feat(ssh): warn when SSH and rsync compression both enabled#3637
Merged
Conversation
Compressing twice on the same byte stream wastes CPU and can expand
already-compressed data. Detect the case and emit one stderr warning
per process.
- New `SshCommand::has_ssh_compression()` inspects the explicit SSH
argv for `-C` and case-insensitive `-o Compression={yes,true,1}`,
in both combined `-oCompression=...` and split `-o Compression=...`
forms.
- `build_ssh_connection` checks the rsync `--compress` setting against
the SshCommand and emits one `rsync warning:` line via OnceLock-gated
helper, then proceeds unchanged.
- Detection is conservative: it does not parse `~/.ssh/config`, since
that file is merged at spawn time and we cannot reliably read it.
Upstream rsync does not detect this; this is a usability enhancement.
No CLI flag, no protocol behavior change, no auto-disable.
4 tasks
oferchen
added a commit
that referenced
this pull request
May 5, 2026
…3697) Re-checks the thirteen testable claims in docs/audits/ssh-socketpair-vs-pipes.md against current crates/rsync_io/src/ssh/ source. All claims confirmed; two file:LINE citations drifted because of intervening commits (#3637 added the SSH/rsync compression warning, growing builder.rs by ~60 lines). Behaviour is unchanged: anonymous pipes on the wire, socketpair on stderr, no socketpair anywhere on the SSH wire path. Reaffirms the prior recommendation that #1687 (socketpair-prototype) stays closed.
oferchen
added a commit
that referenced
this pull request
May 18, 2026
Compressing twice on the same byte stream wastes CPU and can expand
already-compressed data. Detect the case and emit one stderr warning
per process.
- New `SshCommand::has_ssh_compression()` inspects the explicit SSH
argv for `-C` and case-insensitive `-o Compression={yes,true,1}`,
in both combined `-oCompression=...` and split `-o Compression=...`
forms.
- `build_ssh_connection` checks the rsync `--compress` setting against
the SshCommand and emits one `rsync warning:` line via OnceLock-gated
helper, then proceeds unchanged.
- Detection is conservative: it does not parse `~/.ssh/config`, since
that file is merged at spawn time and we cannot reliably read it.
Upstream rsync does not detect this; this is a usability enhancement.
No CLI flag, no protocol behavior change, no auto-disable.
oferchen
added a commit
that referenced
this pull request
May 18, 2026
…3697) Re-checks the thirteen testable claims in docs/audits/ssh-socketpair-vs-pipes.md against current crates/rsync_io/src/ssh/ source. All claims confirmed; two file:LINE citations drifted because of intervening commits (#3637 added the SSH/rsync compression warning, growing builder.rs by ~60 lines). Behaviour is unchanged: anonymous pipes on the wire, socketpair on stderr, no socketpair anywhere on the SSH wire path. Reaffirms the prior recommendation that #1687 (socketpair-prototype) stays closed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Detect when SSH built-in compression (-C / -o Compression=yes) and rsync
--compressare both active and emit one stderr warning per process. Compressing twice wastes CPU and may expand already-compressed data.Changes
SshCommand::has_ssh_compression()- new public inspector that scans the explicit SSH argv for compression flags. Detection is conservative; it does not parse~/.ssh/configsince that file is merged at spawn time and we cannot reliably read it.arg_enables_ssh_compression()- private helper recognising:-C-oCompression=<truthy>(combined)-o Compression=<truthy>(split across two argv entries)Compression/compression)yes,true,1, all case-insensitivebuild_ssh_connection(crates/core/src/client/remote/ssh_transfer.rs) checksconfig.compress() && ssh.has_ssh_compression()after building the SshCommand and before spawn, calling a newwarn_double_compression_oncehelper.warn_double_compression_onceusesOnceLock<()>to emit at most onersync warning:line per process, then proceeds unchanged. No auto-disable, no CLI flag.Tests
Seven unit tests in
crates/rsync_io/src/ssh/tests.rs:has_ssh_compression_detects_dash_chas_ssh_compression_detects_combined_option_yeshas_ssh_compression_detects_split_option_yeshas_ssh_compression_truthy_aliases(yes/YES/Yes/true/TRUE/1)has_ssh_compression_case_insensitive_keyhas_ssh_compression_rejects_falsey_and_unrelated(no/NO/false/0/off plus unrelated-o BatchMode=yes,-c aes128-gcm@openssh.com)has_ssh_compression_default_is_falseWire compatibility
No protocol or wire-format change. The warning is the only user-visible effect.