• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

C++ BIO_get_ssl函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了C++中BIO_get_ssl函数的典型用法代码示例。如果您正苦于以下问题:C++ BIO_get_ssl函数的具体用法?C++ BIO_get_ssl怎么用?C++ BIO_get_ssl使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了BIO_get_ssl函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。

示例1: connect_encrypted

BIO* connect_encrypted(char* host_and_port, char* store_path, char store_type, SSL_CTX** ctx, SSL** ssl) {
  BIO* bio = NULL;
  int r = 0;

  *ctx = SSL_CTX_new(SSLv23_client_method());
  *ssl = NULL;

  if (store_type == 'f')
    r = SSL_CTX_load_verify_locations(*ctx, store_path, NULL);
  else
    r = SSL_CTX_load_verify_locations(*ctx, NULL, store_path);
  if (r == 0) {
    return NULL;
  }

  bio = BIO_new_ssl_connect(*ctx);
  BIO_get_ssl(bio, ssl);
  if (!(*ssl)) {
    return NULL;
  }
  SSL_set_mode(*ssl, SSL_MODE_AUTO_RETRY);

  BIO_set_conn_hostname(bio, host_and_port);

  if (BIO_do_connect(bio) < 1) {
    return NULL;
  }

  return bio;
}
开发者ID:GitMirar,项目名称:heartbleed_exploit,代码行数:30,代码来源:main.c


示例2: opensslconnect

static Pfd*
opensslconnect(char *host)
{
	Pfd *pfd;
	BIO *sbio;
	SSL_CTX *ctx;
	SSL *ssl;
	static int didinit;
	char buf[1024];

	if(!didinit){
		httpsinit();
		didinit = 1;
	}

	ctx = SSL_CTX_new(SSLv23_client_method());
	sbio = BIO_new_ssl_connect(ctx);
	BIO_get_ssl(sbio, &ssl);
	SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
	
	snprint(buf, sizeof buf, "%s:https", host);
	BIO_set_conn_hostname(sbio, buf);
	
	if(BIO_do_connect(sbio) <= 0 || BIO_do_handshake(sbio) <= 0){
		ERR_error_string_n(ERR_get_error(), buf, sizeof buf);
		BIO_free_all(sbio);
		werrstr("openssl: %s", buf);
		return nil;
	}

	pfd = emalloc(sizeof *pfd);
	pfd->sbio = sbio;
	return pfd;
}
开发者ID:00001,项目名称:plan9port,代码行数:34,代码来源:openssl.c


示例3: tls_prepare

BOOL tls_prepare(rdpTls* tls, BIO *underlying, const SSL_METHOD *method, int options, BOOL clientMode)
#endif
{
	tls->ctx = SSL_CTX_new(method);
	if (!tls->ctx)
	{
		DEBUG_WARN( "%s: SSL_CTX_new failed\n", __FUNCTION__);
		return FALSE;
	}

	SSL_CTX_set_mode(tls->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);

	SSL_CTX_set_options(tls->ctx, options);
	SSL_CTX_set_read_ahead(tls->ctx, 1);

	if (tls->settings->PermittedTLSCiphers) {
		if(!SSL_CTX_set_cipher_list(tls->ctx, tls->settings->PermittedTLSCiphers)) {
			DEBUG_WARN( "SSL_CTX_set_cipher_list %s failed\n", tls->settings->PermittedTLSCiphers);
			return FALSE;
		}
	}
 
	tls->bio = BIO_new_rdp_tls(tls->ctx, clientMode);

	if (BIO_get_ssl(tls->bio, &tls->ssl) < 0)
	{
		DEBUG_WARN( "%s: unable to retrieve the SSL of the connection\n", __FUNCTION__);
		return FALSE;
	}

