本文整理汇总了C++中SSL_CTX_set_info_callback函数的典型用法代码示例。如果您正苦于以下问题:C++ SSL_CTX_set_info_callback函数的具体用法?C++ SSL_CTX_set_info_callback怎么用?C++ SSL_CTX_set_info_callback使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SSL_CTX_set_info_callback函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: ELOG_DEBUG
// memory is only valid for duration of callback; must be copied if queueing
// is required
DtlsSocketContext::DtlsSocketContext() {
started = false;
mSocket = NULL;
receiver = NULL;
DtlsSocketContext::Init();
ELOG_DEBUG("Creating Dtls factory, Openssl v %s", OPENSSL_VERSION_TEXT);
mContext = SSL_CTX_new(DTLSv1_method());
assert(mContext);
int r = SSL_CTX_use_certificate(mContext, mCert);
assert(r == 1);
r = SSL_CTX_use_PrivateKey(mContext, privkey);
assert(r == 1);
SSL_CTX_set_cipher_list(mContext, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
SSL_CTX_set_info_callback(mContext, SSLInfoCallback);
SSL_CTX_set_verify(mContext, SSL_VERIFY_PEER |SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
SSLVerifyCallback);
// SSL_CTX_set_session_cache_mode(mContext, SSL_SESS_CACHE_OFF);
// SSL_CTX_set_options(mContext, SSL_OP_NO_TICKET);
// Set SRTP profiles
r = SSL_CTX_set_tlsext_use_srtp(mContext, DefaultSrtpProfile);
assert(r == 0);
SSL_CTX_set_verify_depth(mContext, 2);
SSL_CTX_set_read_ahead(mContext, 1);
ELOG_DEBUG("DtlsSocketContext %p created", this);
}示例2: tls_configure_ssl
int
tls_configure_ssl(struct tls *ctx)
{
SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0)
SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
if (ctx->config->ciphers != NULL) {
if (SSL_CTX_set_cipher_list(ctx->ssl_ctx,
ctx->config->ciphers) != 1) {
tls_set_errorx(ctx, "failed to set ciphers");
goto err;
}
}
SSL_CTX_set_info_callback(ctx->ssl_ctx, tls_info_callback);
return (0);
err:
return (-1);
}示例3: _SSL_context_init
SSL_CTX *
_SSL_context_init (void (*info_cb_func), int server)
{
SSL_CTX *ctx;
#ifdef WIN32
int i, r;
#endif
SSLeay_add_ssl_algorithms ();
SSL_load_error_strings ();
ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout (ctx, 300);
/* used in SSL_connect(), SSL_accept() */
SSL_CTX_set_info_callback (ctx, info_cb_func);
#ifdef WIN32
/* under win32, OpenSSL needs to be seeded with some randomness */
for (i = 0; i < 128; i++)
{
r = rand ();
RAND_seed ((unsigned char *)&r, sizeof (r));
}
#endif
return(ctx);
}示例4: SSLSocket_setSocketForSSL
int SSLSocket_setSocketForSSL(networkHandles* net, MQTTClient_SSLOptions* opts)
{
int rc = 1;
FUNC_ENTRY;
if (net->ctx != NULL || (rc = SSLSocket_createContext(net, opts)) == 1)
{
int i;
SSL_CTX_set_info_callback(net->ctx, SSL_CTX_info_callback);
if (opts->enableServerCertAuth)
SSL_CTX_set_verify(net->ctx, SSL_VERIFY_PEER, NULL);
net->ssl = SSL_new(net->ctx);
/* Log all ciphers available to the SSL sessions (loaded in ctx) */
for (i = 0; ;i++)
{
const char* cipher = SSL_get_cipher_list(net->ssl, i);
if (cipher == NULL) break;
Log(TRACE_MIN, 1, "SSL cipher available: %d:%s", i, cipher);
}
