2 * Copyright (c) 2003-2007 Tim Kientzle
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 #include "archive_platform.h"
27 __FBSDID("$FreeBSD$");
40 #include "archive_entry.h"
41 #include "archive_private.h"
42 #include "archive_write_private.h"
45 uint64_t entry_bytes_remaining;
46 uint64_t entry_padding;
47 struct archive_string pax_header;
50 static void add_pax_attr(struct archive_string *, const char *key,
52 static void add_pax_attr_int(struct archive_string *,
53 const char *key, int64_t value);
54 static void add_pax_attr_time(struct archive_string *,
55 const char *key, int64_t sec,
57 static void add_pax_attr_w(struct archive_string *,
58 const char *key, const wchar_t *wvalue);
59 static ssize_t archive_write_pax_data(struct archive_write *,
60 const void *, size_t);
61 static int archive_write_pax_finish(struct archive_write *);
62 static int archive_write_pax_destroy(struct archive_write *);
63 static int archive_write_pax_finish_entry(struct archive_write *);
64 static int archive_write_pax_header(struct archive_write *,
65 struct archive_entry *);
66 static char *base64_encode(const char *src, size_t len);
67 static char *build_pax_attribute_name(char *dest, const char *src);
68 static char *build_ustar_entry_name(char *dest, const char *src,
69 size_t src_length, const char *insert);
70 static char *format_int(char *dest, int64_t);
71 static int has_non_ASCII(const wchar_t *);
72 static char *url_encode(const char *in);
73 static int write_nulls(struct archive_write *, size_t);
76 * Set output format to 'restricted pax' format.
78 * This is the same as normal 'pax', but tries to suppress
79 * the pax header whenever possible. This is the default for
80 * bsdtar, for instance.
83 archive_write_set_format_pax_restricted(struct archive *_a)
85 struct archive_write *a = (struct archive_write *)_a;
87 r = archive_write_set_format_pax(&a->archive);
88 a->archive.archive_format = ARCHIVE_FORMAT_TAR_PAX_RESTRICTED;
89 a->archive.archive_format_name = "restricted POSIX pax interchange";
94 * Set output format to 'pax' format.
97 archive_write_set_format_pax(struct archive *_a)
99 struct archive_write *a = (struct archive_write *)_a;
102 if (a->format_destroy != NULL)
103 (a->format_destroy)(a);
105 pax = (struct pax *)malloc(sizeof(*pax));
107 archive_set_error(&a->archive, ENOMEM, "Can't allocate pax data");
108 return (ARCHIVE_FATAL);
110 memset(pax, 0, sizeof(*pax));
111 a->format_data = pax;
113 a->pad_uncompressed = 1;
114 a->format_name = "pax";
115 a->format_write_header = archive_write_pax_header;
116 a->format_write_data = archive_write_pax_data;
117 a->format_finish = archive_write_pax_finish;
118 a->format_destroy = archive_write_pax_destroy;
119 a->format_finish_entry = archive_write_pax_finish_entry;
120 a->archive.archive_format = ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE;
121 a->archive.archive_format_name = "POSIX pax interchange";
126 * Note: This code assumes that 'nanos' has the same sign as 'sec',
127 * which implies that sec=-1, nanos=200000000 represents -1.2 seconds
128 * and not -0.8 seconds. This is a pretty pedantic point, as we're
129 * unlikely to encounter many real files created before Jan 1, 1970,
130 * much less ones with timestamps recorded to sub-second resolution.
133 add_pax_attr_time(struct archive_string *as, const char *key,
134 int64_t sec, unsigned long nanos)
139 * Note that each byte contributes fewer than 3 base-10
140 * digits, so this will always be big enough.
142 char tmp[1 + 3*sizeof(sec) + 1 + 3*sizeof(nanos)];
144 tmp[sizeof(tmp) - 1] = 0;
145 t = tmp + sizeof(tmp) - 1;
147 /* Skip trailing zeros in the fractional part. */
148 for (digit = 0, i = 10; i > 0 && digit == 0; i--) {
153 /* Only format the fraction if it's non-zero. */
156 *--t = "0123456789"[digit];
163 t = format_int(t, sec);
165 add_pax_attr(as, key, t);
169 format_int(char *t, int64_t i)
180 *--t = "0123456789"[i % 10];
188 add_pax_attr_int(struct archive_string *as, const char *key, int64_t value)
190 char tmp[1 + 3 * sizeof(value)];
192 tmp[sizeof(tmp) - 1] = 0;
193 add_pax_attr(as, key, format_int(tmp + sizeof(tmp) - 1, value));
197 utf8_encode(const wchar_t *wval)
202 char *utf8_value, *p;
205 for (wp = wval; *wp != L'\0'; ) {
208 if (wc >= 0xd800 && wc <= 0xdbff
209 && *wp >= 0xdc00 && *wp <= 0xdfff) {
210 /* This is a surrogate pair. Combine into a
211 * full Unicode value before encoding into
213 wc = (wc - 0xd800) << 10; /* High 10 bits */
214 wc += (*wp++ - 0xdc00); /* Low 10 bits */
215 wc += 0x10000; /* Skip BMP */
219 else if (wc <= 0x7ff)
221 else if (wc <= 0xffff)
223 else if (wc <= 0x1fffff)
225 else if (wc <= 0x3ffffff)
227 else if (wc <= 0x7fffffff)
229 /* Ignore larger values; UTF-8 can't encode them. */
232 utf8_value = (char *)malloc(utf8len + 1);
233 if (utf8_value == NULL) {
234 __archive_errx(1, "Not enough memory for attributes");
238 for (wp = wval, p = utf8_value; *wp != L'\0'; ) {
240 if (wc >= 0xd800 && wc <= 0xdbff
