本文整理匯總了C++中BIO_get_ssl函數的典型用法代碼示例。如果您正苦於以下問題:C++ BIO_get_ssl函數的具體用法?C++ BIO_get_ssl怎麽用?C++ BIO_get_ssl使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了BIO_get_ssl函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C++代碼示例。
示例1: connect_encrypted
BIO* connect_encrypted(char* host_and_port, char* store_path, char store_type, SSL_CTX** ctx, SSL** ssl) {
BIO* bio = NULL;
int r = 0;
*ctx = SSL_CTX_new(SSLv23_client_method());
*ssl = NULL;
if (store_type == 'f')
r = SSL_CTX_load_verify_locations(*ctx, store_path, NULL);
else
r = SSL_CTX_load_verify_locations(*ctx, NULL, store_path);
if (r == 0) {
return NULL;
}
bio = BIO_new_ssl_connect(*ctx);
BIO_get_ssl(bio, ssl);
if (!(*ssl)) {
return NULL;
}
SSL_set_mode(*ssl, SSL_MODE_AUTO_RETRY);
BIO_set_conn_hostname(bio, host_and_port);
if (BIO_do_connect(bio) < 1) {
return NULL;
}
return bio;
}示例2: opensslconnect
static Pfd*
opensslconnect(char *host)
{
Pfd *pfd;
BIO *sbio;
SSL_CTX *ctx;
SSL *ssl;
static int didinit;
char buf[1024];
if(!didinit){
httpsinit();
didinit = 1;
}
ctx = SSL_CTX_new(SSLv23_client_method());
sbio = BIO_new_ssl_connect(ctx);
BIO_get_ssl(sbio, &ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
snprint(buf, sizeof buf, "%s:https", host);
BIO_set_conn_hostname(sbio, buf);
if(BIO_do_connect(sbio) <= 0 || BIO_do_handshake(sbio) <= 0){
ERR_error_string_n(ERR_get_error(), buf, sizeof buf);
BIO_free_all(sbio);
werrstr("openssl: %s", buf);
return nil;
}
pfd = emalloc(sizeof *pfd);
pfd->sbio = sbio;
return pfd;
}示例3: tls_prepare
BOOL tls_prepare(rdpTls* tls, BIO *underlying, const SSL_METHOD *method, int options, BOOL clientMode)
#endif
{
tls->ctx = SSL_CTX_new(method);
if (!tls->ctx)
{
DEBUG_WARN( "%s: SSL_CTX_new failed\n", __FUNCTION__);
return FALSE;
}
SSL_CTX_set_mode(tls->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_options(tls->ctx, options);
SSL_CTX_set_read_ahead(tls->ctx, 1);
if (tls->settings->PermittedTLSCiphers) {
if(!SSL_CTX_set_cipher_list(tls->ctx, tls->settings->PermittedTLSCiphers)) {
DEBUG_WARN( "SSL_CTX_set_cipher_list %s failed\n", tls->settings->PermittedTLSCiphers);
return FALSE;
}
}
tls->bio = BIO_new_rdp_tls(tls->ctx, clientMode);
if (BIO_get_ssl(tls->bio, &tls->ssl) < 0)
{
DEBUG_WARN( "%s: unable to retrieve the SSL of the connection\n", __FUNCTION__);
return FALSE;
}
BIO_push(tls->bio, underlying);
return TRUE;
}示例4: allowed
/*
The first line specifiy some settings in the ctx and ssl object:
SSL_OP_ALL: enables all work around codes
SSL_OP_NO_SSLv2: no SSLv2 connections are allowed (this should fail anyway because only
TLSv1 connection are allowed)
SSL_OP_SINGLE_DH_USE: the server generates a new private key for each new connection
SSL_VERIFY_PEER: asks the client for a certificate
SSL_VERIFY_FAIL_IF_NO_PEER_CERT: if the client doesn't present a cert the connection gets
terminated
CIPHER_LIST: is defined in ssl_server.h (look there for a detailed description)
After setting up these things the bio object will be created and a ssl object assigned.
