}
-TIMELIMIT_DISTFILES=	${PORTNAME}-patches-${PORTVERSION}${EXTRACT_SUFX}
+ACL_DISTFILES=		${PORTNAME}-patches-${DISTVERSION}${EXTRACT_SUFX}
+ATIMES_DISTFILES=	${PORTNAME}-patches-${DISTVERSION}${EXTRACT_SUFX}
+FLAGS_DISTFILES=	${PORTNAME}-patches-${DISTVERSION}${EXTRACT_SUFX}
+ICONV_DISTFILES=	${PORTNAME}-patches-${DISTVERSION}${EXTRACT_SUFX}
+RENAMED_DISTFILES=	${PORTNAME}-patches-${DISTVERSION}${EXTRACT_SUFX}
+TIMELIMIT_DISTFILES=	${PORTNAME}-patches-${DISTVERSION}${EXTRACT_SUFX}
 
 .if make(makesum)
-DISTFILES+=	${PORTNAME}-patches-${PORTVERSION}${EXTRACT_SUFX}
+DISTFILES+=	${PORTNAME}-patches-${DISTVERSION}${EXTRACT_SUFX}
 .endif
 
 .include <bsd.port.pre.mk>
@@ -98,16 +100,17 @@ CONFIGURE_ARGS+=ac_cv_search_libiconv_open=no
 .endif
 
 post-patch:
-	@${REINPLACE_CMD} -e 's|perl.*|${DO_NADA}|' ${WRKSRC}/Makefile.in
-	@${REINPLACE_CMD} -e 's:/etc/:${ETCDIR}/:g'  \
-		${WRKSRC}/rsync.h ${WRKSRC}/rsync.1 ${WRKSRC}/rsyncd.conf.5
+	@${REINPLACE_CMD} -e 's:/etc/:${ETCDIR}/:g' \
+		${WRKSRC}/rsync.1 ${WRKSRC}/rsyncd.conf.5
 	@${REINPLACE_CMD} -e 's|/usr/bin/rsync|${PREFIX}/bin/rsync|g' ${WRKSRC}/support/rrsync
 
 post-install:
 	@${MKDIR} ${STAGEDIR}${ETCDIR}
 	${INSTALL_DATA} ${FILESDIR}/rsyncd.conf.sample ${STAGEDIR}${ETCDIR}/
+	${INSTALL_SCRIPT} ${WRKSRC}/support/rrsync ${STAGEDIR}${PREFIX}/sbin
+
+post-install-DOCS-on:
 	@${MKDIR} ${STAGEDIR}${DOCSDIR}
 	${INSTALL_DATA} ${PORTDOCS:S,^,${WRKSRC}/,} ${STAGEDIR}${DOCSDIR}
-	${INSTALL_SCRIPT} ${WRKSRC}/support/rrsync ${STAGEDIR}${PREFIX}/sbin
 
 .include <bsd.port.post.mk>
diff --git a/net/rsync/distinfo b/net/rsync/distinfo
index 19b60ae6f62e..59d408723a6d 100644
--- a/net/rsync/distinfo
+++ b/net/rsync/distinfo
@@ -1,5 +1,5 @@
-TIMESTAMP = 1518368927
-SHA256 (rsync-3.1.3.tar.gz) = 55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0
-SIZE (rsync-3.1.3.tar.gz) = 905908
-SHA256 (rsync-patches-3.1.3.tar.gz) = 0dc2848f20ca75c07a30c3237ccf8d61b61082ae7de94758a27dac350c99fb98
-SIZE (rsync-patches-3.1.3.tar.gz) = 174524
+TIMESTAMP = 1597589726
+SHA256 (rsync-3.2.3.tar.gz) = becc3c504ceea499f4167a260040ccf4d9f2ef9499ad5683c179a697146ce50e
+SIZE (rsync-3.2.3.tar.gz) = 1069784
+SHA256 (rsync-patches-3.2.3.tar.gz) = de6645b46967bd701b7d6f3e29cccb19d2b46a6fa2d26a9db165847dca0e42f2
+SIZE (rsync-patches-3.2.3.tar.gz) = 157092
diff --git a/net/rsync/files/extrapatch-acl b/net/rsync/files/extrapatch-acl
