openssl编程之服务端

最新推荐文章于 2024-07-15 16:40:48 发布
最新推荐文章于 2024-07-15 16:40:48 发布
阅读量670 收藏
点赞数
分类专栏: 负载均衡相关

 
继续上篇博客,我们有了openssl的客户端程序,本篇博文将详细介绍服务端的openssl编程 
服务端使用的证书相关文件:ca.crt,server.crt,server.key,关于证书和key的生成,请参考:http://blog.csdn.net/fly2010love/article/details/46415307 
程序如下:

<code class="hljs cpp has-numbering" style="display: block; padding: 0px; color: inherit; box-sizing: border-box; font-family: 'Source Code Pro', monospace;font-size:undefined; white-space: pre; border-radius: 0px; word-wrap: normal; background: transparent;"><span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include "openssl/bio.h"  </span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include "openssl/ssl.h"  </span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include "openssl/err.h" </span>

<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include <sys/types.h></span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#ifndef WIN32</span>
    <span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include <sys/socket.h></span>
    <span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include <netinet/in.h></span>
    <span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include <arpa/inet.h></span>
    <span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include <unistd.h></span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#else</span>
    <span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#define close(x) closesocket(x)</span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#endif</span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#include <cstdio></span>

<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#define SERVER_PORT 8080</span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#define CA_CERT_FILE "server/ca.crt"</span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#define SERVER_CERT_FILE "server/server.crt"</span>
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#define SERVER_KEY_FILE "server/server.key"</span>

<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">typedef</span> <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">struct</span> sockaddr SA;
<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> TcpInit()
{
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> listener;
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">do</span>{
        listener = ::socket(AF_INET, SOCK_STREAM, <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>( listener == -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span> )
            <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">false</span>;

        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">struct</span> sockaddr_in <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">sin</span>;
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">sin</span>.sin_family = AF_INET;
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">sin</span>.sin_addr.s_addr = <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>;
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">sin</span>.sin_port = htons(SERVER_PORT);

        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>( ::bind(listener, (SA*)&<span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">sin</span>, <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">sizeof</span>(<span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">sin</span>)) < <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span> )
            <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">break</span>;

        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>( ::listen(listener, <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">5</span>) < <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>)
            <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">break</span>;

        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> listener;
    }<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">while</span>(<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>);

    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
}

<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> main(<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> argc, <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">char</span> **argv)  
{  
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#ifdef WIN32</span>
    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">//windows初始化网络环境</span>
    WSADATA wsaData;
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> iResult = WSAStartup(MAKEWORD(<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">2</span>, <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">2</span>), &wsaData);
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span> (iResult != NO_ERROR)
    {
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"Error at WSAStartup()\n"</span>);
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">exit</span>(-<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>);
    }
    <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"Server Running in WONDOWS\n"</span>);
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#else</span>
    <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"Server Running in LINUX\n"</span>);
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#endif</span>

    SSL_CTX     *ctx;  
    SSL         *ssl;  
    X509        *client_cert;  
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">char</span> szBuffer[<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1024</span>];  
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> nLen;  
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">struct</span> sockaddr_in addr;   
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> nListenFd, nAcceptFd;  

    nListenFd = TcpInit();
    SSLeay_add_ssl_algorithms();  
    OpenSSL_add_all_algorithms();  
    SSL_load_error_strings();  
    ERR_load_BIO_strings();  

    <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">memset</span>(&addr, <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>, <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">sizeof</span>(addr));
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#ifndef WIN32</span>
    socklen_t len  = <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">sizeof</span>(addr);
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#else</span>
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> len = <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">sizeof</span>(addr);
<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;">#endif</span>
    nAcceptFd = accept(nListenFd, (<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">struct</span> sockaddr *)&addr, &len);   
    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">//int iMode = 1;</span>
    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">//int iret = ioctlsocket(nAcceptFd, FIONBIO, (u_long FAR*)&iMode); </span>
    ctx = SSL_CTX_new (SSLv23_method());
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>( ctx == NULL)
    {
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"SSL_CTX_new error!\n"</span>);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
    }

    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 是否要求校验对方证书 此处不验证客户端身份所以为: SSL_VERIFY_NONE</span>
    SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);  

