1
0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-03 12:35:02 +00:00
Commit Graph

35 Commits

Author SHA1 Message Date
Tim Kientzle
db9e0127da Cache uid-from-uname and gid-from-gname lookups during extraction.
This should provide a big performance boost for folks using NIS or LDAP.

MFC after: 3 days
Thanks to: Jun Kuriyama (for reminding me that this was still on my TODO list)
2004-08-27 03:40:48 +00:00
Tim Kientzle
2522fe6764 Don't edit permissions of pre-existing directories during extract.
This closes a security hole.  Otherwise, libarchive will happily
extract into directories to which it lacks write permissions by
resetting the permissions during the extract.

Thanks to: Kris Kennaway
2004-08-26 03:53:43 +00:00
Tim Kientzle
bfe891b141 libarchive now has two complete build systems. The usual "Makefile"
is present for FreeBSD.  If you "make distfile" on FreeBSD, you will
soon have a tar.gz file suitable for deploying to other systems
(complete with the expected "configure" script, etc).  This latter
relies (at least for now) on the GNU auto??? tools.  (I like autoconf
okay, but someday I hope to write a custom Makefile.in and dispense
with automake, which is somewhat odious.)

As part of this, I've cleaned up some of the conditional
compilation options, added make-foo to construct archive.h dynamically
(it now contains some version constants), and added some useful
informational files.
2004-08-07 03:09:28 +00:00
Tim Kientzle
73c891fe79 Use "linux" instead of "LINUX" to control Linux-specific code.
Thanks to: David O'Brien for pointing this out.

Also, add in a few additional portability tweaks and make a few
more things conditional on features (HAVE_XXXX macros) rather
than platform.
2004-07-24 17:50:05 +00:00
Tim Kientzle
6a1d1828e7 Style: rename 'mkdirpath' so it's clearer exactly what it does.
(To be precise, it creates the parent dir of the provided path.)
2004-07-15 03:13:27 +00:00
Tim Kientzle
320adc42ea Correct a brain-o in extract_dir: mkdirpath() and mkdir(2) are
not interchangable.
2004-07-10 18:10:20 +00:00
Tim Kientzle
cbf4203db5 I think this is my fourth complete rewrite of the dir-creation
code. <whew!> This version handles all of the following edge cases:
  * Restoring explicit dirs with 000 permissions (star fails this test)
  * Restore of implicit or explicit dirs when umask=777
    (gtar and star both fail this test)
  * Restoring dir paths containing "." and ".." components
This version initially creates all dirs with permission 700 (ignoring
umask), then does a post-extract "fixup" pass to set the correct
permissions (which may or may not depend on umask, depending on the
restore flags and whether it's an explicit or implicit dir).
Permissions are restored depth-first so that permissions within
non-writable dirs can be correctly restored. (The depth-sorting does
correctly account for dirs with ".." components.)
2004-07-08 05:24:48 +00:00
Tim Kientzle
98183bf412 Yet another pointy hat: When restoring file flags, it's okay to use the
shared stat buffer, but don't try to access it through an uninitialized
pointer.
2004-07-04 18:28:56 +00:00
Tim Kientzle
5708f1dd7c In case symlinks happen to already be sitting around, be sure to use
chmod() and not lchmod() whenever we know we didn't extract a symlink.
2004-06-30 04:54:07 +00:00
Tim Kientzle
88c3541690 Some implicit dirs were not having the umask correctly
applied to their permissions.  Just calculate the
default dir mode once and use it consistently, rather than
trying to remember to calculate it everywhere it's needed.
2004-06-28 14:12:09 +00:00
Tim Kientzle
b5f1f87711 More cleanup work on permissions restore:
* Rename some variables/functions/etc to try to make things clearer.
  * Add separate flags to control fflag/acl restore
  * Collect metadata restore into a single function for clarity
  * Propagate errors in metadata restore back out to the client
  * Fix some places where errors were being returned when they
    shouldn't and vice-versa
  * Modes are now always restored; ARCHIVE_EXTRACT_PERM just controls
    whether or not umask is obeyed.
  * Restore suid/sgid bits only if user/group matches archive
  * Cache the last stat results to try to reduce the number of stat calls
2004-06-27 23:27:28 +00:00
Tim Kientzle
527b6597a0 Clean up some consistent confusion between "dev" and "rdev."
Mostly, these were being used correctly even though a lot of
variables and function names were mis-named.

