RCF support and general discussion.
-
acDev
- Posts: 27
- Joined: Tue Oct 08, 2013 3:08 pm
- Location: Moscow
-
Contact:
Post
by acDev »
OpenSSL generating PEM-files:
Code: Select all
openssl genrsa -des3 -passout file:passphrase.txt -out rcf_srv.pem 2048
openssl rsa -in rcf_srv.pem -passin file:passphrase.txt -pubout -out rcf_clnt.pub
Server-Side code:
Code: Select all
RCF::RcfServer server( RCF::TcpEndpoint("0.0.0.0", 50001) );
server.getServerTransport().setMaxIncomingMessageLength(2*1024*1024);
boost::shared_ptr<RCF::ThreadPool> threadPoolPtr;
threadPoolPtr.reset(new RCF::ThreadPool(1));
threadPoolPtr->setThreadName("RCF_ThreadPool");
server.setThreadPool(threadPoolPtr);
RCF::ServerBindingPtr bindingPtr = server.bind<I_TESTRPC>(testrpc);
#ifdef RCF_USE_OPENSSL
RCF::CertificatePtr serverCertPtr( new RCF::PemCertificate("rcf_srv.pem", "rcf_pass_123") );
server.setCertificate(serverCertPtr);
#endif
....
server.start();
Client-Side code:
Code: Select all
RcfClient<I_TESTRPC> * client = new RcfClient<I_TESTRPC>( RCF::TcpEndpoint("127.0.0.1", 50001) );
client->getClientStub().setConnectTimeoutMs(3*1000);
client->getClientStub().setRemoteCallTimeoutMs(3*1000);
client->getClientStub().getTransport().setMaxIncomingMessageLength(20*1024*1024);
#ifdef RCF_USE_OPENSSL
client->getClientStub().setCertificateValidationCallback(&opensslValidateCert);
#endif
// ----------
#ifdef RCF_USE_OPENSSL
bool opensslValidateCert(RCF::Certificate * pCert)
{
return true;
}
#endif
Where an error?
-
jarl
- Posts: 238
- Joined: Mon Oct 03, 2011 4:53 am
-
Contact:
Post
by jarl »
You need to set SSL as the transport protocol on the client stub:
Code: Select all
client->getClientStub().setTransportProtocol(RCF::Tp_Ssl);
-
acDev
- Posts: 27
- Joined: Tue Oct 08, 2013 3:08 pm
- Location: Moscow
-
Contact:
Post
by acDev »
jarl wrote:You need to set SSL as the transport protocol on the client stub:
Code: Select all
client->getClientStub().setTransportProtocol(RCF::Tp_Ssl);
Thank you. It's work.
Patch for use OpenSSL static link (LIB-files).
Code: Select all
Index: ./RcfLib/src/RCF/OpenSslEncryptionFilter.cpp
===================================================================
@@ -38,6 +38,12 @@
namespace RCF {
+#ifdef RCF_USE_OPENSSL_STATIC
+#define RCF_OPENSSL_LOAD_FUNC(_fn_name_) RCF_LOAD_LIB_FUNCTION(_fn_name_)
+#else
+#define RCF_OPENSSL_LOAD_FUNC(_fn_name_) RCF_LOAD_DLL_FUNCTION(_fn_name_)
+#endif
+
class OpenSslDll
{
public:
@@ -56,9 +62,9 @@
typedef void (*Pfn_SSL_set_verify)(SSL *s, int mode, int (*callback)(int ok,X509_STORE_CTX *ctx));
typedef SSL * (*Pfn_SSL_new)(SSL_CTX *ctx);
typedef void (*Pfn_SSL_free)(SSL *ssl);
- typedef SSL_CTX * (*Pfn_SSL_CTX_new)(SSL_METHOD *meth);
+ typedef SSL_CTX * (*Pfn_SSL_CTX_new)(const SSL_METHOD *meth);
typedef void (*Pfn_SSL_CTX_free)(SSL_CTX *);
- typedef SSL_METHOD * (*Pfn_SSLv23_method)(void);
+ typedef const SSL_METHOD * (*Pfn_SSLv23_method)(void);
typedef BIO_METHOD * (*Pfn_BIO_f_ssl)(void);
typedef int (*Pfn_SSL_CTX_use_PrivateKey)(SSL_CTX *ctx, EVP_PKEY *pkey);
typedef int (*Pfn_SSL_CTX_use_certificate_chain_file)(SSL_CTX *ctx, const char *file); /* PEM type */
@@ -153,8 +159,9 @@
OpenSslDll::OpenSslDll()
{
+#ifndef RCF_USE_OPENSSL_STATIC
mDynamicLibPtr.reset( new DynamicLib( getGlobals().getOpenSslDllName() ) );
-
+#endif
loadFunctionPtrs();
// Initialize OpenSSL.
