Accepting request 1030355 from home:david.anes:branches:home:stroeder:sys

- New version fixes bug (boo#1203727): implicit containing directory 
  sometimes rejected as unrequested
- update to 3.2.7
  * BUG FIXES:
    - Fixed the client-side validating of the remote sender's filtering behavior.
    - More fixes for the "unrequested file-list name" name, including a copy of
      "/" with `--relative` enabled and a copy with a lot of related paths with
      `--relative` enabled (often derived from a `--files-from` list).
    - When rsync gets an unpack error on an ACL, mention the filename.
    - Avoid over-setting sanitize_paths when a daemon is serving "/" (even if
      "use chroot" is false).
  * ENHANCEMENTS:
    - Added negotiated daemon-auth support that allows a stronger checksum digest
      to be used to validate a user's login to the daemon.  Added SHA512, SHA256,
      and SHA1 digests to MD5 & MD4.  These new digests are at the highest priority
      in the new daemon-auth negotiation list.
    - Added support for the SHA1 digest in file checksums.  While this tends to be
      overkill, it is available if someone really needs it.  This overly-long
      checksum is at the lowest priority in the normal checksum negotiation list.
      See [`--checksum-choice`](rsync.1#opt) (`--cc`) and the `RSYNC_CHECKSUM_LIST`
      environment var for how to customize this.
    - Improved the xattr hash table to use a 64-bit key without slowing down the
      key's computation.  This should make extra sure that a hash collision doesn't
      happen.
    - If the `--version` option is repeated (e.g. `-VV`) then the information is
      output in a (still readable) JSON format.  Client side only.
    - The script `support/json-rsync-version` is available to get the JSON style
      version output from any rsync.  The script accepts either text on stdin
      **or** an arg that specifies an rsync executable to run with a doubled
      `--version` option.  If the text we get isn't already in JSON format, it is

OBS-URL: https://build.opensuse.org/request/show/1030355
OBS-URL: https://build.opensuse.org/package/show/network/rsync?expand=0&rev=100

rsync-3.2.6.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fb3365bab27837d41feaf42e967c57bd3a47bc8f10765a3671efd6a3835454d3
-size 1138593

rsync-3.2.6.tar.gz.asc

@@ -1,6 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iF0EABECAB0WIQQASMiwJtTJbw5YnC9shZ+xS5aoxQUCYxuTBgAKCRBshZ+xS5ao
-xSUKAJ93lV+9DRfr1pFientsDrx0n7rmKACglNSPRICguhVZzHyFBauHRvU8jY8=
-=/1ey
------END PGP SIGNATURE-----

rsync-3.2.7.tar.gz.asc

@@ -0,0 +1,6 @@
+-----BEGIN PGP SIGNATURE-----
+
+iF0EABECAB0WIQQASMiwJtTJbw5YnC9shZ+xS5aoxQUCY1HvAwAKCRBshZ+xS5ao
+xZFiAKC3MJgYOMf5VfpfAbld/+ydZRznMQCgkF/yaDJvKMNOslSRNuMZ/eXZ84g=
+=Q+uI
+-----END PGP SIGNATURE-----

rsync-patches-3.2.6.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c3d13132b560f456fd8fc9fdf9f59377e91adf0dfc8117e33800d14b483d1a85
-size 148382

rsync-patches-3.2.6.tar.gz.asc

@@ -1,6 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iF0EABECAB0WIQQASMiwJtTJbw5YnC9shZ+xS5aoxQUCYxuTBgAKCRBshZ+xS5ao
-xT3GAJ9x92f73eR0i6ah6tZW3akcNfvdyQCg48BRbfKrraXkT/ipmb8sY+xowGo=
-=Ma/E
------END PGP SIGNATURE-----

rsync-patches-3.2.7.tar.gz.asc

@@ -0,0 +1,6 @@
+-----BEGIN PGP SIGNATURE-----
+
+iF0EABECAB0WIQQASMiwJtTJbw5YnC9shZ+xS5aoxQUCY1HvAwAKCRBshZ+xS5ao
+xR3uAJ46yBJwj44DSq5YGtnUJKhLHUJLjwCfbcdunUI6bpF6Yp4IGgPUSxHIsoI=
+=+RP4
+-----END PGP SIGNATURE-----