In the process, I found and fixed a couple of latent bugs and
added a guard against adding an archive to itself.
2004-06-27 18:38:13 +00:00
Tim Kientzle
406b66ef06 More tweaks to implicit directory creation. Even such abominations as
a/././b/../b/../c/./../d/e/f now work correctly.  And yes, a/b and a/c
both get created in this example; if you want, you can create an
entire dir heirarchy from a tar archive with only one entry.

More tweaks to umask support: umasks are now obeyed for all objects,
not just directories; the umask used is now the one in effect at the
corresponding call to archive_read_extract(), so clients that want to
tinker with umask during extract should get the expected behavior.
2004-06-27 16:44:51 +00:00
Tim Kientzle
30d140332e * The mode for implicitly-created dirs is now 0777 modified by the
umask in effect when the archive is closed
* Correct a typo that broke implicit dir creation for non-directories.

Thanks to: Garret A Wollman for pointing out my umask oversight
2004-06-27 05:59:15 +00:00
Tim Kientzle
6efb916277 Unify mkdirpath (used to automatically create missing parent dirs) and
read_extract_dir (which creates directories in the archive).  This
brings a number of advantages:
 * FINALLY fix the problems creating dirs ending in "/."  <sigh>
 * Missing parent dirs now get created securely, just like explicit dirs.
   (Created 0700 initially, then edited to 0755 at end of extraction.)
 * Eliminate some duplicate code and some weird special cases.

While I'm cleaning, inline the regular-file creation code as well.
2004-06-27 03:19:01 +00:00
Tim Kientzle
1393f9061e Read gtar-style sparse archives.
This change also pointed out one API deficiency: the
archive_read_data_into_XXX functions were originally defined to return
the total bytes read.  This is, of course, ambiguous when dealing with
non-contiguous files.  Change it to just return a status value.
2004-06-27 01:15:31 +00:00
Tim Kientzle
9ad66a1eed Always restore permissions for regular files, even if the
file already exists on disk.

Pointed out by: www/resin3 port (whose distfile contains the same file
  twice with different permissions and relies on the permissions associated
  with the second instance)
Thanks again to: Kris Kennaway
2004-06-17 03:09:06 +00:00
Tim Kientzle
7e37ae50db Be a little more careful about creating directories:
* Restore directories with 0700 permissions initially,
   then use the fixup pass to correct the permissions
 * Trim trailing "/" and "/." in mkdirpath()

Suggested by: Garrett Wollman
2004-06-15 07:12:04 +00:00
Tim Kientzle
16847cbdc4 Pointy hat: We can't avoid a chown() call without checking both UID
and GID.  Suppress a premature attempt at optimization.
2004-06-05 06:08:40 +00:00
Tim Kientzle
25354e55bf YAPHtM: Yet Another Pointy Hat to Me.
After calculating new dir permissions that allow creating files,
don't be stupid and use the original permissions.  <sigh>
2004-06-05 05:34:45 +00:00
Tim Kientzle
2474b73276 Recognize when we've accidentally created "foo/."
and don't complain about it.
2004-06-05 05:30:41 +00:00
Tim Kientzle
a8659f8468 Refactor the extraction code somewhat. In particular,
push extract data down into archive_read_extract.c and out
of the library-global archive_private.h; push dir-specific
mode/time fixup down into dir restore function; now that the
fixup list is file-local, I can use somewhat more natural
naming.

Oh, yeah, update a bunch of comments to match current reality.
2004-06-03 23:29:47 +00:00
Tim Kientzle
da725414f3 Previously, restoring an archive with hardlinked files that had
certain flags set (e.g., schg or uappend) would fail because the flags
were restored before the hardlink was created.

To address this, I've generalized the existing machinery for deferring
directory timestamp/mode restoration and used it to defer the
restoration of highly-restrictive flags to the end of the extraction,
after any links have been created.

Pointed out by: Pawel Jakub Dawidek (pjd@)
2004-05-27 05:02:35 +00:00
Tim Kientzle
199984b3b2 Add hook for a client-provided progress callback to be invoked
during lengthy extract operations.
2004-05-13 06:01:14 +00:00
Tim Kientzle
183392ce20 Create missing directories when extracting hardlinks and symlinks. 2004-04-30 01:31:20 +00:00
Tim Kientzle
9e62b060b7 Implement ARCHIVE_EXTRACT_UNLINK for regular files. This supports the
-U flag to bsdtar.  Essentially, this option breaks existing hard
links.  According to SUSv2, tar is supposed to overwrite existing
files on extract by default which, in particular, preserves
existing hard links.  Note that this is yet another bug in gtar; it
appears to always break existing links.  (Maybe gtar's -U is broken?)

