X-Git-Url: http://www.git.cypherpunks.ru/?p=ucspi.git;a=blobdiff_plain;f=cmd%2Ftlss%2Fmain.go;h=752204a8e1938a51df5d383f1144dfa7292c8b82;hp=c0f7a09f443da23151236219e1ed39da006d3f80;hb=f519c4e470d63240c045c27951df3ed9de0471e9;hpb=c39958cb57c7a598f668a15a3d793a2ab708b193

diff --git a/cmd/tlss/main.go b/cmd/tlss/main.go
index c0f7a09..752204a 100644
--- a/cmd/tlss/main.go
+++ b/cmd/tlss/main.go
@@ -1,6 +1,6 @@
 /*
 ucspi/cmd/tlsc -- UCSPI TLS server
-Copyright (C) 2021 Sergey Matveev <stargrave@stargrave.org>
+Copyright (C) 2021-2022 Sergey Matveev <stargrave@stargrave.org>
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
@@ -22,6 +22,7 @@ import (
 	"crypto/x509"
 	"flag"
 	"fmt"
+	"io"
 	"log"
 	"os"
 	"os/exec"
@@ -53,7 +54,7 @@ func main() {
 	}
 	var cas *x509.CertPool
 	if *casPath != "" {
-		cas, err = ucspi.CertPoolFromFile(*casPath)
+		_, cas, err = ucspi.CertPoolFromFile(*casPath)
 		if err != nil {
 			log.Fatalln(err)
 		}
@@ -70,7 +71,7 @@ func main() {
 		cfg.ClientAuth = tls.RequireAndVerifyClientCert
 	}
 
-	conn := &ucspi.Conn{R: os.Stdin, W: os.Stdout}
+	conn, _ := ucspi.NewConn(os.Stdin, os.Stdout)
 	tlsConn := tls.Server(conn, cfg)
 	if err = tlsConn.Handshake(); err != nil {
 		log.Fatalln(err)
@@ -80,10 +81,18 @@ func main() {
 		dn = tlsConn.ConnectionState().PeerCertificates[0].Subject.String()
 	}
 
+	rr, rw, err := os.Pipe()
+	if err != nil {
+		log.Fatalln(err)
+	}
+	wr, ww, err := os.Pipe()
+	if err != nil {
+		log.Fatalln(err)
+	}
 	args := flag.Args()
 	cmd := exec.Command(args[0], args[1:]...)
-	cmd.Stdin = tlsConn
-	cmd.Stdout = tlsConn
+	cmd.Stdin = rr
+	cmd.Stdout = ww
 	cmd.Stderr = os.Stderr
 	cmd.Env = append(os.Environ(), "PROTO=TLS")
 	if dn != "" {
@@ -93,7 +102,20 @@ func main() {
 	if err = cmd.Start(); err != nil {
 		log.Fatalln(err)
 	}
-	if _, err = cmd.Process.Wait(); err != nil {
+	worker := make(chan struct{})
+	go func() {
+		io.Copy(rw, tlsConn)
+		rw.Close()
+	}()
+	go func() {
+		io.Copy(tlsConn, wr)
+		tlsConn.Close()
+		close(worker)
+	}()
+	err = cmd.Wait()
+	ww.Close()
+	<-worker
+	if err != nil {
 		log.Fatalln(err)
 	}
 }