Then the ssl engine mode is set to SSL_MODE_AUTO_RETRY. All available modes are:
SSL_MODE_ENABLE_PARTIAL_WRITE: Allow SSL_write(..., n) to return r with 0 < r < n
(i.e. report success when just a single record has been written).
When not set (the default), SSL_write() will only report success
once the complete chunk was written. Once SSL_write() returns with r,
r bytes have been successfully written and the next call to SSL_write()
must only send the n-r bytes left, imitating the behaviour of write().
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: Make it possible to retry SSL_write() with changed buffer location
(the buffer contents must stay the same). This is not the default
to avoid the misconception that non-blocking SSL_write() behaves
like non-blocking write().
SSL_MODE_AUTO_RETRY: Never bother the application with retries if the transport is blocking. If a
renegotiation take place during normal operation, a ssl_read(3) or ssl_write(3)
would return with -1 and indicate the need to retry with SSL_ERROR_WANT_READ . In
a non-blocking environment applications must be prepared to handle incomplete
read/write operations. In a blocking environment, applications are not always
prepared to deal with read/write operations returning without success report. The
flag SSL_MODE_AUTO_RETRY will cause read/write operations to only return after
the handshake and successful completion.
The server contains 3 bio objects: bio, abio and out. 'bio' contains the context, 'abio'
binds to the socket and 'out' is the established connection.
*/
void SSL_Server::bind(){
SSL_CTX_set_verify(getCTX(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
SSL_CTX_set_options(getCTX(), SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_tmp_dh_callback(getCTX(), tmp_dh_callback);
if(SSL_CTX_set_cipher_list(getCTX(), CIPHER_LIST) != 1)
msgHandler->error("setting cipher list failed (no valid ciphers)", CRITICAL);
msgHandler->debug("trying to set context to bio");
bio = BIO_new_ssl(getCTX(), 0);
if(bio == NULL){
string error("Cannot set context to bio ");
error.append(getSocket());
error.append("\nSSL_ERROR: ");
error.append(ERR_reason_error_string(ERR_get_error()));
msgHandler->error(error, CRITICAL);
} else
msgHandler->debug("set context to bio successful");
BIO_get_ssl(bio, &ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
msgHandler->debug("trying to bind to socket");
abio = BIO_new_accept((char*)getSocket().c_str());
BIO_set_accept_bios(abio, bio);
if(BIO_do_accept(abio) <= 0){
string error("Bind to socket ");
error.append(getSocket());
error.append(" failed.\nSSL_ERROR: ");
error.append(ERR_reason_error_string(ERR_get_error()));
msgHandler->error(error, CRITICAL);
} else
msgHandler->log("bind to socket successful");
}示例5: snprintf
BIO *Connect_SSL(char *hostname, int port)
{
//BIO *bio = NULL;
char bio_addr[BUF_MAX] = { 0 };
snprintf(bio_addr, sizeof(bio_addr), "%s:%d", hostname, port);
SSL_library_init();
SSL_CTX *ctx = SSL_CTX_new(SSLv23_client_method());
SSL *ssl = NULL;
bio = BIO_new_ssl_connect(ctx);
if (bio == NULL)
{
Error("BIO_new_ssl_connect");
}
BIO_get_ssl(bio, &ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
BIO_set_conn_hostname(bio, bio_addr);
if (BIO_do_connect(bio) <= 0)
{
Error("SSL Unable to connect");
}
return bio;
}示例6: BIO_get_ssl
void *handle_connection(void *arg)
{
char buf[1024];
BIO *bio = (BIO *)arg;
X509 *peer;
SSL *ssl;
BIO_get_ssl(bio, &ssl);
if (BIO_do_handshake(bio) <= 0) {
printf("Failed handshake.\n");
ERR_print_errors_fp(stdout);
return (void *)-1;
}
if ((peer = SSL_get_peer_certificate(ssl))) {
if (SSL_get_verify_result(ssl) == X509_V_OK) {
/* The client sent a certificate which verified OK */
printf("The client sent a certificate which verified OK\n");
} else {
printf("The client sent a certificate which verified failed\n");
}
} else {
fprintf(stderr, "cannot get peer certificate\n");
}
BIO_read(bio, buf, 1024);
printf("Received: %s\n", buf);
BIO_puts(bio, "Connection: Sending out Data on initial connection\n");
printf("Sent out data on connection\n");
BIO_free_all(bio);
return (void *)0;
}示例7: tls_prepare
BOOL tls_prepare(rdpTls* tls, BIO *underlying, const SSL_METHOD *method, int options, BOOL clientMode)
#endif
{
tls->ctx = SSL_CTX_new(method);
if (!tls->ctx)
{
fprintf(stderr, "%s: SSL_CTX_new failed\n", __FUNCTION__);
return FALSE;
}
SSL_CTX_set_mode(tls->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);
SSL_CTX_set_options(tls->ctx, options);
SSL_CTX_set_read_ahead(tls->ctx, 1);
tls->bio = BIO_new_rdp_tls(tls->ctx, clientMode);
if (BIO_get_ssl(tls->bio, &tls->ssl) < 0)
{
fprintf(stderr, "%s: unable to retrieve the SSL of the connection\n", __FUNCTION__);
return FALSE;
}
BIO_push(tls->bio, underlying);
return TRUE;
}示例8: main
int main()
{
SSL_load_error_strings();
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
SSL_CTX *ctx = SSL_CTX_new(SSLv23_client_method());
if (ctx == NULL) {
printf("SSL_CTX_new err func:%s\n reaseon:%s", ERR_func_error_string(ERR_get_error()),
ERR_reason_error_string(ERR_get_error()));
exit(1);
}
//加載可信任證書庫
if (0 == SSL_CTX_load_verify_locations(ctx, "./push_cer.pem", NULL)) {
printf("err func:%s\n reaseon:%s", ERR_func_error_string(ERR_get_error()),
ERR_reason_error_string(ERR_get_error()));
ERR_print_errors_fp(stdout);
exit(1);
}
//set BIO
BIO *bio = BIO_new_ssl_connect(ctx);
if (bio == NULL) {
printf("err func:%s\n", ERR_func_error_string(ERR_get_error()));
ERR_print_errors_fp(stdout);
exit(1);
}
SSL *ssl;
BIO_get_ssl(bio, &ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
//open safe connect
BIO_set_conn_hostname(bio, "gateway.sandbox.push.apple.com:2195");
//verify connect ok
if (BIO_do_connect(bio) <= 0) {
ERR_print_errors_fp(stdout);
exit(1);
}
if (SSL_get_verify_result(ssl) != X509_V_OK) {
printf("SSL_get_verify_result not success\n");
}
char buf[MAXBUF];
char *json = "{\"aps\":{\"badge\":123}}";
sendPayload(bio, token, json, strlen(json));
int ret = BIO_read(bio, buf, MAXBUF);
if (ret <= 0) {
printf("BIO_read return 0\n");
}
SSL_CTX_free(ctx);
BIO_free_all(bio);
return 0;
}示例9: neo4j_get_logger
BIO *neo4j_openssl_new_bio(BIO *delegate, const char *hostname, int port,
const neo4j_config_t *config, uint_fast32_t flags)
{
neo4j_logger_t *logger = neo4j_get_logger(config, "tls");
SSL_CTX *ctx = new_ctx(config, logger);
if (ctx == NULL)
{
return NULL;
}
BIO *ssl_bio = BIO_new_ssl(ctx, 1);
if (ssl_bio == NULL)
{
errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__);
SSL_CTX_free(ctx);
goto failure;
}
SSL_CTX_free(ctx);
BIO_push(ssl_bio, delegate);
if (BIO_set_close(ssl_bio, BIO_CLOSE) != 1)
{
errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__);
goto failure;
}
int result = BIO_do_handshake(ssl_bio);
if (result != 1)
{
if (result == 0)
{
errno = NEO4J_NO_SERVER_TLS_SUPPORT;
goto failure;
}
errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__);
goto failure;
}
SSL *ssl = NULL;
BIO_get_ssl(ssl_bio, &ssl);
assert(ssl != NULL);
if (verify(ssl, hostname, port, config, flags, logger))
{
goto failure;
}
return ssl_bio;
int errsv;
failure:
errsv = errno;
BIO_free(ssl_bio);
errno = errsv;
return NULL;
}示例10: SSL_load_error_strings
const char *dbapi_lookup(const char *key) {
