本文整理汇总了C++中SSL_shutdown函数的典型用法代码示例。如果您正苦于以下问题:C++ SSL_shutdown函数的具体用法?C++ SSL_shutdown怎么用?C++ SSL_shutdown使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SSL_shutdown函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: s_time_main
//.........这里部分代码省略.........
}
if (!(s_time_config.perform & 1))
goto next;
printf("Collecting connection statistics for %d seconds\n",
s_time_config.maxtime);
/* Loop and time how long it takes to make connections */
bytes_read = 0;
finishtime = (long) time(NULL) + s_time_config.maxtime;
tm_Time_F(START);
for (;;) {
if (finishtime < (long) time(NULL))
break;
if ((scon = doConnection(NULL)) == NULL)
goto end;
if (s_time_config.www_path != NULL) {
int retval = snprintf(buf, sizeof buf,
"GET %s HTTP/1.0\r\n\r\n", s_time_config.www_path);
if ((size_t)retval >= sizeof buf) {
fprintf(stderr, "URL too long\n");
goto end;
}
SSL_write(scon, buf, strlen(buf));
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
bytes_read += i;
}
if (s_time_config.no_shutdown)
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN |
SSL_RECEIVED_SHUTDOWN);
else
SSL_shutdown(scon);
shutdown(SSL_get_fd(scon), SHUT_RDWR);
close(SSL_get_fd(scon));
nConn += 1;
if (SSL_session_reused(scon))
ver = 'r';
else {
ver = SSL_version(scon);
if (ver == TLS1_VERSION)
ver = 't';
else if (ver == SSL3_VERSION)
ver = '3';
else if (ver == SSL2_VERSION)
ver = '2';
else
ver = '*';
}
fputc(ver, stdout);
fflush(stdout);
SSL_free(scon);
scon = NULL;
}
totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
i = (int) ((long) time(NULL) - finishtime + s_time_config.maxtime);
printf("\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double) nConn / totalTime), bytes_read);
printf("%d connections in %ld real seconds, %ld bytes read per connection\n", nConn, (long) time(NULL) - finishtime + s_time_config.maxtime, bytes_read / nConn);
/*
* Now loop and time connections using the same session id over and
* over示例2: url_get
//.........这里部分代码省略.........
out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC,
0666);
if (out < 0) {
warn("Can't open %s", savefile);
goto cleanup_url_get;
}
} else
out = fileno(stdout);
/* Trap signals */
oldintr = NULL;
if (setjmp(httpabort)) {
if (oldintr)
(void)signal(SIGINT, oldintr);
goto cleanup_url_get;
}
oldintr = signal(SIGINT, aborthttp);
bytes = 0;
hashbytes = mark;
progressmeter(-1);
free(buf);
/* Finally, suck down the file. */
if ((buf = malloc(4096)) == NULL)
errx(1, "Can't allocate memory for transfer buffer");
i = 0;
len = 1;
while (len > 0) {
len = ftp_read(fin, ssl, buf, 4096);
bytes += len;
for (cp = buf, wlen = len; wlen > 0; wlen -= i, cp += i) {
if ((i = write(out, cp, wlen)) == -1) {
warn("Writing %s", savefile);
goto cleanup_url_get;
}
else if (i == 0)
break;
}
if (hash && !progress) {
while (bytes >= hashbytes) {
(void)putc('#', ttyout);
hashbytes += mark;
}
(void)fflush(ttyout);
}
}
if (hash && !progress && bytes > 0) {
if (bytes < mark)
(void)putc('#', ttyout);
(void)putc('\n', ttyout);
(void)fflush(ttyout);
}
if (len != 0) {
warn("Reading from socket");
goto cleanup_url_get;
}
progressmeter(1);
if (
#ifndef SMALL
!resume &&
#endif /* !SMALL */
filesize != -1 && len == 0 && bytes != filesize) {
if (verbose)
fputs("Read short file.\n", ttyout);
goto cleanup_url_get;
}
if (verbose)
fputs("Successfully retrieved file.\n", ttyout);
(void)signal(SIGINT, oldintr);
rval = 0;
goto cleanup_url_get;
noftpautologin:
warnx(
"Auto-login using ftp URLs isn't supported when using $ftp_proxy");
goto cleanup_url_get;
improper:
warnx("Improper response from %s", host);
cleanup_url_get:
#ifndef SMALL
if (ssl) {
SSL_shutdown(ssl);
SSL_free(ssl);
}
#endif /* !SMALL */
if (fin != NULL)
fclose(fin);
else if (s != -1)
close(s);
free(buf);
free(proxyurl);
free(newline);
return (rval);
}示例3: MAKEWORD
//.........这里部分代码省略.........
