util1: handle out-of-range times in timestring

fixes a one byte stack overflow when using RSYNC_PROXY with a
malicious proxy.

Reach: only when RSYNC_PROXY is set and a malicious or MITM'd
proxy returns the pathological response.  The byte written is
always '\0' and the attacker doesn't choose the offset, so impact
is corruption of one adjacent stack byte and possible later
misbehaviour or crash -- no information disclosure beyond the
existing rprintf of buffer contents.

Reported by Aisle Research via Michal Ruprich

.github/workflows/almalinux-8-build.yml

@@ -13,7 +13,6 @@ on:
       - '.github/workflows/*.yml'
       - '!.github/workflows/almalinux-8-build.yml'
   pull_request:
-    branches: [ master ]
     paths-ignore:
       - '.github/workflows/*.yml'
       - '!.github/workflows/almalinux-8-build.yml'

.github/workflows/cygwin-build.yml

@@ -7,7 +7,6 @@ on:
       - '.github/workflows/*.yml'
       - '!.github/workflows/cygwin-build.yml'
   pull_request:
-    branches: [ master ]
     paths-ignore:
       - '.github/workflows/*.yml'
       - '!.github/workflows/cygwin-build.yml'
@@ -39,7 +38,7 @@ jobs:
     - name: info
       run: bash -c '/usr/local/bin/rsync --version'
     - name: check
-      run: bash -c 'RSYNC_EXPECT_SKIPPED=acls-default,acls,bare-do-open-symlink-race,chdir-symlink-race,chmod-symlink-race,chown,daemon-chroot-acl,devices,dir-sgid,open-noatime,protected-regular,sender-flist-symlink-leak,simd-checksum,symlink-dirlink-basis make check'
+      run: bash -c 'RSYNC_EXPECT_SKIPPED=acls-default,acls,bare-do-open-symlink-race,chdir-symlink-race,chmod-symlink-race,chown,daemon-chroot-acl,devices,dir-sgid,protected-regular,sender-flist-symlink-leak,simd-checksum,symlink-dirlink-basis make check'
     - name: ssl file list
       run: bash -c 'PATH="/usr/local/bin:$PATH" rsync-ssl --no-motd download.samba.org::rsyncftp/ || true'
     - name: save artifact

.github/workflows/freebsd-build.yml

@@ -7,7 +7,6 @@ on:
       - '.github/workflows/*.yml'
       - '!.github/workflows/freebsd-build.yml'
   pull_request:
-    branches: [ master ]
     paths-ignore:
       - '.github/workflows/*.yml'
       - '!.github/workflows/freebsd-build.yml'

.github/workflows/macos-build.yml

@@ -7,7 +7,6 @@ on:
       - '.github/workflows/*.yml'
       - '!.github/workflows/macos-build.yml'
   pull_request:
-    branches: [ master ]
     paths-ignore:
       - '.github/workflows/*.yml'
       - '!.github/workflows/macos-build.yml'
@@ -41,7 +40,7 @@ jobs:
     - name: info
       run: rsync --version
     - name: check
-      run: sudo RSYNC_EXPECT_SKIPPED=acls-default,chmod-temp-dir,chown-fake,daemon-chroot-acl,devices-fake,dir-sgid,open-noatime,protected-regular,simd-checksum,xattrs-hlink,xattrs make check
+      run: sudo RSYNC_EXPECT_SKIPPED=acls-default,chmod-temp-dir,chown-fake,daemon-chroot-acl,devices-fake,dir-sgid,protected-regular,simd-checksum,xattrs-hlink,xattrs make check
     - name: ssl file list
       run: rsync-ssl --no-motd download.samba.org::rsyncftp/ || true
     - name: save artifact

.github/workflows/solaris-build.yml

@@ -7,7 +7,6 @@ on:
       - '.github/workflows/*.yml'
       - '!.github/workflows/solaris-build.yml'
   pull_request:
-    branches: [ master ]
     paths-ignore:
       - '.github/workflows/*.yml'
       - '!.github/workflows/solaris-build.yml'

.github/workflows/ubuntu-22.04-build.yml

@@ -11,7 +11,6 @@ on:
       - '.github/workflows/*.yml'
       - '!.github/workflows/ubuntu-22.04-build.yml'
   pull_request:
-    branches: [ master ]
     paths-ignore:
       - '.github/workflows/*.yml'
       - '!.github/workflows/ubuntu-22.04-build.yml'

.github/workflows/ubuntu-build.yml

@@ -7,7 +7,6 @@ on:
       - '.github/workflows/*.yml'
       - '!.github/workflows/ubuntu-build.yml'
   pull_request:
-    branches: [ master ]
     paths-ignore:
       - '.github/workflows/*.yml'
       - '!.github/workflows/ubuntu-build.yml'

.gitignore

@@ -58,4 +58,3 @@ aclocal.m4
 /auto-build-save
 .deps
 /*.exe
-*.dSYM/

Makefile.in

@@ -49,7 +49,7 @@ OBJS2=options.o io.o compat.o hlink.o token.o uidlist.o socket.o hashtable.o \
 	usage.o fileio.o batch.o clientname.o chmod.o acls.o xattrs.o
 OBJS3=progress.o pipe.o @MD5_ASM@ @ROLL_SIMD@ @ROLL_ASM@
 DAEMON_OBJ = params.o loadparm.o clientserver.o access.o connection.o authenticate.o
-popt_OBJS= popt/popt.o  popt/poptconfig.o \
+popt_OBJS=popt/findme.o  popt/popt.o  popt/poptconfig.o \
 	popt/popthelp.o popt/poptparse.o popt/poptint.o
 OBJS=$(OBJS1) $(OBJS2) $(OBJS3) $(DAEMON_OBJ) $(LIBOBJ) @BUILD_ZLIB@ @BUILD_POPT@
 
@@ -321,15 +321,15 @@ test: check
 
 .PHONY: check
 check: all $(CHECK_PROGS) $(CHECK_SYMLINKS)
-	$(srcdir)/runtests.py --rsync-bin=`pwd`/rsync$(EXEEXT)
+	rsync_bin=`pwd`/rsync$(EXEEXT) $(srcdir)/runtests.sh
 
 .PHONY: check29
 check29: all $(CHECK_PROGS) $(CHECK_SYMLINKS)
-	$(srcdir)/runtests.py --rsync-bin=`pwd`/rsync$(EXEEXT) --protocol=29
+	rsync_bin=`pwd`/rsync$(EXEEXT) $(srcdir)/runtests.sh --protocol=29
 
 .PHONY: check30
 check30: all $(CHECK_PROGS) $(CHECK_SYMLINKS)
-	$(srcdir)/runtests.py --rsync-bin=`pwd`/rsync$(EXEEXT) --protocol=30
+	rsync_bin=`pwd`/rsync$(EXEEXT) $(srcdir)/runtests.sh --protocol=30
 
 wildtest.o: wildtest.c t_stub.o lib/wildmatch.c rsync.h config.h
 wildtest$(EXEEXT): wildtest.o lib/compat.o lib/snprintf.o @BUILD_POPT@
@@ -358,7 +358,7 @@ testsuite/xattrs-hlink.test:
 
 .PHONY: installcheck
 installcheck: $(CHECK_PROGS) $(CHECK_SYMLINKS)
-	$(srcdir)/runtests.py --rsync-bin="$(bindir)/rsync$(EXEEXT)" --srcdir="$(srcdir)" --tooldir=`pwd`
+	POSIXLY_CORRECT=1 TOOLDIR=`pwd` rsync_bin="$(bindir)/rsync$(EXEEXT)" srcdir="$(srcdir)" $(srcdir)/runtests.sh
 
 # TODO: Add 'dist' target; need to know which files will be included
 

NEWS.md

@@ -1,333 +1,3 @@
-# NEWS for rsync 3.4.3 (20 May 2026)
-
-## Changes in this version:
-
-### SECURITY FIXES:
-
-Six CVEs are fixed in this release.  All six are assigned by
-VulnCheck as CNA.  Affected versions are 3.4.2 and earlier in every
-case.  Three of the six (CVE-2026-29518, CVE-2026-43617,
-CVE-2026-43619) require non-default daemon configuration to reach:
-the first and third need `use chroot = no` for a module, the second
-needs `daemon chroot = ...` set in rsyncd.conf.  Two (CVE-2026-43618,
-CVE-2026-43620) are reachable from a normal pull or a normal
-authenticated daemon connection.  The sixth (CVE-2026-45232) is
-reachable only when `RSYNC_PROXY` is set and the proxy (or a MITM)
-returns a pathological response.  Many thanks to the external
-researchers who reported these issues.
-
-- CVE-2026-29518 (CVSS v4.0 7.3, HIGH): TOCTOU symlink race condition
-  allowing local privilege escalation in daemon mode without chroot.
-  An rsync daemon configured with "use chroot = no" was exposed to a
-  time-of-check / time-of-use race on parent path components: a local
-  attacker with write access to a module could replace a parent
-  directory component with a symlink between the receiver's check and
-  its open(), redirecting reads (basis-file disclosure) and writes
-  (file overwrite) outside the module.  Default "use chroot = yes" is
-  not exposed.  `secure_relative_open()` (added in 3.4.0 for
-  CVE-2024-12086) was previously unused in the daemon-no-chroot
-  case; the fix enables it there and reroutes the sender's
-  read-path opens through it.  Reported by Nullx3D (Batuhan Sancak),
-  Damien Neil and Michael Stapelberg.
-
-- CVE-2026-43617 (CVSS v3.1 4.8, MEDIUM): Hostname/ACL bypass on an
-  rsync daemon configured with `daemon chroot = /X` in rsyncd.conf
-  when the chroot tree lacks DNS resolution support.  The
-  reverse-DNS lookup of the connecting client was performed *after*
-  the daemon chroot had been entered; if /X did not contain the
-  libc resolver fixtures (`/etc/resolv.conf`, `/etc/nsswitch.conf`,
-  `/etc/hosts`, NSS service modules) the lookup failed and the
-  connecting hostname was set to "UNKNOWN", causing hostname-based
-  deny rules to silently fail open.  IP-based ACLs are unaffected.
-  The per-module `use chroot` setting is unrelated to this issue.
-  The fix performs the lookup before entering the daemon chroot.
-  Reported by MegaManSec.
-
-- CVE-2026-43618 (CVSS v3.1 8.1, HIGH): Integer overflow in the
-  compressed-token decoder enabling remote memory disclosure to an
-  authenticated daemon peer.  The receiver accumulated a 32-bit
-  signed counter without overflow checking; a malicious sender could
-  trigger an overflow that, with careful manipulation, leaked process
-  memory contents to the attacker -- environment variables,
-  passwords, heap and library pointers -- significantly weakening
-  ASLR.  The fix bounds the counter and adds wire-input validation in
-  several adjacent places (defence-in-depth).  Workaround for older
-  releases: `refuse options = compress` in rsyncd.conf.  Reported by
-  Omar Elsayed.
-
-- CVE-2026-43619 (CVSS v3.1 6.3, MEDIUM): Symlink races on path-based
-  system calls in "use chroot = no" daemon mode (generalisation of
-  CVE-2026-29518).  Earlier fixes for symlink races on the receiver's
-  open() call missed the same race class on every other path-based
-  system call: chmod, lchown, utimes, rename, unlink, mkdir, symlink,
-  mknod, link, rmdir and lstat.  The fix routes each affected
-  path-based syscall through a parent dirfd opened under
-  RESOLVE_BENEATH-equivalent kernel-enforced confinement (openat2 on
-  Linux 5.6+, O_RESOLVE_BENEATH on FreeBSD 13+ and macOS 15+,
-  per-component O_NOFOLLOW walk elsewhere).  Default "use chroot =
-  yes" is not exposed.  Reported by Andrew Tridgell as a follow-on
-  audit of CVE-2026-29518.
-
-- CVE-2026-43620 (CVSS v3.1 6.5, MEDIUM): Out-of-bounds read in the
-  receiver's recv_files() enabling remote denial-of-service of any
-  client pulling from a malicious server (incomplete fix of commit
-  797e17f).  The earlier parent_ndx<0 guard added to send_files() was
-  not applied to the visually-identical block in recv_files().  A
-  malicious rsync server can drive any connecting client into a
-  deterministic SIGSEGV by setting CF_INC_RECURSE in the
-  compatibility flags and sending a crafted file list and transfer
-  record.  inc_recurse is the protocol-30+ default, so no special
-  options are required on the victim.  Workaround for older
-  releases: `--no-inc-recursive` on the client.  Reported by Pratham
-  Gupta.
-
-- CVE-2026-45232 (CVSS v3.1 3.1, LOW): Off-by-one out-of-bounds stack
-  write in the rsync client's HTTP CONNECT proxy handler
-  (`establish_proxy_connection()` in `socket.c`).  After issuing the
-  CONNECT request, rsync read the proxy's first response line one
-  byte at a time into a 1024-byte stack buffer with the bound
-  `cp < &buffer[sizeof buffer - 1]`.  If the proxy (or a MITM in
-  front of it) returned 1023+ bytes on that first line without a
-  newline terminator, `cp` exited the loop pointing at a buffer slot
-  the loop never wrote, leaving `*cp` holding stale stack data from
-  the earlier `snprintf()` of the outgoing CONNECT request.  The
-  post-loop logic then wrote a single `\0` one byte past the end of
-  the buffer on the stack.  Reach is client-side only, and only when
-  `RSYNC_PROXY` is set so rsync tunnels an `rsync://` connection
-  through an HTTP CONNECT proxy.  The written byte is always `\0`
-  and the offset is fixed by the buffer size, not attacker-chosen,
-  so this is not an arbitrary-write primitive: practical impact is
-  corruption of one adjacent stack byte and possible later
-  misbehaviour or crash.  The fix detects the "buffer filled without
-  finding `\n`" case explicitly by position and refuses the response
-  with "proxy response line too long".  Reported by Aisle Research
-  via Michal Ruprich (rsync-3.4.1-2.el10 QE).
-
-In addition to the six CVE fixes, this release adds defence-in-depth
-hardening on several adjacent paths: bounded wire-supplied counts and
-lengths in flist/io/acls/xattrs, a guard against length underflow in
-cumulative `snprintf()` callers, a parent block-index bounds check on
-the receiver, a NULL check in `read_delay_line()`, a lower ceiling on
-`MAX_WIRE_DEL_STAT` to avoid signed-int overflow in the
-`read_del_stats()` accumulator, rejection of hyphen-prefixed
-remote-shell hostnames (defence-in-depth against argv-injection in
-tooling that forwards untrusted input into the hostspec position;
-reported by Aisle Research via Michal Ruprich), and a NULL-check on
-`localtime_r()` in `timestring()` to keep a malicious server from
-crashing the client by advertising a file with an out-of-range
-modtime.
-
-### BUG FIXES:
-
-- Fixed a regression introduced by the 3.4.0 secure_relative_open()
-  CVE fix where legitimate directory symlinks on the receiver side
-  (e.g. when using `-K` / `--copy-dirlinks`) caused "failed
-  verification -- update discarded" errors on delta transfers. The
-  old code rejected every symlink in the path with a per-component
-  `O_NOFOLLOW` walk; the receiver now uses kernel-enforced "stay
-  below dirfd" path resolution where available. Fixes #715.
-
-### PORTABILITY / BUILD:
-
-- secure_relative_open() now uses `openat2(RESOLVE_BENEATH |
-  RESOLVE_NO_MAGICLINKS)` on Linux 5.6+, and `openat()` with
-  `O_RESOLVE_BENEATH` on FreeBSD 13+ and macOS 15+ (Sequoia) /
-  iOS 18+. The kernel rejects ".." escapes, absolute symlinks, and
-  symlinks whose target lies outside the starting directory, while
-  still following symlinks that resolve within it -- the same
-  trade-off that fixes the issue #715 regression without weakening
-  the original CVE protection. Other platforms (Solaris, OpenBSD,
-  NetBSD, Cygwin) retain the previous per-component `O_NOFOLLOW`
-  walk; on those platforms the issue #715 regression remains
-  visible.
-
-- testsuite/xattrs: ignore `SUNWattr_*` in the Solaris `xls`
-  helper.
-
-### DEVELOPER RELATED:
-
-- Added testsuite/symlink-dirlink-basis.test (taken from PR #864
-  by Samuel Henrique) covering the issue #715 regression and
-  several edge cases (`--backup`, `--inplace`, `--partial-dir`
-  with protocol < 29, top-level files). The test skips on
-  platforms without a RESOLVE_BENEATH equivalent.
-
-- Added regression tests for the new security fixes:
-  `chmod-symlink-race.test`, `chdir-symlink-race.test`,
-  `bare-do-open-symlink-race.test`, `alt-dest-symlink-race.test`,
-  `copy-dest-source-symlink.test`, `sender-flist-symlink-leak.test`,
-  `secure-relpath-validation.test`, `daemon-chroot-acl.test` and
-  `daemon-refuse-compress.test`. The symlink-race tests skip on
-  Cygwin, Solaris, OpenBSD and NetBSD (no RESOLVE_BENEATH
-  equivalent on those platforms).
-
-- runtests.py now errors early with a clear message when any of
-  the test helper programs (`tls`, `trimslash`, `t_unsafe`,
-  `t_chmod_secure`, `t_secure_relpath`, `wildtest`, `getgroups`,
-  `getfsdev`) are missing, instead of letting many tests fail with
-  confusing "not found" errors.
-
-- Added OpenBSD and NetBSD CI jobs that run `make check` on those
-  platforms.
-
-- Added Ubuntu 22.04 and AlmaLinux 8 CI workflows so future
-  backports to the two mainstream LTS families build and test on
-  the same CI surface as trunk.
-
-- testsuite/protected-regular.test now runs unprivileged via
-  `unshare` with user-namespace UID mapping, falling back to skip
-  if `unshare`/`uidmap` is not available; previously it required
-  real root.
-
-- Added `symlink-dirlink-basis` to the Cygwin CI's expected-skipped
-  list.
-
-- Removed the old release system (replaced by the new release
-  script in 3.4.2).
-
-------------------------------------------------------------------------------
-
-# NEWS for rsync 3.4.2 (28 Apr 2026)
-
-## Changes in this version:
-
-### SECURITY RELATED:
-
-Several security-relevant defects were reported and fixed since 3.4.1.
-None were assigned a CVE — rsync's fork-per-connection design scopes
-the impact of each of these to the attacker's own connection, which is
-equivalent to the client closing the socket itself — but they are
-fixed here as a matter of hygiene and to reduce the chances of a
-future exploitable combination.  Many thanks to the external
-researchers who reported these issues.
-
-- Fixed a signed integer overflow in the PROXY protocol v2 header
-  parser: a negative `len` field could bypass the size check and cause
-  a stack buffer overflow in `read_buf()`.  Reported by John Walker of
-  ZeroPath.
-
-- Fixed an invalid access to the files array.  Reported by Calum
-  Hutton of Rapid7.
-
-- Reject negative token values in the compressed-stream token
-  decoder; a negative value could cause callers to misinterpret a
-  missing data pointer as literal data.  Reported by Will Sergeant.
-
-- Fixed the element count passed to the xattr `qsort()` (see
-  https://www.openwall.com/lists/oss-security/2026/04/16/2).
-
-- Fixed a buffer underflow in `clean_fname()`, and added a regression
-  test.
-
-- Fixed an uninitialized `mul_one` in the AVX2 get_checksum1 path
-  (undefined behaviour), and added a SIMD-checksum self-test that
-  cross-checks SSE2, SSSE3 and AVX2 against the C reference on both
-  aligned and unaligned buffers.
-
-- Fixed an uninitialized `buf1` on the first call to
-  `get_checksum2()` in the MD4 path (fixes #673).
-
-- Zero all new memory from internal allocations: `my_alloc()` now uses
-  `calloc`, and `expand_item_list()` zeros the expanded portion after
-  `realloc`.  This gives more predictable behaviour if stale or
-  uninitialised memory is ever accidentally read.
-
-### BUG FIXES:
-
-- Call `tzset()` before chroot so that log timestamps continue to
-  reflect the configured local timezone after the daemon chroots
-  (glibc needs `/etc/localtime`, which is unreachable post-chroot).
-
-- Use the correct time when writing to the log file.
-
-- Do not clear `DISPLAY` unconditionally.
-
-- Fixed a Y2038 bug in `syscall.c` by replacing the `Int32x32To64`
-  macro (which truncates its arguments to 32 bits) with a plain
-  64-bit multiplication.
-
-- Fixed ACL ID mapping for non-root users (closes #618).
-
-- Fixed handling of objects with many xattrs on FreeBSD.
-
-- Fixed `--open-noatime` not taking effect when opening regular
-  files: `O_NOATIME` is now also passed to `do_open_nofollow()`, which
-  has been used for regular files since the CVE fix "fixed symlink
-  race condition in sender".
-
-- Ignore "directory has vanished" errors.
-
-- Fixed the removal of multiple leading slashes.
-
-- Added the missing `--dirs` long option.
-
-- Fixed a segfault if `poptGetContext()` returns NULL (e.g. under
-  OOM) by not passing NULL to `poptReadDefaultConfig()`.  Reported by
-  Ronnie Sahlberg; found with `malloc-fail-tester`.
-
-- Fixed a build error on ia64 NonStop (which treats missing
-  prototypes as an error, not a warning).
-
-- Fixed a flaky hardlinks test (fixes #735).
-
-### ENHANCEMENTS:
-
-- Added multi-threaded `zstd` compression, gated by a new
-  `--compress-threads=N` option, with validation and man-page
-  coverage.
-
-- Documented the `temp dir` parameter in the rsyncd.conf man page
-  (fixes #820).
-
-- Improved rendering of interior dashes in long-option names in
-  `md-convert` (perhaps fixes #686).
-
-### PORTABILITY / BUILD:
-
-- Fixed glibc 2.43 const-preserving overloads of `strtok()`,
-  `strchr()` etc. by declaring the affected locals with the right
-  constness.  Contributed by Holger Hoffstätte.
-
-- Converted the bundled zlib 1.2.8 from K&R-style function
-  definitions to ANSI prototypes, so it builds with clang 16+.
-
-- Avoid using `bool` as an identifier; it is a keyword in C23.
-
-- `configure.ac`: check for xattr functions in libc first and only
-  fall back to `-lattr`, avoiding spurious overlinking when `-lattr`
-  happens to be installed.  Contributed by Eli Schwartz.
-
-- Made the build reproducible by honouring `SOURCE_DATE_EPOCH` for
-  the manpage date.
-
-- Removed obsolete `popt/findme.c` and `popt/findme.h` that upstream
-  popt 1.14 folded into `popt.c` (fixes #710).  Contributed by Alan
-  Coopersmith.
-
-### INTERNAL:
-
-- Made many module-global variables `const` so they can live in
-  `.rodata` and enable additional compiler optimization.
-
-### DEVELOPER RELATED:
-
-- Replaced `runtests.sh` with `runtests.py`, a Python test runner
-  that supports `--valgrind` (with per-process log files so valgrind
-  output no longer interferes with output comparisons) and
-  `-j/--parallel` execution for roughly a 7× speed-up on typical
-  hardware.
-
-- Added a SIMD checksum self-test and a `clean-fname-underflow`
-  regression test.
-
-- Various CI fixes for macOS and Cygwin (including adding
-  `simd-checksum` to the expected-skipped lists on platforms without
-  SIMD), and tests now run on `ubuntu-latest`.
-
-- removed support for the unmaintained rsync-patches archive
-
-------------------------------------------------------------------------------
-
 # NEWS for rsync 3.4.1 (16 Jan 2025)
 
