openssl ssl Client 코딩예

 
int stat=0;
 SSL_CTX* ctx;
    SSL*     ssl;
    X509*    server_cert;
 SSL_METHOD *meth;

 CTCPComm TCPComm;
 ByteString ip;
 int port;
 IPPortParsing(bsData,ip,port);
 stat=TCPComm.Connect((char*)ip,port);
 //stat=TCPComm.Connect("10.10.10.21",110);
 if (stat!=0) return -1;

 SSLeay_add_ssl_algorithms();
    //meth = SSLv2_client_method();
    meth = TLSv1_client_method();
    SSL_load_error_strings();
    ctx = SSL_CTX_new (meth);

 ssl = SSL_new (ctx);    
    //CHK_NULL(ssl);    

    // connect the SSL object with a file descriptor
    SSL_set_fd (ssl, TCPComm.m_nSocketHandle);

    // initiate the TLS/SSL handshake with an TLS/SSL server
    stat = SSL_connect (ssl);    
    //CHK_SSL(err);

    /* 
     * Following two steps are optional and not required for
     * data exchange to be successful. 
     */

    printf ("SSL connection using %s\n", SSL_get_cipher (ssl));

    // Get server's certificate (note: beware of dynamic allocation) - opt 
    server_cert = SSL_get_peer_certificate (ssl);    
    //CHK_NULL(server_cert);
    //print_x509(ssl);

    /*
    printf ("Server certificate:\n");
    str = X509_NAME_oneline (X509_get_subject_name (server_cert),0,0);
    CHK_NULL(str);
    printf ("\t subject: %s\n", str);
    free (str);

    str = X509_NAME_oneline (X509_get_issuer_name  (server_cert),0,0);
    CHK_NULL(str);
    printf ("\t issuer: %s\n", str);
    free (str);
    */

    /* 
     * We could do all sorts of certificate verification stuff here before
     * deallocating the certificate. 
     */
    X509_free (server_cert);

    ///////////////////////////////////////////////////////////////////////////////////////
    // DATA EXCHANGE - Send a message and receive a reply.
   
 ByteString temp;
 int idx=0;
 idx=bsData.find("$");
 if (idx<0 || idx>16) temp=bsData;
 else temp.setBuffer(bsData.getBuffer()+idx+1,bsData.getLength()-idx-1);

 bsData=temp;
    //err = SSL_write (ssl, "Hello World!", strlen("Hello World!"));
 ByteString bsDataLast;
 //bsDataLast=bsData.getLength()+"$"+bsDataLast);
 
 //ByteString bsResult;
 //DSBase::base64Encode(bsData,&bsResult);

 bsDataLast.format2K("%d",bsData.getLength());
 bsDataLast+="$";
 bsDataLast+=bsData;
 //bsDataLast.format2K("%d$%uc",bsData.getLength(),bsData.getBuffer());
    //CHK_SSL(err);
 
 stat = SSL_write (ssl, bsDataLast.getBuffer(), bsDataLast.getLength());  
   // CHK_SSL(err);

    /*err = SSL_read (ssl, buf, sizeof(buf) - 1);    
    CHK_SSL(err);
    buf[err] = '\0';
    printf ("Got %d chars:'%s'\n", err, buf);*/

    // send SSL/TLS close_notify
    SSL_shutdown (ssl);  

    /* Clean up. */

    TCPComm.Close();
    SSL_free (ssl);
    SSL_CTX_free (ctx);