SSL *ssl;
X509 *server_cert;
char *str;
char buf[1024];
SSL_METHOD *meth;
FILE *fp;
#ifdef _WIN32
wVersionRequested = MAKEWORD (2, 2);
err = WSAStartup (wVersionRequested, &wsaData);
if (err != 0)
{
printf ("WSAStartup err\n");
return -1;
}
#endif /* */
//首先建立连接
sock = socket (AF_INET, SOCK_STREAM, 0);
dest_sin.sin_family = AF_INET;
dest_sin.sin_addr.s_addr = inet_addr ("127.0.0.1");
dest_sin.sin_port = htons (8888);
again:err = connect (sock, (struct sockaddr_in *) &dest_sin, sizeof (dest_sin));
if (err < 0)
{
sleep (1);
goto again;
}
//安全连接要求在连接建立后进行握手
ssl = SSL_new (ctx);
if (ssl == NULL)
{
printf ("ss new err\n");
return;
}
SSL_set_fd (ssl, sock);
//请求SSL连接
err = SSL_connect (ssl);
if (err < 0)
{
printf ("SSL_connect err\n");
return;
}
printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
//
server_cert = SSL_get_peer_certificate (ssl);
printf ("Server certificate:\n");
//获得服务端证书subject并转变成字符型,以便进行打印
str = X509_NAME_oneline (X509_get_subject_name (server_cert), 0, 0);
printf ("\t subject: %s\n", str);
OPENSSL_free (str);
//获得客户端证书issuer并转变成字符型,以便进行打印
str = X509_NAME_oneline (X509_get_issuer_name (server_cert), 0, 0);
printf ("\t issuer: %s\n", str);
OPENSSL_free (str);
X509_free (server_cert);
//进行安全会话
err = SSL_write (ssl, "Hello World!", strlen ("Hello World!"));
if (err < 0)
{
printf ("ssl write err\n");
return;
}
#if 0
memset (buf, 0, ONE_BUF_SIZE);
err = SSL_read (ssl, buf, sizeof (buf) - 1);
if (err < 0)
{
printf ("ssl read err\n");
return;
}
buf[err] = '\0';
printf ("Got %d chars:'%s'\n", err, buf);
#endif /* */
SSL_shutdown (ssl);
SSL_free (ssl);
close (sock);
/* send SSL/TLS close_notify */
}示例4: hgd_service_client
void
hgd_service_client(int cli_fd, struct sockaddr_in *cli_addr)
{
struct hgd_session sess;
char *recv_line;
uint8_t exit, ssl_dead = 0;
sess.cli_str = hgd_identify_client(cli_addr);
sess.sock_fd = cli_fd;
sess.cli_addr = cli_addr;
sess.user = NULL;
sess.ssl = NULL;
if (sess.cli_str == NULL)
xasprintf(&sess.cli_str, "unknown"); /* shouldn't happen */
DPRINTF(HGD_D_INFO, "Client connection: '%s'", sess.cli_str);
/* oh hai */
hgd_sock_send_line(cli_fd, sess.ssl, HGD_GREET);
/* main command recieve loop */
do {
recv_line = hgd_sock_recv_line(sess.sock_fd, sess.ssl);
exit = hgd_parse_line(&sess, recv_line);
free(recv_line);
if (num_bad_commands >= HGD_MAX_BAD_COMMANDS) {
DPRINTF(HGD_D_WARN,"Client abused server, "
"kicking '%s'", sess.cli_str);
/* laters */
hgd_sock_send_line(cli_fd, sess.ssl, HGD_BYE_KICK);
close(sess.sock_fd);
exit_ok = 1;
hgd_exit_nicely();
}
} while (!exit && !dying && !restarting);
/*
* client service procs should not respawn as liesteners,
* that would suck. This may need tweaking later, as the exit
* message may be misinterpreted (?) Handling HUP is hard.
