2 * Copyright (c) 2003-2010 Tim Kientzle
3 * Copyright (c) 2012 Michihiro NAKAJIMA
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer
11 * in this position and unchanged.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 #include "archive_platform.h"
29 __FBSDID("$FreeBSD$");
31 #if !defined(_WIN32) || defined(__CYGWIN__)
33 #ifdef HAVE_SYS_TYPES_H
34 #include <sys/types.h>
39 #ifdef HAVE_SYS_EXTATTR_H
40 #include <sys/extattr.h>
42 #if defined(HAVE_SYS_XATTR_H)
43 #include <sys/xattr.h>
44 #elif defined(HAVE_ATTR_XATTR_H)
45 #include <attr/xattr.h>
50 #ifdef HAVE_SYS_IOCTL_H
51 #include <sys/ioctl.h>
53 #ifdef HAVE_SYS_STAT_H
56 #ifdef HAVE_SYS_TIME_H
59 #ifdef HAVE_SYS_UTIME_H
60 #include <sys/utime.h>
62 #ifdef HAVE_COPYFILE_H
74 #ifdef HAVE_LANGINFO_H
77 #ifdef HAVE_LINUX_FS_H
78 #include <linux/fs.h> /* for Linux file flags */
81 * Some Linux distributions have both linux/ext2_fs.h and ext2fs/ext2_fs.h.
82 * As the include guards don't agree, the order of include is important.
84 #ifdef HAVE_LINUX_EXT2_FS_H
85 #include <linux/ext2_fs.h> /* for Linux file flags */
87 #if defined(HAVE_EXT2FS_EXT2_FS_H) && !defined(__CYGWIN__)
88 #include <ext2fs/ext2_fs.h> /* Linux file flags, broken on Cygwin */
109 #ifdef F_GETTIMES /* Tru64 specific */
110 #include <sys/fcntl1.h>
114 * Macro to cast st_mtime and time_t to an int64 so that 2 numbers can reliably be compared.
116 * It assumes that the input is an integer type of no more than 64 bits.
117 * If the number is less than zero, t must be a signed type, so it fits in
118 * int64_t. Otherwise, it's a nonnegative value so we can cast it to uint64_t
119 * without loss. But it could be a large unsigned value, so we have to clip it
122 #define to_int64_time(t) \
123 ((t) < 0 ? (int64_t)(t) : (uint64_t)(t) > (uint64_t)INT64_MAX ? INT64_MAX : (int64_t)(t))
126 #include <TargetConditionals.h>
127 #if TARGET_OS_MAC && !TARGET_OS_EMBEDDED && HAVE_QUARANTINE_H
128 #include <quarantine.h>
129 #define HAVE_QUARANTINE 1
137 /* TODO: Support Mac OS 'quarantine' feature. This is really just a
138 * standard tag to mark files that have been downloaded as "tainted".
139 * On Mac OS, we should mark the extracted files as tainted if the
140 * archive being read was tainted. Windows has a similar feature; we
141 * should investigate ways to support this generically. */
144 #include "archive_acl_private.h"
145 #include "archive_string.h"
146 #include "archive_endian.h"
147 #include "archive_entry.h"
148 #include "archive_private.h"
149 #include "archive_write_disk_private.h"
158 /* Ignore non-int O_NOFOLLOW constant. */
159 /* gnulib's fcntl.h does this on AIX, but it seems practical everywhere */
160 #if defined O_NOFOLLOW && !(INT_MIN <= O_NOFOLLOW && O_NOFOLLOW <= INT_MAX)
169 struct fixup_entry *next;
170 struct archive_acl acl;
176 unsigned long atime_nanos;
177 unsigned long birthtime_nanos;
178 unsigned long mtime_nanos;
179 unsigned long ctime_nanos;
180 unsigned long fflags_set;
181 size_t mac_metadata_size;
183 int fixup; /* bitmask of what needs fixing */
188 * We use a bitmask to track which operations remain to be done for
189 * this file. In particular, this helps us avoid unnecessary
190 * operations when it's possible to take care of one step as a
191 * side-effect of another. For example, mkdir() can specify the mode
192 * for the newly-created object but symlink() cannot. This means we
193 * can skip chmod() if mkdir() succeeded, but we must explicitly
194 * chmod() if we're trying to create a directory that already exists
195 * (mkdir() failed) or if we're restoring a symlink. Similarly, we
196 * need to verify UID/GID before trying to restore SUID/SGID bits;
197 * that verification can occur explicitly through a stat() call or
198 * implicitly because of a successful chown() call.
200 #define TODO_MODE_FORCE 0x40000000
201 #define TODO_MODE_BASE 0x20000000
202 #define TODO_SUID 0x10000000
203 #define TODO_SUID_CHECK 0x08000000
204 #define TODO_SGID 0x04000000
205 #define TODO_SGID_CHECK 0x02000000
206 #define TODO_APPLEDOUBLE 0x01000000
207 #define TODO_MODE (TODO_MODE_BASE|TODO_SUID|TODO_SGID)
208 #define TODO_TIMES ARCHIVE_EXTRACT_TIME
209 #define TODO_OWNER ARCHIVE_EXTRACT_OWNER
210 #define TODO_FFLAGS ARCHIVE_EXTRACT_FFLAGS
211 #define TODO_ACLS ARCHIVE_EXTRACT_ACL
212 #define TODO_XATTR ARCHIVE_EXTRACT_XATTR
213 #define TODO_MAC_METADATA ARCHIVE_EXTRACT_MAC_METADATA
214 #define TODO_HFS_COMPRESSION ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED
216 struct archive_write_disk {
217 struct archive archive;
220 struct fixup_entry *fixup_list;
221 struct fixup_entry *current_fixup;
224 int64_t skip_file_dev;
225 int64_t skip_file_ino;
228 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid);
229 void (*cleanup_gid)(void *private);
230 void *lookup_gid_data;
231 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid);
232 void (*cleanup_uid)(void *private);
233 void *lookup_uid_data;
236 * Full path of last file to satisfy symlink checks.
238 struct archive_string path_safe;
241 * Cached stat data from disk for the current entry.
242 * If this is valid, pst points to st. Otherwise,
248 /* Information about the object being restored right now. */
249 struct archive_entry *entry; /* Entry being extracted. */
250 char *name; /* Name of entry, possibly edited. */
251 struct archive_string _name_data; /* backing store for 'name' */
252 /* Tasks remaining for this object. */
254 /* Tasks deferred until end-of-archive. */
256 /* Options requested by the client. */
258 /* Handle for the file we're restoring. */
260 /* Current offset for writing data to the file. */
262 /* Last offset actually written to disk. */
264 /* Total bytes actually written to files. */
265 int64_t total_bytes_written;
266 /* Maximum size of file, -1 if unknown. */
268 /* Dir we were in before this restore; only for deep paths. */
270 /* Mode we should use for this entry; affected by _PERM and umask. */
272 /* UID/GID to use in restoring this entry. */
278 /* Xattr "com.apple.decmpfs". */
279 uint32_t decmpfs_attr_size;
280 unsigned char *decmpfs_header_p;
281 /* ResourceFork set options used for fsetxattr. */
282 int rsrc_xattr_options;
283 /* Xattr "com.apple.ResourceFork". */
284 unsigned char *resource_fork;
285 size_t resource_fork_allocated_size;
286 unsigned int decmpfs_block_count;
287 uint32_t *decmpfs_block_info;
288 /* Buffer for compressed data. */
289 unsigned char *compressed_buffer;
290 size_t compressed_buffer_size;
291 size_t compressed_buffer_remaining;
292 /* The offset of the ResourceFork where compressed data will
294 uint32_t compressed_rsrc_position;
295 uint32_t compressed_rsrc_position_v;
296 /* Buffer for uncompressed data. */
297 char *uncompressed_buffer;
298 size_t block_remaining_bytes;
299 size_t file_remaining_bytes;
303 int decmpfs_compression_level;
308 * Default mode for dirs created automatically (will be modified by umask).
309 * Note that POSIX specifies 0777 for implicitly-created dirs, "modified
310 * by the process' file creation mask."
312 #define DEFAULT_DIR_MODE 0777
314 * Dir modes are restored in two steps: During the extraction, the permissions
315 * in the archive are modified to match the following limits. During
316 * the post-extract fixup pass, the permissions from the archive are
319 #define MINIMUM_DIR_MODE 0700
320 #define MAXIMUM_DIR_MODE 0775
323 * Maximum uncompressed size of a decmpfs block.
325 #define MAX_DECMPFS_BLOCK_SIZE (64 * 1024)
327 * HFS+ compression type.
329 #define CMP_XATTR 3/* Compressed data in xattr. */
330 #define CMP_RESOURCE_FORK 4/* Compressed data in resource fork. */
332 * HFS+ compression resource fork.
334 #define RSRC_H_SIZE 260 /* Base size of Resource fork header. */
335 #define RSRC_F_SIZE 50 /* Size of Resource fork footer. */
336 /* Size to write compressed data to resource fork. */
337 #define COMPRESSED_W_SIZE (64 * 1024)
338 /* decmpfs definitions. */
339 #define MAX_DECMPFS_XATTR_SIZE 3802
340 #ifndef DECMPFS_XATTR_NAME
341 #define DECMPFS_XATTR_NAME "com.apple.decmpfs"
343 #define DECMPFS_MAGIC 0x636d7066
344 #define DECMPFS_COMPRESSION_MAGIC 0
345 #define DECMPFS_COMPRESSION_TYPE 4
346 #define DECMPFS_UNCOMPRESSED_SIZE 8
347 #define DECMPFS_HEADER_SIZE 16
349 #define HFS_BLOCKS(s) ((s) >> 12)
351 static void fsobj_error(int *, struct archive_string *, int, const char *,
353 static int check_symlinks_fsobj(char *, int *, struct archive_string *,
355 static int check_symlinks(struct archive_write_disk *);
356 static int create_filesystem_object(struct archive_write_disk *);
357 static struct fixup_entry *current_fixup(struct archive_write_disk *,
358 const char *pathname);
359 #if defined(HAVE_FCHDIR) && defined(PATH_MAX)
360 static void edit_deep_directories(struct archive_write_disk *ad);
362 static int cleanup_pathname_fsobj(char *, int *, struct archive_string *,
364 static int cleanup_pathname(struct archive_write_disk *);
365 static int create_dir(struct archive_write_disk *, char *);
366 static int create_parent_dir(struct archive_write_disk *, char *);
367 static ssize_t hfs_write_data_block(struct archive_write_disk *,
368 const char *, size_t);
369 static int fixup_appledouble(struct archive_write_disk *, const char *);
370 static int older(struct stat *, struct archive_entry *);
371 static int restore_entry(struct archive_write_disk *);
372 static int set_mac_metadata(struct archive_write_disk *, const char *,
373 const void *, size_t);
374 static int set_xattrs(struct archive_write_disk *);
375 static int clear_nochange_fflags(struct archive_write_disk *);
376 static int set_fflags(struct archive_write_disk *);
377 static int set_fflags_platform(struct archive_write_disk *, int fd,
378 const char *name, mode_t mode,
379 unsigned long fflags_set, unsigned long fflags_clear);
380 static int set_ownership(struct archive_write_disk *);
381 static int set_mode(struct archive_write_disk *, int mode);
382 static int set_time(int, int, const char *, time_t, long, time_t, long);
383 static int set_times(struct archive_write_disk *, int, int, const char *,
384 time_t, long, time_t, long, time_t, long, time_t, long);
385 static int set_times_from_entry(struct archive_write_disk *);
386 static struct fixup_entry *sort_dir_list(struct fixup_entry *p);
387 static ssize_t write_data_block(struct archive_write_disk *,
388 const char *, size_t);
390 static struct archive_vtable *archive_write_disk_vtable(void);
392 static int _archive_write_disk_close(struct archive *);
393 static int _archive_write_disk_free(struct archive *);
394 static int _archive_write_disk_header(struct archive *,
395 struct archive_entry *);
396 static int64_t _archive_write_disk_filter_bytes(struct archive *, int);
397 static int _archive_write_disk_finish_entry(struct archive *);
398 static ssize_t _archive_write_disk_data(struct archive *, const void *,
400 static ssize_t _archive_write_disk_data_block(struct archive *, const void *,
404 lazy_stat(struct archive_write_disk *a)
406 if (a->pst != NULL) {
407 /* Already have stat() data available. */
411 if (a->fd >= 0 && fstat(a->fd, &a->st) == 0) {
417 * XXX At this point, symlinks should not be hit, otherwise
418 * XXX a race occurred. Do we want to check explicitly for that?
420 if (lstat(a->name, &a->st) == 0) {
424 archive_set_error(&a->archive, errno, "Couldn't stat file");
425 return (ARCHIVE_WARN);
428 static struct archive_vtable *
429 archive_write_disk_vtable(void)
431 static struct archive_vtable av;
432 static int inited = 0;
435 av.archive_close = _archive_write_disk_close;
436 av.archive_filter_bytes = _archive_write_disk_filter_bytes;
437 av.archive_free = _archive_write_disk_free;
438 av.archive_write_header = _archive_write_disk_header;
439 av.archive_write_finish_entry
440 = _archive_write_disk_finish_entry;
441 av.archive_write_data = _archive_write_disk_data;
442 av.archive_write_data_block = _archive_write_disk_data_block;
449 _archive_write_disk_filter_bytes(struct archive *_a, int n)
451 struct archive_write_disk *a = (struct archive_write_disk *)_a;
452 (void)n; /* UNUSED */
453 if (n == -1 || n == 0)
454 return (a->total_bytes_written);
460 archive_write_disk_set_options(struct archive *_a, int flags)
462 struct archive_write_disk *a = (struct archive_write_disk *)_a;
470 * Extract this entry to disk.
472 * TODO: Validate hardlinks. According to the standards, we're
473 * supposed to check each extracted hardlink and squawk if it refers
474 * to a file that we didn't restore. I'm not entirely convinced this
475 * is a good idea, but more importantly: Is there any way to validate
476 * hardlinks without keeping a complete list of filenames from the
477 * entire archive?? Ugh.
481 _archive_write_disk_header(struct archive *_a, struct archive_entry *entry)
483 struct archive_write_disk *a = (struct archive_write_disk *)_a;
484 struct fixup_entry *fe;
487 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
488 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA,
489 "archive_write_disk_header");
490 archive_clear_error(&a->archive);
491 if (a->archive.state & ARCHIVE_STATE_DATA) {
492 r = _archive_write_disk_finish_entry(&a->archive);
493 if (r == ARCHIVE_FATAL)
497 /* Set up for this particular entry. */
499 a->current_fixup = NULL;
502 archive_entry_free(a->entry);
505 a->entry = archive_entry_clone(entry);
510 a->uid = a->user_uid;
511 a->mode = archive_entry_mode(a->entry);
512 if (archive_entry_size_is_set(a->entry))
513 a->filesize = archive_entry_size(a->entry);
516 archive_strcpy(&(a->_name_data), archive_entry_pathname(a->entry));
517 a->name = a->_name_data.s;
518 archive_clear_error(&a->archive);
521 * Clean up the requested path. This is necessary for correct
522 * dir restores; the dir restore logic otherwise gets messed
523 * up by nonsense like "dir/.".
525 ret = cleanup_pathname(a);
526 if (ret != ARCHIVE_OK)
530 * Query the umask so we get predictable mode settings.
