With the new OW release approaching, it might be better to get an officially
tagged upstream release in as PR#19087 just contained a fix for CVE-2022-29154
which itself introduced a few bugs.
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit eeaacc9052)
Rrsync is a perl script that is supplied as an extra with the rsync program.
It must be used in conjunction with openssh-server or openssh-server-pam
as it requires ~/.ssh/authorized_keys which is not supported by dropbear.
Rrsync allows selective access to subdirectories in either read-only, write-only or read-write,
depending on settings in authorized_keys. This allows for safe, restrictive access.
It's particularly useful for automated backup purposes.
An example usage would be this entry:
command="/usr/bin/rrsync -ro /home" <public key here>
This would allow a system connecting with this public key to be able to rsync FROM the
/home directory tree only. It could not write to this directory, nor read from any other directory.
Signed-off-by: Matt Reeve <matt@mreeve.com>
Disable several options to enable compilation.
Simplified several configure options.
Remove pointless configure var.
Added ssh hinting patch. Some SSH incompatibility.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The configure test for gettimeofday does not include the proper header.
Override the variable as all OpenWrt libc have two arguments for
gettimeofday.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
samba.org has apparently started to enforce https-only downloads,
so update the download links for rsync and cifs-utils.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
https://rsync.samba.org/security.html#s3_1_2:
If you're using a version of rsync older than 3.1.2 as a client and
receiving files from an rsync server that you might not fully trust,
this version adds extra checking to the file list to prevent the sender
from tweaking the paths and/or the transfer requests in a way that could
cause a file to be received outside the transfer destination.
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
rsync, by default, includes a patched zlib within its source tarball. The patch
enables a better compression ratio for rsync streams. However, the client and
server need the same featureset in their zlib in order to understand the
compression stream, or the server will abort the transfer. Older versions have
no understanding of the new compression standard used.
This patch allows the builder to choose whether to use the bundled or system
zlib. It defautls to using the system zlib, as is the default before this
patch.
Signed-off-by: Ian Leonard <antonlacon@gmail.com>
John Audia
John Audia
Matt Reeve
Maxim Storchak
Ian Leonard
Rosen Penev
Jan Pavlinec
Simon Tretter
Etienne Champetier
Hannu Nyman
Daniel Dickinson