I'm unsure about how to handle this for other file types; the current
code always unlinks first unless the NO_OVERWRITE flag is specified.
I've commented this issue liberally and will come back to it later.
2004-04-29 05:19:42 +00:00
Tim Kientzle
61fac2242c Update file flag handling.
The new fflags support in archive_entry supports Linux and FreeBSD
file flags and is a bit more gracious about unrecognized flag names
than strtofflags(3).  This involves some minor API breakage.

The default tar format ("restricted pax") now enables pax extensions
when archiving files that have flags.  In particular, copying dir
heirarchies with 'bsdtar cf - -C src . | bsdtar xpf - -C dest' now
preserves file flags.  (Note the "p" on extract!)

While I'm here, fill in some additional explanation in the
archive_entry.3 manpage, fill in some missing MLINKS, mark some
overlooked internal functions 'static', and make a few minor style
fixes.
2004-04-26 23:37:54 +00:00
Tim Kientzle
9214908dca Correct spelling of == so that file flags are correctly restored.
Credit to Juergen Lock.
2004-04-23 16:27:37 +00:00
Tim Kientzle
0f7d2bd380 More portability improvements, thanks to Juergen Lock.
High-resolution mtime/ctime/atime is not POSIX-standard, so hide
set/get of high-resolution time fields behind easily-mutable macros.
That makes it easier to change how those fields are accessed.
2004-04-21 05:13:42 +00:00
Tim Kientzle
aee47dd7c8 More work on ACLs: fix error in archive_entry's ACL parsing code,
try to set ACLs even if fflag restore fails, first cut at reading
  Solaris tar ACLs

Code improvement: merge gnu tar read support into main tar reader;
  this eliminates a lot of duplicate code and generalizes the tar
  reader to handle formats with GNU-like extensions.

Style: Makefile cleanup, eliminate 'dmalloc' references, remove 'tartype'
  from archive_entry (this makes archive_entry more format-agnostic)

Thanks to: David Magda for providing Solaris tar test files
2004-04-12 01:16:16 +00:00
Tim Kientzle
08766bdf18 Fix some issues with ACL handling:
* ACL storage is no longer erased before a group of entries are added.
  * ACL text creation no longer tries to skip over non-existent text.
  * UTF8 encoder no longer blows up on invalid wide characters.
  * Fixed ACL state management for default ACLs.
Also, publicize function for obtaining text-format ACL in various
formats.  The interface is now extensible through a "flags" argument
that allows you to select a variant format.
2004-04-06 23:16:50 +00:00
Tim Kientzle
71b44796d9 Overhauled ACL support. This makes us compatible
with 'star' ACL handling, though there's still a
bit more work needed in this area.

Added 'write_open_fd' and 'read_open_fd' to simplify, e.g.,
tar's u and r modes.  Eliminated old 'write_open_file_position'
as a bad idea.  (It required closing/reopening files to
do updates, which led to unpleasant implications.)

Various other minor fixes, API tweaks, etc.
2004-04-05 21:12:29 +00:00
Tim Kientzle
df3c1316b0 Many fixes.
Portability: Thanks to Juergen Lock, libarchive now compiles cleanly
on Linux.  Along the way, I cleaned up a lot of error return codes and
reorganized some code to simplify conditional compilation of certain
sections.

Bug fixes:
  * pax format now actually stores filenames that are 101-154
    characters long.
  * pax format now allows newline characters in extended attributes
    (this fixes a long-standing bug in ACL handling)
  * mtime/atime are now restored for directories
  * directory list is now sorted prior to fix-up to permit
    correct restore of non-writable dir heirarchies
2004-03-09 19:50:41 +00:00
Tim Kientzle
c56e5beb9c sys/types.h must be included before sys/acl.h,
as clearly documented in the acl manpage.

Thanks to bde for catching this blunder.
2004-02-12 20:35:59 +00:00
Tim Kientzle
2710e4d1ef Initial import of libarchive.
What it is:
   A library for reading and writing various streaming archive
   formats, especially tar and cpio.  Being a library, it should
   be easy to incorporate into pkg_* tools, sysinstall, and any
   other place that needs to read or write such archives.

Features:
  * Full automatic detection of both compression and archive format.
  * Extensible internal architecture to make it easy to add new formats.
  * Support for "pax interchange format," a new POSIX-standard tar format
    that eliminates essentially all of the restrictions of historic formats.
  * BSD license

Thanks to: jkh for pushing me to start this work, gordon for
  encouraging me to commit it, bde for answering endless style
  questions, and many others for feedback and encouragement.

Status: Pretty good overall, though there are still a few rough edges and
  the library could always use more testing.  Feedback eagerly solicited.
2004-02-09 23:22:54 +00:00