On 2 November 2015 at 15:36, Richard Moore <richmoore44 at gmail.com> wrote: > > > On 2 November 2015 at 15:33, Jakob Bohm <jb-openssl at wisemo.com> wrote: > >> On 02/11/2015 16:13, Richard Moore wrote: >> >> There have always been special commands making s_client unsuitable for >> this usage - for example R followed by a newline will renegotiate, and Q >> will quit. According to the docs these can be disabled by -quiet >> and -ign_eof though I've never tested that myself. >> >> Could you point me to where this (non-obvious) relationship >> between options ostensibly doing something else and the >> desired effect is documented? The 1.0.1* man-page of s_server >> certainly doesn't say that. >> >> > ?It's documented in the s_client man page, but I don't see it in s_server > (though the commands are listed and it has a few more than s_client). > Perhaps there is no way to disable them on s_server - I'd have to check the > code. > > ?I've checked the code and -quiet disables them for s_server too. Rich. ? > Cheers > > Rich.? > > > >> >> On 2 November 2015 at 13:37, Jakob Bohm <jb-openssl at wisemo.com> wrote: >> >>> As with most other "apps" in the openssl binary, the s_server >>> and s_client commands are useful for multiple purposes: >>> >>> 1. As debug tools >>> >>> 2. As a way to do one-off operations without writing any >>> code. >>> >>> 3. As back ends for small programs written in scripting >>> languages that cannot really call the OpenSSL library >>> directly. >>> >>> This is about the latter two uses of s_server and s_client to >>> set up a one-off or scripted secure pipe between two machines. >>> >>> Unfortunately, the current (1.0.2) version of s_server will >>> do special and problematic things when encountering some >>> 3-byte sequences (such as "\nq\n") in the data stream. >>> >>> It would thus be useful for s_server (and if applicable >>> s_client) to accept the "-binary" option (already provided >>> by the cms/smime commands), to turn off this behavior and >>> provide a clean data pass through to/from the other end. >>> In "-binary" mode, no byte value or sequence of byte value >>> is special, except that explicit use of the "-crlf" option >>> still works. >>> >>> >> >> Enjoy >> >> Jakob >> -- >> Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com >> Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 >> This public discussion message is non-binding and may contain errors. >> WiseMo - Remote Service Management for PCs, Phones and Embedded >> >> >> _______________________________________________ >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151102/4b40fd84/attachment.html>
