Ensure s_client sends SNI data when used with -proxy

The use of -proxy prevented s_client from correctly sending the target
hostname as SNI data.

Fixes #17232

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17248)

diff --git a/apps/s_client.c b/apps/s_client.c
index cdff15a1b60d7646fc63225f6ec770c5860c871e..1d73e1b39ec6de620fab86c418f7a60b2e97937f 100644 (file)
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -847,6 +847,7 @@ int s_client_main(int argc, char **argv)
     struct timeval tv;
 #endif
     const char *servername = NULL;
+    char *sname_alloc = NULL;
     int noservername = 0;
     const char *alpn_in = NULL;
     tlsextctx tlsextcbp = { NULL, 0 };
@@ -1541,6 +1542,14 @@ int s_client_main(int argc, char **argv)
             goto opthelp;
         }
 
+        if (servername == NULL && !noservername) {
+            servername = sname_alloc = OPENSSL_strdup(host);
+            if (sname_alloc == NULL) {
+                BIO_printf(bio_err, "%s: out of memory\n", prog);
+                goto end;
+            }
+        }
+
         /* Retain the original target host:port for use in the HTTP proxy connect string */
         thost = OPENSSL_strdup(host);
         tport = OPENSSL_strdup(port);
@@ -3053,6 +3062,7 @@ int s_client_main(int argc, char **argv)
 #ifndef OPENSSL_NO_SRP
     OPENSSL_free(srp_arg.srppassin);
 #endif
+    OPENSSL_free(sname_alloc);
     OPENSSL_free(connectstr);
     OPENSSL_free(bindstr);
     OPENSSL_free(bindhost);