Linux安全體系學習筆記之四:OpenSSL源代碼分析(3) .
Linux安全體系學習筆記之四:OpenSSL源代碼分析(3) .
BIO是對IO操作的封裝,OpenSSL的BIO抽象介面不僅可以對SSL連接的I/O使用,也可以對非加密的網路連接和文件的I/O使用。BIO的相關源代碼在crypto/bio文件夾下。
BIO的相關數據結構列出如下。
BIO結構:
view plaincopy to clipboardprint?01.struct bio_st
02. {
03. BIO_METHOD *method;
04. /* bio, mode, argp, argi, argl, ret */
05. long (*callback)(struct bio_st *,int,const char *,int, long,long);
06. char *cb_arg; /* first argument for the callback */
07.
08. int init;
09. int shutdown;
10. int flags; /* extra storage */
11. int retry_reason;
12. int num;
13. void *ptr;
14. struct bio_st *next_bio; /* used by filter BIOs */
15. struct bio_st *prev_bio; /* used by filter BIOs */
16. int references;
17. unsigned long num_read;
18. unsigned long num_write;
19.
20. CRYPTO_EX_DATA ex_data;
21. };
struct bio_st
{
BIO_METHOD *method;
/* bio, mode, argp, argi, argl, ret */
long (*callback)(struct bio_st *,int,const char *,int, long,long);
char *cb_arg; /* first argument for the callback */
int init;
int shutdown;
int flags; /* extra storage */
int retry_reason;
int num;
void *ptr;
struct bio_st *next_bio; /* used by filter BIOs */
struct bio_st *prev_bio; /* used by filter BIOs */
int references;
unsigned long num_read;
unsigned long num_write;
CRYPTO_EX_DATA ex_data;
};BIO操作的結構:
view plaincopy to clipboardprint?01.typedef struct bio_method_st
02. {
03. int type;
04. const char *name;
05. int (*bwrite)(BIO *, const char *, int);
06. int (*bread)(BIO *, char *, int);
07. int (*bputs)(BIO *, const char *);
08. int (*bgets)(BIO *, char *, int);
09. long (*ctrl)(BIO *, int, long, void *);
10. int (*create)(BIO *);
11. int (*destroy)(BIO *);
12. long (*callback_ctrl)(BIO *, int, bio_info_cb *);
13. } BIO_METHOD;
typedef struct bio_method_st
{
int type;
const char *name;
int (*bwrite)(BIO *, const char *, int);
int (*bread)(BIO *, char *, int);
int (*bputs)(BIO *, const char *);
int (*bgets)(BIO *, char *, int);
long (*ctrl)(BIO *, int, long, void *);
int (*create)(BIO *);
int (*destroy)(BIO *);
long (*callback_ctrl)(BIO *, int, bio_info_cb *);
} BIO_METHOD;BIO介面類型分為源/接收類型和過濾類型兩種。
view plaincopy to clipboardprint?01.#define BIO_TYPE_DESCRIPTOR0x0100 /* socket, fd, connect or accept */
02.#define BIO_TYPE_FILTER 0x0200
03.#define BIO_TYPE_SOURCE_SINK 0x0400
#define BIO_TYPE_DESCRIPTOR0x0100 /* socket, fd, connect or accept */
#define BIO_TYPE_FILTER 0x0200
#define BIO_TYPE_SOURCE_SINK 0x04001、源/接收類型
view plaincopy to clipboardprint?01.#define BIO_TYPE_MEM(1|0x0400)
02.#define BIO_TYPE_FILE (2|0x0400)
03.#define BIO_TYPE_FD (4|0x0400|0x0100)
04.#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
05.#define BIO_TYPE_NULL (6|0x0400)
06.#define BIO_TYPE_CONNECT(12|0x0400|0x0100)/* socket - connect */
07.#define BIO_TYPE_ACCEPT(13|0x0400|0x0100)/* socket for accept */
08.#define BIO_TYPE_BIO(19|0x0400)/* (half a) BIO pair */
09.#define BIO_TYPE_DGRAM(21|0x0400|0x0100)
#define BIO_TYPE_MEM(1|0x0400)
#define BIO_TYPE_FILE (2|0x0400)
#define BIO_TYPE_FD (4|0x0400|0x0100)
#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
#define BIO_TYPE_NULL (6|0x0400)
#define BIO_TYPE_CONNECT(12|0x0400|0x0100)/* socket - connect */
#define BIO_TYPE_ACCEPT(13|0x0400|0x0100)/* socket for accept */
#define BIO_TYPE_BIO(19|0x0400)/* (half a) BIO pair */
#define BIO_TYPE_DGRAM(21|0x0400|0x0100)2、過濾類型
view plaincopy to clipboardprint?01.#define BIO_TYPE_SSL(7|0x0200)
02.#define BIO_TYPE_MD(8|0x0200) /* passive filter */
03.#define BIO_TYPE_BUFFER (9|0x0200)/* filter */
04.#define BIO_TYPE_CIPHER (10|0x0200)/* filter */
05.#define BIO_TYPE_BASE64 (11|0x0200)/* filter */
06.#define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
07.#define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
08.#define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
09.#define BIO_TYPE_NULL_FILTER (17|0x0200)
10.#define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
11.#define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
12.#define BIO_TYPE_ASN1 (22|0x0200)/* filter */
13.#define BIO_TYPE_COMP (23|0x0200)/* filter */
#define BIO_TYPE_SSL(7|0x0200)
#define BIO_TYPE_MD(8|0x0200) /* passive filter */
#define BIO_TYPE_BUFFER (9|0x0200)/* filter */
#define BIO_TYPE_CIPHER (10|0x0200)/* filter */
#define BIO_TYPE_BASE64 (11|0x0200)/* filter */
#define BIO_TYPE_PROXY_CLIENT (14|0x0200)/* client proxy BIO */
#define BIO_TYPE_PROXY_SERVER (15|0x0200)/* server proxy BIO */
#define BIO_TYPE_NBIO_TEST (16|0x0200)/* server proxy BIO */
#define BIO_TYPE_NULL_FILTER (17|0x0200)
#define BIO_TYPE_BER (18|0x0200)/* BER -> bin filter */
#define BIO_TYPE_LINEBUFFER (20|0x0200)/* filter */
#define BIO_TYPE_ASN1 (22|0x0200)/* filter */
#define BIO_TYPE_COMP (23|0x0200)/* filter */BIO過濾緩衝結構:
view plaincopy to clipboardprint?01.typedef struct bio_f_buffer_ctx_struct
02. {
03. /* BIO *bio; */ /* this is now in the BIO struct */
04. int ibuf_size; /* how big is the input buffer */
05. int obuf_size; /* how big is the output buffer */
06.
07. char *ibuf; /* the char array */
08. int ibuf_len; /* how many bytes are in it */
09. int ibuf_off; /* write/read offset */
10.
11. char *obuf; /* the char array */
12. int obuf_len; /* how many bytes are in it */
13. int obuf_off; /* write/read offset */
14. } BIO_F_BUFFER_CTX;
《解決方案》
謝謝分享
