Log message:
rsync: updated to 3.3.0

NEWS for rsync 3.3.0 (6 Apr 2024)

Changes in this version:

BUG FIXES:

Fixed a bug with --sparse --inplace where a trailing gap in the source file \ 
would not clear out the trailing data in the destination file.

Fixed an buffer overflow in the checksum2 code if SHA1 is being used for the \ 
checksum2 algorithm.

Fixed an issue when rsync is compiled using _FORTIFY_SOURCE so that the extra \ 
tests don't complain about a strlcpy() limit value (which was too large, even \ 
though it wasn't possible for the larger value to cause an overflow).

Add a backtick to the list of characters that the filename quoting needs to \ 
escape using backslashes.

Fixed a string-comparison issue in the internal handling of --progress (a locale \ 
such as tr_TR.utf-8 needed the internal triggering of --info options to use \ 
upper-case flag names to ensure that they match).

Make sure that a local transfer marks the sender side as trusted.

Change the argv handling to work with a newer popt library -- one that likes to \ 
free more data than it used to.

Rsync now calls OpenSSL_add_all_algorithms() when compiled against an older \ 
openssl library.

Fixed a problem in the daemon auth for older protocols (29 and before) if the \ 
openssl library is being used to compute MD4 checksums.

Fixed rsync -VV on Cygwin -- it needed a flush of stdout.

Fixed an old stats bug that counted devices as symlinks.

ENHANCEMENTS:

Enhanced rrsync with the -no-overwrite option that allows you to ensure that \ 
existing files on your restricted but writable directory can't be modified.

Enhanced the manpages to mark links with .UR & .UE. If your nroff doesn't \ 
support these idioms, touch the file .md2man-force in the source directory so \ 
that md-convert gets called with the --force-link-text option, and that should \ 
ensure that your manpages are still readable even with the ignored markup.

Some manpage improvements on the handling of [global] modules.

Changed the mapfrom & mapto perl scripts (in the support dir) into a single \ 
python script named idmap. Converted a couple more perl scripts into python.

Changed the mnt-excl perl script (in the support dir) into a python script.

DEVELOPER RELATED:

Updated config.guess (timestamp 2023-01-01) and config.sub (timestamp 2023-01-21).

Log message:
rsync: Disable zstd by default on Darwin/powerpc, it doesn't like ld(1)

Log message:
*: bump for openssl 3

Log message:
Restore acl option, which was inadvertantly nuked during the pkgsrc branch.

Sorry, adam@

Log message:
Make zstd an option (enabled by default).

Bump package revision.

Log message:
rsync: updated to 3.2.7

rsync 3.2.7 (20 Oct 2022)

BUG FIXES:

- Fixed the client-side validating of the remote sender's filtering behavior.

- More fixes for the "unrequested file-list name" name, including a copy of
  "/" with `--relative` enabled and a copy with a lot of related paths with
  `--relative` enabled (often derived from a `--files-from` list).

- When rsync gets an unpack error on an ACL, mention the filename.

- Avoid over-setting sanitize_paths when a daemon is serving "/" (even if
  "use chroot" is false).

ENHANCEMENTS:

- Added negotiated daemon-auth support that allows a stronger checksum digest
  to be used to validate a user's login to the daemon.  Added SHA512, SHA256,
  and SHA1 digests to MD5 & MD4.  These new digests are at the highest priority
  in the new daemon-auth negotiation list.

- Added support for the SHA1 digest in file checksums.  While this tends to be
  overkill, it is available if someone really needs it.  This overly-long
  checksum is at the lowest priority in the normal checksum negotiation list.
  See [`--checksum-choice`](rsync.1#opt) (`--cc`) and the `RSYNC_CHECKSUM_LIST`
  environment var for how to customize this.

- Improved the xattr hash table to use a 64-bit key without slowing down the
  key's computation.  This should make extra sure that a hash collision doesn't
  happen.

- If the `--version` option is repeated (e.g. `-VV`) then the information is
  output in a (still readable) JSON format.  Client side only.

- The script `support/json-rsync-version` is available to get the JSON style
  version output from any rsync.  The script accepts either text on stdin
  **or** an arg that specifies an rsync executable to run with a doubled
  `--version` option.  If the text we get isn't already in JSON format, it is
  converted. Newer rsync versions will provide more complete json info than
  older rsync versions. Various tweaks are made to keep the flag names
  consistent across versions.

