2 * Copyright (c) 2003-2004 Tim Kientzle
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer
10 * in this position and unchanged.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 #include "archive_platform.h"
28 __FBSDID("$FreeBSD: src/lib/libarchive/archive_write_set_format_pax.c,v 1.34 2006/03/21 16:55:46 kientzle Exp $");
32 #include <sys/mkdev.h>
34 #ifdef MAJOR_IN_SYSMACROS
35 #include <sys/sysmacros.h>
44 #include "archive_entry.h"
45 #include "archive_private.h"
48 uint64_t entry_bytes_remaining;
49 uint64_t entry_padding;
50 struct archive_string pax_header;
54 static void add_pax_attr(struct archive_string *, const char *key,
56 static void add_pax_attr_int(struct archive_string *,
57 const char *key, int64_t value);
58 static void add_pax_attr_time(struct archive_string *,
59 const char *key, int64_t sec,
61 static void add_pax_attr_w(struct archive_string *,
62 const char *key, const wchar_t *wvalue);
63 static ssize_t archive_write_pax_data(struct archive *,
64 const void *, size_t);
65 static int archive_write_pax_finish(struct archive *);
66 static int archive_write_pax_finish_entry(struct archive *);
67 static int archive_write_pax_header(struct archive *,
68 struct archive_entry *);
69 static char *base64_encode(const char *src, size_t len);
70 static char *build_pax_attribute_name(char *dest, const char *src);
71 static char *build_ustar_entry_name(char *dest, const char *src,
72 size_t src_length, const char *insert);
73 static char *format_int(char *dest, int64_t);
74 static int has_non_ASCII(const wchar_t *);
75 static char *url_encode(const char *in);
76 static int write_nulls(struct archive *, size_t);
79 * Set output format to 'restricted pax' format.
81 * This is the same as normal 'pax', but tries to suppress
82 * the pax header whenever possible. This is the default for
83 * bsdtar, for instance.
86 archive_write_set_format_pax_restricted(struct archive *a)
89 r = archive_write_set_format_pax(a);
90 a->archive_format = ARCHIVE_FORMAT_TAR_PAX_RESTRICTED;
91 a->archive_format_name = "restricted POSIX pax interchange";
96 * Set output format to 'pax' format.
99 archive_write_set_format_pax(struct archive *a)
103 if (a->format_finish != NULL)
104 (a->format_finish)(a);
106 pax = malloc(sizeof(*pax));
108 archive_set_error(a, ENOMEM, "Can't allocate pax data");
109 return (ARCHIVE_FATAL);
111 memset(pax, 0, sizeof(*pax));
112 a->format_data = pax;
114 a->pad_uncompressed = 1;
115 a->format_write_header = archive_write_pax_header;
116 a->format_write_data = archive_write_pax_data;
117 a->format_finish = archive_write_pax_finish;
118 a->format_finish_entry = archive_write_pax_finish_entry;
119 a->archive_format = ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE;
120 a->archive_format_name = "POSIX pax interchange";
125 * Note: This code assumes that 'nanos' has the same sign as 'sec',
126 * which implies that sec=-1, nanos=200000000 represents -1.2 seconds
127 * and not -0.8 seconds. This is a pretty pedantic point, as we're
128 * unlikely to encounter many real files created before Jan 1, 1970,
129 * much less ones with timestamps recorded to sub-second resolution.
132 add_pax_attr_time(struct archive_string *as, const char *key,
133 int64_t sec, unsigned long nanos)
138 * Note that each byte contributes fewer than 3 base-10
139 * digits, so this will always be big enough.
