我要使用HTTPS上的OpenSSL连接到google,但无论如何我都不会收到错误5访问被拒绝的信息。如果有人可以帮助您。这段代码不断失败,我需要知道我在做什么错。
#include <iostream>
#include <fstream>
#include <string>
#include <WinSock2.h>
#include <WS2tcpip.h>
#include <Windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <Ws2def.h>
#include <windows.h>
#include <ntsecapi.h>
#include <security.h>
#include <sspi.h>
#include <schnlsp.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/bio.h>
#pragma comment(lib, "Ws2_32.lib")
#pragma comment(lib, "IPHLPAPI.lib")
#pragma comment(lib, "crypt32.lib")
#pragma comment(lib, "user32.lib")
#pragma comment(lib, "MSVCRTD.lib")
#pragma comment(lib, "Secur32.lib")
#pragma comment(lib, "libssl.lib")
#pragma comment(lib, "libcrypto.lib")
#define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x))
#define FREE(x) HeapFree(GetProcessHeap(), 0, (x))
struct REQHEADER {
char *Request;
char *Location;
char *Version;};
using namespace std;
class HTTPSSERVER {
public:
WSADATA wsaData = { 0 };
struct addrinfo *result = NULL;
struct addrinfo *ptr = NULL;
struct addrinfo hints;
struct sockaddr_in *sockaddr_ipv4;
struct sockaddr_in6 *sockaddr_ipv6;
SOCKET ListenSocket;
SOCKET ClientSocket;
char HOSTNAME[512];
char HOSTPORT[512];
DWORD dwRetVal;
char *Status;
SECURITY_STATUS SecStatus;
TimeStamp Lifetime;
CredHandle hCred;
SCHANNEL_CRED credData;
PCredHandle ppClientCred;
PCCERT_CONTEXT serverCert; // server-side certificate
HCERTSTORE hMyCertStore = NULL;
PCCERT_CONTEXT aCertContext = NULL;
SSL_CTX *sslctx;
SSL *ssl;
const SSL_METHOD *method;
HTTPSSERVER(void) {
int iResult;
dwRetVal = 0;
// Initialize Winsock
iResult = WSAStartup(MAKEWORD(2, 2), &wsaData);
if (iResult != 0) {
Status = (char*)"WSAStartup failed";
}
// Init SSL
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
我在这里使用了每种方法,但是我仍然没有连接。
// create context
method = TLSv1_2_client_method();
//method = SSLv23_client_method();
sslctx = SSL_CTX_new(method);
if (!sslctx) {
perror("Unable to create SSL context");
ERR_print_errors_fp(stderr);
}
//SSL_CTX_set_options(sslctx, SSL_OP_NO_SSLv2);
/* Cannot fail ??? */
SSL_CTX_set_verify(sslctx, SSL_VERIFY_PEER, NULL);
/* Cannot fail ??? */
SSL_CTX_set_verify_depth(sslctx, 4);
/* Cannot fail ??? */
const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
SSL_CTX_set_options(sslctx, flags);
};
~HTTPSSERVER(void) {
int iResult;
// shutdown the send half of the connection since no more data will be sent
iResult = shutdown(ClientSocket, SD_SEND);
if (iResult == SOCKET_ERROR) {
printf("shutdown failed: %d\n", WSAGetLastError());
closesocket(ClientSocket);
freeaddrinfo(result);
closesocket(ListenSocket);
WSACleanup();
}
EVP_cleanup();
}
void Connect(char *Location) {
int iResult;
//--------------------------------
// Setup the hints address info structure
// which is passed to the getaddrinfo() function
ZeroMemory(&hints, sizeof(hints));
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
// hints.ai_flags = AI_PASSIVE;
socklen_t socklen = sizeof(hints);
dwRetVal = getaddrinfo(Location, "443", &hints, &result);
if (dwRetVal != 0) {
Status = (char*)"getaddrinfo failed with error";
WSACleanup();
}
ClientSocket = INVALID_SOCKET;
ClientSocket = socket(result->ai_family, result->ai_socktype, result->ai_protocol);
char str_buffer[128];
for (ptr = result; ptr != NULL; ptr = ptr->ai_next) {
switch (ptr->ai_family) {
case AF_UNSPEC:
//printf("Unspecified\n");
break;
case AF_INET:
//printf("AF_INET (IPv4)\n");
sockaddr_ipv4 = (struct sockaddr_in *) ptr->ai_addr;
inet_ntop(ptr->ai_family, &(sockaddr_ipv4->sin_addr), str_buffer, INET_ADDRSTRLEN);
printf("Host Address: %s\n", str_buffer);
break;
case AF_INET6:
//printf("AF_INET6 (IPv6)\n");
sockaddr_ipv6 = (struct sockaddr_in6 *) ptr->ai_addr;
inet_ntop(ptr->ai_family, &(sockaddr_ipv6->sin6_addr), str_buffer, INET6_ADDRSTRLEN);
printf("Host Address: %s\n", str_buffer);
break;
}
套接字似乎在这里连接。
iResult = connect(ClientSocket, ptr->ai_addr, (int)ptr->ai_addrlen);
if (iResult == SOCKET_ERROR) {
closesocket(ClientSocket);
ClientSocket = INVALID_SOCKET;
}
}
ssl = SSL_new(sslctx);
int sock = SSL_get_fd(ssl);
int fdrst = SSL_set_fd(ssl,(int) ClientSocket);
这是一切都崩溃的地方,错误始终为-1,但没有错误返回。
int err = SSL_connect(ssl);
if (err != 1) {
printf("%s\n",ERR_error_string(ERR_get_error(), NULL));
printf("Failed to conect: %x", SSL_get_error(ssl, err));
}
}
};
int main()
{
char buffer[100000];
HTTPSSERVER Test;
Test.Connect((char*)"www.google.com");
char request[69] = "GET / HTTP/1.1\r\nHost: DESKTOP-3JDR0HQ\r\nConnection: close\r\n\r\n";
SSL_write(Test.ssl, request, sizeof(request));
int len = SSL_read(Test.ssl, buffer, 1000);
cout << buffer << endl;
}