2 * Copyright (c) 2003-2007 Tim Kientzle
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 #include "archive_platform.h"
27 __FBSDID("$FreeBSD: src/lib/libarchive/archive_write_set_format_pax.c,v 1.39 2007/03/03 07:37:36 kientzle Exp $");
40 #include "archive_entry.h"
41 #include "archive_private.h"
42 #include "archive_write_private.h"
45 uint64_t entry_bytes_remaining;
46 uint64_t entry_padding;
47 struct archive_string pax_header;
50 static void add_pax_attr(struct archive_string *, const char *key,
52 static void add_pax_attr_int(struct archive_string *,
53 const char *key, int64_t value);
54 static void add_pax_attr_time(struct archive_string *,
55 const char *key, int64_t sec,
57 static void add_pax_attr_w(struct archive_string *,
58 const char *key, const wchar_t *wvalue);
59 static ssize_t archive_write_pax_data(struct archive_write *,
60 const void *, size_t);
61 static int archive_write_pax_finish(struct archive_write *);
62 static int archive_write_pax_destroy(struct archive_write *);
63 static int archive_write_pax_finish_entry(struct archive_write *);
64 static int archive_write_pax_header(struct archive_write *,
65 struct archive_entry *);
66 static char *base64_encode(const char *src, size_t len);
67 static char *build_pax_attribute_name(char *dest, const char *src);
68 static char *build_ustar_entry_name(char *dest, const char *src,
69 size_t src_length, const char *insert);
70 static char *format_int(char *dest, int64_t);
71 static int has_non_ASCII(const wchar_t *);
72 static char *url_encode(const char *in);
73 static int write_nulls(struct archive_write *, size_t);
76 * Set output format to 'restricted pax' format.
78 * This is the same as normal 'pax', but tries to suppress
79 * the pax header whenever possible. This is the default for
80 * bsdtar, for instance.
83 archive_write_set_format_pax_restricted(struct archive *_a)
85 struct archive_write *a = (struct archive_write *)_a;
87 r = archive_write_set_format_pax(&a->archive);
88 a->archive_format = ARCHIVE_FORMAT_TAR_PAX_RESTRICTED;
89 a->archive_format_name = "restricted POSIX pax interchange";
94 * Set output format to 'pax' format.
97 archive_write_set_format_pax(struct archive *_a)
99 struct archive_write *a = (struct archive_write *)_a;
102 if (a->format_destroy != NULL)
103 (a->format_destroy)(a);
105 pax = (struct pax *)malloc(sizeof(*pax));
107 archive_set_error(&a->archive, ENOMEM, "Can't allocate pax data");
108 return (ARCHIVE_FATAL);
110 memset(pax, 0, sizeof(*pax));
111 a->format_data = pax;
113 a->pad_uncompressed = 1;
114 a->format_write_header = archive_write_pax_header;
115 a->format_write_data = archive_write_pax_data;
116 a->format_finish = archive_write_pax_finish;
117 a->format_destroy = archive_write_pax_destroy;
118 a->format_finish_entry = archive_write_pax_finish_entry;
119 a->archive_format = ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE;
120 a->archive_format_name = "POSIX pax interchange";
125 * Note: This code assumes that 'nanos' has the same sign as 'sec',
126 * which implies that sec=-1, nanos=200000000 represents -1.2 seconds
127 * and not -0.8 seconds. This is a pretty pedantic point, as we're
128 * unlikely to encounter many real files created before Jan 1, 1970,
129 * much less ones with timestamps recorded to sub-second resolution.
132 add_pax_attr_time(struct archive_string *as, const char *key,
133 int64_t sec, unsigned long nanos)
138 * Note that each byte contributes fewer than 3 base-10
139 * digits, so this will always be big enough.
141 char tmp[1 + 3*sizeof(sec) + 1 + 3*sizeof(nanos)];
143 tmp[sizeof(tmp) - 1] = 0;
144 t = tmp + sizeof(tmp) - 1;
146 /* Skip trailing zeros in the fractional part. */
147 for (digit = 0, i = 10; i > 0 && digit == 0; i--) {
152 /* Only format the fraction if it's non-zero. */
155 *--t = "0123456789"[digit];
162 t = format_int(t, sec);
164 add_pax_attr(as, key, t);
168 format_int(char *t, int64_t i)
179 *--t = "0123456789"[i % 10];
187 add_pax_attr_int(struct archive_string *as, const char *key, int64_t value)
189 char tmp[1 + 3 * sizeof(value)];
191 tmp[sizeof(tmp) - 1] = 0;
192 add_pax_attr(as, key, format_int(tmp + sizeof(tmp) - 1, value));
196 utf8_encode(const wchar_t *wval)
201 char *utf8_value, *p;
204 for (wp = wval; *wp != L'\0'; ) {
208 else if (wc <= 0x7ff)
210 else if (wc <= 0xffff)
212 else if (wc <= 0x1fffff)
214 else if (wc <= 0x3ffffff)
216 else if (wc <= 0x7fffffff)
218 /* Ignore larger values; UTF-8 can't encode them. */
221 utf8_value = (char *)malloc(utf8len + 1);
222 if (utf8_value == NULL) {
223 __archive_errx(1, "Not enough memory for attributes");
227 for (wp = wval, p = utf8_value; *wp != L'\0'; ) {
231 } else if (wc <= 0x7ff) {
232 p[0] = 0xc0 | ((wc >> 6) & 0x1f);
233 p[1] = 0x80 | (wc & 0x3f);
235 } else if (wc <= 0xffff) {
236 p[0] = 0xe0 | ((wc >> 12) & 0x0f);
237 p[1] = 0x80 | ((wc >> 6) & 0x3f);
238 p[2] = 0x80 | (wc & 0x3f);
240 } else if (wc <= 0x1fffff) {
241 p[0] = 0xf0 | ((wc >> 18) & 0x07);
242 p[1] = 0x80 | ((wc >> 12) & 0x3f);
243 p[2] = 0x80 | ((wc >> 6) & 0x3f);
244 p[3] = 0x80 | (wc & 0x3f);
246 } else if (wc <= 0x3ffffff) {
247 p[0] = 0xf8 | ((wc >> 24) & 0x03);
248 p[1] = 0x80 | ((wc >> 18) & 0x3f);
249 p[2] = 0x80 | ((wc >> 12) & 0x3f);
250 p[3] = 0x80 | ((wc >> 6) & 0x3f);
251 p[4] = 0x80 | (wc & 0x3f);
253 } else if (wc <= 0x7fffffff) {
254 p[0] = 0xfc | ((wc >> 30) & 0x01);
255 p[1] = 0x80 | ((wc >> 24) & 0x3f);
256 p[1] = 0x80 | ((wc >> 18) & 0x3f);
257 p[2] = 0x80 | ((wc >> 12) & 0x3f);
258 p[3] = 0x80 | ((wc >> 6) & 0x3f);
259 p[4] = 0x80 | (wc & 0x3f);
262 /* Ignore larger values; UTF-8 can't encode them. */
270 add_pax_attr_w(struct archive_string *as, const char *key, const wchar_t *wval)
272 char *utf8_value = utf8_encode(wval);
273 if (utf8_value == NULL)
275 add_pax_attr(as, key, utf8_value);
280 * Add a key/value attribute to the pax header. This function handles
281 * the length field and various other syntactic requirements.
284 add_pax_attr(struct archive_string *as, const char *key, const char *value)
286 int digits, i, len, next_ten;
287 char tmp[1 + 3 * sizeof(int)]; /* < 3 base-10 digits per byte */
290 * PAX attributes have the following layout:
291 * <len> <space> <key> <=> <value> <nl>
293 len = 1 + strlen(key) + 1 + strlen(value) + 1;
296 * The <len> field includes the length of the <len> field, so
297 * computing the correct length is tricky. I start by
298 * counting the number of base-10 digits in 'len' and
299 * computing the next higher power of 10.
307 next_ten = next_ten * 10;
310 * For example, if string without the length field is 99
311 * chars, then adding the 2 digit length "99" will force the
312 * total length past 100, requiring an extra digit. The next
313 * statement adjusts for this effect.
