-OBJS=$(OBJS1) $(OBJS2) $(OBJS3) $(DAEMON_OBJ) $(LIBOBJ) $(ZLIBOBJ) @BUILD_POPT@
+OBJS=$(OBJS1) $(OBJS2) $(OBJS3) $(DAEMON_OBJ) $(LIBOBJ) $(ZLIBOBJ) @BUILD_POPT@ @SSL_OBJS@
- TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o
+ TLS_OBJ = tls.o syscall.o lib/compat.o lib/snprintf.o lib/permstring.o lib/sysxattrs.o @BUILD_POPT@
--- old/cleanup.c
+++ new/cleanup.c
-@@ -26,6 +26,9 @@
+@@ -25,6 +25,9 @@
extern int am_server;
extern int am_daemon;
extern int io_error;
extern int keep_partial;
extern int log_got_error;
extern char *partial_dir;
-@@ -117,6 +120,14 @@ NORETURN void _exit_cleanup(int code, co
+@@ -121,6 +124,14 @@ NORETURN void _exit_cleanup(int code, co
code, file, line);
}
--- old/clientserver.c
+++ new/clientserver.c
-@@ -30,6 +30,9 @@ extern int am_sender;
+@@ -29,6 +29,9 @@ extern int am_sender;
extern int am_server;
extern int am_daemon;
extern int am_root;
+extern int use_ssl;
+#endif
extern int rsync_port;
+ extern int ignore_errors;
extern int kluge_around_eof;
- extern int daemon_over_rsh;
-@@ -106,8 +109,18 @@ int start_socket_client(char *host, char
+@@ -112,8 +115,18 @@ int start_socket_client(char *host, int
set_socket_options(fd, sockopts);
- ret = start_inband_exchange(user, path, fd, fd, argc);
+ ret = start_inband_exchange(fd, fd, user, remote_argc, remote_argv);
+ if (ret)
+ return ret;
+ return client_run(fd, fd, -1, argc, argv);
}
- int start_inband_exchange(const char *user, char *path, int f_in, int f_out,
-@@ -168,6 +181,33 @@ int start_inband_exchange(const char *us
+ static int exchange_protocols(int f_in, int f_out, char *buf, size_t bufsiz, int am_client)
+@@ -256,6 +269,32 @@ int start_inband_exchange(int f_in, int
if (verbose > 1)
- print_child_argv(sargs);
+ print_child_argv("sending daemon args:", sargs);
+#ifdef HAVE_OPENSSL
+ if (use_ssl) {
+ io_printf(f_out, "#starttls\n");
+ while (1) {
-+ if (!read_line(f_in, line, sizeof(line)-1)) {
++ if (!read_line_old(f_in, line, sizeof line)) {
+ rprintf(FERROR, "rsync: did not receive reply to #starttls\n");
+ return -1;
+ }
+ rprintf(FERROR, "%s\n", line);
+ return -1;
+ }
-+ if (strcmp(line, "@RSYNCD: starttls") == 0) {
++ if (strcmp(line, "@RSYNCD: starttls") == 0)
+ break;
-+ }
+ rprintf(FINFO, "%s\n", line);
+ }
+ if (start_tls(f_in, f_out)) {
+ }
+#endif
+
- p = strchr(path,'/');
- if (p) *p = 0;
- io_printf(f_out, "%s\n", path);
-@@ -196,6 +236,10 @@ int start_inband_exchange(const char *us
+ io_printf(f_out, "%.*s\n", modlen, modname);
+
+ /* Old servers may just drop the connection here,
+@@ -281,6 +320,10 @@ int start_inband_exchange(int f_in, int
* server to terminate the listing of modules.
