From: Benny Baumann Date: Wed, 24 Jun 2020 19:54:05 +0000 (+0200) Subject: Force ssl/tls protocol flags to use stream sockets X-Git-Tag: openssl-3.0.0-alpha5~134 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2c9ba46c90e9d25040260bbdc43e87921f08c788;p=thirdparty%2Fopenssl.git Force ssl/tls protocol flags to use stream sockets Prior to this patch doing something like openssl s_client -dtls1 -tls1 ... could cause s_client to speak TLS on a UDP socket which does not normally make much sense. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12266) --- diff --git a/apps/s_client.c b/apps/s_client.c index 886b2cd8d66..5a5a40c9275 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1319,22 +1319,42 @@ int s_client_main(int argc, char **argv) case OPT_SSL3: min_version = SSL3_VERSION; max_version = SSL3_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1_3: min_version = TLS1_3_VERSION; max_version = TLS1_3_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1_2: min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1_1: min_version = TLS1_1_VERSION; max_version = TLS1_1_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_TLS1: min_version = TLS1_VERSION; max_version = TLS1_VERSION; + socket_type = SOCK_STREAM; +#ifndef OPENSSL_NO_DTLS + isdtls = 0; +#endif break; case OPT_DTLS: #ifndef OPENSSL_NO_DTLS