diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2016-12-01 02:24:09 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2016-12-01 02:24:09 +0000 |
| commit | 880f2a22304b393b43397c3ec8de83052a2584ce (patch) | |
| tree | 23eca19438ee116cca0af840f709c4fd63bcd95b /src/stls/stls_s6tlsc.c | |
| parent | cc08be523a2a647a999dcf82dcce9dee62b4162c (diff) | |
| download | s6-networking-880f2a22304b393b43397c3ec8de83052a2584ce.tar.xz | |
Fix several bugs in stls, make the engine work
Diffstat (limited to 'src/stls/stls_s6tlsc.c')
| -rw-r--r-- | src/stls/stls_s6tlsc.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/stls/stls_s6tlsc.c b/src/stls/stls_s6tlsc.c index 1313cfe..70e8f20 100644 --- a/src/stls/stls_s6tlsc.c +++ b/src/stls/stls_s6tlsc.c @@ -14,6 +14,15 @@ #define diecfg(cfg, s) strerr_diefu3x(96, (s), ": ", tls_config_error(cfg)) #define diectx(e, ctx, s) strerr_diefu3x(e, (s), ": ", tls_error(ctx)) +#ifdef DEBUG +# include <skalibs/buffer.h> +# include <skalibs/strerr2.h> +# include <skalibs/lolstdio.h> +# define PLM(...) (bprintf(buffer_2, "%s: debug: ", PROG), bprintf(buffer_2, __VA_ARGS__), buffer_putflush(buffer_2, "\n", 1)) +#else +# define PLM(...) +#endif + int stls_s6tlsc (char const *const *argv, char const *const *envp, tain_t const *tto, uint32_t preoptions, uint32_t options, uid_t uid, gid_t gid, unsigned int verbosity, char const *servername, int *sfd) { int fds[4] = { sfd[0], sfd[1], sfd[0], sfd[1] } ; @@ -68,11 +77,11 @@ int stls_s6tlsc (char const *const *argv, char const *const *envp, tain_t const tls_config_verify(cfg) ; tls_config_set_protocols(cfg, TLS_PROTOCOLS_DEFAULT) ; tls_config_prefer_ciphers_server(cfg) ; + if (!servername) tls_config_insecure_noverifyname(cfg) ; ctx = tls_client() ; if (!ctx) strerr_diefu1sys(111, "tls_client") ; if (tls_configure(ctx, cfg) < 0) diectx(97, ctx, "tls_configure") ; - tls_config_free(cfg) ; pid = s6net_clean_tls_and_spawn(argv, envp, fds, !!(preoptions & 2)) ; if (!pid) strerr_diefu2sys(111, "spawn ", argv[0]) ; @@ -81,12 +90,14 @@ int stls_s6tlsc (char const *const *argv, char const *const *envp, tain_t const if (tls_connect_fds(ctx, fds[2], fds[3], servername) < 0) diectx(97, ctx, "tls_connect_fds") ; + tls_config_free(cfg) ; + if (tls_handshake(ctx) < 0) diectx(97, ctx, "perform SSL handshake") ; { int wstat ; int r = stls_run(ctx, fds, verbosity, options, tto) ; if (r < 0) strerr_diefu1sys(111, "run SSL engine") ; - else if (r) diectx(98, ctx, "establish or maintain SSL connection to peer") ; + else if (r) diectx(98, ctx, "maintain SSL connection to peer") ; tls_free(ctx) ; if (wait_pid(pid, &wstat) < 0) strerr_diefu1sys(111, "wait_pid") ; return wait_estatus(wstat) ; |