Did I do this correctly? (Trying to select protocols in ALPN through OpenSSL's API)
Osman Zakir
osmanzakir90 at hotmail.com
Tue Jul 26 19:31:45 UTC 2022
I have this code in my server app:
```
// Handles an HTTP server connection
void do_session(tcp::socket &socket, ssl::context &ctx, const std::string &doc_root, std::string_view googlekey,
std::string_view currencykey)
{
bool close{};
boost::system::error_code ec;
// Construct the stream around the socket
ssl::stream<tcp::socket&> stream{ socket, ctx };
unsigned char* out[];
unsigned char* outlen;
const unsigned char* in[];
unsigned int inlen;
void* arg;
void* arg2;
for (std::size_t i{}; i < inlen; ++i)
{
if (in[i] == "h2")
{
out[0] = "h2";
outlen = 1;
}
}
// Set ALPN and select protocol from client's list
SSL_CTX_set_alpn_select_cb(ctx, [](ctx,
out,
outlen,
in,
inlen,
arg) {
unsigned char** out2;
unsigned char* outlen;
const unsigned char* server{ &out };
const unsigned char* client{ &in };
unsigned int server_len{ outlen };
unsigned int client_len{ inlen };
return SSL_select_next_proto(out2, outlen,
server,
server_len,
client,
client_len);
}, arg2);
// Perform the SSL handshake
stream.handshake(ssl::stream_base::server, ec);
if (ec)
{
std::cerr << "Lines 663 and 664:\n";
fail(ec, "handshake");
}
// This buffer is required to persist across reads
boost::beast::flat_buffer buffer;
// This lambda is used to send messages
send_lambda<ssl::stream<tcp::socket&>> lambda{ stream, close, ec };
for (;;)
{
// Read a request
http::request<http::string_body> req;
http::read(stream, buffer, req, ec);
if (ec == http::error::end_of_stream)
{
break;
}
if (ec)
{
std::cerr << "Lines 684 and 685:\n";
return fail(ec, "read");
}
// Send the response
handle_request(doc_root, std::move(req), lambda, googlekey, currencykey);
if (ec)
{
std::cerr << "Lines 691 and 692:\n";
return fail(ec, "write");
}
if (close)
{
// This means we should close the connection, usually because
// the response indicated the "Connection: close" semantic.
break;
}
}
// Perform the SSL shutdown
stream.shutdown(ec);
if (ec)
{
std::cerr << "Lines 707 and 708:\n";
return fail(ec, "shutdown");
}
// At this point the connection is closed gracefully
}
```
Did I call the `SSL_CTX_set_alpn_select_cb` function correctly? And am I setting and passing the arguments/parameters correctly? If I did anything wrong, please tell me. Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220726/8296855b/attachment.htm>
More information about the openssl-users
mailing list