diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-20 23:24:29 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-20 23:24:29 +0000 |
| commit | 5715c21a077ee1c2fe8957cb4adcea14fd2eda6b (patch) | |
| tree | cf3e992dce2d426727b535703b0b73dbafb41dbb /package | |
| parent | 1fea1f6ed53cae7f752c9a78271c7c8367b0ad03 (diff) | |
| download | s6-networking-5715c21a077ee1c2fe8957cb4adcea14fd2eda6b.tar.xz | |
Refactor tls code to support ucspi-tls
That includes:
- new architecture: the tls binary is now a child of the app
instead of the other way around
- the sbearssl_run engine now takes a post-handshake callback.
This allows s6-tlsc and s6-tlsd to only exec into the app when
the handshake succeeds (which was already the case with libressl).
- new binaries s6-tlsc-io and s6-tlsd-io encapsulate the crypto
code; they init and run the engine, connecting to 4 already open
fds (stdin/stdout = network, argv[1] and argv[2] = local)
- s6-tlsc is now a simple wrapper around s6-tlsc-io
- s6-tlsd is now a simple wrapper around s6-tlsd-io
- new binary: s6-ucspitlsd, which is also a wrapper around
s6-tlsd-io, but differently: the parent execs the app which should
be ucspi-tls-aware, the child waits for a command from the parent
and execs into s6-tlsd-io if it receives it.
Diffstat (limited to 'package')
| -rw-r--r-- | package/deps.mak | 58 | ||||
| -rw-r--r-- | package/modes | 3 | ||||
| -rw-r--r-- | package/targets.mak | 3 |
3 files changed, 43 insertions, 21 deletions
diff --git a/package/deps.mak b/package/deps.mak index e0fcbfa..febb16b 100644 --- a/package/deps.mak +++ b/package/deps.mak @@ -20,10 +20,17 @@ src/conn-tools/s6-tcpserver4d.o src/conn-tools/s6-tcpserver4d.lo: src/conn-tools src/conn-tools/s6-tcpserver6-socketbinder.o src/conn-tools/s6-tcpserver6-socketbinder.lo: src/conn-tools/s6-tcpserver6-socketbinder.c src/conn-tools/s6-tcpserver6.o src/conn-tools/s6-tcpserver6.lo: src/conn-tools/s6-tcpserver6.c src/include/s6-networking/config.h src/conn-tools/s6-tcpserver6d.o src/conn-tools/s6-tcpserver6d.lo: src/conn-tools/s6-tcpserver6d.c -src/conn-tools/s6-tlsc.o src/conn-tools/s6-tlsc.lo: src/conn-tools/s6-tlsc.c src/include/s6-networking/config.h src/include/s6-networking/sbearssl.h src/include/s6-networking/stls.h +src/conn-tools/s6-tlsc-io.o src/conn-tools/s6-tlsc-io.lo: src/conn-tools/s6-tlsc-io.c src/include/s6-networking/config.h src/include/s6-networking/sbearssl.h src/include/s6-networking/stls.h +src/conn-tools/s6-tlsc.o src/conn-tools/s6-tlsc.lo: src/conn-tools/s6-tlsc.c src/conn-tools/s6tls-internal.h src/conn-tools/s6-tlsclient.o src/conn-tools/s6-tlsclient.lo: src/conn-tools/s6-tlsclient.c src/include/s6-networking/config.h -src/conn-tools/s6-tlsd.o src/conn-tools/s6-tlsd.lo: src/conn-tools/s6-tlsd.c src/include/s6-networking/config.h