diff options
author | Matt Caswell <matt@openssl.org> | 2021-12-09 16:27:47 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2021-12-29 15:54:18 +0000 |
commit | c680b3f9c1ed6f70d68c3c597ee4e99b4ce0fa55 (patch) | |
tree | 799d6de1438d6ebed639f647c1bc3f870e718737 /apps | |
parent | 5da141ff6c617505777bee174bab8d58f8b7cae5 (diff) |
Ensure s_client sends SNI data when used with -proxy
The use of -proxy prevented s_client from correctly sending the target
hostname as SNI data.
Fixes #17232
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17249)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/s_client.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 121cd1444f..00effc8037 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -938,6 +938,7 @@ int s_client_main(int argc, char **argv) struct timeval tv; #endif const char *servername = NULL; + char *sname_alloc = NULL; int noservername = 0; const char *alpn_in = NULL; tlsextctx tlsextcbp = { NULL, 0 }; @@ -1588,6 +1589,15 @@ int s_client_main(int argc, char **argv) "%s: -proxy argument malformed or ambiguous\n", prog); goto end; } + if (servername == NULL && !noservername) { + res = BIO_parse_hostserv(connectstr, &sname_alloc, NULL, BIO_PARSE_PRIO_HOST); + if (!res) { + BIO_printf(bio_err, + "%s: -connect argument malformed or ambiguous\n", prog); + goto end; + } + servername = sname_alloc; + } } else { int res = 1; char *tmp_host = host, *tmp_port = port; @@ -3149,6 +3159,7 @@ int s_client_main(int argc, char **argv) #ifndef OPENSSL_NO_SRP OPENSSL_free(srp_arg.srppassin); #endif + OPENSSL_free(sname_alloc); OPENSSL_free(connectstr); OPENSSL_free(bindstr); OPENSSL_free(bindhost); |