18,356
社区成员
发帖
与我相关
我的任务
分享[紧急求助]使用openssl遇到的奇怪问题
WSADATA wsa;
WSAStartup(MAKEWORD(1, 1), &wsa);
SSL_library_init();
SSL_CTX* ctx = SSL_CTX_new(SSLv23_method());
SSL* ssl = SSL_new(ctx);
SOCKET s = socket(AF_INET, SOCK_STREAM, 0);
SOCKADDR_IN sin;
memset(&sin, 0, sizeof(sin));
hostent* host = gethostbyname("localhost");
sin.sin_addr.s_addr = ((LPIN_ADDR)host->h_addr)->s_addr;
sin.sin_family = AF_INET;
sin.sin_port = htons(21);
u_long arg = 1;
ioctlsocket(s, FIONBIO, &arg);
int ret = connect(s, (const sockaddr*)&sin, sizeof(sin));
if (ret != 0)
{
if (WSAGetLastError() != WSAEWOULDBLOCK)
return;
}
SSL_set_fd(ssl, s);
SSL_set_connect_state(ssl);
ret = SSL_connect(ssl);
if (ret <= 0)
return;
char buf[1024] = { 0 };
ret = SSL_read(ssl, buf, sizeof(buf));
printf(buf);
strcpy(buf, "USER anonymous\r\n");
SSL_write(ssl, buf, strlen(buf));
memset(buf, 0, sizeof(buf));
SSL_read(ssl, buf, sizeof(buf));
printf(buf);
strcpy(buf, "PASS anonymous@the.net\r\n");
SSL_write(ssl, buf, strlen(buf));
memset(buf, 0, sizeof(buf));
SSL_read(ssl, buf, sizeof(buf));
printf(buf);
strcpy(buf, "PASV\r\n");
SSL_write(ssl, buf, strlen(buf));
memset(buf, 0, sizeof(buf));
SSL_read(ssl, buf, sizeof(buf));
printf(buf);
SOCKET sd = socket(AF_INET, SOCK_STREAM, 0);
arg = 1;
ioctlsocket(sd, FIONBIO, &arg);
char* f = strstr(buf, "(");
int a1, a2, a3, a4, p1, p2;
sscanf(f, "(%u,%u,%u,%u,%u,%u)", &a1, &a2, &a3, &a4, &p1, &p2);
u_short port = p1 * 256 + p2;
sin.sin_port = htons(port);
ret = connect(sd, (const sockaddr*)&sin, sizeof(sin));
if (ret != 0)
{
if (WSAGetLastError() != WSAEWOULDBLOCK)
return;
}
SSL* sl = SSL_new(ctx);
SSL_set_fd(sl, sd);
SSL_set_connect_state(sl);
ret = SSL_connect(sl); // <------------------------- 问题
if (ret <= 0)
return;
上面是简单的FTP客户端连接过程, 问题是使用PASV模式创建了第二个socket,既数据socket后,socket可以成功连接到服务器的数据端口,但是进行ssl连接的时候总是无法成功,如果使用non-blocking模式,则马上返回.如果使用blocking模式,在等待一阵后也未能成功.请问做何解释?如何解决?
WSAStartup(MAKEWORD(1, 1), &wsa);
SSL_library_init();
SSL_CTX* ctx = SSL_CTX_new(SSLv23_method());
SSL* ssl = SSL_new(ctx);
SOCKET s = socket(AF_INET, SOCK_STREAM, 0);
SOCKADDR_IN sin;
memset(&sin, 0, sizeof(sin));
hostent* host = gethostbyname("localhost");
sin.sin_addr.s_addr = ((LPIN_ADDR)host->h_addr)->s_addr;
sin.sin_family = AF_INET;
sin.sin_port = htons(21);
u_long arg = 1;
ioctlsocket(s, FIONBIO, &arg);
int ret = connect(s, (const sockaddr*)&sin, sizeof(sin));
if (ret != 0)
{
if (WSAGetLastError() != WSAEWOULDBLOCK)
return;
}
SSL_set_fd(ssl, s);
SSL_set_connect_state(ssl);
ret = SSL_connect(ssl);
if (ret <= 0)
return;
char buf[1024] = { 0 };
ret = SSL_read(ssl, buf, sizeof(buf));
printf(buf);
strcpy(buf, "USER anonymous\r\n");
SSL_write(ssl, buf, strlen(buf));
memset(buf, 0, sizeof(buf));
SSL_read(ssl, buf, sizeof(buf));
printf(buf);
strcpy(buf, "PASS anonymous@the.net\r\n");
SSL_write(ssl, buf, strlen(buf));
memset(buf, 0, sizeof(buf));
SSL_read(ssl, buf, sizeof(buf));
printf(buf);
strcpy(buf, "PASV\r\n");
SSL_write(ssl, buf, strlen(buf));
memset(buf, 0, sizeof(buf));
SSL_read(ssl, buf, sizeof(buf));
printf(buf);
SOCKET sd = socket(AF_INET, SOCK_STREAM, 0);
arg = 1;
ioctlsocket(sd, FIONBIO, &arg);
char* f = strstr(buf, "(");
int a1, a2, a3, a4, p1, p2;
sscanf(f, "(%u,%u,%u,%u,%u,%u)", &a1, &a2, &a3, &a4, &p1, &p2);
u_short port = p1 * 256 + p2;
sin.sin_port = htons(port);
ret = connect(sd, (const sockaddr*)&sin, sizeof(sin));
if (ret != 0)
{
if (WSAGetLastError() != WSAEWOULDBLOCK)
return;
}
SSL* sl = SSL_new(ctx);
SSL_set_fd(sl, sd);
SSL_set_connect_state(sl);
ret = SSL_connect(sl); // <------------------------- 问题
if (ret <= 0)
return;
上面是简单的FTP客户端连接过程, 问题是使用PASV模式创建了第二个socket,既数据socket后,socket可以成功连接到服务器的数据端口,但是进行ssl连接的时候总是无法成功,如果使用non-blocking模式,则马上返回.如果使用blocking模式,在等待一阵后也未能成功.请问做何解释?如何解决?
...全文
请发表友善的回复…
发表回复
zblaoshu1979 2006-03-05
- 打赏
- 举报
到
http://www.infosecurity.org.cn/forum/forum.html
去问问webmaster
http://www.infosecurity.org.cn/forum/forum.html
去问问webmaster
snlux 2006-03-04
- 打赏
- 举报
顶一顶
zephyr007 2006-03-04
- 打赏
- 举报
记得ssl要使用密钥文件,不知你配过没有
snlux 2006-03-04
- 打赏
- 举报
使用密钥文件结果相同
danielzhu 2006-03-04
- 打赏
- 举报
学习
