archive_write_disk_posix.c revision 368708
1/*- 2 * Copyright (c) 2003-2010 Tim Kientzle 3 * Copyright (c) 2012 Michihiro NAKAJIMA 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer 11 * in this position and unchanged. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28#include "archive_platform.h" 29__FBSDID("$FreeBSD$"); 30 31#if !defined(_WIN32) || defined(__CYGWIN__) 32 33#ifdef HAVE_SYS_TYPES_H 34#include <sys/types.h> 35#endif 36#ifdef HAVE_SYS_ACL_H 37#include <sys/acl.h> 38#endif 39#ifdef HAVE_SYS_EXTATTR_H 40#include <sys/extattr.h> 41#endif 42#if HAVE_SYS_XATTR_H 43#include <sys/xattr.h> 44#elif HAVE_ATTR_XATTR_H 45#include <attr/xattr.h> 46#endif 47#ifdef HAVE_SYS_EA_H 48#include <sys/ea.h> 49#endif 50#ifdef HAVE_SYS_IOCTL_H 51#include <sys/ioctl.h> 52#endif 53#ifdef HAVE_SYS_STAT_H 54#include <sys/stat.h> 55#endif 56#ifdef HAVE_SYS_TIME_H 57#include <sys/time.h> 58#endif 59#ifdef HAVE_SYS_UTIME_H 60#include <sys/utime.h> 61#endif 62#ifdef HAVE_COPYFILE_H 63#include <copyfile.h> 64#endif 65#ifdef HAVE_ERRNO_H 66#include <errno.h> 67#endif 68#ifdef HAVE_FCNTL_H 69#include <fcntl.h> 70#endif 71#ifdef HAVE_GRP_H 72#include <grp.h> 73#endif 74#ifdef HAVE_LANGINFO_H 75#include <langinfo.h> 76#endif 77#ifdef HAVE_LINUX_FS_H 78#include <linux/fs.h> /* for Linux file flags */ 79#endif 80/* 81 * Some Linux distributions have both linux/ext2_fs.h and ext2fs/ext2_fs.h. 82 * As the include guards don't agree, the order of include is important. 83 */ 84#ifdef HAVE_LINUX_EXT2_FS_H 85#include <linux/ext2_fs.h> /* for Linux file flags */ 86#endif 87#if defined(HAVE_EXT2FS_EXT2_FS_H) && !defined(__CYGWIN__) 88#include <ext2fs/ext2_fs.h> /* Linux file flags, broken on Cygwin */ 89#endif 90#ifdef HAVE_LIMITS_H 91#include <limits.h> 92#endif 93#ifdef HAVE_PWD_H 94#include <pwd.h> 95#endif 96#include <stdio.h> 97#ifdef HAVE_STDLIB_H 98#include <stdlib.h> 99#endif 100#ifdef HAVE_STRING_H 101#include <string.h> 102#endif 103#ifdef HAVE_UNISTD_H 104#include <unistd.h> 105#endif 106#ifdef HAVE_UTIME_H 107#include <utime.h> 108#endif 109#ifdef F_GETTIMES /* Tru64 specific */ 110#include <sys/fcntl1.h> 111#endif 112 113/* 114 * Macro to cast st_mtime and time_t to an int64 so that 2 numbers can reliably be compared. 115 * 116 * It assumes that the input is an integer type of no more than 64 bits. 117 * If the number is less than zero, t must be a signed type, so it fits in 118 * int64_t. Otherwise, it's a nonnegative value so we can cast it to uint64_t 119 * without loss. But it could be a large unsigned value, so we have to clip it 120 * to INT64_MAX.* 121 */ 122#define to_int64_time(t) \ 123 ((t) < 0 ? (int64_t)(t) : (uint64_t)(t) > (uint64_t)INT64_MAX ? INT64_MAX : (int64_t)(t)) 124 125#if __APPLE__ 126#include <TargetConditionals.h> 127#if TARGET_OS_MAC && !TARGET_OS_EMBEDDED && HAVE_QUARANTINE_H 128#include <quarantine.h> 129#define HAVE_QUARANTINE 1 130#endif 131#endif 132 133#ifdef HAVE_ZLIB_H 134#include <zlib.h> 135#endif 136 137/* TODO: Support Mac OS 'quarantine' feature. This is really just a 138 * standard tag to mark files that have been downloaded as "tainted". 139 * On Mac OS, we should mark the extracted files as tainted if the 140 * archive being read was tainted. Windows has a similar feature; we 141 * should investigate ways to support this generically. */ 142 143#include "archive.h" 144#include "archive_acl_private.h" 145#include "archive_string.h" 146#include "archive_endian.h" 147#include "archive_entry.h" 148#include "archive_private.h" 149#include "archive_write_disk_private.h" 150 151#ifndef O_BINARY 152#define O_BINARY 0 153#endif 154#ifndef O_CLOEXEC 155#define O_CLOEXEC 0 156#endif 157 158/* Ignore non-int O_NOFOLLOW constant. */ 159/* gnulib's fcntl.h does this on AIX, but it seems practical everywhere */ 160#if defined O_NOFOLLOW && !(INT_MIN <= O_NOFOLLOW && O_NOFOLLOW <= INT_MAX) 161#undef O_NOFOLLOW 162#endif 163 164#ifndef O_NOFOLLOW 165#define O_NOFOLLOW 0 166#endif 167 168#ifndef AT_FDCWD 169#define AT_FDCWD -100 170#endif 171 172struct fixup_entry { 173 struct fixup_entry *next; 174 struct archive_acl acl; 175 mode_t mode; 176 int64_t atime; 177 int64_t birthtime; 178 int64_t mtime; 179 int64_t ctime; 180 unsigned long atime_nanos; 181 unsigned long birthtime_nanos; 182 unsigned long mtime_nanos; 183 unsigned long ctime_nanos; 184 unsigned long fflags_set; 185 size_t mac_metadata_size; 186 void *mac_metadata; 187 int fixup; /* bitmask of what needs fixing */ 188 char *name; 189}; 190 191/* 192 * We use a bitmask to track which operations remain to be done for 193 * this file. In particular, this helps us avoid unnecessary 194 * operations when it's possible to take care of one step as a 195 * side-effect of another. For example, mkdir() can specify the mode 196 * for the newly-created object but symlink() cannot. This means we 197 * can skip chmod() if mkdir() succeeded, but we must explicitly 198 * chmod() if we're trying to create a directory that already exists 199 * (mkdir() failed) or if we're restoring a symlink. Similarly, we 200 * need to verify UID/GID before trying to restore SUID/SGID bits; 201 * that verification can occur explicitly through a stat() call or 202 * implicitly because of a successful chown() call. 203 */ 204#define TODO_MODE_FORCE 0x40000000 205#define TODO_MODE_BASE 0x20000000 206#define TODO_SUID 0x10000000 207#define TODO_SUID_CHECK 0x08000000 208#define TODO_SGID 0x04000000 209#define TODO_SGID_CHECK 0x02000000 210#define TODO_APPLEDOUBLE 0x01000000 211#define TODO_MODE (TODO_MODE_BASE|TODO_SUID|TODO_SGID) 212#define TODO_TIMES ARCHIVE_EXTRACT_TIME 213#define TODO_OWNER ARCHIVE_EXTRACT_OWNER 214#define TODO_FFLAGS ARCHIVE_EXTRACT_FFLAGS 215#define TODO_ACLS ARCHIVE_EXTRACT_ACL 216#define TODO_XATTR ARCHIVE_EXTRACT_XATTR 217#define TODO_MAC_METADATA ARCHIVE_EXTRACT_MAC_METADATA 218#define TODO_HFS_COMPRESSION ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED 219 220struct archive_write_disk { 221 struct archive archive; 222 223 mode_t user_umask; 224 struct fixup_entry *fixup_list; 225 struct fixup_entry *current_fixup; 226 int64_t user_uid; 227 int skip_file_set; 228 int64_t skip_file_dev; 229 int64_t skip_file_ino; 230 time_t start_time; 231 232 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid); 233 void (*cleanup_gid)(void *private); 234 void *lookup_gid_data; 235 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid); 236 void (*cleanup_uid)(void *private); 237 void *lookup_uid_data; 238 239 /* 240 * Full path of last file to satisfy symlink checks. 241 */ 242 struct archive_string path_safe; 243 244 /* 245 * Cached stat data from disk for the current entry. 246 * If this is valid, pst points to st. Otherwise, 247 * pst is null. 248 */ 249 struct stat st; 250 struct stat *pst; 251 252 /* Information about the object being restored right now. */ 253 struct archive_entry *entry; /* Entry being extracted. */ 254 char *name; /* Name of entry, possibly edited. */ 255 struct archive_string _name_data; /* backing store for 'name' */ 256 char *tmpname; /* Temporary name * */ 257 struct archive_string _tmpname_data; /* backing store for 'tmpname' */ 258 /* Tasks remaining for this object. */ 259 int todo; 260 /* Tasks deferred until end-of-archive. */ 261 int deferred; 262 /* Options requested by the client. */ 263 int flags; 264 /* Handle for the file we're restoring. */ 265 int fd; 266 /* Current offset for writing data to the file. */ 267 int64_t offset; 268 /* Last offset actually written to disk. */ 269 int64_t fd_offset; 270 /* Total bytes actually written to files. */ 271 int64_t total_bytes_written; 272 /* Maximum size of file, -1 if unknown. */ 273 int64_t filesize; 274 /* Dir we were in before this restore; only for deep paths. */ 275 int restore_pwd; 276 /* Mode we should use for this entry; affected by _PERM and umask. */ 277 mode_t mode; 278 /* UID/GID to use in restoring this entry. */ 279 int64_t uid; 280 int64_t gid; 281 /* 282 * HFS+ Compression. 283 */ 284 /* Xattr "com.apple.decmpfs". */ 285 uint32_t decmpfs_attr_size; 286 unsigned char *decmpfs_header_p; 287 /* ResourceFork set options used for fsetxattr. */ 288 int rsrc_xattr_options; 289 /* Xattr "com.apple.ResourceFork". */ 290 unsigned char *resource_fork; 291 size_t resource_fork_allocated_size; 292 unsigned int decmpfs_block_count; 293 uint32_t *decmpfs_block_info; 294 /* Buffer for compressed data. */ 295 unsigned char *compressed_buffer; 296 size_t compressed_buffer_size; 297 size_t compressed_buffer_remaining; 298 /* The offset of the ResourceFork where compressed data will 299 * be placed. */ 300 uint32_t compressed_rsrc_position; 301 uint32_t compressed_rsrc_position_v; 302 /* Buffer for uncompressed data. */ 303 char *uncompressed_buffer; 304 size_t block_remaining_bytes; 305 size_t file_remaining_bytes; 306#ifdef HAVE_ZLIB_H 307 z_stream stream; 308 int stream_valid; 309 int decmpfs_compression_level; 310#endif 311}; 312 313/* 314 * Default mode for dirs created automatically (will be modified by umask). 315 * Note that POSIX specifies 0777 for implicitly-created dirs, "modified 316 * by the process' file creation mask." 317 */ 318#define DEFAULT_DIR_MODE 0777 319/* 320 * Dir modes are restored in two steps: During the extraction, the permissions 321 * in the archive are modified to match the following limits. During 322 * the post-extract fixup pass, the permissions from the archive are 323 * applied. 324 */ 325#define MINIMUM_DIR_MODE 0700 326#define MAXIMUM_DIR_MODE 0775 327 328/* 329 * Maximum uncompressed size of a decmpfs block. 330 */ 331#define MAX_DECMPFS_BLOCK_SIZE (64 * 1024) 332/* 333 * HFS+ compression type. 334 */ 335#define CMP_XATTR 3/* Compressed data in xattr. */ 336#define CMP_RESOURCE_FORK 4/* Compressed data in resource fork. */ 337/* 338 * HFS+ compression resource fork. 339 */ 340#define RSRC_H_SIZE 260 /* Base size of Resource fork header. */ 341#define RSRC_F_SIZE 50 /* Size of Resource fork footer. */ 342/* Size to write compressed data to resource fork. */ 343#define COMPRESSED_W_SIZE (64 * 1024) 344/* decmpfs definitions. */ 345#define MAX_DECMPFS_XATTR_SIZE 3802 346#ifndef DECMPFS_XATTR_NAME 347#define DECMPFS_XATTR_NAME "com.apple.decmpfs" 348#endif 349#define DECMPFS_MAGIC 0x636d7066 350#define DECMPFS_COMPRESSION_MAGIC 0 351#define DECMPFS_COMPRESSION_TYPE 4 352#define DECMPFS_UNCOMPRESSED_SIZE 8 353#define DECMPFS_HEADER_SIZE 16 354 355#define HFS_BLOCKS(s) ((s) >> 12) 356 357 358static int la_opendirat(int, const char *); 359static int la_mktemp(struct archive_write_disk *); 360static void fsobj_error(int *, struct archive_string *, int, const char *, 361 const char *); 362static int check_symlinks_fsobj(char *, int *, struct archive_string *, 363 int); 364static int check_symlinks(struct archive_write_disk *); 365static int create_filesystem_object(struct archive_write_disk *); 366static struct fixup_entry *current_fixup(struct archive_write_disk *, 367 const char *pathname); 368#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 369static void edit_deep_directories(struct archive_write_disk *ad); 370#endif 371static int cleanup_pathname_fsobj(char *, int *, struct archive_string *, 372 int); 373static int cleanup_pathname(struct archive_write_disk *); 374static int create_dir(struct archive_write_disk *, char *); 375static int create_parent_dir(struct archive_write_disk *, char *); 376static ssize_t hfs_write_data_block(struct archive_write_disk *, 377 const char *, size_t); 378static int fixup_appledouble(struct archive_write_disk *, const char *); 379static int older(struct stat *, struct archive_entry *); 380static int restore_entry(struct archive_write_disk *); 381static int set_mac_metadata(struct archive_write_disk *, const char *, 382 const void *, size_t); 383static int set_xattrs(struct archive_write_disk *); 384static int clear_nochange_fflags(struct archive_write_disk *); 385static int set_fflags(struct archive_write_disk *); 386static int set_fflags_platform(struct archive_write_disk *, int fd, 387 const char *name, mode_t mode, 388 unsigned long fflags_set, unsigned long fflags_clear); 389static int set_ownership(struct archive_write_disk *); 390static int set_mode(struct archive_write_disk *, int mode); 391static int set_time(int, int, const char *, time_t, long, time_t, long); 392static int set_times(struct archive_write_disk *, int, int, const char *, 393 time_t, long, time_t, long, time_t, long, time_t, long); 394static int set_times_from_entry(struct archive_write_disk *); 395static struct fixup_entry *sort_dir_list(struct fixup_entry *p); 396static ssize_t write_data_block(struct archive_write_disk *, 397 const char *, size_t); 398 399static struct archive_vtable *archive_write_disk_vtable(void); 400 401static int _archive_write_disk_close(struct archive *); 402static int _archive_write_disk_free(struct archive *); 403static int _archive_write_disk_header(struct archive *, 404 struct archive_entry *); 405static int64_t _archive_write_disk_filter_bytes(struct archive *, int); 406static int _archive_write_disk_finish_entry(struct archive *); 407static ssize_t _archive_write_disk_data(struct archive *, const void *, 408 size_t); 409static ssize_t _archive_write_disk_data_block(struct archive *, const void *, 410 size_t, int64_t); 411 412static int 413la_mktemp(struct archive_write_disk *a) 414{ 415 int oerrno, fd; 416 mode_t mode; 417 418 archive_string_empty(&a->_tmpname_data); 419 archive_string_sprintf(&a->_tmpname_data, "%s.XXXXXX", a->name); 420 a->tmpname = a->_tmpname_data.s; 421 422 fd = __archive_mkstemp(a->tmpname); 423 if (fd == -1) 424 return -1; 425 426 mode = a->mode & 0777 & ~a->user_umask; 427 if (fchmod(fd, mode) == -1) { 428 oerrno = errno; 429 close(fd); 430 errno = oerrno; 431 return -1; 432 } 433 return fd; 434} 435 436static int 437la_opendirat(int fd, const char *path) { 438 const int flags = O_CLOEXEC 439#if defined(O_BINARY) 440 | O_BINARY 441#endif 442#if defined(O_DIRECTORY) 443 | O_DIRECTORY 444#endif 445#if defined(O_PATH) 446 | O_PATH 447#elif defined(O_SEARCH) 448 | O_SEARCH 449#elif defined(__FreeBSD__) && defined(O_EXEC) 450 | O_EXEC 451#else 452 | O_RDONLY 453#endif 454 ; 455 456#if !defined(HAVE_OPENAT) 457 if (fd != AT_FDCWD) { 458 errno = ENOTSUP; 459 return (-1); 460 } else 461 return (open(path, flags)); 462#else 463 return (openat(fd, path, flags)); 464#endif 465} 466 467static int 468lazy_stat(struct archive_write_disk *a) 469{ 470 if (a->pst != NULL) { 471 /* Already have stat() data available. */ 472 return (ARCHIVE_OK); 473 } 474#ifdef HAVE_FSTAT 475 if (a->fd >= 0 && fstat(a->fd, &a->st) == 0) { 476 a->pst = &a->st; 477 return (ARCHIVE_OK); 478 } 479#endif 480 /* 481 * XXX At this point, symlinks should not be hit, otherwise 482 * XXX a race occurred. Do we want to check explicitly for that? 483 */ 484 if (lstat(a->name, &a->st) == 0) { 485 a->pst = &a->st; 486 return (ARCHIVE_OK); 487 } 488 archive_set_error(&a->archive, errno, "Couldn't stat file"); 489 return (ARCHIVE_WARN); 490} 491 492static struct archive_vtable * 493archive_write_disk_vtable(void) 494{ 495 static struct archive_vtable av; 496 static int inited = 0; 497 498 if (!inited) { 499 av.archive_close = _archive_write_disk_close; 500 av.archive_filter_bytes = _archive_write_disk_filter_bytes; 501 av.archive_free = _archive_write_disk_free; 502 av.archive_write_header = _archive_write_disk_header; 503 av.archive_write_finish_entry 504 = _archive_write_disk_finish_entry; 505 av.archive_write_data = _archive_write_disk_data; 506 av.archive_write_data_block = _archive_write_disk_data_block; 507 inited = 1; 508 } 509 return (&av); 510} 511 512static int64_t 513_archive_write_disk_filter_bytes(struct archive *_a, int n) 514{ 515 struct archive_write_disk *a = (struct archive_write_disk *)_a; 516 (void)n; /* UNUSED */ 517 if (n == -1 || n == 0) 518 return (a->total_bytes_written); 519 return (-1); 520} 521 522 523int 524archive_write_disk_set_options(struct archive *_a, int flags) 525{ 526 struct archive_write_disk *a = (struct archive_write_disk *)_a; 527 528 a->flags = flags; 529 return (ARCHIVE_OK); 530} 531 532 533/* 534 * Extract this entry to disk. 535 * 536 * TODO: Validate hardlinks. According to the standards, we're 537 * supposed to check each extracted hardlink and squawk if it refers 538 * to a file that we didn't restore. I'm not entirely convinced this 539 * is a good idea, but more importantly: Is there any way to validate 540 * hardlinks without keeping a complete list of filenames from the 541 * entire archive?? Ugh. 542 * 543 */ 544static int 545_archive_write_disk_header(struct archive *_a, struct archive_entry *entry) 546{ 547 struct archive_write_disk *a = (struct archive_write_disk *)_a; 548 struct fixup_entry *fe; 549 const char *linkname; 550 int ret, r; 551 552 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 553 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 554 "archive_write_disk_header"); 555 archive_clear_error(&a->archive); 556 if (a->archive.state & ARCHIVE_STATE_DATA) { 557 r = _archive_write_disk_finish_entry(&a->archive); 558 if (r == ARCHIVE_FATAL) 559 return (r); 560 } 561 562 /* Set up for this particular entry. */ 563 a->pst = NULL; 564 a->current_fixup = NULL; 565 a->deferred = 0; 566 if (a->entry) { 567 archive_entry_free(a->entry); 568 a->entry = NULL; 569 } 570 a->entry = archive_entry_clone(entry); 571 a->fd = -1; 572 a->fd_offset = 0; 573 a->offset = 0; 574 a->restore_pwd = -1; 575 a->uid = a->user_uid; 576 a->mode = archive_entry_mode(a->entry); 577 if (archive_entry_size_is_set(a->entry)) 578 a->filesize = archive_entry_size(a->entry); 579 else 580 a->filesize = -1; 581 archive_strcpy(&(a->_name_data), archive_entry_pathname(a->entry)); 582 a->name = a->_name_data.s; 583 archive_clear_error(&a->archive); 584 585 /* 586 * Clean up the requested path. This is necessary for correct 587 * dir restores; the dir restore logic otherwise gets messed 588 * up by nonsense like "dir/.". 