OpenSSL SSL_read malfunction
Question
I'm trying to write a c++ application connecting to a server with OpenSSL. I can send data, that arrives undamaged to the server, but the read operation reads just 1 byte.
The code :
char* dest_url = "147.87.116.74";
X509 *cert = NULL;
X509_name_st *certname = NULL;
const SSL_METHOD *method;
SSL_CTX *ctx;
SSL *ssl;
int server = 0;
int ret, i;
/* ---------------------------------------------------------- *
* These function calls initialize openssl for correct work. *
* ---------------------------------------------------------- */
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
ERR_load_crypto_strings();
SSL_load_error_strings();
/* ---------------------------------------------------------- *
* initialize SSL library and register algorithms *
* ---------------------------------------------------------- */
SSL_library_init();
/* ---------------------------------------------------------- *
* Set SSLv2 client hello, also announce SSLv3 and TLSv1 *
* ---------------------------------------------------------- */
method = TLSv1_2_client_method();
/* ---------------------------------------------------------- *
* Try to create a new SSL context *
* ---------------------------------------------------------- */
ctx = SSL_CTX_new(method);
/* ---------------------------------------------------------- *
* SSL certificate checking AND MY STUFF
* thanks guys http://h71000.www7.hp.com/doc/83final/ba554_90007/ch05s03.html
* ---------------------------------------------------------- */
SSL_CTX_load_verify_locations(ctx, "ca.crt", nullptr);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
SSL_CTX_set_verify_depth(ctx, 1);
/* ---------------------------------------------------------- *
* Create new SSL connection state object *
* ---------------------------------------------------------- */
ssl = SSL_new(ctx);
/* ---------------------------------------------------------- *
* Make the underlying TCP socket connection *
* ---------------------------------------------------------- */
server = create_socket(dest_url);
/* ---------------------------------------------------------- *
* Attach the SSL session to the socket descriptor *
* ---------------------------------------------------------- */
SSL_set_fd(ssl, server);
/* ---------------------------------------------------------- *
* Try to SSL-connect here, returns 1 for success *
* ---------------------------------------------------------- */
SSL_connect(ssl);
/* ---------------------------------------------------------- *
* send some text *
* -----------------------------------------------------------*/
char* tSend = "testdata";
int sendSize = strlen(tSend);
int net_tSend = htonl(sendSize);
SSL_write(ssl, &net_tSend, 4);
SSL_write(ssl, tSend, sendSize);
long size = 0L;
int bytesread = SSL_read(ssl, &size, 4);
My questions : Is is imperative to use a BIO object ? Why is the read() function reading just 1 byte ? How can i retrieve/read errors ?
1 answers
solution1
2 ACCPTED 2016-04-25 17:50:17
The number of bytes read is arbitrary. If you know exactly how many bytes you should receive, you can use a function that reads exactly that number.
This function is a drop in replacement for SSL_read that always reads exactly the number of bytes specified unless there is an error. It returns <0 on error (call SSL_get_error ). It returns 0 if the connection is shut down. On success, it returns the number of bytes read, which will always be the same as the number asked for.
int SSL_read_all(SSL *ssl, void* buf, int num)
{
char* ptr = reinterpret_cast<char*>(buf);
int read_bytes = 0;
while (read_bytes < num)
{
int r = SSL_read(ssl, ptr + read_bytes, num - read_bytes);
if (r <= 0)
return r;
read_bytes += r;
}
return read_bytes;
}
You do not need to use a BIO explicitly if OpenSSL is talking directly to the socket.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.