deleted file mode 100644
index 54dbb6d80969..000000000000
--- a/net/rsync/files/extrapatch-acl
+++ /dev/null
@@ -1,557 +0,0 @@
-diff --git a/acls.c b/acls.c
-index 2c78e11..bd59cb6 100644
---- a/acls.c
-+++ b/acls.c
-@@ -79,20 +79,35 @@ typedef struct rsync_acl {
- 	uchar other_obj;
- } rsync_acl;
- 
-+typedef struct nfs4_acl {
-+	char *nfs4_acl_text;
-+	ssize_t nfs4_acl_len;
-+} nfs4_acl;
-+
- typedef struct {
- 	rsync_acl racl;
- 	SMB_ACL_T sacl;
- } acl_duo;
- 
-+typedef struct {
-+	nfs4_acl nacl;
-+	SMB_ACL_T sacl;
-+} nfs4_duo;
-+
- static const rsync_acl empty_rsync_acl = {
- 	{NULL, 0}, NO_ENTRY, NO_ENTRY, NO_ENTRY, NO_ENTRY
- };
-+static const nfs4_acl empty_nfs4_acl = {
-+	NULL, -1
-+};
- 
- static item_list access_acl_list = EMPTY_ITEM_LIST;
- static item_list default_acl_list = EMPTY_ITEM_LIST;
-+static item_list nfs4_acl_list = EMPTY_ITEM_LIST;
- 
- static size_t prior_access_count = (size_t)-1;
- static size_t prior_default_count = (size_t)-1;
-+static size_t prior_nfs4_count = (size_t)-1;
- 
- /* === Calculations on ACL types === */
- 
-@@ -188,6 +203,17 @@ static rsync_acl *create_racl(void)
- 	return racl;
- }
- 
-+static nfs4_acl *create_nfs4_acl(void)
-+{
-+	nfs4_acl *nacl = new(nfs4_acl);
-+
-+	if (!nacl)
-+		out_of_memory("create_nfs4_acl");
-+	*nacl = empty_nfs4_acl;
-+
-+	return nacl;
-+}
-+
- static BOOL ida_entries_equal(const ida_entries *ial1, const ida_entries *ial2)
- {
- 	id_access *ida1, *ida2;
-@@ -212,6 +238,11 @@ static BOOL rsync_acl_equal(const rsync_acl *racl1, const rsync_acl *racl2)
- 	    && ida_entries_equal(&racl1->names, &racl2->names);
- }
- 
-+static BOOL nfs4_acl_equal(const nfs4_acl *nacl1, const nfs4_acl *nacl2)
-+{
-+	return (strcmp(nacl1->nfs4_acl_text, nacl2->nfs4_acl_text) == 0);
-+}
-+
- /* Are the extended (non-permission-bit) entries equal?  If so, the rest of
-  * the ACL will be handled by the normal mode-preservation code.  This is
-  * only meaningful for access ACLs!  Note: the 1st arg is a fully-populated
-@@ -245,6 +276,13 @@ static void rsync_acl_free(rsync_acl *racl)
- 	*racl = empty_rsync_acl;
- }
- 
-+static void nfs4_acl_free(nfs4_acl *nacl)
-+{
-+	if (nacl->nfs4_acl_text)
-+		free(nacl->nfs4_acl_text);
-+	*nacl = empty_nfs4_acl;
-+}
-+
- void free_acl(stat_x *sxp)
- {
- 	if (sxp->acc_acl) {
-@@ -257,6 +295,11 @@ void free_acl(stat_x *sxp)
- 		free(sxp->def_acl);
- 		sxp->def_acl = NULL;
- 	}
-+	if (sxp->nfs4_acl) {
-+		nfs4_acl_free(sxp->nfs4_acl);
-+		free(sxp->nfs4_acl);
-+		sxp->nfs4_acl = NULL;
-+	}
- }
- 
- #ifdef SMB_ACL_NEED_SORT
-@@ -487,6 +530,26 @@ static int find_matching_rsync_acl(const rsync_acl *racl, SMB_ACL_TYPE_T type,
- 	return *match;
- }
- 
-+static int find_matching_nfs4_acl(const nfs4_acl *nacl, const item_list *nfs4_acl_list)
-+{
-+	static int nfs4_match = -1;
-+	int *match = &nfs4_match;
-+	size_t count = nfs4_acl_list->count;
-+
-+	if (*match == -1)
-+		*match = nfs4_acl_list->count - 1;
-+	while (count--) {
-+		nfs4_acl *base = nfs4_acl_list->items;
-+		if (nfs4_acl_equal(base + *match, nacl))
-+			return *match;
-+		if (!(*match)--)
-+			*match = nfs4_acl_list->count - 1;
-+	}
-+
-+	*match = -1;
-+	return *match;
-+}
-+
- static int get_rsync_acl(const char *fname, rsync_acl *racl,
- 			 SMB_ACL_TYPE_T type, mode_t mode)
- {
-@@ -557,6 +620,21 @@ static int get_rsync_acl(const char *fname, rsync_acl *racl,
- /* Return the Access Control List for the given filename. */
- int get_acl(const char *fname, stat_x *sxp)
- {
-+	if (sys_acl_get_brand_file(fname, &sxp->brand) < 0)
-+		return -1;
-+
-+	if (sxp->brand == SMB_ACL_BRAND_NFS4) {
-+		SMB_ACL_T sacl;
-+		if ((sacl = sys_acl_get_file(fname, SMB_ACL_TYPE_NFS4)) == NULL)
-+			return -1;
-+
-+		sxp->nfs4_acl = create_nfs4_acl();
-+		sxp->nfs4_acl->nfs4_acl_text = acl_to_text(sacl, &sxp->nfs4_acl->nfs4_acl_len);
-+
-+		sys_acl_free_acl(sacl);
-+		return 0;
-+	}
-+
- 	sxp->acc_acl = create_racl();
- 
- 	if (S_ISREG(sxp->st.st_mode) || S_ISDIR(sxp->st.st_mode)) {
-@@ -755,6 +833,25 @@ static void send_rsync_acl(int f, rsync_acl *racl, SMB_ACL_TYPE_T type,
- 	}
- }
- 
-+static void send_nfs4_acl(int f, nfs4_acl *nacl, item_list *nfs4_list)
-+{
-+	int ndx = find_matching_nfs4_acl(nacl, nfs4_list);
-+
-+	/* Send 0 (-1 + 1) to indicate that literal ACL data follows. */
-+	write_varint(f, ndx + 1);
-+
-+	if (ndx < 0) {
-+		nfs4_acl *new_nacl = EXPAND_ITEM_LIST(&nfs4_acl_list, nfs4_acl, 1000);
-+
-+		write_varint(f, nacl->nfs4_acl_len);
-+		write_buf(f, nacl->nfs4_acl_text, nacl->nfs4_acl_len);
-+
-+		*new_nacl = *nacl;
-+		*nacl = empty_nfs4_acl;
-+	}
-+}
-+
-+
- /* Send the ACL from the stat_x structure down the indicated file descriptor.
