tlsgate

TLS reverse proxy
git clone git://git.akobets.xyz/tlsgate
Log | Files | Refs | README | LICENSE

commit d70e99a0e0eaadb4c064bbab18cbcf396d9596b8
parent 09d51900482fdd8494ea54ac30133366059ac338
Author: Artem Kobets <artem@akobets.xyz>
Date:   Wed,  2 Sep 2020 15:56:27 +0300

style tweaks

Diffstat:
Mmain.c | 31+++++++++++++++++--------------
Mserve.c | 29++++++++---------------------
Msock.c | 14+++++++-------
3 files changed, 32 insertions(+), 42 deletions(-)

diff --git a/main.c b/main.c @@ -25,7 +25,7 @@ static char *argv0; void sigchld(int unused) { - while (waitpid(-1, NULL, WNOHANG) > 0); + while (wait(NULL) != -1); } void @@ -112,7 +112,7 @@ main(int argc, char **argv) /* process limit */ rlim.rlim_cur = rlim.rlim_max = maxnprocs; - if (setrlimit(RLIMIT_NPROC, &rlim) < 0) + if (setrlimit(RLIMIT_NPROC, &rlim) == -1) die("setrlimit RLIMIT_NPROC: %s\n", strerror(errno)); /* setup tls */ @@ -120,15 +120,15 @@ main(int argc, char **argv) die("tls_server: %s\n", strerror(errno)); if ((config = tls_config_new()) == NULL) die("tls_config_new: %s\n", strerror(errno)); - if (tls_config_set_cert_file(config, cert_file) < 0) + if (tls_config_set_cert_file(config, cert_file) == -1) die("tls_config_set_cert_file: %s\n", strerror(errno)); - if (tls_config_set_key_file(config, key_file) < 0) + if (tls_config_set_key_file(config, key_file) == -1) die("tls_config_set_key_file: %s\n", strerror(errno)); if (ca_file != NULL) { - if (tls_config_set_ca_file(config, ca_file) < 0) + if (tls_config_set_ca_file(config, ca_file) == -1) die("tls_config_set_ca_file: %s\n", strerror(errno)); } - if (tls_configure(ctx, config) < 0) + if (tls_configure(ctx, config) == -1) die("tls_configure: %s\n", strerror(errno)); /* setup server socket */ @@ -143,10 +143,9 @@ main(int argc, char **argv) while (1) { int pid; - int cfd = -1, clientfd = -1; - struct tls *cctx = NULL; + int cfd = -1; - if ((cfd = accept(fd, NULL, NULL)) < 0) { + if ((cfd = accept(fd, NULL, NULL)) == -1) { /* can be interrupted with SIGCHLD */ if (errno != EINTR) warn("accept: %s\n", strerror(errno)); @@ -154,18 +153,21 @@ main(int argc, char **argv) } switch (pid = fork()) { - case 0: + case 0: { + struct tls *cctx = NULL; + int clientfd = -1; + close(fd); if (sock_set_timeout(cfd, SOCK_TIMEOUT_SECS) == -1) goto cleanup; /* start tls */ - if (tls_accept_socket(ctx, &cctx, cfd) < 0) { + if (tls_accept_socket(ctx, &cctx, cfd) == -1) { warn("tls_accept_socket: %s\n", strerror(errno)); goto cleanup; } - if (tls_handshake(cctx) < 0) { + if (tls_handshake(cctx) == -1) { warn("tls_handshake: %s\n", tls_error(cctx)); goto cleanup; } @@ -174,7 +176,7 @@ main(int argc, char **argv) clientfd = client_udsfile ? sock_client_uds(client_udsfile) : sock_client_ips(client_host, client_port); - if (clientfd < 0) + if (clientfd == -1) goto cleanup; if (sock_set_timeout(clientfd, SOCK_TIMEOUT_SECS) == -1) goto cleanup; @@ -188,10 +190,11 @@ cleanup: } shutdown(cfd, SHUT_RDWR); close(cfd); - if (clientfd >= 0) + if (clientfd != -1) close(clientfd); _exit(EXIT_SUCCESS); break; + } case -1: warn("fork: %s\n", strerror(errno)); /* fallthrough */ diff --git a/serve.c b/serve.c @@ -14,16 +14,11 @@ #define BUFMAX 4096 void -serve( - struct tls *ctx, - int fd -) +serve(struct tls *ctx, int fd) { int pid; - char buf[BUFMAX]; - pid = fork(); - if (pid < 0) { + if (pid == -1) { warn("fork: %s\n", strerror(errno)); tls_close(ctx); shutdown(fd, SHUT_RDWR); @@ -34,15 +29,12 @@ serve( * until one of the connections is terminated */ if (pid == 0) { while (1) { + char buf[BUFMAX]; ssize_t nread, nwrite; nread = read(fd, buf, sizeof(buf)); - if (nread < 0) { - break; - } - if (nread == 0) { + if (nread == -1 || nread == 0) break; - } while (1) { nwrite = tls_write(ctx, buf, nread); @@ -55,15 +47,15 @@ serve( break; } } - if (nwrite < 0) { + if (nwrite == -1) break; - } } tls_close(ctx); shutdown(fd, SHUT_RDWR); _exit(EXIT_SUCCESS); } else { while (1) { + char buf[BUFMAX]; ssize_t nread, nwrite; while (1) { @@ -77,17 +69,12 @@ serve( break; } } - if (nread < 0) { + if (nread == -1 || nread == 0) break; - } - if (nread == 0) { - break; - } nwrite = write(fd, buf, nread); - if (nwrite < 0) { + if (nwrite == -1) break; - } } tls_close(ctx); shutdown(fd, SHUT_RDWR); diff --git a/sock.c b/sock.c @@ -30,11 +30,11 @@ sock_server_ips(const char *host, const char *port) for (p = ai; p != NULL; p = p->ai_next) { fd = socket(p->ai_family, p->ai_socktype, p->ai_protocol); - if (fd < 0) + if (fd == -1) continue; - if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval)) < 0) + if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval)) == -1) die("setsockopt: %s\n", strerror(errno)); - if (bind(fd, p->ai_addr, p->ai_addrlen) < 0) { + if (bind(fd, p->ai_addr, p->ai_addrlen) == -1) { close(fd); } else { break; @@ -48,7 +48,7 @@ sock_server_ips(const char *host, const char *port) port ); - if (listen(fd, SOMAXCONN) < 0) + if (listen(fd, SOMAXCONN) == -1) die("listen: %s\n", strerror(errno)); return fd; @@ -73,9 +73,9 @@ sock_client_ips(const char *host, const char *port) for (p = ai; p != NULL; p = p->ai_next) { fd = socket(p->ai_family, p->ai_socktype, p->ai_protocol); - if (fd < 0) + if (fd == -1) continue; - if (connect(fd, p->ai_addr, p->ai_addrlen) < 0) { + if (connect(fd, p->ai_addr, p->ai_addrlen) == -1) { close(fd); } else { break; @@ -100,7 +100,7 @@ sock_client_uds(const char *file) int fd; struct sockaddr_un addr; - if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) { + if ((fd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) { warn("socket: %s\n", strerror(errno)); return -1; }