diff options
| -rw-r--r-- | NEWS.md | 2 | ||||
| -rw-r--r-- | clientname.c | 4 | ||||
| -rw-r--r-- | clientserver.c | 2 | ||||
| -rw-r--r-- | loadparm.c | 8 | ||||
| -rw-r--r-- | rsync-ssl.1.md | 4 | ||||
| -rw-r--r-- | rsyncd.conf.5.md | 6 |
6 files changed, 13 insertions, 13 deletions
@@ -99,7 +99,7 @@ Protocol: 31 (unchanged) a daemon-over-rsh script. Its value is the user-specified port number (set via `--port` or an rsync:// URL) or 0 if the user didn't override the port. - - Added the `haproxy header` daemon parameter that allows your rsyncd to know + - Added the `proxy protocol` daemon parameter that allows your rsyncd to know the real remote IP when it is setup behind a proxy. - Added negated matching to the daemon's `refuse options` setting by using diff --git a/clientname.c b/clientname.c index b73d11c6..05f14ed7 100644 --- a/clientname.c +++ b/clientname.c @@ -156,8 +156,8 @@ char *client_name(const char *ipaddr) } -/* Try to read an haproxy header (V1 or V2). Returns 1 on success or 0 on failure. */ -int read_haproxy_header(int fd) +/* Try to read an proxy protocol header (V1 or V2). Returns 1 on success or 0 on failure. */ +int read_proxy_protocol_header(int fd) { union { struct { diff --git a/clientserver.c b/clientserver.c index d4304ae6..fa7d47aa 100644 --- a/clientserver.c +++ b/clientserver.c @@ -1130,7 +1130,7 @@ int start_daemon(int f_in, int f_out) if (!load_config(0)) exit_cleanup(RERR_SYNTAX); - if (lp_haproxy_header() && !read_haproxy_header(f_in)) + if (lp_proxy_protocol() && !read_proxy_protocol_header(f_in)) return -1; p = lp_daemon_chroot(); @@ -112,7 +112,7 @@ typedef struct { int listen_backlog; int rsync_port; - BOOL haproxy_header; + BOOL proxy_protocol; } global_vars; /* This structure describes a single section. Their order must match the @@ -233,7 +233,7 @@ static const all_vars Defaults = { /* listen_backlog; */ 5, /* rsync_port; */ 0, - /* haproxy_header; */ False, + /* proxy_protocol; */ False, }, /* ==== local_vars ==== */ @@ -406,8 +406,8 @@ static struct parm_struct parm_table[] = {"motd file", P_STRING, P_GLOBAL,&Vars.g.motd_file, NULL,0}, {"pid file", P_STRING, P_GLOBAL,&Vars.g.pid_file, NULL,0}, {"port", P_INTEGER,P_GLOBAL,&Vars.g.rsync_port, NULL,0}, + {"proxy protocol", P_BOOL, P_LOCAL, &Vars.g.proxy_protocol, NULL,0}, {"socket options", P_STRING, P_GLOBAL,&Vars.g.socket_options, NULL,0}, - {"haproxy header", P_BOOL, P_LOCAL, &Vars.g.haproxy_header, NULL,0}, {"auth users", P_STRING, P_LOCAL, &Vars.l.auth_users, NULL,0}, {"charset", P_STRING, P_LOCAL, &Vars.l.charset, NULL,0}, @@ -549,7 +549,7 @@ FN_GLOBAL_STRING(lp_socket_options, socket_options) FN_GLOBAL_INTEGER(lp_listen_backlog, listen_backlog) FN_GLOBAL_INTEGER(lp_rsync_port, rsync_port) -FN_GLOBAL_BOOL(lp_haproxy_header, haproxy_header) +FN_GLOBAL_BOOL(lp_proxy_protocol, proxy_protocol) FN_LOCAL_STRING(lp_auth_users, auth_users) FN_LOCAL_STRING(lp_charset, charset) diff --git a/rsync-ssl.1.md b/rsync-ssl.1.md index 74321593..c2903425 100644 --- a/rsync-ssl.1.md +++ b/rsync-ssl.1.md @@ -71,8 +71,8 @@ certificate environment options. This script also supports a `--type=gnutls` option, but at the time of this release the gnutls-cli command was dropping output, making it unusable. If -that bug has been fixed in your version, feel free to put gnutls into the -RSYNC_SSL_TYPE environment variable if you want to make its use the default. +that bug has been fixed in your version, feel free to put gnutls into an +exported RSYNC_SSL_TYPE environment variable to make its use the default. # BUGS diff --git a/rsyncd.conf.5.md b/rsyncd.conf.5.md index df19ecb1..996e18b4 100644 --- a/rsyncd.conf.5.md +++ b/rsyncd.conf.5.md @@ -234,11 +234,11 @@ the values of parameters. See the GLOBAL PARAMETERS section for more details. allow the daemon to function. By default the daemon runs without any chrooting. -0. `haproxy header` +0. `proxy protocol` When this parameter is enabled, all incoming connections must start with a - V1 or V2 haproxy header. If the header is not found, the connection is - closed. + V1 or V2 proxy protocol header. If the header is not found, the connection + is closed. Setting this to `true` requires a proxy server to forward source IP information to rsync, allowing you to log proper IP/host info and make use |