315 if (len + digits >= next_ten)
318 /* Now, we have the right length so we can build the line. */
319 tmp[sizeof(tmp) - 1] = 0; /* Null-terminate the work area. */
320 archive_strcat(as, format_int(tmp + sizeof(tmp) - 1, len + digits));
321 archive_strappend_char(as, ' ');
322 archive_strcat(as, key);
323 archive_strappend_char(as, '=');
324 archive_strcat(as, value);
325 archive_strappend_char(as, '\n');
329 archive_write_pax_header_xattrs(struct pax *pax, struct archive_entry *entry)
331 struct archive_string s;
332 int i = archive_entry_xattr_reset(entry);
338 char *url_encoded_name = NULL, *encoded_name = NULL;
339 wchar_t *wcs_name = NULL;
342 archive_entry_xattr_next(entry, &name, &value, &size);
343 /* Name is URL-encoded, then converted to wchar_t,
344 * then UTF-8 encoded. */
345 url_encoded_name = url_encode(name);
346 if (url_encoded_name != NULL) {
347 /* Convert narrow-character to wide-character. */
348 int wcs_length = strlen(url_encoded_name);
349 wcs_name = (wchar_t *)malloc((wcs_length + 1) * sizeof(wchar_t));
350 if (wcs_name == NULL)
351 __archive_errx(1, "No memory for xattr conversion");
352 mbstowcs(wcs_name, url_encoded_name, wcs_length);
353 wcs_name[wcs_length] = 0;
354 free(url_encoded_name); /* Done with this. */
356 if (wcs_name != NULL) {
357 encoded_name = utf8_encode(wcs_name);
358 free(wcs_name); /* Done with wchar_t name. */
361 encoded_value = base64_encode((const char *)value, size);
363 if (encoded_name != NULL && encoded_value != NULL) {
364 archive_string_init(&s);
365 archive_strcpy(&s, "LIBARCHIVE.xattr.");
366 archive_strcat(&s, encoded_name);
367 add_pax_attr(&(pax->pax_header), s.s, encoded_value);
368 archive_string_free(&s);
376 * TODO: Consider adding 'comment' and 'charset' fields to
377 * archive_entry so that clients can specify them. Also, consider
378 * adding generic key/value tags so clients can add arbitrary
382 archive_write_pax_header(struct archive_write *a,
383 struct archive_entry *entry_original)
385 struct archive_entry *entry_main;
386 const char *linkname, *p;
388 const char *hardlink;
390 const char *suffix_start;
391 int need_extension, r, ret;
396 char ustar_entry_name[256];
397 char pax_entry_name[256];
400 pax = (struct pax *)a->format_data;
402 hardlink = archive_entry_hardlink(entry_original);
404 /* Make sure this is a type of entry that we can handle here */
405 if (hardlink == NULL) {
406 switch (archive_entry_filetype(entry_original)) {
415 * Ensure a trailing '/'. Modify the original
416 * entry so the client sees the change.
418 p = archive_entry_pathname(entry_original);
419 if (p[strlen(p) - 1] != '/') {
420 t = (char *)malloc(strlen(p) + 2);
424 archive_entry_copy_pathname(entry_original, t);
430 archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT,
431 "tar format cannot archive this (type=0%lo)",
432 (unsigned long)archive_entry_filetype(entry_original));
433 return (ARCHIVE_WARN);
437 /* Copy entry so we can modify it as needed. */
438 entry_main = archive_entry_clone(entry_original);
439 archive_string_empty(&(pax->pax_header)); /* Blank our work area. */
442 * Determining whether or not the name is too big is ugly
443 * because of the rules for dividing names between 'name' and
444 * 'prefix' fields. Here, I pick out the longest possible
445 * suffix, then test whether the remaining prefix is too long.
447 wp = archive_entry_pathname_w(entry_main);
448 p = archive_entry_pathname(entry_main);
449 if (strlen(p) <= 100) /* Short enough for just 'name' field */
450 suffix_start = p; /* Record a zero-length prefix */
452 /* Find the largest suffix that fits in 'name' field. */
453 suffix_start = strchr(p + strlen(p) - 100 - 1, '/');
456 * If name is too long, or has non-ASCII characters, add
457 * 'path' to pax extended attrs.
459 if (suffix_start == NULL || suffix_start - p > 155 || has_non_ASCII(wp)) {
460 add_pax_attr_w(&(pax->pax_header), "path", wp);
461 archive_entry_set_pathname(entry_main,
462 build_ustar_entry_name(ustar_entry_name, p, strlen(p), NULL));
466 /* If link name is too long or has non-ASCII characters, add
467 * 'linkpath' to pax extended attrs. */
469 if (linkname == NULL)
470 linkname = archive_entry_symlink(entry_main);
472 if (linkname != NULL) {
473 /* There is a link name, get the wide version as well. */
474 if (hardlink != NULL)
475 wp = archive_entry_hardlink_w(entry_main);
477 wp = archive_entry_symlink_w(entry_main);
479 /* If the link is long or has a non-ASCII character,
480 * store it as a pax extended attribute. */
481 if (strlen(linkname) > 100 || has_non_ASCII(wp)) {
482 add_pax_attr_w(&(pax->pax_header), "linkpath", wp);
