使用pthread库实现openssl多线程ssl服务端和客户端.pdf-资料库

使用使用pthread库实现库实现openssl多线程多线程ssl服务端和客户端服务端和客户端使用pthread库实现openssl多线程ssl服务端和客户端，大家参考使用吧服务端代码如下：复制代码代码如下: #include #include #include #include #ifndef _WIN32 #include #include #include #include #include #include #else #include #include #endif #include "pthread.h" #include #include #include #include #include #include #define CERTF "certs/sslservercert.pem" #define KEYF "certs/sslserverkey.pem" #define CAFILE "certs/cacert.pem" pthread_mutex_t mlock=PTHREAD_MUTEX_INITIALIZER; static pthread_mutex_t *lock_cs; static long *lock_count; #define CHK_NULL(x) if ((x)==NULL) { printf("null\n"); } #define CHK_ERR(err,s) if ((err)==-1) { printf(" -1 \n"); } #define CHK_SSL(err) if ((err)==-1) { printf(" -1 \n");} #define CAFILE "certs/cacert.pem" int verify_callback_server(int ok, X509_STORE_CTX *ctx) { printf("verify_callback_server \n"); return ok; } int SSL_CTX_use_PrivateKey_file_pass(SSL_CTX *ctx,char *filename,char *pass) { EVP_PKEY *pkey=NULL; BIO *key=NULL; key=BIO_new(BIO_s_file()); BIO_read_filename(key,filename); pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass); if(pkey==NULL) { printf("PEM_read_bio_PrivateKey err"); return -1; } if (SSL_CTX_use_PrivateKey(ctx,pkey) <= 0) { printf("SSL_CTX_use_PrivateKey err\n"); return -1; } BIO_free(key); return 1;

} static int s_server_verify=SSL_VERIFY_NONE; void * thread_main(void *arg) { SOCKET s,AcceptSocket; WORD wVersionRequested; WSADATA wsaData; struct sockaddr_in service; int err; size_t client_len; SSL_CTX *ctx; SSL *ssl; X509 *client_cert; char *str; char buf[1024]; SSL_METHOD *meth; ssl=(SSL *)arg; s=SSL_get_fd(ssl); err = SSL_accept (ssl); if(err<0) { printf("ssl accerr\n"); return ; } printf ("SSL connection using %s\n", SSL_get_cipher (ssl)); client_cert = SSL_get_peer_certificate (ssl); if (client_cert != NULL) { printf ("Client certificate:\n"); str = X509_NAME_oneline (X509_get_subject_name (client_cert), 0, 0); CHK_NULL(str); printf ("\t subject: %s\n", str); OPENSSL_free (str); str = X509_NAME_oneline (X509_get_issuer_name (client_cert), 0, 0); CHK_NULL(str); printf ("\t issuer: %s\n", str); OPENSSL_free (str); X509_free (client_cert); } else printf ("Client does not have certificate.\n"); memset(buf,0,1024); err = SSL_read (ssl, buf, sizeof(buf) - 1); if(err<0) { printf("ssl read err\n"); closesocket(s); return; } printf("get : %s\n",buf); #if 0 buf[err] = '\0'; err = SSL_write (ssl, "I hear you.", strlen("I hear you.")); CHK_SSL(err); #endif SSL_free (ssl); closesocket(s); } pthread_t pthreads_thread_id(void) { pthread_t ret; ret=pthread_self(); return(ret); } void pthreads_locking_callback(int mode, int type, char *file,

int line) { if (mode & CRYPTO_LOCK) { pthread_mutex_lock(&(lock_cs[type])); lock_count[type]++; } else { pthread_mutex_unlock(&(lock_cs[type])); } } int main () { int err; int i; SOCKET s,AcceptSocket; WORD wVersionRequested; WSADATA wsaData; struct sockaddr_in service; pthread_tpid; size_t client_len; SSL_CTX *ctx; SSL *ssl; X509 *client_cert; char *str; char buf[1024]; SSL_METHOD *meth; SSL_load_error_strings(); SSLeay_add_ssl_algorithms(); meth = SSLv3_server_method(); ctx = SSL_CTX_new (meth); if (!ctx) { ERR_print_errors_fp(stderr); exit(2); } if ((!SSL_CTX_load_verify_locations(ctx,CAFILE,NULL)) || (!SSL_CTX_set_default_verify_paths(ctx))) { printf("err\n"); exit(1); } if (SSL_CTX_use_certificate_file(ctx, CERTF, SSL_FILETYPE_PEM) <= 0) { ERR_print_errors_fp(stderr); exit(3); } if (SSL_CTX_use_PrivateKey_file_pass(ctx, KEYF, "123456") <= 0) { ERR_print_errors_fp(stderr); exit(4); } if (!SSL_CTX_check_private_key(ctx)) { fprintf(stderr,"Private key does not match the certificate public key\n"); exit(5); } s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT| SSL_VERIFY_CLIENT_ONCE; SSL_CTX_set_verify(ctx,s_server_verify,verify_callback_server); SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAFILE)); wVersionRequested = MAKEWORD( 2, 2 ); err = WSAStartup( wVersionRequested, &wsaData ); if ( err != 0 ) {

printf("err\n"); return -1; } s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if(s<0) return -1; service.sin_family = AF_INET; service.sin_addr.s_addr = inet_addr("127.0.0.1"); service.sin_port = htons(1111); if (bind( s, (SOCKADDR*) &service, sizeof(service)) == SOCKET_ERROR) { printf("bind() failed.\n"); closesocket(s); return -1; } if (listen( s, 1 ) == SOCKET_ERROR) printf("Error listening on socket.\n"); printf("recv .....\n"); lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); for (i=0; i0) { err=pthread_create(&pid,NULL,&thread_main,(void *)ssl); pthread_detach(pid); } else continue; } } SSL_CTX_free (ctx); return 0; } 客户端代码如下：复制代码代码如下: #include #include #include #ifndef _WIN32 #include #include #include #include #include #include