531 * This gets done on every call to _write_header in case the
532 * user edits their umask during the extraction for some
535 umask(a->user_umask = umask(0));
537 /* Figure out what we need to do for this entry. */
538 a->todo = TODO_MODE_BASE;
539 if (a->flags & ARCHIVE_EXTRACT_PERM) {
540 a->todo |= TODO_MODE_FORCE; /* Be pushy about permissions. */
542 * SGID requires an extra "check" step because we
543 * cannot easily predict the GID that the system will
544 * assign. (Different systems assign GIDs to files
545 * based on a variety of criteria, including process
546 * credentials and the gid of the enclosing
547 * directory.) We can only restore the SGID bit if
548 * the file has the right GID, and we only know the
549 * GID if we either set it (see set_ownership) or if
550 * we've actually called stat() on the file after it
551 * was restored. Since there are several places at
552 * which we might verify the GID, we need a TODO bit
555 if (a->mode & S_ISGID)
556 a->todo |= TODO_SGID | TODO_SGID_CHECK;
558 * Verifying the SUID is simpler, but can still be
559 * done in multiple ways, hence the separate "check" bit.
561 if (a->mode & S_ISUID)
562 a->todo |= TODO_SUID | TODO_SUID_CHECK;
565 * User didn't request full permissions, so don't
566 * restore SUID, SGID bits and obey umask.
571 a->mode &= ~a->user_umask;
573 if (a->flags & ARCHIVE_EXTRACT_OWNER)
574 a->todo |= TODO_OWNER;
575 if (a->flags & ARCHIVE_EXTRACT_TIME)
576 a->todo |= TODO_TIMES;
577 if (a->flags & ARCHIVE_EXTRACT_ACL) {
578 if (archive_entry_filetype(a->entry) == AE_IFDIR)
579 a->deferred |= TODO_ACLS;
581 a->todo |= TODO_ACLS;
583 if (a->flags & ARCHIVE_EXTRACT_MAC_METADATA) {
584 if (archive_entry_filetype(a->entry) == AE_IFDIR)
585 a->deferred |= TODO_MAC_METADATA;
587 a->todo |= TODO_MAC_METADATA;
589 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H)
590 if ((a->flags & ARCHIVE_EXTRACT_NO_HFS_COMPRESSION) == 0) {
591 unsigned long set, clear;
592 archive_entry_fflags(a->entry, &set, &clear);
593 if ((set & ~clear) & UF_COMPRESSED) {
594 a->todo |= TODO_HFS_COMPRESSION;
595 a->decmpfs_block_count = (unsigned)-1;
598 if ((a->flags & ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED) != 0 &&
599 (a->mode & AE_IFMT) == AE_IFREG && a->filesize > 0) {
600 a->todo |= TODO_HFS_COMPRESSION;
601 a->decmpfs_block_count = (unsigned)-1;
606 /* Check if the current file name is a type of the
607 * resource fork file. */
608 p = strrchr(a->name, '/');
613 if (p[0] == '.' && p[1] == '_') {
614 /* Do not compress "._XXX" files. */
615 a->todo &= ~TODO_HFS_COMPRESSION;
617 a->todo |= TODO_APPLEDOUBLE;
622 if (a->flags & ARCHIVE_EXTRACT_XATTR)
623 a->todo |= TODO_XATTR;
624 if (a->flags & ARCHIVE_EXTRACT_FFLAGS)
625 a->todo |= TODO_FFLAGS;
626 if (a->flags & ARCHIVE_EXTRACT_SECURE_SYMLINKS) {
627 ret = check_symlinks(a);
628 if (ret != ARCHIVE_OK)
631 #if defined(HAVE_FCHDIR) && defined(PATH_MAX)
632 /* If path exceeds PATH_MAX, shorten the path. */
633 edit_deep_directories(a);
636 ret = restore_entry(a);
638 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H)
640 * Check if the filesystem the file is restoring on supports
641 * HFS+ Compression. If not, cancel HFS+ Compression.
643 if (a->todo | TODO_HFS_COMPRESSION) {
645 * NOTE: UF_COMPRESSED is ignored even if the filesystem
646 * supports HFS+ Compression because the file should
647 * have at least an extended attribute "com.apple.decmpfs"
648 * before the flag is set to indicate that the file have
649 * been compressed. If the filesystem does not support
650 * HFS+ Compression the system call will fail.
652 if (a->fd < 0 || fchflags(a->fd, UF_COMPRESSED) != 0)
653 a->todo &= ~TODO_HFS_COMPRESSION;
658 * TODO: There are rumours that some extended attributes must
659 * be restored before file data is written. If this is true,
660 * then we either need to write all extended attributes both
661 * before and after restoring the data, or find some rule for
662 * determining which must go first and which last. Due to the
663 * many ways people are using xattrs, this may prove to be an
664 * intractable problem.
668 /* If we changed directory above, restore it here. */
669 if (a->restore_pwd >= 0) {
670 r = fchdir(a->restore_pwd);
672 archive_set_error(&a->archive, errno,
676 close(a->restore_pwd);
682 * Fixup uses the unedited pathname from archive_entry_pathname(),
683 * because it is relative to the base dir and the edited path
684 * might be relative to some intermediate dir as a result of the
685 * deep restore logic.
687 if (a->deferred & TODO_MODE) {
688 fe = current_fixup(a, archive_entry_pathname(entry));
690 return (ARCHIVE_FATAL);
691 fe->fixup |= TODO_MODE_BASE;
695 if ((a->deferred & TODO_TIMES)
696 && (archive_entry_mtime_is_set(entry)
697 || archive_entry_atime_is_set(entry))) {
698 fe = current_fixup(a, archive_entry_pathname(entry));
700 return (ARCHIVE_FATAL);
702 fe->fixup |= TODO_TIMES;
703 if (archive_entry_atime_is_set(entry)) {
704 fe->atime = archive_entry_atime(entry);
705 fe->atime_nanos = archive_entry_atime_nsec(entry);
707 /* If atime is unset, use start time. */
708 fe->atime = a->start_time;
711 if (archive_entry_mtime_is_set(entry)) {
712 fe->mtime = archive_entry_mtime(entry);
713 fe->mtime_nanos = archive_entry_mtime_nsec(entry);
715 /* If mtime is unset, use start time. */
716 fe->mtime = a->start_time;
719 if (archive_entry_birthtime_is_set(entry)) {
720 fe->birthtime = archive_entry_birthtime(entry);
721 fe->birthtime_nanos = archive_entry_birthtime_nsec(
724 /* If birthtime is unset, use mtime. */
725 fe->birthtime = fe->mtime;
726 fe->birthtime_nanos = fe->mtime_nanos;
730 if (a->deferred & TODO_ACLS) {
731 fe = current_fixup(a, archive_entry_pathname(entry));
733 return (ARCHIVE_FATAL);
734 fe->fixup |= TODO_ACLS;
735 archive_acl_copy(&fe->acl, archive_entry_acl(entry));
738 if (a->deferred & TODO_MAC_METADATA) {
739 const void *metadata;
740 size_t metadata_size;
741 metadata = archive_entry_mac_metadata(a->entry, &metadata_size);
742 if (metadata != NULL && metadata_size > 0) {
743 fe = current_fixup(a, archive_entry_pathname(entry));
745 return (ARCHIVE_FATAL);
746 fe->mac_metadata = malloc(metadata_size);
747 if (fe->mac_metadata != NULL) {
748 memcpy(fe->mac_metadata, metadata,
750 fe->mac_metadata_size = metadata_size;
751 fe->fixup |= TODO_MAC_METADATA;
756 if (a->deferred & TODO_FFLAGS) {
757 fe = current_fixup(a, archive_entry_pathname(entry));
759 return (ARCHIVE_FATAL);
760 fe->fixup |= TODO_FFLAGS;
761 /* TODO: Complete this.. defer fflags from below. */
764 /* We've created the object and are ready to pour data into it. */
765 if (ret >= ARCHIVE_WARN)
766 a->archive.state = ARCHIVE_STATE_DATA;
768 * If it's not open, tell our client not to try writing.
769 * In particular, dirs, links, etc, don't get written to.
772 archive_entry_set_size(entry, 0);
780 archive_write_disk_set_skip_file(struct archive *_a, int64_t d, int64_t i)
782 struct archive_write_disk *a = (struct archive_write_disk *)_a;
783 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
784 ARCHIVE_STATE_ANY, "archive_write_disk_set_skip_file");
785 a->skip_file_set = 1;
786 a->skip_file_dev = d;
787 a->skip_file_ino = i;
792 write_data_block(struct archive_write_disk *a, const char *buff, size_t size)
794 uint64_t start_size = size;
795 ssize_t bytes_written = 0;
796 ssize_t block_size = 0, bytes_to_write;
801 if (a->filesize == 0 || a->fd < 0) {
802 archive_set_error(&a->archive, 0,
803 "Attempt to write to an empty file");
804 return (ARCHIVE_WARN);
807 if (a->flags & ARCHIVE_EXTRACT_SPARSE) {
808 #if HAVE_STRUCT_STAT_ST_BLKSIZE
810 if ((r = lazy_stat(a)) != ARCHIVE_OK)
812 block_size = a->pst->st_blksize;
814 /* XXX TODO XXX Is there a more appropriate choice here ? */
815 /* This needn't match the filesystem allocation size. */
816 block_size = 16*1024;
820 /* If this write would run beyond the file size, truncate it. */
821 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize)
822 start_size = size = (size_t)(a->filesize - a->offset);
824 /* Write the data. */
826 if (block_size == 0) {
827 bytes_to_write = size;
829 /* We're sparsifying the file. */
833 /* Skip leading zero bytes. */
834 for (p = buff, end = buff + size; p < end; ++p) {
838 a->offset += p - buff;
844 /* Calculate next block boundary after offset. */
846 = (a->offset / block_size + 1) * block_size;
848 /* If the adjusted write would cross block boundary,
849 * truncate it to the block boundary. */
850 bytes_to_write = size;
851 if (a->offset + bytes_to_write > block_end)
852 bytes_to_write = block_end - a->offset;
854 /* Seek if necessary to the specified offset. */
855 if (a->offset != a->fd_offset) {
856 if (lseek(a->fd, a->offset, SEEK_SET) < 0) {
857 archive_set_error(&a->archive, errno,
859 return (ARCHIVE_FATAL);
861 a->fd_offset = a->offset;
863 bytes_written = write(a->fd, buff, bytes_to_write);
864 if (bytes_written < 0) {
865 archive_set_error(&a->archive, errno, "Write failed");
866 return (ARCHIVE_WARN);
868 buff += bytes_written;
869 size -= bytes_written;
870 a->total_bytes_written += bytes_written;
871 a->offset += bytes_written;
872 a->fd_offset = a->offset;
874 return (start_size - size);
877 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\
878 && defined(HAVE_ZLIB_H)
881 * Set UF_COMPRESSED file flag.
882 * This have to be called after hfs_write_decmpfs() because if the
883 * file does not have "com.apple.decmpfs" xattr the flag is ignored.
886 hfs_set_compressed_fflag(struct archive_write_disk *a)
890 if ((r = lazy_stat(a)) != ARCHIVE_OK)
893 a->st.st_flags |= UF_COMPRESSED;
894 if (fchflags(a->fd, a->st.st_flags) != 0) {
895 archive_set_error(&a->archive, errno,
896 "Failed to set UF_COMPRESSED file flag");
897 return (ARCHIVE_WARN);
903 * HFS+ Compression decmpfs
905 * +------------------------------+ +0
906 * | Magic(LE 4 bytes) |
907 * +------------------------------+
908 * | Type(LE 4 bytes) |
909 * +------------------------------+
910 * | Uncompressed size(LE 8 bytes)|
911 * +------------------------------+ +16
913 * | Compressed data |
914 * | (Placed only if Type == 3) |
916 * +------------------------------+ +3802 = MAX_DECMPFS_XATTR_SIZE
918 * Type is 3: decmpfs has compressed data.
919 * Type is 4: Resource Fork has compressed data.
922 * Write "com.apple.decmpfs"
925 hfs_write_decmpfs(struct archive_write_disk *a)
928 uint32_t compression_type;
930 r = fsetxattr(a->fd, DECMPFS_XATTR_NAME, a->decmpfs_header_p,
931 a->decmpfs_attr_size, 0, 0);
933 archive_set_error(&a->archive, errno,
934 "Cannot restore xattr:%s", DECMPFS_XATTR_NAME);
935 compression_type = archive_le32dec(
936 &a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE]);
937 if (compression_type == CMP_RESOURCE_FORK)
938 fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME,
939 XATTR_SHOWCOMPRESSION);
940 return (ARCHIVE_WARN);
946 * HFS+ Compression Resource Fork
948 * +-----------------------------+
949 * | Header(260 bytes) |
950 * +-----------------------------+
951 * | Block count(LE 4 bytes) |
952 * +-----------------------------+ --+
953 * +-- | Offset (LE 4 bytes) | |
954 * | | [distance from Block count] | | Block 0
955 * | +-----------------------------+ |
956 * | | Compressed size(LE 4 bytes) | |
957 * | +-----------------------------+ --+
959 * | | .................. |
961 * | +-----------------------------+ --+
962 * | | Offset (LE 4 bytes) | |
963 * | +-----------------------------+ | Block (Block count -1)
964 * | | Compressed size(LE 4 bytes) | |
965 * +-> +-----------------------------+ --+
966 * | Compressed data(n bytes) | Block 0
967 * +-----------------------------+
969 * | .................. |
971 * +-----------------------------+
972 * | Compressed data(n bytes) | Block (Block count -1)
973 * +-----------------------------+
974 * | Footer(50 bytes) |
975 * +-----------------------------+
979 * Write the header of "com.apple.ResourceFork"
982 hfs_write_resource_fork(struct archive_write_disk *a, unsigned char *buff,
983 size_t bytes, uint32_t position)
987 ret = fsetxattr(a->fd, XATTR_RESOURCEFORK_NAME, buff, bytes,
988 position, a->rsrc_xattr_options);
990 archive_set_error(&a->archive, errno,
991 "Cannot restore xattr: %s at %u pos %u bytes",
992 XATTR_RESOURCEFORK_NAME,
995 return (ARCHIVE_WARN);
997 a->rsrc_xattr_options &= ~XATTR_CREATE;
1002 hfs_write_compressed_data(struct archive_write_disk *a, size_t bytes_compressed)
1006 ret = hfs_write_resource_fork(a, a->compressed_buffer,
1007 bytes_compressed, a->compressed_rsrc_position);
1008 if (ret == ARCHIVE_OK)
1009 a->compressed_rsrc_position += bytes_compressed;
1014 hfs_write_resource_fork_header(struct archive_write_disk *a)
1016 unsigned char *buff;
1017 uint32_t rsrc_bytes;
1018 uint32_t rsrc_header_bytes;
1021 * Write resource fork header + block info.
