summaryrefslogtreecommitdiff
path: root/src/sbearssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/sbearssl')
-rw-r--r--src/sbearssl/deps-lib/sbearssl2
-rw-r--r--src/sbearssl/sbearssl-internal.h1
-rw-r--r--src/sbearssl/sbearssl_clean_tls_and_spawn.c21
-rw-r--r--src/sbearssl/sbearssl_s6tlsc.c3
-rw-r--r--src/sbearssl/sbearssl_s6tlsd.c1
5 files changed, 24 insertions, 4 deletions
diff --git a/src/sbearssl/deps-lib/sbearssl b/src/sbearssl/deps-lib/sbearssl
index d5964e6..b3e69bb 100644
--- a/src/sbearssl/deps-lib/sbearssl
+++ b/src/sbearssl/deps-lib/sbearssl
@@ -1,4 +1,5 @@
sbearssl_append.o
+sbearssl_clean_tls_and_spawn.o
sbearssl_cert_from.o
sbearssl_cert_readbigpem.o
sbearssl_cert_readfile.o
@@ -33,5 +34,4 @@ sbearssl_x509_minimal_set_tai.o
sbearssl_s6tlsc.o
sbearssl_s6tlsd.o
-lbearssl
--ls6net
-lskarnet
diff --git a/src/sbearssl/sbearssl-internal.h b/src/sbearssl/sbearssl-internal.h
index eee3b84..ac5e4e2 100644
--- a/src/sbearssl/sbearssl-internal.h
+++ b/src/sbearssl/sbearssl-internal.h
@@ -18,5 +18,6 @@ struct sbearssl_strallocerr_s
extern void sbearssl_append (void *, void const *, size_t) ;
extern int sbearssl_pem_push (br_pem_decoder_context *, char const *, size_t, sbearssl_pemobject *, genalloc *, sbearssl_strallocerr *, int *) ;
+extern pid_t sbearssl_clean_tls_and_spawn (char const *const *, char const *const *, int *, uint32_t) ;
#endif
diff --git a/src/sbearssl/sbearssl_clean_tls_and_spawn.c b/src/sbearssl/sbearssl_clean_tls_and_spawn.c
new file mode 100644
index 0000000..258db90
--- /dev/null
+++ b/src/sbearssl/sbearssl_clean_tls_and_spawn.c
@@ -0,0 +1,21 @@
+/* ISC license. */
+
+#include <sys/types.h>
+#include <skalibs/env.h>
+#include <skalibs/djbunix.h>
+#include "sbearssl-internal.h"
+
+pid_t sbearssl_clean_tls_and_spawn (char const *const *argv, char const *const *envp, int *fds, uint32_t options)
+{
+ if (!(options & 1)) return child_spawn2(argv[0], argv, envp, fds) ;
+ else
+ {
+ char const modifs[] = "CADIR\0CAFILE\0KEYFILE\0CERTFILE\0TLS_UID\0TLS_GID" ;
+ size_t modiflen = sizeof(modifs) ;
+ size_t n = env_len(envp) ;
+ char const *newenv[n + 7] ;
+ size_t newenvlen = env_merge(newenv, n+7, envp, n, modifs, modiflen) ;
+ if (!newenvlen) return 0 ;
+ return child_spawn2(argv[0], argv, newenv, fds) ;
+ }
+}
diff --git a/src/sbearssl/sbearssl_s6tlsc.c b/src/sbearssl/sbearssl_s6tlsc.c
index f20f293..598774a 100644
--- a/src/sbearssl/sbearssl_s6tlsc.c
+++ b/src/sbearssl/sbearssl_s6tlsc.c
@@ -11,7 +11,6 @@
#include <skalibs/genalloc.h>
#include <skalibs/djbunix.h>
#include <skalibs/random.h>
-#include <s6-networking/s6net-utils.h>
#include <s6-networking/sbearssl.h>
int sbearssl_s6tlsc (char const *const *argv, char const *const *envp, tain_t const *tto, uint32_t preoptions, uint32_t options, uid_t uid, gid_t gid, unsigned int verbosity, char const *servername, int *sfd)
@@ -67,7 +66,7 @@ int sbearssl_s6tlsc (char const *const *argv, char const *const *envp, tain_t co
br_ssl_engine_inject_entropy(&cc.eng, buf, 32) ;
random_finish() ;
- pid = s6net_clean_tls_and_spawn(argv, envp, fds, !!(preoptions & 2)) ;
+ pid = sbearssl_clean_tls_and_spawn(argv, envp, fds, !!(preoptions & 2)) ;
if (gid && setgid(gid) < 0) strerr_diefu1sys(111, "setgid") ;
if (uid && setuid(uid) < 0) strerr_diefu1sys(111, "setuid") ;
diff --git a/src/sbearssl/sbearssl_s6tlsd.c b/src/sbearssl/sbearssl_s6tlsd.c
index 2cb3d21..aa32ed1 100644
--- a/src/sbearssl/sbearssl_s6tlsd.c
+++ b/src/sbearssl/sbearssl_s6tlsd.c
@@ -11,7 +11,6 @@
#include <skalibs/genalloc.h>
#include <skalibs/djbunix.h>
#include <skalibs/random.h>
-#include <s6-networking/s6net-utils.h>
#include <s6-networking/sbearssl.h>
int sbearssl_s6tlsd (char const *const *argv, char const *const *envp, tain_t const *tto, uint32_t preoptions, uint32_t options, uid_t uid, gid_t gid, unsigned int verbosity)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 07:53:13 +0000