--- s_server.c.orig	Sat Nov 11 23:11:18 2000
+++ s_server.c	Sun Dec 24 13:32:40 2000
@@ -222,6 +222,10 @@
 static char *exec_pgm = NULL;
 #endif /*NO_EXEC*/
 
+/* Raphael Bossek <bossekr@debian.org> */
+static char PIDfilename[255] = "";
+static int with_pid = 1;
+
 static void sv_usage()
 	{
 	BIO_printf(bio_err,"usage: sslwrap [args ...]\n");
@@ -252,6 +256,7 @@
 	BIO_printf(bio_err," -ssl2         - Just talk SSLv2\n");
 	BIO_printf(bio_err," -ssl3         - Just talk SSLv3\n");
 	BIO_printf(bio_err," -bugs         - Turn on SSL bug compatability\n");
+	BIO_printf(bio_err," -without_pid  - Do not create /var/run/sslwrap$PORT.pid file (default with parent PID == 1)\n");
 	}
 
 static int local_argc;
@@ -404,6 +409,8 @@
 		else if	(strcmp(*argv,"-ssl3") == 0)
 			{ meth=SSLv3_server_method(); }
 #endif
+		else if (strcmp(*argv,"-without_pid") == 0)
+			{ with_pid = 0; }
 		else
 			{
 			BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -435,6 +442,34 @@
 		goto end;
 		}
 
+	/* Raphael Bossek <bossekr@debian.org>
+	 *   XXX: Fork into background and save port specific PID file
+	 *	so we can stop services related on the port they are
+	 *	running :-) */
+	{
+		FILE *fp;
+		switch(fork())
+		{
+		case -1:
+			BIO_printf(bio_err,"cannot fork into background !\n");
+			goto end;
+		case 0:
+			if (with_pid) {
+				sprintf(PIDfilename, "/var/run/sslwrap%d.pid", port);
+				fp = fopen(PIDfilename, "w+");
+				if (fp == NULL) {
+					BIO_printf(bio_err,"cannot write PID file !\n");
+					goto end;
+				}
+				fprintf(fp, "%u", getpid());
+				fclose(fp);
+			}
+			break;
+		default:
+			goto end;
+		}
+	}
+
 	if (bio_s_out == NULL)
 		{
 		if (s_quiet && !s_debug)
@@ -585,6 +620,22 @@
 	BIO_printf(bio,"%4d callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx));
 	}
 
+/* Raphael Bossek <bossekr@debian.org>
+ * XXX: Signal handling is missing so we can stop/restart sslwrap
+ *      from /etc/init.d/sslwrap. */
+static int quit_now = 0;
+
+static void quit_sig_handle (int unused)
+{
+	(void)unused;
+	if (with_pid) {
+		unlink(PIDfilename);
+		with_pid = 0;
+	}
+	quit_now = 1;
+}
+/* -- Raphael Bossek <bossekr@debian.org> */
+
 static int sv_body(hostname, s_stdin, s_stdout)
 char *hostname;
 int s_stdin;
@@ -599,7 +650,13 @@
 	BIO *sbi, *sbo;
 	int s_in, s_out;
 	struct sockaddr_in srvr;
-	
+	/* Raphael Bossek <bossekr@debian.org>
+	 * XXX: Signal handling is missing so we can stop/restart sslwrap
+	 *      from /etc/init.d/sslwrap. */
+	sigset_t block_set;
+	struct sigaction quit_action;
+	/* -- Raphael Bossek <bossekr@debian.org> */
+
 	if (dstPort) {
 	    s_in = s_out = socket( AF_INET, SOCK_STREAM, 0 );
 	    
@@ -639,12 +696,35 @@
 	SSL_set_accept_state(con);
 	/* SSL_set_fd(con,s); */
 
+	/* Raphael Bossek <bossekr@debian.org>
+	 * XXX: Signal handling is missing so we can stop/restart sslwrap
+	 *      from /etc/init.d/sslwrap. */
+	sigemptyset(&block_set);
+	sigaddset(&block_set, SIGINT);
+	sigaddset(&block_set, SIGTERM);
+
+	quit_action.sa_handler = quit_sig_handle;
+	sigemptyset(&quit_action.sa_mask);
+	quit_action.sa_flags = SA_RESTART;
+	sigaction(SIGINT, &quit_action, NULL);
+	sigaction(SIGTERM, &quit_action, NULL);
+	/* -- Raphael Bossek <bossekr@debian.org> */
+
 	width=s_stdin;
 	if (s_stdout > width) width = s_stdout;
 	if (s_in > width) width = s_in;
 	width++;
 	for(;;)
 		{
+		/* Raphael Bossek <bossekr@debian.org>
+		 * XXX: Signal handling is missing so we can stop/restart sslwrap
+		 *      from /etc/init.d/sslwrap. */
+		sigprocmask(SIG_SETMASK, &block_set, NULL);
+
+		if( quit_now == 1 )
+			goto err;
+		/* -- Raphael Bossek <bossekr@debian.org> */
+
 		FD_ZERO(&readfds);
 		FD_SET(s_in,&readfds);
 		FD_SET(s_stdin,&readfds);