summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2023-11-10 11:28:19 +0000
committerLaurent Bercot <ska@appnovation.com>2023-11-10 11:28:19 +0000
commit1e10d30b41b65dbd520e01adc5fe686cb92b0f12 (patch)
tree32af8327cb6bb9aa6bbd5e20ee7a2cc1f9c95263
parentc930181234bfb31fba0136d866e6e75633acafe0 (diff)
downloads6-networking-1e10d30b41b65dbd520e01adc5fe686cb92b0f12.tar.xz
Prepare for 2.7.0.0. Better s6-tlsc-io interface.
Signed-off-by: Laurent Bercot <ska@appnovation.com>
-rw-r--r--doc/index.html2
-rw-r--r--doc/s6-tlsc-io.html12
-rw-r--r--doc/upgrade.html12
-rw-r--r--package/info2
-rw-r--r--src/tls/s6-tlsc-io.c6
-rw-r--r--src/tls/s6-tlsc.c20
-rw-r--r--src/tls/s6-tlsd.c6
-rw-r--r--src/tls/s6-ucspitlsc.c36
-rw-r--r--src/tls/s6-ucspitlsd.c24
-rw-r--r--src/tls/s6tls-internal.h10
-rw-r--r--src/tls/s6tls_clean_and_exec.c26
-rw-r--r--src/tls/s6tls_io_spawn.c14
-rw-r--r--src/tls/s6tls_prep_tlscio.c10
-rw-r--r--src/tls/s6tls_prep_tlsdio.c10
-rw-r--r--src/tls/s6tls_sync_and_exec_app.c14
-rw-r--r--src/tls/s6tls_ucspi_exec_app.c16
16 files changed, 116 insertions, 104 deletions
diff --git a/doc/index.html b/doc/index.html
index 8cd5f2e..95294f2 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -91,7 +91,7 @@ run-time requirement if you link against its shared version. </li>
<ul>
<li> The current released version of s6-networking is
-<a href="s6-networking-2.6.0.0.tar.gz">2.6.0.0</a>. </li>
+<a href="s6-networking-2.7.0.0.tar.gz">2.7.0.0</a>. </li>
<li> Alternatively, you can checkout a copy of the
<a href="//git.skarnet.org/cgi-bin/cgit.cgi/s6-networking/">s6-networking
git repository</a>:
diff --git a/doc/s6-tlsc-io.html b/doc/s6-tlsc-io.html
index 4466293..b4bb154 100644
--- a/doc/s6-tlsc-io.html
+++ b/doc/s6-tlsc-io.html
@@ -42,14 +42,14 @@ the options given when configuring s6-networking.
</pre>
<ul>
- <li> s6-tlsc-io expects to have an open connection it
-can talk to on its standard input and output. It also expects to read
-cleartext data from file descriptor <em>fdr</em> and write cleartext
-data to file descriptor <em>fdw</em>. </li>
+ <li> s6-tlsc-io expects to read cleartext data to stdin, and write
+cleartext data to stdout. It also expects descriptors <em>fdr</em> and
+<em>fdw</em> to be open (typically connected to the network), to
+respectively read ciphertext from and write ciphertext to. </li>
<li> It initiates a TLS handshake over the network connection,
expecting a TLS server on the other side. </li>
- <li> Then it acts as a full duplex tunnel, decrypting and transmitting
-data from stdin to <em>fdw</em>, and encrypting and transmitting data
+ <li> Then it acts as a full duplex tunnel, encrypting and transmitting
+data from stdin to <em>fdw</em>, and decrypting and transmitting data
from <em>fdr</em> to stdout. </li>
<li> When it cannot transmit any more data from/to the local application
because connections have closed, <tt>s6-tlsc-io</tt> exits. </li>
diff --git a/doc/upgrade.html b/doc/upgrade.html
index 1ef9c25..292030e 100644
--- a/doc/upgrade.html
+++ b/doc/upgrade.html
@@ -18,6 +18,18 @@
<h1> What has changed in s6-networking </h1>