-  * This also frees the ACL data. */
- void send_acl(int f, stat_x *sxp)
-@@ -764,6 +861,12 @@ void send_acl(int f, stat_x *sxp)
- 		return;
- 	}
- 
-+	if (sxp->brand == SMB_ACL_BRAND_NFS4) {
-+		write_varint(f, SMB_ACL_TYPE_NFS4);
-+		send_nfs4_acl(f, sxp->nfs4_acl, &nfs4_acl_list);
-+		return;
-+	}
-+
- 	if (!sxp->acc_acl) {
- 		sxp->acc_acl = create_racl();
- 		rsync_acl_fake_perms(sxp->acc_acl, sxp->st.st_mode);
-@@ -771,12 +874,14 @@ void send_acl(int f, stat_x *sxp)
- 	/* Avoid sending values that can be inferred from other data. */
- 	rsync_acl_strip_perms(sxp);
- 
-+	write_varint(f, SMB_ACL_TYPE_ACCESS);
- 	send_rsync_acl(f, sxp->acc_acl, SMB_ACL_TYPE_ACCESS, &access_acl_list);
- 
- 	if (S_ISDIR(sxp->st.st_mode)) {
- 		if (!sxp->def_acl)
- 			sxp->def_acl = create_racl();
- 
-+		write_varint(f, SMB_ACL_TYPE_DEFAULT);
- 		send_rsync_acl(f, sxp->def_acl, SMB_ACL_TYPE_DEFAULT, &default_acl_list);
- 	}
- }
-@@ -1053,15 +1158,58 @@ static int recv_rsync_acl(int f, item_list *racl_list, SMB_ACL_TYPE_T type, mode
- 	return ndx;
- }
- 
-+
-+static int recv_nfs4_acl(int f, item_list *nfs4_acl_list, struct file_struct *file __unused)
-+{
-+	nfs4_duo *duo_item;
-+	int ndx = read_varint(f);
-+
-+	if (ndx < 0 || (size_t)ndx > nfs4_acl_list->count) {
-+		rprintf(FERROR_XFER, "recv_nfs4_index: %s ACL index %d > %d\n",
-+			str_acl_type(SMB_ACL_TYPE_NFS4), ndx, (int)nfs4_acl_list->count);
-+		exit_cleanup(RERR_STREAMIO);
-+	}
-+
-+	if (ndx != 0)
-+		return ndx - 1;
-+
-+	ndx = nfs4_acl_list->count;
-+	duo_item = EXPAND_ITEM_LIST(nfs4_acl_list, nfs4_duo, 1000);
-+	duo_item->nacl = empty_nfs4_acl;
-+
-+	duo_item->nacl.nfs4_acl_len = read_varint(f);
-+	duo_item->nacl.nfs4_acl_text = new_array(char, duo_item->nacl.nfs4_acl_len + 1);
-+	if (!duo_item->nacl.nfs4_acl_text)
-+		out_of_memory("recv_nfs4_acl");
-+
-+	read_buf(f, duo_item->nacl.nfs4_acl_text, duo_item->nacl.nfs4_acl_len);
-+	duo_item->nacl.nfs4_acl_text[duo_item->nacl.nfs4_acl_len] = 0;
-+
-+	duo_item->sacl = NULL;
-+	return ndx;
-+}
-+
-+
- /* Receive the ACL info the sender has included for this file-list entry. */
- void receive_acl(int f, struct file_struct *file)
- {
-+	int ndx;
-+	SMB_ACL_TYPE_T type;
-+
- 	if (protocol_version < 30) {
- 		old_recv_acl(file, f);
- 		return;
- 	}
- 
--	F_ACL(file) = recv_rsync_acl(f, &access_acl_list, SMB_ACL_TYPE_ACCESS, file->mode);
-+	type = read_varint(f);
-+	if (type == SMB_ACL_TYPE_NFS4){
-+		ndx = recv_nfs4_acl(f, &nfs4_acl_list, file);
-+		F_ACL(file) = ndx;
-+		return;
-+	}
-+
-+	ndx = recv_rsync_acl(f, &access_acl_list, SMB_ACL_TYPE_ACCESS, file->mode);
-+	F_ACL(file) = ndx;
- 
- 	if (S_ISDIR(file->mode))
- 		F_DIR_DEFACL(file) = recv_rsync_acl(f, &default_acl_list, SMB_ACL_TYPE_DEFAULT, 0);
-@@ -1085,10 +1233,37 @@ static int cache_rsync_acl(rsync_acl *racl, SMB_ACL_TYPE_T type, item_list *racl
