http和https

最新推荐文章于 2024-06-21 13:34:53 发布
最新推荐文章于 2024-06-21 13:34:53 发布
阅读量2.8k 收藏
点赞数
分类专栏: C语言 Linux C 文章标签: c语言
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/viewsky11/article/details/52289861
版权

http和https的区别概念上参看:
http://blog.csdn.net/mingli198611/article/details/8055261

浏览wifidog代码时,发现C代码反映的http和https请求的区别,拷贝过来收藏!

具体包含的头文件去wifidog中查看,以下是主要代码:

wifidog-gateway/src/sample_http.h

#ifndef _SIMPLE_HTTP_H_
#define _SIMPLE_HTTP_H_

char *http_get(const int, const char *);

#ifdef USE_CYASSL
char *https_get(const int, const char *, const char *);
#endif                          /* defined(USE_CYASSL) */

#endif                          /* defined(_SIMPLE_HTTP_H_) */

wifidog-gateway/src/sample_http.c

#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <errno.h>
#include <unistd.h>
#include <string.h>
#include <syslog.h>

#include "../config.h"
#include "common.h"
#include "debug.h"
#include "pstring.h"

#ifdef USE_CYASSL
#include <cyassl/ssl.h>
#include "conf.h"
/* For CYASSL_MAX_ERROR_SZ */
#include <cyassl/ctaocrypt/types.h>
/* For COMPRESS_E */
#include <cyassl/ctaocrypt/error-crypt.h>
#endif

#ifdef USE_CYASSL
static CYASSL_CTX *get_cyassl_ctx(const char *hostname);
#endif

/**
 * Perform an HTTP request, caller frees both request and response,
 * NULL returned on error.
 * @param sockfd Socket to use, already connected
 * @param req Request to send, fully formatted.
 * @return char Response as a string
 */
char *
http_get(const int sockfd, const char *req)
{
    ssize_t numbytes;
    int done, nfds;
    fd_set readfds;
    struct timeval timeout;
    size_t reqlen = strlen(req);
    char readbuf[MAX_BUF];
    char *retval;
    pstr_t *response = pstr_new();

    if (sockfd == -1) {
        /* Could not connect to server */
        debug(LOG_ERR, "Could not open socket to server!");
        goto error;
    }

    debug(LOG_DEBUG, "Sending HTTP request to auth server: [%s]\n", req);
    numbytes = send(sockfd, req, reqlen, 0);
    if (numbytes <= 0) {
        debug(LOG_ERR, "send failed: %s", strerror(errno));
        goto error;
    } else if ((size_t) numbytes != reqlen) {
        debug(LOG_ERR, "send failed: only %d bytes out of %d bytes sent!", numbytes, reqlen);
        goto error;
    }

    debug(LOG_DEBUG, "Reading response");
    done = 0;
    do {
        FD_ZERO(&readfds);              
        FD_SET(sockfd, &readfds);      //设置sockfd句柄
        timeout.tv_sec = 30;    /* XXX magic... 30 second is as good a timeout as any */
        timeout.tv_usec = 0;
        nfds = sockfd + 1;

        nfds = select(nfds, &readfds, NULL, NULL, &timeout);  //选择发生的可读或者可写事件

        if (nfds > 0) {
                        /** We don't have to use FD_ISSET() because there
             *  was only one fd. */     //sockfd集合中只有一个,选择直接使用
            memset(readbuf, 0, MAX_BUF);
            numbytes = read(sockfd, readbuf, MAX_BUF - 1);
            if (numbytes < 0) {
                debug(LOG_ERR, "An error occurred while reading from server: %s", strerror(errno));
                goto error;
            } else if (numbytes == 0) {
                done = 1;
            } else {
                readbuf[numbytes] = '\0';
                pstr_cat(response, readbuf);
                debug(LOG_DEBUG, "Read %d bytes", numbytes);
            }
        } else if (nfds == 0) {
            debug(LOG_ERR, "Timed out reading data via select() from auth server");
            goto error;
        } else if (nfds < 0) {
            debug(LOG_ERR, "Error reading data via select() from auth server: %s", strerror(errno));
            goto error;
        }
    } while (!done);

    close(sockfd);
    retval = pstr_to_string(response);
    debug(LOG_DEBUG, "HTTP Response from Server: [%s]", retval);
    return retval;

 error:
    if (sockfd >= 0) {
        close(sockfd);
    }
    retval = pstr_to_string(response);
    free(retval);
    return NULL;
}

