GH1183: Fix -unix and -connect, etc., override

If a user specifies -unix, -6, etc., then the program tries to use the last one specified. This is confusing code and leads to scripting errors. Instead, allow only one type. Reviewed-by: Andy Polyakov <appro@openssl.org>
author: Rich Salz <rsalz@openssl.org> 2016-06-08 12:22:14 -0400
committer: Rich Salz <rsalz@openssl.org> 2016-06-10 10:45:49 -0400
commit: fe08bd76e2b2ffcba0d24b60feec839fcd985ff7 (patch)
tree: 2316d0d25ece4b2bc22fa72e2eab5bd79f6742af /apps
parent: a1bce642c9a704943df3a897d3a7345790d45a43 (diff)
1 files changed, 39 insertions, 45 deletions
diff --git a/apps/s_client.c b/apps/s_client.c
index 4b9880ab99..d990f46bed 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -584,7 +584,9 @@ OPTIONS s_client_options[] = {
     {"unix", OPT_UNIX, 's', "Connect over unix domain sockets"},
 #endif
     {"4", OPT_4, '-', "Use IPv4 only"},
+#ifdef AF_INET6
     {"6", OPT_6, '-', "Use IPv6 only"},
+#endif
     {"verify", OPT_VERIFY, 'p', "Turn on peer certificate verification"},
     {"cert", OPT_CERT, '<', "Certificate file to use, PEM format assumed"},
     {"certform", OPT_CERTFORM, 'F',
@@ -764,6 +766,10 @@ static const OPT_PAIR services[] = {
     {NULL, 0}
 };
 
+#define IS_INET_FLAG(o) \
+ (o == OPT_4 || o == OPT_6 || o == OPT_HOST || o == OPT_PORT || o == OPT_CONNECT)
+#define IS_UNIX_FLAG(o) (o == OPT_UNIX)
+
 int s_client_main(int argc, char **argv)
 {
     BIO *sbio;
@@ -841,6 +847,8 @@ int s_client_main(int argc, char **argv)
     int async = 0;
     unsigned int split_send_fragment = 0;
     unsigned int max_pipelines = 0;
+    enum { use_inet, use_unix, use_unknown } connect_type = use_unknown;
+    int count4or6 = 0;
 
     FD_ZERO(&readfds);
     FD_ZERO(&writefds);
@@ -876,6 +884,19 @@ int s_client_main(int argc, char **argv)
 
     prog = opt_init(argc, argv, s_client_options);
     while ((o = opt_next()) != OPT_EOF) {
+        /* Check for intermixing flags. */
+        if (connect_type == use_unix && IS_INET_FLAG(o)) {
+            BIO_printf(bio_err,
+                "%s: Intermixed protocol flags (unix and internet domains)\n",
+                prog);
+            goto end;
+        }
+        if (connect_type == use_inet && IS_UNIX_FLAG(o)) {
+            BIO_printf(bio_err,
+                "%s: Intermixed protocol flags (internet and unix domains)\n",
+                prog);
+            goto end;
+        }
         switch (o) {
         case OPT_EOF:
         case OPT_ERR:
@@ -887,58 +908,27 @@ int s_client_main(int argc, char **argv)
             ret = 0;
             goto end;
         case OPT_4:
-#ifdef AF_UNIX
-            if (socket_family == AF_UNIX) {
-                OPENSSL_free(host); host = NULL;
-                OPENSSL_free(port); port = NULL;
-            }
-#endif
+            connect_type = use_inet;
             socket_family = AF_INET;
+            count4or6++;
             break;
-        case OPT_6:
-            if (1) {
 #ifdef AF_INET6
-#ifdef AF_UNIX
-                if (socket_family == AF_UNIX) {
-                    OPENSSL_free(host); host = NULL;
-                    OPENSSL_free(port); port = NULL;
-                }
-#endif
-                socket_family = AF_INET6;
-            } else {
-#endif
-                BIO_printf(bio_err, "%s: IPv6 domain sockets unsupported\n", prog);
-                goto end;
-            }
+        case OPT_6:
+            connect_type = use_inet;
+            socket_family = AF_INET6;
+            count4or6++;
             break;
-        case OPT_HOST:
-#ifdef AF_UNIX
-            if (socket_family == AF_UNIX) {
-                OPENSSL_free(host); host = NULL;
-                OPENSSL_free(port); port = NULL;
-                socket_family = AF_UNSPEC;
-            }
 #endif
-            OPENSSL_free(host); host = BUF_strdup(opt_arg());
+        case OPT_HOST:
+            connect_type = use_inet;
+            host = OPENSSL_strdup(opt_arg());
             break;
         case OPT_PORT:
-#ifdef AF_UNIX
-            if (socket_family == AF_UNIX) {
-                OPENSSL_free(host); host = NULL;
-                OPENSSL_free(port); port = NULL;
-                socket_family = AF_UNSPEC;
-            }
-#endif
-            OPENSSL_free(port); port = BUF_strdup(opt_arg());
+            connect_type = use_inet;
+            port = OPENSSL_strdup(opt_arg());
             break;
         case OPT_CONNECT:
-#ifdef AF_UNIX
-            if (socket_family == AF_UNIX) {
-                socket_family = AF_UNSPEC;
-            }
-#endif
-            OPENSSL_free(host); host = NULL;
-            OPENSSL_free(port); port = NULL;
+            connect_type = use_inet;
             connectstr = opt_arg();
             break;
         case OPT_PROXY:
@@ -947,9 +937,9 @@ int s_client_main(int argc, char **argv)
             break;
 #ifdef AF_UNIX
         case OPT_UNIX:
+            connect_type = use_unix;
             socket_family = AF_UNIX;
-            OPENSSL_free(host); host = BUF_strdup(opt_arg());
-            OPENSSL_free(port); port = NULL;
+            host = OPENSSL_strdup(opt_arg());
             break;
 #endif
         case OPT_XMPPHOST:
@@ -1310,6 +1300,10 @@ int s_client_main(int argc, char **argv)
             break;
         }
     }
+    if (count4or6 >= 2) {
+        BIO_printf(bio_err, "%s: Can't use both -4 and -6\n", prog);
+        goto opthelp;
+    }
     argc = opt_num_rest();
     if (argc != 0)
         goto opthelp;
author	Rich Salz <rsalz@openssl.org>	2016-06-08 12:22:14 -0400
committer	Rich Salz <rsalz@openssl.org>	2016-06-10 10:45:49 -0400
commit	fe08bd76e2b2ffcba0d24b60feec839fcd985ff7 (patch)
tree	2316d0d25ece4b2bc22fa72e2eab5bd79f6742af /apps
parent	a1bce642c9a704943df3a897d3a7345790d45a43 (diff)