本文整理汇总了C++中SSL_get_session函数的典型用法代码示例。如果您正苦于以下问题:C++ SSL_get_session函数的具体用法?C++ SSL_get_session怎么用?C++ SSL_get_session使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SSL_get_session函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: tls1_final_finish_mac
static int tls1_final_finish_mac(SSL *ssl, int from_server, uint8_t *out) {
/* At this point, the handshake should have released the handshake buffer on
* its own. */
assert(ssl->s3->handshake_buffer == NULL);
const char *label = TLS_MD_CLIENT_FINISH_CONST;
size_t label_len = TLS_MD_SERVER_FINISH_CONST_SIZE;
if (from_server) {
label = TLS_MD_SERVER_FINISH_CONST;
label_len = TLS_MD_SERVER_FINISH_CONST_SIZE;
}
uint8_t buf[EVP_MAX_MD_SIZE];
int digests_len = tls1_handshake_digest(ssl, buf, sizeof(buf));
if (digests_len < 0) {
return 0;
}
static const size_t kFinishedLen = 12;
if (!ssl->s3->enc_method->prf(ssl, out, kFinishedLen,
SSL_get_session(ssl)->master_key,
SSL_get_session(ssl)->master_key_length, label,
label_len, buf, digests_len, NULL, 0)) {
return 0;
}
return (int)kFinishedLen;
}示例2: SSL_generate_key_block
int SSL_generate_key_block(const SSL *ssl, uint8_t *out, size_t out_len) {
return ssl->s3->enc_method->prf(
ssl, out, out_len, SSL_get_session(ssl)->master_key,
SSL_get_session(ssl)->master_key_length, TLS_MD_KEY_EXPANSION_CONST,
TLS_MD_KEY_EXPANSION_CONST_SIZE, ssl->s3->server_random, SSL3_RANDOM_SIZE,
ssl->s3->client_random, SSL3_RANDOM_SIZE);
}示例3: SSL_export_keying_material
int SSL_export_keying_material(SSL *ssl, uint8_t *out, size_t out_len,
const char *label, size_t label_len,
const uint8_t *context, size_t context_len,
int use_context) {
if (!ssl->s3->have_version || ssl->version == SSL3_VERSION) {
return 0;
}
/* Exporters may not be used in the middle of a renegotiation. */
if (SSL_in_init(ssl) && !SSL_in_false_start(ssl)) {
return 0;
}
if (ssl3_protocol_version(ssl) >= TLS1_3_VERSION) {
return tls13_export_keying_material(ssl, out, out_len, label, label_len,
context, context_len, use_context);
}
size_t seed_len = 2 * SSL3_RANDOM_SIZE;
if (use_context) {
if (context_len >= 1u << 16) {
OPENSSL_PUT_ERROR(SSL, ERR_R_OVERFLOW);
return 0;
}
seed_len += 2 + context_len;
}
uint8_t *seed = OPENSSL_malloc(seed_len);
if (seed == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_MALLOC_FAILURE);
return 0;
}
OPENSSL_memcpy(seed, ssl->s3->client_random, SSL3_RANDOM_SIZE);
OPENSSL_memcpy(seed + SSL3_RANDOM_SIZE, ssl->s3->server_random,
SSL3_RANDOM_SIZE);
if (use_context) {
seed[2 * SSL3_RANDOM_SIZE] = (uint8_t)(context_len >> 8);
seed[2 * SSL3_RANDOM_SIZE + 1] = (uint8_t)context_len;
OPENSSL_memcpy(seed + 2 * SSL3_RANDOM_SIZE + 2, context, context_len);
}
const EVP_MD *digest = ssl_get_handshake_digest(
SSL_get_session(ssl)->cipher->algorithm_prf, ssl3_protocol_version(ssl));
if (digest == NULL) {
OPENSSL_PUT_ERROR(SSL, ERR_R_INTERNAL_ERROR);
return 0;
}
int ret = tls1_prf(digest, out, out_len, SSL_get_session(ssl)->master_key,
SSL_get_session(ssl)->master_key_length, label, label_len,
seed, seed_len, NULL, 0);
OPENSSL_free(seed);
return ret;
}示例4: save_session
void save_session(SSL *ssl, int privilege)
