From ee17c1a2b4945f6ef31c295a5ef63a13b60a094e Mon Sep 17 00:00:00 2001
From: Axel Burri <axel@tty0.ch>
Date: Mon, 21 Aug 2017 14:39:40 +0200
Subject: [PATCH] ssh_filter_btrbk: accept mbuffer command (stream_compress)

---
 ChangeLog              |  1 +
 doc/ssh_filter_btrbk.1 |  6 +++---
 ssh_filter_btrbk.sh    | 11 +++++++++--
 3 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 0fe77a1..9ed09a5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,7 @@ btrbk-current
     line option (which is now deprecated).
   * Add "snapshot" command (close #150).
   * Add "--preserve-snapshots" and "--preserve-backups" options.
+  * Bugfix: ssh_filter_btrbk: accept mbuffer command (stream_buffer).
 
 btrbk-0.25.1
 
diff --git a/doc/ssh_filter_btrbk.1 b/doc/ssh_filter_btrbk.1
index 0d2c96a..071114b 100644
--- a/doc/ssh_filter_btrbk.1
+++ b/doc/ssh_filter_btrbk.1
@@ -1,4 +1,4 @@
-.TH "ssh_filter_btrbk" "1" "2017-07-30" "btrbk v0.25.1" ""
+.TH "ssh_filter_btrbk" "1" "2017-08-21" "btrbk v0.26.0-dev" ""
 .\" disable hyphenation
 .nh
 .\" disable justification (adjust text to left margin only)
@@ -21,8 +21,8 @@ Note that the following btrfs commands are always allowed: "btrfs
 subvolume show", "btrfs subvolume list".
 .PP
 Note that commands for stream compression (pipes through gzip, pigz,
-bzip2, pbzip2, xz, lzo, lz4) as well as rate limiting (pipes through
-"pv -L") are always allowed.
+bzip2, pbzip2, xz, lzo, lz4), rate limiting (pipes through "pv -L"),
+and stream buffer (pipes through "mbuffer") are always allowed.
 .PP
 Example line in /root/.ssh/authorized_keys on a backup target host:
 .PP
diff --git a/ssh_filter_btrbk.sh b/ssh_filter_btrbk.sh
index ff7d453..de26190 100755
--- a/ssh_filter_btrbk.sh
+++ b/ssh_filter_btrbk.sh
@@ -10,6 +10,7 @@ restrict_path_list=
 allow_list=
 allow_exact_list=
 allow_rate_limit=1
+allow_stream_buffer=1
 allow_compress=1
 compress_list="gzip|pigz|bzip2|pbzip2|xz|lzo|lz4"
 
@@ -67,6 +68,12 @@ reject_filtered_cmd()
         compress_match=
     fi
 
+    if [[ -n "$allow_stream_buffer" ]]; then
+        stream_buffer_match="(mbuffer -q -m [0-9]+[kmg]? \| )?"
+    else
+        stream_buffer_match=
+    fi
+
     if [[ -n "$allow_rate_limit" ]]; then
         rate_limit_match="( \| pv -q -L [0-9]+[kmgt]?)?"
     else
@@ -74,7 +81,7 @@ reject_filtered_cmd()
     fi
 
     # allow multiple paths (e.g. "btrfs subvolume snapshot <src> <dst>")
-    btrfs_cmd_match="^${decompress_match}(${allow_list})( ${option_match})*( ${path_match})+${compress_match}${rate_limit_match}$"
+    btrfs_cmd_match="^${decompress_match}${stream_buffer_match}(${allow_list})( ${option_match})*( ${path_match})+${compress_match}${rate_limit_match}$"
 
     if [[ $SSH_ORIGINAL_COMMAND =~ $btrfs_cmd_match ]] ; then
         return 0
@@ -175,7 +182,7 @@ case "$SSH_ORIGINAL_COMMAND" in
     *\<*)     reject_and_die "unsafe character"     ;;
     *\>*)     reject_and_die "unsafe character"     ;;
     *\`*)     reject_and_die "unsafe character"     ;;
-    *\|*)     [[ -n "$allow_compress" ]] || [[ -n "$allow_rate_limit" ]] || reject_and_die "unsafe character (compression disallowed)" ;;
+    *\|*)     [[ -n "$allow_compress" ]] || [[ -n "$allow_rate_limit" ]] || [[ -n "$allow_stream_buffer" ]] || reject_and_die "unsafe character (compression disallowed)" ;;
 esac
 
 reject_filtered_cmd