【发布时间】:2014-06-24 10:43:31
【问题描述】:
我使用下面的代码作为指导,并修改了下面的代码。 http://bendecplusplus.googlecode.com/svn/trunk/ssl_mycode/epoll_ssl/server.chttp://bendecplusplus.googlecode.com/svn/trunk/ssl_mycode/epoll_ssl/client.c
我修改了服务端代码如下:
do {
count = SSL_read (ssl, buf, sizeof(buf)); // get request
switch (SSL_get_error (ssl, count) ) {
case SSL_ERROR_NONE:
buf[count] = 0;
printf("Client msg: \"%s\"\n", buf);
sprintf(reply, HTMLecho, buf); // construct reply
SSL_write(ssl, reply, strlen(reply)); // send reply
break;
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
continue;
case SSL_ERROR_ZERO_RETURN:
ERR_print_errors_fp(stderr);
printf("Performing exchange Error 2.\n");
done = 1;
break;
default:
ERR_print_errors_fp(stderr);
printf("Performing exchange Error 3.\n");
done = 1;
break;
}
} while ( ssl && count > 0 ); // SSL_pending(ssl) seems unreliable
在客户端,我的代码如下:
SSL_library_init();
ctx = InitCTX();
LoadCertificates(ctx, CertFile, KeyFile);
server = OpenConnection(hostname, atoi(portnum));
ssl = SSL_new(ctx); /* create new SSL connection state */
SSL_set_fd(ssl, server); /* attach the socket descriptor */
if ( SSL_connect(ssl) == FAIL ) /* perform the connection */
{
ERR_print_errors_fp(stderr);
} else {
while(1){
char *msg = "Hello??? are you there. lolololololololoooooooooooooooooooooooooooo";
printf("Connected with %s encryption\n", SSL_get_cipher(ssl));
ShowCerts(ssl); /* get any certs */
SSL_write(ssl, msg, strlen(msg)); /* encrypt & send message */
bytes = SSL_read(ssl, buf, sizeof(buf)); /* get reply & decrypt */
buf[bytes] = 0;
printf("Received: \"%s\"\n", buf);
sleep(1);
}
SSL_free(ssl); /* release connection state */
}
close(server); /* close socket */
SSL_CTX_free(ctx); /* release context */
我观察到卡在服务器端的循环中。任何指导表示赞赏。
【问题讨论】:
-
玛丽安所说的,加上'buf[bytes] = 0;'如果 SSL_read 填满 buf,则看起来像缓冲区溢出。
-
好的,所以需要删除或减去1。
err = SSL_read (ssl, buf, sizeof(buf) - 1); if ( err <= 0 ) { close(sd); SSL_CTX_free (ctx); ERR_print_errors_fp(stderr); return 1; } buf[err] = '\0'; -
@pathygeek - 请参阅Help Center 和主题通过编辑或评论改进帖子。您试图放在评论中的代码还有很多不足之处......
标签: c sockets ssl openssl epoll