[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: A Pragmatic Approach to OpenSSL/Mutt License Incompatibility [Was: Re: orphaning fetchmail]

On Sat, Dec 16, 2000 at 09:30:11AM -0500, Raul Miller wrote:
> On Sat, Dec 16, 2000 at 03:44:21AM -0500, Brian Ristuccia wrote:
> > This isn't neccessary. It's possible to create two sockets with
> > socketpair(), and fork(). Then close FD's 0 and 1 in the child and clone one
> > of the socket FD's onto FD's 0 and 1 before closing it. Then you can exec()
> > openssl s_client or stunnel -c and use the socket in the parent just like
> > one you would have called connect() on.
> Hmm.. there's race conditions with that approach, and the code 
> isn't really designed in a fashion which lets me see whether they're
> dealt with properly.  The documentation I've found isn't particularly
> encouraging.  From openssl.pod:
> s_client ... "It's intended for testing purposes only".

stunnel might be a better tool for this, since it returns determinate error
levels when there's a problem. Also, read() and write() calls on the socket
FD that's talking to stunnel will fail in a manner similer to if a TCP/IP
connection is lost should stunnel die or get killed. 

Brian Ristuccia

Reply to: