本文整理匯總了C++中BIO_read函數的典型用法代碼示例。如果您正苦於以下問題:C++ BIO_read函數的具體用法?C++ BIO_read怎麽用?C++ BIO_read使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了BIO_read函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的C++代碼示例。
示例1: OCSP_sendreq_nbio
int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx)
{
int i, n;
const unsigned char *p;
next_io:
if (!(rctx->state & OHS_NOREAD))
{
n = BIO_read(rctx->io, rctx->iobuf, rctx->iobuflen);
if (n <= 0)
{
if (BIO_should_retry(rctx->io))
return -1;
return 0;
}
/* Write data to memory BIO */
if (BIO_write(rctx->mem, rctx->iobuf, n) != n)
return 0;
}
switch(rctx->state)
{
case OHS_ASN1_WRITE:
n = BIO_get_mem_data(rctx->mem, &p);
i = BIO_write(rctx->io,
p + (n - rctx->asn1_len), rctx->asn1_len);
if (i <= 0)
{
if (BIO_should_retry(rctx->io))
return -1;
rctx->state = OHS_ERROR;
return 0;
}
rctx->asn1_len -= i;
if (rctx->asn1_len > 0)
goto next_io;
rctx->state = OHS_ASN1_FLUSH;
(void)BIO_reset(rctx->mem);
case OHS_ASN1_FLUSH:
i = BIO_flush(rctx->io);
if (i > 0)
{
rctx->state = OHS_FIRSTLINE;
goto next_io;
}
if (BIO_should_retry(rctx->io))
return -1;
rctx->state = OHS_ERROR;
return 0;
case OHS_ERROR:
return 0;
case OHS_FIRSTLINE:
case OHS_HEADERS:
/* Attempt to read a line in */
next_line:
/* Due to &%^*$" memory BIO behaviour with BIO_gets we
* have to check there's a complete line in there before
* calling BIO_gets or we'll just get a partial read.
*/
n = BIO_get_mem_data(rctx->mem, &p);
if ((n <= 0) || !TINYCLR_SSL_MEMCHR(p, '\n', n))
{
if (n >= rctx->iobuflen)
{
rctx->state = OHS_ERROR;
return 0;
}
goto next_io;
}
n = BIO_gets(rctx->mem, (char *)rctx->iobuf, rctx->iobuflen);
if (n <= 0)
{
if (BIO_should_retry(rctx->mem))
goto next_io;
rctx->state = OHS_ERROR;
return 0;
}
/* Don't allow excessive lines */
if (n == rctx->iobuflen)
{
//.........這裏部分代碼省略.........
示例2: main
int main(int argc, char *argv[])
{
char *port = "*:4433";
BIO *in = NULL;
BIO *ssl_bio, *tmp;
SSL_CTX *ctx;
SSL_CONF_CTX *cctx = NULL;
CONF *conf = NULL;
STACK_OF(CONF_VALUE) *sect = NULL;
CONF_VALUE *cnf;
long errline = -1;
char buf[512];
int ret = 1, i;
SSL_load_error_strings();
/* Add ciphers and message digests */
OpenSSL_add_ssl_algorithms();
conf = NCONF_new(NULL);
if (NCONF_load(conf, "accept.cnf", &errline) <= 0) {
if (errline <= 0)
fprintf(stderr, "Error processing config file\n");
else
fprintf(stderr, "Error on line %ld\n", errline);
goto err;
}
sect = NCONF_get_section(conf, "default");
if (sect == NULL) {
fprintf(stderr, "Error retrieving default section\n");
goto err;
}
ctx = SSL_CTX_new(TLS_server_method());
cctx = SSL_CONF_CTX_new();
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);
SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
int rv;
cnf = sk_CONF_VALUE_value(sect, i);
rv = SSL_CONF_cmd(cctx, cnf->name, cnf->value);
if (rv > 0)
continue;
if (rv != -2) {
fprintf(stderr, "Error processing %s = %s\n",
cnf->name, cnf->value);
ERR_print_errors_fp(stderr);
goto err;
}
if (strcmp(cnf->name, "Port") == 0) {
port = cnf->value;
} else {
fprintf(stderr, "Unknown configuration option %s\n", cnf->name);
goto err;
}
}
if (!SSL_CONF_CTX_finish(cctx)) {
fprintf(stderr, "Finish error\n");
ERR_print_errors_fp(stderr);
goto err;
}
/* Setup server side SSL bio */
ssl_bio = BIO_new_ssl(ctx, 0);
if ((in = BIO_new_accept(port)) == NULL)
goto err;
/*
* This means that when a new connection is accepted on 'in', The ssl_bio
* will be 'duplicated' and have the new socket BIO push into it.
