[SCM] The rsync repository. - branch master updated
Rsync CVS commit messages
rsync-cvs at lists.samba.org
Fri Jun 12 03:35:44 UTC 2020
The branch, master has been updated
via 34141954 Add packaging notes to NEWS.
via cba00be6 Translate man page's option list into .h files for options.h to use.
via de78dd68 Simplify the install of rsync-ssl by unifying 2 scripts.
via 88abb502 Promote newer compressors to the start of the list.
via 6d6b8595 Remove generated doc files via make clean.
via 66bd4774 Allow maintainer to build with /usr/local prefix but document /usr.
from c117fa4b Create a get_device_size() helper function.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 34141954c7179438f3b3c5e11f55089e5aee5a8e
Author: Wayne Davison <wayne at opencoder.net>
Date: Thu Jun 11 20:32:44 2020 -0700
Add packaging notes to NEWS.
commit cba00be6226a2888bf0eddfa593c0da1039b9499
Author: Wayne Davison <wayne at opencoder.net>
Date: Thu Jun 11 20:24:53 2020 -0700
Translate man page's option list into .h files for options.h to use.
commit de78dd685b60b4f138c48206500c24952ca66362
Author: Wayne Davison <wayne at opencoder.net>
Date: Thu Jun 11 18:47:43 2020 -0700
Simplify the install of rsync-ssl by unifying 2 scripts.
commit 88abb502297d9c27da7f856548d8eb08300e8aa2
Author: Wayne Davison <wayne at opencoder.net>
Date: Thu Jun 11 18:01:50 2020 -0700
Promote newer compressors to the start of the list.
commit 6d6b8595dfafe366f63618c42a91ca98a7fe3521
Author: Wayne Davison <wayne at opencoder.net>
Date: Thu Jun 11 17:34:17 2020 -0700
Remove generated doc files via make clean.
commit 66bd4774a8f67d7b822d585d4dbc269f34137cab
Author: Wayne Davison <wayne at opencoder.net>
Date: Thu Jun 11 17:09:33 2020 -0700
Allow maintainer to build with /usr/local prefix but document /usr.
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
Makefile.in | 26 ++++-
NEWS.md | 39 ++++++-
compat.c | 6 +-
md2man | 4 +-
options.c | 164 +-------------------------
packaging/lsb/rsync.spec | 1 -
prepare-source | 6 +-
rsync-ssl | 174 +++++++++++++++++++++++++---
rsync-ssl.1.md | 7 --
rsync.1.md | 296 ++++++++++++++++++++++++-----------------------
ssl-rsh | 127 --------------------
12 files changed, 374 insertions(+), 477 deletions(-)
delete mode 100755 ssl-rsh
Changeset truncated at 500 lines:
diff --git a/.gitignore b/.gitignore
index c4ab40ee..9c287d14 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,6 +18,7 @@ aclocal.m4
/rsync*.1
/rsync*.5
/rsync*.html
+/help-rsync*.h
/.md2man-works
/autom4te*.cache
/confdefs.h
diff --git a/Makefile.in b/Makefile.in
index dc0cb0b8..7cf73a38 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -74,10 +74,8 @@ all: Makefile rsync$(EXEEXT) stunnel-rsyncd.conf man
.PHONY: install
install: all
-${MKDIR_P} ${DESTDIR}${bindir}
- -${MKDIR_P} ${DESTDIR}${libdir}
${INSTALLCMD} ${INSTALL_STRIP} -m 755 rsync$(EXEEXT) ${DESTDIR}${bindir}
${INSTALLCMD} -m 755 rsync-ssl ${DESTDIR}${bindir}
- ${INSTALLCMD} -m 755 ssl-rsh ${DESTDIR}${libdir}
-${MKDIR_P} ${DESTDIR}${mandir}/man1
-${MKDIR_P} ${DESTDIR}${mandir}/man5
if test -f rsync.1; then ${INSTALLMAN} -m 644 rsync.1 ${DESTDIR}${mandir}/man1; fi
@@ -101,10 +99,30 @@ rsync$(EXEEXT): $(OBJS)
$(OBJS): $(HEADERS)
$(CHECK_OBJS): $(HEADERS)
-options.o: latest-year.h
+options.o: latest-year.h help-rsync.h help-rsyncd.h
flist.o: rounding.h