*/
if (restarting) {
dying = 1;
restarting = 0;
exit_ok = 1;
}
/* laters */
hgd_sock_send_line(cli_fd, sess.ssl, HGD_BYE);
/* free up the hgd_session members */
if (sess.cli_str != NULL)
free(sess.cli_str);
if (sess.ssl != NULL) {
while (!ssl_dead)
ssl_dead = SSL_shutdown(sess.ssl);
SSL_free(sess.ssl);
}
if (sess.user) {
if (sess.user->name)
free(sess.user->name);
free(sess.user);
}
}示例5: swSSL_close
void swSSL_close(swConnection *conn)
{
SSL_shutdown(conn->ssl);
SSL_free(conn->ssl);
}示例6: cg_socket_close
BOOL cg_socket_close(CgSocket *sock)
{
cg_log_debug_l4("Entering...\n");
if (cg_socket_isbound(sock) == FALSE)
return TRUE;
#if defined(CG_USE_OPENSSL)
if (cg_socket_isssl(sock) == TRUE) {
if (sock->ctx) {
SSL_shutdown(sock->ssl);
SSL_free(sock->ssl);
sock->ssl = NULL;
}
if (sock->ctx) {
SSL_CTX_free(sock->ctx);
sock->ctx = NULL;
}
}
#endif
#if (defined(WIN32) || defined(__CYGWIN__)) && !defined(ITRON)
#if !defined(WINCE)
WSAAsyncSelect(sock->id, NULL, 0, FD_CLOSE);
#endif
shutdown(sock->id, SD_BOTH );
#if defined WINCE
{
int nRet = 1;
char achDiscard[256];
while (nRet && (nRet != SOCKET_ERROR)){
if (nRet>0) {
achDiscard[nRet]=(char)0;
#if defined DEBUG_SOCKET
printf("DUMMY READ WHILE CLOSING SOCKET \n%s\n",achDiscard);
#endif
}
nRet = recv(sock->id,achDiscard,128,0);
}
}
#endif
closesocket(sock->id);
#if !defined(__CYGWIN__) && !defined(__MINGW32__)
sock->id = INVALID_SOCKET;
#else
sock->id = -1;
#endif
#else
#if defined(BTRON) || (defined(TENGINE) && !defined(CG_TENGINE_NET_KASAGO))
so_shutdown(sock->id, 2);
so_close(sock->id);
#elif defined(TENGINE) && defined(CG_TENGINE_NET_KASAGO)
ka_tfClose(sock->id);
#elif defined(ITRON)
if (cg_socket_issocketstream(sock) == TRUE) {
tcp_can_cep(sock->id, TFN_TCP_ALL);
tcp_sht_cep(sock->id);
tcp_del_cep(sock->id);
tcp_cls_cep(sock->id, TMO_FEVR);
tcp_del_rep(sock->id);
}
else {
udp_can_cep(sock->id, TFN_UDP_ALL);
udp_del_cep(sock->id);
}
#else
int flag = fcntl(sock->id, F_GETFL, 0);
if (0 <= flag)
fcntl(sock->id, F_SETFL, flag | O_NONBLOCK);
shutdown(sock->id, 2);
close(sock->id);
#endif
sock->id = -1;
#endif
cg_socket_setaddress(sock, "");
cg_socket_setport(sock, -1);
return TRUE;
cg_log_debug_l4("Leaving...\n");
}示例7: https_service_conn
//.........这里部分代码省略.........
if (count < 0) goto ERROR;
buf[count] = '\0';
printf(buf);
if (!strncmp(buf, "GET", 3)) {
char url[256];
strtok(buf, " ");
strcpy(url, https_s.dir);
strcat(url, strtok(NULL, " "));
if (strcmp(url, "index.html")) {
write_url_ssl(ssl, buf, url);
} else if (strcmp(url, "guest_panel.html")) {
if (check_privileges()) {
write_url_ssl(ssl, buf, url);
} else {
write_404_ssl(ssl, buf, "<html><body>You don't have access! Go away!</body></html>");
}
} else if (strcmp(url, "admin_panel.html")) {
if (check_privileges() == ADMIN_PRIV) {
write_url_ssl(ssl, buf, url);
} else {
write_404_ssl(ssl, buf, "<html><body>You don't have access! Go away!</body></html>");
}
}
}
if (!strncmp(buf, "POST", 4)) {
int i;
char *tmp;
char *password;
char *username;
int admin_login = 1;
int guest_login = 1;
char *ble = buf;
if ((tmp = strstr(buf, "username")) != NULL) {
if (strcmp("username", strtok(tmp, "=&"))) {
admin_login = 0;
guest_login = 0;
}
username = strtok(NULL, "=&");
printf("user: %s\n", username);
if (strcmp(username, https_d.admin_username)) admin_login = 0;
if (strcmp(username, https_d.guest_username)) guest_login = 0;
if (strcmp("password", strtok(NULL, "=&"))) {
admin_login = 0;
guest_login = 0;
}
password = strtok(NULL, "=&");
printf("pass: %s\n", password);
if (strcmp(password, https_d.admin_password)) admin_login = 0;
if (strcmp(password, https_d.guest_password)) guest_login = 0;
if (admin_login) {
/*
* save session id with appropriate flag
*/
save_session(ssl, ADMIN_PRIV);
write_url_ssl(ssl, buf, "admin_login.html");
}
if (guest_login) {
/*
* save session id with appropriate flag
*/
save_session(ssl, GUEST_PRIV);
write_url_ssl(ssl, buf, "guest_login.html");
}
if (!admin_login && !guest_login) {
write_404_ssl(ssl, buf, "<html><body>Logging has failed! Go away!</body></html>");
}
//printf(buf);
} else if ((tmp = strstr(buf, "killall")) != NULL) {
/* killal has been issued */
if (check_privileges(ssl) == ADMIN_PRIV) {
system("killall.sh");
} else {
write_404_ssl(ssl, buf, "<html><body>You cannot do that!Go away!</body></html>");
}
} else if ((tmp = strstr(buf, "poweroff")) != NULL) {
if (check_privileges(ssl) == ADMIN_PRIV) {
system("poweroff.sh");
} else {
write_404_ssl(ssl, buf, "<html><body>You cannot do that!Go away!</body></html>");
}
} else if ((tmp = strstr(buf, "something")) != NULL) {
if (check_privileges(ssl) == ADMIN_PRIV) {
system("something.sh");
} else {
write_404_ssl(ssl, buf, "<html><body>You cannot do that!Go away!</body></html>");
}
}
}
SSL_shutdown(ssl);
SSL_free(ssl);
close(conn_sock);
exit(EXIT_SUCCESS);
ERROR:
SSL_shutdown(ssl);
SSL_free(ssl);
close(conn_sock);
exit(EXIT_FAILURE);
}示例8: lws_server_socket_service
//.........这里部分代码省略.........