	BIO_push(tls->bio, underlying);

	return TRUE;
}
开发者ID:JozLes77,项目名称:FreeRDP,代码行数:34,代码来源:tls.c


示例4: allowed

/*
  The first line specifiy some settings in the ctx and ssl object:
  SSL_OP_ALL: enables all work around codes
  SSL_OP_NO_SSLv2: no SSLv2 connections are allowed (this should fail anyway because only
                   TLSv1 connection are allowed)
  SSL_OP_SINGLE_DH_USE: the server generates a new private key for each new connection
  SSL_VERIFY_PEER: asks the client for a certificate
  SSL_VERIFY_FAIL_IF_NO_PEER_CERT: if the client doesn't present a cert the connection gets
                                   terminated
  CIPHER_LIST: is defined in ssl_server.h (look there for a detailed description)

  After setting up these things the bio object will be created and a ssl object assigned.
  Then the ssl engine mode is set to SSL_MODE_AUTO_RETRY. All available modes are:

  SSL_MODE_ENABLE_PARTIAL_WRITE: Allow SSL_write(..., n) to return r with 0 < r < n 
                                (i.e. report success when just a single record has been written).
				When not set (the default), SSL_write() will only report success 
				once the complete chunk was written. Once SSL_write() returns with r, 
				r bytes have been successfully written and the next call to SSL_write() 
				must only send the n-r bytes left, imitating the behaviour of write().

  SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER: Make it possible to retry SSL_write() with changed buffer location 
                                       (the buffer contents must stay the same). This is not the default 
				       to avoid the misconception that non-blocking SSL_write() behaves 
				       like non-blocking write(). 

  SSL_MODE_AUTO_RETRY: Never bother the application with retries if the transport is blocking. If a 
                       renegotiation take place during normal operation, a ssl_read(3) or ssl_write(3)
		       would return with -1 and indicate the need to retry with SSL_ERROR_WANT_READ . In 
		       a non-blocking environment applications must be prepared to handle incomplete 
		       read/write operations. In a blocking environment, applications are not always
		       prepared to deal with read/write operations returning without success report. The 
		       flag SSL_MODE_AUTO_RETRY will cause read/write operations to only return after 
		       the handshake and successful completion. 

  The server contains 3 bio objects: bio, abio and out. 'bio' contains the context, 'abio'
  binds to the socket and 'out' is the established connection.
 */
void SSL_Server::bind(){
  SSL_CTX_set_verify(getCTX(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, NULL);
  SSL_CTX_set_options(getCTX(), SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
  SSL_CTX_set_tmp_dh_callback(getCTX(), tmp_dh_callback);
  if(SSL_CTX_set_cipher_list(getCTX(), CIPHER_LIST) != 1)
    msgHandler->error("setting cipher list failed (no valid ciphers)", CRITICAL);

  msgHandler->debug("trying to set context to bio");
  bio = BIO_new_ssl(getCTX(), 0);
  if(bio == NULL){
    string error("Cannot set context to bio ");
    error.append(getSocket());
    error.append("\nSSL_ERROR: ");
    error.append(ERR_reason_error_string(ERR_get_error()));
    msgHandler->error(error, CRITICAL);
  } else
    msgHandler->debug("set context to bio successful");

  BIO_get_ssl(bio, &ssl);
  SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);

  msgHandler->debug("trying to bind to socket");
  abio = BIO_new_accept((char*)getSocket().c_str());
  BIO_set_accept_bios(abio, bio);

  if(BIO_do_accept(abio) <= 0){
    string error("Bind to socket ");
    error.append(getSocket());
    error.append(" failed.\nSSL_ERROR: ");
    error.append(ERR_reason_error_string(ERR_get_error()));
    msgHandler->error(error, CRITICAL);
  } else
    msgHandler->log("bind to socket successful");
}
开发者ID:MoePad,项目名称:Projektbericht_3,代码行数:72,代码来源:ssl_server.cpp


示例5: snprintf

BIO *Connect_SSL(char *hostname, int port)
{
	//BIO *bio = NULL;
	char bio_addr[BUF_MAX] = { 0 };
	
	snprintf(bio_addr, sizeof(bio_addr), "%s:%d", hostname, port);
	
	SSL_library_init();
	
