Software-update: rsync 3.2.1

Op de website van Samba is een nieuwe uitgave van rsync verschenen, met ditmaal 3.2.1 als versieaanduiding. Dit programma voorziet in een snelle manier om bestanden geheel of gedeeltelijk tussen verschillende servers en locaties te synchroniseren. Het wordt dan ook veel op de achtergrond toegepast in allerlei synchronisatieprogramma's, maar kan bijvoorbeeld ook voor de off-site back-up van fileservers gebruikt worden. Wie meer wil weten, kan de beschikbare documentatie doorlezen, waarin ook een aantal tutorials wordt vermeld. De aankondiging is op deze pagina na te lezen en de lijst met aanpassingen ziet er als volgt uit:

NEWS for rsync 3.2.1

BUG FIXES:

• Fixed a potential build issue with the MD5 assembly-language code by removing some non-portable directives.
• Use the preprocessor with the asm file to ensure that if the code is unneeded, it doesn't get built.
• Avoid the stack getting set to executable when including the asm code.
• Some improvements in the SIMD configure testing to try to avoid build issues, such as avoiding a clang++ core dump when ‑g is combined with ‑O2. Note that clang++ is quite buggy in this area, and it does still crash for some folks, so just use ‑‑disable-simd if you need to avoid their buggy compiler (since the configure test is apparently not finding all the compilers that will to crash and burn).
• Fix an issue in the md2man script when building from an external dir.
• Disable ‑‑atimes on macOS (it apparently just ignores the atime change).

ENHANCEMENTS:

• The use of ‑‑backup-dir=STR now implies ‑‑backup.
• Added ‑‑zl=NUM as a short-hand for ‑‑compress-level=NUM.
• Added ‑‑early-input=FILE option that allows the client to send some data to a daemon's (optional) "early exec" script on its stdin.
• Mention atimes in the capabilities list that ‑‑version outputs.
• Mention either "default protect-args" or "optional protect-args" in the ‑‑version capabilities depending on how rsync was configured.
• Some info on optimizations is now elided from the ‑‑version capabilities since they aren't really user-facing capabilities. You can still see the info (plus the status of a couple extra optimizations) by repeating the ‑‑version option (e.g. ‑VV).
• Updated various URLs to be https instead of http.
• Some documentation improvements.

PACKAGING RELATED:

• If you had to use ‑‑disable-simd for 3.2.0, you might want to try removing that and see if it will succeed or auto-disable. Some buggy clang++ compilers are still not auto disabled, though.
• The MD5 asm code is now under its own configure flag (not shared with the SIMD setting), so if you have any issues compiling it, re-run configure with ‑‑disable-asm.
• Merged the OLDNEWS.md file into NEWS.md.

NEWS for rsync 3.2.0

BUG FIXES:

• Avoid a potential out-of-bounds read in daemon mode if argc can be made to become 0.
• Fix the default list of skip-compress files for non-daemon transfers.
• Fix xattr filter rules losing an 'x' attribute in a non-local transfer.
• Avoid an error when a check for a potential fuzzy file happens to reference a directory.
• Make the atomic-rsync helper script have a more consistent error-exit.
• Make sure that a signal handler's use of exit_cleanup() calls _exit() instead of exit().
• Various zlib fixes, including security fixes for CVE-2016-9843, CVE-2016-9842, CVE-2016-9841, and CVE-2016-9840.
• Fixed an issue with ‑‑remove-source-files not removing a source symlink when combined with ‑‑copy-links.
• Fixed a bug where the daemon would fail to write early fatal error messages to the client, such as refused or unknown command-line options.
• Fixed the block-size validation logic when dealing with older protocols.
• Some rrsync fixes and enhancements to handle the latest options.
• Fixed a problem with the ‑‑link-dest|‑‑copy-dest code when ‑‑xattrs was specified along with multiple alternate-destination directories (it could possibly choose a bad file match while trying to find a better xattr match).
• Fixed a couple bugs in the handling of files with the ‑‑sparse option.
• Fixed a bug in the writing of the batch.sh file (w/‑‑write-batch) when the source & destination args were not last on the command-line.
• Avoid a hang when an overabundance of messages clogs up all the I/O buffers.
• Fixed a mismatch in the RSYNC_PID values put into the environment of pre-xfer exec and a post-xfer exec.
• Fixed a crash in the ‑‑iconv code.
• Fixed a rare crash in the popt_unalias() code.

ENHANCEMENTS:

• Various checksum enhancements, including the optional use of openssl's MD4 & MD5 checksum algorithms, some x86-64 optimizations for the rolling checksum, some x86-64 optimizations for the (non-openssl) MD5 checksum, the addition of xxhash checksum support, and a negotiation heuristic that ensures that it is easier to add new checksum algorithms in the future. The environment variable RSYNC_CHECKSUM_LIST can be used to customize the preference order of the negotiation, or use ‑‑checksum-choice (‑‑cc) to force a choice.
• Various compression enhancements, including the addition of zstd and lz4 compression algorithms and a negotiation heuristic that picks the best compression option supported by both sides. The environment variable RSYNC_COMPRESS_LIST can be used to customize the preference order of the negotiation, or use ‑‑compress-choice (‑‑zc) to force a choice.
• Added a ‑‑debug=NSTR option that outputs details of the new negotiation strings (for checksums and compression). The first level just outputs the result of each negotiation on the client, level 2 outputs the values of the strings that were sent to and received from the server, and level 3 outputs all those values on the server side too (when the server was given the debug option).
• The ‑‑debug=OPTS command-line option is no longer auto-forwarded to the remote rsync which allows for the client and server to have different levels of debug specified. This also allows for newer debug options to be specified, such as using ‑‑debug=NSTR to see the negotiated hash result, without having the command fail if the server version is too old to handle that debug item. Use ‑M‑‑debug=OPTS to send the options to the remote side.
• Added the ‑‑atimes option based on the long-standing patch (just with some fixes that the patch has been needing).
• Added ‑‑open-noatime option to open files using O_NOATIME.
• Added the ‑‑write-devices option based on the long-standing patch.
• Added openssl & preliminary gnutls support to the rsync-ssl script, which is now installed by default. This was unified with the old stunnel-rsync helper script to simplify packaging. Note that the script accepts the use of ‑‑type=gnutls for gnutls testing, but does not look for gnutls-cli on the path yet. The use of ‑‑type=gnutls will not work right until gnutls-cli no longer drops data.
• Rsync was enhanced to set the RSYNC_PORT environment variable when running a daemon-over-rsh script. Its value is the user-specified port number (set via ‑‑port or an rsync:// URL) or 0 if the user didn't override the port.
• Added the proxy protocol daemon parameter that allows your rsyncd to know the real remote IP when it is setup behind a proxy.
• Added negated matching to the daemon's refuse options setting by using match strings that start with a ! (such as !compress*). This lets you refuse all options except for a particular approved list, for example. It also lets rsync refuse certain options by default (such as write-devices) while allowing the config to override that, as desired.
• Added the early exec daemon parameter that runs a script before the transfer parameters are known, allowing some early setup based on module name.
• Added status output in response to a signal (via both SIGINFO & SIGVTALRM).
• Added ‑‑copy-as=USER option to give some extra security to root-run rsync commands into/from untrusted directories (such as backups and restores).
• When resuming the transfer of a file in the ‑‑partial-dir, rsync will now update that partial file in-place instead of creating yet another tmp file copy. This requires both sender & receiver to be at least v3.2.0.
• Added support for RSYNC_SHELL & RSYNC_NO_XFER_EXEC environment variables that affect the early, pre-xfer, and post-xfer exec rsync daemon parameters.
• Optimize the ‑‑fuzzy ‑‑fuzzy heuristic to avoid the fuzzy directory scan until all other basis-file options are exhausted (such as ‑‑link-dest).
• Have the daemon log include the normal-exit sent/received stats when the transfer exited with an error when possible (i.e. if it is the sender).
• The daemon now locks its pid file (when configured to use one) so that it will not fail to start when the file exists but no daemon is running.
• Various man page improvements, including some html representations (that aren't installed by default).
• Made ‑V the short option for ‑‑version and improved its information.
• Pass the ‑4 or ‑6 option to the ssh command, making it easier to type than ‑‑rsh='ssh ‑4' (or the ‑6 equivalent).
• Added example config for rsyncd SSL proxy configs to rsyncd.conf.
• More errors messages now mention if the error is coming from the sender or the receiver.

PACKAGING RELATED:

• Add installed binary: /usr/bin/rsync-ssl
• Add installed man page: /usr/man/man1/rsync-ssl.1
• Tweak auxiliary doc file names, such as: README.md, INSTALL.md, & NEWS.md.
• The rsync-ssl script wants to run openssl or stunnel4, so consider adding a dependency for one of those options (though it's probably fine to just let it complain about being unable to find the program and let the user decide if they want to install one or the other).
• If you packaged rsync + rsync-ssl + rsync-ssl-daemon as separate packages, the rsync-ssl package is now gone (rsync-ssl should be considered to be mainstream now that Samba requires SSL for its rsync daemon).
• Add build dependency for liblz4-dev, libxxhash-dev, libzstd-dev, and libssl-dev. These development libraries will give rsync extra compression algorithms, extra checksum algorithms, and allow use of openssl's crypto lib for (potentially) faster MD4/MD5 checksums.
• Add build dependency for g++ or clang++ on x86_64 systems to enable the SIMD checksum optimizations.
• Add build dependency for either python3-cmarkcfm or python3-commonmark to allow for patching of man pages or building a git release. This is not required for a release-tar build, since it comes with pre-built man pages. Note that cmarkcfm is faster than commonmark, but they generate the same data. The commonmark dependency is easiest to install since it's native python, and can even be installed via pip3 install ‑‑user commonmark if you want to just install it for the build user.
• Remove yodl build dependency (if it was even listed before).

DEVELOPER RELATED:

• Silenced some annoying warnings about major() & minor() by improving an autoconf include-file check.
• Converted the man pages from yodl to markdown. They are now processed via a simple python3 script using the cmarkgfm or commonmark library. This should make it easier to package rsync, since yodl has gotten obscure.
• Improved some configure checks to work better with strict C99 compilers.
• Some perl building/packaging scripts were recoded into awk and python3.
• Some defines in byteorder.h were changed into static inline functions that will help to ensure that the args don't get evaluated multiple times on "careful alignment" hosts.
• Some code typos were fixed (as pointed out by a Fossies run).