+<h2> in 2.7.0.0 </h2>
+
+<ul>
+ <li> <a href="s6-tlsc-io.html">s6-tlsc-io</a> has changed
+interfaces: now it uses stdin/stdout as the <em>local</em>
+side, and the descriptors given as arguments as the <em>remote</em>
+side. This allows users to invoke it directly when it is relevant. </li>
+ <li> Consequently, <a href="s6-tlsc.html">s6-tlsc</a> and
+<a href="s6-ucpistlsc.html">s6-ucspitlsc</a> have changed how they invoke
+<a href="s6-tlsc-io.html">s6-tlsc-io</a>. </li>
+</ul>
+
<h2> in 2.6.0.0 </h2>
<ul>
diff --git a/package/info b/package/info
index 8a7dd83..0af6133 100644
--- a/package/info
+++ b/package/info
@@ -1,4 +1,4 @@
package=s6-networking
-version=2.6.0.0
+version=2.7.0.0
category=net
package_macro_name=S6_NETWORKING
diff --git a/src/tls/s6-tlsc-io.c b/src/tls/s6-tlsc-io.c
index ebd1d9a..633d349 100644
--- a/src/tls/s6-tlsc-io.c
+++ b/src/tls/s6-tlsc-io.c
@@ -69,7 +69,7 @@ int main (int argc, char const *const *argv, char const *const *envp)
{
char const *servername = 0 ;
tain tto ;
- int fds[4] = { 0, 1, 0, 1 } ;
+ int fds[4] = { 0, 1, 6, 7 } ;
unsigned int verbosity = 1 ;
unsigned int notif = 0 ;
uint32_t preoptions = 0 ;
@@ -103,9 +103,9 @@ int main (int argc, char const *const *argv, char const *const *envp)
{
unsigned int u ;
if (!uint0_scan(argv[0], &u)) dieusage() ;
- fds[0] = u ;
+ fds[2] = u ;
if (!uint0_scan(argv[1], &u)) dieusage() ;
- fds[1] = u ;
+ fds[3] = u ;
}
if (!sig_ignore(SIGPIPE)) strerr_diefu1sys(111, "ignore SIGPIPE") ;
diff --git a/src/tls/s6-tlsc.c b/src/tls/s6-tlsc.c
index dddb093..d348599 100644
--- a/src/tls/s6-tlsc.c
+++ b/src/tls/s6-tlsc.c
@@ -18,7 +18,7 @@ int main (int argc, char const *const *argv)
{
unsigned int verbosity = 1 ;
unsigned int kimeout = 0 ;
- int p[4][2] = { [3] = { [0] = 6, [1] = 7 } } ;
+ int p[8] = { [6] = 6, [7] = 7 } ;
uint32_t coptions = 0 ;
uint32_t poptions = 1 ;
pid_t pid ;
@@ -46,15 +46,15 @@ int main (int argc, char const *const *argv)
case '6' :
{
unsigned int fd ;
- if (!uint0_scan(l.arg, &fd)) dieusage() ;
- p[3][0] = fd ;
+ if (!uint0_scan(l.arg, &fd) || fd < 3) dieusage() ;
+ p[6] = fd ;
break ;
}
case '7' :
{
unsigned int fd ;
- if (!uint0_scan(l.arg, &fd)) dieusage() ;
- p[3][1] = fd ;
+ if (!uint0_scan(l.arg, &fd) || fd < 3) dieusage() ;
+ p[7] = fd ;
break ;
}
default : dieusage() ;
@@ -62,16 +62,14 @@ int main (int argc, char const *const *argv)
}
argc -= l.ind ; argv += l.ind ;
}
- if (!argc) dieusage() ;
-
+ if (!argc || p[6] == p[7]) dieusage() ;
fd_sanitize() ;
- if (fcntl(p[3][0], F_GETFD) == -1 || fcntl(p[3][1], F_GETFD) == -1)
+ if (fcntl(p[6], F_GETFD) == -1 || fcntl(p[7], F_GETFD) == -1)
strerr_diefu1sys(111, "check network fds") ;
-
- if (pipe(p[0]) == -1 || pipe(p[1]) == -1 || pipe(p[2]) == -1)
+ if (pipe(p) == -1 || pipe(p+2) == -1 || pipe(p+4) == -1)
strerr_diefu1sys(111, "pipe") ;
s6tls_prep_tlscio(newargv, buf, p, coptions, verbosity, kimeout, servername) ;
- pid = s6tls_io_spawn(newargv, p) ;
+ pid = s6tls_io_spawn(newargv, p, 1) ;
if (!pid) strerr_diefu2sys(111, "spawn ", newargv[0]) ;
s6tls_sync_and_exec_app(argv, p, pid, poptions) ;
}
diff --git a/src/tls/s6-tlsd.c b/src/tls/s6-tlsd.c
index a1c19bf..85c0d9f 100644
--- a/src/tls/s6-tlsd.c
+++ b/src/tls/s6-tlsd.c
@@ -17,10 +17,10 @@ int main (int argc, char const *const *argv)
unsigned int verbosity = 1 ;
unsigned int kimeout = 0 ;
unsigned int snilevel = 0 ;
- int p[4][2] = { [3] = { [0] = 0, [1] = 1 } } ;
uint32_t coptions = 0 ;
uint32_t poptions = 1 ;
pid_t pid ;
+ int p[8] = { [6] = 0, [7] = 1 } ;
char const *newargv[S6TLS_PREP_IO_ARGC] ;
char buf[S6TLS_PREP_IO_BUFLEN] ;
PROG = "s6-tlsd" ;
@@ -48,10 +48,10 @@ int main (int argc, char const *const *argv)
}
if (!argc) dieusage() ;
- if (pipe(p[0]) == -1 || pipe(p[1]) == -1 || pipe(p[2]) == -1)
+ if (pipe(p) == -1 || pipe(p+2) == -1 || pipe(p+4) == -1)
strerr_diefu1sys(111, "create pipe") ;
s6tls_prep_tlsdio(newargv, buf, p, coptions, verbosity, kimeout, snilevel) ;
- pid = s6tls_io_spawn(newargv, p) ;
+ pid = s6tls_io_spawn(newargv, p, 0) ;
if (!pid) strerr_diefu2sys(111, "spawn ", newargv[0]) ;
s6tls_sync_and_exec_app(argv, p, pid, poptions) ;
}
diff --git a/src/tls/s6-ucspitlsc.c b/src/tls/s6-ucspitlsc.c
index 4f284b7..bb1a2dc 100644
--- a/src/tls/s6-ucspitlsc.c
+++ b/src/tls/s6-ucspitlsc.c
@@ -18,20 +18,20 @@
#define USAGE "s6-ucspitlsc [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K timeout ] [ -Z | -z ] [ -k servername ] [ -6 fdr ] [ -7 fdw ] prog..."
#define dieusage() strerr_dieusage(100, USAGE)
-static inline void child (int [4][2], uint32_t, unsigned int, unsigned int, char const *, pid_t) gccattr_noreturn ;
-static inline void child (int p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername, pid_t pid)
+static inline void child (int *, uint32_t, unsigned int, unsigned int, char const *, pid_t) gccattr_noreturn ;
+static inline void child (int *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername, pid_t pid)
{
ssize_t r ;
char const *newargv[S6TLS_PREP_IO_ARGC] ;
char buf[S6TLS_PREP_IO_BUFLEN] ;
char c ;
PROG = "s6-ucspitlsc" ;
- close(p[2][0]) ;
- close(p[1][0]) ;
- close(p[0][1]) ;
- if (fd_move(0, p[3][0]) == -1 || fd_move(1, p[3][1]) == -1)
+ close(p[4]) ;
+ close(p[2]) ;
+ close(p[1]) ;
+ if (fd_move(0, p[0]) == -1 || fd_move(1, p[3]) == -1)
strerr_diefu1sys(111, "move network fds to stdin/stdout") ;
- r = read(p[2][1], &c, 1) ;
+ r = read(p[5], &c, 1) ;
if (r < 0) strerr_diefu1sys(111, "read from control socket") ;
if (!r)
{
@@ -46,11 +46,11 @@ static inline void child (int p[4][2], uint32_t options, unsigned int verbosity,
switch (c)
{
case 'y' :
- close(p[2][1]) ;
- p[2][1] = 0 ; /* we know 0 is open so it's a suitable invalid value */
+ close(p[5]) ;
+ p[5] = 0 ; /* we know 0 is open so it's a suitable invalid value */
break ;
case 'Y' :
- fd_shutdown(p[2][1], 0) ;
+ fd_shutdown(p[5], 0) ;
break ;
default :
strerr_dief1x(100, "unrecognized command on control socket") ;
@@ -69,11 +69,11 @@ int main (int argc, char const *const *argv, char const *const *envp)
{
unsigned int verbosity = 1 ;
unsigned int kimeout = 0 ;
- int p[4][2] = { [3] = { [0] = 6, [1] = 7 } } ;
uint32_t coptions = 0 ;