- The [`use chroot`](rsyncd.conf.5#) daemon parameter now defaults to \ 
"unset"
  so that rsync can use chroot when it works and a sanitized copy when chroot
  is not supported (e.g., for a non-root daemon).  Explicitly setting the
  parameter to true or false (on or off) behaves the same way as before.

- The `--fuzzy` option was optimized a bit to try to cut down on the amount of
  computations when considering a big pool of files. The simple heuristic from
  Kenneth Finnegan resuled in about a 2x speedup.

- If rsync is forced to use protocol 29 or before (perhaps due to talking to an
  rsync before 3.0.0), the modify time of a file is limited to 4-bytes.  Rsync
  now interprets this value as an unsigned integer so that a current year past
  2038 can continue to be represented. This does mean that years prior to 1970
  cannot be represented in an older protocol, but this trade-off seems like the
  right choice given that (1) 2038 is very rapidly approaching, and (2) newer
  protocols support a much wider range of old and new dates.

- The rsync client now treats an empty destination arg as an error, just like
  it does for an empty source arg. This doesn't affect a `host:` arg (which is
  treated the same as `host:.`) since the arg is not completely empty.  The use
  of [`--old-args`](rsync.1#opt) (including via `RSYNC_OLD_ARGS`) allows the
  prior behavior of treating an empty destination arg as a ".".

PACKAGING RELATED:

- The checksum code now uses openssl's EVP methods, which gets rid of various
  deprecation warnings and makes it easy to support more digest methods.  On
  newer systems, the MD4 digest is marked as legacy in the openssl code, which
  makes openssl refuse to support it via EVP.  You can choose to ignore this
  and allow rsync's MD4 code to be used for older rsync connections (when
  talking to an rsync prior to 3.0.0) or you can choose to configure rsync to
  tell openssl to enable legacy algorithms (see below).

- A simple openssl config file is supplied that can be installed for rsync to
  use.  If you install packaging/openssl-rsync.cnf to a public spot (such as
  `/etc/ssl/openssl-rsync.cnf`) and then run configure with the option
  `--with-openssl-conf=/path/name.cnf`, this will cause rsync to export the
  configured path in the OPENSSL_CONF environment variable (when the variable
  is not already set).  This will enable openssl's MD4 code for rsync to use.

- The packager may wish to include an explicit "use chroot = true" in \ 
the top
  section of their supplied /etc/rsyncd.conf file if the daemon is being
  installed to run as the root user (though rsync should behave the same even
  with the value unset, a little extra paranoia doesn't hurt).

- I've noticed that some packagers haven't installed support/nameconvert for
  users to use in their chrooted rsync configs.  Even if it is not installed
  as an executable script (to avoid a python3 dependency) it would be good to
  install it with the other rsync-related support scripts.

- It would be good to add support/json-rsync-version to the list of installed
  support scripts.

Log message:
rsync: update to 3.2.6.

### BUG FIXES:

- More path-cleaning improvements in the file-list validation code to avoid
  rejecting of valid args.

- A file-list validation fix for a [`--files-from`](rsync.1#opt) file that ends
  without a line-terminating character.

- Added a safety check that prevents the sender from removing destination files
  when a local copy using [`--remove-source-files`](rsync.1#opt) has some files
  that are shared between the sending & receiving hierarchies, including the
  case where the source dir & destination dir are identical.

- Fixed a bug in the internal MD4 checksum code that could cause the digest
  to be sporadically incorrect (the openssl version was/is fine).

- A minor tweak to rrsync added "copy-devices" to the list of known \ 
args, but
  left it disabled by default.

### ENHANCEMENTS:

- Rename `--protect-args` to [`--secluded-args`](rsync.1#opt) to make it
  clearer how it differs from the default backslash-escaped arg-protecting
  behavior of rsync.  The old option names are still accepted.  The
  environment-variable override did not change its name.

Log message:
rsync: update to 3.2.5.

# NEWS for rsync 3.2.5 (14 Aug 2022)

## Changes in this version:

### SECURITY FIXES:

- Added some file-list safety checking that helps to ensure that a rogue
  sending rsync can't add unrequested top-level names and/or include recursive
  names that should have been excluded by the sender.  These extra safety
  checks only require the receiver rsync to be updated.  When dealing with an
  untrusted sending host, it is safest to copy into a dedicated destination
  directory for the remote content (i.e. don't copy into a destination
  directory that contains files that aren't from the remote host unless you
  trust the remote host). Fixes CVE-2022-29154.

