blob: d0daaf78b7618814221e005e7cf068500e27fa0e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
#! /bin/bash
set -e
set -u
usage() {
echo "Usage: [RSYNC_SSL_CAPATH=<capath>] [RSYNC_SSL_CAPATH=<port>] $0 <RSYNC_HOST>"
}
while [[ "$#" -gt 0 ]]; do
case "$1" in
-h|--help)
usage
exit 0
;;
-l)
shift
shift
continue
;;
--)
shift
continue
;;
-*)
usage >&2
exit 1
;;
*)
break
esac
done
if [[ "$#" = 0 ]]; then
usage >&2
echo >&2 "No arguments given."
exit 1
fi
RSYNC_HOST="$1"; shift
RSYNC_SSL_PORT=${RSYNC_SSL_PORT:-"1873"}
RSYNC_SSL_CAPATH=${RSYNC_SSL_CAPATH:-"/etc/ssl/certs"}
RSYNC_SSL_METHOD=${RSYNC_SSL_METHOD:-"stunnel4"}
method_stunnel() {
skip_host_check="$1"; shift
tmp="`tempfile`"
trap "rm -f '$tmp'" EXIT
(
cat << EOF
# This file has been automatically created by ftpsync for syncing
# from ${RSYNC_HOST}.
#
# To test if things works, try the following:
# rsync -e 'stunnel4 <this config file>' \$RSYNC_USER@dummy::
#
client = yes
verify = 2
CApath = ${RSYNC_SSL_CAPATH}
syslog = no
debug = 4
output = /dev/stderr
connect = ${RSYNC_HOST}:${RSYNC_SSL_PORT}
EOF
if ! [ "$skip_host_check" = 1 ]; then
echo "checkHost = ${RSYNC_HOST}"
fi
) > "$tmp"
exec stunnel4 "$tmp"
echo >&2 "Failed to exec stunnel4"
exit 1
}
method_socat() {
exec socat - "openssl-connect:${RSYNC_HOST}:${RSYNC_SSL_PORT},capath=${RSYNC_SSL_CAPATH}"
echo >&2 "Failed to exec socat."
exit 1
}
case ${RSYNC_SSL_METHOD:-} in
stunnel4)
method_stunnel 0
;;
stunnel4-old)
method_stunnel 1
;;
socat)
method_socat
;;
*)
echo >&2 "Unknown method $RSYNC_SSL_METHOD."
exit 1
;;
esac
|