使用 libcurl & SSL协议

发布于 2024-09-03 10:25:23 字数 920 浏览 9 评论 0原文

我发现关于这个主题的信息确实很少。我已经有一个 dll 使用 libcurl 成功发布了帖子。

我已经使用 openssl 编译了 libcurl 以实现 ssl 功能。

这是我最初的卷曲设置的一个发挥。

    curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, errorBuffer);

    //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER , 1);
    //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST , 1);
    //curl_easy_setopt(curl, CURLOPT_CAINFO , "./ca.cert");

    curl_easy_setopt(handle, CURLOPT_POSTFIELDS, cParam); 
    curl_easy_setopt(handle, CURLOPT_POSTFIELDSIZE, strlen(cParam));
    curl_easy_setopt(handle, CURLOPT_FOLLOWLOCATION, 1);
    curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, Request::writer);   
    curl_easy_setopt(handle, CURLOPT_WRITEDATA, &buffer); 
    curl_easy_setopt(handle, CURLOPT_URL, cURL);

我想问那些以前做过这件事的人,是不是只要添加上面这些行就可以让 SSL 工作(只要证书存在)那么简单?还是更复杂?

有趣的是我并不完全确定 SSL 是如何工作的。我以前从未使用过它。我是否需要在应用程序中存储密钥并随每个请求一起发送?无论如何,我的主要问题是第一个问题。先感谢您。

I've found there is really very little information around on this topic. I already have a dll making successful posts using libcurl.

I've compiled libcurl with openssl for ssl functionality.

Here is an exert of my original curl setup.

    curl_easy_setopt(handle, CURLOPT_ERRORBUFFER, errorBuffer);

    //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER , 1);
    //curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST , 1);
    //curl_easy_setopt(curl, CURLOPT_CAINFO , "./ca.cert");

    curl_easy_setopt(handle, CURLOPT_POSTFIELDS, cParam); 
    curl_easy_setopt(handle, CURLOPT_POSTFIELDSIZE, strlen(cParam));
    curl_easy_setopt(handle, CURLOPT_FOLLOWLOCATION, 1);
    curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, Request::writer);   
    curl_easy_setopt(handle, CURLOPT_WRITEDATA, &buffer); 
    curl_easy_setopt(handle, CURLOPT_URL, cURL);

My question to those who've done this before, is it as easy as just adding those lines above to get SSL to work (as long as the certificate exists)? Or is it more complicated?

The funny thing is I'm not completely sure how SSL works. I've never worked with it before. Do I need to store a key in my application and send it with each request? Anyway my main question was the first. Thank you in advance.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

美煞众生 2024-09-10 10:25:23

是的,就是这么简单。只需确保您拥有的“ca.cert”文件是真正的 CA 证书,可以验证您的服务器的证书。

Yes, it is that simple. Just make sure that the "ca.cert" file you have is a true CA cert that can verify your server's certificate.

古镇旧梦 2024-09-10 10:25:23

要在 libcurl 中使用 SSL,您所需要做的就是提供 https url 而不是 http url。您需要使用curl_easy_setopt设置的唯一选项是CURLOPT_URL,尽管如果您不指定写入回调,它只会将接收到的数据打印到stdout。

CURL *handle = curl_easy_init();
char url[] = "https://google.com";
curl_easy_setopt(handle, CURLOPT_URL, url);
curl_easy_perform(handle);

All you need to do to use SSL with libcurl is give an https url instead of an http url. The only option you need to set with curl_easy_setopt is CURLOPT_URL, although it will just print the received data to stdout if you don't specify a write callback.

CURL *handle = curl_easy_init();
char url[] = "https://google.com";
curl_easy_setopt(handle, CURLOPT_URL, url);
curl_easy_perform(handle);
旧时浪漫 2024-09-10 10:25:23

如果您确实想检查主机名匹配,请确保在使用 CURLOPT_SSL_VERIFYHOST 时将实际值设置为 2L(默认值)而不是 1(如该示例中的注释所示),否则它只会检查证书中是否存在“通用名称”(CN)。

Make sure that when using CURLOPT_SSL_VERIFYHOST you set the actual value to 2L (which is the default) instead of 1 (as shown as a comment in that example), if you really want to check the hostname matches, otherwise it would just check for the existence of a "Common name" (CN) in the certificate.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文