@@ -164,34 +171,36 @@
void OpenSslDll::loadFunctionPtrs()
{
+#ifndef RCF_USE_OPENSSL_STATIC
RCF_ASSERT(mDynamicLibPtr);
-
- RCF_LOAD_DLL_FUNCTION(SSL_get_verify_result);
- RCF_LOAD_DLL_FUNCTION(SSL_get_peer_certificate);
- RCF_LOAD_DLL_FUNCTION(SSL_state);
- RCF_LOAD_DLL_FUNCTION(SSL_set_bio);
- RCF_LOAD_DLL_FUNCTION(SSL_set_connect_state);
- RCF_LOAD_DLL_FUNCTION(SSL_set_accept_state);
- RCF_LOAD_DLL_FUNCTION(SSL_set_verify);
- RCF_LOAD_DLL_FUNCTION(SSL_new);
- RCF_LOAD_DLL_FUNCTION(SSL_free);
- RCF_LOAD_DLL_FUNCTION(SSL_CTX_new);
- RCF_LOAD_DLL_FUNCTION(SSL_CTX_free);
- RCF_LOAD_DLL_FUNCTION(SSLv23_method);
- RCF_LOAD_DLL_FUNCTION(BIO_f_ssl);
- RCF_LOAD_DLL_FUNCTION(SSL_CTX_use_PrivateKey);
- RCF_LOAD_DLL_FUNCTION(SSL_CTX_use_certificate_chain_file);
- RCF_LOAD_DLL_FUNCTION(SSL_CTX_load_verify_locations);
- RCF_LOAD_DLL_FUNCTION(SSL_load_error_strings);
- RCF_LOAD_DLL_FUNCTION(SSL_library_init);
+#endif
+ RCF_OPENSSL_LOAD_FUNC(SSL_get_verify_result);
+ RCF_OPENSSL_LOAD_FUNC(SSL_get_peer_certificate);
+ RCF_OPENSSL_LOAD_FUNC(SSL_state);
+ RCF_OPENSSL_LOAD_FUNC(SSL_set_bio);
+ RCF_OPENSSL_LOAD_FUNC(SSL_set_connect_state);
+ RCF_OPENSSL_LOAD_FUNC(SSL_set_accept_state);
+ RCF_OPENSSL_LOAD_FUNC(SSL_set_verify);
+ RCF_OPENSSL_LOAD_FUNC(SSL_new);
+ RCF_OPENSSL_LOAD_FUNC(SSL_free);
+ RCF_OPENSSL_LOAD_FUNC(SSL_CTX_new);
+ RCF_OPENSSL_LOAD_FUNC(SSL_CTX_free);
+ RCF_OPENSSL_LOAD_FUNC(SSLv23_method);
+ RCF_OPENSSL_LOAD_FUNC(BIO_f_ssl);
+ RCF_OPENSSL_LOAD_FUNC(SSL_CTX_use_PrivateKey);
+ RCF_OPENSSL_LOAD_FUNC(SSL_CTX_use_certificate_chain_file);
+ RCF_OPENSSL_LOAD_FUNC(SSL_CTX_load_verify_locations);
+ RCF_OPENSSL_LOAD_FUNC(SSL_load_error_strings);
+ RCF_OPENSSL_LOAD_FUNC(SSL_library_init);
}
// OpenSslCryptoDll
OpenSslCryptoDll::OpenSslCryptoDll()
{
+#ifndef RCF_USE_OPENSSL_STATIC
mDynamicLibPtr.reset( new DynamicLib( getGlobals().getOpenSslCryptoDllName() ) );
-
+#endif
loadFunctionPtrs();
// Initialize OpenSSL.
