我正在尝试构建通过Indy SSL TCP组件通信的服务器和客户端应用程序(C++ Builder 2010)。我使用以下命令生成了证书和私钥:
openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -config C:\openssl.cnf
服务器代码:
#include <vcl.h>
#pragma hdrstop
#include <tchar.h>
//---------------------------------------------------------------------------
#pragma argsused
#include <idglobal.hpp>
#include <IdTcpServer.hpp>
#include <IdSSLOpenSSL.hpp>
#include <vector>
#include <string>
#include <memory>
#include <iostream>
#include <windows.h>
#include "comm.h"
#pragma link "IndyCore140.lib"
#pragma link "IndyProtocols140.lib"
#pragma link "IndySystem140.lib"
/////////////////////////////////////////////////////////////////////////////
// Server
/////////////////////////////////////////////////////////////////////////////
class TServer
{
public:
TServer(int Port, const std::string& cert, const std::string& key,
const std::string& password )
: FPassword(password),
FServer(new TIdTCPServer(NULL))
{
FServer->OnConnect = ServerOnConnect;
FServer->OnExecute = ServerOnExecute;
FServer->DefaultPort = Port;
TIdServerIOHandlerSSLOpenSSL* ioHandler =
new TIdServerIOHandlerSSLOpenSSL(NULL);
ioHandler->OnGetPassword = SetPassword;
ioHandler->OnVerifyPeer = VerifyPeer;
ioHandler->SSLOptions->Mode = sslmServer;
ioHandler->SSLOptions->VerifyDepth = 0;
ioHandler->SSLOptions->CertFile = cert.c_str();
ioHandler->SSLOptions->KeyFile = key.c_str();
ioHandler->SSLOptions->SSLVersions << sslvSSLv23;
ioHandler->SSLOptions->VerifyMode.Clear();
FServer->IOHandler = ioHandler;
}
~TServer()
{
}
public:
void Start()
{
FServer->Active = true;
std::cout << "Listening on port " << FServer->DefaultPort << std::endl;
}
void Stop()
{
FServer->Active = false;
}
private:
void __fastcall ServerOnExecute(TIdContext* ctx)
{
TIdTCPConnection* conn = ctx->Connection;
try
{
std::string command = Recv(conn);
std::cout << command << std::endl;
if( strnicmp(command.c_str(), "HELLO", 5) == 0 ) // Start session
{
Send(conn, "HELLO");
}
}
catch(Exception& e)
{
std::cout << AnsiString(e.Message).c_str() << std::endl;
}
conn->Disconnect();
}
void __fastcall ServerOnConnect(TIdContext* context)
{
std::cout << "Client connected" << std::endl;
}
bool __fastcall VerifyPeer(TIdX509* Certificate, bool AOk, int ADepth)
{
return AOk;
}
void __fastcall SetPassword(AnsiString& Password)
{
Password = FPassword.c_str();
}
private:
std::auto_ptr<TIdTCPServer> FServer;
const std::string FPassword;
};
///
// Press Ctrl+C to close application
///
HANDLE hExitEvent = NULL;
BOOL CtrlHandler( DWORD ctl )
{
if( ctl == CTRL_C_EVENT)
{
if( hExitEvent != NULL )
{
std::cout << "Closing application..." << std::endl;
SetEvent(hExitEvent);
}
return TRUE;
}
return FALSE;
}
///
int _tmain(int argc, _TCHAR* argv[])
{
std::auto_ptr<TServer> server(new TServer(50136,
"c:\\cert.pem",
"c:\\key.pem",
"MyPassword"));
hExitEvent = CreateEvent(NULL, FALSE, FALSE, NULL);
if( SetConsoleCtrlHandler( (PHANDLER_ROUTINE) CtrlHandler, TRUE ) )
{
try
{
server->Start();
WaitForSingleObject(hExitEvent, INFINITE);
server->Stop();
Sleep(1000);
}
catch(Exception& e)
{
std::cout << AnsiString(e.Message).c_str() << std::endl;
}
}
CloseHandle(hExitEvent);
return 0;
}
客户端代码:
#include <vcl.h>
#pragma hdrstop
#include <idglobal.hpp>
#include <IdTCPClient.hpp>
#include <IdSSLOpenSSL.hpp>
#include <vector>
#include <string>
#include <memory>
#include <iostream>
#include <tchar.h>
#include "comm.h"
//---------------------------------------------------------------------------
#pragma argsused
#pragma link "IndyCore140.lib"
#pragma link "IndyProtocols140.lib"
#pragma link "IndySystem140.lib"
void TestConnection()
{
std::auto_ptr<TIdTCPClient> client(new TIdTCPClient(NULL));
try
{
client->Host = "192.168.1.3";
client->Port = 50136;
client->ConnectTimeout = 10000;
client->ReadTimeout = 10000;
// SSL
TIdSSLIOHandlerSocketOpenSSL* ioHandler = new TIdSSLIOHandlerSocketOpenSSL(NULL);
ioHandler->SSLOptions->Mode = sslmClient;
ioHandler->SSLOptions->VerifyDepth = 0;
// ioHandler->SSLOptions->CertFile = "c:\\cert.pem";
ioHandler->SSLOptions->SSLVersions << sslvSSLv23;
// ioHandler->SSLOptions->VerifyMode.Clear();
client->IOHandler = ioHandler;
client->Connect();
///
// Test session start
///
Send(client.get(), "HELLO");
std::string response = Recv(client.get());
std::cout << response << std::endl;
}
catch(Exception& e)
{
std::cout << AnsiString(e.Message).c_str() << std::endl;
}
}
int _tmain(int argc, _TCHAR* argv[])
{
TestConnection();
return 0;
}
comm.h
#ifndef COMM_H
#define COMM_H
#include <idglobal.hpp>
#include <IdTcpServer.hpp>
#include <IdSSLOpenSSL.hpp>
#include <vector>
#include <string>
//---------------------------------------------------------------------------
typedef std::vector<unsigned char> TBuffer;
void SendByteArray(TIdTCPConnection* Connection,
const TBuffer& array)
{
TIdBytes src;
src = Idglobal::RawToBytes(&array[0], array.size());
Connection->IOHandler->Write(src);
}
//---------------------------------------------------------------------------
void ReceiveByteArray(TIdTCPConnection* Connection,
TBuffer& array, unsigned int size)
{
TIdBytes dest;
Connection->IOHandler->ReadBytes(dest, size);
array.resize(size);
Idglobal::BytesToRaw(dest, &array[0], size);
}
void Send(TIdTCPConnection* Connection, const std::string& cmd)
{
TBuffer buffer(cmd.begin(), cmd.end());
SendByteArray(Connection, buffer);
}
std::string Recv(TIdTCPConnection* Connection)
{
TBuffer buffer;
ReceiveByteArray(Connection, buffer, 5);
std::string cmd(buffer.begin(), buffer.end());
return cmd;
}
#endif //COMM_H
服务器启动时没有任何错误。当我尝试连接服务器时,客户端会抛出异常。
Project sslclient.exe raised exception class EIdOSSLConnectError with message 'Error connecting with SSL.
EOF was observed that violates the protocol'.
服务器在每次迭代中都会出现异常 Connection Closed Gracefully. 的无限循环。我在Windows 7上使用OpenSSL库v.1.0.1.3运行测试。请帮助解决问题。
ioHandler->SSLOptions->VerifyMode = TIdSSLVerifyModeSet();。 - Yury Rudakou