Exemplos de update_ssl_cert_data em C++ (Cpp)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: ssl.c Projeto: bruce2008github/monit

/**
 * Embeds a socket in a ssl connection.
 * @param socket the socket to be used.
 * @return The ssl connection or NULL if an error occured.
 */
int embed_ssl_socket(ssl_connection *ssl, int socket) {
  int ssl_error;
  time_t ssl_time;
  
  if (!ssl)
    return FALSE;
  
  if (!ssl_initialized)
    start_ssl();

  if (socket >= 0) {
    ssl->socket = socket;
  } else {
    LogError("%s: Socket error!\n", prog);
    goto sslerror;
  }

  if ((ssl->handler = SSL_new (ssl->ctx)) == NULL) {
    LogError("%s: Cannot initialize the SSL handler -- %s\n", prog, SSLERROR);
    goto sslerror;
  }

  set_noblock(ssl->socket);

  if ((ssl->socket_bio = BIO_new_socket(ssl->socket, BIO_NOCLOSE)) == NULL) {
    LogError("%s: Cannot generate IO buffer -- %s\n", prog, SSLERROR);
    goto sslerror;
  }

  SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio);
  ssl_time = time(NULL);

  while ((ssl_error = SSL_connect (ssl->handler)) < 0) {
    if ((time(NULL) - ssl_time) > SSL_TIMEOUT) {
      LogError("%s: SSL service timeout!\n", prog);
      goto sslerror;
    }

    if (!handle_error(ssl_error, ssl))
      goto sslerror;

    if (!BIO_should_retry(ssl->socket_bio))
      goto sslerror;
  }

  ssl->cipher = (char *) SSL_get_cipher(ssl->handler);

  if (! update_ssl_cert_data(ssl)) {
    LogError("%s: Cannot get the SSL server certificate!\n", prog);
    goto sslerror;
  }

  return TRUE;

sslerror:
  cleanup_ssl_socket(ssl);
  return FALSE;
}

Exemplo n.º 2

0

Exibir arquivo

Arquivo: ssl.c Projeto: bruce2008github/monit

/**
 * Embeds an accepted server socket in an existing ssl connection.
 * @param ssl ssl connection
 * @param socket the socket to be used.
 * @return TRUE, or FALSE if an error has occured.
 */
int embed_accepted_ssl_socket(ssl_connection *ssl, int socket) {
  int ssl_error;
  time_t ssl_time;

  ASSERT(ssl);
  
  ssl->socket = socket;

  if (!ssl_initialized)
    start_ssl();

  if (!(ssl->handler = SSL_new(ssl->ctx))) { 
    LogError("%s: Cannot initialize the SSL handler -- %s\n", prog, SSLERROR);
    return FALSE;
  } 

  if (socket < 0) {
    LogError("%s: Socket error!\n", prog);
    return FALSE;
  }

  set_noblock(ssl->socket);

  if (!(ssl->socket_bio = BIO_new_socket(ssl->socket, BIO_NOCLOSE))) {
    LogError("%s: Cannot generate IO buffer -- %s\n", prog, SSLERROR);
    return FALSE;
  }

  SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio);

  ssl_time = time(NULL);
  
  while ((ssl_error = SSL_accept(ssl->handler)) < 0) {

    if ((time(NULL) - ssl_time) > SSL_TIMEOUT) {
      LogError("%s: SSL service timeout!\n", prog);
      return FALSE;
    }

    if (!handle_error(ssl_error, ssl))
      return FALSE;

    if (!BIO_should_retry(ssl->socket_bio))
      return FALSE;

  }

  ssl->cipher = (char *)SSL_get_cipher(ssl->handler);

  if (!update_ssl_cert_data(ssl) && ssl->clientpemfile) {
    LogError("%s: The client did not supply a required client certificate!\n",
	  prog);
    return FALSE;
  }

  if (SSL_get_verify_result(ssl->handler) > 0) {
    LogError("%s: Verification of the certificate has failed!\n", prog);
    return FALSE;
  }

  return TRUE;
}

Exemplo n.º 3

0

Exibir arquivo

Arquivo: ssl.c Projeto: jiejiuzhang1579/nicad

/**
 * Embeds an accepted server socket in an existing ssl connection.
 * @param ssl ssl connection
 * @param socket the socket to be used.
 * @return TRUE, or FALSE if an error has occured.
 */
int embed_accepted_ssl_socket(ssl_connection *ssl, int socket) {

#ifdef HAVE_OPENSSL

    int ssl_error;
    time_t ssl_time;

    ASSERT(ssl);

    ssl->socket=socket;

    if(!ssl_initilized) {

        start_ssl();

    }

    if((ssl->handler= SSL_new(ssl->ctx)) == NULL) {

        handle_ssl_error("embed_accepted_ssl_socket()");
        log("%s: embed_accepted_ssl_socket(): Cannot initialize the"
            " SSL handler!\n", prog);
        goto sslerror;

    }

    if(socket < 0) {

        log("Socket error!\n");
        goto sslerror;

    }

    set_noblock(ssl->socket);

    if((ssl->socket_bio= BIO_new_socket(ssl->socket, BIO_NOCLOSE)) == NULL) {

        handle_ssl_error("embed_accepted_ssl_socket()");
        log("%s: embed_accepted_ssl_socket(): Cannot generate IO buffer!\n",
            prog);
        goto sslerror;

