这篇教程C++ tls_init函数代码示例写得很实用,希望能帮到您。
本文整理汇总了C++中tls_init函数的典型用法代码示例。如果您正苦于以下问题:C++ tls_init函数的具体用法?C++ tls_init怎么用?C++ tls_init使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。 在下文中一共展示了tls_init函数的30个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。 示例1: test_fingerprintstatic void test_fingerprint(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* both server & client with cert */ str_check(create_worker(&server, true, SERVER1, CA2, "peer-sha1=ssl/ca2_client2.crt.sha1", "peer-sha256=ssl/ca2_client2.crt.sha256", NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", "peer-sha1=ssl/ca1_server1.crt.sha1", "peer-sha256=ssl/ca1_server1.crt.sha256", NULL), "OK"); str_check(run_case(client, server), "OK"); /* client without cert */ str_check(create_worker(&server, true, SERVER1, CA1, "peer-sha1=ssl/ca2_client2.crt.sha1", "peer-sha256=ssl/ca2_client2.crt.sha256", NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "C:write!=3 - S:FP-sha1-fail");end:;}
开发者ID:greenplum-db,项目名称:libusual,代码行数:27,
示例2: mallocstruct eap_sm *eap_sm_init(void *eapol_ctx, struct eapol_callbacks *eapol_cb, void *msg_ctx, struct eap_config *conf){ struct eap_sm *sm; struct tls_config tlsconf; sm = malloc(sizeof(*sm)); if (sm == NULL) return NULL; memset(sm, 0, sizeof(*sm)); sm->eapol_ctx = eapol_ctx; sm->eapol_cb = eapol_cb; sm->msg_ctx = msg_ctx; sm->ClientTimeout = 60; memset(&tlsconf, 0, sizeof(tlsconf)); tlsconf.opensc_engine_path = conf->opensc_engine_path; tlsconf.pkcs11_engine_path = conf->pkcs11_engine_path; tlsconf.pkcs11_module_path = conf->pkcs11_module_path; sm->ssl_ctx = tls_init(&tlsconf); if (sm->ssl_ctx == NULL) { wpa_printf(MSG_WARNING, "SSL: Failed to initialize TLS " "context."); free(sm); return NULL; } return sm;}
开发者ID:vutukurikishore,项目名称:wpa_supplicant,代码行数:29,
示例3: test_verifystatic void test_verify(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* default: client checks server cert, succeeds */ str_check(create_worker(&server, true, SERVER1, NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK"); /* default: client checks server cert, fails due to bad ca */ str_check(create_worker(&server, true, SERVER1, NULL), "OK"); str_check(create_worker(&client, false, CA2, "host=example.com", NULL), "OK"); str_check(run_case(client, server), "C:certificate verify failed - S:tlsv1 alert unknown ca"); /* default: client checks server cert, fails due to bad hostname */ str_check(create_worker(&server, true, SERVER1, NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=example2.com", NULL), "OK"); str_check(run_case(client, server), "C:name `example2.com' not present in server certificate");#if 0 /* client: aggressive close */ str_check(create_worker(&server, true, SERVER1, NULL), "OK"); str_check(create_worker(&client, false, CA1, "aggressive-close=1", "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "S:bad pkt: res=-1 err=read failed: EOF,S:close error: res=-1 err=shutdown failed: Broken pipe"); /* server: aggressive close */ str_check(create_worker(&server, true, SERVER1, "aggressive-close=1", NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "C:write failed: Broken pipe,C:close error: res=-1 err=shutdown failed: Success");#endifend:;}
开发者ID:ifduyue,项目名称:libusual,代码行数:35,
示例4: connection_init_tlsvoidconnection_init_tls(){ tls_init(); CurrentConnectionState.TlsConfiguration = tls_config_new(); CurrentConnectionState.ServerContext = tls_server(); CurrentConnectionState.ClientContext = tls_client(); tls_config_set_key_file(CurrentConnectionState.TlsConfiguration, CurrentConnectionState.PrivateKey); tls_config_set_cert_file(CurrentConnectionState.TlsConfiguration, CurrentConnectionState.CertificateFile); tls_config_insecure_noverifycert(CurrentConnectionState.TlsConfiguration); if(tls_configure(CurrentConnectionState.ServerContext, CurrentConnectionState.TlsConfiguration) != 0) { printf("%s/n", tls_error(CurrentConnectionState.ServerContext)); } if(tls_configure(CurrentConnectionState.ClientContext, CurrentConnectionState.TlsConfiguration) != 0) { printf("%s/n", tls_error(CurrentConnectionState.ClientContext)); }}
开发者ID:cryogen,项目名称:oftc-ircd,代码行数:29,
示例5: mainint main(void){ struct AATree aatree; struct CBTree *cbtree; struct md5_ctx md5; struct Heap *heap; char buf[128]; static_assert(sizeof(int) >= 4, "unsupported int size"); heap = heap_create(heap_is_better, NULL, NULL); heap_top(heap); aatree_init(&aatree, NULL, NULL); cbtree = cbtree_create(NULL, NULL, NULL, NULL); cbtree_destroy(cbtree); daemonize(NULL, false); hash_lookup3("foo", 3); if (!event_init()) log_debug("test"); if (!parse_ini_file("foo", NULL, NULL)) log_debug("test"); log_stats("1"); file_size("foo"); md5_reset(&md5); strlcpy(buf, "foo", sizeof(buf)); printf("xmalloc: %p/n", xmalloc(128)); if (0) die("0"); csrandom(); tls_init(); return 0;}
开发者ID:chenz,项目名称:libusual,代码行数:31,
示例6: test_fingerprintstatic void test_fingerprint(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* both server & client with cert */ str_check(create_worker(&server, true, SERVER1, CA2, "verify-client=1", "peer-sha1=ssl/ca2_client2.crt.sha1", "peer-sha256=ssl/ca2_client2.crt.sha256", NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", "peer-sha1=ssl/ca1_server1.crt.sha1", "peer-sha256=ssl/ca1_server1.crt.sha256", NULL), "OK"); str_check(run_case(client, server), "OK"); /* client without cert */ str_check(create_worker(&server, true, SERVER1, CA1, "verify-client=1", "peer-sha1=ssl/ca2_client2.crt.sha1", "peer-sha256=ssl/ca2_client2.crt.sha256", NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=server1.com", NULL), "OK"); str_any2(run_case(client, server), "C:sslv3 alert handshake failure - S:peer did not return a certificate", "C:sslv3 alert handshake failure,C:shutdown while in init - S:peer did not return a certificate");end:;}
开发者ID:v2tmobile,项目名称:libusual,代码行数:31,
示例7: mainint main(int argc, char *argv[]) { static struct WSAData wsa_state; TCHAR *c, stunnel_exe_path[MAX_PATH]; tls_init(); /* initialize thread-local storage */ /* set current working directory and engine path */ GetModuleFileName(0, stunnel_exe_path, MAX_PATH); c=_tcsrchr(stunnel_exe_path, TEXT('//')); /* last backslash */ if(c) /* found */ c[1]=TEXT('/0'); /* truncate program name */#ifndef _WIN32_WCE if(!SetCurrentDirectory(stunnel_exe_path)) { /* log to stderr, as s_log() is not initialized */ _ftprintf(stderr, TEXT("Cannot set directory to %s"), stunnel_exe_path); return 1; }#endif _tputenv(str_tprintf(TEXT("OPENSSL_ENGINES=%s"), stunnel_exe_path)); if(WSAStartup(MAKEWORD(1, 1), &wsa_state)) return 1; resolver_init(); main_init(); if(!main_configure(argc>1 ? argv[1] : NULL, argc>2 ? argv[2] : NULL)) daemon_loop(); main_cleanup(); return 0;}
开发者ID:adalovelace561,项目名称:stunnel-5.17,代码行数:30,
示例8: mainintmain(int argc, const char *argv[]){ assert(tls_init() == 0); return EXIT_SUCCESS;}
开发者ID:alpinelinux,项目名称:aports,代码行数:7,
示例9: test_clientcertstatic void test_clientcert(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* ok: server checks server cert */ str_check(create_worker(&server, true, SERVER1, CA2, NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK"); /* fail: server rejects invalid cert */ str_check(create_worker(&server, true, SERVER1, CA1, NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "C:tlsv1 alert unknown ca - S:handshake failure"); /* noverifycert: server allow invalid cert */ str_check(create_worker(&server, true, SERVER1, CA1, "noverifycert=1", NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK"); /* allow client without cert */ str_check(create_worker(&server, true, SERVER1, CA2, NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK");end:;}
开发者ID:greenplum-db,项目名称:libusual,代码行数:27,
示例10: authsrv_initint authsrv_init(struct hostapd_data *hapd){#ifdef EAP_TLS_FUNCS if (hapd->conf->eap_server && (hapd->conf->ca_cert || hapd->conf->server_cert || hapd->conf->dh_file)) { struct tls_connection_params params; hapd->ssl_ctx = tls_init(NULL); if (hapd->ssl_ctx == NULL) { wpa_printf(MSG_ERROR, "Failed to initialize TLS"); authsrv_deinit(hapd); return -1; } os_memset(¶ms, 0, sizeof(params)); params.ca_cert = hapd->conf->ca_cert; params.client_cert = hapd->conf->server_cert; params.private_key = hapd->conf->private_key; params.private_key_passwd = hapd->conf->private_key_passwd; params.dh_file = hapd->conf->dh_file; if (tls_global_set_params(hapd->ssl_ctx, ¶ms)) { wpa_printf(MSG_ERROR, "Failed to set TLS parameters"); authsrv_deinit(hapd); return -1; } if (tls_global_set_verify(hapd->ssl_ctx, hapd->conf->check_crl)) { wpa_printf(MSG_ERROR, "Failed to enable check_crl"); authsrv_deinit(hapd); return -1; } }#endif /* EAP_TLS_FUNCS */#ifdef EAP_SIM_DB if (hapd->conf->eap_sim_db) { hapd->eap_sim_db_priv = eap_sim_db_init(hapd->conf->eap_sim_db, hostapd_sim_db_cb, hapd); if (hapd->eap_sim_db_priv == NULL) { wpa_printf(MSG_ERROR, "Failed to initialize EAP-SIM " "database interface"); authsrv_deinit(hapd); return -1; } }#endif /* EAP_SIM_DB */#ifdef RADIUS_SERVER if (hapd->conf->radius_server_clients && hostapd_setup_radius_srv(hapd)) return -1;#endif /* RADIUS_SERVER */ return 0;}
开发者ID:Alkzndr,项目名称:freebsd,代码行数:59,
示例11: mainint main(void){ tls_client_t client = {0}; const char *gnutls_ver = NULL; time_t start = 0; time_t end = 0; int ret = 0; int i = 0; /* initialise signal handling */ set_signal(); coap_log_set_level(COAP_LOG_DEBUG); gnutls_ver = gnutls_check_version(NULL); if (gnutls_ver == NULL) { coap_log_error("Unable to determine GnuTLS version"); return EXIT_FAILURE; } coap_log_info("GnuTLS version: %s", gnutls_ver); ret = tls_init(); if (ret != SOCK_OK) { coap_log_error("%s", sock_strerror(ret)); return EXIT_FAILURE; } ret = tls_client_create(&client, TRUST_FILE_NAME, CERT_FILE_NAME, KEY_FILE_NAME); if (ret != SOCK_OK) { coap_log_error("%s", sock_strerror(ret)); tls_deinit(); return EXIT_FAILURE; } for (i = 0; i < NUM_ITER; i++) { start = time(NULL); ret = client_run(&client); end = time(NULL); if (ret != SOCK_OK) { coap_log_error("%s", sock_strerror(ret)); tls_client_destroy(&client); tls_deinit(); return EXIT_FAILURE; } coap_log_info("Result: %s", sock_strerror(ret)); coap_log_debug("Time: %d sec", (int)(end - start)); coap_log_debug("Sleeping for %d seconds...", DELAY); sleep(DELAY); } tls_client_destroy(&client); tls_deinit(); return EXIT_SUCCESS;}
开发者ID:Rahuldee,项目名称:FreeCoAP,代码行数:59,
示例12: tls_config_newstruct tls_config *tls_config_new(void){ if (tls_init() == -1) return (NULL); return tls_config_new_internal();}
开发者ID:bbbrumley,项目名称:openbsd,代码行数:8,
示例13: stm_init/* * Called once (from main) to initialize STM infrastructure. */_CALLCONV voidstm_init(void){#if CM == CM_MODULAR char *s;#endif /* CM == CM_MODULAR */#ifdef SIGNAL_HANDLER struct sigaction act;#endif /* SIGNAL_HANDLER */ PRINT_DEBUG("==> stm_init()/n"); if (_tinystm.initialized) return; PRINT_DEBUG("/tsizeof(word)=%d/n", (int)sizeof(stm_word_t)); PRINT_DEBUG("/tVERSION_MAX=0x%lx/n", (unsigned long)VERSION_MAX); COMPILE_TIME_ASSERT(sizeof(stm_word_t) == sizeof(void *)); COMPILE_TIME_ASSERT(sizeof(stm_word_t) == sizeof(atomic_t));#ifdef EPOCH_GC gc_init(stm_get_clock);#endif /* EPOCH_GC */#if CM == CM_MODULAR s = getenv(VR_THRESHOLD); if (s != NULL) _tinystm.vr_threshold = (int)strtol(s, NULL, 10); else _tinystm.vr_threshold = VR_THRESHOLD_DEFAULT; PRINT_DEBUG("/tVR_THRESHOLD=%d/n", _tinystm.vr_threshold);#endif /* CM == CM_MODULAR */ /* Set locks and clock but should be already to 0 */ memset((void *)_tinystm.locks, 0, LOCK_ARRAY_SIZE * sizeof(stm_word_t)); CLOCK = 0; stm_quiesce_init(); tls_init();#ifdef SIGNAL_HANDLER if (getenv(NO_SIGNAL_HANDLER) == NULL) { /* Catch signals for non-faulting load */ act.sa_handler = signal_catcher; act.sa_flags = 0; sigemptyset(&act.sa_mask); if (sigaction(SIGBUS, &act, NULL) < 0 || sigaction(SIGSEGV, &act, NULL) < 0) { perror("sigaction"); exit(1); } }#endif /* SIGNAL_HANDLER */ _tinystm.initialized = 1;}
开发者ID:kunulee,项目名称:failsafe_heapo_source,代码行数:60,
示例14: mainint main(int argc, char *argv[]){ struct tls_config *conf; struct tls *ctx; struct tls_cert_info *cert; int res; const char *host; if (argc < 2) errx(1, "give host as arg/n"); host = argv[1]; res = tls_init(); if (res < 0) errx(1, "tls_init"); conf = tls_config_new(); if (!conf) errx(1, "tls_config_new"); tls_config_set_protocols(conf, TLS_PROTOCOLS_ALL); tls_config_set_ciphers(conf, "fast"); ctx = tls_client(); if (!ctx) errx(1, "tls_client"); res = tls_configure(ctx, conf); if (res < 0) errx(1, "tls_configure: %s", tls_error(ctx)); res = tls_connect(ctx, host, "443"); if (res < 0) errx(1, "tls_connect: %s", tls_error(ctx)); printf("connect ok/n"); res = tls_get_peer_cert(ctx, &cert); if (res < 0) errx(1, "tls_get_peer_cert: %s", tls_error(ctx)); tls_close(ctx); tls_free(ctx); tls_config_free(conf); printf(" CN='%s'/n", cert->subject.common_name); printf(" C='%s'/n", cert->subject.country_name); printf(" ST='%s'/n", cert->subject.state_or_province_name); printf(" L='%s'/n", cert->subject.locality_name); printf(" S='%s'/n", cert->subject.street_address); printf(" O='%s'/n", cert->subject.organization_name); printf(" OU='%s'/n", cert->subject.organizational_unit_name); tls_cert_free(cert); return 0;}
开发者ID:greenplum-db,项目名称:libusual,代码行数:56,
示例15: init_subsystemsstatic void init_subsystems(){ shared_init(); heap_init(); signal_init(); process_init(); tls_init(); vfs_init(); dbt_init();}
开发者ID:AnXi-TieGuanYin-Tea,项目名称:flinux,代码行数:10,
示例16: servervoid server() { // load Config File and Settings fprintf(stdout, "Starting fidistat Server.../n"); openlog("fidistat-server", LOG_PID, LOG_DAEMON); syslog(LOG_INFO, "Started Fidistat Server"); struct pidfh *pfh = daemon_start('s'); // Handle Signals signal(SIGTERM, handleSigterm_S); signal(SIGCHLD, handleChild); // Open Socket initConf(); tls_init(); struct tls* ctx = tls_server(); int sock = initTLS_S(ctx); sckt = sock; int connfd, pid; listen(sock, 10); // Destroy Config destroyConf(); while(!term) { connfd = accept(sock, (struct sockaddr*) NULL, NULL); if (term) { break; } pid = fork(); if (pid < 0) { syslog(LOG_ERR, "forking new Worker failed"); } else if (pid == 0) { close(sock); syslog(LOG_INFO, "New incoming connection"); worker(connfd, ctx); syslog(LOG_INFO, "Closing connection"); exit(0); } else { close(connfd); } } syslog(LOG_INFO, "Shutting down Server"); close(sock); tls_close(ctx); tls_free(ctx); tls_config_free(tlsServer_conf); pidfile_remove(pfh); syslog(LOG_INFO, "Stopped Fidistat Server"); closelog(); exit(0);}
开发者ID:nudelfabrik,项目名称:FidiStat,代码行数:55,
示例17: mainint main(int argc, char* argv[]) { /* execution begins here 8-) */ int retval;#ifdef M_MMAP_THRESHOLD mallopt(M_MMAP_THRESHOLD, 4096);#endif tls_init(); /* initialize thread-local storage */ retval=main_unix(argc, argv); main_cleanup(); return retval;}
开发者ID:NickolasLapp,项目名称:stunnel,代码行数:11,
示例18: test_cipher_negostatic void test_cipher_nego(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* server key is EC:secp384r1 - ECDHE-ECDSA */ str_check(create_worker(&server, true, "show=ciphers", SERVER1, NULL), "OK"); str_check(create_worker(&client, false, CA1, "ciphers=AESGCM", "host=server1.com", NULL), "OK"); str_any3(run_case(client, server), "TLSv1.2/ECDHE-ECDSA-AES256-GCM-SHA384/ECDH=secp384r1", "TLSv1.2/ECDHE-ECDSA-AES256-GCM-SHA384/ECDH=X25519", "TLSv1.2/ECDHE-ECDSA-AES256-GCM-SHA384"); /* server key is RSA - ECDHE-RSA */ str_check(create_worker(&server, true, "show=ciphers", SERVER2, NULL), "OK"); str_check(create_worker(&client, false, CA2, "ciphers=AESGCM", "host=server2.com", NULL), "OK"); str_any3(run_case(client, server), "TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384/ECDH=prime256v1", "TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384/ECDH=X25519", "TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384"); /* server key is RSA - DHE-RSA */ str_check(create_worker(&server, true, SERVER2, "show=ciphers", "dheparams=auto", NULL), "OK"); str_check(create_worker(&client, false, CA2, "ciphers=EDH+AESGCM", "host=server2.com", NULL), "OK"); str_check(run_case(client, server), "TLSv1.2/DHE-RSA-AES256-GCM-SHA384/DH=2048"); /* server key is RSA - ECDHE-RSA */ str_check(create_worker(&server, true, SERVER2, "show=ciphers", NULL), "OK"); str_check(create_worker(&client, false, CA2, "ciphers=EECDH+AES", "host=server2.com", NULL), "OK"); str_any3(run_case(client, server), "TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384/ECDH=prime256v1", "TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384/ECDH=X25519", "TLSv1.2/ECDHE-RSA-AES256-GCM-SHA384");end:;}
开发者ID:ifduyue,项目名称:libusual,代码行数:53,
示例19: test_set_memstatic void test_set_mem(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* both server & client with cert */ str_check(create_worker(&server, true, "mem=1", SERVER1, CA2, NULL), "OK"); str_check(create_worker(&client, false, "mem=1", CLIENT2, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK");end:;}
开发者ID:v2tmobile,项目名称:libusual,代码行数:12,
示例20: mutt_ssl_socket_setupint mutt_ssl_socket_setup (CONNECTION* conn){ if (tls_init() < 0) return -1; conn->conn_open = tls_socket_open; conn->conn_read = tls_socket_read; conn->conn_write = tls_socket_write; conn->conn_close = tls_socket_close; conn->conn_poll = raw_socket_poll; return 0;}
开发者ID:Ishpeck,项目名称:mutt-kz,代码行数:13,
示例21: mutt_ssl_socket_setup/** * mutt_ssl_socket_setup - Set up SSL socket mulitplexor * @param conn Connection to a server * @retval 0 Success * @retval -1 Error */int mutt_ssl_socket_setup(struct Connection *conn){ if (tls_init() < 0) return -1; conn->conn_open = tls_socket_open; conn->conn_read = tls_socket_read; conn->conn_write = tls_socket_write; conn->conn_close = tls_socket_close; conn->conn_poll = raw_socket_poll; return 0;}
开发者ID:darnir,项目名称:neomutt,代码行数:19,
示例22: mutt_ssl_starttls/** * mutt_ssl_starttls - Set up TLS multiplexor * @param conn Connection to a server * @retval 0 Success * @retval -1 Error */int mutt_ssl_starttls(struct Connection *conn){ if (tls_init() < 0) return -1; if (tls_negotiate(conn) < 0) return -1; conn->conn_read = tls_socket_read; conn->conn_write = tls_socket_write; conn->conn_close = tls_starttls_close; return 0;}
开发者ID:darnir,项目名称:neomutt,代码行数:20,
示例23: mutt_ssl_starttlsint mutt_ssl_starttls (CONNECTION* conn){ if (tls_init() < 0) return -1; if (tls_negotiate (conn) < 0) return -1; conn->conn_read = tls_socket_read; conn->conn_write = tls_socket_write; conn->conn_close = tls_starttls_close; return 0;}
开发者ID:Ishpeck,项目名称:mutt-kz,代码行数:14,
示例24: ldap_int_tls_startintldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv ){ Sockbuf *sb; char *host; void *ssl; if ( !conn ) return LDAP_PARAM_ERROR; sb = conn->lconn_sb; if( srv ) { host = srv->lud_host; } else { host = conn->lconn_server->lud_host; } /* avoid NULL host */ if( host == NULL ) { host = "localhost"; } (void) tls_init( tls_imp ); /* * Fortunately, the lib uses blocking io... */ if ( ldap_int_tls_connect( ld, conn ) < 0 ) { ld->ld_errno = LDAP_CONNECT_ERROR; return (ld->ld_errno); } ssl = ldap_pvt_tls_sb_ctx( sb ); assert( ssl != NULL ); /* * compare host with name(s) in certificate */ if (ld->ld_options.ldo_tls_require_cert != LDAP_OPT_X_TLS_NEVER && ld->ld_options.ldo_tls_require_cert != LDAP_OPT_X_TLS_ALLOW) { ld->ld_errno = ldap_pvt_tls_check_hostname( ld, ssl, host ); if (ld->ld_errno != LDAP_SUCCESS) { return ld->ld_errno; } } return LDAP_SUCCESS;}
开发者ID:RevanthPar,项目名称:openldap,代码行数:48,
示例25: test_clientcertstatic void test_clientcert(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* ok: server checks client cert */ str_check(create_worker(&server, true, SERVER1, CA2, "verify-client=1", NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK"); /* fail: server rejects invalid cert */ str_check(create_worker(&server, true, SERVER1, CA1, "verify-client=1", NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", NULL), "OK"); str_any3(run_case(client, server), "C:tlsv1 alert unknown ca - S:no certificate returned", "C:tlsv1 alert unknown ca,C:shutdown while in init - S:certificate verify failed", "C:tlsv1 alert unknown ca - S:certificate verify failed"); /* noverifycert: server allow invalid cert */ str_check(create_worker(&server, true, SERVER1, CA1, "noverifycert=1", NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK"); /* verify-client: don't allow client without cert */ str_check(create_worker(&server, true, SERVER1, CA2, "verify-client=1", NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=server1.com", NULL), "OK"); str_any2(run_case(client, server), "C:sslv3 alert handshake failure - S:peer did not return a certificate", "C:sslv3 alert handshake failure,C:shutdown while in init - S:peer did not return a certificate"); /* verify-client-optional: allow client without cert */ str_check(create_worker(&server, true, SERVER1, CA2, "verify-client-optional=1", NULL), "OK"); str_check(create_worker(&client, false, CA1, "host=server1.com", NULL), "OK"); str_check(run_case(client, server), "OK");end:;}
开发者ID:v2tmobile,项目名称:libusual,代码行数:47,
示例26: test_cert_infostatic void test_cert_info(void *z){ struct Worker *server = NULL, *client = NULL; tt_assert(tls_init() == 0); /* server shows client cert */ str_check(create_worker(&server, true, "show=peer-cert", SERVER1, CA2, "peer-sha1=ssl/ca2_client2.crt.sha1", "peer-sha256=ssl/ca2_client2.crt.sha256", "verify-client=1", NULL), "OK"); str_check(create_worker(&client, false, CLIENT2, CA1, "host=server1.com", "peer-sha1=ssl/ca1_server1.crt.sha1", "peer-sha256=ssl/ca1_server1.crt.sha256", NULL), "OK"); str_check(run_case(client, server), "Subject: /CN=client2/C=XX/ST=State2/L=City2/O=Org2" " Issuer: /CN=TestCA2" " Serial: 1387724136048036785122419970010419099185643835502" " NotBefore: 2010-01-01T08:05:00Z" " NotAfter: 2060-12-31T23:55:00Z"); /* client shows server cert - utf8 */ str_check(create_worker(&server, true, COMPLEX1, NULL), "OK"); str_check(create_worker(&client, false, CA1, "show=peer-cert", "host=complex1.com", NULL), "OK"); str_check(run_case(client, server), "Subject: /CN=complex1.com/ST=
C++ tls_new函数代码示例
C++ tls_free函数代码示例
|
