diff options
| author | Carlos Alberto Lopez Perez <clopez@igalia.com> | 2012-08-06 02:24:51 +0200 |
|---|---|---|
| committer | Ben Laurie <ben@links.org> | 2013-09-05 17:24:56 +0100 |
| commit | b98af49d971e1dfe91c3aa52c31546e5d3eda2ee (patch) | |
| tree | 6873a11bf4e051a723fc8ec1b06c3860ce9b67f1 /apps | |
| parent | 50f307a98fcc982c6dbb1891577146c6c3949ad6 (diff) | |
| download | openssl-new-b98af49d971e1dfe91c3aa52c31546e5d3eda2ee.tar.gz | |
Add an "-xmpphost" option to s_client
* Many XMPP servers are configured with multiple domains (virtual hosts)
* In order to establish successfully the TLS connection you have to specify
which virtual host you are trying to connect.
* Test this, for example with ::
* Fail:
openssl s_client -connect talk.google.com:5222 -starttls xmpp
* Works:
openssl s_client -connect talk.google.com:5222 -starttls xmpp -xmpphost gmail.com
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/s_client.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/apps/s_client.c b/apps/s_client.c index 9c7f45f33c..3089a97176 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -350,6 +350,7 @@ static void sc_usage(void) BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n"); BIO_printf(bio_err," only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n"); BIO_printf(bio_err," are supported.\n"); + BIO_printf(bio_err," -xmpphost host - When used with \"-starttls xmpp\" specifies the virtual host.\n"); #ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n"); #endif @@ -595,6 +596,7 @@ int MAIN(int argc, char **argv) short port=PORT; int full_log=1; char *host=SSL_HOST_NAME; + char *xmpphost = NULL; char *cert_file=NULL,*key_file=NULL,*chain_file=NULL; int cert_format = FORMAT_PEM, key_format = FORMAT_PEM; char *passarg = NULL, *pass = NULL; @@ -726,6 +728,11 @@ static char *jpake_secret = NULL; if (!extract_host_port(*(++argv),&host,NULL,&port)) goto bad; } + else if (strcmp(*argv,"-xmpphost") == 0) + { + if (--argc < 1) goto bad; + xmpphost= *(++argv); + } else if (strcmp(*argv,"-verify") == 0) { verify=SSL_VERIFY_PEER; @@ -1670,7 +1677,7 @@ SSL_set_tlsext_status_ids(con, ids); int seen = 0; BIO_printf(sbio,"<stream:stream " "xmlns:stream='http://etherx.jabber.org/streams' " - "xmlns='jabber:client' to='%s' version='1.0'>", host); + "xmlns='jabber:client' to='%s' version='1.0'>", xmpphost? xmpphost:host); seen = BIO_read(sbio,mbuf,BUFSIZZ); mbuf[seen] = 0; while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'") && |