苹果安全运输代码错误

Question

I have the following code of Apple Security API initialisation: 我有以下Apple Security API初始化代码：

    OSStatus status = noErr;
    sslContext = SSLCreateContext(kCFAllocatorDefault, kSSLClientSide, kSSLStreamType);
    if (sslContext == nullptr)
    {
        throw std::runtime_error("cannot create ssl context");
    }

    status = SSLSetIOFuncs(sslContext, socketRead, socketWrite);
    if (status != noErr)
    {
        throw std::runtime_error("cannot set ssl io functions");
    }

    status = SSLSetConnection(sslContext, reinterpret_cast<void*>(&handle));
    if (status != noErr)
    {
        throw std::runtime_error("cannot set ssl connections");
    }

    status = SSLSetPeerDomainName(sslContext, address.c_str(), address.length());
    if (status != noErr)
    {
        throw std::runtime_error("cannot set ssl peer domain name");
    }

    status = SSLSetSessionOption(sslContext, kSSLSessionOptionBreakOnServerAuth, true);
    if (status != noErr)
    {
        throw std::runtime_error("cannot set ssl options");
    }

    status = SSLHandshake(sslContext);
    if (status != noErr)
    {
        throw std::runtime_error("cannot perform ssl handshake");
    }

On this line: 在这行上：

status = SSLHandshake(sslContext);

my SSLWriteFunc callback is called. 我的SSLWriteFunc回调被调用。 It tries to send 174 bytes (I didn't mean to send it) via SSLWrite but it fails anyway. 它尝试通过SSLWrite发送174个字节（我不是要发送），但是还是失败了。 But in documentation about SSLHandshake it is written "On successful return, the session is ready for normal secure communication using the functions SSLRead( : : : :) and SSLWrite( : : : :).". 但在大约SSLHandshake它被写入文件“在成功返回时，会话已准备好使用功能SSLRead（正常安全通信：：：:)和SSLWrite（：：：:)”。 So in my case there was no return from this method and then my SSLWriteFunc suddenly tried to send data via SSLWrite. 因此，在我的情况下，此方法没有返回值，然后我的SSLWriteFunc突然尝试通过SSLWrite发送数据。 I just don't understand what I'm doing wrong. 我只是不明白我在做什么错。 Please guys help me. 请大家帮我。

Answer 1

SSLRead() and SSLWrite() should be called from your application code, not from inside the SSLReadFunc and SSLWriteFunc callbacks. SSLRead()和SSLWrite()应该从您的应用程序代码中调用，而不是从SSLReadFunc和SSLWriteFunc回调内部调用。

In the SSLReadFunc and SSLWriteFunc callbacks, SecureTransport is asking you to receive/send data from your socket (which you set using SSLSetConnection ). 在SSLReadFunc和SSLWriteFunc回调中，SecureTransport要求您从套接字（使用SSLSetConnection设置）中接收/发送数据。 So in SSLWriteFunc , you are being given encrypted data to send out over your socket. 因此，在SSLWriteFunc ，将为您提供加密数据，以通过套接字发送出去。 Your implementation of SSLWriteFunc should look something like: SSLWriteFunc实现应类似于：

OSStatus mySSLWriteFunc(SSLConnectionRef connection, const void *data, size_t *dataLength)
{
    int *handle;
    SSLGetConnection(connection, &handle);
    size_t result = write(*handle, data, *dataLength);
    if (result == -1)
    {
        if ((errno == EAGAIN) || (errno == EWOULDBLOCK))
            return errSSLWouldBlock;
        else
            // fill this in
    }
    else
    {
        *dataLength = result;
    }
    return noErr;
}

You'll want to add additional error handling to that (in case the socket closes, etc) but that should be the basic structure. 您将要对此添加其他错误处理（以防套接字关闭等），但这应该是基本结构。

苹果安全运输代码错误

问题描述

1 个解决方案

解决方案1
0 2017-02-09 17:51:06

苹果安全运输代码错误

问题描述

1 个解决方案

解决方案1 0 2017-02-09 17:51:06

解决方案1
0 2017-02-09 17:51:06