本文整理汇总了C++中SSL_write函数的典型用法代码示例。如果您正苦于以下问题:C++ SSL_write函数的具体用法?C++ SSL_write怎么用?C++ SSL_write使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SSL_write函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: SOCKET_IO_DEBUG
int32_t CSSLClientAsync::SendBufferAsync()
{
int32_t nErrorCode = SOCKET_IO_RESULT_OK;
m_sendqueuemutex.Lock();
if (m_sendqueue.size() == 0)
{
SOCKET_IO_DEBUG("ssl send queue is empty.");
//待发送队列中为空,则删除写事件的注册,改成读事件
m_pio->Remove_WriteEvent(this);
m_sendqueuemutex.Unlock();
if (_GetWaitForCloseStatus() == TRUE)
{
//待发送内容发送完毕,则关闭链接
_Close();
}
return nErrorCode;
}
CSimpleBuffer* pBufferLoop = m_sendqueue.front();
m_sendqueuemutex.Unlock();
int32_t nRet = SSL_write(GetSSL(), (void*)pBufferLoop->GetBuffer(), pBufferLoop->GetWriteOffset());
if ( nRet < 0)
{
int32_t nError = SSL_get_error(GetSSL(), nRet);
if (SSL_ERROR_WANT_WRITE == nError || SSL_ERROR_WANT_READ == nError)
{
SOCKET_IO_INFO("send ssl data, buffer is blocking, errno: %d.", nError);
}
else
{
_ClearSendBuffer();
SOCKET_IO_ERROR("send ssl data error, errno: %d.", nError);
DoException(GetSocketID(), SOCKET_IO_SSL_SEND_FAILED);
}
}
else if (nRet == 0)
{
int32_t nError = SSL_get_error(GetSSL(), nRet);
if (SSL_ERROR_ZERO_RETURN == nError)
{
SOCKET_IO_WARN("send ssl data error, peer closed.");
}
else
{
SOCKET_IO_ERROR("send ssl data error, errno: %d.", nError);
}
_ClearSendBuffer();
DoException(GetSocketID(), SOCKET_IO_SSL_SEND_FAILED);
}
else if (nRet != pBufferLoop->GetWriteOffset())
{
//将未成功的数据重新放置buffer loop中,待下次发送
//对于ssl来说,应该不会出现此种情况
int32_t nSize = 0;
pBufferLoop->Read(NULL, nRet);
SOCKET_IO_WARN("send ssl data, send size: %d, less than %d.", nRet, pBufferLoop->GetWriteOffset());
}
else
{
SOCKET_IO_INFO("send ssl data from buffer successed.");
m_sendqueuemutex.Lock();
delete pBufferLoop;
pBufferLoop = NULL;
m_sendqueue.pop();
m_sendqueuemutex.Unlock();
}
return nErrorCode;
}示例2: s_time_main
int
s_time_main(int argc, char **argv)
{
double totalTime = 0.0;
int nConn = 0;
SSL *scon = NULL;
long finishtime = 0;
int ret = 1, i;
char buf[1024 * 8];
int ver;
s_time_init();
s_time_meth = SSLv23_client_method();
/* parse the command line arguments */
if (parseArgs(argc, argv) < 0)
goto end;
if ((tm_ctx = SSL_CTX_new(s_time_meth)) == NULL)
return (1);
SSL_CTX_set_quiet_shutdown(tm_ctx, 1);
if (st_bugs)
SSL_CTX_set_options(tm_ctx, SSL_OP_ALL);
SSL_CTX_set_cipher_list(tm_ctx, tm_cipher);
if (!set_cert_stuff(tm_ctx, t_cert_file, t_key_file))
goto end;
if ((!SSL_CTX_load_verify_locations(tm_ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(tm_ctx))) {
/*
* BIO_printf(bio_err,"error setting default verify
* locations\n");
*/
ERR_print_errors(bio_err);
/* goto end; */
}
if (tm_cipher == NULL)
tm_cipher = getenv("SSL_CIPHER");
if (tm_cipher == NULL) {
fprintf(stderr, "No CIPHER specified\n");
}
if (!(perform & 1))
goto next;
printf("Collecting connection statistics for %d seconds\n", maxTime);
/* Loop and time how long it takes to make connections */
bytes_read = 0;
finishtime = (long) time(NULL) + maxTime;
tm_Time_F(START);
for (;;) {
if (finishtime < (long) time(NULL))
break;
