我正在尝试通过SSL连接到安全服务,但是在下面的代码中,SSL_read永远不会返回,这当然是正常行为,如果服务器没有返回任何消息,我是服务器然而,尝试连接应返回某种消息。是否有任何不允许阅读的内容?
//Initialize SSL library
OpenSSL_add_ssl_algorithms();
//Initialize Crypto algorithms
OpenSSL_add_all_algorithms();
//Create new SSL context accepting SSL V2, V3 or TLS V1.0, V1.1 and V1.2
const SSL_METHOD *method = SSLv23_client_method();
SSL_CTX *ctx = SSL_CTX_new(method);
if (ctx == NULL)
{
printf("Error initializing SSL context.\n");
return 0;
}
SSL *ssl = SSL_new(ctx);
//Create socket descriptor
int sd = 0;
//Create hints for connection
struct addrinfo hints;
memset(&hints, 0, sizeof(hints));
hints.ai_family = AF_UNSPEC;//Can be both IPv4 or IPv6
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
struct addrinfo * result;
//Get address info, this could potentially return multiple
int err = getaddrinfo("api.okcoin.com", "9880", &hints, &result);
if (err != 0)
{
printf("Could not get addr info.\n");
return 0;
}
//Try connecting to any of the returned addresses
struct addrinfo * res;
for (res = result; res != NULL; res = res->ai_next)
{
sd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
if (sd == -1)
{
printf("Could not connect to host.\n");
return 0;
}
if (connect(sd, res->ai_addr, res->ai_addrlen) == 0)
{
//Socket is now connected, free addrinfo results
freeaddrinfo(result);
//Assign socket descriptor to SSL
if (SSL_set_fd(ssl, sd) == 0)
{
printf("Could not assign socket descriptor.\n");
return 0;
}
//Begin SSL-handshake
if(SSL_connect(ssl) == 0)
{
printf("Could not perform handshake.\n");
return 0;
}
break;
}
}
//Could not connect socket, free addrinfo results and return error
if (res == NULL)
{
printf("Could no connect to to any host.\n");
freeaddrinfo(result);
return 0;
}
printf("Connected.\n");
SSL_write(ssl, "HELLO\x01", 6);
char * m = malloc(8192);
SSL_read(ssl, m, 8192);
答案 0 :(得分:1)
由于没有错误检查,您无法知道SSL_write()是否成功,更不用说SSL_read()阻止的原因了。你不能在任何时候编写这样的代码,更不用说在处理网络或SSL时了。
I 使用等效的Java程序获得的是不受信任的服务器证书错误。当我修复它时,我在60秒后得到读取超时。
我的结论是,您的代码不是错误的,而是请求格式。