研究這個玩意也有幾天的時間了,剛學C 因為不熟悉編譯折騰了不少時間,終於弄通了,發個隨筆給研究openssl https的同學一點提示吧。
環境:
==========================================================
UBUNTU 12.04
OPENSSL 1.0.2d
SSL:SSL2(同學們可以研究下使用TSL和SSL3,我還木有研究好)
TOOL: code::blocks
==========================================================
測試結果截圖:
CODE:
#include <stdio.h>
#include <stdlib.h>
#include "openssl/bio.h"
#include "openssl/ssl.h"
#include "openssl/err.h"
char* join(char *s1, char *s2);
int main()
{
BIO *sbio, *out;
int len;
char tmpbuf[1024];
SSL_CTX *ctx;
SSL *ssl;
//ERR_load_crypto_strings();
ERR_load_SSL_strings();
//OpenSSL_add_all_algorithms();
SSL_library_init();
//如果系統平台不支持自動進行隨機數種子的設置,這里應該進行設置(seed PRNG)
ctx = SSL_CTX_new(SSLv23_client_method());
//ctx = SSL_CTX_new(TLS_client_method());
//SSL_CTX_set_cipher_list(ctx,"EXP-RC4-MD5");
//通常應該在這里設置一些驗證路徑和模式等,因為這里沒有設置,所以該例子可以跟使用任意CA簽發證書的任意服務器建立連接
sbio = BIO_new_ssl_connect(ctx);
BIO_get_ssl(sbio, &ssl);
if(!ssl)
{
fprintf(stderr, "Can't locate SSL pointer/n");
ERR_print_errors_fp(stderr);
}
/* 不需要任何重試請求*/
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
//這里你可以添加對SSL的其它一些設置
BIO_set_conn_hostname(sbio, "106.39.167.232:443");
out = BIO_new_fp(stdout, BIO_NOCLOSE);
if(BIO_do_connect(sbio) <= 0)
{
fprintf(stderr, "Error connecting to server/n");
ERR_print_errors_fp(stderr);
}
printf("SSL connection using %s\n",SSL_get_cipher(ssl));
//SSL_CTX_set_cipher_list(ctx,SSL_get_cipher(ssl));
X509 *cert = SSL_get_peer_certificate(ssl);
printf ("Server certificate:\n");
char *str = X509_NAME_oneline(X509_get_subject_name(cert),0,0);
printf ("\t subject: %s\n", str);
OPENSSL_free(str);
str = X509_NAME_oneline(X509_get_issuer_name(cert),0,0);
printf ("\t issuer: %s\n", str);
OPENSSL_free(str);
X509_free(cert);
if(BIO_do_handshake(sbio) <= 0)
{
fprintf(stderr, "Error establishing SSL connection/n");
ERR_print_errors_fp(stderr);
}
/* 這里可以添加檢測SSL連接的代碼,得到一些連接信息*/
const char *http_req_hdr_tmpl = "GET %s HTTP/1.1\r\n"
"Accept: image/gif, image/jpeg, text/json,text/html */*\r\nAccept-Language: zh-cn\r\n"
"Accept-Encoding: gzip, deflate\r\nHost: %s\r\n"
"User-Agent: %s <0.1>\r\nConnection: Keep-Alive\r\n\r\n";
int bufsize = 1024;
char header_get[bufsize];
len = sprintf(header_get,http_req_hdr_tmpl,"/routerjson","api.jd.com","User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36");
//BIO_puts(sbio, header_get);
BIO_write(sbio,header_get,len);
for(;;)
{
len = BIO_read(sbio, tmpbuf, 1024);
if(len <= 0) break;
BIO_write(out, tmpbuf, len);
}
BIO_free_all(sbio);
BIO_free(out);
return 0;
}
如果不知道怎么編譯鏈接或者出錯的同學請看我的另一篇隨筆
解決引用openssl靜態庫libcrypto.a和libssl.a出現undefined reference to錯誤的問題