35 lines
822 B
Bash
Executable file
35 lines
822 B
Bash
Executable file
#!/bin/bash
|
|
|
|
echo "$@" > /tmp/foo.out
|
|
|
|
key="/etc/pki/tls/private/$(hostname -f).key"
|
|
cert="/etc/pki/tls/certs/$(hostname -f).crt"
|
|
cafile="/etc/pki/tls/certs/ca.crt"
|
|
port=${RSYNC_SSL_PORT:-873}
|
|
|
|
# If the user specified USER@HOSTNAME::module, then rsync passes us
|
|
# the -l USER option too, so we must be prepared to ignore it.
|
|
if [ x"$1" = x"-l" ]; then
|
|
shift 2
|
|
fi
|
|
|
|
hostname=$1
|
|
shift
|
|
|
|
if [ x"$hostname" = x -o x"$1" != x"rsync" -o x"$2" != x"--server" -o x"$3" != x"--daemon" ]; then
|
|
echo "Usage: stunnel-rsync HOSTNAME rsync --server --daemon ." 1>&2
|
|
exit 1
|
|
fi
|
|
|
|
# devzero@web.de came up with this no-tmpfile calling syntax:
|
|
stunnel -fd 10 11<&0 <<EOF 10<&0 0<&11 11<&-
|
|
foreground = yes
|
|
debug = crit
|
|
connect = $hostname:$port
|
|
client = yes
|
|
TIMEOUTclose = 0
|
|
verify = 2
|
|
cert = $cert
|
|
key = $key
|
|
CAfile = $cafile
|
|
EOF
|