[openssl] master update
Matt Caswell
matt at openssl.org
Wed Dec 29 15:53:20 UTC 2021
The branch master has been updated
via ea24196ef224d3aa3aaecb8000004bb7a0a100a2 (commit)
from ff7cdc15875293a330831a80d83edbafd25a9d36 (commit)
- Log -----------------------------------------------------------------
commit ea24196ef224d3aa3aaecb8000004bb7a0a100a2
Author: Matt Caswell <matt at openssl.org>
Date: Thu Dec 9 16:27:47 2021 +0000
Ensure s_client sends SNI data when used with -proxy
The use of -proxy prevented s_client from correctly sending the target
hostname as SNI data.
Fixes #17232
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17248)
-----------------------------------------------------------------------
Summary of changes:
apps/s_client.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/apps/s_client.c b/apps/s_client.c
index cdff15a1b6..1d73e1b39e 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -847,6 +847,7 @@ int s_client_main(int argc, char **argv)
struct timeval tv;
#endif
const char *servername = NULL;
+ char *sname_alloc = NULL;
int noservername = 0;
const char *alpn_in = NULL;
tlsextctx tlsextcbp = { NULL, 0 };
@@ -1541,6 +1542,14 @@ int s_client_main(int argc, char **argv)
goto opthelp;
}
+ if (servername == NULL && !noservername) {
+ servername = sname_alloc = OPENSSL_strdup(host);
+ if (sname_alloc == NULL) {
+ BIO_printf(bio_err, "%s: out of memory\n", prog);
+ goto end;
+ }
+ }
+
/* Retain the original target host:port for use in the HTTP proxy connect string */
thost = OPENSSL_strdup(host);
tport = OPENSSL_strdup(port);
@@ -3053,6 +3062,7 @@ int s_client_main(int argc, char **argv)
#ifndef OPENSSL_NO_SRP
OPENSSL_free(srp_arg.srppassin);
#endif
+ OPENSSL_free(sname_alloc);
OPENSSL_free(connectstr);
OPENSSL_free(bindstr);
OPENSSL_free(bindhost);
More information about the openssl-commits
mailing list