<html>
<head>
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 02/11/2015 16:13, Richard Moore
wrote:<br>
</div>
<blockquote class=" cite"
id="mid_CAMp7mVvcV5ufZXN0izVvLFErWU_KbZ__6LMH1_i5o1Awiw0azA_mail_gmail_com"
cite="mid:CAMp7mVvcV5ufZXN0izVvLFErWU-KbZ-=6LMH1_i5o1Awiw0azA@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_default"
style="font-family:verdana,sans-serif">There have always been
special commands making s_client unsuitable for this usage -
for example R followed by a newline will renegotiate, and Q
will quit. According to the docs these can be disabled
by -quiet and -ign_eof though I've never tested that myself.</div>
<div class="gmail_default"
style="font-family:verdana,sans-serif"><br>
</div>
</div>
</blockquote>
<tt>Could you point me to where this (non-obvious) relationship <br>
between options ostensibly doing something else and the <br>
desired effect is documented? The 1.0.1* man-page of s_server <br>
certainly doesn't say that.</tt><br>
<blockquote class=" cite"
id="mid_CAMp7mVvcV5ufZXN0izVvLFErWU_KbZ__6LMH1_i5o1Awiw0azA_mail_gmail_com"
cite="mid:CAMp7mVvcV5ufZXN0izVvLFErWU-KbZ-=6LMH1_i5o1Awiw0azA@mail.gmail.com"
type="cite"><br>
<div class="gmail_extra">
<div class="gmail_quote">On 2 November 2015 at 13:37, Jakob Bohm
<span dir="ltr"><<a moz-do-not-send="true"
href="mailto:jb-openssl@wisemo.com" target="_blank">jb-openssl@wisemo.com</a>></span>
wrote:<br>
<blockquote id="Cite_765673" class="gmail_quote cite"
style="margin:0 0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">As with most other "apps" in the
openssl binary, the s_server<br>
and s_client commands are useful for multiple purposes:<br>
<br>
1. As debug tools<br>
<br>
2. As a way to do one-off operations without writing any<br>
code.<br>
<br>
3. As back ends for small programs written in scripting<br>
languages that cannot really call the OpenSSL library<br>
directly.<br>
<br>
This is about the latter two uses of s_server and s_client
to<br>
set up a one-off or scripted secure pipe between two
machines.<br>
<br>
Unfortunately, the current (1.0.2) version of s_server will<br>
do special and problematic things when encountering some<br>
3-byte sequences (such as "\nq\n") in the data stream.<br>
<br>
It would thus be useful for s_server (and if applicable<br>
s_client) to accept the "-binary" option (already provided<br>
by the cms/smime commands), to turn off this behavior and<br>
provide a clean data pass through to/from the other end.<br>
In "-binary" mode, no byte value or sequence of byte value<br>
is special, except that explicit use of the "-crlf" option<br>
still works.<br>
<br>
</blockquote>
</div>
</div>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. <a class="moz-txt-link-freetext" href="http://www.wisemo.com">http://www.wisemo.com</a>
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded </pre>
</body>
</html>