{
SSL_SESSION* session;
const unsigned char *sess_id;
int sess_id_len;
GDBM_FILE database;
datum key, data;
session = SSL_get_session(ssl);
sess_id = SSL_SESSION_get_id(session, &sess_id_len);
/* write session to dbm */
key.dptr = (char *)sess_id;
key.dsize = strlen(key.dptr);
database = gdbm_open(https_d.sess_db_name, 0, GDBM_WRITER | GDBM_NOMMAP , S_IRWXU, NULL);
switch (privilege) {
case ADMIN_PRIV:
data.dptr = "ADMIN";
data.dsize = strlen(data.dptr);
gdbm_store(database, key, data, GDBM_REPLACE);
break;
case GUEST_PRIV:
data.dptr = "GUEST";
data.dsize = strlen(data.dptr);
gdbm_store(database, key, data, GDBM_REPLACE);
break;
}
gdbm_close(database);
printf("session id: %s", sess_id);
}示例5: ssl_write_session
void
ssl_write_session(FILE * fp, SSL * ssl)
{
SSL_SESSION *s;
s = SSL_get_session(ssl);
PEM_write_SSL_SESSION(fp, s);
}示例6: describeSession
void describeSession(SSL *ssl)
{
SSL_SESSION *session = SSL_get_session(ssl);
CHECK(session != NULL);
char *s;
s = hex_to_string(session->session_id,
session->session_id_length);
fprintf(stderr, "Session ID: %s\n", s);
OPENSSL_free(s);
s = hex_to_string(session->sid_ctx,
session->sid_ctx_length);
fprintf(stderr, "Session ID CTX: %s\n", s);
OPENSSL_free(s);
#if 0
if (session->tlsext_ticklen > 0) {
s = hex_to_string(session->tlsext_tick,
session->tlsext_ticklen);
fprintf(stderr, "Session Ticket: %s\n", s);
OPENSSL_free(s);
}
#endif
}示例7: check_privileges
int check_privileges(SSL *ssl)
{
SSL_SESSION* session;
const unsigned char *sess_id;
int sess_id_len;
GDBM_FILE database;
datum key, data;
int ret = 0;
session = SSL_get_session(ssl);
sess_id = SSL_SESSION_get_id(session, &sess_id_len);
/* check session id in database */
key.dptr = (char *)sess_id;
key.dsize = strlen(key.dptr);
database = gdbm_open(https_d.sess_db_name, 0, GDBM_READER | GDBM_NOMMAP, S_IRWXU, NULL);
data = gdbm_fetch(database, key);
if (data.dptr != NULL) {
if (!strcmp(data.dptr, "ADMIN")) {
ret = ADMIN_PRIV;
} else if (!strcmp(data.dptr, "GUEST")) {
ret = GUEST_PRIV;
}
}
gdbm_close(database);
printf("session id: %s", sess_id);
return ret;
}示例8: SSL_SESSION_print_client_random
// print client random id and master key in NSS keylog format
// as session ID is not enough.
int SSL_SESSION_print_client_random(BIO *bp, const SSL *ssl)
{
const SSL_SESSION *x = SSL_get_session(ssl);
size_t i;
if (x == NULL)
goto err;
if (x->session_id_length == 0 || x->master_key_length == 0)
goto err;
if (BIO_puts(bp, "CLIENT_RANDOM ") <= 0)
goto err;
for (i = 0; i < sizeof(ssl->s3->client_random); i++) {
if (BIO_printf(bp, "%02X", ssl->s3->client_random[i]) <= 0)
goto err;
}
if (BIO_puts(bp, " ") <= 0)
goto err;
for (i = 0; i < (size_t)x->master_key_length; i++) {
if (BIO_printf(bp, "%02X", x->master_key[i]) <= 0)
goto err;
}
if (BIO_puts(bp, "\n") <= 0)
goto err;
return (1);
err:
return (0);
}示例9: throw
//
// Constructor
//
SSLSession::SSLSession(SSLContext* context,
const SSL* ssl,
const char* peer_host, int peer_port)
throw(IOException, SystemException)
{
_context = context;
_ssl = ssl;
#if (defined OPENSSL_VERSION_NUMBER >= 0x00908000L)