141 char tmp[1 + 3*sizeof(sec) + 1 + 3*sizeof(nanos)];
143 tmp[sizeof(tmp) - 1] = 0;
144 t = tmp + sizeof(tmp) - 1;
146 /* Skip trailing zeros in the fractional part. */
147 for (digit = 0, i = 10; i > 0 && digit == 0; i--) {
152 /* Only format the fraction if it's non-zero. */
155 *--t = "0123456789"[digit];
162 t = format_int(t, sec);
164 add_pax_attr(as, key, t);
168 format_int(char *t, int64_t i)
179 *--t = "0123456789"[i % 10];
187 add_pax_attr_int(struct archive_string *as, const char *key, int64_t value)
189 char tmp[1 + 3 * sizeof(value)];
191 tmp[sizeof(tmp) - 1] = 0;
192 add_pax_attr(as, key, format_int(tmp + sizeof(tmp) - 1, value));
196 utf8_encode(const wchar_t *wval)
201 char *utf8_value, *p;
204 for (wp = wval; *wp != L'\0'; ) {
208 else if (wc <= 0x7ff)
210 else if (wc <= 0xffff)
212 else if (wc <= 0x1fffff)
214 else if (wc <= 0x3ffffff)
216 else if (wc <= 0x7fffffff)
218 /* Ignore larger values; UTF-8 can't encode them. */
221 utf8_value = malloc(utf8len + 1);
222 if (utf8_value == NULL) {
223 __archive_errx(1, "Not enough memory for attributes");
227 for (wp = wval, p = utf8_value; *wp != L'\0'; ) {
231 } else if (wc <= 0x7ff) {
232 p[0] = 0xc0 | ((wc >> 6) & 0x1f);
233 p[1] = 0x80 | (wc & 0x3f);
235 } else if (wc <= 0xffff) {
236 p[0] = 0xe0 | ((wc >> 12) & 0x0f);
237 p[1] = 0x80 | ((wc >> 6) & 0x3f);
238 p[2] = 0x80 | (wc & 0x3f);
240 } else if (wc <= 0x1fffff) {
241 p[0] = 0xf0 | ((wc >> 18) & 0x07);
242 p[1] = 0x80 | ((wc >> 12) & 0x3f);
243 p[2] = 0x80 | ((wc >> 6) & 0x3f);
244 p[3] = 0x80 | (wc & 0x3f);
246 } else if (wc <= 0x3ffffff) {
247 p[0] = 0xf8 | ((wc >> 24) & 0x03);
248 p[1] = 0x80 | ((wc >> 18) & 0x3f);
249 p[2] = 0x80 | ((wc >> 12) & 0x3f);
250 p[3] = 0x80 | ((wc >> 6) & 0x3f);
251 p[4] = 0x80 | (wc & 0x3f);
253 } else if (wc <= 0x7fffffff) {
254 p[0] = 0xfc | ((wc >> 30) & 0x01);
255 p[1] = 0x80 | ((wc >> 24) & 0x3f);
256 p[1] = 0x80 | ((wc >> 18) & 0x3f);
257 p[2] = 0x80 | ((wc >> 12) & 0x3f);
258 p[3] = 0x80 | ((wc >> 6) & 0x3f);
259 p[4] = 0x80 | (wc & 0x3f);
262 /* Ignore larger values; UTF-8 can't encode them. */
270 add_pax_attr_w(struct archive_string *as, const char *key, const wchar_t *wval)
272 char *utf8_value = utf8_encode(wval);
273 if (utf8_value == NULL)
275 add_pax_attr(as, key, utf8_value);
280 * Add a key/value attribute to the pax header. This function handles
281 * the length field and various other syntactic requirements.
284 add_pax_attr(struct archive_string *as, const char *key, const char *value)
286 int digits, i, len, next_ten;
287 char tmp[1 + 3 * sizeof(int)]; /* < 3 base-10 digits per byte */
290 * PAX attributes have the following layout:
291 * <len> <space> <key> <=> <value> <nl>
293 len = 1 + strlen(key) + 1 + strlen(value) + 1;
296 * The <len> field includes the length of the <len> field, so
297 * computing the correct length is tricky. I start by
298 * counting the number of base-10 digits in 'len' and
299 * computing the next higher power of 10.
307 next_ten = next_ten * 10;
310 * For example, if string without the length field is 99
311 * chars, then adding the 2 digit length "99" will force the
312 * total length past 100, requiring an extra digit. The next
313 * statement adjusts for this effect.
315 if (len + digits >= next_ten)
318 /* Now, we have the right length so we can build the line. */
319 tmp[sizeof(tmp) - 1] = 0; /* Null-terminate the work area. */
320 archive_strcat(as, format_int(tmp + sizeof(tmp) - 1, len + digits));
321 archive_strappend_char(as, ' ');
322 archive_strcat(as, key);
323 archive_strappend_char(as, '=');
324 archive_strcat(as, value);
325 archive_strappend_char(as, '\n');
329 archive_write_pax_header_xattrs(struct pax *pax, struct archive_entry *entry)
331 struct archive_string s;
332 int i = archive_entry_xattr_reset(entry);
338 char *url_encoded_name = NULL, *encoded_name = NULL;
339 wchar_t *wcs_name = NULL;
342 archive_entry_xattr_next(entry, &name, &value, &size);
343 /* Name is URL-encoded, then converted to wchar_t,
344 * then UTF-8 encoded. */
345 url_encoded_name = url_encode(name);
346 if (url_encoded_name != NULL) {
347 /* Convert narrow-character to wide-character. */
348 int wcs_length = strlen(url_encoded_name);
349 wcs_name = malloc((wcs_length + 1) * sizeof(wchar_t));
350 if (wcs_name == NULL)
351 __archive_errx(1, "No memory for xattr conversion");
352 mbstowcs(wcs_name, url_encoded_name, wcs_length);
353 wcs_name[wcs_length] = 0;
354 free(url_encoded_name); /* Done with this. */
356 if (wcs_name != NULL) {
357 encoded_name = utf8_encode(wcs_name);
358 free(wcs_name); /* Done with wchar_t name. */
361 encoded_value = base64_encode(value, size);
363 if (encoded_name != NULL && encoded_value != NULL) {
364 archive_string_init(&s);
365 archive_strcpy(&s, "LIBARCHIVE.xattr.");
366 archive_strcat(&s, encoded_name);
367 add_pax_attr(&(pax->pax_header), s.s, encoded_value);
368 archive_string_free(&s);
376 * TODO: Consider adding 'comment' and 'charset' fields to
377 * archive_entry so that clients can specify them. Also, consider
378 * adding generic key/value tags so clients can add arbitrary
382 archive_write_pax_header(struct archive *a,
383 struct archive_entry *entry_original)
385 struct archive_entry *entry_main;
386 const char *linkname, *p;
387 const char *hardlink;
389 const char *suffix_start;
390 int need_extension, r, ret;
392 const struct stat *st_main, *st_original;
396 char ustar_entry_name[256];
397 char pax_entry_name[256];
400 pax = a->format_data;
403 st_original = archive_entry_stat(entry_original);
405 hardlink = archive_entry_hardlink(entry_original);
407 /* Make sure this is a type of entry that we can handle here */
408 if (hardlink == NULL) {
409 switch (st_original->st_mode & S_IFMT) {
418 archive_set_error(a, ARCHIVE_ERRNO_FILE_FORMAT,
419 "tar format cannot archive socket");
420 return (ARCHIVE_WARN);
422 archive_set_error(a, ARCHIVE_ERRNO_FILE_FORMAT,
423 "tar format cannot archive this (mode=0%lo)",
424 (unsigned long)st_original->st_mode);
425 return (ARCHIVE_WARN);
429 /* Copy entry so we can modify it as needed. */
430 entry_main = archive_entry_clone(entry_original);
431 archive_string_empty(&(pax->pax_header)); /* Blank our work area. */
432 st_main = archive_entry_stat(entry_main);
435 * Determining whether or not the name is too big is ugly
436 * because of the rules for dividing names between 'name' and
437 * 'prefix' fields. Here, I pick out the longest possible
438 * suffix, then test whether the remaining prefix is too long.
440 wp = archive_entry_pathname_w(entry_main);
441 p = archive_entry_pathname(entry_main);
442 if (strlen(p) <= 100) /* Short enough for just 'name' field */
443 suffix_start = p; /* Record a zero-length prefix */
445 /* Find the largest suffix that fits in 'name' field. */
446 suffix_start = strchr(p + strlen(p) - 100 - 1, '/');
449 * If name is too long, or has non-ASCII characters, add
450 * 'path' to pax extended attrs.
452 if (suffix_start == NULL || suffix_start - p > 155 || has_non_ASCII(wp)) {
453 add_pax_attr_w(&(pax->pax_header), "path", wp);
454 archive_entry_set_pathname(entry_main,
455 build_ustar_entry_name(ustar_entry_name, p, strlen(p), NULL));
459 /* If link name is too long or has non-ASCII characters, add
460 * 'linkpath' to pax extended attrs. */
462 if (linkname == NULL)
463 linkname = archive_entry_symlink(entry_main);
465 if (linkname != NULL) {
466 /* There is a link name, get the wide version as well. */
467 if (hardlink != NULL)
468 wp = archive_entry_hardlink_w(entry_main);
470 wp = archive_entry_symlink_w(entry_main);
472 /* If the link is long or has a non-ASCII character,
473 * store it as a pax extended attribute. */
474 if (strlen(linkname) > 100 || has_non_ASCII(wp)) {