long res = 1;
SSL_CTX* ctx = NULL;
BIO *web = NULL, *out = NULL;
SSL *ssl = NULL;
const SSL_METHOD* method;
char *token, *tmpout, *buf;
int hlen=0, len=0, maxlen=2048;
(void)SSL_library_init();
SSL_load_error_strings();
OPENSSL_config(NULL);
method = SSLv23_method(); if(method==NULL) return NULL;
ctx = SSL_CTX_new(method); if(ctx==NULL) return NULL;
SSL_CTX_set_verify_depth(ctx, 4);
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|
SSL_OP_NO_COMPRESSION);
web = BIO_new_ssl_connect(ctx); if(web==NULL) return NULL;
res = BIO_set_conn_hostname(web, DB_API_SERVER); if(res!=1) return NULL;
BIO_get_ssl(web, &ssl); if(ssl==NULL) return NULL;
res = SSL_set_cipher_list(ssl, SECURE_CIPHER_LIST); if(res!=1) return NULL;
res = SSL_set_tlsext_host_name(ssl, DB_API_HOST); if(res!=1) return NULL;
out = BIO_new_fp(stdout, BIO_NOCLOSE); if(NULL==out) return NULL;
res = BIO_do_connect(web); if(res!=1) return NULL;
res = BIO_do_handshake(web); if(res!=1) return NULL;
len=(60+strlen(key)+strlen(DB_API_HOST)+strlen(DB_API_AUTH));
char *request=malloc(sizeof(char)*(len+1));
snprintf(request,len,
"GET %s HTTP/1.1\nHost: %s\nx-api-key: %s\nConnection: close\n\n",
key, DB_API_HOST, DB_API_AUTH);
request[len]='\0';
BIO_puts(web, request);
BIO_puts(out, "\n");
buf = malloc(sizeof(char)*maxlen);
do {
char buff[1536] = {};
len=BIO_read(web, buff, sizeof(buff));
hlen+=len;
if(hlen<maxlen&&len>0) strncat(buf,buff,len);
} while (len>0 || BIO_should_retry(web));
buf[maxlen]='\0';
tmpout = malloc(sizeof(char)*(HASH_MAXLENGTH+1));
token = strtok(buf, "\n");
while (token) {
snprintf(tmpout,HASH_MAXLENGTH,"%s",token);
token = strtok(NULL, "\n");
}
tmpout[strlen(tmpout)]='\0';
free(buf);
free(request);
if(out) BIO_free(out);
if(web != NULL) BIO_free_all(web);
if(NULL != ctx) SSL_CTX_free(ctx);
return tmpout;
}示例11: SSL_CTX_new
bool Email::sendCode(std::string user, std::string code)
{
std::string msg,to;
msg = m_m1 + code + m_m2;
to = m_to1 + user + m_to3;
SSL_CTX* ctx = SSL_CTX_new(SSLv23_client_method());
SSL* ssl;
BIO* bio = BIO_new_ssl_connect(ctx);
BIO_get_ssl(bio, &ssl);
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
BIO_set_conn_hostname(bio, m_amazonHostname.c_str());
if(BIO_do_connect(bio) <= 0){
BIO_free_all(bio);
SSL_CTX_free(ctx);
return false;
}
if(BIO_do_handshake(bio) <= 0){
BIO_free_all(bio);
SSL_CTX_free(ctx);
return false;
}
m_len = BIO_read(bio, m_buf, BUF_LEN) - 1;
BIO_puts(bio, "HELO localhost\r\n");
m_len = BIO_read(bio, m_buf, BUF_LEN) - 1;
BIO_puts(bio,"AUTH LOGIN\r\n");
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_puts(bio,"QUtJQUlFVzJDMlU3RUZYTU5PUVE=\r\n");
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_puts(bio,"QWd3TkZSOUJyb2dUTUkxYlJHeXh4dHZMYm4reldGZCtYSFJMbnJpNzZ5RC8=\r\n");
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_puts(bio,"MAIL FROM:[email protected]\r\n");
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_puts(bio,to.c_str());
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_puts(bio,"DATA\r\n");
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_puts(bio,"Subject:OneBrown Verification\r\n\r\n");
BIO_puts(bio,msg.c_str());
BIO_puts(bio,"\r\n.\r\n");
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_puts(bio,"QUIT\r\n");
m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
BIO_free_all(bio);
SSL_CTX_free(ctx);
return true;
}示例12: handleConn
/*
At first the arguments are read and passed. Then the ssl context is gotten
by calling 'BIO_get_ssl(client, &ssl)'. Afterwards the ssl handshake is
performed and the certificate verified. Then the line is read from the certificate.
