diff options
author | Laurent Bercot <ska-skaware@skarnet.org> | 2016-11-26 10:04:40 +0000 |
---|---|---|
committer | Laurent Bercot <ska-skaware@skarnet.org> | 2016-11-26 10:04:40 +0000 |
commit | 08e88c5efc65a6f49da40aa002bc5f4b0ebee49d (patch) | |
tree | 21a3feb40eb54e5f5152cc8605f4c5e07e85052b /src/conn-tools | |
parent | 9e6464c5f9d82158d81c027207594b5e12a94ca5 (diff) | |
download | s6-networking-08e88c5efc65a6f49da40aa002bc5f4b0ebee49d.tar.xz |
Add -z option to s6-tlsc/s6-tlsd to clean TLS env vars before spawning (default)
Diffstat (limited to 'src/conn-tools')
-rw-r--r-- | src/conn-tools/deps-exe/s6-tlsc | 1 | ||||
-rw-r--r-- | src/conn-tools/deps-exe/s6-tlsd | 1 | ||||
-rw-r--r-- | src/conn-tools/s6-tlsc.c | 8 | ||||
-rw-r--r-- | src/conn-tools/s6-tlsclient.c | 11 | ||||
-rw-r--r-- | src/conn-tools/s6-tlsd.c | 8 | ||||
-rw-r--r-- | src/conn-tools/s6-tlsserver.c | 11 |
6 files changed, 28 insertions, 12 deletions
diff --git a/src/conn-tools/deps-exe/s6-tlsc b/src/conn-tools/deps-exe/s6-tlsc index d00d2b8..5ae8124 100644 --- a/src/conn-tools/deps-exe/s6-tlsc +++ b/src/conn-tools/deps-exe/s6-tlsc @@ -1,4 +1,5 @@ ${LIBCRYPTOSUPPORT} +${LIBS6NET} -lskarnet ${CRYPTO_LIB} ${SOCKET_LIB} diff --git a/src/conn-tools/deps-exe/s6-tlsd b/src/conn-tools/deps-exe/s6-tlsd index d00d2b8..5ae8124 100644 --- a/src/conn-tools/deps-exe/s6-tlsd +++ b/src/conn-tools/deps-exe/s6-tlsd @@ -1,4 +1,5 @@ ${LIBCRYPTOSUPPORT} +${LIBS6NET} -lskarnet ${CRYPTO_LIB} ${SOCKET_LIB} diff --git a/src/conn-tools/s6-tlsc.c b/src/conn-tools/s6-tlsc.c index 4476690..0c26ab0 100644 --- a/src/conn-tools/s6-tlsc.c +++ b/src/conn-tools/s6-tlsc.c @@ -31,7 +31,7 @@ #endif -#define USAGE "s6-tlsc [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K timeout ] [ -k servername ] [ -6 rfd ] [ -7 wfd ] prog..." +#define USAGE "s6-tlsc [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K timeout ] [ -k servername ] [ -Z | -z ] [ -6 rfd ] [ -7 wfd ] prog..." #define dieusage() strerr_dieusage(100, USAGE) int main (int argc, char const *const *argv, char const *const *envp) @@ -41,7 +41,7 @@ int main (int argc, char const *const *argv, char const *const *envp) unsigned int verbosity = 1 ; uid_t uid = 0 ; gid_t gid = 0 ; - uint32_t preoptions = 0 ; + uint32_t preoptions = 2 ; uint32_t options = 1 ; int fds[2] = { 6, 7 } ; @@ -51,7 +51,7 @@ int main (int argc, char const *const *argv, char const *const *envp) unsigned int t = 0 ; for (;;) { - register int opt = subgetopt_r(argc, argv, "SsYyv:K:k:6:7:", &l) ; + register int opt = subgetopt_r(argc, argv, "SsYyv:K:k:Zz6:7:", &l) ; if (opt == -1) break ; switch (opt) { @@ -62,6 +62,8 @@ int main (int argc, char const *const *argv, char const *const *envp) case 'v' : if (!uint0_scan(l.arg, &verbosity)) dieusage() ; break ; case 'K' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ; case 'k' : servername = l.arg ; break ; + case 'Z' : preoptions &= ~(uint32_t)2 ; break ; + case 'z' : preoptions |= 2 ; break ; case '6' : { unsigned int fd ; diff --git a/src/conn-tools/s6-tlsclient.c b/src/conn-tools/s6-tlsclient.c index a1cd75d..1aa66fb 100644 --- a/src/conn-tools/s6-tlsclient.c +++ b/src/conn-tools/s6-tlsclient.c @@ -11,7 +11,7 @@ #define USAGE "s6-tlsclient [ options ] host port prog...\n" \ "s6-tcpclient options: [ -q | -Q | -v ] [ -4 | -6 ] [ -d | -D ] [ -r | -R ] [ -h | -H ] [ -n | -N ] [ -t timeout ] [ -l localname ] [ -T timeoutconn ] [ -i localip ] [ -p localport ]\n" \ -"s6-tlsc options: [ -S | -s ] [ -Y | -y ] [ -K timeout ] [ -k servername ]" +"s6-tlsc options: [ -S | -s ] [ -Y | -y ] [ -K timeout ] [ -k servername ] [ -Z | -z ]" #define dieusage() strerr_dieusage(100, USAGE) @@ -35,6 +35,7 @@ struct options_s unsigned int flagN : 1 ; unsigned int flagS : 1 ; unsigned int flagy : 1 ; + unsigned int flagZ : 1 ; unsigned int doxy : 1 ; } ; @@ -57,6 +58,7 @@ struct options_s .flagN = 0, \ .flagS = 0, \ .flagy = 0, \ + .flagZ = 0, \ .doxy = 0 \ } @@ -68,7 +70,7 @@ int main (int argc, char const *const *argv, char const *const *envp) subgetopt_t l = SUBGETOPT_ZERO ; for (;;) { - register int opt = subgetopt_r(argc, argv, "qQv46DdHhRrnNt:l:T:i:p:SsYyK:k:", &l) ; + register int opt = subgetopt_r(argc, argv, "qQv46DdHhRrnNt:l:T:i:p:SsYyK:k:Zz", &l) ; if (opt == -1) break ; switch (opt) { @@ -109,6 +111,8 @@ int main (int argc, char const *const *argv, char const *const *envp) case 'y' : o.flagy = 1 ; break ; case 'K' : if (!uint0_scan(l.arg, &o.kimeout)) dieusage() ; break ; case 'k' : o.servername = l.arg ; break ; + case 'Z' : o.flagZ = 1 ; break ; + case 'z' : o.flagZ = 0 ; break ; default : dieusage() ; } } @@ -127,7 +131,7 @@ int main (int argc, char const *const *argv, char const *const *envp) unsigned int m = 0 ; unsigned int pos = 0 ; char fmt[UINT_FMT * 4 + UINT16_FMT + IP46_FMT] ; - char const *newargv[28 + argc] ; + char const *newargv[29 + argc] ; newargv[m++] = S6_NETWORKING_BINPREFIX "s6-tcpclient" ; if (o.verbosity != 1) newargv[m++] = o.verbosity ? "-v" : "-q" ; if (o.flag4) newargv[m++] = "-4" ; @@ -187,6 +191,7 @@ int main (int argc, char const *const *argv, char const *const *envp) newargv[m++] = "-k" ; newargv[m++] = o.servername ; } + if (o.flagZ) newargv[m++] = "-Z" ; newargv[m++] = "--" ; while (*argv) newargv[m++] = *argv++ ; newargv[m++] = 0 ; diff --git a/src/conn-tools/s6-tlsd.c b/src/conn-tools/s6-tlsd.c index 6a6d4ef..a4a1d4c 100644 --- a/src/conn-tools/s6-tlsd.c +++ b/src/conn-tools/s6-tlsd.c @@ -30,7 +30,7 @@ #endif -#define USAGE "s6-tlsd [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K timeout ] prog..." +#define USAGE "s6-tlsd [ -S | -s ] [ -Y | -y ] [ -v verbosity ] [ -K timeout ] [ -Z | -z ] prog..." #define dieusage() strerr_dieusage(100, USAGE) int main (int argc, char const *const *argv, char const *const *envp) @@ -39,7 +39,7 @@ int main (int argc, char const *const *argv, char const *const *envp) unsigned int verbosity = 1 ; uid_t uid = 0 ; gid_t gid = 0 ; - uint32_t preoptions = 0 ; + uint32_t preoptions = 2 ; uint32_t options = 1 ; PROG = "s6-tlsd" ; @@ -48,7 +48,7 @@ int main (int argc, char const *const *argv, char const *const *envp) unsigned int t = 0 ; for (;;) { - register int opt = subgetopt_r(argc, argv, "SsYyv:K:", &l) ; + register int opt = subgetopt_r(argc, argv, "SsYyv:K:Zz", &l) ; if (opt == -1) break ; switch (opt) { @@ -58,6 +58,8 @@ int main (int argc, char const *const *argv, char const *const *envp) case 'y' : preoptions |= 1 ; break ; case 'v' : if (!uint0_scan(l.arg, &verbosity)) dieusage() ; break ; case 'K' : if (!uint0_scan(l.arg, &t)) dieusage() ; break ; + case 'Z' : preoptions &= ~(uint32_t)2 ; break ; + case 'z' : preoptions |= 2 ; break ; default : dieusage() ; } } diff --git a/src/conn-tools/s6-tlsserver.c b/src/conn-tools/s6-tlsserver.c index ef5abe4..d7604a9 100644 --- a/src/conn-tools/s6-tlsserver.c +++ b/src/conn-tools/s6-tlsserver.c @@ -14,7 +14,7 @@ #define USAGE "s6-tlsserver [ options ] ip port prog...\n" \ "s6-tcpserver options: [ -q | -Q | -v ] [ -4 | -6 ] [ -1 ] [ -c maxconn ] [ -C localmaxconn ] [ -b backlog ] [ -G gidlist ] [ -g gid ] [ -u uid ] [ -U ]\n" \ "s6-tcpserver-access options: [ -W | -w ] [ -D | -d ] [ -H | -h ] [ -R | -r ] [ -P | -p ] [ -l localname ] [ -B banner ] [ -t timeout ] [ -i rulesdir | -x rulesfile ]\n" \ -"s6-tlsd options: [ -S | -s ] [ -Y | -y ] [ -K timeout ]" +"s6-tlsd options: [ -S | -s ] [ -Y | -y ] [ -K timeout ] [ -Z | -z ]" #define dieusage() strerr_dieusage(100, USAGE) @@ -45,6 +45,7 @@ struct options_s unsigned int ruleswhat : 2 ; unsigned int flagS : 1 ; unsigned int flagy : 1 ; + unsigned int flagZ : 1 ; unsigned int doaccess : 1 ; unsigned int doapply : 1 ; } ; @@ -74,6 +75,7 @@ struct options_s .ruleswhat = 0, \ .flagS = 0, \ .flagy = 0, \ + .flagZ = 0, \ .doaccess = 0, \ .doapply = 0 \ } @@ -86,7 +88,7 @@ int main (int argc, char const *const *argv, char const *const *envp) subgetopt_t l = SUBGETOPT_ZERO ; for (;;) { - register int opt = subgetopt_r(argc, argv, "qQv461c:C:b:G:g:u:UWwDdHhRrPpl:B:t:i:x:SsYyK:", &l) ; + register int opt = subgetopt_r(argc, argv, "qQv461c:C:b:G:g:u:UWwDdHhRrPpl:B:t:i:x:SsYyK:Zz", &l) ; if (opt == -1) break ; switch (opt) { @@ -123,6 +125,8 @@ int main (int argc, char const *const *argv, char const *const *envp) case 'Y' : o.flagy = 0 ; break ; case 'y' : o.flagy = 1 ; break ; case 'K' : if (!uint0_scan(l.arg, &o.kimeout)) dieusage() ; break ; + case 'Z' : o.flagZ = 1 ; break ; + case 'z' : o.flagZ = 0 ; break ; default : dieusage() ; } } @@ -134,7 +138,7 @@ int main (int argc, char const *const *argv, char const *const *envp) unsigned int m = 0 ; unsigned int pos = 0 ; char fmt[UINT_FMT * 5 + GID_FMT * (NGROUPS_MAX + 1) + UINT64_FMT] ; - char const *newargv[46 + argc] ; + char const *newargv[47 + argc] ; newargv[m++] = S6_NETWORKING_BINPREFIX "s6-tcpserver" ; if (o.verbosity != 1) newargv[m++] = o.verbosity ? "-v" : "-q" ; if (o.flag46) newargv[m++] = o.flag46 == 1 ? "-4" : "-6" ; @@ -215,6 +219,7 @@ int main (int argc, char const *const *argv, char const *const *envp) pos += uint_fmt(fmt + pos, o.kimeout) ; fmt[pos++] = 0 ; } + if (o.flagZ) newargv[m++] = "-Z" ; newargv[m++] = "--" ; if (o.doapply) { |