    }

    SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio);

    ssl_time= time(NULL);

    while((ssl_error= SSL_accept(ssl->handler)) < 0) {

        if((time(NULL)-ssl_time) > SSL_TIMEOUT) {

            log("%s: embed_accepted_ssl_socket(): SSL service timeout!\n",
                prog);
            goto sslerror;

        }

        if (!handle_connection_error(ssl_error, ssl,
                                     "embed_accepted_ssl_socket()", SSL_TIMEOUT)) {

            goto sslerror;

        }

        if (!BIO_should_retry(ssl->socket_bio)) {

            goto sslerror;

        }

    }

    ssl->cipher= (char *) SSL_get_cipher(ssl->handler);

    if(!update_ssl_cert_data(ssl) && (ssl->clientpemfile != NULL)) {

        log("%s: The client did not supply a required client certificate!\n",
            prog);
        goto sslerror;

    }

    if (SSL_get_verify_result(ssl->handler)>0) {

        log("%s: Verification of the certificate has failed!\n",
            prog);
        goto sslerror;

    }

    return TRUE;

sslerror:

    return FALSE;

#else

    return FALSE;

#endif

}

Exemplo n.º 4

0

Exibir arquivo

Arquivo: ssl.c Projeto: jiejiuzhang1579/nicad

/**
 * Embeds a socket in a ssl connection.
 * @param socket the socket to be used.
 * @return The ssl connection or NULL if an error occured.
 */
int embed_ssl_socket (ssl_connection *ssl, int socket) {

#ifdef HAVE_OPENSSL

    int ssl_error;
    time_t ssl_time;

    if ( ssl == NULL ) {

        return FALSE;

    }

    if (!ssl_initilized) {

        start_ssl();

    }

    if ( socket >= 0 ) {

        ssl->socket= socket;

    } else {

        log("%s: embed_ssl_socket (): Socket error!\n", prog);
        goto sslerror;
    }

    if ((ssl->handler= SSL_new (ssl->ctx)) == NULL ) {

        handle_ssl_error("embed_ssl_socket()");
        log("%s: embed_ssl_socket (): Cannot initialize the SSL handler!\n",
            prog);
        goto sslerror;

    }

    set_noblock(ssl->socket);

    if((ssl->socket_bio= BIO_new_socket(ssl->socket, BIO_NOCLOSE)) == NULL) {

        handle_ssl_error("embed_ssl_socket()");
        log("%s: embed_ssl_socket (): Cannot generate IO buffer!\n", prog);
        goto sslerror;

    }

    SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio);

    ssl_time=time(NULL);

    while((ssl_error= SSL_connect (ssl->handler)) < 0) {

        if((time(NULL)-ssl_time) > SSL_TIMEOUT) {

            log("%s: embed_ssl_socket (): SSL service timeout!\n",
                prog);
            goto sslerror;

        }

        if (!handle_connection_error(ssl_error, ssl, "embed_ssl_socket()", SSL_TIMEOUT)) {

            goto sslerror;

        }

        if (!BIO_should_retry(ssl->socket_bio)) {

            goto sslerror;

        }


    }

    ssl->cipher= (char *) SSL_get_cipher(ssl->handler);

    if (! update_ssl_cert_data(ssl)) {

        log("%s: embed_ssl_socket (): Cannot get the SSL server certificate!\n",
            prog);
        goto sslerror;

    }

    return TRUE;

sslerror:

    cleanup_ssl_socket(ssl);
    return FALSE;

#else

    return FALSE;

#endif
}

Exemplo n.º 5

0

Exibir arquivo

Arquivo: ssl.c Projeto: AsydSolutions/monit

/**
 * Embeds a socket in a ssl connection.
 * @param socket the socket to be used.
 * @return The ssl connection or NULL if an error occured.
 */
int embed_ssl_socket(ssl_connection *ssl, int socket) {
        int ssl_error;
        time_t ssl_time;

        if (!ssl)
                return FALSE;

        if (!ssl_initialized)
                start_ssl();

        if (socket >= 0) {
                ssl->socket = socket;
        } else {
                LogError("SSL socket error\n");
                goto sslerror;
        }

        if ((ssl->handler = SSL_new (ssl->ctx)) == NULL) {
                LogError("Cannot initialize the SSL handler -- %s\n", SSLERROR);
                goto sslerror;
        }

        if (SSL_CTX_set_cipher_list(ssl->ctx, CIPHER_LIST) != 1) {
                LogError("Error setting cipher list '%s' (no valid ciphers)\n", CIPHER_LIST);
                goto sslerror;
        }

        Net_setNonBlocking(ssl->socket);

        if ((ssl->socket_bio = BIO_new_socket(ssl->socket, BIO_NOCLOSE)) == NULL) {
                LogError("Cannot create IO buffer -- %s\n", SSLERROR);
                goto sslerror;
        }

        SSL_set_bio(ssl->handler, ssl->socket_bio, ssl->socket_bio);
        ssl_time = time(NULL);

        while ((ssl_error = SSL_connect (ssl->handler)) < 0) {
                if ((time(NULL) - ssl_time) > SSL_TIMEOUT) {
                        LogError("SSL service timeout\n");
                        goto sslerror;
                }

                if (!handle_error(ssl_error, ssl))
                        goto sslerror;

                if (!BIO_should_retry(ssl->socket_bio))
                        goto sslerror;
        }

        ssl->cipher = (char *) SSL_get_cipher(ssl->handler);

        if (! update_ssl_cert_data(ssl)) {
                LogError("Cannot get the SSL server certificate\n");
                goto sslerror;
        }

        return TRUE;

sslerror:
        cleanup_ssl_socket(ssl);
        return FALSE;
}