diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-22 15:46:34 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-22 15:46:34 +0000 |
| commit | 4fb917263ac30373cb3e5dfe3e207369eb238def (patch) | |
| tree | 992265c03c46e9fe38084336e9a87733b9e8748c /src/tls/s6-tlsc-io.c | |
| parent | 47cbbb1619ace4013856843ef8f7d68279c74faa (diff) | |
| download | s6-networking-4fb917263ac30373cb3e5dfe3e207369eb238def.tar.xz | |
Add SSL_PROTOCOL and SSL_CIPHER support, fix some bugs
Diffstat (limited to 'src/tls/s6-tlsc-io.c')
| -rw-r--r-- | src/tls/s6-tlsc-io.c | 33 |
1 files changed, 12 insertions, 21 deletions
diff --git a/src/tls/s6-tlsc-io.c b/src/tls/s6-tlsc-io.c index 79dd25d..48965cc 100644 --- a/src/tls/s6-tlsc-io.c +++ b/src/tls/s6-tlsc-io.c @@ -1,22 +1,20 @@ /* ISC license. */ #include <stdint.h> -#include <unistd.h> #include <signal.h> #include <skalibs/gccattributes.h> #include <skalibs/types.h> #include <skalibs/sgetopt.h> #include <skalibs/strerr2.h> -#include <skalibs/allreadwrite.h> #include <skalibs/tai.h> -#include <skalibs/env.h> #include <skalibs/sig.h> #include <skalibs/djbunix.h> #include <s6-networking/config.h> -#define HANDSHAKE_BANNER "SSL_PROTOCOL=TLSv1\0" +#define USAGE "s6-tlsc-io [ -v verbosity ] [ -d notif ] [ -S | -s ] [ -Y | -y ] [ -K timeout ] [ -k servername ] fdr fdw" +#define dieusage() strerr_dieusage(100, USAGE) static inline void doit (int *, tain_t const *tto, uint32_t, uint32_t, unsigned int, char const *, unsigned int) gccattr_noreturn ; @@ -29,7 +27,7 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 struct tls *ctx = stls_client_init_and_handshake(fds + 2, preoptions, servername) ; if (notif) { - if (allwrite(notif, HANDSHAKE_BANNER, sizeof(HANDSHAKE_BANNER)) < sizeof(HANDSHAKE_BANNER)) + if (!stls_send_environment(ctx, notif)) strerr_diefu1sys(111, "write post-handshake data") ; fd_close(notif) ; } @@ -39,22 +37,19 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 #else #ifdef S6_NETWORKING_USE_BEARSSL +#include <bearssl.h> + #include <skalibs/random.h> #include <s6-networking/sbearssl.h> -static int handshake_cb_nop (br_ssl_engine_context *ctx, sbearssl_handshake_cb_context_t *cbarg) -{ - (void)ctx ; - (void)cbarg ; - return 1 ; -} - -static int handshake_cb_sendvars (br_ssl_engine_context *ctx, sbearssl_handshake_cb_context_t *cbarg) +static int handshake_cb (br_ssl_engine_context *ctx, sbearssl_handshake_cb_context_t *cbarg) { - if (allwrite(cbarg->notif, HANDSHAKE_BANNER, sizeof(HANDSHAKE_BANNER)) < sizeof(HANDSHAKE_BANNER)) - return 0 ; - fd_close(cbarg->notif) ; + if (cbarg->notif) + { + if (!sbearssl_send_environment(ctx, cbarg->notif)) return 0 ; + fd_close(cbarg->notif) ; + } return 1 ; } @@ -63,7 +58,7 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 if (ndelay_on(fds[0]) < 0 || ndelay_on(fds[1]) < 0) strerr_diefu1sys(111, "set local fds non-blocking") ; if (!random_init()) strerr_diefu1sys(111, "initialize random device") ; - sbearssl_client_init_and_run(fds, tto, preoptions, options, verbosity, servername, notif ? &handshake_cb_sendvars : &handshake_cb_nop, notif) ; + sbearssl_client_init_and_run(fds, tto, preoptions, options, verbosity, servername, &handshake_cb, notif) ; } #else @@ -73,10 +68,6 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 #endif #endif - -#define USAGE "s6-tlsc-io [ -v verbosity ] [ -d notif ] [ -S | -s ] [ -Y | -y ] [ -K timeout ] [ -k servername ] fdr fdw" -#define dieusage() strerr_dieusage(100, USAGE) - int main (int argc, char const *const *argv, char const *const *envp) { char const *servername = 0 ; |