临沂设计网站的公司,周大福网站建设主要工作,成都装修设计公司,wordpress 搭建平台文章目录 openssl3.2 - 官方dmeo学习 - server-cmod.c概述配置文件格式样例笔记END openssl3.2 - 官方dmeo学习 - server-cmod.c
概述
从配置文件中读参数, 建立TLS服务器, 死等客户端来连接. 客户端连接后, 打印客户端发来的内容. 配置文件格式有要求
配置文件格式样例
# … 文章目录 openssl3.2 - 官方dmeo学习 - server-cmod.c概述配置文件格式样例笔记END openssl3.2 - 官方dmeo学习 - server-cmod.c
概述
从配置文件中读参数, 建立TLS服务器, 死等客户端来连接. 客户端连接后, 打印客户端发来的内容. 配置文件格式有要求
配置文件格式样例
# Example config module configuration# Name supplied by application to CONF_modules_load_file
# and section containing configuration
testapp test_sect# Comment out the next line to ignore configuration errors
config_diagnostics 1[test_sect]
# list of configuration modules# SSL configuration module
ssl_conf ssl_sect[ssl_sect]
# list of SSL configurations
server server_sect[server_sect]
# Only support 3 curves
Curves P-521:P-384:P-256
# Restricted signature algorithms
SignatureAlgorithms RSASHA512:ECDSASHA512
# Certificates and keys
RSA.Certificateserver.pem
ECDSA.Certificateserver-ec.pem
如果exe同级目录的2个.pem没摆全, 从配置文件中读取配置建立TLS服务器就会失败.
笔记
/*!
\file server-cmod.c
\brief 从配置文件中读参数, 建立TLS服务器, 死等客户端来连接. 客户端连接后, 打印客户端发来的内容.配置文件格式有要求
*//** Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.** Licensed under the Apache License 2.0 (the License). You may not use* this file except in compliance with the License. You can obtain a copy* in the file LICENSE in the source distribution or at* https://www.openssl.org/source/license.html*//** A minimal TLS server it ses SSL_CTX_config and a configuration file to* set most server parameters.*/#include stdio.h
#include signal.h
#include stdlib.h
#include openssl/err.h
#include openssl/ssl.h
#include openssl/conf.h#include my_openSSL_lib.hint main(int argc, char *argv[])
{unsigned char buf[512];char *psz_port *:4433;BIO *bio_in NULL;BIO *bio_ssl, *bio_tmp;SSL_CTX *ctx_ssl;int ret EXIT_FAILURE, i;ctx_ssl SSL_CTX_new(TLS_server_method());/*! testapp test_sect */if (CONF_modules_load_file(cmod.cnf, testapp, 0) 0) {fprintf(stderr, Error processing config file\n);goto err;}/*!如果配置文件中指定的pem没放到程序工作目录, 会失败RSA.Certificateserver.pemECDSA.Certificateserver-ec.pem*/if (SSL_CTX_config(ctx_ssl, server) 0) {fprintf(stderr, Error configuring server.\n);goto err;}/* Setup server side SSL bio */bio_ssl BIO_new_ssl(ctx_ssl, 0);if ((bio_in BIO_new_accept(psz_port)) NULL)goto err;/** This means that when a new connection is accepted on in, The ssl_bio* will be duplicated and have the new socket BIO push into it.* Basically it means the SSL BIO will be automatically setup*/BIO_set_accept_bios(bio_in, bio_ssl);again:/** The first call will setup the accept socket, and the second will get a* socket. In this loop, the first actual accept will occur in the* BIO_read() function.*/if (BIO_do_accept(bio_in) 0)goto err;for (;;) {i BIO_read(bio_in, buf, sizeof(buf));if (i 0) {/** If we have finished, remove the underlying BIO stack so the* next time we call any function for this BIO, it will attempt* to do an accept*/printf(Done\n);bio_tmp BIO_pop(bio_in);BIO_free_all(bio_tmp);goto again;}if (i 0) {if (BIO_should_retry(bio_in))continue;goto err;}fwrite(buf, 1, i, stdout);fflush(stdout);}ret EXIT_SUCCESS;err:if (ret ! EXIT_SUCCESS)ERR_print_errors_fp(stderr);BIO_free(bio_in);return ret;
}
END