- 	return ndx;
- }
- 
-+static int cache_nfs4_acl(nfs4_acl *nacl, item_list *nfs4_list)
-+{
-+	int ndx;
-+
-+	if (!nacl)
-+		ndx = -1;
-+	else if ((ndx = find_matching_nfs4_acl(nacl, nfs4_list)) == -1) {
-+		nfs4_duo *new_duo;
-+		ndx = nfs4_list->count;
-+		new_duo = EXPAND_ITEM_LIST(nfs4_list, nfs4_duo, 1000);
-+		new_duo->nacl = *nacl;
-+		new_duo->sacl = NULL;
-+		*nacl = empty_nfs4_acl;
-+	}
-+
-+	return ndx;
-+}
-+
-+
- /* Turn the ACL data in stat_x into cached ACL data, setting the index
-  * values in the file struct. */
- void cache_tmp_acl(struct file_struct *file, stat_x *sxp)
- {
-+	if (sxp->brand == SMB_ACL_BRAND_NFS4) {
-+		if (prior_nfs4_count == (size_t)-1)
-+			prior_nfs4_count = nfs4_acl_list.count;
-+
-+		F_ACL(file) = cache_nfs4_acl(sxp->nfs4_acl, &nfs4_acl_list);
-+		return;
-+	}
-+
- 	if (prior_access_count == (size_t)-1)
- 		prior_access_count = access_acl_list.count;
- 
-@@ -1118,6 +1293,21 @@ static void uncache_duo_acls(item_list *duo_list, size_t start)
- 	}
- }
- 
-+static void uncache_nfs4_acls(item_list *nfs4_list, size_t start)
-+{
-+	nfs4_duo *nfs4_item = nfs4_list->items;
-+	nfs4_duo *nfs4_start = nfs4_item + start;
-+
-+	nfs4_item += nfs4_list->count;
-+	nfs4_list->count = start;
-+
-+	while (nfs4_item-- > nfs4_start) {
-+		nfs4_acl_free(&nfs4_item->nacl);
-+		if (nfs4_item->sacl)
-+			sys_acl_free_acl(nfs4_item->sacl);
-+	}
-+}
-+
- void uncache_tmp_acls(void)
- {
- 	if (prior_access_count != (size_t)-1) {
-@@ -1129,6 +1319,10 @@ void uncache_tmp_acls(void)
- 		uncache_duo_acls(&default_acl_list, prior_default_count);
- 		prior_default_count = (size_t)-1;
- 	}
-+	if (prior_nfs4_count != (size_t)-1) {
-+		uncache_nfs4_acls(&nfs4_acl_list, prior_nfs4_count);
-+		prior_nfs4_count = (size_t)-1;
-+	}
- }
- 
- #ifndef HAVE_OSX_ACLS
-@@ -1281,6 +1475,7 @@ static int set_rsync_acl(const char *fname, acl_duo *duo_item,
- 	return 0;
- }
- 
-+
- /* Given a fname, this sets extended access ACL entries, the default ACL (for a
-  * dir), and the regular mode bits on the file.  Call this with fname set to
-  * NULL to just check if the ACL is different.
-@@ -1300,6 +1495,32 @@ int set_acl(const char *fname, const struct file_struct *file, stat_x *sxp, mode
- 		return -1;
- 	}
- 
-+	if (sxp->brand == SMB_ACL_BRAND_NFS4) {
-+		ndx = F_ACL(file);
-+		if (ndx >= 0 && (size_t)ndx < nfs4_acl_list.count) {
-+			nfs4_duo *duo_item = nfs4_acl_list.items;
-+			duo_item += ndx;
-+			changed = 1;
-+
-+			if (!duo_item->sacl) {
-+				duo_item->sacl = acl_from_text(duo_item->nacl.nfs4_acl_text);
-+				if (!duo_item->sacl)
-+					return -1;
-+			}
-+
-+			if (!dry_run && fname) {
-+				if (sys_acl_set_file(fname, SMB_ACL_TYPE_NFS4, duo_item->sacl) < 0) {
-+					rsyserr(FERROR_XFER, errno, "set_acl: sys_acl_set_file(%s, %s)",
-+						fname, str_acl_type(SMB_ACL_TYPE_NFS4));
-+					return -1;
