Fix hfs_receiver_check() on a relative path.
[rsync-patches.git] / openssl-support.diff
index ed673bedfc76c79d81158341d8227f0d57e2f472..d3818868dc2632c2e83cdcf9d1aab23f9f98861f 100644 (file)
@@ -35,10 +35,11 @@ To use this patch, run these commands for a successful build:
     ./configure
     make
 
+based-on: a59a7b242393699fedeb4f66911e3fc9b4fadd73
 diff --git a/Makefile.in b/Makefile.in
 --- a/Makefile.in
 +++ b/Makefile.in
-@@ -40,7 +40,7 @@ OBJS3=progress.o pipe.o
+@@ -41,7 +41,7 @@ OBJS3=progress.o pipe.o
  DAEMON_OBJ = params.o loadparm.o clientserver.o access.o connection.o authenticate.o
  popt_OBJS=popt/findme.o  popt/popt.o  popt/poptconfig.o \
        popt/popthelp.o popt/poptparse.o
@@ -50,18 +51,18 @@ diff --git a/Makefile.in b/Makefile.in
 diff --git a/cleanup.c b/cleanup.c
 --- a/cleanup.c
 +++ b/cleanup.c
-@@ -25,6 +25,9 @@
- extern int am_server;
+@@ -26,6 +26,9 @@ extern int am_server;
  extern int am_daemon;
+ extern int am_receiver;
  extern int io_error;
 +#ifdef HAVE_OPENSSL
 +extern int use_ssl;
 +#endif
  extern int keep_partial;
  extern int got_xfer_error;
- extern int progress_is_active;
-@@ -125,6 +128,14 @@ NORETURN void _exit_cleanup(int code, const char *file, int line)
-                               code, file, line);
+ extern int protocol_version;
+@@ -138,6 +141,14 @@ NORETURN void _exit_cleanup(int code, const char *file, int line)
+                               who_am_i(), code, file, line);
                }
  
 +#ifdef HAVE_OPENSSL
@@ -74,11 +75,11 @@ diff --git a/cleanup.c b/cleanup.c
 +
                /* FALLTHROUGH */
  #include "case_N.h"
+               switch_step++;
 diff --git a/clientserver.c b/clientserver.c
 --- a/clientserver.c
 +++ b/clientserver.c
-@@ -31,6 +31,9 @@ extern int am_sender;
+@@ -30,6 +30,9 @@ extern int am_sender;
  extern int am_server;
  extern int am_daemon;
  extern int am_root;
@@ -88,7 +89,7 @@ diff --git a/clientserver.c b/clientserver.c
  extern int rsync_port;
  extern int protect_args;
  extern int ignore_errors;
-@@ -126,8 +129,18 @@ int start_socket_client(char *host, int remote_argc, char *remote_argv[],
+@@ -132,8 +135,18 @@ int start_socket_client(char *host, int remote_argc, char *remote_argv[],
  #endif
  
        ret = start_inband_exchange(fd, fd, user, remote_argc, remote_argv);
@@ -108,8 +109,8 @@ diff --git a/clientserver.c b/clientserver.c
  }
  
  static int exchange_protocols(int f_in, int f_out, char *buf, size_t bufsiz, int am_client)
-@@ -270,6 +283,32 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
-       if (verbose > 1)
+@@ -279,6 +292,32 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
+       if (DEBUG_GTE(CMD, 1))
                print_child_argv("sending daemon args:", sargs);
  
 +#ifdef HAVE_OPENSSL
@@ -141,7 +142,7 @@ diff --git a/clientserver.c b/clientserver.c
        io_printf(f_out, "%.*s\n", modlen, modname);
  
        /* Old servers may just drop the connection here,
-@@ -295,6 +334,10 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
+@@ -304,6 +343,10 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
                         * server to terminate the listing of modules.
                         * We don't want to go on and transfer
                         * anything; just exit. */
@@ -152,7 +153,7 @@ diff --git a/clientserver.c b/clientserver.c
                        exit(0);
                }
  
-@@ -302,6 +345,10 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
+@@ -311,6 +354,10 @@ int start_inband_exchange(int f_in, int f_out, const char *user, int argc, char
                        rprintf(FERROR, "%s\n", line);
                        /* This is always fatal; the server will now
                         * close the socket. */
@@ -163,17 +164,28 @@ diff --git a/clientserver.c b/clientserver.c
                        return -1;
                }
  
-@@ -935,6 +982,9 @@ int start_daemon(int f_in, int f_out)
+@@ -716,6 +763,10 @@ static int rsync_module(int f_in, int f_out, int i, const char *addr, const char
+                               set_env_num("RSYNC_PID", (long)pid);
+                               if (wait_process(pid, &status, 0) < 0)
+                                       status = -1;
++#ifdef HAVE_OPENSSL
++                              if (use_ssl)
++                                      end_tls();
++#endif
+                               set_env_num("RSYNC_RAW_STATUS", status);
+                               if (WIFEXITED(status))
+                                       status = WEXITSTATUS(status);
+@@ -1071,6 +1122,9 @@ int start_daemon(int f_in, int f_out)
        if (exchange_protocols(f_in, f_out, line, sizeof line, 0) < 0)
                return -1;
  
 +#ifdef HAVE_OPENSSL
-+retry:
++  retry:
 +#endif
        line[0] = 0;
-       if (!read_line_old(f_in, line, sizeof line))
+       if (!read_line_old(f_in, line, sizeof line, 0))
                return -1;
-@@ -946,6 +996,20 @@ int start_daemon(int f_in, int f_out)
+@@ -1082,6 +1136,20 @@ int start_daemon(int f_in, int f_out)
                return -1;
        }
  
@@ -194,10 +206,10 @@ diff --git a/clientserver.c b/clientserver.c
        if (*line == '#') {
                /* it's some sort of command that I don't understand */
                io_printf(f_out, "@ERROR: Unknown command '%s'\n", line);
-diff --git a/configure.in b/configure.in
---- a/configure.in
-+++ b/configure.in
-@@ -295,6 +295,21 @@ if test x"$enable_locale" != x"no"; then
+diff --git a/configure.ac b/configure.ac
+--- a/configure.ac
++++ b/configure.ac
+@@ -320,6 +320,25 @@ if test x"$enable_locale" != x"no"; then
        AC_DEFINE(CONFIG_LOCALE)
  fi
  
@@ -206,6 +218,8 @@ diff --git a/configure.in b/configure.in
 +
 +if test "x$enable_openssl" != xno
 +then
++      save_LIBS=$LIBS
++      LIBS="$LIBS -lcrypto"
 +      have_ssl=yes
 +      AC_CHECK_LIB(ssl, SSL_library_init, , [have_ssl=no])
 +      if test "x$have_ssl" = xyes
@@ -213,16 +227,118 @@ diff --git a/configure.in b/configure.in
 +              AC_DEFINE(HAVE_OPENSSL, 1, [true if you want to use SSL.])
 +              SSL_OBJS=ssl.o
 +              AC_SUBST(SSL_OBJS)
++      else
++              LIBS=$save_LIBS
 +      fi
 +fi
 +
  AC_MSG_CHECKING([whether to call shutdown on all sockets])
  case $host_os in
        *cygwin* ) AC_MSG_RESULT(yes)
+diff --git a/main.c b/main.c
+--- a/main.c
++++ b/main.c
+@@ -92,6 +92,9 @@ extern char backup_dir_buf[MAXPATHLEN];
+ extern char *basis_dir[MAX_BASIS_DIRS+1];
+ extern struct file_list *first_flist;
+ extern filter_rule_list daemon_filter_list;
++#ifdef HAVE_OPENSSL
++extern int use_ssl;
++#endif
+ uid_t our_uid;
+ gid_t our_gid;
+@@ -152,6 +155,52 @@ pid_t wait_process(pid_t pid, int *status_ptr, int flags)
+       return waited_pid;
+ }
++/* Sends signal "signo", waits for the process to die, and if it doesn't, sends
++ * a SIGKILL.  If "graceful" is set, the initial "signo" signal is delayed by a
++ * second to try to let the process exit on its own first. */
++pid_t terminate_process(pid_t pid, int *status_ptr, int signo, int graceful)
++{
++      pid_t waited_pid;
++      int timeout = graceful ? 1000 : 3000;
++      if (!graceful)
++              kill(pid, signo);
++      while (1) {
++              waited_pid = wait_process(pid, status_ptr, timeout >= 0 ? WNOHANG : 0);
++              if (waited_pid)
++                      break;
++              if (timeout == 0) {
++                      if (graceful) {
++                              graceful = 0;
++                              timeout = 3000;
++                      } else {
++                              signo = SIGKILL;
++                              timeout = -1;
++                      }
++                      rprintf(FINFO, "%s:%s shutdown didn't work - sending signal %d\n",
++                              __FUNCTION__, graceful ? " graceful" : "", signo);
++                      kill(pid, signo);
++              }
++
++              if (timeout > 0) {
++                      /* interruptible wait and calculate the time left for waiting */
++                      struct timeval tval, t1, t2;
++
++                      gettimeofday(&t1, NULL);
++
++                      tval.tv_sec = timeout/1000;
++                      tval.tv_usec = (timeout%1000)*1000;
++                      select(0, NULL, NULL, NULL, &tval);
++                      gettimeofday(&t2, NULL);
++
++                      timeout -= (t2.tv_sec-t1.tv_sec)*1000 + (t2.tv_usec-t1.tv_usec)/1000;
++                      if (timeout < 0)
++                              timeout = 0;
++              }
++      }
++
++      return waited_pid;
++}
++
+ /* Wait for a process to exit, calling io_flush while waiting. */
+ static void wait_process_with_flush(pid_t pid, int *exit_code_ptr)
+ {
+@@ -808,6 +857,11 @@ static void do_server_sender(int f_in, int f_out, int argc, char *argv[])
+               argv[0] = ".";
+       }
++#ifdef HAVE_OPENSSL
++      if (use_ssl)
++              start_tls_buffering();
++#endif
++
+       flist = send_file_list(f_out,argc,argv);
+       if (!flist || flist->used == 0)
+               exit_cleanup(0);
+@@ -928,6 +982,10 @@ static int do_recv(int f_in, int f_out, char *local_name)
+       io_start_buffering_out(f_out);
+       io_start_multiplex_in(f_in);
++#ifdef HAVE_OPENSSL
++      if (use_ssl)
++              start_tls_buffering();
++#endif
+ #ifdef SUPPORT_HARD_LINKS
+       if (preserve_hard_links && inc_recurse) {
+@@ -1132,6 +1190,10 @@ int client_run(int f_in, int f_out, pid_t pid, int argc, char *argv[])
+                       io_start_multiplex_in(f_in);
+               else
+                       io_start_buffering_in(f_in);
++#ifdef HAVE_OPENSSL
++              if (use_ssl)
++                      start_tls_buffering();
++#endif
+               send_filter_list(f_out);
+               if (filesfrom_host)
+                       filesfrom_fd = f_in;
 diff --git a/options.c b/options.c
 --- a/options.c
 +++ b/options.c
-@@ -185,6 +185,14 @@ int logfile_format_has_o_or_i = 0;
+@@ -192,6 +192,14 @@ int logfile_format_has_o_or_i = 0;
  int always_checksum = 0;
  int list_only = 0;
  