1023 buff = a->resource_fork;
1024 rsrc_bytes = a->compressed_rsrc_position - RSRC_F_SIZE;
1026 RSRC_H_SIZE + /* Header base size. */
1027 4 + /* Block count. */
1028 (a->decmpfs_block_count * 8);/* Block info */
1029 archive_be32enc(buff, 0x100);
1030 archive_be32enc(buff + 4, rsrc_bytes);
1031 archive_be32enc(buff + 8, rsrc_bytes - 256);
1032 archive_be32enc(buff + 12, 0x32);
1033 memset(buff + 16, 0, 240);
1034 archive_be32enc(buff + 256, rsrc_bytes - 260);
1035 return hfs_write_resource_fork(a, buff, rsrc_header_bytes, 0);
1039 hfs_set_resource_fork_footer(unsigned char *buff, size_t buff_size)
1041 static const char rsrc_footer[RSRC_F_SIZE] = {
1042 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1043 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1044 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1045 0x00, 0x1c, 0x00, 0x32, 0x00, 0x00, 'c', 'm',
1046 'p', 'f', 0x00, 0x00, 0x00, 0x0a, 0x00, 0x01,
1047 0xff, 0xff, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1050 if (buff_size < sizeof(rsrc_footer))
1052 memcpy(buff, rsrc_footer, sizeof(rsrc_footer));
1053 return (sizeof(rsrc_footer));
1057 hfs_reset_compressor(struct archive_write_disk *a)
1061 if (a->stream_valid)
1062 ret = deflateReset(&a->stream);
1064 ret = deflateInit(&a->stream, a->decmpfs_compression_level);
1067 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1068 "Failed to initialize compressor");
1069 return (ARCHIVE_FATAL);
1071 a->stream_valid = 1;
1073 return (ARCHIVE_OK);
1077 hfs_decompress(struct archive_write_disk *a)
1079 uint32_t *block_info;
1080 unsigned int block_count;
1081 uint32_t data_pos, data_size;
1083 ssize_t bytes_written, bytes_to_write;
1086 block_info = (uint32_t *)(a->resource_fork + RSRC_H_SIZE);
1087 block_count = archive_le32dec(block_info++);
1088 while (block_count--) {
1089 data_pos = RSRC_H_SIZE + archive_le32dec(block_info++);
1090 data_size = archive_le32dec(block_info++);
1091 r = fgetxattr(a->fd, XATTR_RESOURCEFORK_NAME,
1092 a->compressed_buffer, data_size, data_pos, 0);
1093 if (r != data_size) {
1094 archive_set_error(&a->archive,
1095 (r < 0)?errno:ARCHIVE_ERRNO_MISC,
1096 "Failed to read resource fork");
1097 return (ARCHIVE_WARN);
1099 if (a->compressed_buffer[0] == 0xff) {
1100 bytes_to_write = data_size -1;
1101 b = a->compressed_buffer + 1;
1103 uLong dest_len = MAX_DECMPFS_BLOCK_SIZE;
1106 zr = uncompress((Bytef *)a->uncompressed_buffer,
1107 &dest_len, a->compressed_buffer, data_size);
1109 archive_set_error(&a->archive,
1111 "Failed to decompress resource fork");
1112 return (ARCHIVE_WARN);
1114 bytes_to_write = dest_len;
1115 b = (unsigned char *)a->uncompressed_buffer;
1118 bytes_written = write(a->fd, b, bytes_to_write);
1119 if (bytes_written < 0) {
1120 archive_set_error(&a->archive, errno,
1122 return (ARCHIVE_WARN);
1124 bytes_to_write -= bytes_written;
1126 } while (bytes_to_write > 0);
1128 r = fremovexattr(a->fd, XATTR_RESOURCEFORK_NAME, 0);
1130 archive_set_error(&a->archive, errno,
1131 "Failed to remove resource fork");
1132 return (ARCHIVE_WARN);
1134 return (ARCHIVE_OK);
1138 hfs_drive_compressor(struct archive_write_disk *a, const char *buff,
1141 unsigned char *buffer_compressed;
1142 size_t bytes_compressed;
1146 ret = hfs_reset_compressor(a);
1147 if (ret != ARCHIVE_OK)
1150 if (a->compressed_buffer == NULL) {
1153 block_size = COMPRESSED_W_SIZE + RSRC_F_SIZE +
1154 + compressBound(MAX_DECMPFS_BLOCK_SIZE);
1155 a->compressed_buffer = malloc(block_size);
1156 if (a->compressed_buffer == NULL) {
1157 archive_set_error(&a->archive, ENOMEM,
1158 "Can't allocate memory for Resource Fork");
1159 return (ARCHIVE_FATAL);
1161 a->compressed_buffer_size = block_size;
1162 a->compressed_buffer_remaining = block_size;
1165 buffer_compressed = a->compressed_buffer +
1166 a->compressed_buffer_size - a->compressed_buffer_remaining;
1167 a->stream.next_in = (Bytef *)(uintptr_t)(const void *)buff;
1168 a->stream.avail_in = size;
1169 a->stream.next_out = buffer_compressed;
1170 a->stream.avail_out = a->compressed_buffer_remaining;
1172 ret = deflate(&a->stream, Z_FINISH);
1178 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1179 "Failed to compress data");
1180 return (ARCHIVE_FAILED);
1182 } while (ret == Z_OK);
1183 bytes_compressed = a->compressed_buffer_remaining - a->stream.avail_out;
1186 * If the compressed size is larger than the original size,
1187 * throw away compressed data, use uncompressed data instead.
1189 if (bytes_compressed > size) {
1190 buffer_compressed[0] = 0xFF;/* uncompressed marker. */
1191 memcpy(buffer_compressed + 1, buff, size);
1192 bytes_compressed = size + 1;
1194 a->compressed_buffer_remaining -= bytes_compressed;
1197 * If the compressed size is smaller than MAX_DECMPFS_XATTR_SIZE
1198 * and the block count in the file is only one, store compressed
1199 * data to decmpfs xattr instead of the resource fork.
1201 if (a->decmpfs_block_count == 1 &&
1202 (a->decmpfs_attr_size + bytes_compressed)
1203 <= MAX_DECMPFS_XATTR_SIZE) {
1204 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE],
1206 memcpy(a->decmpfs_header_p + DECMPFS_HEADER_SIZE,
1207 buffer_compressed, bytes_compressed);
1208 a->decmpfs_attr_size += bytes_compressed;
1209 a->compressed_buffer_remaining = a->compressed_buffer_size;
1211 * Finish HFS+ Compression.
1212 * - Write the decmpfs xattr.
1213 * - Set the UF_COMPRESSED file flag.
1215 ret = hfs_write_decmpfs(a);
1216 if (ret == ARCHIVE_OK)
1217 ret = hfs_set_compressed_fflag(a);
1221 /* Update block info. */
1222 archive_le32enc(a->decmpfs_block_info++,
1223 a->compressed_rsrc_position_v - RSRC_H_SIZE);
1224 archive_le32enc(a->decmpfs_block_info++, bytes_compressed);
1225 a->compressed_rsrc_position_v += bytes_compressed;
1228 * Write the compressed data to the resource fork.
1230 bytes_used = a->compressed_buffer_size - a->compressed_buffer_remaining;
1231 while (bytes_used >= COMPRESSED_W_SIZE) {
1232 ret = hfs_write_compressed_data(a, COMPRESSED_W_SIZE);
1233 if (ret != ARCHIVE_OK)
1235 bytes_used -= COMPRESSED_W_SIZE;
1236 if (bytes_used > COMPRESSED_W_SIZE)
1237 memmove(a->compressed_buffer,
1238 a->compressed_buffer + COMPRESSED_W_SIZE,
1241 memcpy(a->compressed_buffer,
1242 a->compressed_buffer + COMPRESSED_W_SIZE,
1245 a->compressed_buffer_remaining = a->compressed_buffer_size - bytes_used;
1248 * If the current block is the last block, write the remaining
1249 * compressed data and the resource fork footer.
1251 if (a->file_remaining_bytes == 0) {
1255 /* Append the resource footer. */
1256 rsrc_size = hfs_set_resource_fork_footer(
1257 a->compressed_buffer + bytes_used,
1258 a->compressed_buffer_remaining);
1259 ret = hfs_write_compressed_data(a, bytes_used + rsrc_size);
1260 a->compressed_buffer_remaining = a->compressed_buffer_size;
1262 /* If the compressed size is not enough smaller than
1263 * the uncompressed size. cancel HFS+ compression.
1264 * TODO: study a behavior of ditto utility and improve
1265 * the condition to fall back into no HFS+ compression. */
1266 bk = HFS_BLOCKS(a->compressed_rsrc_position);
1268 if (bk > HFS_BLOCKS(a->filesize))
1269 return hfs_decompress(a);
1271 * Write the resourcefork header.
1273 if (ret == ARCHIVE_OK)
1274 ret = hfs_write_resource_fork_header(a);
1276 * Finish HFS+ Compression.
1277 * - Write the decmpfs xattr.
1278 * - Set the UF_COMPRESSED file flag.
1280 if (ret == ARCHIVE_OK)
1281 ret = hfs_write_decmpfs(a);
1282 if (ret == ARCHIVE_OK)
1283 ret = hfs_set_compressed_fflag(a);
1289 hfs_write_decmpfs_block(struct archive_write_disk *a, const char *buff,
1292 const char *buffer_to_write;
1293 size_t bytes_to_write;
1296 if (a->decmpfs_block_count == (unsigned)-1) {
1299 unsigned int block_count;
1301 if (a->decmpfs_header_p == NULL) {
1302 new_block = malloc(MAX_DECMPFS_XATTR_SIZE
1303 + sizeof(uint32_t));
1304 if (new_block == NULL) {
1305 archive_set_error(&a->archive, ENOMEM,
1306 "Can't allocate memory for decmpfs");
1307 return (ARCHIVE_FATAL);
1309 a->decmpfs_header_p = new_block;
1311 a->decmpfs_attr_size = DECMPFS_HEADER_SIZE;
1312 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_MAGIC],
1314 archive_le32enc(&a->decmpfs_header_p[DECMPFS_COMPRESSION_TYPE],
1316 archive_le64enc(&a->decmpfs_header_p[DECMPFS_UNCOMPRESSED_SIZE],
1319 /* Calculate a block count of the file. */
1321 (a->filesize + MAX_DECMPFS_BLOCK_SIZE -1) /
1322 MAX_DECMPFS_BLOCK_SIZE;
1324 * Allocate buffer for resource fork.
1325 * Set up related pointers;
1328 RSRC_H_SIZE + /* header */
1329 4 + /* Block count */
1330 (block_count * sizeof(uint32_t) * 2) +
1331 RSRC_F_SIZE; /* footer */
1332 if (new_size > a->resource_fork_allocated_size) {
1333 new_block = realloc(a->resource_fork, new_size);
1334 if (new_block == NULL) {
1335 archive_set_error(&a->archive, ENOMEM,
1336 "Can't allocate memory for ResourceFork");
1337 return (ARCHIVE_FATAL);
1339 a->resource_fork_allocated_size = new_size;
1340 a->resource_fork = new_block;
1343 /* Allocate uncompressed buffer */
1344 if (a->uncompressed_buffer == NULL) {
1345 new_block = malloc(MAX_DECMPFS_BLOCK_SIZE);
1346 if (new_block == NULL) {
1347 archive_set_error(&a->archive, ENOMEM,
1348 "Can't allocate memory for decmpfs");
1349 return (ARCHIVE_FATAL);
1351 a->uncompressed_buffer = new_block;
1353 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE;
1354 a->file_remaining_bytes = a->filesize;
1355 a->compressed_buffer_remaining = a->compressed_buffer_size;
1358 * Set up a resource fork.
1360 a->rsrc_xattr_options = XATTR_CREATE;
1361 /* Get the position where we are going to set a bunch
1363 a->decmpfs_block_info =
1364 (uint32_t *)(a->resource_fork + RSRC_H_SIZE);
1365 /* Set the block count to the resource fork. */
1366 archive_le32enc(a->decmpfs_block_info++, block_count);
1367 /* Get the position where we are going to set compressed
1369 a->compressed_rsrc_position =
1370 RSRC_H_SIZE + 4 + (block_count * 8);
1371 a->compressed_rsrc_position_v = a->compressed_rsrc_position;
1372 a->decmpfs_block_count = block_count;
1375 /* Ignore redundant bytes. */
1376 if (a->file_remaining_bytes == 0)
1377 return ((ssize_t)size);
1379 /* Do not overrun a block size. */
1380 if (size > a->block_remaining_bytes)
1381 bytes_to_write = a->block_remaining_bytes;
1383 bytes_to_write = size;
1384 /* Do not overrun the file size. */
1385 if (bytes_to_write > a->file_remaining_bytes)
1386 bytes_to_write = a->file_remaining_bytes;
1388 /* For efficiency, if a copy length is full of the uncompressed
1389 * buffer size, do not copy writing data to it. */
1390 if (bytes_to_write == MAX_DECMPFS_BLOCK_SIZE)
1391 buffer_to_write = buff;
1393 memcpy(a->uncompressed_buffer +
1394 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes,
1395 buff, bytes_to_write);
1396 buffer_to_write = a->uncompressed_buffer;
1398 a->block_remaining_bytes -= bytes_to_write;
1399 a->file_remaining_bytes -= bytes_to_write;
1401 if (a->block_remaining_bytes == 0 || a->file_remaining_bytes == 0) {
1402 ret = hfs_drive_compressor(a, buffer_to_write,
1403 MAX_DECMPFS_BLOCK_SIZE - a->block_remaining_bytes);
1406 a->block_remaining_bytes = MAX_DECMPFS_BLOCK_SIZE;
1408 /* Ignore redundant bytes. */
1409 if (a->file_remaining_bytes == 0)
1410 return ((ssize_t)size);
1411 return (bytes_to_write);
1415 hfs_write_data_block(struct archive_write_disk *a, const char *buff,
1418 uint64_t start_size = size;
1419 ssize_t bytes_written = 0;
1420 ssize_t bytes_to_write;
1423 return (ARCHIVE_OK);
1425 if (a->filesize == 0 || a->fd < 0) {
1426 archive_set_error(&a->archive, 0,
1427 "Attempt to write to an empty file");
1428 return (ARCHIVE_WARN);
1431 /* If this write would run beyond the file size, truncate it. */
1432 if (a->filesize >= 0 && (int64_t)(a->offset + size) > a->filesize)
1433 start_size = size = (size_t)(a->filesize - a->offset);
1435 /* Write the data. */
1437 bytes_to_write = size;
1438 /* Seek if necessary to the specified offset. */
1439 if (a->offset < a->fd_offset) {
1440 /* Can't support backward move. */
1441 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
1443 return (ARCHIVE_FATAL);
1444 } else if (a->offset > a->fd_offset) {
1445 int64_t skip = a->offset - a->fd_offset;
1446 char nullblock[1024];
1448 memset(nullblock, 0, sizeof(nullblock));
1450 if (skip > (int64_t)sizeof(nullblock))
1451 bytes_written = hfs_write_decmpfs_block(
1452 a, nullblock, sizeof(nullblock));
1454 bytes_written = hfs_write_decmpfs_block(
1455 a, nullblock, skip);
1456 if (bytes_written < 0) {
1457 archive_set_error(&a->archive, errno,
1459 return (ARCHIVE_WARN);
1461 skip -= bytes_written;
1464 a->fd_offset = a->offset;
1467 hfs_write_decmpfs_block(a, buff, bytes_to_write);
1468 if (bytes_written < 0)
1469 return (bytes_written);
1470 buff += bytes_written;
1471 size -= bytes_written;
1472 a->total_bytes_written += bytes_written;
1473 a->offset += bytes_written;
1474 a->fd_offset = a->offset;
1476 return (start_size - size);
1480 hfs_write_data_block(struct archive_write_disk *a, const char *buff,
1483 return (write_data_block(a, buff, size));
1488 _archive_write_disk_data_block(struct archive *_a,
1489 const void *buff, size_t size, int64_t offset)
1491 struct archive_write_disk *a = (struct archive_write_disk *)_a;
1494 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
1495 ARCHIVE_STATE_DATA, "archive_write_data_block");
1498 if (a->todo & TODO_HFS_COMPRESSION)
1499 r = hfs_write_data_block(a, buff, size);
1501 r = write_data_block(a, buff, size);
1504 if ((size_t)r < size) {
1505 archive_set_error(&a->archive, 0,
1506 "Too much data: Truncating file at %ju bytes",
1507 (uintmax_t)a->filesize);
1508 return (ARCHIVE_WARN);
1510 #if ARCHIVE_VERSION_NUMBER < 3999000
1511 return (ARCHIVE_OK);
1518 _archive_write_disk_data(struct archive *_a, const void *buff, size_t size)
1520 struct archive_write_disk *a = (struct archive_write_disk *)_a;
1522 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
1523 ARCHIVE_STATE_DATA, "archive_write_data");
1525 if (a->todo & TODO_HFS_COMPRESSION)
1526 return (hfs_write_data_block(a, buff, size));
1527 return (write_data_block(a, buff, size));
1531 _archive_write_disk_finish_entry(struct archive *_a)
1533 struct archive_write_disk *a = (struct archive_write_disk *)_a;
1534 int ret = ARCHIVE_OK;
1536 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
1537 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA,
1538 "archive_write_finish_entry");
1539 if (a->archive.state & ARCHIVE_STATE_HEADER)
1540 return (ARCHIVE_OK);
1541 archive_clear_error(&a->archive);
1543 /* Pad or truncate file to the right size. */
1545 /* There's no file. */
1546 } else if (a->filesize < 0) {
1547 /* File size is unknown, so we can't set the size. */
1548 } else if (a->fd_offset == a->filesize) {
1549 /* Last write ended at exactly the filesize; we're done. */
1550 /* Hopefully, this is the common case. */
1551 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_ZLIB_H)
1552 } else if (a->todo & TODO_HFS_COMPRESSION) {
1556 if (a->file_remaining_bytes)
1557 memset(null_d, 0, sizeof(null_d));
1558 while (a->file_remaining_bytes) {
1559 if (a->file_remaining_bytes > sizeof(null_d))
1560 r = hfs_write_data_block(
1561 a, null_d, sizeof(null_d));
1563 r = hfs_write_data_block(
1564 a, null_d, a->file_remaining_bytes);
1571 if (ftruncate(a->fd, a->filesize) == -1 &&
1573 archive_set_error(&a->archive, errno,
1574 "File size could not be restored");
1575 return (ARCHIVE_FAILED);
1579 * Not all platforms implement the XSI option to
1580 * extend files via ftruncate. Stat() the file again
1581 * to see what happened.
