一些OpenSSL源神秘地不工作 [英] Some OpenSSL source that mysteriously doesn't work
问题描述
这让我爬上了墙。我找不到为什么这个源不打开一个套接字。它很简单,但不工作。有人可以帮我这个吗?感谢您的考虑! BTW:我没有在屏幕上的文本,它阻止与BIO_do_accept()函数。
This has me crawling up the walls. I can't find out why this source doesn't open a socket. It's simple enough but doesn't work. Can someone please help me with this? Thanks for your consideration! BTW: I get no text on the screen and it blocks with the BIO_do_accept() function.
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/ssl.h>
#include <openssl/x509v3.h>
#include <iostream>
#include <process.h>
using namespace std;
int main() {
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
BIO *abio, *cbio, *cbio2;
ERR_load_crypto_strings();
abio = BIO_new_accept("4444");
/* First call to BIO_accept() sets up accept BIO */
if(BIO_do_accept(abio) <= 0) {
fprintf(stderr, "Error setting up accept\n");
ERR_print_errors_fp(stderr);
exit(0);
}
/* Wait for incoming connection */
if(BIO_do_accept(abio) <= 0) {
fprintf(stderr, "Error accepting connection\n");
ERR_print_errors_fp(stderr);
exit(0);
}
fprintf(stderr, "Connection 1 established\n");
/* Retrieve BIO for connection */
cbio = BIO_pop(abio);
BIO_puts(cbio, "Connection 1: Sending out Data on initial connection\n");
fprintf(stderr, "Sent out data on connection 1\n");
}
推荐答案
cygwin,已安装gcc 4.5.3和openssl-devel 1.0.1)
I just tested this (on cygwin, with gcc 4.5.3 and openssl-devel 1.0.1 installed)
您的 在聊天中发布的代码 编译
Your code posted in chat compiled with
g++ -std=c++0x ./test.cpp -lssl -lcrypto -o test
代码明显无效,因为代码引用 server.crt
和 server.key
:
The resulting code obviously doesn't work, because the code refers to server.crt
and server.key
:
openssl genrsa -out server.key 1024
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
使用未保护的密钥创建自签名证书(您可以使用 genrsa -des3
向密钥添加密码短语)。
Creates a selfsigned certificate with unprotected key (you'd use genrsa -des3
to add a passphrase to the key).
现在,我可以正确测试:
Now, I could test it properly:
test& # in the background
openssl s_client -connect localhost:12120
的启用SSL的 telnet
客户端,它工作得很好。
This lands you in a kind of SSL-enabled telnet
client and it worked nicely.
这篇关于一些OpenSSL源神秘地不工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!