release-rsync)
release_common
# make sure everything we need is installed and updated
- verbose "$d0"/misc/tools/msys2-linux.sh --schroot=sid rsync dash
+ verbose "$d0"/misc/tools/msys2-linux.sh --schroot=sid rsync dash openssl
targetroot="$PWD/Xonotic"
verbose cd "$HOME/msys64" # see msys2-linux.sh
verbose cp --parents \
usr/bin/msys-crypto-3.dll \
usr/bin/msys-iconv-2.dll \
usr/bin/msys-lz4-1.dll \
+ usr/bin/msys-ssl-3.dll \
usr/bin/msys-xxhash-0.dll \
usr/bin/msys-zstd-1.dll \
+ usr/bin/openssl.exe \
usr/bin/rsync.exe \
+ usr/ssl/cert.pem \
"$targetroot/misc/tools/rsync-updater/"
# msys2 sh.exe is currently bash
verbose cp usr/bin/dash.exe "$targetroot/misc/tools/rsync-updater/usr/bin/sh.exe"
exit 1
fi
+if ! command -v rsync-ssl >/dev/null; then
+ export PATH="$PWD/usr/bin:$PATH"
+fi
+
+# openssl is the only option, as gnutls-cli is broken in rsync-ssl and stunnel doesn't verify the cert.
+rsynccmd=rsync-ssl
+if ! command -v openssl > /dev/null; then
+ if [ $interactive = false ]; then
+ printf >&2 "\033[1;31mFATAL: openssl not found, please install the openssl package!\033[m\n"
+ exit 1
+ fi
+ printf "\033[1;33mWARNING: openssl not found, please install the openssl package!\033[m\n"
+ unset secchoice # no automated skipping, this is important
+ until [ "$secchoice" = y ] || [ "$secchoice" = Y ]; do
+ printf "\033[1;33mConnecting without openssl is insecure, continue? [Y/N] \033[m"
+ read -r secchoice
+ [ "$secchoice" = n ] || [ "$secchoice" = N ] && exit 1
+ done
+ rsynccmd=rsync
+fi
+
case "${0##*/}" in
update-to-autobuild.sh)
buildtype=autobuild
else
options="$options --delete-after"
fi
-if [ "$OS" != "Windows_NT" ]; then
+if [ "$OS" = "Windows_NT" ]; then
+ # use blocking stdio for the remote shell (openssl) to avoid random failures (msys2/cygwin bug?)
+ options="$options --blocking-io"
+else
options="$options --executability"
fi
printf "\033[1;35mFound manually created 'Xonotic-high' package override\033[m\n"
package="Xonotic-high"
fi
-url="beta.xonotic.org/$buildtype-$package"
+url="rsync.xonotic.org/$buildtype/$package"
excludes=
if [ -n "$XONOTIC_INCLUDE_ALL" ]; then
done
# exec ensures this script stops before it's updated to prevent potential glitches
-exec rsync $options $excludes "rsync://$url/" "$target"
+exec $rsynccmd $options $excludes "rsync://$url/" "$target"
--- /dev/null
+#!/bin/sh
+
+# Minimal and POSIX-compatible version of rsync-ssl, supports only openssl
+# because gnutls-cli is broken and stunnel doesn't verify the server's certificate.
+
+# By default this script takes rsync args and hands them off to the actual
+# rsync command with an --rsh option that makes it open an SSL connection to an
+# rsync daemon. See the rsync-ssl manpage for usage details and env variables.
+
+# When the first arg is --HELPER, we are being used by rsync as an --rsh helper
+# script, and the args are (note the trailing dot):
+#
+# rsync-ssl --HELPER HOSTNAME rsync --server --daemon .
+#
+# --HELPER is not a user-facing option, so it is not documented in the manpage.
+
+rsync_ssl_helper()
+{
+ port="${RSYNC_PORT:-0}"
+ if [ "$port" -eq 0 ]; then
+ port="${RSYNC_SSL_PORT:-874}"
+ fi
+
+ # If the user specified USER@HOSTNAME::module, then rsync passes us
+ # the -l USER option too, so we must be prepared to ignore it.
+ if [ "$1" = "-l" ]; then
+ shift 2
+ fi
+
+ hostname="$1"
+ shift
+
+ if [ -z "$hostname" ] || [ "$1" != rsync ] || [ "$2" != --server ] || [ "$3" != --daemon ]; then
+ echo "Usage: rsync-ssl --HELPER HOSTNAME rsync --server --daemon ." 1>&2
+ exit 1
+ fi
+
+ exec openssl s_client -verify_return_error -verify 4 -quiet -verify_quiet -servername $hostname -verify_hostname $hostname -connect $hostname:$port
+}
+
+if [ "$1" = --HELPER ]; then
+ shift
+ rsync_ssl_helper "${@}"
+fi
+
+exec rsync --rsh="$0 --HELPER" "${@}"
projects / xonotic / xonotic.git / commitdiff