The attached patches alter the way 'openssl s_client' surprisingly
interprets the 'Q' and 'R' characters at the start of a line.
Option 1: openssl-removeqr.patch : eliminates the 'Q' and 'R' "commands"
completely, from s_client and the documentation.
Option 2: openssl-commandkeys.patch : adds a commandline argument
'-commandkeys', that enables the commands in "interactive" mode (i.e. no
'-ign_eof' and no '-quiet'). It is *not* enabled by default.
Option 1 is what I'd use, but only because I really have no idea what the
initial use-case was for these "commands" (especially since "Q" is
identical to EOF).
Justification: The 'R' for 'r'enegotiate in particular seems to be
nothing but a source of confusion and bugs to be worked-around. Googling
(unquoted:) "s_client renegotiate" yields nothing in the first 50 results
that isn't one of:
1) the s_client 'man' page
2) someone warning others to not start their s_client lines with 'R'
3) a patch to other software to use the -ign_eof flag to avoid this
The use of 'Q' and 'R' affects interactive sessions of SMTP, IMAP, and
POP3 (that I know of), which are prime candidates for testing via
s_client. (In SMTP, 'RCPT TO' is essential. In IMAP, 'Q' and 'R' are
perfectly fine starting chars for command identifiers. And POP3 has
'RETR'.)
Thanks for the consideration.
Best,
Ben
