This is all the operations required.
Typically, communicate with the server should use BIO_read and BIO_write. And simply call BIO_free_all or BIO_reset, you can close the connection, call which methods depends on whether or not to reuse BIO. You must end the application before the release of a moment in the SSL context structure. Can be called to free the structure SSL_CTX_free. Listing 13. clear the SSL context SSL_CTX_free (ctx); error detection is obviously OpenSSL thrown some type of error. Does this mean? first, you need to get error code itself; ERR_get_error can accomplish this task; then, you need to convert the error code to error string that is a pointer to the SSL_load_error_strings or ERR_load_BIO_strings loaded into memory pointer to a string of permanently. Can a nested call to complete this operation. Table 1 outlines the retrieval of error from the error stack. Listing 24 shows how to print a text string of the last error message. Table 1. from stack retrieval error ERR_reason_error_string returns a pointer to a static string, then string displayed on the screen, write to the file, or in any way that you want to handle ERR_lib_error_string pointed out that the error occurred in which a library ERR_func_error_string returns the cause of the error list 14. OpenSSL functions to print the last error printf ("Error:%s\n", ERR_reason_error_string (ERR_get_error ())); you can let the library gives the preformatted the error string. You can call to get the string ERR_error_string. The function error code and a pre-allocated buffer as a parameter. This buffer must be 256 bytes long. If the parameter is null, OpenSSL will write a string to a length of 256 bytes of the static buffer, and returns a pointer to the buffer. Otherwise, it returns a pointer to you. If you select a static buffer option, the next time you call, the buffer ERR_error_string will be overwritten. Listing 15. get pre-formatted error string printf ("%s\n", ERR_error_string (ERR_get_error (), NULL)); you can also use the error queue dump to a file or BIO. You can implement ERR_print_errors_fp ERR_print_errors or this operation. Queue is the readable format to be dumped. The first function will queue sent to BIO, the second function will queue is sent to a FILE. The string format is as follows (from OpenSSL documentation): [pid]: error: [errorcode]: [libraryname]: [functionname]: [reasonstring]: [filename]: [line]: [optionaltextmessage] where [pid] is the process ID, [errorcode] is an 8-bit hexadecimal code, [filename] is the OpenSSL library in the source code file, [line] is the line number in source file. Listing 16. dump error queue ERR_print_errors_fp (FILE *); ERR_print_errors (BIO * a); begin to do it using OpenSSL to create a basic connection is not difficult, however, when trying to determine what to do, the document may be a small obstacle. This article shows you some basic concepts, but there is a lot more flexible OpenSSL place yet to be discovered, and you may need some advanced settings for the project to take advantage of the SSL capabilities. This article contains two sample. A sample demonstrates to http://www.verisign.com/unsecured connection and the other shows to http://www.verisign.com/secure SSL connection. Both are connected to the server and download their home page. They do not have any security checks, and all of the settings in the library is the default value — as part of this article, you should only be used for teaching purposes. In any of the supported platforms, the source code compilation should be easy, but I recommend that you use the latest version of OpenSSL. At the time of this writing, the latest version of OpenSSL is 0.9.7d.
No comments:
Post a Comment