#ifdef USE_CYASSL      //如果使用https, 则需要定义一下内容

static CYASSL_CTX *cyassl_ctx = NULL;
static pthread_mutex_t cyassl_ctx_mutex = PTHREAD_MUTEX_INITIALIZER;

#define LOCK_CYASSL_CTX() do { \
    debug(LOG_DEBUG, "Locking CyaSSL Context"); \
    pthread_mutex_lock(&cyassl_ctx_mutex); \
    debug(LOG_DEBUG, "CyaSSL Context locked"); \
} while (0)

#define UNLOCK_CYASSL_CTX() do { \
    debug(LOG_DEBUG, "Unlocking CyaSSL Context"); \
    pthread_mutex_unlock(&cyassl_ctx_mutex); \
    debug(LOG_DEBUG, "CyaSSL Context unlocked"); \
} while (0)

static CYASSL_CTX *               //https实现
get_cyassl_ctx(const char *hostname)
{
    int err;
    CYASSL_CTX *ret;
    s_config *config = config_get_config();

    LOCK_CYASSL_CTX();

    if (NULL == cyassl_ctx) {
        CyaSSL_Init();
        /* Create the CYASSL_CTX */
        /* Allow TLSv1.0 up to TLSv1.2 */
        if ((cyassl_ctx = CyaSSL_CTX_new(CyaTLSv1_client_method())) == NULL) {
            debug(LOG_ERR, "Could not create CYASSL context.");
            UNLOCK_CYASSL_CTX();
            return NULL;
        }

        if (config->ssl_cipher_list) {
            debug(LOG_INFO, "Setting SSL cipher list to [%s]", config->ssl_cipher_list);
            err = CyaSSL_CTX_set_cipher_list(cyassl_ctx, config->ssl_cipher_list);
            if (SSL_SUCCESS != err) {
                debug(LOG_ERR, "Could not load SSL cipher list (error %d)", err);
                UNLOCK_CYASSL_CTX();
                return NULL;
            }
        }

#ifdef HAVE_SNI
        if (config->ssl_use_sni) {
            debug(LOG_INFO, "Setting SSL using SNI for hostname %s",
                hostname);
            err = CyaSSL_CTX_UseSNI(cyassl_ctx, CYASSL_SNI_HOST_NAME, hostname,
                      strlen(hostname));
            if (SSL_SUCCESS != err) {
                debug(LOG_ERR, "Could not setup SSL using SNI for hostname %s",
                    hostname);
                UNLOCK_CYASSL_CTX();
                return NULL;
            }
        }
#endif

        if (config->ssl_verify) {
            /* Use trusted certs */
            /* Note: CyaSSL requires that the certificates are named by their hash values */
            debug(LOG_INFO, "Loading SSL certificates from %s", config->ssl_certs);
            err = CyaSSL_CTX_load_verify_locations(cyassl_ctx, NULL, config->ssl_certs);
            if (err != SSL_SUCCESS) {
                debug(LOG_ERR, "Could not load SSL certificates (error %d)", err);
                if (err == ASN_UNKNOWN_OID_E) {
                    debug(LOG_ERR, "Error is ASN_UNKNOWN_OID_E - try compiling cyassl/wolfssl with --enable-ecc");
                } else {
                    debug(LOG_ERR, "Make sure that SSLCertPath points to the correct path in the config file");
                    debug(LOG_ERR, "Or disable certificate loading with 'SSLPeerVerification No'.");
                }
                UNLOCK_CYASSL_CTX();
                return NULL;
            }
        } else {
            CyaSSL_CTX_set_verify(cyassl_ctx, SSL_VERIFY_NONE, 0);
            debug(LOG_INFO, "Disabling SSL certificate verification!");
        }
    }