if (lws_change_pollfd(wsi, LWS_POLLOUT, 0))
goto fail;
#ifdef LWS_USE_LIBEV
if (LWS_LIBEV_ENABLED(context))
ev_io_stop(context->io_loop,
(struct ev_io *)&wsi->w_write);
#endif /* LWS_USE_LIBEV */
lws_latency_pre(context, wsi);
n = recv(wsi->sock, context->service_buffer,
sizeof(context->service_buffer), MSG_PEEK);
/*
* optionally allow non-SSL connect on SSL listening socket
* This is disabled by default, if enabled it goes around any
* SSL-level access control (eg, client-side certs) so leave
* it disabled unless you know it's not a problem for you
*/
if (context->allow_non_ssl_on_ssl_port && n >= 1 &&
context->service_buffer[0] >= ' ') {
/*
* TLS content-type for Handshake is 0x16
* TLS content-type for ChangeCipherSpec Record is 0x14
*
* A non-ssl session will start with the HTTP method in
* ASCII. If we see it's not a legit SSL handshake
* kill the SSL for this connection and try to handle
* as a HTTP connection upgrade directly.
*/
wsi->use_ssl = 0;
SSL_shutdown(wsi->ssl);
SSL_free(wsi->ssl);
wsi->ssl = NULL;
goto accepted;
}
/* normal SSL connection processing path */
n = SSL_accept(wsi->ssl);
lws_latency(context, wsi,
"SSL_accept LWS_CONNMODE_SSL_ACK_PENDING\n", n, n == 1);
if (n != 1) {
m = SSL_get_error(wsi->ssl, n);
lwsl_debug("SSL_accept failed %d / %s\n",
m, ERR_error_string(m, NULL));
if (m == SSL_ERROR_WANT_READ) {
if (lws_change_pollfd(wsi, 0, LWS_POLLIN))
goto fail;
#ifdef LWS_USE_LIBEV
if (LWS_LIBEV_ENABLED(context))
ev_io_start(context->io_loop,
(struct ev_io *)&wsi->w_read);
#endif /* LWS_USE_LIBEV */
lwsl_info("SSL_ERROR_WANT_READ\n");
break;
}
if (m == SSL_ERROR_WANT_WRITE) {
if (lws_change_pollfd(wsi, 0, LWS_POLLOUT))
goto fail;
#ifdef LWS_USE_LIBEV
if (LWS_LIBEV_ENABLED(context))示例9: if
void bgcc::SSLEventCallback::DataCallback(EventLoop* el, SOCKET fd, void* arg)
{
int32_t ret = 0;
char* p = NULL;
bgcc::Mempool* mempool = bgcc::Mempool::get_instance();
struct SSLEventCallbackArg* callbackArg = (struct SSLEventCallbackArg*)arg;
bgcc::ReadItem* pItem = &(Items[fd]);
reading_item_t& item = pItem->item;
p = item.head_buf;
if (S_SIZE_READING == item.state) {
p = item.head_buf;
} else if (S_DATA_READING == item.state) {
p = item.data;
}
BGCC_TRACE("bgcc", "Enter SSL DataCallback(fd=%d)", fd);
if (!callbackArg->ssl) {
BGCC_TRACE("bgcc", "callbackArg->ssl is NULL, we should not be here.");
TimeUtil::safe_sleep_ms(0);
BGCC_TRACE("bgcc", "Leave SSL DataCallback(fd=%d)", fd);
return;
}
bool do_while = true;
while (true && do_while) {
ret = SSL_read(callbackArg->ssl, p + item.nread, item.nexpected);
switch(SSL_get_error(callbackArg->ssl, ret)) {
case SSL_ERROR_NONE:
item.nread += ret;
item.nexpected -= ret;
if (0 == item.nexpected) {
if (S_SIZE_READING == item.state) {
if (item.head_buf[0] != 'b'
|| item.head_buf[1] != 'g'
|| item.head_buf[2] != 'c'
|| item.head_buf[3] != 'P') {
