diff options
author | Matt Caswell <matt@openssl.org> | 2021-12-09 16:27:47 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-12-29 15:44:52 +0000 |
commit | 5713edd873e87a620fbb8be90c7bc1a51fa43c5c (patch) | |
tree | 9fc53fcc81c985a3430070dc1a6fd8fca156cecf /apps | |
parent | db82fa2ac4ac9bed62e82d96561964aee9969d6b (diff) |
Ensure s_client sends SNI data when used with -proxy
The use of -proxy prevented s_client from correctly sending the target
hostname as SNI data.
Fixes #17232
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17248)
(cherry picked from commit ea24196ef224d3aa3aaecb8000004bb7a0a100a2)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/s_client.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 30a9b34ccb..3240467fb2 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -843,6 +843,7 @@ int s_client_main(int argc, char **argv) struct timeval tv; #endif const char *servername = NULL; + char *sname_alloc = NULL; int noservername = 0; const char *alpn_in = NULL; tlsextctx tlsextcbp = { NULL, 0 }; @@ -1530,6 +1531,14 @@ int s_client_main(int argc, char **argv) goto opthelp; } + if (servername == NULL && !noservername) { + servername = sname_alloc = OPENSSL_strdup(host); + if (sname_alloc == NULL) { + BIO_printf(bio_err, "%s: out of memory\n", prog); + goto end; + } + } + /* Retain the original target host:port for use in the HTTP proxy connect string */ thost = OPENSSL_strdup(host); tport = OPENSSL_strdup(port); @@ -3038,6 +3047,7 @@ int s_client_main(int argc, char **argv) #ifndef OPENSSL_NO_SRP OPENSSL_free(srp_arg.srppassin); #endif + OPENSSL_free(sname_alloc); OPENSSL_free(connectstr); OPENSSL_free(bindstr); OPENSSL_free(bindhost); |