src/include/s6-networking/sbearssl.h src/include/s6-networking/stls.h +src/conn-tools/s6-tlsd-io.o src/conn-tools/s6-tlsd-io.lo: src/conn-tools/s6-tlsd-io.c src/include/s6-networking/config.h src/include/s6-networking/sbearssl.h src/include/s6-networking/stls.h +src/conn-tools/s6-tlsd.o src/conn-tools/s6-tlsd.lo: src/conn-tools/s6-tlsd.c src/conn-tools/s6tls-internal.h src/conn-tools/s6-tlsserver.o src/conn-tools/s6-tlsserver.lo: src/conn-tools/s6-tlsserver.c src/include/s6-networking/config.h +src/conn-tools/s6-ucspitlsd.o src/conn-tools/s6-ucspitlsd.lo: src/conn-tools/s6-ucspitlsd.c src/include/s6-networking/config.h src/conn-tools/s6tls-internal.h +src/conn-tools/s6tls_drop.o src/conn-tools/s6tls_drop.lo: src/conn-tools/s6tls_drop.c src/conn-tools/s6tls-internal.h +src/conn-tools/s6tls_exec_tlscio.o src/conn-tools/s6tls_exec_tlscio.lo: src/conn-tools/s6tls_exec_tlscio.c src/include/s6-networking/config.h src/conn-tools/s6tls-internal.h +src/conn-tools/s6tls_exec_tlsdio.o src/conn-tools/s6tls_exec_tlsdio.lo: src/conn-tools/s6tls_exec_tlsdio.c src/include/s6-networking/config.h src/conn-tools/s6tls-internal.h +src/conn-tools/s6tls_wait_and_exec_app.o src/conn-tools/s6tls_wait_and_exec_app.lo: src/conn-tools/s6tls_wait_and_exec_app.c src/conn-tools/s6tls-internal.h src/libs6net/s6net_ident_client.o src/libs6net/s6net_ident_client.lo: src/libs6net/s6net_ident_client.c src/include/s6-networking/ident.h src/libs6net/s6net_ident_error.o src/libs6net/s6net_ident_error.lo: src/libs6net/s6net_ident_error.c src/include/s6-networking/ident.h src/libs6net/s6net_ident_reply_get.o src/libs6net/s6net_ident_reply_get.lo: src/libs6net/s6net_ident_reply_get.c src/include/s6-networking/ident.h @@ -36,6 +43,7 @@ src/sbearssl/sbearssl_cert_from.o src/sbearssl/sbearssl_cert_from.lo: src/sbears src/sbearssl/sbearssl_cert_readbigpem.o src/sbearssl/sbearssl_cert_readbigpem.lo: src/sbearssl/sbearssl_cert_readbigpem.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_cert_readfile.o src/sbearssl/sbearssl_cert_readfile.lo: src/sbearssl/sbearssl_cert_readfile.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_cert_to.o src/sbearssl/sbearssl_cert_to.lo: src/sbearssl/sbearssl_cert_to.c src/include/s6-networking/sbearssl.h +src/sbearssl/sbearssl_client_init_and_run.o src/sbearssl/sbearssl_client_init_and_run.lo: src/sbearssl/sbearssl_client_init_and_run.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl-internal.h src/sbearssl/sbearssl_ec_issuer_keytype.o src/sbearssl/sbearssl_ec_issuer_keytype.lo: src/sbearssl/sbearssl_ec_issuer_keytype.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl-internal.h src/sbearssl/sbearssl_ec_pkey_from.o src/sbearssl/sbearssl_ec_pkey_from.lo: src/sbearssl/sbearssl_ec_pkey_from.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_ec_pkey_to.o src/sbearssl/sbearssl_ec_pkey_to.lo: src/sbearssl/sbearssl_ec_pkey_to.c src/include/s6-networking/sbearssl.h @@ -48,14 +56,12 @@ src/sbearssl/sbearssl_pem_decode_from_string.o src/sbearssl/sbearssl_pem_decode_ src/sbearssl/sbearssl_pem_push.o src/sbearssl/sbearssl_pem_push.lo: src/sbearssl/sbearssl_pem_push.c src/sbearssl/sbearssl-internal.h src/sbearssl/sbearssl_pkey_from.o src/sbearssl/sbearssl_pkey_from.lo: src/sbearssl/sbearssl_pkey_from.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_pkey_to.o src/sbearssl/sbearssl_pkey_to.lo: src/sbearssl/sbearssl_pkey_to.c src/include/s6-networking/sbearssl.h -src/sbearssl/sbearssl_prep_spawn_drop.o src/sbearssl/sbearssl_prep_spawn_drop.lo: src/sbearssl/sbearssl_prep_spawn_drop.c src/sbearssl/sbearssl-internal.h src/sbearssl/sbearssl_rsa_pkey_from.o src/sbearssl/sbearssl_rsa_pkey_from.lo: src/sbearssl/sbearssl_rsa_pkey_from.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_rsa_pkey_to.o src/sbearssl/sbearssl_rsa_pkey_to.lo: src/sbearssl/sbearssl_rsa_pkey_to.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_rsa_skey_from.o src/sbearssl/sbearssl_rsa_skey_from.lo: src/sbearssl/sbearssl_rsa_skey_from.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_rsa_skey_to.o src/sbearssl/sbearssl_rsa_skey_to.lo: src/sbearssl/sbearssl_rsa_skey_to.c src/include/s6-networking/sbearssl.h -src/sbearssl/sbearssl_run.o src/sbearssl/sbearssl_run.lo: src/sbearssl/sbearssl_run.c src/include/s6-networking/sbearssl.h -src/sbearssl/sbearssl_s6tlsc.o src/sbearssl/sbearssl_s6tlsc.lo: src/sbearssl/sbearssl_s6tlsc.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl-internal.h -src/sbearssl/sbearssl_s6tlsd.o src/sbearssl/sbearssl_s6tlsd.lo: src/sbearssl/sbearssl_s6tlsd.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl-internal.h +src/sbearssl/sbearssl_run.o src/sbearssl/sbearssl_run.lo: src/sbearssl/sbearssl_run.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl-internal.h +src/sbearssl/sbearssl_server_init_and_run.o src/sbearssl/sbearssl_server_init_and_run.lo: src/sbearssl/sbearssl_server_init_and_run.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl-internal.h src/sbearssl/sbearssl_skey_from.o src/sbearssl/sbearssl_skey_from.lo: src/sbearssl/sbearssl_skey_from.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_skey_readfile.o src/sbearssl/sbearssl_skey_readfile.lo: src/sbearssl/sbearssl_skey_readfile.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_skey_to.o src/sbearssl/sbearssl_skey_to.lo: src/sbearssl/sbearssl_skey_to.c src/include/s6-networking/sbearssl.h @@ -68,10 +74,9 @@ src/sbearssl/sbearssl_ta_to.o src/sbearssl/sbearssl_ta_to.lo: src/sbearssl/sbear src/sbearssl/sbearssl_x500_from_ta.o src/sbearssl/sbearssl_x500_from_ta.lo: src/sbearssl/sbearssl_x500_from_ta.