 Release 3.4.1 is a fix for regressions introduced in 3.4.0
@@ -349,7 +19,6 @@ Release 3.4.1 is a fix for regressions introduced in 3.4.0
  - fix to permissions handling in the developer release script
 
 ------------------------------------------------------------------------------
-
 # NEWS for rsync 3.4.0 (15 Jan 2025)
 
 Release 3.4.0 is a security release that fixes a number of important vulnerabilities.
@@ -404,7 +73,6 @@ to develop and test fixes.
 - added FreeBSD and Solaris CI builds
 
 ------------------------------------------------------------------------------
-
 # NEWS for rsync 3.3.0 (6 Apr 2024)
 
 ## Changes in this version:
@@ -5169,10 +4837,8 @@ to develop and test fixes.
 
 | RELEASE DATE | VER.   | DATE OF COMMIT\* | PROTOCOL    |
 |--------------|--------|------------------|-------------|
-| 20 May 2026  | 3.4.3  |                  | 32          |
-| 28 Apr 2026  | 3.4.2  |                  | 32          |
 | 16 Jan 2025  | 3.4.1  |                  | 32          |
-| 15 Jan 2025  | 3.4.0  | 15 Jan 2025      | 32          |
+| 15 Jan 2025  | 3.4.0  |                  | 32          |
 | 06 Apr 2024  | 3.3.0  |                  | 31          |
 | 20 Oct 2022  | 3.2.7  |                  | 31          |
 | 09 Sep 2022  | 3.2.6  |                  | 31          |

batch.c

@@ -75,7 +75,7 @@ static int *flag_ptr[] = {
 	NULL
 };
 
-static const char *const flag_name[] = {
+static char *flag_name[] = {
 	"--recurse (-r)",
 	"--owner (-o)",
 	"--group (-g)",

compat.c

@@ -52,7 +52,6 @@ extern int need_messages_from_generator;
 extern int delete_mode, delete_before, delete_during, delete_after;
 extern int do_compression;
 extern int do_compression_level;
-extern int do_compression_threads;
 extern int saw_stderr_opt;
 extern int msgs2stderr;
 extern char *shell_cmd;

daemon-parm.awk

@@ -6,7 +6,7 @@
 BEGIN {
     heading = "/* DO NOT EDIT THIS FILE!  It is auto-generated from a list of values in " ARGV[1] "! */\n\n"
     sect = psect = defines = accessors = prior_ptype = ""
-    parms = "\nstatic const struct parm_struct parm_table[] = {"
+    parms = "\nstatic struct parm_struct parm_table[] = {"
     comment_fmt = "\n/********** %s **********/\n"
     tdstruct = "typedef struct {"
 }

flist.c

@@ -3178,8 +3178,8 @@ static void output_flist(struct file_list *flist)
 		} else
 			*uidbuf = '\0';
 		if (gid_ndx) {
-			static const char parens[] = "(\0)\0\0\0";
-			const char *pp = parens + (file->flags & FLAG_SKIP_GROUP ? 0 : 3);
+			static char parens[] = "(\0)\0\0\0";
+			char *pp = parens + (file->flags & FLAG_SKIP_GROUP ? 0 : 3);
 			snprintf(gidbuf, sizeof gidbuf, " gid=%s%u%s",
 				 pp, F_GROUP(file), pp + 2);
 		} else

io.c

@@ -117,7 +117,7 @@ static int active_filecnt = 0;
 static OFF_T active_bytecnt = 0;
 static int first_message = 1;
 
-static const char int_byte_extra[64] = {
+static char int_byte_extra[64] = {
 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* (00 - 3F)/4 */
 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* (40 - 7F)/4 */
 	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, /* (80 - BF)/4 */

latest-year.h

@@ -1 +1 @@
-#define LATEST_YEAR "2026"
+#define LATEST_YEAR "2025"

lib/md5.c

@@ -197,7 +197,7 @@ void md5_update(md_context *ctx, const uchar *input, uint32 length)
 		memcpy(ctx->buffer + left, input, length);
 }
 
-static const uchar md5_padding[CSUM_CHUNK] = { 0x80 };
+static uchar md5_padding[CSUM_CHUNK] = { 0x80 };
 
 void md5_result(md_context *ctx, uchar digest[MD5_DIGEST_LEN])
 {

lib/sysxattrs.c

@@ -126,18 +126,9 @@ ssize_t sys_llistxattr(const char *path, char *list, size_t size)
 	unsigned char keylen;
 	ssize_t off, len = extattr_list_link(path, EXTATTR_NAMESPACE_USER, list, size);
 
-	if (len <= 0 || size == 0)
+	if (len <= 0 || (size_t)len > size)
 		return len;
 
-	if ((size_t)len >= size) {
-		/* FreeBSD extattr_list_xx() returns 'size' as 'len' in case there are                                                              
-                   more data available, truncating the output, we solve this by signalling                                                          
-                   ERANGE in case len == size so that the code in xattrs.c will retry with                                                          
-                   a bigger buffer */
-		errno = ERANGE;
-		return -1;
-	}
-
 	/* FreeBSD puts a single-byte length before each string, with no '\0'
 	 * terminator.  We need to change this into a series of null-terminted
 	 * strings.  Since the size is the same, we can simply transform the
@@ -145,7 +136,7 @@ ssize_t sys_llistxattr(const char *path, char *list, size_t size)
 	for (off = 0; off < len; off += keylen + 1) {
 		keylen = ((unsigned char*)list)[off];
 		if (off + keylen >= len) {
-			/* Should be impossible, but bugs happen! */
+			/* Should be impossible, but kernel bugs happen! */
 			errno = EINVAL;
 			return -1;
 		}

loadparm.c

@@ -65,7 +65,7 @@ typedef enum {
 
 struct enum_list {
 	int value;
-	const char *name;
+	char *name;
 };
 
 struct parm_struct {
@@ -73,7 +73,7 @@ struct parm_struct {
 	parm_type type;
 	parm_class class;
 	void *ptr;
-	const struct enum_list *enum_list;
+	struct enum_list *enum_list;
 	unsigned flags;
 };
 
@@ -95,7 +95,7 @@ static item_list section_list = EMPTY_ITEM_LIST;
 static int iSectionIndex = -1;
 static BOOL bInGlobalSection = True;
 
-static const struct enum_list enum_syslog_facility[] = {
+static struct enum_list enum_syslog_facility[] = {
 #ifdef LOG_AUTH
 	{ LOG_AUTH, "auth" },
 #endif

main.c

@@ -386,7 +386,7 @@ static void handle_stats(int f)
 
 static void output_itemized_counts(const char *prefix, int *counts)
 {
-	static char *const labels[] = { "reg", "dir", "link", "dev", "special" };
+	static char *labels[] = { "reg", "dir", "link", "dev", "special" };
 	char buf[1024], *pre = " (";
 	int j, len = 0;
 	int total = counts[0];
@@ -1756,9 +1756,7 @@ int main(int argc,char *argv[])
 	our_gid = MY_GID();
 	am_root = our_uid == ROOT_UID;
 
-	// DISPLAY should not be emptied unconditionally
-	if (!getenv("SSH_ASKPASS"))
-		unset_env_var("DISPLAY");
+	unset_env_var("DISPLAY");
 
 #if defined USE_OPENSSL && defined SET_OPENSSL_CONF
 #define TO_STR2(x) #x

md-convert

@@ -120,7 +120,6 @@ TZ_RE = re.compile(r'^#define\s+MAINTAINER_TZ_OFFSET\s+(-?\d+(\.\d+)?)', re.M)
 VAR_REF_RE = re.compile(r'\$\{(\w+)\}')
 VERSION_RE = re.compile(r' (\d[.\d]+)[, ]')
 BIN_CHARS_RE = re.compile(r'[\1-\7]+')
-LONG_OPT_DASH_RE = re.compile(r'(--\w[-\w]+)')
 SPACE_DOUBLE_DASH_RE = re.compile(r'\s--(\s)')
 NON_SPACE_SINGLE_DASH_RE = re.compile(r'(^|\W)-')
 WHITESPACE_RE = re.compile(r'\s')
@@ -248,9 +247,6 @@ def find_man_substitutions():
 
     env_subs['date'] = time.strftime('%d %b %Y', time.gmtime(mtime + tz_offset)).lstrip('0')
 
-    if 'SOURCE_DATE_EPOCH' in os.environ:
-        env_subs['date'] = time.strftime('%d %b %Y', time.gmtime(int(os.environ.get('SOURCE_DATE_EPOCH', time.time()))))
-
 
 def html_via_commonmark(txt):
     return commonmark.HtmlRenderer().render(commonmark.Parser().parse(txt))
@@ -544,7 +540,6 @@ class TransformHtml(HTMLParser):
         if st.in_pre:
             html = htmlify(txt)
         else:
-            txt = LONG_OPT_DASH_RE.sub(lambda x: x.group(1).replace('-', NBR_DASH[0]), txt)
             txt = SPACE_DOUBLE_DASH_RE.sub(NBR_SPACE[0] + r'--\1', txt).replace('--', NBR_DASH[0]*2)
             txt = NON_SPACE_SINGLE_DASH_RE.sub(r'\1' + NBR_DASH[0], txt)
             html = htmlify(txt)

options.c

@@ -86,7 +86,6 @@ int sparse_files = 0;
 int preallocate_files = 0;
 int do_compression = 0;
 int do_compression_level = CLVL_NOT_SPECIFIED;
-int do_compression_threads = 0; /*n = 0 use rsync thread, n >= 1 spawn n threads for compression */
 int am_root = 0; /* 0 = normal, 1 = root, 2 = --super, -1 = --fake-super */
 int am_server = 0;
 int am_sender = 0;
@@ -235,7 +234,7 @@ char *iconv_opt =
 
 struct chmod_mode_struct *chmod_modes = NULL;
 
-static const char *const debug_verbosity[] = {
+static const char *debug_verbosity[] = {
 	/*0*/ NULL,
 	/*1*/ NULL,
 	/*2*/ "BIND,CMD,CONNECT,DEL,DELTASUM,DUP,FILTER,FLIST,ICONV",
@@ -246,7 +245,7 @@ static const char *const debug_verbosity[] = {
 
 #define MAX_VERBOSITY ((int)(sizeof debug_verbosity / sizeof debug_verbosity[0]) - 1)
 
-static const char *const info_verbosity[1+MAX_VERBOSITY] = {
+static const char *info_verbosity[1+MAX_VERBOSITY] = {
 	/*0*/ "NONREG",
 	/*1*/ "COPY,DEL,FLIST,MISC,NAME,STATS,SYMSAFE",
 	/*2*/ "BACKUP,MISC2,MOUNT,NAME2,REMOVE,SKIP",
@@ -484,7 +483,7 @@ static void parse_output_words(struct output_struct *words, short *levels, const
 static void output_item_help(struct output_struct *words)
 {
 	short *levels = words == info_words ? info_levels : debug_levels;
-	const char *const*verbosity = words == info_words ? info_verbosity : debug_verbosity;
+	const char **verbosity = words == info_words ? info_verbosity : debug_verbosity;
 	char buf[128], *opt, *fmt = "%-10s %s\n";
 	int j;
 
@@ -766,8 +765,6 @@ static struct poptOption long_options[] = {
   {"skip-compress",    0,  POPT_ARG_STRING, &skip_compress, 0, 0, 0 },
   {"compress-level",   0,  POPT_ARG_INT,    &do_compression_level, 0, 0, 0 },
   {"zl",               0,  POPT_ARG_INT,    &do_compression_level, 0, 0, 0 },
-  {"compress-threads", 0,  POPT_ARG_INT,    &do_compression_threads, 0, 0, 0 },
-  {"zt",               0,  POPT_ARG_INT,    &do_compression_threads, 0, 0, 0 },
   {0,                 'P', POPT_ARG_NONE,   0, 'P', 0, 0 },
   {"progress",         0,  POPT_ARG_VAL,    &do_progress, 1, 0, 0 },
   {"no-progress",      0,  POPT_ARG_VAL,    &do_progress, 0, 0, 0 },
@@ -856,7 +853,7 @@ static struct poptOption long_options[] = {
   {0,0,0,0, 0, 0, 0}
 };
 
-static const struct poptOption long_daemon_options[] = {
+static struct poptOption long_daemon_options[] = {
   /* longName, shortName, argInfo, argPtr, value, descrip, argDesc */
   {"address",          0,  POPT_ARG_STRING, &bind_address, 0, 0, 0 },
   {"bwlimit",          0,  POPT_ARG_INT,    &daemon_bwlimit, 0, 0, 0 },
@@ -2022,8 +2019,6 @@ int parse_arguments(int *argc_p, const char ***argv_p)
 			create_refuse_error(refused_compress);
 			goto cleanup;
 		}
-		if (do_compression_threads < 0)
-			do_compression_threads = 0;
 	}
 
 #ifdef HAVE_SETVBUF

packaging/branch-from-patch

@@ -0,0 +1,174 @@
+#!/usr/bin/env -S python3 -B
+
+# This script turns one or more diff files in the patches dir (which is
+# expected to be a checkout of the rsync-patches git repo) into a branch
+# in the main rsync git checkout. This allows the applied patch to be
+# merged with the latest rsync changes and tested.  To update the diff
+# with the resulting changes, see the patch-update script.
+
+import os, sys, re, argparse, glob
+
+sys.path = ['packaging'] + sys.path
+
+from pkglib import *
+
+def main():
+    global created, info, local_branch
+
+    cur_branch, args.base_branch = check_git_state(args.base_branch, not args.skip_check, args.patches_dir)
+
+    local_branch = get_patch_branches(args.base_branch)
+
+    if args.delete_local_branches:
+        for name in sorted(local_branch):
+            branch = f"patch/{args.base_branch}/{name}"
+            cmd_chk(['git', 'branch', '-D', branch])
+        local_branch = set()
+
+    if args.add_missing:
+        for fn in sorted(glob.glob(f"{args.patches_dir}/*.diff")):
+            name = re.sub(r'\.diff$', '', re.sub(r'.+/', '', fn))
+            if name not in local_branch and fn not in args.patch_files:
+                args.patch_files.append(fn)
+
+    if not args.patch_files:
+        return
+
+    for fn in args.patch_files:
+        if not fn.endswith('.diff'):
+            die(f"Filename is not a .diff file: {fn}")
+        if not os.path.isfile(fn):
+            die(f"File not found: {fn}")
+
+    scanned = set()
+    info = { }
+
+    patch_list = [ ]
+    for fn in args.patch_files:
+        m = re.match(r'^(?P<dir>.*?)(?P<name>[^/]+)\.diff$', fn)
+        patch = argparse.Namespace(**m.groupdict())
+        if patch.name in scanned:
+            continue
+        patch.fn = fn
+
+        lines = [ ]
+        commit_hash = None
+        with open(patch.fn, 'r', encoding='utf-8') as fh:
+            for line in fh:
+                m = re.match(r'^based-on: (\S+)', line)
+                if m:
+                    commit_hash = m[1]
+                    break
+                if (re.match(r'^index .*\.\..* \d', line)
+                 or re.match(r'^diff --git ', line)
+                 or re.match(r'^--- (old|a)/', line)):
+                    break
+                lines.append(re.sub(r'\s*\Z', "\n", line, 1))
+        info_txt = ''.join(lines).strip() + "\n"
+        lines = None
+
+        parent = args.base_branch
+        patches = re.findall(r'patch -p1 <%s/(\S+)\.diff' % args.patches_dir, info_txt)
+        if patches:
+            last = patches.pop()
+            if last != patch.name:
+                warn(f"No identity patch line in {patch.fn}")
+                patches.append(last)
+            if patches:
+                parent = patches.pop()
+                if parent not in scanned:
+                    diff_fn = patch.dir + parent + '.diff'
+                    if not os.path.isfile(diff_fn):
+                        die(f"Failed to find parent of {patch.fn}: {parent}")
+                    # Add parent to args.patch_files so that we will look for the
+                    # parent's parent.  Any duplicates will be ignored.
+                    args.patch_files.append(diff_fn)
+        else:
+            warn(f"No patch lines found in {patch.fn}")
+
+        info[patch.name] = [ parent, info_txt, commit_hash ]
+
+        patch_list.append(patch)
+
+    created = set()
+    for patch in patch_list:
+        create_branch(patch)
+
+    cmd_chk(['git', 'checkout', args.base_branch])
+
+
+def create_branch(patch):
+    if patch.name in created:
+        return
+    created.add(patch.name)
+
+    parent, info_txt, commit_hash = info[patch.name]
+    parent = argparse.Namespace(dir=patch.dir, name=parent, fn=patch.dir + parent + '.diff')
+
+    if parent.name == args.base_branch:
+        parent_branch = commit_hash if commit_hash else args.base_branch
+    else:
+        create_branch(parent)
+        parent_branch = '/'.join(['patch', args.base_branch, parent.name])
+
+    branch = '/'.join(['patch', args.base_branch, patch.name])
+    print("\n" + '=' * 64)
+    print(f"Processing {branch} ({parent_branch})")
+
+    if patch.name in local_branch:
+        cmd_chk(['git', 'branch', '-D', branch])
+
+    cmd_chk(['git', 'checkout', '-b', branch, parent_branch])
+
+    info_fn = 'PATCH.' + patch.name
+    with open(info_fn, 'w', encoding='utf-8') as fh:
+        fh.write(info_txt)
+    cmd_chk(['git', 'add', info_fn])
+
+    with open(patch.fn, 'r', encoding='utf-8') as fh:
+        patch_txt = fh.read()
+
+    cmd_run('patch -p1'.split(), input=patch_txt)
+
+    for fn in glob.glob('*.orig') + glob.glob('*/*.orig'):
+        os.unlink(fn)
+
+    pos = 0
+    new_file_re = re.compile(r'\nnew file mode (?P<mode>\d+)\s+--- /dev/null\s+\+\+\+ b/(?P<fn>.+)')
+    while True:
+        m = new_file_re.search(patch_txt, pos)
+        if not m:
+            break
+        os.chmod(m['fn'], int(m['mode'], 8))
+        cmd_chk(['git', 'add', m['fn']])
+        pos = m.end()
+
+    while True:
+        cmd_chk('git status'.split())
+        ans = input('Press Enter to commit, Ctrl-C to abort, or type a wild-name to add a new file: ')
+        if ans == '':
+            break
+        cmd_chk("git add " + ans, shell=True)
+
+    while True:
+        s = cmd_run(['git', 'commit', '-a', '-m', f"Creating branch from {patch.name}.diff."])
+        if not s.returncode:
+            break
+        s = cmd_run([os.environ.get('SHELL', '/bin/sh')])
+        if s.returncode:
+            die('Aborting due to shell error code')
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description="Create a git patch branch from an rsync patch file.", add_help=False)
+    parser.add_argument('--branch', '-b', dest='base_branch', metavar='BASE_BRANCH', default='master', help="The branch the patch is based on. Default: master.")
+    parser.add_argument('--add-missing', '-a', action='store_true', help="Add a branch for every patches/*.diff that doesn't have a branch.")
+    parser.add_argument('--skip-check', action='store_true', help="Skip the check that ensures starting with a clean branch.")
+    parser.add_argument('--delete', dest='delete_local_branches', action='store_true', help="Delete all the local patch/BASE/* branches, not just the ones that are being recreated.")
+    parser.add_argument('--patches-dir', '-p', metavar='DIR', default='patches', help="Override the location of the rsync-patches dir. Default: patches.")
+    parser.add_argument('patch_files', metavar='patches/DIFF_FILE', nargs='*', help="Specify what patch diff files to process. Default: all of them.")
+    parser.add_argument("--help", "-h", action="help", help="Output this help message and exit.")
+    args = parser.parse_args()
+    main()
+
+# vim: sw=4 et ft=python

packaging/lsb/rsync.spec

@@ -1,6 +1,6 @@
 Summary: A fast, versatile, remote (and local) file-copying tool
 Name: rsync
-Version: 3.4.3
+Version: 3.4.1
 %define fullversion %{version}
 Release: 1
 %define srcdir src
@@ -79,5 +79,5 @@ rm -rf $RPM_BUILD_ROOT
 %dir /etc/rsync-ssl/certs
 
 %changelog
-* Wed May 20 2026 Rsync Project <rsync.project@gmail.com>
-Released 3.4.3.
+* Thu Jan 16 2025 Rsync Project <rsync.project@gmail.com>
+Released 3.4.1.

packaging/patch-update

@@ -0,0 +1,244 @@
+#!/usr/bin/env -S python3 -B
+
+# This script is used to turn one or more of the "patch/BASE/*" branches
+# into one or more diffs in the "patches" directory.  Pass the option
+# --gen if you want generated files in the diffs.  Pass the name of
+# one or more diffs if you want to just update a subset of all the
+# diffs.
+
+import os, sys, re, argparse, time, shutil
+
+sys.path = ['packaging'] + sys.path
+
+from pkglib import *
+
+MAKE_GEN_CMDS = [
+        './prepare-source'.split(),
+        'cd build && if test -f config.status ; then ./config.status ; else ../configure ; fi',
+        'make -C build gen'.split(),
+        ]
+TMP_DIR = "patches.gen"
+
+os.environ['GIT_MERGE_AUTOEDIT'] = 'no'
+
+def main():
+    global master_commit, parent_patch, description, completed, last_touch
+
+    if not os.path.isdir(args.patches_dir):
+        die(f'No "{args.patches_dir}" directory was found.')
+    if not os.path.isdir('.git'):
+        die('No ".git" directory present in the current dir.')
+
+    starting_branch, args.base_branch = check_git_state(args.base_branch, not args.skip_check, args.patches_dir)
+
+    master_commit = latest_git_hash(args.base_branch)
+
+    if cmd_txt_chk(['packaging/prep-auto-dir']).out == '':
+        die('You must setup an auto-build-save dir to use this script.')
+
+    if args.gen:
+        if os.path.lexists(TMP_DIR):
+            die(f'"{TMP_DIR}" must not exist in the current directory.')
+        gen_files = get_gen_files()
+        os.mkdir(TMP_DIR, 0o700)
+        for cmd in MAKE_GEN_CMDS:
+            cmd_chk(cmd)
+        cmd_chk(['rsync', '-a', *gen_files, f'{TMP_DIR}/master/'])
+
+    last_touch = int(time.time())
+
+    # Start by finding all patches so that we can load all possible parents.
+    patches = sorted(list(get_patch_branches(args.base_branch)))
+
+    parent_patch = { }
+    description = { }
+
+    for patch in patches:
+        branch = f"patch/{args.base_branch}/{patch}"
+        desc = ''
+        proc = cmd_pipe(['git', 'diff', '-U1000', f"{args.base_branch}...{branch}", '--', f"PATCH.{patch}"])
+        in_diff = False
+        for line in proc.stdout:
+            if in_diff:
+                if not re.match(r'^[ +]', line):
+                    continue
+                line = line[1:]
+                m = re.search(r'patch -p1 <patches/(\S+)\.diff', line)
+                if m and m[1] != patch:
+                    parpat = parent_patch[patch] = m[1]
+                    if not parpat in patches:
+                        die(f"Parent of {patch} is not a local branch: {parpat}")
+                desc += line
+            elif re.match(r'^@@ ', line):
+                in_diff = True
+        description[patch] = desc
+        proc.communicate()
+
+    if args.patch_files: # Limit the list of patches to actually process
+        valid_patches = patches
+        patches = [ ]
+        for fn in args.patch_files:
+            name = re.sub(r'\.diff$', '', re.sub(r'.+/', '', fn))
+            if name not in valid_patches:
+                die(f"Local branch not available for patch: {name}")
+            patches.append(name)
+
+    completed = set()
+
+    for patch in patches:
+        if patch in completed:
+            continue
+        if not update_patch(patch):
+            break
+
+    if args.gen:
+        shutil.rmtree(TMP_DIR)
+
+    while last_touch >= int(time.time()):
+        time.sleep(1)
+    cmd_chk(['git', 'checkout', starting_branch])
+    cmd_chk(['packaging/prep-auto-dir'], discard='output')
+
+
+def update_patch(patch):
+    global last_touch
+
+    completed.add(patch) # Mark it as completed early to short-circuit any (bogus) dependency loops.
+
+    parent = parent_patch.get(patch, None)
+    if parent:
+        if parent not in completed:
+            if not update_patch(parent):
+                return 0
+        based_on = parent = f"patch/{args.base_branch}/{parent}"
+    else:
+        parent = args.base_branch
+        based_on = master_commit
+
+    print(f"======== {patch} ========")
+
+    while args.gen and last_touch >= int(time.time()):
+        time.sleep(1)
+
+    branch = f"patch/{args.base_branch}/{patch}"
+    s = cmd_run(['git', 'checkout', branch])
+    if s.returncode != 0:
+        return 0
+
+    s = cmd_run(['git', 'merge', based_on])
+    ok = s.returncode == 0
+    skip_shell = False
+    if not ok or args.cmd or args.make or args.shell:
+        cmd_chk(['packaging/prep-auto-dir'], discard='output')
+    if not ok:
+        print(f'"git merge {based_on}" incomplete -- please fix.')
+        if not run_a_shell(parent, patch):
+            return 0
+        if not args.make and not args.cmd:
+            skip_shell = True
+    if args.make:
+        if cmd_run(['packaging/smart-make']).returncode != 0:
+            if not run_a_shell(parent, patch):
+                return 0
+            if not args.cmd:
+                skip_shell = True
+    if args.cmd:
+        if cmd_run(args.cmd).returncode != 0:
+            if not run_a_shell(parent, patch):
+                return 0
+            skip_shell = True
+    if args.shell and not skip_shell:
+        if not run_a_shell(parent, patch):
+            return 0
+
+    with open(f"{args.patches_dir}/{patch}.diff", 'w', encoding='utf-8') as fh:
+        fh.write(description[patch])
+        fh.write(f"\nbased-on: {based_on}\n")
+
+        if args.gen:
+            gen_files = get_gen_files()
+            for cmd in MAKE_GEN_CMDS:
+                cmd_chk(cmd)
+            cmd_chk(['rsync', '-a', *gen_files, f"{TMP_DIR}/{patch}/"])
+        else:
+            gen_files = [ ]
+        last_touch = int(time.time())
+
+        proc = cmd_pipe(['git', 'diff', based_on])
+        skipping = False
+        for line in proc.stdout:
+            if skipping:
+                if not re.match(r'^diff --git a/', line):
+                    continue
+                skipping = False
+            elif re.match(r'^diff --git a/PATCH', line):
+                skipping = True
+                continue
+            if not re.match(r'^index ', line):
+                fh.write(line)
+        proc.communicate()
+
+        if args.gen:
+            e_tmp_dir = re.escape(TMP_DIR)
+            diff_re  = re.compile(r'^(diff -Nurp) %s/[^/]+/(.*?) %s/[^/]+/(.*)' % (e_tmp_dir, e_tmp_dir))
+            minus_re = re.compile(r'^\-\-\- %s/[^/]+/([^\t]+)\t.*' % e_tmp_dir)
+            plus_re  = re.compile(r'^\+\+\+ %s/[^/]+/([^\t]+)\t.*' % e_tmp_dir)
+
+            if parent == args.base_branch:
+                parent_dir = 'master'
+            else:
+                m = re.search(r'([^/]+)$', parent)
+                parent_dir = m[1]
+
+            proc = cmd_pipe(['diff', '-Nurp', f"{TMP_DIR}/{parent_dir}", f"{TMP_DIR}/{patch}"])
+            for line in proc.stdout:
+                line = diff_re.sub(r'\1 a/\2 b/\3', line)
+                line = minus_re.sub(r'--- a/\1', line)
+                line =  plus_re.sub(r'+++ b/\1', line)
+                fh.write(line)
+            proc.communicate()
+
+    return 1
+
+
+def run_a_shell(parent, patch):
+    m = re.search(r'([^/]+)$', parent)
+    parent_dir = m[1]
+    os.environ['PS1'] = f"[{parent_dir}] {patch}: "
+
+    while True:
+        s = cmd_run([os.environ.get('SHELL', '/bin/sh')])
+        if s.returncode != 0:
+            ans = input("Abort? [n/y] ")
+            if re.match(r'^y', ans, flags=re.I):
+                return False
+            continue
+        cur_branch, is_clean, status_txt = check_git_status(0)
+        if is_clean:
+            break
+        print(status_txt, end='')
+
+    cmd_run('rm -f build/*.o build/*/*.o')
+
+    return True
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description="Turn a git branch back into a diff files in the patches dir.", add_help=False)
+    parser.add_argument('--branch', '-b', dest='base_branch', metavar='BASE_BRANCH', default='master', help="The branch the patch is based on. Default: master.")
+    parser.add_argument('--skip-check', action='store_true', help="Skip the check that ensures starting with a clean branch.")
+    parser.add_argument('--make', '-m', action='store_true', help="Run the smart-make script in every patch branch.")
+    parser.add_argument('--cmd', '-c', help="Run a command in every patch branch.")
+    parser.add_argument('--shell', '-s', action='store_true', help="Launch a shell for every patch/BASE/* branch updated, not just when a conflict occurs.")
+    parser.add_argument('--gen', metavar='DIR', nargs='?', const='', help='Include generated files. Optional DIR value overrides the default of using the "patches" dir.')
+    parser.add_argument('--patches-dir', '-p', metavar='DIR', default='patches', help="Override the location of the rsync-patches dir. Default: patches.")
+    parser.add_argument('patch_files', metavar='patches/DIFF_FILE', nargs='*', help="Specify what patch diff files to process. Default: all of them.")
+    parser.add_argument("--help", "-h", action="help", help="Output this help message and exit.")
+    args = parser.parse_args()
+    if args.gen == '':
+        args.gen = args.patches_dir
+    elif args.gen is not None:
+        args.patches_dir = args.gen
+    main()
+
+# vim: sw=4 et ft=python

packaging/release-rsync

@@ -0,0 +1,414 @@
+#!/usr/bin/env -S python3 -B
+
+# This script expects the directory ~/samba-rsync-ftp to exist and to be a
+# copy of the /home/ftp/pub/rsync dir on samba.org.  When the script is done,
+# the git repository in the current directory will be updated, and the local
+# ~/samba-rsync-ftp dir will be ready to be rsynced to samba.org. See the
+# script samba-rsync for an easy way to initialize the local ftp copy and to
+# thereafter update the remote files from your local copy.
+
+# This script also expects to be able to gpg sign the resulting tar files
+# using your default gpg key. Make sure that the html download.html file
+# has a link to the relevant keys that are authorized to sign the tar files
+# and also make sure that the following commands work as expected:
+#
+#   touch TeMp
+#   gpg --sign TeMp
+#   gpg --verify TeMp.gpg
+#   gpg --sign TeMp
+#   rm TeMp*
+#
+# The second time you sign the file it should NOT prompt you for your password
+# (unless the timeout period has passed).  It will prompt about overriding the
+# existing TeMp.gpg file, though.
+
+import os, sys, re, argparse, glob, shutil, signal
+from datetime import datetime
+from getpass import getpass
+
+sys.path = ['packaging'] + sys.path
+
+from pkglib import *
+
+os.environ['LESS'] = 'mqeiXR'; # Make sure that -F is turned off and -R is turned on.
+dest = os.environ['HOME'] + '/samba-rsync-ftp'
+ORIGINAL_PATH = os.environ['PATH']
+
+def main():
+    if not os.path.isfile('packaging/release-rsync'):
+        die('You must run this script from the top of your rsync checkout.')
+
+    now = datetime.now()
+    cl_today = now.strftime('* %a %b %d %Y')
+    year = now.strftime('%Y')
+    ztoday = now.strftime('%d %b %Y')
+    today = ztoday.lstrip('0')
+
+    curdir = os.getcwd()
+
+    signal.signal(signal.SIGINT, signal_handler)
+
+    if cmd_txt_chk(['packaging/prep-auto-dir']).out == '':
+        die('You must setup an auto-build-save dir to use this script.');
+
+    auto_dir, gen_files = get_gen_files(True)
+    gen_pathnames = [ os.path.join(auto_dir, fn) for fn in gen_files ]
+
+    dash_line = '=' * 74
+
+    print(f"""\
+{dash_line}
+== This will release a new version of rsync onto an unsuspecting world. ==
+{dash_line}
+""")
+
+    with open('build/rsync.1') as fh:
+        for line in fh:
+            if line.startswith(r'.\" prefix='):
+                doc_prefix = line.split('=')[1].strip()
+                if doc_prefix != '/usr':
+                    warn(f"*** The documentation was built with prefix {doc_prefix} instead of /usr ***")
+                    die("*** Read the md2man script for a way to override this. ***")
+                break
+            if line.startswith('.P'):
+                die("Failed to find the prefix comment at the start of the rsync.1 manpage.")
+
+    if not os.path.isdir(dest):
+        die(dest, "dest does not exist")
+    if not os.path.isdir('.git'):
+        die("There is no .git dir in the current directory.")
+    if os.path.lexists('a'):
+        die('"a" must not exist in the current directory.')
+    if os.path.lexists('b'):
+        die('"b" must not exist in the current directory.')
+    if os.path.lexists('patches.gen'):
+        die('"patches.gen" must not exist in the current directory.')
+
+    check_git_state(args.master_branch, True, 'patches')
+
+    curversion = get_rsync_version()
+
+    # All version values are strings!
+    lastversion, last_protocol_version, pdate = get_NEWS_version_info()
+    protocol_version, subprotocol_version = get_protocol_versions()
+
+    version = curversion
+    m = re.search(r'pre(\d+)', version)
+    if m:
+        version = re.sub(r'pre\d+', 'pre' + str(int(m[1]) + 1), version)
+    else:
+        version = version.replace('dev', 'pre1')
+
+    ans = input(f"Please enter the version number of this release: [{version}] ")
+    if ans == '.':
+        version = re.sub(r'pre\d+', '', version)
+    elif ans != '':
+        version = ans
+    if not re.match(r'^[\d.]+(pre\d+)?$', version):
+        die(f'Invalid version: "{version}"')
+
+    v_ver = 'v' + version
+    rsync_ver = 'rsync-' + version
+
+    if os.path.lexists(rsync_ver):
+        die(f'"{rsync_ver}" must not exist in the current directory.')
+
+    out = cmd_txt_chk(['git', 'tag', '-l', v_ver]).out
+    if out != '':
+        print(f"Tag {v_ver} already exists.")
+        ans = input("\nDelete tag or quit? [Q/del] ")
+        if not re.match(r'^del', ans, flags=re.I):
+            die("Aborted")
+        cmd_chk(['git', 'tag', '-d', v_ver])
+        if os.path.isdir('patches/.git'):
+            cmd_chk(f"cd patches && git tag -d '{v_ver}'")
+
+    version = re.sub(r'[-.]*pre[-.]*', 'pre', version)
+    if 'pre' in version and not curversion.endswith('dev'):
+        lastversion = curversion
+
+    ans = input(f"Enter the previous version to produce a patch against: [{lastversion}] ")
+    if ans != '':
+        lastversion = ans
+    lastversion = re.sub(r'[-.]*pre[-.]*', 'pre', lastversion)
+
+    rsync_lastver = 'rsync-' + lastversion
+    if os.path.lexists(rsync_lastver):
+        die(f'"{rsync_lastver}" must not exist in the current directory.')
+
+    m = re.search(r'(pre\d+)', version)
+    pre = m[1] if m else ''
+
+    release = '0.1' if pre else '1'
+    ans = input(f"Please enter the RPM release number of this release: [{release}] ")
+    if ans != '':
+        release = ans
+    if pre:
+        release += '.' + pre
+
+    finalversion = re.sub(r'pre\d+', '', version)
+    proto_changed = protocol_version != last_protocol_version
+    if proto_changed:
+        if finalversion in pdate:
+            proto_change_date = pdate[finalversion]
+        else:
+            while True:
+                ans = input("On what date did the protocol change to {protocol_version} get checked in? (dd Mmm yyyy) ")
+                if re.match(r'^\d\d \w\w\w \d\d\d\d$', ans):
+                    break
+            proto_change_date = ans
+    else:
+        proto_change_date = ' ' * 11
+
+    if 'pre' in lastversion:
+        if not pre:
+            die("You should not diff a release version against a pre-release version.")
+        srcdir = srcdiffdir = lastsrcdir = 'src-previews'
+        skipping = ' ** SKIPPING **'
+    elif pre:
+        srcdir = srcdiffdir = 'src-previews'
+        lastsrcdir = 'src'
+        skipping = ' ** SKIPPING **'
+    else:
+        srcdir = lastsrcdir = 'src'
+        srcdiffdir = 'src-diffs'
+        skipping = ''
+
+    print(f"""
+{dash_line}
+version is "{version}"
+lastversion is "{lastversion}"
+dest is "{dest}"
+curdir is "{curdir}"
+srcdir is "{srcdir}"
+srcdiffdir is "{srcdiffdir}"
+lastsrcdir is "{lastsrcdir}"
+release is "{release}"
+
+About to:
+    - tweak SUBPROTOCOL_VERSION in rsync.h, if needed
+    - tweak the version in version.h and the spec files
+    - tweak NEWS.md to ensure header values are correct
+    - generate configure.sh, config.h.in, and proto.h
+    - page through the differences
+""")
+    ans = input("<Press Enter to continue> ")
+
+    specvars = {
+        'Version:': finalversion,
+        'Release:': release,
+        '%define fullversion': f'%{{version}}{pre}',
+        'Released': version + '.',
+        '%define srcdir': srcdir,
+        }
+
+    tweak_files = 'version.h rsync.h'.split()
+    tweak_files += glob.glob('packaging/*.spec')
+    tweak_files += glob.glob('packaging/*/*.spec')
+
+    for fn in tweak_files:
+        with open(fn, 'r', encoding='utf-8') as fh:
+            old_txt = txt = fh.read()
+        if fn == 'version.h':
+            x_re = re.compile(r'^(#define RSYNC_VERSION).*', re.M)
+            msg = f"Unable to update RSYNC_VERSION in {fn}"
+            txt = replace_or_die(x_re, r'\1 "%s"' % version, txt, msg)
+        elif '.spec' in fn:
+            for var, val in specvars.items():
+                x_re = re.compile(r'^%s .*' % re.escape(var), re.M)
+                txt = replace_or_die(x_re, var + ' ' + val, txt, f"Unable to update {var} in {fn}")
+            x_re = re.compile(r'^\* \w\w\w \w\w\w \d\d \d\d\d\d (.*)', re.M)
+            txt = replace_or_die(x_re, r'%s \1' % cl_today, txt, f"Unable to update ChangeLog header in {fn}")
+        elif fn == 'rsync.h':
+            x_re = re.compile('(#define\s+SUBPROTOCOL_VERSION)\s+(\d+)')
+            repl = lambda m: m[1] + ' ' + ('0' if not pre or not proto_changed else '1' if m[2] == '0' else m[2])
+            txt = replace_or_die(x_re, repl, txt, f"Unable to find SUBPROTOCOL_VERSION define in {fn}")
+        elif fn == 'NEWS.md':
+            efv = re.escape(finalversion)
+            x_re = re.compile(r'^# NEWS for rsync %s \(UNRELEASED\)\s+## Changes in this version:\n' % efv
+                    + r'(\n### PROTOCOL NUMBER:\s+- The protocol number was changed to \d+\.\n)?')
+            rel_day = 'UNRELEASED' if pre else today
+            repl = (f'# NEWS for rsync {finalversion} ({rel_day})\n\n'
+                + '## Changes in this version:\n')
+            if proto_changed:
+                repl += f'\n### PROTOCOL NUMBER:\n\n - The protocol number was changed to {protocol_version}.\n'
+            good_top = re.sub(r'\(.*?\)', '(UNRELEASED)', repl, 1)
+            msg = f"The top lines of {fn} are not in the right format.  It should be:\n" + good_top
+            txt = replace_or_die(x_re, repl, txt, msg)
+            x_re = re.compile(r'^(\| )(\S{2} \S{3} \d{4})(\s+\|\s+%s\s+\| ).{11}(\s+\| )\S{2}(\s+\|+)$' % efv, re.M)
+            repl = lambda m: m[1] + (m[2] if pre else ztoday) + m[3] + proto_change_date + m[4] + protocol_version + m[5]
+            txt = replace_or_die(x_re, repl, txt, f'Unable to find "| ?? ??? {year} | {finalversion} | ... |" line in {fn}')
+        else:
+            die(f"Unrecognized file in tweak_files: {fn}")
+
+        if txt != old_txt:
+            print(f"Updating {fn}")
+            with open(fn, 'w', encoding='utf-8') as fh:
+                fh.write(txt)
+
+    cmd_chk(['packaging/year-tweak'])
+
+    print(dash_line)
+    cmd_run("git diff".split())
+
+    srctar_name = f"{rsync_ver}.tar.gz"
+    pattar_name = f"rsync-patches-{version}.tar.gz"
+    diff_name = f"{rsync_lastver}-{version}.diffs.gz"
+    srctar_file = os.path.join(dest, srcdir, srctar_name)
+    pattar_file = os.path.join(dest, srcdir, pattar_name)
+    diff_file = os.path.join(dest, srcdiffdir, diff_name)
+    lasttar_file = os.path.join(dest, lastsrcdir, rsync_lastver + '.tar.gz')
+
+    print(f"""\
+{dash_line}
+
+About to:
+    - git commit all changes
+    - run a full build, ensuring that the manpages & configure.sh are up-to-date
+    - merge the {args.master_branch} branch into the patch/{args.master_branch}/* branches
+    - update the files in the "patches" dir and OPTIONALLY (if you type 'y') to
+      run patch-update with the --make option (which opens a shell on error)
+""")
+    ans = input("<Press Enter OR 'y' to continue> ")
+
+    s = cmd_run(['git', 'commit', '-a', '-m', f'Preparing for release of {version} [buildall]'])
+    if s.returncode:
+        die('Aborting')
+
+    cmd_chk('touch configure.ac && packaging/smart-make && make gen')
+
+    print('Creating any missing patch branches.')
+    s = cmd_run(f'packaging/branch-from-patch --branch={args.master_branch} --add-missing')
+    if s.returncode:
+        die('Aborting')
+
+    print('Updating files in "patches" dir ...')
+    s = cmd_run(f'packaging/patch-update --branch={args.master_branch}')
+    if s.returncode:
+        die('Aborting')
+
+    if re.match(r'^y', ans, re.I):
+        print(f'\nRunning smart-make on all "patch/{args.master_branch}/*" branches ...')
+        cmd_run(f"packaging/patch-update --branch={args.master_branch} --skip-check --make")
+
+    if os.path.isdir('patches/.git'):
+        s = cmd_run(f"cd patches && git commit -a -m 'The patches for {version}.'")
+        if s.returncode:
+            die('Aborting')
+
+    print(f"""\
+{dash_line}
+
+About to:
+    - create signed tag for this release: {v_ver}
+    - create release diffs, "{diff_name}"
+    - create release tar, "{srctar_name}"
+    - generate {rsync_ver}/patches/* files
+    - create patches tar, "{pattar_name}"
+    - update top-level README.md, NEWS.md, TODO, and ChangeLog
+    - update top-level rsync*.html manpages
+    - gpg-sign the release files
+    - update hard-linked top-level release files{skipping}
+""")
+    ans = input("<Press Enter to continue> ")
+
+    # TODO: is there a better way to ensure that our passphrase is in the agent?
+    cmd_run("touch TeMp; gpg --sign TeMp; rm TeMp*")
+
+    out = cmd_txt(f"git tag -s -m 'Version {version}.' {v_ver}", capture='combined').out
+    print(out, end='')
+    if 'bad passphrase' in out or 'failed' in out:
+        die('Aborting')
+
+    if os.path.isdir('patches/.git'):
+        out = cmd_txt(f"cd patches && git tag -s -m 'Version {version}.' {v_ver}", capture='combined').out
+        print(out, end='')
+        if 'bad passphrase' in out or 'failed' in out:
+            die('Aborting')
+
+    os.environ['PATH'] = ORIGINAL_PATH
+
+    # Extract the generated files from the old tar.
+    tweaked_gen_files = [ os.path.join(rsync_lastver, fn) for fn in gen_files ]
+    cmd_run(['tar', 'xzf', lasttar_file, *tweaked_gen_files])
+    os.rename(rsync_lastver, 'a')
+
+    print(f"Creating {diff_file} ...")
+    cmd_chk(['rsync', '-a', *gen_pathnames, 'b/'])
+
+    sed_script = r's:^((---|\+\+\+) [ab]/[^\t]+)\t.*:\1:' # CAUTION: must not contain any single quotes!
+    cmd_chk(f"(git diff v{lastversion} {v_ver} -- ':!.github'; diff -upN a b | sed -r '{sed_script}') | gzip -9 >{diff_file}")
+    shutil.rmtree('a')
+    os.rename('b', rsync_ver)
+
+    print(f"Creating {srctar_file} ...")
+    cmd_chk(f"git archive --format=tar --prefix={rsync_ver}/ {v_ver} | tar xf -")
+    cmd_chk(f"support/git-set-file-times --quiet --prefix={rsync_ver}/")
+    cmd_chk(['fakeroot', 'tar', 'czf', srctar_file, '--exclude=.github', rsync_ver])
+    shutil.rmtree(rsync_ver)
+
+    print(f'Updating files in "{rsync_ver}/patches" dir ...')
+    os.mkdir(rsync_ver, 0o755)
+    os.mkdir(f"{rsync_ver}/patches", 0o755)
+    cmd_chk(f"packaging/patch-update --skip-check --branch={args.master_branch} --gen={rsync_ver}/patches".split())
+
+    print(f"Creating {pattar_file} ...")
+    cmd_chk(['fakeroot', 'tar', 'chzf', pattar_file, rsync_ver + '/patches'])
+    shutil.rmtree(rsync_ver)
+
+    print(f"Updating the other files in {dest} ...")
+    md_files = 'README.md NEWS.md INSTALL.md'.split()
+    html_files = [ fn for fn in gen_pathnames if fn.endswith('.html') ]
+    cmd_chk(['rsync', '-a', *md_files, *html_files, dest])
+    cmd_chk(["./md-convert", "--dest", dest, *md_files])
+
+    cmd_chk(f"git log --name-status | gzip -9 >{dest}/ChangeLog.gz")
+
+    for fn in (srctar_file, pattar_file, diff_file):
+        asc_fn = fn + '.asc'
+        if os.path.lexists(asc_fn):
+            os.unlink(asc_fn)
+        res = cmd_run(['gpg', '--batch', '-ba', fn])
+        if res.returncode != 0 and res.returncode != 2:
+            die("gpg signing failed")
+
+    if not pre:
+        for find in f'{dest}/rsync-*.gz {dest}/rsync-*.asc {dest}/src-previews/rsync-*diffs.gz*'.split():
+            for fn in glob.glob(find):
+                os.unlink(fn)
+        top_link = [
+                srctar_file, f"{srctar_file}.asc",
+                pattar_file, f"{pattar_file}.asc",
+                diff_file, f"{diff_file}.asc",
+                ]
+        for fn in top_link:
+            os.link(fn, re.sub(r'/src(-\w+)?/', '/', fn))
+
+    print(f"""\
+{dash_line}
+
+Local changes are done.  When you're satisfied, push the git repository
+and rsync the release files.  Remember to announce the release on *BOTH*
+rsync-announce@lists.samba.org and rsync@lists.samba.org (and the web)!
+""")
+
+
+def replace_or_die(regex, repl, txt, die_msg):
+    m = regex.search(txt)
+    if not m:
+        die(die_msg)
+    return regex.sub(repl, txt, 1)
+
+
+def signal_handler(sig, frame):
+    die("\nAborting due to SIGINT.")
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser(description="Prepare a new release of rsync in the git repo & ftp dir.", add_help=False)
+    parser.add_argument('--branch', '-b', dest='master_branch', default='master', help="The branch to release. Default: master.")
+    parser.add_argument("--help", "-h", action="help", help="Output this help message and exit.")
+    args = parser.parse_args()
+    main()
+
+# vim: sw=4 et ft=python

