0
点赞
收藏
分享

微信扫一扫

走进人工智能|自动驾驶 迈向无人驾驶未来

左小米z 2023-06-28 阅读 47

C/C++ boost::asio::ssl.hpp + openssl 1.x (老版本库)设置SSL/TLS链接对象的 SNI(SSL扩展域名指示额外参数)。

static std::shared_ptr<boost::asio::ssl::context> HttpSslClientContext(const char* host)
{
    class HttpSslContext : public boost::asio::ssl::context
    {
    public:
        HttpSslContext(method m) : context(m) {}

    public:
        std::string host;
    };

    std::shared_ptr<HttpSslContext> ssl_context = make_shared_object<HttpSslContext>(boost::asio::ssl::context::tlsv12_client);
    ssl_context->host = host;
    ssl_context->set_verify_mode(boost::asio::ssl::context::verify_none);
    ssl_context->set_verify_callback(
        [](bool preverified, boost::asio::ssl::verify_context& context)
        {
            return true;
        });

    typedef int(*SSL_CTX_SET_SNI_CALLBACK)(SSL*, int, void*);

    if (NULL != host && *host != '\x0')
    {
        SSL_CTX_SET_SNI_CALLBACK sni = [](SSL* ssl, int /*ad*/, void* arg)
        {
            HttpSslContext* context = static_cast<HttpSslContext*>(arg);
            if (NULL == context)
            {
                return SSL_TLSEXT_ERR_ALERT_FATAL;
            }

            std::string hostname = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
            if (hostname.empty())
            {
                hostname = context->host;
            }

            if (hostname.size() > 0)
            {
                SSL_set_tlsext_host_name(ssl, hostname.data());
            }

            SSL_set_SSL_CTX(ssl, context->native_handle());
            return SSL_TLSEXT_ERR_OK;
        };
        SSL_CTX_set_tlsext_servername_callback(ssl_context->native_handle(), (void(*)())sni);
        SSL_CTX_set_tlsext_servername_arg(ssl_context->native_handle(), ssl_context.get());
    }
    return ssl_context;
}
举报

相关推荐

0 条评论