* Basically it means the SSL BIO will be automatically setup
*/
BIO_set_accept_bios(in, ssl_bio);
again:
/*
* The first call will setup the accept socket, and the second will get a
* socket. In this loop, the first actual accept will occur in the
* BIO_read() function.
*/
if (BIO_do_accept(in) <= 0)
goto err;
for (;;) {
i = BIO_read(in, buf, 512);
if (i == 0) {
/*
* If we have finished, remove the underlying BIO stack so the
* next time we call any function for this BIO, it will attempt
* to do an accept
*/
printf("Done\n");
//.........這裏部分代碼省略.........
示例3: apr_sockaddr_info_get
/* Send the OCSP request serialized into BIO 'request' to the
* responder at given server given by URI. Returns socket object or
* NULL on error. */
static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri,
apr_interval_time_t timeout,
conn_rec *c, apr_pool_t *p,
const apr_uri_t *proxy_uri)
{
apr_status_t rv;
apr_sockaddr_t *sa;
apr_socket_t *sd;
char buf[HUGE_STRING_LEN];
int len;
const apr_uri_t *next_hop_uri;
if (proxy_uri) {
next_hop_uri = proxy_uri;
}
else {
next_hop_uri = uri;
}
rv = apr_sockaddr_info_get(&sa, next_hop_uri->hostname, APR_UNSPEC,
next_hop_uri->port, 0, p);
if (rv) {
ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(01972)
"could not resolve address of %s %s",
proxy_uri ? "proxy" : "OCSP responder",
next_hop_uri->hostinfo);
return NULL;
}
/* establish a connection to the OCSP responder */
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(01973)
"connecting to %s '%s'",
proxy_uri ? "proxy" : "OCSP responder",
uri->hostinfo);
/* Cycle through address until a connect() succeeds. */
for (; sa; sa = sa->next) {
rv = apr_socket_create(&sd, sa->family, SOCK_STREAM, APR_PROTO_TCP, p);
if (rv == APR_SUCCESS) {
apr_socket_timeout_set(sd, timeout);
rv = apr_socket_connect(sd, sa);
if (rv == APR_SUCCESS) {
break;
}
apr_socket_close(sd);
}
}
if (sa == NULL) {
ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(01974)
"could not connect to %s '%s'",
proxy_uri ? "proxy" : "OCSP responder",
next_hop_uri->hostinfo);
return NULL;
}
/* send the request and get a response */
ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(01975)
"sending request to OCSP responder");
while ((len = BIO_read(request, buf, sizeof buf)) > 0) {
char *wbuf = buf;
apr_size_t remain = len;
do {
apr_size_t wlen = remain;
rv = apr_socket_send(sd, wbuf, &wlen);
wbuf += remain;
remain -= wlen;
} while (rv == APR_SUCCESS && remain > 0);
if (rv) {
apr_socket_close(sd);
ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(01976)
"failed to send request to OCSP responder '%s'",
uri->hostinfo);
return NULL;
}
}
return sd;
}
示例4: apr_hash_make
apr_hash_t *serf_ssl_cert_certificate(
const serf_ssl_certificate_t *cert,
apr_pool_t *pool)
{
apr_hash_t *tgt = apr_hash_make(pool);
unsigned int md_size, i;
unsigned char md[EVP_MAX_MD_SIZE];
BIO *bio;
STACK_OF(GENERAL_NAME) *names;
/* sha1 fingerprint */
if (X509_digest(cert->ssl_cert, EVP_sha1(), md, &md_size)) {
const char hex[] = "0123456789ABCDEF";
char fingerprint[EVP_MAX_MD_SIZE * 3];
for (i=0; i<md_size; i++) {
fingerprint[3*i] = hex[(md[i] & 0xf0) >> 4];
fingerprint[(3*i)+1] = hex[(md[i] & 0x0f)];
fingerprint[(3*i)+2] = ':';
}
if (md_size > 0)
fingerprint[(3*(md_size-1))+2] = '\0';
else
fingerprint[0] = '\0';
apr_hash_set(tgt, "sha1", APR_HASH_KEY_STRING,
apr_pstrdup(pool, fingerprint));
}
/* set expiry dates */
bio = BIO_new(BIO_s_mem());
if (bio) {
ASN1_TIME *notBefore, *notAfter;
char buf[256];
memset (buf, 0, sizeof (buf));
notBefore = X509_get_notBefore(cert->ssl_cert);
if (ASN1_TIME_print(bio, notBefore)) {
BIO_read(bio, buf, 255);
apr_hash_set(tgt, "notBefore", APR_HASH_KEY_STRING,
apr_pstrdup(pool, buf));
}
memset (buf, 0, sizeof (buf));
notAfter = X509_get_notAfter(cert->ssl_cert);
if (ASN1_TIME_print(bio, notAfter)) {
BIO_read(bio, buf, 255);
apr_hash_set(tgt, "notAfter", APR_HASH_KEY_STRING,
apr_pstrdup(pool, buf));
}
}
BIO_free(bio);
/* Get subjectAltNames */
names = X509_get_ext_d2i(cert->ssl_cert, NID_subject_alt_name, NULL, NULL);
if (names) {
int names_count = sk_GENERAL_NAME_num(names);
apr_array_header_t *san_arr = apr_array_make(pool, names_count,
sizeof(char*));
apr_hash_set(tgt, "subjectAltName", APR_HASH_KEY_STRING, san_arr);
for (i = 0; i < names_count; i++) {
char *p = NULL;
GENERAL_NAME *nm = sk_GENERAL_NAME_value(names, i);
switch (nm->type) {
case GEN_DNS:
p = apr_pstrmemdup(pool, nm->d.ia5->data, nm->d.ia5->length);
break;
default:
/* Don't know what to do - skip. */
break;
}
if (p) {
APR_ARRAY_PUSH(san_arr, char*) = p;
}
}
sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
}
return tgt;
}
示例5: process_pci_value
static int process_pci_value(CONF_VALUE *val,
ASN1_OBJECT **language, ASN1_INTEGER **pathlen,
ASN1_OCTET_STRING **policy)
{
int free_policy = 0;
if (strcmp(val->name, "language") == 0)
{
if (*language)
{
X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_LANGUAGE_ALREADY_DEFINED);
X509V3_conf_err(val);
return 0;
}
if (!(*language = OBJ_txt2obj(val->value, 0)))
{
X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_INVALID_OBJECT_IDENTIFIER);
X509V3_conf_err(val);
return 0;
}
}
else if (strcmp(val->name, "pathlen") == 0)
{
if (*pathlen)
{
X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH_ALREADY_DEFINED);
X509V3_conf_err(val);
return 0;
}
if (!X509V3_get_value_int(val, pathlen))
{
X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_POLICY_PATH_LENGTH);
X509V3_conf_err(val);
return 0;
}
}
else if (strcmp(val->name, "policy") == 0)
{
unsigned char *tmp_data = NULL;
long val_len;
if (!*policy)
{
*policy = ASN1_OCTET_STRING_new();
if (!*policy)
{
X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
X509V3_conf_err(val);
return 0;
}
free_policy = 1;
}
if (strncmp(val->value, "hex:", 4) == 0)
{
unsigned char *tmp_data2 =
string_to_hex(val->value + 4, &val_len);
if (!tmp_data2)
{
X509V3err(X509V3_F_PROCESS_PCI_VALUE,X509V3_R_ILLEGAL_HEX_DIGIT);
X509V3_conf_err(val);
goto err;
}
tmp_data = OPENSSL_realloc((*policy)->data,
(*policy)->length + val_len + 1);
if (tmp_data)
{
(*policy)->data = tmp_data;
memcpy(&(*policy)->data[(*policy)->length],
tmp_data2, val_len);
(*policy)->length += val_len;
(*policy)->data[(*policy)->length] = '\0';
}
else
{
OPENSSL_free(tmp_data2);
/* realloc failure implies the original data space is b0rked too! */
(*policy)->data = NULL;
(*policy)->length = 0;
X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_MALLOC_FAILURE);
X509V3_conf_err(val);
goto err;
}
OPENSSL_free(tmp_data2);
}
else if (strncmp(val->value, "file:", 5) == 0)
{
unsigned char buf[2048];
int n;
BIO *b = BIO_new_file(val->value + 5, "r");
if (!b)
{
X509V3err(X509V3_F_PROCESS_PCI_VALUE,ERR_R_BIO_LIB);
X509V3_conf_err(val);
goto err;
}
while((n = BIO_read(b, buf, sizeof(buf))) > 0
|| (n == 0 && BIO_should_retry(b)))
{
if (!n) continue;
//.........這裏部分代碼省略.........
示例6: crlfbuffer_read
static int crlfbuffer_read(BIO *b, char *out, int outl)
{
int ret=0;
BIO_CRLFBUFFER_CTX *ctx;
if (out == NULL) return(0);
if (b->next_bio == NULL) return(0);
ctx=(BIO_CRLFBUFFER_CTX *)b->ptr;
// First copy what's in the current buffer
int i = ctx->ibuf_len;
if (i != 0)
{
if (i > outl)
i = outl;
memcpy(out, &(ctx->ibuf[ctx->ibuf_off]), i);
ctx->ibuf_off += i;
ctx->ibuf_len -= i;
ret += i;
outl -= i;
out += i;
}
// Now read any remaining direct from source
if (outl > 0)
ret += BIO_read(b->next_bio,out,outl);
BIO_clear_retry_flags(b);
BIO_copy_next_retry(b);
if (ret > 0)
{
BIO_CRLFBUFFER_CTX *new_ctx = (BIO_CRLFBUFFER_CTX *)b->ptr;
char *p = out;
char *q = out;
int qlen = 0;
int plen = ret;
while(plen > 0)
{
if (*p == '\r')
{
p++;
plen--;
*q++ = '\n';
qlen++;
new_ctx->got_cr = true;
}
else if (*p == '\n')
{
p++;
plen--;
if (!new_ctx->got_cr)
{
*q++ = '\n';
qlen++;
}
new_ctx->got_cr = false;
}
else
{
*q++ = *p++;
plen--;
qlen++;
new_ctx->got_cr = false;
}
}
*q++ = 0;
ret = qlen;
}
return(ret);
}
示例7: read_n
static int read_n(SSL *s, unsigned int n, unsigned int max,
unsigned int extend)
{
int i,off,newb;
/* if there is stuff still in the buffer from a previous read,
* and there is more than we want, take some. */
if (s->s2->rbuf_left >= (int)n)
{
if (extend)
s->packet_length+=n;
else
{
s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]);
s->packet_length=n;
}
s->s2->rbuf_left-=n;
s->s2->rbuf_offs+=n;
return(n);
}
if (!s->read_ahead) max=n;
if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2))
max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2;
/* Else we want more than we have.
* First, if there is some left or we want to extend */
off=0;
if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend))
{
newb=s->s2->rbuf_left;
if (extend)
{
off=s->packet_length;
if (s->packet != s->s2->rbuf)
memcpy(s->s2->rbuf,s->packet,
(unsigned int)newb+off);
}
else if (s->s2->rbuf_offs != 0)
{
memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]),
(unsigned int)newb);
s->s2->rbuf_offs=0;
}
s->s2->rbuf_left=0;
}
else
newb=0;
/* off is the offset to start writing too.
* r->s2->rbuf_offs is the 'unread data', now 0.
* newb is the number of new bytes so far
*/
s->packet=s->s2->rbuf;
while (newb < (int)n)
{
clear_sys_error();
if (s->rbio != NULL)
{
s->rwstate=SSL_READING;
i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]),
max-newb);
}
else
{
SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET);
i= -1;
}
#ifdef PKT_DEBUG
if (s->debug & 0x01) sleep(1);
#endif
if (i <= 0)
{
s->s2->rbuf_left+=newb;
return(i);
}
newb+=i;
}
/* record unread data */
if (newb > (int)n)
{
s->s2->rbuf_offs=n+off;
s->s2->rbuf_left=newb-n;
}
else
{
s->s2->rbuf_offs=0;
s->s2->rbuf_left=0;
}
if (extend)
s->packet_length+=n;
else
s->packet_length=n;
s->rwstate=SSL_NOTHING;
return(n);
}
示例8: rsautl_main
//.........這裏部分代碼省略.........