475 add_pax_attr_w(&(pax->pax_header), "linkpath", wp);
476 if (hardlink != NULL)
477 archive_entry_set_hardlink(entry_main,
478 "././@LongHardLink");
480 archive_entry_set_symlink(entry_main,
486 /* If file size is too large, add 'size' to pax extended attrs. */
487 if (st_main->st_size >= (((int64_t)1) << 33)) {
488 add_pax_attr_int(&(pax->pax_header), "size", st_main->st_size);
492 /* If numeric GID is too large, add 'gid' to pax extended attrs. */
493 if (st_main->st_gid >= (1 << 18)) {
494 add_pax_attr_int(&(pax->pax_header), "gid", st_main->st_gid);
498 /* If group name is too large or has non-ASCII characters, add
499 * 'gname' to pax extended attrs. */
500 p = archive_entry_gname(entry_main);
501 wp = archive_entry_gname_w(entry_main);
502 if (p != NULL && (strlen(p) > 31 || has_non_ASCII(wp))) {
503 add_pax_attr_w(&(pax->pax_header), "gname", wp);
504 archive_entry_set_gname(entry_main, NULL);
508 /* If numeric UID is too large, add 'uid' to pax extended attrs. */
509 if (st_main->st_uid >= (1 << 18)) {
510 add_pax_attr_int(&(pax->pax_header), "uid", st_main->st_uid);
514 /* If user name is too large, add 'uname' to pax extended attrs. */
515 /* TODO: If uname has non-ASCII characters, use pax attribute. */
516 p = archive_entry_uname(entry_main);
517 wp = archive_entry_uname_w(entry_main);
518 if (p != NULL && (strlen(p) > 31 || has_non_ASCII(wp))) {
519 add_pax_attr_w(&(pax->pax_header), "uname", wp);
520 archive_entry_set_uname(entry_main, NULL);
525 * POSIX/SUSv3 doesn't provide a standard key for large device
526 * numbers. I use the same keys here that Joerg Schilling
527 * used for 'star.' (Which, somewhat confusingly, are called
528 * "devXXX" even though they code "rdev" values.) No doubt,
529 * other implementations use other keys. Note that there's no
530 * reason we can't write the same information into a number of
533 * Of course, this is only needed for block or char device entries.
535 if (S_ISBLK(st_main->st_mode) ||
536 S_ISCHR(st_main->st_mode)) {
538 * If rdevmajor is too large, add 'SCHILY.devmajor' to
539 * extended attributes.
541 dev_t rdevmajor, rdevminor;
542 rdevmajor = major(st_main->st_rdev);
543 rdevminor = minor(st_main->st_rdev);
544 if (rdevmajor >= (1 << 18)) {
545 add_pax_attr_int(&(pax->pax_header), "SCHILY.devmajor",
548 * Non-strict formatting below means we don't
549 * have to truncate here. Not truncating improves
550 * the chance that some more modern tar archivers
551 * (such as GNU tar 1.13) can restore the full
552 * value even if they don't understand the pax
553 * extended attributes. See my rant below about
554 * file size fields for additional details.
556 /* archive_entry_set_rdevmajor(entry_main,
557 rdevmajor & ((1 << 18) - 1)); */
562 * If devminor is too large, add 'SCHILY.devminor' to
563 * extended attributes.
565 if (rdevminor >= (1 << 18)) {
566 add_pax_attr_int(&(pax->pax_header), "SCHILY.devminor",
568 /* Truncation is not necessary here, either. */
569 /* archive_entry_set_rdevminor(entry_main,
570 rdevminor & ((1 << 18) - 1)); */
576 * Technically, the mtime field in the ustar header can
577 * support 33 bits, but many platforms use signed 32-bit time
578 * values. The cutoff of 0x7fffffff here is a compromise.
579 * Yes, this check is duplicated just below; this helps to
580 * avoid writing an mtime attribute just to handle a
581 * high-resolution timestamp in "restricted pax" mode.
583 if (!need_extension &&
584 ((st_main->st_mtime < 0) || (st_main->st_mtime >= 0x7fffffff)))
587 /* I use a star-compatible file flag attribute. */
588 p = archive_entry_fflags_text(entry_main);
589 if (!need_extension && p != NULL && *p != '\0')
592 /* If there are non-trivial ACL entries, we need an extension. */
593 if (!need_extension && archive_entry_acl_count(entry_original,
594 ARCHIVE_ENTRY_ACL_TYPE_ACCESS) > 0)
597 /* If there are non-trivial ACL entries, we need an extension. */
598 if (!need_extension && archive_entry_acl_count(entry_original,
599 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT) > 0)
602 /* If there are extended attributes, we need an extension */
603 if (!need_extension && archive_entry_xattr_count(entry_original) > 0)
607 * The following items are handled differently in "pax
608 * restricted" format. In particular, in "pax restricted"
609 * format they won't be added unless need_extension is
610 * already set (we're already generating an extended header, so
611 * may as well include these).
613 if (a->archive_format != ARCHIVE_FORMAT_TAR_PAX_RESTRICTED ||
616 if (st_main->st_mtime < 0 ||
617 st_main->st_mtime >= 0x7fffffff ||
618 ARCHIVE_STAT_MTIME_NANOS(st_main) != 0)
619 add_pax_attr_time(&(pax->pax_header), "mtime",
621 ARCHIVE_STAT_MTIME_NANOS(st_main));
623 if (st_main->st_ctime != 0 ||
624 ARCHIVE_STAT_CTIME_NANOS(st_main) != 0)
625 add_pax_attr_time(&(pax->pax_header), "ctime",
627 ARCHIVE_STAT_CTIME_NANOS(st_main));
629 if (st_main->st_atime != 0 ||
630 ARCHIVE_STAT_ATIME_NANOS(st_main) != 0)
631 add_pax_attr_time(&(pax->pax_header), "atime",
633 ARCHIVE_STAT_ATIME_NANOS(st_main));
635 /* I use a star-compatible file flag attribute. */
636 p = archive_entry_fflags_text(entry_main);
637 if (p != NULL && *p != '\0')
638 add_pax_attr(&(pax->pax_header), "SCHILY.fflags", p);
640 /* I use star-compatible ACL attributes. */
641 wp = archive_entry_acl_text_w(entry_original,
642 ARCHIVE_ENTRY_ACL_TYPE_ACCESS |
643 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID);
644 if (wp != NULL && *wp != L'\0')
645 add_pax_attr_w(&(pax->pax_header),
646 "SCHILY.acl.access", wp);
647 wp = archive_entry_acl_text_w(entry_original,
648 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT |
649 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID);
650 if (wp != NULL && *wp != L'\0')
651 add_pax_attr_w(&(pax->pax_header),
652 "SCHILY.acl.default", wp);
654 /* Include star-compatible metadata info. */
655 /* Note: "SCHILY.dev{major,minor}" are NOT the
656 * major/minor portions of "SCHILY.dev". */
657 add_pax_attr_int(&(pax->pax_header), "SCHILY.dev",
659 add_pax_attr_int(&(pax->pax_header), "SCHILY.ino",
661 add_pax_attr_int(&(pax->pax_header), "SCHILY.nlink",
664 /* Store extended attributes */
665 archive_write_pax_header_xattrs(pax, entry_original);
668 /* Only regular files have data. */
669 if (!S_ISREG(archive_entry_mode(entry_main)))
670 archive_entry_set_size(entry_main, 0);
673 * Pax-restricted does not store data for hardlinks, in order
674 * to improve compatibility with ustar.
676 if (a->archive_format != ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE &&
678 archive_entry_set_size(entry_main, 0);
681 * XXX Full pax interchange format does permit a hardlink
682 * entry to have data associated with it. I'm not supporting
683 * that here because the client expects me to tell them whether
684 * or not this format expects data for hardlinks. If I
685 * don't check here, then every pax archive will end up with
686 * duplicated data for hardlinks. Someday, there may be
687 * need to select this behavior, in which case the following
688 * will need to be revisited. XXX
690 if (hardlink != NULL)
691 archive_entry_set_size(entry_main, 0);
693 /* Format 'ustar' header for main entry.
695 * The trouble with file size: If the reader can't understand
696 * the file size, they may not be able to locate the next
697 * entry and the rest of the archive is toast. Pax-compliant
698 * readers are supposed to ignore the file size in the main
699 * header, so the question becomes how to maximize portability
700 * for readers that don't support pax attribute extensions.
701 * For maximum compatibility, I permit numeric extensions in
702 * the main header so that the file size stored will always be
703 * correct, even if it's in a format that only some
704 * implementations understand. The technique used here is:
706 * a) If possible, follow the standard exactly. This handles
707 * files up to 8 gigabytes minus 1.
709 * b) If that fails, try octal but omit the field terminator.
710 * That handles files up to 64 gigabytes minus 1.
712 * c) Otherwise, use base-256 extensions. That handles files
713 * up to 2^63 in this implementation, with the potential to
714 * go up to 2^94. That should hold us for a while. ;-)
716 * The non-strict formatter uses similar logic for other
717 * numeric fields, though they're less critical.