589 */ 590 ret = cleanup_pathname(a); 591 if (ret != ARCHIVE_OK) 592 return (ret); 593 594 /* 595 * Check if we have a hardlink that points to itself. 596 */ 597 linkname = archive_entry_hardlink(a->entry); 598 if (linkname != NULL && strcmp(a->name, linkname) == 0) { 599 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 600 "Skipping hardlink pointing to itself: %s", 601 a->name); 602 return (ARCHIVE_WARN); 603 } 604 605 /* 606 * Query the umask so we get predictable mode settings. 607 * This gets done on every call to _write_header in case the 608 * user edits their umask during the extraction for some 609 * reason. 610 */ 611 umask(a->user_umask = umask(0)); 612 613 /* Figure out what we need to do for this entry. */ 614 a->todo = TODO_MODE_BASE; 615 if (a->flags & ARCHIVE_EXTRACT_PERM) { 616 a->todo |= TODO_MODE_FORCE; /* Be pushy about permissions. */ 617 /* 618 * SGID requires an extra "check" step because we 619 * cannot easily predict the GID that the system will 620 * assign. (Different systems assign GIDs to files 621 * based on a variety of criteria, including process 622 * credentials and the gid of the enclosing 623 * directory.) We can only restore the SGID bit if 624 * the file has the right GID, and we only know the 625 * GID if we either set it (see set_ownership) or if 626 * we've actually called stat() on the file after it 627 * was restored. Since there are several places at 628 * which we might verify the GID, we need a TODO bit 629 * to keep track. 630 */ 631 if (a->mode & S_ISGID) 632 a->todo |= TODO_SGID | TODO_SGID_CHECK; 633 /* 634 * Verifying the SUID is simpler, but can still be 635 * done in multiple ways, hence the separate "check" bit. 636 */ 637 if (a->mode & S_ISUID) 638 a->todo |= TODO_SUID | TODO_SUID_CHECK; 639 } else { 640 /* 641 * User didn't request full permissions, so don't 642 * restore SUID, SGID bits and obey umask. 643 */ 644 a->mode &= ~S_ISUID; 645 a->mode &= ~S_ISGID; 646 a->mode &= ~S_ISVTX; 647 a->mode &= ~a->user_umask; 648 } 649 if (a->flags & ARCHIVE_EXTRACT_OWNER) 650 a->todo |= TODO_OWNER; 651 if (a->flags & ARCHIVE_EXTRACT_TIME) 652 a->todo |= TODO_TIMES; 653 if (a->flags & ARCHIVE_EXTRACT_ACL) { 654#if ARCHIVE_ACL_DARWIN 655 /* 656 * On MacOS, platform ACLs get stored in mac_metadata, too. 657 * If we intend to extract mac_metadata and it is present 658 * we skip extracting libarchive NFSv4 ACLs. 659 */ 660 size_t metadata_size; 661 662 if ((a->flags & ARCHIVE_EXTRACT_MAC_METADATA) == 0 || 663 archive_entry_mac_metadata(a->entry, 664 &metadata_size) == NULL || metadata_size == 0) 665#endif 666#if ARCHIVE_ACL_LIBRICHACL 667 /* 668 * RichACLs are stored in an extended attribute. 669 * If we intend to extract extended attributes and have this 670 * attribute we skip extracting libarchive NFSv4 ACLs. 671 */ 672 short extract_acls = 1; 673 if (a->flags & ARCHIVE_EXTRACT_XATTR && ( 674 archive_entry_acl_types(a->entry) & 675 ARCHIVE_ENTRY_ACL_TYPE_NFS4)) { 676 const char *attr_name; 677 const void *attr_value; 678 size_t attr_size; 679 int i = archive_entry_xattr_reset(a->entry); 680 while (i--) { 681 archive_entry_xattr_next(a->entry, &attr_name, 682 &attr_value, &attr_size); 683 if (attr_name != NULL && attr_value != NULL && 684 attr_size > 0 && strcmp(attr_name, 685 "trusted.richacl") == 0) { 686 extract_acls = 0; 687 break; 688 } 689 } 690 } 691 if (extract_acls) 692#endif 693#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_LIBRICHACL 694 { 695#endif 696 if (archive_entry_filetype(a->entry) == AE_IFDIR) 697 a->deferred |= TODO_ACLS; 698 else 699 a->todo |= TODO_ACLS; 700#if ARCHIVE_ACL_DARWIN || ARCHIVE_ACL_LIBRICHACL 701 } 702#endif 703 } 704 if (a->flags & ARCHIVE_EXTRACT_MAC_METADATA) { 705 if (archive_entry_filetype(a->entry) == AE_IFDIR) 706 a->deferred |= TODO_MAC_METADATA; 707 else 708 a->todo |= TODO_MAC_METADATA; 709 } 710#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 711 if ((a->flags & ARCHIVE_EXTRACT_NO_HFS_COMPRESSION) == 0) { 712 unsigned long set, clear; 713 archive_entry_fflags(a->entry, &set, &clear); 714 if ((set & ~clear) & UF_COMPRESSED) { 715 a->todo |= TODO_HFS_COMPRESSION; 716 a->decmpfs_block_count = (unsigned)-1; 717 } 718 } 719 if ((a->flags & ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED) != 0 && 720 (a->mode & AE_IFMT) == AE_IFREG && a->filesize > 0) { 721 a->todo |= TODO_HFS_COMPRESSION; 722 a->decmpfs_block_count = (unsigned)-1; 723 } 724 { 725 const char *p; 726 727 /* Check if the current file name is a type of the 728 * resource fork file. */ 729 p = strrchr(a->name, '/'); 730 if (p == NULL) 731 p = a->name; 732 else 733 p++; 734 if (p[0] == '.' && p[1] == '_') { 735 /* Do not compress "._XXX" files. */ 736 a->todo &= ~TODO_HFS_COMPRESSION; 737 if (a->filesize > 0) 738 a->todo |= TODO_APPLEDOUBLE; 739 } 740 } 741#endif 742 743 if (a->flags & ARCHIVE_EXTRACT_XATTR) { 744#if ARCHIVE_XATTR_DARWIN 745 /* 746 * On MacOS, extended attributes get stored in mac_metadata, 747 * too. If we intend to extract mac_metadata and it is present 748 * we skip extracting extended attributes. 749 */ 750 size_t metadata_size; 751 752 if ((a->flags & ARCHIVE_EXTRACT_MAC_METADATA) == 0 || 753 archive_entry_mac_metadata(a->entry, 754 &metadata_size) == NULL || metadata_size == 0) 755#endif 756 a->todo |= TODO_XATTR; 757 } 758 if (a->flags & ARCHIVE_EXTRACT_FFLAGS) 759 a->todo |= TODO_FFLAGS; 760 if (a->flags & ARCHIVE_EXTRACT_SECURE_SYMLINKS) { 761 ret = check_symlinks(a); 762 if (ret != ARCHIVE_OK) 763 return (ret); 764 } 765#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 766 /* If path exceeds PATH_MAX, shorten the path. */ 767 edit_deep_directories(a); 768#endif 769 770 ret = restore_entry(a); 771 772#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 773 /* 774 * Check if the filesystem the file is restoring on supports 775 * HFS+ Compression. If not, cancel HFS+ Compression. 776 */ 777 if (a->todo | TODO_HFS_COMPRESSION) { 778 /* 779 * NOTE: UF_COMPRESSED is ignored even if the filesystem 780 * supports HFS+ Compression because the file should 781 * have at least an extended attribute "com.apple.decmpfs" 782 * before the flag is set to indicate that the file have 783 * been compressed. If the filesystem does not support 784 * HFS+ Compression the system call will fail. 785 */ 786 if (a->fd < 0 || fchflags(a->fd, UF_COMPRESSED) != 0) 787 a->todo &= ~TODO_HFS_COMPRESSION; 788 } 789#endif 790 791 /* 792 * TODO: There are rumours that some extended attributes must 793 * be restored before file data is written. If this is true, 794 * then we either need to write all extended attributes both 795 * before and after restoring the data, or find some rule for 796 * determining which must go first and which last. Due to the 797 * many ways people are using xattrs, this may prove to be an 798 * intractable problem. 799 */ 800 801#ifdef HAVE_FCHDIR 802 /* If we changed directory above, restore it here. */ 803 if (a->restore_pwd >= 0) { 804 r = fchdir(a->restore_pwd); 805 if (r != 0) { 806 archive_set_error(&a->archive, errno, 807 "chdir() failure"); 808 ret = ARCHIVE_FATAL; 809 } 810 close(a->restore_pwd); 811 a->restore_pwd = -1; 812 } 813#endif 814 815 /* 816 * Fixup uses the unedited pathname from archive_entry_pathname(), 817 * because it is relative to the base dir and the edited path 818 * might be relative to some intermediate dir as a result of the 819 * deep restore logic. 820 */ 821 if (a->deferred & TODO_MODE) { 822 fe = current_fixup(a, archive_entry_pathname(entry)); 823 if (fe == NULL) 824 return (ARCHIVE_FATAL); 825 fe->fixup |= TODO_MODE_BASE; 826 fe->mode = a->mode; 827 } 828 829 if ((a->deferred & TODO_TIMES) 830 && (archive_entry_mtime_is_set(entry) 831 || archive_entry_atime_is_set(entry))) { 832 fe = current_fixup(a, archive_entry_pathname(entry)); 833 if (fe == NULL) 834 return (ARCHIVE_FATAL); 835 fe->mode = a->mode; 836 fe->fixup |= TODO_TIMES; 837 if (archive_entry_atime_is_set(entry)) { 838 fe->atime = archive_entry_atime(entry); 839 fe->atime_nanos = archive_entry_atime_nsec(entry); 840 } else { 841 /* If atime is unset, use start time. */ 842 fe->atime = a->start_time; 843 fe->atime_nanos = 0; 844 } 845 if (archive_entry_mtime_is_set(entry)) { 846 fe->mtime = archive_entry_mtime(entry); 847 fe->mtime_nanos = archive_entry_mtime_nsec(entry); 848 } else { 849 /* If mtime is unset, use start time. */ 850 fe->mtime = a->start_time; 851 fe->mtime_nanos = 0; 852 } 853 if (archive_entry_birthtime_is_set(entry)) { 854 fe->birthtime = archive_entry_birthtime(entry); 855 fe->birthtime_nanos = archive_entry_birthtime_nsec( 856 entry); 857 } else { 858 /* If birthtime is unset, use mtime. */ 859 fe->birthtime = fe->mtime; 860 fe->birthtime_nanos = fe->mtime_nanos; 861 } 862 } 863 864 if (a->deferred & TODO_ACLS) { 865 fe = current_fixup(a, archive_entry_pathname(entry)); 866 if (fe == NULL) 867 return (ARCHIVE_FATAL); 868 fe->fixup |= TODO_ACLS; 869 archive_acl_copy(&fe->acl, archive_entry_acl(entry)); 870 } 871 872 if (a->deferred & TODO_MAC_METADATA) { 873 const void *metadata; 874 size_t metadata_size; 875 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 876 if (metadata != NULL && metadata_size > 0) { 877 fe = current_fixup(a, archive_entry_pathname(entry)); 878 if (fe == NULL) 879 return (ARCHIVE_FATAL); 880 fe->mac_metadata = malloc(metadata_size); 881 if (fe->mac_metadata != NULL) { 882 memcpy(fe->mac_metadata, metadata, 883 metadata_size); 884 fe->mac_metadata_size = metadata_size; 885 fe->fixup |= TODO_MAC_METADATA; 886 } 887 } 888 } 889 890 if (a->deferred & TODO_FFLAGS) { 891 fe = current_fixup(a, archive_entry_pathname(entry)); 892 if (fe == NULL) 893 return (ARCHIVE_FATAL); 894 fe->fixup |= TODO_FFLAGS; 895 /* TODO: Complete this.. defer fflags from below. */ 896 } 897 898 /* We've created the object and are ready to pour data into it. */ 899 if (ret >= ARCHIVE_WARN) 900 a->archive.state = ARCHIVE_STATE_DATA; 901 /* 902 * If it's not open, tell our client not to try writing. 903 * In particular, dirs, links, etc, don't get written to. 904 */ 905 if (a->fd < 0) { 906 archive_entry_set_size(entry, 0); 907 a->filesize = 0; 908 } 909 910 return (ret); 911} 912 913int 914archive_write_disk_set_skip_file(struct archive *_a, la_int64_t d, la_int64_t i) 915{ 916 struct archive_write_disk *a = (struct archive_write_disk *)_a; 917 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 918 ARCHIVE_STATE_ANY, "archive_write_disk_set_skip_file"); 919 a->skip_file_set = 1; 920 a->skip_file_dev = d; 921 a->skip_file_ino = i; 922 return (ARCHIVE_OK); 923} 924 925static ssize_t 926write_data_block(struct archive_write_disk *a, const char *buff, size_t size) 927{ 928 uint64_t start_size = size; 929 ssize_t bytes_written = 0; 930 ssize_t block_size = 0, bytes_to_write; 931 932 if (size == 0) 933 return (ARCHIVE_OK); 934 935 if (a->filesize == 0 || a->fd < 0) { 936 archive_set_error(&a->archive, 0, 937 "Attempt to write to an empty file"); 938 return (ARCHIVE_WARN); 939 } 940 941 if (a->flags & ARCHIVE_EXTRACT_SPARSE) { 942#if HAVE_STRUCT_STAT_ST_BLKSIZE 943 int r; 944 if ((r = lazy_stat(a)) != ARCHIVE_OK) 945 return (r); 946 block_size = a->pst->st_blksize; 947#else 948 /* XXX TODO XXX Is there a more appropriate choice here ? */ 949 /* This needn't match the filesystem allocation size. */ 950 block_size = 16*1024; 951#endif 952 } 953 954 /* If this write would run beyond the file size, truncate it. */ 955 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 956 start_size = size = (size_t)(a->filesize - a->offset); 957 958 /* Write the data. */ 959 while (size > 0) { 960 if (block_size == 0) { 961 bytes_to_write = size; 962 } else { 963 /* We're sparsifying the file. */ 964 const char *p, *end; 965 int64_t block_end; 966 967 /* Skip leading zero bytes. */ 968 for (p = buff, end = buff + size; p < end; ++p) { 969 if (*p != '\0') 970 break; 971 } 972 a->offset += p - buff; 973 size -= p - buff; 974 buff = p; 975 if (size == 0) 976 break; 977 978 /* Calculate next block boundary after offset. */ 979 block_end 980 = (a->offset / block_size + 1) * block_size; 981 982 /* If the adjusted write would cross block boundary, 983 * truncate it to the block boundary. */ 984 bytes_to_write = size; 985 if (a->offset + bytes_to_write > block_end) 986 bytes_to_write = block_end - a->offset; 987 } 988 /* Seek if necessary to the specified offset. */ 989 if (a->offset != a->fd_offset) { 990 if (lseek(a->fd, a->offset, SEEK_SET) < 0) { 991 archive_set_error(&a->archive, errno, 992 "Seek failed"); 993 return (ARCHIVE_FATAL); 994 } 995 a->fd_offset = a->offset; 996 } 997 bytes_written = write(a->fd, buff, bytes_to_write); 998 if (bytes_written < 0) { 999 archive_set_error(&a->archive, errno, "Write failed"); 1000 return (ARCHIVE_WARN); 1001 } 1002 buff += bytes_written; 1003 size -= bytes_written; 1004 a->total_bytes_written += bytes_written; 1005 a->offset += bytes_written; 1006 a->fd_offset = a->offset; 1007 } 1008 return (start_size - size); 1009} 1010 1011#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 1012 && defined(HAVE_ZLIB_H) 1013 1014/* 1015 * Set UF_COMPRESSED file flag. 1016 * This have to be called after hfs_write_decmpfs() because if the 1017 * file does not have "com.apple.decmpfs" xattr the flag is ignored. 1018 */ 1019static int 1020hfs_set_compressed_fflag(struct archive_write_disk *a) 1021{ 1022 int r; 1023 1024 if ((r = lazy_stat(a)) != ARCHIVE_OK) 1025 return (r); 1026 1027 a->st.st_flags |= UF_COMPRESSED; 1028 if (fchflags(a->fd, a->st.st_flags) != 0) { 1029 archive_set_error(&a->archive, errno, 1030 "Failed to set UF_COMPRESSED file flag"); 1031 return (ARCHIVE_WARN); 1032 } 1033 return (ARCHIVE_OK); 1034} 1035 1036/* 1037 * HFS+ Compression decmpfs 1038 * 1039 * +------------------------------+ +0 1040 * | Magic(LE 4 bytes) | 1041 * +------------------------------+ 1042 * | Type(LE 4 bytes) | 1043 * +------------------------------+ 1044 * | Uncompressed size(LE 8 bytes)| 1045 * +------------------------------+ +16 1046 * | | 1047 * | Compressed data | 1048 * | (Placed only if Type == 3) | 1049 * | | 1050 * +------------------------------+ +3802 = MAX_DECMPFS_XATTR_SIZE 1051 * 1052 * Type is 3: decmpfs has compressed data. 1053 * Type is 4: Resource Fork has compressed data. 1054 */ 1055/* 1056 * Write "com.apple.decmpfs" 1057 */ 1058static int 1059hfs_write_decmpfs(struct archive_write_disk *a) 1060{ 1061 int r; 1062 uint32_t compression_type; 1063 1064 r = fsetxattr(a->fd, DECMPFS_XATTR_NAME, a->decmpfs_header_p, 1065 a->decmpfs_attr_size, 0, 0); 1066 if (r < 0) { 1067 archive_set_error(&a->archive, errno, 1068 "Cannot restore xattr:%s", DECMPFS_XATTR_NAME); 1069 compression_type = archive_le32dec( 1070 &a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE]); 1071 if (compression_type == CMP_RESOURCE_FORK) 1072 fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 1073 XATTR_SHOWCOMPRESSION); 1074 return (ARCHIVE_WARN); 1075 } 1076 return (ARCHIVE_OK); 1077} 1078 1079/* 1080 * HFS+ Compression Resource Fork 1081 * 1082 * +-----------------------------+ 1083 * | Header(260 bytes) | 1084 * +-----------------------------+ 1085 * | Block count(LE 4 bytes) | 1086 * +-----------------------------+ --+ 1087 * +-- | Offset (LE 4 bytes) | | 1088 * | | [distance from Block count] | | Block 0 1089 * | +-----------------------------+ | 1090 * | | Compressed size(LE 4 bytes) | | 1091 * | +-----------------------------+ --+ 1092 * | | | 1093 * | | .................. | 1094 * | | | 1095 * | +-----------------------------+ --+ 1096 * | | Offset (LE 4 bytes) | | 1097 * | +-----------------------------+ | Block (Block count -1) 1098 * | | Compressed size(LE 4 bytes) | | 1099 * +-> +-----------------------------+ --+ 1100 * | Compressed data(n bytes) | Block 0 1101 * +-----------------------------+ 1102 * | | 1103 * | .................. | 1104 * | | 1105 * +-----------------------------+ 1106 * | Compressed data(n bytes) | Block (Block count -1) 1107 * +-----------------------------+ 1108 * | Footer(50 bytes) | 1109 * +-----------------------------+ 1110 * 