_session = SSL_get_session(ssl);
#else
_session = SSL_get_session((SSL*)ssl);
#endif
_peer_host = strdup(peer_host);
_peer_port = peer_port;
}示例10: print_ciphersuite_data
static void print_ciphersuite_data(BIO *io, SSL *ssl, int js)
{
SSL_SESSION* session = SSL_get_session(ssl);
long protocol = SSL_version(ssl);
const char *protocol_name = get_protocol_name(protocol);
const char *eol = js ? "\\n\\\n" : "\n";
if(BIO_printf(io, "Version: 0x%lx %s%s", protocol, protocol_name, eol) <= 0)
err_exit("Write error");
if(BIO_printf(io, "Current cipher: %s%s", SSL_CIPHER_get_name(SSL_get_current_cipher(ssl)), eol) <= 0)
err_exit("Write error");
STACK_OF(SSL_CIPHER) *ciphers = session->ciphers;
SSL_CIPHER *c;
int n = sk_SSL_CIPHER_num(ciphers);
if(BIO_printf(io, "client sent %d ciphers%s", n, eol) <= 0)
err_exit("Write error");
int i;
for (i = 0; i < n; i++)
{
c = sk_SSL_CIPHER_value(ciphers, i);
if(BIO_printf(io, "client [%2d of %2d]: %s%s", i, n, SSL_CIPHER_get_name(c), eol) <= 0)
err_exit("Write error");
}
}示例11: SSL_get_session
SSL_SESSION *SSL_get1_session(SSL *ssl) {
SSL_SESSION *ret = SSL_get_session(ssl);
if (ret != NULL) {
SSL_SESSION_up_ref(ret);
}
return ret;
}示例12: my_ssl_connect
/*
establish SSL connection between client
and server
SYNOPSIS
my_ssl_connect
ssl ssl object
RETURN VALUES
0 success
1 error
*/
int my_ssl_connect(SSL *ssl)
{
my_bool blocking;
MYSQL *mysql;
DBUG_ENTER("my_ssl_connect");
DBUG_ASSERT(ssl != NULL);
mysql= (MYSQL *)SSL_get_app_data(ssl);
CLEAR_CLIENT_ERROR(mysql);
/* Set socket to blocking if not already set */
if (!(blocking= vio_is_blocking(mysql->net.vio)))
vio_blocking(mysql->net.vio, TRUE);
SSL_clear(ssl);
SSL_SESSION_set_timeout(SSL_get_session(ssl),
mysql->options.connect_timeout);
SSL_set_fd(ssl, mysql->net.vio->sd);
if (SSL_connect(ssl) != 1)
{
my_SSL_error(mysql);
/* restore blocking mode */
if (!blocking)
vio_blocking(mysql->net.vio, FALSE);
DBUG_RETURN(1);
}
vio_reset(mysql->net.vio, VIO_TYPE_SSL, mysql->net.vio->sd, 0, 0);
mysql->net.vio->ssl= ssl;
DBUG_RETURN(0);
}示例13: bud_client_ssl_cert_cb
int bud_client_ssl_cert_cb(SSL* ssl, void* arg) {
bud_client_t* client;
bud_client_error_t err;
SSL_SESSION* sess;
client = (bud_client_t*) arg;
DBG(&client->backend, "ssl_cert_cb {%d}", client->async_hello);
/* Finished, or no need to perform anything async */
if (client->async_hello == kBudProgressDone)
return 1;
/* Already running, please wait */
if (client->async_hello == kBudProgressRunning)
return -1;
/* Set hello */
sess = SSL_get_session(ssl);
if (sess == NULL || sess->tlsext_hostname == NULL) {
client->hello.servername = NULL;
client->hello.servername_len = 0;
} else {
client->hello.servername = sess->tlsext_hostname;
client->hello.servername_len = strlen(sess->tlsext_hostname);
}
client->hello.ocsp_request =
ssl->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp ? 1 : 0;
err = bud_client_on_hello(client);
if (!bud_is_ok(err.err))
return 0;
return -1;
}示例14: my_ssl_connect
/*
establish SSL connection between client
and server
SYNOPSIS
my_ssl_connect
ssl ssl object
RETURN VALUES
0 success
1 error
*/
int my_ssl_connect(SSL *ssl)
