diff options
author | Peter Palfrader <peter@palfrader.org> | 2016-02-04 18:50:14 +0100 |
---|---|---|
committer | Peter Palfrader <peter@palfrader.org> | 2016-02-04 18:50:14 +0100 |
commit | c60ecbe2ffc425e22c635c3d6b15189f06ab4685 (patch) | |
tree | dc0109016982bc3edbe0352337326220e19be2c2 /bin/rsync-ssl-tunnel | |
parent | a5fc25ef4c352b0fdbfa38acf653bfa716fa8ee5 (diff) |
Default to stunnel4 with checkHost - this will break unless one runs stretch or newer
Diffstat (limited to 'bin/rsync-ssl-tunnel')
-rwxr-xr-x | bin/rsync-ssl-tunnel | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/bin/rsync-ssl-tunnel b/bin/rsync-ssl-tunnel index 82fb9eb..d0daaf7 100755 --- a/bin/rsync-ssl-tunnel +++ b/bin/rsync-ssl-tunnel @@ -39,13 +39,16 @@ fi RSYNC_HOST="$1"; shift RSYNC_SSL_PORT=${RSYNC_SSL_PORT:-"1873"} RSYNC_SSL_CAPATH=${RSYNC_SSL_CAPATH:-"/etc/ssl/certs"} -RSYNC_SSL_METHOD=${RSYNC_SSL_METHOD:-"socat"} +RSYNC_SSL_METHOD=${RSYNC_SSL_METHOD:-"stunnel4"} method_stunnel() { + skip_host_check="$1"; shift + tmp="`tempfile`" trap "rm -f '$tmp'" EXIT - cat << EOF > "$tmp" + ( + cat << EOF # This file has been automatically created by ftpsync for syncing # from ${RSYNC_HOST}. # @@ -62,6 +65,10 @@ output = /dev/stderr connect = ${RSYNC_HOST}:${RSYNC_SSL_PORT} EOF + if ! [ "$skip_host_check" = 1 ]; then + echo "checkHost = ${RSYNC_HOST}" + fi + ) > "$tmp" exec stunnel4 "$tmp" echo >&2 "Failed to exec stunnel4" @@ -76,7 +83,10 @@ method_socat() { case ${RSYNC_SSL_METHOD:-} in stunnel4) - method_stunnel + method_stunnel 0 + ;; + stunnel4-old) + method_stunnel 1 ;; socat) method_socat |