    ret = cyassl_ctx;
    UNLOCK_CYASSL_CTX();
    return ret;
}

/**
 * Perform an HTTPS request, caller frees both request and response,
 * NULL returned on error.
 * @param sockfd Socket to use, already connected
 * @param req Request to send, fully formatted.
 * @param hostname Hostname to use in https request. Caller frees.
 * @return char Response as a string
 */
char *
https_get(const int sockfd, const char *req, const char *hostname)
{
    ssize_t numbytes;
    int done, nfds;
    fd_set readfds;
    struct timeval timeout;
    unsigned long sslerr;
    char sslerrmsg[CYASSL_MAX_ERROR_SZ];
    size_t reqlen = strlen(req);
    char readbuf[MAX_BUF];
    char *retval;
    pstr_t *response = pstr_new();
    CYASSL *ssl = NULL;
    CYASSL_CTX *ctx = NULL;

    s_config *config;
    config = config_get_config();
/*一下为htpps增加的内容判断*/
    ctx = get_cyassl_ctx(hostname);
    if (NULL == ctx) {
        debug(LOG_ERR, "Could not get CyaSSL Context!");
        goto error;
    }

    if (sockfd == -1) {
        /* Could not connect to server */
        debug(LOG_ERR, "Could not open socket to server!");
        goto error;
    }

    /* Create CYASSL object */
    if ((ssl = CyaSSL_new(ctx)) == NULL) {
        debug(LOG_ERR, "Could not create CyaSSL context.");
        goto error;
    }
    if (config->ssl_verify) {
        // Turn on domain name check
        // Loading of CA certificates and verification of remote host name
        // go hand in hand - one is useless without the other.
        CyaSSL_check_domain_name(ssl, hostname);
    }
    CyaSSL_set_fd(ssl, sockfd);

    debug(LOG_DEBUG, "Sending HTTPS request to auth server: [%s]\n", req);
    numbytes = CyaSSL_send(ssl, req, (int)reqlen, 0);
    if (numbytes <= 0) {
        sslerr = (unsigned long)CyaSSL_get_error(ssl, numbytes);
        CyaSSL_ERR_error_string(sslerr, sslerrmsg);
        debug(LOG_ERR, "CyaSSL_send failed: %s", sslerrmsg);
        goto error;
    } else if ((size_t) numbytes != reqlen) {
        debug(LOG_ERR, "CyaSSL_send failed: only %d bytes out of %d bytes sent!", numbytes, reqlen);
        goto error;
    }

    debug(LOG_DEBUG, "Reading response");
    done = 0;
    do {
        FD_ZERO(&readfds);
        FD_SET(sockfd, &readfds);
        timeout.tv_sec = 30;    /* XXX magic... 30 second is as good a timeout as any */
        timeout.tv_usec = 0;
        nfds = sockfd + 1;

        nfds = select(nfds, &readfds, NULL, NULL, &timeout);

        if (nfds > 0) {
                        /** We don't have to use FD_ISSET() because there
             *  was only one fd. */
            memset(readbuf, 0, MAX_BUF);
            numbytes = CyaSSL_read(ssl, readbuf, MAX_BUF - 1);
            if (numbytes < 0) {
                sslerr = (unsigned long)CyaSSL_get_error(ssl, numbytes);
                CyaSSL_ERR_error_string(sslerr, sslerrmsg);
                debug(LOG_ERR, "An error occurred while reading from server: %s", sslerrmsg);
                goto error;
            } else if (numbytes == 0) {
                /* CyaSSL_read returns 0 on a clean shutdown or if the peer closed the
                   connection. We can't distinguish between these cases right now. */
                done = 1;
            } else {
                readbuf[numbytes] = '\0';
                pstr_cat(response, readbuf);
                debug(LOG_DEBUG, "Read %d bytes", numbytes);
            }
        } else if (nfds == 0) {
            debug(LOG_ERR, "Timed out reading data via select() from auth server");
            goto error;
        } else if (nfds < 0) {
            debug(LOG_ERR, "Error reading data via select() from auth server: %s", strerror(errno));
            goto error;
        }
    } while (!done);

    close(sockfd);

