CURLINFO_SSL_ENGINES不列出openssl引擎 [英] CURLINFO_SSL_ENGINES don't list openssl engine
问题描述
我尝试使用带有卷曲的引擎pkcs11.
I try to use engine pkcs11 with curl.
首先,我将引擎pkcs11添加到openssl.
Firstly, I add my engine pkcs11 to openssl.
int initEngine()
{
ENGINE_load_builtin_engines();
ENGINE *e;
display_engine_list();
e = ENGINE_by_id("dynamic");
if(!e)
{
return -1;
}
if(!ENGINE_ctrl_cmd_string(e, "SO_PATH", ENGINE_SO_PATH, 0))
{
return -2;
}
if(!ENGINE_ctrl_cmd_string(e, "ID", "pkcs11", 0))
{
return -3;
}
if(!ENGINE_ctrl_cmd_string(e, "LIST_ADD", "1", 0))
{
return -4;
}
if(!ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 1))
{
return -5;
}
if(!ENGINE_ctrl_cmd_string(e, "MODULE_PATH", NOM_LIB_CPS_PKCS_V5, 0))
{
return -6;
}
if(!ENGINE_init(e))
{
ENGINE_free(e);
return -8;
}
ENGINE_free(e);
display_engine_list();
return 0;
}
此部分有效:
engine 0, id = "rdrand", name = "Intel RDRAND engine"
engine 1, id = "dynamic", name = "Dynamic engine loading support"
engine 2, id = "pkcs11", name = "pkcs11 engine"
然后我要配置curl以使用它.
Then I want configure curl to use this.
int InitSsl(const char *CACertificat, const char *certificat)
{
CURLcode res = CURLE_OK;
if ( NULL != curl )
{
struct curl_slist *engines = NULL;
curl_easy_getinfo(curl, CURLINFO_SSL_ENGINES, &engines);
for ( ; engines; engines = engines->next)
{
fprintf (stderr," %s\n", engines->data);
}
curl_slist_free_all(engines);
if ( res == CURLE_OK )
res = curl_easy_setopt(curl,CURLOPT_SSLVERSION,CURL_SSLVERSION_TLSv1);
if ( res == CURLE_OK )
res = curl_easy_setopt(curl,CURLOPT_SSLCERT,certificat);
if ( res == CURLE_OK )
res = curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
if ( res == CURLE_OK )
res = curl_easy_setopt(curl,CURLOPT_SSLKEY,"xxxxxx");
if ( res == CURLE_OK )
res = curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,"ENG");
if ( res == CURLE_OK )
res = curl_easy_setopt(curl, CURLOPT_SSLENGINE, "pkcs11");
if ( res == CURLE_OK )
res = curl_easy_setopt(curl,CURLOPT_CAINFO, CACertificat);
if ( res == CURLE_OK )
res = curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, true);
if ( res == CURLE_OK )
res = curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2);
if ( res == CURLE_OK )
res = curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1);
}
return res;
}
控制台上未显示任何引擎.我有错误:
No engine is displayed on console. I have the error :
Erreur num 53 : SSL crypto engine not found
引擎似乎没有卷曲.
当我在命令行上尝试时,我有:
When I try on command line, I have :
> curl.exe --version
curl 7.60.0 (i386-pc-win32) libcurl/7.60.0 OpenSSL/1.0.2o WinIDN
Release-Date: 2018-05-16
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL HTTPS-proxy
> curl.exe --engine list
Build-time engines:
<none>
> openssl engine -t
(rdrand) Intel RDRAND engine
[ available ]
(dynamic) Dynamic engine loading support
[ unavailable ]
(pkcs11) pkcs11 engine
[ available ]
对于此测试,我使用openssl构建curl:nmake/f Makefile.vc模式= dll WITH_SSL = dll SSL_PATH = C:\ OpenSSL-Win32
For this test, I have build curl with openssl : nmake /f Makefile.vc mode=dll WITH_SSL=dll SSL_PATH=C:\OpenSSL-Win32
如果我安装带有openssl支持的curl并将引擎设置在OPENSSL_CONF文件上,则没有问题.
If I install curl with openssl support and I set my engine on OPENSSL_CONF file, I have no problem.
我的测试是在Windows 10下进行的.
My test is under Windows 10.
推荐答案
我找到了解决方案.默认情况下,未在config-win32.h上定义HAVE_OPENSSL_ENGINE_H.我已经编辑了此文件,并且可以正常工作.
I find the solution. By default HAVE_OPENSSL_ENGINE_H isn't defined on config-win32.h. I have edited this file and it works.
这篇关于CURLINFO_SSL_ENGINES不列出openssl引擎的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