241 && *wp >= 0xdc00 && *wp <= 0xdfff) {
242 /* Combine surrogate pair. */
243 wc = (wc - 0xd800) << 10;
244 wc += *wp++ - 0xdc00 + 0x10000;
248 } else if (wc <= 0x7ff) {
249 p[0] = 0xc0 | ((wc >> 6) & 0x1f);
250 p[1] = 0x80 | (wc & 0x3f);
252 } else if (wc <= 0xffff) {
253 p[0] = 0xe0 | ((wc >> 12) & 0x0f);
254 p[1] = 0x80 | ((wc >> 6) & 0x3f);
255 p[2] = 0x80 | (wc & 0x3f);
257 } else if (wc <= 0x1fffff) {
258 p[0] = 0xf0 | ((wc >> 18) & 0x07);
259 p[1] = 0x80 | ((wc >> 12) & 0x3f);
260 p[2] = 0x80 | ((wc >> 6) & 0x3f);
261 p[3] = 0x80 | (wc & 0x3f);
263 } else if (wc <= 0x3ffffff) {
264 p[0] = 0xf8 | ((wc >> 24) & 0x03);
265 p[1] = 0x80 | ((wc >> 18) & 0x3f);
266 p[2] = 0x80 | ((wc >> 12) & 0x3f);
267 p[3] = 0x80 | ((wc >> 6) & 0x3f);
268 p[4] = 0x80 | (wc & 0x3f);
270 } else if (wc <= 0x7fffffff) {
271 p[0] = 0xfc | ((wc >> 30) & 0x01);
272 p[1] = 0x80 | ((wc >> 24) & 0x3f);
273 p[1] = 0x80 | ((wc >> 18) & 0x3f);
274 p[2] = 0x80 | ((wc >> 12) & 0x3f);
275 p[3] = 0x80 | ((wc >> 6) & 0x3f);
276 p[4] = 0x80 | (wc & 0x3f);
279 /* Ignore larger values; UTF-8 can't encode them. */
287 add_pax_attr_w(struct archive_string *as, const char *key, const wchar_t *wval)
289 char *utf8_value = utf8_encode(wval);
290 if (utf8_value == NULL)
292 add_pax_attr(as, key, utf8_value);
297 * Add a key/value attribute to the pax header. This function handles
298 * the length field and various other syntactic requirements.
301 add_pax_attr(struct archive_string *as, const char *key, const char *value)
303 int digits, i, len, next_ten;
304 char tmp[1 + 3 * sizeof(int)]; /* < 3 base-10 digits per byte */
307 * PAX attributes have the following layout:
308 * <len> <space> <key> <=> <value> <nl>
310 len = 1 + (int)strlen(key) + 1 + (int)strlen(value) + 1;
313 * The <len> field includes the length of the <len> field, so
314 * computing the correct length is tricky. I start by
315 * counting the number of base-10 digits in 'len' and
316 * computing the next higher power of 10.
324 next_ten = next_ten * 10;
327 * For example, if string without the length field is 99
328 * chars, then adding the 2 digit length "99" will force the
329 * total length past 100, requiring an extra digit. The next
330 * statement adjusts for this effect.
332 if (len + digits >= next_ten)
335 /* Now, we have the right length so we can build the line. */
336 tmp[sizeof(tmp) - 1] = 0; /* Null-terminate the work area. */
337 archive_strcat(as, format_int(tmp + sizeof(tmp) - 1, len + digits));
338 archive_strappend_char(as, ' ');
339 archive_strcat(as, key);
340 archive_strappend_char(as, '=');
341 archive_strcat(as, value);
342 archive_strappend_char(as, '\n');
346 archive_write_pax_header_xattrs(struct pax *pax, struct archive_entry *entry)
348 struct archive_string s;
349 int i = archive_entry_xattr_reset(entry);
355 char *url_encoded_name = NULL, *encoded_name = NULL;
356 wchar_t *wcs_name = NULL;
359 archive_entry_xattr_next(entry, &name, &value, &size);
360 /* Name is URL-encoded, then converted to wchar_t,
361 * then UTF-8 encoded. */
362 url_encoded_name = url_encode(name);
363 if (url_encoded_name != NULL) {
364 /* Convert narrow-character to wide-character. */
365 size_t wcs_length = strlen(url_encoded_name);
366 wcs_name = (wchar_t *)malloc((wcs_length + 1) * sizeof(wchar_t));
367 if (wcs_name == NULL)
368 __archive_errx(1, "No memory for xattr conversion");
369 mbstowcs(wcs_name, url_encoded_name, wcs_length);
370 wcs_name[wcs_length] = 0;
371 free(url_encoded_name); /* Done with this. */
373 if (wcs_name != NULL) {
374 encoded_name = utf8_encode(wcs_name);
375 free(wcs_name); /* Done with wchar_t name. */
378 encoded_value = base64_encode((const char *)value, size);
380 if (encoded_name != NULL && encoded_value != NULL) {
381 archive_string_init(&s);
382 archive_strcpy(&s, "LIBARCHIVE.xattr.");
383 archive_strcat(&s, encoded_name);
384 add_pax_attr(&(pax->pax_header), s.s, encoded_value);
385 archive_string_free(&s);
393 * TODO: Consider adding 'comment' and 'charset' fields to
394 * archive_entry so that clients can specify them. Also, consider
395 * adding generic key/value tags so clients can add arbitrary
399 archive_write_pax_header(struct archive_write *a,
400 struct archive_entry *entry_original)
402 struct archive_entry *entry_main;
407 int need_extension, r, ret;
409 const char *hdrcharset = NULL;
410 const char *hardlink;
411 const char *path = NULL, *linkpath = NULL;
412 const char *uname = NULL, *gname = NULL;
413 const wchar_t *path_w = NULL, *linkpath_w = NULL;
414 const wchar_t *uname_w = NULL, *gname_w = NULL;
418 char ustar_entry_name[256];
419 char pax_entry_name[256];
423 pax = (struct pax *)a->format_data;
425 hardlink = archive_entry_hardlink(entry_original);
427 /* Make sure this is a type of entry that we can handle here */
428 if (hardlink == NULL) {
429 switch (archive_entry_filetype(entry_original)) {
438 * Ensure a trailing '/'. Modify the original
439 * entry so the client sees the change.
441 p = archive_entry_pathname(entry_original);
442 if (p[strlen(p) - 1] != '/') {
443 t = (char *)malloc(strlen(p) + 2);
445 archive_set_error(&a->archive, ENOMEM,
446 "Can't allocate pax data");
447 return(ARCHIVE_FATAL);
451 archive_entry_copy_pathname(entry_original, t);
456 archive_set_error(&a->archive,
457 ARCHIVE_ERRNO_FILE_FORMAT,
458 "tar format cannot archive socket");
459 return (ARCHIVE_WARN);
461 archive_set_error(&a->archive,
462 ARCHIVE_ERRNO_FILE_FORMAT,
463 "tar format cannot archive this (type=0%lo)",
464 (unsigned long)archive_entry_filetype(entry_original));
465 return (ARCHIVE_WARN);
469 /* Copy entry so we can modify it as needed. */
470 entry_main = archive_entry_clone(entry_original);
471 archive_string_empty(&(pax->pax_header)); /* Blank our work area. */
474 * First, check the name fields and see if any of them
475 * require binary coding. If any of them does, then all of
479 path = archive_entry_pathname(entry_main);
480 path_w = archive_entry_pathname_w(entry_main);
481 if (path != NULL && path_w == NULL) {
482 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
483 "Can't translate pathname '%s' to UTF-8", path);
485 hdrcharset = "BINARY";
487 uname = archive_entry_uname(entry_main);
488 uname_w = archive_entry_uname_w(entry_main);
489 if (uname != NULL && uname_w == NULL) {
490 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
491 "Can't translate uname '%s' to UTF-8", uname);
493 hdrcharset = "BINARY";
495 gname = archive_entry_gname(entry_main);
496 gname_w = archive_entry_gname_w(entry_main);
497 if (gname != NULL && gname_w == NULL) {
498 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
499 "Can't translate gname '%s' to UTF-8", gname);
501 hdrcharset = "BINARY";
504 if (linkpath != NULL) {
505 linkpath_w = archive_entry_hardlink_w(entry_main);
507 linkpath = archive_entry_symlink(entry_main);
508 if (linkpath != NULL)
509 linkpath_w = archive_entry_symlink_w(entry_main);
511 if (linkpath != NULL && linkpath_w == NULL) {
512 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
513 "Can't translate linkpath '%s' to UTF-8", linkpath);
515 hdrcharset = "BINARY";
518 /* Store the header encoding first, to be nice to readers. */
519 if (hdrcharset != NULL)
520 add_pax_attr(&(pax->pax_header), "hdrcharset", hdrcharset);
524 * If name is too long, or has non-ASCII characters, add
525 * 'path' to pax extended attrs. (Note that an unconvertible
526 * name must have non-ASCII characters.)
529 /* We don't have a narrow version, so we have to store
530 * the wide version. */
531 add_pax_attr_w(&(pax->pax_header), "path", path_w);
532 archive_entry_set_pathname(entry_main, "@WidePath");
534 } else if (has_non_ASCII(path_w)) {
535 /* We have non-ASCII characters. */
536 if (path_w == NULL || hdrcharset != NULL) {
537 /* Can't do UTF-8, so store it raw. */
538 add_pax_attr(&(pax->pax_header), "path", path);
541 add_pax_attr_w(&(pax->pax_header),
544 archive_entry_set_pathname(entry_main,
545 build_ustar_entry_name(ustar_entry_name,
546 path, strlen(path), NULL));
549 /* We have an all-ASCII path; we'd like to just store
550 * it in the ustar header if it will fit. Yes, this
551 * duplicates some of the logic in
552 * write_set_format_ustar.c
554 if (strlen(path) <= 100) {
555 /* Fits in the old 100-char tar name field. */
557 /* Find largest suffix that will fit. */
558 /* Note: strlen() > 100, so strlen() - 100 - 1 >= 0 */
559 suffix = strchr(path + strlen(path) - 100 - 1, '/');
560 /* Don't attempt an empty prefix. */
562 suffix = strchr(suffix + 1, '/');
563 /* We can put it in the ustar header if it's
564 * all ASCII and it's either <= 100 characters
565 * or can be split at a '/' into a prefix <=
566 * 155 chars and a suffix <= 100 chars. (Note
567 * the strchr() above will return NULL exactly
568 * when the path can't be split.)