if ((scon = doConnection(NULL)) == NULL)
goto end;
if (s_www_path != NULL) {
int retval = snprintf(buf, sizeof buf,
"GET %s HTTP/1.0\r\n\r\n", s_www_path);
if ((size_t)retval >= sizeof buf) {
fprintf(stderr, "URL too long\n");
goto end;
}
SSL_write(scon, buf, strlen(buf));
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
bytes_read += i;
}
#ifdef NO_SHUTDOWN
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
SSL_shutdown(scon);
#endif
shutdown(SSL_get_fd(scon), SHUT_RDWR);
close(SSL_get_fd(scon));
nConn += 1;
if (SSL_session_reused(scon))
ver = 'r';
else {
ver = SSL_version(scon);
if (ver == TLS1_VERSION)
ver = 't';
else if (ver == SSL3_VERSION)
ver = '3';
else if (ver == SSL2_VERSION)
ver = '2';
else
ver = '*';
}
fputc(ver, stdout);
fflush(stdout);
SSL_free(scon);
scon = NULL;
}
totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
//.........这里部分代码省略.........
示例3: ssl_write
static int
ssl_write(tcpcon_t *tc, const void *data, size_t len)
{
return SSL_write(tc->ssl, data, len) != len ? ECONNRESET : 0;
}示例4: s_time_main
//.........这里部分代码省略.........
goto end;
if (!ctx_set_verify_locations(ctx, CAfile, CApath)) {
ERR_print_errors(bio_err);
goto end;
}
if (!(perform & 1))
goto next;
printf("Collecting connection statistics for %d seconds\n", maxtime);
/* Loop and time how long it takes to make connections */
bytes_read = 0;
finishtime = (long)time(NULL) + maxtime;
tm_Time_F(START);
for (;;) {
if (finishtime < (long)time(NULL))
break;
#ifdef WIN32_STUFF
if (flushWinMsgs(0) == -1)
goto end;
if (waitingToDie || exitNow) /* we're dead */
goto end;
#endif
if ((scon = doConnection(NULL, host, ctx)) == NULL)
goto end;
if (www_path != NULL) {
BIO_snprintf(buf, sizeof buf, "GET %s HTTP/1.0\r\n\r\n",
www_path);
if (SSL_write(scon, buf, strlen(buf)) <= 0)
goto end;
while ((i = SSL_read(scon, buf, sizeof(buf))) > 0)
bytes_read += i;
}
#ifdef NO_SHUTDOWN
SSL_set_shutdown(scon, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
#else
SSL_shutdown(scon);
#endif
SHUTDOWN2(SSL_get_fd(scon));
nConn += 1;
if (SSL_session_reused(scon))
ver = 'r';
else {
ver = SSL_version(scon);
if (ver == TLS1_VERSION)
ver = 't';
else if (ver == SSL3_VERSION)
ver = '3';
else
ver = '*';
}
fputc(ver, stdout);
fflush(stdout);
SSL_free(scon);
scon = NULL;
}
totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
i = (int)((long)time(NULL) - finishtime + maxtime);示例5: send_callback
/*
* The implementation of spdylay_send_callback type. Here we write
* |data| with size |length| to the network and return the number of
* bytes actually written. See the documentation of
* spdylay_send_callback for the details.
*/
static ssize_t send_callback(spdylay_session *session _U_,
const uint8_t *data, size_t length, int flags _U_,
void *user_data)
{
struct Connection *connection;
ssize_t rv;
connection = (struct Connection*)user_data;
connection->want_io = IO_NONE;
ERR_clear_error();
rv = SSL_write(connection->ssl, data, (int)length);
if(rv < 0) {
int err = SSL_get_error(connection->ssl, (int)rv);
if(err == SSL_ERROR_WANT_WRITE || err == SSL_ERROR_WANT_READ) {
connection->want_io = (err == SSL_ERROR_WANT_READ ?
