summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko <vda.linux@googlemail.com>2014-02-23 22:39:47 (GMT)
committer Denys Vlasenko <vda.linux@googlemail.com>2014-02-23 22:39:47 (GMT)
commit53315570bb77534d828b3cf1f06b2ca286da4962 (patch)
treea68b1f5e4b5b6d70bbdd99e64d8fc7e4f79eb087
parentd82046f59f8b3d338bcfe6aa3b786e13c5c54ee3 (diff)
downloadbusybox-53315570bb77534d828b3cf1f06b2ca286da4962.tar.gz
busybox-53315570bb77534d828b3cf1f06b2ca286da4962.tar.bz2
wget: add commented-out code to use ssl_helper instead of openssl
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--networking/wget.c49
1 files changed, 47 insertions, 2 deletions
diff --git a/networking/wget.c b/networking/wget.c
index dfea3d4..3d9a1b3 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -527,12 +527,51 @@ static int spawn_https_helper(const char *host, unsigned port)
/* notreached */
}
- /* parent process */
+ /* Parent */
free(allocated);
close(sp[1]);
return sp[0];
}
+/* See networking/ssl_helper/README */
+#define SSL_HELPER 0
+
+#if SSL_HELPER
+static void spawn_https_helper1(int network_fd)
+{
+ int sp[2];
+ int pid;
+
+ if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
+ /* Kernel can have AF_UNIX support disabled */
+ bb_perror_msg_and_die("socketpair");
+
+ pid = BB_MMU ? xfork() : xvfork();
+ if (pid == 0) {
+ /* Child */
+ char *argv[3];
+
+ close(sp[0]);
+ xmove_fd(sp[1], 0);
+ xdup2(0, 1);
+ xmove_fd(network_fd, 3);
+ /*
+ * A simple ssl/tls helper
+ */
+ argv[0] = (char*)"ssl_helper";
+ argv[1] = (char*)"-d3";
+ argv[2] = NULL;
+ BB_EXECVP(argv[0], argv);
+ bb_perror_msg_and_die("can't execute '%s'", argv[0]);
+ /* notreached */
+ }
+
+ /* Parent */
+ close(sp[1]);
+ xmove_fd(sp[0], network_fd);
+}
+#endif
+
static void NOINLINE retrieve_file_data(FILE *dfp)
{
#if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
@@ -775,13 +814,19 @@ static void download_one_url(const char *url)
/* Open socket to http(s) server */
if (target.protocol == P_HTTPS) {
+/* openssl-based helper
+ * Inconvenient API since we can't give it an open fd,
+ */
int fd = spawn_https_helper(server.host, server.port);
sfp = fdopen(fd, "r+");
if (!sfp)
bb_perror_msg_and_die(bb_msg_memory_exhausted);
} else
sfp = open_socket(lsa);
-
+#if SSL_HELPER
+ if (target.protocol == P_HTTPS)
+ spawn_https_helper1(fileno(sfp));
+#endif
/* Send HTTP request */
if (use_proxy) {
fprintf(sfp, "GET %s://%s/%s HTTP/1.1\r\n",