483 if (hardlink != NULL)
484 archive_entry_set_hardlink(entry_main,
485 "././@LongHardLink");
487 archive_entry_set_symlink(entry_main,
493 /* If file size is too large, add 'size' to pax extended attrs. */
494 if (archive_entry_size(entry_main) >= (((int64_t)1) << 33)) {
495 add_pax_attr_int(&(pax->pax_header), "size",
496 archive_entry_size(entry_main));
500 /* If numeric GID is too large, add 'gid' to pax extended attrs. */
501 if (archive_entry_gid(entry_main) >= (1 << 18)) {
502 add_pax_attr_int(&(pax->pax_header), "gid",
503 archive_entry_gid(entry_main));
507 /* If group name is too large or has non-ASCII characters, add
508 * 'gname' to pax extended attrs. */
509 p = archive_entry_gname(entry_main);
510 wp = archive_entry_gname_w(entry_main);
511 if (p != NULL && (strlen(p) > 31 || has_non_ASCII(wp))) {
512 add_pax_attr_w(&(pax->pax_header), "gname", wp);
513 archive_entry_set_gname(entry_main, NULL);
517 /* If numeric UID is too large, add 'uid' to pax extended attrs. */
518 if (archive_entry_uid(entry_main) >= (1 << 18)) {
519 add_pax_attr_int(&(pax->pax_header), "uid",
520 archive_entry_uid(entry_main));
524 /* If user name is too large, add 'uname' to pax extended attrs. */
525 /* TODO: If uname has non-ASCII characters, use pax attribute. */
526 p = archive_entry_uname(entry_main);
527 wp = archive_entry_uname_w(entry_main);
528 if (p != NULL && (strlen(p) > 31 || has_non_ASCII(wp))) {
529 add_pax_attr_w(&(pax->pax_header), "uname", wp);
530 archive_entry_set_uname(entry_main, NULL);
535 * POSIX/SUSv3 doesn't provide a standard key for large device
536 * numbers. I use the same keys here that Joerg Schilling
537 * used for 'star.' (Which, somewhat confusingly, are called
538 * "devXXX" even though they code "rdev" values.) No doubt,
539 * other implementations use other keys. Note that there's no
540 * reason we can't write the same information into a number of
543 * Of course, this is only needed for block or char device entries.
545 if (archive_entry_filetype(entry_main) == AE_IFBLK
546 || archive_entry_filetype(entry_main) == AE_IFCHR) {
548 * If rdevmajor is too large, add 'SCHILY.devmajor' to
549 * extended attributes.
551 dev_t rdevmajor, rdevminor;
552 rdevmajor = archive_entry_rdevmajor(entry_main);
553 rdevminor = archive_entry_rdevminor(entry_main);
554 if (rdevmajor >= (1 << 18)) {
555 add_pax_attr_int(&(pax->pax_header), "SCHILY.devmajor",
558 * Non-strict formatting below means we don't
559 * have to truncate here. Not truncating improves
560 * the chance that some more modern tar archivers
561 * (such as GNU tar 1.13) can restore the full
562 * value even if they don't understand the pax
563 * extended attributes. See my rant below about
564 * file size fields for additional details.
566 /* archive_entry_set_rdevmajor(entry_main,
567 rdevmajor & ((1 << 18) - 1)); */
572 * If devminor is too large, add 'SCHILY.devminor' to
573 * extended attributes.
575 if (rdevminor >= (1 << 18)) {
576 add_pax_attr_int(&(pax->pax_header), "SCHILY.devminor",
578 /* Truncation is not necessary here, either. */
579 /* archive_entry_set_rdevminor(entry_main,
580 rdevminor & ((1 << 18) - 1)); */
586 * Technically, the mtime field in the ustar header can
587 * support 33 bits, but many platforms use signed 32-bit time
588 * values. The cutoff of 0x7fffffff here is a compromise.
589 * Yes, this check is duplicated just below; this helps to
590 * avoid writing an mtime attribute just to handle a
591 * high-resolution timestamp in "restricted pax" mode.
593 if (!need_extension &&
594 ((archive_entry_mtime(entry_main) < 0)
595 || (archive_entry_mtime(entry_main) >= 0x7fffffff)))
598 /* I use a star-compatible file flag attribute. */
599 p = archive_entry_fflags_text(entry_main);
600 if (!need_extension && p != NULL && *p != '\0')
603 /* If there are non-trivial ACL entries, we need an extension. */
604 if (!need_extension && archive_entry_acl_count(entry_original,
605 ARCHIVE_ENTRY_ACL_TYPE_ACCESS) > 0)
608 /* If there are non-trivial ACL entries, we need an extension. */
609 if (!need_extension && archive_entry_acl_count(entry_original,
610 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT) > 0)
613 /* If there are extended attributes, we need an extension */
614 if (!need_extension && archive_entry_xattr_count(entry_original) > 0)
618 * The following items are handled differently in "pax
619 * restricted" format. In particular, in "pax restricted"
620 * format they won't be added unless need_extension is
621 * already set (we're already generating an extended header, so
622 * may as well include these).
