diff options
author | Laurent Bercot <ska-skaware@skarnet.org> | 2023-11-10 11:28:19 +0000 |
---|---|---|
committer | Laurent Bercot <ska@appnovation.com> | 2023-11-10 11:28:19 +0000 |
commit | 1e10d30b41b65dbd520e01adc5fe686cb92b0f12 (patch) | |
tree | 32af8327cb6bb9aa6bbd5e20ee7a2cc1f9c95263 | |
parent | c930181234bfb31fba0136d866e6e75633acafe0 (diff) | |
download | s6-networking-1e10d30b41b65dbd520e01adc5fe686cb92b0f12.tar.xz |
Prepare for 2.7.0.0. Better s6-tlsc-io interface.
Signed-off-by: Laurent Bercot <ska@appnovation.com>
-rw-r--r-- | doc/index.html | 2 | ||||
-rw-r--r-- | doc/s6-tlsc-io.html | 12 | ||||
-rw-r--r-- | doc/upgrade.html | 12 | ||||
-rw-r--r-- | package/info | 2 | ||||
-rw-r--r-- | src/tls/s6-tlsc-io.c | 6 | ||||
-rw-r--r-- | src/tls/s6-tlsc.c | 20 | ||||
-rw-r--r-- | src/tls/s6-tlsd.c | 6 | ||||
-rw-r--r-- | src/tls/s6-ucspitlsc.c | 36 | ||||
-rw-r--r-- | src/tls/s6-ucspitlsd.c | 24 | ||||
-rw-r--r-- | src/tls/s6tls-internal.h | 10 | ||||
-rw-r--r-- | src/tls/s6tls_clean_and_exec.c | 26 | ||||
-rw-r--r-- | src/tls/s6tls_io_spawn.c | 14 | ||||
-rw-r--r-- | src/tls/s6tls_prep_tlscio.c | 10 | ||||
-rw-r--r-- | src/tls/s6tls_prep_tlsdio.c | 10 | ||||
-rw-r--r-- | src/tls/s6tls_sync_and_exec_app.c | 14 | ||||
-rw-r--r-- | src/tls/s6tls_ucspi_exec_app.c | 16 |
16 files changed, 116 insertions, 104 deletions
diff --git a/doc/index.html b/doc/index.html index 8cd5f2e..95294f2 100644 --- a/doc/index.html +++ b/doc/index.html @@ -91,7 +91,7 @@ run-time requirement if you link against its shared version. </li> <ul> <li> The current released version of s6-networking is -<a href="s6-networking-2.6.0.0.tar.gz">2.6.0.0</a>. </li> +<a href="s6-networking-2.7.0.0.tar.gz">2.7.0.0</a>. </li> <li> Alternatively, you can checkout a copy of the <a href="//git.skarnet.org/cgi-bin/cgit.cgi/s6-networking/">s6-networking git repository</a>: diff --git a/doc/s6-tlsc-io.html b/doc/s6-tlsc-io.html index 4466293..b4bb154 100644 --- a/doc/s6-tlsc-io.html +++ b/doc/s6-tlsc-io.html @@ -42,14 +42,14 @@ the options given when configuring s6-networking. </pre> <ul> - <li> s6-tlsc-io expects to have an open connection it -can talk to on its standard input and output. It also expects to read -cleartext data from file descriptor <em>fdr</em> and write cleartext -data to file descriptor <em>fdw</em>. </li> + <li> s6-tlsc-io expects to read cleartext data to stdin, and write +cleartext data to stdout. It also expects descriptors <em>fdr</em> and +<em>fdw</em> to be open (typically connected to the network), to +respectively read ciphertext from and write ciphertext to. </li> <li> It initiates a TLS handshake over the network connection, expecting a TLS server on the other side. </li> - <li> Then it acts as a full duplex tunnel, decrypting and transmitting -data from stdin to <em>fdw</em>, and encrypting and transmitting data + <li> Then it acts as a full duplex tunnel, encrypting and transmitting +data from stdin to <em>fdw</em>, and decrypting and transmitting data from <em>fdr</em> to stdout. </li> <li> When it cannot transmit any more data from/to the local application because connections