if ((rc = SSL_set_fd(net->ssl, net->socket)) != 1)
SSLSocket_error("SSL_set_fd", net->ssl, net->socket, rc);
}
FUNC_EXIT_RC(rc);
return rc;
}示例5: SSL_load_error_strings
SSL_CTX *ssl_init() {
SSL_CTX *ctx = NULL;
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
ssl_data_index = SSL_get_ex_new_index(0,0,0,0,0);
if ((locks = calloc(CRYPTO_num_locks(), sizeof(pthread_mutex_t)))) {
for (int i = 0; i < CRYPTO_num_locks(); i++) {
pthread_mutex_init(&locks[i], NULL);
}
CRYPTO_set_locking_callback(ssl_lock);
CRYPTO_set_id_callback(ssl_id);
if ((ctx = SSL_CTX_new(SSLv23_client_method()))) {
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_set_verify_depth(ctx, 0);
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT);
SSL_CTX_sess_set_new_cb(ctx, new_session_callback);
SSL_CTX_set_info_callback(ctx, ssl_info_callback);
}
}
return ctx;
}示例6: tls_init
/* Initialize the library */
static void tls_init(int verify)
{
if(_tlsctx)
{
TLSERROR("Library is already initialized!");
return;
}
SSL_load_error_strings();
SSL_library_init();
_tlsctx = SSL_CTX_new(TLSv1_method());
if(!_tlsctx) TLSERROR("Couldn't create TLS object.\n");
else
{
OPENSSLCHECK(SSL_CTX_set_quiet_shutdown(_tlsctx, 1));
OPENSSLCHECK(SSL_CTX_set_info_callback(_tlsctx, NULL));
OPENSSLCHECK(SSL_CTX_load_verify_locations(ctx, CAfile, CApath));
OPENSSLCHECK(SSL_CTX_set_default_verify_paths());
if(verify == GGZ_TLS_VERIFY_PEER) SSL_CTX_set_verify(_tlsctx, SSL_VERIFY_PEER, tls_verify);
else SSL_CTX_set_verify(_tlsctx, SSL_VERIFY_NONE, NULL);
}
openssllist = ggz_list_create(NULL, NULL, NULL, GGZ_LIST_ALLOW_DUPS);
}示例7: ConnectionManager
void ConnectionManager(ServerGame& aGame, Ogre::String aAddress, int32 aPort)
{
LOG(INFO) << "Init SRP";
boost::asio::ssl::context sslCtx(boost::asio::ssl::context::tlsv1_server);
SSL_CTX* ctx = sslCtx.native_handle();
SSL_CTX_set_info_callback(ctx, SSLInfoCallback);
SSL_CTX_SRP_CTX_init(ctx);
if (SSL_CTX_set_cipher_list(ctx, "SRP") != 1)
{
LOG(ERROR) << "Can not set SRP ciphers";
return;
}
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
SSL_CTX_set_srp_username_callback(ctx, SSLSRPServerParamCallback);
AddUser("test", "test");
LOG(INFO) << "Listening to " << aAddress << ":" << aPort;
boost::asio::io_service IOService;
boost::asio::ip::tcp::acceptor gate(IOService,
boost::asio::ip::tcp::endpoint(boost::asio::ip::tcp::v4(), aPort));
while (true)
{
SSLStreamPtr sslStream(new SSLStream(IOService, sslCtx));
gate.accept(sslStream->lowest_layer());
boost::thread thrd(boost::bind(ClientConnection, boost::ref(aGame), sslStream));
}
}示例8: _impl
context::context(void)
: _impl( SSL_CTX_new( SSLv23_method()))
{
SSL_CTX_set_verify(_impl, SSL_VERIFY_NONE, nullptr);
SSL_CTX_set_default_passwd_cb( _impl , &pem_password );
SSL_CTX_set_default_passwd_cb_userdata( _impl , this );
SSL_CTX_set_info_callback(_impl,ssl_info_callback);
}示例9: HTSSL_init
/*
** Create an SSL application context if not already done
*/
PUBLIC BOOL HTSSL_init (void)
{
char rnd_filename[HT_MAX_PATH];