BGCC_WARN("bgcc", "invalid bgcc header(fd=%d)", fd);
pItem->err = -1;
do_while = false;
break;
}
item.state = S_DATA_READING;
item.nexpected = BODY_LEN(p);
if (item.nexpected < 0) {
BGCC_WARN("bgcc", "Message body length=%d too short, remove from epoll", item.nexpected);
do_while = false;
break;
} else if (0 == item.nexpected) {
BGCC_TRACE("bgcc", "Empty body Package");
do_while = false;
break;
}
item.data = (char*)mempool->get_mem_block(item.nexpected);
p = item.data;
item.nread = 0;
continue;
} else if (S_DATA_READING == item.state) {
pItem->err = 0;
do_while = false;
break;
}
}
continue;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
return;
default:
pItem->err = -1;
do_while = false;
break;
}
}
SSLEpollServer* pArg = (SSLEpollServer*)callbackArg->arg;
TaskAsso* pT = pArg ? pArg->Tasks+fd : NULL;
pT->pLoop = el;
pT->pServer = pArg;
pT->pItem = pItem;
PrepareEvent(pT->event, fd, arg);
pItem->pTask = pT;
int32_t todel = 1;
BusizProcessor::Process(pItem, pT, item.nread, &todel, true, arg);
if (pItem->err) {
SSL_shutdown(callbackArg->ssl);
BGCC_DEBUG("bgcc", "Memory SSL free: %p", callbackArg->ssl);
SSL_free(callbackArg->ssl);
callbackArg->ssl = NULL;
if (pItem->isEnroll) {
if(todel){
//.........这里部分代码省略.........
示例10: BGCC_TRACE
void bgcc::SSLEventCallback::AcceptCallback(EventLoop* el, SOCKET fd, void* arg)
{
BGCC_TRACE("bgcc", "Enter SSL AcceptCallback(fd=%d)", fd);
do {
SOCKET newfd = INVALID_SOCKET;
struct sockaddr_in sin;
socklen_t addrlen = sizeof(struct sockaddr);
PeerInfo tmp("", 0);
memset(&sin, 0, addrlen);
newfd = accept(fd, (struct sockaddr*)&sin, &addrlen);
if (INVALID_SOCKET != newfd) {
SocketTool::getsockdetail(newfd, tmp, true);
BGCC_NOTICE("bgcc", "Accept an Client From %s:%d, fd=%d",
tmp.GetHost().c_str(), tmp.GetPort(), newfd);
} else {
if (SocketTool::is_interrupt()) {
continue;
} else {
break;
}
}
if (newfd >= MAXNFD) {
BGCC_WARN("bgcc", "Too many client. Reject client %s:%d, fd=%d, (max=%d)",
tmp.GetHost().c_str(), tmp.GetPort(), newfd, MAXNFD);
SocketTool::close(newfd);
BGCC_TRACE("bgcc", "Leave SSL AcceptCallback(fd=%d)", fd);
return;
} else {
bgcc::ReadItem* pItem = &(Items[newfd]);
pItem->Reset();
pItem->isEnroll = false;
pItem->pTask = NULL;
SSLEventCallbackArg* callbackArg = (SSLEventCallbackArg*)arg;
SSLEventCallbackArg* newCallbackArg = &args[newfd];
newCallbackArg->arg = callbackArg->arg;
newCallbackArg->ssl = SSL_new(g_ssl_ctx);
BGCC_DEBUG("bgcc", "Memory new: %p", newCallbackArg->ssl);
if (!newCallbackArg->ssl) {
BGCC_WARN("bgcc", "new ssl failed. close fd=%d", newfd);
SocketTool::close(newfd);
break;
}
SSL_set_fd(newCallbackArg->ssl, newfd);
Event e;
PrepareEvent(e, newfd, newCallbackArg);
e.read_cb = SSLAcceptCallback;
if (el->add_event(&e) != 0) {
SSL_shutdown(newCallbackArg->ssl);
BGCC_DEBUG("bgcc", "Memory SSL free: %p", newCallbackArg->ssl);
SSL_free(newCallbackArg->ssl);