have closed, <tt>s6-tlsc-io</tt> exits. </li> diff --git a/doc/upgrade.html b/doc/upgrade.html index 1ef9c25..292030e 100644 --- a/doc/upgrade.html +++ b/doc/upgrade.html @@ -18,6 +18,18 @@ <h1> What has changed in s6-networking </h1> +<h2> in 2.7.0.0 </h2> + +<ul> + <li> <a href="s6-tlsc-io.html">s6-tlsc-io</a> has changed +interfaces: now it uses stdin/stdout as the <em>local</em> +side, and the descriptors given as arguments as the <em>remote</em> +side. This allows users to invoke it directly when it is relevant. </li> + <li> Consequently, <a href="s6-tlsc.html">s6-tlsc</a> and +<a href="s6-ucpistlsc.html">s6-ucspitlsc</a> have changed how they invoke +<a href="s6-tlsc-io.html">s6-tlsc-io</a>. </li> +</ul> + <h2> in 2.6.0.0 </h2> <ul> diff --git a/package/info b/package/info index 8a7dd83..0af6133 100644 --- a/package/info +++ b/package/info @@ -1,4 +1,4 @@ package=s6-networking -version=2.6.0.0 +version=2.7.0.0 category=net package_macro_name=S6_NETWORKING diff --git a/src/tls/s6-tlsc-io.c b/src/tls/s6-tlsc-io.c index ebd1d9a..633d349 100644 --- a/src/tls/s6-tlsc-io.c +++ b/src/tls/s6-tlsc-io.c @@ -69,7 +69,7 @@ int main (int argc, char const *const *argv, char const *const *envp) { char const *servername = 0 ; tain tto ; - int fds[4] = { 0, 1, 0, 1 } ; + int fds[4] = { 0, 1, 6, 7 } ; unsigned int verbosity = 1 ; unsigned int notif = 0 ; uint32_t preoptions = 0 ; @@ -103,9 +103,9 @@ int main (int argc, char const *const *argv, char const *const *envp) { unsigned int u ; if (!uint0_scan(argv[0], &u)) dieusage() ; - fds[0] = u ; + fds[2] = u ; if (!uint0_scan(argv[1], &u)) dieusage() ; - fds[1] = u ; + fds[3] = u ; } if (!sig_ignore(SIGPIPE)) strerr_diefu1sys(111, "ignore SIGPIPE") ; diff --git a/src/tls/s6-tlsc.c b/src/tls/s6-tlsc.c index dddb093..d348599 100644 --- a/src/tls/s6-tlsc.c +++ b/src/tls/s6-tlsc.c @@ -18,7 +18,7 @@ int main (int argc, char const *const *argv) { unsigned int verbosity = 1 ; unsigned int kimeout = 0 ; - int p[4][2] = { [3] = { [0] = 6, [1] = 7 } } ; + int p[8] = { [6] = 6, [7] = 7 } ; uint32_t coptions = 0 ; uint32_t poptions = 1 ; pid_t pid ; @@ -46,15 +46,15 @@ int main (int argc, char const *const *argv) case '6' : { unsigned int fd ; - if (!uint0_scan(l.arg, &fd)) dieusage() ; - p[3][0] = fd ; + if (!uint0_scan(l.arg, &fd) || fd < 3) dieusage() ; + p[6] = fd ; break ; } case '7' : { unsigned int fd ; - if (!uint0_scan(l.arg, &fd)) dieusage() ; - p[3][1] = fd ; + if (!uint0_scan(l.arg, &fd) || fd < 3) dieusage() ; + p[7] = fd ; break ; } default : dieusage() ; @@ -62,16 +62,14 @@ int main (int argc, char const *const *argv) } argc -= l.ind ; argv += l.ind ; } - if (!argc) dieusage() ; - + if (!argc || p[6] == p[7]) dieusage() ; fd_sanitize() ; - if (fcntl(p[3][0], F_GETFD) == -1 || fcntl(p[3][1], F_GETFD) == -1) + if (fcntl(p[6], F_GETFD) == -1 || fcntl(p[7], F_GETFD) == -1) strerr_diefu1sys(111, "check network fds") ; - - if (pipe(p[0]) == -1 || pipe(p[1]) == -1 || pipe(p[2]) == -1) + if (pipe(p) == -1 || pipe(p+2) == -1 || pipe(p+4) == -1) strerr_diefu1sys(111, "pipe") ; s6tls_prep_tlscio(newargv, buf, p, coptions, verbosity, kimeout, servername) ; - pid = s6tls_io_spawn(newargv, p) ; + pid = s6tls_io_spawn(newargv, p, 1) ; if (!pid) strerr_diefu2sys(111, "spawn ", newargv[0]) ; s6tls_sync_and_exec_app(argv, p, pid, poptions) ; } diff --git a/src/tls/s6-tlsd.c b/src/tls/s6-tlsd.c index a1c19bf..85c0d9f 100644 --- a/src/tls/s6-tlsd.c +++ b/src/tls/s6-tlsd.c @@ -17,10 +17,10 @@ int main (int argc, char const *const *argv) unsigned int verbosity = 1 ; unsigned int kimeout = 0 ; unsigned int snilevel = 0 ; - int p[4][2] = { [3] = { [0] = 0, [1] = 1 } } ; uint32_t coptions = 0 ; uint32_t poptions = 1 ; pid_t pid ; + int p[8] = { [6] = 0, [7] = 1 } ; char const *newargv[S6TLS_PREP_IO_ARGC] ; char buf[S6TLS_PREP_IO_BUFLEN] ; PROG = "s6-tlsd" ; @@ -48,10 +48,10 @@ int main (int argc, char const *const *argv) } if (!argc) dieusage() ; - if (pipe(p[0]) == -1 || pipe(p[1]) == -1 || pipe(p[2]) == -1) + if (pipe(p) == -1 || pipe(p+2) == -1 || pipe(p+4) == -1) strerr_diefu1sys(111, "create pipe") ; s6tls_prep_tlsdio(newargv, buf, p, coptions, verbosity, kimeout, snilevel) ; - pid = s6tls_io_spawn(newargv, p) ; + pid = s6tls_io_spawn(newargv, p, 0) ; if (!pid) strerr_diefu2sys(111, "spawn ", newargv[0]) ; s6tls_sync_and_exec_app(argv, p, pid, poptions) ; } diff --git a/src/tls/s6-ucspitlsc.c b/src/tls/s6-ucspitlsc.c index 4f284b7..bb1a2dc 100644 --- a/src/tls/s6-ucspitlsc.c +++ b/src/tls/s6-ucspitlsc.c @@ -18,20 +18,20 @@ #define USAGE "s6-ucspitlsc [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K timeout ] [ -Z | -z ] [ -k servername ] [ -6 fdr ] [ -7 fdw ] prog..." #define dieusage() strerr_dieusage(100, USAGE) -static inline void child (int [4][2], uint32_t, unsigned int, unsigned int, char const *, pid_t) gccattr_noreturn ; -static inline void child (int p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername, pid_t pid) +static inline void child (int *, uint32_t, unsigned int, unsigned int, char const *, pid_t) gccattr_noreturn ; +static inline void child (int *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername, pid_t pid) { ssize_t r ; char const *newargv[S6TLS_PREP_IO_ARGC] ; char buf[S6TLS_PREP_IO_BUFLEN] ; char c ; PROG = "s6-ucspitlsc" ; - close(p[2][0]) ; - close(p[1][0]) ; - close(p[0][1]) ; - if (fd_move(0, p[3][0]) == -1 || fd_move(1, p[3][1]) == -1) + close(p[4]) ; + close(p[2]) ; + close(p[1]) ; + if (fd_move(0, p[0]) == -1 || fd_move(1, p[3]) == -1) strerr_diefu1sys(111, "move network fds to stdin/stdout") ; - r = read(p[2][1], &c, 1) ; + r = read(p[5], &c, 1) ; if (r < 0) strerr_diefu1sys(111, "read from control socket") ; if (!r) { @@ -46,11 +46,11 @@ static inline void child (int p[4][2], uint32_t options, unsigned int verbosity, switch (c) { case 'y' : - close(p[2][1]) ; - p[2][1] = 0 ; /* we know 0 is open so it's a suitable invalid value */ + close(p[5]) ; + p[5] = 0 ; /* we know 0 is open so it's a suitable invalid value */ break ; case 'Y' : - fd_shutdown(p[2][1], 0) ; + fd_shutdown(p[5], 0) ; break ; default : strerr_dief1x(100, "unrecognized command on control socket") ; @@ -69,11 +69,11 @@ int main (int argc, char const *const *argv, char const *const *envp) { unsigned int verbosity = 1 ; unsigned int kimeout = 0 ; - int p[4][2] = { [3] = { [0] = 6, [1] = 7 } } ; uint32_t coptions = 0 ; + int p[8] = { [6] = 6, [7] = 7 } ; uint32_t poptions = 1 ; - char const *servername = 0 ; pid_t pid ; + char const *servername = 0 ; PROG = "s6-ucspitlsc (parent)" ; { @@ -97,14 +97,14 @@ int main (int argc, char const *const *argv, char const *const *envp) { unsigned int fd ; if (!uint0_scan(l.arg, &fd)) dieusage() ; - p[3][0] = fd ; + p[6] = fd ; break ; } case '7' : { unsigned int fd ; if (!uint0_scan(l.arg, &fd)) dieusage() ; - p[3][1] = fd ; + p[7] = fd ; break ; } default : dieusage() ; @@ -112,13 +112,13 @@ int main (int argc, char const *const *argv, char const *const *envp) } argc -= l.ind ; argv += l.ind ; } - if (!argc) dieusage() ; + if (!argc || p[6] == p[7]) dieusage() ; fd_sanitize() ; - if (fcntl(p[3][0], F_GETFD) == -1 || fcntl(p[3][1], F_GETFD) == -1) + if (fcntl(p[6], F_GETFD) == -1 || fcntl(p[7], F_GETFD) == -1) strerr_diefu1sys(111, "check network fds") ; - if (ipc_pair_b(p[2]) == -1) strerr_diefu1sys(111, "ipc_pair") ; - if (pipe(p[0]) == -1 || pipe(p[1]) == -1) strerr_diefu1sys(111, "pipe") ; + if (pipe(p) == -1 || pipe(p+2) == -1) strerr_diefu1sys(111, "pipe") ; + if (ipc_pair_b(p+4) == -1) strerr_diefu1sys(111, "ipc_pair") ; pid = getpid() ; switch (fork()) diff --git a/src/tls/s6-ucspitlsd.c b/src/tls/s6-ucspitlsd.c index 92450e3..fc0868a 100644 --- a/src/tls/s6-ucspitlsd.c +++ b/src/tls/s6-ucspitlsd.c @@ -17,18 +17,18 @@ #define USAGE "s6-ucspitlsd [ -S | -s ] [ -Y | -y ] [ -k snilevel ] [ -v verbosity ] [ -K timeout ] [ -Z | -z ] prog..." #define dieusage() strerr_dieusage(100, USAGE) -static inline void child (int [4][2], uint32_t, unsigned int, unsigned int, unsigned int, pid_t) gccattr_noreturn ; -static inline void child (int p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel, pid_t pid) +static inline void child (int *, uint32_t, unsigned int, unsigned int, unsigned int, pid_t) gccattr_noreturn ; +static inline void child (int *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel, pid_t pid) { ssize_t r ; char const *newargv[S6TLS_PREP_IO_ARGC] ; char buf[S6TLS_PREP_IO_BUFLEN] ; char c ; PROG = "s6-ucspitlsd" ; - close(p[2][0]) ; - close(p[0][1]) ; - close(p[1][0]) ; - r = read(p[2][1], &c, 1) ; + close(p[4]) ; + close(p[1]) ; + close(p[2]) ; + r = read(p[5], &c, 1) ; if (r < 0) strerr_diefu1sys(111, "read from control socket") ; if (!r) { @@ -43,11 +43,11 @@ static inline void child (int p[4][2], uint32_t options, unsigned int verbosity, switch (c) { case 'y' : - close(p[2][1]) ; - p[2][1] = 0 ; /* we know 0 is open so it's a suitable invalid value */ + close(p[5]) ; + p[5] = 0 ; /* we know 0 is open so it's a suitable invalid value */ break ; case 'Y' : - fd_shutdown(p[2][1], 0) ; + fd_shutdown(p[5], 0) ; break ; default : strerr_dief1x(100, "unrecognized command on control socket") ; @@ -67,9 +67,9 @@ int main (int argc, char const *const *argv) unsigned int verbosity = 1 ; unsigned int kimeout = 0 ; unsigned int snilevel = 0 ; - int p[4][2] = { [3] = { [0] = -1, [1] = -1 } } ; uint32_t coptions = 0 ; uint32_t poptions = 1 ; + int p[6] ; pid_t pid ; PROG = "s6-ucspitlsd (parent)" ; @@ -97,8 +97,8 @@ int main (int argc, char const *const *argv) } if (!argc) dieusage() ; - if (ipc_pair_b(p[2]) == -1) strerr_diefu1sys(111, "ipc_pair") ; - if (pipe(p[0]) == -1 || pipe(p[1]) == -1) strerr_diefu1sys(111, "pipe") ; + if (pipe(p) == -1 || pipe(p+2) == -1) strerr_diefu1sys(111, "pipe") ; + if (ipc_pair_b(p+4) == -1) strerr_diefu1sys(111, "ipc_pair") ; pid = getpid() ; switch (fork()) diff --git a/src/tls/s6tls-internal.h b/src/tls/s6tls-internal.h index 2870744..fdd247f 100644 --- a/src/tls/s6tls-internal.h +++ b/src/tls/s6tls-internal.h @@ -12,11 +12,11 @@ #define S6TLS_PREP_IO_ARGC 15 #define S6TLS_PREP_IO_BUFLEN (5 * UINT_FMT) -extern pid_t s6tls_io_spawn (char const *const *argv, int const [4][2]) ; -extern void s6tls_prep_tlscio (char const **, char *, int const [4][2], uint32_t, unsigned int, unsigned int, char const *) ; -extern void s6tls_prep_tlsdio (char const **, char *, int const [4][2], uint32_t, unsigned int, unsigned int, unsigned int) ; -extern void s6tls_sync_and_exec_app (char const *const *, int const [4][2], pid_t, uint32_t) gccattr_noreturn ; -extern void s6tls_ucspi_exec_app (char const *const *, int const [4][2], uint32_t) gccattr_noreturn ; +extern pid_t s6tls_io_spawn (char const *const *argv, int const *, int) ; +extern void s6tls_prep_tlscio (char const **, char *, int const *, uint32_t, unsigned int, unsigned int, char const *) ; +extern void s6tls_prep_tlsdio (char const **, char *, int const *, uint32_t, unsigned int, unsigned int, unsigned int) ; +extern void s6tls_sync_and_exec_app (char const *const *, int const *, pid_t, uint32_t) gccattr_noreturn ; +extern void s6tls_ucspi_exec_app (char const *const *, int const *, uint32_t) gccattr_noreturn ; extern void s6tls_clean_and_exec (char const *const *, uint32_t, char const *, size_t) gccattr_noreturn ; #endif diff --git a/src/tls/s6tls_clean_and_exec.c b/src/tls/s6tls_clean_and_exec.c index 9432e3a..9c1026b 100644 --- a/src/tls/s6tls_clean_and_exec.c +++ b/src/tls/s6tls_clean_and_exec.c @@ -1,6 +1,7 @@ /* ISC license. */ -#include <stddef.h> +#include <string.h> +#include <stdlib.h> #include <skalibs/posixplz.h> #include <skalibs/bytestr.h> @@ -9,6 +10,12 @@ #include "s6tls-internal.h" +static int startswith (void const *a, void const *b) +{ + char const *bb = *(char const *const *)b ; + return strncmp(a, bb, strlen(bb)) ; +} + void s6tls_clean_and_exec (char const *const *argv, uint32_t options, char const *modif, size_t modiflen) { if (options & 1) @@ -17,25 +24,20 @@ void s6tls_clean_and_exec (char const *const *argv, uint32_t options, char const { "CADIR=", "CAFILE=", - "KEYFILE=", + "CERTFILE:", "CERTFILE=", - "TLS_UID=", - "TLS_GID=", "KEYFILE:", - "CERTFILE:", - 0 + "KEYFILE=", + "TLS_GID=", + "TLS_UID=" } ; char const *const *envp = (char const *const *)environ ; size_t m = 0 ; size_t n = env_len(envp) ; char const *newenvp[n + 1] ; for (; *envp ; envp++) - { - char const *const *var = toclean ; - for (; *var ; var++) - if (str_start(*envp, *var)) break ; - if (!*var) newenvp[m++] = *envp ; - } + if (!bsearch(*envp, toclean, sizeof(toclean)/sizeof(char const *), sizeof(char const *), &startswith)) + newenvp[m++] = *envp ; newenvp[m] = 0 ; xmexec_fm(argv, newenvp, m, modif, modiflen) ; } diff --git a/src/tls/s6tls_io_spawn.c b/src/tls/s6tls_io_spawn.c index 252ddb5..aa7764c 100644 --- a/src/tls/s6tls_io_spawn.c +++ b/src/tls/s6tls_io_spawn.c @@ -5,15 +5,15 @@ #include "s6tls-internal.h" -pid_t s6tls_io_spawn (char const *const *argv, int const p[4][2]) +pid_t s6tls_io_spawn (char const *const *argv, int const *p, int isc) { cspawn_fileaction fa[5] = { - [0] = { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[0][1] } }, - [1] = { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[1][0] } }, - [2] = { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[2][0] } }, - [3] = { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { [0] = 0, [1] = p[3][0] } } }, - [4] = { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { [0] = 1, [1] = p[3][1] } } } + { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[1] } }, + { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[2] } }, + { .type = CSPAWN_FA_CLOSE, .x = { .fd = p[4] } }, + { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { 0, p[0] } } }, + { .type = CSPAWN_FA_MOVE, .x = { .fd2 = { 1, p[3] } } } } ; - return cspawn(argv[0], argv, (char const *const *)environ, 0, fa, 5) ; + return cspawn(argv[0], argv, (char const *const *)environ, 0, fa, isc ? 5 : 3) ; } diff --git a/src/tls/s6tls_prep_tlscio.c b/src/tls/s6tls_prep_tlscio.c index 1d25f65..a3f33b0 100644 --- a/src/tls/s6tls_prep_tlscio.c +++ b/src/tls/s6tls_prep_tlscio.c @@ -5,7 +5,7 @@ #include <s6-networking/config.h> #include "s6tls-internal.h" -void s6tls_prep_tlscio (char const **argv, char *buf, int const p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername) +void s6tls_prep_tlscio (char const **argv, char *buf, int const *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, char const *servername) { size_t m = 0 ; size_t n = 0 ; @@ -18,11 +18,11 @@ void s6tls_prep_tlscio (char const **argv, char *buf, int const p[4][2], uint32_ n += uint_fmt(buf + n, verbosity) ; buf[n++] = 0 ; } - if (p[2][1]) + if (p[5]) { argv[m++] = "-d" ; argv[m++] = buf + n ; - n += uint_fmt(buf + n, p[2][1]) ; + n += uint_fmt(buf + n, p[5]) ; buf[n++] = 0 ; } argv[m++] = options & 4 ? "-S" : "-s" ; @@ -41,10 +41,10 @@ void s6tls_prep_tlscio (char const **argv, char *buf, int const p[4][2], uint32_ } argv[m++] = "--" ; argv[m++] = buf + n ; - n += uint_fmt(buf + n, p[0][0]) ; + n += uint_fmt(buf + n, p[6]) ; buf[n++] = 0 ; argv[m++] = buf + n ; - n += uint_fmt(buf + n, p[1][1]) ; + n += uint_fmt(buf + n, p[7]) ; buf[n++] = 0 ; argv[m++] = 0 ; } diff --git a/src/tls/s6tls_prep_tlsdio.c b/src/tls/s6tls_prep_tlsdio.c index 947cf70..73099bf 100644 --- a/src/tls/s6tls_prep_tlsdio.c +++ b/src/tls/s6tls_prep_tlsdio.c @@ -5,7 +5,7 @@ #include <s6-networking/config.h> #include "s6tls-internal.h" -void s6tls_prep_tlsdio (char const **argv, char *buf, int const p[4][2], uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel) +void s6tls_prep_tlsdio (char const **argv, char *buf, int const *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel) { size_t m = 0 ; size_t n = 0 ; @@ -18,11 +18,11 @@ void s6tls_prep_tlsdio (char const **argv, char *buf, int const p[4][2], uint32_ n += uint_fmt(buf + n, verbosity) ; buf[n++] = 0 ; } - if (p[2][1]) + if (p[5]) { argv[m++] = "-d" ; argv[m++] = buf + n ; - n += uint_fmt(buf + n, p[2][1]) ; + n += uint_fmt(buf + n, p[5]) ; buf[n++] = 0 ; } argv[m++] = options & 4 ? "-S" : "-s" ; @@ -44,10 +44,10 @@ void s6tls_prep_tlsdio (char const **argv, char *buf, int const p[4][2], uint32_ } argv[m++] = "--" ; argv[m++] = buf + n ; - n += uint_fmt(buf + n, p[0][0]) ; + n += uint_fmt(buf + n, p[0]) ; buf[n++] = 0 ; argv[m++] = buf + n ; - n += uint_fmt(buf + n, p[1][1]) ; + n += uint_fmt(buf + n, p[3]) ; buf[n++] = 0 ; argv[m++] = 0 ; } diff --git a/src/tls/s6tls_sync_and_exec_app.c b/src/tls/s6tls_sync_and_exec_app.c index 56e8dc1..a5059ef 100644 --- a/src/tls/s6tls_sync_and_exec_app.c +++ b/src/tls/s6tls_sync_and_exec_app.c @@ -9,16 +9,16 @@ #define MAXENVSIZE 4096 -void s6tls_sync_and_exec_app (char const *const *argv, int const p[4][2], pid_t pid, uint32_t options) +void s6tls_sync_and_exec_app (char const *const *argv, int const *p, pid_t pid, uint32_t options) { char buf[MAXENVSIZE] ; ssize_t r ; - close(p[2][1]) ; - close(p[1][1]) ; - close(p[0][0]) ; - if (fd_move(p[3][0], p[1][0]) == -1 || fd_move(p[3][1], p[0][1]) == -1) + close(p[5]) ; + close(p[3]) ; + close(p[0]) ; + if (fd_move(p[6], p[2]) == -1 || fd_move(p[7], p[1]) == -1) strerr_diefu1sys(111, "move file descriptors") ; - r = read(p[2][0], buf, MAXENVSIZE) ; + r = read(p[4], buf, MAXENVSIZE) ; if (r < 0) strerr_diefu1sys(111, "read from handshake notification pipe") ; if (!r) { @@ -28,6 +28,6 @@ void s6tls_sync_and_exec_app (char const *const *argv, int const p[4][2], pid_t _exit(wait_estatus(wstat)) ; } if (r >= MAXENVSIZE) strerr_dief1x(101, "SSL data too large; recompile with a bigger MAXENVSIZE") ; - close(p[2][0]) ; + close(p[4]) ; s6tls_clean_and_exec(argv, options, buf, r-1) ; } diff --git a/src/tls/s6tls_ucspi_exec_app.c b/src/tls/s6tls_ucspi_exec_app.c index 6a319b6..03aa40f 100644 --- a/src/tls/s6tls_ucspi_exec_app.c +++ b/src/tls/s6tls_ucspi_exec_app.c @@ -7,21 +7,21 @@ #include "s6tls-internal.h" -void s6tls_ucspi_exec_app (char const *const *argv, int const p[4][2], uint32_t options) +void s6tls_ucspi_exec_app (char const *const *argv, int const *p, uint32_t options) { size_t m = 0 ; - char modif[33 + 3 * UINT_FMT] ; - close(p[2][1]) ; - close(p[1][1]) ; - close(p[0][0]) ; + char modif[30 + 3 * UINT_FMT] ; + close(p[5]) ; + close(p[3]) ; + close(p[0]) ; memcpy(modif + m, "SSLCTLFD=", 9) ; m += 9 ; - m += uint_fmt(modif + m, p[2][0]) ; + m += uint_fmt(modif + m, p[4]) ; modif[m++] = 0 ; memcpy(modif + m, "SSLREADFD=", 10) ; m += 10 ; - m += uint_fmt(modif + m, p[1][0]) ; + m += uint_fmt(modif + m, p[2]) ; modif[m++] = 0 ; memcpy(modif + m, "SSLWRITEFD=", 11) ; m += 11 ; - m += uint_fmt(modif + m, p[0][1]) ; + m += uint_fmt(modif + m, p[1]) ; modif[m++] = 0 ; s6tls_clean_and_exec(argv, options, modif, m) ; } |