@@ -237,7 +353,7 @@ diff --git a/options.c b/options.c
  #define MAX_BATCH_NAME_LEN 256        /* Must be less than MAXPATHLEN-13 */
  char *batch_name = NULL;
  
-@@ -225,6 +233,7 @@ static void print_rsync_version(enum logcode f)
+@@ -570,6 +578,7 @@ static void print_rsync_version(enum logcode f)
        char const *links = "no ";
        char const *iconv = "no ";
        char const *ipv6 = "no ";
@@ -245,8 +361,8 @@ diff --git a/options.c b/options.c
        STRUCT_STAT *dumstat;
  
  #if SUBPROTOCOL_VERSION != 0
-@@ -257,6 +266,9 @@ static void print_rsync_version(enum logcode f)
- #if defined HAVE_LUTIMES && defined HAVE_UTIMES
+@@ -606,6 +615,9 @@ static void print_rsync_version(enum logcode f)
+ #ifdef CAN_SET_SYMLINK_TIMES
        symtimes = "";
  #endif
 +#ifdef HAVE_OPENSSL
@@ -255,18 +371,18 @@ diff --git a/options.c b/options.c
  
        rprintf(f, "%s  version %s  protocol version %d%s\n",
                RSYNC_NAME, RSYNC_VERSION, PROTOCOL_VERSION, subprotocol);
-@@ -270,8 +282,8 @@ static void print_rsync_version(enum logcode f)
+@@ -619,8 +631,8 @@ static void print_rsync_version(enum logcode f)
                (int)(sizeof (int64) * 8));
        rprintf(f, "    %ssocketpairs, %shardlinks, %ssymlinks, %sIPv6, batchfiles, %sinplace,\n",
                got_socketpair, hardlinks, links, ipv6, have_inplace);
--      rprintf(f, "    %sappend, %sACLs, %sxattrs, %siconv, %ssymtimes\n",
--              have_inplace, acls, xattrs, iconv, symtimes);
-+      rprintf(f, "    %sappend, %sACLs, %sxattrs, %siconv, %ssymtimes, %sSSL\n",
-+              have_inplace, acls, xattrs, iconv, symtimes, ssl);
+-      rprintf(f, "    %sappend, %sACLs, %sxattrs, %siconv, %ssymtimes, %sprealloc\n",
+-              have_inplace, acls, xattrs, iconv, symtimes, prealloc);
++      rprintf(f, "    %sappend, %sACLs, %sxattrs, %siconv, %ssymtimes, %sprealloc, %sSSL\n",
++              have_inplace, acls, xattrs, iconv, symtimes, prealloc, ssl);
  
  #ifdef MAINTAINER_MODE
        rprintf(f, "Panic Action: \"%s\"\n", get_panic_action());
-@@ -433,6 +445,13 @@ void usage(enum logcode F)
+@@ -797,6 +809,13 @@ void usage(enum logcode F)
  #endif
    rprintf(F," -4, --ipv4                  prefer IPv4\n");
    rprintf(F," -6, --ipv6                  prefer IPv6\n");
@@ -280,16 +396,16 @@ diff --git a/options.c b/options.c
    rprintf(F,"     --version               print version number\n");
    rprintf(F,"(-h) --help                  show this help (-h works with no other options)\n");
  
-@@ -446,7 +465,7 @@ enum {OPT_VERSION = 1000, OPT_DAEMON, OPT_SENDER, OPT_EXCLUDE, OPT_EXCLUDE_FROM,
+@@ -810,7 +829,7 @@ enum {OPT_VERSION = 1000, OPT_DAEMON, OPT_SENDER, OPT_EXCLUDE, OPT_EXCLUDE_FROM,
        OPT_FILTER, OPT_COMPARE_DEST, OPT_COPY_DEST, OPT_LINK_DEST, OPT_HELP,
        OPT_INCLUDE, OPT_INCLUDE_FROM, OPT_MODIFY_WINDOW, OPT_MIN_SIZE, OPT_CHMOD,
        OPT_READ_BATCH, OPT_WRITE_BATCH, OPT_ONLY_WRITE_BATCH, OPT_MAX_SIZE,
--      OPT_NO_D, OPT_APPEND, OPT_NO_ICONV,
-+      OPT_NO_D, OPT_APPEND, OPT_NO_ICONV, OPT_USE_SSL,
+-      OPT_NO_D, OPT_APPEND, OPT_NO_ICONV, OPT_INFO, OPT_DEBUG,
++      OPT_NO_D, OPT_APPEND, OPT_NO_ICONV, OPT_INFO, OPT_DEBUG, OPT_USE_SSL,
+       OPT_USERMAP, OPT_GROUPMAP, OPT_CHOWN, OPT_BWLIMIT,
        OPT_SERVER, OPT_REFUSED_BASE = 9000};
  
- static struct poptOption long_options[] = {
-@@ -649,6 +668,13 @@ static struct poptOption long_options[] = {
+@@ -1029,6 +1048,13 @@ static struct poptOption long_options[] = {
    {"checksum-seed",    0,  POPT_ARG_INT,    &checksum_seed, 0, 0, 0 },
    {"server",           0,  POPT_ARG_NONE,   0, OPT_SERVER, 0, 0 },
    {"sender",           0,  POPT_ARG_NONE,   0, OPT_SENDER, 0, 0 },
@@ -303,7 +419,7 @@ diff --git a/options.c b/options.c
    /* All the following options switch us into daemon-mode option-parsing. */
    {"config",           0,  POPT_ARG_STRING, 0, OPT_DAEMON, 0, 0 },
    {"daemon",           0,  POPT_ARG_NONE,   0, OPT_DAEMON, 0, 0 },
-@@ -674,6 +700,13 @@ static void daemon_usage(enum logcode F)
+@@ -1056,6 +1082,13 @@ static void daemon_usage(enum logcode F)
    rprintf(F," -v, --verbose               increase verbosity\n");
    rprintf(F," -4, --ipv4                  prefer IPv4\n");
    rprintf(F," -6, --ipv6                  prefer IPv6\n");
@@ -317,7 +433,7 @@ diff --git a/options.c b/options.c
    rprintf(F,"     --help                  show this help screen\n");
  
