rsync and SSL: gettig the patch working

[Graham Leggett]

Hi all,

I have applied the patch at http://metastatic.org/source/rsync-ssl.patch 
to the rsync v2.6.2 tree, and have it installed between two hosts.

Unfortunately the patch contains no docs, so I have no idea whether I've 
configured it correctly. Any attempt at making an rsync transfer bombs 
out with the error:

[fma at chandler fma]$ rsync -a 
--ssl-ca-certs=/usr/share/ssl/certs/caCert.pem 
rsync://fma@patricia.xxx/home/gatekeeper/fma/ samba-test/

SSL: error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure
rsync: writefd_unbuffered failed to write 5 bytes: phase "unknown": 
Broken pipe
rsync error: error in rsync protocol data stream (code 12) at io.c(836)

The server side was run from xinetd like this:

server_args     = --daemon --ssl 
--ssl-cert=/pathto/patricia-hostCert.pem 
--ssl-key=/pathto/patricia-hostKey.pem

The server's cert is signed by the CA cert referenced on the client.

Does anyone got this patch to work? How should I have set this up?

Regards,
Graham
--