To: stunnel-users@mirt.net
Date: Thu, 12 Jul 2001 20:23:04 -0400
From: "Kristofer T. Karas" <ktk@bigfoot.com>
Subject: [PATCH] Partial fix for unidirectional FD's

[-- Attachment #1 --]
[-- Type: text/plain, Encoding: 7bit, Size: 1.1K --]

Hi All,

I spent much of this afternoon getting very frustrated with stunnel, as
I was trying to do
 
  $ echo -e "GET / HTTP/1.0\n\n" | stunnel -c -r www.host.com:443 > foo.html
 
Nomatter what I did, foo.html came up empty.  So I poked around inside
stunnel, just in case it was an stunnel bug.  It is; well, I suppose I
should call it a "feature" since stunnel, by design, uses only one file
descriptor for the non-SSL half of the connection.  In the example
above, stunnel actually fetches the data from web server, but tries to
send it back through stdin (the pipe) which bombs.

So I hacked together the following patch, attached.

WARNING: this is a quick hack, and may break other functionality.
Socket options are not set on 'stdout' in general, assuming that if
stdin != stdout then neither are sockets.  Some work would be required
before this could be applied to the official stunnel distribution.
However, as a proof of concept, it works for me; YMMV.

Oh, you can ignore the patch to Makefile.in; I simply got tired of
having to build stunnel.pem every time I untar the distro, so omitted it
from 'all:'.
  
Kris