+help-rsync.h: rsync.1.md
+ @sed -e '1,/^# OPTIONS SUMMARY/d' \
+ -e '1,/^```/d' \
+ -e '/^```/,$$d' \
+ -e 's/"/\\"/g' \
+ -e 's/^/ rprintf(F,"/' \
+ -e 's/$$/\\n");/' \
+ <"$(srcdir)/$<" >$@
+
+help-rsyncd.h: rsync.1.md
+ @sed -e '1,/^# OPTIONS SUMMARY/d' \
+ -e '1,/^```/d' \
+ -e '1,/^```/d' \
+ -e '1,/^```/d' \
+ -e '/^```/,$$d' \
+ -e 's/"/\\"/g' \
+ -e 's/^/ rprintf(F,"/' \
+ -e 's/$$/\\n");/' \
+ <"$(srcdir)/$<" >$@
+
rounding.h: rounding.c rsync.h proto.h
@for r in 0 1 3; do \
if $(CC) $(CFLAGS) $(CPPFLAGS) $(LDFLAGS) -o rounding -DEXTRA_ROUNDING=$$r -I. $(srcdir)/rounding.c >rounding.out 2>&1; then \
@@ -236,7 +254,7 @@ rsyncd.conf.5: rsyncd.conf.5.md md2man NEWS.md Makefile
.PHONY: clean
clean: cleantests
rm -f *~ $(OBJS) $(CHECK_PROGS) $(CHECK_OBJS) $(CHECK_SYMLINKS) \
- rounding rounding.h *.old
+ rounding rounding.h *.old rsync*.1 rsync*.5 rsync*.html
.PHONY: cleantests
cleantests:
diff --git a/NEWS.md b/NEWS.md
index 4a29ec45..755275f9 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -88,12 +88,13 @@ Protocol: 31 (unchanged)
- Added the `--write-devices` option based on the long-standing patch.
- - Added openssl support to the rsync-ssl script via a (lib installed) helper
- script, ssl-rsh. Both bash scripts are now installed by default, removing
- the install-ssl-client make target. Rsync was also enhanced to set the
- `RSYNC_PORT` environment variable when running a daemon-over-rsh script. Its
- value is the user-specified port number (set via `--port` or an rsync://
- URL) or 0 if the user didn't override the port.
+ - Added openssl support to the rsync-ssl script, which is now installed by
+ default. This script was unified with the stunnel-rsync helper script to
+ simplify packaging.
+
+ - Rsync was enhanced to set the `RSYNC_PORT` environment variable when running
+ a daemon-over-rsh script. Its value is the user-specified port number (set
+ via `--port` or an rsync:// URL) or 0 if the user didn't override the port.
- Added the `haproxy header` daemon parameter that allows your rsyncd to know
the real remote IP when it is being proxied.
@@ -131,6 +132,32 @@ Protocol: 31 (unchanged)
- Made -V the short option for --version.
+### PACKAGING RELATED:
+
+ - Add installed binary: /usr/bin/rsync-sll
+
+ - Add installed man page: /usr/man/man1/rsync-ssl.1
+
+ - The rsync-ssl script wants to run either openssl or stunnel4, so consider
+ adding a dependency for openssl (though it's probably fine to just let it
+ complain about being unable to find either program and let the user decide
+ if they want to install one or the other).
+
+ - If you packaged rsync + rsync-ssl + rsync-ssl-daemon as separate packages,
+ the rsync-ssl package is now gone (along with its install-ssl-client make
+ target -- rsync-ssl should be considered to be mainstream now that Samba
+ requires SSL for its rsync daemon).
+
+ - Add _build_ dependency for liblz4-devel, libxxhash-devel, & libzstd-devel.
+ These development libraries will give rsync extra compression and checksum
+ algorithms.
+
+ - Remove yodl _build_ dependency (if you listed it).
+
+ - Add _build_ dependency for _either_ python3-cmarkcfm or python3-commonmark
+ to allow for patching of man pages or building a git release. Note that
+ cmarkcfm is faster than commonmark, but they generate the same data.
