Dear openssl-users£¬
When using the openssl and found a large number of connections during the
establishment of the memory has been growing closed, the test found that when
the
memory is increased to 317548K, the not increased, the initial memory, only a
few
K, very strange.
why? How can I resolve it?
thank u!
code£º
server.c
#include <stdio.h>
#include <stdlib.h>
#include <errno.h>
#include <string.h>
#include <sys/types.h>
#include <netinet/in.h>
#include <sys/socket.h>
#include <sys/wait.h>
#include <unistd.h>
#include <arpa/inet.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <string>
using namespace std;
std::string a_serverCert = "server_cert/newcert.pem";
std::string a_serverKey = "server_cert/newkey.pem";
std::string a_trustCert = "server_cert/cacert.pem";
std::string a_password = "1234";
#define MAXBUF 1024
int main(int argc, char **argv)
{
int sockfd, new_fd;
socklen_t len;
struct sockaddr_in my_addr, their_addr;
unsigned int myport, lisnum;
char buf[MAXBUF + 1];
SSL_CTX *ctx;
myport = 8899;
lisnum = 2;
SSL_library_init();
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
ctx = SSL_CTX_new(SSLv23_server_method());
if (ctx == NULL) {
ERR_print_errors_fp(stdout);
exit(1);
}
if (SSL_CTX_use_certificate_file(ctx, a_serverCert.c_str(),
SSL_FILETYPE_PEM)
<= 0) {
ERR_print_errors_fp(stdout);
exit(1);
}
//set the key file's password.
SSL_CTX_set_default_passwd_cb_userdata(ctx, (void*) (a_password.c_str()));
if (SSL_CTX_use_PrivateKey_file(ctx, a_serverKey.c_str(), SSL_FILETYPE_PEM)
<=
0) {
ERR_print_errors_fp(stdout);
exit(1);
}
if (!SSL_CTX_check_private_key(ctx)) {
ERR_print_errors_fp(stdout);
exit(1);
}
//set vefify client, the server will verify client's certification
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
//load trust certification. it is CA root certification or user's certification
SSL_CTX_load_verify_locations(ctx, a_trustCert.c_str(), NULL);
printf("socket creating...... \t\t");
if ((sockfd = socket(PF_INET, SOCK_STREAM, 0)) == -1)
{
perror("socket");
exit(1);
}
else
printf("socket created.\n");
bzero(&my_addr, sizeof(my_addr));
my_addr.sin_family = PF_INET;
my_addr.sin_port = htons(myport);
my_addr.sin_addr.s_addr = INADDR_ANY;
printf("bingding......\t\t\t");
if (bind(sockfd, (struct sockaddr *) &my_addr, sizeof(struct sockaddr))
== -1) {
perror("bind");
exit(1);
} else
printf("binded.\n");
if (listen(sockfd, lisnum) == -1) {
perror("listen");
exit(1);
} else
printf("begin listen......\n");
while (1)
{
SSL *ssl;
len = sizeof(struct sockaddr);
if ((new_fd =
accept(sockfd, (struct sockaddr *) &their_addr,
&len)) == -1) {
perror("accept");
//exit(errno);
continue;
} else
printf("server: got connection from %s, port %d, socket %d\n",
inet_ntoa(their_addr.sin_addr),
ntohs(their_addr.sin_port), new_fd);
ssl = SSL_new(ctx);
SSL_set_fd(ssl, new_fd);
if (SSL_accept(ssl) == -1) {
perror("accept");
close(new_fd);
continue;
}
bzero(buf, MAXBUF + 1);
// scanf("%[^\n]",buf);
//
// len = SSL_write(ssl, buf, strlen(buf));
//
// if (len <= 0) {
// printf
// ("send msg:'%s' failed£¡error code:%d£¬error info'%s'\n",
// buf, errno, strerror(errno));
// goto finish;
// } else
// printf("send msg:'%s' ok£¬len:%d\n",
// buf, len);
bzero(buf, MAXBUF + 1);
len = SSL_read(ssl, buf, MAXBUF);
if (len > 0)
printf("read msg:'%s'£¬len:%d \n",
buf, len);
else
printf
("read failed£¡error code:%d£¬error info: '%s'\n",
errno, strerror(errno));
finish:
SSL_shutdown(ssl);
SSL_free(ssl);
close(new_fd);
}
close(sockfd);
SSL_CTX_free(ctx);
return 0;
}
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
