diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-22 15:46:34 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-22 15:46:34 +0000 |
| commit | 4fb917263ac30373cb3e5dfe3e207369eb238def (patch) | |
| tree | 992265c03c46e9fe38084336e9a87733b9e8748c /src/tls/s6-tlsd-io.c | |
| parent | 47cbbb1619ace4013856843ef8f7d68279c74faa (diff) | |
| download | s6-networking-4fb917263ac30373cb3e5dfe3e207369eb238def.tar.xz | |
Add SSL_PROTOCOL and SSL_CIPHER support, fix some bugs
Diffstat (limited to 'src/tls/s6-tlsd-io.c')
| -rw-r--r-- | src/tls/s6-tlsd-io.c | 33 |
1 files changed, 11 insertions, 22 deletions
diff --git a/src/tls/s6-tlsd-io.c b/src/tls/s6-tlsd-io.c index 0b42b3b..14003a2 100644 --- a/src/tls/s6-tlsd-io.c +++ b/src/tls/s6-tlsd-io.c @@ -1,22 +1,20 @@ /* ISC license. */ #include <stdint.h> -#include <unistd.h> #include <signal.h> #include <skalibs/gccattributes.h> #include <skalibs/types.h> #include <skalibs/sgetopt.h> #include <skalibs/strerr2.h> -#include <skalibs/allreadwrite.h> -#include <skalibs/sig.h> #include <skalibs/tai.h> -#include <skalibs/env.h> +#include <skalibs/sig.h> #include <skalibs/djbunix.h> #include <s6-networking/config.h> -#define HANDSHAKE_BANNER "SSL_PROTOCOL=TLSv1\0" +#define USAGE "s6-tlsd-io [ -v verbosity ] [ -d notif ] [ -S | -s ] [ -Y | -y ] [ -K timeout ] fdr fdw" +#define dieusage() strerr_dieusage(100, USAGE) static inline void doit (int *, tain_t const *tto, uint32_t, uint32_t, unsigned int, unsigned int) gccattr_noreturn ; @@ -29,7 +27,7 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 struct tls *ctx = stls_server_init_and_handshake(fds + 2, preoptions) ; if (notif) { - if (allwrite(notif, HANDSHAKE_BANNER, sizeof(HANDSHAKE_BANNER)) < sizeof(HANDSHAKE_BANNER)) + if (!stls_send_environment(ctx, notif)) strerr_diefu1sys(111, "write post-handshake data") ; fd_close(notif) ; } @@ -43,18 +41,13 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 #include <s6-networking/sbearssl.h> -static int handshake_cb_nop (br_ssl_engine_context *ctx, sbearssl_handshake_cb_context_t *cbarg) -{ - (void)ctx ; - (void)cbarg ; - return 1 ; -} - -static int handshake_cb_sendvars (br_ssl_engine_context *ctx, sbearssl_handshake_cb_context_t *cbarg) +static int handshake_cb (br_ssl_engine_context *ctx, sbearssl_handshake_cb_context_t *cbarg) { - if (allwrite(cbarg->notif, HANDSHAKE_BANNER, sizeof(HANDSHAKE_BANNER)) < sizeof(HANDSHAKE_BANNER)) - return 0 ; - fd_close(cbarg->notif) ; + if (cbarg->notif) + { + if (!sbearssl_send_environment(ctx, cbarg->notif)) return 0 ; + fd_close(cbarg->notif) ; + } return 1 ; } @@ -63,7 +56,7 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 if (ndelay_on(fds[0]) < 0 || ndelay_on(fds[1]) < 0) strerr_diefu1sys(111, "set local fds non-blocking") ; if (!random_init()) strerr_diefu1sys(111, "initialize random device") ; - sbearssl_server_init_and_run(fds, tto, preoptions, options, verbosity, notif ? &handshake_cb_sendvars : &handshake_cb_nop, notif) ; + sbearssl_server_init_and_run(fds, tto, preoptions, options, verbosity, &handshake_cb, notif) ; } #else @@ -73,10 +66,6 @@ static inline void doit (int *fds, tain_t const *tto, uint32_t preoptions, uint3 #endif #endif - -#define USAGE "s6-tlsd-io [ -v verbosity ] [ -d notif ] [ -S | -s ] [ -Y | -y ] [ -K timeout ] fdr fdw" -#define dieusage() strerr_dieusage(100, USAGE) - int main (int argc, char const *const *argv, char const *const *envp) { tain_t tto ; |