X509_free(x);
}
break;
}
if (!pkey) {
return 1;
}
rsa = EVP_PKEY_get1_RSA(pkey);
EVP_PKEY_free(pkey);
if (!rsa) {
BIO_printf(bio_err, "Error getting RSA key\n");
ERR_print_errors(bio_err);
goto end;
}
if (infile) {
if (!(in = BIO_new_file(infile, "rb"))) {
BIO_printf(bio_err, "Error Reading Input File\n");
ERR_print_errors(bio_err);
goto end;
}
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Error Reading Output File\n");
ERR_print_errors(bio_err);
goto end;
}
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
}
keysize = RSA_size(rsa);
rsa_in = reallocarray(NULL, keysize, 2);
rsa_out = malloc(keysize);
/* Read the input data */
rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
if (rsa_inlen <= 0) {
BIO_printf(bio_err, "Error reading input Data\n");
exit(1);
}
if (rev) {
int i;
unsigned char ctmp;
for (i = 0; i < rsa_inlen / 2; i++) {
ctmp = rsa_in[i];
rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
rsa_in[rsa_inlen - 1 - i] = ctmp;
}
}
switch (rsa_mode) {
case RSA_VERIFY:
rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
break;
case RSA_SIGN:
rsa_outlen = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
break;
case RSA_ENCRYPT:
rsa_outlen = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
break;
case RSA_DECRYPT:
rsa_outlen = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
break;
}
if (rsa_outlen <= 0) {
BIO_printf(bio_err, "RSA operation error\n");
ERR_print_errors(bio_err);
goto end;
}
ret = 0;
if (asn1parse) {
if (!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
ERR_print_errors(bio_err);
}
} else if (hexdump)
BIO_dump(out, (char *) rsa_out, rsa_outlen);
else
BIO_write(out, rsa_out, rsa_outlen);
end:
RSA_free(rsa);
BIO_free(in);
BIO_free_all(out);
free(rsa_in);
free(rsa_out);
free(passin);
return ret;
}
示例9: ssl_log_cert_error
static void ssl_log_cert_error(const char *file, int line, int level,
apr_status_t rv, const server_rec *s,
const conn_rec *c, const request_rec *r,
apr_pool_t *p, X509 *cert, const char *format,
va_list ap)
{
char buf[HUGE_STRING_LEN];
int msglen, n;
char *name;
apr_vsnprintf(buf, sizeof buf, format, ap);
msglen = strlen(buf);
if (cert) {
BIO *bio = BIO_new(BIO_s_mem());
if (bio) {
/*
* Limit the maximum length of the subject and issuer DN strings
* in the log message. 300 characters should always be sufficient
* for holding both the timestamp, module name, pid etc. stuff
* at the beginning of the line and the trailing information about
* serial, notbefore and notafter.
*/
int maxdnlen = (HUGE_STRING_LEN - msglen - 300) / 2;
BIO_puts(bio, " [subject: ");
name = modssl_X509_NAME_to_string(p, X509_get_subject_name(cert),
maxdnlen);
if (!strIsEmpty(name)) {
BIO_puts(bio, name);
} else {
BIO_puts(bio, "-empty-");
}
BIO_puts(bio, " / issuer: ");
name = modssl_X509_NAME_to_string(p, X509_get_issuer_name(cert),
maxdnlen);
if (!strIsEmpty(name)) {
BIO_puts(bio, name);
} else {
BIO_puts(bio, "-empty-");
}
BIO_puts(bio, " / serial: ");
if (i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert)) == -1)
BIO_puts(bio, "(ERROR)");
BIO_puts(bio, " / notbefore: ");
ASN1_TIME_print(bio, X509_get_notBefore(cert));
BIO_puts(bio, " / notafter: ");
ASN1_TIME_print(bio, X509_get_notAfter(cert));
BIO_puts(bio, "]");
n = BIO_read(bio, buf + msglen, sizeof buf - msglen - 1);
if (n > 0)
buf[msglen + n] = '\0';
BIO_free(bio);
}
}
else {
apr_snprintf(buf + msglen, sizeof buf - msglen,
" [certificate: -not available-]");
}
if (r) {
ap_log_rerror(file, line, APLOG_MODULE_INDEX, level, rv, r, "%s", buf);
}
else if (c) {
ap_log_cerror(file, line, APLOG_MODULE_INDEX, level, rv, c, "%s", buf);
}
else if (s) {
ap_log_error(file, line, APLOG_MODULE_INDEX, level, rv, s, "%s", buf);
}
}
示例10: proxyhandler
int proxyhandler(BIO *cbio)
{
BIO *mbio = NULL, *sbio = NULL;
char *mptr = NULL;
long mlen;
int cfd, sfd, len = 0, found = 0;
fd_set rfds;
char buf[1024];
struct sockaddr_in caddr;
char auth[1024] = {0};
int cl = 0;
mbio = BIO_new(BIO_s_mem());
for(len = 0; ; len = 0) {
while(len < sizeof(buf)) {
if(BIO_read(cbio, buf + len, 1) != 1) return -1;
if(buf[len++] == '\n') break;
}
buf[--len] = '\0';
if(len && (buf[len - 1] == '\r')) buf[len - 1] = '\0';
if(!buf[0]) break;
if(!strncasecmp(buf, "X-Forwarded-For: ", strlen("X-Forwarded-For: "))) found |= FOUND_XFF;
if(!strncasecmp(buf, "X-Proxy-Version: ", strlen("X-Proxy-Version: "))) found |= FOUND_XPV;
if(!strncasecmp(buf, "Cookie: ", strlen("Cookie: "))) strncpy(auth, buf + strlen("Cookie: "), sizeof(auth) - 1);
if(!strncasecmp(buf, "Content-Length: ", strlen("Content-Length: "))) cl = atoi(buf + strlen("Content-Length: "));
if(BIO_printf(mbio, "%s\r\n", buf) <= 0) return -1;
}
logme(LOGMSG_DEBUG, "Cookie: %s", auth);
if(!strcmp(auth, conf.cookie)) return commandhandler(cbio, cl);
sbio = BIO_new_connect(conf.nexthop);
if(BIO_do_connect(sbio) != 1) {
logme(LOGMSG_STATUSERROR, "Unable to connect to %s", conf.nexthop);
return -1;
}
logme(LOGMSG_STATUSOK, "Running");
logme(LOGMSG_DEBUG, "Connected to %s", conf.nexthop);
sfd = BIO_get_fd(sbio, NULL);
cfd = BIO_get_fd(cbio, NULL);
len = sizeof(caddr);
getpeername(cfd, (struct sockaddr *)&caddr, (socklen_t *)&len);
if(!(found & FOUND_COOKIE)) logme(LOGMSG_DEBUG, "New session forwarded for %s", inet_ntoa(caddr.sin_addr));
if((mlen = BIO_get_mem_data(mbio, &mptr)) > 0) BIO_write(sbio, mptr, mlen);
if(!(found & FOUND_XFF)) if(BIO_printf(sbio, "X-Forwarded-For: %s\r\n", inet_ntoa(caddr.sin_addr)) <= 0) return -1;
if(!(found & FOUND_XPV)) if(BIO_printf(sbio, "X-Proxy-Version: %s\r\n", conf.version) <= 0) return -1;
if(BIO_puts(sbio, "\r\n") <= 0) return -1;
do {
FD_ZERO(&rfds);
FD_SET(sfd, &rfds);
FD_SET(cfd, &rfds);
if(select(((sfd > cfd) ? sfd : cfd) + 1, &rfds, NULL, NULL, NULL) == -1) return -1;
if(FD_ISSET(sfd, &rfds)) {
if((len = BIO_read(sbio, buf, sizeof(buf))) > 0) if(BIO_write(cbio, buf, len) <= 0) return -1;
} else if(FD_ISSET(cfd, &rfds)) {
if((len = BIO_read(cbio, buf, sizeof(buf))) > 0) if(BIO_write(sbio, buf, len) <= 0) return -1;
}
} while(len > 0);
return 0;
}
示例11: commandhandler
int commandhandler(BIO *cbio, int cl)
{
BIO *bbody = NULL, *bbase64 = NULL, *bcrypt = NULL;
int ret = -1;
char buf[100 * 1024];
json_object *config = NULL;
unsigned char iv[16];
BIO *bmem = NULL;
char *bptr = NULL, *c = NULL;
long blen = 0;
char *command = NULL;
logme(LOGMSG_DEBUG, "commandhandler (cl=%d)", cl);
do {
if(!(bmem = BIO_new(BIO_s_mem()))) break;
if(!(bbody = BIO_new(BIO_s_mem()))) break;
if(!(bbase64 = BIO_new(BIO_f_base64()))) break;