1111 */ 1112/* 1113 * Write the header of "com.apple.ResourceFork" 1114 */ 1115static int 1116hfs_write_resource_fork(struct archive_write_disk *a, unsigned char *buff, 1117 size_t bytes, uint32_t position) 1118{ 1119 int ret; 1120 1121 ret = fsetxattr(a->fd, XATTR_RESOURCEFORK_NAME, buff, bytes, 1122 position, a->rsrc_xattr_options); 1123 if (ret < 0) { 1124 archive_set_error(&a->archive, errno, 1125 "Cannot restore xattr: %s at %u pos %u bytes", 1126 XATTR_RESOURCEFORK_NAME, 1127 (unsigned)position, 1128 (unsigned)bytes); 1129 return (ARCHIVE_WARN); 1130 } 1131 a->rsrc_xattr_options &= ~XATTR_CREATE; 1132 return (ARCHIVE_OK); 1133} 1134 1135static int 1136hfs_write_compressed_data(struct archive_write_disk *a, size_t bytes_compressed) 1137{ 1138 int ret; 1139 1140 ret = hfs_write_resource_fork(a, a->compressed_buffer, 1141 bytes_compressed, a->compressed_rsrc_position); 1142 if (ret == ARCHIVE_OK) 1143 a->compressed_rsrc_position += bytes_compressed; 1144 return (ret); 1145} 1146 1147static int 1148hfs_write_resource_fork_header(struct archive_write_disk *a) 1149{ 1150 unsigned char *buff; 1151 uint32_t rsrc_bytes; 1152 uint32_t rsrc_header_bytes; 1153 1154 /* 1155 * Write resource fork header + block info. 1156 */ 1157 buff = a->resource_fork; 1158 rsrc_bytes = a->compressed_rsrc_position - RSRC_F_SIZE; 1159 rsrc_header_bytes = 1160 RSRC_H_SIZE + /* Header base size. */ 1161 4 + /* Block count. */ 1162 (a->decmpfs_block_count * 8);/* Block info */ 1163 archive_be32enc(buff, 0x100); 1164 archive_be32enc(buff + 4, rsrc_bytes); 1165 archive_be32enc(buff + 8, rsrc_bytes - 256); 1166 archive_be32enc(buff + 12, 0x32); 1167 memset(buff + 16, 0, 240); 1168 archive_be32enc(buff + 256, rsrc_bytes - 260); 1169 return hfs_write_resource_fork(a, buff, rsrc_header_bytes, 0); 1170} 1171 1172static size_t 1173hfs_set_resource_fork_footer(unsigned char *buff, size_t buff_size) 1174{ 1175 static const char rsrc_footer[RSRC_F_SIZE] = { 1176 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1177 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1178 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1179 0x00, 0x1c, 0x00, 0x32, 0x00, 0x00, 'c', 'm', 1180 'p', 'f', 0x00, 0x00, 0x00, 0x0a, 0x00, 0x01, 1181 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 1182 0x00, 0x00 1183 }; 1184 if (buff_size < sizeof(rsrc_footer)) 1185 return (0); 1186 memcpy(buff, rsrc_footer, sizeof(rsrc_footer)); 1187 return (sizeof(rsrc_footer)); 1188} 1189 1190static int 1191hfs_reset_compressor(struct archive_write_disk *a) 1192{ 1193 int ret; 1194 1195 if (a->stream_valid) 1196 ret = deflateReset(&a->stream); 1197 else 1198 ret = deflateInit(&a->stream, a->decmpfs_compression_level); 1199 1200 if (ret != Z_OK) { 1201 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1202 "Failed to initialize compressor"); 1203 return (ARCHIVE_FATAL); 1204 } else 1205 a->stream_valid = 1; 1206 1207 return (ARCHIVE_OK); 1208} 1209 1210static int 1211hfs_decompress(struct archive_write_disk *a) 1212{ 1213 uint32_t *block_info; 1214 unsigned int block_count; 1215 uint32_t data_pos, data_size; 1216 ssize_t r; 1217 ssize_t bytes_written, bytes_to_write; 1218 unsigned char *b; 1219 1220 block_info = (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1221 block_count = archive_le32dec(block_info++); 1222 while (block_count--) { 1223 data_pos = RSRC_H_SIZE + archive_le32dec(block_info++); 1224 data_size = archive_le32dec(block_info++); 1225 r = fgetxattr(a->fd, XATTR_RESOURCEFORK_NAME, 1226 a->compressed_buffer, data_size, data_pos, 0); 1227 if (r != data_size) { 1228 archive_set_error(&a->archive, 1229 (r < 0)?errno:ARCHIVE_ERRNO_MISC, 1230 "Failed to read resource fork"); 1231 return (ARCHIVE_WARN); 1232 } 1233 if (a->compressed_buffer[0] == 0xff) { 1234 bytes_to_write = data_size -1; 1235 b = a->compressed_buffer + 1; 1236 } else { 1237 uLong dest_len = MAX_DECMPFS_BLOCK_SIZE; 1238 int zr; 1239 1240 zr = uncompress((Bytef *)a->uncompressed_buffer, 1241 &dest_len, a->compressed_buffer, data_size); 1242 if (zr != Z_OK) { 1243 archive_set_error(&a->archive, 1244 ARCHIVE_ERRNO_MISC, 1245 "Failed to decompress resource fork"); 1246 return (ARCHIVE_WARN); 1247 } 1248 bytes_to_write = dest_len; 1249 b = (unsigned char *)a->uncompressed_buffer; 1250 } 1251 do { 1252 bytes_written = write(a->fd, b, bytes_to_write); 1253 if (bytes_written < 0) { 1254 archive_set_error(&a->archive, errno, 1255 "Write failed"); 1256 return (ARCHIVE_WARN); 1257 } 1258 bytes_to_write -= bytes_written; 1259 b += bytes_written; 1260 } while (bytes_to_write > 0); 1261 } 1262 r = fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 0); 1263 if (r == -1) { 1264 archive_set_error(&a->archive, errno, 1265 "Failed to remove resource fork"); 1266 return (ARCHIVE_WARN); 1267 } 1268 return (ARCHIVE_OK); 1269} 1270 1271static int 1272hfs_drive_compressor(struct archive_write_disk *a, const char *buff, 1273 size_t size) 1274{ 1275 unsigned char *buffer_compressed; 1276 size_t bytes_compressed; 1277 size_t bytes_used; 1278 int ret; 1279 1280 ret = hfs_reset_compressor(a); 1281 if (ret != ARCHIVE_OK) 1282 return (ret); 1283 1284 if (a->compressed_buffer == NULL) { 1285 size_t block_size; 1286 1287 block_size = COMPRESSED_W_SIZE + RSRC_F_SIZE + 1288 + compressBound(MAX_DECMPFS_BLOCK_SIZE); 1289 a->compressed_buffer = malloc(block_size); 1290 if (a->compressed_buffer == NULL) { 1291 archive_set_error(&a->archive, ENOMEM, 1292 "Can't allocate memory for Resource Fork"); 1293 return (ARCHIVE_FATAL); 1294 } 1295 a->compressed_buffer_size = block_size; 1296 a->compressed_buffer_remaining = block_size; 1297 } 1298 1299 buffer_compressed = a->compressed_buffer + 1300 a->compressed_buffer_size - a->compressed_buffer_remaining; 1301 a->stream.next_in = (Bytef *)(uintptr_t)(const void *)buff; 1302 a->stream.avail_in = size; 1303 a->stream.next_out = buffer_compressed; 1304 a->stream.avail_out = a->compressed_buffer_remaining; 1305 do { 1306 ret = deflate(&a->stream, Z_FINISH); 1307 switch (ret) { 1308 case Z_OK: 1309 case Z_STREAM_END: 1310 break; 1311 default: 1312 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1313 "Failed to compress data"); 1314 return (ARCHIVE_FAILED); 1315 } 1316 } while (ret == Z_OK); 1317 bytes_compressed = a->compressed_buffer_remaining - a->stream.avail_out; 1318 1319 /* 1320 * If the compressed size is larger than the original size, 1321 * throw away compressed data, use uncompressed data instead. 1322 */ 1323 if (bytes_compressed > size) { 1324 buffer_compressed[0] = 0xFF;/* uncompressed marker. */ 1325 memcpy(buffer_compressed + 1, buff, size); 1326 bytes_compressed = size + 1; 1327 } 1328 a->compressed_buffer_remaining -= bytes_compressed; 1329 1330 /* 1331 * If the compressed size is smaller than MAX_DECMPFS_XATTR_SIZE 1332 * and the block count in the file is only one, store compressed 1333 * data to decmpfs xattr instead of the resource fork. 1334 */ 1335 if (a->decmpfs_block_count == 1 && 1336 (a->decmpfs_attr_size + bytes_compressed) 1337 <= MAX_DECMPFS_XATTR_SIZE) { 1338 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1339 CMP_XATTR); 1340 memcpy(a->decmpfs_header_p + DECMPFS_HEADER_SIZE, 1341 buffer_compressed, bytes_compressed); 1342 a->decmpfs_attr_size += bytes_compressed; 1343 a->compressed_buffer_remaining = a->compressed_buffer_size; 1344 /* 1345 * Finish HFS+ Compression. 1346 * - Write the decmpfs xattr. 1347 * - Set the UF_COMPRESSED file flag. 1348 */ 1349 ret = hfs_write_decmpfs(a); 1350 if (ret == ARCHIVE_OK) 1351 ret = hfs_set_compressed_fflag(a); 1352 return (ret); 1353 } 1354 1355 /* Update block info. */ 1356 archive_le32enc(a->decmpfs_block_info++, 1357 a->compressed_rsrc_position_v - RSRC_H_SIZE); 1358 archive_le32enc(a->decmpfs_block_info++, bytes_compressed); 1359 a->compressed_rsrc_position_v += bytes_compressed; 1360 1361 /* 1362 * Write the compressed data to the resource fork. 1363 */ 1364 bytes_used = a->compressed_buffer_size - a->compressed_buffer_remaining; 1365 while (bytes_used >= COMPRESSED_W_SIZE) { 1366 ret = hfs_write_compressed_data(a, COMPRESSED_W_SIZE); 1367 if (ret != ARCHIVE_OK) 1368 return (ret); 1369 bytes_used -= COMPRESSED_W_SIZE; 1370 if (bytes_used > COMPRESSED_W_SIZE) 1371 memmove(a->compressed_buffer, 1372 a->compressed_buffer + COMPRESSED_W_SIZE, 1373 bytes_used); 1374 else 1375 memcpy(a->compressed_buffer, 1376 a->compressed_buffer + COMPRESSED_W_SIZE, 1377 bytes_used); 1378 } 1379 a->compressed_buffer_remaining = a->compressed_buffer_size - bytes_used; 1380 1381 /* 1382 * If the current block is the last block, write the remaining 1383 * compressed data and the resource fork footer. 1384 */ 1385 if (a->file_remaining_bytes == 0) { 1386 size_t rsrc_size; 1387 int64_t bk; 1388 1389 /* Append the resource footer. */ 1390 rsrc_size = hfs_set_resource_fork_footer( 1391 a->compressed_buffer + bytes_used, 1392 a->compressed_buffer_remaining); 1393 ret = hfs_write_compressed_data(a, bytes_used + rsrc_size); 1394 a->compressed_buffer_remaining = a->compressed_buffer_size; 1395 1396 /* If the compressed size is not enough smaller than 1397 * the uncompressed size. cancel HFS+ compression. 1398 * TODO: study a behavior of ditto utility and improve 1399 * the condition to fall back into no HFS+ compression. */ 1400 bk = HFS_BLOCKS(a->compressed_rsrc_position); 1401 bk += bk >> 7; 1402 if (bk > HFS_BLOCKS(a->filesize)) 1403 return hfs_decompress(a); 1404 /* 1405 * Write the resourcefork header. 1406 */ 1407 if (ret == ARCHIVE_OK) 1408 ret = hfs_write_resource_fork_header(a); 1409 /* 1410 * Finish HFS+ Compression. 1411 * - Write the decmpfs xattr. 1412 * - Set the UF_COMPRESSED file flag. 1413 */ 1414 if (ret == ARCHIVE_OK) 1415 ret = hfs_write_decmpfs(a); 1416 if (ret == ARCHIVE_OK) 1417 ret = hfs_set_compressed_fflag(a); 1418 } 1419 return (ret); 1420} 1421 1422static ssize_t 1423hfs_write_decmpfs_block(struct archive_write_disk *a, const char *buff, 1424 size_t size) 1425{ 1426 const char *buffer_to_write; 1427 size_t bytes_to_write; 1428 int ret; 1429 1430 if (a->decmpfs_block_count == (unsigned)-1) { 1431 void *new_block; 1432 size_t new_size; 1433 unsigned int block_count; 1434 1435 if (a->decmpfs_header_p == NULL) { 1436 new_block = malloc(MAX_DECMPFS_XATTR_SIZE 1437 + sizeof(uint32_t)); 1438 if (new_block == NULL) { 1439 archive_set_error(&a->archive, ENOMEM, 1440 "Can't allocate memory for decmpfs"); 1441 return (ARCHIVE_FATAL); 1442 } 1443 a->decmpfs_header_p = new_block; 1444 } 1445 a->decmpfs_attr_size = DECMPFS_HEADER_SIZE; 1446 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_MAGIC], 1447 DECMPFS_MAGIC); 1448 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE], 1449 CMP_RESOURCE_FORK); 1450 archive_le64enc(&a->decmpfs_header_p[DECMPFS_UNCOMPRESSED_SIZE], 1451 a->filesize); 1452 1453 /* Calculate a block count of the file. */ 1454 block_count = 1455 (a->filesize + MAX_DECMPFS_BLOCK_SIZE -1) / 1456 MAX_DECMPFS_BLOCK_SIZE; 1457 /* 1458 * Allocate buffer for resource fork. 1459 * Set up related pointers; 1460 */ 1461 new_size = 1462 RSRC_H_SIZE + /* header */ 1463 4 + /* Block count */ 1464 (block_count * sizeof(uint32_t) * 2) + 1465 RSRC_F_SIZE; /* footer */ 1466 if (new_size > a->resource_fork_allocated_size) { 1467 new_block = realloc(a->resource_fork, new_size); 1468 if (new_block == NULL) { 1469 archive_set_error(&a->archive, ENOMEM, 1470 "Can't allocate memory for ResourceFork"); 1471 return (ARCHIVE_FATAL); 1472 } 1473 a->resource_fork_allocated_size = new_size; 1474 a->resource_fork = new_block; 1475 } 1476 1477 /* Allocate uncompressed buffer */ 1478 if (a->uncompressed_buffer == NULL) { 1479 new_block = malloc(MAX_DECMPFS_BLOCK_SIZE); 1480 if (new_block == NULL) { 1481 archive_set_error(&a->archive, ENOMEM, 1482 "Can't allocate memory for decmpfs"); 1483 return (ARCHIVE_FATAL); 1484 } 1485 a->uncompressed_buffer = new_block; 1486 } 1487 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1488 a->file_remaining_bytes = a->filesize; 1489 a->compressed_buffer_remaining = a->compressed_buffer_size; 1490 1491 /* 1492 * Set up a resource fork. 1493 */ 1494 a->rsrc_xattr_options = XATTR_CREATE; 1495 /* Get the position where we are going to set a bunch 1496 * of block info. */ 1497 a->decmpfs_block_info = 1498 (uint32_t *)(a->resource_fork + RSRC_H_SIZE); 1499 /* Set the block count to the resource fork. */ 1500 archive_le32enc(a->decmpfs_block_info++, block_count); 1501 /* Get the position where we are going to set compressed 1502 * data. */ 1503 a->compressed_rsrc_position = 1504 RSRC_H_SIZE + 4 + (block_count * 8); 1505 a->compressed_rsrc_position_v = a->compressed_rsrc_position; 1506 a->decmpfs_block_count = block_count; 1507 } 1508 1509 /* Ignore redundant bytes. */ 1510 if (a->file_remaining_bytes == 0) 1511 return ((ssize_t)size); 1512 1513 /* Do not overrun a block size. */ 1514 if (size > a->block_remaining_bytes) 1515 bytes_to_write = a->block_remaining_bytes; 1516 else 1517 bytes_to_write = size; 1518 /* Do not overrun the file size. */ 1519 if (bytes_to_write > a->file_remaining_bytes) 1520 bytes_to_write = a->file_remaining_bytes; 1521 1522 /* For efficiency, if a copy length is full of the uncompressed 1523 * buffer size, do not copy writing data to it. */ 1524 if (bytes_to_write == MAX_DECMPFS_BLOCK_SIZE) 1525 buffer_to_write = buff; 1526 else { 1527 memcpy(a->uncompressed_buffer + 1528 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes, 1529 buff, bytes_to_write); 1530 buffer_to_write = a->uncompressed_buffer; 1531 } 1532 a->block_remaining_bytes -= bytes_to_write; 1533 a->file_remaining_bytes -= bytes_to_write; 1534 1535 if (a->block_remaining_bytes == 0 || a->file_remaining_bytes == 0) { 1536 ret = hfs_drive_compressor(a, buffer_to_write, 1537 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes); 1538 if (ret < 0) 1539 return (ret); 1540 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE; 1541 } 1542 /* Ignore redundant bytes. */ 1543 if (a->file_remaining_bytes == 0) 1544 return ((ssize_t)size); 1545 return (bytes_to_write); 1546} 1547 1548static ssize_t 1549hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1550 size_t size) 1551{ 1552 uint64_t start_size = size; 1553 ssize_t bytes_written = 0; 1554 ssize_t bytes_to_write; 1555 1556 if (size == 0) 1557 return (ARCHIVE_OK); 1558 1559 if (a->filesize == 0 || a->fd < 0) { 1560 archive_set_error(&a->archive, 0, 1561 "Attempt to write to an empty file"); 1562 return (ARCHIVE_WARN); 1563 } 1564 1565 /* If this write would run beyond the file size, truncate it. */ 1566 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize) 1567 start_size = size = (size_t)(a->filesize - a->offset); 1568 1569 /* Write the data. */ 1570 while (size > 0) { 1571 bytes_to_write = size; 1572 /* Seek if necessary to the specified offset. */ 1573 if (a->offset < a->fd_offset) { 1574 /* Can't support backward move. */ 1575 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 1576 "Seek failed"); 1577 return (ARCHIVE_FATAL); 1578 } else if (a->offset > a->fd_offset) { 1579 int64_t skip = a->offset - a->fd_offset; 1580 char nullblock[1024]; 1581 1582 memset(nullblock, 0, sizeof(nullblock)); 1583 while (skip > 0) { 1584 if (skip > (int64_t)sizeof(nullblock)) 1585 bytes_written = hfs_write_decmpfs_block( 1586 a, nullblock, sizeof(nullblock)); 1587 else 1588 bytes_written = hfs_write_decmpfs_block( 1589 a, nullblock, skip); 1590 if (bytes_written < 0) { 1591 archive_set_error(&a->archive, errno, 1592 "Write failed"); 1593 return (ARCHIVE_WARN); 1594 } 1595 skip -= bytes_written; 1596 } 1597 1598 a->fd_offset = a->offset; 1599 } 1600 bytes_written = 1601 hfs_write_decmpfs_block(a, buff, bytes_to_write); 1602 if (bytes_written < 0) 1603 return (bytes_written); 1604 buff += bytes_written; 1605 size -= bytes_written; 1606 a->total_bytes_written += bytes_written; 1607 a->offset += bytes_written; 1608 a->fd_offset = a->offset; 1609 } 1610 return (start_size - size); 1611} 1612#else 1613static ssize_t 1614hfs_write_data_block(struct archive_write_disk *a, const char *buff, 1615 size_t size) 1616{ 1617 return (write_data_block(a, buff, size)); 1618} 1619#endif 1620 1621static ssize_t 1622_archive_write_disk_data_block(struct archive *_a, 1623 const void *buff, size_t size, int64_t offset) 1624{ 1625 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1626 ssize_t r; 1627 1628 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1629 ARCHIVE_STATE_DATA, "archive_write_data_block"); 1630 1631 a->offset = offset; 1632 if (a->todo & TODO_HFS_COMPRESSION) 1633 r = hfs_write_data_block(a, buff, size); 1634 else 1635 r = write_data_block(a, buff, size); 1636 if (r < ARCHIVE_OK) 1637 return (r); 1638 if ((size_t)r < size) { 1639 archive_set_error(&a->archive, 0, 1640 "Too much data: Truncating file at %ju bytes", 1641 (uintmax_t)a->filesize); 1642 return (ARCHIVE_WARN); 1643 } 1644#if ARCHIVE_VERSION_NUMBER < 3999000 1645 return (ARCHIVE_OK); 1646#else 1647 return (size); 1648#endif 1649} 1650 1651static ssize_t 1652_archive_write_disk_data(struct archive *_a, const void *buff, size_t size) 1653{ 1654 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1655 1656 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1657 ARCHIVE_STATE_DATA, "archive_write_data"); 1658 1659 if (a->todo & TODO_HFS_COMPRESSION) 1660 return (hfs_write_data_block(a, buff, size)); 1661 return (write_data_block(a, buff, size)); 1662} 1663 1664static int 1665_archive_write_disk_finish_entry(struct archive *_a) 1666{ 1667 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1668 int ret = ARCHIVE_OK; 1669 1670 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1671 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 1672 "archive_write_finish_entry"); 1673 if (a->archive.state & ARCHIVE_STATE_HEADER) 1674 return (ARCHIVE_OK); 1675 archive_clear_error(&a->archive); 1676 1677 /* Pad or truncate file to the right size. */ 1678 if (a->fd < 0) { 1679 /* There's no file. */ 1680 } else if (a->filesize < 0) { 1681 /* File size is unknown, so we can't set the size. */ 1682 } else if (a->fd_offset == a->filesize) { 1683 /* Last write ended at exactly the filesize; we're done. */ 1684 /* Hopefully, this is the common case. */ 1685#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H) 1686 } else if (a->todo & TODO_HFS_COMPRESSION) { 1687 char null_d[1024]; 1688 ssize_t r; 1689 1690 if (a->file_remaining_bytes) 1691 memset(null_d, 0, sizeof(null_d)); 1692 while (a->file_remaining_bytes) { 1693 if (a->file_remaining_bytes > sizeof(null_d)) 1694 r = hfs_write_data_block( 1695 a, null_d, sizeof(null_d)); 1696 else 1697 r = hfs_write_data_block( 1698 a, null_d, a->file_remaining_bytes); 1699 if (r < 0) 1700 return ((int)r); 1701 } 1702#endif 1703 } else { 1704#if HAVE_FTRUNCATE 1705 if (ftruncate(a->fd, a->filesize) == -1 && 1706 a->filesize == 0) { 1707 archive_set_error(&a->archive, errno, 1708 "File size could not be restored"); 1709 return (ARCHIVE_FAILED); 1710 } 1711#endif 1712 /* 1713 * Not all platforms implement the XSI option to 1714 * extend files via ftruncate. Stat() the file again 1715 * to see what happened. 