+ int p[8] = { [6] = 6, [7] = 7 } ;
uint32_t poptions = 1 ;
- char const *servername = 0 ;
pid_t pid ;
+ char const *servername = 0 ;
PROG = "s6-ucspitlsc (parent)" ;
{
@@ -97,14 +97,14 @@ int main (int argc, char const *const *argv, char const *const *envp)
{
unsigned int fd ;
if (!uint0_scan(l.arg, &fd)) dieusage() ;
- p[3][0] = fd ;
+ p[6] = fd ;
break ;
}
case '7' :
{
unsigned int fd ;
if (!uint0_scan(l.arg, &fd)) dieusage() ;
- p[3][1] = fd ;
+ p[7] = fd ;
break ;
}
default : dieusage() ;
@@ -112,13 +112,13 @@ int main (int argc, char const *const *argv, char const *const *envp)
}
argc -= l.ind ; argv += l.ind ;
}
- if (!argc) dieusage() ;
+ if (!argc || p[6] == p[7]) dieusage() ;
fd_sanitize() ;
- if (fcntl(p[3][0], F_GETFD) == -1 || fcntl(p[3][1], F_GETFD) == -1)
+ if (fcntl(p[6], F_GETFD) == -1 || fcntl(p[7], F_GETFD) == -1)
strerr_diefu1sys(111, "check network fds") ;
- if (ipc_pair_b(p[2]) == -1) strerr_diefu1sys(111, "ipc_pair") ;
- if (pipe(p[0]) == -1 || pipe(p[1]) == -1) strerr_diefu1sys(111, "pipe") ;
+ if (pipe(p) == -1 || pipe(p+2) == -1) strerr_diefu1sys(111, "pipe") ;
+ if (ipc_pair_b(p+4) == -1) strerr_diefu1sys(111, "ipc_pair") ;
pid = getpid() ;
switch (fork())
diff --git a/src/tls/s6-ucspitlsd.c b/src/tls/s6-ucspitlsd.c
index 92450e3..fc0868a 100644
--- a/src/tls/s6-ucspitlsd.c
+++ b/src/tls/s6-ucspitlsd.c
@@ -17,18 +17,18 @@
#define USAGE "s6-ucspitlsd [ -S | -s ] [ -Y | -y ] [ -k snilevel ] [ -v verbosity ] [ -K timeout ] [ -Z | -z ] prog..."
#define dieusage() strerr_dieusage(100, USAGE)
-static inline void child (int [4][2], uint32_t, unsigned int, unsigned int, unsigned int, pid_t) gccattr_noreturn ;
-static inline void child (int p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel, pid_t pid)
+static inline void child (int *, uint32_t, unsigned int, unsigned int, unsigned int, pid_t) gccattr_noreturn ;
+static inline void child (int *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel, pid_t pid)
{
ssize_t r ;
char const *newargv[S6TLS_PREP_IO_ARGC] ;
char buf[S6TLS_PREP_IO_BUFLEN] ;
char c ;
PROG = "s6-ucspitlsd" ;
- close(p[2][0]) ;
- close(p[0][1]) ;
- close(p[1][0]) ;
- r = read(p[2][1], &c, 1) ;
+ close(p[4]) ;
+ close(p[1]) ;
+ close(p[2]) ;
+ r = read(p[5], &c, 1) ;
if (r < 0) strerr_diefu1sys(111, "read from control socket") ;
if (!r)
{
@@ -43,11 +43,11 @@ static inline void child (int p[4][2], uint32_t options, unsigned int verbosity,
switch (c)
{
case 'y' :
- close(p[2][1]) ;
- p[2][1] = 0 ; /* we know 0 is open so it's a suitable invalid value */
+ close(p[5]) ;
+ p[5] = 0 ; /* we know 0 is open so it's a suitable invalid value */
break ;
case 'Y' :
- fd_shutdown(p[2][1], 0) ;
+ fd_shutdown(p[5], 0) ;
break ;
default :
strerr_dief1x(100, "unrecognized command on control socket") ;
@@ -67,9 +67,9 @@ int main (int argc, char const *const *argv)
unsigned int verbosity = 1 ;
unsigned int kimeout = 0 ;
unsigned int snilevel = 0 ;
- int p[4][2] = { [3] = { [0] = -1, [1] = -1 } } ;
uint32_t coptions = 0 ;
uint32_t poptions = 1 ;
+ int p[6] ;
pid_t pid ;
PROG = "s6-ucspitlsd (parent)" ;