packaging/release.py

@@ -1,703 +0,0 @@
-#!/usr/bin/env python3
-
-# Step-based release script for rsync.  Each step is a separate invocation
-# selected by a --step-N-XX option, so the maintainer drives the release
-# manually one piece at a time.
-#
-# All persistent state and working files live in ../release/ (a sibling of
-# the rsync git checkout):
-#
-#   ../release/rsync-ftp/       mirror of samba.org:/home/ftp/pub/rsync
-#   ../release/rsync-html/      git checkout of rsync-web (the html site)
-#   ../release/work/            scratch space for tarball / diff staging
-#   ../release/release-state.json   info shared between steps
-#
-# The rsync-patches archive is no longer maintained and has been dropped.
-#
-# Run "packaging/release.py --list" to see the step list.
-
-import os, sys, re, argparse, glob, shutil, json, signal, subprocess
-from datetime import datetime
-
-sys.path = ['packaging'] + sys.path
-
-from pkglib import (
-    warn, die, cmd_run, cmd_chk, cmd_txt, cmd_txt_chk, cmd_pipe,
-    check_git_state, get_rsync_version,
-    get_NEWS_version_info, get_protocol_versions,
-)
-
-# ---------- Paths ----------
-
-RELEASE_DIR = os.path.realpath('../release')
-FTP_DIR     = os.path.join(RELEASE_DIR, 'rsync-ftp')
-HTML_DIR    = os.path.join(RELEASE_DIR, 'rsync-html')
-WORK_DIR    = os.path.join(RELEASE_DIR, 'work')
-STATE_FILE  = os.path.join(RELEASE_DIR, 'release-state.json')
-
-# Local rsync-web checkout (sibling of rsync-git) is the source-of-truth for
-# the git-tracked html content.  The maintainer pulls/commits/pushes there;
-# step-1-fetch just snapshots it into HTML_DIR for the release flow.
-HTML_SRC = os.path.realpath('../rsync-web')
-
-FTP_REMOTE_PATH  = '/home/ftp/pub/rsync'
-HTML_REMOTE_PATH = '/home/httpd/html/rsync'
-
-# Files that ./configure + make produce and that the release tarball / diff
-# need to bundle alongside the git-tracked source.  Mirrors the GENFILES
-# definition in Makefile.in (with rrsync.1{,.html} since we always configure
-# --with-rrsync in --step-4-build).
-GEN_FILES = [
-    'configure.sh',
-    'aclocal.m4',
-    'config.h.in',
-    'rsync.1',     'rsync.1.html',
-    'rsync-ssl.1', 'rsync-ssl.1.html',
-    'rsyncd.conf.5', 'rsyncd.conf.5.html',
-    'rrsync.1',    'rrsync.1.html',
-]
-
-# ---------- Step registry ----------
-
-STEPS = [
-    ('step-1-fetch',       'mirror ../release/rsync-ftp from samba.org and snapshot ../release/rsync-html from ../rsync-web'),
-    ('step-2-prepare',     'gather release info interactively and write release-state.json'),
-    ('step-3-tweak',       'update version.h, rsync.h, NEWS.md, and packaging/*.spec'),
-    ('step-4-build',       'run smart-make + make gen'),
-    ('step-5-commit',      'git commit -a (commit the prepared release changes)'),
-    ('step-6-tag',         'create the gpg-signed git tag'),
-    ('step-7-tarball',     'build the source tarball and diffs.gz against the previous release'),
-    ('step-8-update-ftp',  'refresh README/NEWS/INSTALL/html in the ftp dir, regen ChangeLog.gz, gpg-sign tarballs'),
-    ('step-9-toplinks',    'hard-link top-level release files (final releases only)'),
-    ('step-10-push-ftp',   'rsync ../release/rsync-ftp/ to samba.org'),
-    ('step-11-push-html',  'rsync ../release/rsync-html/ to samba.org (after any manual edits)'),
-    ('step-12-push-git',   'print the git push commands for you to run'),
-]
-STEP_FLAGS = [s[0] for s in STEPS]
-
-DASH_LINE = '=' * 74
-
-# ---------- State helpers ----------
-
-def load_state():
-    if not os.path.isfile(STATE_FILE):
-        die(f"{STATE_FILE} not found.  Run --step-2-prepare first.")
-    with open(STATE_FILE, 'r', encoding='utf-8') as fh:
-        return json.load(fh)
-
-
-def save_state(state):
-    os.makedirs(RELEASE_DIR, exist_ok=True)
-    with open(STATE_FILE, 'w', encoding='utf-8') as fh:
-        json.dump(state, fh, indent=2, sort_keys=True)
-        fh.write('\n')
-
-
-def require_samba_host():
-    host = os.environ.get('RSYNC_SAMBA_HOST', '')
-    if not host.endswith('.samba.org'):
-        die("Set RSYNC_SAMBA_HOST in your environment to the samba hostname (e.g. hr3.samba.org).")
-    return host
-
-
-def require_top_of_checkout():
-    if not os.path.isfile('packaging/release.py'):
-        die("Run this script from the top of your rsync checkout.")
-    if not os.path.isdir('.git'):
-        die("There is no .git dir in the current directory.")
-
-
-def replace_or_die(regex, repl, txt, die_msg):
-    m = regex.search(txt)
-    if not m:
-        die(die_msg)
-    return regex.sub(repl, txt, 1)
-
-
-def section(title):
-    print(f"\n{DASH_LINE}\n== {title}\n{DASH_LINE}")
-
-
-def confirm(prompt, default_no=True):
-    suffix = '[n] ' if default_no else '[y] '
-    ans = input(f"{prompt} {suffix}").strip().lower()
-    if default_no:
-        return ans.startswith('y')
-    return ans == '' or ans.startswith('y')
-
-
-# ---------- Step 1: fetch ftp + html ----------
-
-def step_1_fetch(args):
-    host = require_samba_host()
-    os.makedirs(RELEASE_DIR, exist_ok=True)
-    os.makedirs(WORK_DIR, exist_ok=True)
-
-    section(f"Fetching ftp dir into {FTP_DIR}")
-    if not os.path.isdir(FTP_DIR):
-        os.makedirs(FTP_DIR)
-    # The .filt file lives in the ftp dir on the server; mirror down using the
-    # transmitted filter, falling back to no filter on the very first pull.
-    filt = os.path.join(FTP_DIR, '.filt')
-    if os.path.exists(filt):
-        opts = ['-aivOHP', f'-f:_{filt}']
-    else:
-        opts = ['-aivOHP']
-    cmd_chk(['rsync', *opts, f'{host}:{FTP_REMOTE_PATH}/', f'{FTP_DIR}/'])
-
-    section(f"Snapshotting html dir from {HTML_SRC} into {HTML_DIR}")
-    if not os.path.isdir(HTML_SRC):
-        die(f"{HTML_SRC} not found.  Clone the rsync-web repo there first.")
-    if not os.path.isdir(os.path.join(HTML_SRC, '.git')):
-        die(f"{HTML_SRC} exists but is not a git checkout.")
-    print(f"(Make sure {HTML_SRC} is up to date — this script does not 'git pull' for you.)")
-    os.makedirs(HTML_DIR, exist_ok=True)
-    cmd_chk(['rsync', '-aiv', '--exclude=/.git',
-             f'{HTML_SRC}/', f'{HTML_DIR}/'])
-
-    # Then mirror non-git html content from the server (mirroring samba-rsync's
-    # behavior: skip files that the html git already provides).
-    filt = os.path.join(HTML_DIR, 'filt')
-    if os.path.exists(filt):
-        tmp_filt = os.path.join(HTML_DIR, 'tmp-filt')
-        cmd_chk(f"sed -n -e 's/[-P]/H/p' '{filt}' >'{tmp_filt}'")
-        cmd_chk(['rsync', '-aivOHP', f'-f._{tmp_filt}',
-                 f'{host}:{HTML_REMOTE_PATH}/', f'{HTML_DIR}/'])
-        os.unlink(tmp_filt)
-
-    print(f"\nFetch complete.  Local dirs are now in {RELEASE_DIR}.")
-
-
-# ---------- Step 2: prepare ----------
-
-def step_2_prepare(args):
-    require_top_of_checkout()
-    os.makedirs(RELEASE_DIR, exist_ok=True)
-
-    if not os.path.isdir(FTP_DIR):
-        die(f"{FTP_DIR} does not exist.  Run --step-1-fetch first.")
-
-    now = datetime.now().astimezone()
-    cl_today = now.strftime('* %a %b %d %Y')
-    year     = now.strftime('%Y')
-    ztoday   = now.strftime('%d %b %Y')
-    today    = ztoday.lstrip('0')
-    tz_now   = now.strftime('%z')
-    tz_num   = tz_now[0:1].replace('+', '') + str(float(tz_now[1:3]) + float(tz_now[3:]) / 60)
-
-    curversion = get_rsync_version()
-    lastversion, last_protocol_version, pdate = get_NEWS_version_info()
-    protocol_version, subprotocol_version    = get_protocol_versions()
-
-    # Default next version: bump preN, or move dev -> pre1.
-    version = curversion
-    m = re.search(r'pre(\d+)', version)
-    if m:
-        version = re.sub(r'pre\d+', 'pre' + str(int(m[1]) + 1), version)
-    else:
-        version = version.replace('dev', 'pre1')
-
-    print(f"\nCurrent version (version.h): {curversion}")
-    print(f"Last released version (NEWS.md): {lastversion}")
-    print(f"Current protocol version: {protocol_version}  (last released: {last_protocol_version})")
-
-    ans = input(f"\nVersion to release [{version}, '.' to drop the preN suffix]: ").strip()
-    if ans == '.':
-        version = re.sub(r'pre\d+', '', version)
-    elif ans:
-        version = ans
-    if not re.match(r'^[\d.]+(pre\d+)?$', version):
-        die(f'Invalid version: "{version}"')
-    version = re.sub(r'[-.]*pre[-.]*', 'pre', version)
-
-    if 'pre' in version and not curversion.endswith('dev'):
-        lastversion = curversion
-
-    ans = input(f"Previous version to diff against [{lastversion}]: ").strip()
-    if ans:
-        lastversion = ans
-    lastversion = re.sub(r'[-.]*pre[-.]*', 'pre', lastversion)
-
-    m = re.search(r'(pre\d+)', version)
-    pre = m[1] if m else ''
-    finalversion = re.sub(r'pre\d+', '', version)
-
-    release = '0.1' if pre else '1'
-    ans = input(f"RPM release number [{release}]: ").strip()
-    if ans:
-        release = ans
-    if pre:
-        release += '.' + pre
-
-    proto_changed = protocol_version != last_protocol_version
-    if proto_changed:
-        if finalversion in pdate:
-            proto_change_date = pdate[finalversion]
-        else:
-            while True:
-                ans = input(f"Date the protocol changed to {protocol_version} (dd Mmm yyyy): ").strip()
-                if re.match(r'^\d\d \w\w\w \d\d\d\d$', ans):
-                    break
-            proto_change_date = ans
-    else:
-        proto_change_date = ' ' * 11
-
-    if 'pre' in lastversion:
-        if not pre:
-            die("Refusing to diff a release version against a pre-release version.")
-        srcdir = srcdiffdir = lastsrcdir = 'src-previews'
-    elif pre:
-        srcdir = srcdiffdir = 'src-previews'
-        lastsrcdir = 'src'
-    else:
-        srcdir = lastsrcdir = 'src'
-        srcdiffdir = 'src-diffs'
-
-    state = {
-        'version':            version,
-        'lastversion':        lastversion,
-        'finalversion':       finalversion,
-        'pre':                pre,
-        'release':            release,
-        'protocol_version':   protocol_version,
-        'subprotocol_version': subprotocol_version,
-        'proto_changed':      proto_changed,
-        'proto_change_date':  proto_change_date,
-        'srcdir':             srcdir,
-        'srcdiffdir':         srcdiffdir,
-        'lastsrcdir':         lastsrcdir,
-        'today':              today,
-        'ztoday':             ztoday,
-        'cl_today':           cl_today,
-        'year':               year,
-        'tz_num':             tz_num,
-        'master_branch':      args.master_branch,
-    }
-    save_state(state)
-
-    section("Release info")
-    for k in ('version', 'lastversion', 'release', 'srcdir', 'srcdiffdir', 'lastsrcdir',
-              'protocol_version', 'proto_changed', 'proto_change_date'):
-        print(f"  {k}: {state[k]}")
-    print(f"\nWrote {STATE_FILE}.  Re-run --step-2-prepare to change anything.")
-
-
-# ---------- Step 3: tweak version files ----------
-
-def step_3_tweak(args):
-    require_top_of_checkout()
-    state = load_state()
-
-    version          = state['version']
-    finalversion     = state['finalversion']
-    pre              = state['pre']
-    release          = state['release']
-    today            = state['today']
-    ztoday           = state['ztoday']
-    cl_today         = state['cl_today']
-    year             = state['year']
-    tz_num           = state['tz_num']
-    proto_changed    = state['proto_changed']
-    proto_change_date = state['proto_change_date']
-    protocol_version  = state['protocol_version']
-    srcdir           = state['srcdir']
-
-    specvars = {
-        'Version:':           finalversion,
-        'Release:':           release,
-        '%define fullversion': f'%{{version}}{pre}',
-        'Released':           version + '.',
-        '%define srcdir':     srcdir,
-    }
-
-    tweak_files = ['version.h', 'rsync.h', 'NEWS.md']
-    tweak_files += glob.glob('packaging/*.spec')
-    tweak_files += glob.glob('packaging/*/*.spec')
-
-    for fn in tweak_files:
-        with open(fn, 'r', encoding='utf-8') as fh:
-            old_txt = txt = fh.read()
-        if fn == 'version.h':
-            x_re = re.compile(r'^(#define RSYNC_VERSION).*', re.M)
-            txt = replace_or_die(x_re, r'\1 "%s"' % version, txt,
-                                 f"Unable to update RSYNC_VERSION in {fn}")
-            x_re = re.compile(r'^(#define MAINTAINER_TZ_OFFSET).*', re.M)
-            txt = replace_or_die(x_re, r'\1 ' + tz_num, txt,
-                                 f"Unable to update MAINTAINER_TZ_OFFSET in {fn}")
-        elif fn == 'rsync.h':
-            x_re = re.compile(r'(#define\s+SUBPROTOCOL_VERSION)\s+(\d+)')
-            repl = lambda m: m[1] + ' ' + (
-                '0' if not pre or not proto_changed
-                else '1' if m[2] == '0'
-                else m[2])
-            txt = replace_or_die(x_re, repl, txt,
-                                 f"Unable to find SUBPROTOCOL_VERSION in {fn}")
-        elif fn == 'NEWS.md':
-            efv = re.escape(finalversion)
-            x_re = re.compile(
-                r'^# NEWS for rsync %s \(UNRELEASED\)\s+## Changes in this version:\n' % efv
-                + r'(\n### PROTOCOL NUMBER:\s+- The protocol number was changed to \d+\.\n)?')
-            rel_day = 'UNRELEASED' if pre else today
-            repl = (f'# NEWS for rsync {finalversion} ({rel_day})\n\n'
-                    + '## Changes in this version:\n')
-            if proto_changed:
-                repl += f'\n### PROTOCOL NUMBER:\n\n - The protocol number was changed to {protocol_version}.\n'
-            good_top = re.sub(r'\(.*?\)', '(UNRELEASED)', repl, 1)
-            msg = (f"The top of {fn} is not in the right format.  It should be:\n" + good_top)
-            txt = replace_or_die(x_re, repl, txt, msg)
-            x_re = re.compile(
-                r'^(\| )(\S{2} \S{3} \d{4})(\s+\|\s+%s\s+\| ).{11}(\s+\| )\S{2}(\s+\|+)$' % efv,
-                re.M)
-            repl = lambda m: (m[1] + (m[2] if pre else ztoday) + m[3]
-                              + proto_change_date + m[4] + protocol_version + m[5])
-            txt = replace_or_die(x_re, repl, txt,
-                                 f'Unable to find "| ?? ??? {year} | {finalversion} | ... |" line in {fn}')
-        elif '.spec' in fn:
-            for var, val in specvars.items():
-                x_re = re.compile(r'^%s .*' % re.escape(var), re.M)
-                txt = replace_or_die(x_re, var + ' ' + val, txt,
-                                     f"Unable to update {var} in {fn}")
-            x_re = re.compile(r'^\* \w\w\w \w\w\w \d\d \d\d\d\d (.*)', re.M)
-            txt = replace_or_die(x_re, r'%s \1' % cl_today, txt,
-                                 f"Unable to update ChangeLog header in {fn}")
-        else:
-            die(f"Unrecognized file in tweak_files: {fn}")
-
-        if txt != old_txt:
-            print(f"Updating {fn}")
-            with open(fn, 'w', encoding='utf-8') as fh:
-                fh.write(txt)
-
-    cmd_chk(['packaging/year-tweak'])
-
-    section("git diff after tweaks")
-    cmd_run(['git', '--no-pager', 'diff'])
-
-
-# ---------- Step 4: build ----------
-
-def step_4_build(args):
-    require_top_of_checkout()
-    load_state()  # just to ensure we've prepared
-
-    section("Running prepare-source + configure --prefix=/usr --with-rrsync + make + make gen")
-    # Always re-prepare so configure.sh is current; we run configure ourselves
-    # with the release-required flags rather than relying on the cached
-    # config.status (which may have been produced with different options).
-    if os.path.isfile('.fetch'):
-        cmd_chk(['./prepare-source', 'fetch'])
-    else:
-        cmd_chk(['./prepare-source'])
-
-    cmd_chk(['./configure', '--prefix=/usr', '--with-rrsync'])
-    cmd_chk(['make'])
-    cmd_chk(['make', 'gen'])
-
-
-# ---------- Step 5: commit ----------
-
-def step_5_commit(args):
-    require_top_of_checkout()
-    state = load_state()
-    version = state['version']
-
-    section("git status")
-    cmd_run(['git', 'status'])
-    if not confirm("Commit all current changes with the release message?"):
-        die("Aborted.")
-    cmd_chk(['git', 'commit', '-a', '-m', f'Preparing for release of {version} [buildall]'])
-
-
-# ---------- Step 6: tag ----------
-
-def step_6_tag(args):
-    require_top_of_checkout()
-    state = load_state()
-    version = state['version']
-    v_ver = 'v' + version
-
-    out = cmd_txt_chk(['git', 'tag', '-l', v_ver]).out
-    if out.strip():
-        if not confirm(f"Tag {v_ver} already exists.  Delete and recreate?"):
-            die("Aborted.")
-        cmd_chk(['git', 'tag', '-d', v_ver])
-
-    # Prime the gpg agent so the actual tag signing won't prompt.
-    section("Priming gpg agent")
-    cmd_run("touch TeMp; gpg --sign TeMp; rm -f TeMp TeMp.gpg")
-
-    section(f"Creating signed tag {v_ver}")
-    out = cmd_txt(['git', 'tag', '-s', '-m', f'Version {version}.', v_ver],
-                  capture='combined').out
-    print(out, end='')
-    if 'bad passphrase' in out.lower() or 'failed' in out.lower():
-        die("Tag creation failed.")
-
-
-# ---------- Step 7: tarball + diff ----------
-
-def step_7_tarball(args):
-    require_top_of_checkout()
-    state = load_state()
-
-    version      = state['version']
-    lastversion  = state['lastversion']
-    pre          = state['pre']
-    srcdir       = state['srcdir']
-    srcdiffdir   = state['srcdiffdir']
-    lastsrcdir   = state['lastsrcdir']
-
-    rsync_ver     = 'rsync-' + version
-    rsync_lastver = 'rsync-' + lastversion
-    v_ver         = 'v' + version
-
-    srctar_name = f"{rsync_ver}.tar.gz"
-    diff_name   = f"{rsync_lastver}-{version}.diffs.gz"
-
-    srctar_file = os.path.join(FTP_DIR, srcdir, srctar_name)
-    diff_file   = os.path.join(FTP_DIR, srcdiffdir, diff_name)
-    lasttar_file = os.path.join(FTP_DIR, lastsrcdir, rsync_lastver + '.tar.gz')
-
-    for d in (os.path.dirname(srctar_file), os.path.dirname(diff_file)):
-        os.makedirs(d, exist_ok=True)
-    if not os.path.isfile(lasttar_file):
-        die(f"Previous tarball not found: {lasttar_file}")
-
-    # Stage in ../release/work to keep the source checkout clean.
-    if os.path.isdir(WORK_DIR):
-        shutil.rmtree(WORK_DIR)
-    os.makedirs(WORK_DIR)
-
-    a_dir = os.path.join(WORK_DIR, 'a')
-    b_dir = os.path.join(WORK_DIR, 'b')
-
-    # Extract gen files from the previous tarball into work/a/.
-    tweaked_gen_files = [os.path.join(rsync_lastver, fn) for fn in GEN_FILES]
-    cmd_chk(['tar', '-C', WORK_DIR, '-xzf', lasttar_file, *tweaked_gen_files])
-    os.rename(os.path.join(WORK_DIR, rsync_lastver), a_dir)
-
-    # Copy current gen files (built in the top-level checkout) into work/b/.
-    os.makedirs(b_dir)
-    cmd_chk(['rsync', '-a', *GEN_FILES, b_dir + '/'])
-
-    section(f"Creating {diff_file}")
-    sed_script = r's:^((---|\+\+\+) [ab]/[^\t]+)\t.*:\1:'  # no single quotes!
-    cmd_chk(
-        f"(git diff v{lastversion} {v_ver} -- ':!.github'; "
-        f"diff -upN {a_dir} {b_dir} | sed -r '{sed_script}') | gzip -9 >{diff_file}")
-
-    section(f"Creating {srctar_file}")
-    # Reuse work/b/ (which already holds the fresh gen files) as the release
-    # staging dir, then let "git archive" overlay the git-tracked source files
-    # on top.  That way the tarball ends up with both gen files and source.
-    rsync_ver_dir = os.path.join(WORK_DIR, rsync_ver)
-    shutil.rmtree(a_dir)
-    os.rename(b_dir, rsync_ver_dir)
-    cmd_chk(f"git archive --format=tar --prefix={rsync_ver}/ {v_ver} | "
-            f"tar -C {WORK_DIR} -xf -")
-    cmd_chk(f"support/git-set-file-times --quiet --prefix={rsync_ver_dir}/")
-    cmd_chk(['fakeroot', 'tar', '-C', WORK_DIR, '-czf', srctar_file,
-             '--exclude=.github', rsync_ver])
-
-    # Leave staging in place; --step-8-update-ftp does its own thing.
-    print(f"\nCreated:\n  {srctar_file}\n  {diff_file}")
-
-
-# ---------- Step 8: update ftp ----------
-
-def step_8_update_ftp(args):
-    require_top_of_checkout()
-    state = load_state()
-
-    version     = state['version']
-    lastversion = state['lastversion']
-    srcdir      = state['srcdir']
-    srcdiffdir  = state['srcdiffdir']
-
-    rsync_ver     = 'rsync-' + version
-    rsync_lastver = 'rsync-' + lastversion
-    srctar_file   = os.path.join(FTP_DIR, srcdir, f"{rsync_ver}.tar.gz")
-    diff_file     = os.path.join(FTP_DIR, srcdiffdir,
-                                 f"{rsync_lastver}-{version}.diffs.gz")
-
-    section(f"Refreshing top-of-tree files in {FTP_DIR}")
-    md_files = ['README.md', 'NEWS.md', 'INSTALL.md']
-    html_files = [fn for fn in GEN_FILES if fn.endswith('.html')]
-    cmd_chk(['rsync', '-a', *md_files, *html_files, FTP_DIR + '/'])
-    cmd_chk(['./md-convert', '--dest', FTP_DIR, *md_files])
-
-    section(f"Regenerating {FTP_DIR}/ChangeLog.gz")
-    cmd_chk(f"git log --name-status | gzip -9 >{FTP_DIR}/ChangeLog.gz")
-
-    # Prime gpg agent and then sign the tar + diff.
-    section("Priming gpg agent")
-    cmd_run("touch TeMp; gpg --sign TeMp; rm -f TeMp TeMp.gpg")
-
-    for fn in (srctar_file, diff_file):
-        if not os.path.isfile(fn):
-            die(f"Missing file to sign: {fn}.  Did --step-7-tarball run successfully?")
-        asc_fn = fn + '.asc'
-        if os.path.lexists(asc_fn):
-            os.unlink(asc_fn)
-        section(f"GPG-signing {fn}")
-        res = cmd_run(['gpg', '--batch', '-ba', fn])
-        if res.returncode not in (0, 2):
-            die("gpg signing failed.")
-
-
-# ---------- Step 9: top-level hard links ----------
-
-def step_9_toplinks(args):
-    require_top_of_checkout()
-    state = load_state()
-
-    pre = state['pre']
-    if pre:
-        print("Skipping: pre-releases do not get top-level hard links.")
-        return
-
-    version     = state['version']
-    lastversion = state['lastversion']
-    srcdir      = state['srcdir']
-    srcdiffdir  = state['srcdiffdir']
-
-    rsync_ver     = 'rsync-' + version
-    rsync_lastver = 'rsync-' + lastversion
-    srctar_file = os.path.join(FTP_DIR, srcdir, f"{rsync_ver}.tar.gz")
-    diff_file   = os.path.join(FTP_DIR, srcdiffdir,
-                               f"{rsync_lastver}-{version}.diffs.gz")
-
-    section("Removing stale top-level rsync-* files")
-    for find in [f'{FTP_DIR}/rsync-*.gz',
-                 f'{FTP_DIR}/rsync-*.asc',
-                 f'{FTP_DIR}/src-previews/rsync-*diffs.gz*']:
-        for fn in glob.glob(find):
-            os.unlink(fn)
-
-    top_link = [
-        srctar_file, srctar_file + '.asc',
-        diff_file,   diff_file + '.asc',
-    ]
-    for fn in top_link:
-        target = re.sub(r'/src(-\w+)?/', '/', fn)
-        if os.path.lexists(target):
-            os.unlink(target)
-        os.link(fn, target)
-        print(f"  linked {target}")
-
-
-# ---------- Step 10: push ftp ----------
-
-def step_10_push_ftp(args):
-    host = require_samba_host()
-    if not os.path.isdir(FTP_DIR):
-        die(f"{FTP_DIR} does not exist.  Run --step-1-fetch first.")
-    section(f"rsync ftp dir to {host}")
-    rsync_with_confirm(['-aivOHP', '--chown=:rsync', '--del',
-                        f'-f._{os.path.join(FTP_DIR, ".filt")}',
-                        f'{FTP_DIR}/', f'{host}:{FTP_REMOTE_PATH}/'])
-
-
-# ---------- Step 11: push html ----------
-
-def step_11_push_html(args):
-    host = require_samba_host()
-    if not os.path.isdir(HTML_DIR):
-        die(f"{HTML_DIR} does not exist.  Run --step-1-fetch first.")
-    section(f"rsync html dir to {host}")
-    filt = os.path.join(HTML_DIR, 'filt')
-    rsync_with_confirm(['-aivOHP', '--chown=:rsync', '--del',
-                        f'-f._{filt}',
-                        f'{HTML_DIR}/', f'{host}:{HTML_REMOTE_PATH}/'])
-
-
-# ---------- Step 12: print push-git instructions ----------
-
-def step_12_push_git(args):
-    state = load_state()
-    version = state['version']
-    master_branch = state['master_branch']
-    v_ver = 'v' + version
-
-    print(f"""\
-{DASH_LINE}
-Run these from the rsync-git checkout (this script does not push for you):
-
-    git push origin {master_branch}
-    git push origin {v_ver}
-
-If you have a 'samba' remote configured (git.samba.org:/data/git/rsync.git):
-
-    git push samba {master_branch}
-    git push samba {v_ver}
-
-Then upload the tarball + .asc to the GitHub release for {v_ver}, run
-packaging/send-news (when convenient), and announce on rsync-announce@,
-rsync@, and Discord.
-""")
-
-
-# ---------- shared rsync-with-confirm ----------
-
-def rsync_with_confirm(rsync_args):
-    """Run an rsync command in dry-run mode, then ask before running for real."""
-    cmd_run(['rsync', '--dry-run', *rsync_args])
-    if confirm("Run without --dry-run?"):
-        cmd_run(['rsync', *rsync_args])
-
-
-# ---------- dispatch ----------
-
-STEP_FUNCS = {
-    'step-1-fetch':       step_1_fetch,
-    'step-2-prepare':     step_2_prepare,
-    'step-3-tweak':       step_3_tweak,
-    'step-4-build':       step_4_build,
-    'step-5-commit':      step_5_commit,
-    'step-6-tag':         step_6_tag,
-    'step-7-tarball':     step_7_tarball,
-    'step-8-update-ftp':  step_8_update_ftp,
-    'step-9-toplinks':    step_9_toplinks,
-    'step-10-push-ftp':   step_10_push_ftp,
-    'step-11-push-html':  step_11_push_html,
-    'step-12-push-git':   step_12_push_git,
-}
-
-
-def signal_handler(sig, frame):
-    die("\nAborting due to SIGINT.")
-
-
-def main():
-    parser = argparse.ArgumentParser(
-        description="Step-based release script for rsync.",
-        formatter_class=argparse.RawDescriptionHelpFormatter,
-        epilog="Run --list to see the steps.  Each invocation runs exactly one --step-* option.")
-    parser.add_argument('--branch', '-b', dest='master_branch', default='master',
-                        help="The branch to release (default: master).")
-    parser.add_argument('--list', action='store_true',
-                        help="List all release steps and exit.")
-    grp = parser.add_mutually_exclusive_group()
-    for flag, descr in STEPS:
-        grp.add_argument('--' + flag, dest='step', action='store_const',
-                         const=flag, help=descr)
-    args = parser.parse_args()
-
-    if args.list:
-        print("Release steps:")
-        for flag, descr in STEPS:
-            print(f"  --{flag:18s} {descr}")
-        return
-
-    if not args.step:
-        parser.error("pick one --step-N-XX option (or --list to see them).")
-
-    signal.signal(signal.SIGINT, signal_handler)
-    os.environ['LESS'] = 'mqeiXR'
-    STEP_FUNCS[args.step](args)
-
-
-if __name__ == '__main__':
-    main()
-
-# vim: sw=4 et ft=python

