mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-05-28 08:12:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add state assertions to redbean Lua APIs

Browse source 
Many of the API functions provided by redbean are only appropriate to
call in certain contexts, such as request handling or .init.lua, etc.
For example, Fetch can't be called from the global scope of .init.lua
because SSL hasn't been configured yet. Earlier if this happened then
redbean would crash, which was confusing. What we'll do now is show a
friendly error message. See #97

This change also undocuments redbean ssl compression support since it
seems to be causing a flake in the testing infrastructure.
This commit is contained in:
Justine Tunney 2021-08-09 14:45:52 -07:00
parent 3bfb7580c5
commit ee7e296339
7 changed files with 165 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

19
tool/build/lib/eztls.c
View file

@ -43,7 +43,7 @@ static char *EzTlsError(int r) {
return b;
}
static wontreturn void EzTlsDie(const char *s, int r) {
void EzTlsDie(const char *s, int r) {
if (IsTiny()) {
fprintf(stderr, "error: %s (-0x%04x %s)\n", s, -r, EzTlsError(r));
} else {
@ -104,8 +104,6 @@ int EzTlsFlush(struct EzTlsBio *bio, const unsigned char *buf, size_t len) {
v[1].iov_len = len;
if (EzWritevAll(bio->fd, v, 2) != -1) {
if (bio->c > 0) bio->c = 0;
} else if (errno == EINTR) {
return MBEDTLS_ERR_NET_CONN_RESET;
} else if (errno == EAGAIN) {
return MBEDTLS_ERR_SSL_TIMEOUT;
} else if (errno == EPIPE || errno == ECONNRESET || errno == ENETRESET) {
@ -167,6 +165,20 @@ static int EzTlsRecv(void *ctx, unsigned char *buf, size_t len, uint32_t tmo) {
return EzTlsRecvImpl(ctx, buf, len, tmo);
}
void EzHandshake(void) {
int rc;
while ((rc = mbedtls_ssl_handshake(&ezssl))) {
if (rc != MBEDTLS_ERR_SSL_WANT_READ) {
EzTlsDie("handshake failed", rc);
}
}
while ((rc = EzTlsFlush(&ezbio, 0, 0))) {
if (rc != MBEDTLS_ERR_SSL_WANT_READ) {
EzTlsDie("handshake flush failed", rc);
}
}
}
/*
* openssl s_client -connect 127.0.0.1:31337 \
* -psk $(hex <~/.runit.psk) \
@ -176,6 +188,7 @@ static int EzTlsRecv(void *ctx, unsigned char *buf, size_t len, uint32_t tmo) {
void SetupPresharedKeySsl(int endpoint) {
xsigaction(SIGPIPE, SIG_IGN, 0, 0, 0);
EzInitializeRng(&ezrng);
ezconf.disable_compression = 1; /* TODO(jart): Why does it behave weirdly? */
mbedtls_ssl_config_defaults(&ezconf, endpoint, MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_SUITEC);
mbedtls_ssl_conf_rng(&ezconf, mbedtls_ctr_drbg_random, &ezrng);