-+				}
-+
-+				return changed;
-+			}
-+		}
-+	}
-+
-+
- 	ndx = F_ACL(file);
- 	if (ndx >= 0 && (size_t)ndx < access_acl_list.count) {
- 		acl_duo *duo_item = access_acl_list.items;
-diff --git a/hlink.c b/hlink.c
-index 3b57898..6130bbc 100644
---- a/hlink.c
-+++ b/hlink.c
-@@ -426,7 +426,9 @@ int hard_link_check(struct file_struct *file, int ndx, char *fname,
- 				else {
- 					sxp->acc_acl = alt_sx.acc_acl;
- 					sxp->def_acl = alt_sx.def_acl;
-+					sxp->nfs4_acl = alt_sx.nfs4_acl;
- 					alt_sx.acc_acl = alt_sx.def_acl = NULL;
-+					alt_sx.nfs4_acl = NULL;
- 				}
- 			}
- #endif
-diff --git a/ifuncs.h b/ifuncs.h
-index 6b119aa..24c4fd8 100644
---- a/ifuncs.h
-+++ b/ifuncs.h
-@@ -80,6 +80,7 @@ init_stat_x(stat_x *sx_p)
- {
- #ifdef SUPPORT_ACLS
- 	sx_p->acc_acl = sx_p->def_acl = NULL;
-+	sx_p->nfs4_acl = NULL;
- #endif
- #ifdef SUPPORT_XATTRS
- 	sx_p->xattr = NULL;
-diff --git a/lib/sysacls.c b/lib/sysacls.c
-index 6ccfe43..a4faf50 100644
---- a/lib/sysacls.c
-+++ b/lib/sysacls.c
-@@ -80,12 +80,36 @@ SMB_ACL_T sys_acl_get_file( const char *path_p, SMB_ACL_TYPE_T type)
- 	return acl_get_file( path_p, type);
- }
- 
--#if 0
- SMB_ACL_T sys_acl_get_fd(int fd)
- {
- 	return acl_get_fd(fd);
- }
--#endif
-+
-+int sys_acl_get_brand( SMB_ACL_T the_acl, int *brand_p)
-+{
-+	return acl_get_brand_np(the_acl, brand_p);
-+}
-+
-+int sys_acl_get_brand_file( const char *path_p, int *brand_p)
-+{
-+	int fd;
-+	acl_t acl;
-+
-+	if ((fd = open(path_p, O_RDONLY|O_NONBLOCK)) < 0)
-+		return -1;
-+	if ((acl = acl_get_fd(fd)) == NULL) {
-+		close(fd);
-+		return -1;
-+	}
-+	close(fd);
-+	if (acl_get_brand_np(acl, brand_p) < 0) {
-+		acl_free(acl);
-+		return -1;
-+	}
-+
-+	acl_free(acl);
-+	return 0;
-+}
- 
- #if defined(HAVE_ACL_GET_PERM_NP)
- #define acl_get_perm(p, b) acl_get_perm_np(p, b)
-diff --git a/lib/sysacls.h b/lib/sysacls.h
-index 31c4909..49f7b33 100644
---- a/lib/sysacls.h
-+++ b/lib/sysacls.h
-@@ -48,6 +48,7 @@
- #define SMB_ACL_GROUP_OBJ	ACL_GROUP_OBJ
- #define SMB_ACL_OTHER		ACL_OTHER
- #define SMB_ACL_MASK		ACL_MASK
-+#define SMB_ACL_EVERYONE	ACL_EVERYONE
- 
- #define SMB_ACL_T		acl_t
- 
-@@ -58,6 +59,11 @@
- 
- #define SMB_ACL_TYPE_ACCESS	ACL_TYPE_ACCESS
- #define SMB_ACL_TYPE_DEFAULT	ACL_TYPE_DEFAULT
-+#define	SMB_ACL_TYPE_NFS4	ACL_TYPE_NFS4
-+
-+#define	SMB_ACL_BRAND_UNKNOWN	ACL_BRAND_UNKNOWN
-+#define	SMB_ACL_BRAND_POSIX	ACL_BRAND_POSIX
-+#define	SMB_ACL_BRAND_NFS4	ACL_BRAND_NFS4
- 
- #define SMB_ACL_VALID_NAME_BITS	(4 | 2 | 1)
- #define SMB_ACL_VALID_OBJ_BITS	(4 | 2 | 1)
-@@ -292,6 +298,8 @@ int sys_acl_get_info(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T *tag_type_p, uint32 *b
- SMB_ACL_T sys_acl_get_file(const char *path_p, SMB_ACL_TYPE_T type);
- SMB_ACL_T sys_acl_get_fd(int fd);
- SMB_ACL_T sys_acl_init(int count);
-+int sys_acl_get_brand( SMB_ACL_T the_acl, int *brand_p);