packaging/year-tweak

@@ -7,6 +7,9 @@
 import sys, os, re, argparse, subprocess
 from datetime import datetime
 
+MAINTAINER_NAME = 'Wayne Davison'
+MAINTAINER_SUF = ' ' + MAINTAINER_NAME + "\n"
+
 def main():
     latest_year = '2000'
 
@@ -19,6 +22,10 @@ def main():
         m = argparse.Namespace(**m.groupdict())
         if m.year > latest_year:
             latest_year = m.year
+        if m.fn.startswith('zlib/') or m.fn.startswith('popt/'):
+            continue
+        if re.search(r'\.(c|h|sh|test)$', m.fn):
+            maybe_edit_copyright_year(m.fn, m.year)
     proc.communicate()
 
     fn = 'latest-year.h'
@@ -32,8 +39,55 @@ def main():
             fh.write(txt)
 
 
+def maybe_edit_copyright_year(fn, year):
+    opening_lines = [ ]
+    copyright_line = None
+
+    with open(fn, 'r', encoding='utf-8') as fh:
+        for lineno, line in enumerate(fh):
+            opening_lines.append(line)
+            if lineno > 3 and not re.search(r'\S', line):
+                break
+            m = re.match(r'^(?P<pre>.*Copyright\s+\S+\s+)(?P<year>\d\d\d\d(?:-\d\d\d\d)?(,\s+\d\d\d\d)*)(?P<suf>.+)', line)
+            if not m:
+                continue
+            copyright_line = argparse.Namespace(**m.groupdict())
+            copyright_line.lineno = len(opening_lines)
+            copyright_line.is_maintainer_line = MAINTAINER_NAME in copyright_line.suf
+            copyright_line.txt = line
+            if copyright_line.is_maintainer_line:
+                break
+
+        if not copyright_line:
+            return
+
+        if copyright_line.is_maintainer_line:
+            cyears = copyright_line.year.split('-')
+            if year == cyears[0]:
+                cyears = [ year ]
+            else:
+                cyears = [ cyears[0], year ]
+            txt = copyright_line.pre + '-'.join(cyears) + MAINTAINER_SUF
+            if txt == copyright_line.txt:
+                return
+            opening_lines[copyright_line.lineno - 1] = txt
+        else:
+            if fn.startswith('lib/') or fn.startswith('testsuite/'):
+                return
+            txt = copyright_line.pre + year + MAINTAINER_SUF
+            opening_lines[copyright_line.lineno - 1] += txt
+
+        remaining_txt = fh.read()
+
+    print(f"Updating {fn} with year {year}")
+
+    with open(fn, 'w', encoding='utf-8') as fh:
+        fh.write(''.join(opening_lines))
+        fh.write(remaining_txt)
+
+
 if __name__ == '__main__':
-    parser = argparse.ArgumentParser(description="Grab the year of the last mod for our c & h files and make sure the LATEST_YEAR value is accurate.")
+    parser = argparse.ArgumentParser(description="Grab the year of last mod for our c & h files and make sure the Copyright comment is up-to-date.")
     args = parser.parse_args()
     main()
 

popt/findme.c

@@ -0,0 +1,61 @@
+/** \ingroup popt
+ * \file popt/findme.c
+ */
+
+/* (C) 1998-2002 Red Hat, Inc. -- Licensing details are in the COPYING
+   file accompanying popt source distributions, available from 
+   ftp://ftp.rpm.org/pub/rpm/dist. */
+
+#include "system.h"
+#include "findme.h"
+
+const char * findProgramPath(const char * argv0)
+{
+    char * path = getenv("PATH");
+    char * pathbuf;
+    char * start, * chptr;
+    char * buf;
+    size_t bufsize;
+
+    if (argv0 == NULL) return NULL;	/* XXX can't happen */
+    /* If there is a / in the argv[0], it has to be an absolute path */
+    if (strchr(argv0, '/'))
+	return xstrdup(argv0);
+
+    if (path == NULL) return NULL;
+
+    bufsize = strlen(path) + 1;
+    start = pathbuf = malloc(bufsize);
+    if (pathbuf == NULL) return NULL;	/* XXX can't happen */
+    strlcpy(pathbuf, path, bufsize);
+    bufsize += sizeof "/" - 1 + strlen(argv0);
+    buf = malloc(bufsize);
+    if (buf == NULL) {
+	    free(pathbuf);
+	    return NULL;	/* XXX can't happen */
+    }
+
+    chptr = NULL;
+    /*@-branchstate@*/
+    do {
+	if ((chptr = strchr(start, ':')))
+	    *chptr = '\0';
+	snprintf(buf, bufsize, "%s/%s", start, argv0);
+
+	if (!access(buf, X_OK)) {
+	    free(pathbuf);
+	    return buf;
+	}
+
+	if (chptr) 
+	    start = chptr + 1;
+	else
+	    start = NULL;
+    } while (start && *start);
+    /*@=branchstate@*/
+
+    free(pathbuf);
+    free(buf);
+
+    return NULL;
+}

popt/findme.h

@@ -0,0 +1,20 @@
+/** \ingroup popt
+ * \file popt/findme.h
+ */
+
+/* (C) 1998-2000 Red Hat, Inc. -- Licensing details are in the COPYING
+   file accompanying popt source distributions, available from 
+   ftp://ftp.rpm.org/pub/rpm/dist. */
+
+#ifndef H_FINDME
+#define H_FINDME
+
+/**
+ * Return absolute path to executable by searching PATH.
+ * @param argv0		name of executable
+ * @return		(malloc'd) absolute path to executable (or NULL)
+ */
+/*@null@*/ const char * findProgramPath(/*@null@*/ const char * argv0)
+	/*@*/;
+
+#endif

rsync.1.md

@@ -513,7 +513,6 @@ has its own detailed description later in this manpage.
 --compress, -z           compress file data during the transfer
 --compress-choice=STR    choose the compression algorithm (aka --zc)
 --compress-level=NUM     explicitly set compression level (aka --zl)
---compress-threads=NUM   explicitly set compression threads (aka --zt)
 --skip-compress=LIST     skip compressing files with suffix in LIST
 --cvs-exclude, -C        auto-ignore files in the same way CVS does
 --filter=RULE, -f        add a file-filtering RULE
@@ -2818,22 +2817,6 @@ expand it.
     report something like "`Client compress: zstd (level 3)`" (along with the
     checksum choice in effect).
 
-0.  `--compress-threads=NUM`, `--zt=NUM`
-
-    Set the number of threads to spawn when compressing data. Setting this 
-    option to 1 or more will instruct the compression library to spawn 1 or 
-    more threads for compression. Ideally, increasing the number of threads 
-    will increase transfer speed if the transfer is CPU bound on the sender.
-    
-    This option does not affect decompression. 
-
-    Compression algorithms that allow threading:
-
-    - `zstd` (only when libzstd is compiled with threading support)
-
-    This option is ignored if one of the above alogithms is not selected as the
-     `--compression-choice` or if compression not enabled.
-
 0.  `--skip-compress=LIST`
 
     **NOTE:** no compression method currently supports per-file compression

rsyncd.conf.5.md

@@ -1073,16 +1073,6 @@ in the values of parameters.  See that section for details.
     **system()** call's default shell), and use RSYNC_NO_XFER_EXEC to disable
     both options completely.
 
-0.  `temp dir`
-
-    Specifies a directory that rsync should use for temporary files created
-    during the transfer of updated files. If that directory is on a different
-    partition, after transfer file is being copied instead of unlinked. 
-
-    This parameter equals with `--temp-dir` option, so please consult rsync
-    manpage for further information. 
-
-    
 ## CONFIG DIRECTIVES
 