624 if (a->archive_format != ARCHIVE_FORMAT_TAR_PAX_RESTRICTED ||
627 if (archive_entry_mtime(entry_main) < 0 ||
628 archive_entry_mtime(entry_main) >= 0x7fffffff ||
629 archive_entry_mtime_nsec(entry_main) != 0)
630 add_pax_attr_time(&(pax->pax_header), "mtime",
631 archive_entry_mtime(entry_main),
632 archive_entry_mtime_nsec(entry_main));
634 if (archive_entry_ctime(entry_main) != 0 ||
635 archive_entry_ctime_nsec(entry_main) != 0)
636 add_pax_attr_time(&(pax->pax_header), "ctime",
637 archive_entry_ctime(entry_main),
638 archive_entry_ctime_nsec(entry_main));
640 if (archive_entry_atime(entry_main) != 0 ||
641 archive_entry_atime_nsec(entry_main) != 0)
642 add_pax_attr_time(&(pax->pax_header), "atime",
643 archive_entry_atime(entry_main),
644 archive_entry_atime_nsec(entry_main));
646 /* I use a star-compatible file flag attribute. */
647 p = archive_entry_fflags_text(entry_main);
648 if (p != NULL && *p != '\0')
649 add_pax_attr(&(pax->pax_header), "SCHILY.fflags", p);
651 /* I use star-compatible ACL attributes. */
652 wp = archive_entry_acl_text_w(entry_original,
653 ARCHIVE_ENTRY_ACL_TYPE_ACCESS |
654 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID);
655 if (wp != NULL && *wp != L'\0')
656 add_pax_attr_w(&(pax->pax_header),
657 "SCHILY.acl.access", wp);
658 wp = archive_entry_acl_text_w(entry_original,
659 ARCHIVE_ENTRY_ACL_TYPE_DEFAULT |
660 ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID);
661 if (wp != NULL && *wp != L'\0')
662 add_pax_attr_w(&(pax->pax_header),
663 "SCHILY.acl.default", wp);
665 /* Include star-compatible metadata info. */
666 /* Note: "SCHILY.dev{major,minor}" are NOT the
667 * major/minor portions of "SCHILY.dev". */
668 add_pax_attr_int(&(pax->pax_header), "SCHILY.dev",
669 archive_entry_dev(entry_main));
670 add_pax_attr_int(&(pax->pax_header), "SCHILY.ino",
671 archive_entry_ino(entry_main));
672 add_pax_attr_int(&(pax->pax_header), "SCHILY.nlink",
673 archive_entry_nlink(entry_main));
675 /* Store extended attributes */
676 archive_write_pax_header_xattrs(pax, entry_original);
679 /* Only regular files have data. */
680 if (archive_entry_filetype(entry_main) != AE_IFREG)
681 archive_entry_set_size(entry_main, 0);
684 * Pax-restricted does not store data for hardlinks, in order
685 * to improve compatibility with ustar.
687 if (a->archive_format != ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE &&
689 archive_entry_set_size(entry_main, 0);
692 * XXX Full pax interchange format does permit a hardlink
693 * entry to have data associated with it. I'm not supporting
694 * that here because the client expects me to tell them whether
695 * or not this format expects data for hardlinks. If I
696 * don't check here, then every pax archive will end up with
697 * duplicated data for hardlinks. Someday, there may be
698 * need to select this behavior, in which case the following
699 * will need to be revisited. XXX
701 if (hardlink != NULL)
702 archive_entry_set_size(entry_main, 0);
704 /* Format 'ustar' header for main entry.
706 * The trouble with file size: If the reader can't understand
707 * the file size, they may not be able to locate the next
708 * entry and the rest of the archive is toast. Pax-compliant
709 * readers are supposed to ignore the file size in the main
710 * header, so the question becomes how to maximize portability
711 * for readers that don't support pax attribute extensions.
712 * For maximum compatibility, I permit numeric extensions in
713 * the main header so that the file size stored will always be
714 * correct, even if it's in a format that only some
715 * implementations understand. The technique used here is:
717 * a) If possible, follow the standard exactly. This handles
718 * files up to 8 gigabytes minus 1.
720 * b) If that fails, try octal but omit the field terminator.
721 * That handles files up to 64 gigabytes minus 1.
723 * c) Otherwise, use base-256 extensions. That handles files
724 * up to 2^63 in this implementation, with the potential to
725 * go up to 2^94. That should hold us for a while. ;-)
727 * The non-strict formatter uses similar logic for other
728 * numeric fields, though they're less critical.
