- Make the rsync-ssl default behavior more user friendly.
- Install rsync-ssl & rsync-ssl-rsh in the regular install rules.
- Add a manpage for rsync-ssl (which is also installed).
- Get rid of the rsync-ssl-client package in our spec file.
aclocal.m4
/proto.h
/proto.h-tstamp
-/rsync.1
-/rsyncd.conf.5
+/*.1
+/*.5
/autom4te*.cache
/confdefs.h
/conftest*
.SUFFIXES:
.SUFFIXES: .c .o
-GENFILES=configure.sh aclocal.m4 config.h.in proto.h proto.h-tstamp rsync.1 rsyncd.conf.5
+GENFILES=configure.sh aclocal.m4 config.h.in proto.h proto.h-tstamp rsync.1 rsync-ssl.1 rsyncd.conf.5
HEADERS=byteorder.h config.h errcode.h proto.h rsync.h ifuncs.h itypes.h inums.h \
lib/pool_alloc.h
LIBOBJ=lib/wildmatch.o lib/compat.o lib/snprintf.o lib/mdfour.o lib/md5.o \
install: all
-${MKDIR_P} ${DESTDIR}${bindir}
${INSTALLCMD} ${INSTALL_STRIP} -m 755 rsync$(EXEEXT) ${DESTDIR}${bindir}
+ ${INSTALLCMD} -m 755 rsync-ssl ${DESTDIR}${bindir}
+ ${INSTALLCMD} -m 755 rsync-ssl-rsh ${DESTDIR}${bindir}
-${MKDIR_P} ${DESTDIR}${mandir}/man1
-${MKDIR_P} ${DESTDIR}${mandir}/man5
if test -f rsync.1; then ${INSTALLMAN} -m 644 rsync.1 ${DESTDIR}${mandir}/man1; fi
+ if test -f rsync-ssl.1; then ${INSTALLMAN} -m 644 rsync-ssl.1 ${DESTDIR}${mandir}/man1; fi
if test -f rsyncd.conf.5; then ${INSTALLMAN} -m 644 rsyncd.conf.5 ${DESTDIR}${mandir}/man5; fi
-install-ssl-client: rsync-ssl
- -${MKDIR_P} ${DESTDIR}${bindir}
- ${INSTALLCMD} -m 755 rsync-ssl ${DESTDIR}${bindir}
- ${INSTALLCMD} -m 755 rsync-ssl-rsh ${DESTDIR}${bindir}
-
install-ssl-daemon: stunnel-rsyncd.conf
-${MKDIR_P} ${DESTDIR}/etc/stunnel
${INSTALLCMD} -m 644 stunnel-rsyncd.conf ${DESTDIR}/etc/stunnel/rsyncd.conf
proto.h-tstamp: $(srcdir)/*.c $(srcdir)/lib/compat.c config.h
awk -f $(srcdir)/mkproto.awk $(srcdir)/*.c $(srcdir)/lib/compat.c
-man: rsync.1 rsyncd.conf.5 man-copy
+man: rsync.1 rsync-ssl.1 rsyncd.conf.5 man-copy
man-copy:
- @if test -f rsync.1; then :; elif test -f $(srcdir)/rsync.1; then echo 'Copying srcdir rsync.1'; cp -p $(srcdir)/rsync.1 .; else echo "NOTE: rsync.1 cannot be created."; fi
- @if test -f rsyncd.conf.5; then :; elif test -f $(srcdir)/rsyncd.conf.5; then echo 'Copying srcdir rsyncd.conf.5'; cp -p $(srcdir)/rsyncd.conf.5 .; else echo "NOTE: rsyncd.conf.5 cannot be created."; fi
+ @for fn in rsync.1 rsync-ssl.1 rsyncd.conf.5; do \
+ if test -f $$fn; then \
+ : ; \
+ elif test -f $(srcdir)/$$fn; then \
+ echo "Copying srcdir $$fn" ; \
+ cp -p $(srcdir)/$$fn . ; \
+ else \
+ echo "NOTE: $$fn cannot be created." ; \
+ fi ; \
+ done
rsync.1: rsync.yo
yodl2man -o rsync.1 $(srcdir)/rsync.yo
-$(srcdir)/tweak_manpage rsync.1
+rsync-ssl.1: rsync-ssl.yo
+ yodl2man -o rsync-ssl.1 $(srcdir)/rsync-ssl.yo
+ -$(srcdir)/tweak_manpage rsync-ssl.1
+
rsyncd.conf.5: rsyncd.conf.yo
yodl2man -o rsyncd.conf.5 $(srcdir)/rsyncd.conf.yo
-$(srcdir)/tweak_manpage rsyncd.conf.5
Prefix: %{_prefix}
BuildRoot: /var/tmp/%{name}-root
-%package ssl-client
-Summary: Provides rsync-ssl
-Group: Applications/Internet
-Requires: rsync, stunnel >= 4
-
%package ssl-daemon
Summary: An stunnel config file to support ssl rsync daemon connections.
Group: Applications/Internet
destination. Rsync is widely used for backups and mirroring and as an
improved copy command for everyday use.
-%description ssl-client
-Provides the rsync-ssl script that makes use of stunnel 4 to open an ssl
-connection to an rsync daemon (on port 874). This setup does NOT require
-any local stunnel daemon to be running to connect to the remote ssl rsyncd.
-
%description ssl-daemon
Provides a config file for stunnel that will (if you start your stunnel
service) cause stunnel to listen for ssl rsync-daemon connections and run
%install
rm -rf $RPM_BUILD_ROOT
-make install install-ssl-client install-ssl-daemon DESTDIR=$RPM_BUILD_ROOT
+make install install-ssl-daemon DESTDIR=$RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT/etc/xinetd.d $RPM_BUILD_ROOT/etc/rsync-ssl/certs
install -m 644 packaging/lsb/rsync.xinetd $RPM_BUILD_ROOT/etc/xinetd.d/rsync
%doc COPYING NEWS OLDNEWS README support/ tech_report.tex
%config(noreplace) /etc/xinetd.d/rsync
%{_prefix}/bin/rsync
-%{_mandir}/man1/rsync.1*
-%{_mandir}/man5/rsyncd.conf.5*
-
-%files ssl-client
%{_prefix}/bin/rsync-ssl
%{_prefix}/bin/rsync-ssl-rsh
+%{_mandir}/man1/rsync.1*
+%{_mandir}/man1/rsync-ssl.1*
+%{_mandir}/man5/rsyncd.conf.5*
%files ssl-daemon
%config(noreplace) /etc/stunnel/rsyncd.conf
symlink("$name.tar.gz", $nightly_symlink);
}
-foreach my $fn (qw( rsync.yo rsyncd.conf.yo )) {
+foreach my $fn (qw( rsync.yo rsync-ssl.yo rsyncd.conf.yo )) {
my $yo_tmp = "$dest/$fn";
(my $html_fn = "$dest/$fn") =~ s/\.yo/.html/;
os.link(f"{dest}/NEWS", news_file)
cmd_chk(f"git log --name-status | gzip -9 >{dest}/ChangeLog.gz")
- cmd_chk(f"yodl2html -o {dest}/rsync.html rsync.yo")
- cmd_chk(f"yodl2html -o {dest}/rsyncd.conf.html rsyncd.conf.yo")
+ for yo_fn in glob.glob('*.yo'):
+ html_fn = yo_fn.replace('.yo', '.html')
+ cmd_chk(['yodl2html', '-o', dest +'/'+ html_fn, yo_fn])
for fn in (srctar_file, pattar_file, diff_file):
asc_fn = fn + '.asc'
# The environment can override our defaults using RSYNC_SSL_* variables
+function path_search {
+ IFS_SAVE="$IFS"
+ IFS=:
+ for prog in "${@}"; do
+ for dir in $PATH; do
+ [[ -z "$dir" ]] && dir=.
+ if [[ -f "$dir/$prog" && -x "$dir/$prog" ]]; then
+ echo "$dir/$prog"
+ IFS="$IFS_SAVE"
+ return 0
+ fi
+ done
+ done
+
+ IFS="$IFS_SAVE"
+ echo "Failed to find on your path: $*" 1>&2
+ echo "See the rsync-ssl manpage for configuration assistance." 1>&2
+ return 1
+}
+
if [[ -z "$RSYNC_SSL_TYPE" ]]; then
- RSYNC_SSL_TYPE=stunnel
+ found=`path_search stunnel4 stunnel openssl` || exit 1
+ if [[ "$found" == */openssl ]]; then
+ RSYNC_SSL_TYPE=openssl
+ RSYNC_SSL_OPENSSL="$found"
+ else
+ RSYNC_SSL_TYPE=stunnel
+ RSYNC_SSL_STUNNEL="$found"
+ fi
fi
case "$RSYNC_SSL_TYPE" in
- stunnel)
- if [[ -z "$RSYNC_SSL_STUNNEL" ]]; then
- IFS_SAVE="$IFS"
- IFS=:
- for prog in stunnel4 stunnel; do
- for dir in $PATH; do
- [[ -z "$dir" ]] && dir=.
- if [[ -f "$dir/$prog" && -x "$dir/$prog" ]]; then
- RSYNC_SSL_STUNNEL="$dir/$prog"
- break 2
- fi
- done
- done
- IFS="$IFS_SAVE"
+ openssl)
+ if [[ -z "$RSYNC_SSL_OPENSSL" ]]; then
+ RSYNC_SSL_OPENSSL=`path_search openssl` || exit 1
fi
+ optsep=' '
+ ;;
+ stunnel)
if [[ -z "$RSYNC_SSL_STUNNEL" ]]; then
- echo "Failed to find stunnel on your path." 1>&2
- echo "Maybe export RSYNC_SSL_STUNNEL=/path or RSYNC_SSL_TYPE=openssl." 1>&2
- exit 1
+ RSYNC_SSL_STUNNEL=`path_search stunnel4 stunnel` || exit 1
fi
optsep=' = '
;;
- openssl)
- optsep=' '
- ;;
*)
- echo "The RSYNC_SSL_TYPE is not set to a known type: $RSYNC_SSL_TYPE" 1>&2
+ echo "The RSYNC_SSL_TYPE specifies an unknown type: $RSYNC_SSL_TYPE" 1>&2
exit 1
;;
esac
fi
if [[ $RSYNC_SSL_TYPE == openssl ]]; then
- exec openssl s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port
+ exec $RSYNC_SSL_OPENSSL s_client $caopt $certopt -quiet -verify_quiet -servername $hostname -connect $hostname:$port
else
# devzero@web.de came up with this no-tmpfile calling syntax:
- exec stunnel -fd 10 11<&0 <<EOF 10<&0 0<&11 11<&-
+ exec $RSYNC_SSL_STUNNEL -fd 10 11<&0 <<EOF 10<&0 0<&11 11<&-
foreground = yes
debug = crit
connect = $hostname:$port
--- /dev/null
+mailto(rsync-bugs@samba.org)
+manpage(rsync-ssl)(1)(22 Apr 2020)()()
+manpagename(rsync-ssl)(a helper script for connecting to an ssl rsync daemon)
+manpagesynopsis()
+
+verb(rsync-ssl [--type=openssl|stunnel] RSYNC_ARGS)
+
+manpagedescription()
+
+The rsync-ssl script helps you to run an rsync copy to/from an rsync daemon
+that requires ssl connections.
+
+If the bf(first) arg is a bf(--type=NAME) option, the script will only use that
+particular program to open an ssl connection instead of trying to find an
+stunnel or openssl executable via a simple heuristic (assuming that the
+bf(RSYNC_SSL_TYPE) environment variable is not set as well -- see below). This
+option must be one of bf(--type=openssl) or bf(--type=stunnel). The equal sign
+is required for this particular option.
+
+All the other options are passed through to the rsync command, so consult the
+bf(rsync) manpage for more information on how it works.
+
+Note that the stunnel connection type requires at least version 4 of stunnel,
+which should be the case on modern systems.
+
+manpagesection(ENVIRONMENT VARIABLES)
+
+The ssl helper scripts are affected by the following environment variables:
+
+description(
+
+dit(bf(RSYNC_SSL_TYPE)) Specifies the program type that should be used to open
+the ssl connection. It must be one of "openssl" or "stunnel". The
+bf(--type=NAME) option overrides this, if specified.
+
+dit(bf(RSYNC_SSL_PORT)) If specified, the value is the port number that is used
+as the default when the user does not specify a port in their rsync command.
+When not specified, the default port number is 874. (Note that older rsync
+versions (prior to 3.1.4) did not communicate an overriding port number value
+to the helper script.)
+
+dit(bf(RSYNC_SSL_CERT)) If specified, the value is a filename that contains a
+certificate to use for the connection.
+
+dit(bf(RSYNC_SSL_CA_CERT)) If specified, the value is a filename that contains
+a certificate authority certificate that is used to validate the connection.
+
+dit(bf(RSYNC_SSL_STUNNEL)) Specifies the stunnel executable to run when the
+connection type is set to stunnel. If unspecified, the $PATH is searched first
+for "stunnel4" and then for "stunnel".
+
+dit(bf(RSYNC_SSL_OPENSSL)) Specifies the openssl executable to run when the
+connection type is set to openssl. If unspecified, the $PATH is searched for
+"openssl".
+
+)
+
+manpagesection(EXAMPLES)
+
+verb( rsync-ssl -aiv example.com::src/ dest)
+
+verb( rsync-ssl --type=openssl -aiv example.com::src/ dest)
+
+manpageauthor()
+
+This manpage was written by Wayne Davison.
+
+Mailing lists for support and development are available at
+url(http://lists.samba.org)(lists.samba.org)
projects / thirdparty / rsync.git / commitdiff
