First implementation of two-way TLS for scripts. - geomyidae - A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae)

commit f66a8a67b9471909016d6f24ce93f39584130a67
parent 3a9cbc78b4777d2dab54bca974f65c708ffc61a5
Author: Christoph Lohmann <20h@r-36.net>
Date:   Fri, 26 May 2023 06:45:48 +0200

First implementation of two-way TLS for scripts.

Diffstat:
M main.c  | 58 +++++++++++++++++++++++++++++++++++++++++++++-------------

1 file changed, 45 insertions(+), 13 deletions(-)
diff --git a/main.c b/main.c
@@ -552,7 +552,7 @@ main(int argc, char *argv[])
 	    dotls = 0, dohaproxy = 0, tcpver = -1, haret = 0,
 #ifdef ENABLE_TLS
 	    tlssocks[2], shufbuf[1025],
-	    shuflen, wlen, shufpos,
+	    shuflen, wlen, shufpos, tlsclientreader,
 #endif /* ENABLE_TLS */
 	    maxrecv, retl,
 	    rlen = 0;
@@ -1049,27 +1049,59 @@ read_selector_again:
 					perror("fork");
 					return 1;
 				default:
-					close(tlssocks[1]);
+					tlsclientreader = 1;
+					switch(fork()) {
+					case 0:
+						break;
+					case -1:
+						perror("fork");
+						return 1;
+					default:
+						tlsclientreader = 0;
+					}
+
+					close(tlssocks[tlsclientreader? 1 : 0]);
 					do {
-						shuflen = read(tlssocks[0], shufbuf, sizeof(shufbuf)-1);
+						if (tlsclientreader) {
+							shuflen = read(tlssocks[0], shufbuf, sizeof(shufbuf)-1);
+						} else {
+							shuflen = tls_read(tlsclientctx, shufbuf, sizeof(shufbuf)-1);
+						}
 						if (shuflen == -1 && errno == EINTR)
 							continue;
 						for (shufpos = 0; shufpos < shuflen; shufpos += wlen) {
-							wlen = tls_write(tlsclientctx, shufbuf+shufpos, shuflen-shufpos);
-							if (wlen < 0) {
-								fprintf(stderr, "tls_write failed: %s\n", tls_error(tlsclientctx));
-								return 1;
+							if (tlsclientreader) {
+								wlen = tls_write(tlsclientctx, shufbuf+shufpos, shuflen-shufpos);
+								if (wlen < 0) {
+									fprintf(stderr, "tls_write failed: %s\n", tls_error(tlsclientctx));
+									return 1;
+								}
+							} else {
+								wlen = write(tlssocks[1], shufbuf+shufpos, shuflen-shufpos);
+								if (wlen < 0) {
+									perror("write");
+									return 1;
+								}
 							}
 						}
 					} while (shuflen > 0);
 
-					tls_close(tlsclientctx);
-					tls_free(tlsclientctx);
-					close(tlssocks[0]);
+					if (tlsclientreader) {
+						tls_close(tlsclientctx);
+						tls_free(tlsclientctx);
+					}
+
+					close(tlssocks[tlsclientreader? 0 : 1]);
 
-					waitforpendingbytes(sock);
-					shutdown(sock, SHUT_RDWR);
-					close(sock);
+					if (tlsclientreader) {
+						/*
+						 * Only one process needs
+						 * to do this.
+						 */
+						waitforpendingbytes(sock);
+						shutdown(sock, SHUT_RDWR);
+						close(sock);
+					}
 					return 0;
 				}
 			}

	geomyidae A small C-based gopherd. (gopher://bitreich.org/1/scm/geomyidae)
	git clone git://r-36.net/geomyidae
	Log \| Files \| Refs \| README \| LICENSE