@@ -202,34 +211,35 @@
void OpenSslCryptoDll::loadFunctionPtrs()
{
+#ifndef RCF_USE_OPENSSL_STATIC
RCF_ASSERT(mDynamicLibPtr);
+#endif
+ RCF_OPENSSL_LOAD_FUNC(BIO_ctrl_pending);
+ RCF_OPENSSL_LOAD_FUNC(BIO_write);
+ RCF_OPENSSL_LOAD_FUNC(BIO_read);
+ RCF_OPENSSL_LOAD_FUNC(BIO_nread0);
+ RCF_OPENSSL_LOAD_FUNC(BIO_nwrite0);
+ RCF_OPENSSL_LOAD_FUNC(BIO_ctrl_get_read_request);
+ RCF_OPENSSL_LOAD_FUNC(BIO_nread);
+ RCF_OPENSSL_LOAD_FUNC(BIO_nwrite);
+ RCF_OPENSSL_LOAD_FUNC(BIO_ctrl);
+ RCF_OPENSSL_LOAD_FUNC(BIO_new_bio_pair);
+ RCF_OPENSSL_LOAD_FUNC(BIO_new);
+ RCF_OPENSSL_LOAD_FUNC(BIO_free);
+ RCF_OPENSSL_LOAD_FUNC(EVP_PKEY_free);
+ RCF_OPENSSL_LOAD_FUNC(BIO_s_file);
+ RCF_OPENSSL_LOAD_FUNC(ERR_print_errors_cb);
+ RCF_OPENSSL_LOAD_FUNC(ERR_print_errors);
+ RCF_OPENSSL_LOAD_FUNC(BIO_s_mem);
+ RCF_OPENSSL_LOAD_FUNC(ERR_load_crypto_strings);
- RCF_LOAD_DLL_FUNCTION(BIO_ctrl_pending);
- RCF_LOAD_DLL_FUNCTION(BIO_write);
- RCF_LOAD_DLL_FUNCTION(BIO_read);
- RCF_LOAD_DLL_FUNCTION(BIO_nread0);
- RCF_LOAD_DLL_FUNCTION(BIO_nwrite0);
- RCF_LOAD_DLL_FUNCTION(BIO_ctrl_get_read_request);
- RCF_LOAD_DLL_FUNCTION(BIO_nread);
- RCF_LOAD_DLL_FUNCTION(BIO_nwrite);
- RCF_LOAD_DLL_FUNCTION(BIO_ctrl);
- RCF_LOAD_DLL_FUNCTION(BIO_new_bio_pair);
- RCF_LOAD_DLL_FUNCTION(BIO_new);
- RCF_LOAD_DLL_FUNCTION(BIO_free);
- RCF_LOAD_DLL_FUNCTION(EVP_PKEY_free);
- RCF_LOAD_DLL_FUNCTION(BIO_s_file);
- RCF_LOAD_DLL_FUNCTION(ERR_print_errors_cb);
- RCF_LOAD_DLL_FUNCTION(ERR_print_errors);
- RCF_LOAD_DLL_FUNCTION(BIO_s_mem);
- RCF_LOAD_DLL_FUNCTION(ERR_load_crypto_strings);
-
- RCF_LOAD_DLL_FUNCTION(BIO_test_flags);
- RCF_LOAD_DLL_FUNCTION(X509_free);
- RCF_LOAD_DLL_FUNCTION(PEM_read_bio_PrivateKey);
- RCF_LOAD_DLL_FUNCTION(OPENSSL_add_all_algorithms_noconf);
- RCF_LOAD_DLL_FUNCTION(X509_get_subject_name);
- RCF_LOAD_DLL_FUNCTION(X509_get_issuer_name);
- RCF_LOAD_DLL_FUNCTION(X509_NAME_print_ex);
+ RCF_OPENSSL_LOAD_FUNC(BIO_test_flags);
+ RCF_OPENSSL_LOAD_FUNC(X509_free);
+ RCF_OPENSSL_LOAD_FUNC(PEM_read_bio_PrivateKey);
+ RCF_OPENSSL_LOAD_FUNC(OPENSSL_add_all_algorithms_noconf);
+ RCF_OPENSSL_LOAD_FUNC(X509_get_subject_name);
+ RCF_OPENSSL_LOAD_FUNC(X509_get_issuer_name);
+ RCF_OPENSSL_LOAD_FUNC(X509_NAME_print_ex);
}
-
jarl
- Posts: 238
- Joined: Mon Oct 03, 2011 4:53 am
-
Contact:
Post
by jarl »
Thanks for the patch for linking against static OpenSSL libs - I've merged that into the codebase so it will be in the next release.