newCallbackArg->ssl = NULL;
SocketTool::close(newfd);
BGCC_TRACE("bgcc", "ssl add_event failed");
}
}
} while (true);
BGCC_TRACE("bgcc", "Leave SSL AcceptCallback(fd=%d)", fd);
}示例11: ngx_ssl_shutdown
ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c)
{
int n, sslerr;
ngx_uint_t again;
if (c->timedout) {
SSL_set_shutdown(c->ssl->ssl, SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN);
} else {
if (c->ssl->no_rcv_shut) {
SSL_set_shutdown(c->ssl->ssl, SSL_RECEIVED_SHUTDOWN);
}
if (c->ssl->no_send_shut) {
SSL_set_shutdown(c->ssl->ssl, SSL_SENT_SHUTDOWN);
}
}
again = 0;
for ( ;; ) {
n = SSL_shutdown(c->ssl->ssl);
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_shutdown: %d", n);
if (n == 0) {
again = 1;
break;
}
if (n == 1) {
SSL_free(c->ssl->ssl);
c->ssl = NULL;
return NGX_OK;
}
break;
}
if (!again) {
sslerr = SSL_get_error(c->ssl->ssl, n);
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
"SSL_get_error: %d", sslerr);
}
if (again || sslerr == SSL_ERROR_WANT_READ) {
ngx_add_timer(c->read, 10000);
if (ngx_handle_read_event(c->read, 0) == NGX_ERROR) {
return NGX_ERROR;
}
return NGX_AGAIN;
}
if (sslerr == SSL_ERROR_WANT_WRITE) {
if (ngx_handle_write_event(c->write, 0) == NGX_ERROR) {
return NGX_ERROR;
}
return NGX_AGAIN;
}
ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_shutdown() failed");
return NGX_ERROR;
}示例12: switch
bool SSLTCPSocket::setFD(SOCKET sock) {
this->sock = sock;
switch(endPoint) {
case CLIENT:
if ((ssl = SSL_new(SSLTCPSocket::clientContext)) == NULL) {
fprintf(stderr, "SSL_new failed!\n");
CloseSocket(sock);
return false;
}
break;
case SERVER:
if ((ssl = SSL_new(SSLTCPSocket::serverContext)) == NULL) {
fprintf(stderr, "SSL_new failed!\n");
CloseSocket(sock);
return false;
}
break;
case LISTENER:
default:
return true;
};
if (!SSL_set_fd(ssl, sock)) {
fprintf(stderr, "SSL_set_fd failed!\n");
SSL_shutdown(ssl);
SSL_free(ssl);
CloseSocket(sock);
return false;
}
int ret;
bool handshaking = true;
switch(endPoint) {
case CLIENT:
while (handshaking) {
ret = SSL_connect(ssl);
if (ret <= 0 && SSL_get_error(ssl, ret) != SSL_ERROR_WANT_CONNECT) {
fprintf(stderr, "SSL_connect failed!\n");
this->error = -1;
SSL_shutdown(ssl);
SSL_free(ssl);
ssl = NULL;
CloseSocket(sock);
return false;
}
else if (ret <= 0 && SSL_get_error(ssl, ret) == SSL_ERROR_WANT_CONNECT) {
continue;
}
else {
handshaking = false;
}
}
break;
case SERVER:
while (handshaking) {
ret = SSL_accept(ssl);
if (ret <= 0 && SSL_get_error(ssl, ret) != SSL_ERROR_WANT_ACCEPT) {
fprintf(stderr, "SSL_accept failed!\n");
ERR_print_errors_fp(stderr);
this->error = -1;
SSL_shutdown(ssl);
SSL_free(ssl);
ssl = NULL;
CloseSocket(sock);
return false;
}
else if (ret <= 0 && SSL_get_error(ssl, ret) == SSL_ERROR_WANT_ACCEPT) {
continue;
}
else {
handshaking = false;
}
}
break;
};
return true;
}示例13: main
//.........这里部分代码省略.........
