58 Commits

Author SHA1 Message Date
Tim Kientzle
b48b40f1f8 libarchive 2.2.3
* "compression_program" support uses an external program
  * Portability: no longer uses "struct stat" as a primary
    data interchange structure internally
  * Part of the above: refactor archive_entry to separate
    out copy_stat() and stat() functions
  * More complete tests for archive_entry
  * Finish archive_entry_clone()
  * Isolate major()/minor()/makedev() in archive_entry; remove
    these from everywhere else.
  * Bug fix: properly handle decompression look-ahead at end-of-data
  * Bug fixes to 'ar' support
  * Fix memory leak in ZIP reader
  * Portability: better timegm() emulation in iso9660 reader
  * New write_disk flags to suppress auto dir creation and not
    overwrite newer files (for future cpio front-end)
  * Simplify trailing-'/' fixup when writing tar and pax
  * Test enhancements:  fix various compiler warnings, improve
    portability, add lots of new tests.
  * Documentation: document new functions, first draft of
    libarchive_internals.3

MFC after: 14 days
Thanks to: Joerg Sonnenberger (compression_program)
Thanks to: Kai Wang (ar)
Thanks to: Colin Percival (many small fixes)
Thanks to: Many others who sent me various patches and problem reports.
2007-05-29 01:00:21 +00:00
Colin Percival
6fc0ea8474 In libarchive: Downgrade ARCHIVE_FATAL and ARCHIVE_FAILED errors which
occur on the write side of extracting a file to ARCHIVE_WARN errors
when returning them from archive_read_extract.

In bsdtar: Use the return code from archive_read_data_into_fd and
archive_read_extract to determine whether we should continue trying to
extract an archive after one of the entries fails.

This commit makes extracting a truncated tarball complain once about
the archive being truncated, instead of complaining twice (once when
trying to extract an entry, and once when trying to seek to the next
entry).

Discussed with:	kientzle
2007-04-16 04:04:50 +00:00
Tim Kientzle
edddd60899 Thanks to Colin for catching my mixup. The original problem wasn't
suppressing the second error, it was failing to address the first.
2007-04-15 01:01:20 +00:00
Tim Kientzle
b723fe5b61 Pass through error message if any operation fails, not just the last one. 2007-04-14 22:49:37 +00:00
Colin Percival
e95f7ff4ee When copying data from one archive to another, only set the error
message in the reader to the error message from the writer if the
error which occurred was in the writer.  This avoids error messages
of "Empty error message" when extracting truncated archives.
2007-04-07 03:37:59 +00:00
Tim Kientzle
2304493774 Libarchive 2.0.23:
* The ACL formatter was mis-formatting entries which had a
     user/group ID but no name.  Make the parser tolerant of
     these, so that old archives can be correctly restored;
     fix the formatter to generate correct entries.
   * Fix overwrite detection by introducing a new "FAILED" return
     code that indicates the current entry cannot be continued
     but the archive as a whole is still sound.
   * Header cleanup:  Remove some unused headers, add some that
     are required with new Linux systems.
2007-03-11 10:29:52 +00:00
Tim Kientzle
f81da3e584 libarchive 2.0
* libarchive_test program exercises many of the core features
  * Refactored old "read_extract" into new "archive_write_disk", which
    uses archive_write methods to put entries onto disk.  In particular,
    you can now use archive_write_disk to create objects on disk
    without having an archive available.
  * Pushed some security checks from bsdtar down into libarchive, where
    they can be better optimized.
  * Rearchitected the logic for creating objects on disk to reduce
    the number of system calls.  Several common cases now use a
    minimum number of system calls.
  * Virtualized some internal interfaces to provide a clearer separation
    of read and write handling and make it simpler to override key
    methods.
  * New "empty" format reader.
  * Corrected return types (this ABI breakage required the "2.0" version bump)
  * Many bug fixes.
2007-03-03 07:37:37 +00:00
Tim Kientzle
03bb132ddc Force the umask to something predictable while creating objects
on disk.  In particular, this fixes tar -xp restore of mode bits.
2007-03-02 16:44:58 +00:00
Tim Kientzle
63165a380d Fix the copyright notice; it was always intended to be
a vanilla 2-clause BSD license, but somehow some confusing
extra verbage get copied from somewhere.

Also, update the copyright dates to 2007 for all of the files.

Prompted by: several questions about what those extra words really mean
2007-01-09 08:05:56 +00:00
Tim Kientzle
aa1eeda578 Portability and style fixes:
* Actually use the HAVE_<header>_H macros to conditionally include
    system headers.  They've been defined for a long time, but only
    used in a few places.  Now they're used pretty consistently
    throughout.
  * Fill in a lot of missing casts for conversions from void*.
    Although Standard C doesn't require this, some people have been
    trying to use C++ compilers with this code, and they do require it.

