From 3f78080496cddb11cbe9040efce694e44cfac7fe Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Mon, 28 Nov 2016 15:52:37 +0000 Subject: Small sbearssl bugfixes and usability messages --- src/conn-tools/s6-tlsclient.c | 2 ++ src/sbearssl/sbearssl_run.c | 20 ++++++++++++++++---- src/sbearssl/sbearssl_s6tlsc.c | 2 +- src/sbearssl/sbearssl_s6tlsd.c | 2 +- src/stls/stls_s6tlsc.c | 2 +- src/stls/stls_s6tlsd.c | 2 +- 6 files changed, 22 insertions(+), 8 deletions(-) diff --git a/src/conn-tools/s6-tlsclient.c b/src/conn-tools/s6-tlsclient.c index 1aa66fb..a536171 100644 --- a/src/conn-tools/s6-tlsclient.c +++ b/src/conn-tools/s6-tlsclient.c @@ -176,6 +176,8 @@ int main (int argc, char const *const *argv, char const *const *envp) fmt[pos++] = 0 ; } newargv[m++] = "--" ; + newargv[m++] = *argv++ ; + newargv[m++] = *argv++ ; newargv[m++] = S6_NETWORKING_BINPREFIX "s6-tlsc" ; if (o.flagS) newargv[m++] = "-S" ; if (o.flagy) newargv[m++] = "-y" ; diff --git a/src/sbearssl/sbearssl_run.c b/src/sbearssl/sbearssl_run.c index 3ea4a95..b5f6618 100644 --- a/src/sbearssl/sbearssl_run.c +++ b/src/sbearssl/sbearssl_run.c @@ -14,6 +14,16 @@ #include #include +#ifdef DEBUG +# include +# include +# include +# define PLM(...) (bprintf(buffer_2, "%s: debug: ", PROG), bprintf(buffer_2, __VA_ARGS__), buffer_putflush(buffer_2, "\n", 1)) +#else +# define PLM(...) +#endif + + int sbearssl_run (br_ssl_engine_context *ctx, int *fds, unsigned int verbosity, uint32_t options, tain_t const *tto) { iopause_fd x[4] ; @@ -24,6 +34,8 @@ int sbearssl_run (br_ssl_engine_context *ctx, int *fds, unsigned int verbosity, if (sig_ignore(SIGPIPE) < 0) strerr_diefu1sys(111, "ignore SIGPIPE") ; + tain_now_g() ; + for (;;) { tain_t deadline ; @@ -79,7 +91,7 @@ int sbearssl_run (br_ssl_engine_context *ctx, int *fds, unsigned int verbosity, /* Flush to local */ - if (state & BR_SSL_RECVAPP && x[xindex[1]].revents & IOPAUSE_WRITE) + if (state & BR_SSL_RECVAPP && x[xindex[1]].events & x[xindex[1]].revents & IOPAUSE_WRITE) { size_t len ; unsigned char const *s = br_ssl_engine_recvapp_buf(ctx, &len) ; @@ -103,7 +115,7 @@ int sbearssl_run (br_ssl_engine_context *ctx, int *fds, unsigned int verbosity, /* Flush to remote */ - if (state & BR_SSL_SENDREC && x[xindex[3]].revents & IOPAUSE_WRITE) + if (state & BR_SSL_SENDREC && x[xindex[3]].events & x[xindex[3]].revents & IOPAUSE_WRITE) { size_t len ; unsigned char const *s = br_ssl_engine_sendrec_buf(ctx, &len) ; @@ -128,7 +140,7 @@ int sbearssl_run (br_ssl_engine_context *ctx, int *fds, unsigned int verbosity, /* Fill from local */ - if (state & BR_SSL_SENDAPP & x[xindex[0]].revents & IOPAUSE_READ) + if (state & BR_SSL_SENDAPP && x[xindex[0]].events & x[xindex[0]].revents & IOPAUSE_READ) { size_t len ; unsigned char *s = br_ssl_engine_sendapp_buf(ctx, &len) ; @@ -157,7 +169,7 @@ int sbearssl_run (br_ssl_engine_context *ctx, int *fds, unsigned