    rprintf(F,"\n");
-@@ -698,6 +731,13 @@ static struct poptOption long_daemon_options[] = {
+@@ -1081,6 +1114,13 @@ static struct poptOption long_daemon_options[] = {
    {"protocol",         0,  POPT_ARG_INT,    &protocol_version, 0, 0, 0 },
    {"server",           0,  POPT_ARG_NONE,   &am_server, 0, 0, 0 },
    {"temp-dir",        'T', POPT_ARG_STRING, &tmpdir, 0, 0, 0 },
@@ -331,7 +447,7 @@ diff --git a/options.c b/options.c
    {"verbose",         'v', POPT_ARG_NONE,   0, 'v', 0, 0 },
    {"no-verbose",       0,  POPT_ARG_VAL,    &verbose, 0, 0, 0 },
    {"no-v",             0,  POPT_ARG_VAL,    &verbose, 0, 0, 0 },
-@@ -979,6 +1019,12 @@ int parse_arguments(int *argc_p, const char ***argv_p)
+@@ -1376,6 +1416,12 @@ int parse_arguments(int *argc_p, const char ***argv_p)
                                        verbose++;
                                        break;
  
@@ -344,7 +460,7 @@ diff --git a/options.c b/options.c
                                default:
                                        rprintf(FERROR,
                                            "rsync: %s: %s (in daemon mode)\n",
-@@ -1002,6 +1048,17 @@ int parse_arguments(int *argc_p, const char ***argv_p)
+@@ -1402,6 +1448,17 @@ int parse_arguments(int *argc_p, const char ***argv_p)
                                exit_cleanup(RERR_SYNTAX);
                        }
  
@@ -362,7 +478,7 @@ diff --git a/options.c b/options.c
                        *argv_p = argv = poptGetArgs(pc);
                        *argc_p = argc = count_args(argv);
                        am_starting_up = 0;
-@@ -1260,6 +1317,12 @@ int parse_arguments(int *argc_p, const char ***argv_p)
+@@ -1780,6 +1837,12 @@ int parse_arguments(int *argc_p, const char ***argv_p)
                        return 0;
  #endif
  
@@ -375,7 +491,7 @@ diff --git a/options.c b/options.c
                default:
                        /* A large opt value means that set_refuse_options()
                         * turned this option off. */
-@@ -1593,6 +1656,17 @@ int parse_arguments(int *argc_p, const char ***argv_p)
+@@ -2184,6 +2247,17 @@ int parse_arguments(int *argc_p, const char ***argv_p)
        if (delay_updates && !partial_dir)
                partial_dir = tmp_partialdir;
  
@@ -393,37 +509,28 @@ diff --git a/options.c b/options.c
        if (inplace) {
  #ifdef HAVE_FTRUNCATE
                if (partial_dir) {
-@@ -2067,10 +2141,27 @@ char *check_for_hostspec(char *s, char **host_ptr, int *port_ptr)
-       char *p;
-       int not_host;
-       int hostlen;
--
+@@ -2779,9 +2853,18 @@ char *check_for_hostspec(char *s, char **host_ptr, int *port_ptr)
+ {
+       char *path;
 -      if (port_ptr && strncasecmp(URL_PREFIX, s, strlen(URL_PREFIX)) == 0) {
-+      int url_prefix_len = sizeof URL_PREFIX - 1;
-+
-+      if (!port_ptr)
-+              url_prefix_len = 0;
-+      else if (strncasecmp(URL_PREFIX, s, url_prefix_len) != 0) {
-+#ifdef HAVE_OPENSSL
-+              url_prefix_len = sizeof SSL_URL_PREFIX - 1;
-+              if (strncasecmp(SSL_URL_PREFIX, s, url_prefix_len) != 0)
-+                      url_prefix_len = 0;
-+              else {
+-              *host_ptr = parse_hostspec(s + strlen(URL_PREFIX), &path, port_ptr);
+-              if (*host_ptr) {
++      if (port_ptr) {
++              int url_prefix_len;
++              if (strncasecmp(URL_PREFIX, s, sizeof URL_PREFIX - 1) == 0)
++                      url_prefix_len = sizeof URL_PREFIX - 1;
++              else if (strncasecmp(SSL_URL_PREFIX, s, sizeof SSL_URL_PREFIX - 1) == 0) {
 +                      if (!use_ssl)
 +                              init_tls();
 +                      use_ssl = 1;
-+              }
-+#else
-+              url_prefix_len = 0;
-+#endif
-+      }
-+      if (url_prefix_len) {
-               char *path;
--              s += strlen(URL_PREFIX);
-+              s += url_prefix_len;
-               if ((p = strchr(s, '/')) != NULL) {
-                       hostlen = p - s;
-                       path = p + 1;
++                      url_prefix_len = sizeof SSL_URL_PREFIX - 1;
++              } else
++                      url_prefix_len = 0;
++              if (url_prefix_len && (*host_ptr = parse_hostspec(s + url_prefix_len, &path, port_ptr))) {
+                       if (!*port_ptr)
+                               *port_ptr = RSYNC_PORT;
+                       return path;
 diff --git a/rsync.h b/rsync.h
 --- a/rsync.h
 +++ b/rsync.h
@@ -433,9 +540,9 @@ diff --git a/rsync.h b/rsync.h
  #define URL_PREFIX "rsync://"
 +#define SSL_URL_PREFIX "rsyncs://"
  