	SSL_CTX *ctx = SSL_CTX_new(SSLv23_client_method());
	SSL *ssl = NULL;
	
	bio = BIO_new_ssl_connect(ctx);
	if (bio == NULL)
	{
		Error("BIO_new_ssl_connect");
	}
	
	BIO_get_ssl(bio, &ssl);
	SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
	BIO_set_conn_hostname(bio, bio_addr);
	
	if (BIO_do_connect(bio) <= 0)
	{
		Error("SSL Unable to connect");
	}

	return bio;
}
开发者ID:haxworx,项目名称:NodeInTheWhole,代码行数:29,代码来源:drop.c


示例6: BIO_get_ssl

void *handle_connection(void *arg)
{
	char buf[1024];
	BIO *bio = (BIO *)arg;
	X509 *peer;
	SSL *ssl;

	BIO_get_ssl(bio, &ssl);

	if (BIO_do_handshake(bio) <= 0) {
		printf("Failed handshake.\n");
		ERR_print_errors_fp(stdout);
		return (void *)-1;
	}

	if ((peer = SSL_get_peer_certificate(ssl))) {
		if (SSL_get_verify_result(ssl) == X509_V_OK) {
			/* The client sent a certificate which verified OK */
			printf("The client sent a certificate which verified OK\n");
		} else {
			printf("The client sent a certificate which verified failed\n");
		}
	} else {
		fprintf(stderr, "cannot get peer certificate\n");
	}

	BIO_read(bio, buf, 1024);
	printf("Received: %s\n", buf);
	BIO_puts(bio, "Connection: Sending out Data on initial connection\n");
	printf("Sent out data on connection\n");

	BIO_free_all(bio);

	return (void *)0;
}
开发者ID:warmlab,项目名称:study,代码行数:35,代码来源:ssl_server.c


示例7: tls_prepare

BOOL tls_prepare(rdpTls* tls, BIO *underlying, const SSL_METHOD *method, int options, BOOL clientMode)
#endif
{
	tls->ctx = SSL_CTX_new(method);
	if (!tls->ctx)
	{
		fprintf(stderr, "%s: SSL_CTX_new failed\n", __FUNCTION__);
		return FALSE;
	}

	SSL_CTX_set_mode(tls->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);

	SSL_CTX_set_options(tls->ctx, options);
	SSL_CTX_set_read_ahead(tls->ctx, 1);

	tls->bio = BIO_new_rdp_tls(tls->ctx, clientMode);

	if (BIO_get_ssl(tls->bio, &tls->ssl) < 0)
	{
		fprintf(stderr, "%s: unable to retrieve the SSL of the connection\n", __FUNCTION__);
		return FALSE;
	}

	BIO_push(tls->bio, underlying);

	return TRUE;
}
开发者ID:nayimsust,项目名称:FreeRDP,代码行数:27,代码来源:tls.c


示例8: main

int main() 
{
    SSL_load_error_strings();
    ERR_load_BIO_strings();
    OpenSSL_add_all_algorithms();
    
    SSL_CTX *ctx = SSL_CTX_new(SSLv23_client_method());
    if (ctx == NULL) {
        printf("SSL_CTX_new err func:%s\n reaseon:%s", ERR_func_error_string(ERR_get_error()),
               ERR_reason_error_string(ERR_get_error()));
        exit(1);
    }

    //加载可信任证书库
    if (0 == SSL_CTX_load_verify_locations(ctx, "./push_cer.pem", NULL)) {
        printf("err func:%s\n reaseon:%s", ERR_func_error_string(ERR_get_error()),
               ERR_reason_error_string(ERR_get_error()));
        ERR_print_errors_fp(stdout);
        exit(1);
    }

    //set BIO
    BIO *bio = BIO_new_ssl_connect(ctx);
    if (bio == NULL) {
        printf("err func:%s\n", ERR_func_error_string(ERR_get_error()));
        ERR_print_errors_fp(stdout);
        exit(1);
    }