OpenSSL_add_all_algorithms(); /*load algorithms of SSL*/
SSL_load_error_strings(); /*load error infor*/
/*create a ssl_ctx */
ctx = SSL_CTX_new(SSLv23_server_method());
if(ctx == NULL) {
ERR_print_errors_fp(stdout);
exit(1);
}
/*certificate the user's ctx*/
if(SSL_CTX_use_certificate_file(ctx, argv[4], SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stdout);
exit(1);
}
/*load privatekey*/
if(SSL_CTX_use_PrivateKey_file(ctx, argv[5], SSL_FILETYPE_PEM) <= 0) {
ERR_print_errors_fp(stdout);
exit(1);
}
/*certificate privatekey*/
if(!SSL_CTX_check_private_key(ctx)) {
ERR_print_errors_fp(stdout);
exit(1);
}
/*create a socket*/
if((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
perror("socket");
exit(1);
}else
printf("socket created\n");
bzero(&my_addr, sizeof(my_addr));
my_addr.sin_family = AF_INET;
my_addr.sin_port = htons(myport);
if (argv[3])
my_addr.sin_addr.s_addr = inet_addr(argv[3]);
else
my_addr.sin_addr.s_addr = INADDR_ANY;
if (bind(sockfd, (struct sockaddr *) &my_addr, sizeof(struct sockaddr))
== -1) {
perror("bind");
exit(1);
} else
printf("binded\n");
if (listen(sockfd, LISNUM) == -1) {
perror("listen");
exit(1);
} else
printf("begin listen\n");
/*initialize signal*/
sigemptyset(&set);
sigaddset(&set,SIGUSR1);
sigaddset(&set,SIGUSR2);
sigprocmask(SIG_SETMASK,&set,NULL);
inituser(&root); //初始化用户链表
while (1) {
len = sizeof(struct sockaddr);
/*accept connection*/
if ((new_fd =
accept(sockfd, (struct sockaddr *) &their_addr,
&len)) == -1) {
perror("accept");
exit(errno);
}else{
printf("server: got connection from %s, port %d, socket %d\n",inet_ntoa(their_addr.sin_addr),ntohs(their_addr.sin_port), new_fd);
/*create a new ssl*/
ssl = SSL_new(ctx);
/*combinate the ssl with asocket*/
SSL_set_fd(ssl, new_fd);
/*create a safe connection*/
if (SSL_accept(ssl) == -1) {
perror("accept");
break;
}
/*create a thread to solve the communication*/
node = beforechat(&ssl);
pthread_mutex_lock(&work_mutex);
result = pthread_create(thread+(count++),NULL,recv_data,node);
r_thread = thread[count-1];
pthread_kill(r_thread,SIGUSR1);
//pthread_create(thread+(count++),NULL,send_data,ssl);
if(result !=0){
perror("pthread_create");
exit(EXIT_FAILURE);
}
//send_data(ssl);
pthread_mutex_unlock(&work_mutex);
}
}
if(ssl != NULL)
{
SSL_shutdown(ssl);
SSL_free(ssl);
}
close(sockfd);
SSL_CTX_free(ctx);
return 0;
}示例14: openssl_example_task
//.........这里部分代码省略.........
ESP_LOGI(TAG, "OK");
ip4_addr = (struct ip4_addr *)hp->h_addr;
ESP_LOGI(TAG, IPSTR, IP2STR(ip4_addr));
ESP_LOGI(TAG, "create SSL context ......");
ctx = SSL_CTX_new(TLSv1_1_client_method());
if (!ctx) {
ESP_LOGI(TAG, "failed");
goto failed1;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "create socket ......");
sockfd = socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
ESP_LOGI(TAG, "failed");
goto failed2;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "bind socket ......");
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_addr.s_addr = 0;
sock_addr.sin_port = htons(OPENSSL_EXAMPLE_LOCAL_TCP_PORT);
ret = bind(sockfd, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "socket connect to remote %s ......", OPENSSL_EXAMPLE_TARGET_NAME);
memset(&sock_addr, 0, sizeof(sock_addr));
sock_addr.sin_family = AF_INET;
sock_addr.sin_addr.s_addr = ip4_addr->addr;
sock_addr.sin_port = htons(OPENSSL_EXAMPLE_TARGET_TCP_PORT);
ret = connect(sockfd, (struct sockaddr*)&sock_addr, sizeof(sock_addr));
if (ret) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "create SSL ......");
ssl = SSL_new(ctx);
if (!ssl) {
ESP_LOGI(TAG, "failed");
goto failed3;
}
ESP_LOGI(TAG, "OK");
SSL_set_fd(ssl, sockfd);
ESP_LOGI(TAG, "SSL connected to %s port %d ......",
OPENSSL_EXAMPLE_TARGET_NAME, OPENSSL_EXAMPLE_TARGET_TCP_PORT);
ret = SSL_connect(ssl);
if (!ret) {
ESP_LOGI(TAG, "failed " );
goto failed4;
}
ESP_LOGI(TAG, "OK");
ESP_LOGI(TAG, "send https request to %s port %d ......",
OPENSSL_EXAMPLE_TARGET_NAME, OPENSSL_EXAMPLE_TARGET_TCP_PORT);
