Did I do this correctly? (Trying to select protocols in ALPN through OpenSSL's API)

Osman Zakir osmanzakir90 at hotmail.com
Tue Jul 26 19:31:45 UTC 2022


I have this code in my server app:

```
// Handles an HTTP server connection
void do_session(tcp::socket &socket, ssl::context &ctx, const std::string &doc_root, std::string_view googlekey,
      std::string_view currencykey)
{
      bool close{};
      boost::system::error_code ec;

      // Construct the stream around the socket
      ssl::stream<tcp::socket&> stream{ socket, ctx };

      unsigned char* out[];
      unsigned char* outlen;
      const unsigned char* in[];
      unsigned int inlen;
      void* arg;
      void* arg2;

      for (std::size_t i{}; i < inlen; ++i)
      {
            if (in[i] == "h2")
            {
                  out[0] = "h2";
                  outlen = 1;
            }
      }

      // Set ALPN and select protocol from client's list
      SSL_CTX_set_alpn_select_cb(ctx, [](ctx,
            out,
            outlen,
            in,
            inlen,
            arg) {
                  unsigned char** out2;
                  unsigned char* outlen;
                  const unsigned char* server{ &out };
                  const unsigned char* client{ &in };
                  unsigned int server_len{ outlen };
                  unsigned int client_len{ inlen };
                  return SSL_select_next_proto(out2, outlen,
                        server,
                        server_len,
                        client,
                        client_len);
            }, arg2);

      // Perform the SSL handshake
      stream.handshake(ssl::stream_base::server, ec);
      if (ec)
      {
            std::cerr << "Lines 663 and 664:\n";
            fail(ec, "handshake");
      }

      // This buffer is required to persist across reads
      boost::beast::flat_buffer buffer;

      // This lambda is used to send messages
      send_lambda<ssl::stream<tcp::socket&>> lambda{ stream, close, ec };

      for (;;)
      {
            // Read a request
            http::request<http::string_body> req;
            http::read(stream, buffer, req, ec);
            if (ec == http::error::end_of_stream)
            {
                  break;
            }
            if (ec)
            {
                  std::cerr << "Lines 684 and 685:\n";
                  return fail(ec, "read");
            }

            // Send the response
            handle_request(doc_root, std::move(req), lambda, googlekey, currencykey);
            if (ec)
            {
                  std::cerr << "Lines 691 and 692:\n";
                  return fail(ec, "write");
            }
            if (close)
            {
                  // This means we should close the connection, usually because
                  // the response indicated the "Connection: close" semantic.
                  break;
            }
      }

      // Perform the SSL shutdown
      stream.shutdown(ec);
      if (ec)
      {
            std::cerr << "Lines 707 and 708:\n";
            return fail(ec, "shutdown");
      }

      // At this point the connection is closed gracefully
}
```

Did I call the `SSL_CTX_set_alpn_select_cb` function correctly?  And am I setting and passing the arguments/parameters correctly?  If I did anything wrong, please tell me.  Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220726/8296855b/attachment.htm>


More information about the openssl-users mailing list