 There are currently two config directives available that allow a config file to

runtests.py

@@ -1,485 +0,0 @@
-#!/usr/bin/env python3
-
-# Copyright (C) 2001, 2002 by Martin Pool <mbp@samba.org>
-# Copyright (C) 2003-2022 Wayne Davison
-# Copyright (C) 2026 Andrew Tridgell
-#
-# Rewrite of runtests.sh in Python (runtests.sh is now deprecated).
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License version
-# 2 as published by the Free Software Foundation.
-
-"""rsync test runner.
-
-Invokes test scripts from testsuite/ and reports results.
-Can be called by 'make check' or directly.
-
-Usage:
-    ./runtests.py [options] [TEST ...]
-
-Each TEST is a test name (e.g. 'delete') or glob pattern (e.g. 'xattr*').
-If no tests are specified, all tests are run.
-"""
-
-import argparse
-import concurrent.futures
-import glob
-import os
-import subprocess
-import sys
-import threading
-
-
-def parse_args():
-    p = argparse.ArgumentParser(description='Run rsync test suite')
-    p.add_argument('tests', nargs='*', metavar='TEST',
-                   help='Test names or patterns to run (default: all)')
-    p.add_argument('-j', '--parallel', type=int, default=1, metavar='N',
-                   help='Run up to N tests in parallel (default: 1)')
-    p.add_argument('--valgrind', action='store_true',
-                   help='Run rsync under valgrind (logs to per-process files)')
-    p.add_argument('--valgrind-opts', default='', metavar='OPTS',
-                   help='Extra valgrind options (e.g. "--leak-check=full")')
-    p.add_argument('--preserve-scratch', action='store_true',
-                   help='Keep scratch directories after tests complete')
-    p.add_argument('--log-level', type=int, default=1, metavar='N',
-                   help='Verbosity level 1-10 (default: 1)')
-    p.add_argument('--always-log', action='store_true',
-                   help='Show test logs even for passing tests')
-    p.add_argument('--stop-on-fail', action='store_true',
-                   help='Stop after first test failure')
-    p.add_argument('--timeout', type=int, default=300, metavar='SECS',
-                   help='Per-test timeout in seconds (default: 300)')
-    p.add_argument('--rsync-bin', default=None, metavar='PATH',
-                   help='Path to rsync binary (default: ./rsync)')
-    p.add_argument('--tooldir', default=None, metavar='DIR',
-                   help='Tool/build directory (default: cwd)')
-    p.add_argument('--srcdir', default=None, metavar='DIR',
-                   help='Source directory (default: script directory)')
-    p.add_argument('--protocol', type=int, default=None, metavar='VER',
-                   help='Force protocol version (adds --protocol=VER to rsync)')
-    p.add_argument('--expect-skipped', default=None, metavar='LIST',
-                   help='Comma-separated list of expected-skipped tests')
-    return p.parse_args()
-
-
-def find_setfacl_nodef(scratchbase):
-    """Determine the setfacl command to remove default ACLs."""
-    for cmd in [
-        ['setacl', '-k', 'u::7,g::5,o:5', scratchbase],
-        ['setfacl', '-k', scratchbase],
-        ['setfacl', '-s', 'u::7,g::5,o:5', scratchbase],
-    ]:
-        try:
-            subprocess.run(cmd, capture_output=True, timeout=5)
-            return cmd[:2] if cmd[0] == 'setacl' else cmd[:2]
-        except (FileNotFoundError, subprocess.TimeoutExpired):
-            continue
-    try:
-        r = subprocess.run(['setfacl', '--help'], capture_output=True, text=True, timeout=5)
-        if '-k,' in r.stdout or '-k,' in r.stderr:
-            return ['setfacl', '-k']
-    except (FileNotFoundError, subprocess.TimeoutExpired):
-        pass
-    return None
-
-
-def get_tls_args(config_h):
-    """Determine TLS_ARGS from config.h."""
-    args = ''
-    try:
-        with open(config_h) as f:
-            text = f.read()
-        if '#define HAVE_LUTIMES 1' in text:
-            args += ' -l'
-        if '#undef CHOWN_MODIFIES_SYMLINK' in text:
-            args += ' -L'
-    except FileNotFoundError:
-        pass
-    return args.strip()
-
-
-def read_shconfig(path):
-    """Read shell config variables from shconfig."""
-    env = {}
-    try:
-        with open(path) as f:
-            for line in f:
-                line = line.strip()
-                if line.startswith('#') or line.startswith('export') or not line:
-                    continue
-                if '=' in line:
-                    k, _, v = line.partition('=')
-                    env[k.strip()] = v.strip().strip('"')
-    except FileNotFoundError:
-        pass
-    return env
-
-
-def get_testuser():
-    """Determine the current test user."""
-    for cmd in ['/usr/bin/whoami', '/usr/ucb/whoami', '/bin/whoami']:
-        if os.path.isfile(cmd):
-            try:
-                return subprocess.check_output([cmd], text=True).strip()
-            except subprocess.CalledProcessError:
-                pass
-    try:
-        return subprocess.check_output(['id', '-un'], text=True).strip()
-    except (FileNotFoundError, subprocess.CalledProcessError):
-        return os.environ.get('LOGNAME', os.environ.get('USER', 'UNKNOWN'))
-
-
-def prep_scratch(scratchdir, srcdir, tooldir, setfacl_nodef):
-    """Prepare a scratch directory for a test."""
-    if os.path.isdir(scratchdir):
-        subprocess.run(['chmod', '-R', 'u+rwX', scratchdir], capture_output=True)
-        subprocess.run(['rm', '-rf', scratchdir], capture_output=True)
-    os.makedirs(scratchdir, exist_ok=True)
-    if setfacl_nodef:
-        subprocess.run(setfacl_nodef + [scratchdir], capture_output=True)
-    try:
-        os.chmod(scratchdir, os.stat(scratchdir).st_mode & ~0o2000)  # clear setgid
-    except OSError:
-        pass
-    src_link = os.path.join(scratchdir, 'src')
-    if not os.path.exists(src_link):
-        if os.path.isabs(srcdir):
-            os.symlink(srcdir, src_link)
-        else:
-            os.symlink(os.path.join(tooldir, srcdir), src_link)
-
-
-def collect_tests(suitedir, patterns):
-    """Collect test scripts matching the given patterns."""
-    if not patterns:
-        tests = sorted(glob.glob(os.path.join(suitedir, '*.test')))
-    else:
-        tests = []
-        for pat in patterns:
-            if not pat.endswith('.test'):
-                pat = pat + '.test'
-            matches = sorted(glob.glob(os.path.join(suitedir, pat)))
-            tests.extend(matches)
-    return tests
-
-
-def build_rsync_cmd(rsync_bin, args, scratchbase):
-    """Build the RSYNC command string for tests."""
-    parts = []
-    if args.valgrind:
-        vlog = os.path.join(scratchbase, 'valgrind.%p.log')
-        vopts = f'--log-file={vlog}'
-        if args.valgrind_opts:
-            vopts += ' ' + args.valgrind_opts
-        parts.append(f'valgrind {vopts}')
-    parts.append(rsync_bin)
-    if args.protocol is not None:
-        parts.append(f'--protocol={args.protocol}')
-    return ' '.join(parts)
-
-
-class TestResult:
-    """Result of a single test execution."""
-    __slots__ = ('testbase', 'result', 'output', 'skipped_reason')
-
-    def __init__(self, testbase, result, output='', skipped_reason=''):
-        self.testbase = testbase
-        self.result = result
-        self.output = output
-        self.skipped_reason = skipped_reason
-
-
-def run_one_test(testscript, testbase, scratchdir, base_env, timeout,
-                 srcdir, tooldir, setfacl_nodef, always_log):
-    """Run a single test. Returns a TestResult.
-
-    This function is safe to call from multiple threads — it uses only
-    per-test state (unique scratchdir, copy of env).
-    """
-    prep_scratch(scratchdir, srcdir, tooldir, setfacl_nodef)
-
-    env = base_env.copy()
-    env['scratchdir'] = scratchdir
-
-    logfile = os.path.join(scratchdir, 'test.log')
-    try:
-        with open(logfile, 'w') as log:
-            proc = subprocess.run(
-                ['sh', '-e', testscript],
-                stdout=log, stderr=subprocess.STDOUT,
-                env=env, timeout=timeout,
-                cwd=env.get('TOOLDIR', '.')
-            )
-        result = proc.returncode
-    except subprocess.TimeoutExpired:
-        result = 1
-        with open(logfile, 'a') as log:
-            log.write(f"\nTIMEOUT: test took over {timeout} seconds\n")
-
-    # Build output text
-    output_parts = []
-
-    show_log = always_log or (result not in (0, 77, 78))
-    if show_log:
-        output_parts.append(f'----- {testbase} log follows')
-        try:
-            with open(logfile) as f:
-                output_parts.append(f.read().rstrip())
-        except FileNotFoundError:
-            pass
-        output_parts.append(f'----- {testbase} log ends')
-        rsyncd_log = os.path.join(scratchdir, 'rsyncd.log')
-        if os.path.isfile(rsyncd_log):
-            output_parts.append(f'----- {testbase} rsyncd.log follows')
-            with open(rsyncd_log) as f:
-                output_parts.append(f.read().rstrip())
-            output_parts.append(f'----- {testbase} rsyncd.log ends')
-
-    skipped_reason = ''
-    if result == 0:
-        output_parts.append(f'PASS    {testbase}')
-    elif result == 77:
-        whyfile = os.path.join(scratchdir, 'whyskipped')
-        try:
-            with open(whyfile) as f:
-                skipped_reason = f.read().strip()
-        except FileNotFoundError:
-            pass
-        output_parts.append(f'SKIP    {testbase} ({skipped_reason})')
-    elif result == 78:
-        output_parts.append(f'XFAIL   {testbase}')
-    else:
-        output_parts.append(f'FAIL    {testbase}')
-
-    return TestResult(testbase, result, '\n'.join(output_parts), skipped_reason)
-
-
-# Lock for serializing output in parallel mode
-_print_lock = threading.Lock()
-
-
-def main():
-    args = parse_args()
-
-    # Also accept legacy environment variables
-    if args.preserve_scratch or os.environ.get('preserve_scratch') == 'yes':
-        args.preserve_scratch = True
-    if args.log_level == 1:
-        args.log_level = int(os.environ.get('loglevel', '1'))
-    if args.expect_skipped is None:
-        args.expect_skipped = os.environ.get('RSYNC_EXPECT_SKIPPED', 'IGNORE')
-    if os.environ.get('whichtests'):
-        args.tests = [os.environ['whichtests']]
-
-    # Determine directories
-    tooldir = args.tooldir or os.environ.get('TOOLDIR') or os.getcwd()
-    script_path = os.path.dirname(os.path.abspath(__file__))
-    srcdir = args.srcdir or script_path
-    if not srcdir or srcdir == '.':
-        srcdir = tooldir
-    rsync_bin = args.rsync_bin or os.environ.get('rsync_bin') or os.path.join(tooldir, 'rsync')
-
-    suitedir = os.path.join(srcdir, 'testsuite')
-    scratchbase = os.path.join(os.environ.get('scratchbase', tooldir), 'testtmp')
-    os.makedirs(scratchbase, exist_ok=True)
-
-    shconfig = read_shconfig(os.path.join(tooldir, 'shconfig'))
-    tls_args = get_tls_args(os.path.join(tooldir, 'config.h'))
-    setfacl_nodef = find_setfacl_nodef(scratchbase)
-    rsync_cmd = build_rsync_cmd(rsync_bin, args, scratchbase)
-
-    if not os.path.isfile(rsync_bin):
-        sys.stderr.write(f"rsync_bin {rsync_bin} is not a file\n")
-        sys.exit(2)
-    if not os.path.isdir(srcdir):
-        sys.stderr.write(f"srcdir {srcdir} is not a directory\n")
-        sys.exit(2)
-
-    # Helper programs the test scripts invoke directly. Missing any of these
-    # would cause many tests to fail with confusing "not found" errors, so
-    # check up front and point the user at the make target that builds them.
-    required_helpers = ['tls', 'trimslash', 't_unsafe', 't_chmod_secure',
-                        't_secure_relpath',
-                        'wildtest', 'getgroups', 'getfsdev']
-    missing = [h for h in required_helpers
-               if not os.path.isfile(os.path.join(tooldir, h))]
-    if missing:
-        sys.stderr.write(
-            f"runtests.py: missing test helper program(s) in {tooldir}: "
-            f"{', '.join(missing)}\n"
-            f"Build them with: make {' '.join(missing)}\n"
-            f"or run the full test target: make check\n"
-        )
-        sys.exit(2)
-
-    testuser = get_testuser()
-
-    # Print header
-    print('=' * 60)
-    print(f'{sys.argv[0]} running in {tooldir}')
-    print(f'    rsync_bin={rsync_cmd}')
-    print(f'    srcdir={srcdir}')
-    print(f'    TLS_ARGS={tls_args}')
-    print(f'    testuser={testuser}')
-    print(f'    os={subprocess.check_output(["uname", "-a"], text=True).strip()}')
-    print(f'    preserve_scratch={"yes" if args.preserve_scratch else "no"}')
-    if args.valgrind:
-        print(f'    valgrind=enabled (logs in valgrind.*.log)')
-    if args.parallel > 1:
-        print(f'    parallel={args.parallel}')
-    print(f'    scratchbase={scratchbase}')
-
-    # Build base environment for test scripts
-    path = os.environ.get('PATH', '')
-    if os.path.isdir('/usr/xpg4/bin'):
-        path = '/usr/xpg4/bin:' + path
-
-    base_env = os.environ.copy()
-    base_env.update({
-        'PATH': path,
-        'POSIXLY_CORRECT': '1',
-        'TOOLDIR': tooldir,
-        'srcdir': srcdir,
-        'RSYNC': rsync_cmd,
-        'TLS_ARGS': tls_args,
-        'RUNSHFLAGS': '-e',
-        'scratchbase': scratchbase,
-        'suitedir': suitedir,
-        'TESTRUN_TIMEOUT': str(args.timeout),
-        'HOME': scratchbase,
-    })
-    for k, v in shconfig.items():
-        if v:
-            base_env[k] = v
-    if setfacl_nodef:
-        base_env['setfacl_nodef'] = ' '.join(setfacl_nodef)
-    else:
-        base_env['setfacl_nodef'] = 'true'
-    if args.log_level > 8:
-        base_env['RUNSHFLAGS'] = '-e -x'
-
-    # Collect tests
-    tests = collect_tests(suitedir, args.tests)
-    full_run = len(args.tests) == 0
-
-    # Record test order for consistent skipped-list output
-    test_order = {os.path.basename(t).replace('.test', ''): i for i, t in enumerate(tests)}
-
-    passed = 0
-    failed = 0
-    skipped = 0
-    skipped_list = []
-
-    def process_result(tr):
-        """Process a TestResult and update counters. Returns True if test failed."""
-        nonlocal passed, failed, skipped
-        with _print_lock:
-            if tr.output:
-                print(tr.output)
-        scratchdir = os.path.join(scratchbase, tr.testbase)
-        if tr.result == 0:
-            passed += 1
-            if not args.preserve_scratch and os.path.isdir(scratchdir):
-                subprocess.run(['rm', '-rf', scratchdir], capture_output=True)
-            return False
-        elif tr.result == 77:
-            skipped_list.append(tr.testbase)
-            skipped += 1
-            if not args.preserve_scratch and os.path.isdir(scratchdir):
-                subprocess.run(['rm', '-rf', scratchdir], capture_output=True)
-            return False
-        elif tr.result == 78:
-            failed += 1
-            return True
-        else:
-            failed += 1
-            return True
-
-    if args.parallel > 1:
-        # Parallel execution
-        with concurrent.futures.ThreadPoolExecutor(max_workers=args.parallel) as executor:
-            futures = {}
-            for testscript in tests:
-                testbase = os.path.basename(testscript).replace('.test', '')
-                scratchdir = os.path.join(scratchbase, testbase)
-                timeout = 600 if 'hardlinks' in testbase else args.timeout
-                f = executor.submit(
-                    run_one_test, testscript, testbase, scratchdir,
-                    base_env, timeout, srcdir, tooldir, setfacl_nodef,
-                    args.always_log
-                )
-                futures[f] = testbase
-
-            for f in concurrent.futures.as_completed(futures):
-                tr = f.result()
-                is_fail = process_result(tr)
-                if is_fail and args.stop_on_fail:
-                    # Cancel pending futures
-                    for pending in futures:
-                        pending.cancel()
-                    break
-    else:
-        # Sequential execution
-        for testscript in tests:
-            testbase = os.path.basename(testscript).replace('.test', '')
-            scratchdir = os.path.join(scratchbase, testbase)
-            timeout = 600 if 'hardlinks' in testbase else args.timeout
-            tr = run_one_test(
-                testscript, testbase, scratchdir,
-                base_env, timeout, srcdir, tooldir, setfacl_nodef,
-                args.always_log
-            )
-            is_fail = process_result(tr)
-            if is_fail and args.stop_on_fail:
-                break
-
-    # Check valgrind logs for errors
-    vg_errors = 0
-    if args.valgrind:
-        for vlog in sorted(glob.glob(os.path.join(scratchbase, 'valgrind.*.log'))):
-            try:
-                with open(vlog) as f:
-                    content = f.read()
-                for line in content.splitlines():
-                    if 'ERROR SUMMARY:' in line and 'ERROR SUMMARY: 0 errors' not in line:
-                        vg_errors += 1
-                        print(f'----- valgrind errors in {os.path.basename(vlog)}:')
-                        print(content)
-                        break
-            except FileNotFoundError:
-                pass
-
-    # Summary
-    print('-' * 60)
-    print('----- overall results:')
-    print(f'      {passed} passed')
-    if failed > 0:
-        print(f'      {failed} failed')
-    if skipped > 0:
-        print(f'      {skipped} skipped')
-    if vg_errors > 0:
-        print(f'      {vg_errors} valgrind error(s) found (see logs in {scratchbase})')
-
-    skipped_str = ','.join(sorted(skipped_list, key=lambda x: test_order.get(x, 0)))
-    if full_run and args.expect_skipped != 'IGNORE':
-        print('----- skipped results:')
-        print(f'      expected: {args.expect_skipped}')
-        print(f'      got:      {skipped_str}')
-    else:
-        skipped_str = ''
-        args.expect_skipped = ''
-
-    print('-' * 60)
-
-    exit_code = failed + vg_errors
-    if exit_code == 0 and skipped_str != args.expect_skipped:
-        exit_code = 1
-
-    print(f'overall result is {exit_code}')
-    sys.exit(exit_code)
-
-
-if __name__ == '__main__':
-    main()

runtests.sh

@@ -0,0 +1,360 @@
+#! /bin/sh
+
+# Copyright (C) 2001, 2002 by Martin Pool <mbp@samba.org>
+# Copyright (C) 2003-2022 Wayne Davison
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version
+# 2 as published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+# -------------------------------------------------------------------------
+
+# rsync top-level test script -- this invokes all the other more
+# detailed tests in order.  This script can either be called by `make
+# check' or `make installcheck'.  `check' runs against the copies of
+# the program and other files in the build directory, and
+# `installcheck' against the installed copy of the program.
+
+# It can also be called on a single test file using a run like this:
+#
+#  preserve_scratch=yes whichtests=itemize.test ./runtests.sh
+
+# In either case we need to also be able to find the source directory,
+# since we read test scripts and possibly other information from
+# there.
+
+# Whenever possible, informational messages are written to stdout and
+# error messages to stderr.  They're separated out by the build farm
+# display scripts.
+
+# According to the GNU autoconf manual, the only valid place to set up
+# directory locations is through Make, since users are allowed to (try
+# to) change their mind on the Make command line.  So, Make has to
+# pass in all the values we need.
+
+# For other configured settings we read ./config.sh, which tells us
+# about shell commands on this machine and similar things.
+
+# rsync_bin gives the location of the rsync binary.  This is either
+# builddir/rsync if we're testing an uninstalled copy, or
+# install_prefix/bin/rsync if we're testing an installed copy.  On the
+# build farm rsync will be installed, but into a scratch /usr.
+
+# srcdir gives the location of the source tree, which lets us find the
+# build scripts.  At the moment we assume we are invoked from the
+# source directory.
+
+# This script must be invoked from the build directory.
+
+# A scratch directory, 'testtmp', is used in the build directory to
+# hold per-test subdirectories.
+
+# This script also uses the $loglevel environment variable.  1 is the
+# default value, and 10 the most verbose.  You can set this from the
+# Make command line.  It's also set by the build farm to give more
+# detail for failing builds.
+
+# -------------------------------------------------------------------------
+
+# NOTES FOR TEST CASES:
+
+# Each test case runs in its own shell.
+
+# Exit codes from tests:
+
+#    1  tests failed
+#    2  error in starting tests
+#   77  this test skipped (random value unlikely to happen by chance, same as
+#       automake)
+
+# HOWEVER, the overall exit code to the farm is different: we return
+# the *number of tests that failed*, so that it will show up nicely in
+# the overall summary.
+
+# rsync.fns contains some general setup functions and definitions.
+
+# -------------------------------------------------------------------------
+
+# NOTES ON PORTABILITY:
+
+# Both this script and the Makefile have to be pretty conservative
+# about which Unix features they use.
+
+# We cannot count on Make exporting variables to commands, unless
+# they're explicitly given on the command line.
+
+# Also, we can't count on 'cp -a' or 'mkdir -p', although they're
+# pretty handy (see function makepath for the latter).
+
+# I think some of the GNU documentation suggests that we shouldn't
+# rely on shell functions.  However, the Bash manual seems to say that
+# they're in POSIX 1003.2, and since the build farm relies on them
+# they're probably working on most machines we really care about.
+
+# You cannot use "function foo {" syntax, but must instead say "foo()
+# {", or it breaks on FreeBSD.
+
+# BSD machines tend not to have "head" or "seq".
+
+# You cannot do "export VAR=VALUE" all on one line; the export must be
+# separate from the assignment.  (SCO SysV)
+
+# Don't rely on grep -q, as that doesn't work everywhere -- just redirect
+# stdout to /dev/null to keep it quiet.
+
+# -------------------------------------------------------------------------
+
+# STILL TO DO:
+
+# We need a good protection against tests that hang indefinitely.
+# Perhaps some combination of starting them in the background, wait,
+# and kill?
+
+# Perhaps we need a common way to cleanup tests.  At the moment just
+# clobbering the directory when we're done should be enough.
+
+# If any of the targets fail, then (GNU?) Make returns 2, instead of
+# the return code from the failing command.  This is fine, but it
+# means that the build farm just shows "2" for failed tests, not the
+# number of tests that actually failed.  For more details we might
+# need to grovel through the log files to find a line saying how many
+# failed.
+
+
+set -e
+
+. "./shconfig"
+
+RUNSHFLAGS='-e'
+export RUNSHFLAGS
+
+# for Solaris
+if [ -d /usr/xpg4/bin ]; then
+    PATH="/usr/xpg4/bin/:$PATH"
+    export PATH
+fi
+
+if [ "x$loglevel" != x ] && [ "$loglevel" -gt 8 ]; then
+    if set -x; then
+	# If it doesn't work the first time, don't keep trying.
+	RUNSHFLAGS="$RUNSHFLAGS -x"
+    fi
+fi
+
+POSIXLY_CORRECT=1
+if test x"$TOOLDIR" = x; then
+    TOOLDIR=`pwd`
+fi
+srcdir=`dirname $0`
+if test x"$srcdir" = x || test x"$srcdir" = x.; then
+    srcdir="$TOOLDIR"
+fi
+if test x"$rsync_bin" = x; then
+    rsync_bin="$TOOLDIR/rsync"
+fi
+
+# This allows the user to specify extra rsync options -- use carefully!
+RSYNC="$rsync_bin $*"
+#RSYNC="valgrind $rsync_bin $*"
+
+TLS_ARGS=''
+if grep -E '^#define HAVE_LUTIMES 1' config.h >/dev/null; then
+    TLS_ARGS="$TLS_ARGS -l"
+fi
+if grep -E '#undef CHOWN_MODIFIES_SYMLINK' config.h >/dev/null; then
+    TLS_ARGS="$TLS_ARGS -L"
+fi
+
+export POSIXLY_CORRECT TOOLDIR srcdir RSYNC TLS_ARGS
+
+echo "============================================================"
+echo "$0 running in $TOOLDIR"
+echo "    rsync_bin=$RSYNC"
+echo "    srcdir=$srcdir"
+echo "    TLS_ARGS=$TLS_ARGS"
+
+if [ -f /usr/bin/whoami ]; then
+    testuser=`/usr/bin/whoami`
+elif [ -f /usr/ucb/whoami ]; then
+    testuser=`/usr/ucb/whoami`
+elif [ -f /bin/whoami ]; then
+    testuser=`/bin/whoami`
+else
+    testuser=`id -un 2>/dev/null || echo ${LOGNAME:-${USERNAME:-${USER:-'UNKNOWN'}}}`
+fi
+
+echo "    testuser=$testuser"
+echo "    os=`uname -a`"
+
+# It must be "yes", not just nonnull
+if [ "x$preserve_scratch" = xyes ]; then
+    echo "    preserve_scratch=yes"
+else
+    echo "    preserve_scratch=no"
+fi
+
+# Check if setacl/setfacl is around and if it supports the -k or -s option.
+if setacl -k u::7,g::5,o:5 testsuite 2>/dev/null; then
+    setfacl_nodef='setacl -k'
+elif setfacl --help 2>&1 | grep ' -k,\|\[-[a-z]*k' >/dev/null; then
+    setfacl_nodef='setfacl -k'
+elif setfacl -s u::7,g::5,o:5 testsuite 2>/dev/null; then
+    setfacl_nodef='setfacl -s u::7,g::5,o:5'
+else
+    # The "true" command runs successfully, but does nothing.
+    setfacl_nodef=true
+fi
+
+export setfacl_nodef
+
+if [ ! -f "$rsync_bin" ]; then
+    echo "rsync_bin $rsync_bin is not a file" >&2
+    exit 2
+fi
+
+if [ ! -d "$srcdir" ]; then
+    echo "srcdir $srcdir is not a directory" >&2
+    exit 2
+fi
+
+expect_skipped="${RSYNC_EXPECT_SKIPPED-IGNORE}"
+skipped_list=''
+skipped=0
+missing=0
+passed=0
+failed=0
+
+# Directory that holds the other test subdirs.  We create separate dirs
+# inside for each test case, so that they can be left behind in case of
+# failure to aid investigation.  We don't remove the testtmp subdir at
+# the end so that it can be configured as a symlink to a filesystem that
+# has ACLs and xattr support enabled (if desired).
+scratchbase="${scratchbase:-$TOOLDIR}"/testtmp
+echo "    scratchbase=$scratchbase"
+[ -d "$scratchbase" ] || mkdir "$scratchbase"
+
+suitedir="$srcdir/testsuite"
+TESTRUN_TIMEOUT=300
+
+export scratchdir suitedir TESTRUN_TIMEOUT
+
+prep_scratch() {
+    [ -d "$scratchdir" ] && chmod -R u+rwX "$scratchdir" && rm -rf "$scratchdir"
+    mkdir "$scratchdir"
+    # Get rid of default ACLs and dir-setgid to avoid confusing some tests.
+    $setfacl_nodef "$scratchdir" 2>/dev/null || true
+    chmod g-s "$scratchdir"
+    case "$srcdir" in
+    /*) ln -s "$srcdir" "$scratchdir/src" ;;
+    *)  ln -s "$TOOLDIR/$srcdir" "$scratchdir/src" ;;
+    esac
+    return 0
+}
+
+maybe_discard_scratch() {
+    [ x"$preserve_scratch" != xyes ] && [ -d "$scratchdir" ] && rm -rf "$scratchdir"
+    return 0
+}
+
+if [ "x$whichtests" = x ]; then
+    whichtests="*.test"
+    full_run=yes
+else
+    full_run=no
+fi
+
+for testscript in $suitedir/$whichtests; do
+    testbase=`echo $testscript | sed -e 's!.*/!!' -e 's/.test\$//'`
+    scratchdir="$scratchbase/$testbase"
+
+    prep_scratch
+
+    case "$testscript" in
+    *hardlinks*) TESTRUN_TIMEOUT=600 ;;
+    *) TESTRUN_TIMEOUT=300 ;;
+    esac
+
+    set +e
+    "$TOOLDIR/"testrun $RUNSHFLAGS "$testscript" >"$scratchdir/test.log" 2>&1
+    result=$?
+    set -e
+
+    if [ "x$always_log" = xyes ] || ( [ $result != 0 ] && [ $result != 77 ] && [ $result != 78 ] )
+    then
+	echo "----- $testbase log follows"
+	cat "$scratchdir/test.log"
+	echo "----- $testbase log ends"
+	if [ -f "$scratchdir/rsyncd.log" ]; then
+	    echo "----- $testbase rsyncd.log follows"
+	    cat "$scratchdir/rsyncd.log"
+	    echo "----- $testbase rsyncd.log ends"
+	fi
+    fi
+
+    case $result in
+    0)
+	echo "PASS    $testbase"
+	passed=`expr $passed + 1`
+	maybe_discard_scratch
+	;;
+    77)
+	# backticks will fill the whole file onto one line, which is a feature
+	whyskipped=`cat "$scratchdir/whyskipped"`
+	echo "SKIP    $testbase ($whyskipped)"
+	skipped_list="$skipped_list,$testbase"
+	skipped=`expr $skipped + 1`
+	maybe_discard_scratch
+	;;
+    78)
+        # It failed, but we expected that.  don't dump out error logs,
+	# because most users won't want to see them.  But do leave
+	# the working directory around.
+	echo "XFAIL   $testbase"
+	failed=`expr $failed + 1`
+	;;
+    *)
+	echo "FAIL    $testbase"
+	failed=`expr $failed + 1`
+	if [ "x$nopersist" = xyes ]; then
+	    exit 1
+	fi
+    esac
+done
+
+echo '------------------------------------------------------------'
+echo "----- overall results:"
+echo "      $passed passed"
+[ "$failed" -gt 0 ]  && echo "      $failed failed"
+[ "$skipped" -gt 0 ] && echo "      $skipped skipped"
+[ "$missing" -gt 0 ] && echo "      $missing missing"
+if [ "$full_run" = yes ] && [ "$expect_skipped" != IGNORE ]; then
+    skipped_list=`echo "$skipped_list" | sed 's/^,//'`
+    echo "----- skipped results:"
+    echo "      expected: $expect_skipped"
+    echo "      got:      $skipped_list"
+else
+    skipped_list=''
+    expect_skipped=''
+fi
+echo '------------------------------------------------------------'
+
+# OK, so expr exits with 0 if the result is neither null nor zero; and
+# 1 if the expression is null or zero.  This is the opposite of what
+# we want, and if we just call expr then this script will always fail,
+# because -e is set.
+
+result=`expr $failed + $missing || true`
+if [ "$result" = 0 ] && [ "$skipped_list" != "$expect_skipped" ]; then
+    result=1
+fi
+echo "overall result is $result"
+exit $result