@@ -97,8 +97,8 @@ int main (int argc, char const *const *argv)
}
if (!argc) dieusage() ;
- if (ipc_pair_b(p[2]) == -1) strerr_diefu1sys(111, "ipc_pair") ;
- if (pipe(p[0]) == -1 || pipe(p[1]) == -1) strerr_diefu1sys(111, "pipe") ;
+ if (pipe(p) == -1 || pipe(p+2) == -1) strerr_diefu1sys(111, "pipe") ;
+ if (ipc_pair_b(p+4) == -1) strerr_diefu1sys(111, "ipc_pair") ;
pid = getpid() ;
switch (fork())
diff --git a/src/tls/s6tls-internal.h b/src/tls/s6tls-internal.h
index 2870744..fdd247f 100644
--- a/src/tls/s6tls-internal.h
+++ b/src/tls/s6tls-internal.h
@@ -12,11 +12,11 @@
#define S6TLS_PREP_IO_ARGC 15
#define S6TLS_PREP_IO_BUFLEN (5 * UINT_FMT)
-extern pid_t s6tls_io_spawn (char const *const *argv, int const [4][2]) ;
-extern void s6tls_prep_tlscio (char const **, char *, int const [4][2], uint32_t, unsigned int, unsigned int, char const *) ;
-extern void s6tls_prep_tlsdio (char const **, char *, int const [4][2], uint32_t, unsigned int, unsigned int, unsigned int) ;
-extern void s6tls_sync_and_exec_app (char const *const *, int const [4][2], pid_t, uint32_t) gccattr_noreturn ;
-extern void s6tls_ucspi_exec_app (char const *const *, int const [4][2], uint32_t) gccattr_noreturn ;
+extern pid_t s6tls_io_spawn (char const *const *argv, int const *, int) ;
+extern void s6tls_prep_tlscio (char const **, char *, int const *, uint32_t, unsigned int, unsigned int, char const *) ;
+extern void s6tls_prep_tlsdio (char const **, char *, int const *, uint32_t, unsigned int, unsigned int, unsigned int) ;
+extern void s6tls_sync_and_exec_app (char const *const *, int const *, pid_t, uint32_t) gccattr_noreturn ;
+extern void s6tls_ucspi_exec_app (char const *const *, int const *, uint32_t) gccattr_noreturn ;
extern void s6tls_clean_and_exec (char const *const *, uint32_t, char const *, size_t) gccattr_noreturn ;
#endif
diff --git a/src/tls/s6tls_clean_and_exec.c b/src/tls/s6tls_clean_and_exec.c
index 9432e3a..9c1026b 100644
--- a/src/tls/s6tls_clean_and_exec.c
+++ b/src/tls/s6tls_clean_and_exec.c
@@ -1,6 +1,7 @@
/* ISC license. */
-#include <stddef.h>
+#include <string.h>
+#include <stdlib.h>
#include <skalibs/posixplz.h>
#include <skalibs/bytestr.h>
@@ -9,6 +10,12 @@
#include "s6tls-internal.h"
+static int startswith (void const *a, void const *b)
+{
+ char const *bb = *(char const *const *)b ;
+ return strncmp(a, bb, strlen(bb)) ;
+}
+
void s6tls_clean_and_exec (char const *const *argv, uint32_t options, char const *modif, size_t modiflen)
{
if (options & 1)
@@ -17,25 +24,20 @@ void s6tls_clean_and_exec (char const *const *argv, uint32_t options, char const
{
"CADIR=",
"CAFILE=",
- "KEYFILE=",
+ "CERTFILE:",
"CERTFILE=",
- "TLS_UID=",
- "TLS_GID=",
"KEYFILE:",
- "CERTFILE:",
- 0
+ "KEYFILE=",
+ "TLS_GID=",
+ "TLS_UID="
} ;
char const *const *envp = (char const *const *)environ ;
size_t m = 0 ;
size_t n = env_len(envp) ;
char const *newenvp[n + 1] ;
for (; *envp ; envp++)
- {
- char const *const *var = toclean ;
- for (; *var ; var++)
- if (str_start(*envp, *var)) break ;
- if (!*var) newenvp[m++] = *envp ;
- }
+ if (!bsearch(*envp, toclean, sizeof(toclean)/sizeof(char const *), sizeof(char const *), &startswith))
