diff options
Diffstat (limited to 'src/tls/s6-ucspitlsd.c')
| -rw-r--r-- | src/tls/s6-ucspitlsd.c | 102 |
1 files changed, 66 insertions, 36 deletions
diff --git a/src/tls/s6-ucspitlsd.c b/src/tls/s6-ucspitlsd.c index d2b9580..d94e815 100644 --- a/src/tls/s6-ucspitlsd.c +++ b/src/tls/s6-ucspitlsd.c @@ -4,12 +4,11 @@ #include <unistd.h> #include <skalibs/gccattributes.h> +#include <skalibs/uint64.h> #include <skalibs/types.h> -#include <skalibs/sgetopt.h> -#include <skalibs/strerr.h> +#include <skalibs/envexec.h> #include <skalibs/djbunix.h> #include <skalibs/socket.h> -#include <skalibs/exec.h> #include <s6-networking/config.h> #include "s6tls-internal.h" @@ -17,8 +16,27 @@ #define USAGE "s6-ucspitlsd [ -S | -s ] [ -J | -j ] [ -Y | -y ] [ -k snilevel ] [ -v verbosity ] [ -K timeout ] [ -Z | -z ] prog..." #define dieusage() strerr_dieusage(100, USAGE) -static inline void child (int *, uint32_t, unsigned int, unsigned int, unsigned int, pid_t) gccattr_noreturn ; -static inline void child (int *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, unsigned int snilevel, pid_t pid) +enum golb_e +{ + GOLB_CLOSENOTIFY = 0x0001, + GOLB_STRICTCN = 0x0002, + GOLB_CLIENTCERT = 0x0004, + GOLB_CLIENTCERT_ONLY = 0x0008, + GOLB_SNI = 0x0010, + GOLB_SNI_ONLY = 0x0020, + GOLB_KEEP = 0x100, +} ; + +enum gola_e +{ + GOLA_VERBOSITY, + GOLA_KIMEOUT, + GOLA_SNILEVEL, + GOLA_N +} ; + +static inline void child (int *, uint32_t, unsigned int, unsigned int, pid_t) gccattr_noreturn ; +static inline void child (int *p, uint32_t options, unsigned int verbosity, unsigned int kimeout, pid_t pid) { ssize_t r ; char const *newargv[S6TLS_PREP_IO_ARGC] ; @@ -52,7 +70,7 @@ static inline void child (int *p, uint32_t options, unsigned int verbosity, unsi default : strerr_dief1x(100, "unrecognized command on control socket") ; } - s6tls_prep_tlsdio(newargv, buf, p, options, verbosity, kimeout, snilevel) ; + s6tls_prep_tlsdio(newargv, buf, p, options, verbosity, kimeout) ; if (verbosity >= 2) { char fmt[PID_FMT] ; @@ -64,40 +82,52 @@ static inline void child (int *p, uint32_t options, unsigned int verbosity, unsi int main (int argc, char const *const *argv) { + static gol_bool const rgolb[] = + { + { .so = 's', .lo = "no-close-notify", .clear = GOLB_CLOSENOTIFY, .set = 0 }, + { .so = 'S', .lo = "close-notify", .clear = 0, .set = GOLB_CLOSENOTIFY }, + { .so = 'j', .lo = "no-enforce-close-notify", .clear = GOLB_STRICTCN, .set = 0 }, + { .so = 'J', .lo = "enforce-close-notify", .clear = 0, .set = GOLB_STRICTCN }, + { .so = 'Y', .lo = "client-cert", .clear = GOLB_CLIENTCERT_ONLY, .set = GOLB_CLIENTCERT }, + { .so = 'y', .lo = "mandatory-client-cert", .clear = 0, .set = GOLB_CLIENTCERT | GOLB_CLIENTCERT_ONLY }, + { .so = 'z', .lo = "no-keep", .clear = GOLB_KEEP, .set = 0 }, + { .so = 'Z', .lo = "keep", .clear = 0, .set = GOLB_KEEP }, + { .so = 0, .lo = "sni", .clear = GOLB_SNI_ONLY, .set = GOLB_SNI }, + { .so = 0, .lo = "mandatory-sni", .clear = 0, .set = GOLB_SNI | GOLB_SNI_ONLY }, + } ; + static gol_arg const rgola[] = + { + { .so = 'v', .lo = "verbosity", .i = GOLA_VERBOSITY }, + { .so = 'K', .lo = "handshake-timeout", .i = GOLA_KIMEOUT }, + { .so = 'k', .lo = "sni-level", .i = GOLA_SNILEVEL }, + } ; + int p[6] ; unsigned int verbosity = 1 ; unsigned int kimeout = 0 ; - unsigned int snilevel = 0 ; - uint32_t coptions = 0 ; - uint32_t poptions = 1 ; - int p[6] ; pid_t pid ; - + uint64_t wgolb = 0 ; + char const *wgola[GOLA_N] = { 0 } ; + unsigned int golc ; PROG = "s6-ucspitlsd (parent)" ; + + golc = GOL_main(argc, argv, rgolb, rgola, &wgolb, wgola) ; + argc -= golc ; argv += golc ; + if (!argc) dieusage() ; + + if (wgola[GOLA_VERBOSITY]) + if (!uint0_scan(wgola[GOLA_VERBOSITY], &verbosity)) + strerr_dief2x(100, "verbosity", " must be an unsigned integer") ; + if (wgola[GOLA_KIMEOUT]) + if (!uint0_scan(wgola[GOLA_KIMEOUT], &kimeout)) + strerr_dief2x(100, "handshake-timeout", " must be an unsigned integer") ; + if (wgola[GOLA_SNILEVEL]) { - subgetopt l = SUBGETOPT_ZERO ; - for (;;) - { - int opt = subgetopt_r(argc, argv, "SsJjyYv:K:Zzk:", &l) ; - if (opt == -1) break ; - switch (opt) - { - case 'S' : coptions |= 4 ; break ; - case 's' : coptions &= ~4 ; break ; - case 'J' : coptions |= 8 ; break ; - case 'j' : coptions &= ~8 ; break ; - case 'y' : coptions |= 3 ; break ; - case 'Y' : coptions |= 1 ; coptions &= ~2 ; break ; - case 'v' : if (!uint0_scan(l.arg, &verbosity)) dieusage() ; break ; - case 'K' : if (!uint0_scan(l.arg, &kimeout)) dieusage() ; break ; - case 'Z' : poptions &= ~1 ; break ; - case 'z' : poptions |= 1 ; break ; - case 'k' : if (!uint0_scan(l.arg, &snilevel)) dieusage() ; break ; - default : dieusage() ; - } - } - argc -= l.ind ; argv += l.ind ; + unsigned int snilevel ; + if (!uint0_scan(wgola[GOLA_SNILEVEL], &snilevel)) + strerr_dief2x(100, "sni-level", " must be an unsigned integer") ; + wgolb &= ~(GOLB_SNI | GOLB_SNI_ONLY) ; + wgolb |= (snilevel ? GOLB_SNI : 0) | (snilevel >= 2 ? GOLB_SNI_ONLY : 0) ; } - if (!argc) dieusage() ; if (pipe(p) == -1 || pipe(p+2) == -1) strerr_diefu1sys(111, "pipe") ; if (ipc_pair_b(p+4) == -1) strerr_diefu1sys(111, "ipc_pair") ; @@ -106,8 +136,8 @@ int main (int argc, char const *const *argv) switch (fork()) { case -1 : strerr_diefu1sys(111, "fork") ; - case 0 : child(p, coptions, verbosity, kimeout, snilevel, pid) ; + case 0 : child(p, wgolb & 0xff, verbosity, kimeout, pid) ; default : break ; } - s6tls_ucspi_exec_app(argv, p, poptions) ; + s6tls_ucspi_exec_app(argv, p, wgolb >> 8) ; } |