- #define SYMLINK_PREFIX "/rsyncd-munged/"
+ #define SYMLINK_PREFIX "/rsyncd-munged/"  /* This MUST have a trailing slash! */
  #define SYMLINK_PREFIX_LEN ((int)sizeof SYMLINK_PREFIX - 1)
-@@ -543,6 +544,11 @@ typedef unsigned int size_t;
+@@ -608,6 +609,11 @@ typedef unsigned int size_t;
  # define SIZEOF_INT64 SIZEOF_OFF_T
  #endif
  
@@ -451,9 +558,9 @@ diff --git a/ssl.c b/ssl.c
 new file mode 100644
 --- /dev/null
 +++ b/ssl.c
-@@ -0,0 +1,370 @@
+@@ -0,0 +1,603 @@
 +/* -*- c-file-style: "linux" -*-
-+ * ssl.c: operations for negotiating SSL rsync connections. 
++ * ssl.c: operations for negotiating SSL rsync connections.
 + *
 + * Copyright (C) 2003  Casey Marshall <rsdio@metastatic.org>
 + *
@@ -461,12 +568,12 @@ new file mode 100644
 + * it under the terms of the GNU General Public License as published by
 + * the Free Software Foundation; either version 2 of the License, or
 + * (at your option) any later version.
-+ * 
++ *
 + * This program is distributed in the hope that it will be useful,
 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 + * GNU General Public License for more details.
-+ * 
++ *
 + * You should have received a copy of the GNU General Public License
 + * along with this program; if not, write to the Free Software
 + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
@@ -483,9 +590,9 @@ new file mode 100644
 +#endif
 +#include <string.h>
 +
-+#define BUF_SIZE 1024
++#define SSL_MAX_RECORD_SIZE (1024*16) /* TLS record size */
++#define MAX_BUFFERING_TIME_MS 100
 +
-+extern int verbose;
 +extern int am_daemon;
 +extern int am_server;
 +
@@ -499,12 +606,20 @@ new file mode 100644
 +static int tls_read[2] = { -1, -1 };
 +static int tls_write[2] = { -1, -1 };
 +static int ssl_running;
++static int ssl_min_send_size;
 +static int ssl_pid = -1;
 +
 +#ifdef HAVE_SIGACTION
 +static struct sigaction sigact;
 +#endif
 +
++/* copied from progress.c */
++static unsigned long msdiff(struct timeval *t1, struct timeval *t2)
++{
++      return (t2->tv_sec - t1->tv_sec) * 1000L
++              + (t2->tv_usec - t1->tv_usec) / 1000;
++}
++
 +/**
 + * A non-interactive callback to be passed to SSL_CTX_set_default_password_cb,
 + * which merely copies the value of ssl_key_passwd into buf. This is
@@ -571,7 +686,7 @@ new file mode 100644
 +              cbs = buf;
 +              break;
 +      }
-+      if (verbose > 2) {
++      if (DEBUG_GTE(CONNECT, 1)) {
 +              rprintf(FLOG, "SSL: info_callback(%p,%s,%d)\n", ssl, cbs, val);
 +              if (cb == SSL_CB_HANDSHAKE_DONE) {
 +                      SSL_CIPHER_description(SSL_get_current_cipher((SSL*)ssl),
@@ -596,6 +711,8 @@ new file mode 100644
 +              return 1;
 +      SSL_CTX_set_info_callback(ssl_ctx, info_callback);
 +
++      SSL_CTX_set_options(ssl_ctx, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3);
++
 +      /* Sets the certificate sent to the other party. */
 +      if (ssl_cert_path != NULL
 +          && SSL_CTX_use_certificate_file(ssl_ctx, ssl_cert_path,
@@ -649,28 +766,59 @@ new file mode 100644
 + */
 +static RETSIGTYPE tls_sigusr1(int UNUSED(val))
 +{
-+      if (ssl) {
-+              SSL_shutdown(ssl);
-+              SSL_free(ssl);
-+              ssl = NULL;
-+      }
 +      ssl_running = 0;
 +}
 +
++/* Signal handler that starts record-size buffering. */
++static RETSIGTYPE tls_sigusr2(int UNUSED(val))
++{
++      ssl_min_send_size = SSL_MAX_RECORD_SIZE;
++}
++
 +/**
 + * Negotiates the TLS connection, creates a socket pair for communicating
 + * with the rsync process, then forks into a new process that will handle
 + * the communication.
 + *
 + * 0 is returned on success.
++ * rsync to network algorithm:
++ * A buffer ring of two buffers is maintained. Data is read from the local
++ * socket into the current buffer. The buffer is eligible for sending if
++ * enough data has been buffered, or enough time has passed. Once the buffer
++ * becomes eligible for sending it is marked "ready" and buffering continues
++ * on the other buffer (assuming it's "unready"). This algorithm tries to
++ * maximize SSL record size.
++ *
++ * network to rsync algorithm:
++ * One receive buffer twice the size of the SSL max record size. Reading
++ * from the network is attempted only if there's enough space for a whole
++ * record (this is done to optimize OpenSSL per-call overhead).
++ * As bytes enter the buffer sending to rsync begins, when the buffer becomes
++ * full we wait for sending to rsync to finish.
++ *
++ * A graceful stop is attempted on both directions. So if the pipe from rsync
++ * is gracefully shut down, we try to send all data to the network before closing
++ * the connection and if the SSL connection is gracefully shut down we try to
++ * send everything to rsync before closing the rsync pipe.
 + */
 +int start_tls(int f_in, int f_out)
 +{
-+      int tls_fd;
 +      int n = 0, r;
-+      unsigned char buf1[BUF_SIZE], buf2[BUF_SIZE];
-+      int avail1 = 0, avail2 = 0, write1 = 0, write2 = 0;
++      unsigned char buf_tonetwork[2][SSL_MAX_RECORD_SIZE], buf_fromnetwork[2*SSL_MAX_RECORD_SIZE];
++      int tonet_ready[2] = {0}, tonet_size[2] = {0}, write_tonet = 0, tonet_fill_idx = 0, tonet_send_idx = 0;
++      struct timeval buffering_start, now, timeout, *tp;
++      int avail_fromnet = 0, write_fromnet = 0;
++      int want_read_fromnet = 1, want_write_tonet = 0;
++      int want_read_fromrsync = 1, want_write_torsync = 0;
++      int write_tonet_blocks = 0, read_fromnet_blocks = 0;
++      int write_torsync_blocks = 0, read_fromrsync_blocks = 0;
++      int ssl_readfd_blocks = 0, ssl_writefd_blocks = 0;
++      int ssl_write_count = 0;
++      int want_more_io;
++      int net_closed = 0, rsync_closed = 0;
++      int loopcount;
 +      fd_set rd, wd;
++      const char *ssl_ciphers;
 +
 +      if (fd_pair(tls_read))
 +              return 1;
@@ -678,11 +826,11 @@ new file mode 100644
 +              return 1;
 +
 +      set_blocking(tls_read[0]);
-+      set_blocking(tls_read[1]);
-+      set_blocking(tls_write[0]);
++      set_nonblocking(tls_read[1]);
++      set_nonblocking(tls_write[0]);
 +      set_blocking(tls_write[1]);
-+      set_blocking(f_in);
-+      set_blocking(f_out);
++      set_nonblocking(f_in);
++      set_nonblocking(f_out);
 +
 +      ssl_pid = do_fork();
 +      if (ssl_pid < 0)
@@ -690,58 +838,114 @@ new file mode 100644
 +      if (ssl_pid != 0) {
 +              close(tls_write[0]);
 +              close(tls_read[1]);
++              close(f_in);
++              close(f_out);
 +              return 0;
 +      }
 +
++      close(tls_write[1]);
++      close(tls_read[0]);
++
 +      SIGACTION(SIGUSR1, tls_sigusr1);
++      SIGACTION(SIGUSR2, tls_sigusr2);
 +      ssl = SSL_new(ssl_ctx);
 +      if (!ssl)
-+              goto closed;
++              goto out;
 +      if (am_daemon || am_server)
 +              SSL_set_accept_state(ssl);
-+      else
++      else {
 +              SSL_set_connect_state(ssl);
++              ssl_ciphers = getenv("RSYNC_SSL_CIPHERS");
++              if (ssl_ciphers)
++                      SSL_set_cipher_list(ssl, ssl_ciphers);
++      }
++
 +      SSL_set_rfd(ssl, f_in);
 +      SSL_set_wfd(ssl, f_out);
 +
-+      tls_fd = SSL_get_fd(ssl);
 +      n = tls_write[0];
 +      n = MAX(tls_read[1], n);
-+      n = MAX(tls_fd, n) + 1;
++      n = MAX(f_in, n);
++      n = MAX(f_out, n) + 1;
 +
 +      ssl_running = 1;
++      loopcount = 0;
 +      while (ssl_running) {
-+              FD_ZERO(&rd);
-+              FD_ZERO(&wd);
-+              FD_SET(tls_write[0], &rd);
-+              FD_SET(tls_read[1], &wd);
-+              FD_SET(tls_fd, &rd);
-+              FD_SET(tls_fd, &wd);
-+
-+              r = select(n, &rd, &wd, NULL, NULL);
-+
-+              if (r == -1 && errno == EINTR)
-+                      continue;
-+              if (FD_ISSET(tls_write[0], &rd)) {
-+                      r = read(tls_write[0], buf1+avail1, BUF_SIZE-avail1);
-+                      if (r >= 0)
-+                              avail1 += r;
-+                      else {
++              ++loopcount; /* the loopcount prevents starvation of one transfer direction by the other */
++              want_more_io = 0;
++
++              if (want_read_fromrsync && !read_fromrsync_blocks) {
++                      int cur_buf_size = tonet_size[tonet_fill_idx];
++                      r = read(tls_write[0], buf_tonetwork[tonet_fill_idx]+cur_buf_size, sizeof(buf_tonetwork[0])-cur_buf_size);
++                      if (r > 0) {
++                              want_more_io = 1;
++                              if (!net_closed) {
++                                      if (cur_buf_size == 0)
++                                              gettimeofday(&buffering_start, NULL);
++                                      cur_buf_size += r;
++                                      tonet_size[tonet_fill_idx] = cur_buf_size;
++                                      if (cur_buf_size >= ssl_min_send_size) {
++                                              want_write_tonet = 1;
++                                              tonet_ready[tonet_fill_idx] = 1;
++                                              tonet_fill_idx = !tonet_fill_idx;
++                                              if (tonet_ready[tonet_fill_idx])
++                                                      want_read_fromrsync = 0;
++                                      }
++                              }
++                      } else if (r < 0 && errno == EWOULDBLOCK)
++                              read_fromrsync_blocks = 1;
++                      else if (r < 0) {
 +                              rprintf(FERROR, "pipe read error: %s\n",
 +                                      strerror(errno));
 +                              break;
++                      } else {
++                              rsync_closed = 1;
++                              if (cur_buf_size) {
++                                      want_write_tonet = 1;
++                                      tonet_ready[tonet_fill_idx] = 1; /* close current buffer */
++                              }
++                              want_read_fromrsync = 0; /* don't read */
++                              want_write_torsync = 0; /* don't write */
++                              read_fromrsync_blocks = 0; /* don't select */
++                              write_torsync_blocks = 0;
++                              want_read_fromnet = 1; /* purge incoming data from network */
++                              avail_fromnet = 0;
++                              if (net_closed || !want_write_tonet)
++                                      break;
 +                      }
 +              }
-+              if (FD_ISSET(tls_fd, &rd)) {
-+                      r = SSL_read(ssl, buf2+avail2, BUF_SIZE-avail2);
-+                      if (r > 0)
-+                              avail2 += r;
-+                      else {
++
++              if (want_read_fromnet && !read_fromnet_blocks) {
++                      r = SSL_read(ssl, buf_fromnetwork+avail_fromnet, SSL_MAX_RECORD_SIZE);
++                      if (r > 0) {
++                              want_more_io = 1;
++                              if (!rsync_closed) {
++                                      avail_fromnet += r;
++                                      want_write_torsync = 1;
++                                      if (avail_fromnet >= (int)(sizeof(buf_fromnetwork)-SSL_MAX_RECORD_SIZE))
++                                              want_read_fromnet = 0;
++                              }
++                      } else {
 +                              switch (SSL_get_error(ssl, r)) {
 +                              case SSL_ERROR_ZERO_RETURN:
-+                                      goto closed;
++                                      net_closed = 1;
++                                      want_read_fromnet = 0; /* don't read */
++                                      want_write_tonet = 0; /* don't write */
++                                      ssl_readfd_blocks = 0; /* and for heaven's sake - don't select() */
++                                      ssl_writefd_blocks = 0;
++                                      want_read_fromrsync = 1; /* and purge stuff from rsync side */
++                                      tonet_size[tonet_fill_idx] = 0;
++                                      tonet_ready[tonet_fill_idx] = 0;
++                                      if (rsync_closed || !want_write_torsync)
++                                              goto graceful_stop;
++                                      break;
 +                              case SSL_ERROR_WANT_READ:
++                                      ssl_readfd_blocks = 1;
++                                      read_fromnet_blocks = 1;
++                                      break;
 +                              case SSL_ERROR_WANT_WRITE:
++                                      ssl_writefd_blocks = 1;
++                                      read_fromnet_blocks = 1;
 +                                      break;
 +                              case SSL_ERROR_SYSCALL:
 +                                      if (r == 0)
@@ -751,7 +955,7 @@ new file mode 100644
 +                                                      strerror(errno));
 +                                      goto closed;
 +                              case SSL_ERROR_SSL:
-+                                      rprintf(FERROR, "SSL: %s\n",
++                                      rprintf(FERROR, "SSL %s\n",
 +                                              ERR_error_string(ERR_get_error(), NULL));
 +                                      goto closed;
 +                              default:
@@ -760,33 +964,70 @@ new file mode 100644
 +                              }
 +                      }
 +              }
-+              if (FD_ISSET(tls_read[1], &wd) && write2 < avail2) {
-+                      r = write(tls_read[1], buf2+write2, avail2-write2);
-+                      if (r >= 0)
-+                              write2 += r;
++
++              if (want_write_torsync && !write_torsync_blocks) {
++                      r = write(tls_read[1], buf_fromnetwork+write_fromnet, avail_fromnet-write_fromnet);
++                      if (r > 0) {
++                              want_more_io = 1;
++                              write_fromnet += r;
++                              if (write_fromnet >= avail_fromnet) {
++                                      write_fromnet = 0;
++                                      avail_fromnet = 0;
++                                      if (net_closed)
++                                              break;
++                                      want_read_fromnet = 1;
++                                      want_write_torsync = 0;
++                              }
++                      }
++                      else if (errno == EWOULDBLOCK)
++                              write_torsync_blocks = 1;
 +                      else {
-+                              rprintf(FERROR, "pipe write error: %s\n",
-+                                      strerror(errno));
++                              if (errno != EPIPE)
++                                      rprintf(FERROR, "pipe write error: %s\n", strerror(errno));
 +                              break;
 +                      }
 +              }
-+              if (FD_ISSET(tls_fd, &wd) && write1 < avail1) {
-+                      r = SSL_write(ssl, buf1+write1, avail1-write1);
-+                      if (r > 0)
-+                              write1 += r;
-+                      else {
++
++              if (want_write_tonet && !write_tonet_blocks) {
++                      /* lock the write count, 'cause if SSL_write fails on non-blocking IO, it
++                       * must be repeated with same parameters. */
++                      if (ssl_write_count == 0)
++                              ssl_write_count = tonet_size[tonet_send_idx] - write_tonet;
++                      r = SSL_write(ssl, buf_tonetwork[tonet_send_idx]+write_tonet, ssl_write_count);
++                      if (r > 0) {
++                              want_more_io = 1;
++                              write_tonet += r;
++                              ssl_write_count = 0;
++                              if (write_tonet >= tonet_size[tonet_send_idx]) {
++                                      write_tonet = 0;
++                                      tonet_size[tonet_send_idx] = 0;
++                                      tonet_ready[tonet_send_idx] = 0;
++                                      if (!rsync_closed)
++                                              want_read_fromrsync = 1;
++                                      tonet_send_idx = !tonet_send_idx;
++                                      if (!tonet_ready[tonet_send_idx]) {
++                                              want_write_tonet = 0;
++                                              if (rsync_closed)
++                                                      break;
++                                      }
++                              }
++                      } else {
 +                              switch (SSL_get_error(ssl, r)) {
 +                              case SSL_ERROR_ZERO_RETURN:
-+                                      goto closed;
++                                      goto graceful_stop;
 +                              case SSL_ERROR_WANT_READ:
++                                      ssl_readfd_blocks = 1;
++                                      write_tonet_blocks = 1;
++                                      break;
 +                              case SSL_ERROR_WANT_WRITE:
++                                      ssl_writefd_blocks = 1;
++                                      write_tonet_blocks = 1;
 +                                      break;
 +                              case SSL_ERROR_SYSCALL:
 +                                      if (r == 0)
 +                                              rprintf(FERROR, "SSL: spurious EOF\n");
 +                                      else
-+                                              rprintf(FERROR, "SSL: I/O error: %s\n",
-+                                                      strerror(errno));
++                                              rprintf(FERROR, "SSL: I/O error: %s\n", strerror(errno));