+
### DEVELOPER RELATED:
- Silenced some annoying warnings about major()|minor() due to the autoconf
diff --git a/compat.c b/compat.c
index a124c200..91b2771d 100644
--- a/compat.c
+++ b/compat.c
@@ -88,16 +88,14 @@ int filesfrom_convert = 0;
struct name_num_obj valid_compressions = {
"compress", NULL, NULL, 0, 0, {
- { CPRES_ZLIBX, "zlibx", NULL },
- { CPRES_ZLIB, "zlib", NULL },
#ifdef SUPPORT_ZSTD
- /* TODO decide where in the default preference order this should go. */
{ CPRES_ZSTD, "zstd", NULL },
#endif
#ifdef SUPPORT_LZ4
- /* TODO decide where in the default preference order this should go. */
{ CPRES_LZ4, "lz4", NULL },
#endif
+ { CPRES_ZLIBX, "zlibx", NULL },
+ { CPRES_ZLIB, "zlib", NULL },
{ CPRES_NONE, "none", NULL },
{ 0, NULL, NULL }
}
diff --git a/md2man b/md2man
index c623efb9..c914cd96 100755
--- a/md2man
+++ b/md2man
@@ -94,7 +94,7 @@ def main():
fi.date = time.strftime('%d %b %Y', time.localtime(fi.mtime))
- env_subs = { }
+ env_subs = { 'prefix': os.environ.get('RSYNC_OVERRIDE_PREFIX', None) }
with open(fi.srcdir + 'Makefile', 'r', encoding='utf-8') as fh:
for line in fh:
@@ -102,6 +102,8 @@ def main():
if not m:
continue
var, val = (m[1], m[2])
+ if var == 'prefix' and env_subs[var] is not None:
+ continue
while re.search(r'\$\{', val):
val = re.sub(r'\$\{(\w+)\}', lambda m: env_subs[m[1]], val)
env_subs[var] = val
diff --git a/options.c b/options.c
index c93abfcb..a0c973ce 100644
--- a/options.c
+++ b/options.c
@@ -728,154 +728,7 @@ void usage(enum logcode F)
rprintf(F,"to an rsync daemon, and require SRC or DEST to start with a module name.\n");
rprintf(F,"\n");
rprintf(F,"Options\n");
- rprintf(F," -v, --verbose increase verbosity\n");
- rprintf(F," --info=FLAGS fine-grained informational verbosity\n");
- rprintf(F," --debug=FLAGS fine-grained debug verbosity\n");
- rprintf(F," --msgs2stderr output messages directly to stderr\n");
- rprintf(F," -q, --quiet suppress non-error messages\n");
- rprintf(F," --no-motd suppress daemon-mode MOTD (see manpage caveat)\n");
- rprintf(F," -c, --checksum skip based on checksum, not mod-time & size\n");
- rprintf(F," -a, --archive archive mode; equals -rlptgoD (no -H,-A,-X)\n");
- rprintf(F," --no-OPTION turn off an implied OPTION (e.g. --no-D)\n");
- rprintf(F," -r, --recursive recurse into directories\n");
- rprintf(F," -R, --relative use relative path names\n");
- rprintf(F," --no-implied-dirs don't send implied dirs with --relative\n");
- rprintf(F," -b, --backup make backups (see --suffix & --backup-dir)\n");
- rprintf(F," --backup-dir=DIR make backups into hierarchy based in DIR\n");
- rprintf(F," --suffix=SUFFIX set backup suffix (default %s w/o --backup-dir)\n",BACKUP_SUFFIX);
- rprintf(F," -u, --update skip files that are newer on the receiver\n");
- rprintf(F," --inplace update destination files in-place (SEE MAN PAGE)\n");
- rprintf(F," --append append data onto shorter files\n");
- rprintf(F," --append-verify like --append, but with old data in file checksum\n");
- rprintf(F," -d, --dirs transfer directories without recursing\n");
- rprintf(F," -l, --links copy symlinks as symlinks\n");
- rprintf(F," -L, --copy-links transform symlink into referent file/dir\n");
- rprintf(F," --copy-unsafe-links only \"unsafe\" symlinks are transformed\n");
- rprintf(F," --safe-links ignore symlinks that point outside the source tree\n");
- rprintf(F," --munge-links munge symlinks to make them safer (but unusable)\n");
- rprintf(F," -k, --copy-dirlinks transform symlink to a dir into referent dir\n");
- rprintf(F," -K, --keep-dirlinks treat symlinked dir on receiver as dir\n");