730 __archive_write_format_header_ustar(a, ustarbuff, entry_main, -1, 0);
732 /* If we built any extended attributes, write that entry first. */
734 if (archive_strlen(&(pax->pax_header)) > 0) {
735 struct archive_entry *pax_attr_entry;
742 pax_attr_entry = archive_entry_new();
743 p = archive_entry_pathname(entry_main);
744 archive_entry_set_pathname(pax_attr_entry,
745 build_pax_attribute_name(pax_entry_name, p));
746 archive_entry_set_size(pax_attr_entry,
747 archive_strlen(&(pax->pax_header)));
748 /* Copy uid/gid (but clip to ustar limits). */
749 uid = archive_entry_uid(entry_main);
752 archive_entry_set_uid(pax_attr_entry, uid);
753 gid = archive_entry_gid(entry_main);
756 archive_entry_set_gid(pax_attr_entry, gid);
757 /* Copy mode over (but not setuid/setgid bits) */
758 mode = archive_entry_mode(entry_main);
768 archive_entry_set_mode(pax_attr_entry, mode);
770 /* Copy uname/gname. */
771 archive_entry_set_uname(pax_attr_entry,
772 archive_entry_uname(entry_main));
773 archive_entry_set_gname(pax_attr_entry,
774 archive_entry_gname(entry_main));
776 /* Copy mtime, but clip to ustar limits. */
777 s = archive_entry_mtime(entry_main);
778 ns = archive_entry_mtime_nsec(entry_main);
779 if (s < 0) { s = 0; ns = 0; }
780 if (s > 0x7fffffff) { s = 0x7fffffff; ns = 0; }
781 archive_entry_set_mtime(pax_attr_entry, s, ns);
783 /* Ditto for atime. */
784 s = archive_entry_atime(entry_main);
785 ns = archive_entry_atime_nsec(entry_main);
786 if (s < 0) { s = 0; ns = 0; }
787 if (s > 0x7fffffff) { s = 0x7fffffff; ns = 0; }
788 archive_entry_set_atime(pax_attr_entry, s, ns);
790 /* Standard ustar doesn't support ctime. */
791 archive_entry_set_ctime(pax_attr_entry, 0, 0);
793 ret = __archive_write_format_header_ustar(a, paxbuff,
794 pax_attr_entry, 'x', 1);
796 archive_entry_free(pax_attr_entry);
798 /* Note that the 'x' header shouldn't ever fail to format */
800 const char *msg = "archive_write_pax_header: "
801 "'x' header failed?! This can't happen.\n";
802 write(2, msg, strlen(msg));
805 r = (a->compressor.write)(a, paxbuff, 512);
806 if (r != ARCHIVE_OK) {
807 pax->entry_bytes_remaining = 0;
808 pax->entry_padding = 0;
809 return (ARCHIVE_FATAL);
812 pax->entry_bytes_remaining = archive_strlen(&(pax->pax_header));
813 pax->entry_padding = 0x1ff & (-(int64_t)pax->entry_bytes_remaining);
815 r = (a->compressor.write)(a, pax->pax_header.s,
816 archive_strlen(&(pax->pax_header)));
817 if (r != ARCHIVE_OK) {
818 /* If a write fails, we're pretty much toast. */
819 return (ARCHIVE_FATAL);
821 /* Pad out the end of the entry. */
822 r = write_nulls(a, pax->entry_padding);
823 if (r != ARCHIVE_OK) {
824 /* If a write fails, we're pretty much toast. */
825 return (ARCHIVE_FATAL);
827 pax->entry_bytes_remaining = pax->entry_padding = 0;
830 /* Write the header for main entry. */
831 r = (a->compressor.write)(a, ustarbuff, 512);
836 * Inform the client of the on-disk size we're using, so
837 * they can avoid unnecessarily writing a body for something
838 * that we're just going to ignore.
840 archive_entry_set_size(entry_original, archive_entry_size(entry_main));
841 pax->entry_bytes_remaining = archive_entry_size(entry_main);
842 pax->entry_padding = 0x1ff & (-(int64_t)pax->entry_bytes_remaining);
843 archive_entry_free(entry_main);
849 * We need a valid name for the regular 'ustar' entry. This routine
850 * tries to hack something more-or-less reasonable.
852 * The approach here tries to preserve leading dir names. We do so by
853 * working with four sections:
854 * 1) "prefix" directory names,
855 * 2) "suffix" directory names,
856 * 3) inserted dir name (optional),
859 * These sections must satisfy the following requirements:
860 * * Parts 1 & 2 together form an initial portion of the dir name.
861 * * Part 3 is specified by the caller. (It should not contain a leading
863 * * Part 4 forms an initial portion of the base filename.
864 * * The filename must be <= 99 chars to fit the ustar 'name' field.
865 * * Parts 2, 3, 4 together must be <= 99 chars to fit the ustar 'name' fld.
866 * * Part 1 must be <= 155 chars to fit the ustar 'prefix' field.
