From 729ef85611d2490da8f10ea546279c961e6de4a6 Mon Sep 17 00:00:00 2001 From: Cory Benfield Date: Sat, 4 Jun 2016 20:46:38 -0700 Subject: [PATCH] s_client accepts host/port as positional argument. This allows the user to provide the target host and optional port to openssl s_client as an optional positional argument, rather than as the argument to the -connect flag. This rationalises the user experience of s_client: given that the only logical purpose of s_client is to connect to a host, it is difficult to understand why there is an (effectively mandatory) command option to pass to make that happen. This patch forbids providing *both* -connect and the positional argument, because it would likely be too difficult to reconcile. Otherwise, using the positional argument behaves exactly the same as using -connect does. Reviewed-by: Richard Levitte Reviewed-by: Rich Salz (Merged from https://github.com/openssl/openssl/pull/1171) --- apps/s_client.c | 20 +++++++++++++++++--- doc/man1/s_client.pod | 16 +++++++++++++--- 2 files changed, 30 insertions(+), 6 deletions(-) diff --git a/apps/s_client.c b/apps/s_client.c index ad0eaec562..1d11f0932a 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1421,8 +1421,22 @@ int s_client_main(int argc, char **argv) } } argc = opt_num_rest(); - if (argc != 0) + if (argc == 1) { + /* If there's a positional argument, it's the equivalent of + * OPT_CONNECT. + * Don't allow -connect and a separate argument. + */ + if (connectstr != NULL) { + BIO_printf(bio_err, + "%s: must not provide both -connect option and target parameter\n", + prog); + goto opthelp; + } + connect_type = use_inet; + connectstr = *opt_rest(); + } else if (argc != 0) { goto opthelp; + } #ifndef OPENSSL_NO_NEXTPROTONEG if (min_version == TLS1_3_VERSION && next_proto_neg_in != NULL) { @@ -1434,7 +1448,7 @@ int s_client_main(int argc, char **argv) int res; char *tmp_host = host, *tmp_port = port; if (connectstr == NULL) { - BIO_printf(bio_err, "%s: -proxy requires use of -connect\n", prog); + BIO_printf(bio_err, "%s: -proxy requires use of -connect or target parameter\n", prog); goto opthelp; } res = BIO_parse_hostserv(proxystr, &host, &port, BIO_PARSE_PRIO_HOST); @@ -1459,7 +1473,7 @@ int s_client_main(int argc, char **argv) OPENSSL_free(tmp_port); if (!res) { BIO_printf(bio_err, - "%s: -connect argument malformed or ambiguous\n", + "%s: -connect argument or target parameter malformed or ambiguous\n", prog); goto end; } diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod index 57fa920eb8..94356daffb 100644 --- a/doc/man1/s_client.pod +++ b/doc/man1/s_client.pod @@ -113,6 +113,7 @@ B B [B<-ctlogfile>] [B<-keylogfile file>] [B<-early_data file>] +[B] =head1 DESCRIPTION @@ -135,8 +136,10 @@ Print out a usage message. =item B<-connect host:port> -This specifies the host and optional port to connect to. If not specified -then an attempt is made to connect to the local host on port 4433. +This specifies the host and optional port to connect to. It is possible to +select the host and port using the optional target positional argument instead. +If neither this nor the target positonal argument are specified then an attempt +is made to connect to the local host on port 4433. =item B<-proxy host:port> @@ -592,6 +595,13 @@ Reads the contents of the specified file and attempts to send it as early data to the server. This will only work with resumed sessions that support early data and when the server accepts the early data. +=item B<[target]> + +Rather than providing B<-connect>, the target hostname and optional port may +be provided as a single positional argument after all options. If neither this +nor B<-connect> are provided, falls back to attempting to connect to localhost +on port 4433. + =back =head1 CONNECTED COMMANDS @@ -658,7 +668,7 @@ information whenever a session is renegotiated. L, L, L, L, L, L -L +L =head1 HISTORY -- GitLab