    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 加载CA的证书  </span>
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>(!SSL_CTX_load_verify_locations(ctx, CA_CERT_FILE, NULL))
    {
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"SSL_CTX_load_verify_locations error!\n"</span>);
        ERR_print_errors_fp(stderr);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
    }

    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 加载自己的证书  </span>
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>(SSL_CTX_use_certificate_file(ctx, SERVER_CERT_FILE, SSL_FILETYPE_PEM) <= <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>)
    {
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"SSL_CTX_use_certificate_file error!\n"</span>);
        ERR_print_errors_fp(stderr);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
    }

    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 加载自己的私钥  私钥的作用是,ssl握手过程中,对客户端发送过来的随机</span>
    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">//消息进行加密,然后客户端再使用服务器的公钥进行解密,若解密后的原始消息跟</span>
    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">//客户端发送的消息一直,则认为此服务器是客户端想要链接的服务器</span>
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>(SSL_CTX_use_PrivateKey_file(ctx, SERVER_KEY_FILE, SSL_FILETYPE_PEM) <= <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>)
    {
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"SSL_CTX_use_PrivateKey_file error!\n"</span>);
        ERR_print_errors_fp(stderr);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
    }

    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 判定私钥是否正确  </span>
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>(!SSL_CTX_check_private_key(ctx))
    {
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"SSL_CTX_check_private_key error!\n"</span>);
        ERR_print_errors_fp(stderr);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
    }
    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 将连接付给SSL  </span>
    ssl = SSL_new (ctx);
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>(!ssl)
    {
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"SSL_new error!\n"</span>);
        ERR_print_errors_fp(stderr);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">return</span> -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
    }
    SSL_set_fd (ssl, nAcceptFd); 
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">while</span>(<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>){
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">if</span>(SSL_accept (ssl) != <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>)
    {
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> icode = -<span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">1</span>;
        ERR_print_errors_fp(stderr);
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">int</span> iret = SSL_get_error(ssl, icode);
        <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">printf</span>(<span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"SSL_accept error! code = %d, iret = %d\n"</span>, icode, iret);
    }
    <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">else</span>
        <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">break</span>;
    }

    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 进行操作  </span>
    <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">memset</span>(szBuffer, <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">0</span>, <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">sizeof</span>(szBuffer));  
    nLen = SSL_read(ssl,szBuffer, <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">sizeof</span>(szBuffer));  
    <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">fprintf</span>(stderr, <span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"Get Len %d %s ok\n"</span>, nLen, szBuffer);  
    <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">strcat</span>(szBuffer, <span class="hljs-string" style="color: rgb(0, 136, 0); box-sizing: border-box;">"\n this is from server========server resend to client"</span>);  
    SSL_write(ssl, szBuffer, <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">strlen</span>(szBuffer));  

    <span class="hljs-comment" style="color: rgb(136, 0, 0); box-sizing: border-box;">// 释放资源  </span>
    SSL_free (ssl);  
    SSL_CTX_free (ctx);  
    close(nAcceptFd);  
}  </code><ul class="pre-numbering" style="box-sizing: border-box; position: absolute; width: 50px; top: 0px; left: 0px; margin: 0px; padding: 6px 0px 40px; border-right-width: 1px; border-right-style: solid; border-right-color: rgb(221, 221, 221); list-style: none; text-align: right; background-color: rgb(238, 238, 238);"><li style="box-sizing: border-box; padding: 0px 5px;">1</li><li style="box-sizing: border-box; padding: 0px 5px;">2</li><li style="box-sizing: border-box; padding: 0px 5px;">3</li><li style="box-sizing: border-box; padding: 0px 5px;">4</li><li style="box-sizing: border-box; padding: 0px 5px;">5</li><li style="box-sizing: border-box; padding: 0px 5px;">6</li><li style="box-sizing: border-box; padding: 0px 5px;">7</li><li style="box-sizing: border-box; padding: 0px 5px;">8</li><li style="box-sizing: border-box; padding: 0px 5px;">9</li><li style="box-sizing: border-box; padding: 0px 5px;">10</li><li style="box-sizing: border-box; padding: 0px 5px;">11</li><li style="box-sizing: border-box; padding: 0px 5px;">12</li><li style="box-sizing: border-box; padding: 0px 5px;">13</li><li style="box-sizing: border-box; padding: 0px 5px;">14</li><li style="box-sizing: border-box; padding: 0px 5px;">15</li><li style="box-sizing: border-box; padding: 0px 5px;">16</li><li style="box-sizing: border-box; padding: 0px 5px;">17</li><li style="box-sizing: border-box; padding: 0px 5px;">18</li><li style="box-sizing: border-box; padding: 0px 5px;">19</li><li style="box-sizing: border-box; padding: 0px 5px;">20</li><li style="box-sizing: border-box; padding: 0px 5px;">21</li><li style="box-sizing: border-box; padding: 0px 5px;">22</li><li style="box-sizing: border-box; padding: 0px 5px;">23</li><li style="box-sizing: border-box; padding: 0px 5px;">24</li><li style="box-sizing: border-box; padding: 0px 5px;">25</li><li style="box-sizing: border-box; padding: 0px 5px;">26</li><li style="box-sizing: border-box; padding: 0px 5px;">27</li><li style="box-sizing: border-box; padding: 0px 5px;">28</li><li style="box-sizing: border-box; padding: 0px 5px;">29</li><li style="box-sizing: border-box; padding: 0px 5px;">30</li><li style="box-sizing: border-box; padding: 0px 5px;">31</li><li style="box-sizing: border-box; padding: 0px 5px;">32</li><li style="box-sizing: border-box; padding: 0px 5px;">33</li><li style="box-sizing: border-box; padding: 0px 5px;">34</li><li style="box-sizing: border-box; padding: 0px 5px;">35</li><li style="box-sizing: border-box; padding: 0px 5px;">36</li><li style="box-sizing: border-box; padding: 0px 5px;">37</li><li style="box-sizing: border-box; padding: 0px 5px;">38</li><li style="box-sizing: border-box; padding: 0px 5px;">39</li><li style="box-sizing: border-box; padding: 0px 5px;">40</li><li style="box-sizing: border-box; padding: 0px 5px;">41</li><li style="box-sizing: border-box; padding: 0px 5px;">42</li><li style="box-sizing: border-box; padding: 0px 5px;">43</li><li style="box-sizing: border-box; padding: 0px 5px;">44</li><li style="box-sizing: border-box; padding: 0px 5px;">45</li><li style="box-sizing: border-box; padding: 0px 5px;">46</li><li style="box-sizing: border-box; padding: 0px 5px;">47</li><li style="box-sizing: border-box; padding: 0px 5px;">48</li><li style="box-sizing: border-box; padding: 0px 5px;">49</li><li style="box-sizing: border-box; padding: 0px 5px;">50</li><li style="box-sizing: border-box; padding: 0px 5px;">51</li><li style="box-sizing: border-box; padding: 0px 5px;">52</li><li style="box-sizing: border-box; padding: 0px 5px;">53</li><li style="box-sizing: border-box; padding: 0px 5px;">54</li><li style="box-sizing: border-box; padding: 0px 5px;">55</li><li style="box-sizing: border-box; padding: 0px 5px;">56</li><li style="box-sizing: border-box; padding: 0px 5px;">57</li><li style="box-sizing: border-box; padding: 0px 5px;">58</li><li style="box-sizing: border-box; padding: 0px 5px;">59</li><li style="box-sizing: border-box; padding: 0px 5px;">60</li><li style="box-sizing: border-box; padding: 0px 5px;">61</li><li style="box-sizing: border-box; padding: 0px 5px;">62</li><li style="box-sizing: border-box; padding: 0px 5px;">63</li><li style="box-sizing: border-box; padding: 0px 5px;">64</li><li style="box-sizing: border-box; padding: 0px 5px;">65</li><li style="box-sizing: border-box; padding: 0px 5px;">66</li><li style="box-sizing: border-box; padding: 0px 5px;">67</li><li style="box-sizing: border-box; padding: 0px 5px;">68</li><li style="box-sizing: border-box; padding: 0px 5px;">69</li><li style="box-sizing: border-box; padding: 0px 5px;">70</li><li style="box-sizing: border-box; padding: 0px 5px;">71</li><li style="box-sizing: border-box; padding: 0px 5px;">72</li><li style="box-sizing: border-box; padding: 0px 5px;">73</li><li style="box-sizing: border-box; padding: 0px 5px;">74</li><li style="box-sizing: border-box; padding: 0px 5px;">75</li><li style="box-sizing: border-box; padding: 0px 5px;">76</li><li style="box-sizing: border-box; padding: 0px 5px;">77</li><li