Sortix cross-volatile manual
This manual documents Sortix cross-volatile. You can instead view this document in the latest official manual.
NAME
BIO_f_ssl, BIO_set_ssl, BIO_get_ssl, BIO_set_ssl_mode, BIO_set_ssl_renegotiate_bytes, BIO_get_num_renegotiates, BIO_set_ssl_renegotiate_timeout, BIO_new_ssl, BIO_new_ssl_connect, BIO_new_buffer_ssl_connect, BIO_ssl_copy_session_id, BIO_ssl_shutdown, BIO_do_handshake — SSL BIOSYNOPSIS
#include <openssl/bio.h>#include <openssl/ssl.h>
BIO_f_ssl(void);
BIO_set_ssl(BIO *b, SSL *ssl, long c);
BIO_get_ssl(BIO *b, SSL *sslp);
BIO_set_ssl_mode(BIO *b, long client);
BIO_set_ssl_renegotiate_bytes(BIO *b, long num);
BIO_set_ssl_renegotiate_timeout(BIO *b, long seconds);
BIO_get_num_renegotiates(BIO *b);
BIO_new_ssl(SSL_CTX *ctx, int client);
BIO_new_ssl_connect(SSL_CTX *ctx);
BIO_new_buffer_ssl_connect(SSL_CTX *ctx);
BIO_ssl_copy_session_id(BIO *to, BIO *from);
BIO_ssl_shutdown(BIO *bio);
BIO_do_handshake(BIO *b);
DESCRIPTION
BIO_f_ssl() returns the SSL BIO method. This is a filter BIO which is a wrapper around the OpenSSL SSL routines adding a BIO “flavor” to SSL I/O.RETURN VALUES
BIO_f_ssl() returns a pointer to a static BIO_METHOD structure.EXAMPLES
This SSL/TLS client example attempts to retrieve a page from an SSL/TLS web server. The I/O routines are identical to those of the unencrypted example in BIO_s_connect(3).
BIO *sbio, *out; 
int len; 
char tmpbuf[1024]; 
SSL_CTX *ctx; 
SSL *ssl; 
 
ERR_load_crypto_strings(); 
ERR_load_SSL_strings(); 
OpenSSL_add_all_algorithms(); 
 
/* 
 * We would seed the PRNG here if the platform didn't do it automatically 
 */ 
 
ctx = SSL_CTX_new(SSLv23_client_method()); 
 
/* 
 * We'd normally set some stuff like the verify paths and mode here because 
 * as things stand this will connect to any server whose certificate is 
 * signed by any CA. 
 */ 
 
sbio = BIO_new_ssl_connect(ctx); 
 
BIO_get_ssl(sbio, &ssl); 
 
if (!ssl) { 
	fprintf(stderr, "Can't locate SSL pointer\n"); 
	/* whatever ... */ 
} 
 
/* Don't want any retries */ 
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); 
 
/* We might want to do other things with ssl here */ 
 
BIO_set_conn_hostname(sbio, "localhost:https"); 
 
out = BIO_new_fp(stdout, BIO_NOCLOSE); 
if (BIO_do_connect(sbio) <= 0) { 
	fprintf(stderr, "Error connecting to server\n"); 
	ERR_print_errors_fp(stderr); 
	/* whatever ... */ 
} 
 
if (BIO_do_handshake(sbio) <= 0) { 
	fprintf(stderr, "Error establishing SSL connection\n"); 
	ERR_print_errors_fp(stderr); 
	/* whatever ... */ 
} 
 
/* Could examine ssl here to get connection info */ 
 
BIO_puts(sbio, "GET / HTTP/1.0\n\n"); 
for (;;) { 
	len = BIO_read(sbio, tmpbuf, 1024); 
	if(len <= 0) break; 
	BIO_write(out, tmpbuf, len); 
} 
BIO_free_all(sbio); 
BIO_free(out);
BIO *sbio, *bbio, *acpt, *out; 
int len; 
char tmpbuf[1024]; 
SSL_CTX *ctx; 
SSL *ssl; 
 
ctx = SSL_CTX_new(SSLv23_server_method()); 
 
if (!SSL_CTX_use_certificate_file(ctx,"server.pem",SSL_FILETYPE_PEM) 
    || !SSL_CTX_use_PrivateKey_file(ctx,"server.pem",SSL_FILETYPE_PEM) 
    || !SSL_CTX_check_private_key(ctx)) { 
	fprintf(stderr, "Error setting up SSL_CTX\n"); 
	ERR_print_errors_fp(stderr); 
	return 0; 
} 
 
/* 
 * Might do other things here like setting verify locations and DH and/or 
 * RSA temporary key callbacks 
 */ 
 
/* New SSL BIO setup as server */ 
sbio = BIO_new_ssl(ctx,0); 
 
BIO_get_ssl(sbio, &ssl); 
 
if (!ssl) { 
	fprintf(stderr, "Can't locate SSL pointer\n"); 
	/* whatever ... */ 
} 
 
/* Don't want any retries */ 
SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY); 
 
/* Create the buffering BIO */ 
 
bbio = BIO_new(BIO_f_buffer()); 
 
/* Add to chain */ 
sbio = BIO_push(bbio, sbio); 
 
acpt = BIO_new_accept("4433"); 
 
/* 
 * By doing this when a new connection is established we automatically 
 * have sbio inserted into it. The BIO chain is now 'swallowed' by the 
 * accept BIO and will be freed when the accept BIO is freed. 
 */ 
 
BIO_set_accept_bios(acpt,sbio); 
 
out = BIO_new_fp(stdout, BIO_NOCLOSE); 
 
/* Wait for incoming connection */ 
if (BIO_do_accept(acpt) <= 0) { 
	fprintf(stderr, "Error setting up accept BIO\n"); 
	ERR_print_errors_fp(stderr); 
	return 0; 
} 
 
/* We only want one connection so remove and free accept BIO */ 
 
sbio = BIO_pop(acpt); 
 
BIO_free_all(acpt); 
 
if (BIO_do_handshake(sbio) <= 0) { 
	fprintf(stderr, "Error in SSL handshake\n"); 
	ERR_print_errors_fp(stderr); 
	return 0; 
} 
 
BIO_puts(sbio, "HTTP/1.0 200 OK\r\nContent-type: text/plain\r\n\r\n"); 
BIO_puts(sbio, "\r\nConnection Established\r\nRequest headers:\r\n"); 
BIO_puts(sbio, "--------------------------------------------------\r\n"); 
 
for (;;) { 
	len = BIO_gets(sbio, tmpbuf, 1024); 
	if (len <= 0) 
		break; 
	BIO_write(sbio, tmpbuf, len); 
	BIO_write(out, tmpbuf, len); 
	/* Look for blank line signifying end of headers */ 
	if ((tmpbuf[0] == '\r') || (tmpbuf[0] == '\n')) 
		break; 
} 
 
BIO_puts(sbio, "--------------------------------------------------\r\n"); 
BIO_puts(sbio, "\r\n"); 
 
/* Since there is a buffering BIO present we had better flush it */ 
BIO_flush(sbio); 
 
BIO_free_all(sbio);