This value is mapped to 'organizationalUnitName'.
An example usage of the connection is shown and then the connectino will be
terminated.
*/
void* handleConn(void *argsv){
connArgs* args = (connArgs*) argsv;
MessageHandler* msgHandler = args->msgHandler;
BIO* client = args->conn;
SSL* ssl;
BIO_get_ssl(client, &ssl);
/*ssl handshake*/
msgHandler->debug("performing ssl handshake");
if(BIO_do_handshake(client) != 1){
string fail("handshake failed\nSSL_ERROR: ");
fail.append(ERR_reason_error_string(ERR_get_error()));
msgHandler->log(fail);
} else
msgHandler->log("handshake successful");
/*verifying the certificate*/
X509* peerCert;
if(SSL_get_verify_result(ssl) != X509_V_OK){
string error("verification failed\nSSL_Error: ");
error.append(ERR_reason_error_string(ERR_get_error()));
msgHandler->error(error, CRITICAL);
} else {
msgHandler->debug("verification successful");
peerCert = SSL_get_peer_certificate(ssl);
}
msgHandler->debug("trying to get the line");
/*getting the line*/
char lineN[6];
X509_NAME* name = X509_get_subject_name(peerCert);
X509_NAME_get_text_by_NID(name, NID_organizationalUnitName, lineN, 6);
string line("line is: ");
line.append(lineN);
msgHandler->debug(line);
/*example use of the connection (echoing the incoming msg)*/
char buffer[1024];
bzero(buffer, 1024);
SSL_read(ssl, buffer, 1024);
string debug("message received: ");
debug.append(buffer);
msgHandler->debug(debug);
SSL_write(ssl, buffer, 1024);
/*closing the connection*/
BIO_reset(client);
X509_free(peerCert);
return NULL;
}示例13: scm_tls_get_cipher_info
SCM scm_tls_get_cipher_info(SCM tls_smob){
scm_assert_smob_type(tls_tag, tls_smob);
BIO *bio = (BIO*)SCM_SMOB_DATA(tls_smob);
SSL *ssl;
BIO_get_ssl(bio, &ssl);
//I'm not sure if scheme copies c strings or not, so make this static
//so it stays valid regardless.
static char cipher_buf[128];
SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
SSL_CIPHER_description(cipher, cipher_buf, 128);
return scm_from_utf8_string(cipher_buf);
}示例14: LUA_FUNCTION
static LUA_FUNCTION(openssl_bio_get_ssl)
{
BIO* bio = CHECK_OBJECT(1, BIO, "openssl.bio");
SSL* ssl = NULL;
int ret = BIO_get_ssl(bio, &ssl);
if (ret == 1)
{
openssl_newvalue(L, ssl);
PUSH_OBJECT(ssl, "openssl.ssl");
openssl_refrence(L, ssl, +1);
return 1;
}
return 0;
}示例15: mongoc_stream_tls_check_cert
/**
* mongoc_stream_tls_check_cert:
*
* check the cert returned by the other party
*/
bool
mongoc_stream_tls_check_cert (mongoc_stream_t *stream,
const char *host)
{
mongoc_stream_tls_t *tls = (mongoc_stream_tls_t *)stream;
SSL *ssl;
BSON_ASSERT (tls);
BSON_ASSERT (host);
BIO_get_ssl (tls->bio, &ssl);
return _mongoc_ssl_check_cert (ssl, host, tls->weak_cert_validation);
}