style="box-sizing: border-box; padding: 0px 5px;">78</li><li style="box-sizing: border-box; padding: 0px 5px;">79</li><li style="box-sizing: border-box; padding: 0px 5px;">80</li><li style="box-sizing: border-box; padding: 0px 5px;">81</li><li style="box-sizing: border-box; padding: 0px 5px;">82</li><li style="box-sizing: border-box; padding: 0px 5px;">83</li><li style="box-sizing: border-box; padding: 0px 5px;">84</li><li style="box-sizing: border-box; padding: 0px 5px;">85</li><li style="box-sizing: border-box; padding: 0px 5px;">86</li><li style="box-sizing: border-box; padding: 0px 5px;">87</li><li style="box-sizing: border-box; padding: 0px 5px;">88</li><li style="box-sizing: border-box; padding: 0px 5px;">89</li><li style="box-sizing: border-box; padding: 0px 5px;">90</li><li style="box-sizing: border-box; padding: 0px 5px;">91</li><li style="box-sizing: border-box; padding: 0px 5px;">92</li><li style="box-sizing: border-box; padding: 0px 5px;">93</li><li style="box-sizing: border-box; padding: 0px 5px;">94</li><li style="box-sizing: border-box; padding: 0px 5px;">95</li><li style="box-sizing: border-box; padding: 0px 5px;">96</li><li style="box-sizing: border-box; padding: 0px 5px;">97</li><li style="box-sizing: border-box; padding: 0px 5px;">98</li><li style="box-sizing: border-box; padding: 0px 5px;">99</li><li style="box-sizing: border-box; padding: 0px 5px;">100</li><li style="box-sizing: border-box; padding: 0px 5px;">101</li><li style="box-sizing: border-box; padding: 0px 5px;">102</li><li style="box-sizing: border-box; padding: 0px 5px;">103</li><li style="box-sizing: border-box; padding: 0px 5px;">104</li><li style="box-sizing: border-box; padding: 0px 5px;">105</li><li style="box-sizing: border-box; padding: 0px 5px;">106</li><li style="box-sizing: border-box; padding: 0px 5px;">107</li><li style="box-sizing: border-box; padding: 0px 5px;">108</li><li style="box-sizing: border-box; padding: 0px 5px;">109</li><li style="box-sizing: border-box; padding: 0px 5px;">110</li><li style="box-sizing: border-box; padding: 0px 5px;">111</li><li style="box-sizing: border-box; padding: 0px 5px;">112</li><li style="box-sizing: border-box; padding: 0px 5px;">113</li><li style="box-sizing: border-box; padding: 0px 5px;">114</li><li style="box-sizing: border-box; padding: 0px 5px;">115</li><li style="box-sizing: border-box; padding: 0px 5px;">116</li><li style="box-sizing: border-box; padding: 0px 5px;">117</li><li style="box-sizing: border-box; padding: 0px 5px;">118</li><li style="box-sizing: border-box; padding: 0px 5px;">119</li><li style="box-sizing: border-box; padding: 0px 5px;">120</li><li style="box-sizing: border-box; padding: 0px 5px;">121</li><li style="box-sizing: border-box; padding: 0px 5px;">122</li><li style="box-sizing: border-box; padding: 0px 5px;">123</li><li style="box-sizing: border-box; padding: 0px 5px;">124</li><li style="box-sizing: border-box; padding: 0px 5px;">125</li><li style="box-sizing: border-box; padding: 0px 5px;">126</li><li style="box-sizing: border-box; padding: 0px 5px;">127</li><li style="box-sizing: border-box; padding: 0px 5px;">128</li><li style="box-sizing: border-box; padding: 0px 5px;">129</li><li style="box-sizing: border-box; padding: 0px 5px;">130</li><li style="box-sizing: border-box; padding: 0px 5px;">131</li><li style="box-sizing: border-box; padding: 0px 5px;">132</li><li style="box-sizing: border-box; padding: 0px 5px;">133</li><li style="box-sizing: border-box; padding: 0px 5px;">134</li><li style="box-sizing: border-box; padding: 0px 5px;">135</li><li style="box-sizing: border-box; padding: 0px 5px;">136</li><li style="box-sizing: border-box; padding: 0px 5px;">137</li><li style="box-sizing: border-box; padding: 0px 5px;">138</li><li style="box-sizing: border-box; padding: 0px 5px;">139</li><li style="box-sizing: border-box; padding: 0px 5px;">140</li><li style="box-sizing: border-box; padding: 0px 5px;">141</li><li style="box-sizing: border-box; padding: 0px 5px;">142</li><li style="box-sizing: border-box; padding: 0px 5px;">143</li><li style="box-sizing: border-box; padding: 0px 5px;">144</li><li style="box-sizing: border-box; padding: 0px 5px;">145</li><li style="box-sizing: border-box; padding: 0px 5px;">146</li><li style="box-sizing: border-box; padding: 0px 5px;">147</li><li style="box-sizing: border-box; padding: 0px 5px;">148</li><li style="box-sizing: border-box; padding: 0px 5px;">149</li><li style="box-sizing: border-box; padding: 0px 5px;">150</li><li style="box-sizing: border-box; padding: 0px 5px;">151</li><li style="box-sizing: border-box; padding: 0px 5px;">152</li><li style="box-sizing: border-box; padding: 0px 5px;">153</li><li style="box-sizing: border-box; padding: 0px 5px;">154</li><li style="box-sizing: border-box; padding: 0px 5px;">155</li><li style="box-sizing: border-box; padding: 0px 5px;">156</li><li style="box-sizing: border-box; padding: 0px 5px;">157</li><li style="box-sizing: border-box; padding: 0px 5px;">158</li><li style="box-sizing: border-box; padding: 0px 5px;">159</li><li style="box-sizing: border-box; padding: 0px 5px;">160</li><li style="box-sizing: border-box; padding: 0px 5px;">161</li></ul>

编写makefile后者使用g++ -o xxx.cpp -I/usr/local/ssl/include/ -lssl test进行编译得到test可执行文件 
现在有了客户端和服务端的执行文件,我们进行测试: 
服务器端:

<code class="hljs vbnet has-numbering" style="display: block; padding: 0px; color: inherit; box-sizing: border-box; font-family: 'Source Code Pro', monospace;font-size:undefined; white-space: pre; border-radius: 0px; word-wrap: normal; background: transparent;">[root@localhost SSLTest]<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;"># ./test </span>
Server Running <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">in</span> LINUX
<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">Get</span> Len <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">56</span> 
this <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">is</span> <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">from</span> client+++++++++++++++client send <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">to</span> server ok
[root@localhost SSLTest]<span class="hljs-preprocessor" style="color: rgb(68, 68, 68); box-sizing: border-box;"># </span></code><ul class="pre-numbering" style="box-sizing: border-box; position: absolute; width: 50px; top: 0px; left: 0px; margin: 0px; padding: 6px 0px 40px; border-right-width: 1px; border-right-style: solid; border-right-color: rgb(221, 221, 221); list-style: none; text-align: right; background-color: rgb(238, 238, 238);"><li style="box-sizing: border-box; padding: 0px 5px;">1</li><li style="box-sizing: border-box; padding: 0px 5px;">2</li><li style="box-sizing: border-box; padding: 0px 5px;">3</li><li style="box-sizing: border-box; padding: 0px 5px;">4</li><li style="box-sizing: border-box; padding: 0px 5px;">5</li></ul>

客户端:

<code class="hljs vbscript has-numbering" style="display: block; padding: 0px; color: inherit; box-sizing: border-box; font-family: 'Source Code Pro', monospace;font-size:undefined; white-space: pre; border-radius: 0px; word-wrap: normal; background: transparent;">[root@localhost SSLTestC]# ./test 
<span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">Server</span> Running <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">in</span> LINUX
SSL_CTX_load_verify_locations start!
<span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">Get</span> <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">Len</span> <span class="hljs-number" style="color: rgb(0, 102, 102); box-sizing: border-box;">108</span> 
this <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">is</span> from client+++++++++++++++client send <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">to</span> <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">server</span>
 this <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">is</span> from <span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">server</span>========<span class="hljs-built_in" style="color: rgb(102, 0, 102); box-sizing: border-box;">server</span> resend <span class="hljs-keyword" style="color: rgb(0, 0, 136); box-sizing: border-box;">to</span> client ok
[root@localhost SSLTestC]# </code><ul class="pre-numbering" style="box-sizing: border-box; position: absolute; width: 50px; top: 0px; left: 0px; margin: 0px; padding: 6px 0px 40px; border-right-width: 1px; border-right-style: solid; border-right-color: rgb(221, 221, 221); list-style: none; text-align: right; background-color: rgb(238, 238, 238);"><li style="box-sizing: border-box; padding: 0px 5px;">1</li><li style="box-sizing: border-box; padding: 0px 5px;">2</li><li style="box-sizing: border-box; padding: 0px 5px;">3</li><li style="box-sizing: border-box; padding: 0px 5px;">4</li><li style="box-sizing: border-box; padding: 0px 5px;">5</li><li style="box-sizing: border-box; padding: 0px 5px;">6</li><li style="box-sizing: border-box; padding: 0px 5px;">7</li></ul>

表明服务器和客户端已经通信成功,通过抓包工具可以看到,所有字符消息已经变成不可识别的乱码,linux可使用tcpdump进行抓包,在windows使用wireshark进行查看,windows直接使用wireshark抓包即可

后面博文将介绍如何在libevent中加入ssl会话加密功能,虽然bufferevent有相应的bufferevent_socket_openssl_new等接口,但本人在使用过程中发现,并未成功,故抛弃了bufferevent方式,使用原始的event_add的方式进行处理,请关注后续更新