1584 if ((ret = lazy_stat(a)) != ARCHIVE_OK)
1586 /* We can use lseek()/write() to extend the file if
1587 * ftruncate didn't work or isn't available. */
1588 if (a->st.st_size < a->filesize) {
1589 const char nul = '\0';
1590 if (lseek(a->fd, a->filesize - 1, SEEK_SET) < 0) {
1591 archive_set_error(&a->archive, errno,
1593 return (ARCHIVE_FATAL);
1595 if (write(a->fd, &nul, 1) < 0) {
1596 archive_set_error(&a->archive, errno,
1597 "Write to restore size failed");
1598 return (ARCHIVE_FATAL);
1604 /* Restore metadata. */
1607 * This is specific to Mac OS X.
1608 * If the current file is an AppleDouble file, it should be
1609 * linked with the data fork file and remove it.
1611 if (a->todo & TODO_APPLEDOUBLE) {
1612 int r2 = fixup_appledouble(a, a->name);
1613 if (r2 == ARCHIVE_EOF) {
1614 /* The current file has been successfully linked
1615 * with the data fork file and removed. So there
1616 * is nothing to do on the current file. */
1617 goto finish_metadata;
1619 if (r2 < ret) ret = r2;
1623 * Look up the "real" UID only if we're going to need it.
1624 * TODO: the TODO_SGID condition can be dropped here, can't it?
1626 if (a->todo & (TODO_OWNER | TODO_SUID | TODO_SGID)) {
1627 a->uid = archive_write_disk_uid(&a->archive,
1628 archive_entry_uname(a->entry),
1629 archive_entry_uid(a->entry));
1631 /* Look up the "real" GID only if we're going to need it. */
1632 /* TODO: the TODO_SUID condition can be dropped here, can't it? */
1633 if (a->todo & (TODO_OWNER | TODO_SGID | TODO_SUID)) {
1634 a->gid = archive_write_disk_gid(&a->archive,
1635 archive_entry_gname(a->entry),
1636 archive_entry_gid(a->entry));
1640 * Restore ownership before set_mode tries to restore suid/sgid
1641 * bits. If we set the owner, we know what it is and can skip
1642 * a stat() call to examine the ownership of the file on disk.
1644 if (a->todo & TODO_OWNER) {
1645 int r2 = set_ownership(a);
1646 if (r2 < ret) ret = r2;
1650 * set_mode must precede ACLs on systems such as Solaris and
1651 * FreeBSD where setting the mode implicitly clears extended ACLs
1653 if (a->todo & TODO_MODE) {
1654 int r2 = set_mode(a, a->mode);
1655 if (r2 < ret) ret = r2;
1659 * Security-related extended attributes (such as
1660 * security.capability on Linux) have to be restored last,
1661 * since they're implicitly removed by other file changes.
1663 if (a->todo & TODO_XATTR) {
1664 int r2 = set_xattrs(a);
1665 if (r2 < ret) ret = r2;
1669 * Some flags prevent file modification; they must be restored after
1670 * file contents are written.
1672 if (a->todo & TODO_FFLAGS) {
1673 int r2 = set_fflags(a);
1674 if (r2 < ret) ret = r2;
1678 * Time must follow most other metadata;
1679 * otherwise atime will get changed.
1681 if (a->todo & TODO_TIMES) {
1682 int r2 = set_times_from_entry(a);
1683 if (r2 < ret) ret = r2;
1687 * Mac extended metadata includes ACLs.
1689 if (a->todo & TODO_MAC_METADATA) {
1690 const void *metadata;
1691 size_t metadata_size;
1692 metadata = archive_entry_mac_metadata(a->entry, &metadata_size);
1693 if (metadata != NULL && metadata_size > 0) {
1694 int r2 = set_mac_metadata(a, archive_entry_pathname(
1695 a->entry), metadata, metadata_size);
1696 if (r2 < ret) ret = r2;
1701 * ACLs must be restored after timestamps because there are
1702 * ACLs that prevent attribute changes (including time).
1704 if (a->todo & TODO_ACLS) {
1706 #ifdef HAVE_DARWIN_ACL
1708 * On Mac OS, platform ACLs are stored also in mac_metadata by
1709 * the operating system. If mac_metadata is present it takes
1710 * precedence and we skip extracting libarchive NFSv4 ACLs
1712 const void *metadata;
1713 size_t metadata_size;
1714 metadata = archive_entry_mac_metadata(a->entry, &metadata_size);
1715 if (metadata == NULL || metadata_size == 0) {
1717 r2 = archive_write_disk_set_acls(&a->archive, a->fd,
1718 archive_entry_pathname(a->entry),
1719 archive_entry_acl(a->entry));
1720 if (r2 < ret) ret = r2;
1721 #ifdef HAVE_DARWIN_ACL
1727 /* If there's an fd, we can close it now. */
1732 /* If there's an entry, we can release it now. */
1734 archive_entry_free(a->entry);
1737 a->archive.state = ARCHIVE_STATE_HEADER;
1742 archive_write_disk_set_group_lookup(struct archive *_a,
1744 int64_t (*lookup_gid)(void *private, const char *gname, int64_t gid),
1745 void (*cleanup_gid)(void *private))
1747 struct archive_write_disk *a = (struct archive_write_disk *)_a;
1748 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
1749 ARCHIVE_STATE_ANY, "archive_write_disk_set_group_lookup");
1751 if (a->cleanup_gid != NULL && a->lookup_gid_data != NULL)
1752 (a->cleanup_gid)(a->lookup_gid_data);
1754 a->lookup_gid = lookup_gid;
1755 a->cleanup_gid = cleanup_gid;
1756 a->lookup_gid_data = private_data;
1757 return (ARCHIVE_OK);
1761 archive_write_disk_set_user_lookup(struct archive *_a,
1763 int64_t (*lookup_uid)(void *private, const char *uname, int64_t uid),
1764 void (*cleanup_uid)(void *private))
1766 struct archive_write_disk *a = (struct archive_write_disk *)_a;
1767 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
1768 ARCHIVE_STATE_ANY, "archive_write_disk_set_user_lookup");
1770 if (a->cleanup_uid != NULL && a->lookup_uid_data != NULL)
1771 (a->cleanup_uid)(a->lookup_uid_data);
1773 a->lookup_uid = lookup_uid;
1774 a->cleanup_uid = cleanup_uid;
1775 a->lookup_uid_data = private_data;
1776 return (ARCHIVE_OK);
1780 archive_write_disk_gid(struct archive *_a, const char *name, int64_t id)
1782 struct archive_write_disk *a = (struct archive_write_disk *)_a;
1783 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
1784 ARCHIVE_STATE_ANY, "archive_write_disk_gid");
1786 return (a->lookup_gid)(a->lookup_gid_data, name, id);
1791 archive_write_disk_uid(struct archive *_a, const char *name, int64_t id)
1793 struct archive_write_disk *a = (struct archive_write_disk *)_a;
1794 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
1795 ARCHIVE_STATE_ANY, "archive_write_disk_uid");
1797 return (a->lookup_uid)(a->lookup_uid_data, name, id);
1802 * Create a new archive_write_disk object and initialize it with global state.
1805 archive_write_disk_new(void)
1807 struct archive_write_disk *a;
1809 a = (struct archive_write_disk *)calloc(1, sizeof(*a));
1812 a->archive.magic = ARCHIVE_WRITE_DISK_MAGIC;
1813 /* We're ready to write a header immediately. */
1814 a->archive.state = ARCHIVE_STATE_HEADER;
1815 a->archive.vtable = archive_write_disk_vtable();
1816 a->start_time = time(NULL);
1817 /* Query and restore the umask. */
1818 umask(a->user_umask = umask(0));
1820 a->user_uid = geteuid();
1821 #endif /* HAVE_GETEUID */
1822 if (archive_string_ensure(&a->path_safe, 512) == NULL) {
1827 a->decmpfs_compression_level = 5;
1829 return (&a->archive);
1834 * If pathname is longer than PATH_MAX, chdir to a suitable
1835 * intermediate dir and edit the path down to a shorter suffix. Note
1836 * that this routine never returns an error; if the chdir() attempt
1837 * fails for any reason, we just go ahead with the long pathname. The
1838 * object creation is likely to fail, but any error will get handled
1841 #if defined(HAVE_FCHDIR) && defined(PATH_MAX)
1843 edit_deep_directories(struct archive_write_disk *a)
1846 char *tail = a->name;
1848 /* If path is short, avoid the open() below. */
1849 if (strlen(tail) < PATH_MAX)
1852 /* Try to record our starting dir. */
1853 a->restore_pwd = open(".", O_RDONLY | O_BINARY | O_CLOEXEC);
1854 __archive_ensure_cloexec_flag(a->restore_pwd);
1855 if (a->restore_pwd < 0)
1858 /* As long as the path is too long... */
1859 while (strlen(tail) >= PATH_MAX) {
1860 /* Locate a dir prefix shorter than PATH_MAX. */
1861 tail += PATH_MAX - 8;
1862 while (tail > a->name && *tail != '/')
1864 /* Exit if we find a too-long path component. */
1865 if (tail <= a->name)
1867 /* Create the intermediate dir and chdir to it. */
1868 *tail = '\0'; /* Terminate dir portion */
1869 ret = create_dir(a, a->name);
1870 if (ret == ARCHIVE_OK && chdir(a->name) != 0)
1871 ret = ARCHIVE_FAILED;
1872 *tail = '/'; /* Restore the / we removed. */
1873 if (ret != ARCHIVE_OK)
1876 /* The chdir() succeeded; we've now shortened the path. */
1884 * The main restore function.
1887 restore_entry(struct archive_write_disk *a)
1889 int ret = ARCHIVE_OK, en;
1891 if (a->flags & ARCHIVE_EXTRACT_UNLINK && !S_ISDIR(a->mode)) {
1893 * TODO: Fix this. Apparently, there are platforms
1894 * that still allow root to hose the entire filesystem
1895 * by unlinking a dir. The S_ISDIR() test above
1896 * prevents us from using unlink() here if the new
1897 * object is a dir, but that doesn't mean the old
1898 * object isn't a dir.
1900 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS)
1901 (void)clear_nochange_fflags(a);
1902 if (unlink(a->name) == 0) {
1903 /* We removed it, reset cached stat. */
1905 } else if (errno == ENOENT) {
1906 /* File didn't exist, that's just as good. */
1907 } else if (rmdir(a->name) == 0) {
1908 /* It was a dir, but now it's gone. */
1911 /* We tried, but couldn't get rid of it. */
1912 archive_set_error(&a->archive, errno,
1913 "Could not unlink");
1914 return(ARCHIVE_FAILED);
1918 /* Try creating it first; if this fails, we'll try to recover. */
1919 en = create_filesystem_object(a);
1921 if ((en == ENOTDIR || en == ENOENT)
1922 && !(a->flags & ARCHIVE_EXTRACT_NO_AUTODIR)) {
1923 /* If the parent dir doesn't exist, try creating it. */
1924 create_parent_dir(a, a->name);
1925 /* Now try to create the object again. */
1926 en = create_filesystem_object(a);
1929 if ((en == ENOENT) && (archive_entry_hardlink(a->entry) != NULL)) {
1930 archive_set_error(&a->archive, en,
1931 "Hard-link target '%s' does not exist.",
1932 archive_entry_hardlink(a->entry));
1933 return (ARCHIVE_FAILED);
1936 if ((en == EISDIR || en == EEXIST)
1937 && (a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) {
1938 /* If we're not overwriting, we're done. */
1939 archive_entry_unset_size(a->entry);
1940 return (ARCHIVE_OK);
1944 * Some platforms return EISDIR if you call
1945 * open(O_WRONLY | O_EXCL | O_CREAT) on a directory, some
1946 * return EEXIST. POSIX is ambiguous, requiring EISDIR
1947 * for open(O_WRONLY) on a dir and EEXIST for open(O_EXCL | O_CREAT)
1948 * on an existing item.
1951 /* A dir is in the way of a non-dir, rmdir it. */
1952 if (rmdir(a->name) != 0) {
1953 archive_set_error(&a->archive, errno,
1954 "Can't remove already-existing dir");
1955 return (ARCHIVE_FAILED);
1959 en = create_filesystem_object(a);
1960 } else if (en == EEXIST) {
1962 * We know something is in the way, but we don't know what;
1963 * we need to find out before we go any further.
1967 * The SECURE_SYMLINKS logic has already removed a
1968 * symlink to a dir if the client wants that. So
1969 * follow the symlink if we're creating a dir.
1971 if (S_ISDIR(a->mode))
1972 r = stat(a->name, &a->st);
1974 * If it's not a dir (or it's a broken symlink),
1975 * then don't follow it.
1977 if (r != 0 || !S_ISDIR(a->mode))
1978 r = lstat(a->name, &a->st);
1980 archive_set_error(&a->archive, errno,
1981 "Can't stat existing object");
1982 return (ARCHIVE_FAILED);
1986 * NO_OVERWRITE_NEWER doesn't apply to directories.
1988 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER)
1989 && !S_ISDIR(a->st.st_mode)) {
1990 if (!older(&(a->st), a->entry)) {
1991 archive_entry_unset_size(a->entry);
1992 return (ARCHIVE_OK);
1996 /* If it's our archive, we're done. */
1997 if (a->skip_file_set &&
1998 a->st.st_dev == (dev_t)a->skip_file_dev &&
1999 a->st.st_ino == (ino_t)a->skip_file_ino) {
2000 archive_set_error(&a->archive, 0,
2001 "Refusing to overwrite archive");
2002 return (ARCHIVE_FAILED);
2005 if (!S_ISDIR(a->st.st_mode)) {
2006 /* A non-dir is in the way, unlink it. */
2007 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS)
2008 (void)clear_nochange_fflags(a);
2009 if (unlink(a->name) != 0) {
2010 archive_set_error(&a->archive, errno,
2011 "Can't unlink already-existing object");
2012 return (ARCHIVE_FAILED);
2016 en = create_filesystem_object(a);
2017 } else if (!S_ISDIR(a->mode)) {
2018 /* A dir is in the way of a non-dir, rmdir it. */
2019 if (a->flags & ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS)
2020 (void)clear_nochange_fflags(a);
2021 if (rmdir(a->name) != 0) {
2022 archive_set_error(&a->archive, errno,
2023 "Can't replace existing directory with non-directory");
2024 return (ARCHIVE_FAILED);
2027 en = create_filesystem_object(a);
2030 * There's a dir in the way of a dir. Don't
2031 * waste time with rmdir()/mkdir(), just fix
2032 * up the permissions on the existing dir.
2033 * Note that we don't change perms on existing
2034 * dirs unless _EXTRACT_PERM is specified.
2036 if ((a->mode != a->st.st_mode)
2037 && (a->todo & TODO_MODE_FORCE))
2038 a->deferred |= (a->todo & TODO_MODE);
2039 /* Ownership doesn't need deferred fixup. */
2040 en = 0; /* Forget the EEXIST. */
2045 /* Everything failed; give up here. */
2046 if ((&a->archive)->error == NULL)
2047 archive_set_error(&a->archive, en, "Can't create '%s'",
2049 return (ARCHIVE_FAILED);
2052 a->pst = NULL; /* Cached stat data no longer valid. */
2057 * Returns 0 if creation succeeds, or else returns errno value from
2058 * the failed system call. Note: This function should only ever perform
2059 * a single system call.
2062 create_filesystem_object(struct archive_write_disk *a)
2064 /* Create the entry. */
2065 const char *linkname;
2066 mode_t final_mode, mode;
2068 /* these for check_symlinks_fsobj */
2069 char *linkname_copy; /* non-const copy of linkname */
2070 struct archive_string error_string;
2073 /* We identify hard/symlinks according to the link names. */
2074 /* Since link(2) and symlink(2) don't handle modes, we're done here. */
2075 linkname = archive_entry_hardlink(a->entry);
2076 if (linkname != NULL) {
2080 archive_string_init(&error_string);
2081 linkname_copy = strdup(linkname);
2082 if (linkname_copy == NULL) {
2086 * TODO: consider using the cleaned-up path as the link
2089 r = cleanup_pathname_fsobj(linkname_copy, &error_number,
2090 &error_string, a->flags);
2091 if (r != ARCHIVE_OK) {
2092 archive_set_error(&a->archive, error_number, "%s",
2094 free(linkname_copy);
2095 archive_string_free(&error_string);
2097 * EPERM is more appropriate than error_number for our
2102 r = check_symlinks_fsobj(linkname_copy, &error_number,
2103 &error_string, a->flags);
2104 if (r != ARCHIVE_OK) {
2105 archive_set_error(&a->archive, error_number, "%s",
2107 free(linkname_copy);
2108 archive_string_free(&error_string);
2110 * EPERM is more appropriate than error_number for our
2115 free(linkname_copy);
2116 archive_string_free(&error_string);
2117 r = link(linkname, a->name) ? errno : 0;
2119 * New cpio and pax formats allow hardlink entries
2120 * to carry data, so we may have to open the file
2121 * for hardlink entries.
2123 * If the hardlink was successfully created and
2124 * the archive doesn't have carry data for it,
2125 * consider it to be non-authoritative for meta data.
2126 * This is consistent with GNU tar and BSD pax.
2127 * If the hardlink does carry data, let the last
2128 * archive entry decide ownership.
2130 if (r == 0 && a->filesize <= 0) {
2133 } else if (r == 0 && a->filesize > 0) {
2134 a->fd = open(a->name, O_WRONLY | O_TRUNC | O_BINARY
2135 | O_CLOEXEC | O_NOFOLLOW);
2136 __archive_ensure_cloexec_flag(a->fd);
2143 linkname = archive_entry_symlink(a->entry);
2144 if (linkname != NULL) {
2146 return symlink(linkname, a->name) ? errno : 0;
2153 * The remaining system calls all set permissions, so let's
2154 * try to take advantage of that to avoid an extra chmod()
2155 * call. (Recall that umask is set to zero right now!)
2158 /* Mode we want for the final restored object (w/o file type bits). */
2159 final_mode = a->mode & 07777;
2161 * The mode that will actually be restored in this step. Note
2162 * that SUID, SGID, etc, require additional work to ensure
2163 * security, so we never restore them at this point.
2165 mode = final_mode & 0777 & ~a->user_umask;
2167 switch (a->mode & AE_IFMT) {
2169 /* POSIX requires that we fall through here. */
2172 a->fd = open(a->name,
2173 O_WRONLY | O_CREAT | O_EXCL | O_BINARY | O_CLOEXEC, mode);
2174 __archive_ensure_cloexec_flag(a->fd);
2179 /* Note: we use AE_IFCHR for the case label, and
2180 * S_IFCHR for the mknod() call. This is correct. */
2181 r = mknod(a->name, mode | S_IFCHR,
2182 archive_entry_rdev(a->entry));
2185 /* TODO: Find a better way to warn about our inability
2186 * to restore a char device node. */
2188 #endif /* HAVE_MKNOD */
2191 r = mknod(a->name, mode | S_IFBLK,
2192 archive_entry_rdev(a->entry));
2195 /* TODO: Find a better way to warn about our inability
2196 * to restore a block device node. */
2198 #endif /* HAVE_MKNOD */
2200 mode = (mode | MINIMUM_DIR_MODE) & MAXIMUM_DIR_MODE;
2201 r = mkdir(a->name, mode);
2203 /* Defer setting dir times. */
2204 a->deferred |= (a->todo & TODO_TIMES);
2205 a->todo &= ~TODO_TIMES;
2206 /* Never use an immediate chmod(). */
2207 /* We can't avoid the chmod() entirely if EXTRACT_PERM
2208 * because of SysV SGID inheritance. */
2209 if ((mode != final_mode)
2210 || (a->flags & ARCHIVE_EXTRACT_PERM))
2211 a->deferred |= (a->todo & TODO_MODE);
2212 a->todo &= ~TODO_MODE;
2217 r = mkfifo(a->name, mode);
2220 /* TODO: Find a better way to warn about our inability
2221 * to restore a fifo. */
2223 #endif /* HAVE_MKFIFO */
2226 /* All the system calls above set errno on failure. */
2230 /* If we managed to set the final mode, we've avoided a chmod(). */
2231 if (mode == final_mode)
2232 a->todo &= ~TODO_MODE;
2237 * Cleanup function for archive_extract. Mostly, this involves processing
2238 * the fixup list, which is used to address a number of problems:
2239 * * Dir permissions might prevent us from restoring a file in that
2240 * dir, so we restore the dir with minimum 0700 permissions first,
2241 * then correct the mode at the end.
2242 * * Similarly, the act of restoring a file touches the directory
2243 * and changes the timestamp on the dir, so we have to touch-up dir
2244 * timestamps at the end as well.
2245 * * Some file flags can interfere with the restore by, for example,
2246 * preventing the creation of hardlinks to those files.
2247 * * Mac OS extended metadata includes ACLs, so must be deferred on dirs.
2249 * Note that tar/cpio do not require that archives be in a particular
2250 * order; there is no way to know when the last file has been restored
2251 * within a directory, so there's no way to optimize the memory usage
2252 * here by fixing up the directory any earlier than the
2255 * XXX TODO: Directory ACLs should be restored here, for the same
2256 * reason we set directory perms here. XXX
2259 _archive_write_disk_close(struct archive *_a)
2261 struct archive_write_disk *a = (struct archive_write_disk *)_a;
2262 struct fixup_entry *next, *p;
2265 archive_check_magic(&a->archive, ARCHIVE_WRITE_DISK_MAGIC,
2266 ARCHIVE_STATE_HEADER | ARCHIVE_STATE_DATA,
2267 "archive_write_disk_close");
2268 ret = _archive_write_disk_finish_entry(&a->archive);
2270 /* Sort dir list so directories are fixed up in depth-first order. */
2271 p = sort_dir_list(a->fixup_list);
2274 a->pst = NULL; /* Mark stat cache as out-of-date. */
2275 if (p->fixup & TODO_TIMES) {
2276 set_times(a, -1, p->mode, p->name,
2277 p->atime, p->atime_nanos,
2278 p->birthtime, p->birthtime_nanos,
2279 p->mtime, p->mtime_nanos,
2280 p->ctime, p->ctime_nanos);
2282 if (p->fixup & TODO_MODE_BASE)
2283 chmod(p->name, p->mode);
2284 if (p->fixup & TODO_ACLS)
2285 #ifdef HAVE_DARWIN_ACL
2286 if (p->mac_metadata == NULL ||
2287 p->mac_metadata_size == 0)
2289 archive_write_disk_set_acls(&a->archive,
2290 -1, p->name, &p->acl);
2291 if (p->fixup & TODO_FFLAGS)
2292 set_fflags_platform(a, -1, p->name,
2293 p->mode, p->fflags_set, 0);
2294 if (p->fixup & TODO_MAC_METADATA)
2295 set_mac_metadata(a, p->name, p->mac_metadata,
2296 p->mac_metadata_size);
2298 archive_acl_clear(&p->acl);
2299 free(p->mac_metadata);
2304 a->fixup_list = NULL;
2309 _archive_write_disk_free(struct archive *_a)
2311 struct archive_write_disk *a;
2314 return (ARCHIVE_OK);
2315 archive_check_magic(_a, ARCHIVE_WRITE_DISK_MAGIC,
2316 ARCHIVE_STATE_ANY | ARCHIVE_STATE_FATAL, "archive_write_disk_free");
2317 a = (struct archive_write_disk *)_a;
2318 ret = _archive_write_disk_close(&a->archive);
2319 archive_write_disk_set_group_lookup(&a->archive, NULL, NULL, NULL);
2320 archive_write_disk_set_user_lookup(&a->archive, NULL, NULL, NULL);
2322 archive_entry_free(a->entry);
2323 archive_string_free(&a->_name_data);
2324 archive_string_free(&a->archive.error_string);
2325 archive_string_free(&a->path_safe);
2326 a->archive.magic = 0;
2327 __archive_clean(&a->archive);
2328 free(a->decmpfs_header_p);
2329 free(a->resource_fork);
2330 free(a->compressed_buffer);
2331 free(a->uncompressed_buffer);
2332 #if defined(__APPLE__) && defined(UF_COMPRESSED) && defined(HAVE_SYS_XATTR_H)\
2333 && defined(HAVE_ZLIB_H)
2334 if (a->stream_valid) {
2335 switch (deflateEnd(&a->stream)) {
2339 archive_set_error(&a->archive, ARCHIVE_ERRNO_MISC,
2340 "Failed to clean up compressor");
2341 ret = ARCHIVE_FATAL;
2351 * Simple O(n log n) merge sort to order the fixup list. In
2352 * particular, we want to restore dir timestamps depth-first.
2354 static struct fixup_entry *
2355 sort_dir_list(struct fixup_entry *p)
2357 struct fixup_entry *a, *b, *t;
2361 /* A one-item list is already sorted. */
2362 if (p->next == NULL)
2365 /* Step 1: split the list. */
2369 /* Step a twice, t once. */
2375 /* Now, t is at the mid-point, so break the list here. */
2380 /* Step 2: Recursively sort the two sub-lists. */
2381 a = sort_dir_list(a);
2382 b = sort_dir_list(b);
2384 /* Step 3: Merge the returned lists. */
2385 /* Pick the first element for the merged list. */
2386 if (strcmp(a->name, b->name) > 0) {
2394 /* Always put the later element on the list first. */
2395 while (a != NULL && b != NULL) {
2396 if (strcmp(a->name, b->name) > 0) {
2406 /* Only one list is non-empty, so just splice it on. */
2416 * Returns a new, initialized fixup entry.
2418 * TODO: Reduce the memory requirements for this list by using a tree
2419 * structure rather than a simple list of names.
2421 static struct fixup_entry *
2422 new_fixup(struct archive_write_disk *a, const char *pathname)
2424 struct fixup_entry *fe;
2426 fe = (struct fixup_entry *)calloc(1, sizeof(struct fixup_entry));
2428 archive_set_error(&a->archive, ENOMEM,
2429 "Can't allocate memory for a fixup");
2432 fe->next = a->fixup_list;
2435 fe->name = strdup(pathname);
2440 * Returns a fixup structure for the current entry.
2442 static struct fixup_entry *
2443 current_fixup(struct archive_write_disk *a, const char *pathname)
2445 if (a->current_fixup == NULL)
2446 a->current_fixup = new_fixup(a, pathname);
2447 return (a->current_fixup);
2450 /* Error helper for new *_fsobj functions */
2452 fsobj_error(int *a_eno, struct archive_string *a_estr,
2453 int err, const char *errstr, const char *path)
2458 archive_string_sprintf(a_estr, errstr, path);
2462 * TODO: Someday, integrate this with the deep dir support; they both
2463 * scan the path and both can be optimized by comparing against other
2466 /* TODO: Extend this to support symlinks on Windows Vista and later. */
2469 * Checks the given path to see if any elements along it are symlinks. Returns
2470 * ARCHIVE_OK if there are none, otherwise puts an error in errmsg.
2473 check_symlinks_fsobj(char *path, int *a_eno, struct archive_string *a_estr,
2476 #if !defined(HAVE_LSTAT)
2477 /* Platform doesn't have lstat, so we can't look for symlinks. */
2478 (void)path; /* UNUSED */
2479 (void)error_number; /* UNUSED */
2480 (void)error_string; /* UNUSED */
2481 (void)flags; /* UNUSED */
2482 return (ARCHIVE_OK);
2484 int res = ARCHIVE_OK;
2493 /* Nothing to do here if name is empty */
2495 return (ARCHIVE_OK);
2498 * Guard against symlink tricks. Reject any archive entry whose
2499 * destination would be altered by a symlink.
2501 * Walk the filename in chunks separated by '/'. For each segment:
2502 * - if it doesn't exist, continue
2503 * - if it's symlink, abort or remove it
2504 * - if it's a directory and it's not the last chunk, cd into it
2506 * head points to the current (relative) path
2507 * tail points to the temporary \0 terminating the segment we're
2508 * currently examining
2509 * c holds what used to be in *tail
2510 * last is 1 if this is the last tail
2512 restore_pwd = open(".", O_RDONLY | O_BINARY | O_CLOEXEC);
2513 __archive_ensure_cloexec_flag(restore_pwd);
2514 if (restore_pwd < 0)
2515 return (ARCHIVE_FATAL);
2519 /* TODO: reintroduce a safe cache here? */
2520 /* Skip the root directory if the path is absolute. */
2521 if(tail == path && tail[0] == '/')
2523 /* Keep going until we've checked the entire name.