1716 */ 1717 a->pst = NULL; 1718 if ((ret = lazy_stat(a)) != ARCHIVE_OK) 1719 return (ret); 1720 /* We can use lseek()/write() to extend the file if 1721 * ftruncate didn't work or isn't available. */ 1722 if (a->st.st_size < a->filesize) { 1723 const char nul = '\0'; 1724 if (lseek(a->fd, a->filesize - 1, SEEK_SET) < 0) { 1725 archive_set_error(&a->archive, errno, 1726 "Seek failed"); 1727 return (ARCHIVE_FATAL); 1728 } 1729 if (write(a->fd, &nul, 1) < 0) { 1730 archive_set_error(&a->archive, errno, 1731 "Write to restore size failed"); 1732 return (ARCHIVE_FATAL); 1733 } 1734 a->pst = NULL; 1735 } 1736 } 1737 1738 /* Restore metadata. */ 1739 1740 /* 1741 * This is specific to Mac OS X. 1742 * If the current file is an AppleDouble file, it should be 1743 * linked with the data fork file and remove it. 1744 */ 1745 if (a->todo & TODO_APPLEDOUBLE) { 1746 int r2 = fixup_appledouble(a, a->name); 1747 if (r2 == ARCHIVE_EOF) { 1748 /* The current file has been successfully linked 1749 * with the data fork file and removed. So there 1750 * is nothing to do on the current file. */ 1751 goto finish_metadata; 1752 } 1753 if (r2 < ret) ret = r2; 1754 } 1755 1756 /* 1757 * Look up the "real" UID only if we're going to need it. 1758 * TODO: the TODO_SGID condition can be dropped here, can't it? 1759 */ 1760 if (a->todo & (TODO_OWNER | TODO_SUID | TODO_SGID)) { 1761 a->uid = archive_write_disk_uid(&a->archive, 1762 archive_entry_uname(a->entry), 1763 archive_entry_uid(a->entry)); 1764 } 1765 /* Look up the "real" GID only if we're going to need it. */ 1766 /* TODO: the TODO_SUID condition can be dropped here, can't it? */ 1767 if (a->todo & (TODO_OWNER | TODO_SGID | TODO_SUID)) { 1768 a->gid = archive_write_disk_gid(&a->archive, 1769 archive_entry_gname(a->entry), 1770 archive_entry_gid(a->entry)); 1771 } 1772 1773 /* 1774 * Restore ownership before set_mode tries to restore suid/sgid 1775 * bits. If we set the owner, we know what it is and can skip 1776 * a stat() call to examine the ownership of the file on disk. 1777 */ 1778 if (a->todo & TODO_OWNER) { 1779 int r2 = set_ownership(a); 1780 if (r2 < ret) ret = r2; 1781 } 1782 1783 /* 1784 * set_mode must precede ACLs on systems such as Solaris and 1785 * FreeBSD where setting the mode implicitly clears extended ACLs 1786 */ 1787 if (a->todo & TODO_MODE) { 1788 int r2 = set_mode(a, a->mode); 1789 if (r2 < ret) ret = r2; 1790 } 1791 1792 /* 1793 * Security-related extended attributes (such as 1794 * security.capability on Linux) have to be restored last, 1795 * since they're implicitly removed by other file changes. 1796 */ 1797 if (a->todo & TODO_XATTR) { 1798 int r2 = set_xattrs(a); 1799 if (r2 < ret) ret = r2; 1800 } 1801 1802 /* 1803 * Some flags prevent file modification; they must be restored after 1804 * file contents are written. 1805 */ 1806 if (a->todo & TODO_FFLAGS) { 1807 int r2 = set_fflags(a); 1808 if (r2 < ret) ret = r2; 1809 } 1810 1811 /* 1812 * Time must follow most other metadata; 1813 * otherwise atime will get changed. 1814 */ 1815 if (a->todo & TODO_TIMES) { 1816 int r2 = set_times_from_entry(a); 1817 if (r2 < ret) ret = r2; 1818 } 1819 1820 /* 1821 * Mac extended metadata includes ACLs. 1822 */ 1823 if (a->todo & TODO_MAC_METADATA) { 1824 const void *metadata; 1825 size_t metadata_size; 1826 metadata = archive_entry_mac_metadata(a->entry, &metadata_size); 1827 if (metadata != NULL && metadata_size > 0) { 1828 int r2 = set_mac_metadata(a, archive_entry_pathname( 1829 a->entry), metadata, metadata_size); 1830 if (r2 < ret) ret = r2; 1831 } 1832 } 1833 1834 /* 1835 * ACLs must be restored after timestamps because there are 1836 * ACLs that prevent attribute changes (including time). 1837 */ 1838 if (a->todo & TODO_ACLS) { 1839 int r2; 1840 r2 = archive_write_disk_set_acls(&a->archive, a->fd, 1841 archive_entry_pathname(a->entry), 1842 archive_entry_acl(a->entry), 1843 archive_entry_mode(a->entry)); 1844 if (r2 < ret) ret = r2; 1845 } 1846 1847finish_metadata: 1848 /* If there's an fd, we can close it now. */ 1849 if (a->fd >= 0) { 1850 close(a->fd); 1851 a->fd = -1; 1852 if (a->tmpname) { 1853 if (rename(a->tmpname, a->name) == -1) { 1854 archive_set_error(&a->archive, errno, 1855 "Failed to rename temporary file"); 1856 ret = ARCHIVE_FAILED; 1857 unlink(a->tmpname); 1858 } 1859 a->tmpname = NULL; 1860 } 1861 } 1862 /* If there's an entry, we can release it now. */ 1863 archive_entry_free(a->entry); 1864 a->entry = NULL; 1865 a->archive.state = ARCHIVE_STATE_HEADER; 1866 return (ret); 1867} 1868 1869int 1870archive_write_disk_set_group_lookup(struct archive *_a, 1871 void *private_data, 1872 la_int64_t (*lookup_gid)(void *private, const char *gname, la_int64_t gid), 1873 void (*cleanup_gid)(void *private)) 1874{ 1875 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1876 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1877 ARCHIVE_STATE_ANY, "archive_write_disk_set_group_lookup"); 1878 1879 if (a->cleanup_gid != NULL && a->lookup_gid_data != NULL) 1880 (a->cleanup_gid)(a->lookup_gid_data); 1881 1882 a->lookup_gid = lookup_gid; 1883 a->cleanup_gid = cleanup_gid; 1884 a->lookup_gid_data = private_data; 1885 return (ARCHIVE_OK); 1886} 1887 1888int 1889archive_write_disk_set_user_lookup(struct archive *_a, 1890 void *private_data, 1891 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid), 1892 void (*cleanup_uid)(void *private)) 1893{ 1894 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1895 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1896 ARCHIVE_STATE_ANY, "archive_write_disk_set_user_lookup"); 1897 1898 if (a->cleanup_uid != NULL && a->lookup_uid_data != NULL) 1899 (a->cleanup_uid)(a->lookup_uid_data); 1900 1901 a->lookup_uid = lookup_uid; 1902 a->cleanup_uid = cleanup_uid; 1903 a->lookup_uid_data = private_data; 1904 return (ARCHIVE_OK); 1905} 1906 1907int64_t 1908archive_write_disk_gid(struct archive *_a, const char *name, la_int64_t id) 1909{ 1910 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1911 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1912 ARCHIVE_STATE_ANY, "archive_write_disk_gid"); 1913 if (a->lookup_gid) 1914 return (a->lookup_gid)(a->lookup_gid_data, name, id); 1915 return (id); 1916} 1917 1918int64_t 1919archive_write_disk_uid(struct archive *_a, const char *name, la_int64_t id) 1920{ 1921 struct archive_write_disk *a = (struct archive_write_disk *)_a; 1922 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 1923 ARCHIVE_STATE_ANY, "archive_write_disk_uid"); 1924 if (a->lookup_uid) 1925 return (a->lookup_uid)(a->lookup_uid_data, name, id); 1926 return (id); 1927} 1928 1929/* 1930 * Create a new archive_write_disk object and initialize it with global state. 1931 */ 1932struct archive * 1933archive_write_disk_new(void) 1934{ 1935 struct archive_write_disk *a; 1936 1937 a = (struct archive_write_disk *)calloc(1, sizeof(*a)); 1938 if (a == NULL) 1939 return (NULL); 1940 a->archive.magic = ARCHIVE_WRITE_DISK_MAGIC; 1941 /* We're ready to write a header immediately. */ 1942 a->archive.state = ARCHIVE_STATE_HEADER; 1943 a->archive.vtable = archive_write_disk_vtable(); 1944 a->start_time = time(NULL); 1945 /* Query and restore the umask. */ 1946 umask(a->user_umask = umask(0)); 1947#ifdef HAVE_GETEUID 1948 a->user_uid = geteuid(); 1949#endif /* HAVE_GETEUID */ 1950 if (archive_string_ensure(&a->path_safe, 512) == NULL) { 1951 free(a); 1952 return (NULL); 1953 } 1954#ifdef HAVE_ZLIB_H 1955 a->decmpfs_compression_level = 5; 1956#endif 1957 return (&a->archive); 1958} 1959 1960 1961/* 1962 * If pathname is longer than PATH_MAX, chdir to a suitable 1963 * intermediate dir and edit the path down to a shorter suffix. Note 1964 * that this routine never returns an error; if the chdir() attempt 1965 * fails for any reason, we just go ahead with the long pathname. The 1966 * object creation is likely to fail, but any error will get handled 1967 * at that time. 1968 */ 1969#if defined(HAVE_FCHDIR) && defined(PATH_MAX) 1970static void 1971edit_deep_directories(struct archive_write_disk *a) 1972{ 1973 int ret; 1974 char *tail = a->name; 1975 1976 /* If path is short, avoid the open() below. */ 1977 if (strlen(tail) < PATH_MAX) 1978 return; 1979 1980 /* Try to record our starting dir. */ 1981 a->restore_pwd = la_opendirat(AT_FDCWD, "."); 1982 __archive_ensure_cloexec_flag(a->restore_pwd); 1983 if (a->restore_pwd < 0) 1984 return; 1985 1986 /* As long as the path is too long... */ 1987 while (strlen(tail) >= PATH_MAX) { 1988 /* Locate a dir prefix shorter than PATH_MAX. */ 1989 tail += PATH_MAX - 8; 1990 while (tail > a->name && *tail != '/') 1991 tail--; 1992 /* Exit if we find a too-long path component. */ 1993 if (tail <= a->name) 1994 return; 1995 /* Create the intermediate dir and chdir to it. */ 1996 *tail = '\0'; /* Terminate dir portion */ 1997 ret = create_dir(a, a->name); 1998 if (ret == ARCHIVE_OK && chdir(a->name) != 0) 1999 ret = ARCHIVE_FAILED; 2000 *tail = '/'; /* Restore the / we removed. */ 2001 if (ret != ARCHIVE_OK) 2002 return; 2003 tail++; 2004 /* The chdir() succeeded; we've now shortened the path. */ 2005 a->name = tail; 2006 } 2007 return; 2008} 2009#endif 2010 2011/* 2012 * The main restore function. 2013 */ 2014static int 2015restore_entry(struct archive_write_disk *a) 2016{ 2017 int ret = ARCHIVE_OK, en; 2018 2019 if (a->flags & ARCHIVE_EXTRACT_UNLINK && !S_ISDIR(a->mode)) { 2020 /* 2021 * TODO: Fix this. Apparently, there are platforms 2022 * that still allow root to hose the entire filesystem 2023 * by unlinking a dir. The S_ISDIR() test above 2024 * prevents us from using unlink() here if the new 2025 * object is a dir, but that doesn't mean the old 2026 * object isn't a dir. 2027 */ 2028 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 2029 (void)clear_nochange_fflags(a); 2030 if (unlink(a->name) == 0) { 2031 /* We removed it, reset cached stat. */ 2032 a->pst = NULL; 2033 } else if (errno == ENOENT) { 2034 /* File didn't exist, that's just as good. */ 2035 } else if (rmdir(a->name) == 0) { 2036 /* It was a dir, but now it's gone. */ 2037 a->pst = NULL; 2038 } else { 2039 /* We tried, but couldn't get rid of it. */ 2040 archive_set_error(&a->archive, errno, 2041 "Could not unlink"); 2042 return(ARCHIVE_FAILED); 2043 } 2044 } 2045 2046 /* Try creating it first; if this fails, we'll try to recover. */ 2047 en = create_filesystem_object(a); 2048 2049 if ((en == ENOTDIR || en == ENOENT) 2050 && !(a->flags & ARCHIVE_EXTRACT_NO_AUTODIR)) { 2051 /* If the parent dir doesn't exist, try creating it. */ 2052 create_parent_dir(a, a->name); 2053 /* Now try to create the object again. */ 2054 en = create_filesystem_object(a); 2055 } 2056 2057 if ((en == ENOENT) && (archive_entry_hardlink(a->entry) != NULL)) { 2058 archive_set_error(&a->archive, en, 2059 "Hard-link target '%s' does not exist.", 2060 archive_entry_hardlink(a->entry)); 2061 return (ARCHIVE_FAILED); 2062 } 2063 2064 if ((en == EISDIR || en == EEXIST) 2065 && (a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 2066 /* If we're not overwriting, we're done. */ 2067 if (S_ISDIR(a->mode)) { 2068 /* Don't overwrite any settings on existing directories. */ 2069 a->todo = 0; 2070 } 2071 archive_entry_unset_size(a->entry); 2072 return (ARCHIVE_OK); 2073 } 2074 2075 /* 2076 * Some platforms return EISDIR if you call 2077 * open(O_WRONLY | O_EXCL | O_CREAT) on a directory, some 2078 * return EEXIST. POSIX is ambiguous, requiring EISDIR 2079 * for open(O_WRONLY) on a dir and EEXIST for open(O_EXCL | O_CREAT) 2080 * on an existing item. 2081 */ 2082 if (en == EISDIR) { 2083 /* A dir is in the way of a non-dir, rmdir it. */ 2084 if (rmdir(a->name) != 0) { 2085 archive_set_error(&a->archive, errno, 2086 "Can't remove already-existing dir"); 2087 return (ARCHIVE_FAILED); 2088 } 2089 a->pst = NULL; 2090 /* Try again. */ 2091 en = create_filesystem_object(a); 2092 } else if (en == EEXIST) { 2093 /* 2094 * We know something is in the way, but we don't know what; 2095 * we need to find out before we go any further. 2096 */ 2097 int r = 0; 2098 /* 2099 * The SECURE_SYMLINKS logic has already removed a 2100 * symlink to a dir if the client wants that. So 2101 * follow the symlink if we're creating a dir. 2102 */ 2103 if (S_ISDIR(a->mode)) 2104 r = la_stat(a->name, &a->st); 2105 /* 2106 * If it's not a dir (or it's a broken symlink), 2107 * then don't follow it. 2108 */ 2109 if (r != 0 || !S_ISDIR(a->mode)) 2110 r = lstat(a->name, &a->st); 2111 if (r != 0) { 2112 archive_set_error(&a->archive, errno, 2113 "Can't stat existing object"); 2114 return (ARCHIVE_FAILED); 2115 } 2116 2117 /* 2118 * NO_OVERWRITE_NEWER doesn't apply to directories. 2119 */ 2120 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER) 2121 && !S_ISDIR(a->st.st_mode)) { 2122 if (!older(&(a->st), a->entry)) { 2123 archive_entry_unset_size(a->entry); 2124 return (ARCHIVE_OK); 2125 } 2126 } 2127 2128 /* If it's our archive, we're done. */ 2129 if (a->skip_file_set && 2130 a->st.st_dev == (dev_t)a->skip_file_dev && 2131 a->st.st_ino == (ino_t)a->skip_file_ino) { 2132 archive_set_error(&a->archive, 0, 2133 "Refusing to overwrite archive"); 2134 return (ARCHIVE_FAILED); 2135 } 2136 2137 if (!S_ISDIR(a->st.st_mode)) { 2138 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 2139 (void)clear_nochange_fflags(a); 2140 2141 if ((a->flags & ARCHIVE_EXTRACT_SAFE_WRITES) && 2142 S_ISREG(a->st.st_mode)) { 2143 /* Use a temporary file to extract */ 2144 if ((a->fd = la_mktemp(a)) == -1) { 2145 archive_set_error(&a->archive, errno, 2146 "Can't create temporary file"); 2147 return ARCHIVE_FAILED; 2148 } 2149 a->pst = NULL; 2150 en = 0; 2151 } else { 2152 /* A non-dir is in the way, unlink it. */ 2153 if (unlink(a->name) != 0) { 2154 archive_set_error(&a->archive, errno, 2155 "Can't unlink already-existing " 2156 "object"); 2157 return (ARCHIVE_FAILED); 2158 } 2159 a->pst = NULL; 2160 /* Try again. */ 2161 en = create_filesystem_object(a); 2162 } 2163 } else if (!S_ISDIR(a->mode)) { 2164 /* A dir is in the way of a non-dir, rmdir it. */ 2165 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS) 2166 (void)clear_nochange_fflags(a); 2167 if (rmdir(a->name) != 0) { 2168 archive_set_error(&a->archive, errno, 2169 "Can't replace existing directory with non-directory"); 2170 return (ARCHIVE_FAILED); 2171 } 2172 /* Try again. */ 2173 en = create_filesystem_object(a); 2174 } else { 2175 /* 2176 * There's a dir in the way of a dir. Don't 2177 * waste time with rmdir()/mkdir(), just fix 2178 * up the permissions on the existing dir. 2179 * Note that we don't change perms on existing 2180 * dirs unless _EXTRACT_PERM is specified. 