version 1.174, 2017/02/08 18:03:31 |
version 1.175, 2017/02/08 18:44:50 |
|
|
void readwrite(int, struct tls *); |
void readwrite(int, struct tls *); |
void fdpass(int nfd) __attribute__((noreturn)); |
void fdpass(int nfd) __attribute__((noreturn)); |
int remote_connect(const char *, const char *, struct addrinfo); |
int remote_connect(const char *, const char *, struct addrinfo); |
int timeout_handshake(int, struct tls *); |
int timeout_tls(int, struct tls *, int (*)(struct tls *)); |
int timeout_connect(int, const struct sockaddr *, socklen_t); |
int timeout_connect(int, const struct sockaddr *, socklen_t); |
int socks_connect(const char *, const char *, struct addrinfo, |
int socks_connect(const char *, const char *, struct addrinfo, |
const char *, const char *, struct addrinfo, int, const char *); |
const char *, const char *, struct addrinfo, int, const char *); |
|
|
if (!usetls) |
if (!usetls) |
readwrite(connfd, NULL); |
readwrite(connfd, NULL); |
if (tls_cctx) { |
if (tls_cctx) { |
int i; |
timeout_tls(s, tls_cctx, tls_close); |
|
|
do { |
|
i = tls_close(tls_cctx); |
|
} while (i == TLS_WANT_POLLIN || |
|
i == TLS_WANT_POLLOUT); |
|
tls_free(tls_cctx); |
tls_free(tls_cctx); |
tls_cctx = NULL; |
tls_cctx = NULL; |
} |
} |
|
|
if (!zflag) |
if (!zflag) |
readwrite(s, tls_ctx); |
readwrite(s, tls_ctx); |
if (tls_ctx) { |
if (tls_ctx) { |
int j; |
timeout_tls(s, tls_ctx, tls_close); |
|
|
do { |
|
j = tls_close(tls_ctx); |
|
} while (j == TLS_WANT_POLLIN || |
|
j == TLS_WANT_POLLOUT); |
|
tls_free(tls_ctx); |
tls_free(tls_ctx); |
tls_ctx = NULL; |
tls_ctx = NULL; |
} |
} |
|
|
} |
} |
|
|
int |
int |
timeout_handshake(int s, struct tls *tls_ctx) |
timeout_tls(int s, struct tls *tls_ctx, int (*func)(struct tls *)) |
{ |
{ |
struct pollfd pfd; |
struct pollfd pfd; |
int ret; |
int ret; |
|
|
while ((ret = tls_handshake(tls_ctx)) != 0) { |
while ((ret = (*func)(tls_ctx)) != 0) { |
if (ret == TLS_WANT_POLLIN) |
if (ret == TLS_WANT_POLLIN) |
pfd.events = POLLIN; |
pfd.events = POLLIN; |
else if (ret == TLS_WANT_POLLOUT) |
else if (ret == TLS_WANT_POLLOUT) |
|
|
errx(1, "tls connection failed (%s)", |
errx(1, "tls connection failed (%s)", |
tls_error(tls_ctx)); |
tls_error(tls_ctx)); |
} |
} |
if (timeout_handshake(s, tls_ctx) == -1) { |
if (timeout_tls(s, tls_ctx, tls_handshake) == -1) { |
if ((errstr = tls_error(tls_ctx)) == NULL) |
if ((errstr = tls_error(tls_ctx)) == NULL) |
errstr = strerror(errno); |
errstr = strerror(errno); |
errx(1, "tls handshake failed (%s)", errstr); |
errx(1, "tls handshake failed (%s)", errstr); |
|
|
|
|
if (tls_accept_socket(tls_ctx, &tls_cctx, connfd) == -1) { |
if (tls_accept_socket(tls_ctx, &tls_cctx, connfd) == -1) { |
warnx("tls accept failed (%s)", tls_error(tls_ctx)); |
warnx("tls accept failed (%s)", tls_error(tls_ctx)); |
} else if (timeout_handshake(connfd, tls_cctx) == -1) { |
} else if (timeout_tls(connfd, tls_cctx, tls_handshake) == -1) { |
if ((errstr = tls_error(tls_ctx)) == NULL) |
if ((errstr = tls_error(tls_ctx)) == NULL) |
errstr = strerror(errno); |
errstr = strerror(errno); |
warnx("tls handshake failed (%s)", errstr); |
warnx("tls handshake failed (%s)", errstr); |