libcurl具有超时选项,如下所示:
libcurl has timeout options like these:
CURLOPT_CONNECTTIMEOUT - maximum time in seconds that you allow the connection to the server to take. CURLOPT_TIMEOUT - maximum time in seconds that you allow the libcurl transfer operation to take.我想在OpenSSL中实现类似的超时机制.
I'd like to implement a similar timeout mechanism in OpenSSL.
下面的代码需要进行哪些更改,以便将超时值应用于BIO_do_connect(),BIO_write()和BIO_read()?
What changes would be required in the code below so that a timeout value is applied to BIO_do_connect(), BIO_write() and BIO_read()?
我正在连接到服务器,并使用OpenSSL提供的BIO_write()/BIO_read()向服务器发送数据/从服务器接收数据.我的代码基于以下示例代码,可从此处.
I'm connecting to a server and sending/receiving data to/from the server using BIO_write()/BIO_read() that OpenSSL provides. My code is based on the following sample code available from here.
int main() { BIO * bio; SSL * ssl; SSL_CTX * ctx; int p; char * request = "GET / HTTP/1.1\x0D\x0AHost: www.verisign\x0D\x0A\x43onnection: Close\x0D\x0A\x0D\x0A"; char r[1024]; /* Set up the library */ ERR_load_BIO_strings(); SSL_load_error_strings(); OpenSSL_add_all_algorithms(); /* Set up the SSL context */ ctx = SSL_CTX_new(SSLv23_client_method()); /* Load the trust store */ if(! SSL_CTX_load_verify_locations(ctx, "TrustStore.pem", NULL)) { fprintf(stderr, "Error loading trust store\n"); ERR_print_errors_fp(stderr); SSL_CTX_free(ctx); return 0; } /* Setup the connection */ bio = BIO_new_ssl_connect(ctx); /* Set the SSL_MODE_AUTO_RETRY flag */ BIO_get_ssl(bio, & ssl); SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); /* Create and setup the connection */ BIO_set_conn_hostname(bio, "www.verisign:https"); if(BIO_do_connect(bio) <= 0) { fprintf(stderr, "Error attempting to connect\n"); ERR_print_errors_fp(stderr); BIO_free_all(bio); SSL_CTX_free(ctx); return 0; } /* Check the certificate */ if(SSL_get_verify_result(ssl) != X509_V_OK) { fprintf(stderr, "Certificate verification error: %i\n", SSL_get_verify_result(ssl)); BIO_free_all(bio); SSL_CTX_free(ctx); return 0; } /* Send the request */ BIO_write(bio, request, strlen(request)); /* Read in the response */ for(;;) { p = BIO_read(bio, r, 1023); if(p <= 0) break; r[p] = 0; printf("%s", r); } /* Close the connection and free the context */ BIO_free_all(bio); SSL_CTX_free(ctx); return 0; }我正在为Ubuntu(带有CodeSourcery Lite的Eclipse)上的ARM进行交叉编译.
I'm cross-compiling for ARM on Ubuntu (Eclipse with CodeSourcery Lite).
推荐答案我最终做了类似以下的事情(伪代码):
I ended up doing something like the following (pseudocode):
int nRet; int fdSocket; fd_set connectionfds; struct timeval timeout; BIO_set_nbio(pBio, 1); nRet = BIO_do_connect(pBio); if ((nRet <= 0) && !BIO_should_retry(pBio)) // failed to establish connection. if (BIO_get_fd(pBio, &fdSocket) < 0) // failed to get fd. if (nRet <= 0) { FD_ZERO(&connectionfds); FD_SET(fdSocket, &connectionfds); timeout.tv_usec = 0; timeout.tv_sec = 10; nRet = select(fdSocket + 1, NULL, &connectionfds, NULL, &timeout); if (nRet == 0) // timeout has occurred. }您也可以对BIO_read()使用相同的方法.
You can use the same approach for BIO_read() too.
您可能会发现此链接有用.
更多推荐
如何在OpenSSL中设置连接超时和操作超时
发布评论