support/git-set-file-times

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 
 import os, re, argparse, subprocess
-from datetime import datetime, UTC
+from datetime import datetime
 
 NULL_COMMIT_RE = re.compile(r'\0\0commit [a-f0-9]{40}$|\0$')
 
@@ -74,7 +74,7 @@ def print_line(fn, mtime, commit_time):
     if args.list > 1:
         ts = str(commit_time).rjust(10)
     else:
-        ts = datetime.fromtimestamp(commit_time, UTC).strftime("%Y-%m-%d %H:%M:%S")
+        ts = datetime.utcfromtimestamp(commit_time).strftime("%Y-%m-%d %H:%M:%S")
     chg = '.' if mtime == commit_time else '*'
     print(chg, ts, fn)
 

support/rrsync

@@ -46,7 +46,6 @@ long_opts = {
   'compare-dest': 2,
   'compress-choice': 1,
   'compress-level': 1,
-  'compress-threads': 1,
   'copy-dest': 2,
   'copy-devices': -1,
   'copy-unsafe-links': 0,
@@ -60,7 +59,6 @@ long_opts = {
   'delete-during': 0,
   'delete-excluded': 0,
   'delete-missing-args': 0,
-  'dirs': 0,
   'existing': 0,
   'fake-super': 0,
   'files-from': 3,
@@ -302,7 +300,6 @@ def validated_arg(opt, arg, typ=3, wild=False):
     if arg.startswith('./'):
         arg = arg[1:]
     arg = arg.replace('//', '/')
-    arg = arg.lstrip('/')
     if args.dir != '/':
         if HAS_DOT_DOT_RE.search(arg):
             die("do not use .. in", opt, "(anchor the path at the root of your restricted dir)")

support/rsync-no-vanished

@@ -2,7 +2,7 @@
 
 REAL_RSYNC=/usr/bin/rsync
 IGNOREEXIT=24
-IGNOREOUT='^((file|directory) has vanished: |rsync warning: some files vanished before they could be transferred)'
+IGNOREOUT='^(file has vanished: |rsync warning: some files vanished before they could be transferred)'
 
 # If someone installs this as "rsync", make sure we don't affect a server run.
 for arg in "${@}"; do

syscall.c

@@ -1610,11 +1610,6 @@ int do_open_nofollow(const char *pathname, int flags)
 #endif
 	}
 
-#ifdef O_NOATIME
-	if (open_noatime)
-		flags |= O_NOATIME;
-#endif
-
 #ifdef O_NOFOLLOW
 	fd = open(pathname, flags|O_NOFOLLOW);
 #else

testsuite/clean-fname-underflow.test

@@ -2,26 +2,67 @@
 # clean-fname-underflow.test
 # Ensure clean_fname() does not read-before-buffer when collapsing "..".
 # This exercises the --server path where a crafted merge filename hits clean_fname().
+#
+# Usage:
+#   ./configure && make
+#   make check TESTS='clean-fname-underflow.test'
 
-. "$suitedir/rsync.fns"
+set -eu
 
-workdir="$scratchdir/workdir"
-mkdir -p "$workdir/mod"
+# Try to find the just-built rsync binary if RSYNC_BIN isn't set.
+if [ -z "${RSYNC_BIN:-}" ]; then
+  if [ -x "./rsync" ]; then
+    RSYNC_BIN=./rsync
+  elif [ -x "../rsync" ]; then
+    RSYNC_BIN=../rsync
+  else
+    RSYNC_BIN=rsync
+  fi
+fi
+
+workdir="${TMPDIR:-/tmp}/rsync-clean-fname.$$"
+mkdir -p "$workdir"
+# Solaris's rm refuses to delete a directory in the path of the cwd,
+# so cd out before the trap runs.
+trap 'cd /; rm -rf "$workdir"' EXIT INT TERM
 cd "$workdir"
 
-rsync_bin=`echo $RSYNC | sed 's/ .*//'`
+# Minimal rsyncd.conf using chroot so the crafted path reaches the server parser.
+cat > rsyncd.conf <<'EOF'
+pid file = rsyncd.pid
+use chroot = true
+[mod]
+    path = ./mod
+    read only = false
+EOF
+mkdir -p mod
+
+# Start daemon on a random high port.
+PORT=$(awk 'BEGIN{srand(); printf "%d", 20000+int(rand()*20000)}')
+"$RSYNC_BIN" --daemon --no-detach --config=rsyncd.conf --port="$PORT" >/dev/null 2>&1 &
+DAEMON_PID=$!
+# Give the daemon a moment to come up.
+sleep 0.3
 
 # Invoke the server-side path. We don't need a real transfer; we just want to
 # ensure clean_fname() doesn't crash when given "a/../test" via --filter=merge.
-if $rsync_bin --server --sender -vlr --filter='merge a/../test' . mod/ >/dev/null 2>&1; then
-  : # success
+EXIT_OK=0
+if "$RSYNC_BIN"     --server --sender -vlr     --filter='merge a/../test'     . mod/  >/dev/null 2>&1; then
+  EXIT_OK=1
 else
   status=$?
   # Non-zero exit is expected for bogus input; ensure it wasn't a signal/crash.
-  if [ $status -ge 128 ]; then
-    test_fail "rsync exited due to a signal (status=$status)"
+  if [ $status -lt 128 ]; then
+    EXIT_OK=1
   fi
 fi
 
+kill "$DAEMON_PID" >/dev/null 2>&1 || true
+
+if [ "$EXIT_OK" -ne 1 ]; then
+  echo "clean-fname-underflow.test: rsync exited due to a signal or unexpected status"
+  exit 1
+fi
+
 echo "OK: clean_fname() handled 'a/../test' without crashing"
 exit 0

testsuite/longdir.test

@@ -16,9 +16,9 @@ makepath "$longdir" || test_skipped "unable to create long directory"
 touch "$longdir/1" || test_skipped "unable to create files in long directory"
 date > "$longdir/1"
 if [ -r /etc ]; then
-    ls -la /etc >"$longdir/2" || [ $? -eq 1 ]
+    ls -la /etc >"$longdir/2"
 else
-    ls -la / >"$longdir/2" || [ $? -eq 1 ]
+    ls -la / >"$longdir/2"
 fi
 checkit "$RSYNC --delete -avH '$fromdir/' '$todir'" "$fromdir/" "$todir"
 

testsuite/open-noatime.test

@@ -1,32 +0,0 @@
-#!/bin/sh
-
-# Test rsync --open-noatime option keeps source atimes intact
-
-. "$suitedir/rsync.fns"
-
-$RSYNC -VV | grep '"atimes": true' >/dev/null || test_skipped "Rsync is configured without atimes support"
-
-# O_NOATIME is Linux-specific; skip on other platforms
-case `uname` in
-Linux) ;;
-*) test_skipped "O_NOATIME is only supported on Linux" ;;
-esac
-
-mkdir "$fromdir"
-
-# --open-noatime did not work properly on files with size > 0
-echo content > "$fromdir/foo"
-touch -a -t 200102031717.42 "$fromdir/foo"
-
-TLS_ARGS=--atimes
-
-"$TOOLDIR/tls" $TLS_ARGS "$fromdir/foo" > "$tmpdir/atime-from-before"
-
-# Do not use checkit because it uses "diff" which breaks atimes
-$RSYNC --open-noatime --archive --recursive --times --atimes -vvv "$fromdir/" "$todir/"
-
-"$TOOLDIR/tls" $TLS_ARGS "$fromdir/foo" > "$tmpdir/atime-from-after"
-diff "$tmpdir/atime-from-before" "$tmpdir/atime-from-after"
-
-# The script would have aborted on error, so getting here means we've won.
-exit 0

testsuite/protected-regular.test

@@ -10,28 +10,22 @@
 . "$suitedir/rsync.fns"
 
 test -f /proc/sys/fs/protected_regular || test_skipped "Can't find protected_regular setting (only available on Linux)"
-pr_lvl=`cat /proc/sys/fs/protected_regular 2>/dev/null` || test_skipped "Can't check if fs.protected_regular is enabled"
+pr_lvl=`cat /proc/sys/fs/protected_regular 2>/dev/null` || test_skipped "Can't check if fs.protected_regular is enabled (probably need root)"
 test "$pr_lvl" != 0 || test_skipped "fs.protected_regular is not enabled"
 
 workdir="$tmpdir/files"
-mkdir -p "$workdir"
+mkdir "$workdir"
 chmod 1777 "$workdir"
 
 echo "Source" > "$workdir/src"
 echo ""       > "$workdir/dst"
+chown 5001 "$workdir/dst" || test_skipped "Can't chown (probably need root)"
 
-if ! chown 5001 "$workdir/dst" 2>/dev/null; then
-    # Not root - try re-running under unshare with UID mapping
-    if [ -z "$RSYNC_UNSHARED" ] && unshare --user --map-root-user --map-users 5001:100000:1 true 2>/dev/null; then
-	echo "Re-running under unshare with UID mapping..."
-	RSYNC_UNSHARED=1 exec unshare --user --map-root-user --map-users 5001:100000:1 "$SHELL_PATH" $RUNSHFLAGS "$0"
-    fi
-    test_skipped "Can't chown (need root or unshare with uidmap)"
-fi
-
+# Output is only shown in case of an error
 echo "Contents of $workdir:"
 ls -al "$workdir"
 
 $RSYNC --inplace "$workdir/src" "$workdir/dst" || test_fail
 
+# The script would have aborted on error, so getting here means we've won.
 exit 0

testsuite/rsync.fns

@@ -97,7 +97,7 @@ printmsg() {
 }
 
 rsync_ls_lR() {
-    find "$@" -name .git -prune -o -name auto-build-save -prune -o -name testtmp -prune -o -print | \
+    find "$@" -name .git -prune -o -name auto-build-save -prune -o -print | \
 	sort | sed 's/ /\\ /g' | xargs "$TOOLDIR/tls" $TLS_ARGS
 }
 
@@ -195,15 +195,15 @@ hands_setup() {
     echo some data > "$fromdir/dir/subdir/foobar.baz"
     mkdir "$fromdir/dir/subdir/subsubdir"
     if [ -r /etc ]; then
-	ls -ltr /etc > "$fromdir/dir/subdir/subsubdir/etc-ltr-list" || [ $? -eq 1 ]
+	ls -ltr /etc > "$fromdir/dir/subdir/subsubdir/etc-ltr-list"
     else
-	ls -ltr / > "$fromdir/dir/subdir/subsubdir/etc-ltr-list" || [ $? -eq 1 ]
+	ls -ltr / > "$fromdir/dir/subdir/subsubdir/etc-ltr-list"
     fi
     mkdir "$fromdir/dir/subdir/subsubdir2"
     if [ -r /bin ]; then
-	ls -lt /bin > "$fromdir/dir/subdir/subsubdir2/bin-lt-list" || [ $? -eq 1 ]
+	ls -lt /bin > "$fromdir/dir/subdir/subsubdir2/bin-lt-list"
     else
-	ls -lt / > "$fromdir/dir/subdir/subsubdir2/bin-lt-list" || [ $? -eq 1 ]
+	ls -lt / > "$fromdir/dir/subdir/subsubdir2/bin-lt-list"
     fi
 
 #      echo testing head:

testsuite/ssh-basic.test

@@ -6,7 +6,7 @@
 # This program is distributable under the terms of the GNU GPL (see
 # COPYING)
 
-# This script tests ssh, if possible.  It's called by runtests.py
+# This script tests ssh, if possible.  It's called by runtests.sh
 
 . "$suitedir/rsync.fns"
 

tls.c

@@ -230,7 +230,7 @@ static void list_file(const char *fname)
 	       mtimebuf, atimebuf, crtimebuf, fname, linkbuf);
 }
 
-static const struct poptOption long_options[] = {
+static struct poptOption long_options[] = {
   /* longName, shortName, argInfo, argPtr, value, descrip, argDesc */
   {"atimes",          'U', POPT_ARG_NONE,   &display_atimes, 0, 0, 0},
 #ifdef SUPPORT_CRTIMES

token.c

@@ -33,7 +33,6 @@ extern int do_compression;
 extern int protocol_version;
 extern int module_id;
 extern int do_compression_level;
-extern int do_compression_threads;
 extern char *skip_compress;
 
 #ifndef Z_INSERT_ONLY
@@ -731,8 +730,6 @@ static void send_zstd_token(int f, int32 token, struct map_struct *buf, OFF_T of
 		obuf = new_array(char, OBUF_SIZE);
 
 		ZSTD_CCtx_setParameter(zstd_cctx, ZSTD_c_compressionLevel, do_compression_level);
-		ZSTD_CCtx_setParameter(zstd_cctx, ZSTD_c_nbWorkers, do_compression_threads);
-
 		zstd_out_buff.dst = obuf + 2;
 
 		comp_init_done = 1;
@@ -770,11 +767,12 @@ static void send_zstd_token(int f, int32 token, struct map_struct *buf, OFF_T of
 		zstd_in_buff.src = map_ptr(buf, offset, nb);
 		zstd_in_buff.size = nb;
 		zstd_in_buff.pos = 0;
-		
-		int finished;
+
 		do {
-			zstd_out_buff.size = MAX_DATA_COUNT;
-			zstd_out_buff.pos = 0;
+			if (zstd_out_buff.size == 0) {
+				zstd_out_buff.size = MAX_DATA_COUNT;
+				zstd_out_buff.pos = 0;
+			}
 
 			/* File ended, flush */
 			if (token != -2)
@@ -792,21 +790,20 @@ static void send_zstd_token(int f, int32 token, struct map_struct *buf, OFF_T of
 			 * state and send a smaller buffer so that the remote side can
 			 * finish the file.
 			 */
-			finished = (flush == ZSTD_e_flush) ? (r == 0) : (zstd_in_buff.pos == zstd_in_buff.size);
-
-			if (zstd_out_buff.pos != 0) {
+			if (zstd_out_buff.pos == zstd_out_buff.size || flush == ZSTD_e_flush) {
 				n = zstd_out_buff.pos;
 
 				obuf[0] = DEFLATED_DATA + (n >> 8);
 				obuf[1] = n;
 				write_buf(f, obuf, n+2);
+
+				zstd_out_buff.size = 0;
 			}
 			/*
 			 * Loop while the input buffer isn't full consumed or the
 			 * internal state isn't fully flushed.
 			 */
-		} while (!finished);
-
+		} while (zstd_in_buff.pos < zstd_in_buff.size || r > 0);
 		flush_pending = token == -2;
 	}
 

version.h

@@ -1,2 +1,2 @@
-#define RSYNC_VERSION "3.4.3"
-#define MAINTAINER_TZ_OFFSET 10.0
+#define RSYNC_VERSION "3.4.1"
+#define MAINTAINER_TZ_OFFSET -7.0

wildtest.c

@@ -42,7 +42,7 @@ int empties_mod = 0;
 int empty_at_start = 0;
 int empty_at_end = 0;
 
-static const struct poptOption long_options[] = {
+static struct poptOption long_options[] = {
   /* longName, shortName, argInfo, argPtr, value, descrip, argDesc */
   {"iterations",     'i', POPT_ARG_NONE,   &output_iterations, 0, 0, 0},
   {"empties",        'e', POPT_ARG_STRING, 0, 'e', 0, 0},