To connect to company-internal IMAP servers, my mail clients are
configured to run the following command:

ssh $BOX_ON_VPN exec openssl s_client -quiet -connect $IMAPSERVER:993

The '-quiet' part of that is necessary, because the mail programs
generally can't cope with extra noise -- they only want IMAP. But the
-quiet option implies -ign_eof, which means that when the ssh client
disconnects, the openssl process is left eating CPU time in an endless
loop:

select(5, [4], [4], NULL, NULL) = 1 (out [4])
select(5, [0 4], [], NULL, NULL) = 1 (in [0])
read(0, "", 8192) = 0
select(5, [4], [4], NULL, NULL) = 1 (out [4])
select(5, [0 4], [], NULL, NULL) = 1 (in [0])
read(0, "", 8192) = 0
select(5, [4], [4], NULL, NULL) = 1 (out [4])
select(5, [0 4], [], NULL, NULL) = 1 (in [0])
read(0, "", 8192) = 0

I assume that changing the behaviour of the -quiet option so that it no
longer implies -ign_eof is not going to be considered acceptable, so
this patch instead adds a -no_ign_eof option which can be used to
override the unwanted setting.

--- apps/s_client.c.orig 2008-10-05 21:50:22.000000000 +0100
+++ apps/s_client.c 2008-10-07 14:18:23.000000000 +0100
@@ -216,6 +216,7 @@ static void sc_usage(void)
BIO_printf(bio_err," -crlf - convert LF from terminal into CRLF\n");
BIO_printf(bio_err," -quiet - no s_client output\n");
BIO_printf(bio_err," -ign_eof - ignore input eof (default when -quiet)\n");
+ BIO_printf(bio_err," -no_ign_eof - don't ignore input eof\n");
BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
BIO_printf(bio_err," -tls1 - just use TLSv1\n");
@@ -427,6 +428,8 @@ int MAIN(int argc, char **argv)
}
else if (strcmp(*argv,"-ign_eof") == 0)
c_ign_eof=1;
+ else if (strcmp(*argv,"-no_ign_eof") == 0)
+ c_ign_eof=0;
else if (strcmp(*argv,"-pause") == 0)
c_Pause=1;
else if (strcmp(*argv,"-debug") == 0)

--
dwmw2

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org