+ newenvp[m++] = *envp ;
newenvp[m] = 0 ;
xmexec_fm(argv, newenvp, m, modif, modiflen) ;
}
diff --git a/src/tls/s6tls_io_spawn.c b/src/tls/s6tls_io_spawn.c
index 252ddb5..aa7764c 100644
--- a/src/tls/s6tls_io_spawn.c
+++ b/src/tls/s6tls_io_spawn.c
@@ -5,15 +5,15 @@
#include "s6tls-internal.h"
-pid_t s6tls_io_spawn (char const *const *argv, int const p[4][2])
+pid_t s6tls_io_spawn (char const *const *argv, int const *p, int isc)
{
cspawn_fileaction fa[5] =
{
- [0] = { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[0][1] } },
- [1] = { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[1][0] } },
- [2] = { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[2][0] } },
- [3] = { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { [0] = 0, [1] = p[3][0] } } },
- [4] = { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { [0] = 1, [1] = p[3][1] } } }
+ { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[1] } },
+ { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[2] } },
+ { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[4] } },
+ { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { 0, p[0] } } },
+ { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { 1, p[3] } } }
} ;
- return cspawn(argv[0], argv, (char const *const *)environ, 0, fa, 5) ;
+ return cspawn(argv[0], argv, (char const *const *)environ, 0, fa, isc ? 5 : 3) ;
}
diff --git a/src/tls/s6tls_prep_tlscio.c b/src/tls/s6tls_prep_tlscio.c
index 1d25f65..a3f33b0 100644
--- a/src/tls/s6tls_prep_tlscio.c
+++ b/src/tls/s6tls_prep_tlscio.c
@@ -5,7 +5,7 @@
#include <s6-networking/config.h>
#include "s6tls-internal.h"
-void s6tls_prep_tlscio (char const **argv, char *buf, int const p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername)
+void s6tls_prep_tlscio (char const **argv, char *buf, int const *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername)
{
size_t m = 0 ;
size_t n = 0 ;
@@ -18,11 +18,11 @@ void s6tls_prep_tlscio (char const **argv, char *buf, int const p[4][2], uint32_
n += uint_fmt(buf + n, verbosity) ;
buf[n++] = 0 ;
}
- if (p[2][1])
+ if (p[5])
{
argv[m++] = "-d" ;
argv[m++] = buf + n ;
- n += uint_fmt(buf + n, p[2][1]) ;
+ n += uint_fmt(buf + n, p[5]) ;
buf[n++] = 0 ;
}
argv[m++] = options & 4 ? "-S" : "-s" ;
@@ -41,10 +41,10 @@ void s6tls_prep_tlscio (char const **argv, char *buf, int const p[4][2], uint32_
}
argv[m++] = "--" ;
argv[m++] = buf + n ;
- n += uint_fmt(buf + n, p[0][0]) ;
+ n += uint_fmt(buf + n, p[6]) ;
buf[n++] = 0 ;
argv[m++] = buf + n ;
- n += uint_fmt(buf + n, p[1][1]) ;
+ n += uint_fmt(buf + n, p[7]) ;
buf[n++] = 0 ;
argv[m++] = 0 ;
}
diff --git a/src/tls/s6tls_prep_tlsdio.c b/src/tls/s6tls_prep_tlsdio.c
index 947cf70..73099bf 100644
--- a/src/tls/s6tls_prep_tlsdio.c
+++ b/src/tls/s6tls_prep_tlsdio.c
@@ -5,7 +5,7 @@
#include <s6-networking/config.h>
#include "s6tls-internal.h"
-void s6tls_prep_tlsdio (char const **argv, char *buf, int const p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel)
+void s6tls_prep_tlsdio (char const **argv, char *buf, int const *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel)