Bit-for-bit, the compiled object files are identical, except for
one assert() whose line number changed, so I'm pretty confident I
didn't break anything.  ;-)
2006-11-10 06:39:46 +00:00
Tim Kientzle
011a0a0432 Performance: If the dir mode requested is "reasonable", then just
restore it directly and skip chmod() during the post-extract fixup.
In particular, bsdtar -xm now completely skips the post-extract fixup
for directories, which produces a noticable speedup in that case.
2006-10-04 02:08:04 +00:00
Tim Kientzle
c12a9d810e Some minor corrections:
* Expose functions for setting the "skip file" dev/ino information
  * Expose functions for setting/querying the block size on reads
  * Correctly propagate errors out of archive_read_close/archive_write_close
  * Update manpage with information about new functions
2006-09-05 05:59:46 +00:00
Tim Kientzle
d3b6573b00 Simplify some of the wide-character handling, inspired
in part by OpenBSD's not-quite-standard-compliant
standard libraries.  (No loss of functionality,
just minor recoding to not rely on certain "standard"
facilities that weren't actually needed.)
2006-05-01 01:02:19 +00:00
Tim Kientzle
542f05ce07 Even if a system does not support restoring extended attributes,
it's only a failure if there were actually attributes to be restored.
In particular, this fixes the problem where tar -xp always returned
a failure code on FreeBSD (which doesn't yet have all of the extended
attribute support).

Thanks to: Diego "Flameeyes" Petteno
2006-03-22 02:42:17 +00:00
Tim Kientzle
2228e32755 POSIX.1e-style Extended Attribute support
This commit implements storing/reading POSIX.1e-style extended
attribute information in "pax" format archives.  An outline of the
storage format is in the tar.5 manpage.  The archive_read_extract()
function has code to restore those archives to disk for Linux; FreeBSD
implementation is forthcoming.

Many thanks to Jaakko Heinonen for finding flaws in earlier
proposals and doing the bulk of the coding in this work.
2006-03-21 16:55:46 +00:00
Yaroslav Tykhiy
628bcb899b Fix fallout from the previous commit:
We shouldn't call chmod() if we've just used
fchmod() OK on the same file.

Approved by:	kientzle
2005-09-09 19:02:03 +00:00
Tim Kientzle
731f6a1690 Terminate metadata restore early only on failure, not success.
In particular, this bug was preventing the restore of fflags.
2005-09-05 10:23:55 +00:00
Tim Kientzle
495b0c0d52 Minor clean up for flags restoration: Use fchflags/lchflags when
available, stub out flags restore on platforms that don't support it,
update autoconf to probe for fchflags and lchflags support.
2005-06-04 22:30:36 +00:00
Tim Kientzle
b33c1067f8 Start to address the race issue between restoring a file's contents
and restoring the metadata.  In particular, the metadata-restore
functions now all accept a file descriptor and a pathname.  If the
file descriptor is set and the platform supports the appropriate
syscall, restore the metadata through the file descriptor.  Otherwise,
restore it through the pathname.  This is complicated by varying
syscall support (FreeBSD has an fchmod(2) but no fchflags(2), for
example) and because non-file entries don't have an fd to use in
restoring attributes (for example, mknod(2) doesn't return a file
handle).

MFC after: 14 days
2005-05-21 19:45:56 +00:00
Tim Kientzle
48a54ddbd0 Portability enhancement: MS Windows won't restore metadata if the file
is still open, so close the file as soon as we've written the
file contents, before we attempt to restore metadata.

Thanks to:  Kees Zeelenberg
2005-04-17 22:49:00 +00:00
Tim Kientzle
fa37cdf60b Clean up the support for extracting very long pathnames. 2005-03-29 05:24:08 +00:00
Tim Kientzle
236d2801ad Support extracting entries with pathnames longer than PATH_MAX. In
testing, I've archived and restored dir trees with ~1MB pathnames.
Most formats, of course, have much smaller limits.
2005-03-13 02:53:42 +00:00
Tim Kientzle
3702bc7eb3 Update a comment. 2004-11-05 05:16:40 +00:00
Tim Kientzle
db9e0127da Cache uid-from-uname and gid-from-gname lookups during extraction.
This should provide a big performance boost for folks using NIS or LDAP.

MFC after: 3 days
Thanks to: Jun Kuriyama (for reminding me that this was still on my TODO list)
2004-08-27 03:40:48 +00:00
Tim Kientzle
2522fe6764 Don't edit permissions of pre-existing directories during extract.
This closes a security hole.  Otherwise, libarchive will happily
extract into directories to which it lacks write permissions by
resetting the permissions during the extract.