2181 */ 2182 if ((a->mode != a->st.st_mode) 2183 && (a->todo & TODO_MODE_FORCE)) 2184 a->deferred |= (a->todo & TODO_MODE); 2185 /* Ownership doesn't need deferred fixup. */ 2186 en = 0; /* Forget the EEXIST. */ 2187 } 2188 } 2189 2190 if (en) { 2191 /* Everything failed; give up here. */ 2192 if ((&a->archive)->error == NULL) 2193 archive_set_error(&a->archive, en, "Can't create '%s'", 2194 a->name); 2195 return (ARCHIVE_FAILED); 2196 } 2197 2198 a->pst = NULL; /* Cached stat data no longer valid. */ 2199 return (ret); 2200} 2201 2202/* 2203 * Returns 0 if creation succeeds, or else returns errno value from 2204 * the failed system call. Note: This function should only ever perform 2205 * a single system call. 2206 */ 2207static int 2208create_filesystem_object(struct archive_write_disk *a) 2209{ 2210 /* Create the entry. */ 2211 const char *linkname; 2212 mode_t final_mode, mode; 2213 int r; 2214 /* these for check_symlinks_fsobj */ 2215 char *linkname_copy; /* non-const copy of linkname */ 2216 struct stat st; 2217 struct archive_string error_string; 2218 int error_number; 2219 2220 /* We identify hard/symlinks according to the link names. */ 2221 /* Since link(2) and symlink(2) don't handle modes, we're done here. */ 2222 linkname = archive_entry_hardlink(a->entry); 2223 if (linkname != NULL) { 2224#if !HAVE_LINK 2225 return (EPERM); 2226#else 2227 archive_string_init(&error_string); 2228 linkname_copy = strdup(linkname); 2229 if (linkname_copy == NULL) { 2230 return (EPERM); 2231 } 2232 /* 2233 * TODO: consider using the cleaned-up path as the link 2234 * target? 2235 */ 2236 r = cleanup_pathname_fsobj(linkname_copy, &error_number, 2237 &error_string, a->flags); 2238 if (r != ARCHIVE_OK) { 2239 archive_set_error(&a->archive, error_number, "%s", 2240 error_string.s); 2241 free(linkname_copy); 2242 archive_string_free(&error_string); 2243 /* 2244 * EPERM is more appropriate than error_number for our 2245 * callers 2246 */ 2247 return (EPERM); 2248 } 2249 r = check_symlinks_fsobj(linkname_copy, &error_number, 2250 &error_string, a->flags); 2251 if (r != ARCHIVE_OK) { 2252 archive_set_error(&a->archive, error_number, "%s", 2253 error_string.s); 2254 free(linkname_copy); 2255 archive_string_free(&error_string); 2256 /* 2257 * EPERM is more appropriate than error_number for our 2258 * callers 2259 */ 2260 return (EPERM); 2261 } 2262 free(linkname_copy); 2263 archive_string_free(&error_string); 2264 /* 2265 * Unlinking and linking here is really not atomic, 2266 * but doing it right, would require us to construct 2267 * an mktemplink() function, and then use rename(2). 2268 */ 2269 if (a->flags & ARCHIVE_EXTRACT_SAFE_WRITES) 2270 unlink(a->name); 2271 r = link(linkname, a->name) ? errno : 0; 2272 /* 2273 * New cpio and pax formats allow hardlink entries 2274 * to carry data, so we may have to open the file 2275 * for hardlink entries. 2276 * 2277 * If the hardlink was successfully created and 2278 * the archive doesn't have carry data for it, 2279 * consider it to be non-authoritative for meta data. 2280 * This is consistent with GNU tar and BSD pax. 2281 * If the hardlink does carry data, let the last 2282 * archive entry decide ownership. 2283 */ 2284 if (r == 0 && a->filesize <= 0) { 2285 a->todo = 0; 2286 a->deferred = 0; 2287 } else if (r == 0 && a->filesize > 0) { 2288#ifdef HAVE_LSTAT 2289 r = lstat(a->name, &st); 2290#else 2291 r = la_stat(a->name, &st); 2292#endif 2293 if (r != 0) 2294 r = errno; 2295 else if ((st.st_mode & AE_IFMT) == AE_IFREG) { 2296 a->fd = open(a->name, O_WRONLY | O_TRUNC | 2297 O_BINARY | O_CLOEXEC | O_NOFOLLOW); 2298 __archive_ensure_cloexec_flag(a->fd); 2299 if (a->fd < 0) 2300 r = errno; 2301 } 2302 } 2303 return (r); 2304#endif 2305 } 2306 linkname = archive_entry_symlink(a->entry); 2307 if (linkname != NULL) { 2308#if HAVE_SYMLINK 2309 /* 2310 * Unlinking and linking here is really not atomic, 2311 * but doing it right, would require us to construct 2312 * an mktempsymlink() function, and then use rename(2). 2313 */ 2314 if (a->flags & ARCHIVE_EXTRACT_SAFE_WRITES) 2315 unlink(a->name); 2316 return symlink(linkname, a->name) ? errno : 0; 2317#else 2318 return (EPERM); 2319#endif 2320 } 2321 2322 /* 2323 * The remaining system calls all set permissions, so let's 2324 * try to take advantage of that to avoid an extra chmod() 2325 * call. (Recall that umask is set to zero right now!) 2326 */ 2327 2328 /* Mode we want for the final restored object (w/o file type bits). */ 2329 final_mode = a->mode & 07777; 2330 /* 2331 * The mode that will actually be restored in this step. Note 2332 * that SUID, SGID, etc, require additional work to ensure 2333 * security, so we never restore them at this point. 2334 */ 2335 mode = final_mode & 0777 & ~a->user_umask; 2336 2337 switch (a->mode & AE_IFMT) { 2338 default: 2339 /* POSIX requires that we fall through here. */ 2340 /* FALLTHROUGH */ 2341 case AE_IFREG: 2342 a->tmpname = NULL; 2343 a->fd = open(a->name, 2344 O_WRONLY | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, mode); 2345 __archive_ensure_cloexec_flag(a->fd); 2346 r = (a->fd < 0); 2347 break; 2348 case AE_IFCHR: 2349#ifdef HAVE_MKNOD 2350 /* Note: we use AE_IFCHR for the case label, and 2351 * S_IFCHR for the mknod() call. This is correct. */ 2352 r = mknod(a->name, mode | S_IFCHR, 2353 archive_entry_rdev(a->entry)); 2354 break; 2355#else 2356 /* TODO: Find a better way to warn about our inability 2357 * to restore a char device node. */ 2358 return (EINVAL); 2359#endif /* HAVE_MKNOD */ 2360 case AE_IFBLK: 2361#ifdef HAVE_MKNOD 2362 r = mknod(a->name, mode | S_IFBLK, 2363 archive_entry_rdev(a->entry)); 2364 break; 2365#else 2366 /* TODO: Find a better way to warn about our inability 2367 * to restore a block device node. */ 2368 return (EINVAL); 2369#endif /* HAVE_MKNOD */ 2370 case AE_IFDIR: 2371 mode = (mode | MINIMUM_DIR_MODE) & MAXIMUM_DIR_MODE; 2372 r = mkdir(a->name, mode); 2373 if (r == 0) { 2374 /* Defer setting dir times. */ 2375 a->deferred |= (a->todo & TODO_TIMES); 2376 a->todo &= ~TODO_TIMES; 2377 /* Never use an immediate chmod(). */ 2378 /* We can't avoid the chmod() entirely if EXTRACT_PERM 2379 * because of SysV SGID inheritance. */ 2380 if ((mode != final_mode) 2381 || (a->flags & ARCHIVE_EXTRACT_PERM)) 2382 a->deferred |= (a->todo & TODO_MODE); 2383 a->todo &= ~TODO_MODE; 2384 } 2385 break; 2386 case AE_IFIFO: 2387#ifdef HAVE_MKFIFO 2388 r = mkfifo(a->name, mode); 2389 break; 2390#else 2391 /* TODO: Find a better way to warn about our inability 2392 * to restore a fifo. */ 2393 return (EINVAL); 2394#endif /* HAVE_MKFIFO */ 2395 } 2396 2397 /* All the system calls above set errno on failure. */ 2398 if (r) 2399 return (errno); 2400 2401 /* If we managed to set the final mode, we've avoided a chmod(). */ 2402 if (mode == final_mode) 2403 a->todo &= ~TODO_MODE; 2404 return (0); 2405} 2406 2407/* 2408 * Cleanup function for archive_extract. Mostly, this involves processing 2409 * the fixup list, which is used to address a number of problems: 2410 * * Dir permissions might prevent us from restoring a file in that 2411 * dir, so we restore the dir with minimum 0700 permissions first, 2412 * then correct the mode at the end. 2413 * * Similarly, the act of restoring a file touches the directory 2414 * and changes the timestamp on the dir, so we have to touch-up dir 2415 * timestamps at the end as well. 2416 * * Some file flags can interfere with the restore by, for example, 2417 * preventing the creation of hardlinks to those files. 2418 * * Mac OS extended metadata includes ACLs, so must be deferred on dirs. 2419 * 2420 * Note that tar/cpio do not require that archives be in a particular 2421 * order; there is no way to know when the last file has been restored 2422 * within a directory, so there's no way to optimize the memory usage 2423 * here by fixing up the directory any earlier than the 2424 * end-of-archive. 2425 * 2426 * XXX TODO: Directory ACLs should be restored here, for the same 2427 * reason we set directory perms here. XXX 2428 */ 2429static int 2430_archive_write_disk_close(struct archive *_a) 2431{ 2432 struct archive_write_disk *a = (struct archive_write_disk *)_a; 2433 struct fixup_entry *next, *p; 2434 int fd, ret; 2435 2436 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC, 2437 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA, 2438 "archive_write_disk_close"); 2439 ret = _archive_write_disk_finish_entry(&a->archive); 2440 2441 /* Sort dir list so directories are fixed up in depth-first order. */ 2442 p = sort_dir_list(a->fixup_list); 2443 2444 while (p != NULL) { 2445 fd = -1; 2446 a->pst = NULL; /* Mark stat cache as out-of-date. */ 2447 if (p->fixup & 2448 (TODO_TIMES | TODO_MODE_BASE | TODO_ACLS | TODO_FFLAGS)) { 2449 fd = open(p->name, 2450 O_WRONLY | O_BINARY | O_NOFOLLOW | O_CLOEXEC); 2451 } 2452 if (p->fixup & TODO_TIMES) { 2453 set_times(a, fd, p->mode, p->name, 2454 p->atime, p->atime_nanos, 2455 p->birthtime, p->birthtime_nanos, 2456 p->mtime, p->mtime_nanos, 2457 p->ctime, p->ctime_nanos); 2458 } 2459 if (p->fixup & TODO_MODE_BASE) { 2460#ifdef HAVE_FCHMOD 2461 if (fd >= 0) 2462 fchmod(fd, p->mode); 2463 else 2464#endif 2465 chmod(p->name, p->mode); 2466 } 2467 if (p->fixup & TODO_ACLS) 2468 archive_write_disk_set_acls(&a->archive, fd, 2469 p->name, &p->acl, p->mode); 2470 if (p->fixup & TODO_FFLAGS) 2471 set_fflags_platform(a, fd, p->name, 2472 p->mode, p->fflags_set, 0); 2473 if (p->fixup & TODO_MAC_METADATA) 2474 set_mac_metadata(a, p->name, p->mac_metadata, 2475 p->mac_metadata_size); 2476 next = p->next; 2477 archive_acl_clear(&p->acl); 2478 free(p->mac_metadata); 2479 free(p->name); 2480 if (fd >= 0) 2481 close(fd); 2482 free(p); 2483 p = next; 2484 } 2485 a->fixup_list = NULL; 2486 return (ret); 2487} 2488 2489static int 2490_archive_write_disk_free(struct archive *_a) 2491{ 2492 struct archive_write_disk *a; 2493 int ret; 2494 if (_a == NULL) 2495 return (ARCHIVE_OK); 2496 archive_check_magic(_a, ARCHIVE_WRITE_DISK_MAGIC, 2497 ARCHIVE_STATE_ANY | ARCHIVE_STATE_FATAL, "archive_write_disk_free"); 2498 a = (struct archive_write_disk *)_a; 2499 ret = _archive_write_disk_close(&a->archive); 2500 archive_write_disk_set_group_lookup(&a->archive, NULL, NULL, NULL); 2501 archive_write_disk_set_user_lookup(&a->archive, NULL, NULL, NULL); 2502 archive_entry_free(a->entry); 2503 archive_string_free(&a->_name_data); 2504 archive_string_free(&a->_tmpname_data); 2505 archive_string_free(&a->archive.error_string); 2506 archive_string_free(&a->path_safe); 2507 a->archive.magic = 0; 2508 __archive_clean(&a->archive); 2509 free(a->decmpfs_header_p); 2510 free(a->resource_fork); 2511 free(a->compressed_buffer); 2512 free(a->uncompressed_buffer); 2513#if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\ 2514 && defined(HAVE_ZLIB_H) 2515 if (a->stream_valid) { 2516 switch (deflateEnd(&a->stream)) { 2517 case Z_OK: 2518 break; 2519 default: 2520 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 2521 "Failed to clean up compressor"); 2522 ret = ARCHIVE_FATAL; 2523 break; 2524 } 2525 } 2526#endif 2527 free(a); 2528 return (ret); 2529} 2530 2531/* 2532 * Simple O(n log n) merge sort to order the fixup list. In 2533 * particular, we want to restore dir timestamps depth-first. 2534 */ 2535static struct fixup_entry * 2536sort_dir_list(struct fixup_entry *p) 2537{ 2538 struct fixup_entry *a, *b, *t; 2539 2540 if (p == NULL) 2541 return (NULL); 2542 /* A one-item list is already sorted. */ 2543 if (p->next == NULL) 2544 return (p); 2545 2546 /* Step 1: split the list. */ 2547 t = p; 2548 a = p->next->next; 2549 while (a != NULL) { 2550 /* Step a twice, t once. */ 2551 a = a->next; 2552 if (a != NULL) 2553 a = a->next; 2554 t = t->next; 2555 } 2556 /* Now, t is at the mid-point, so break the list here. */ 2557 b = t->next; 2558 t->next = NULL; 2559 a = p; 2560 2561 /* Step 2: Recursively sort the two sub-lists. */ 2562 a = sort_dir_list(a); 2563 b = sort_dir_list(b); 2564 2565 /* Step 3: Merge the returned lists. */ 2566 /* Pick the first element for the merged list. */ 2567 if (strcmp(a->name, b->name) > 0) { 2568 t = p = a; 2569 a = a->next; 2570 } else { 2571 t = p = b; 2572 b = b->next; 2573 } 2574 2575 /* Always put the later element on the list first. */ 2576 while (a != NULL && b != NULL) { 2577 if (strcmp(a->name, b->name) > 0) { 2578 t->next = a; 2579 a = a->next; 2580 } else { 2581 t->next = b; 2582 b = b->next; 2583 } 2584 t = t->next; 2585 } 2586 2587 /* Only one list is non-empty, so just splice it on. */ 2588 if (a != NULL) 2589 t->next = a; 2590 if (b != NULL) 2591 t->next = b; 2592 2593 return (p); 2594} 2595 2596/* 2597 * Returns a new, initialized fixup entry. 2598 * 2599 * TODO: Reduce the memory requirements for this list by using a tree 2600 * structure rather than a simple list of names. 2601 */ 2602static struct fixup_entry * 2603new_fixup(struct archive_write_disk *a, const char *pathname) 2604{ 2605 struct fixup_entry *fe; 2606 2607 fe = (struct fixup_entry *)calloc(1, sizeof(struct fixup_entry)); 2608 if (fe == NULL) { 2609 archive_set_error(&a->archive, ENOMEM, 2610 "Can't allocate memory for a fixup"); 2611 return (NULL); 2612 } 2613 fe->next = a->fixup_list; 2614 a->fixup_list = fe; 2615 fe->fixup = 0; 2616 fe->name = strdup(pathname); 2617 return (fe); 2618} 2619 2620/* 2621 * Returns a fixup structure for the current entry. 2622 */ 2623static struct fixup_entry * 2624current_fixup(struct archive_write_disk *a, const char *pathname) 2625{ 2626 if (a->current_fixup == NULL) 2627 a->current_fixup = new_fixup(a, pathname); 2628 return (a->current_fixup); 2629} 2630 2631/* Error helper for new *_fsobj functions */ 2632static void 2633fsobj_error(int *a_eno, struct archive_string *a_estr, 2634 int err, const char *errstr, const char *path) 2635{ 2636 if (a_eno) 2637 *a_eno = err; 2638 if (a_estr) 2639 archive_string_sprintf(a_estr, "%s%s", errstr, path); 2640} 2641 2642/* 2643 * TODO: Someday, integrate this with the deep dir support; they both 2644 * scan the path and both can be optimized by comparing against other 2645 * recent paths. 2646 */ 2647/* 2648 * Checks the given path to see if any elements along it are symlinks. Returns 2649 * ARCHIVE_OK if there are none, otherwise puts an error in errmsg. 2650 */ 2651static int 2652check_symlinks_fsobj(char *path, int *a_eno, struct archive_string *a_estr, 2653 int flags) 2654{ 2655#if !defined(HAVE_LSTAT) && \ 2656 !(defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT)) 2657 /* Platform doesn't have lstat, so we can't look for symlinks. */ 2658 (void)path; /* UNUSED */ 2659 (void)error_number; /* UNUSED */ 2660 (void)error_string; /* UNUSED */ 2661 (void)flags; /* UNUSED */ 2662 return (ARCHIVE_OK); 2663#else 2664 int res = ARCHIVE_OK; 2665 char *tail; 2666 char *head; 2667 int last; 2668 char c; 2669 int r; 2670 struct stat st; 2671 int chdir_fd; 2672#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2673 int fd; 2674#endif 2675 2676 /* Nothing to do here if name is empty */ 2677 if(path[0] == '\0') 2678 return (ARCHIVE_OK); 2679 2680 /* 2681 * Guard against symlink tricks. Reject any archive entry whose 2682 * destination would be altered by a symlink. 2683 * 2684 * Walk the filename in chunks separated by '/'. For each segment: 2685 * - if it doesn't exist, continue 2686 * - if it's symlink, abort or remove it 2687 * - if it's a directory and it's not the last chunk, cd into it 2688 * As we go: 2689 * head points to the current (relative) path 2690 * tail points to the temporary \0 terminating the segment we're 2691 * currently examining 2692 * c holds what used to be in *tail 2693 * last is 1 if this is the last tail 2694 */ 2695 chdir_fd = la_opendirat(AT_FDCWD, "."); 2696 __archive_ensure_cloexec_flag(chdir_fd); 2697 if (chdir_fd < 0) { 2698 fsobj_error(a_eno, a_estr, errno, 2699 "Could not open ", path); 2700 return (ARCHIVE_FATAL); 2701 } 2702 head = path; 2703 tail = path; 2704 last = 0; 2705 /* TODO: reintroduce a safe cache here? */ 2706 /* Skip the root directory if the path is absolute. */ 2707 if(tail == path && tail[0] == '/') 2708 ++tail; 2709 /* Keep going until we've checked the entire name. 2710 * head, tail, path all alias the same string, which is 2711 * temporarily zeroed at tail, so be careful restoring the 2712 * stashed (c=tail[0]) for error messages. 2713 * Exiting the loop with break is okay; continue is not. 2714 */ 2715 while (!last) { 2716 /* 2717 * Skip the separator we just consumed, plus any adjacent ones 2718 */ 2719 while (*tail == '/') 2720 ++tail; 2721 /* Skip the next path element. */ 2722 while (*tail != '\0' && *tail != '/') 2723 ++tail; 2724 /* is this the last path component? */ 2725 last = (tail[0] == '\0') || (tail[0] == '/' && tail[1] == '\0'); 2726 /* temporarily truncate the string here */ 2727 c = tail[0]; 2728 tail[0] = '\0'; 2729 /* Check that we haven't hit a symlink. */ 2730#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2731 r = fstatat(chdir_fd, head, &st, AT_SYMLINK_NOFOLLOW); 2732#else 2733 r = lstat(head, &st); 2734#endif 2735 if (r != 0) { 2736 tail[0] = c; 2737 /* We've hit a dir that doesn't exist; stop now. */ 2738 if (errno == ENOENT) { 2739 break; 2740 } else { 2741 /* 2742 * Treat any other error as fatal - best to be 2743 * paranoid here. 2744 * Note: This effectively disables deep 2745 * directory support when security checks are 2746 * enabled. Otherwise, very long pathnames that 2747 * trigger an error here could evade the 2748 * sandbox. 