openssl 连接 https(nginx)

 参考源码路径  demos\ssl

#include <stdio.h>  
#include <string.h>  
#include <stdlib.h> 
#include <Winsock2.h>

#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/err.h>


#pragma comment(lib, "ws2_32.lib")
#pragma comment(lib, "libeay32.lib")  
#pragma comment(lib, "ssleay32.lib") 

#define  HTTP_REQUEST "GET /index.html HTTP/1.1\r\nHost: 172.28.250.184:1443\r\nUser-Agent: Mozilla/5.0 (Windows NT 5.1; rv:30.0) Gecko/20100101 Firefox/30.0\r\n\r\n"

int main()
{
	WORD wVersionRequested;
	WSADATA wsaData;
	int err;
	wVersionRequested = MAKEWORD( 1, 1 );


	SSL_CTX* ctx;
	SSL*     ssl;
	X509*    server_cert;
	const SSL_METHOD *meth;
	

	int ret;
	char *info;

	
	SSLeay_add_ssl_algorithms();//初始化
	SSL_load_error_strings();//错误信息初始化
	//meth = SSLv2_client_method(); 用这个协议连接nginx的时候  SSL_connect 返回 -1 并且没有任何错误打印出来。
	meth = TLSv1_client_method();//指定协议
	
	ctx = SSL_CTX_new (meth);
	
	err = WSAStartup( wVersionRequested, &wsaData );
	if ( err != 0 ) {
		return 0;
	}
	
	if ( LOBYTE( wsaData.wVersion ) != 1 ||
        HIBYTE( wsaData.wVersion ) != 1 ) {
		WSACleanup( );
		return 0; 
	}
	SOCKET sockClient=socket(AF_INET,SOCK_STREAM,0);
	
	SOCKADDR_IN addrSrv;
	addrSrv.sin_addr.S_un.S_addr=inet_addr("172.28.250.184");
	addrSrv.sin_family=AF_INET;
	addrSrv.sin_port=htons(1443);
	ret=connect(sockClient,(SOCKADDR*)&addrSrv,sizeof(SOCKADDR));

	ssl = SSL_new (ctx);
	ret = SSL_set_fd (ssl, sockClient);
	ret = SSL_connect (ssl);
	if(ret == -1){
		ERR_print_errors_fp(stderr);
		return -1;
	}
	//成功连接后的服务器证书信息
	printf ("使用的加密算法 %s\n", SSL_get_cipher (ssl));
	server_cert = SSL_get_peer_certificate (ssl);
	info = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
	printf ("Server certificate: subject: %s\n", info);
	if(!info) free(info);
	info = X509_NAME_oneline (X509_get_issuer_name  (server_cert),0,0);
	printf ("Server certificate: issuer: %s\n", info);
	if(!info) free(info);
	X509_free (server_cert);
	

	//数据传输
	ret = SSL_write (ssl, HTTP_REQUEST, strlen(HTTP_REQUEST));
	char buf[1500];
	memset(buf,0,sizeof(buf));
	ret = SSL_read (ssl, buf, 1500);
	printf("%s",buf);
	SSL_shutdown (ssl);
	shutdown (sockClient,2);
	SSL_free (ssl);
	SSL_CTX_free (ctx);
	
	closesocket(sockClient);
	WSACleanup();
	return 0;
}

 

posted on 2017-12-07 11:05  阮減显  阅读(332)  评论(0)    收藏  举报

导航