719 __archive_write_format_header_ustar(a, ustarbuff, entry_main, -1, 0);
721 /* If we built any extended attributes, write that entry first. */
723 if (archive_strlen(&(pax->pax_header)) > 0) {
725 struct archive_entry *pax_attr_entry;
729 memset(&st, 0, sizeof(st));
730 pax_attr_entry = archive_entry_new();
731 p = archive_entry_pathname(entry_main);
732 archive_entry_set_pathname(pax_attr_entry,
733 build_pax_attribute_name(pax_entry_name, p));
734 st.st_size = archive_strlen(&(pax->pax_header));
735 /* Copy uid/gid (but clip to ustar limits). */
736 st.st_uid = st_main->st_uid;
737 if (st.st_uid >= 1 << 18)
738 st.st_uid = (1 << 18) - 1;
739 st.st_gid = st_main->st_gid;
740 if (st.st_gid >= 1 << 18)
741 st.st_gid = (1 << 18) - 1;
742 /* Copy mode over (but not setuid/setgid bits) */
743 st.st_mode = st_main->st_mode;
745 st.st_mode &= ~S_ISUID;
748 st.st_mode &= ~S_ISGID;
751 st.st_mode &= ~S_ISVTX;
753 archive_entry_copy_stat(pax_attr_entry, &st);
755 /* Copy uname/gname. */
756 archive_entry_set_uname(pax_attr_entry,
757 archive_entry_uname(entry_main));
758 archive_entry_set_gname(pax_attr_entry,
759 archive_entry_gname(entry_main));
761 /* Copy mtime, but clip to ustar limits. */
762 s = archive_entry_mtime(entry_main);
763 ns = archive_entry_mtime_nsec(entry_main);
764 if (s < 0) { s = 0; ns = 0; }
765 if (s > 0x7fffffff) { s = 0x7fffffff; ns = 0; }
766 archive_entry_set_mtime(pax_attr_entry, s, ns);
768 /* Ditto for atime. */
769 s = archive_entry_atime(entry_main);
770 ns = archive_entry_atime_nsec(entry_main);
771 if (s < 0) { s = 0; ns = 0; }
772 if (s > 0x7fffffff) { s = 0x7fffffff; ns = 0; }
773 archive_entry_set_atime(pax_attr_entry, s, ns);
775 /* Standard ustar doesn't support ctime. */
776 archive_entry_set_ctime(pax_attr_entry, 0, 0);
778 ret = __archive_write_format_header_ustar(a, paxbuff,
779 pax_attr_entry, 'x', 1);
781 archive_entry_free(pax_attr_entry);
783 /* Note that the 'x' header shouldn't ever fail to format */
785 const char *msg = "archive_write_pax_header: "
786 "'x' header failed?! This can't happen.\n";
787 write(2, msg, strlen(msg));
790 r = (a->compression_write)(a, paxbuff, 512);
791 if (r != ARCHIVE_OK) {
792 pax->entry_bytes_remaining = 0;
793 pax->entry_padding = 0;
794 return (ARCHIVE_FATAL);
797 pax->entry_bytes_remaining = archive_strlen(&(pax->pax_header));
798 pax->entry_padding = 0x1ff & (- pax->entry_bytes_remaining);
800 r = (a->compression_write)(a, pax->pax_header.s,
801 archive_strlen(&(pax->pax_header)));
802 if (r != ARCHIVE_OK) {
803 /* If a write fails, we're pretty much toast. */
804 return (ARCHIVE_FATAL);
806 /* Pad out the end of the entry. */
807 r = write_nulls(a, pax->entry_padding);
808 if (r != ARCHIVE_OK) {
809 /* If a write fails, we're pretty much toast. */
810 return (ARCHIVE_FATAL);
812 pax->entry_bytes_remaining = pax->entry_padding = 0;
815 /* Write the header for main entry. */
816 r = (a->compression_write)(a, ustarbuff, 512);
821 * Inform the client of the on-disk size we're using, so
822 * they can avoid unnecessarily writing a body for something
823 * that we're just going to ignore.
825 archive_entry_set_size(entry_original, archive_entry_size(entry_main));
826 pax->entry_bytes_remaining = archive_entry_size(entry_main);
827 pax->entry_padding = 0x1ff & (- pax->entry_bytes_remaining);
828 archive_entry_free(entry_main);
834 * We need a valid name for the regular 'ustar' entry. This routine
835 * tries to hack something more-or-less reasonable.
837 * The approach here tries to preserve leading dir names. We do so by
838 * working with four sections:
839 * 1) "prefix" directory names,
840 * 2) "suffix" directory names,
841 * 3) inserted dir name (optional),
844 * These sections must satisfy the following requirements:
845 * * Parts 1 & 2 together form an initial portion of the dir name.
846 * * Part 3 is specified by the caller. (It should not contain a leading
848 * * Part 4 forms an initial portion of the base filename.
849 * * The filename must be <= 99 chars to fit the ustar 'name' field.
