diff options
| author | Vita Batrla <vitezslav.batrla@oracle.com> | 2022-03-18 22:02:50 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2022-05-05 13:36:23 +0200 |
| commit | 802cacf34f2db9111becb4f0d3aa00460df13a19 (patch) | |
| tree | 6043bc8fa7e3dc272efeae8d8594076ee5f30d25 /apps | |
| parent | de56f726e163e99128ff93a04d74a8461f5a724b (diff) | |
s_client -proxy / -starttls shouldn't be mutually exclusive
The option -proxy of openssl s_client works fine. The option
-starttls also works fine. However, try putting both of them
on command line. It breaks, these options don't work together.
The problem is that -proxy option is implemented using starttls_proto
(the option parsing code sets it to PROTO_CONNECT) and -starttls option
overwrites the same variable again based on argument value.
The suggested fix is to independently handle -proxy option before
-starttls so the s_client can connect through HTTP proxy server and
then use STARTTLS command.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17925)
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/s_client.c | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index e4972a2ec7..1ed5f753e6 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -713,7 +713,6 @@ typedef enum PROTOCOL_choice { PROTO_TELNET, PROTO_XMPP, PROTO_XMPP_SERVER, - PROTO_CONNECT, PROTO_IRC, PROTO_MYSQL, PROTO_POSTGRES, @@ -1002,7 +1001,6 @@ int s_client_main(int argc, char **argv) break; case OPT_PROXY: proxystr = opt_arg(); - starttls_proto = PROTO_CONNECT; break; case OPT_PROXY_USER: proxyuser = opt_arg(); @@ -2201,6 +2199,13 @@ int s_client_main(int argc, char **argv) sbuf_len = 0; sbuf_off = 0; + if (proxystr != NULL) { + /* Here we must use the connect string target host & port */ + if (!OSSL_HTTP_proxy_connect(sbio, thost, tport, proxyuser, proxypass, + 0 /* no timeout */, bio_err, prog)) + goto shut; + } + switch ((PROTOCOL_CHOICE) starttls_proto) { case PROTO_OFF: break; @@ -2388,12 +2393,6 @@ int s_client_main(int argc, char **argv) goto shut; } break; - case PROTO_CONNECT: - /* Here we must use the connect string target host & port */ - if (!OSSL_HTTP_proxy_connect(sbio, thost, tport, proxyuser, proxypass, - 0 /* no timeout */, bio_err, prog)) - goto shut; - break; case PROTO_IRC: { int numeric; |