570 if (suffix == NULL /* Suffix > 100 chars. */
571 || suffix[1] == '\0' /* empty suffix */
572 || suffix - path > 155) /* Prefix > 155 chars */
574 if (path_w == NULL || hdrcharset != NULL) {
575 /* Can't do UTF-8, so store it raw. */
576 add_pax_attr(&(pax->pax_header),
580 add_pax_attr_w(&(pax->pax_header),
583 archive_entry_set_pathname(entry_main,
584 build_ustar_entry_name(ustar_entry_name,
585 path, strlen(path), NULL));
591 if (linkpath != NULL) {
592 /* If link name is too long or has non-ASCII characters, add
593 * 'linkpath' to pax extended attrs. */
594 if (strlen(linkpath) > 100 || linkpath_w == NULL
595 || linkpath_w == NULL || has_non_ASCII(linkpath_w)) {
596 if (linkpath_w == NULL || hdrcharset != NULL)
597 /* If the linkpath is not convertible
598 * to wide, or we're encoding in
599 * binary anyway, store it raw. */
600 add_pax_attr(&(pax->pax_header),
601 "linkpath", linkpath);
603 /* If the link is long or has a
604 * non-ASCII character, store it as a
605 * pax extended attribute. */
606 add_pax_attr_w(&(pax->pax_header),
607 "linkpath", linkpath_w);
608 if (strlen(linkpath) > 100) {
609 if (hardlink != NULL)
610 archive_entry_set_hardlink(entry_main,
611 "././@LongHardLink");
613 archive_entry_set_symlink(entry_main,
620 /* If file size is too large, add 'size' to pax extended attrs. */
621 if (archive_entry_size(entry_main) >= (((int64_t)1) << 33)) {
622 add_pax_attr_int(&(pax->pax_header), "size",
623 archive_entry_size(entry_main));
627 /* If numeric GID is too large, add 'gid' to pax extended attrs. */
628 if ((unsigned int)archive_entry_gid(entry_main) >= (1 << 18)) {
629 add_pax_attr_int(&(pax->pax_header), "gid",
630 archive_entry_gid(entry_main));
634 /* If group name is too large or has non-ASCII characters, add
635 * 'gname' to pax extended attrs. */
637 if (strlen(gname) > 31
639 || has_non_ASCII(gname_w))
641 if (gname_w == NULL || hdrcharset != NULL) {
642 add_pax_attr(&(pax->pax_header),
645 add_pax_attr_w(&(pax->pax_header),
652 /* If numeric UID is too large, add 'uid' to pax extended attrs. */
653 if ((unsigned int)archive_entry_uid(entry_main) >= (1 << 18)) {
654 add_pax_attr_int(&(pax->pax_header), "uid",
655 archive_entry_uid(entry_main));
659 /* Add 'uname' to pax extended attrs if necessary. */
661 if (strlen(uname) > 31
663 || has_non_ASCII(uname_w))
665 if (uname_w == NULL || hdrcharset != NULL) {
666 add_pax_attr(&(pax->pax_header),
669 add_pax_attr_w(&(pax->pax_header),
677 * POSIX/SUSv3 doesn't provide a standard key for large device
678 * numbers. I use the same keys here that Joerg Schilling
679 * used for 'star.' (Which, somewhat confusingly, are called
680 * "devXXX" even though they code "rdev" values.) No doubt,
681 * other implementations use other keys. Note that there's no
682 * reason we can't write the same information into a number of
685 * Of course, this is only needed for block or char device entries.
687 if (archive_entry_filetype(entry_main) == AE_IFBLK
688 || archive_entry_filetype(entry_main) == AE_IFCHR) {
690 * If rdevmajor is too large, add 'SCHILY.devmajor' to
691 * extended attributes.
693 dev_t rdevmajor, rdevminor;
694 rdevmajor = archive_entry_rdevmajor(entry_main);
695 rdevminor = archive_entry_rdevminor(entry_main);
696 if (rdevmajor >= (1 << 18)) {
697 add_pax_attr_int(&(pax->pax_header), "SCHILY.devmajor",
700 * Non-strict formatting below means we don't
701 * have to truncate here. Not truncating improves
702 * the chance that some more modern tar archivers
703 * (such as GNU tar 1.13) can restore the full
704 * value even if they don't understand the pax
705 * extended attributes. See my rant below about
706 * file size fields for additional details.
708 /* archive_entry_set_rdevmajor(entry_main,
709 rdevmajor & ((1 << 18) - 1)); */
714 * If devminor is too large, add 'SCHILY.devminor' to
715 * extended attributes.
717 if (rdevminor >= (1 << 18)) {
718 add_pax_attr_int(&(pax->pax_header), "SCHILY.devminor",
720 /* Truncation is not necessary here, either. */
721 /* archive_entry_set_rdevminor(entry_main,
722 rdevminor & ((1 << 18) - 1)); */
728 * Technically, the mtime field in the ustar header can
729 * support 33 bits, but many platforms use signed 32-bit time
730 * values. The cutoff of 0x7fffffff here is a compromise.
