s6-tls*: small bugfixes. Add documentation.

4 files changed, 12 insertions, 14 deletions

diff --git a/src/conn-tools/s6-tlsserver.c b/src/conn-tools/s6-tlsserver.c
index bb7b060..e0c3387 100644
--- a/src/conn-tools/s6-tlsserver.c
+++ b/src/conn-tools/s6-tlsserver.c
@@ -138,7 +138,7 @@ int main (int argc, char const *const *argv, char const *const *envp)
     unsigned int m = 0 ;
     unsigned int pos = 0 ;
     char fmt[UINT_FMT * 5 + GID_FMT * (NGROUPS_MAX + 1) + UINT64_FMT] ;
-    char const *newargv[47 + argc] ;
+    char const *newargv[45 + argc] ;
     newargv[m++] = S6_NETWORKING_BINPREFIX "s6-tcpserver" ;
     if (o.verbosity != 1) newargv[m++] = o.verbosity ? "-v" : "-q" ;
     if (o.flag46) newargv[m++] = o.flag46 == 1 ? "-4" : "-6" ;
@@ -171,10 +171,7 @@ int main (int argc, char const *const *argv, char const *const *envp)
     {
       newargv[m++] = S6_NETWORKING_BINPREFIX "s6-tcpserver-access" ;
       if (o.verbosity != 1)
-      {
-        newargv[m++] = "-v" ;
-        newargv[m++] = o.verbosity ? "2" : "0" ;
-      }
+        newargv[m++] = o.verbosity ? "-v2" : "-v0" ;
       if (o.flagw) newargv[m++] = "-w" ;
       if (o.flagD) newargv[m++] = "-D" ;
       if (o.flagH) newargv[m++] = "-H" ;
@@ -206,10 +203,7 @@ int main (int argc, char const *const *argv, char const *const *envp)
     }
     newargv[m++] = S6_NETWORKING_BINPREFIX "s6-tlsd" ;
     if (o.verbosity != 1)
-    {
-      newargv[m++] = "-v" ;
-      newargv[m++] = o.verbosity ? "2" : "0" ;
-    }
+      newargv[m++] = o.verbosity ? "-v2" : "-v0" ;
     if (o.flagS) newargv[m++] = "-S" ;
     if (o.flagy) newargv[m++] = "-y" ;
     if (o.kimeout)
diff --git a/src/sbearssl/sbearssl_run.c b/src/sbearssl/sbearssl_run.c
index e4d49fa..ca4a79e 100644
--- a/src/sbearssl/sbearssl_run.c
+++ b/src/sbearssl/sbearssl_run.c
@@ -71,7 +71,12 @@ int sbearssl_run (br_ssl_engine_context *ctx, int *fds, unsigned int verbosity,
     else if (!r)
     {
       fd_close(fds[0]) ; fds[0] = -1 ;
-      br_ssl_engine_close(ctx) ;
+      if (options & 1)
+      {
+        shutdown(fds[3], SHUT_WR) ;
+        fd_close(fds[3]) ; fds[3] = -1 ;
+      }
+      else br_ssl_engine_close(ctx) ;
       continue ;
     }
 
diff --git a/src/stls/stls_run.c b/src/stls/stls_run.c
index 848295c..86e0faa 100644
--- a/src/stls/stls_run.c
+++ b/src/stls/stls_run.c
@@ -6,7 +6,6 @@
 #include <errno.h>
 #include <signal.h>
 #include <tls.h>
-#include <skalibs/uint32.h>
 #include <skalibs/allreadwrite.h>
 #include <skalibs/error.h>
 #include <skalibs/buffer.h>
@@ -116,7 +115,7 @@ static void closeit (struct tls *ctx, int *fds, int brutal)
   fd_close(fds[3]) ; fds[3] = -1 ;
 }
 
-int stls_run (struct tls *ctx, int *fds, unsigned int verbosity, uint32 options, tain_t const *tto)
+int stls_run (struct tls *ctx, int *fds, unsigned int verbosity, uint32_t options, tain_t const *tto)
 {
   tlsbuf_t b[2] = { { .blockedonother = 0 }, { .blockedonother = 0 } } ;
   iopause_fd x[4] ;
@@ -138,7 +137,7 @@ int stls_run (struct tls *ctx, int *fds, unsigned int verbosity, uint32 options,
     unsigned int xlen = 0 ;
     register int r ;
 
-    tain_add_g(&deadline, fds[0] >= 0 && fds[1] >= 0 && buffer_isempty(&b[0].b) && buffer_isempty(&b[1].b) ? tto : &tain_infinite_relative) ;
+    tain_add_g(&deadline, fds[0] >= 0 && fds[2] >= 0 && buffer_isempty(&b[0].b) && buffer_isempty(&b[1].b) ? tto : &tain_infinite_relative) ;
 
 
    /* poll() preparation */
diff --git a/src/stls/stls_s6tlsc.c b/src/stls/stls_s6tlsc.c
index 70e8f20..bafc2b8 100644
--- a/src/stls/stls_s6tlsc.c
+++ b/src/stls/stls_s6tlsc.c
@@ -75,7 +75,7 @@ int stls_s6tlsc (char const *const *argv, char const *const *envp, tain_t const
     diecfg(cfg, "tls_config_set_ecdhecurve") ;
 
   tls_config_verify(cfg) ;
-  tls_config_set_protocols(cfg, TLS_PROTOCOLS_DEFAULT) ;
+  tls_config_set_protocols(cfg, TLS_PROTOCOLS_ALL) ;
   tls_config_prefer_ciphers_server(cfg) ;
   if (!servername) tls_config_insecure_noverifyname(cfg) ;