2749 * TODO: We could do better, but it would 2750 * probably require merging the symlink checks 2751 * with the deep-directory editing. 2752 */ 2753 fsobj_error(a_eno, a_estr, errno, 2754 "Could not stat ", path); 2755 res = ARCHIVE_FAILED; 2756 break; 2757 } 2758 } else if (S_ISDIR(st.st_mode)) { 2759 if (!last) { 2760#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2761 fd = la_opendirat(chdir_fd, head); 2762 if (fd < 0) 2763 r = -1; 2764 else { 2765 r = 0; 2766 close(chdir_fd); 2767 chdir_fd = fd; 2768 } 2769#else 2770 r = chdir(head); 2771#endif 2772 if (r != 0) { 2773 tail[0] = c; 2774 fsobj_error(a_eno, a_estr, errno, 2775 "Could not chdir ", path); 2776 res = (ARCHIVE_FATAL); 2777 break; 2778 } 2779 /* Our view is now from inside this dir: */ 2780 head = tail + 1; 2781 } 2782 } else if (S_ISLNK(st.st_mode)) { 2783 if (last) { 2784 /* 2785 * Last element is symlink; remove it 2786 * so we can overwrite it with the 2787 * item being extracted. 2788 */ 2789#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2790 r = unlinkat(chdir_fd, head, 0); 2791#else 2792 r = unlink(head); 2793#endif 2794 if (r != 0) { 2795 tail[0] = c; 2796 fsobj_error(a_eno, a_estr, errno, 2797 "Could not remove symlink ", 2798 path); 2799 res = ARCHIVE_FAILED; 2800 break; 2801 } 2802 /* 2803 * Even if we did remove it, a warning 2804 * is in order. The warning is silly, 2805 * though, if we're just replacing one 2806 * symlink with another symlink. 2807 */ 2808 tail[0] = c; 2809 /* 2810 * FIXME: not sure how important this is to 2811 * restore 2812 */ 2813 /* 2814 if (!S_ISLNK(path)) { 2815 fsobj_error(a_eno, a_estr, 0, 2816 "Removing symlink ", path); 2817 } 2818 */ 2819 /* Symlink gone. No more problem! */ 2820 res = ARCHIVE_OK; 2821 break; 2822 } else if (flags & ARCHIVE_EXTRACT_UNLINK) { 2823 /* User asked us to remove problems. */ 2824#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2825 r = unlinkat(chdir_fd, head, 0); 2826#else 2827 r = unlink(head); 2828#endif 2829 if (r != 0) { 2830 tail[0] = c; 2831 fsobj_error(a_eno, a_estr, 0, 2832 "Cannot remove intervening " 2833 "symlink ", path); 2834 res = ARCHIVE_FAILED; 2835 break; 2836 } 2837 tail[0] = c; 2838 } else if ((flags & 2839 ARCHIVE_EXTRACT_SECURE_SYMLINKS) == 0) { 2840 /* 2841 * We are not the last element and we want to 2842 * follow symlinks if they are a directory. 2843 * 2844 * This is needed to extract hardlinks over 2845 * symlinks. 2846 */ 2847#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2848 r = fstatat(chdir_fd, head, &st, 0); 2849#else 2850 r = la_stat(head, &st); 2851#endif 2852 if (r != 0) { 2853 tail[0] = c; 2854 if (errno == ENOENT) { 2855 break; 2856 } else { 2857 fsobj_error(a_eno, a_estr, 2858 errno, 2859 "Could not stat ", path); 2860 res = (ARCHIVE_FAILED); 2861 break; 2862 } 2863 } else if (S_ISDIR(st.st_mode)) { 2864#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2865 fd = la_opendirat(chdir_fd, head); 2866 if (fd < 0) 2867 r = -1; 2868 else { 2869 r = 0; 2870 close(chdir_fd); 2871 chdir_fd = fd; 2872 } 2873#else 2874 r = chdir(head); 2875#endif 2876 if (r != 0) { 2877 tail[0] = c; 2878 fsobj_error(a_eno, a_estr, 2879 errno, 2880 "Could not chdir ", path); 2881 res = (ARCHIVE_FATAL); 2882 break; 2883 } 2884 /* 2885 * Our view is now from inside 2886 * this dir: 2887 */ 2888 head = tail + 1; 2889 } else { 2890 tail[0] = c; 2891 fsobj_error(a_eno, a_estr, 0, 2892 "Cannot extract through " 2893 "symlink ", path); 2894 res = ARCHIVE_FAILED; 2895 break; 2896 } 2897 } else { 2898 tail[0] = c; 2899 fsobj_error(a_eno, a_estr, 0, 2900 "Cannot extract through symlink ", path); 2901 res = ARCHIVE_FAILED; 2902 break; 2903 } 2904 } 2905 /* be sure to always maintain this */ 2906 tail[0] = c; 2907 if (tail[0] != '\0') 2908 tail++; /* Advance to the next segment. */ 2909 } 2910 /* Catches loop exits via break */ 2911 tail[0] = c; 2912#if defined(HAVE_OPENAT) && defined(HAVE_FSTATAT) && defined(HAVE_UNLINKAT) 2913 /* If we operate with openat(), fstatat() and unlinkat() there was 2914 * no chdir(), so just close the fd */ 2915 if (chdir_fd >= 0) 2916 close(chdir_fd); 2917#elif HAVE_FCHDIR 2918 /* If we changed directory above, restore it here. */ 2919 if (chdir_fd >= 0) { 2920 r = fchdir(chdir_fd); 2921 if (r != 0) { 2922 fsobj_error(a_eno, a_estr, errno, 2923 "chdir() failure", ""); 2924 } 2925 close(chdir_fd); 2926 chdir_fd = -1; 2927 if (r != 0) { 2928 res = (ARCHIVE_FATAL); 2929 } 2930 } 2931#endif 2932 /* TODO: reintroduce a safe cache here? */ 2933 return res; 2934#endif 2935} 2936 2937/* 2938 * Check a->name for symlinks, returning ARCHIVE_OK if its clean, otherwise 2939 * calls archive_set_error and returns ARCHIVE_{FATAL,FAILED} 2940 */ 2941static int 2942check_symlinks(struct archive_write_disk *a) 2943{ 2944 struct archive_string error_string; 2945 int error_number; 2946 int rc; 2947 archive_string_init(&error_string); 2948 rc = check_symlinks_fsobj(a->name, &error_number, &error_string, 2949 a->flags); 2950 if (rc != ARCHIVE_OK) { 2951 archive_set_error(&a->archive, error_number, "%s", 2952 error_string.s); 2953 } 2954 archive_string_free(&error_string); 2955 a->pst = NULL; /* to be safe */ 2956 return rc; 2957} 2958 2959 2960#if defined(__CYGWIN__) 2961/* 2962 * 1. Convert a path separator from '\' to '/' . 2963 * We shouldn't check multibyte character directly because some 2964 * character-set have been using the '\' character for a part of 2965 * its multibyte character code. 2966 * 2. Replace unusable characters in Windows with underscore('_'). 2967 * See also : http://msdn.microsoft.com/en-us/library/aa365247.aspx 2968 */ 2969static void 2970cleanup_pathname_win(char *path) 2971{ 2972 wchar_t wc; 2973 char *p; 2974 size_t alen, l; 2975 int mb, complete, utf8; 2976 2977 alen = 0; 2978 mb = 0; 2979 complete = 1; 2980 utf8 = (strcmp(nl_langinfo(CODESET), "UTF-8") == 0)? 1: 0; 2981 for (p = path; *p != '\0'; p++) { 2982 ++alen; 2983 if (*p == '\\') { 2984 /* If previous byte is smaller than 128, 2985 * this is not second byte of multibyte characters, 2986 * so we can replace '\' with '/'. */ 2987 if (utf8 || !mb) 2988 *p = '/'; 2989 else 2990 complete = 0;/* uncompleted. */ 2991 } else if (*(unsigned char *)p > 127) 2992 mb = 1; 2993 else 2994 mb = 0; 2995 /* Rewrite the path name if its next character is unusable. */ 2996 if (*p == ':' || *p == '*' || *p == '?' || *p == '"' || 2997 *p == '<' || *p == '>' || *p == '|') 2998 *p = '_'; 2999 } 3000 if (complete) 3001 return; 3002 3003 /* 3004 * Convert path separator in wide-character. 3005 */ 3006 p = path; 3007 while (*p != '\0' && alen) { 3008 l = mbtowc(&wc, p, alen); 3009 if (l == (size_t)-1) { 3010 while (*p != '\0') { 3011 if (*p == '\\') 3012 *p = '/'; 3013 ++p; 3014 } 3015 break; 3016 } 3017 if (l == 1 && wc == L'\\') 3018 *p = '/'; 3019 p += l; 3020 alen -= l; 3021 } 3022} 3023#endif 3024 3025/* 3026 * Canonicalize the pathname. In particular, this strips duplicate 3027 * '/' characters, '.' elements, and trailing '/'. It also raises an 3028 * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is 3029 * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS 3030 * is set) if the path is absolute. 3031 */ 3032static int 3033cleanup_pathname_fsobj(char *path, int *a_eno, struct archive_string *a_estr, 3034 int flags) 3035{ 3036 char *dest, *src; 3037 char separator = '\0'; 3038 3039 dest = src = path; 3040 if (*src == '\0') { 3041 fsobj_error(a_eno, a_estr, ARCHIVE_ERRNO_MISC, 3042 "Invalid empty ", "pathname"); 3043 return (ARCHIVE_FAILED); 3044 } 3045 3046#if defined(__CYGWIN__) 3047 cleanup_pathname_win(path); 3048#endif 3049 /* Skip leading '/'. */ 3050 if (*src == '/') { 3051 if (flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) { 3052 fsobj_error(a_eno, a_estr, ARCHIVE_ERRNO_MISC, 3053 "Path is ", "absolute"); 3054 return (ARCHIVE_FAILED); 3055 } 3056 3057 separator = *src++; 3058 } 3059 3060 /* Scan the pathname one element at a time. */ 3061 for (;;) { 3062 /* src points to first char after '/' */ 3063 if (src[0] == '\0') { 3064 break; 3065 } else if (src[0] == '/') { 3066 /* Found '//', ignore second one. */ 3067 src++; 3068 continue; 3069 } else if (src[0] == '.') { 3070 if (src[1] == '\0') { 3071 /* Ignore trailing '.' */ 3072 break; 3073 } else if (src[1] == '/') { 3074 /* Skip './'. */ 3075 src += 2; 3076 continue; 3077 } else if (src[1] == '.') { 3078 if (src[2] == '/' || src[2] == '\0') { 3079 /* Conditionally warn about '..' */ 3080 if (flags 3081 & ARCHIVE_EXTRACT_SECURE_NODOTDOT) { 3082 fsobj_error(a_eno, a_estr, 3083 ARCHIVE_ERRNO_MISC, 3084 "Path contains ", "'..'"); 3085 return (ARCHIVE_FAILED); 3086 } 3087 } 3088 /* 3089 * Note: Under no circumstances do we 3090 * remove '..' elements. In 3091 * particular, restoring 3092 * '/foo/../bar/' should create the 3093 * 'foo' dir as a side-effect. 3094 */ 3095 } 3096 } 3097 3098 /* Copy current element, including leading '/'. */ 3099 if (separator) 3100 *dest++ = '/'; 3101 while (*src != '\0' && *src != '/') { 3102 *dest++ = *src++; 3103 } 3104 3105 if (*src == '\0') 3106 break; 3107 3108 /* Skip '/' separator. */ 3109 separator = *src++; 3110 } 3111 /* 3112 * We've just copied zero or more path elements, not including the 3113 * final '/'. 3114 */ 3115 if (dest == path) { 3116 /* 3117 * Nothing got copied. The path must have been something 3118 * like '.' or '/' or './' or '/././././/./'. 3119 */ 3120 if (separator) 3121 *dest++ = '/'; 3122 else 3123 *dest++ = '.'; 3124 } 3125 /* Terminate the result. */ 3126 *dest = '\0'; 3127 return (ARCHIVE_OK); 3128} 3129 3130static int 3131cleanup_pathname(struct archive_write_disk *a) 3132{ 3133 struct archive_string error_string; 3134 int error_number; 3135 int rc; 3136 archive_string_init(&error_string); 3137 rc = cleanup_pathname_fsobj(a->name, &error_number, &error_string, 3138 a->flags); 3139 if (rc != ARCHIVE_OK) { 3140 archive_set_error(&a->archive, error_number, "%s", 3141 error_string.s); 3142 } 3143 archive_string_free(&error_string); 3144 return rc; 3145} 3146 3147/* 3148 * Create the parent directory of the specified path, assuming path 3149 * is already in mutable storage. 3150 */ 3151static int 3152create_parent_dir(struct archive_write_disk *a, char *path) 3153{ 3154 char *slash; 3155 int r; 3156 3157 /* Remove tail element to obtain parent name. */ 3158 slash = strrchr(path, '/'); 3159 if (slash == NULL) 3160 return (ARCHIVE_OK); 3161 *slash = '\0'; 3162 r = create_dir(a, path); 3163 *slash = '/'; 3164 return (r); 3165} 3166 3167/* 3168 * Create the specified dir, recursing to create parents as necessary. 3169 * 3170 * Returns ARCHIVE_OK if the path exists when we're done here. 3171 * Otherwise, returns ARCHIVE_FAILED. 3172 * Assumes path is in mutable storage; path is unchanged on exit. 3173 */ 3174static int 3175create_dir(struct archive_write_disk *a, char *path) 3176{ 3177 struct stat st; 3178 struct fixup_entry *le; 3179 char *slash, *base; 3180 mode_t mode_final, mode; 3181 int r; 3182 3183 /* Check for special names and just skip them. */ 3184 slash = strrchr(path, '/'); 3185 if (slash == NULL) 3186 base = path; 3187 else 3188 base = slash + 1; 3189 3190 if (base[0] == '\0' || 3191 (base[0] == '.' && base[1] == '\0') || 3192 (base[0] == '.' && base[1] == '.' && base[2] == '\0')) { 3193 /* Don't bother trying to create null path, '.', or '..'. */ 3194 if (slash != NULL) { 3195 *slash = '\0'; 3196 r = create_dir(a, path); 3197 *slash = '/'; 3198 return (r); 3199 } 3200 return (ARCHIVE_OK); 3201 } 3202 3203 /* 3204 * Yes, this should be stat() and not lstat(). Using lstat() 3205 * here loses the ability to extract through symlinks. Also note 3206 * that this should not use the a->st cache. 3207 */ 3208 if (la_stat(path, &st) == 0) { 3209 if (S_ISDIR(st.st_mode)) 3210 return (ARCHIVE_OK); 3211 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) { 3212 archive_set_error(&a->archive, EEXIST, 3213 "Can't create directory '%s'", path); 3214 return (ARCHIVE_FAILED); 3215 } 3216 if (unlink(path) != 0) { 3217 archive_set_error(&a->archive, errno, 3218 "Can't create directory '%s': " 3219 "Conflicting file cannot be removed", 3220 path); 3221 return (ARCHIVE_FAILED); 3222 } 3223 } else if (errno != ENOENT && errno != ENOTDIR) { 3224 /* Stat failed? */ 3225 archive_set_error(&a->archive, errno, 3226 "Can't test directory '%s'", path); 3227 return (ARCHIVE_FAILED); 3228 } else if (slash != NULL) { 3229 *slash = '\0'; 3230 r = create_dir(a, path); 3231 *slash = '/'; 3232 if (r != ARCHIVE_OK) 3233 return (r); 3234 } 3235 3236 /* 3237 * Mode we want for the final restored directory. Per POSIX, 3238 * implicitly-created dirs must be created obeying the umask. 3239 * There's no mention whether this is different for privileged 3240 * restores (which the rest of this code handles by pretending 3241 * umask=0). I've chosen here to always obey the user's umask for 3242 * implicit dirs, even if _EXTRACT_PERM was specified. 3243 */ 3244 mode_final = DEFAULT_DIR_MODE & ~a->user_umask; 3245 /* Mode we want on disk during the restore process. */ 3246 mode = mode_final; 3247 mode |= MINIMUM_DIR_MODE; 3248 mode &= MAXIMUM_DIR_MODE; 3249 if (mkdir(path, mode) == 0) { 3250 if (mode != mode_final) { 3251 le = new_fixup(a, path); 3252 if (le == NULL) 3253 return (ARCHIVE_FATAL); 3254 le->fixup |=TODO_MODE_BASE; 3255 le->mode = mode_final; 3256 } 3257 return (ARCHIVE_OK); 3258 } 3259 3260 /* 3261 * Without the following check, a/b/../b/c/d fails at the 3262 * second visit to 'b', so 'd' can't be created. Note that we 3263 * don't add it to the fixup list here, as it's already been 3264 * added. 3265 */ 3266 if (la_stat(path, &st) == 0 && S_ISDIR(st.st_mode)) 3267 return (ARCHIVE_OK); 3268 3269 archive_set_error(&a->archive, errno, "Failed to create dir '%s'", 3270 path); 3271 return (ARCHIVE_FAILED); 3272} 3273 3274/* 3275 * Note: Although we can skip setting the user id if the desired user 3276 * id matches the current user, we cannot skip setting the group, as 3277 * many systems set the gid based on the containing directory. So 3278 * we have to perform a chown syscall if we want to set the SGID 3279 * bit. (The alternative is to stat() and then possibly chown(); it's 3280 * more efficient to skip the stat() and just always chown().) Note 3281 * that a successful chown() here clears the TODO_SGID_CHECK bit, which 3282 * allows set_mode to skip the stat() check for the GID. 3283 */ 3284static int 3285set_ownership(struct archive_write_disk *a) 3286{ 3287#if !defined(__CYGWIN__) && !defined(__linux__) 3288/* 3289 * On Linux, a process may have the CAP_CHOWN capability. 3290 * On Windows there is no 'root' user with uid 0. 3291 * Elsewhere we can skip calling chown if we are not root and the desired 3292 * user id does not match the current user. 3293 */ 3294 if (a->user_uid != 0 && a->user_uid != a->uid) { 3295 archive_set_error(&a->archive, errno, 3296 "Can't set UID=%jd", (intmax_t)a->uid); 3297 return (ARCHIVE_WARN); 3298 } 3299#endif 3300 3301#ifdef HAVE_FCHOWN 3302 /* If we have an fd, we can avoid a race. */ 3303 if (a->fd >= 0 && fchown(a->fd, a->uid, a->gid) == 0) { 3304 /* We've set owner and know uid/gid are correct. */ 3305 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 3306 return (ARCHIVE_OK); 3307 } 3308#endif 3309 3310 /* We prefer lchown() but will use chown() if that's all we have. */ 3311 /* Of course, if we have neither, this will always fail. */ 3312#ifdef HAVE_LCHOWN 3313 if (lchown(a->name, a->uid, a->gid) == 0) { 3314 /* We've set owner and know uid/gid are correct. */ 3315 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 3316 return (ARCHIVE_OK); 3317 } 3318#elif HAVE_CHOWN 3319 if (!S_ISLNK(a->mode) && chown(a->name, a->uid, a->gid) == 0) { 3320 /* We've set owner and know uid/gid are correct. */ 3321 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK); 3322 return (ARCHIVE_OK); 3323 } 3324#endif 3325 3326 archive_set_error(&a->archive, errno, 3327 "Can't set user=%jd/group=%jd for %s", 3328 (intmax_t)a->uid, (intmax_t)a->gid, a->name); 3329 return (ARCHIVE_WARN); 3330} 3331 3332/* 3333 * Note: Returns 0 on success, non-zero on failure. 3334 */ 3335static int 3336set_time(int fd, int mode, const char *name, 3337 time_t atime, long atime_nsec, 3338 time_t mtime, long mtime_nsec) 3339{ 3340 /* Select the best implementation for this platform. */ 3341#if defined(HAVE_UTIMENSAT) && defined(HAVE_FUTIMENS) 3342 /* 3343 * utimensat() and futimens() are defined in 3344 * POSIX.1-2008. They support ns resolution and setting times 3345 * on fds and symlinks. 3346 */ 3347 struct timespec ts[2]; 3348 (void)mode; /* UNUSED */ 3349 ts[0].tv_sec = atime; 3350 ts[0].tv_nsec = atime_nsec; 3351 ts[1].tv_sec = mtime; 3352 ts[1].tv_nsec = mtime_nsec; 3353 if (fd >= 0) 3354 return futimens(fd, ts); 3355 return utimensat(AT_FDCWD, name, ts, AT_SYMLINK_NOFOLLOW); 3356 3357#elif HAVE_UTIMES 3358 /* 3359 * The utimes()-family functions support ��s-resolution and 3360 * setting times fds and symlinks. utimes() is documented as 3361 * LEGACY by POSIX, futimes() and lutimes() are not described 3362 * in POSIX. 