diff options
author | Denys Vlasenko | 2014-02-23 23:39:47 +0100 |
---|---|---|
committer | Denys Vlasenko | 2014-02-23 23:39:47 +0100 |
commit | 53315570bb77534d828b3cf1f06b2ca286da4962 (patch) | |
tree | a68b1f5e4b5b6d70bbdd99e64d8fc7e4f79eb087 /networking | |
parent | d82046f59f8b3d338bcfe6aa3b786e13c5c54ee3 (diff) | |
download | busybox-53315570bb77534d828b3cf1f06b2ca286da4962.zip busybox-53315570bb77534d828b3cf1f06b2ca286da4962.tar.gz |
wget: add commented-out code to use ssl_helper instead of openssl
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'networking')
-rw-r--r-- | networking/wget.c | 49 |
1 files changed, 47 insertions, 2 deletions
diff --git a/networking/wget.c b/networking/wget.c index dfea3d4..3d9a1b3 100644 --- a/networking/wget.c +++ b/networking/wget.c @@ -527,12 +527,51 @@ static int spawn_https_helper(const char *host, unsigned port) /* notreached */ } - /* parent process */ + /* Parent */ free(allocated); close(sp[1]); return sp[0]; } +/* See networking/ssl_helper/README */ +#define SSL_HELPER 0 + +#if SSL_HELPER +static void spawn_https_helper1(int network_fd) +{ + int sp[2]; + int pid; + + if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0) + /* Kernel can have AF_UNIX support disabled */ + bb_perror_msg_and_die("socketpair"); + + pid = BB_MMU ? xfork() : xvfork(); + if (pid == 0) { + /* Child */ + char *argv[3]; + + close(sp[0]); + xmove_fd(sp[1], 0); + xdup2(0, 1); + xmove_fd(network_fd, 3); + /* + * A simple ssl/tls helper + */ + argv[0] = (char*)"ssl_helper"; + argv[1] = (char*)"-d3"; + argv[2] = NULL; + BB_EXECVP(argv[0], argv); + bb_perror_msg_and_die("can't execute '%s'", argv[0]); + /* notreached */ + } + + /* Parent */ + close(sp[1]); + xmove_fd(sp[0], network_fd); +} +#endif + static void NOINLINE retrieve_file_data(FILE *dfp) { #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT @@ -775,13 +814,19 @@ static void download_one_url(const char *url) /* Open socket to http(s) server */ if (target.protocol == P_HTTPS) { +/* openssl-based helper + * Inconvenient API since we can't give it an open fd, + */ int fd = spawn_https_helper(server.host, server.port); sfp = fdopen(fd, "r+"); if (!sfp) bb_perror_msg_and_die(bb_msg_memory_exhausted); } else sfp = open_socket(lsa); - +#if SSL_HELPER + if (target.protocol == P_HTTPS) + spawn_https_helper1(fileno(sfp)); +#endif /* Send HTTP request */ if (use_proxy) { fprintf(sfp, "GET %s://%s/%s HTTP/1.1\r\n", |