diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2023-11-16 05:13:06 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska@appnovation.com> | 2023-11-16 05:13:06 +0000 |
| commit | 26597a785ec2dd4e9ec9fb7d9765d2ee8779ee16 (patch) | |
| tree | c2c5602397e9381b1cb04472ed057edd4a00e520 /src/stls/stls_server_init_and_handshake.c | |
| parent | d8ca717da164c3e76ebb56c954d0a08544955601 (diff) | |
| download | s6-networking-26597a785ec2dd4e9ec9fb7d9765d2ee8779ee16.tar.gz | |
Add -J and -j to the TLS tools to check for peer close_notify.
Also, and more importantly, significantly rewrite stls_run()
for better full-duplex support. This implementation isn't fully
tested yet.
Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat (limited to 'src/stls/stls_server_init_and_handshake.c')
| -rw-r--r-- | src/stls/stls_server_init_and_handshake.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/stls/stls_server_init_and_handshake.c b/src/stls/stls_server_init_and_handshake.c index 2304598..2a58885 100644 --- a/src/stls/stls_server_init_and_handshake.c +++ b/src/stls/stls_server_init_and_handshake.c @@ -86,6 +86,7 @@ struct tls *stls_server_init_and_handshake (int const *fds, tain const *tto, uin { if (tls_config_set_ca_path(cfg, x) < 0) diecfg(cfg, "tls_config_set_ca_path") ; + strerr_warnw1x("some versions of libtls do not work with CADIR, if you experience problems with client certificate verification then try using CAFILE instead") ; } else { @@ -109,7 +110,7 @@ struct tls *stls_server_init_and_handshake (int const *fds, tain const *tto, uin if (!sctx) strerr_diefu1sys(111, "tls_server") ; if (tls_configure(sctx, cfg) < 0) diectx(97, sctx, "tls_configure") ; tls_config_free(cfg) ; - if (tls_accept_fds(sctx, &ctx, fds[0], fds[1]) < 0) + if (tls_accept_fds(sctx, &ctx, fds[0], fds[1]) == -1) diectx(97, sctx, "tls_accept_fds") ; /* We can't free sctx, ctx has pointers into it! Stupid API. We let sctx leak. */ /* tls_free(sctx) ; */ |