3363 */ 3364 struct timeval times[2]; 3365 3366 times[0].tv_sec = atime; 3367 times[0].tv_usec = atime_nsec / 1000; 3368 times[1].tv_sec = mtime; 3369 times[1].tv_usec = mtime_nsec / 1000; 3370 3371#ifdef HAVE_FUTIMES 3372 if (fd >= 0) 3373 return (futimes(fd, times)); 3374#else 3375 (void)fd; /* UNUSED */ 3376#endif 3377#ifdef HAVE_LUTIMES 3378 (void)mode; /* UNUSED */ 3379 return (lutimes(name, times)); 3380#else 3381 if (S_ISLNK(mode)) 3382 return (0); 3383 return (utimes(name, times)); 3384#endif 3385 3386#elif defined(HAVE_UTIME) 3387 /* 3388 * utime() is POSIX-standard but only supports 1s resolution and 3389 * does not support fds or symlinks. 3390 */ 3391 struct utimbuf times; 3392 (void)fd; /* UNUSED */ 3393 (void)name; /* UNUSED */ 3394 (void)atime_nsec; /* UNUSED */ 3395 (void)mtime_nsec; /* UNUSED */ 3396 times.actime = atime; 3397 times.modtime = mtime; 3398 if (S_ISLNK(mode)) 3399 return (ARCHIVE_OK); 3400 return (utime(name, ×)); 3401 3402#else 3403 /* 3404 * We don't know how to set the time on this platform. 3405 */ 3406 (void)fd; /* UNUSED */ 3407 (void)mode; /* UNUSED */ 3408 (void)name; /* UNUSED */ 3409 (void)atime_nsec; /* UNUSED */ 3410 (void)mtime_nsec; /* UNUSED */ 3411 return (ARCHIVE_WARN); 3412#endif 3413} 3414 3415#ifdef F_SETTIMES 3416static int 3417set_time_tru64(int fd, int mode, const char *name, 3418 time_t atime, long atime_nsec, 3419 time_t mtime, long mtime_nsec, 3420 time_t ctime, long ctime_nsec) 3421{ 3422 struct attr_timbuf tstamp; 3423 tstamp.atime.tv_sec = atime; 3424 tstamp.mtime.tv_sec = mtime; 3425 tstamp.ctime.tv_sec = ctime; 3426#if defined (__hpux) && defined (__ia64) 3427 tstamp.atime.tv_nsec = atime_nsec; 3428 tstamp.mtime.tv_nsec = mtime_nsec; 3429 tstamp.ctime.tv_nsec = ctime_nsec; 3430#else 3431 tstamp.atime.tv_usec = atime_nsec / 1000; 3432 tstamp.mtime.tv_usec = mtime_nsec / 1000; 3433 tstamp.ctime.tv_usec = ctime_nsec / 1000; 3434#endif 3435 return (fcntl(fd,F_SETTIMES,&tstamp)); 3436} 3437#endif /* F_SETTIMES */ 3438 3439static int 3440set_times(struct archive_write_disk *a, 3441 int fd, int mode, const char *name, 3442 time_t atime, long atime_nanos, 3443 time_t birthtime, long birthtime_nanos, 3444 time_t mtime, long mtime_nanos, 3445 time_t cctime, long ctime_nanos) 3446{ 3447 /* Note: set_time doesn't use libarchive return conventions! 3448 * It uses syscall conventions. So 0 here instead of ARCHIVE_OK. */ 3449 int r1 = 0, r2 = 0; 3450 3451#ifdef F_SETTIMES 3452 /* 3453 * on Tru64 try own fcntl first which can restore even the 3454 * ctime, fall back to default code path below if it fails 3455 * or if we are not running as root 3456 */ 3457 if (a->user_uid == 0 && 3458 set_time_tru64(fd, mode, name, 3459 atime, atime_nanos, mtime, 3460 mtime_nanos, cctime, ctime_nanos) == 0) { 3461 return (ARCHIVE_OK); 3462 } 3463#else /* Tru64 */ 3464 (void)cctime; /* UNUSED */ 3465 (void)ctime_nanos; /* UNUSED */ 3466#endif /* Tru64 */ 3467 3468#ifdef HAVE_STRUCT_STAT_ST_BIRTHTIME 3469 /* 3470 * If you have struct stat.st_birthtime, we assume BSD 3471 * birthtime semantics, in which {f,l,}utimes() updates 3472 * birthtime to earliest mtime. So we set the time twice, 3473 * first using the birthtime, then using the mtime. If 3474 * birthtime == mtime, this isn't necessary, so we skip it. 3475 * If birthtime > mtime, then this won't work, so we skip it. 3476 */ 3477 if (birthtime < mtime 3478 || (birthtime == mtime && birthtime_nanos < mtime_nanos)) 3479 r1 = set_time(fd, mode, name, 3480 atime, atime_nanos, 3481 birthtime, birthtime_nanos); 3482#else 3483 (void)birthtime; /* UNUSED */ 3484 (void)birthtime_nanos; /* UNUSED */ 3485#endif 3486 r2 = set_time(fd, mode, name, 3487 atime, atime_nanos, 3488 mtime, mtime_nanos); 3489 if (r1 != 0 || r2 != 0) { 3490 archive_set_error(&a->archive, errno, 3491 "Can't restore time"); 3492 return (ARCHIVE_WARN); 3493 } 3494 return (ARCHIVE_OK); 3495} 3496 3497static int 3498set_times_from_entry(struct archive_write_disk *a) 3499{ 3500 time_t atime, birthtime, mtime, cctime; 3501 long atime_nsec, birthtime_nsec, mtime_nsec, ctime_nsec; 3502 3503 /* Suitable defaults. */ 3504 atime = birthtime = mtime = cctime = a->start_time; 3505 atime_nsec = birthtime_nsec = mtime_nsec = ctime_nsec = 0; 3506 3507 /* If no time was provided, we're done. */ 3508 if (!archive_entry_atime_is_set(a->entry) 3509#if HAVE_STRUCT_STAT_ST_BIRTHTIME 3510 && !archive_entry_birthtime_is_set(a->entry) 3511#endif 3512 && !archive_entry_mtime_is_set(a->entry)) 3513 return (ARCHIVE_OK); 3514 3515 if (archive_entry_atime_is_set(a->entry)) { 3516 atime = archive_entry_atime(a->entry); 3517 atime_nsec = archive_entry_atime_nsec(a->entry); 3518 } 3519 if (archive_entry_birthtime_is_set(a->entry)) { 3520 birthtime = archive_entry_birthtime(a->entry); 3521 birthtime_nsec = archive_entry_birthtime_nsec(a->entry); 3522 } 3523 if (archive_entry_mtime_is_set(a->entry)) { 3524 mtime = archive_entry_mtime(a->entry); 3525 mtime_nsec = archive_entry_mtime_nsec(a->entry); 3526 } 3527 if (archive_entry_ctime_is_set(a->entry)) { 3528 cctime = archive_entry_ctime(a->entry); 3529 ctime_nsec = archive_entry_ctime_nsec(a->entry); 3530 } 3531 3532 return set_times(a, a->fd, a->mode, a->name, 3533 atime, atime_nsec, 3534 birthtime, birthtime_nsec, 3535 mtime, mtime_nsec, 3536 cctime, ctime_nsec); 3537} 3538 3539static int 3540set_mode(struct archive_write_disk *a, int mode) 3541{ 3542 int r = ARCHIVE_OK; 3543 int r2; 3544 mode &= 07777; /* Strip off file type bits. */ 3545 3546 if (a->todo & TODO_SGID_CHECK) { 3547 /* 3548 * If we don't know the GID is right, we must stat() 3549 * to verify it. We can't just check the GID of this 3550 * process, since systems sometimes set GID from 3551 * the enclosing dir or based on ACLs. 3552 */ 3553 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3554 return (r); 3555 if (a->pst->st_gid != a->gid) { 3556 mode &= ~ S_ISGID; 3557 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3558 /* 3559 * This is only an error if you 3560 * requested owner restore. If you 3561 * didn't, we'll try to restore 3562 * sgid/suid, but won't consider it a 3563 * problem if we can't. 3564 */ 3565 archive_set_error(&a->archive, -1, 3566 "Can't restore SGID bit"); 3567 r = ARCHIVE_WARN; 3568 } 3569 } 3570 /* While we're here, double-check the UID. */ 3571 if (a->pst->st_uid != a->uid 3572 && (a->todo & TODO_SUID)) { 3573 mode &= ~ S_ISUID; 3574 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3575 archive_set_error(&a->archive, -1, 3576 "Can't restore SUID bit"); 3577 r = ARCHIVE_WARN; 3578 } 3579 } 3580 a->todo &= ~TODO_SGID_CHECK; 3581 a->todo &= ~TODO_SUID_CHECK; 3582 } else if (a->todo & TODO_SUID_CHECK) { 3583 /* 3584 * If we don't know the UID is right, we can just check 3585 * the user, since all systems set the file UID from 3586 * the process UID. 3587 */ 3588 if (a->user_uid != a->uid) { 3589 mode &= ~ S_ISUID; 3590 if (a->flags & ARCHIVE_EXTRACT_OWNER) { 3591 archive_set_error(&a->archive, -1, 3592 "Can't make file SUID"); 3593 r = ARCHIVE_WARN; 3594 } 3595 } 3596 a->todo &= ~TODO_SUID_CHECK; 3597 } 3598 3599 if (S_ISLNK(a->mode)) { 3600#ifdef HAVE_LCHMOD 3601 /* 3602 * If this is a symlink, use lchmod(). If the 3603 * platform doesn't support lchmod(), just skip it. A 3604 * platform that doesn't provide a way to set 3605 * permissions on symlinks probably ignores 3606 * permissions on symlinks, so a failure here has no 3607 * impact. 3608 */ 3609 if (lchmod(a->name, mode) != 0) { 3610 switch (errno) { 3611 case ENOTSUP: 3612 case ENOSYS: 3613#if ENOTSUP != EOPNOTSUPP 3614 case EOPNOTSUPP: 3615#endif 3616 /* 3617 * if lchmod is defined but the platform 3618 * doesn't support it, silently ignore 3619 * error 3620 */ 3621 break; 3622 default: 3623 archive_set_error(&a->archive, errno, 3624 "Can't set permissions to 0%o", (int)mode); 3625 r = ARCHIVE_WARN; 3626 } 3627 } 3628#endif 3629 } else if (!S_ISDIR(a->mode)) { 3630 /* 3631 * If it's not a symlink and not a dir, then use 3632 * fchmod() or chmod(), depending on whether we have 3633 * an fd. Dirs get their perms set during the 3634 * post-extract fixup, which is handled elsewhere. 3635 */ 3636#ifdef HAVE_FCHMOD 3637 if (a->fd >= 0) 3638 r2 = fchmod(a->fd, mode); 3639 else 3640#endif 3641 /* If this platform lacks fchmod(), then 3642 * we'll just use chmod(). */ 3643 r2 = chmod(a->name, mode); 3644 3645 if (r2 != 0) { 3646 archive_set_error(&a->archive, errno, 3647 "Can't set permissions to 0%o", (int)mode); 3648 r = ARCHIVE_WARN; 3649 } 3650 } 3651 return (r); 3652} 3653 3654static int 3655set_fflags(struct archive_write_disk *a) 3656{ 3657 struct fixup_entry *le; 3658 unsigned long set, clear; 3659 int r; 3660 mode_t mode = archive_entry_mode(a->entry); 3661 /* 3662 * Make 'critical_flags' hold all file flags that can't be 3663 * immediately restored. For example, on BSD systems, 3664 * SF_IMMUTABLE prevents hardlinks from being created, so 3665 * should not be set until after any hardlinks are created. To 3666 * preserve some semblance of portability, this uses #ifdef 3667 * extensively. Ugly, but it works. 3668 * 3669 * Yes, Virginia, this does create a security race. It's mitigated 3670 * somewhat by the practice of creating dirs 0700 until the extract 3671 * is done, but it would be nice if we could do more than that. 3672 * People restoring critical file systems should be wary of 3673 * other programs that might try to muck with files as they're 3674 * being restored. 3675 */ 3676 const int critical_flags = 0 3677#ifdef SF_IMMUTABLE 3678 | SF_IMMUTABLE 3679#endif 3680#ifdef UF_IMMUTABLE 3681 | UF_IMMUTABLE 3682#endif 3683#ifdef SF_APPEND 3684 | SF_APPEND 3685#endif 3686#ifdef UF_APPEND 3687 | UF_APPEND 3688#endif 3689#if defined(FS_APPEND_FL) 3690 | FS_APPEND_FL 3691#elif defined(EXT2_APPEND_FL) 3692 | EXT2_APPEND_FL 3693#endif 3694#if defined(FS_IMMUTABLE_FL) 3695 | FS_IMMUTABLE_FL 3696#elif defined(EXT2_IMMUTABLE_FL) 3697 | EXT2_IMMUTABLE_FL 3698#endif 3699#ifdef FS_JOURNAL_DATA_FL 3700 | FS_JOURNAL_DATA_FL 3701#endif 3702 ; 3703 3704 if (a->todo & TODO_FFLAGS) { 3705 archive_entry_fflags(a->entry, &set, &clear); 3706 3707 /* 3708 * The first test encourages the compiler to eliminate 3709 * all of this if it's not necessary. 3710 */ 3711 if ((critical_flags != 0) && (set & critical_flags)) { 3712 le = current_fixup(a, a->name); 3713 if (le == NULL) 3714 return (ARCHIVE_FATAL); 3715 le->fixup |= TODO_FFLAGS; 3716 le->fflags_set = set; 3717 /* Store the mode if it's not already there. */ 3718 if ((le->fixup & TODO_MODE) == 0) 3719 le->mode = mode; 3720 } else { 3721 r = set_fflags_platform(a, a->fd, 3722 a->name, mode, set, clear); 3723 if (r != ARCHIVE_OK) 3724 return (r); 3725 } 3726 } 3727 return (ARCHIVE_OK); 3728} 3729 3730static int 3731clear_nochange_fflags(struct archive_write_disk *a) 3732{ 3733 mode_t mode = archive_entry_mode(a->entry); 3734 const int nochange_flags = 0 3735#ifdef SF_IMMUTABLE 3736 | SF_IMMUTABLE 3737#endif 3738#ifdef UF_IMMUTABLE 3739 | UF_IMMUTABLE 3740#endif 3741#ifdef SF_APPEND 3742 | SF_APPEND 3743#endif 3744#ifdef UF_APPEND 3745 | UF_APPEND 3746#endif 3747#ifdef EXT2_APPEND_FL 3748 | EXT2_APPEND_FL 3749#endif 3750#ifdef EXT2_IMMUTABLE_FL 3751 | EXT2_IMMUTABLE_FL 3752#endif 3753 ; 3754 3755 return (set_fflags_platform(a, a->fd, a->name, mode, 0, 3756 nochange_flags)); 3757} 3758 3759 3760#if ( defined(HAVE_LCHFLAGS) || defined(HAVE_CHFLAGS) || defined(HAVE_FCHFLAGS) ) && defined(HAVE_STRUCT_STAT_ST_FLAGS) 3761/* 3762 * BSD reads flags using stat() and sets them with one of {f,l,}chflags() 3763 */ 3764static int 3765set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3766 mode_t mode, unsigned long set, unsigned long clear) 3767{ 3768 int r; 3769 const int sf_mask = 0 3770#ifdef SF_APPEND 3771 | SF_APPEND 3772#endif 3773#ifdef SF_ARCHIVED 3774 | SF_ARCHIVED 3775#endif 3776#ifdef SF_IMMUTABLE 3777 | SF_IMMUTABLE 3778#endif 3779#ifdef SF_NOUNLINK 3780 | SF_NOUNLINK 3781#endif 3782 ; 3783 (void)mode; /* UNUSED */ 3784 3785 if (set == 0 && clear == 0) 3786 return (ARCHIVE_OK); 3787 3788 /* 3789 * XXX Is the stat here really necessary? Or can I just use 3790 * the 'set' flags directly? In particular, I'm not sure 3791 * about the correct approach if we're overwriting an existing 3792 * file that already has flags on it. XXX 3793 */ 3794 if ((r = lazy_stat(a)) != ARCHIVE_OK) 3795 return (r); 3796 3797 a->st.st_flags &= ~clear; 3798 a->st.st_flags |= set; 3799 3800 /* Only super-user may change SF_* flags */ 3801 3802 if (a->user_uid != 0) 3803 a->st.st_flags &= ~sf_mask; 3804 3805#ifdef HAVE_FCHFLAGS 3806 /* If platform has fchflags() and we were given an fd, use it. */ 3807 if (fd >= 0 && fchflags(fd, a->st.st_flags) == 0) 3808 return (ARCHIVE_OK); 3809#endif 3810 /* 3811 * If we can't use the fd to set the flags, we'll use the 3812 * pathname to set flags. We prefer lchflags() but will use 3813 * chflags() if we must. 3814 */ 3815#ifdef HAVE_LCHFLAGS 3816 if (lchflags(name, a->st.st_flags) == 0) 3817 return (ARCHIVE_OK); 3818#elif defined(HAVE_CHFLAGS) 3819 if (S_ISLNK(a->st.st_mode)) { 3820 archive_set_error(&a->archive, errno, 3821 "Can't set file flags on symlink."); 3822 return (ARCHIVE_WARN); 3823 } 3824 if (chflags(name, a->st.st_flags) == 0) 3825 return (ARCHIVE_OK); 3826#endif 3827 archive_set_error(&a->archive, errno, 3828 "Failed to set file flags"); 3829 return (ARCHIVE_WARN); 3830} 3831 3832#elif (defined(FS_IOC_GETFLAGS) && defined(FS_IOC_SETFLAGS) && \ 3833 defined(HAVE_WORKING_FS_IOC_GETFLAGS)) || \ 3834 (defined(EXT2_IOC_GETFLAGS) && defined(EXT2_IOC_SETFLAGS) && \ 3835 defined(HAVE_WORKING_EXT2_IOC_GETFLAGS)) 3836/* 3837 * Linux uses ioctl() to read and write file flags. 3838 */ 3839static int 3840set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3841 mode_t mode, unsigned long set, unsigned long clear) 3842{ 3843 int ret; 3844 int myfd = fd; 3845 int newflags, oldflags; 3846 /* 3847 * Linux has no define for the flags that are only settable by 3848 * the root user. This code may seem a little complex, but 3849 * there seem to be some Linux systems that lack these 3850 * defines. (?) The code below degrades reasonably gracefully 3851 * if sf_mask is incomplete. 3852 */ 3853 const int sf_mask = 0 3854#if defined(FS_IMMUTABLE_FL) 3855 | FS_IMMUTABLE_FL 3856#elif defined(EXT2_IMMUTABLE_FL) 3857 | EXT2_IMMUTABLE_FL 3858#endif 3859#if defined(FS_APPEND_FL) 3860 | FS_APPEND_FL 3861#elif defined(EXT2_APPEND_FL) 3862 | EXT2_APPEND_FL 3863#endif 3864#if defined(FS_JOURNAL_DATA_FL) 3865 | FS_JOURNAL_DATA_FL 3866#endif 3867 ; 3868 3869 if (set == 0 && clear == 0) 3870 return (ARCHIVE_OK); 3871 /* Only regular files and dirs can have flags. */ 3872 if (!S_ISREG(mode) && !S_ISDIR(mode)) 3873 return (ARCHIVE_OK); 3874 3875 /* If we weren't given an fd, open it ourselves. */ 3876 if (myfd < 0) { 3877 myfd = open(name, O_RDONLY | O_NONBLOCK | O_BINARY | O_CLOEXEC); 3878 __archive_ensure_cloexec_flag(myfd); 3879 } 3880 if (myfd < 0) 3881 return (ARCHIVE_OK); 3882 3883 /* 3884 * XXX As above, this would be way simpler if we didn't have 3885 * to read the current flags from disk. XXX 3886 */ 3887 ret = ARCHIVE_OK; 3888 3889 /* Read the current file flags. */ 3890 if (ioctl(myfd, 3891#ifdef FS_IOC_GETFLAGS 3892 FS_IOC_GETFLAGS, 3893#else 3894 EXT2_IOC_GETFLAGS, 3895#endif 3896 &oldflags) < 0) 3897 goto fail; 3898 3899 /* Try setting the flags as given. */ 3900 newflags = (oldflags & ~clear) | set; 3901 if (ioctl(myfd, 3902#ifdef FS_IOC_SETFLAGS 3903 FS_IOC_SETFLAGS, 3904#else 3905 EXT2_IOC_SETFLAGS, 3906#endif 3907 &newflags) >= 0) 3908 goto cleanup; 3909 if (errno != EPERM) 3910 goto fail; 3911 3912 /* If we couldn't set all the flags, try again with a subset. */ 3913 newflags &= ~sf_mask; 3914 oldflags &= sf_mask; 3915 newflags |= oldflags; 3916 if (ioctl(myfd, 3917#ifdef FS_IOC_SETFLAGS 3918 FS_IOC_SETFLAGS, 3919#else 3920 EXT2_IOC_SETFLAGS, 3921#endif 3922 &newflags) >= 0) 3923 goto cleanup; 3924 3925 /* We couldn't set the flags, so report the failure. */ 3926fail: 3927 archive_set_error(&a->archive, errno, 3928 "Failed to set file flags"); 3929 ret = ARCHIVE_WARN; 3930cleanup: 3931 if (fd < 0) 3932 close(myfd); 3933 return (ret); 3934} 3935 3936#else 3937 3938/* 3939 * Of course, some systems have neither BSD chflags() nor Linux' flags 3940 * support through ioctl(). 