Unify copyright comment format

[ucspi.git] / cmd / tlss / main.go

diff --git a/cmd/tlss/main.go b/cmd/tlss/main.go
index c0f7a09f443da23151236219e1ed39da006d3f80..2bbc52ba4380ebea2579b7d4b7484d6f7450c9ac 100644 (file)
--- a/cmd/tlss/main.go
+++ b/cmd/tlss/main.go
@@ -1,19 +1,17 @@
-/*
-ucspi/cmd/tlsc -- UCSPI TLS server
-Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
-
-This program is free software: you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation, version 3 of the License.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program.  If not, see <http://www.gnu.org/licenses/>.
-*/
+// ucspi/cmd/tlss -- UCSPI TCP proxy server
+// Copyright (C) 2021-2024 Sergey Matveev <stargrave@stargrave.org>
+//
+// This program is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, version 3 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 package main
 
@@ -22,6 +20,7 @@ import (
        "crypto/x509"
        "flag"
        "fmt"
+       "io"
        "log"
        "os"
        "os/exec"
@@ -53,7 +52,7 @@ func main() {
        }
        var cas *x509.CertPool
        if *casPath != "" {
-               cas, err = ucspi.CertPoolFromFile(*casPath)
+               _, cas, err = ucspi.CertPoolFromFile(*casPath)
                if err != nil {
                        log.Fatalln(err)
                }
@@ -70,7 +69,7 @@ func main() {
                cfg.ClientAuth = tls.RequireAndVerifyClientCert
        }
 
-       conn := &ucspi.Conn{R: os.Stdin, W: os.Stdout}
+       conn, _ := ucspi.NewConn(os.Stdin, os.Stdout)
        tlsConn := tls.Server(conn, cfg)
        if err = tlsConn.Handshake(); err != nil {
                log.Fatalln(err)
@@ -80,10 +79,18 @@ func main() {
                dn = tlsConn.ConnectionState().PeerCertificates[0].Subject.String()
        }
 
+       rr, rw, err := os.Pipe()
+       if err != nil {
+               log.Fatalln(err)
+       }
+       wr, ww, err := os.Pipe()
+       if err != nil {
+               log.Fatalln(err)
+       }
        args := flag.Args()
        cmd := exec.Command(args[0], args[1:]...)
-       cmd.Stdin = tlsConn
-       cmd.Stdout = tlsConn
+       cmd.Stdin = rr
+       cmd.Stdout = ww
        cmd.Stderr = os.Stderr
        cmd.Env = append(os.Environ(), "PROTO=TLS")
        if dn != "" {
@@ -93,7 +100,20 @@ func main() {
        if err = cmd.Start(); err != nil {
                log.Fatalln(err)
        }
-       if _, err = cmd.Process.Wait(); err != nil {
+       worker := make(chan struct{})
+       go func() {
+               io.Copy(rw, tlsConn)
+               rw.Close()
+       }()
+       go func() {
+               io.Copy(tlsConn, wr)
+               tlsConn.Close()
+               close(worker)
+       }()
+       err = cmd.Wait()
+       ww.Close()
+       <-worker
+       if err != nil {
                log.Fatalln(err)
        }
 }