731 * Yes, this check is duplicated just below; this helps to
732 * avoid writing an mtime attribute just to handle a
733 * high-resolution timestamp in "restricted pax" mode.
735 if (!need_extension &&
736 ((archive_entry_mtime(entry_main) < 0)
737 || (archive_entry_mtime(entry_main) >= 0x7fffffff)))
740 /* I use a star-compatible file flag attribute. */
741 p = archive_entry_fflags_text(entry_main);
742 if (!need_extension && p != NULL && *p != '\0')
745 /* If there are non-trivial ACL entries, we need an extension. */
746 if (!need_extension && archive_entry_acl_count(entry_original,
747 ARCHIVE_ENTRY_ACL_TYPE_ACCESS) > 0)
750 /* If there are non-trivial ACL entries, we need an extension. */
751 if (!need_extension && archive_entry_acl_count(entry_original,
752 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT) > 0)
755 /* If there are extended attributes, we need an extension */
756 if (!need_extension && archive_entry_xattr_count(entry_original) > 0)
760 * The following items are handled differently in "pax
761 * restricted" format. In particular, in "pax restricted"
762 * format they won't be added unless need_extension is
763 * already set (we're already generating an extended header, so
764 * may as well include these).
766 if (a->archive.archive_format != ARCHIVE_FORMAT_TAR_PAX_RESTRICTED ||
769 if (archive_entry_mtime(entry_main) < 0 ||
770 archive_entry_mtime(entry_main) >= 0x7fffffff ||
771 archive_entry_mtime_nsec(entry_main) != 0)
772 add_pax_attr_time(&(pax->pax_header), "mtime",
773 archive_entry_mtime(entry_main),
774 archive_entry_mtime_nsec(entry_main));
776 if (archive_entry_ctime(entry_main) != 0 ||
777 archive_entry_ctime_nsec(entry_main) != 0)
778 add_pax_attr_time(&(pax->pax_header), "ctime",
779 archive_entry_ctime(entry_main),
780 archive_entry_ctime_nsec(entry_main));
782 if (archive_entry_atime(entry_main) != 0 ||
783 archive_entry_atime_nsec(entry_main) != 0)
784 add_pax_attr_time(&(pax->pax_header), "atime",
785 archive_entry_atime(entry_main),
786 archive_entry_atime_nsec(entry_main));
788 /* Store birth/creationtime only if it's earlier than mtime */
789 if (archive_entry_birthtime_is_set(entry_main) &&
790 archive_entry_birthtime(entry_main)
791 < archive_entry_mtime(entry_main))
792 add_pax_attr_time(&(pax->pax_header),
793 "LIBARCHIVE.creationtime",
794 archive_entry_birthtime(entry_main),
795 archive_entry_birthtime_nsec(entry_main));
797 /* I use a star-compatible file flag attribute. */
798 p = archive_entry_fflags_text(entry_main);
799 if (p != NULL && *p != '\0')
800 add_pax_attr(&(pax->pax_header), "SCHILY.fflags", p);
802 /* I use star-compatible ACL attributes. */
803 wp = archive_entry_acl_text_w(entry_original,
804 ARCHIVE_ENTRY_ACL_TYPE_ACCESS |
805 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID);
806 if (wp != NULL && *wp != L'\0')
807 add_pax_attr_w(&(pax->pax_header),
808 "SCHILY.acl.access", wp);
809 wp = archive_entry_acl_text_w(entry_original,
810 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT |
811 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID);
812 if (wp != NULL && *wp != L'\0')
813 add_pax_attr_w(&(pax->pax_header),
814 "SCHILY.acl.default", wp);
816 /* Include star-compatible metadata info. */
817 /* Note: "SCHILY.dev{major,minor}" are NOT the
818 * major/minor portions of "SCHILY.dev". */
819 add_pax_attr_int(&(pax->pax_header), "SCHILY.dev",
820 archive_entry_dev(entry_main));
821 add_pax_attr_int(&(pax->pax_header), "SCHILY.ino",
822 archive_entry_ino64(entry_main));
823 add_pax_attr_int(&(pax->pax_header), "SCHILY.nlink",
824 archive_entry_nlink(entry_main));
826 /* Store extended attributes */
827 archive_write_pax_header_xattrs(pax, entry_original);
830 /* Only regular files have data. */
831 if (archive_entry_filetype(entry_main) != AE_IFREG)
832 archive_entry_set_size(entry_main, 0);
835 * Pax-restricted does not store data for hardlinks, in order
836 * to improve compatibility with ustar.
838 if (a->archive.archive_format != ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE &&
840 archive_entry_set_size(entry_main, 0);
843 * XXX Full pax interchange format does permit a hardlink
844 * entry to have data associated with it. I'm not supporting
845 * that here because the client expects me to tell them whether
846 * or not this format expects data for hardlinks. If I
847 * don't check here, then every pax archive will end up with
848 * duplicated data for hardlinks. Someday, there may be
849 * need to select this behavior, in which case the following
850 * will need to be revisited. XXX
852 if (hardlink != NULL)
853 archive_entry_set_size(entry_main, 0);
855 /* Format 'ustar' header for main entry.
857 * The trouble with file size: If the reader can't understand
858 * the file size, they may not be able to locate the next
859 * entry and the rest of the archive is toast. Pax-compliant
860 * readers are supposed to ignore the file size in the main
861 * header, so the question becomes how to maximize portability
862 * for readers that don't support pax attribute extensions.
863 * For maximum compatibility, I permit numeric extensions in
864 * the main header so that the file size stored will always be
865 * correct, even if it's in a format that only some
866 * implementations understand. The technique used here is:
868 * a) If possible, follow the standard exactly. This handles
869 * files up to 8 gigabytes minus 1.
871 * b) If that fails, try octal but omit the field terminator.
872 * That handles files up to 64 gigabytes minus 1.
874 * c) Otherwise, use base-256 extensions. That handles files
875 * up to 2^63 in this implementation, with the potential to
876 * go up to 2^94. That should hold us for a while. ;-)
878 * The non-strict formatter uses similar logic for other
879 * numeric fields, though they're less critical.
881 __archive_write_format_header_ustar(a, ustarbuff, entry_main, -1, 0);
883 /* If we built any extended attributes, write that entry first. */
884 if (archive_strlen(&(pax->pax_header)) > 0) {
885 struct archive_entry *pax_attr_entry;
891 pax_attr_entry = archive_entry_new();
892 p = archive_entry_pathname(entry_main);
893 archive_entry_set_pathname(pax_attr_entry,
894 build_pax_attribute_name(pax_entry_name, p));
895 archive_entry_set_size(pax_attr_entry,
896 archive_strlen(&(pax->pax_header)));
897 /* Copy uid/gid (but clip to ustar limits). */
898 uid = archive_entry_uid(entry_main);
899 if ((unsigned int)uid >= 1 << 18)
900 uid = (uid_t)(1 << 18) - 1;
901 archive_entry_set_uid(pax_attr_entry, uid);
902 gid = archive_entry_gid(entry_main);
903 if ((unsigned int)gid >= 1 << 18)
904 gid = (gid_t)(1 << 18) - 1;
905 archive_entry_set_gid(pax_attr_entry, gid);
906 /* Copy mode over (but not setuid/setgid bits) */
907 mode = archive_entry_mode(entry_main);
917 archive_entry_set_mode(pax_attr_entry, mode);
919 /* Copy uname/gname. */
920 archive_entry_set_uname(pax_attr_entry,
921 archive_entry_uname(entry_main));
922 archive_entry_set_gname(pax_attr_entry,
923 archive_entry_gname(entry_main));
925 /* Copy mtime, but clip to ustar limits. */
926 s = archive_entry_mtime(entry_main);
927 if (s < 0) { s = 0; }
928 if (s >= 0x7fffffff) { s = 0x7fffffff; }
929 archive_entry_set_mtime(pax_attr_entry, s, 0);
931 /* Standard ustar doesn't support atime. */
932 archive_entry_set_atime(pax_attr_entry, 0, 0);
934 /* Standard ustar doesn't support ctime. */
935 archive_entry_set_ctime(pax_attr_entry, 0, 0);
937 r = __archive_write_format_header_ustar(a, paxbuff,
938 pax_attr_entry, 'x', 1);
940 archive_entry_free(pax_attr_entry);
942 /* Note that the 'x' header shouldn't ever fail to format */
944 const char *msg = "archive_write_pax_header: "
945 "'x' header failed?! This can't happen.\n";
946 size_t u = write(2, msg, strlen(msg));
947 (void)u; /* UNUSED */
950 r = (a->compressor.write)(a, paxbuff, 512);
951 if (r != ARCHIVE_OK) {
952 pax->entry_bytes_remaining = 0;
953 pax->entry_padding = 0;
954 return (ARCHIVE_FATAL);
957 pax->entry_bytes_remaining = archive_strlen(&(pax->pax_header));
958 pax->entry_padding = 0x1ff & (-(int64_t)pax->entry_bytes_remaining);
960 r = (a->compressor.write)(a, pax->pax_header.s,
961 archive_strlen(&(pax->pax_header)));
962 if (r != ARCHIVE_OK) {
963 /* If a write fails, we're pretty much toast. */
964 return (ARCHIVE_FATAL);
966 /* Pad out the end of the entry. */
967 r = write_nulls(a, pax->entry_padding);
968 if (r != ARCHIVE_OK) {
969 /* If a write fails, we're pretty much toast. */
970 return (ARCHIVE_FATAL);
972 pax->entry_bytes_remaining = pax->entry_padding = 0;
975 /* Write the header for main entry. */
976 r = (a->compressor.write)(a, ustarbuff, 512);
981 * Inform the client of the on-disk size we're using, so
982 * they can avoid unnecessarily writing a body for something
983 * that we're just going to ignore.
985 archive_entry_set_size(entry_original, archive_entry_size(entry_main));
986 pax->entry_bytes_remaining = archive_entry_size(entry_main);
987 pax->entry_padding = 0x1ff & (-(int64_t)pax->entry_bytes_remaining);
988 archive_entry_free(entry_main);
994 * We need a valid name for the regular 'ustar' entry. This routine
995 * tries to hack something more-or-less reasonable.
997 * The approach here tries to preserve leading dir names. We do so by
998 * working with four sections:
999 * 1) "prefix" directory names,
1000 * 2) "suffix" directory names,
1001 * 3) inserted dir name (optional),
1004 * These sections must satisfy the following requirements:
1005 * * Parts 1 & 2 together form an initial portion of the dir name.
1006 * * Part 3 is specified by the caller. (It should not contain a leading
1008 * * Part 4 forms an initial portion of the base filename.