Thanks to: Kris Kennaway
2004-08-26 03:53:43 +00:00
Tim Kientzle
bfe891b141 libarchive now has two complete build systems. The usual "Makefile"
is present for FreeBSD.  If you "make distfile" on FreeBSD, you will
soon have a tar.gz file suitable for deploying to other systems
(complete with the expected "configure" script, etc).  This latter
relies (at least for now) on the GNU auto??? tools.  (I like autoconf
okay, but someday I hope to write a custom Makefile.in and dispense
with automake, which is somewhat odious.)

As part of this, I've cleaned up some of the conditional
compilation options, added make-foo to construct archive.h dynamically
(it now contains some version constants), and added some useful
informational files.
2004-08-07 03:09:28 +00:00
Tim Kientzle
73c891fe79 Use "linux" instead of "LINUX" to control Linux-specific code.
Thanks to: David O'Brien for pointing this out.

Also, add in a few additional portability tweaks and make a few
more things conditional on features (HAVE_XXXX macros) rather
than platform.
2004-07-24 17:50:05 +00:00
Tim Kientzle
6a1d1828e7 Style: rename 'mkdirpath' so it's clearer exactly what it does.
(To be precise, it creates the parent dir of the provided path.)
2004-07-15 03:13:27 +00:00
Tim Kientzle
320adc42ea Correct a brain-o in extract_dir: mkdirpath() and mkdir(2) are
not interchangable.
2004-07-10 18:10:20 +00:00
Tim Kientzle
cbf4203db5 I think this is my fourth complete rewrite of the dir-creation
code. <whew!> This version handles all of the following edge cases:
  * Restoring explicit dirs with 000 permissions (star fails this test)
  * Restore of implicit or explicit dirs when umask=777
    (gtar and star both fail this test)
  * Restoring dir paths containing "." and ".." components
This version initially creates all dirs with permission 700 (ignoring
umask), then does a post-extract "fixup" pass to set the correct
permissions (which may or may not depend on umask, depending on the
restore flags and whether it's an explicit or implicit dir).
Permissions are restored depth-first so that permissions within
non-writable dirs can be correctly restored. (The depth-sorting does
correctly account for dirs with ".." components.)
2004-07-08 05:24:48 +00:00
Tim Kientzle
98183bf412 Yet another pointy hat: When restoring file flags, it's okay to use the
shared stat buffer, but don't try to access it through an uninitialized
pointer.
2004-07-04 18:28:56 +00:00
Tim Kientzle
5708f1dd7c In case symlinks happen to already be sitting around, be sure to use
chmod() and not lchmod() whenever we know we didn't extract a symlink.
2004-06-30 04:54:07 +00:00
Tim Kientzle
88c3541690 Some implicit dirs were not having the umask correctly
applied to their permissions.  Just calculate the
default dir mode once and use it consistently, rather than
trying to remember to calculate it everywhere it's needed.
2004-06-28 14:12:09 +00:00
Tim Kientzle
b5f1f87711 More cleanup work on permissions restore:
* Rename some variables/functions/etc to try to make things clearer.
  * Add separate flags to control fflag/acl restore
  * Collect metadata restore into a single function for clarity
  * Propagate errors in metadata restore back out to the client
  * Fix some places where errors were being returned when they
    shouldn't and vice-versa
  * Modes are now always restored; ARCHIVE_EXTRACT_PERM just controls
    whether or not umask is obeyed.
  * Restore suid/sgid bits only if user/group matches archive
  * Cache the last stat results to try to reduce the number of stat calls
2004-06-27 23:27:28 +00:00
Tim Kientzle
527b6597a0 Clean up some consistent confusion between "dev" and "rdev."
Mostly, these were being used correctly even though a lot of
variables and function names were mis-named.

In the process, I found and fixed a couple of latent bugs and
added a guard against adding an archive to itself.
2004-06-27 18:38:13 +00:00
Tim Kientzle
406b66ef06 More tweaks to implicit directory creation. Even such abominations as
a/././b/../b/../c/./../d/e/f now work correctly.  And yes, a/b and a/c
both get created in this example; if you want, you can create an
entire dir heirarchy from a tar archive with only one entry.

More tweaks to umask support: umasks are now obeyed for all objects,
not just directories; the umask used is now the one in effect at the
corresponding call to archive_read_extract(), so clients that want to
tinker with umask during extract should get the expected behavior.
2004-06-27 16:44:51 +00:00
Tim Kientzle
30d140332e * The mode for implicitly-created dirs is now 0777 modified by the
umask in effect when the archive is closed
* Correct a typo that broke implicit dir creation for non-directories.