/*
** Initialise OpenSSL 0.9.5 random number generator.
** The random generator of OpenSSL had to be initialised on platforms
** that do not support /dev/random, like Compaq True64 Unix.
** This is done in the default way, and means that the user of the
** libwww-ssl library needs to have a .rnd file in his/her home-directory.
*/
RAND_file_name(rnd_filename, sizeof(rnd_filename));
RAND_load_file(rnd_filename, -1);
if (!app_ctx) {
SSL_METHOD * meth = NULL;
SSLeay_add_ssl_algorithms();
/* Seems to provide English error messages */
SSL_load_error_strings();
/* select the protocol method */
switch (ssl_prot_method) {
case HTSSL_V2:
meth = SSLv2_client_method();
break;
case HTSSL_V3:
meth = SSLv3_client_method();
break;
case HTSSL_V23:
meth = SSLv23_client_method();
break;
default:
case HTTLS_V1:
meth = TLSv1_client_method();
break;
}
/* set up the application context */
if ((app_ctx = SSL_CTX_new(meth)) == NULL) {
HTTRACE(PROT_TRACE, "HTSSLContext Could not create context\n");
return NO;
}
HTTRACE(PROT_TRACE, "HTSSLContext Created context %p" _ app_ctx);
/* See the SSL states in our own callback */
#ifdef HTDEBUG
SSL_CTX_set_info_callback(app_ctx, apps_ssl_info_callback);
#endif
/* Set the certificate verification callback */
SSL_CTX_set_verify(app_ctx, SSL_VERIFY_PEER, verify_callback);
/* Not sure what this does */
SSL_CTX_set_session_cache_mode(app_ctx, SSL_SESS_CACHE_CLIENT);
}
return YES;
}示例10: SSL_library_init
static SSL_CTX *dtls_setup_sslclient (void)
{
SSL_METHOD *meth = NULL;
SSL_CTX *ctx = NULL;
extern char *pass;
if (!dtls_bio_err)
{
SSL_library_init ();
ERR_clear_error ();
SSL_load_error_strings ();
OpenSSL_add_all_algorithms ();
dtls_bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
}
meth = DTLSv1_client_method (); // Datagam TLS v1 client - requires openSSL > v0.9.8
ctx = SSL_CTX_new (meth); // New SSL CTX object as Framework to establish new SSL connections
if (!SSL_CTX_use_certificate_chain_file (ctx, DTLSC_CERT))
{
dtls_destroy_ctx (ctx);
dtls_report_berr ("Error loading the file \"%s\" - %s\n", DTLSC_CERT, strerror (errno));
}
pass = PASSWORD;
/* Enable this if u hve generated your certificates with password. If certs are generated with '-nodes' option, this is not required */
// SSL_CTX_set_default_passwd_cb (ctx, dtls_password_cb);
// fprintf (stderr, "%s: %s(): Am now here @ %d\n", __FILE__, __func__, __LINE__);
if (!SSL_CTX_use_PrivateKey_file (ctx, DTLSC_KEY_CERT, SSL_FILETYPE_PEM))
{
dtls_destroy_ctx (ctx);
dtls_report_berr ("Error loading the private key from the file \"%s\" - %s\n", DTLSC_KEY_CERT, \
strerror (errno));
}
if (!SSL_CTX_load_verify_locations (ctx, DTLSC_ROOT_CACERT, 0))
{
dtls_destroy_ctx (ctx);
dtls_report_berr ("Error loading the CA file - %s\n", strerror (errno));
}
SSL_CTX_set_verify_depth (ctx, 2);