-+int sys_acl_get_brand_file( const char *path_p, int *brand_p);
- int sys_acl_create_entry(SMB_ACL_T *pacl, SMB_ACL_ENTRY_T *pentry);
- int sys_acl_set_info(SMB_ACL_ENTRY_T entry, SMB_ACL_TAG_T tagtype, uint32 bits, id_t u_g_id);
- int sys_acl_set_access_bits(SMB_ACL_ENTRY_T entry, uint32 bits);
-diff --git a/main.c b/main.c
-index e7a13f7..0a65e45 100644
---- a/main.c
-+++ b/main.c
-@@ -1014,6 +1014,7 @@ static void do_server_recv(int f_in, int f_out, int argc, char *argv[])
- 		rprintf(FERROR,"server_recv: recv_file_list error\n");
- 		exit_cleanup(RERR_FILESELECT);
- 	}
-+
- 	if (inc_recurse && file_total == 1)
- 		recv_additional_file_list(f_in);
- 
-diff --git a/rsync.c b/rsync.c
-index c498c44..7814ae5 100644
---- a/rsync.c
-+++ b/rsync.c
-@@ -561,19 +561,6 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
- 			file->flags |= FLAG_TIME_FAILED;
- 	}
- 
--#ifdef SUPPORT_ACLS
--	/* It's OK to call set_acl() now, even for a dir, as the generator
--	 * will enable owner-writability using chmod, if necessary.
--	 * 
--	 * If set_acl() changes permission bits in the process of setting
--	 * an access ACL, it changes sxp->st.st_mode so we know whether we
--	 * need to chmod(). */
--	if (preserve_acls && !S_ISLNK(new_mode)) {
--		if (set_acl(fname, file, sxp, new_mode) > 0)
--			updated = 1;
--	}
--#endif
--
- #ifdef HAVE_CHMOD
- 	if (!BITS_EQUAL(sxp->st.st_mode, new_mode, CHMOD_BITS)) {
- 		int ret = am_root < 0 ? 0 : do_chmod(fname, new_mode);
-@@ -588,6 +575,19 @@ int set_file_attrs(const char *fname, struct file_struct *file, stat_x *sxp,
- 	}
- #endif
- 
-+#ifdef SUPPORT_ACLS
-+	/* It's OK to call set_acl() now, even for a dir, as the generator
-+	 * will enable owner-writability using chmod, if necessary.
-+	 * 
-+	 * If set_acl() changes permission bits in the process of setting
-+	 * an access ACL, it changes sxp->st.st_mode so we know whether we
-+	 * need to chmod(). */
-+	if (preserve_acls && !S_ISLNK(new_mode)) {
-+		if (set_acl(fname, file, sxp, new_mode) > 0)
-+			updated = 1;
-+	}
-+#endif
-+
- 	if (INFO_GTE(NAME, 2) && flags & ATTRS_REPORT) {
- 		if (updated)
- 			rprintf(FCLIENT, "%s\n", fname);
-diff --git a/rsync.h b/rsync.h
-index 4fef882..6a0c89c 100644
---- a/rsync.h
-+++ b/rsync.h
-@@ -994,13 +994,22 @@ typedef struct {
- #ifdef SUPPORT_ACLS
-     struct rsync_acl *acc_acl; /* access ACL */
-     struct rsync_acl *def_acl; /* default ACL */
-+    struct nfs4_acl *nfs4_acl; /* NFSv4 ACL */
-+    int brand;
- #endif
- #ifdef SUPPORT_XATTRS
-     item_list *xattr;
- #endif
- } stat_x;
- 
--#define ACL_READY(sx) ((sx).acc_acl != NULL)
-+#ifdef SUPPORT_ACLS
-+#include "lib/sysacls.h"
-+#endif
-+
-+#define ACL_READY_POSIX(sx) ((sx).acc_acl != NULL)
-+#define ACL_READY_NFS4(sx) ((sx).nfs4_acl != NULL)
-+#define ACL_READY(sx) (((sx).brand == SMB_ACL_BRAND_NFS4) ? (ACL_READY_NFS4(sx)) : (ACL_READY_POSIX(sx)))