    CyaSSL_free(ssl);

    retval = pstr_to_string(response);
    debug(LOG_DEBUG, "HTTPS Response from Server: [%s]", retval);
    return retval;

 error:
    if (ssl) {
        CyaSSL_free(ssl);
    }
    if (sockfd >= 0) {
        close(sockfd);
    }
    retval = pstr_to_string(response);
    free(retval);
    return NULL;
}

#endif                          /* USE_CYASSL */
viewsky11
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
HttpClientUtil工具类发送get和post请求,支持httphttps,支持发送文件
04-07
3. 支持httphttpsHttpClientUtil需要能够处理HTTPHTTPS协议。HTTP协议不涉及数据加密,而HTTPS协议在HTTP的基础上加入了SSL/TLS层,提供数据加密和服务器身份验证,确保通信安全。HttpClient支持SSL/TLS,只需...
Nginx同时支持HttpHttps的配置详解
09-29
主要介绍了Nginx同时支持HttpHttps的配置详解,文中通过示例代码介绍的非常详细,对大家的学习或者工作具有一定的参考学习价值,需要的朋友们下面随着小编来一起学习学习吧
http to https
weixin_30326741的博客
07-25 118
https://www.cnblogs.com/powertoolsteam/p/http2https.html 转载于:https://www.cnblogs.com/ZHUYIN/p/9368640.html
HTTP AND HTTPS
Passerby的博客
02-07 293
HTTPHTTPS HTTP 大家都知道它是超文本传输协议,也就是提供一种发布和接受HTML页面的方法。 HTTPS Hyper Text Transfer Protocol Secure 简单讲就是HTTP的安全版,也就是HTTP下加入SSL层,SSL就是HTTPS的安全基础,加密就更离不开SSL。 HTTP = HTTP + SSL SSL 它又是什么?它是一个URI
HTTPS基本原理
最新发布
Lzcsfg的博客
06-21 1019
HTTPS(全称:HyperText Transfer Protocol over Secure Socket Layer),其实 HTTPS 并不是一个新鲜协议,Google 很早就开始启用了,初衷是为了保证数据安全。近些年,Google、Baidu、Facebook 等这样的互联网巨头,不谋而合地开始大力推行 HTTPS, 国内外的大型互联网公司很多也都已经启用了全站 HTTPS,这也是未来互联网发展的趋势。
网站http to https
其实我不是代码教父,我只是猪头三
11-30 3104
[作者] 网名: 猪头三 站点: http://www.x86asm.com Email: 643439947@qq.com QQ: 643439947 编程生涯: 2001~至今[15年] 职业生涯: 13年 开发语言: C/C++; x86asm; Object Pascal; C#; Golang; Objective-C; PHP; 开发工具: VC++; Delphi;
HTTP TO HTTPS
weixin_34219944的博客
07-29 382
准备工作:下载URL重写并安装:http://www.microsoft.com/zh-cn/download/details.aspx?id=7435website绑定443和80;在web.config文件中添加 <system.webServe> <rewrite> <rules> ...
网站运维:Apache配置http to https
weixin_43731793的博客
06-20 377
#指定http to https <VirtualHost *:80> ServerName cloudsystem.work Redirect "/" "https://cloudsystem.work/" </VirtualHost> <VirtualHost *:443> ServerName cloudsystem.work ...
tomcat同时使用httphttps访问的配置方法
09-30
本文将详细讲解如何配置Tomcat服务器,使其能够同时支持HTTPHTTPS协议,以满足不同场景下的安全需求。 首先,要理解HTTPHTTPS的区别。HTTP(超文本传输协议)是一种无状态、明文传输的数据通信协议,它不提供...