- rprintf(F," -H, --hard-links preserve hard links\n");
- rprintf(F," -p, --perms preserve permissions\n");
- rprintf(F," -E, --executability preserve the file's executability\n");
- rprintf(F," --chmod=CHMOD affect file and/or directory permissions\n");
-#ifdef SUPPORT_ACLS
- rprintf(F," -A, --acls preserve ACLs (implies --perms)\n");
-#endif
-#ifdef SUPPORT_XATTRS
- rprintf(F," -X, --xattrs preserve extended attributes\n");
-#endif
- rprintf(F," -o, --owner preserve owner (super-user only)\n");
- rprintf(F," -g, --group preserve group\n");
- rprintf(F," --devices preserve device files (super-user only)\n");
- rprintf(F," --specials preserve special files\n");
- rprintf(F," -D same as --devices --specials\n");
- rprintf(F," -t, --times preserve modification times\n");
- rprintf(F," -U, --atimes preserve access (last-used) times\n");
- rprintf(F," --open-noatime avoid changing the atime on opened files\n");
- rprintf(F," -O, --omit-dir-times omit directories from --times\n");
- rprintf(F," -J, --omit-link-times omit symlinks from --times\n");
- rprintf(F," --super receiver attempts super-user activities\n");
-#ifdef SUPPORT_XATTRS
- rprintf(F," --fake-super store/recover privileged attrs using xattrs\n");
-#endif
- rprintf(F," -S, --sparse turn sequences of nulls into sparse blocks\n");
-#ifdef SUPPORT_PREALLOCATION
- rprintf(F," --preallocate allocate dest files before writing them\n");
-#else
- rprintf(F," --preallocate pre-allocate dest files on remote receiver\n");
-#endif
- rprintf(F," --write-devices write to devices as files (implies --inplace)\n");
- rprintf(F," -n, --dry-run perform a trial run with no changes made\n");
- rprintf(F," -W, --whole-file copy files whole (without delta-xfer algorithm)\n");
- rprintf(F," --checksum-choice=STR choose the checksum algorithms\n");
- rprintf(F," -x, --one-file-system don't cross filesystem boundaries\n");
- rprintf(F," -B, --block-size=SIZE force a fixed checksum block-size\n");
- rprintf(F," -e, --rsh=COMMAND specify the remote shell to use\n");
- rprintf(F," --rsync-path=PROGRAM specify the rsync to run on the remote machine\n");
- rprintf(F," --existing skip creating new files on receiver\n");
- rprintf(F," --ignore-existing skip updating files that already exist on receiver\n");
- rprintf(F," --remove-source-files sender removes synchronized files (non-dirs)\n");
- rprintf(F," --del an alias for --delete-during\n");
- rprintf(F," --delete delete extraneous files from destination dirs\n");
- rprintf(F," --delete-before receiver deletes before transfer, not during\n");
- rprintf(F," --delete-during receiver deletes during the transfer\n");
- rprintf(F," --delete-delay find deletions during, delete after\n");
- rprintf(F," --delete-after receiver deletes after transfer, not during\n");
- rprintf(F," --delete-excluded also delete excluded files from destination dirs\n");
- rprintf(F," --ignore-missing-args ignore missing source args without error\n");
- rprintf(F," --delete-missing-args delete missing source args from destination\n");
- rprintf(F," --ignore-errors delete even if there are I/O errors\n");
- rprintf(F," --force force deletion of directories even if not empty\n");
- rprintf(F," --max-delete=NUM don't delete more than NUM files\n");
- rprintf(F," --max-size=SIZE don't transfer any file larger than SIZE\n");
- rprintf(F," --min-size=SIZE don't transfer any file smaller than SIZE\n");
- rprintf(F," --partial keep partially transferred files\n");
- rprintf(F," --partial-dir=DIR put a partially transferred file into DIR\n");
- rprintf(F," --delay-updates put all updated files into place at transfer's end\n");
- rprintf(F," -m, --prune-empty-dirs prune empty directory chains from the file-list\n");
- rprintf(F," --numeric-ids don't map uid/gid values by user/group name\n");
- rprintf(F," --usermap=STRING custom username mapping\n");
- rprintf(F," --groupmap=STRING custom groupname mapping\n");
- rprintf(F," --chown=USER:GROUP simple username/groupname mapping\n");
- rprintf(F," --timeout=SECONDS set I/O timeout in seconds\n");
- rprintf(F," --contimeout=SECONDS set daemon connection timeout in seconds\n");
- rprintf(F," -I, --ignore-times don't skip files that match in size and mod-time\n");
- rprintf(F," -M, --remote-option=OPTION send OPTION to the remote side only\n");
- rprintf(F," --size-only skip files that match in size\n");
- rprintf(F," -@, --modify-window=NUM set the accuracy for mod-time comparisons\n");
- rprintf(F," -T, --temp-dir=DIR create temporary files in directory DIR\n");
- rprintf(F," -y, --fuzzy find similar file for basis if no dest file\n");
- rprintf(F," --compare-dest=DIR also compare destination files relative to DIR\n");
- rprintf(F," --copy-dest=DIR ... and include copies of unchanged files\n");
- rprintf(F," --link-dest=DIR hardlink to files in DIR when unchanged\n");
- rprintf(F," -z, --compress compress file data during the transfer\n");
- rprintf(F," --compress-level=NUM explicitly set compression level\n");
- rprintf(F," --skip-compress=LIST skip compressing files with a suffix in LIST\n");
- rprintf(F," -C, --cvs-exclude auto-ignore files the same way CVS does\n");
- rprintf(F," -f, --filter=RULE add a file-filtering RULE\n");
- rprintf(F," -F same as --filter='dir-merge /.rsync-filter'\n");
- rprintf(F," repeated: --filter='- .rsync-filter'\n");
- rprintf(F," --exclude=PATTERN exclude files matching PATTERN\n");
- rprintf(F," --exclude-from=FILE read exclude patterns from FILE\n");
- rprintf(F," --include=PATTERN don't exclude files matching PATTERN\n");
- rprintf(F," --include-from=FILE read include patterns from FILE\n");
- rprintf(F," --files-from=FILE read list of source-file names from FILE\n");
- rprintf(F," -0, --from0 all *-from/filter files are delimited by 0s\n");
- rprintf(F," -s, --protect-args no space-splitting; only wildcard special-chars\n");
- rprintf(F," --copy-as=USER[:GROUP] specify user & optional group for the copy\n");
- rprintf(F," --address=ADDRESS bind address for outgoing socket to daemon\n");
- rprintf(F," --port=PORT specify double-colon alternate port number\n");
- rprintf(F," --sockopts=OPTIONS specify custom TCP options\n");
- rprintf(F," --blocking-io use blocking I/O for the remote shell\n");
- rprintf(F," --stats give some file-transfer stats\n");
- rprintf(F," -8, --8-bit-output leave high-bit chars unescaped in output\n");
- rprintf(F," -h, --human-readable output numbers in a human-readable format\n");
- rprintf(F," --progress show progress during transfer\n");
- rprintf(F," -P same as --partial --progress\n");
- rprintf(F," -i, --itemize-changes output a change-summary for all updates\n");
- rprintf(F," --out-format=FORMAT output updates using the specified FORMAT\n");
- rprintf(F," --log-file=FILE log what we're doing to the specified FILE\n");
- rprintf(F," --log-file-format=FMT log updates using the specified FMT\n");
- rprintf(F," --password-file=FILE read daemon-access password from FILE\n");
- rprintf(F," --list-only list the files instead of copying them\n");
- rprintf(F," --bwlimit=RATE limit socket I/O bandwidth\n");
-#ifdef HAVE_SETVBUF
- rprintf(F," --outbuf=N|L|B set output buffering to None, Line, or Block\n");
-#endif
- rprintf(F," --write-batch=FILE write a batched update to FILE\n");
- rprintf(F," --only-write-batch=FILE like --write-batch but w/o updating destination\n");
- rprintf(F," --read-batch=FILE read a batched update from FILE\n");
- rprintf(F," --protocol=NUM force an older protocol version to be used\n");
-#ifdef ICONV_OPTION
- rprintf(F," --iconv=CONVERT_SPEC request charset conversion of filenames\n");
-#endif
- rprintf(F," --checksum-seed=NUM set block/file checksum seed (advanced)\n");
- rprintf(F," -4, --ipv4 prefer IPv4\n");
- rprintf(F," -6, --ipv6 prefer IPv6\n");
- rprintf(F," -V, --version print the version & other info and exit\n");
- rprintf(F,"(-h) --help show this help (-h is --help only if used alone)\n");
-
+#include "help-rsync.h"
rprintf(F,"\n");
rprintf(F,"Use \"rsync --daemon --help\" to see the daemon-mode command-line options.\n");
rprintf(F,"Please see the rsync(1) and rsyncd.conf(5) man pages for full documentation.\n");
@@ -1139,20 +992,7 @@ static void daemon_usage(enum logcode F)
rprintf(F,"\n");
rprintf(F,"Usage: rsync --daemon [OPTION]...\n");
- rprintf(F," --address=ADDRESS bind to the specified address\n");
- rprintf(F," --bwlimit=RATE limit socket I/O bandwidth\n");
- rprintf(F," --config=FILE specify alternate rsyncd.conf file\n");
- rprintf(F," -M, --dparam=OVERRIDE override global daemon config parameter\n");
- rprintf(F," --no-detach do not detach from the parent\n");
- rprintf(F," --port=PORT listen on alternate port number\n");
- rprintf(F," --log-file=FILE override the \"log file\" setting\n");
- rprintf(F," --log-file-format=FMT override the \"log format\" setting\n");
- rprintf(F," --sockopts=OPTIONS specify custom TCP options\n");
- rprintf(F," -v, --verbose increase verbosity\n");
- rprintf(F," -4, --ipv4 prefer IPv4\n");
- rprintf(F," -6, --ipv6 prefer IPv6\n");
- rprintf(F," --help show this help screen\n");
-
+#include "help-rsyncd.h"
rprintf(F,"\n");
rprintf(F,"If you were not trying to invoke rsync as a daemon, avoid using any of the\n");
rprintf(F,"daemon-specific rsync options. See also the rsyncd.conf(5) man page.\n");
diff --git a/packaging/lsb/rsync.spec b/packaging/lsb/rsync.spec
index ea02c7e6..4f44db5c 100644
--- a/packaging/lsb/rsync.spec
+++ b/packaging/lsb/rsync.spec
@@ -70,7 +70,6 @@ rm -rf $RPM_BUILD_ROOT
%config(noreplace) /etc/xinetd.d/rsync
%{_prefix}/bin/rsync
%{_prefix}/bin/rsync-ssl
-%{_prefix}/lib/rsync/ssl-rsh
%{_mandir}/man1/rsync.1*
%{_mandir}/man1/rsync-ssl.1*
%{_mandir}/man5/rsyncd.conf.5*
diff --git a/prepare-source b/prepare-source
index 3514a4c8..e4232408 100755
--- a/prepare-source
+++ b/prepare-source
@@ -31,13 +31,13 @@ for action in "${@}"; do
else
files='[cap]*'
fi
- rsync -ipe ./ssl-rsh rsync://download.samba.org/rsyncftp/generated-files/"$files" .
+ ./rsync-ssl -ip rsync://download.samba.org/rsyncftp/generated-files/"$files" .
;;
fetchgen)
- rsync -ipe ./ssl-rsh rsync://download.samba.org/rsyncftp/generated-files/'*' .
+ ./rsync-ssl -ip rsync://download.samba.org/rsyncftp/generated-files/'*' .
;;
fetchSRC)
- rsync -ipre ./ssl-rsh --exclude=/.git/ rsync://download.samba.org/ftp/pub/unpacked/rsync/ .
+ ./rsync-ssl -ipr --exclude=/.git/ rsync://download.samba.org/ftp/pub/unpacked/rsync/ .
;;
*)
echo "Unknown action: $action"
diff --git a/rsync-ssl b/rsync-ssl
index c9a8db90..c55dc7a8 100755
--- a/rsync-ssl
+++ b/rsync-ssl
@@ -1,23 +1,167 @@
#!/bin/bash
+
# This script supports using stunnel or openssl to secure an rsync daemon connection.
-# The first option can be --type=stunnel or --type=openssl to choose your connection
-# type (overriding any $RSYNC_SSL_TYPE default value).
