From 08e88c5efc65a6f49da40aa002bc5f4b0ebee49d Mon Sep 17 00:00:00 2001
From: Laurent Bercot <ska-skaware@skarnet.org>
Date: Sat, 26 Nov 2016 10:04:40 +0000
Subject:  Add -z option to s6-tlsc/s6-tlsd to clean TLS env vars before
 spawning (default)

---
 src/stls/deps-lib/stls | 1 +
 src/stls/stls_s6tlsc.c | 3 ++-
 src/stls/stls_s6tlsd.c | 3 ++-
 3 files changed, 5 insertions(+), 2 deletions(-)

(limited to 'src/stls')

diff --git a/src/stls/deps-lib/stls b/src/stls/deps-lib/stls
index 799c7ae..f215998 100644
--- a/src/stls/deps-lib/stls
+++ b/src/stls/deps-lib/stls
@@ -2,4 +2,5 @@ stls_run.o
 stls_s6tlsc.o
 stls_s6tlsd.o
 -ltls
+-ls6net
 -lskarnet
diff --git a/src/stls/stls_s6tlsc.c b/src/stls/stls_s6tlsc.c
index aa82087..194afb9 100644
--- a/src/stls/stls_s6tlsc.c
+++ b/src/stls/stls_s6tlsc.c
@@ -8,6 +8,7 @@
 #include <skalibs/tai.h>
 #include <skalibs/env.h>
 #include <skalibs/djbunix.h>
+#include <s6-networking/s6net-utils.h>
 #include <s6-networking/stls.h>
 
 #define diecfg(cfg, s) strerr_diefu3x(96, (s), ": ", tls_config_error(cfg))
@@ -73,7 +74,7 @@ int stls_s6tlsc (char const *const *argv, char const *const *envp, tain_t const
   if (tls_configure(ctx, cfg) < 0) diectx(97, ctx, "tls_configure") ;
   tls_config_free(cfg) ;
 
-  pid = child_spawn2(argv[0], argv, envp, fds) ;
+  pid = s6net_clean_tls_and_spawn(argv, envp, fds, !!(preoptions & 2)) ;
   if (!pid) strerr_diefu2sys(111, "spawn ", argv[0]) ;
   if (gid && setgid(gid) < 0) strerr_diefu1sys(111, "setgid") ;
   if (uid && setuid(uid) < 0) strerr_diefu1sys(111, "setuid") ;
diff --git a/src/stls/stls_s6tlsd.c b/src/stls/stls_s6tlsd.c
index 61b1343..ff1b308 100644
--- a/src/stls/stls_s6tlsd.c
+++ b/src/stls/stls_s6tlsd.c
@@ -8,6 +8,7 @@
 #include <skalibs/tai.h>
 #include <skalibs/env.h>
 #include <skalibs/djbunix.h>
+#include <s6-networking/s6net-utils.h>
 #include <s6-networking/stls.h>
 
 #define diecfg(cfg, s) strerr_diefu3x(96, (s), ": ", tls_config_error(cfg))
@@ -70,7 +71,7 @@ int stls_s6tlsd (char const *const *argv, char const *const *envp, tain_t const
   if (tls_configure(ctx, cfg) < 0) diectx(97, ctx, "tls_configure") ;
   tls_config_free(cfg) ;
 
-  pid = child_spawn2(argv[0], argv, envp, fds) ;
+  pid = s6net_clean_tls_and_spawn(argv, envp, fds, !!(preoptions & 2)) ;
   if (!pid) strerr_diefu2sys(111, "spawn ", argv[0]) ;
   if (gid && setgid(gid) < 0) strerr_diefu1sys(111, "setgid") ;
   if (uid && setuid(uid) < 0) strerr_diefu1sys(111, "setuid") ;
-- 
cgit v1.2.3