2524 * head, tail, path all alias the same string, which is
2525 * temporarily zeroed at tail, so be careful restoring the
2526 * stashed (c=tail[0]) for error messages.
2527 * Exiting the loop with break is okay; continue is not.
2531 * Skip the separator we just consumed, plus any adjacent ones
2533 while (*tail == '/')
2535 /* Skip the next path element. */
2536 while (*tail != '\0' && *tail != '/')
2538 /* is this the last path component? */
2539 last = (tail[0] == '\0') || (tail[0] == '/' && tail[1] == '\0');
2540 /* temporarily truncate the string here */
2543 /* Check that we haven't hit a symlink. */
2544 r = lstat(head, &st);
2547 /* We've hit a dir that doesn't exist; stop now. */
2548 if (errno == ENOENT) {
2552 * Treat any other error as fatal - best to be
2554 * Note: This effectively disables deep
2555 * directory support when security checks are
2556 * enabled. Otherwise, very long pathnames that
2557 * trigger an error here could evade the
2559 * TODO: We could do better, but it would
2560 * probably require merging the symlink checks
2561 * with the deep-directory editing.
2563 fsobj_error(a_eno, a_estr, errno,
2564 "Could not stat %s", path);
2565 res = ARCHIVE_FAILED;
2568 } else if (S_ISDIR(st.st_mode)) {
2570 if (chdir(head) != 0) {
2572 fsobj_error(a_eno, a_estr, errno,
2573 "Could not chdir %s", path);
2574 res = (ARCHIVE_FATAL);
2577 /* Our view is now from inside this dir: */
2580 } else if (S_ISLNK(st.st_mode)) {
2583 * Last element is symlink; remove it
2584 * so we can overwrite it with the
2585 * item being extracted.
2589 fsobj_error(a_eno, a_estr, errno,
2590 "Could not remove symlink %s",
2592 res = ARCHIVE_FAILED;
2596 * Even if we did remove it, a warning
2597 * is in order. The warning is silly,
2598 * though, if we're just replacing one
2599 * symlink with another symlink.
2603 * FIXME: not sure how important this is to
2607 if (!S_ISLNK(path)) {
2608 fsobj_error(a_eno, a_estr, 0,
2609 "Removing symlink %s", path);
2612 /* Symlink gone. No more problem! */
2615 } else if (flags & ARCHIVE_EXTRACT_UNLINK) {
2616 /* User asked us to remove problems. */
2617 if (unlink(head) != 0) {
2619 fsobj_error(a_eno, a_estr, 0,
2620 "Cannot remove intervening "
2621 "symlink %s", path);
2622 res = ARCHIVE_FAILED;
2627 ARCHIVE_EXTRACT_SECURE_SYMLINKS) == 0) {
2629 * We are not the last element and we want to
2630 * follow symlinks if they are a directory.
2632 * This is needed to extract hardlinks over
2635 r = stat(head, &st);
2638 if (errno == ENOENT) {
2641 fsobj_error(a_eno, a_estr,
2643 "Could not stat %s", path);
2644 res = (ARCHIVE_FAILED);
2647 } else if (S_ISDIR(st.st_mode)) {
2648 if (chdir(head) != 0) {
2650 fsobj_error(a_eno, a_estr,
2652 "Could not chdir %s", path);
2653 res = (ARCHIVE_FATAL);
2657 * Our view is now from inside
2663 fsobj_error(a_eno, a_estr, 0,
2664 "Cannot extract through "
2665 "symlink %s", path);
2666 res = ARCHIVE_FAILED;
2671 fsobj_error(a_eno, a_estr, 0,
2672 "Cannot extract through symlink %s", path);
2673 res = ARCHIVE_FAILED;
2677 /* be sure to always maintain this */
2679 if (tail[0] != '\0')
2680 tail++; /* Advance to the next segment. */
2682 /* Catches loop exits via break */
2685 /* If we changed directory above, restore it here. */
2686 if (restore_pwd >= 0) {
2687 r = fchdir(restore_pwd);
2689 fsobj_error(a_eno, a_estr, errno,
2690 "chdir() failure", "");
2695 res = (ARCHIVE_FATAL);
2699 /* TODO: reintroduce a safe cache here? */
2705 * Check a->name for symlinks, returning ARCHIVE_OK if its clean, otherwise
2706 * calls archive_set_error and returns ARCHIVE_{FATAL,FAILED}
2709 check_symlinks(struct archive_write_disk *a)
2711 struct archive_string error_string;
2714 archive_string_init(&error_string);
2715 rc = check_symlinks_fsobj(a->name, &error_number, &error_string,
2717 if (rc != ARCHIVE_OK) {
2718 archive_set_error(&a->archive, error_number, "%s",
2721 archive_string_free(&error_string);
2722 a->pst = NULL; /* to be safe */
2727 #if defined(__CYGWIN__)
2729 * 1. Convert a path separator from '\' to '/' .
2730 * We shouldn't check multibyte character directly because some
2731 * character-set have been using the '\' character for a part of
2732 * its multibyte character code.
2733 * 2. Replace unusable characters in Windows with underscore('_').
2734 * See also : http://msdn.microsoft.com/en-us/library/aa365247.aspx
2737 cleanup_pathname_win(char *path)
2742 int mb, complete, utf8;
2747 utf8 = (strcmp(nl_langinfo(CODESET), "UTF-8") == 0)? 1: 0;
2748 for (p = path; *p != '\0'; p++) {
2751 /* If previous byte is smaller than 128,
2752 * this is not second byte of multibyte characters,
2753 * so we can replace '\' with '/'. */
2757 complete = 0;/* uncompleted. */
2758 } else if (*(unsigned char *)p > 127)
2762 /* Rewrite the path name if its next character is unusable. */
2763 if (*p == ':' || *p == '*' || *p == '?' || *p == '"' ||
2764 *p == '<' || *p == '>' || *p == '|')
2771 * Convert path separator in wide-character.
2774 while (*p != '\0' && alen) {
2775 l = mbtowc(&wc, p, alen);
2776 if (l == (size_t)-1) {
2777 while (*p != '\0') {
2784 if (l == 1 && wc == L'\\')
2793 * Canonicalize the pathname. In particular, this strips duplicate
2794 * '/' characters, '.' elements, and trailing '/'. It also raises an
2795 * error for an empty path, a trailing '..', (if _SECURE_NODOTDOT is
2796 * set) any '..' in the path or (if ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS
2797 * is set) if the path is absolute.
2800 cleanup_pathname_fsobj(char *path, int *a_eno, struct archive_string *a_estr,
2804 char separator = '\0';
2808 fsobj_error(a_eno, a_estr, ARCHIVE_ERRNO_MISC,
2809 "Invalid empty ", "pathname");
2810 return (ARCHIVE_FAILED);
2813 #if defined(__CYGWIN__)
2814 cleanup_pathname_win(path);
2816 /* Skip leading '/'. */
2818 if (flags & ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS) {
2819 fsobj_error(a_eno, a_estr, ARCHIVE_ERRNO_MISC,
2820 "Path is ", "absolute");
2821 return (ARCHIVE_FAILED);
2827 /* Scan the pathname one element at a time. */
2829 /* src points to first char after '/' */
2830 if (src[0] == '\0') {
2832 } else if (src[0] == '/') {
2833 /* Found '//', ignore second one. */
2836 } else if (src[0] == '.') {
2837 if (src[1] == '\0') {
2838 /* Ignore trailing '.' */
2840 } else if (src[1] == '/') {
2844 } else if (src[1] == '.') {
2845 if (src[2] == '/' || src[2] == '\0') {
2846 /* Conditionally warn about '..' */
2848 & ARCHIVE_EXTRACT_SECURE_NODOTDOT) {
2849 fsobj_error(a_eno, a_estr,
2851 "Path contains ", "'..'");
2852 return (ARCHIVE_FAILED);
2856 * Note: Under no circumstances do we
2857 * remove '..' elements. In
2858 * particular, restoring
2859 * '/foo/../bar/' should create the
2860 * 'foo' dir as a side-effect.
2865 /* Copy current element, including leading '/'. */
2868 while (*src != '\0' && *src != '/') {
2875 /* Skip '/' separator. */
2879 * We've just copied zero or more path elements, not including the
2884 * Nothing got copied. The path must have been something
2885 * like '.' or '/' or './' or '/././././/./'.
2892 /* Terminate the result. */
2894 return (ARCHIVE_OK);
2898 cleanup_pathname(struct archive_write_disk *a)
2900 struct archive_string error_string;
2903 archive_string_init(&error_string);
2904 rc = cleanup_pathname_fsobj(a->name, &error_number, &error_string,
2906 if (rc != ARCHIVE_OK) {
2907 archive_set_error(&a->archive, error_number, "%s",
2910 archive_string_free(&error_string);
2915 * Create the parent directory of the specified path, assuming path
2916 * is already in mutable storage.
2919 create_parent_dir(struct archive_write_disk *a, char *path)
2924 /* Remove tail element to obtain parent name. */
2925 slash = strrchr(path, '/');
2927 return (ARCHIVE_OK);
2929 r = create_dir(a, path);
2935 * Create the specified dir, recursing to create parents as necessary.
2937 * Returns ARCHIVE_OK if the path exists when we're done here.
2938 * Otherwise, returns ARCHIVE_FAILED.
2939 * Assumes path is in mutable storage; path is unchanged on exit.
2942 create_dir(struct archive_write_disk *a, char *path)
2945 struct fixup_entry *le;
2947 mode_t mode_final, mode;
2950 /* Check for special names and just skip them. */
2951 slash = strrchr(path, '/');
2957 if (base[0] == '\0' ||
2958 (base[0] == '.' && base[1] == '\0') ||
2959 (base[0] == '.' && base[1] == '.' && base[2] == '\0')) {
2960 /* Don't bother trying to create null path, '.', or '..'. */
2961 if (slash != NULL) {
2963 r = create_dir(a, path);
2967 return (ARCHIVE_OK);
2971 * Yes, this should be stat() and not lstat(). Using lstat()
2972 * here loses the ability to extract through symlinks. Also note
2973 * that this should not use the a->st cache.
2975 if (stat(path, &st) == 0) {
2976 if (S_ISDIR(st.st_mode))
2977 return (ARCHIVE_OK);
2978 if ((a->flags & ARCHIVE_EXTRACT_NO_OVERWRITE)) {
2979 archive_set_error(&a->archive, EEXIST,
2980 "Can't create directory '%s'", path);
2981 return (ARCHIVE_FAILED);
2983 if (unlink(path) != 0) {
2984 archive_set_error(&a->archive, errno,
2985 "Can't create directory '%s': "
2986 "Conflicting file cannot be removed",
2988 return (ARCHIVE_FAILED);
2990 } else if (errno != ENOENT && errno != ENOTDIR) {
2992 archive_set_error(&a->archive, errno,
2993 "Can't test directory '%s'", path);
2994 return (ARCHIVE_FAILED);
2995 } else if (slash != NULL) {
2997 r = create_dir(a, path);
2999 if (r != ARCHIVE_OK)
3004 * Mode we want for the final restored directory. Per POSIX,
3005 * implicitly-created dirs must be created obeying the umask.
3006 * There's no mention whether this is different for privileged
3007 * restores (which the rest of this code handles by pretending
3008 * umask=0). I've chosen here to always obey the user's umask for
3009 * implicit dirs, even if _EXTRACT_PERM was specified.
3011 mode_final = DEFAULT_DIR_MODE & ~a->user_umask;
3012 /* Mode we want on disk during the restore process. */
3014 mode |= MINIMUM_DIR_MODE;
3015 mode &= MAXIMUM_DIR_MODE;
3016 if (mkdir(path, mode) == 0) {
3017 if (mode != mode_final) {
3018 le = new_fixup(a, path);
3020 return (ARCHIVE_FATAL);
3021 le->fixup |=TODO_MODE_BASE;
3022 le->mode = mode_final;
3024 return (ARCHIVE_OK);
3028 * Without the following check, a/b/../b/c/d fails at the
3029 * second visit to 'b', so 'd' can't be created. Note that we
3030 * don't add it to the fixup list here, as it's already been
3033 if (stat(path, &st) == 0 && S_ISDIR(st.st_mode))
3034 return (ARCHIVE_OK);
3036 archive_set_error(&a->archive, errno, "Failed to create dir '%s'",
3038 return (ARCHIVE_FAILED);
3042 * Note: Although we can skip setting the user id if the desired user
3043 * id matches the current user, we cannot skip setting the group, as
3044 * many systems set the gid based on the containing directory. So
3045 * we have to perform a chown syscall if we want to set the SGID
3046 * bit. (The alternative is to stat() and then possibly chown(); it's
3047 * more efficient to skip the stat() and just always chown().) Note
3048 * that a successful chown() here clears the TODO_SGID_CHECK bit, which
3049 * allows set_mode to skip the stat() check for the GID.
3052 set_ownership(struct archive_write_disk *a)
3055 /* unfortunately, on win32 there is no 'root' user with uid 0,
3056 so we just have to try the chown and see if it works */
3058 /* If we know we can't change it, don't bother trying. */
3059 if (a->user_uid != 0 && a->user_uid != a->uid) {
3060 archive_set_error(&a->archive, errno,
3061 "Can't set UID=%jd", (intmax_t)a->uid);
3062 return (ARCHIVE_WARN);
3067 /* If we have an fd, we can avoid a race. */
3068 if (a->fd >= 0 && fchown(a->fd, a->uid, a->gid) == 0) {
3069 /* We've set owner and know uid/gid are correct. */
3070 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK);
3071 return (ARCHIVE_OK);
3075 /* We prefer lchown() but will use chown() if that's all we have. */
3076 /* Of course, if we have neither, this will always fail. */
3078 if (lchown(a->name, a->uid, a->gid) == 0) {
3079 /* We've set owner and know uid/gid are correct. */
3080 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK);
3081 return (ARCHIVE_OK);
3084 if (!S_ISLNK(a->mode) && chown(a->name, a->uid, a->gid) == 0) {
3085 /* We've set owner and know uid/gid are correct. */
3086 a->todo &= ~(TODO_OWNER | TODO_SGID_CHECK | TODO_SUID_CHECK);
3087 return (ARCHIVE_OK);
3091 archive_set_error(&a->archive, errno,
3092 "Can't set user=%jd/group=%jd for %s",
3093 (intmax_t)a->uid, (intmax_t)a->gid, a->name);
3094 return (ARCHIVE_WARN);
3098 * Note: Returns 0 on success, non-zero on failure.
3101 set_time(int fd, int mode, const char *name,
3102 time_t atime, long atime_nsec,
3103 time_t mtime, long mtime_nsec)
3105 /* Select the best implementation for this platform. */
3106 #if defined(HAVE_UTIMENSAT) && defined(HAVE_FUTIMENS)
3108 * utimensat() and futimens() are defined in
3109 * POSIX.1-2008. They support ns resolution and setting times
3110 * on fds and symlinks.