WANT_READ : WANT_WRITE);
rv = SPDYLAY_ERR_WOULDBLOCK;
} else {
rv = SPDYLAY_ERR_CALLBACK_FAILURE;
}
}
return rv;
}
/*
* The implementation of spdylay_recv_callback type. Here we read data示例6: np_net_ssl_write
int np_net_ssl_write(const void *buf, int num) {
return SSL_write(s, buf, num);
}示例7: netsnmp_dtlsudp_send
static int
netsnmp_dtlsudp_send(netsnmp_transport *t, void *buf, int size,
void **opaque, int *olength)
{
int rc = -1;
netsnmp_addr_pair *addr_pair = NULL;
struct sockaddr *to = NULL;
bio_cache *cachep = NULL;
netsnmp_tmStateReference *tmStateRef = NULL;
u_char outbuf[65535];
if (opaque != NULL && *opaque != NULL &&
*olength == sizeof(netsnmp_tmStateReference)) {
tmStateRef = (netsnmp_tmStateReference *) *opaque;
if (tmStateRef->have_addresses)
addr_pair = &(tmStateRef->addresses);
else if (t != NULL && t->data != NULL &&
t->data_length == sizeof(netsnmp_addr_pair))
addr_pair = (netsnmp_addr_pair *) (t->data);
} else if (t != NULL && t->data != NULL &&
t->data_length == sizeof(netsnmp_addr_pair)) {
addr_pair = (netsnmp_addr_pair *) (t->data);
}
if (NULL == addr_pair) {
snmp_log(LOG_ERR, "dtlsudp_send: can't get address to send to\n");
return -1;
}
to = (struct sockaddr *) &(addr_pair->remote_addr);
if (NULL == to || NULL == t || t->sock <= 0) {
snmp_log(LOG_ERR, "invalid netsnmp_dtlsudp_send usage\n");
return -1;
}
/* we're always a client if we're sending to something unknown yet */
if (NULL ==
(cachep = find_or_create_bio_cache(t->sock, &addr_pair->remote_addr,
WE_ARE_CLIENT)))
return -1;
if (!cachep->securityName && tmStateRef && tmStateRef->securityNameLen > 0)
cachep->securityName = strdup(tmStateRef->securityName);
{
char *str = netsnmp_udp_fmtaddr(NULL, (void *) addr_pair,
sizeof(netsnmp_addr_pair));
DEBUGMSGTL(("dtlsudp", "send %d bytes from %p to %s on fd %d\n",
size, buf, str, t->sock));
free(str);
}
rc = SSL_write(cachep->con, buf, size);
if (rc < 0) {
_openssl_log_error(rc, cachep->con, "SSL_write");
}
/* for memory bios, we now read from openssl's write buffer (ie,
the packet to go out) and send it out the udp port manually */
rc = BIO_read(cachep->write_bio, outbuf, sizeof(outbuf));
if (rc <= 0) {
/* in theory an ok thing */
return 0;
}
#if defined(FIXME) && defined(linux) && defined(IP_PKTINFO)
/* XXX: before this can work, we need to remember address we
received it from (addr_pair) */
rc = netsnmp_udp_sendto(cachep->sock, &cachep->sockaddr remote addr_pair ? &(addr_pair->local_addr) : NULL, to, outbuf, rc);
#else
rc = sendto(t->sock, outbuf, rc, 0, &cachep->sockaddr, sizeof(struct sockaddr));
#endif /* linux && IP_PKTINFO */
return rc;
}示例8: send_payload
int send_payload(const char *deviceTokenHex, const char *payloadBuff, size_t payloadLength)
{
int rtn = 0;
SSL_Connection *sslcon = ssl_connect(globalApns->host, globalApns->port, globalApns->rsa_cert, globalApns->rsa_key, NULL);
if(sslcon == NULL)
{
syslog (LOG_CRIT, "[APNS Process] APNS SSL Connection failed, check connexion and configuration" );
return -1;
}
if (sslcon && deviceTokenHex && payloadBuff && payloadLength)
{
uint8_t command = 0; /* command number */
char binaryMessageBuff[sizeof(uint8_t) + sizeof(uint16_t) + DEVICE_BINARY_SIZE + sizeof(uint16_t) + MAXPAYLOAD_SIZE];
/* message format is, |COMMAND|TOKENLEN|TOKEN|PAYLOADLEN|PAYLOAD| */
char *binaryMessagePt = binaryMessageBuff;
uint16_t networkOrderTokenLength = htons(DEVICE_BINARY_SIZE);
uint16_t networkOrderPayloadLength = htons(payloadLength);
/* command */
*binaryMessagePt++ = command;
/* token length network order */
memcpy(binaryMessagePt, &networkOrderTokenLength, sizeof(uint16_t));
binaryMessagePt += sizeof(uint16_t);
/* Convert the Device Token */
int i = 0;
int j = 0;
int tmpi;
char tmp[3];
char deviceTokenBinary[DEVICE_BINARY_SIZE];
while(i < strlen(deviceTokenHex))
{
if(deviceTokenHex[i] == ' ')
{
i++;
}
else
{
tmp[0] = deviceTokenHex[i];
tmp[1] = deviceTokenHex[i + 1];
tmp[2] = '\0';
sscanf(tmp, "%x", &tmpi);
deviceTokenBinary[j] = tmpi;
i += 2;
j++;
}
}
/* device token */
memcpy(binaryMessagePt, deviceTokenBinary, DEVICE_BINARY_SIZE);
binaryMessagePt += DEVICE_BINARY_SIZE;
/* payload length network order */
memcpy(binaryMessagePt, &networkOrderPayloadLength, sizeof(uint16_t));
binaryMessagePt += sizeof(uint16_t);
/* payload */
memcpy(binaryMessagePt, payloadBuff, payloadLength);
binaryMessagePt += payloadLength;
if (SSL_write(sslcon->ssl, binaryMessageBuff, (binaryMessagePt - binaryMessageBuff)) > 0)
rtn = 1;
}
ssl_disconnect(sslcon);
return rtn;
}示例9: ssl_write
int ssl_write(struct worker_t *self, struct client_t *c)
{
int n;
int sslerr;
int err;
int to_write;
to_write = c->obuf_end - c->obuf_start;
//hlog(LOG_DEBUG, "ssl_write fd %d of %d bytes", c->fd, to_write);
ssl_clear_error();
n = SSL_write(c->ssl_con->connection, c->obuf + c->obuf_start, to_write);
//hlog(LOG_DEBUG, "SSL_write fd %d returned %d", c->fd, n);
if (n > 0) {
/* ok, we wrote some */
c->obuf_start += n;
c->obuf_wtime = tick;
/* All done ? */
if (c->obuf_start >= c->obuf_end) {
//hlog(LOG_DEBUG, "ssl_write fd %d (%s) obuf empty", c->fd, c->addr_rem);
c->obuf_start = 0;
c->obuf_end = 0;
/* tell the poller that we have no outgoing data */
xpoll_outgoing(&self->xp, c->xfd, 0);
return n;
}
xpoll_outgoing(&self->xp, c->xfd, 1);
return n;
}
sslerr = SSL_get_error(c->ssl_con->connection, n);
err = (sslerr == SSL_ERROR_SYSCALL) ? errno : 0;
if (sslerr == SSL_ERROR_WANT_WRITE) {
hlog(LOG_INFO, "ssl_write fd %d: SSL_write wants to write again, marking socket for write events", c->fd);
