After applying this patch, run these commands for a successful build:
- autoconf
- autoheader
+ ./prepare-source
./configure
- make proto
make
Casey Marshall writes:
can't say if I've left any cleanup/compatibility errors in the code.
---- orig/Makefile.in 2005-07-07 23:11:07
-+++ Makefile.in 2004-10-08 20:17:06
+--- old/Makefile.in
++++ new/Makefile.in
@@ -38,7 +38,7 @@ OBJS3=progress.o pipe.o
DAEMON_OBJ = params.o loadparm.o clientserver.o access.o connection.o authenticate.o
popt_OBJS=popt/findme.o popt/popt.o popt/poptconfig.o \
TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o
---- orig/cleanup.c 2005-03-05 18:58:38
-+++ cleanup.c 2005-01-10 10:43:22
+--- old/cleanup.c
++++ new/cleanup.c
@@ -22,6 +22,9 @@
#include "rsync.h"
extern int keep_partial;
extern int log_got_error;
extern char *partial_dir;
-@@ -97,6 +100,11 @@ void _exit_cleanup(int code, const char
- signal(SIGUSR1, SIG_IGN);
- signal(SIGUSR2, SIG_IGN);
+@@ -101,6 +104,11 @@ void _exit_cleanup(int code, const char
+ SIGACTION(SIGUSR1, SIG_IGN);
+ SIGACTION(SIGUSR2, SIG_IGN);
+#if HAVE_OPENSSL
+ if (use_ssl)
+
if (verbose > 3) {
rprintf(FINFO,"_exit_cleanup(code=%d, file=%s, line=%d): entered\n",
- code, safe_fname(file), line);
---- orig/clientserver.c 2005-08-17 06:45:07
-+++ clientserver.c 2005-04-09 17:39:57
-@@ -44,6 +44,9 @@ extern int io_timeout;
- extern int orig_umask;
- extern int no_detach;
- extern int default_af_hint;
+ code, file, line);
+--- old/clientserver.c
++++ new/clientserver.c
+@@ -34,6 +34,9 @@ extern int am_sender;
+ extern int am_server;
+ extern int am_daemon;
+ extern int am_root;
+#if HAVE_OPENSSL
+extern int use_ssl;
+#endif
- extern char *bind_address;
- extern struct filter_list_struct server_filter_list;
- extern char *config_file;
-@@ -98,8 +101,18 @@ int start_socket_client(char *host, char
- exit_cleanup(RERR_SOCKETIO);
+ extern int rsync_port;
+ extern int kluge_around_eof;
+ extern int daemon_over_rsh;
+@@ -109,8 +112,18 @@ int start_socket_client(char *host, char
+ set_socket_options(fd, sockopts);
ret = start_inband_exchange(user, path, fd, fd, argc);
+ if (ret)
}
int start_inband_exchange(char *user, char *path, int f_in, int f_out,
-@@ -160,6 +173,33 @@ int start_inband_exchange(char *user, ch
+@@ -171,6 +184,33 @@ int start_inband_exchange(char *user, ch
if (verbose > 1)
print_child_argv(sargs);
p = strchr(path,'/');
if (p) *p = 0;
io_printf(f_out, "%s\n", path);
-@@ -188,6 +228,10 @@ int start_inband_exchange(char *user, ch
+@@ -199,6 +239,10 @@ int start_inband_exchange(char *user, ch
* server to terminate the listing of modules.