-+
- #define XATTR_READY(sx) ((sx).xattr != NULL)
- 
- #include "proto.h"
diff --git a/net/rsync/files/patch-siginfo b/net/rsync/files/patch-siginfo
deleted file mode 100644
index 13acc656ddba..000000000000
--- a/net/rsync/files/patch-siginfo
+++ /dev/null
@@ -1,63 +0,0 @@
-diff --git a/main.c b/main.c
-index 4613c96..3d47f3a 100644
---- a/main.c
-+++ b/main.c
-@@ -76,6 +76,7 @@ extern size_t bwlimit_writemax;
- extern unsigned int module_dirlen;
- extern BOOL flist_receiving_enabled;
- extern BOOL shutting_down;
-+extern BOOL want_progress_now;
- extern int backup_dir_len;
- extern int basis_dir_cnt;
- extern struct stats stats;
-@@ -1439,6 +1440,15 @@ static void sigusr2_handler(UNUSED(int val))
- 	_exit(0);
- }
- 
-+#ifdef SIGINFO
-+static void siginfo_handler(UNUSED(int val))
-+{
-+
-+	if (!am_server)
-+		want_progress_now = True;
-+}
-+#endif
-+
- void remember_children(UNUSED(int val))
- {
- #ifdef WNOHANG
-@@ -1538,6 +1548,9 @@ int main(int argc,char *argv[])
- 	SIGACTMASK(SIGABRT, rsync_panic_handler);
- 	SIGACTMASK(SIGBUS, rsync_panic_handler);
- #endif
-+#ifdef SIGINFO
-+	SIGACTMASK(SIGINFO, siginfo_handler);
-+#endif
- 
- 	starttime = time(NULL);
- 	our_uid = MY_UID();
-diff --git a/receiver.c b/receiver.c
-index 4ea4c09..1c255ef 100644
---- a/receiver.c
-+++ b/receiver.c
-@@ -62,6 +62,8 @@ extern char sender_file_sum[MAX_DIGEST_LEN];
- extern struct file_list *cur_flist, *first_flist, *dir_flist;
- extern filter_rule_list daemon_filter_list;
- 
-+BOOL want_progress_now;
-+
- static struct bitbag *delayed_bits = NULL;
- static int phase = 0, redoing = 0;
- static flist_ndx_list batch_redo_list;
-@@ -302,6 +304,11 @@ static int receive_data(int f_in, char *fname_r, int fd_r, OFF_T size_r,
- 	while ((i = recv_token(f_in, &data)) != 0) {
- 		if (INFO_GTE(PROGRESS, 1))
- 			show_progress(offset, total_size);
-+		else if (want_progress_now) {
-+			rprintf(FINFO, "%s\n", fname);
-+			end_progress(offset);
-+		}
-+		want_progress_now = False;
- 
- 		if (allowed_lull)
- 			maybe_send_keepalive(time(NULL), MSK_ALLOW_FLUSH | MSK_ACTIVE_RECEIVER);
diff --git a/net/rsync/pkg-plist b/net/rsync/pkg-plist
index a361a8063c06..89a3d1f59034 100644
--- a/net/rsync/pkg-plist
+++ b/net/rsync/pkg-plist
@@ -1,5 +1,7 @@
 bin/rsync
+bin/rsync-ssl
 sbin/rrsync
 man/man1/rsync.1.gz
+man/man1/rsync-ssl.1.gz
 man/man5/rsyncd.conf.5.gz
 @sample %%ETCDIR%%/rsyncd.conf.sample
author	Rodrigo Osorio <rodrigo@FreeBSD.org>	2020-08-20 07:17:51 +0000
committer	Rodrigo Osorio <rodrigo@FreeBSD.org>	2020-08-20 07:17:51 +0000
commit	02550833165ff532f24d4d134b6728f5555763a5 (patch)
tree	4d9e3e250b4e6a0716e1c0bfc47080e63b592e7c /net
parent	f11f67649197fd8697774fdaa81e0bc533053b30 (diff)
download	ports-02550833165ff532f24d4d134b6728f5555763a5.tar.gz ports-02550833165ff532f24d4d134b6728f5555763a5.zip