/* tell the poller that we have outgoing data */
xpoll_outgoing(&self->xp, c->xfd, 1);
return 0;
}
if (sslerr == SSL_ERROR_WANT_READ) {
hlog(LOG_INFO, "ssl_write fd %d: SSL_write wants to read, returning 0", c->fd);
/* tell the poller that we won't be writing now, until we've read... */
xpoll_outgoing(&self->xp, c->xfd, 0);
return 0;
}
if (err) {
hlog(LOG_DEBUG, "ssl_write fd %d: I/O syscall error: %s", c->fd, strerror(err));
} else {
char ebuf[255];
ERR_error_string_n(sslerr, ebuf, sizeof(ebuf));
hlog(LOG_INFO, "ssl_write fd %d failed with ret %d sslerr %u errno %d: %s (%s)",
c->fd, n, sslerr, err, ebuf, ERR_reason_error_string(sslerr));
}
c->ssl_con->no_wait_shutdown = 1;
c->ssl_con->no_send_shutdown = 1;
hlog(LOG_DEBUG, "ssl_write fd %d: SSL_write() failed", c->fd);
client_close(self, c, err);
return -13;
}示例10: main_tls_client
int main_tls_client() {
SSL_CTX *ctx;
SSL *ssl;
int server = 0;
int ret;
if ( (ctx = SSL_CTX_new(SSLv23_client_method())) == NULL)
printf("Unable to create a new SSL context structure.\n");
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2);
// Force gcm(aes) mode
SSL_CTX_set_cipher_list(ctx, "ECDH-ECDSA-AES128-GCM-SHA256");
ssl = SSL_new(ctx);
server = create_socket();
SSL_set_fd(ssl, server);
if ( SSL_connect(ssl) != 1 ) {
printf("Error: Could not build a SSL session\n");
exit(-1);
}
// Start tests
clock_t start, end;
double cpu_time_used;
int filefd;
int bytes;
int totalbytes = 0;
bytes_recv = 0;
char buf[16384];
int res = 0;
int total_recv = 0;
start = clock();
filefd = open(test_data, O_RDONLY);
totalbytes = 0;
do {
bytes = read(filefd, buf, sizeof(buf));
totalbytes += bytes;
if (bytes > 0)
SSL_write(ssl, buf, bytes);
} while(bytes > 0);
close(filefd);
end = clock();
cpu_time_used = ((double) (end - start)) / CLOCKS_PER_SEC;
printf("OpenSSL receive time: %.02f\n", cpu_time_used);
res = 0;
total_recv = 0;
res = SSL_read(ssl, buf, 1);
total_recv += res;
if (res < 0) {
printf("SSL Read error: %i\n", res);
}
printf("Received openssl test data: %i %i\n", res, total_recv);
/* Kernel TLS tests */
int tfmfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
if (tfmfd == -1) {
perror("socket error:");
exit(-1);
}
struct sockaddr_alg sa = {
.salg_family = AF_ALG,
.salg_type = "tls", /* this selects the hash logic in the kernel */
.salg_name = "rfc5288(gcm(aes))" /* this is the cipher name */
};
if (bind(tfmfd, (struct sockaddr *)&sa, sizeof(sa)) == -1) {
perror("AF_ALG: bind failed");
close(tfmfd);
exit(-1);
}
int opfd = accept(tfmfd, NULL, 0);
if (opfd == -1) {
perror("accept:");
close(tfmfd);
exit(-1);
}
if (setsockopt(tfmfd, SOL_ALG, ALG_SET_AEAD_AUTHSIZE, NULL, 16)) {
perror("AF_ALG: set authsize failed\n");
exit(-1);
}
//.........这里部分代码省略.........
示例11: server_test
//.........这里部分代码省略.........