3112 struct timespec ts[2];
3113 (void)mode; /* UNUSED */
3114 ts[0].tv_sec = atime;
3115 ts[0].tv_nsec = atime_nsec;
3116 ts[1].tv_sec = mtime;
3117 ts[1].tv_nsec = mtime_nsec;
3119 return futimens(fd, ts);
3120 return utimensat(AT_FDCWD, name, ts, AT_SYMLINK_NOFOLLOW);
3124 * The utimes()-family functions support µs-resolution and
3125 * setting times fds and symlinks. utimes() is documented as
3126 * LEGACY by POSIX, futimes() and lutimes() are not described
3129 struct timeval times[2];
3131 times[0].tv_sec = atime;
3132 times[0].tv_usec = atime_nsec / 1000;
3133 times[1].tv_sec = mtime;
3134 times[1].tv_usec = mtime_nsec / 1000;
3138 return (futimes(fd, times));
3140 (void)fd; /* UNUSED */
3143 (void)mode; /* UNUSED */
3144 return (lutimes(name, times));
3148 return (utimes(name, times));
3151 #elif defined(HAVE_UTIME)
3153 * utime() is POSIX-standard but only supports 1s resolution and
3154 * does not support fds or symlinks.
3156 struct utimbuf times;
3157 (void)fd; /* UNUSED */
3158 (void)name; /* UNUSED */
3159 (void)atime_nsec; /* UNUSED */
3160 (void)mtime_nsec; /* UNUSED */
3161 times.actime = atime;
3162 times.modtime = mtime;
3164 return (ARCHIVE_OK);
3165 return (utime(name, ×));
3169 * We don't know how to set the time on this platform.
3171 (void)fd; /* UNUSED */
3172 (void)mode; /* UNUSED */
3173 (void)name; /* UNUSED */
3174 (void)atime_nsec; /* UNUSED */
3175 (void)mtime_nsec; /* UNUSED */
3176 return (ARCHIVE_WARN);
3182 set_time_tru64(int fd, int mode, const char *name,
3183 time_t atime, long atime_nsec,
3184 time_t mtime, long mtime_nsec,
3185 time_t ctime, long ctime_nsec)
3187 struct attr_timbuf tstamp;
3188 tstamp.atime.tv_sec = atime;
3189 tstamp.mtime.tv_sec = mtime;
3190 tstamp.ctime.tv_sec = ctime;
3191 #if defined (__hpux) && defined (__ia64)
3192 tstamp.atime.tv_nsec = atime_nsec;
3193 tstamp.mtime.tv_nsec = mtime_nsec;
3194 tstamp.ctime.tv_nsec = ctime_nsec;
3196 tstamp.atime.tv_usec = atime_nsec / 1000;
3197 tstamp.mtime.tv_usec = mtime_nsec / 1000;
3198 tstamp.ctime.tv_usec = ctime_nsec / 1000;
3200 return (fcntl(fd,F_SETTIMES,&tstamp));
3202 #endif /* F_SETTIMES */
3205 set_times(struct archive_write_disk *a,
3206 int fd, int mode, const char *name,
3207 time_t atime, long atime_nanos,
3208 time_t birthtime, long birthtime_nanos,
3209 time_t mtime, long mtime_nanos,
3210 time_t cctime, long ctime_nanos)
3212 /* Note: set_time doesn't use libarchive return conventions!
3213 * It uses syscall conventions. So 0 here instead of ARCHIVE_OK. */
3218 * on Tru64 try own fcntl first which can restore even the
3219 * ctime, fall back to default code path below if it fails
3220 * or if we are not running as root
3222 if (a->user_uid == 0 &&
3223 set_time_tru64(fd, mode, name,
3224 atime, atime_nanos, mtime,
3225 mtime_nanos, cctime, ctime_nanos) == 0) {
3226 return (ARCHIVE_OK);
3229 (void)cctime; /* UNUSED */
3230 (void)ctime_nanos; /* UNUSED */
3233 #ifdef HAVE_STRUCT_STAT_ST_BIRTHTIME
3235 * If you have struct stat.st_birthtime, we assume BSD
3236 * birthtime semantics, in which {f,l,}utimes() updates
3237 * birthtime to earliest mtime. So we set the time twice,
3238 * first using the birthtime, then using the mtime. If
3239 * birthtime == mtime, this isn't necessary, so we skip it.
3240 * If birthtime > mtime, then this won't work, so we skip it.
3242 if (birthtime < mtime
3243 || (birthtime == mtime && birthtime_nanos < mtime_nanos))
3244 r1 = set_time(fd, mode, name,
3246 birthtime, birthtime_nanos);
3248 (void)birthtime; /* UNUSED */
3249 (void)birthtime_nanos; /* UNUSED */
3251 r2 = set_time(fd, mode, name,
3253 mtime, mtime_nanos);
3254 if (r1 != 0 || r2 != 0) {
3255 archive_set_error(&a->archive, errno,
3256 "Can't restore time");
3257 return (ARCHIVE_WARN);
3259 return (ARCHIVE_OK);
3263 set_times_from_entry(struct archive_write_disk *a)
3265 time_t atime, birthtime, mtime, cctime;
3266 long atime_nsec, birthtime_nsec, mtime_nsec, ctime_nsec;
3268 /* Suitable defaults. */
3269 atime = birthtime = mtime = cctime = a->start_time;
3270 atime_nsec = birthtime_nsec = mtime_nsec = ctime_nsec = 0;
3272 /* If no time was provided, we're done. */
3273 if (!archive_entry_atime_is_set(a->entry)
3274 #if HAVE_STRUCT_STAT_ST_BIRTHTIME
3275 && !archive_entry_birthtime_is_set(a->entry)
3277 && !archive_entry_mtime_is_set(a->entry))
3278 return (ARCHIVE_OK);
3280 if (archive_entry_atime_is_set(a->entry)) {
3281 atime = archive_entry_atime(a->entry);
3282 atime_nsec = archive_entry_atime_nsec(a->entry);
3284 if (archive_entry_birthtime_is_set(a->entry)) {
3285 birthtime = archive_entry_birthtime(a->entry);
3286 birthtime_nsec = archive_entry_birthtime_nsec(a->entry);
3288 if (archive_entry_mtime_is_set(a->entry)) {
3289 mtime = archive_entry_mtime(a->entry);
3290 mtime_nsec = archive_entry_mtime_nsec(a->entry);
3292 if (archive_entry_ctime_is_set(a->entry)) {
3293 cctime = archive_entry_ctime(a->entry);
3294 ctime_nsec = archive_entry_ctime_nsec(a->entry);
3297 return set_times(a, a->fd, a->mode, a->name,
3299 birthtime, birthtime_nsec,
3301 cctime, ctime_nsec);
3305 set_mode(struct archive_write_disk *a, int mode)
3308 mode &= 07777; /* Strip off file type bits. */
3310 if (a->todo & TODO_SGID_CHECK) {
3312 * If we don't know the GID is right, we must stat()
3313 * to verify it. We can't just check the GID of this
3314 * process, since systems sometimes set GID from
3315 * the enclosing dir or based on ACLs.
3317 if ((r = lazy_stat(a)) != ARCHIVE_OK)
3319 if (a->pst->st_gid != a->gid) {
3321 if (a->flags & ARCHIVE_EXTRACT_OWNER) {
3323 * This is only an error if you
3324 * requested owner restore. If you
3325 * didn't, we'll try to restore
3326 * sgid/suid, but won't consider it a
3327 * problem if we can't.
3329 archive_set_error(&a->archive, -1,
3330 "Can't restore SGID bit");
3334 /* While we're here, double-check the UID. */
3335 if (a->pst->st_uid != a->uid
3336 && (a->todo & TODO_SUID)) {
3338 if (a->flags & ARCHIVE_EXTRACT_OWNER) {
3339 archive_set_error(&a->archive, -1,
3340 "Can't restore SUID bit");
3344 a->todo &= ~TODO_SGID_CHECK;
3345 a->todo &= ~TODO_SUID_CHECK;
3346 } else if (a->todo & TODO_SUID_CHECK) {
3348 * If we don't know the UID is right, we can just check
3349 * the user, since all systems set the file UID from
3352 if (a->user_uid != a->uid) {
3354 if (a->flags & ARCHIVE_EXTRACT_OWNER) {
3355 archive_set_error(&a->archive, -1,
3356 "Can't make file SUID");
3360 a->todo &= ~TODO_SUID_CHECK;
3363 if (S_ISLNK(a->mode)) {
3366 * If this is a symlink, use lchmod(). If the
3367 * platform doesn't support lchmod(), just skip it. A
3368 * platform that doesn't provide a way to set
3369 * permissions on symlinks probably ignores
3370 * permissions on symlinks, so a failure here has no
3373 if (lchmod(a->name, mode) != 0) {
3377 #if ENOTSUP != EOPNOTSUPP
3381 * if lchmod is defined but the platform
3382 * doesn't support it, silently ignore
3387 archive_set_error(&a->archive, errno,
3388 "Can't set permissions to 0%o", (int)mode);
3393 } else if (!S_ISDIR(a->mode)) {
3395 * If it's not a symlink and not a dir, then use
3396 * fchmod() or chmod(), depending on whether we have
3397 * an fd. Dirs get their perms set during the
3398 * post-extract fixup, which is handled elsewhere.
3402 if (fchmod(a->fd, mode) != 0) {
3403 archive_set_error(&a->archive, errno,
3404 "Can't set permissions to 0%o", (int)mode);
3409 /* If this platform lacks fchmod(), then
3410 * we'll just use chmod(). */
3411 if (chmod(a->name, mode) != 0) {
3412 archive_set_error(&a->archive, errno,
3413 "Can't set permissions to 0%o", (int)mode);
3421 set_fflags(struct archive_write_disk *a)
3423 struct fixup_entry *le;
3424 unsigned long set, clear;
3427 mode_t mode = archive_entry_mode(a->entry);
3430 * Make 'critical_flags' hold all file flags that can't be
3431 * immediately restored. For example, on BSD systems,
3432 * SF_IMMUTABLE prevents hardlinks from being created, so
3433 * should not be set until after any hardlinks are created. To
3434 * preserve some semblance of portability, this uses #ifdef
3435 * extensively. Ugly, but it works.
3437 * Yes, Virginia, this does create a security race. It's mitigated
3438 * somewhat by the practice of creating dirs 0700 until the extract
3439 * is done, but it would be nice if we could do more than that.
3440 * People restoring critical file systems should be wary of
3441 * other programs that might try to muck with files as they're
3444 /* Hopefully, the compiler will optimize this mess into a constant. */
3447 critical_flags |= SF_IMMUTABLE;
3450 critical_flags |= UF_IMMUTABLE;
3453 critical_flags |= SF_APPEND;
3456 critical_flags |= UF_APPEND;
3458 #ifdef EXT2_APPEND_FL
3459 critical_flags |= EXT2_APPEND_FL;
3461 #ifdef EXT2_IMMUTABLE_FL
3462 critical_flags |= EXT2_IMMUTABLE_FL;
3465 if (a->todo & TODO_FFLAGS) {
3466 archive_entry_fflags(a->entry, &set, &clear);
3469 * The first test encourages the compiler to eliminate
3470 * all of this if it's not necessary.
3472 if ((critical_flags != 0) && (set & critical_flags)) {
3473 le = current_fixup(a, a->name);
3475 return (ARCHIVE_FATAL);
3476 le->fixup |= TODO_FFLAGS;
3477 le->fflags_set = set;
3478 /* Store the mode if it's not already there. */
3479 if ((le->fixup & TODO_MODE) == 0)
3482 r = set_fflags_platform(a, a->fd,
3483 a->name, mode, set, clear);
3484 if (r != ARCHIVE_OK)
3488 return (ARCHIVE_OK);
3492 clear_nochange_fflags(struct archive_write_disk *a)
3495 mode_t mode = archive_entry_mode(a->entry);
3497 /* Hopefully, the compiler will optimize this mess into a constant. */
3500 nochange_flags |= SF_IMMUTABLE;
3503 nochange_flags |= UF_IMMUTABLE;
3506 nochange_flags |= SF_APPEND;
3509 nochange_flags |= UF_APPEND;
3511 #ifdef EXT2_APPEND_FL
3512 nochange_flags |= EXT2_APPEND_FL;
3514 #ifdef EXT2_IMMUTABLE_FL
3515 nochange_flags |= EXT2_IMMUTABLE_FL;
3518 return (set_fflags_platform(a, a->fd, a->name, mode, 0,
3523 #if ( defined(HAVE_LCHFLAGS) || defined(HAVE_CHFLAGS) || defined(HAVE_FCHFLAGS) ) && defined(HAVE_STRUCT_STAT_ST_FLAGS)
3525 * BSD reads flags using stat() and sets them with one of {f,l,}chflags()
3528 set_fflags_platform(struct archive_write_disk *a, int fd, const char *name,
3529 mode_t mode, unsigned long set, unsigned long clear)
3533 (void)mode; /* UNUSED */
3534 if (set == 0 && clear == 0)
3535 return (ARCHIVE_OK);
3538 * XXX Is the stat here really necessary? Or can I just use
3539 * the 'set' flags directly? In particular, I'm not sure
3540 * about the correct approach if we're overwriting an existing
3541 * file that already has flags on it. XXX
3543 if ((r = lazy_stat(a)) != ARCHIVE_OK)
3546 a->st.st_flags &= ~clear;
3547 a->st.st_flags |= set;
3548 #ifdef HAVE_FCHFLAGS
3549 /* If platform has fchflags() and we were given an fd, use it. */
3550 if (fd >= 0 && fchflags(fd, a->st.st_flags) == 0)
3551 return (ARCHIVE_OK);
3554 * If we can't use the fd to set the flags, we'll use the
3555 * pathname to set flags. We prefer lchflags() but will use
3556 * chflags() if we must.
3558 #ifdef HAVE_LCHFLAGS
3559 if (lchflags(name, a->st.st_flags) == 0)
3560 return (ARCHIVE_OK);
3561 #elif defined(HAVE_CHFLAGS)
3562 if (S_ISLNK(a->st.st_mode)) {
3563 archive_set_error(&a->archive, errno,
3564 "Can't set file flags on symlink.");
3565 return (ARCHIVE_WARN);
3567 if (chflags(name, a->st.st_flags) == 0)
3568 return (ARCHIVE_OK);
3570 archive_set_error(&a->archive, errno,
3571 "Failed to set file flags");
3572 return (ARCHIVE_WARN);
3575 #elif defined(EXT2_IOC_GETFLAGS) && defined(EXT2_IOC_SETFLAGS) && defined(HAVE_WORKING_EXT2_IOC_GETFLAGS)
3577 * Linux uses ioctl() to read and write file flags.
3580 set_fflags_platform(struct archive_write_disk *a, int fd, const char *name,
3581 mode_t mode, unsigned long set, unsigned long clear)
3585 int newflags, oldflags;
3588 if (set == 0 && clear == 0)
3589 return (ARCHIVE_OK);
3590 /* Only regular files and dirs can have flags. */
3591 if (!S_ISREG(mode) && !S_ISDIR(mode))
3592 return (ARCHIVE_OK);
3594 /* If we weren't given an fd, open it ourselves. */
3596 myfd = open(name, O_RDONLY | O_NONBLOCK | O_BINARY | O_CLOEXEC);
3597 __archive_ensure_cloexec_flag(myfd);
3600 return (ARCHIVE_OK);
3603 * Linux has no define for the flags that are only settable by
3604 * the root user. This code may seem a little complex, but
3605 * there seem to be some Linux systems that lack these
3606 * defines. (?) The code below degrades reasonably gracefully
3607 * if sf_mask is incomplete.