SSL_CTX_set_options (ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
#ifdef DEBUG
SSL_CTX_set_info_callback (ctx, &dtls_info_callback);
#endif
SSL_CTX_set_read_ahead (ctx, 1); // Required for DTLS - please refer apps/s_client.c source file
return ctx;
}示例11: ssl_init_ctx_callbacks
static void ssl_init_ctx_callbacks(server_rec *s,
apr_pool_t *p,
apr_pool_t *ptemp,
modssl_ctx_t *mctx)
{
SSL_CTX *ctx = mctx->ssl_ctx;
SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA);
SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH);
SSL_CTX_set_info_callback(ctx, ssl_callback_Info);
}示例12: tls_ctx_set_options
void
tls_ctx_set_options (struct tls_root_ctx *ctx, unsigned int ssl_flags)
{
ASSERT(NULL != ctx);
/* process SSL options including minimum TLS version we will accept from peer */
{
long sslopt = SSL_OP_SINGLE_DH_USE | SSL_OP_NO_TICKET | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
const int tls_ver_min =
(ssl_flags >> SSLF_TLS_VERSION_MIN_SHIFT) & SSLF_TLS_VERSION_MIN_MASK;
int tls_ver_max =
(ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & SSLF_TLS_VERSION_MAX_MASK;
if (tls_ver_max <= TLS_VER_UNSPEC)
tls_ver_max = tls_version_max();
if (tls_ver_min > TLS_VER_1_0 || tls_ver_max < TLS_VER_1_0)
sslopt |= SSL_OP_NO_TLSv1;
#ifdef SSL_OP_NO_TLSv1_1
if (tls_ver_min > TLS_VER_1_1 || tls_ver_max < TLS_VER_1_1)
sslopt |= SSL_OP_NO_TLSv1_1;
#endif
#ifdef SSL_OP_NO_TLSv1_2
if (tls_ver_min > TLS_VER_1_2 || tls_ver_max < TLS_VER_1_2)
sslopt |= SSL_OP_NO_TLSv1_2;
#endif
#ifdef SSL_OP_NO_COMPRESSION
/* Disable compression - flag not available in OpenSSL 0.9.8 */
sslopt |= SSL_OP_NO_COMPRESSION;
#endif
SSL_CTX_set_options (ctx->ctx, sslopt);
}
SSL_CTX_set_session_cache_mode (ctx->ctx, SSL_SESS_CACHE_OFF);
SSL_CTX_set_default_passwd_cb (ctx->ctx, pem_password_callback);
/* Require peer certificate verification */
#if P2MP_SERVER
if (ssl_flags & SSLF_CLIENT_CERT_NOT_REQUIRED)
{
msg (M_WARN, "WARNING: POTENTIALLY DANGEROUS OPTION "
"--client-cert-not-required may accept clients which do not present "
"a certificate");
}
else
#endif
SSL_CTX_set_verify (ctx->ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
SSL_CTX_set_info_callback (ctx->ctx, info_callback);
}示例13: TlsInit
int TlsInit( char* cacertPath )
{
e_TlsError vl_Error;
char a_DefaultCertPath[] = DEFAULT_CERT_PATH;
char *p_CertToUse;
DEBUG_LOG_PRINT_LEV2(("TlsInit : Entry"));
SSL_load_error_strings();
SSL_library_init();
gp_SSL_CTX = SSL_CTX_new(TLSv1_method());
if( NULL == gp_SSL_CTX )
{
DEBUG_LOG_PRINT_LEV2(("SSL_CTX_new returned NULL!\n"));
return FALSE;
}
if ( SSL_CTX_set_cipher_list(gp_SSL_CTX, DEFAULT_CIPHER_LIST ) != 1 )
{
DEBUG_LOG_PRINT_LEV2(("SSL_CTX_set_cipher_list returned NULL!\n"));
SSL_CTX_free(gp_SSL_CTX);
return FALSE; // ERROR selecting SUPL cipher list
}
SSL_CTX_set_info_callback(gp_SSL_CTX, Tls_openssl_info_callback);
#ifdef AGPS_DISABLE_TLS_CA_CERT_VERIFY
/* In this mode, even if a CA cert is not found, a secure connection is established */
SSL_CTX_set_verify( gp_SSL_CTX , SSL_VERIFY_NONE , NULL );
#else
/* If a CA cert is not found matching the server certificate, the handshake is shutdown */
SSL_CTX_set_verify( gp_SSL_CTX , SSL_VERIFY_PEER , Tls_openssl_certificate_verify_callback );
#endif
p_CertToUse = ( cacertPath == NULL ) ? a_DefaultCertPath : cacertPath;
DEBUG_LOG_PRINT_LEV2(("TlsInit : Certificate %s\n" , p_CertToUse));
if( SSL_CTX_load_verify_locations(gp_SSL_CTX, p_CertToUse ,NULL) != 1 )
{
DEBUG_LOG_PRINT_LEV2(("SSL_CTX_load_verify_locations failed!\n"));
return FALSE;
}
DEBUG_LOG_PRINT_LEV2(("SSL_CTX_get_options : %ld" , SSL_CTX_get_options( gp_SSL_CTX ) ));
SSL_CTX_set_options( gp_SSL_CTX,SSL_OP_NO_TICKET|SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3) ;
DEBUG_LOG_PRINT_LEV2(("SSL_CTX_get_options : %ld" , SSL_CTX_get_options( gp_SSL_CTX ) ));
DEBUG_LOG_PRINT_LEV2(("TlsInit : Exit"));
return TRUE;
}示例14: ssl_init_ctx_callbacks
static void ssl_init_ctx_callbacks(server_rec *s,
apr_pool_t *p,
apr_pool_t *ptemp,
modssl_ctx_t *mctx)
{
SSL_CTX *ctx = mctx->ssl_ctx;
SSL_CTX_set_tmp_rsa_callback(ctx, ssl_callback_TmpRSA);
SSL_CTX_set_tmp_dh_callback(ctx, ssl_callback_TmpDH);
if (s->loglevel >= APLOG_DEBUG) {
/* this callback only logs if LogLevel >= info */
SSL_CTX_set_info_callback(ctx, ssl_callback_LogTracingState);
}
}示例15: bb_socket_ssl
void bb_socket_ssl(struct bb_acceptor *acceptor) {
if (!blastbeat.ssl_initialized) {
OPENSSL_config(NULL);
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
blastbeat.ssl_initialized = 1;
blastbeat.ssl_index = SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
}
acceptor->ctx = SSL_CTX_new(SSLv23_server_method());
if (!acceptor->ctx) {
fprintf(stderr, "unable to initialize SSL context: SSL_CTX_new()");
exit(1);
}
long ssloptions = SSL_OP_NO_SSLv2 | SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
// disable compression (if possibile)
#ifdef SSL_OP_NO_COMPRESSION
ssloptions |= SSL_OP_NO_COMPRESSION;
#endif
SSL_CTX_set_options(acceptor->ctx, ssloptions);
// release/reuse buffers as soon as possibile
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(acceptor->ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
if (SSL_CTX_set_cipher_list(acceptor->ctx, "HIGH") == 0) {
fprintf(stderr,"unable to set SSL ciphers: SSL_CTX_set_cipher_list()");
exit(1);
}
SSL_CTX_set_options(acceptor->ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
SSL_CTX_set_info_callback(acceptor->ctx, bb_ssl_info_cb);
#ifdef OPENSSL_NPN_UNSUPPORTED
SSL_CTX_set_next_protos_advertised_cb(acceptor->ctx, bb_ssl_npn, NULL);
#endif
SSL_CTX_set_session_cache_mode(acceptor->ctx, SSL_SESS_CACHE_SERVER);
acceptor->read = bb_ssl_read;
acceptor->write = bb_ssl_write;
}