[openssl] openssl-3.0 update
Matt Caswell
matt at openssl.org
Wed Dec 29 15:53:28 UTC 2021
The branch openssl-3.0 has been updated
via 5713edd873e87a620fbb8be90c7bc1a51fa43c5c (commit)
from db82fa2ac4ac9bed62e82d96561964aee9969d6b (commit)
- Log -----------------------------------------------------------------
commit 5713edd873e87a620fbb8be90c7bc1a51fa43c5c
Author: Matt Caswell <matt at openssl.org>
Date: Thu Dec 9 16:27:47 2021 +0000
Ensure s_client sends SNI data when used with -proxy
The use of -proxy prevented s_client from correctly sending the target
hostname as SNI data.
Fixes #17232
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17248)
(cherry picked from commit ea24196ef224d3aa3aaecb8000004bb7a0a100a2)
-----------------------------------------------------------------------
Summary of changes:
apps/s_client.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/apps/s_client.c b/apps/s_client.c
index 30a9b34ccb..3240467fb2 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -843,6 +843,7 @@ int s_client_main(int argc, char **argv)
struct timeval tv;
#endif
const char *servername = NULL;
+ char *sname_alloc = NULL;
int noservername = 0;
const char *alpn_in = NULL;
tlsextctx tlsextcbp = { NULL, 0 };
@@ -1530,6 +1531,14 @@ int s_client_main(int argc, char **argv)
goto opthelp;
}
+ if (servername == NULL && !noservername) {
+ servername = sname_alloc = OPENSSL_strdup(host);
+ if (sname_alloc == NULL) {
+ BIO_printf(bio_err, "%s: out of memory\n", prog);
+ goto end;
+ }
+ }
+
/* Retain the original target host:port for use in the HTTP proxy connect string */
thost = OPENSSL_strdup(host);
tport = OPENSSL_strdup(port);
@@ -3038,6 +3047,7 @@ int s_client_main(int argc, char **argv)
#ifndef OPENSSL_NO_SRP
OPENSSL_free(srp_arg.srppassin);
#endif
+ OPENSSL_free(sname_alloc);
OPENSSL_free(connectstr);
OPENSSL_free(bindstr);
OPENSSL_free(bindhost);
More information about the openssl-commits
mailing list