    SSL *ssl;
    BIO_get_ssl(bio, &ssl);
    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);

    //open safe connect
    BIO_set_conn_hostname(bio, "gateway.sandbox.push.apple.com:2195");

    //verify connect ok
    if (BIO_do_connect(bio) <= 0) {
        ERR_print_errors_fp(stdout);
        exit(1);
    }

    if (SSL_get_verify_result(ssl) != X509_V_OK) {
        printf("SSL_get_verify_result not success\n");
    }

    char buf[MAXBUF];
    char *json = "{\"aps\":{\"badge\":123}}";
    sendPayload(bio, token, json, strlen(json));
    int ret = BIO_read(bio, buf, MAXBUF);
    if (ret <= 0) {
        printf("BIO_read return 0\n");
    }

    SSL_CTX_free(ctx);
    BIO_free_all(bio);
    return 0;
}
开发者ID:NEXUS1000,项目名称:Linux-learning,代码行数:58,代码来源:bio.c


示例9: neo4j_get_logger

BIO *neo4j_openssl_new_bio(BIO *delegate, const char *hostname, int port,
        const neo4j_config_t *config, uint_fast32_t flags)
{
    neo4j_logger_t *logger = neo4j_get_logger(config, "tls");

    SSL_CTX *ctx = new_ctx(config, logger);
    if (ctx == NULL)
    {
        return NULL;
    }

    BIO *ssl_bio = BIO_new_ssl(ctx, 1);
    if (ssl_bio == NULL)
    {
        errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__);
        SSL_CTX_free(ctx);
        goto failure;
    }

    SSL_CTX_free(ctx);

    BIO_push(ssl_bio, delegate);
    if (BIO_set_close(ssl_bio, BIO_CLOSE) != 1)
    {
        errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__);
        goto failure;
    }

    int result = BIO_do_handshake(ssl_bio);
    if (result != 1)
    {
        if (result == 0)
        {
            errno = NEO4J_NO_SERVER_TLS_SUPPORT;
            goto failure;
        }
        errno = openssl_error(logger, NEO4J_LOG_ERROR, __FILE__, __LINE__);
        goto failure;
    }

    SSL *ssl = NULL;
    BIO_get_ssl(ssl_bio, &ssl);
    assert(ssl != NULL);
    if (verify(ssl, hostname, port, config, flags, logger))
    {
        goto failure;
    }

    return ssl_bio;

    int errsv;
failure:
    errsv = errno;
    BIO_free(ssl_bio);
    errno = errsv;
    return NULL;
}
开发者ID:Dan-McG,项目名称:libneo4j-client,代码行数:57,代码来源:openssl.c


示例10: SSL_load_error_strings

const char *dbapi_lookup(const char *key) {
	long res = 1;
	SSL_CTX* ctx = NULL;
	BIO *web = NULL, *out = NULL;
	SSL *ssl = NULL;
	const SSL_METHOD* method;
	char *token, *tmpout, *buf;
	int hlen=0, len=0, maxlen=2048;
	(void)SSL_library_init();
	SSL_load_error_strings();
	OPENSSL_config(NULL);
	method = SSLv23_method(); if(method==NULL) return NULL;
	ctx = SSL_CTX_new(method); if(ctx==NULL) return NULL;
	SSL_CTX_set_verify_depth(ctx, 4);
	SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1|
		SSL_OP_NO_COMPRESSION);
	web = BIO_new_ssl_connect(ctx); if(web==NULL) return NULL;
	res = BIO_set_conn_hostname(web, DB_API_SERVER); if(res!=1) return NULL;
	BIO_get_ssl(web, &ssl); if(ssl==NULL) return NULL;
	res = SSL_set_cipher_list(ssl, SECURE_CIPHER_LIST); if(res!=1) return NULL;
	res = SSL_set_tlsext_host_name(ssl, DB_API_HOST); if(res!=1) return NULL;
	out = BIO_new_fp(stdout, BIO_NOCLOSE); if(NULL==out) return NULL;
	res = BIO_do_connect(web); if(res!=1) return NULL;
	res = BIO_do_handshake(web); if(res!=1) return NULL;
	len=(60+strlen(key)+strlen(DB_API_HOST)+strlen(DB_API_AUTH));
	char *request=malloc(sizeof(char)*(len+1));
	snprintf(request,len,
		"GET %s HTTP/1.1\nHost: %s\nx-api-key: %s\nConnection: close\n\n",
		key, DB_API_HOST, DB_API_AUTH);
	request[len]='\0';
	BIO_puts(web, request);
	BIO_puts(out, "\n");
	buf = malloc(sizeof(char)*maxlen);
	do {
		char buff[1536] = {};
		len=BIO_read(web, buff, sizeof(buff));
		hlen+=len;
		if(hlen<maxlen&&len>0) strncat(buf,buff,len);
	} while (len>0 || BIO_should_retry(web));
	buf[maxlen]='\0';
	tmpout = malloc(sizeof(char)*(HASH_MAXLENGTH+1));
	token = strtok(buf, "\n");
	while (token) {
		snprintf(tmpout,HASH_MAXLENGTH,"%s",token);
		token = strtok(NULL, "\n");
	}
	tmpout[strlen(tmpout)]='\0';
	free(buf);
	free(request);
	if(out) BIO_free(out);
	if(web != NULL) BIO_free_all(web);
	if(NULL != ctx) SSL_CTX_free(ctx);
	return tmpout;
}
开发者ID:CertCenter,项目名称:mod_fauth,代码行数:54,代码来源:mod_fauth.c


示例11: SSL_CTX_new

bool Email::sendCode(std::string user, std::string code)
{
    std::string msg,to;
    
    msg = m_m1 + code + m_m2;
    to = m_to1 + user + m_to3;
    
    SSL_CTX* ctx = SSL_CTX_new(SSLv23_client_method());
    SSL* ssl;
    
    BIO* bio = BIO_new_ssl_connect(ctx);
    BIO_get_ssl(bio, &ssl);
    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
    BIO_set_conn_hostname(bio, m_amazonHostname.c_str());
    
    if(BIO_do_connect(bio) <= 0){
        BIO_free_all(bio);
        SSL_CTX_free(ctx);
        return false;
    }
    
    if(BIO_do_handshake(bio) <= 0){
        BIO_free_all(bio);
        SSL_CTX_free(ctx);
        return false;
    }

    m_len = BIO_read(bio, m_buf, BUF_LEN) - 1;
    BIO_puts(bio, "HELO localhost\r\n");
    m_len = BIO_read(bio, m_buf, BUF_LEN) - 1;
    BIO_puts(bio,"AUTH LOGIN\r\n");
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    BIO_puts(bio,"QUtJQUlFVzJDMlU3RUZYTU5PUVE=\r\n"); 
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    BIO_puts(bio,"QWd3TkZSOUJyb2dUTUkxYlJHeXh4dHZMYm4reldGZCtYSFJMbnJpNzZ5RC8=\r\n"); 
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    BIO_puts(bio,"MAIL FROM:[email protected]\r\n"); 
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    BIO_puts(bio,to.c_str()); 
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    BIO_puts(bio,"DATA\r\n"); 
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    BIO_puts(bio,"Subject:OneBrown Verification\r\n\r\n"); 
    BIO_puts(bio,msg.c_str()); 
    BIO_puts(bio,"\r\n.\r\n"); 
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    BIO_puts(bio,"QUIT\r\n"); 
    m_len = BIO_read(bio,m_buf,BUF_LEN) - 1;
    
    BIO_free_all(bio);
    SSL_CTX_free(ctx);
    
    return true;
}
开发者ID:freddierice,项目名称:OneBrown,代码行数:54,代码来源:Email.cpp


示例12: handleConn

/*
  At first the arguments are read and passed. Then the ssl context is gotten
  by calling 'BIO_get_ssl(client, &ssl)'. Afterwards the ssl handshake is 
  performed and the certificate verified. Then the line is read from the certificate. 
  This value is mapped to 'organizationalUnitName'.
  An example usage of the connection is shown and then the connectino will be
  terminated.
 */
void* handleConn(void *argsv){
  connArgs* args = (connArgs*) argsv;
  MessageHandler* msgHandler = args->msgHandler;
  BIO* client = args->conn;
  SSL* ssl;

  BIO_get_ssl(client, &ssl);

  /*ssl handshake*/
  msgHandler->debug("performing ssl handshake");
  if(BIO_do_handshake(client) != 1){
    string fail("handshake failed\nSSL_ERROR: ");
    fail.append(ERR_reason_error_string(ERR_get_error()));
    msgHandler->log(fail);
  } else
    msgHandler->log("handshake successful");

  /*verifying the certificate*/
  X509* peerCert;

  if(SSL_get_verify_result(ssl) != X509_V_OK){
    string error("verification failed\nSSL_Error: ");
    error.append(ERR_reason_error_string(ERR_get_error()));
    msgHandler->error(error, CRITICAL);
  } else {
    msgHandler->debug("verification successful");
    peerCert  = SSL_get_peer_certificate(ssl);
  }

  msgHandler->debug("trying to get the line");
  /*getting the line*/
  char lineN[6];
  X509_NAME* name = X509_get_subject_name(peerCert);
  X509_NAME_get_text_by_NID(name, NID_organizationalUnitName, lineN, 6);
  string line("line is: ");
  line.append(lineN);
  msgHandler->debug(line);

  /*example use of the connection (echoing the incoming msg)*/
  char buffer[1024];
  bzero(buffer, 1024);
  SSL_read(ssl, buffer, 1024);
  string debug("message received: ");
  debug.append(buffer);
  msgHandler->debug(debug);
  SSL_write(ssl, buffer, 1024);

  /*closing the connection*/
  BIO_reset(client);
  X509_free(peerCert);
  return NULL;
}
开发者ID:MoePad,项目名称:Projektbericht_3,代码行数:60,代码来源:connectionHandler.cpp


示例13: scm_tls_get_cipher_info

SCM scm_tls_get_cipher_info(SCM tls_smob){
  scm_assert_smob_type(tls_tag, tls_smob);
  BIO *bio = (BIO*)SCM_SMOB_DATA(tls_smob);
  SSL *ssl;
  BIO_get_ssl(bio, &ssl);

  //I'm not sure if scheme copies c strings or not, so make this static
  //so it stays valid regardless.
  static char cipher_buf[128];
  SSL_CIPHER *cipher = SSL_get_current_cipher(ssl);
  SSL_CIPHER_description(cipher, cipher_buf, 128);
  return scm_from_utf8_string(cipher_buf);
}
开发者ID:hitchiker42,项目名称:my-code,代码行数:13,代码来源:vndb_guile.c


示例14: LUA_FUNCTION

static LUA_FUNCTION(openssl_bio_get_ssl)
{
  BIO* bio = CHECK_OBJECT(1, BIO, "openssl.bio");
  SSL* ssl = NULL;
  int ret = BIO_get_ssl(bio, &ssl);
  if (ret == 1)
  {
    openssl_newvalue(L, ssl);
    PUSH_OBJECT(ssl, "openssl.ssl");
    openssl_refrence(L, ssl, +1);
    return 1;
  }
  return 0;
}
开发者ID:Shaddy1884,项目名称:lua-openssl,代码行数:14,代码来源:bio.c


示例15: mongoc_stream_tls_check_cert

/**
 * mongoc_stream_tls_check_cert:
 *
 * check the cert returned by the other party
 */
bool
mongoc_stream_tls_check_cert (mongoc_stream_t *stream,
                              const char      *host)
{
   mongoc_stream_tls_t *tls = (mongoc_stream_tls_t *)stream;
   SSL *ssl;

   BSON_ASSERT (tls);
   BSON_ASSERT (host);