Thanks to: Garret A Wollman for pointing out my umask oversight
2004-06-27 05:59:15 +00:00
Tim Kientzle
6efb916277 Unify mkdirpath (used to automatically create missing parent dirs) and
read_extract_dir (which creates directories in the archive).  This
brings a number of advantages:
 * FINALLY fix the problems creating dirs ending in "/."  <sigh>
 * Missing parent dirs now get created securely, just like explicit dirs.
   (Created 0700 initially, then edited to 0755 at end of extraction.)
 * Eliminate some duplicate code and some weird special cases.

While I'm cleaning, inline the regular-file creation code as well.
2004-06-27 03:19:01 +00:00
Tim Kientzle
1393f9061e Read gtar-style sparse archives.
This change also pointed out one API deficiency: the
archive_read_data_into_XXX functions were originally defined to return
the total bytes read.  This is, of course, ambiguous when dealing with
non-contiguous files.  Change it to just return a status value.
2004-06-27 01:15:31 +00:00
Tim Kientzle
9ad66a1eed Always restore permissions for regular files, even if the
file already exists on disk.

Pointed out by: www/resin3 port (whose distfile contains the same file
  twice with different permissions and relies on the permissions associated
  with the second instance)
Thanks again to: Kris Kennaway
2004-06-17 03:09:06 +00:00
Tim Kientzle
7e37ae50db Be a little more careful about creating directories:
* Restore directories with 0700 permissions initially,
   then use the fixup pass to correct the permissions
 * Trim trailing "/" and "/." in mkdirpath()

Suggested by: Garrett Wollman
2004-06-15 07:12:04 +00:00
Tim Kientzle
16847cbdc4 Pointy hat: We can't avoid a chown() call without checking both UID
and GID.  Suppress a premature attempt at optimization.
2004-06-05 06:08:40 +00:00
Tim Kientzle
25354e55bf YAPHtM: Yet Another Pointy Hat to Me.
After calculating new dir permissions that allow creating files,
don't be stupid and use the original permissions.  <sigh>
2004-06-05 05:34:45 +00:00
Tim Kientzle
2474b73276 Recognize when we've accidentally created "foo/."
and don't complain about it.
2004-06-05 05:30:41 +00:00
Tim Kientzle
a8659f8468 Refactor the extraction code somewhat. In particular,
push extract data down into archive_read_extract.c and out
of the library-global archive_private.h; push dir-specific
mode/time fixup down into dir restore function; now that the
fixup list is file-local, I can use somewhat more natural
naming.

Oh, yeah, update a bunch of comments to match current reality.
2004-06-03 23:29:47 +00:00
Tim Kientzle
da725414f3 Previously, restoring an archive with hardlinked files that had
certain flags set (e.g., schg or uappend) would fail because the flags
were restored before the hardlink was created.

To address this, I've generalized the existing machinery for deferring
directory timestamp/mode restoration and used it to defer the
restoration of highly-restrictive flags to the end of the extraction,
after any links have been created.

Pointed out by: Pawel Jakub Dawidek (pjd@)
2004-05-27 05:02:35 +00:00
Tim Kientzle
199984b3b2 Add hook for a client-provided progress callback to be invoked
during lengthy extract operations.
2004-05-13 06:01:14 +00:00
Tim Kientzle
183392ce20 Create missing directories when extracting hardlinks and symlinks. 2004-04-30 01:31:20 +00:00
Tim Kientzle
9e62b060b7 Implement ARCHIVE_EXTRACT_UNLINK for regular files. This supports the
-U flag to bsdtar.  Essentially, this option breaks existing hard
links.  According to SUSv2, tar is supposed to overwrite existing
files on extract by default which, in particular, preserves
existing hard links.  Note that this is yet another bug in gtar; it
appears to always break existing links.  (Maybe gtar's -U is broken?)

I'm unsure about how to handle this for other file types; the current
code always unlinks first unless the NO_OVERWRITE flag is specified.
I've commented this issue liberally and will come back to it later.
2004-04-29 05:19:42 +00:00
Tim Kientzle
61fac2242c Update file flag handling.
The new fflags support in archive_entry supports Linux and FreeBSD
file flags and is a bit more gracious about unrecognized flag names
than strtofflags(3).  This involves some minor API breakage.

The default tar format ("restricted pax") now enables pax extensions
when archiving files that have flags.  In particular, copying dir
heirarchies with 'bsdtar cf - -C src . | bsdtar xpf - -C dest' now
preserves file flags.  (Note the "p" on extract!)

While I'm here, fill in some additional explanation in the
archive_entry.3 manpage, fill in some missing MLINKS, mark some
overlooked internal functions 'static', and make a few minor style
fixes.
2004-04-26 23:37:54 +00:00