参考博客:http://hoytluo.blog.51cto.com/1154435/564822/

版权声明:本文为博主原创文章,未经博主允许不得转载。

bestone0213
关注
专栏目录
openssl编程指南
chenglinhust的专栏
07-20 1973
openssl编程指南 对于openssl应用编程这方面的详细文档很少,我是通过认真分析openssl源码包中的示例代码来学习并结合man文档来理解它的基本结构的。SSL通讯模型为标准的C/S结构,除了在TCP层之上进行传输之外,与一般的通讯没有什么明显的区别。下面我对用SSL建立安全的TCP连接的流程作一简单分析。 一、数字证书准备 通常情况下我们的服务端需要
利用openssl之 htps服务端和客户端编写
小豆角的博客
06-24 1272
openssl 是目前最流行的 SSL 密码库工具,其提供了一个通用、健壮、功能完备的工具套件,用以支持SSL/TLS 协议的实现。 官网:https://www.openssl.org/source/ 构成部分 密码算法库 密钥和证书封装管理功能 SSL通信API接口 用途 建立 RSA、DH、DSA key 参数 建立 X.509 证书、证书签名请求(CSR)和CRLs(证书回收列...
一个引发openssl崩溃问题案例
最新发布
一个VA生的博客
07-15 578
最近用libevent写了一个https代理功能,在调研的时候,遇到了一个项目用到了本地多个openssl库引发的ssl握手崩溃问题。
使用openssl编写服务端和客户端程序
huang714的专栏
03-10 1115
1.使用相同的ca生成两个证书,一个是server.cer,一个是client.cer,注意生成server.cer的时候必须指明证书可以用于服务端的。 服务器代码: #include"openssl/bio.h" #include"openssl/ssl.h" #include"openssl/err.h" #include<cutil....
安全通信系统--OpenSSL服务器和客户端
weixin_34224941的博客
03-06 217
环境配置 SSL的初始化 这一步主要使用OpenSSL提供的函数设置算法、证书等,一般步骤都固定了的,初始化流程示意图如下所示: ...
openssl编程之客户端
路在脚下
07-24 742
client使用的文件有:ca.crt,client.crt,client.key  server使用的文件有:ca.crt,server.crt,server.key  新建一个目录为client,将ca.crt,client.crt,client.key三个文件拷贝进去, [root@localhost SSLTestC]# ls -l 总用量 182 drwxrwx---. 1 roo
使用pthread库实现openssl多线程ssl服务端和客户端
09-04
总的来说,使用pthread和OpenSSL实现多线程SSL服务端和客户端是一项复杂但重要的任务,它涉及到网络编程、多线程编程以及安全通信等多个领域。在实际开发中,开发者需要对这些技术有深入的理解,以确保系统的稳定性...
client&server.zip_client/server_openssl tcp server_tcp_服务端开发
07-14
总的来说,"client&server.zip_client/server_openssl tcp server_tcp_服务端开发"这个项目涉及到了客户端与服务器之间的TCP通信,以及使用OpenSSL库进行安全通信的实现。通过这个项目,开发者可以深入理解TCP协议的...
Openssl实现双向认证教程(附服务端客户端代码)
01-09
一、背景说明 1.1 面临问题 最近一份产品检测报告建议使用基于pki的认证方式,由于产品已实现https,商量之下认为其意思是使用双向认证以处理中间人形式攻击。 《信息安全工程》中接触过双向认证,但有两个问题。 第一个是当时最终的课程设计客户端是浏览器,服务端是tomcat双向认证只需要对两者进行配置并不需要自己真的实现代码。 第二个是虽然课程也有接近双向认证的实现代码,但当时是Java+JCE环境现在要用C+++OpenSSL环境,总体意思确实还是差不多但具体函数和参数差别还是不少。 所以眼下有的是:证书生成的思想+双向认证实现的思想。对读者而言,即要假定已对证书、SSL/TSL、sock
java的ssl客户端编程与LINUX的OpenSSL服务器通讯的实现及有关文
03-19
java的ssl客户端编程与LINUX的OpenSSL服务器通讯的实现及有关文档 附件中包含本人开发工程中使用过的DEMO程序及制作证书的解本文件
OpenSSL客户端服务器源码实例
02-25
OpenSSL客户端服务器源码实例,本程序基于windows系统,使用Vc6.0开发
c语言利用openssl实现简单客户端和服务端(观察记录层最大长度)
qq_36472340的博客
06-13 339
本文是使用openssl111w实现的简单客户端和服务端,主要用于观察openssl一个记录层数据包的大小。
使用openssl实现一个简单的服务器
huang714的专栏
09-18 533
#include <stdio.h> #include <stdlib.h> #include <errno.h> #include <string.h> #include <sys/types.h> #include <netinet/in.h> #include <sys/socket.h> #include <sys/wait.h> #include <unistd.h> #include &l
Linux 实现OpenSSL 服务器端客户端通信
07-18 3657
本博文是博主学习多位大佬的经验后记录的。 1.OpenSSL安装 详情参考博文:https://blog.csdn.net/qq_39521181/article/details/96457673 2.SSL 在学习openssl编程之前,先了解一下什么是SSL,有助于后续的学习。SSL 是一个缩写,代表的是 Secure Sockets Layer。它是支持在 Internet 上进行安...
Openssl Server C Demo
HeroRazor的专栏
08-15 262
OpenSsl C Server
SSL&OpenSSL
kaichekaihanma的博客
07-21 4837
SSL ssl协议(Secure Sockets Layer安全套接层)是一套网络通信安全协议,是由网景公司在1994年创建设计的,它具有数据加密,完整性校验及身份验证功能。它的出现是为了保证网络数据传输的安全性。如果没有SSL的加持,我们在网络中传输的数据就都处在裸奔的状态。SSL协议处在应用层和传输层之间,可以为任何基于TCP等可靠连接的应用层协议提供安全性保证。 SSL协议本身分为两层:上层为SSL握手协议(SSL Handshake Protocol),SSL密码变化协议(SSL change ci
深入浅出OpenSSL编程
"本文档是赵春平关于OpenSSL编程的个人经验和心得分享,作者通过自己的硕士论文研究和实际工作经历,深入学习并实践OpenSSL,涵盖了OpenSSL的asn1模块,以及在Windows环境下对OpenSSL接口的使用。文中提到作者在...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值