* We don't want to go on and transfer
* anything; just exit. */
exit(0);
}
-@@ -203,6 +247,10 @@ int start_inband_exchange(const char *us
+@@ -288,6 +331,10 @@ int start_inband_exchange(int f_in, int
rprintf(FERROR, "%s\n", line);
/* This is always fatal; the server will now
* close the socket. */
return -1;
}
-@@ -780,6 +828,9 @@ int start_daemon(int f_in, int f_out)
- if (protocol_version > remote_protocol)
- protocol_version = remote_protocol;
+@@ -818,6 +865,9 @@ int start_daemon(int f_in, int f_out)
+ if (exchange_protocols(f_in, f_out, line, sizeof line, 0) < 0)
+ return -1;
+#ifdef HAVE_OPENSSL
+retry:
+#endif
line[0] = 0;
- if (!read_line(f_in, line, sizeof line - 1))
+ if (!read_line_old(f_in, line, sizeof line))
return -1;
-@@ -791,6 +842,20 @@ int start_daemon(int f_in, int f_out)
+@@ -829,6 +879,20 @@ int start_daemon(int f_in, int f_out)
return -1;
}
*cygwin* ) AC_MSG_RESULT(yes)
--- old/options.c
+++ new/options.c
-@@ -173,6 +173,14 @@ int logfile_format_has_o_or_i = 0;
+@@ -182,6 +182,14 @@ int logfile_format_has_o_or_i = 0;
int always_checksum = 0;
int list_only = 0;
#define MAX_BATCH_NAME_LEN 256 /* Must be less than MAXPATHLEN-13 */
char *batch_name = NULL;
-@@ -201,6 +209,7 @@ static void print_rsync_version(enum log
- char const *hardlinks = "no ";
+@@ -221,6 +229,7 @@ static void print_rsync_version(enum log
char const *links = "no ";
+ char const *iconv = "no ";
char const *ipv6 = "no ";
+ char const *ssl = "no ";
STRUCT_STAT *dumstat;
- #ifdef HAVE_SOCKETPAIR
-@@ -223,6 +232,10 @@ static void print_rsync_version(enum log
- ipv6 = "";
+ #if SUBPROTOCOL_VERSION != 0
+@@ -250,6 +259,9 @@ static void print_rsync_version(enum log
+ #ifdef ICONV_OPTION
+ iconv = "";
#endif
-
+#ifdef HAVE_OPENSSL
+ ssl = "";
+#endif
-+
- rprintf(f, "%s version %s protocol version %d\n",
- RSYNC_NAME, RSYNC_VERSION, PROTOCOL_VERSION);
- rprintf(f, "Copyright (C) 1996-2006 by Andrew Tridgell, Wayne Davison, and others.\n");
-@@ -233,8 +246,8 @@ static void print_rsync_version(enum log
+
+ rprintf(f, "%s version %s protocol version %d%s\n",
+ RSYNC_NAME, RSYNC_VERSION, PROTOCOL_VERSION, subprotocol);
+@@ -263,8 +275,8 @@ static void print_rsync_version(enum log
(int)(sizeof (int64) * 8));
rprintf(f, " %ssocketpairs, %shardlinks, %ssymlinks, %sIPv6, batchfiles, %sinplace,\n",
got_socketpair, hardlinks, links, ipv6, have_inplace);
-- rprintf(f, " %sappend\n",
-- have_inplace);
-+ rprintf(f, " %sappend, %sSSL\n",
-+ have_inplace, ssl);
+- rprintf(f, " %sappend, %sACLs, %sxattrs, %siconv\n",
+- have_inplace, acls, xattrs, iconv);
++ rprintf(f, " %sappend, %sACLs, %sxattrs, %siconv, %sSSL\n",
++ have_inplace, acls, xattrs, iconv, ssl);
#ifdef MAINTAINER_MODE
rprintf(f, "Panic Action: \"%s\"\n", get_panic_action());
-@@ -382,6 +395,13 @@ void usage(enum logcode F)
+@@ -425,6 +437,13 @@ void usage(enum logcode F)
+ #endif
rprintf(F," -4, --ipv4 prefer IPv4\n");
rprintf(F," -6, --ipv6 prefer IPv6\n");
- #endif
+#ifdef HAVE_OPENSSL
+ rprintf(F," --ssl allow socket connections to use SSL\n");
+ rprintf(F," --ssl-cert=FILE path to daemon's SSL certificate\n");
rprintf(F," --version print version number\n");
rprintf(F,"(-h) --help show this help (-h works with no other options)\n");
-@@ -395,7 +415,7 @@ enum {OPT_VERSION = 1000, OPT_DAEMON, OP
+@@ -438,7 +457,7 @@ enum {OPT_VERSION = 1000, OPT_DAEMON, OP
OPT_FILTER, OPT_COMPARE_DEST, OPT_COPY_DEST, OPT_LINK_DEST, OPT_HELP,
OPT_INCLUDE, OPT_INCLUDE_FROM, OPT_MODIFY_WINDOW, OPT_MIN_SIZE, OPT_CHMOD,
OPT_READ_BATCH, OPT_WRITE_BATCH, OPT_ONLY_WRITE_BATCH, OPT_MAX_SIZE,
