/* Setup stdio pipes in parent process for communication with the subprocess */ static void setupParentPipes(Process_T P) { close(P->stdin_pipe[0]); // close read end Net_setNonBlocking(P->stdin_pipe[1]); close(P->stdout_pipe[1]); // close write end Net_setNonBlocking(P->stdout_pipe[0]); close(P->stderr_pipe[1]); // close write end Net_setNonBlocking(P->stderr_pipe[0]); }
/** * Embeds an accepted server socket in an existing ssl connection. * @param ssl ssl connection * @param socket the socket to be used. * @return TRUE, or FALSE if an error has occured. */ int embed_accepted_ssl_socket(ssl_connection *ssl, int socket) { int ssl_error; time_t ssl_time; ASSERT(ssl); ssl->socket = socket; if (!ssl_initialized) start_ssl(); if (!(ssl->handler = SSL_new(ssl->ctx))) { LogError("Cannot initialize the SSL handler -- %s\n", SSLERROR); return FALSE; } if (socket < 0) { LogError("SSL socket error\n"); return FALSE; } Net_setNonBlocking(ssl->socket); if (!(ssl->socket_bio = BIO_new_socket(ssl->socket, BIO_NOCLOSE))) { LogError("Cannot create IO buffer -- %s\n", SSLERROR); return FALSE; } SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio); ssl_time = time(NULL); while ((ssl_error = SSL_accept(ssl->handler)) < 0) { if ((time(NULL) - ssl_time) > SSL_TIMEOUT) { LogError("SSL service timeout\n"); return FALSE; } if (!handle_error(ssl_error, ssl)) return FALSE; if (!BIO_should_retry(ssl->socket_bio)) return FALSE; } ssl->cipher = (char *)SSL_get_cipher(ssl->handler); if (!update_ssl_cert_data(ssl) && ssl->clientpemfile) { LogError("The client did not supply a required client certificate\n"); return FALSE; } if (SSL_get_verify_result(ssl->handler) > 0) { LogError("Verification of the certificate has failed\n"); return FALSE; } return TRUE; }
/** * Embeds a socket in a ssl connection. * @param socket the socket to be used. * @return The ssl connection or NULL if an error occured. */ int embed_ssl_socket(ssl_connection *ssl, int socket) { int ssl_error; time_t ssl_time; if (!ssl) return FALSE; if (!ssl_initialized) start_ssl(); if (socket >= 0) { ssl->socket = socket; } else { LogError("SSL socket error\n"); goto sslerror; } if ((ssl->handler = SSL_new (ssl->ctx)) == NULL) { LogError("Cannot initialize the SSL handler -- %s\n", SSLERROR); goto sslerror; } if (SSL_CTX_set_cipher_list(ssl->ctx, CIPHER_LIST) != 1) { LogError("Error setting cipher list '%s' (no valid ciphers)\n", CIPHER_LIST); goto sslerror; } Net_setNonBlocking(ssl->socket); if ((ssl->socket_bio = BIO_new_socket(ssl->socket, BIO_NOCLOSE)) == NULL) { LogError("Cannot create IO buffer -- %s\n", SSLERROR); goto sslerror; } SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio); ssl_time = time(NULL); while ((ssl_error = SSL_connect (ssl->handler)) < 0) { if ((time(NULL) - ssl_time) > SSL_TIMEOUT) { LogError("SSL service timeout\n"); goto sslerror; } if (!handle_error(ssl_error, ssl)) goto sslerror; if (!BIO_should_retry(ssl->socket_bio)) goto sslerror; } ssl->cipher = (char *) SSL_get_cipher(ssl->handler); if (! update_ssl_cert_data(ssl)) { LogError("Cannot get the SSL server certificate\n"); goto sslerror; } return TRUE; sslerror: cleanup_ssl_socket(ssl); return FALSE; }