1009 * * The filename must be <= 99 chars to fit the ustar 'name' field.
1010 * * Parts 2, 3, 4 together must be <= 99 chars to fit the ustar 'name' fld.
1011 * * Part 1 must be <= 155 chars to fit the ustar 'prefix' field.
1012 * * If the original name ends in a '/', the new name must also end in a '/'
1013 * * Trailing '/.' sequences may be stripped.
1015 * Note: Recall that the ustar format does not store the '/' separating
1016 * parts 1 & 2, but does store the '/' separating parts 2 & 3.
1019 build_ustar_entry_name(char *dest, const char *src, size_t src_length,
1022 const char *prefix, *prefix_end;
1023 const char *suffix, *suffix_end;
1024 const char *filename, *filename_end;
1026 int need_slash = 0; /* Was there a trailing slash? */
1027 size_t suffix_length = 99;
1028 size_t insert_length;
1030 /* Length of additional dir element to be added. */
1034 /* +2 here allows for '/' before and after the insert. */
1035 insert_length = strlen(insert) + 2;
1037 /* Step 0: Quick bailout in a common case. */
1038 if (src_length < 100 && insert == NULL) {
1039 strncpy(dest, src, src_length);
1040 dest[src_length] = '\0';
1044 /* Step 1: Locate filename and enforce the length restriction. */
1045 filename_end = src + src_length;
1046 /* Remove trailing '/' chars and '/.' pairs. */
1048 if (filename_end > src && filename_end[-1] == '/') {
1050 need_slash = 1; /* Remember to restore trailing '/'. */
1053 if (filename_end > src + 1 && filename_end[-1] == '.'
1054 && filename_end[-2] == '/') {
1056 need_slash = 1; /* "foo/." will become "foo/" */
1063 /* Find start of filename. */
1064 filename = filename_end - 1;
1065 while ((filename > src) && (*filename != '/'))
1067 if ((*filename == '/') && (filename < filename_end - 1))
1069 /* Adjust filename_end so that filename + insert fits in 99 chars. */
1070 suffix_length -= insert_length;
1071 if (filename_end > filename + suffix_length)
1072 filename_end = filename + suffix_length;
1073 /* Calculate max size for "suffix" section (#3 above). */
1074 suffix_length -= filename_end - filename;
1076 /* Step 2: Locate the "prefix" section of the dirname, including
1079 prefix_end = prefix + 155;
1080 if (prefix_end > filename)
1081 prefix_end = filename;
1082 while (prefix_end > prefix && *prefix_end != '/')
1084 if ((prefix_end < filename) && (*prefix_end == '/'))
1087 /* Step 3: Locate the "suffix" section of the dirname,
1088 * including trailing '/'. */
1089 suffix = prefix_end;
1090 suffix_end = suffix + suffix_length; /* Enforce limit. */
1091 if (suffix_end > filename)
1092 suffix_end = filename;
1093 if (suffix_end < suffix)
1094 suffix_end = suffix;
1095 while (suffix_end > suffix && *suffix_end != '/')
1097 if ((suffix_end < filename) && (*suffix_end == '/'))
1100 /* Step 4: Build the new name. */
1101 /* The OpenBSD strlcpy function is safer, but less portable. */
1102 /* Rather than maintain two versions, just use the strncpy version. */
1104 if (prefix_end > prefix) {
1105 strncpy(p, prefix, prefix_end - prefix);
1106 p += prefix_end - prefix;
1108 if (suffix_end > suffix) {
1109 strncpy(p, suffix, suffix_end - suffix);
1110 p += suffix_end - suffix;
1112 if (insert != NULL) {
1113 /* Note: assume insert does not have leading or trailing '/' */
1115 p += strlen(insert);
1118 strncpy(p, filename, filename_end - filename);
1119 p += filename_end - filename;
1128 * The ustar header for the pax extended attributes must have a
1129 * reasonable name: SUSv3 requires 'dirname'/PaxHeader.'pid'/'filename'
1130 * where 'pid' is the PID of the archiving process. Unfortunately,
1131 * that makes testing a pain since the output varies for each run,
1132 * so I'm sticking with the simpler 'dirname'/PaxHeader/'filename'
1133 * for now. (Someday, I'll make this settable. Then I can use the
1134 * SUS recommendation as default and test harnesses can override it
1135 * to get predictable results.)
1137 * Joerg Schilling has argued that this is unnecessary because, in
1138 * practice, if the pax extended attributes get extracted as regular
1139 * files, noone is going to bother reading those attributes to
1140 * manually restore them. Based on this, 'star' uses
1141 * /tmp/PaxHeader/'basename' as the ustar header name. This is a
1142 * tempting argument, in part because it's simpler than the SUSv3
1143 * recommendation, but I'm not entirely convinced. I'm also
1144 * uncomfortable with the fact that "/tmp" is a Unix-ism.
1146 * The following routine leverages build_ustar_entry_name() above and
1147 * so is simpler than you might think. It just needs to provide the
1148 * additional path element and handle a few pathological cases).
1151 build_pax_attribute_name(char *dest, const char *src)
1156 /* Handle the null filename case. */
1157 if (src == NULL || *src == '\0') {
1158 strcpy(dest, "PaxHeader/blank");
1162 /* Prune final '/' and other unwanted final elements. */
1163 p = src + strlen(src);
1165 /* Ends in "/", remove the '/' */
1166 if (p > src && p[-1] == '/') {
1170 /* Ends in "/.", remove the '.' */
1171 if (p > src + 1 && p[-1] == '.'
