diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-18 00:49:46 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-18 00:56:40 +0100 |
| commit | 42a8f9813716ed3495b6f49edea429b127eef0f0 (patch) | |
| tree | 616e5c25b1f16d661f842d96f059680668006c6d /lacme | |
| parent | d72df441f86f759bf143df745ff13fd9b90597bf (diff) | |
accountd: replace internal option --conn-fd=FD with flag --stdio.
Using stdin/stdout makes it possible to tunnel the accountd connection
through ssh.
Diffstat (limited to 'lacme')
| -rwxr-xr-x | lacme | 6 |
1 files changed, 4 insertions, 2 deletions
@@ -504,10 +504,12 @@ sub acme_client($@) { my $pid = fork() // "fork: $!"; unless ($pid) { drop_privileges($accountd->{user}, $accountd->{group}, '/'); - set_FD_CLOEXEC($s, 0); + set_FD_CLOEXEC($s, 1); $client->close() or die "close: $!"; + open STDIN, '<&', $s or die "dup: $!"; + open STDOUT, '>&', $s or die "dup: $!"; my ($cmd, @args) = split(/\s+/, $accountd->{command}) or die "Empty accountd command\n"; - push @args, '--conn-fd='.fileno($s); + push @args, '--stdio'; push @args, '--config='.$accountd->{config} if defined $accountd->{config}; push @args, '--privkey='.$accountd->{privkey} if defined $accountd->{privkey}; push @args, '--quiet' unless lc $accountd->{quiet} eq 'no'; |