i'm working on a stripped down stunnel replacement which is based on matrixssl called matrixtunnel. i'm relatively unseasoned in things like socket programming and ssl, so i'd like some feedback concerning the code. additionally for some reason tunnelling https does not work with safari (but only when matrixtunnel runs on wrt/mipsel). ie and firefox work perfectly.
e.g.: matrixtunnel -a servCert.pem -p privkeySrv.pem -d 443 -r 80
this reads the certivication and privkey files (stolen from matrixssl examples) and creates a tunnel from ssl port to http port. so it is possible to connect to the busybox http server with https.
runs on linux and mac os x.
what's not working:
client mode is not tested. don't know if it works now. certification validation is not tested and will not work (i beleive).
things which could be a problem
code uses fork to handle multiple requests. perhaps it would be better to use pthreads?
svn co http://znerol.ch/svn/matrixtunnel/
compiling for host machine
cp matrixtunnel/package/openwrt /path/to/openwrt-sdk/package/matrixtunnel
building matrixssl before compiling matrixtunnel is nessesary.
any feedback, future ideas and tips on how to fix support for safari is very appreciated.