* We don't want to go on and transfer
* anything; just exit. */
exit(0);
}
-@@ -195,6 +239,10 @@ int start_inband_exchange(char *user, ch
+@@ -206,6 +250,10 @@ int start_inband_exchange(char *user, ch
rprintf(FERROR, "%s\n", line);
/* This is always fatal; the server will now
* close the socket. */
return -1;
}
-@@ -597,6 +645,7 @@ static void send_listing(int fd)
+@@ -722,6 +770,7 @@ static void send_listing(int fd)
io_printf(fd,"@RSYNCD: EXIT\n");
}
/* this is called when a connection is established to a client
and we want to start talking. The setup of the system is done from
here */
-@@ -646,6 +695,9 @@ int start_daemon(int f_in, int f_out)
+@@ -778,6 +827,9 @@ int start_daemon(int f_in, int f_out)
if (protocol_version > remote_protocol)
protocol_version = remote_protocol;
line[0] = 0;
if (!read_line(f_in, line, sizeof line - 1))
return -1;
-@@ -655,6 +707,20 @@ int start_daemon(int f_in, int f_out)
+@@ -789,6 +841,20 @@ int start_daemon(int f_in, int f_out)
return -1;
}
if (*line == '#') {
/* it's some sort of command that I don't understand */
io_printf(f_out, "@ERROR: Unknown command '%s'\n", line);
---- orig/configure.in 2005-07-29 02:47:19
-+++ configure.in 2004-07-03 20:22:28
-@@ -293,6 +293,21 @@ yes
- AC_SEARCH_LIBS(getaddrinfo, inet6)
+--- old/configure.in
++++ new/configure.in
+@@ -282,6 +282,21 @@ if test x"$enable_locale" != x"no"; then
+ AC_DEFINE(CONFIG_LOCALE)
fi
+AC_ARG_ENABLE(openssl,
AC_MSG_CHECKING([whether to call shutdown on all sockets])
case $host_os in
*cygwin* ) AC_MSG_RESULT(yes)
---- orig/options.c 2005-08-27 21:11:26
-+++ options.c 2005-08-27 21:24:31
-@@ -157,6 +157,14 @@ int log_format_has_o_or_i = 0;
+--- old/options.c
++++ new/options.c
+@@ -167,6 +167,14 @@ int log_format_has_o_or_i = 0;
int always_checksum = 0;
int list_only = 0;
#define MAX_BATCH_NAME_LEN 256 /* Must be less than MAXPATHLEN-13 */
char *batch_name = NULL;
-@@ -183,6 +191,7 @@ static void print_rsync_version(enum log
+@@ -195,6 +203,7 @@ static void print_rsync_version(enum log
char const *hardlinks = "no ";
char const *links = "no ";
char const *ipv6 = "no ";
STRUCT_STAT *dumstat;
#ifdef HAVE_SOCKETPAIR
-@@ -205,6 +214,10 @@ static void print_rsync_version(enum log
+@@ -217,6 +226,10 @@ static void print_rsync_version(enum log
ipv6 = "";
#endif
+
rprintf(f, "%s version %s protocol version %d\n",
RSYNC_NAME, RSYNC_VERSION, PROTOCOL_VERSION);
- rprintf(f,
-@@ -218,10 +231,10 @@ static void print_rsync_version(enum log
+ rprintf(f, "Copyright (C) 1996-2006 by Andrew Tridgell, Wayne Davison, and others.\n");
+@@ -229,9 +242,9 @@ static void print_rsync_version(enum log
/* Note that this field may not have type ino_t. It depends
* on the complicated interaction between largefile feature
* macros. */
-- rprintf(f, " %sinplace, %sIPv6, %d-bit system inums, %d-bit internal inums\n",
-+ rprintf(f, " %sinplace, %sIPv6, %d-bit system inums, %d-bit internal inums, %sssl\n",
- have_inplace, ipv6,
+- rprintf(f, " %sinplace, %sIPv6, "
++ rprintf(f, " %sinplace, %sIPv6, %sSSL, "
+ "%d-bit system inums, %d-bit internal inums\n",
+- have_inplace, ipv6,
++ have_inplace, ipv6, ssl,
(int) (sizeof dumstat->st_ino * 8),
-- (int) (sizeof (int64) * 8));
-+ (int) (sizeof (int64) * 8), ssl);
+ (int) (sizeof (int64) * 8));
#ifdef MAINTAINER_MODE
- rprintf(f, " panic action: \"%s\"\n",
- get_panic_action());
-@@ -352,6 +365,13 @@ void usage(enum logcode F)
+@@ -371,6 +384,13 @@ void usage(enum logcode F)
rprintf(F," -4, --ipv4 prefer IPv4\n");
rprintf(F," -6, --ipv6 prefer IPv6\n");
#endif
+ rprintf(F," --ssl-ca-certs=FILE path to trusted CA certificates\n");
+#endif
rprintf(F," --version print version number\n");
- rprintf(F," -h, --help show this help screen\n");
+ rprintf(F,"(-h) --help show this help (-h works with no other options)\n");
-@@ -362,7 +382,7 @@ void usage(enum logcode F)
-
- enum {OPT_VERSION = 1000, OPT_DAEMON, OPT_SENDER, OPT_EXCLUDE, OPT_EXCLUDE_FROM,
- OPT_FILTER, OPT_COMPARE_DEST, OPT_COPY_DEST, OPT_LINK_DEST,
-- OPT_INCLUDE, OPT_INCLUDE_FROM, OPT_MODIFY_WINDOW,
-+ OPT_INCLUDE, OPT_INCLUDE_FROM, OPT_MODIFY_WINDOW, OPT_USE_SSL,
+@@ -383,7 +403,7 @@ enum {OPT_VERSION = 1000, OPT_DAEMON, OP
+ OPT_FILTER, OPT_COMPARE_DEST, OPT_COPY_DEST, OPT_LINK_DEST, OPT_HELP,
+ OPT_INCLUDE, OPT_INCLUDE_FROM, OPT_MODIFY_WINDOW, OPT_MIN_SIZE, OPT_CHMOD,
OPT_READ_BATCH, OPT_WRITE_BATCH, OPT_ONLY_WRITE_BATCH, OPT_MAX_SIZE,
- OPT_REFUSED_BASE = 9000};
+- OPT_NO_D,
++ OPT_NO_D, OPT_USE_SSL,
+ OPT_SERVER, OPT_REFUSED_BASE = 9000};
-@@ -485,6 +505,13 @@ static struct poptOption long_options[]
+ static struct poptOption long_options[] = {
+@@ -520,6 +540,13 @@ static struct poptOption long_options[]
{"checksum-seed", 0, POPT_ARG_INT, &checksum_seed, 0, 0, 0 },
- {"server", 0, POPT_ARG_NONE, &am_server, 0, 0, 0 },
+ {"server", 0, POPT_ARG_NONE, 0, OPT_SERVER, 0, 0 },
{"sender", 0, POPT_ARG_NONE, 0, OPT_SENDER, 0, 0 },
+#if HAVE_OPENSSL
+ {"ssl", 0, POPT_ARG_NONE, 0, OPT_USE_SSL, 0, 0},
/* All the following options switch us into daemon-mode option-parsing. */
{"config", 0, POPT_ARG_STRING, 0, OPT_DAEMON, 0, 0 },
{"daemon", 0, POPT_ARG_NONE, 0, OPT_DAEMON, 0, 0 },
-@@ -916,6 +943,12 @@ int parse_arguments(int *argc, const cha
- basis_dir[basis_dir_cnt++] = (char *)arg;
- break;
+@@ -1062,6 +1089,12 @@ int parse_arguments(int *argc, const cha
+ usage(FINFO);
+ exit_cleanup(0);
+ case OPT_USE_SSL:
+#if HAVE_OPENSSL
default:
/* A large opt value means that set_refuse_options()
* turned this option off. */
-@@ -1174,6 +1207,17 @@ int parse_arguments(int *argc, const cha
+@@ -1340,6 +1373,17 @@ int parse_arguments(int *argc, const cha
if (delay_updates && !partial_dir)
- partial_dir = partialdir_for_delayupdate;
+ partial_dir = tmp_partialdir;
+#if HAVE_OPENSSL
+ if (use_ssl) {
if (inplace) {
#ifdef HAVE_FTRUNCATE
if (partial_dir) {
-@@ -1547,11 +1591,28 @@ char *check_for_hostspec(char *s, char *
+@@ -1750,11 +1794,28 @@ char *check_for_hostspec(char *s, char *
{
char *p;
int not_host;
if ((p = strchr(s, '/')) != NULL) {
hostlen = p - s;
path = p + 1;
---- orig/rsync.h 2005-08-17 06:45:08
-+++ rsync.h 2004-10-08 21:01:33
+--- old/rsync.h
++++ new/rsync.h
@@ -32,6 +32,7 @@
#define DEFAULT_LOCK_FILE "/var/run/rsyncd.lock"
/* Starting from protocol version 26, we always use 64-bit
* ino_t and dev_t internally, even if this platform does not
* allow files to have 64-bit inums. That's because the
---- orig/ssl.c 2004-10-08 19:37:22
-+++ ssl.c 2004-10-08 19:37:22
+--- old/ssl.c
++++ new/ssl.c
@@ -0,0 +1,366 @@
+/* -*- c-file-style: "linux" -*-
+ * ssl.c: operations for negotiating SSL rsync connections.