First implementation of two-way TLS for scripts. - geomyidae - a small C-based … | |
git clone git://git.codemadness.org/geomyidae | |
Log | |
Files | |
Refs | |
README | |
LICENSE | |
--- | |
commit f66a8a67b9471909016d6f24ce93f39584130a67 | |
parent 3a9cbc78b4777d2dab54bca974f65c708ffc61a5 | |
Author: Christoph Lohmann <[email protected]> | |
Date: Fri, 26 May 2023 06:45:48 +0200 | |
First implementation of two-way TLS for scripts. | |
Diffstat: | |
M main.c | 58 ++++++++++++++++++++++++-----… | |
1 file changed, 45 insertions(+), 13 deletions(-) | |
--- | |
diff --git a/main.c b/main.c | |
@@ -552,7 +552,7 @@ main(int argc, char *argv[]) | |
dotls = 0, dohaproxy = 0, tcpver = -1, haret = 0, | |
#ifdef ENABLE_TLS | |
tlssocks[2], shufbuf[1025], | |
- shuflen, wlen, shufpos, | |
+ shuflen, wlen, shufpos, tlsclientreader, | |
#endif /* ENABLE_TLS */ | |
maxrecv, retl, | |
rlen = 0; | |
@@ -1049,27 +1049,59 @@ read_selector_again: | |
perror("fork"); | |
return 1; | |
default: | |
- close(tlssocks[1]); | |
+ tlsclientreader = 1; | |
+ switch(fork()) { | |
+ case 0: | |
+ break; | |
+ case -1: | |
+ perror("fork"); | |
+ return 1; | |
+ default: | |
+ tlsclientreader = 0; | |
+ } | |
+ | |
+ close(tlssocks[tlsclientreader? 1 : 0]… | |
do { | |
- shuflen = read(tlssocks[0], sh… | |
+ if (tlsclientreader) { | |
+ shuflen = read(tlssock… | |
+ } else { | |
+ shuflen = tls_read(tls… | |
+ } | |
if (shuflen == -1 && errno == … | |
continue; | |
for (shufpos = 0; shufpos < sh… | |
- wlen = tls_write(tlscl… | |
- if (wlen < 0) { | |
- fprintf(stderr… | |
- return 1; | |
+ if (tlsclientreader) { | |
+ wlen = tls_wri… | |
+ if (wlen < 0) { | |
+ fprint… | |
+ return… | |
+ } | |
+ } else { | |
+ wlen = write(t… | |
+ if (wlen < 0) { | |
+ perror… | |
+ return… | |
+ } | |
} | |
} | |
} while (shuflen > 0); | |
- tls_close(tlsclientctx); | |
- tls_free(tlsclientctx); | |
- close(tlssocks[0]); | |
+ if (tlsclientreader) { | |
+ tls_close(tlsclientctx); | |
+ tls_free(tlsclientctx); | |
+ } | |
+ | |
+ close(tlssocks[tlsclientreader? 0 : 1]… | |
- waitforpendingbytes(sock); | |
- shutdown(sock, SHUT_RDWR); | |
- close(sock); | |
+ if (tlsclientreader) { | |
+ /* | |
+ * Only one process needs | |
+ * to do this. | |
+ */ | |
+ waitforpendingbytes(sock); | |
+ shutdown(sock, SHUT_RDWR); | |
+ close(sock); | |
+ } | |
return 0; | |
} | |
} |