#else #include #endif #include "pthread.h" #include #include #include #include #include #define MAX_T 1000 #define CLIENTCERT "certs/sslclientcert.pem" #define CLIENTKEY "certs/sslclientkey.pem" #define CAFILE "certs/cacert.pem" static pthread_mutex_t *lock_cs; static long *lock_count; pthread_t pthreads_thread_id(void) { pthread_t ret; ret=pthread_self(); return(ret); } void pthreads_locking_callback(int mode, int type, char *file, int line) { if (mode & CRYPTO_LOCK) { pthread_mutex_lock(&(lock_cs[type])); lock_count[type]++; } else { pthread_mutex_unlock(&(lock_cs[type])); } } int verify_callback(int ok, X509_STORE_CTX *ctx) { printf("verify_callback\n"); return ok; } int SSL_CTX_use_PrivateKey_file_pass(SSL_CTX *ctx,char *filename,char *pass) { EVP_PKEY *pkey=NULL; BIO *key=NULL; key=BIO_new(BIO_s_file()); BIO_read_filename(key,filename); pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass); if(pkey==NULL) { printf("PEM_read_bio_PrivateKey err"); return -1; } if (SSL_CTX_use_PrivateKey(ctx,pkey) <= 0) { printf("SSL_CTX_use_PrivateKey err\n"); return -1; } BIO_free(key); return 1; } void*thread_main(void *arg) {

int err,buflen,read; int sd; SSL_CTX *ctx=(SSL_CTX *)arg; struct sockaddr_in dest_sin; SOCKET sock; PHOSTENT phe; WORD wVersionRequested; WSADATA wsaData; SSL *ssl; X509 *server_cert; char *str; char buf [1024]; SSL_METHOD *meth; FILE *fp; wVersionRequested = MAKEWORD( 2, 2 ); err = WSAStartup( wVersionRequested, &wsaData ); if ( err != 0 ) { printf("WSAStartup err\n"); return -1; } sock = socket(AF_INET, SOCK_STREAM, 0); dest_sin.sin_family = AF_INET; dest_sin.sin_addr.s_addr = inet_addr( "127.0.0.1" ); dest_sin.sin_port = htons( 1111 ); again: err=connect( sock,(PSOCKADDR) &dest_sin, sizeof( dest_sin)); if(err<0) { Sleep(1); goto again; } ssl = SSL_new (ctx); if(ssl==NULL) { printf("ss new err\n"); return ; } SSL_set_fd(ssl,sock); err = SSL_connect (ssl); if(err<0) { printf("SSL_connect err\n"); return; } printf ("SSL connection using %s\n", SSL_get_cipher (ssl)); server_cert = SSL_get_peer_certificate (ssl); printf ("Server certificate:\n"); str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0); printf ("\t subject: %s\n", str); OPENSSL_free (str); str = X509_NAME_oneline (X509_get_issuer_name (server_cert),0,0); printf ("\t issuer: %s\n", str); OPENSSL_free (str); X509_free (server_cert); err = SSL_write (ssl, "Hello World!", strlen("Hello World!")); if(err<0) { printf("ssl write err\n"); return ; } #if 0 memset(buf,0,ONE_BUF_SIZE); err = SSL_read (ssl, buf, sizeof(buf) - 1); if(err<0) {

printf("ssl read err\n"); return ; } buf[err] = '\0'; printf ("Got %d chars:'%s'\n", err, buf); #endif SSL_shutdown (ssl); /* send SSL/TLS close_notify */ SSL_free (ssl); closesocket(sock); } int main () { int err,buflen,read; int sd; struct sockaddr_in dest_sin; SOCKETsock; PHOSTENT phe; WORD wVersionRequested; WSADATA wsaData; SSL_CTX *ctx; SSL *ssl; X509 *server_cert; char *str; char buf [1024]; SSL_METHOD *meth; int i; pthread_tpid[MAX_T]; SSLeay_add_ssl_algorithms(); meth = SSLv3_client_method(); SSL_load_error_strings(); ctx = SSL_CTX_new (meth); if(ctx==NULL) { printf("ssl ctx new eer\n"); return -1; } if (SSL_CTX_use_certificate_file(ctx, CLIENTCERT, SSL_FILETYPE_PEM) <= 0) { ERR_print_errors_fp(stderr); exit(3); } if (SSL_CTX_use_PrivateKey_file_pass(ctx, CLIENTKEY, "123456") <= 0) { ERR_print_errors_fp(stderr); exit(4); } lock_cs=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t)); lock_count=OPENSSL_malloc(CRYPTO_num_locks() * sizeof(long)); for (i=0; i

for (i=0; i

资料库

使用pthread库实现openssl多线程ssl服务端和客户端.pdf

相关推荐

开发技术

热门标签

最新资料