867 * * If the original name ends in a '/', the new name must also end in a '/'
868 * * Trailing '/.' sequences may be stripped.
870 * Note: Recall that the ustar format does not store the '/' separating
871 * parts 1 & 2, but does store the '/' separating parts 2 & 3.
874 build_ustar_entry_name(char *dest, const char *src, size_t src_length,
877 const char *prefix, *prefix_end;
878 const char *suffix, *suffix_end;
879 const char *filename, *filename_end;
881 int need_slash = 0; /* Was there a trailing slash? */
882 size_t suffix_length = 99;
885 /* Length of additional dir element to be added. */
889 /* +2 here allows for '/' before and after the insert. */
890 insert_length = strlen(insert) + 2;
892 /* Step 0: Quick bailout in a common case. */
893 if (src_length < 100 && insert == NULL) {
894 strncpy(dest, src, src_length);
895 dest[src_length] = '\0';
899 /* Step 1: Locate filename and enforce the length restriction. */
900 filename_end = src + src_length;
901 /* Remove trailing '/' chars and '/.' pairs. */
903 if (filename_end > src && filename_end[-1] == '/') {
905 need_slash = 1; /* Remember to restore trailing '/'. */
908 if (filename_end > src + 1 && filename_end[-1] == '.'
909 && filename_end[-2] == '/') {
911 need_slash = 1; /* "foo/." will become "foo/" */
918 /* Find start of filename. */
919 filename = filename_end - 1;
920 while ((filename > src) && (*filename != '/'))
922 if ((*filename == '/') && (filename < filename_end - 1))
924 /* Adjust filename_end so that filename + insert fits in 99 chars. */
925 suffix_length -= insert_length;
926 if (filename_end > filename + suffix_length)
927 filename_end = filename + suffix_length;
928 /* Calculate max size for "suffix" section (#3 above). */
929 suffix_length -= filename_end - filename;
931 /* Step 2: Locate the "prefix" section of the dirname, including
934 prefix_end = prefix + 155;
935 if (prefix_end > filename)
936 prefix_end = filename;
937 while (prefix_end > prefix && *prefix_end != '/')
939 if ((prefix_end < filename) && (*prefix_end == '/'))
942 /* Step 3: Locate the "suffix" section of the dirname,
943 * including trailing '/'. */
945 suffix_end = suffix + suffix_length; /* Enforce limit. */
946 if (suffix_end > filename)
947 suffix_end = filename;
948 if (suffix_end < suffix)
950 while (suffix_end > suffix && *suffix_end != '/')
952 if ((suffix_end < filename) && (*suffix_end == '/'))
955 /* Step 4: Build the new name. */
956 /* The OpenBSD strlcpy function is safer, but less portable. */
957 /* Rather than maintain two versions, just use the strncpy version. */
959 if (prefix_end > prefix) {
960 strncpy(p, prefix, prefix_end - prefix);
961 p += prefix_end - prefix;
963 if (suffix_end > suffix) {
964 strncpy(p, suffix, suffix_end - suffix);
965 p += suffix_end - suffix;
967 if (insert != NULL) {
968 /* Note: assume insert does not have leading or trailing '/' */
973 strncpy(p, filename, filename_end - filename);
974 p += filename_end - filename;
983 * The ustar header for the pax extended attributes must have a
984 * reasonable name: SUSv3 suggests 'dirname'/PaxHeader/'filename'
986 * Joerg Schiling has argued that this is unnecessary because, in practice,
987 * if the pax extended attributes get extracted as regular files, noone is
988 * going to bother reading those attributes to manually restore them.
989 * Based on this, 'star' uses /tmp/PaxHeader/'basename' as the ustar header
990 * name. This is a tempting argument, but I'm not entirely convinced.
991 * I'm also uncomfortable with the fact that "/tmp" is a Unix-ism.
993 * The following routine implements the SUSv3 recommendation, and is
994 * much simpler because build_ustar_entry_name() above already does
995 * most of the work (we just need to give it an extra path element to
996 * insert and handle a few pathological cases).
999 build_pax_attribute_name(char *dest, const char *src)
1003 /* Handle the null filename case. */
1004 if (src == NULL || *src == '\0') {
1005 strcpy(dest, "PaxHeader/blank");
1009 /* Prune final '/' and other unwanted final elements. */
1010 p = src + strlen(src);
1012 /* Ends in "/", remove the '/' */
1013 if (p > src && p[-1] == '/') {
1017 /* Ends in "/.", remove the '.' */
1018 if (p > src + 1 && p[-1] == '.'
1026 /* Pathological case: After above, there was nothing left.
