On 2015/07/06 13:40, Landry Breuil wrote: > Hi, > > i'm not an ssl hacker at all, but while debugging openssl -starttls > issues against an xmpp server, i stumbled upon > https://rt.openssl.org/Ticket/Display.html?id=2860&user=guest&pass=guest > which fixes some issue with -starttls xmpp and adds the possibility to > use -xmpphost in case there's some virtualhost. Backported the patch to > libressl and applied style(9), works fine here in basic testing against > prosody, before -starttls xmpp host was just stalling. I havent touched > the documentation chunks since i dont really know if we still use the > pod format or...
Seems useful to me, some of the starttls-based protocols can be a pain to diagnose without a tool like this. It definitely needs the documentation chunk for -xmpphost though, it should go in src/usr.bin/openssl/openssl.1, and I think probably adding to sc_usage() in s_client.c.