   BIO_get_ssl (tls->bio, &ssl);

   return _mongoc_ssl_check_cert (ssl, host, tls->weak_cert_validation);
}
开发者ID:jeromelebel,项目名称:mongo-c-driver,代码行数:19,代码来源:mongoc-stream-tls.c


示例16: oh_ssl_disconnect

/**
 * oh_ssl_disconnect
 * @bio:        pointer to a BIO as returned by oh_ssl_connect()
 * @shutdown:   Selects a uni-directional or bi-directional SSL shutdown.
 *              See the SSL_shutdown() man page.
 *
 * Close the SSL connection and free the memory associated with it.
 *
 * Return value: 0 for success, -1 for failure
 **/
int             oh_ssl_disconnect(BIO *bio, enum OH_SSL_SHUTDOWN_TYPE shutdown)
{
        SSL             *ssl;
        int             ret, fd;

        if (bio == NULL) {
                CRIT("NULL bio in oh_ssl_disconnect()");
                return(-1);
        }

        /* Shut down the SSL connection.  This may involve a handshake with
         * the server.
         */
        BIO_get_ssl(bio, &ssl);
        if (ssl == NULL) {
                CRIT("BIO_get_ssl() failed");
                return(-1);
        }
        ret = SSL_shutdown(ssl);
        if (ret == -1) {
                CRIT("SSL_shutdown() failed");
                /* Continuing on to free BIO memory */
        }
        else if ((ret == 0) && (shutdown == OH_SSL_BI)) {
                /* Still need stage 2 shutdown (see SSL_shutdown() man page) */
                ret = SSL_shutdown(ssl);
                if (ret == -1) {
                        CRIT("SSL_shutdown() failed");
                        /* Continuing on to free BIO memory */
                }
                else if (ret == 0) {
                        CRIT("stage 2 of SSL_shutdown() failed");
                        /* Continuing on to free BIO memory */
                }
        }
        /* Close the socket */
        fd = SSL_get_fd(ssl);
        if (fd == -1) {
                CRIT("SSL_get_fd() failed");
                return(-1);
        }
        close(fd);

        /* Free the connection */
        BIO_free_all(bio);

        return(0);
}
开发者ID:openhpi1,项目名称:testrepo,代码行数:58,代码来源:oh_ssl.c


示例17: init_ctx

bool tls_socket::set_hostname(const char* sAddr)
{
	sock_closed = false;
	if(ctx == nullptr)
	{
		init_ctx();
		if(ctx == nullptr)
		{
			print_error();
			return false;
		}
	}

	if((bio = BIO_new_ssl_connect(ctx)) == nullptr)
	{
		print_error();
		return false;
	}

	int flag = 1;
	/* If it fails, it fails, we won't loose too much sleep over it */
	setsockopt(BIO_get_fd(bio, nullptr), IPPROTO_TCP, TCP_NODELAY, (char *) &flag, sizeof(int));

	if(BIO_set_conn_hostname(bio, sAddr) != 1)
	{
		print_error();
		return false;
	}

	BIO_get_ssl(bio, &ssl);
	if(ssl == nullptr)
	{
		print_error();
		return false;
	}

	if(jconf::inst()->TlsSecureAlgos())
	{
		if(SSL_set_cipher_list(ssl, "HIGH:!aNULL:!PSK:!SRP:!MD5:!RC4:!SHA1") != 1)
		{
			print_error();
			return false;
		}
	}

	return true;
}
开发者ID:Oky12,项目名称:xmr-stak,代码行数:47,代码来源:socket.cpp


示例18: connect_encrypted

/**
 * Connect to a host using an encrypted stream
 */
BIO* connect_encrypted(char* host_and_port, char* store_path, char store_type, SSL_CTX** ctx, SSL** ssl) {

    BIO* bio = NULL;
    int r = 0;

    /* Set up the SSL pointers */
    *ctx = SSL_CTX_new(SSLv23_client_method());
    *ssl = NULL;