 - A fix for CVE-2022-37434 in the bundled zlib (buffer overflow issue).

### BUG FIXES:

- Fixed the handling of filenames specified with backslash-quoted wildcards
  when the default remote-arg-escaping is enabled.

- Fixed the configure check for signed char that was causing a host that
  defaults to unsigned characters to generate bogus rolling checksums. This
  made rsync send mostly literal data for a copy instead of finding matching
  data in the receiver's basis file (for a file that contains high-bit
  characters).

- Lots of manpage improvements, including an attempt to better describe how
  include/exclude filters work.

- If rsync is compiled with an xxhash 0.8 library and then moved to a system
  with a dynamically linked xxhash 0.7 library, we now detect this and disable
  the XX3 hashes (since these routines didn't stabilize until 0.8).

### ENHANCEMENTS:

- The [`--trust-sender`](rsync.1#opt) option was added as a way to bypass the
  extra file-list safety checking (should that be required).

### PACKAGING RELATED:

- A note to those wanting to patch older rsync versions: the changes in this
  release requires the quoted argument change from 3.2.4. Then, you'll want
  every single code change from 3.2.5 since there is no fluff in this release.

- The build date that goes into the manpages is now based on the developer's
  release date, not on the build's local-timezone interpretation of the date.

### DEVELOPER RELATED:

- Configure now defaults GETGROUPS_T to gid_t when cross compiling.

- Configure now looks for the bsd/string.h include file in order to fix the
  build on a host that has strlcpy() in the main libc but not defined in the
  main string.h file.

Log message:
rsync: remove reference to non-existent file

Log message:
rsync: update to 3.2.4.

# NEWS for rsync 3.2.4 (15 Apr 2022)

## Changes in this version:

### BEHAVIOR CHANGES:

 - A new form of arg protection was added that works similarly to the older
   [`--protect-args`](rsync.1#opt) (`-s`) option but in a way that avoids
   breaking things like rrsync (the restricted rsync script): rsync now uses
   backslash escaping for sending "shell-active" characters to the remote
   shell. This includes spaces, so fetching a remote file via a simple quoted
   filename value now works by default without any extra quoting:

   ```shell
       rsync -aiv host:'a simple file.pdf' .
   ```

   Wildcards are not escaped in filename args, but they are escaped in options
   like the [`--suffix`](rsync.1#opt) and [`--usermap`](rsync.1#opt) values.
   If your rsync script depends on the old arg-splitting behavior, either run
   it with the [`--old-args`](rsync.1#opt) option or `export RSYNC_OLD_ARGS=1`
   in the script's environment.  See also the [ADVANCED USAGE](rsync.1#)
   section of rsync's manpage for how to use a more modern arg style.

 - A long-standing bug was preventing rsync from figuring out the current
   locale's decimal point character, which made rsync always output numbers
   using the "C" locale.  Since this is now fixed in 3.2.4, a script that
   parses rsync's decimal numbers (e.g. from the verbose footer) may want to
   setup the environment in a way that the output continues to be in the C
   locale.  For instance, one of the following should work fine:

   ```shell
       export LC_ALL=C.UTF-8
   ```

   or if iconv translations are needed:

   ```shell
       if [ "${LC_ALL:-}" ]; then
           export LANG="$LC_ALL"
           export LC_CTYPE="$LC_ALL"
           unset LC_ALL
       fi
       export LC_NUMERIC=C.UTF-8
   ```

### SECURITY FIXES:

 - A fix for CVE-2018-25032 in the bundled zlib (memory corruption issue).

### BUG FIXES:

 - Fixed a bug with [`--inplace`](rsync.1#opt) + [`--sparse`](rsync.1#opt) (and
   a lack of [`--whole-file`](rsync.1#opt)) where the destination file could
   get reconstructed with bogus data.  Since the bug can also be avoided by
   using (the seemingly redundant) [`--no-W`](rsync.1#opt) on the receiving
   side, the latest rsync will now send `--no-W` to a remote receiver when this
   option combination occurs.  If your client rsync is not new enough to do
   this for you (or if you're just paranoid), you can manually specify `--no-W
   -M--no-W` (when not using [`--whole-file`](rsync.1#opt)) to make sure the
   bug is avoided.