if (doCliCertCheck && usePsk == 0) {
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |
SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
err_sys("can't load ca file, Please run from CyaSSL home dir");
}
#endif
#ifdef OPENSSL_EXTRA
SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
/* don't use EDH, can't sniff tmp keys */
if (cipherList == NULL) {
if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS)
err_sys("server can't set cipher list 3");
}
#endif
#ifdef HAVE_SNI
if (sniHostName) {
if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
XSTRLEN(sniHostName)))
err_sys("UseSNI failed");
else
CyaSSL_CTX_SNI_SetOptions(ctx, CYASSL_SNI_HOST_NAME,
CYASSL_SNI_ABORT_ON_MISMATCH);
}
#endif
ssl = SSL_new(ctx);
if (ssl == NULL)
err_sys("unable to get SSL");
CyaSSL_set_quiet_shutdown(ssl, 1) ;
#ifdef HAVE_CRL
CyaSSL_EnableCRL(ssl, 0);
CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
CYASSL_CRL_START_MON);
CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
#endif
osDelay(5000) ;
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS);
if (!doDTLS)
CloseSocket(sockfd);
SSL_set_fd(ssl, clientfd);
if (usePsk == 0) {
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
#elif !defined(NO_CERTS)
SetDH(ssl); /* repick suites with DHE, higher priority than PSK */
#endif
}
osDelay(5000) ;
#ifndef CYASSL_CALLBACKS
if (nonBlocking) {
CyaSSL_set_using_nonblock(ssl, 1);
tcp_set_nonblocking(&clientfd);
NonBlockingSSL_Accept(ssl);
} else if (SSL_accept(ssl) != SSL_SUCCESS) {
int err = SSL_get_error(ssl, 0);
char buffer[80];
printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
err_sys("SSL_accept failed");
}
#else
NonBlockingSSL_Accept(ssl);
#endif
showPeer(ssl);
osDelay(5000) ;
idx = SSL_read(ssl, input, sizeof(input)-1);
if (idx > 0) {
input[idx] = 0;
printf("Client message: %s\n", input);
}
else if (idx < 0) {
int readErr = SSL_get_error(ssl, 0);
if (readErr != SSL_ERROR_WANT_READ)
err_sys("SSL_read failed");
}
if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
err_sys("SSL_write failed");
SSL_shutdown(ssl);
SSL_free(ssl);
SSL_CTX_free(ctx);
CloseSocket(clientfd);
((func_args*)args)->return_code = 0;
#ifdef USE_CYASSL_MEMORY
if (trackMemory)
ShowMemoryTracker();
#endif /* USE_CYASSL_MEMORY */
return 0;
}示例12: sslLoop
//.........这里部分代码省略.........
if (!waitforpeer) return true;
} else {
inbuffer[ret] = 0;
if (strcmp(inbuffer, "r\n") == 0) {
if (!renegotiatefull(ssl,isserver)) return false;
} else {
insize = ret;
instart = 0;
}
}
}
bool gotsslevent = FD_ISSET(fd, &rfds) || FD_ISSET(fd, &wfds);
// If we aren't waiting to complete a write we must be waiting to read.
// If we are waiting to complete a write, we mustn't read as the
// OpenSSL state machine cannae take it.
if (!write_pending && gotsslevent) {
while (true) {
int ret = SSL_read(ssl, netbuffer, NBYTES);
int err = SSL_get_error(ssl,ret);
if (ret == 0) {
return err == SSL_ERROR_ZERO_RETURN;
} else if (ret > 0) {
CHECK(err == SSL_ERROR_NONE);
if (debuglevel > 4) fprintf(stderr,"Read %d bytes from SSL\n", ret);
read_ok_count++;
nread += ret;
if (!noecho) CHECK(write(1,netbuffer,ret) > 0);
if (verify) {
// On first read from client, do client verification
assert(isserver);
verify = false;
if (debuglevel > 2) fprintf(stderr,"Verifying client\n");
SSL_set_verify(ssl,
SSL_VERIFY_PEER |
//SSL_VERIFY_CLIENT_ONCE |
SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verifyCallback);
if (!renegotiatefull(ssl,isserver)) return false;
if (debuglevel > 2) fprintf(stderr,"Client verified\n");
}
} else {
if (err == SSL_ERROR_WANT_READ) {
read_wantread_count++;
read_wantwrite = false;
} else if (err == SSL_ERROR_WANT_WRITE) {
read_wantwrite_count++;
read_wantwrite = true;
} else {
fprintf(stderr, "SSL_read: err %d\n", err);
CHECK(0);
}
break; // On error return
}
}
}
// We might have done some reads or writes to the socket in
// the calls to SSL_read, so it's not clear that the various
// flags are still valid at this point. So just
// call SSL_write unconditionally & keep the logic simple (if we
// didn't do a read, then we must have got the flags for write, if
// we did, then the state might have changed), and if we didn't get
// signalled on the SSL fd at all, we must have got something in
// from stdin.
