云南建设企业网站,响应式网站 软件,怎么用记事本做钓鱼网站,dede医院网站模板文章目录 openssl3.2 - 官方demo学习 - server-arg.c概述笔记备注END openssl3.2 - 官方demo学习 - server-arg.c
概述
TLS服务器, 等客户端来连接; 如果客户端断开了, 通过释放bio来释放客户端socket, 然后继续通过bio读来aceept.
笔记
对于开源工程, 不可能有作者那么熟悉… 文章目录 openssl3.2 - 官方demo学习 - server-arg.c概述笔记备注END openssl3.2 - 官方demo学习 - server-arg.c
概述
TLS服务器, 等客户端来连接; 如果客户端断开了, 通过释放bio来释放客户端socket, 然后继续通过bio读来aceept.
笔记
对于开源工程, 不可能有作者那么熟悉, 变量命名需要改下有利于理解逻辑. VS2019带的变量改名功能挺好的. 过了一遍的程序:
/*!
\file server-arg.c
\brief TLS服务器, 等客户端来连接; 如果客户端断开了, 通过释放bio来释放客户端socket, 然后继续通过bio读来aceept.
*//** Copyright 2013-2017 The OpenSSL Project Authors. All Rights Reserved.** Licensed under the Apache License 2.0 (the License). You may not use* this file except in compliance with the License. You can obtain a copy* in the file LICENSE in the source distribution or at* https://www.openssl.org/source/license.html*//** A minimal program to serve an SSL connection. It uses blocking. It use the* SSL_CONF API with the command line. cc -I../../include server-arg.c* -L../.. -lssl -lcrypto -ldl*/#include stdio.h
#include string.h
#include signal.h
#include stdlib.h
#include openssl/err.h
#include openssl/ssl.h#include my_openSSL_lib.hint main(int argc, char *argv[])
{char *psz_port *:4433;BIO *bio_ssl, *bio_tmp;SSL_CTX *ctx_ssl;SSL_CONF_CTX *ctx_ssl_cfg;char buf[512];BIO *bio_in NULL;int ret EXIT_FAILURE, i;char **args argv 1;int nargs argc - 1;ctx_ssl SSL_CTX_new(TLS_server_method());ctx_ssl_cfg SSL_CONF_CTX_new();SSL_CONF_CTX_set_flags(ctx_ssl_cfg, SSL_CONF_FLAG_SERVER);SSL_CONF_CTX_set_flags(ctx_ssl_cfg, SSL_CONF_FLAG_CERTIFICATE);SSL_CONF_CTX_set_ssl_ctx(ctx_ssl_cfg, ctx_ssl);while (*args **args -) {int rv;/* Parse standard arguments */rv SSL_CONF_cmd_argv(ctx_ssl_cfg, nargs, args);if (rv -3) {fprintf(stderr, Missing argument for %s\n, *args);goto err;}if (rv 0) {fprintf(stderr, Error in command %s\n, *args);ERR_print_errors_fp(stderr);goto err;}/* If rv 0 we processed something so proceed to next arg */if (rv 0)continue;/* Otherwise application specific argument processing */if (strcmp(*args, -port) 0) {psz_port args[1];if (psz_port NULL) {fprintf(stderr, Missing -port argument\n);goto err;}args 2;nargs - 2;continue;} else {fprintf(stderr, Unknown argument %s\n, *args);goto err;}}if (!SSL_CONF_CTX_finish(ctx_ssl_cfg)) {fprintf(stderr, Finish error\n);ERR_print_errors_fp(stderr);goto err;}
#ifdef ITERATE_CERTS/** Demo of how to iterate over all certificates in an SSL_CTX structure.*/{X509 *x;int rv;rv SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST);while (rv) {X509 *x SSL_CTX_get0_certificate(ctx);X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0,XN_FLAG_ONELINE);printf(\n);rv SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT);}fflush(stdout);}
#endif/* Setup server side SSL bio */bio_ssl BIO_new_ssl(ctx_ssl, 0);if ((bio_in BIO_new_accept(psz_port)) NULL)goto err;/** This means that when a new connection is accepted on in, The ssl_bio* will be duplicated and have the new socket BIO push into it.* Basically it means the SSL BIO will be automatically setup*/BIO_set_accept_bios(bio_in, bio_ssl);again:/** The first call will setup the accept socket, and the second will get a* socket. In this loop, the first actual accept will occur in the* BIO_read() function.*/if (BIO_do_accept(bio_in) 0)goto err;for (;;) {i BIO_read(bio_in, buf, 512); /*! 阻塞的读客户端连上服务器发来的信息, 如果此时没有客户端连接, 阻塞在这里 */if (i 0) {/** If we have finished, remove the underlying BIO stack so the* next time we call any function for this BIO, it will attempt* to do an accept*/printf(Done\n);bio_tmp BIO_pop(bio_in);BIO_free_all(bio_tmp);goto again;}if (i 0)goto err;fwrite(buf, 1, i, stdout);fflush(stdout);}ret EXIT_SUCCESS;err:if (ret ! EXIT_SUCCESS)ERR_print_errors_fp(stderr);BIO_free(bio_in);return ret;
}
备注
如果只是为了将库用起来, 库实现, 我们不用去看. 在官方给的demo中, 哪个API不知道啥意思, 去本地帮助中去查, 或者去网上去查. 知道意思就行. 防止逻辑理解不正确.
END