 - Fixed a bug with [`--mkpath`](rsync.1#opt) if a single-file copy specifies
   an existing destination dir with a non-existing destination filename.

 - Fixed `--update -vv` to output "is uptodate" instead of "is \ 
newer" messages
   for files that are being skipped due to an identical modify time.  (This was
   a new output quirk in 3.2.3.)

 - When doing an append transfer, the sending side's file must not get shorter
   or it is skipped. Fixes a crash that could occur when the size changes to 0
   in the middle of the send negotiations.

 - When dealing with special files (see [`--specials`](rsync.1#opt)) in an
   alt-dest hierarchy, rsync now checks the non-permission mode bits to ensure
   that the 2 special files are really the same before hard-linking them
   together.

 - Fixed a bug where [`--delay-updates`](rsync.1#opt) with stale partial data
   could cause a file to fail to update.

 - Fixed a few places that would output an INFO message with
   [`--info=NAME`](rsync.1#opt) that should only have been output given
   [`--verbose`](rsync.1#opt) or [`--itemize-changes`](rsync.1#opt).

 - Avoid a weird failure if you run a local copy with a (useless)
   [`--rsh`](rsync.1#opt) option that contains a `V` in the command.

 - Fixed a long-standing compression bug where the compression level of the
   first file transferred affected the level for all future files.  Also, the
   per-file compression skipping has apparently never worked, so it is now
   documented as being ineffective.

 - Fixed a truncate error when a `--write-devices` copy wrote a file onto a
   device that was shorter than the device.

 - Made `--write-devices` support both `--checksum` and `--no-whole-file` when
   copying to a device.

 - Improved how the [`--stop-at`](rsync.1#opt), [`--stop-after`](rsync.1#opt),
   and (the deprecated) [`--time-limit`](rsync.1#opt) options check to see if
   the allowed time is over, which should make rsync exit more consistently.

 - Tweak --progress to display "`??:??:??`" when the time-remaining \ 
value is so
   large as to be meaningless.

 - Silence some chmod warnings about symlinks when it looks like we have a
   function to set their permissions but they can't really be set.

 - Fixed a potential issue in git-set-file-times when handling commits with
   high-bit characters in the description & when handling a description that
   might mimick the git raw-commit deliniators.  (See the support dir.)

 - The bundled systemd/rsync.service file now includes `Restart=on-failure`.

### ENHANCEMENTS:

 - Use openssl's `-verify_hostname` option in the rsync-ssl script.

 - Added extra info to the "FILENAME exists" output of
   [`--ignore-existing`](rsync.1#opt) when [`--info=skip2`](rsync.1#opt) is
   used.  The skip message becomes "FILENAME exists (INFO)" where the \ 
INFO is
   one of "type change", "sum change" (requires \ 
[`--checksum`](rsync.1#opt)),
   "file change" (based on the quick check), "attr change", \ 
or "uptodate".
   Prior versions only supported `--info=skip1`.

 - Added the [`--fsync`](rsync.1#opt) option (promoted from the patches repo).

 - Added the [`--copy-devices`](rsync.1#opt) option.  Compared to the
   historical version from the rsync-patches repo, this version: properly
   handles `--checksum`; fixes a truncation bug when doing an `--inplace` copy
   onto a longer file; fixes several bugs in the `--itemize` output; and only
   the sending side needs the enhanced rsync for the copy to work.

 - Reduced memory usage for an incremental transfer that has a bunch of small
   directories.

 - The rsync daemon can now handle a client address with an implied \ 
"%scope"
   suffix.

 - Added support for [`--atimes`](rsync.1#opt) on macOS and fixed a bug where
   it wouldn't work without [`--times`](rsync.1#opt).

 - Rsync can now update the xattrs on a read-only file when your user can
   temporarily add user-write permission to the file. (It always worked for a
   root transfer.)

 - Rsync can now work around an [`--inplace`](rsync.1#opt) update of a file
   that is being refused due to the Linux fs.protected_regular sysctl setting.

 - When [`--chown`](rsync.1#opt), [`--usermap`](rsync.1#opt), or
   [`--groupmap`](rsync.1#opt) is specified, rsync now makes sure that the
   appropriate [`--owner`](rsync.1#opt) and/or [`--group`](rsync.1#opt) options
   are enabled.