// However, if write_pending is true, then we won't have tried
// to read & it's only worth trying a write if we really got an
// event on the SSL socket. I think.
if (insize > 0 && !(write_pending && !gotsslevent)) {
int ret = SSL_write(ssl, inbuffer+instart, insize);
if (ret == 0) {
return true;
} else if (ret > 0) {
if (debuglevel > 4) fprintf(stderr,"Write %d bytes to SSL\n", ret);
// Allow for partial writes
insize -= ret;
instart += ret;
nwritten += ret;
write_wantread = false;
write_ok_count++;
} else {
int err = SSL_get_error(ssl,ret);
if (err == SSL_ERROR_WANT_READ) {
write_wantread = true;
write_wantread_count++;
} else if (err == SSL_ERROR_WANT_WRITE) {
write_wantread = false;
write_wantwrite_count++;
} else {
fprintf(stderr,"SSL_write: err %d\n", err);
CHECK(0);
}
}
}
// Now maybe start a random renegotiation
if (!verify && insize == 0 && rfactor > 0 && rand()%rfactor == 0) {
renegotiate_count++;
if (!renegotiate(ssl,isserver)) return false;
}
}
return true;
}示例13: main
int main(int argc, char *argv[])
{
/* deletes existeng ecents */
remove("ecents.txt");
SSL_CTX *ctx;
int type, server, localport, proxyport, bankport;
int i = 0;
SSL *ssl;
char buf[1024];
char buf2[33000];
int bytes;
char *proxyhost;
char *bankhost;
if ( argc <6 )
{
printf("usage: type localport proxyhost proxyport bankhost bankport \n");
exit(0);
}
/* initialises SSL library and copies line arguments */
SSL_library_init();
type = atoi(argv[1]);
localport=atoi(argv[2]);
proxyhost=argv[3];
proxyport = atoi(argv[4]);
bankhost = argv[5];
bankport = atoi(argv[6]);
registrationrequest(type, localport, proxyhost, proxyport);
int requestedecents = 1000;
while(1){
char msg[1024];
bzero(msg,1024);
ctx = InitCTX();
if(i == 0){
printf("\nrequested number of eCents: \n");
wait(3);
printf("\t%i\n", requestedecents);
wait(3);
sprintf(msg,"%c%i",'0',requestedecents);
server = OpenConnection(bankhost, localport, bankport);
}
else{
printf("\ninput:\n");
strcpy(msg, geteCent());
if(strlen(msg) != 32){
printf("no eCents\n");
}
else {
strcat(msg, getData());
server = OpenConnection(proxyhost, localport, proxyport);
}
}
/* creates ssl context and sets socket to it*/
ssl = SSL_new(ctx);
SSL_set_fd(ssl, server);
if ( SSL_connect(ssl) == -1 ){
ERR_print_errors_fp(stderr);
printf("connection error\n");
}
else
{
printf("Connected with %s encryption\n", SSL_get_cipher(ssl));
printf("sending: %s\n", msg);
ShowCerts(ssl);
/* Write to Bank to verify ecent */
SSL_write(ssl, msg, sizeof(msg));
if(i == 0){
bzero(buf2, 33000);
/* Read from Bank, confirm verification*/
bytes = SSL_read(ssl, buf2, sizeof(buf2));
if(bytes < 1)
{
printf("Exit read error from Bank\n");
exit(1);
}
buf2[bytes] = '\0';
printf("eCents received: %s\n", buf2);
puteCents(buf2);
}
else{
/* Reads from Collector*/
bytes = SSL_read(ssl, buf, sizeof(buf)); /* get reply & decrypt */
buf[bytes] = '\0';
if(bytes < 1)
{
printf("Exit: read error from Analyst\n");
exit(1);
}
if(strcmp(buf, "invalid eCent") == 0)
printf("\n%s\n", buf);
else
printf("\naverage: %s\n", buf);
}
SSL_free(ssl);
}
sleep(1);
close(server);
//.........这里部分代码省略.........
