[openssl-users] s_server (and maybe s_client) misbehaves with binary data

Jakob Bohm jb-openssl at wisemo.com
Mon Nov 2 13:37:00 UTC 2015

As with most other "apps" in the openssl binary, the s_server
and s_client commands are useful for multiple purposes:

1. As debug tools

2. As a way to do one-off operations without writing any

3. As back ends for small programs written in scripting
   languages that cannot really call the OpenSSL library

This is about the latter two uses of s_server and s_client to
set up a one-off or scripted secure pipe between two machines.

Unfortunately, the current (1.0.2) version of s_server will
do special and problematic things when encountering some
3-byte sequences (such as "\nq\n") in the data stream.

It would thus be useful for s_server (and if applicable
s_client) to accept the "-binary" option (already provided
by the cms/smime commands), to turn off this behavior and
provide a clean data pass through to/from the other end.
In "-binary" mode, no byte value or sequence of byte value
is special, except that explicit use of the "-crlf" option
still works.


Jakob Bohm, CIO, Partner, WiseMo A/S.  http://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded 	

More information about the openssl-users mailing list