int verbosity, /* Fill from remote */ - if (state & BR_SSL_RECVREC & x[xindex[2]].revents & IOPAUSE_READ) + if (state & BR_SSL_RECVREC && x[xindex[2]].events & x[xindex[2]].revents & IOPAUSE_READ) { size_t len ; unsigned char *s = br_ssl_engine_recvrec_buf(ctx, &len) ; diff --git a/src/sbearssl/sbearssl_s6tlsc.c b/src/sbearssl/sbearssl_s6tlsc.c index 5665edc..6b12320 100644 --- a/src/sbearssl/sbearssl_s6tlsc.c +++ b/src/sbearssl/sbearssl_s6tlsc.c @@ -78,7 +78,7 @@ int sbearssl_s6tlsc (char const *const *argv, char const *const *envp, tain_t co int wstat ; int r = sbearssl_run(&cc.eng, fds, verbosity, options, tto) ; if (r < 0) strerr_diefu1sys(111, "run SSL engine") ; - else if (r) strerr_diefu3x(98, "run SSL engine", ": ", sbearssl_error_str(r)) ; + else if (r) strerr_diefu2x(98, "establish or maintain SSL connection to peer: ", sbearssl_error_str(r)) ; if (wait_pid(pid, &wstat) < 0) strerr_diefu1sys(111, "wait_pid") ; return wait_estatus(wstat) ; } diff --git a/src/sbearssl/sbearssl_s6tlsd.c b/src/sbearssl/sbearssl_s6tlsd.c index 3a27e9f..fa95fbb 100644 --- a/src/sbearssl/sbearssl_s6tlsd.c +++ b/src/sbearssl/sbearssl_s6tlsd.c @@ -103,7 +103,7 @@ int sbearssl_s6tlsd (char const *const *argv, char const *const *envp, tain_t co int wstat ; int r = sbearssl_run(&sc.eng, fds, verbosity, options, tto) ; if (r < 0) strerr_diefu1sys(111, "run SSL engine") ; - else if (r) strerr_diefu3x(98, "run SSL engine", ": ", sbearssl_error_str(r)) ; + else if (r) strerr_diefu2x(98, "establish or maintain SSL connection to peer: ", sbearssl_error_str(r)) ; if (wait_pid(pid, &wstat) < 0) strerr_diefu1sys(111, "wait_pid") ; return wait_estatus(wstat) ; } diff --git a/src/stls/stls_s6tlsc.c b/src/stls/stls_s6tlsc.c index 194afb9..1313cfe 100644 --- a/src/stls/stls_s6tlsc.c +++ b/src/stls/stls_s6tlsc.c @@ -86,7 +86,7 @@ int stls_s6tlsc (char const *const *argv, char const *const *envp, tain_t const int wstat ; int r = stls_run(ctx, fds, verbosity, options, tto) ; if (r < 0) strerr_diefu1sys(111, "run SSL engine") ; - else if (r) diectx(98, ctx, "run SSL engine") ; + else if (r) diectx(98, ctx, "establish or maintain SSL connection to peer") ; tls_free(ctx) ; if (wait_pid(pid, &wstat) < 0) strerr_diefu1sys(111, "wait_pid") ; return wait_estatus(wstat) ; diff --git a/src/stls/stls_s6tlsd.c b/src/stls/stls_s6tlsd.c index ff1b308..1506556 100644 --- a/src/stls/stls_s6tlsd.c +++ b/src/stls/stls_s6tlsd.c @@ -85,7 +85,7 @@ int stls_s6tlsd (char const *const *argv, char const *const *envp, tain_t const int wstat ; int r = stls_run(cctx, fds, verbosity, options, tto) ; if (r < 0) strerr_diefu1sys(111, "run SSL engine") ; - else if (r) diectx(98, cctx, "run SSL engine") ; + else if (r) diectx(98, cctx, "establish or maintain SSL connection to peer") ; if (wait_pid(pid, &wstat) < 0) strerr_diefu1sys(111, "wait_pid") ; return wait_estatus(wstat) ; } -- cgit v1.2.3