 +                                      goto closed;
 +                              case SSL_ERROR_SSL:
 +                                      rprintf(FERROR, "SSL: %s\n",
@@ -798,20 +1039,110 @@ new file mode 100644
 +                              }
 +                      }
 +              }
-+              if (avail1 == write1)
-+                      avail1 = write1 = 0;
-+              if (avail2 == write2)
-+                      avail2 = write2 = 0;
++
++              if (!want_more_io || (loopcount&31) == 0) {
++                      int has_buffered = 0;
++                      if (!net_closed && !tonet_ready[tonet_fill_idx] && tonet_size[tonet_fill_idx]) {
++                              has_buffered = 1;
++                              unsigned long buffering_time;
++                              gettimeofday(&now,NULL);
++                              buffering_time = msdiff(&buffering_start,&now);
++                              if (buffering_time >= MAX_BUFFERING_TIME_MS) {
++                                      want_write_tonet = 1;
++                                      want_more_io = 1;
++                                      tonet_ready[tonet_fill_idx] = 1;
++                                      tonet_fill_idx = !tonet_fill_idx;
++                                      if (tonet_ready[tonet_fill_idx])
++                                              want_read_fromrsync = 0;
++                              }
++                      }
++
++                      int waiting_on_something = 0;
++                      FD_ZERO(&rd);
++                      FD_ZERO(&wd);
++                      if (read_fromrsync_blocks) {
++                              waiting_on_something = 1;
++                              FD_SET(tls_write[0], &rd);
++                      }
++                      if (write_torsync_blocks) {
++                              waiting_on_something = 1;
++                              FD_SET(tls_read[1], &wd);
++                      }
++                      if (ssl_readfd_blocks) {
++                              waiting_on_something = 1;
++                              FD_SET(f_in, &rd);
++                      }
++                      if (ssl_writefd_blocks) {
++                              waiting_on_something = 1;
++                              FD_SET(f_out, &wd);
++                      }
++
++                      if (want_more_io) {
++                              /* just poll to see if some sockets became non-blocking*/
++                              timeout.tv_sec = 0;
++                              timeout.tv_usec = 0;
++                              tp = &timeout;
++                      } else if (waiting_on_something && !has_buffered)
++                              tp = NULL; /*infinite wait until a socket becomes available*/
++                      else {
++                              timeout.tv_sec = MAX_BUFFERING_TIME_MS/1000;
++                              timeout.tv_usec = (MAX_BUFFERING_TIME_MS%1000)*1000;
++                              tp = &timeout;
++                      }
++
++                      if (waiting_on_something || !want_more_io) {
++                              r = select(n, &rd, &wd, NULL, tp);
++
++                              if (r == -1) {
++                                      if (errno != EINTR) {
++                                              rprintf(FERROR, "select error: %s\n",
++                                                      strerror(errno));
++                                              break;
++                                      }
++                              }
++
++                              if (r > 0) {
++                                      if (FD_ISSET(tls_write[0], &rd))
++                                              read_fromrsync_blocks = 0;
++                                      if (FD_ISSET(f_in,&rd)) {
++                                              read_fromnet_blocks = 0;
++                                              write_tonet_blocks = 0;
++                                              ssl_readfd_blocks = 0;
++                                      }
++                                      if (FD_ISSET(tls_read[1],&wd))
++                                              write_torsync_blocks = 0;
++                                      if (FD_ISSET(f_out,&wd)) {
++                                              read_fromnet_blocks = 0;
++                                              write_tonet_blocks = 0;
++                                              ssl_writefd_blocks = 0;
++                                      }
++                              }
++                      }
++              }
 +      }
 +
-+      /* XXX I'm pretty sure that there is a lot that I am not considering
-+         here. Bugs? Yes, probably. */
++  graceful_stop:
++      /* The SSL shutdown API looks pretty broken with respect to corner cases
++       * where the underlying socket is blocking. This is a "best effort". */
++      if (SSL_shutdown(ssl) != 1)
++              SSL_shutdown(ssl);
++  closed:
++      SSL_free(ssl);
 +
 +      /* We're finished. */
-+    closed:
++  out:
 +      close(tls_read[1]);
 +      close(tls_write[0]);
-+      exit(0);
++      close(f_in);
++      if (f_out != f_in)
++              close(f_out);
++      _exit(0);
++}
++
++void start_tls_buffering(void)
++{
++      if (ssl_pid > 0)
++              kill(ssl_pid, SIGUSR2);
 +}
 +
 +/**
@@ -819,6 +1150,15 @@ new file mode 100644
 + */
 +void end_tls(void)
 +{
-+      if (ssl_pid > 0)
-+              kill(ssl_pid, SIGUSR1);
++      if (ssl_pid > 0) {
++              int status;
++              /* try a graceful stop - this makes sure all data is sent, and
++               * also causes our side to send a close_notify alert, as required
++               * by TLS specs. */
++              close(get_tls_rfd());
++              if (get_tls_wfd() != get_tls_rfd())
++                      close(get_tls_wfd());
++              terminate_process(ssl_pid, &status, SIGUSR1, 1);
++              ssl_pid = -1;
++      }
 +}