OpenSSL SSL_read malfunction

OpenSSL SSL_read malfunction

本文关键字:malfunction read SSL OpenSSL      更新时间:2023-10-16

我正在尝试编写一个连接到具有OpenSSL的服务器的c ++应用程序。我可以发送数据,这些数据完好无损地到达服务器,但读取操作只读取 1 个字节。

代码 :

char*           dest_url = "147.87.116.74";
X509                *cert = NULL;
X509_name_st    *certname = NULL;
const SSL_METHOD *method;
SSL_CTX *ctx;
SSL *ssl;
int server = 0;
int ret, i;
/* ---------------------------------------------------------- *
* These function calls initialize openssl for correct work.  *
* ---------------------------------------------------------- */
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
SSL_load_error_strings();
/* ---------------------------------------------------------- *
* initialize SSL library and register algorithms             *
* ---------------------------------------------------------- */
SSL_library_init();
/* ---------------------------------------------------------- *
* Set SSLv2 client hello, also announce SSLv3 and TLSv1      *
* ---------------------------------------------------------- */
method = TLSv1_2_client_method();
/* ---------------------------------------------------------- *
* Try to create a new SSL context                            *
* ---------------------------------------------------------- */
ctx = SSL_CTX_new(method);
/* ---------------------------------------------------------- *
* SSL certificate checking      AND MY STUFF    
* thanks guys http://h71000.www7.hp.com/doc/83final/ba554_90007/ch05s03.html
* ---------------------------------------------------------- */
SSL_CTX_load_verify_locations(ctx, "ca.crt", nullptr);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(ctx, 1);
/* ---------------------------------------------------------- *
* Create new SSL connection state object                     *
* ---------------------------------------------------------- */
ssl = SSL_new(ctx);
/* ---------------------------------------------------------- *
* Make the underlying TCP socket connection                  *
* ---------------------------------------------------------- */
server = create_socket(dest_url);
/* ---------------------------------------------------------- *
* Attach the SSL session to the socket descriptor            *
* ---------------------------------------------------------- */
SSL_set_fd(ssl, server);
/* ---------------------------------------------------------- *
* Try to SSL-connect here, returns 1 for success             *
* ---------------------------------------------------------- */
SSL_connect(ssl);
/* ---------------------------------------------------------- *
* send some text                                              *
* -----------------------------------------------------------*/
char* tSend = "testdata";
int sendSize = strlen(tSend);
int net_tSend = htonl(sendSize);
SSL_write(ssl, &net_tSend, 4);
SSL_write(ssl, tSend, sendSize);
long size = 0L;
int bytesread = SSL_read(ssl, &size, 4);

我的问题 :是否必须使用BIO对象?为什么 read() 函数读取只有 1 个字节?如何检索/读取错误?

读取的字节数是任意的。如果您确切地知道应该接收多少字节,则可以使用准确读取该数字的函数。

此函数是SSL_read的替代品,除非出现错误,否则始终准确读取指定的字节数。它在错误时返回 <0(调用 SSL_get_error )。如果连接关闭,则返回 0。成功后,它返回读取的字节数,该字节数将始终与请求的数字相同。

int SSL_read_all(SSL *ssl, void* buf, int num)
{
    char* ptr = reinterpret_cast<char*>(buf);
    int read_bytes = 0;
    while (read_bytes < num)
    {
         int r = SSL_read(ssl, ptr + read_bytes, num - read_bytes);
         if (r <= 0)
             return r;
         read_bytes += r;
    }
    return read_bytes;
}

如果OpenSSL直接与套接字通信,则不需要显式使用BIO。

相关文章: