指示 OpenSSL 在设置新 BIO 时不要释放 BIO 对象

发布于 2024-12-06 16:01:19 字数 364 浏览 0 评论 0原文

在此示例代码中：

BIO *bio1 = BIO_new(BIO_s_mem());
BIO *bio2 = BIO_new(BIO_s_mem());
SSL_set_bio(ssl, bio1, bio1);
SSL_set_bio(ssl, bio2, bio2);

对 SSL_set_bio 的最后一次调用会自动调用 BIO_free(bio1)。有没有办法告诉 OpenSSL 不要这样做？

我知道在使用 BIO_new(BIO_s_mem()) 创建内存 bio 后，我可以告诉 OpenSSL 不要使用 BIO_set_close(bio, BIO_NOCLOSE) 释放它的内存缓冲区。我的情况有类似的情况吗？

原文

In this sample code:

BIO *bio1 = BIO_new(BIO_s_mem());
BIO *bio2 = BIO_new(BIO_s_mem());
SSL_set_bio(ssl, bio1, bio1);
SSL_set_bio(ssl, bio2, bio2);

the last call to SSL_set_bio automatically calls BIO_free(bio1).
Is there anyway to tell OpenSSL not to do so?

I know that upon creating a memory bio with BIO_new(BIO_s_mem()) I can tell OpenSSL not to free it's memory buffer with BIO_set_close(bio, BIO_NOCLOSE). Is there anything similar for my case?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

誰ツ都不明白 2024-12-13 16:01:19

无法阻止 SSL_set_bio 释放公共 API 中的当前 BIO。你可以在源代码中看到它只是检查每个bio是否不为空，然后释放它。

主要思想是，在调用SSL_set_bio之后，OpenSSL 拥有 BIO 并对其负责。

void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
        {
        /* If the output buffering BIO is still in place, remove it
         */
        if (s->bbio != NULL)
                {
                if (s->wbio == s->bbio)
                        {
                        s->wbio=s->wbio->next_bio;
                        s->bbio->next_bio=NULL;
                        }
                }
        if ((s->rbio != NULL) && (s->rbio != rbio))
                BIO_free_all(s->rbio);
        if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
                BIO_free_all(s->wbio);
        s->rbio=rbio;
        s->wbio=wbio;
        }

如果我有正当理由在生产代码中保留生物缓冲区，我会编写自己的生物并使用它。这并不像听起来那么难。只需复制 /crypto/bio/bss_mem.c，重命名函数和 mem_method 表，然后替换 mem_free()< 的行为/代码>。然后，传递 BIO_custom_mem_bio 或任何您为 Bio 命名的访问器函数，而不是 BIO_s_mem。

如果我需要它用于调试目的而不是生产代码，我可能会深入到 ssl_st 结构 (SSL *) 的内部，并在之前将所有 BIOS 设为 NULL调用SSL_set_bio。但我不会在生产代码中这样做，因为未来的 SSL 版本可能会破坏该代码。

There's no way to prevent SSL_set_bio from freeing the current BIO in the public API. You can see in the source code that it simply checks whether each bio is not null and then frees it.

The main idea is that after you call SSL_set_bio, OpenSSL owns the BIO and is responsible for it.

void SSL_set_bio(SSL *s,BIO *rbio,BIO *wbio)
        {
        /* If the output buffering BIO is still in place, remove it
         */
        if (s->bbio != NULL)
                {
                if (s->wbio == s->bbio)
                        {
                        s->wbio=s->wbio->next_bio;
                        s->bbio->next_bio=NULL;
                        }
                }
        if ((s->rbio != NULL) && (s->rbio != rbio))
                BIO_free_all(s->rbio);
        if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
                BIO_free_all(s->wbio);
        s->rbio=rbio;
        s->wbio=wbio;
        }

If I had a legitimate reason to keep the bio buffer around in production code, I would write my own bio and use that. It's not as hard as it sounds. Just copy <openssl source>/crypto/bio/bss_mem.c, rename the functions and mem_method table, and then replace the behavior of mem_free(). Then instead of BIO_s_mem, pass BIO_custom_mem_bio or whatever you name the accessor function for your bio.

If I needed it for debugging purposes and not production code, I'd probably just grovel into the internals of the ssl_st struct (SSL *) and make all the bios NULL before calling SSL_set_bio. But I wouldn't do that in production code because future SSL versions may break that code.

回复收藏 0 原文