3941 */ 3942static int 3943set_fflags_platform(struct archive_write_disk *a, int fd, const char *name, 3944 mode_t mode, unsigned long set, unsigned long clear) 3945{ 3946 (void)a; /* UNUSED */ 3947 (void)fd; /* UNUSED */ 3948 (void)name; /* UNUSED */ 3949 (void)mode; /* UNUSED */ 3950 (void)set; /* UNUSED */ 3951 (void)clear; /* UNUSED */ 3952 return (ARCHIVE_OK); 3953} 3954 3955#endif /* __linux */ 3956 3957#ifndef HAVE_COPYFILE_H 3958/* Default is to simply drop Mac extended metadata. */ 3959static int 3960set_mac_metadata(struct archive_write_disk *a, const char *pathname, 3961 const void *metadata, size_t metadata_size) 3962{ 3963 (void)a; /* UNUSED */ 3964 (void)pathname; /* UNUSED */ 3965 (void)metadata; /* UNUSED */ 3966 (void)metadata_size; /* UNUSED */ 3967 return (ARCHIVE_OK); 3968} 3969 3970static int 3971fixup_appledouble(struct archive_write_disk *a, const char *pathname) 3972{ 3973 (void)a; /* UNUSED */ 3974 (void)pathname; /* UNUSED */ 3975 return (ARCHIVE_OK); 3976} 3977#else 3978 3979/* 3980 * On Mac OS, we use copyfile() to unpack the metadata and 3981 * apply it to the target file. 3982 */ 3983 3984#if defined(HAVE_SYS_XATTR_H) 3985static int 3986copy_xattrs(struct archive_write_disk *a, int tmpfd, int dffd) 3987{ 3988 ssize_t xattr_size; 3989 char *xattr_names = NULL, *xattr_val = NULL; 3990 int ret = ARCHIVE_OK, xattr_i; 3991 3992 xattr_size = flistxattr(tmpfd, NULL, 0, 0); 3993 if (xattr_size == -1) { 3994 archive_set_error(&a->archive, errno, 3995 "Failed to read metadata(xattr)"); 3996 ret = ARCHIVE_WARN; 3997 goto exit_xattr; 3998 } 3999 xattr_names = malloc(xattr_size); 4000 if (xattr_names == NULL) { 4001 archive_set_error(&a->archive, ENOMEM, 4002 "Can't allocate memory for metadata(xattr)"); 4003 ret = ARCHIVE_FATAL; 4004 goto exit_xattr; 4005 } 4006 xattr_size = flistxattr(tmpfd, xattr_names, xattr_size, 0); 4007 if (xattr_size == -1) { 4008 archive_set_error(&a->archive, errno, 4009 "Failed to read metadata(xattr)"); 4010 ret = ARCHIVE_WARN; 4011 goto exit_xattr; 4012 } 4013 for (xattr_i = 0; xattr_i < xattr_size; 4014 xattr_i += strlen(xattr_names + xattr_i) + 1) { 4015 char *xattr_val_saved; 4016 ssize_t s; 4017 int f; 4018 4019 s = fgetxattr(tmpfd, xattr_names + xattr_i, NULL, 0, 0, 0); 4020 if (s == -1) { 4021 archive_set_error(&a->archive, errno, 4022 "Failed to get metadata(xattr)"); 4023 ret = ARCHIVE_WARN; 4024 goto exit_xattr; 4025 } 4026 xattr_val_saved = xattr_val; 4027 xattr_val = realloc(xattr_val, s); 4028 if (xattr_val == NULL) { 4029 archive_set_error(&a->archive, ENOMEM, 4030 "Failed to get metadata(xattr)"); 4031 ret = ARCHIVE_WARN; 4032 free(xattr_val_saved); 4033 goto exit_xattr; 4034 } 4035 s = fgetxattr(tmpfd, xattr_names + xattr_i, xattr_val, s, 0, 0); 4036 if (s == -1) { 4037 archive_set_error(&a->archive, errno, 4038 "Failed to get metadata(xattr)"); 4039 ret = ARCHIVE_WARN; 4040 goto exit_xattr; 4041 } 4042 f = fsetxattr(dffd, xattr_names + xattr_i, xattr_val, s, 0, 0); 4043 if (f == -1) { 4044 archive_set_error(&a->archive, errno, 4045 "Failed to get metadata(xattr)"); 4046 ret = ARCHIVE_WARN; 4047 goto exit_xattr; 4048 } 4049 } 4050exit_xattr: 4051 free(xattr_names); 4052 free(xattr_val); 4053 return (ret); 4054} 4055#endif 4056 4057static int 4058copy_acls(struct archive_write_disk *a, int tmpfd, int dffd) 4059{ 4060#ifndef HAVE_SYS_ACL_H 4061 return 0; 4062#else 4063 acl_t acl, dfacl = NULL; 4064 int acl_r, ret = ARCHIVE_OK; 4065 4066 acl = acl_get_fd(tmpfd); 4067 if (acl == NULL) { 4068 if (errno == ENOENT) 4069 /* There are not any ACLs. */ 4070 return (ret); 4071 archive_set_error(&a->archive, errno, 4072 "Failed to get metadata(acl)"); 4073 ret = ARCHIVE_WARN; 4074 goto exit_acl; 4075 } 4076 dfacl = acl_dup(acl); 4077 acl_r = acl_set_fd(dffd, dfacl); 4078 if (acl_r == -1) { 4079 archive_set_error(&a->archive, errno, 4080 "Failed to get metadata(acl)"); 4081 ret = ARCHIVE_WARN; 4082 goto exit_acl; 4083 } 4084exit_acl: 4085 if (acl) 4086 acl_free(acl); 4087 if (dfacl) 4088 acl_free(dfacl); 4089 return (ret); 4090#endif 4091} 4092 4093static int 4094create_tempdatafork(struct archive_write_disk *a, const char *pathname) 4095{ 4096 struct archive_string tmpdatafork; 4097 int tmpfd; 4098 4099 archive_string_init(&tmpdatafork); 4100 archive_strcpy(&tmpdatafork, "tar.md.XXXXXX"); 4101 tmpfd = mkstemp(tmpdatafork.s); 4102 if (tmpfd < 0) { 4103 archive_set_error(&a->archive, errno, 4104 "Failed to mkstemp"); 4105 archive_string_free(&tmpdatafork); 4106 return (-1); 4107 } 4108 if (copyfile(pathname, tmpdatafork.s, 0, 4109 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 4110 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 4111 archive_set_error(&a->archive, errno, 4112 "Failed to restore metadata"); 4113 close(tmpfd); 4114 tmpfd = -1; 4115 } 4116 unlink(tmpdatafork.s); 4117 archive_string_free(&tmpdatafork); 4118 return (tmpfd); 4119} 4120 4121static int 4122copy_metadata(struct archive_write_disk *a, const char *metadata, 4123 const char *datafork, int datafork_compressed) 4124{ 4125 int ret = ARCHIVE_OK; 4126 4127 if (datafork_compressed) { 4128 int dffd, tmpfd; 4129 4130 tmpfd = create_tempdatafork(a, metadata); 4131 if (tmpfd == -1) 4132 return (ARCHIVE_WARN); 4133 4134 /* 4135 * Do not open the data fork compressed by HFS+ compression 4136 * with at least a writing mode(O_RDWR or O_WRONLY). it 4137 * makes the data fork uncompressed. 4138 */ 4139 dffd = open(datafork, 0); 4140 if (dffd == -1) { 4141 archive_set_error(&a->archive, errno, 4142 "Failed to open the data fork for metadata"); 4143 close(tmpfd); 4144 return (ARCHIVE_WARN); 4145 } 4146 4147#if defined(HAVE_SYS_XATTR_H) 4148 ret = copy_xattrs(a, tmpfd, dffd); 4149 if (ret == ARCHIVE_OK) 4150#endif 4151 ret = copy_acls(a, tmpfd, dffd); 4152 close(tmpfd); 4153 close(dffd); 4154 } else { 4155 if (copyfile(metadata, datafork, 0, 4156 COPYFILE_UNPACK | COPYFILE_NOFOLLOW 4157 | COPYFILE_ACL | COPYFILE_XATTR) < 0) { 4158 archive_set_error(&a->archive, errno, 4159 "Failed to restore metadata"); 4160 ret = ARCHIVE_WARN; 4161 } 4162 } 4163 return (ret); 4164} 4165 4166static int 4167set_mac_metadata(struct archive_write_disk *a, const char *pathname, 4168 const void *metadata, size_t metadata_size) 4169{ 4170 struct archive_string tmp; 4171 ssize_t written; 4172 int fd; 4173 int ret = ARCHIVE_OK; 4174 4175 /* This would be simpler if copyfile() could just accept the 4176 * metadata as a block of memory; then we could sidestep this 4177 * silly dance of writing the data to disk just so that 4178 * copyfile() can read it back in again. */ 4179 archive_string_init(&tmp); 4180 archive_strcpy(&tmp, pathname); 4181 archive_strcat(&tmp, ".XXXXXX"); 4182 fd = mkstemp(tmp.s); 4183 4184 if (fd < 0) { 4185 archive_set_error(&a->archive, errno, 4186 "Failed to restore metadata"); 4187 archive_string_free(&tmp); 4188 return (ARCHIVE_WARN); 4189 } 4190 written = write(fd, metadata, metadata_size); 4191 close(fd); 4192 if ((size_t)written != metadata_size) { 4193 archive_set_error(&a->archive, errno, 4194 "Failed to restore metadata"); 4195 ret = ARCHIVE_WARN; 4196 } else { 4197 int compressed; 4198 4199#if defined(UF_COMPRESSED) 4200 if ((a->todo & TODO_HFS_COMPRESSION) != 0 && 4201 (ret = lazy_stat(a)) == ARCHIVE_OK) 4202 compressed = a->st.st_flags & UF_COMPRESSED; 4203 else 4204#endif 4205 compressed = 0; 4206 ret = copy_metadata(a, tmp.s, pathname, compressed); 4207 } 4208 unlink(tmp.s); 4209 archive_string_free(&tmp); 4210 return (ret); 4211} 4212 4213static int 4214fixup_appledouble(struct archive_write_disk *a, const char *pathname) 4215{ 4216 char buff[8]; 4217 struct stat st; 4218 const char *p; 4219 struct archive_string datafork; 4220 int fd = -1, ret = ARCHIVE_OK; 4221 4222 archive_string_init(&datafork); 4223 /* Check if the current file name is a type of the resource 4224 * fork file. */ 4225 p = strrchr(pathname, '/'); 4226 if (p == NULL) 4227 p = pathname; 4228 else 4229 p++; 4230 if (p[0] != '.' || p[1] != '_') 4231 goto skip_appledouble; 4232 4233 /* 4234 * Check if the data fork file exists. 4235 * 4236 * TODO: Check if this write disk object has handled it. 4237 */ 4238 archive_strncpy(&datafork, pathname, p - pathname); 4239 archive_strcat(&datafork, p + 2); 4240 if (lstat(datafork.s, &st) == -1 || 4241 (st.st_mode & AE_IFMT) != AE_IFREG) 4242 goto skip_appledouble; 4243 4244 /* 4245 * Check if the file is in the AppleDouble form. 4246 */ 4247 fd = open(pathname, O_RDONLY | O_BINARY | O_CLOEXEC); 4248 __archive_ensure_cloexec_flag(fd); 4249 if (fd == -1) { 4250 archive_set_error(&a->archive, errno, 4251 "Failed to open a restoring file"); 4252 ret = ARCHIVE_WARN; 4253 goto skip_appledouble; 4254 } 4255 if (read(fd, buff, 8) == -1) { 4256 archive_set_error(&a->archive, errno, 4257 "Failed to read a restoring file"); 4258 close(fd); 4259 ret = ARCHIVE_WARN; 4260 goto skip_appledouble; 4261 } 4262 close(fd); 4263 /* Check AppleDouble Magic Code. */ 4264 if (archive_be32dec(buff) != 0x00051607) 4265 goto skip_appledouble; 4266 /* Check AppleDouble Version. */ 4267 if (archive_be32dec(buff+4) != 0x00020000) 4268 goto skip_appledouble; 4269 4270 ret = copy_metadata(a, pathname, datafork.s, 4271#if defined(UF_COMPRESSED) 4272 st.st_flags & UF_COMPRESSED); 4273#else 4274 0); 4275#endif 4276 if (ret == ARCHIVE_OK) { 4277 unlink(pathname); 4278 ret = ARCHIVE_EOF; 4279 } 4280skip_appledouble: 4281 archive_string_free(&datafork); 4282 return (ret); 4283} 4284#endif 4285 4286#if ARCHIVE_XATTR_LINUX || ARCHIVE_XATTR_DARWIN || ARCHIVE_XATTR_AIX 4287/* 4288 * Restore extended attributes - Linux, Darwin and AIX implementations: 4289 * AIX' ea interface is syntaxwise identical to the Linux xattr interface. 4290 */ 4291static int 4292set_xattrs(struct archive_write_disk *a) 4293{ 4294 struct archive_entry *entry = a->entry; 4295 struct archive_string errlist; 4296 int ret = ARCHIVE_OK; 4297 int i = archive_entry_xattr_reset(entry); 4298 short fail = 0; 4299 4300 archive_string_init(&errlist); 4301 4302 while (i--) { 4303 const char *name; 4304 const void *value; 4305 size_t size; 4306 int e; 4307 4308 archive_entry_xattr_next(entry, &name, &value, &size); 4309 4310 if (name == NULL) 4311 continue; 4312#if ARCHIVE_XATTR_LINUX 4313 /* Linux: quietly skip POSIX.1e ACL extended attributes */ 4314 if (strncmp(name, "system.", 7) == 0 && 4315 (strcmp(name + 7, "posix_acl_access") == 0 || 4316 strcmp(name + 7, "posix_acl_default") == 0)) 4317 continue; 4318 if (strncmp(name, "trusted.SGI_", 12) == 0 && 4319 (strcmp(name + 12, "ACL_DEFAULT") == 0 || 4320 strcmp(name + 12, "ACL_FILE") == 0)) 4321 continue; 4322 4323 /* Linux: xfsroot namespace is obsolete and unsupported */ 4324 if (strncmp(name, "xfsroot.", 8) == 0) { 4325 fail = 1; 4326 archive_strcat(&errlist, name); 4327 archive_strappend_char(&errlist, ' '); 4328 continue; 4329 } 4330#endif 4331 4332 if (a->fd >= 0) { 4333#if ARCHIVE_XATTR_LINUX 4334 e = fsetxattr(a->fd, name, value, size, 0); 4335#elif ARCHIVE_XATTR_DARWIN 4336 e = fsetxattr(a->fd, name, value, size, 0, 0); 4337#elif ARCHIVE_XATTR_AIX 4338 e = fsetea(a->fd, name, value, size, 0); 4339#endif 4340 } else { 4341#if ARCHIVE_XATTR_LINUX 4342 e = lsetxattr(archive_entry_pathname(entry), 4343 name, value, size, 0); 4344#elif ARCHIVE_XATTR_DARWIN 4345 e = setxattr(archive_entry_pathname(entry), 4346 name, value, size, 0, XATTR_NOFOLLOW); 4347#elif ARCHIVE_XATTR_AIX 4348 e = lsetea(archive_entry_pathname(entry), 4349 name, value, size, 0); 4350#endif 4351 } 4352 if (e == -1) { 4353 ret = ARCHIVE_WARN; 4354 archive_strcat(&errlist, name); 4355 archive_strappend_char(&errlist, ' '); 4356 if (errno != ENOTSUP && errno != ENOSYS) 4357 fail = 1; 4358 } 4359 } 4360 4361 if (ret == ARCHIVE_WARN) { 4362 if (fail && errlist.length > 0) { 4363 errlist.length--; 4364 errlist.s[errlist.length] = '\0'; 4365 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4366 "Cannot restore extended attributes: %s", 4367 errlist.s); 4368 } else 4369 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4370 "Cannot restore extended " 4371 "attributes on this file system."); 4372 } 4373 4374 archive_string_free(&errlist); 4375 return (ret); 4376} 4377#elif ARCHIVE_XATTR_FREEBSD 4378/* 4379 * Restore extended attributes - FreeBSD implementation 4380 */ 4381static int 4382set_xattrs(struct archive_write_disk *a) 4383{ 4384 struct archive_entry *entry = a->entry; 4385 struct archive_string errlist; 4386 int ret = ARCHIVE_OK; 4387 int i = archive_entry_xattr_reset(entry); 4388 short fail = 0; 4389 4390 archive_string_init(&errlist); 4391 4392 while (i--) { 4393 const char *name; 4394 const void *value; 4395 size_t size; 4396 archive_entry_xattr_next(entry, &name, &value, &size); 4397 if (name != NULL) { 4398 ssize_t e; 4399 int namespace; 4400 4401 namespace = EXTATTR_NAMESPACE_USER; 4402 4403 if (strncmp(name, "user.", 5) == 0) { 4404 /* "user." attributes go to user namespace */ 4405 name += 5; 4406 namespace = EXTATTR_NAMESPACE_USER; 4407 } else if (strncmp(name, "system.", 7) == 0) { 4408 name += 7; 4409 namespace = EXTATTR_NAMESPACE_SYSTEM; 4410 if (!strcmp(name, "nfs4.acl") || 4411 !strcmp(name, "posix1e.acl_access") || 4412 !strcmp(name, "posix1e.acl_default")) 4413 continue; 4414 } else { 4415 /* Other namespaces are unsupported */ 4416 archive_strcat(&errlist, name); 4417 archive_strappend_char(&errlist, ' '); 4418 fail = 1; 4419 ret = ARCHIVE_WARN; 4420 continue; 4421 } 4422 4423 if (a->fd >= 0) { 4424 /* 4425 * On FreeBSD, extattr_set_fd does not 4426 * return the same as 4427 * extattr_set_file. It returns zero 4428 * on success, non-zero on failure. 4429 * 4430 * We can detect the failure by 4431 * manually setting errno prior to the 4432 * call and checking after. 4433 * 4434 * If errno remains zero, fake the 4435 * return value by setting e to size. 4436 * 4437 * This is a hack for now until I 4438 * (Shawn Webb) get FreeBSD to fix the 4439 * issue, if that's even possible. 4440 */ 4441 errno = 0; 4442 e = extattr_set_fd(a->fd, namespace, name, 4443 value, size); 4444 if (e == 0 && errno == 0) { 4445 e = size; 4446 } 4447 } else { 4448 e = extattr_set_link( 4449 archive_entry_pathname(entry), namespace, 4450 name, value, size); 4451 } 4452 if (e != (ssize_t)size) { 4453 archive_strcat(&errlist, name); 4454 archive_strappend_char(&errlist, ' '); 4455 ret = ARCHIVE_WARN; 4456 if (errno != ENOTSUP && errno != ENOSYS) 4457 fail = 1; 4458 } 4459 } 4460 } 4461 4462 if (ret == ARCHIVE_WARN) { 4463 if (fail && errlist.length > 0) { 4464 errlist.length--; 4465 errlist.s[errlist.length] = '\0'; 4466 4467 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4468 "Cannot restore extended attributes: %s", 4469 errlist.s); 4470 } else 4471 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC, 4472 "Cannot restore extended " 4473 "attributes on this file system."); 4474 } 4475 4476 archive_string_free(&errlist); 4477 return (ret); 4478} 4479#else 4480/* 4481 * Restore extended attributes - stub implementation for unsupported systems 4482 */ 4483static int 4484set_xattrs(struct archive_write_disk *a) 4485{ 4486 static int warning_done = 0; 4487 4488 /* If there aren't any extended attributes, then it's okay not 4489 * to extract them, otherwise, issue a single warning. */ 4490 if (archive_entry_xattr_count(a->entry) != 0 && !warning_done) { 4491 warning_done = 1; 4492 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, 4493 "Cannot restore extended attributes on this system"); 4494 return (ARCHIVE_WARN); 4495 } 4496 /* Warning was already emitted; suppress further warnings. */ 4497 return (ARCHIVE_OK); 4498} 4499#endif 4500 4501/* 4502 * Test if file on disk is older than entry. 4503 */ 4504static int 4505older(struct stat *st, struct archive_entry *entry) 4506{ 4507 /* First, test the seconds and return if we have a definite answer. */ 4508 /* Definitely older. */ 4509 if (to_int64_time(st->st_mtime) < to_int64_time(archive_entry_mtime(entry))) 4510 return (1); 4511 /* Definitely younger. */ 4512 if (to_int64_time(st->st_mtime) > to_int64_time(archive_entry_mtime(entry))) 4513 return (0); 4514 /* If this platform supports fractional seconds, try those. */ 4515#if HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC 4516 /* Definitely older. */ 4517 if (st->st_mtimespec.tv_nsec < archive_entry_mtime_nsec(entry)) 4518 return (1); 4519#elif HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC 4520 /* Definitely older. */ 4521 if (st->st_mtim.tv_nsec < archive_entry_mtime_nsec(entry)) 4522 return (1); 4523#elif HAVE_STRUCT_STAT_ST_MTIME_N 4524 /* older. */ 4525 if (st->st_mtime_n < archive_entry_mtime_nsec(entry)) 4526 return (1); 4527#elif HAVE_STRUCT_STAT_ST_UMTIME 4528 /* older. */ 4529 if (st->st_umtime * 1000 < archive_entry_mtime_nsec(entry)) 4530 return (1); 4531#elif HAVE_STRUCT_STAT_ST_MTIME_USEC 4532 /* older. */ 4533 if (st->st_mtime_usec * 1000 < archive_entry_mtime_nsec(entry)) 4534 return (1); 4535#else 4536 /* This system doesn't have high-res timestamps. */ 4537#endif 4538 /* Same age or newer, so not older. */ 4539 return (0); 4540} 4541 4542#ifndef ARCHIVE_ACL_SUPPORT 4543int 4544archive_write_disk_set_acls(struct archive *a, int fd, const char *name, 4545 struct archive_acl *abstract_acl, __LA_MODE_T mode) 4546{ 4547 (void)a; /* UNUSED */ 4548 (void)fd; /* UNUSED */ 4549 (void)name; /* UNUSED */ 4550 (void)abstract_acl; /* UNUSED */ 4551 (void)mode; /* UNUSED */ 4552 return (ARCHIVE_OK); 4553} 4554#endif 4555 4556#endif /* !_WIN32 || __CYGWIN__ */ 4557 4558