示例14: ev_handler
/* sock stream/TCP handler */
void ev_handler(int fd, short ev_flags, void *arg)
{
int n = 0;
if(ev_flags & E_READ)
{
if(is_use_ssl)
{
#ifdef USE_SSL
n = SSL_read(conns[fd].ssl, conns[fd].response, EV_BUF_SIZE - 1);
#else
n = read(fd, conns[fd].response, EV_BUF_SIZE - 1);
#endif
}
else
{
n = read(fd, conns[fd].response, EV_BUF_SIZE - 1);
}
if(n > 0 )
{
SHOW_LOG("Read %d bytes from %d", n, fd);
conns[fd].response[n] = 0;
SHOW_LOG("Updating event[%p] on %d ", &conns[fd].event, fd);
event_add(&conns[fd].event, E_WRITE);
}
else
{
if(n < 0 )
FATAL_LOG("Reading from %d failed, %s", fd, strerror(errno));
goto err;
}
}
if(ev_flags & E_WRITE)
{
if(is_use_ssl)
{
#ifdef USE_SSL
n = SSL_write(conns[fd].ssl, conns[fd].request, strlen(conns[fd].request));
#else
n = write(fd, conns[fd].request, strlen(conns[fd].request));
#endif
}
else
{
n = write(fd, conns[fd].request, strlen(conns[fd].request));
}
if(n > 0 )
{
SHOW_LOG("Wrote %d bytes via %d", n, fd);
}
else
{
if(n < 0)
FATAL_LOG("Wrote data via %d failed, %s", fd, strerror(errno));
goto err;
}
event_del(&conns[fd].event, E_WRITE);
}
return ;
err:
{
event_destroy(&conns[fd].event);
shutdown(fd, SHUT_RDWR);
close(fd);
#ifdef USE_SSL
if(conns[fd].ssl)
{
SSL_shutdown(conns[fd].ssl);
SSL_free(conns[fd].ssl);
conns[fd].ssl = NULL;
}
#endif
SHOW_LOG("Connection %d closed", fd);
}
}示例15: sendData_SSL
int sendData_SSL(SSL* ssl, char *buf)
{
int offset = 0,res,nLeft = strlen(buf);
fd_set fdwrite;
fd_set fdread;
timeval time;
int write_blocked_on_read = 0;
time.tv_sec = SEND_RECIEVE_TO;
time.tv_usec = 0;
if(buf == NULL)
return SENDBUF_IS_EMPTY;
while(nLeft > 0)
{
FD_ZERO(&fdwrite);
FD_ZERO(&fdread);
FD_SET(smtp_socket,&fdwrite);
if(write_blocked_on_read)
{
FD_SET(smtp_socket, &fdread);
}
if((res = select(smtp_socket+1,&fdread,&fdwrite,NULL,&time)) == SOCKET_ERROR)
{
FD_ZERO(&fdwrite);
FD_ZERO(&fdread);
return WSA_SELECT;
}
if(!res)
{
//timeout
FD_ZERO(&fdwrite);
FD_ZERO(&fdread);
return SERVER_NOT_RESPONDING;
}
if(FD_ISSET(smtp_socket,&fdwrite) || (write_blocked_on_read && FD_ISSET(smtp_socket, &fdread)) )
{
write_blocked_on_read=0;
/* Try to write */
res = SSL_write(ssl, buf+offset, nLeft);
switch(SSL_get_error(ssl,res))
{
/* We wrote something*/
case SSL_ERROR_NONE:
nLeft -= res;
offset += res;
break;
/* We would have blocked */
case SSL_ERROR_WANT_WRITE:
break;
/* We get a WANT_READ if we're
trying to rehandshake and we block on
write during the current connection.
We need to wait on the socket to be readable
but reinitiate our write when it is */
case SSL_ERROR_WANT_READ:
write_blocked_on_read=1;
break;
/* Some other error */
default:
FD_ZERO(&fdread);
FD_ZERO(&fdwrite);
return SSL_PROBLEM;
}
}
}
OutputDebugStringA(buf);
FD_ZERO(&fdwrite);
FD_ZERO(&fdread);
return CSMTP_NO_ERROR;
}