Spring Boot项目如何同时支持HTTPHTTPS协议的实现
08-25
Spring Boot项目同时支持HTTPHTTPS协议的实现 Spring Boot项目如何同时支持HTTPHTTPS协议的实现是企业级应用程序的常见场景。为了让Spring Boot应用程序同时支持HTTPHTTPS两种协议,需要生成一份Certificate ...
httphttps的区别详解.zip
03-27
HTTP(超文本传输协议)和HTTPS(安全超文本传输协议)是互联网上应用最广泛的两种通信协议,它们在数据传输、安全性...而对于开发者来说,理解和掌握HTTPHTTPS的区别,能够帮助他们更好地构建和维护安全的网络服务。
cyassl-3.3.0.zip
07-08
cyassl一种安全套接层的C实现,跨平台源代码
wolfssl:wolfSSL(以前称为CyaSSL)是TLSSSL的一种小型,快速,可移植的实现,用于将嵌入式设备连接到云。 wolfSSL最多支持TLS 1.3!
02-06
wolfSSL嵌入式SSL / TLS库 (以前称为CyaSSL)是用ANSI C编写的轻量级SSL / TLS库,主要用于嵌入式,RTOS和资源受限的环境-主要是因为其体积小,速度快和功能集丰富。 由于其免版税定价和出色的跨平台支持,它也通常用于标准操作环境。 wolfSSL支持最新和DTLS 1.2的行业标准,比OpenSSL小多达20倍,并提供ChaCha20,Curve25519,NTRU和Blake2b等渐进式密码。 当在OpenSSL上使用wolfSSL时,用户基准测试和反馈报告可显着提高性能。 wolfSSL由wolfCrypt加密库提供支持。 WolfCrypt的两个版本已通
http.https:在同一端口上服务HTTPHTTPS
05-24
在同一端口上服务HTTPHTTPS。 安装 npm install --save http.https 或者 yarn add http.https 用法 参见示例文件夹。 请注意,您将需要SSL证书来运行这些示例。 可以生成临时的自签名证书,如下所示: cd ...
Nginx正向代理httphttps.md
04-07
### Nginx正向代理httphttps #### 1. 环境介绍 - **操作系统**:CentOS Linux release 7.6.1810 (Core) - **Nginx版本**:nginx/1.18.0 - **网络结构**: - **服务器A**:部署在DMZ区域,IP地址为192.168.252....
C#用FiddlerCore抓包HTTPHTTPS源码
10-25
在IT行业中,网络通信分析是开发和调试过程中不可或缺的一部分,特别是在处理HTTPHTTPS协议时。本文将深入探讨如何使用C#结合FiddlerCore库来实现对这两种协议的抓包功能。FiddlerCore是Telerik公司提供的一个强大...
帮助你如何将http转换成https | Help you how to convert http to https
m0_54277954的博客
01-25 468
Hi,我是你们的朋友Eli。在你阅读本文档之前,你需要注意本文章是基于Ngnix服务器上关于SSL证书配置的教程文档,否则请移步其它服务器SSL配置。如果你想尽快开始配置你的SSL证书,请立刻跳转目录至前提条件。
HTTPHTTPS
weixin_45743816的博客
05-22 327
提示:文章写完后,目录可以自动生成,如何生成可参考右边的帮助文档 文章目录前言一、什么是HTTPS?二 深入分析安全协议2.读入数据总结 前言 HTTP作为我们开发者接触最多的一种应用层的协议,其有很多我们值得深入研究的地方,也是面试中网络这部分的重点之一。比如HTTP1.0—》HTTP1.1—》HTTP2.0—》HTTP3.0的升级迭代,这里面也是别有洞天的,不过我们今天来讲HTTP协议另外的一个重点,就是HTTPS是怎么做的。 一、什么是HTTPS? 说到HTTPS,背过八股文的人应该都能脱口而.
[从0到1搭嵌入式工程]常用加密方法之AES加解密及密码生成和获取、cyassl库
SevenFighting的专栏
09-26 1360
在项目中,遇到两个终端之间的传输,就会遇到数据加密的问题,比如使用P2P协议音视频和命令的传输。这时,对于加密方法的选择,往往使用AES就可以满足需求了。 下文中还会介绍密码的生成和获取。 AES: 高级加密标准。是一种对称分组加密算法。 对称的意思是加密端和解密端使用相同的密码。分组的意思是把数据分成一小块一小块,进行加密。 AES加密相对于DES(数据加密标准),速度更快,安全级别更高,...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值