-- OPT_NO_D,
-+ OPT_NO_D, OPT_USE_SSL,
+- OPT_NO_D, OPT_APPEND,
++ OPT_NO_D, OPT_APPEND, OPT_USE_SSL,
OPT_SERVER, OPT_REFUSED_BASE = 9000};
static struct poptOption long_options[] = {
-@@ -543,6 +563,13 @@ static struct poptOption long_options[]
+@@ -623,6 +642,13 @@ static struct poptOption long_options[]
{"checksum-seed", 0, POPT_ARG_INT, &checksum_seed, 0, 0, 0 },
{"server", 0, POPT_ARG_NONE, 0, OPT_SERVER, 0, 0 },
{"sender", 0, POPT_ARG_NONE, 0, OPT_SENDER, 0, 0 },
/* All the following options switch us into daemon-mode option-parsing. */
{"config", 0, POPT_ARG_STRING, 0, OPT_DAEMON, 0, 0 },
{"daemon", 0, POPT_ARG_NONE, 0, OPT_DAEMON, 0, 0 },
-@@ -570,6 +597,13 @@ static void daemon_usage(enum logcode F)
+@@ -648,6 +674,13 @@ static void daemon_usage(enum logcode F)
+ rprintf(F," -v, --verbose increase verbosity\n");
rprintf(F," -4, --ipv4 prefer IPv4\n");
rprintf(F," -6, --ipv6 prefer IPv6\n");
- #endif
+#ifdef HAVE_OPENSSL
+ rprintf(F," --ssl allow socket connections to use SSL\n");
+ rprintf(F," --ssl-cert=FILE path to daemon's SSL certificate\n");
rprintf(F," --help show this help screen\n");
rprintf(F,"\n");
-@@ -596,6 +630,13 @@ static struct poptOption long_daemon_opt
+@@ -672,6 +705,13 @@ static struct poptOption long_daemon_opt
{"protocol", 0, POPT_ARG_INT, &protocol_version, 0, 0, 0 },
{"server", 0, POPT_ARG_NONE, &am_server, 0, 0, 0 },
{"temp-dir", 'T', POPT_ARG_STRING, &tmpdir, 0, 0, 0 },
{"verbose", 'v', POPT_ARG_NONE, 0, 'v', 0, 0 },
{"no-verbose", 0, POPT_ARG_VAL, &verbose, 0, 0, 0 },
{"no-v", 0, POPT_ARG_VAL, &verbose, 0, 0, 0 },
-@@ -853,6 +894,12 @@ int parse_arguments(int *argc, const cha
+@@ -946,6 +986,12 @@ int parse_arguments(int *argc_p, const c
verbose++;
break;
default:
rprintf(FERROR,
"rsync: %s: %s (in daemon mode)\n",
-@@ -876,6 +923,17 @@ int parse_arguments(int *argc, const cha
+@@ -969,6 +1015,17 @@ int parse_arguments(int *argc_p, const c
exit_cleanup(RERR_SYNTAX);
}
+ }
+#endif
+
- *argv = poptGetArgs(pc);
- *argc = count_args(*argv);
+ *argv_p = argv = poptGetArgs(pc);
+ *argc_p = argc = count_args(argv);
am_starting_up = 0;
-@@ -1087,6 +1145,12 @@ int parse_arguments(int *argc, const cha
- usage(FINFO);
- exit_cleanup(0);
+@@ -1221,6 +1278,12 @@ int parse_arguments(int *argc_p, const c
+ return 0;
+ #endif
+#ifdef HAVE_OPENSSL
+ case OPT_USE_SSL:
default:
/* A large opt value means that set_refuse_options()
* turned this option off. */
-@@ -1359,6 +1423,17 @@ int parse_arguments(int *argc, const cha
+@@ -1535,6 +1598,17 @@ int parse_arguments(int *argc_p, const c
if (delay_updates && !partial_dir)
partial_dir = tmp_partialdir;
if (inplace) {
#ifdef HAVE_FTRUNCATE
if (partial_dir) {
-@@ -1783,10 +1858,27 @@ char *check_for_hostspec(char *s, char *
+@@ -2007,10 +2081,27 @@ char *check_for_hostspec(char *s, char *
char *p;
int not_host;
int hostlen;
path = p + 1;
--- old/rsync.h
+++ new/rsync.h
-@@ -32,6 +32,7 @@
+@@ -31,6 +31,7 @@
#define DEFAULT_LOCK_FILE "/var/run/rsyncd.lock"
#define URL_PREFIX "rsync://"
#define BACKUP_SUFFIX "~"
-@@ -420,6 +421,11 @@ enum msgcode {
+@@ -520,6 +521,11 @@ typedef unsigned int size_t;
# define SIZEOF_INT64 SIZEOF_OFF_T
#endif
+#include <openssl/err.h>
+#endif
+
- /* Starting from protocol version 26, we always use 64-bit
- * ino_t and dev_t internally, even if this platform does not
- * allow files to have 64-bit inums. That's because the
+ struct hashtable {
+ void *nodes;
+ int32 size, entries;
--- old/ssl.c
+++ new/ssl.c
@@ -0,0 +1,370 @@
Matt McCutchen's Web Site / rsync / rsync-patches.git / blobdiff