rsync.changes

@@ -1,3 +1,84 @@
+-------------------------------------------------------------------
+Fri Oct 21 07:52:48 UTC 2022 - Michael Ströder <michael@stroeder.com>
+
+- New version fixes bug (boo#1203727): implicit containing directory 
+  sometimes rejected as unrequested
+
+- update to 3.2.7
+  * BUG FIXES:
+    - Fixed the client-side validating of the remote sender's filtering behavior.
+    - More fixes for the "unrequested file-list name" name, including a copy of
+      "/" with `--relative` enabled and a copy with a lot of related paths with
+      `--relative` enabled (often derived from a `--files-from` list).
+    - When rsync gets an unpack error on an ACL, mention the filename.
+    - Avoid over-setting sanitize_paths when a daemon is serving "/" (even if
+      "use chroot" is false).
+  * ENHANCEMENTS:
+    - Added negotiated daemon-auth support that allows a stronger checksum digest
+      to be used to validate a user's login to the daemon.  Added SHA512, SHA256,
+      and SHA1 digests to MD5 & MD4.  These new digests are at the highest priority
+      in the new daemon-auth negotiation list.
+    - Added support for the SHA1 digest in file checksums.  While this tends to be
+      overkill, it is available if someone really needs it.  This overly-long
+      checksum is at the lowest priority in the normal checksum negotiation list.
+      See [`--checksum-choice`](rsync.1#opt) (`--cc`) and the `RSYNC_CHECKSUM_LIST`
+      environment var for how to customize this.
+    - Improved the xattr hash table to use a 64-bit key without slowing down the
+      key's computation.  This should make extra sure that a hash collision doesn't
+      happen.
+    - If the `--version` option is repeated (e.g. `-VV`) then the information is
+      output in a (still readable) JSON format.  Client side only.
+    - The script `support/json-rsync-version` is available to get the JSON style
+      version output from any rsync.  The script accepts either text on stdin
+      **or** an arg that specifies an rsync executable to run with a doubled
+      `--version` option.  If the text we get isn't already in JSON format, it is
+      converted. Newer rsync versions will provide more complete json info than
+      older rsync versions. Various tweaks are made to keep the flag names
+      consistent across versions.
+    - The [`use chroot`](rsyncd.conf.5#) daemon parameter now defaults to "unset"
+      so that rsync can use chroot when it works and a sanitized copy when chroot
+      is not supported (e.g., for a non-root daemon).  Explicitly setting the
+      parameter to true or false (on or off) behaves the same way as before.
+    - The `--fuzzy` option was optimized a bit to try to cut down on the amount of
+      computations when considering a big pool of files. The simple heuristic from
+      Kenneth Finnegan resuled in about a 2x speedup.
+    - If rsync is forced to use protocol 29 or before (perhaps due to talking to an
+      rsync before 3.0.0), the modify time of a file is limited to 4-bytes.  Rsync
+      now interprets this value as an unsigned integer so that a current year past
+      2038 can continue to be represented. This does mean that years prior to 1970
+      cannot be represented in an older protocol, but this trade-off seems like the
+      right choice given that (1) 2038 is very rapidly approaching, and (2) newer
+      protocols support a much wider range of old and new dates.
+    - The rsync client now treats an empty destination arg as an error, just like
+      it does for an empty source arg. This doesn't affect a `host:` arg (which is
+      treated the same as `host:.`) since the arg is not completely empty.  The use
+      of [`--old-args`](rsync.1#opt) (including via `RSYNC_OLD_ARGS`) allows the
+      prior behavior of treating an empty destination arg as a ".".
+  * PACKAGING RELATED:
+    - The checksum code now uses openssl's EVP methods, which gets rid of various
+      deprecation warnings and makes it easy to support more digest methods.  On
+      newer systems, the MD4 digest is marked as legacy in the openssl code, which
+      makes openssl refuse to support it via EVP.  You can choose to ignore this
+      and allow rsync's MD4 code to be used for older rsync connections (when
+      talking to an rsync prior to 3.0.0) or you can choose to configure rsync to
+      tell openssl to enable legacy algorithms (see below).
+    - A simple openssl config file is supplied that can be installed for rsync to
+      use.  If you install packaging/openssl-rsync.cnf to a public spot (such as
+      `/etc/ssl/openssl-rsync.cnf`) and then run configure with the option
+      `--with-openssl-conf=/path/name.cnf`, this will cause rsync to export the
+      configured path in the OPENSSL_CONF environment variable (when the variable
+      is not already set).  This will enable openssl's MD4 code for rsync to use.
+    - The packager may wish to include an explicit "use chroot = true" in the top
+      section of their supplied /etc/rsyncd.conf file if the daemon is being
+      installed to run as the root user (though rsync should behave the same even
+      with the value unset, a little extra paranoia doesn't hurt).
+    - I've noticed that some packagers haven't installed support/nameconvert for
+      users to use in their chrooted rsync configs.  Even if it is not installed
+      as an executable script (to avoid a python3 dependency) it would be good to
+      install it with the other rsync-related support scripts.
+    - It would be good to add support/json-rsync-version to the list of installed
+      support scripts.
+
 -------------------------------------------------------------------
 Wed Sep 14 09:23:51 UTC 2022 - David Anes <david.anes@suse.com>
 

rsync.spec

@@ -29,7 +29,7 @@
 %endif
 
 Name:           rsync
-Version:        3.2.6
+Version:        3.2.7
 Release:        0
 Summary:        Versatile tool for fast incremental file transfer
 License:        GPL-3.0-or-later