850 * * Parts 2, 3, 4 together must be <= 99 chars to fit the ustar 'name' fld.
851 * * Part 1 must be <= 155 chars to fit the ustar 'prefix' field.
852 * * If the original name ends in a '/', the new name must also end in a '/'
853 * * Trailing '/.' sequences may be stripped.
855 * Note: Recall that the ustar format does not store the '/' separating
856 * parts 1 & 2, but does store the '/' separating parts 2 & 3.
859 build_ustar_entry_name(char *dest, const char *src, size_t src_length,
862 const char *prefix, *prefix_end;
863 const char *suffix, *suffix_end;
864 const char *filename, *filename_end;
866 int need_slash = 0; /* Was there a trailing slash? */
867 size_t suffix_length = 99;
870 /* Length of additional dir element to be added. */
874 /* +2 here allows for '/' before and after the insert. */
875 insert_length = strlen(insert) + 2;
877 /* Step 0: Quick bailout in a common case. */
878 if (src_length < 100 && insert == NULL) {
879 strncpy(dest, src, src_length);
880 dest[src_length] = '\0';
884 /* Step 1: Locate filename and enforce the length restriction. */
885 filename_end = src + src_length;
886 /* Remove trailing '/' chars and '/.' pairs. */
888 if (filename_end > src && filename_end[-1] == '/') {
890 need_slash = 1; /* Remember to restore trailing '/'. */
893 if (filename_end > src + 1 && filename_end[-1] == '.'
894 && filename_end[-2] == '/') {
896 need_slash = 1; /* "foo/." will become "foo/" */
903 /* Find start of filename. */
904 filename = filename_end - 1;
905 while ((filename > src) && (*filename != '/'))
907 if ((*filename == '/') && (filename < filename_end - 1))
909 /* Adjust filename_end so that filename + insert fits in 99 chars. */
910 suffix_length -= insert_length;
911 if (filename_end > filename + suffix_length)
912 filename_end = filename + suffix_length;
913 /* Calculate max size for "suffix" section (#3 above). */
914 suffix_length -= filename_end - filename;
916 /* Step 2: Locate the "prefix" section of the dirname, including
919 prefix_end = prefix + 155;
920 if (prefix_end > filename)
921 prefix_end = filename;
922 while (prefix_end > prefix && *prefix_end != '/')
924 if ((prefix_end < filename) && (*prefix_end == '/'))
927 /* Step 3: Locate the "suffix" section of the dirname,
928 * including trailing '/'. */
930 suffix_end = suffix + suffix_length; /* Enforce limit. */
931 if (suffix_end > filename)
932 suffix_end = filename;
933 if (suffix_end < suffix)
935 while (suffix_end > suffix && *suffix_end != '/')
937 if ((suffix_end < filename) && (*suffix_end == '/'))
940 /* Step 4: Build the new name. */
941 /* The OpenBSD strlcpy function is safer, but less portable. */
942 /* Rather than maintain two versions, just use the strncpy version. */
944 if (prefix_end > prefix) {
945 strncpy(p, prefix, prefix_end - prefix);
946 p += prefix_end - prefix;
948 if (suffix_end > suffix) {
949 strncpy(p, suffix, suffix_end - suffix);
950 p += suffix_end - suffix;
952 if (insert != NULL) {
953 /* Note: assume insert does not have leading or trailing '/' */
958 strncpy(p, filename, filename_end - filename);
959 p += filename_end - filename;
968 * The ustar header for the pax extended attributes must have a
969 * reasonable name: SUSv3 suggests 'dirname'/PaxHeader/'filename'
971 * Joerg Schiling has argued that this is unnecessary because, in practice,
972 * if the pax extended attributes get extracted as regular files, noone is
973 * going to bother reading those attributes to manually restore them.
974 * Based on this, 'star' uses /tmp/PaxHeader/'basename' as the ustar header
975 * name. This is a tempting argument, but I'm not entirely convinced.
976 * I'm also uncomfortable with the fact that "/tmp" is a Unix-ism.
978 * The following routine implements the SUSv3 recommendation, and is
979 * much simpler because build_ustar_entry_name() above already does
980 * most of the work (we just need to give it an extra path element to
981 * insert and handle a few pathological cases).
984 build_pax_attribute_name(char *dest, const char *src)
988 /* Handle the null filename case. */
989 if (src == NULL || *src == '\0') {
990 strcpy(dest, "PaxHeader/blank");
994 /* Prune final '/' and other unwanted final elements. */
995 p = src + strlen(src);
997 /* Ends in "/", remove the '/' */
998 if (p > src && p[-1] == '/') {
1002 /* Ends in "/.", remove the '.' */
1003 if (p > src + 1 && p[-1] == '.'
