diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2020-12-07 12:53:54 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2020-12-07 12:53:54 +0000 |
| commit | f7e676abdc799fcee5138807447b5e91ab05508f (patch) | |
| tree | 8ae74c9bf26c3ffde8acd9330787ab2b80902bb0 /src/include | |
| parent | 0de4e6e0703f47be954f4cfa37648dd58665c819 (diff) | |
| download | s6-networking-f7e676abdc799fcee5138807447b5e91ab05508f.tar.xz | |
Change -K semantics: timeout *during handshake*, not afterwards
- the TLS tunnel itself should be transparent so it has no business
shutting down the connection no matter how long the app takes
- there's still an undetectable situation on some kernels where
EOF doesn't get transmitted from the network, and the engine is in
the handshake, and it can't do anything but wait forever. A timeout
is useful here: dawg, your peer is never going to send any more data,
you should just give up.
- if the situation happens after the handshake, the *app* should
have a timeout and die. The tunnel will follow suit.
- libtls has a blocking tls_handshake() blackbox, we cannot give it
a timeout. Too bad, use bearssl.
Diffstat (limited to 'src/include')
| -rw-r--r-- | src/include/s6-networking/stls.h | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/src/include/s6-networking/stls.h b/src/include/s6-networking/stls.h index e4ef28a..65bb950 100644 --- a/src/include/s6-networking/stls.h +++ b/src/include/s6-networking/stls.h @@ -8,7 +8,6 @@ #include <tls.h> #include <skalibs/gccattributes.h> -#include <skalibs/tai.h> #define STLS_BUFSIZE (16384 + 325 + 1) @@ -16,7 +15,7 @@ /* Engine */ extern int stls_send_environment (struct tls *, int) ; -extern void stls_run (struct tls *, int *, tain_t const *, uint32_t, unsigned int) gccattr_noreturn ; +extern void stls_run (struct tls *, int *, uint32_t, unsigned int) gccattr_noreturn ; /* s6-tlsc-io and s6-tlsd-io */ |