On Sun, Mar 23, 2025 at 01:38:49PM -0600, Diana Eichert wrote: > I moved on to try to use "openssl s_client" with same ""route -T xx > exec" , this didn't > work because I discovered OpenBSD version of openssl s_client does not support > -bind switch. Is this intentional or did the developers not see a > need to support > specific local address bind capability?
To my knowledge nobody's ever asked for it. I wouldn't be against adding such a switch if someone were to offer a patch. It's a bit annoying to do, though, due to the way the sockets are wrapped inside BIOs. What was done upstream can't directly be ported since it relies on the BIO_ADDR and BIO_ADDRINFO-based interfaces in OpenSSL's ersatz libc, which, luckily, we have been able to avoid so far. In general, the openssl utility only receives very little maintenance love. Its code is some of the most unpleasant in our OpenSSL heritage and for many tasks there are better utilities with more coherent user interfaces. There are more rewarding things to spend time on.
