On Sat, Dec 16, 2000 at 09:30:11AM -0500, Raul Miller wrote: > On Sat, Dec 16, 2000 at 03:44:21AM -0500, Brian Ristuccia wrote: > > This isn't neccessary. It's possible to create two sockets with > > socketpair(), and fork(). Then close FD's 0 and 1 in the child and clone one > > of the socket FD's onto FD's 0 and 1 before closing it. Then you can exec() > > openssl s_client or stunnel -c and use the socket in the parent just like > > one you would have called connect() on. > > Hmm.. there's race conditions with that approach, and the code > isn't really designed in a fashion which lets me see whether they're > dealt with properly. The documentation I've found isn't particularly > encouraging. From openssl.pod: > > s_client ... "It's intended for testing purposes only". >
stunnel might be a better tool for this, since it returns determinate error levels when there's a problem. Also, read() and write() calls on the socket FD that's talking to stunnel will fail in a manner similer to if a TCP/IP connection is lost should stunnel die or get killed. -- Brian Ristuccia [EMAIL PROTECTED] [EMAIL PROTECTED]