{
size_t m = 0 ;
size_t n = 0 ;
@@ -18,11 +18,11 @@ void s6tls_prep_tlsdio (char const **argv, char *buf, int const p[4][2], uint32_
n += uint_fmt(buf + n, verbosity) ;
buf[n++] = 0 ;
}
- if (p[2][1])
+ if (p[5])
{
argv[m++] = "-d" ;
argv[m++] = buf + n ;
- n += uint_fmt(buf + n, p[2][1]) ;
+ n += uint_fmt(buf + n, p[5]) ;
buf[n++] = 0 ;
}
argv[m++] = options & 4 ? "-S" : "-s" ;
@@ -44,10 +44,10 @@ void s6tls_prep_tlsdio (char const **argv, char *buf, int const p[4][2], uint32_
}
argv[m++] = "--" ;
argv[m++] = buf + n ;
- n += uint_fmt(buf + n, p[0][0]) ;
+ n += uint_fmt(buf + n, p[0]) ;
buf[n++] = 0 ;
argv[m++] = buf + n ;
- n += uint_fmt(buf + n, p[1][1]) ;
+ n += uint_fmt(buf + n, p[3]) ;
buf[n++] = 0 ;
argv[m++] = 0 ;
}
diff --git a/src/tls/s6tls_sync_and_exec_app.c b/src/tls/s6tls_sync_and_exec_app.c
index 56e8dc1..a5059ef 100644
--- a/src/tls/s6tls_sync_and_exec_app.c
+++ b/src/tls/s6tls_sync_and_exec_app.c
@@ -9,16 +9,16 @@
#define MAXENVSIZE 4096
-void s6tls_sync_and_exec_app (char const *const *argv, int const p[4][2], pid_t pid, uint32_t options)
+void s6tls_sync_and_exec_app (char const *const *argv, int const *p, pid_t pid, uint32_t options)
{
char buf[MAXENVSIZE] ;
ssize_t r ;
- close(p[2][1]) ;
- close(p[1][1]) ;
- close(p[0][0]) ;
- if (fd_move(p[3][0], p[1][0]) == -1 || fd_move(p[3][1], p[0][1]) == -1)
+ close(p[5]) ;
+ close(p[3]) ;
+ close(p[0]) ;
+ if (fd_move(p[6], p[2]) == -1 || fd_move(p[7], p[1]) == -1)
strerr_diefu1sys(111, "move file descriptors") ;
- r = read(p[2][0], buf, MAXENVSIZE) ;
+ r = read(p[4], buf, MAXENVSIZE) ;
if (r < 0) strerr_diefu1sys(111, "read from handshake notification pipe") ;
if (!r)
{
@@ -28,6 +28,6 @@ void s6tls_sync_and_exec_app (char const *const *argv, int const p[4][2], pid_t
_exit(wait_estatus(wstat)) ;
}
if (r >= MAXENVSIZE) strerr_dief1x(101, "SSL data too large; recompile with a bigger MAXENVSIZE") ;
- close(p[2][0]) ;
+ close(p[4]) ;
s6tls_clean_and_exec(argv, options, buf, r-1) ;
}
diff --git a/src/tls/s6tls_ucspi_exec_app.c b/src/tls/s6tls_ucspi_exec_app.c
index 6a319b6..03aa40f 100644
--- a/src/tls/s6tls_ucspi_exec_app.c
+++ b/src/tls/s6tls_ucspi_exec_app.c
@@ -7,21 +7,21 @@
#include "s6tls-internal.h"
-void s6tls_ucspi_exec_app (char const *const *argv, int const p[4][2], uint32_t options)
+void s6tls_ucspi_exec_app (char const *const *argv, int const *p, uint32_t options)
{
size_t m = 0 ;
- char modif[33 + 3 * UINT_FMT] ;
- close(p[2][1]) ;
- close(p[1][1]) ;
- close(p[0][0]) ;
+ char modif[30 + 3 * UINT_FMT] ;
+ close(p[5]) ;
+ close(p[3]) ;
+ close(p[0]) ;
memcpy(modif + m, "SSLCTLFD=", 9) ; m += 9 ;
- m += uint_fmt(modif + m, p[2][0]) ;
+ m += uint_fmt(modif + m, p[4]) ;
modif[m++] = 0 ;
memcpy(modif + m, "SSLREADFD=", 10) ; m += 10 ;
- m += uint_fmt(modif + m, p[1][0]) ;
+ m += uint_fmt(modif + m, p[2]) ;
modif[m++] = 0 ;
memcpy(modif + m, "SSLWRITEFD=", 11) ; m += 11 ;
- m += uint_fmt(modif + m, p[0][1]) ;
+ m += uint_fmt(modif + m, p[1]) ;
modif[m++] = 0 ;
s6tls_clean_and_exec(argv, options, modif, m) ;
}