    /* Load the trust store from the pem location in argv[2] */
    if (store_type == 'f')
        r = SSL_CTX_load_verify_locations(*ctx, store_path, NULL);
    else
        r = SSL_CTX_load_verify_locations(*ctx, NULL, store_path);
    if (r == 0) {

        print_ssl_error_2("Unable to load the trust store from %s.\n", store_path, stdout);
        return NULL;
    }

    /* Setting up the BIO SSL object */
    bio = BIO_new_ssl_connect(*ctx);
    BIO_get_ssl(bio, ssl);
    if (!(*ssl)) {

        print_ssl_error("Unable to allocate SSL pointer.\n", stdout);
        return NULL;
    }
    SSL_set_mode(*ssl, SSL_MODE_AUTO_RETRY);

    /* Attempt to connect */
    BIO_set_conn_hostname(bio, host_and_port);

    /* Verify the connection opened and perform the handshake */
    if (BIO_do_connect(bio) < 1) {

        print_ssl_error_2("Unable to connect BIO.%s\n", host_and_port, stdout);
        return NULL;
    }

    if (SSL_get_verify_result(*ssl) != X509_V_OK) {

        print_ssl_error("Unable to verify connection result.\n", stdout);
    }

    return bio;
}
开发者ID:eltommo,项目名称:licenceliber,代码行数:50,代码来源:example_client.c


示例19: openssl_ssl_ctx_new_bio

static int openssl_ssl_ctx_new_bio(lua_State*L)
{
  SSL_CTX* ctx = CHECK_OBJECT(1, SSL_CTX, "openssl.ssl_ctx");
  const char* host_addr = luaL_checkstring(L, 2);
  int server = lua_isnoneornil(L, 3) ? 0 : auxiliar_checkboolean(L, 3);
  int autoretry = lua_isnoneornil(L, 4) ? 1 : auxiliar_checkboolean(L, 4);

  SSL *ssl = NULL;
  BIO *bio = server ? BIO_new_ssl(ctx, 0) : BIO_new_ssl_connect(ctx);
  int ret = BIO_get_ssl(bio, &ssl);
  if (ret == 1 && ssl)
  {
    if (autoretry)
      SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
    if (server)
    {
      BIO* acpt = BIO_new_accept((char*)host_addr);
      BIO_set_accept_bios(acpt, bio);
      bio = acpt;
    }
    else
    {
      ret = BIO_set_conn_hostname(bio, host_addr);
    }
    if (ret == 1)
    {
      PUSH_OBJECT(bio, "openssl.bio");
      openssl_newvalue(L, bio);

      lua_pushboolean(L, 1);
      openssl_setvalue(L, bio, "free_all");

      return 1;
    }
    else
      return openssl_pushresult(L, ret);
  }
  else
  {
    BIO_free(bio);
    bio = NULL;
    return 0;
  }
}
开发者ID:witchu,项目名称:lua-openssl,代码行数:44,代码来源:ssl.c


示例20: init_ctx

bool tls_socket::set_hostname(const char* sAddr)
{
	if(ctx == nullptr)
	{
		init_ctx();
		if(ctx == nullptr)
		{
			print_error();
			return false;
		}
	}

	if((bio = BIO_new_ssl_connect(ctx)) == nullptr)
	{
		print_error();
		return false;
	}

	if(BIO_set_conn_hostname(bio, sAddr) != 1)
	{
		print_error();
		return false;
	}

	BIO_get_ssl(bio, &ssl);
	if(ssl == nullptr)
	{
		print_error();
		return false;
	}

	if(jconf::inst()->TlsSecureAlgos())
	{
		if(SSL_set_cipher_list(ssl, "HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4:!SHA1") != 1)
		{
			print_error();
			return false;
		}
	}

	return true;
}
开发者ID:baudy2,项目名称:xmr-stak,代码行数:42,代码来源:socket.cpp



注:本文中的BIO_get_ssl函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
C++ BIO_gets函数代码示例发布时间:2022-05-30
下一篇:
C++ BIO_get_mem_ptr函数代码示例发布时间:2022-05-30
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap