支持SSL的封装类--CAsyncSslSocketLayer
2007-09-07 15:47
246 查看
Introduction
CAsyncSslSocketLayeris a layer class for
CAsyncSocketExwhich allows you to establish SSL secured connections to servers.
For information about
CAsyncSocketExand the layer system in general, please read my CAsyncSocketEx article.
How to use
Using this class is really simple. In the easiest case, just add an instance ofCAsyncSslSocketLayerto your socket and call
InitClientSslafter creation of the socket.
This class only has three new public functions:
InitClientSsl();
This functions establishes an SSL connection to the server. You can call it at any time once the socket has been created. Most likely you want to call this function right after calling
Createfor the socket. But sometimes, you'll need to call this function later. One example is for an FTP connection with explicit SSL: In this case you would have to call
InitClientSslafter receiving the reply to an
AUTH SSLcommand.
UsingSSL();
Returns true if you've previously called
InitClientSsl()
SetNotifyReply(int nID, int nCode, int result);
You can call this function only after receiving a layer specific callback with the
SSL_VERIFY_CERTID. See below for details.
This layer sends some layer specific notifications to your socket instance, you can handle them in
OnLayerCallbackof your socket class. Valid notification IDs are:
SSL_INFO0
There are two possible values for
param2:
SSL_INFO_ESTABLISHED0 - You'll get this notification if the SSL negotiation was successful.
SSL_INFO_SHUTDOWNCOMPLETE1 - You'll get this notification if the SSL connection has been shut down successfully. See below for details.
SSL_FAILURE1
This notification is sent if the SSL connection could not be established or if an existing connection failed. Valid values for
param2are:
SSL_FAILURE_UNKNOWN0 - Details may have been sent with a
SSL_VERBOSE_WARNINGor
SSL_VERBOSE_INFOnotification.
SSL_FAILURE_ESTABLISH1 - Problem during SSL negotiation
SSL_FAILURE_LOADDLLS2
SSL_FAILURE_INITSSL4
SSL_FAILURE_VERIFYCERT8 - The remote SSL certificate was invalid
SSL_VERBOSE_WARNING3
SSL_VERBOSE_INFO4
These two notifications contain some additional information. The value given by
param2is a pointer to a null-terminated character string (
char *) with some useful information.
SSL_VERIFY_CERT2
This notification is sent each time a remote certificate has to be verified.
param2is a pointer to a
t_SslCertDatastructure which contains some information about the remote certificate. Return 1 if you trust the certificate and 0 if you don't trust it. If you're unsure so that the user has to choose to trust the certificate, return 2. In this case, you have to call
SetNotifyReplylater to resume the SSL connection.
nIDhas to be the
priv_dataelement of the
t_SslCertDatastructure and
nCodehas to be
SSL_VERIFY_CERT. Set
nActionto 1 if you trust the certificate and 0 if you don't trust it.
Be careful with closing the connection after sending data, not all data may have been sent already. Before closing the connection, you should call
Shutdown()and wait for the
SSL_INFO_SHUTDOWNCOMPLETEnotification. This assures that all encrypted data really has been sent.
相关文章推荐
- 支持SSL的封装类--CAsyncSocketEx
- javamail发邮件封装(支持SSL)
- SSL及國際安全標的Secure Socket Layer 電子安全機制SET兩種安全加密方式。
- 为 PHP 的 socket 启用 SSL 支持
- SSL(Secure Socket Layer) 介绍
- Apache Security-4 SSL(Security Socket Layer)
- SSL (Secure Socket Layer)
- Using the SAS® SDW fails with a Secure Socket Layer (SSL) in Weblogic10.3
- SSL (Secure Socket Layer)
- SSL (Secure Socket Layer)
- SSL(Secure socket layer)安全技术
- 新版python logging 封装,支持同时向console,file,socket输出
- SSL介绍(Secure socket Layer & Security Socket Layer)
- 基于boost asio实现的支持ssl的通用socket框架
- 安全套接层 Secure Socket Layer (SSL)
- 构造HttpClient三部曲之一:支持代理的Socket封装
- SSL (Secure Socket Layer)
- 基于boost asio实现的支持ssl的通用socket框架
- SSL (Secure Socket Layer)
- 基于boost asio实现的支持ssl的通用socket框架