-if [[ "$1" == --type=* ]]; then
- export RSYNC_SSL_TYPE="${1/--type=/}"
+# By default this script takes rsync args and hands them off to the actual
+# rsync command with an --rsh option that makes it open an SSL connection to an
+# rsync daemon. See the rsync-ssl manpage for usage details and env variables.
+
+# When the first arg is --HELPER, we are being used by rsync as an --rsh helper
+# script, and the args are (note the trailing dot):
+#
+# rsync-ssl --HELPER HOSTNAME rsync --server --daemon .
+#
+# --HELPER is not a user-facing option, so it is not documented in the manpage.
+
+# The first SSL setup was based on: http://dozzie.jarowit.net/trac/wiki/RsyncSSL
+# Note that an stunnel connection requires at least version 4.x of stunnel.
+
+function rsync_ssl_run {
+ case "$*" in
+ *rsync://*) ;;
+ *::*) ;;
+ *)
+ echo "You must use rsync-ssl with a daemon-style hostname." 1>&2
+ exit 1
+ ;;
+ esac
+
+ exec rsync --rsh="$0 --HELPER" "${@}"
+}
+
+function rsync_ssl_helper {
+ if [[ -z "$RSYNC_SSL_TYPE" ]]; then
+ found=`path_search stunnel4 stunnel openssl` || exit 1
+ if [[ "$found" == */openssl ]]; then
+ RSYNC_SSL_TYPE=openssl
+ RSYNC_SSL_OPENSSL="$found"
+ else
+ RSYNC_SSL_TYPE=stunnel
+ RSYNC_SSL_STUNNEL="$found"
+ fi
+ fi
+
+ case "$RSYNC_SSL_TYPE" in
+ openssl)
+ if [[ -z "$RSYNC_SSL_OPENSSL" ]]; then
+ RSYNC_SSL_OPENSSL=`path_search openssl` || exit 1
+ fi
+ optsep=' '
+ ;;
+ stunnel)
+ if [[ -z "$RSYNC_SSL_STUNNEL" ]]; then
+ RSYNC_SSL_STUNNEL=`path_search stunnel4 stunnel` || exit 1
+ fi
+ optsep=' = '
+ ;;
+ *)
+ echo "The RSYNC_SSL_TYPE specifies an unknown type: $RSYNC_SSL_TYPE" 1>&2
+ exit 1
+ ;;
+ esac
+
+ if [[ -z "$RSYNC_SSL_CERT" ]]; then
+ certopt=""
+ else
+ certopt="cert$optsep$RSYNC_SSL_CERT"
+ fi
+
+ if [[ -z ${RSYNC_SSL_CA_CERT+x} ]]; then
+ # RSYNC_SSL_CA_CERT unset - default CA set AND verify:
+ # openssl:
+ caopt="-verify_return_error -verify 4"
+ # stunnel:
+ cafile=""
+ verify=0
+ elif [[ "$RSYNC_SSL_CA_CERT" == "" ]]; then
+ # RSYNC_SSL_CA_CERT set but empty -do NO verifications:
+ # openssl:
+ caopt="-verify 1"
+ # stunnel:
+ cafile=""
+ verify=0
+ else
+ # RSYNC_SSL_CA_CERT set - use CA AND verify:
+ # openssl:
+ caopt="-CAfile $RSYNC_SSL_CA_CERT -verify_return_error -verify 4"
+ # stunnel:
+ cafile="CAfile = $RSYNC_SSL_CA_CERT"
+ verify=3
+ fi
+
+ port="${RSYNC_PORT:-0}"
+ if [[ "$port" == 0 ]]; then
+ port="${RSYNC_SSL_PORT:-874}"
+ fi
+
+ # If the user specified USER at HOSTNAME::module, then rsync passes us
+ # the -l USER option too, so we must be prepared to ignore it.
+ if [[ "$1" == "-l" ]]; then
+ shift 2
+ fi
+
+ hostname="$1"
shift
-fi
--
The rsync repository.
More information about the rsync-cvs
mailing list