[git commit] wget: add commented-out code to use ssl_helper instead of openssl

Denys Vlasenko vda.linux at googlemail.com
Sun Feb 23 22:39:47 UTC 2014


commit: http://git.busybox.net/busybox/commit/?id=53315570bb77534d828b3cf1f06b2ca286da4962
branch: http://git.busybox.net/busybox/commit/?id=refs/heads/master

Signed-off-by: Denys Vlasenko <vda.linux at googlemail.com>
---
 networking/wget.c |   49 +++++++++++++++++++++++++++++++++++++++++++++++--
 1 files changed, 47 insertions(+), 2 deletions(-)

diff --git a/networking/wget.c b/networking/wget.c
index dfea3d4..3d9a1b3 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -527,12 +527,51 @@ static int spawn_https_helper(const char *host, unsigned port)
 		/* notreached */
 	}
 
-	/* parent process */
+	/* Parent */
 	free(allocated);
 	close(sp[1]);
 	return sp[0];
 }
 
+/* See networking/ssl_helper/README */
+#define SSL_HELPER 0
+
+#if SSL_HELPER
+static void spawn_https_helper1(int network_fd)
+{
+	int sp[2];
+	int pid;
+
+	if (socketpair(AF_UNIX, SOCK_STREAM, 0, sp) != 0)
+		/* Kernel can have AF_UNIX support disabled */
+		bb_perror_msg_and_die("socketpair");
+
+	pid = BB_MMU ? xfork() : xvfork();
+	if (pid == 0) {
+		/* Child */
+		char *argv[3];
+
+		close(sp[0]);
+		xmove_fd(sp[1], 0);
+		xdup2(0, 1);
+		xmove_fd(network_fd, 3);
+		/*
+		 * A simple ssl/tls helper
+		 */
+		argv[0] = (char*)"ssl_helper";
+		argv[1] = (char*)"-d3";
+		argv[2] = NULL;
+		BB_EXECVP(argv[0], argv);
+		bb_perror_msg_and_die("can't execute '%s'", argv[0]);
+		/* notreached */
+	}
+
+	/* Parent */
+	close(sp[1]);
+	xmove_fd(sp[0], network_fd);
+}
+#endif
+
 static void NOINLINE retrieve_file_data(FILE *dfp)
 {
 #if ENABLE_FEATURE_WGET_STATUSBAR || ENABLE_FEATURE_WGET_TIMEOUT
@@ -775,13 +814,19 @@ static void download_one_url(const char *url)
 
 		/* Open socket to http(s) server */
 		if (target.protocol == P_HTTPS) {
+/* openssl-based helper
+ * Inconvenient API since we can't give it an open fd,
+ */
 			int fd = spawn_https_helper(server.host, server.port);
 			sfp = fdopen(fd, "r+");
 			if (!sfp)
 				bb_perror_msg_and_die(bb_msg_memory_exhausted);
 		} else
 			sfp = open_socket(lsa);
-
+#if SSL_HELPER
+		if (target.protocol == P_HTTPS)
+			spawn_https_helper1(fileno(sfp));
+#endif
 		/* Send HTTP request */
 		if (use_proxy) {
 			fprintf(sfp, "GET %s://%s/%s HTTP/1.1\r\n",


More information about the busybox-cvs mailing list