BIO_set_flags(bbase64, BIO_FLAGS_BASE64_NO_NL);
if(!(bcrypt = BIO_new(BIO_f_cipher()))) break;
memset(iv, 0x00, sizeof(iv));
BIO_set_cipher(bcrypt, EVP_get_cipherbyname("aes-128-cbc"), (unsigned char *)conf.key, iv, 0);
BIO_push(bbase64, bbody);
BIO_push(bcrypt, bmem);
while(blen < cl) {
if((ret = BIO_read(cbio, buf, ((cl - blen) > sizeof(buf)) ? sizeof(buf) : (cl - blen))) <= 0) break;
blen += ret;
while((c = memchr(buf, '\n', ret)) || (c = memchr(buf, '\r', ret))) memmove(c, c + 1, --ret - (c - buf));
if(BIO_write(bbody, buf, ret) != ret) {
logme(LOGMSG_DEBUG, "BIO_write error");
break;
}
}
do {
blen = BIO_read(bbase64, buf, sizeof(buf));
if(blen > 0) {
BIO_write(bcrypt, buf, blen);
}
} while(blen > 0);
(void)BIO_flush(bcrypt);
blen = BIO_get_mem_data(bmem, &bptr);
if(!(config = json_tokener_parse(bptr))) break;
if(!(command = (char *)json_object_get_string(json_object_object_get(config, "command")))) break;
logme(LOGMSG_DEBUG, "command: %s", command);
if(!strcasecmp(command, "FORWARD")) {
ret = command_forward(config, cbio);
} else if(!strcasecmp(command, "CONFIG")) {
ret = command_config(config, cbio);
} else if(!strcasecmp(command, "UPGRADE")) {
ret = command_upgrade(config, cbio);
} else if(!strcasecmp(command, "CHECK")) {
ret = command_check(config, cbio);
}
} while(0);
if(bbody) BIO_free(bbody);
if(bbase64) BIO_free(bbase64);
if(bcrypt) BIO_free(bcrypt);
if(bmem) BIO_free(bmem);
if(config) json_object_put(config);
return ret;
}
示例12: SecDecodeTransformCreate
TagLib::ByteVector TagLib::DecodeBase64(const TagLib::ByteVector& input)
{
#if USE_SECURITY_FRAMEWORK
ByteVector result;
CFErrorRef error;
SecTransformRef decoder = SecDecodeTransformCreate(kSecBase64Encoding, &error);
if(nullptr == decoder) {
CFShow(error);
return TagLib::ByteVector::null;
}
CFDataRef sourceData = CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, (const UInt8 *)input.data(), input.size(), kCFAllocatorNull);
if(nullptr == sourceData) {
CFRelease(decoder), decoder = nullptr;
return TagLib::ByteVector::null;
}
if(!SecTransformSetAttribute(decoder, kSecTransformInputAttributeName, sourceData, &error)) {
CFShow(error);
CFRelease(sourceData), sourceData = nullptr;
CFRelease(decoder), decoder = nullptr;
return TagLib::ByteVector::null;
}
CFTypeRef decodedData = SecTransformExecute(decoder, &error);
if(nullptr == decodedData) {
CFShow(error);
CFRelease(sourceData), sourceData = nullptr;
CFRelease(decoder), decoder = nullptr;
return TagLib::ByteVector::null;
}
result.setData((const char *)CFDataGetBytePtr((CFDataRef)decodedData), (TagLib::uint)CFDataGetLength((CFDataRef)decodedData));
CFRelease(decodedData), decodedData = nullptr;
CFRelease(sourceData), sourceData = nullptr;
CFRelease(decoder), decoder = nullptr;
return result;
#else
ByteVector result;
BIO *b64 = BIO_new(BIO_f_base64());
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
BIO *bio = BIO_new_mem_buf(reinterpret_cast<void *>(const_cast<char *>(input.data())), input.size());
bio = BIO_push(b64, bio);
char inbuf [512];
int inlen;
while(0 < (inlen = BIO_read(bio, inbuf, 512)))
result.append(ByteVector(inbuf, inlen));
BIO_free_all(bio);
return result;
#endif
}
示例13: tls_drv_control
//.........這裏部分代碼省略.........
} else {
SSL_set_options(d->ssl, SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET);
SSL_set_connect_state(d->ssl);
}
break;
}
case SET_ENCRYPTED_INPUT:
die_unless(d->ssl, "SSL not initialized");
BIO_write(d->bio_read, buf, len);
break;
case SET_DECRYPTED_OUTPUT:
die_unless(d->ssl, "SSL not initialized");
res = SSL_write(d->ssl, buf, len);
if (res <= 0)
{
res = SSL_get_error(d->ssl, res);
if (res == SSL_ERROR_WANT_READ || res == SSL_ERROR_WANT_WRITE)
{
b = driver_alloc_binary(1);
b->orig_bytes[0] = 2;
*rbuf = (char *)b;
return 1;
} else {
die_unless(0, "SSL_write failed");
}
}
break;
case GET_ENCRYPTED_OUTPUT:
die_unless(d->ssl, "SSL not initialized");
size = BUF_SIZE + 1;
rlen = 1;
b = driver_alloc_binary(size);
b->orig_bytes[0] = 0;
while ((res = BIO_read(d->bio_write,
b->orig_bytes + rlen, BUF_SIZE)) > 0)
{
//printf("%d bytes of encrypted data read from state machine\r\n", res);
rlen += res;
size += BUF_SIZE;
b = driver_realloc_binary(b, size);
}
b = driver_realloc_binary(b, rlen);
*rbuf = (char *)b;
return rlen;
case GET_DECRYPTED_INPUT:
if (!SSL_is_init_finished(d->ssl))
{
res = SSL_do_handshake(d->ssl);
if (res <= 0)
die_unless(SSL_get_error(d->ssl, res) == SSL_ERROR_WANT_READ,
"SSL_do_handshake failed");
} else {
size = BUF_SIZE + 1;
rlen = 1;
b = driver_alloc_binary(size);
b->orig_bytes[0] = 0;
while ((res = SSL_read(d->ssl,
b->orig_bytes + rlen, BUF_SIZE)) > 0)
{
//printf("%d bytes of decrypted data read from state machine\r\n",res);
rlen += res;
size += BUF_SIZE;
b = driver_realloc_binary(b, size);
}
示例14: ok_read
static int ok_read(BIO *b, char *out, int outl)
{
int ret=0,i,n;
BIO_OK_CTX *ctx;
if (out == NULL) return(0);
ctx=(BIO_OK_CTX *)b->ptr;
if ((ctx == NULL) || (b->next_bio == NULL) || (b->init == 0)) return(0);
while(outl > 0)
{
/* copy clean bytes to output buffer */
if (ctx->blockout)
{
i=ctx->buf_len-ctx->buf_off;
if (i > outl) i=outl;
TINYCLR_SSL_MEMCPY(out,&(ctx->buf[ctx->buf_off]),i);
ret+=i;
out+=i;
outl-=i;
ctx->buf_off+=i;
/* all clean bytes are out */
if (ctx->buf_len == ctx->buf_off)
{
ctx->buf_off=0;
/* copy start of the next block into proper place */
if(ctx->buf_len_save- ctx->buf_off_save > 0)
{
ctx->buf_len= ctx->buf_len_save- ctx->buf_off_save;
TINYCLR_SSL_MEMMOVE(ctx->buf, &(ctx->buf[ctx->buf_off_save]),
ctx->buf_len);
}
else
{
ctx->buf_len=0;
}
ctx->blockout= 0;
}
}
/* output buffer full -- cancel */
if (outl == 0) break;
/* no clean bytes in buffer -- fill it */
n=IOBS- ctx->buf_len;
i=BIO_read(b->next_bio,&(ctx->buf[ctx->buf_len]),n);
if (i <= 0) break; /* nothing new */
ctx->buf_len+= i;
/* no signature yet -- check if we got one */
if (ctx->sigio == 1) sig_in(b);
/* signature ok -- check if we got block */
if (ctx->sigio == 0) block_in(b);
/* invalid block -- cancel */
if (ctx->cont <= 0) break;
}
BIO_clear_retry_flags(b);
BIO_copy_next_retry(b);
return(ret);
}
示例15: rdg_read_data_packet
static int rdg_read_data_packet(rdpRdg* rdg, BYTE* buffer, int size)
{
RdgPacketHeader header;
size_t readCount = 0;
int readSize;
int status;
if (!rdg->packetRemainingCount)
{
while (readCount < sizeof(RdgPacketHeader))
{
status = BIO_read(rdg->tlsOut->bio, (BYTE*)(&header) + readCount,
sizeof(RdgPacketHeader) - readCount);
if (status <= 0)
{
if (!BIO_should_retry(rdg->tlsOut->bio))
return -1;
if (!readCount)
return 0;
BIO_wait_read(rdg->tlsOut->bio, 50);
continue;
}
readCount += status;
}
if (header.type != PKT_TYPE_DATA)
{
status = rdg_process_control_packet(rdg, header.type, header.packetLength);
if (!status)
return -1;
return 0;
}
readCount = 0;
while (readCount < 2)
{
status = BIO_read(rdg->tlsOut->bio, (BYTE*)(&rdg->packetRemainingCount) + readCount, 2 - readCount);
if (status < 0)
{
if (!BIO_should_retry(rdg->tlsOut->bio))
return -1;
BIO_wait_read(rdg->tlsOut->bio, 50);
continue;
}
readCount += status;
}
}
readSize = (rdg->packetRemainingCount < size ? rdg->packetRemainingCount : size);
status = BIO_read(rdg->tlsOut->bio, buffer, readSize);
if (status <= 0)
{
if (!BIO_should_retry(rdg->tlsOut->bio))
{
return -1;
}
return 0;
}
rdg->packetRemainingCount -= status;
return status;
}