force tls version to default in rsync client
This commit is contained in:
parent
8e6db48503
commit
5ccc0a6a5c
1 changed files with 0 additions and 0 deletions
|
|
@ -1,35 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
echo "$@" > /tmp/foo.out
|
||||
|
||||
key="/etc/pki/tls/private/$(hostname -f).key"
|
||||
cert="/etc/pki/tls/certs/$(hostname -f).crt"
|
||||
cafile="/etc/pki/tls/certs/ca.crt"
|
||||
port=${RSYNC_SSL_PORT:-873}
|
||||
|
||||
# If the user specified USER@HOSTNAME::module, then rsync passes us
|
||||
# the -l USER option too, so we must be prepared to ignore it.
|
||||
if [ x"$1" = x"-l" ]; then
|
||||
shift 2
|
||||
fi
|
||||
|
||||
hostname=$1
|
||||
shift
|
||||
|
||||
if [ x"$hostname" = x -o x"$1" != x"rsync" -o x"$2" != x"--server" -o x"$3" != x"--daemon" ]; then
|
||||
echo "Usage: stunnel-rsync HOSTNAME rsync --server --daemon ." 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# devzero@web.de came up with this no-tmpfile calling syntax:
|
||||
stunnel -fd 10 11<&0 <<EOF 10<&0 0<&11 11<&-
|
||||
foreground = yes
|
||||
debug = crit
|
||||
connect = $hostname:$port
|
||||
client = yes
|
||||
TIMEOUTclose = 0
|
||||
verify = 2
|
||||
cert = $cert
|
||||
key = $key
|
||||
CAfile = $cafile
|
||||
EOF
|
||||
Loading…
Add table
Add a link
Reference in a new issue