1179 /* Pathological case: After above, there was nothing left.
1180 * This includes "/." "/./." "/.//./." etc. */
1182 strcpy(dest, "/PaxHeader/rootdir");
1186 /* Convert unadorned "." into a suitable filename. */
1187 if (*src == '.' && p == src + 1) {
1188 strcpy(dest, "PaxHeader/currentdir");
1193 * TODO: Push this string into the 'pax' structure to avoid
1194 * recomputing it every time. That will also open the door
1195 * to having clients override it.
1197 #if HAVE_GETPID && 0 /* Disable this for now; see above comment. */
1198 sprintf(buff, "PaxHeader.%d", getpid());
1200 /* If the platform can't fetch the pid, don't include it. */
1201 strcpy(buff, "PaxHeader");
1203 /* General case: build a ustar-compatible name adding "/PaxHeader/". */
1204 build_ustar_entry_name(dest, src, p - src, buff);
1209 /* Write two null blocks for the end of archive */
1211 archive_write_pax_finish(struct archive_write *a)
1215 if (a->compressor.write == NULL)
1216 return (ARCHIVE_OK);
1218 r = write_nulls(a, 512 * 2);
1223 archive_write_pax_destroy(struct archive_write *a)
1227 pax = (struct pax *)a->format_data;
1229 return (ARCHIVE_OK);
1231 archive_string_free(&pax->pax_header);
1233 a->format_data = NULL;
1234 return (ARCHIVE_OK);
1238 archive_write_pax_finish_entry(struct archive_write *a)
1243 pax = (struct pax *)a->format_data;
1244 ret = write_nulls(a, pax->entry_bytes_remaining + pax->entry_padding);
1245 pax->entry_bytes_remaining = pax->entry_padding = 0;
1250 write_nulls(struct archive_write *a, size_t padding)
1255 while (padding > 0) {
1256 to_write = padding < a->null_length ? padding : a->null_length;
1257 ret = (a->compressor.write)(a, a->nulls, to_write);
1258 if (ret != ARCHIVE_OK)
1260 padding -= to_write;
1262 return (ARCHIVE_OK);
1266 archive_write_pax_data(struct archive_write *a, const void *buff, size_t s)
1271 pax = (struct pax *)a->format_data;
1272 if (s > pax->entry_bytes_remaining)
1273 s = pax->entry_bytes_remaining;
1275 ret = (a->compressor.write)(a, buff, s);
1276 pax->entry_bytes_remaining -= s;
1277 if (ret == ARCHIVE_OK)
1284 has_non_ASCII(const wchar_t *wp)
1288 while (*wp != L'\0' && *wp < 128)
1290 return (*wp != L'\0');
1294 * Used by extended attribute support; encodes the name
1295 * so that there will be no '=' characters in the result.
1298 url_encode(const char *in)
1305 for (s = in; *s != '\0'; s++) {
1306 if (*s < 33 || *s > 126 || *s == '%' || *s == '=')
1312 out = (char *)malloc(out_len + 1);
1316 for (s = in, d = out; *s != '\0'; s++) {
1317 /* encode any non-printable ASCII character or '%' or '=' */
1318 if (*s < 33 || *s > 126 || *s == '%' || *s == '=') {
1319 /* URL encoding is '%' followed by two hex digits */
1321 *d++ = "0123456789ABCDEF"[0x0f & (*s >> 4)];
1322 *d++ = "0123456789ABCDEF"[0x0f & *s];
1332 * Encode a sequence of bytes into a C string using base-64 encoding.
1334 * Returns a null-terminated C string allocated with malloc(); caller
1335 * is responsible for freeing the result.
1338 base64_encode(const char *s, size_t len)
1340 static const char digits[64] =
1341 { 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O',
1342 'P','Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d',
1343 'e','f','g','h','i','j','k','l','m','n','o','p','q','r','s',
1344 't','u','v','w','x','y','z','0','1','2','3','4','5','6','7',
1349 /* 3 bytes becomes 4 chars, but round up and allow for trailing NUL */
1350 out = (char *)malloc((len * 4 + 2) / 3 + 1);
1355 /* Convert each group of 3 bytes into 4 characters. */
1357 v = (((int)s[0] << 16) & 0xff0000)
1358 | (((int)s[1] << 8) & 0xff00)
1359 | (((int)s[2]) & 0x00ff);
1362 *d++ = digits[(v >> 18) & 0x3f];
1363 *d++ = digits[(v >> 12) & 0x3f];
1364 *d++ = digits[(v >> 6) & 0x3f];
1365 *d++ = digits[(v) & 0x3f];
1367 /* Handle final group of 1 byte (2 chars) or 2 bytes (3 chars). */
1371 v = (((int)s[0] << 16) & 0xff0000);
1372 *d++ = digits[(v >> 18) & 0x3f];
1373 *d++ = digits[(v >> 12) & 0x3f];
1376 v = (((int)s[0] << 16) & 0xff0000)
1377 | (((int)s[1] << 8) & 0xff00);
1378 *d++ = digits[(v >> 18) & 0x3f];
1379 *d++ = digits[(v >> 12) & 0x3f];
1380 *d++ = digits[(v >> 6) & 0x3f];
1383 /* Add trailing NUL character so output is a valid C string. */