1011 /* Pathological case: After above, there was nothing left.
1012 * This includes "/." "/./." "/.//./." etc. */
1014 strcpy(dest, "/PaxHeader/rootdir");
1018 /* Convert unadorned "." into a suitable filename. */
1019 if (*src == '.' && p == src + 1) {
1020 strcpy(dest, "PaxHeader/currentdir");
1024 /* General case: build a ustar-compatible name adding "/PaxHeader/". */
1025 build_ustar_entry_name(dest, src, p - src, "PaxHeader");
1030 /* Write two null blocks for the end of archive */
1032 archive_write_pax_finish(struct archive *a)
1038 pax = a->format_data;
1039 if (pax->written && a->compression_write != NULL)
1040 r = write_nulls(a, 512 * 2);
1041 archive_string_free(&pax->pax_header);
1043 a->format_data = NULL;
1048 archive_write_pax_finish_entry(struct archive *a)
1053 pax = a->format_data;
1054 ret = write_nulls(a, pax->entry_bytes_remaining + pax->entry_padding);
1055 pax->entry_bytes_remaining = pax->entry_padding = 0;
1060 write_nulls(struct archive *a, size_t padding)
1064 while (padding > 0) {
1065 to_write = padding < a->null_length ? padding : a->null_length;
1066 ret = (a->compression_write)(a, a->nulls, to_write);
1067 if (ret != ARCHIVE_OK)
1069 padding -= to_write;
1071 return (ARCHIVE_OK);
1075 archive_write_pax_data(struct archive *a, const void *buff, size_t s)
1080 pax = a->format_data;
1082 if (s > pax->entry_bytes_remaining)
1083 s = pax->entry_bytes_remaining;
1085 ret = (a->compression_write)(a, buff, s);
1086 pax->entry_bytes_remaining -= s;
1087 if (ret == ARCHIVE_OK)
1094 has_non_ASCII(const wchar_t *wp)
1096 while (*wp != L'\0' && *wp < 128)
1098 return (*wp != L'\0');
1102 * Used by extended attribute support; encodes the name
1103 * so that there will be no '=' characters in the result.
1106 url_encode(const char *in)
1113 for (s = in; *s != '\0'; s++) {
1114 if (*s < 33 || *s > 126 || *s == '%' || *s == '=')
1120 out = (char *)malloc(out_len + 1);
1124 for (s = in, d = out; *s != '\0'; s++) {
1125 /* encode any non-printable ASCII character or '%' or '=' */
1126 if (*s < 33 || *s > 126 || *s == '%' || *s == '=') {
1127 /* URL encoding is '%' followed by two hex digits */
1129 *d++ = "0123456789ABCDEF"[0x0f & (*s >> 4)];
1130 *d++ = "0123456789ABCDEF"[0x0f & *s];
1140 * Encode a sequence of bytes into a C string using base-64 encoding.
1142 * Returns a null-terminated C string allocated with malloc(); caller
1143 * is responsible for freeing the result.
1146 base64_encode(const char *s, size_t len)
1148 static const char digits[64] =
1149 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
1153 /* 3 bytes becomes 4 chars, but round up and allow for trailing NUL */
1154 out = malloc((len * 4 + 2) / 3 + 1);
1159 /* Convert each group of 3 bytes into 4 characters. */
1161 v = (((int)s[0] << 16) & 0xff0000)
1162 | (((int)s[1] << 8) & 0xff00)
1163 | (((int)s[2]) & 0x00ff);
1166 *d++ = digits[(v >> 18) & 0x3f];
1167 *d++ = digits[(v >> 12) & 0x3f];
1168 *d++ = digits[(v >> 6) & 0x3f];
1169 *d++ = digits[(v) & 0x3f];
1171 /* Handle final group of 1 byte (2 chars) or 2 bytes (3 chars). */
1175 v = (((int)s[0] << 16) & 0xff0000);
1176 *d++ = digits[(v >> 18) & 0x3f];
1177 *d++ = digits[(v >> 12) & 0x3f];
1180 v = (((int)s[0] << 16) & 0xff0000)
1181 | (((int)s[1] << 8) & 0xff00);
1182 *d++ = digits[(v >> 18) & 0x3f];
1183 *d++ = digits[(v >> 12) & 0x3f];
1184 *d++ = digits[(v >> 6) & 0x3f];
1187 /* Add trailing NUL character so output is a valid C string. */