一些OpenSSL源神秘地不工作 [英] Some OpenSSL source that mysteriously doesn't work

问题描述

这让我爬上了墙。我找不到为什么这个源不打开一个套接字。它很简单，但不工作。有人可以帮我这个吗？感谢您的考虑！ BTW：我没有在屏幕上的文本，它阻止与BIO_do_accept（）函数。

This has me crawling up the walls. I can't find out why this source doesn't open a socket. It's simple enough but doesn't work. Can someone please help me with this? Thanks for your consideration! BTW: I get no text on the screen and it blocks with the BIO_do_accept() function.

#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
#include <openssl/x509v3.h>

#include <iostream>
#include <process.h>
using namespace std;

int main()  {

    SSL_load_error_strings();
    SSL_library_init();
    OpenSSL_add_all_algorithms();

    BIO *abio, *cbio, *cbio2;
    ERR_load_crypto_strings();
    abio = BIO_new_accept("4444");

    /* First call to BIO_accept() sets up accept BIO */
    if(BIO_do_accept(abio) <= 0) {
        fprintf(stderr, "Error setting up accept\n");
        ERR_print_errors_fp(stderr);
        exit(0);
    }

    /* Wait for incoming connection */
    if(BIO_do_accept(abio) <= 0) {
        fprintf(stderr, "Error accepting connection\n");
        ERR_print_errors_fp(stderr);
        exit(0);
    }

    fprintf(stderr, "Connection 1 established\n");
    /* Retrieve BIO for connection */
    cbio = BIO_pop(abio);
    BIO_puts(cbio, "Connection 1: Sending out Data on initial connection\n");
    fprintf(stderr, "Sent out data on connection 1\n");
}

推荐答案

cygwin，已安装gcc 4.5.3和openssl-devel 1.0.1）

I just tested this (on cygwin, with gcc 4.5.3 and openssl-devel 1.0.1 installed)

您的 在聊天中发布的代码 编译

Your code posted in chat compiled with

g++ -std=c++0x ./test.cpp -lssl -lcrypto  -o test

代码明显无效，因为代码引用 server.crt 和 server.key ：

The resulting code obviously doesn't work, because the code refers to server.crt and server.key:

openssl genrsa -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

使用未保护的密钥创建自签名证书（您可以使用 genrsa -des3 向密钥添加密码短语）。

Creates a selfsigned certificate with unprotected key (you'd use genrsa -des3 to add a passphrase to the key).

现在，我可以正确测试：

Now, I could test it properly:

test& # in the background
openssl s_client -connect localhost:12120

的启用SSL的 telnet 客户端，它工作得很好。

This lands you in a kind of SSL-enabled telnet client and it worked nicely.

这篇关于一些OpenSSL源神秘地不工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！