diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2016-11-25 18:16:05 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2016-11-25 18:16:05 +0000 |
| commit | 018025f0f36a4847df265c9948dbaf7073ed3245 (patch) | |
| tree | 984c9a4bba06ef8abc02d0fbe81a70ec28c6f529 /src/conn-tools/s6-tlsd.c | |
| parent | 6421a5e923b0f695047b429e4176bca2873c5189 (diff) | |
| download | s6-networking-018025f0f36a4847df265c9948dbaf7073ed3245.tar.xz | |
Alpha version of the SSL work.
Doesn't build yet, but I'm scared of losing it, so using git as
storage.
Will fix the stupid bugs now, the tricky bugs later.
Diffstat (limited to 'src/conn-tools/s6-tlsd.c')
| -rw-r--r-- | src/conn-tools/s6-tlsd.c | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/src/conn-tools/s6-tlsd.c b/src/conn-tools/s6-tlsd.c new file mode 100644 index 0000000..73758a2 --- /dev/null +++ b/src/conn-tools/s6-tlsd.c @@ -0,0 +1,86 @@ +/* ISC license. */ + +#include <sys/types.h> +#include <skalibs/uint64.h> +#include <skalibs/uint.h> +#include <skalibs/gidstuff.h> +#include <skalibs/sgetopt.h> +#include <skalibs/strerr2.h> +#include <skalibs/tai.h> +#include <skalibs/env.h> +#include <skalibs/djbunix.h> +#include <s6-networking/config.h> + +#ifdef S6_NETWORKING_USE_TLS + +#include <s6-networking/stls.h> +#define s6tlsd stls_s6tlsd + +#else +#ifdef S6_NETWORKING_USE_BEARSSL + +#include <s6-networking/sbearssl.h> +#define s6tlsd sbearssl_s6tlsd + +#else + +#error No SSL backend configured. + +#endif +#endif + + +#define USAGE "s6-tlsd [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K timeout ] prog..." +#define dieusage() strerr_dieusage(100, USAGE) + +int main (int argc, char const *const *argv, char const *const *envp) +{ + tain_t tto ; + unsigned int verbosity = 1 ; + uid_t uid = 0 ; + gid_t gid = 0 ; + uint32_t preoptions = 0 ; + uint32_t options = 1 ; + + PROG = "s6-tlsd" ; + { + subgetopt_t l = SUBGETOPT_ZERO ; + unsigned int t = 0 ; + for (;;) + { + register int opt = subgetopt_r(argc, argv, "SsYyv:K:", &l) ; + if (opt == -1) break ; + switch (opt) + { + case 'S' : options &= ~(uint32_t)1 ; break ; + case 's' : options |= 1 ; break ; + case 'Y' : preoptions &= ~(uint32_t)1 ; break ; + case 'y' : preoptions |= 1 ; break ; + case 'v' : if (!uint0_scan(l.arg, &verbosity)) dieusage() ; break ; + case 'K' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ; + default : dieusage() ; + } + } + argc -= l.ind ; argv += l.ind ; + if (t) tain_from_millisecs(&tto, t) ; else tto = tain_infinite_relative ; + } + if (!argc) dieusage() ; + + if (!getuid()) + { + x = env_get2(envp, "TLS_UID") ; + if (x) + { + uint64 u ; + if (!uint640_scan(x, &u)) strerr_dieinvalid(100, "TLS_UID") ; + uid = (uid_t)u ; + } + x = env_get2(envp, "TLS_GID") ; + if (x) + { + if (!gid0_scan(x, &gid)) strerr_dieinvalid(100, "TLS_GID") ; + } + } + + return s6tlsd(argv, envp, &tto, preoptions, options, uid, gid, verbosity) ; +} |