3609 #ifdef EXT2_IMMUTABLE_FL
3610 sf_mask |= EXT2_IMMUTABLE_FL;
3612 #ifdef EXT2_APPEND_FL
3613 sf_mask |= EXT2_APPEND_FL;
3616 * XXX As above, this would be way simpler if we didn't have
3617 * to read the current flags from disk. XXX
3621 /* Read the current file flags. */
3622 if (ioctl(myfd, EXT2_IOC_GETFLAGS, &oldflags) < 0)
3625 /* Try setting the flags as given. */
3626 newflags = (oldflags & ~clear) | set;
3627 if (ioctl(myfd, EXT2_IOC_SETFLAGS, &newflags) >= 0)
3632 /* If we couldn't set all the flags, try again with a subset. */
3633 newflags &= ~sf_mask;
3634 oldflags &= sf_mask;
3635 newflags |= oldflags;
3636 if (ioctl(myfd, EXT2_IOC_SETFLAGS, &newflags) >= 0)
3639 /* We couldn't set the flags, so report the failure. */
3641 archive_set_error(&a->archive, errno,
3642 "Failed to set file flags");
3653 * Of course, some systems have neither BSD chflags() nor Linux' flags
3654 * support through ioctl().
3657 set_fflags_platform(struct archive_write_disk *a, int fd, const char *name,
3658 mode_t mode, unsigned long set, unsigned long clear)
3660 (void)a; /* UNUSED */
3661 (void)fd; /* UNUSED */
3662 (void)name; /* UNUSED */
3663 (void)mode; /* UNUSED */
3664 (void)set; /* UNUSED */
3665 (void)clear; /* UNUSED */
3666 return (ARCHIVE_OK);
3669 #endif /* __linux */
3671 #ifndef HAVE_COPYFILE_H
3672 /* Default is to simply drop Mac extended metadata. */
3674 set_mac_metadata(struct archive_write_disk *a, const char *pathname,
3675 const void *metadata, size_t metadata_size)
3677 (void)a; /* UNUSED */
3678 (void)pathname; /* UNUSED */
3679 (void)metadata; /* UNUSED */
3680 (void)metadata_size; /* UNUSED */
3681 return (ARCHIVE_OK);
3685 fixup_appledouble(struct archive_write_disk *a, const char *pathname)
3687 (void)a; /* UNUSED */
3688 (void)pathname; /* UNUSED */
3689 return (ARCHIVE_OK);
3694 * On Mac OS, we use copyfile() to unpack the metadata and
3695 * apply it to the target file.
3698 #if defined(HAVE_SYS_XATTR_H)
3700 copy_xattrs(struct archive_write_disk *a, int tmpfd, int dffd)
3703 char *xattr_names = NULL, *xattr_val = NULL;
3704 int ret = ARCHIVE_OK, xattr_i;
3706 xattr_size = flistxattr(tmpfd, NULL, 0, 0);
3707 if (xattr_size == -1) {
3708 archive_set_error(&a->archive, errno,
3709 "Failed to read metadata(xattr)");
3713 xattr_names = malloc(xattr_size);
3714 if (xattr_names == NULL) {
3715 archive_set_error(&a->archive, ENOMEM,
3716 "Can't allocate memory for metadata(xattr)");
3717 ret = ARCHIVE_FATAL;
3720 xattr_size = flistxattr(tmpfd, xattr_names, xattr_size, 0);
3721 if (xattr_size == -1) {
3722 archive_set_error(&a->archive, errno,
3723 "Failed to read metadata(xattr)");
3727 for (xattr_i = 0; xattr_i < xattr_size;
3728 xattr_i += strlen(xattr_names + xattr_i) + 1) {
3729 char *xattr_val_saved;
3733 s = fgetxattr(tmpfd, xattr_names + xattr_i, NULL, 0, 0, 0);
3735 archive_set_error(&a->archive, errno,
3736 "Failed to get metadata(xattr)");
3740 xattr_val_saved = xattr_val;
3741 xattr_val = realloc(xattr_val, s);
3742 if (xattr_val == NULL) {
3743 archive_set_error(&a->archive, ENOMEM,
3744 "Failed to get metadata(xattr)");
3746 free(xattr_val_saved);
3749 s = fgetxattr(tmpfd, xattr_names + xattr_i, xattr_val, s, 0, 0);
3751 archive_set_error(&a->archive, errno,
3752 "Failed to get metadata(xattr)");
3756 f = fsetxattr(dffd, xattr_names + xattr_i, xattr_val, s, 0, 0);
3758 archive_set_error(&a->archive, errno,
3759 "Failed to get metadata(xattr)");
3772 copy_acls(struct archive_write_disk *a, int tmpfd, int dffd)
3774 #ifndef HAVE_SYS_ACL_H
3777 acl_t acl, dfacl = NULL;
3778 int acl_r, ret = ARCHIVE_OK;
3780 acl = acl_get_fd(tmpfd);
3782 if (errno == ENOENT)
3783 /* There are not any ACLs. */
3785 archive_set_error(&a->archive, errno,
3786 "Failed to get metadata(acl)");
3790 dfacl = acl_dup(acl);
3791 acl_r = acl_set_fd(dffd, dfacl);
3793 archive_set_error(&a->archive, errno,
3794 "Failed to get metadata(acl)");
3808 create_tempdatafork(struct archive_write_disk *a, const char *pathname)
3810 struct archive_string tmpdatafork;
3813 archive_string_init(&tmpdatafork);
3814 archive_strcpy(&tmpdatafork, "tar.md.XXXXXX");
3815 tmpfd = mkstemp(tmpdatafork.s);
3817 archive_set_error(&a->archive, errno,
3818 "Failed to mkstemp");
3819 archive_string_free(&tmpdatafork);
3822 if (copyfile(pathname, tmpdatafork.s, 0,
3823 COPYFILE_UNPACK | COPYFILE_NOFOLLOW
3824 | COPYFILE_ACL | COPYFILE_XATTR) < 0) {
3825 archive_set_error(&a->archive, errno,
3826 "Failed to restore metadata");
3830 unlink(tmpdatafork.s);
3831 archive_string_free(&tmpdatafork);
3836 copy_metadata(struct archive_write_disk *a, const char *metadata,
3837 const char *datafork, int datafork_compressed)
3839 int ret = ARCHIVE_OK;
3841 if (datafork_compressed) {
3844 tmpfd = create_tempdatafork(a, metadata);
3846 return (ARCHIVE_WARN);
3849 * Do not open the data fork compressed by HFS+ compression
3850 * with at least a writing mode(O_RDWR or O_WRONLY). it
3851 * makes the data fork uncompressed.
3853 dffd = open(datafork, 0);
3855 archive_set_error(&a->archive, errno,
3856 "Failed to open the data fork for metadata");
3858 return (ARCHIVE_WARN);
3861 #if defined(HAVE_SYS_XATTR_H)
3862 ret = copy_xattrs(a, tmpfd, dffd);
3863 if (ret == ARCHIVE_OK)
3865 ret = copy_acls(a, tmpfd, dffd);
3869 if (copyfile(metadata, datafork, 0,
3870 COPYFILE_UNPACK | COPYFILE_NOFOLLOW
3871 | COPYFILE_ACL | COPYFILE_XATTR) < 0) {
3872 archive_set_error(&a->archive, errno,
3873 "Failed to restore metadata");
3881 set_mac_metadata(struct archive_write_disk *a, const char *pathname,
3882 const void *metadata, size_t metadata_size)
3884 struct archive_string tmp;
3887 int ret = ARCHIVE_OK;
3889 /* This would be simpler if copyfile() could just accept the
3890 * metadata as a block of memory; then we could sidestep this
3891 * silly dance of writing the data to disk just so that
3892 * copyfile() can read it back in again. */
3893 archive_string_init(&tmp);
3894 archive_strcpy(&tmp, pathname);
3895 archive_strcat(&tmp, ".XXXXXX");
3896 fd = mkstemp(tmp.s);
3899 archive_set_error(&a->archive, errno,
3900 "Failed to restore metadata");
3901 archive_string_free(&tmp);
3902 return (ARCHIVE_WARN);
3904 written = write(fd, metadata, metadata_size);
3906 if ((size_t)written != metadata_size) {
3907 archive_set_error(&a->archive, errno,
3908 "Failed to restore metadata");
3913 #if defined(UF_COMPRESSED)
3914 if ((a->todo & TODO_HFS_COMPRESSION) != 0 &&
3915 (ret = lazy_stat(a)) == ARCHIVE_OK)
3916 compressed = a->st.st_flags & UF_COMPRESSED;
3920 ret = copy_metadata(a, tmp.s, pathname, compressed);
3923 archive_string_free(&tmp);
3928 fixup_appledouble(struct archive_write_disk *a, const char *pathname)
3933 struct archive_string datafork;
3934 int fd = -1, ret = ARCHIVE_OK;
3936 archive_string_init(&datafork);
3937 /* Check if the current file name is a type of the resource
3939 p = strrchr(pathname, '/');
3944 if (p[0] != '.' || p[1] != '_')
3945 goto skip_appledouble;
3948 * Check if the data fork file exists.
3950 * TODO: Check if this write disk object has handled it.
3952 archive_strncpy(&datafork, pathname, p - pathname);
3953 archive_strcat(&datafork, p + 2);
3954 if (lstat(datafork.s, &st) == -1 ||
3955 (st.st_mode & AE_IFMT) != AE_IFREG)
3956 goto skip_appledouble;
3959 * Check if the file is in the AppleDouble form.
3961 fd = open(pathname, O_RDONLY | O_BINARY | O_CLOEXEC);
3962 __archive_ensure_cloexec_flag(fd);
3964 archive_set_error(&a->archive, errno,
3965 "Failed to open a restoring file");
3967 goto skip_appledouble;
3969 if (read(fd, buff, 8) == -1) {
3970 archive_set_error(&a->archive, errno,
3971 "Failed to read a restoring file");
3974 goto skip_appledouble;
3977 /* Check AppleDouble Magic Code. */
3978 if (archive_be32dec(buff) != 0x00051607)
3979 goto skip_appledouble;
3980 /* Check AppleDouble Version. */
3981 if (archive_be32dec(buff+4) != 0x00020000)
3982 goto skip_appledouble;
3984 ret = copy_metadata(a, pathname, datafork.s,
3985 #if defined(UF_COMPRESSED)
3986 st.st_flags & UF_COMPRESSED);
3990 if (ret == ARCHIVE_OK) {
3995 archive_string_free(&datafork);
4000 #if HAVE_LSETXATTR || HAVE_LSETEA
4002 * Restore extended attributes - Linux and AIX implementations:
4003 * AIX' ea interface is syntaxwise identical to the Linux xattr interface.
4006 set_xattrs(struct archive_write_disk *a)
4008 struct archive_entry *entry = a->entry;
4009 static int warning_done = 0;
4010 int ret = ARCHIVE_OK;
4011 int i = archive_entry_xattr_reset(entry);
4017 archive_entry_xattr_next(entry, &name, &value, &size);
4019 strncmp(name, "xfsroot.", 8) != 0 &&
4020 strncmp(name, "system.", 7) != 0) {
4024 e = fsetxattr(a->fd, name, value, size, 0);
4028 e = fsetea(a->fd, name, value, size, 0);
4033 e = lsetxattr(archive_entry_pathname(entry),
4034 name, value, size, 0);
4036 e = lsetea(archive_entry_pathname(entry),
4037 name, value, size, 0);
4041 if (errno == ENOTSUP || errno == ENOSYS) {
4042 if (!warning_done) {
4044 archive_set_error(&a->archive,
4046 "Cannot restore extended "
4047 "attributes on this file "
4051 archive_set_error(&a->archive, errno,
4052 "Failed to set extended attribute");
4056 archive_set_error(&a->archive,
4057 ARCHIVE_ERRNO_FILE_FORMAT,
4058 "Invalid extended attribute encountered");
4064 #elif HAVE_EXTATTR_SET_FILE && HAVE_DECL_EXTATTR_NAMESPACE_USER
4066 * Restore extended attributes - FreeBSD implementation
4069 set_xattrs(struct archive_write_disk *a)
4071 struct archive_entry *entry = a->entry;
4072 static int warning_done = 0;
4073 int ret = ARCHIVE_OK;
4074 int i = archive_entry_xattr_reset(entry);
4080 archive_entry_xattr_next(entry, &name, &value, &size);
4085 if (strncmp(name, "user.", 5) == 0) {
4086 /* "user." attributes go to user namespace */
4088 namespace = EXTATTR_NAMESPACE_USER;
4090 /* Warn about other extended attributes. */
4091 archive_set_error(&a->archive,
4092 ARCHIVE_ERRNO_FILE_FORMAT,
4093 "Can't restore extended attribute ``%s''",
4099 #if HAVE_EXTATTR_SET_FD
4101 e = extattr_set_fd(a->fd, namespace, name,
4105 /* TODO: should we use extattr_set_link() instead? */
4107 e = extattr_set_file(
4108 archive_entry_pathname(entry), namespace,
4111 if (e != (ssize_t)size) {
4112 if (errno == ENOTSUP || errno == ENOSYS) {
4113 if (!warning_done) {
4115 archive_set_error(&a->archive,
4117 "Cannot restore extended "
4118 "attributes on this file "
4122 archive_set_error(&a->archive, errno,
4123 "Failed to set extended attribute");
4134 * Restore extended attributes - stub implementation for unsupported systems
4137 set_xattrs(struct archive_write_disk *a)
4139 static int warning_done = 0;
4141 /* If there aren't any extended attributes, then it's okay not
4142 * to extract them, otherwise, issue a single warning. */
4143 if (archive_entry_xattr_count(a->entry) != 0 && !warning_done) {
4145 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
4146 "Cannot restore extended attributes on this system");
4147 return (ARCHIVE_WARN);
4149 /* Warning was already emitted; suppress further warnings. */
4150 return (ARCHIVE_OK);
4155 * Test if file on disk is older than entry.
4158 older(struct stat *st, struct archive_entry *entry)
4160 /* First, test the seconds and return if we have a definite answer. */
4161 /* Definitely older. */
4162 if (to_int64_time(st->st_mtime) < to_int64_time(archive_entry_mtime(entry)))
4164 /* Definitely younger. */
4165 if (to_int64_time(st->st_mtime) > to_int64_time(archive_entry_mtime(entry)))
4167 /* If this platform supports fractional seconds, try those. */
4168 #if HAVE_STRUCT_STAT_ST_MTIMESPEC_TV_NSEC
4169 /* Definitely older. */
4170 if (st->st_mtimespec.tv_nsec < archive_entry_mtime_nsec(entry))
4172 #elif HAVE_STRUCT_STAT_ST_MTIM_TV_NSEC
4173 /* Definitely older. */
4174 if (st->st_mtim.tv_nsec < archive_entry_mtime_nsec(entry))
4176 #elif HAVE_STRUCT_STAT_ST_MTIME_N
4178 if (st->st_mtime_n < archive_entry_mtime_nsec(entry))
4180 #elif HAVE_STRUCT_STAT_ST_UMTIME
4182 if (st->st_umtime * 1000 < archive_entry_mtime_nsec(entry))
4184 #elif HAVE_STRUCT_STAT_ST_MTIME_USEC
4186 if (st->st_mtime_usec * 1000 < archive_entry_mtime_nsec(entry))
4189 /* This system doesn't have high-res timestamps. */
4191 /* Same age or newer, so not older. */
4195 #endif /* !_WIN32 || __CYGWIN__ */