 - Added the [`--info=NONREG`](rsync.1#opt) setting to control if rsync should
   warn about non-regular files in the transfer.  This is enabled by default
   (keeping the behavior the same as before), so specifying `--info=nonreg0`
   can be used to turn the warnings off.

 - An optional asm optimization for the rolling checksum from Shark64. Enable
   it with `./configure --enable-roll-asm`.

 - Using `--debug=FILTER` now outputs a caution message if a filter rule
   has trailing whitespace.

 - Transformed rrsync into a python script with improvements:
   - Security has been beefed up.
   - The known rsync options were updated to include recent additions.
   - Make rrsync reject [`--copy-links`](rsync.1#opt) (`-L`),
     [`--copy-dirlinks`](rsync.1#opt) (`-k`), &
     [`--keep-dirlinks`](rsync.1#opt) (`-K`) by default to make it harder to
     exploit any out-of-subdir symlinks.
   - A new rrsync option of [`-munge`](rrsync.1#opt) tells rrsync to always
     enable rsync's [`--munge-links`](rsync.1#opt) option on the server side.
   - A new rrsync option of [`-no-lock`](rrsync.1#opt) disables a new
     single-use locking idiom that is the default when [`-ro`](rrsync.1#opt) is
     not used (useful with [`-munge`](rrsync.1#opt)).
   - A new rrsync option of [`-no-del`](rrsync.1#opt) disables all `--remove*`
     and `--delete*` rsync options on the server side.
   - The log format has been tweaked slightly to add seconds to the timestamp
     and to output the command executed as a tuple (making the args clearer).
   - An rrsync.1 manpage was added (in the support dir with rrsync).

 - Added options to the lsh script to facilitate rrsync testing. (See the
   support dir.)

 - Transformed the atomic-rsync script into a python script and added the
   ability to ignore one or more non-zero exit codes.  By default, it now
   ignores code 24, the file-vanished exit code. (See the support dir.)

 - Transformed the munge-symlinks script into python. (See the support dir.)

 - Improved the rsync-no-vanished script to not join stdout & stderr together.
   (See the support dir.)

 - Work around a glibc bug where lchmod() breaks in a chroot w/o /proc mounted.

 - Try to support a client that sent a remote rsync a wacko stderr file handle
   (such as an older File::RsyncP perl library used by BackupPC).

 - Lots of manpage improvements, including better HTML versions.

### PACKAGING RELATED:

 - Give configure the `--with-rrsync` option if you want `make install` to
   install the (now python3) rrsync script and its new manpage.

 - If the rrsync script is installed, its package should be changed to depend
   on python3 and the (suggested but not mandatory) python3 braceexpand lib.

 - When creating a package from a non-release version (w/o a git checkout), the
   packager can elect to create git-version.h and define RSYNC_GITVER to the
   string they want `--version` to output.  (The file is still auto-generated
   using the output of `git describe` when building inside a non-shallow git
   checkout, though.)

 - Renamed configure's `--enable-simd` option to `--enable-roll-simd` and added
   the option `--enable-roll-asm` to use the new asm version of the code.  Both
   are x86_64/amd64 only.

 - Renamed configure's `--enable-asm` option to `--enable-md5-asm` to avoid
   confusion with the asm option for the rolling checksum.  It is also honored
   even when openssl crypto is in use.  This allows: normal MD4 & MD5, normal
   MD4 + asm MD5, openssl MD4 & MD5, or openssl MD4 + asm MD5 depending on the
   configure options selected.

 - Made SIMD & asm configure checks default to "no" on non-Linux \ 
hosts due to
   various reports of problems on NetBSD & macOS hosts.  These were also
   tweaked to allow enabling the feature on a host_cpu of amd64 (was only
   allowed on x86_64 before).

 - Fixed configure to not fail at the SIMD check when cross-compiling.

 - Improved the IPv6 determination in configure.

 - Compile the C files with `-pedantic-errors` (when possible) so that we will
   get warned if a static initialization overflows in the future (among other
   things).

 - When linking with an external zlib, rsync renames its `read_buf()` function
   to `read_buf_()` to avoid a symbol clash on an unpatched zlib.

 - Added a SECURITY.md file.