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_x500_name_len.o src/sbearssl/sbearssl_x500_name_len.lo: src/sbearssl/sbearssl_x500_name_len.c src/include/s6-networking/sbearssl.h src/sbearssl/sbearssl_x509_minimal_set_tai.o src/sbearssl/sbearssl_x509_minimal_set_tai.lo: src/sbearssl/sbearssl_x509_minimal_set_tai.c src/include/s6-networking/sbearssl.h -src/stls/stls_prep_spawn_drop.o src/stls/stls_prep_spawn_drop.lo: src/stls/stls_prep_spawn_drop.c src/stls/stls-internal.h +src/stls/stls_client_init_and_handshake.o src/stls/stls_client_init_and_handshake.lo: src/stls/stls_client_init_and_handshake.c src/include/s6-networking/stls.h src/stls/stls-internal.h src/stls/stls_run.o src/stls/stls_run.lo: src/stls/stls_run.c src/include/s6-networking/stls.h -src/stls/stls_s6tlsc.o src/stls/stls_s6tlsc.lo: src/stls/stls_s6tlsc.c src/include/s6-networking/stls.h src/stls/stls-internal.h -src/stls/stls_s6tlsd.o src/stls/stls_s6tlsd.lo: src/stls/stls_s6tlsd.c src/include/s6-networking/stls.h src/stls/stls-internal.h +src/stls/stls_server_init_and_handshake.o src/stls/stls_server_init_and_handshake.lo: src/stls/stls_server_init_and_handshake.c src/include/s6-networking/stls.h src/stls/stls-internal.h s6-clockadd: EXTRA_LIBS := -lskarnet ${SYSCLOCK_LIB} s6-clockadd: src/clock/s6-clockadd.o @@ -83,6 +88,13 @@ s6-taiclock: EXTRA_LIBS := -lskarnet ${SOCKET_LIB} ${SYSCLOCK_LIB} s6-taiclock: src/clock/s6-taiclock.o s6-taiclockd: EXTRA_LIBS := -lskarnet ${SOCKET_LIB} ${SYSCLOCK_LIB} s6-taiclockd: src/clock/s6-taiclockd.o +ifeq ($(strip $(STATIC_LIBS_ARE_PIC)),) +libs6tls.a.xyzzy: src/conn-tools/s6tls_drop.o src/conn-tools/s6tls_exec_tlscio.o src/conn-tools/s6tls_exec_tlsdio.o src/conn-tools/s6tls_wait_and_exec_app.o +else +libs6tls.a.xyzzy: src/conn-tools/s6tls_drop.lo src/conn-tools/s6tls_exec_tlscio.lo src/conn-tools/s6tls_exec_tlsdio.lo src/conn-tools/s6tls_wait_and_exec_app.lo +endif +libs6tls.so.xyzzy: EXTRA_LIBS := +libs6tls.so.xyzzy: src/conn-tools/s6tls_drop.lo src/conn-tools/s6tls_exec_tlscio.lo src/conn-tools/s6tls_exec_tlsdio.lo src/conn-tools/s6tls_wait_and_exec_app.lo s6-getservbyname: EXTRA_LIBS := -lskarnet ${SOCKET_LIB} s6-getservbyname: src/conn-tools/s6-getservbyname.o s6-ident-client: EXTRA_LIBS := -lskarnet ${SOCKET_LIB} ${SYSCLOCK_LIB} @@ -105,14 +117,20 @@ s6-tcpserver6-socketbinder: EXTRA_LIBS := -lskarnet ${SOCKET_LIB} s6-tcpserver6-socketbinder: src/conn-tools/s6-tcpserver6-socketbinder.o s6-tcpserver6d: EXTRA_LIBS := -lskarnet ${SOCKET_LIB} s6-tcpserver6d: src/conn-tools/s6-tcpserver6d.o -s6-tlsc: EXTRA_LIBS := -lskarnet ${CRYPTO_LIB} ${SOCKET_LIB} ${SPAWN_LIB} ${SYSCLOCK_LIB} -s6-tlsc: src/conn-tools/s6-tlsc.o ${LIBCRYPTOSUPPORT} +s6-tlsc: EXTRA_LIBS := -lskarnet +s6-tlsc: src/conn-tools/s6-tlsc.o libs6tls.a.xyzzy +s6-tlsc-io: EXTRA_LIBS := -lskarnet ${CRYPTO_LIB} ${SOCKET_LIB} ${SYSCLOCK_LIB} +s6-tlsc-io: src/conn-tools/s6-tlsc-io.o ${LIBCRYPTOSUPPORT} s6-tlsclient: EXTRA_LIBS := -lskarnet s6-tlsclient: src/conn-tools/s6-tlsclient.o -s6-tlsd: EXTRA_LIBS := -lskarnet ${CRYPTO_LIB} ${SOCKET_LIB} ${SPAWN_LIB} ${SYSCLOCK_LIB} -s6-tlsd: src/conn-tools/s6-tlsd.o ${LIBCRYPTOSUPPORT} +s6-tlsd: EXTRA_LIBS := -lskarnet +s6-tlsd: src/conn-tools/s6-tlsd.o libs6tls.a.xyzzy +s6-tlsd-io: EXTRA_LIBS := -lskarnet ${CRYPTO_LIB} ${SOCKET_LIB} ${SYSCLOCK_LIB} +s6-tlsd-io: src/conn-tools/s6-tlsd-io.o ${LIBCRYPTOSUPPORT} s6-tlsserver: EXTRA_LIBS := -lskarnet s6-tlsserver: src/conn-tools/s6-tlsserver.o +s6-ucspitlsd: EXTRA_LIBS := -lskarnet ${SOCKET_LIB} +s6-ucspitlsd: src/conn-tools/s6-ucspitlsd.o libs6tls.a.xyzzy ifeq ($(strip $(STATIC_LIBS_ARE_PIC)),) libs6net.a.xyzzy: src/libs6net/s6net_ident_client.o src/libs6net/s6net_ident_reply_get.o src/libs6net/s6net_ident_reply_parse.o src/libs6net/s6net_ident_error.o else @@ -123,16 +141,16 @@ libs6net.so.xyzzy: src/libs6net/s6net_ident_client.lo src/libs6net/s6net_ident_r minidentd: EXTRA_LIBS := -lskarnet ${MAYBEPTHREAD_LIB} ${SOCKET_LIB} ${SYSCLOCK_LIB} minidentd: src/minidentd/minidentd.o src/minidentd/mgetuid.o ${LIBNSSS} ifeq ($(strip $(STATIC_LIBS_ARE_PIC)),) -libsbearssl.a.xyzzy: src/sbearssl/sbearssl_append.o src/sbearssl/sbearssl_prep_spawn_drop.o src/sbearssl/sbearssl_cert_from.o src/sbearssl/sbearssl_cert_readbigpem.o src/sbearssl/sbearssl_cert_readfile.o src/sbearssl/sbearssl_cert_to.o src/sbearssl/sbearssl_ec_issuer_keytype.o src/sbearssl/sbearssl_ec_pkey_from.o src/sbearssl/sbearssl_ec_pkey_to.o src/sbearssl/sbearssl_ec_skey_from.o src/sbearssl/sbearssl_ec_skey_to.o src/sbearssl/sbearssl_error_str.o src/sbearssl/sbearssl_isder.o src/sbearssl/sbearssl_pem_decode_from_buffer.o src/sbearssl/sbearssl_pem_decode_from_string.o src/sbearssl/sbearssl_pem_push.o src/sbearssl/sbearssl_pkey_from.o src/sbearssl/sbearssl_pkey_to.o src/sbearssl/sbearssl_rsa_pkey_from.o src/sbearssl/sbearssl_rsa_pkey_to.o src/sbearssl/sbearssl_rsa_skey_from.o src/sbearssl/sbearssl_rsa_skey_to.o src/sbearssl/sbearssl_run.o src/sbearssl/sbearssl_skey_from.o src/sbearssl/sbearssl_skey_readfile.o src/sbearssl/sbearssl_skey_to.o src/sbearssl/sbearssl_ta_cert.o src/sbearssl/sbearssl_ta_certs.o src/sbearssl/sbearssl_ta_from.o src/sbearssl/sbearssl_ta_readdir.o src/sbearssl/sbearssl_ta_readfile.o src/sbearssl/sbearssl_ta_to.o src/sbearssl/sbearssl_x500_name_len.o src/sbearssl/sbearssl_x500_from_ta.o src/sbearssl/sbearssl_x509_minimal_set_tai.o src/sbearssl/sbearssl_s6tlsc.o src/sbearssl/sbearssl_s6tlsd.o +libsbearssl.a.xyzzy: src/sbearssl/sbearssl_append.o src/sbearssl/sbearssl_cert_from.o src/sbearssl/sbearssl_cert_readbigpem.o src/sbearssl/sbearssl_cert_readfile.o src/sbearssl/sbearssl_cert_to.o src/sbearssl/sbearssl_ec_issuer_keytype.o src/sbearssl/sbearssl_ec_pkey_from.o src/sbearssl/sbearssl_ec_pkey_to.o src/sbearssl/sbearssl_ec_skey_from.o src/sbearssl/sbearssl_ec_skey_to.o src/sbearssl/sbearssl_error_str.o src/sbearssl/sbearssl_isder.o src/sbearssl/sbearssl_pem_decode_from_buffer.o src/sbearssl/sbearssl_pem_decode_from_string.o src/sbearssl/sbearssl_pem_push.o src/sbearssl/sbearssl_pkey_from.o src/sbearssl/sbearssl_pkey_to.o src/sbearssl/sbearssl_rsa_pkey_from.o src/sbearssl/sbearssl_rsa_pkey_to.o src/sbearssl/sbearssl_rsa_skey_from.o src/sbearssl/sbearssl_rsa_skey_to.o src/sbearssl/sbearssl_run.o src/sbearssl/sbearssl_skey_from.o src/sbearssl/sbearssl_skey_readfile.o src/sbearssl/sbearssl_skey_to.o src/sbearssl/sbearssl_ta_cert.o src/sbearssl/sbearssl_ta_certs.o src/sbearssl/sbearssl_ta_from.o src/sbearssl/sbearssl_ta_readdir.o src/sbearssl/sbearssl_ta_readfile.o src/sbearssl/sbearssl_ta_to.o src/sbearssl/sbearssl_x500_name_len.o src/sbearssl/sbearssl_x500_from_ta.o src/sbearssl/sbearssl_x509_minimal_set_tai.o src/sbearssl/sbearssl_client_init_and_run.o src/sbearssl/sbearssl_server_init_and_run.o else -libsbearssl.a.xyzzy: src/sbearssl/sbearssl_append.lo src/sbearssl/sbearssl_prep_spawn_drop.lo src/sbearssl/sbearssl_cert_from.lo src/sbearssl/sbearssl_cert_readbigpem.lo src/sbearssl/sbearssl_cert_readfile.lo src/sbearssl/sbearssl_cert_to.lo src/sbearssl/sbearssl_ec_issuer_keytype.lo src/sbearssl/sbearssl_ec_pkey_from.lo src/sbearssl/sbearssl_ec_pkey_to.lo src/sbearssl/sbearssl_ec_skey_from.lo src/sbearssl/sbearssl_ec_skey_to.lo src/sbearssl/sbearssl_error_str.lo src/sbearssl/sbearssl_isder.lo src/sbearssl/sbearssl_pem_decode_from_buffer.lo src/sbearssl/sbearssl_pem_decode_from_string.lo src/sbearssl/sbearssl_pem_push.lo src/sbearssl/sbearssl_pkey_from.lo src/sbearssl/sbearssl_pkey_to.lo src/sbearssl/sbearssl_rsa_pkey_from.lo src/sbearssl/sbearssl_rsa_pkey_to.lo src/sbearssl/sbearssl_rsa_skey_from.lo src/sbearssl/sbearssl_rsa_skey_to.lo src/sbearssl/sbearssl_run.lo src/sbearssl/sbearssl_skey_from.lo src/sbearssl/sbearssl_skey_readfile.lo src/sbearssl/sbearssl_skey_to.lo src/sbearssl/sbearssl_ta_cert.lo src/sbearssl/sbearssl_ta_certs.lo src/sbearssl/sbearssl_ta_from.lo src/sbearssl/sbearssl_ta_readdir.lo src/sbearssl/sbearssl_ta_readfile.lo src/sbearssl/sbearssl_ta_to.lo src/sbearssl/sbearssl_x500_name_len.lo src/sbearssl/sbearssl_x500_from_ta.lo src/sbearssl/sbearssl_x509_minimal_set_tai.lo src/sbearssl/sbearssl_s6tlsc.lo src/sbearssl/sbearssl_s6tlsd.lo +libsbearssl.a.xyzzy: src/sbearssl/sbearssl_append.lo src/sbearssl/sbearssl_cert_from.lo src/sbearssl/sbearssl_cert_readbigpem.lo src/sbearssl/sbearssl_cert_readfile.lo src/sbearssl/sbearssl_cert_to.lo src/sbearssl/sbearssl_ec_issuer_keytype.lo src/sbearssl/sbearssl_ec_pkey_from.lo src/sbearssl/sbearssl_ec_pkey_to.lo src/sbearssl/sbearssl_ec_skey_from.lo src/sbearssl/sbearssl_ec_skey_to.lo src/sbearssl/sbearssl_error_str.lo src/sbearssl/sbearssl_isder.lo src/sbearssl/sbearssl_pem_decode_from_buffer.lo src/sbearssl/sbearssl_pem_decode_from_string.lo src/sbearssl/sbearssl_pem_push.lo src/sbearssl/sbearssl_pkey_from.lo src/sbearssl/sbearssl_pkey_to.lo src/sbearssl/sbearssl_rsa_pkey_from.lo src/sbearssl/sbearssl_rsa_pkey_to.lo src/sbearssl/sbearssl_rsa_skey_from.lo src/sbearssl/sbearssl_rsa_skey_to.lo src/sbearssl/sbearssl_run.lo src/sbearssl/sbearssl_skey_from.lo src/sbearssl/sbearssl_skey_readfile.lo src/sbearssl/sbearssl_skey_to.lo src/sbearssl/sbearssl_ta_cert.lo src/sbearssl/sbearssl_ta_certs.lo src/sbearssl/sbearssl_ta_from.lo src/sbearssl/sbearssl_ta_readdir.lo src/sbearssl/sbearssl_ta_readfile.lo src/sbearssl/sbearssl_ta_to.lo src/sbearssl/sbearssl_x500_name_len.lo src/sbearssl/sbearssl_x500_from_ta.lo src/sbearssl/sbearssl_x509_minimal_set_tai.lo src/sbearssl/sbearssl_client_init_and_run.lo src/sbearssl/sbearssl_server_init_and_run.lo endif libsbearssl.so.xyzzy: EXTRA_LIBS := -lbearssl -lskarnet -libsbearssl.so.xyzzy: src/sbearssl/sbearssl_append.lo src/sbearssl/sbearssl_prep_spawn_drop.lo src/sbearssl/sbearssl_cert_from.lo src/sbearssl/sbearssl_cert_readbigpem.lo src/sbearssl/sbearssl_cert_readfile.lo src/sbearssl/sbearssl_cert_to.lo src/sbearssl/sbearssl_ec_issuer_keytype.lo src/sbearssl/sbearssl_ec_pkey_from.lo src/sbearssl/sbearssl_ec_pkey_to.lo src/sbearssl/sbearssl_ec_skey_from.lo src/sbearssl/sbearssl_ec_skey_to.lo src/sbearssl/sbearssl_error_str.lo src/sbearssl/sbearssl_isder.lo src/sbearssl/sbearssl_pem_decode_from_buffer.lo src/sbearssl/sbearssl_pem_decode_from_string.lo src/sbearssl/sbearssl_pem_push.lo src/sbearssl/sbearssl_pkey_from.lo src/sbearssl/sbearssl_pkey_to.lo src/sbearssl/sbearssl_rsa_pkey_from.lo src/sbearssl/sbearssl_rsa_pkey_to.lo src/sbearssl/sbearssl_rsa_skey_from.lo src/sbearssl/sbearssl_rsa_skey_to.lo src/sbearssl/sbearssl_run.lo src/sbearssl/sbearssl_skey_from.lo src/sbearssl/sbearssl_skey_readfile.lo src/sbearssl/sbearssl_skey_to.lo src/sbearssl/sbearssl_ta_cert.lo src/sbearssl/sbearssl_ta_certs.lo src/sbearssl/sbearssl_ta_from.lo src/sbearssl/sbearssl_ta_readdir.lo src/sbearssl/sbearssl_ta_readfile.lo src/sbearssl/sbearssl_ta_to.lo src/sbearssl/sbearssl_x500_name_len.lo src/sbearssl/sbearssl_x500_from_ta.lo src/sbearssl/sbearssl_x509_minimal_set_tai.lo src/sbearssl/sbearssl_s6tlsc.lo src/sbearssl/sbearssl_s6tlsd.lo +libsbearssl.so.xyzzy: src/sbearssl/sbearssl_append.lo src/sbearssl/sbearssl_cert_from.lo src/sbearssl/sbearssl_cert_readbigpem.lo src/sbearssl/sbearssl_cert_readfile.lo src/sbearssl/sbearssl_cert_to.lo src/sbearssl/sbearssl_ec_issuer_keytype.lo src/sbearssl/sbearssl_ec_pkey_from.lo src/sbearssl/sbearssl_ec_pkey_to.lo src/sbearssl/sbearssl_ec_skey_from.lo src/sbearssl/sbearssl_ec_skey_to.lo src/sbearssl/sbearssl_error_str.lo src/sbearssl/sbearssl_isder.lo src/sbearssl/sbearssl_pem_decode_from_buffer.lo src/sbearssl/sbearssl_pem_decode_from_string.lo src/sbearssl/sbearssl_pem_push.lo src/sbearssl/sbearssl_pkey_from.lo src/sbearssl/sbearssl_pkey_to.lo src/sbearssl/sbearssl_rsa_pkey_from.lo src/sbearssl/sbearssl_rsa_pkey_to.lo src/sbearssl/sbearssl_rsa_skey_from.lo src/sbearssl/sbearssl_rsa_skey_to.lo src/sbearssl/sbearssl_run.lo src/sbearssl/sbearssl_skey_from.lo src/sbearssl/sbearssl_skey_readfile.lo src/sbearssl/sbearssl_skey_to.lo src/sbearssl/sbearssl_ta_cert.lo src/sbearssl/sbearssl_ta_certs.lo src/sbearssl/sbearssl_ta_from.lo src/sbearssl/sbearssl_ta_readdir.lo src/sbearssl/sbearssl_ta_readfile.lo src/sbearssl/sbearssl_ta_to.lo src/sbearssl/sbearssl_x500_name_len.lo src/sbearssl/sbearssl_x500_from_ta.lo src/sbearssl/sbearssl_x509_minimal_set_tai.lo src/sbearssl/sbearssl_client_init_and_run.lo src/sbearssl/sbearssl_server_init_and_run.lo ifeq ($(strip $(STATIC_LIBS_ARE_PIC)),) -libstls.a.xyzzy: src/stls/stls_prep_spawn_drop.o src/stls/stls_run.o src/stls/stls_s6tlsc.o src/stls/stls_s6tlsd.o +libstls.a.xyzzy: src/stls/stls_run.o src/stls/stls_client_init_and_handshake.o src/stls/stls_server_init_and_handshake.o else -libstls.a.xyzzy: src/stls/stls_prep_spawn_drop.lo src/stls/stls_run.lo src/stls/stls_s6tlsc.lo src/stls/stls_s6tlsd.lo +libstls.a.xyzzy: src/stls/stls_run.lo src/stls/stls_client_init_and_handshake.lo src/stls/stls_server_init_and_handshake.lo endif -libstls.so.xyzzy: EXTRA_LIBS := -ltls -lskarnet -libstls.so.xyzzy: src/stls/stls_prep_spawn_drop.lo src/stls/stls_run.lo src/stls/stls_s6tlsc.lo src/stls/stls_s6tlsd.lo +libstls.so.xyzzy: EXTRA_LIBS := ${CRYPTO_LIB} -lskarnet +libstls.so.xyzzy: src/stls/stls_run.lo src/stls/stls_client_init_and_handshake.lo src/stls/stls_server_init_and_handshake.lo diff --git a/package/modes b/package/modes index b672097..d2ff2d3 100644 --- a/package/modes +++ b/package/modes @@ -17,5 +17,8 @@ s6-taiclockd 0755 minidentd 0755 s6-tlsclient 0755 s6-tlsc 0755 +s6-tlsc-io 0755 s6-tlsserver 0755 s6-tlsd 0755 +s6-tlsd-io 0755 +s6-ucspitlsd 0755 diff --git a/package/targets.mak b/package/targets.mak index a15d3bc..47d4636 100644 --- a/package/targets.mak +++ b/package/targets.mak @@ -32,7 +32,8 @@ src/minidentd/mgetuid.c: src/minidentd/mgetuid-linux.c src/minidentd/mgetuid-def ifneq ($(SSL_IMPL),) -BIN_TARGETS += s6-tlsclient s6-tlsc s6-tlsserver s6-tlsd +BIN_TARGETS += s6-tlsclient s6-tlsc s6-tlsc-io s6-tlsserver s6-tlsd s6-tlsd-io s6-ucspitlsd +INTERNAL_LIBS += libs6tls.a.xyzzy ifeq ($(SSL_IMPL),tls) |