ret = SSL_write(ssl, send_data, send_bytes);
if (ret <= 0) {
ESP_LOGI(TAG, "failed");
goto failed5;
}
ESP_LOGI(TAG, "OK");
do {
ret = SSL_read(ssl, recv_buf, OPENSSL_EXAMPLE_RECV_BUF_LEN - 1);
if (ret <= 0) {
break;
}
recv_buf[ret] = '\0';
recv_bytes += ret;
ESP_LOGI(TAG, "%s", recv_buf);
} while (1);
ESP_LOGI(TAG, "totaly read %d bytes data from %s ......", recv_bytes, OPENSSL_EXAMPLE_TARGET_NAME);
failed5:
SSL_shutdown(ssl);
failed4:
SSL_free(ssl);
ssl = NULL;
failed3:
close(sockfd);
sockfd = -1;
failed2:
SSL_CTX_free(ctx);
ctx = NULL;
failed1:
vTaskDelete(NULL);
return ;
}示例15: transfer
/****************************** transfer data */
static int transfer(CLI *c) {
int num, err;
int check_SSL_pending;
enum {CL_OPEN, CL_INIT, CL_RETRY, CL_CLOSED} ssl_closing=CL_OPEN;
int watchdog=0; /* a counter to detect an infinite loop */
int stunnel_hdr_is_sent=0;
int insert_new_hdr=0;
int is_http=-1; // -1:not set, 0:not http header, 1:is http header
int space_cnt=0;
char* space=NULL;
char* first_hdr_end=NULL;
c->sock_ptr=c->ssl_ptr=0;
sock_rd=sock_wr=ssl_rd=ssl_wr=1;
c->sock_bytes=c->ssl_bytes=0;
do { /* main loop */
/* set flag to try and read any buffered SSL data
* if we made room in the buffer by writing to the socket */
check_SSL_pending=0;
/****************************** setup c->fds structure */
s_poll_zero(&c->fds); /* Initialize the structure */
if(sock_rd && c->sock_ptr<BUFFSIZE) /* socket input buffer not full*/
s_poll_add(&c->fds, c->sock_rfd->fd, 1, 0);
if((ssl_rd && c->ssl_ptr<BUFFSIZE) || /* SSL input buffer not full */
((c->sock_ptr || ssl_closing==CL_RETRY) && want_rd))
/* want to SSL_write or SSL_shutdown but read from the
* underlying socket needed for the SSL protocol */
s_poll_add(&c->fds, c->ssl_rfd->fd, 1, 0);
if(c->ssl_ptr) /* SSL input buffer not empty */
s_poll_add(&c->fds, c->sock_wfd->fd, 0, 1);
if(c->sock_ptr || /* socket input buffer not empty */
ssl_closing==CL_INIT /* need to send close_notify */ ||
((c->ssl_ptr<BUFFSIZE || ssl_closing==CL_RETRY) && want_wr))
/* want to SSL_read or SSL_shutdown but write to the
* underlying socket needed for the SSL protocol */
s_poll_add(&c->fds, c->ssl_wfd->fd, 0, 1);
/****************************** wait for an event */
err=s_poll_wait(&c->fds, (sock_rd && ssl_rd) /* both peers open */ ||
c->ssl_ptr /* data buffered to write to socket */ ||
c->sock_ptr /* data buffered to write to SSL */ ?
c->opt->timeout_idle : c->opt->timeout_close);
switch(err) {
case -1:
sockerror("transfer: s_poll_wait");
return -1;
case 0: /* timeout */
if((sock_rd && ssl_rd) || c->ssl_ptr || c->sock_ptr) {
s_log(LOG_INFO, "s_poll_wait timeout: connection reset");
return -1;
} else { /* already closing connection */
s_log(LOG_INFO, "s_poll_wait timeout: connection close");
return 0; /* OK */
}
}
if(!(sock_can_rd || sock_can_wr || ssl_can_rd || ssl_can_wr)) {
s_log(LOG_ERR, "INTERNAL ERROR: "
"s_poll_wait returned %d, but no descriptor is ready", err);
return -1;
}
/****************************** send SSL close_notify message */
if(ssl_closing==CL_INIT || (ssl_closing==CL_RETRY &&
((want_rd && ssl_can_rd) || (want_wr && ssl_can_wr)))) {
switch(SSL_shutdown(c->ssl)) { /* Send close_notify */
case 1: /* the shutdown was successfully completed */
s_log(LOG_INFO, "SSL_shutdown successfully sent close_notify");
ssl_closing=CL_CLOSED; /* done! */
break;
case 0: /* the shutdown is not yet finished */
s_log(LOG_DEBUG, "SSL_shutdown retrying");
ssl_closing=CL_RETRY; /* retry next time */
break;
case -1: /* a fatal error occurred */
sslerror("SSL_shutdown");
return -1;
}
}
/****************************** write to socket */
if(sock_wr && sock_can_wr) {
/* for stunnel to tell web server the remote ip address */
int write_len;
char real_remote_addr[IPLEN+2];
char addr_header[64];
char* colon;
if(is_http == -1 && !stunnel_hdr_is_sent)
{
space = c->ssl_buff;
for(; space_cnt < 2; space_cnt++)
{
space = strchr(space, ' ');
if(space == NULL)
break;
//.........这里部分代码省略.........