1027 * This includes "/." "/./." "/.//./." etc. */
1029 strcpy(dest, "/PaxHeader/rootdir");
1033 /* Convert unadorned "." into a suitable filename. */
1034 if (*src == '.' && p == src + 1) {
1035 strcpy(dest, "PaxHeader/currentdir");
1039 /* General case: build a ustar-compatible name adding "/PaxHeader/". */
1040 build_ustar_entry_name(dest, src, p - src, "PaxHeader");
1045 /* Write two null blocks for the end of archive */
1047 archive_write_pax_finish(struct archive_write *a)
1052 if (a->compressor.write == NULL)
1053 return (ARCHIVE_OK);
1055 pax = (struct pax *)a->format_data;
1056 r = write_nulls(a, 512 * 2);
1061 archive_write_pax_destroy(struct archive_write *a)
1065 pax = (struct pax *)a->format_data;
1066 archive_string_free(&pax->pax_header);
1068 a->format_data = NULL;
1069 return (ARCHIVE_OK);
1073 archive_write_pax_finish_entry(struct archive_write *a)
1078 pax = (struct pax *)a->format_data;
1079 ret = write_nulls(a, pax->entry_bytes_remaining + pax->entry_padding);
1080 pax->entry_bytes_remaining = pax->entry_padding = 0;
1085 write_nulls(struct archive_write *a, size_t padding)
1089 while (padding > 0) {
1090 to_write = padding < a->null_length ? padding : a->null_length;
1091 ret = (a->compressor.write)(a, a->nulls, to_write);
1092 if (ret != ARCHIVE_OK)
1094 padding -= to_write;
1096 return (ARCHIVE_OK);
1100 archive_write_pax_data(struct archive_write *a, const void *buff, size_t s)
1105 pax = (struct pax *)a->format_data;
1106 if (s > pax->entry_bytes_remaining)
1107 s = pax->entry_bytes_remaining;
1109 ret = (a->compressor.write)(a, buff, s);
1110 pax->entry_bytes_remaining -= s;
1111 if (ret == ARCHIVE_OK)
1118 has_non_ASCII(const wchar_t *wp)
1120 while (*wp != L'\0' && *wp < 128)
1122 return (*wp != L'\0');
1126 * Used by extended attribute support; encodes the name
1127 * so that there will be no '=' characters in the result.
1130 url_encode(const char *in)
1137 for (s = in; *s != '\0'; s++) {
1138 if (*s < 33 || *s > 126 || *s == '%' || *s == '=')
1144 out = (char *)malloc(out_len + 1);
1148 for (s = in, d = out; *s != '\0'; s++) {
1149 /* encode any non-printable ASCII character or '%' or '=' */
1150 if (*s < 33 || *s > 126 || *s == '%' || *s == '=') {
1151 /* URL encoding is '%' followed by two hex digits */
1153 *d++ = "0123456789ABCDEF"[0x0f & (*s >> 4)];
1154 *d++ = "0123456789ABCDEF"[0x0f & *s];
1164 * Encode a sequence of bytes into a C string using base-64 encoding.
1166 * Returns a null-terminated C string allocated with malloc(); caller
1167 * is responsible for freeing the result.
1170 base64_encode(const char *s, size_t len)
1172 static const char digits[64] =
1173 { 'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O',
1174 'P','Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d',
1175 'e','f','g','h','i','j','k','l','m','n','o','p','q','r','s',
1176 't','u','v','w','x','y','z','0','1','2','3','4','5','6','7',
1181 /* 3 bytes becomes 4 chars, but round up and allow for trailing NUL */
1182 out = (char *)malloc((len * 4 + 2) / 3 + 1);
1187 /* Convert each group of 3 bytes into 4 characters. */
1189 v = (((int)s[0] << 16) & 0xff0000)
1190 | (((int)s[1] << 8) & 0xff00)
1191 | (((int)s[2]) & 0x00ff);
1194 *d++ = digits[(v >> 18) & 0x3f];
1195 *d++ = digits[(v >> 12) & 0x3f];
1196 *d++ = digits[(v >> 6) & 0x3f];
1197 *d++ = digits[(v) & 0x3f];
1199 /* Handle final group of 1 byte (2 chars) or 2 bytes (3 chars). */
1203 v = (((int)s[0] << 16) & 0xff0000);
1204 *d++ = digits[(v >> 18) & 0x3f];
1205 *d++ = digits[(v >> 12) & 0x3f];
1208 v = (((int)s[0] << 16) & 0xff0000)
1209 | (((int)s[1] << 8) & 0xff00);
1210 *d++ = digits[(v >> 18) & 0x3f];
1211 *d++ = digits[(v >> 12) & 0x3f];
1212 *d++ = digits[(v >> 6) & 0x3f];
1215 /* Add trailing NUL character so output is a valid C string. */