{
my_bool blocking;
MYSQL *mysql;
long rc;
my_bool try_connect= 1;
DBUG_ENTER("my_ssl_connect");
DBUG_ASSERT(ssl != NULL);
mysql= (MYSQL *)SSL_get_app_data(ssl);
CLEAR_CLIENT_ERROR(mysql);
/* Set socket to non blocking */
if (!(blocking= vio_is_blocking(mysql->net.vio)))
vio_blocking(mysql->net.vio, FALSE, 0);
SSL_clear(ssl);
SSL_SESSION_set_timeout(SSL_get_session(ssl),
mysql->options.connect_timeout);
SSL_set_fd(ssl, mysql->net.vio->sd);
while (try_connect && (rc= SSL_connect(ssl)) == -1)
{
switch(SSL_get_error(ssl, rc)) {
case SSL_ERROR_WANT_READ:
if (vio_wait_or_timeout(mysql->net.vio, TRUE, mysql->options.connect_timeout) < 1)
try_connect= 0;
break;
case SSL_ERROR_WANT_WRITE:
if (vio_wait_or_timeout(mysql->net.vio, TRUE, mysql->options.connect_timeout) < 1)
try_connect= 0;
break;
default:
try_connect= 0;
}
}
if (rc != 1)
{
my_SSL_error(mysql);
DBUG_RETURN(1);
}
rc= SSL_get_verify_result(ssl);
if (rc != X509_V_OK)
{
my_set_error(mysql, CR_SSL_CONNECTION_ERROR, SQLSTATE_UNKNOWN,
ER(CR_SSL_CONNECTION_ERROR), X509_verify_cert_error_string(rc));
/* restore blocking mode */
if (!blocking)
vio_blocking(mysql->net.vio, FALSE, 0);
DBUG_RETURN(1);
}
vio_reset(mysql->net.vio, VIO_TYPE_SSL, mysql->net.vio->sd, 0, 0);
mysql->net.vio->ssl= ssl;
DBUG_RETURN(0);
}示例15: eap_crypto_mppe_keys
USES_APPLE_DEPRECATED_API /* OpenSSL API has been deprecated by Apple */
#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h>
#include <openssl/hmac.h>
#include <freeradius-devel/util/sha1.h>
#include <freeradius-devel/tls/base.h>
#include <freeradius-devel/tls/missing.h>
#include "tls.h"
#include "base.h"
#include "attrs.h"
#define EAP_TLS_MPPE_KEY_LEN 32
/** Generate keys according to RFC 2716 and add to the reply
*
*/
int eap_crypto_mppe_keys(REQUEST *request, SSL *ssl, char const *prf_label, size_t prf_label_len)
{
uint8_t out[4 * EAP_TLS_MPPE_KEY_LEN];
uint8_t *p;
if (SSL_export_keying_material(ssl, out, sizeof(out), prf_label, prf_label_len, NULL, 0, 0) != 1) {
tls_log_error(request, "Failed generating MPPE keys");
return -1;
}
if (RDEBUG_ENABLED3) {
uint8_t random[SSL3_RANDOM_SIZE];
size_t random_len;
uint8_t master_key[SSL_MAX_MASTER_KEY_LENGTH];
size_t master_key_len;
RDEBUG3("Key Derivation Function input");
RINDENT();
RDEBUG3("prf label : %pV", fr_box_strvalue_len(prf_label, prf_label_len));
master_key_len = SSL_SESSION_get_master_key(SSL_get_session(ssl), master_key, sizeof(master_key));
RDEBUG3("master session key : %pH", fr_box_octets(master_key, master_key_len));
random_len = SSL_get_client_random(ssl, random, SSL3_RANDOM_SIZE);
RDEBUG3("client random : %pH", fr_box_octets(random, random_len));
random_len = SSL_get_server_random(ssl, random, SSL3_RANDOM_SIZE);
RDEBUG3("server random : %pH", fr_box_octets(random, random_len));
REXDENT();
}
RDEBUG2("Adding session keys");
p = out;
eap_add_reply(request, attr_ms_mppe_recv_key, p, EAP_TLS_MPPE_KEY_LEN);
p += EAP_TLS_MPPE_KEY_LEN;
eap_add_reply(request, attr_ms_mppe_send_key, p, EAP_TLS_MPPE_KEY_LEN);
eap_add_reply(request, attr_eap_msk, out, 64);
eap_add_reply(request, attr_eap_emsk, out + 64, 64);
return 0;
}