 |
First implementation of two-way TLS for scripts. - geomyidae - a small C-based … |
 |
git clone git://git.codemadness.org/geomyidae |
 |
Log |
|
Files |
|
Refs |
|
README |
|
LICENSE |
|
--- |
|
commit f66a8a67b9471909016d6f24ce93f39584130a67 |
|
parent 3a9cbc78b4777d2dab54bca974f65c708ffc61a5 |
|
Author: Christoph Lohmann <[email protected]> |
|
Date: Fri, 26 May 2023 06:45:48 +0200 |
|
|
|
First implementation of two-way TLS for scripts. |
|
|
|
Diffstat: |
|
M main.c | 58 ++++++++++++++++++++++++-----… |
|
|
|
1 file changed, 45 insertions(+), 13 deletions(-) |
|
--- |
|
diff --git a/main.c b/main.c |
|
@@ -552,7 +552,7 @@ main(int argc, char *argv[]) |
|
dotls = 0, dohaproxy = 0, tcpver = -1, haret = 0, |
|
#ifdef ENABLE_TLS |
|
tlssocks[2], shufbuf[1025], |
|
- shuflen, wlen, shufpos, |
|
+ shuflen, wlen, shufpos, tlsclientreader, |
|
#endif /* ENABLE_TLS */ |
|
maxrecv, retl, |
|
rlen = 0; |
|
@@ -1049,27 +1049,59 @@ read_selector_again: |
|
perror("fork"); |
|
return 1; |
|
default: |
|
- close(tlssocks[1]); |
|
+ tlsclientreader = 1; |
|
+ switch(fork()) { |
|
+ case 0: |
|
+ break; |
|
+ case -1: |
|
+ perror("fork"); |
|
+ return 1; |
|
+ default: |
|
+ tlsclientreader = 0; |
|
+ } |
|
+ |
|
+ close(tlssocks[tlsclientreader? 1 : 0]… |
|
do { |
|
- shuflen = read(tlssocks[0], sh… |
|
+ if (tlsclientreader) { |
|
+ shuflen = read(tlssock… |
|
+ } else { |
|
+ shuflen = tls_read(tls… |
|
+ } |
|
if (shuflen == -1 && errno == … |
|
continue; |
|
for (shufpos = 0; shufpos < sh… |
|
- wlen = tls_write(tlscl… |
|
- if (wlen < 0) { |
|
- fprintf(stderr… |
|
- return 1; |
|
+ if (tlsclientreader) { |
|
+ wlen = tls_wri… |
|
+ if (wlen < 0) { |
|
+ fprint… |
|
+ return… |
|
+ } |
|
+ } else { |
|
+ wlen = write(t… |
|
+ if (wlen < 0) { |
|
+ perror… |
|
+ return… |
|
+ } |
|
} |
|
} |
|
} while (shuflen > 0); |
|
|
|
- tls_close(tlsclientctx); |
|
- tls_free(tlsclientctx); |
|
- close(tlssocks[0]); |
|
+ if (tlsclientreader) { |
|
+ tls_close(tlsclientctx); |
|
+ tls_free(tlsclientctx); |
|
+ } |
|
+ |
|
+ close(tlssocks[tlsclientreader? 0 : 1]… |
|
|
|
- waitforpendingbytes(sock); |
|
- shutdown(sock, SHUT_RDWR); |
|
- close(sock); |
|
+ if (tlsclientreader) { |
|
+ /* |
|
+ * Only one process needs |
|
+ * to do this. |
|
+ */ |
|
+ waitforpendingbytes(sock); |
|
+ shutdown(sock, SHUT_RDWR); |
|
+ close(sock); |
|
+ } |
|
return 0; |
|
} |
|
} |
