diff options
author | Matt Caswell <matt@openssl.org> | 2021-12-09 16:27:47 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-12-29 15:33:09 +0000 |
commit | ea24196ef224d3aa3aaecb8000004bb7a0a100a2 (patch) | |
tree | b19b5631f5921e04b790e4a83403f3d5c7f3edca /apps/s_client.c | |
parent | ff7cdc15875293a330831a80d83edbafd25a9d36 (diff) |
Ensure s_client sends SNI data when used with -proxy
The use of -proxy prevented s_client from correctly sending the target
hostname as SNI data.
Fixes #17232
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17248)
Diffstat (limited to 'apps/s_client.c')
-rw-r--r-- | apps/s_client.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index cdff15a1b6..1d73e1b39e 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -847,6 +847,7 @@ int s_client_main(int argc, char **argv) struct timeval tv; #endif const char *servername = NULL; + char *sname_alloc = NULL; int noservername = 0; const char *alpn_in = NULL; tlsextctx tlsextcbp = { NULL, 0 }; @@ -1541,6 +1542,14 @@ int s_client_main(int argc, char **argv) goto opthelp; } + if (servername == NULL && !noservername) { + servername = sname_alloc = OPENSSL_strdup(host); + if (sname_alloc == NULL) { + BIO_printf(bio_err, "%s: out of memory\n", prog); + goto end; + } + } + /* Retain the original target host:port for use in the HTTP proxy connect string */ thost = OPENSSL_strdup(host); tport = OPENSSL_strdup(port); @@ -3053,6 +3062,7 @@ int s_client_main(int argc, char **argv) #ifndef OPENSSL_NO_SRP OPENSSL_free(srp_arg.srppassin); #endif + OPENSSL_free(sname_alloc); OPENSSL_free(connectstr); OPENSSL_free(bindstr); OPENSSL_free(bindhost); |