Re: A Pragmatic Approach to OpenSSL/Mutt License Incompatibility [Was: Re: orphaning fetchmail]
On Sat, Dec 16, 2000 at 09:30:11AM -0500, Raul Miller wrote:
> On Sat, Dec 16, 2000 at 03:44:21AM -0500, Brian Ristuccia wrote:
> > This isn't neccessary. It's possible to create two sockets with
> > socketpair(), and fork(). Then close FD's 0 and 1 in the child and clone one
> > of the socket FD's onto FD's 0 and 1 before closing it. Then you can exec()
> > openssl s_client or stunnel -c and use the socket in the parent just like
> > one you would have called connect() on.
> Hmm.. there's race conditions with that approach, and the code
> isn't really designed in a fashion which lets me see whether they're
> dealt with properly. The documentation I've found isn't particularly
> encouraging. From openssl.pod:
> s_client ... "It's intended for testing purposes only".
stunnel might be a better tool for this, since it returns determinate error
levels when there's a problem. Also, read() and write() calls on the socket
FD that's talking to stunnel will fail in a manner similer to if a TCP/IP
connection is lost should stunnel die or get killed.