• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

C++ ERR_print_errors_fp函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了C++中ERR_print_errors_fp函数的典型用法代码示例。如果您正苦于以下问题:C++ ERR_print_errors_fp函数的具体用法?C++ ERR_print_errors_fp怎么用?C++ ERR_print_errors_fp使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了ERR_print_errors_fp函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。

示例1: server_thread

// Minimal TLS server. This is largely based on the example at
// https://wiki.openssl.org/index.php/Simple_TLS_Server and the gRPC core
// internals in src/core/lib/tsi/ssl_transport_security.c.
static void server_thread(void *arg) {
  const server_args *args = (server_args *)arg;

  SSL_load_error_strings();
  OpenSSL_add_ssl_algorithms();

  const SSL_METHOD *method = TLSv1_2_server_method();
  SSL_CTX *ctx = SSL_CTX_new(method);
  if (!ctx) {
    perror("Unable to create SSL context");
    ERR_print_errors_fp(stderr);
    abort();
  }

  // Load key pair.
  if (SSL_CTX_use_certificate_file(ctx, SSL_CERT_PATH, SSL_FILETYPE_PEM) < 0) {
    ERR_print_errors_fp(stderr);
    abort();
  }
  if (SSL_CTX_use_PrivateKey_file(ctx, SSL_KEY_PATH, SSL_FILETYPE_PEM) < 0) {
    ERR_print_errors_fp(stderr);
    abort();
  }

  // Set the cipher list to match the one expressed in
  // src/core/lib/tsi/ssl_transport_security.c.
  const char *cipher_list =
      "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-"
      "SHA384:ECDHE-RSA-AES256-GCM-SHA384";
  if (!SSL_CTX_set_cipher_list(ctx, cipher_list)) {
    ERR_print_errors_fp(stderr);
    gpr_log(GPR_ERROR, "Couldn't set server cipher list.");
    abort();
  }

  // Register the ALPN selection callback.
  SSL_CTX_set_alpn_select_cb(ctx, alpn_select_cb, args->alpn_preferred);

  // bind/listen/accept at TCP layer.
  const int sock = args->socket;
  gpr_log(GPR_INFO, "Server listening");
  struct sockaddr_in addr;
  socklen_t len = sizeof(addr);
  const int client = accept(sock, (struct sockaddr *)&addr, &len);
  if (client < 0) {
    perror("Unable to accept");
    abort();
  }

  // Establish a SSL* and accept at SSL layer.
  SSL *ssl = SSL_new(ctx);
  GPR_ASSERT(ssl);
  SSL_set_fd(ssl, client);
  if (SSL_accept(ssl) <= 0) {
    ERR_print_errors_fp(stderr);
    gpr_log(GPR_ERROR, "Handshake failed.");
  } else {
    gpr_log(GPR_INFO, "Handshake successful.");
  }

  // Wait until the client drops its connection.
  char buf;
  while (SSL_read(ssl, &buf, sizeof(buf)) > 0)
    ;

  SSL_free(ssl);
  close(client);
  close(sock);
  SSL_CTX_free(ctx);
  EVP_cleanup();
}
开发者ID:pmarks-net,项目名称:grpc,代码行数:74,代码来源:client_ssl.c


示例2: key_new

rdpRsaKey* key_new(const char* keyfile)
{
	FILE* fp;
	RSA* rsa;
	rdpRsaKey* key;

	key = (rdpRsaKey*) malloc(sizeof(rdpRsaKey));
	ZeroMemory(key, sizeof(rdpRsaKey));

	if (key == NULL)
		return NULL;

	fp = fopen(keyfile, "r");

	if (fp == NULL)
	{
		fprintf(stderr, "unable to load RSA key from %s: %s.", keyfile, strerror(errno));
		free(key) ;
		return NULL;
	}

	rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL);

	if (rsa == NULL)
	{
		ERR_print_errors_fp(stdout);
		fclose(fp);
		free(key) ;
		return NULL;
	}

	fclose(fp);

	switch (RSA_check_key(rsa))
	{
		case 0:
			RSA_free(rsa);
			fprintf(stderr, "invalid RSA key in %s", keyfile);
			free(key) ;
			return NULL;

		case 1:
			/* Valid key. */
			break;

		default:
			ERR_print_errors_fp(stderr);
			RSA_free(rsa);
			free(key) ;
			return NULL;
	}

	if (BN_num_bytes(rsa->e) > 4)
	{
		RSA_free(rsa);
		fprintf(stderr, "RSA public exponent too large in %s", keyfile);
		free(key) ;
		return NULL;
	}

	key->ModulusLength = BN_num_bytes(rsa->n);
	key->Modulus = (BYTE*) malloc(key->ModulusLength);
	BN_bn2bin(rsa->n, key->Modulus);
	crypto_reverse(key->Modulus, key->ModulusLength);

	key->PrivateExponentLength = BN_num_bytes(rsa->d);
	key->PrivateExponent = (BYTE*) malloc(key->PrivateExponentLength);
	BN_bn2bin(rsa->d, key->PrivateExponent);
	crypto_reverse(key->PrivateExponent, key->PrivateExponentLength);

	memset(key->exponent, 0, sizeof(key->exponent));
	BN_bn2bin(rsa->e, key->exponent + sizeof(key->exponent) - BN_num_bytes(rsa->e));
	crypto_reverse(key->exponent, sizeof(key->exponent));

	RSA_free(rsa);

	return key;
}
开发者ID:KimDongChun,项目名称:FreeRDP,代码行数:78,代码来源:certificate.c


示例3: main

int main(int argc, char *argv[]) {
	
	FILE		*fin, *fkey;
	u_int16_t	siglen;
	u_int32_t	magic;
	long		nread, ndata;
	char		*sigbuf, *inbuf;
	EVP_PKEY	*pkey;
	EVP_MD_CTX	ctx;
	int			err, retval;
	
	if (argc != 3)
		usage();
	
	ERR_load_crypto_strings();
	
	/* open file and check for magic */
	fin = fopen(argv[2], "r+");
	if (fin == NULL) {
		fprintf(stderr, "unable to open file '%s'\n", argv[2]);
		exit(4);
	}
	
	fseek(fin, -(sizeof(magic)), SEEK_END);
	fread(&magic, sizeof(magic), 1, fin);
		
	if (magic != SIG_MAGIC) {
		fclose(fin);
		exit(2);
	}
	
	/* magic is good; get signature length */	
	fseek(fin, -(sizeof(magic) + sizeof(siglen)), SEEK_END);	
	fread(&siglen, sizeof(siglen), 1, fin);
	
	/* read public key */
	fkey = fopen(argv[1], "r");
	if (fkey == NULL) {
		fprintf(stderr, "unable to open public key file '%s'\n", argv[1]);
		exit(4);
	}
	
	pkey = PEM_read_PUBKEY(fkey, NULL, NULL, NULL);
	fclose(fkey);
	
	if (pkey == NULL) {
		ERR_print_errors_fp(stderr);
		exit(4);
	}
	
	/* check if siglen is sane */
	if ((siglen == 0) || (siglen > EVP_PKEY_size(pkey)))
		exit(3);
	
	/* got signature length; read signature */
	sigbuf = malloc(siglen);
	if (sigbuf == NULL)
		exit(4);
	
	fseek(fin, -(sizeof(magic) + sizeof(siglen) + siglen), SEEK_END);	
	if (fread(sigbuf, 1, siglen, fin) != siglen)
		exit(4);
	
	/* signature read; truncate file to remove sig */
	fseek(fin, 0, SEEK_END);
	ndata = ftell(fin) - (sizeof(magic) + sizeof(siglen) + siglen);
	ftruncate(fileno(fin), ndata);
	
	/* verify the signature now */
	EVP_VerifyInit(&ctx, EVP_sha1());
	
	/* allocate data buffer */
	inbuf = malloc(SIG_INBUFLEN);
	if (inbuf == NULL)
		exit(4);
	
	rewind(fin);
	while (!feof(fin)) {
		nread = fread(inbuf, 1, SIG_INBUFLEN, fin);
		if (nread != SIG_INBUFLEN) {
			if (ferror(fin)) {
				fprintf(stderr, "read error in file '%s'\n", argv[2]);
				exit(4);
			}
		}
		
		EVP_VerifyUpdate(&ctx, inbuf, nread);
	}
	
	err = EVP_VerifyFinal(&ctx, sigbuf, siglen, pkey);
	EVP_PKEY_free(pkey);
	
	if (err == 1)
		retval = 0;		/* correct signature */
	else if (err == 0)
		retval = 1;		/* invalid signature */
	else
		retval = 3;		/* error */
	
	free(inbuf);
//.........这里部分代码省略.........
开发者ID:Amokbambi,项目名称:m0n0,代码行数:101,代码来源:verifysig.c


示例4: pCtx

SslContext_t::SslContext_t (bool is_server, const string &privkeyfile, const string &certchainfile):
	pCtx (NULL),
	PrivateKey (NULL),
	Certificate (NULL)
{
	/* TODO: the usage of the specified private-key and cert-chain filenames only applies to
	 * client-side connections at this point. Server connections currently use the default materials.
	 * That needs to be fixed asap.
	 * Also, in this implementation, server-side connections use statically defined X-509 defaults.
	 * One thing I'm really not clear on is whether or not you have to explicitly free X509 and EVP_PKEY
	 * objects when we call our destructor, or whether just calling SSL_CTX_free is enough.
	 */

	if (!bLibraryInitialized) {
		bLibraryInitialized = true;
		SSL_library_init();
		OpenSSL_add_ssl_algorithms();
	        OpenSSL_add_all_algorithms();
		SSL_load_error_strings();
		ERR_load_crypto_strings();

		InitializeDefaultCredentials();
	}

	bIsServer = is_server;
	pCtx = SSL_CTX_new (is_server ? SSLv23_server_method() : SSLv23_client_method());
	if (!pCtx)
		throw std::runtime_error ("no SSL context");

	SSL_CTX_set_options (pCtx, SSL_OP_ALL);
	//SSL_CTX_set_options (pCtx, (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3));

	if (is_server) {
		// The SSL_CTX calls here do NOT allocate memory.
		int e;
		if (privkeyfile.length() > 0)
			e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);
		else
			e = SSL_CTX_use_PrivateKey (pCtx, DefaultPrivateKey);
		if (e <= 0) ERR_print_errors_fp(stderr);
		assert (e > 0);

		if (certchainfile.length() > 0)
			e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());
		else
			e = SSL_CTX_use_certificate (pCtx, DefaultCertificate);
		if (e <= 0) ERR_print_errors_fp(stderr);
		assert (e > 0);
	}

	SSL_CTX_set_cipher_list (pCtx, "ALL:!ADH:!LOW:!EXP:!DES-CBC3-SHA:@STRENGTH");

	if (is_server) {
		SSL_CTX_sess_set_cache_size (pCtx, 128);
		SSL_CTX_set_session_id_context (pCtx, (unsigned char*)"eventmachine", 12);
	}
	else {
		int e;
		if (privkeyfile.length() > 0) {
			e = SSL_CTX_use_PrivateKey_file (pCtx, privkeyfile.c_str(), SSL_FILETYPE_PEM);
			if (e <= 0) ERR_print_errors_fp(stderr);
			assert (e > 0);
		}
		if (certchainfile.length() > 0) {
			e = SSL_CTX_use_certificate_chain_file (pCtx, certchainfile.c_str());
			if (e <= 0) ERR_print_errors_fp(stderr);
			assert (e > 0);
		}
	}
}
开发者ID:Averell,项目名称:eventmachine,代码行数:70,代码来源:ssl.cpp


示例5: main


//.........这里部分代码省略.........
		}
	else
		{
		if (!BIO_write_filename(out,outfile))
			{
			perror(outfile);
			EXIT(1);
			}
		}

	if (!results)
		BIO_puts(out,"obase=16\nibase=16\n");

	message(out,"BN_add");
	if (!test_add(out)) goto err;
	BIO_flush(out);

	message(out,"BN_sub");
	if (!test_sub(out)) goto err;
	BIO_flush(out);

	message(out,"BN_lshift1");
	if (!test_lshift1(out)) goto err;
	BIO_flush(out);

	message(out,"BN_lshift (fixed)");
	if (!test_lshift(out,ctx,BN_bin2bn(lst,sizeof(lst)-1,NULL)))
	    goto err;
	BIO_flush(out);

	message(out,"BN_lshift");
	if (!test_lshift(out,ctx,NULL)) goto err;
	BIO_flush(out);

	message(out,"BN_rshift1");
	if (!test_rshift1(out)) goto err;
	BIO_flush(out);

	message(out,"BN_rshift");
	if (!test_rshift(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_sqr");
	if (!test_sqr(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_mul");
	if (!test_mul(out)) goto err;
	BIO_flush(out);

	message(out,"BN_div");
	if (!test_div(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_div_recp");
	if (!test_div_recp(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_mod");
	if (!test_mod(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_mod_mul");
	if (!test_mod_mul(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_mont");
	if (!test_mont(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_mod_exp");
	if (!test_mod_exp(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_exp");
	if (!test_exp(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_kronecker");
	if (!test_kron(out,ctx)) goto err;
	BIO_flush(out);

	message(out,"BN_mod_sqrt");
	if (!test_sqrt(out,ctx)) goto err;
	BIO_flush(out);

	BN_CTX_free(ctx);
	BIO_free(out);

/**/
	EXIT(0);
err:
	BIO_puts(out,"1\n"); /* make sure the Perl script fed by bc notices
	                      * the failure, see test_bn in test/Makefile.ssl*/
	BIO_flush(out);
	ERR_load_crypto_strings();
	ERR_print_errors_fp(stderr);
	EXIT(1);
	return(1);
	}
开发者ID:froggatt,项目名称:edimax-br-6528n,代码行数:101,代码来源:bntest.c


示例6: digest

static void
digest(struct executable *x)
{
    EVP_MD_CTX *mdctx;
    const EVP_MD *md;
    size_t sum_of_bytes_hashed;
    int i, ok;

    /*
     * Windows Authenticode Portable Executable Signature Format
     * spec version 1.0 specifies MD5 and SHA1.  However, pesign
     * and sbsign both use SHA256, so do the same.
     */
    md = EVP_get_digestbyname(DIGEST);
    if (md == NULL) {
        ERR_print_errors_fp(stderr);
        errx(1, "EVP_get_digestbyname(\"%s\") failed", DIGEST);
    }

    mdctx = EVP_MD_CTX_create();
    if (mdctx == NULL) {
        ERR_print_errors_fp(stderr);
        errx(1, "EVP_MD_CTX_create(3) failed");
    }

    ok = EVP_DigestInit_ex(mdctx, md, NULL);
    if (ok == 0) {
        ERR_print_errors_fp(stderr);
        errx(1, "EVP_DigestInit_ex(3) failed");
    }

    /*
     * According to the Authenticode spec, we need to compute
     * the digest in a rather... specific manner; see "Calculating
     * the PE Image Hash" part of the spec for details.
     *
     * First, everything from 0 to before the PE checksum.
     */
    digest_range(x, mdctx, 0, x->x_checksum_off);

    /*
     * Second, from after the PE checksum to before the Certificate
     * entry in Data Directory.
     */
    digest_range(x, mdctx, x->x_checksum_off + x->x_checksum_len,
                 x->x_certificate_entry_off -
                 (x->x_checksum_off + x->x_checksum_len));

    /*
     * Then, from after the Certificate entry to the end of headers.
     */
    digest_range(x, mdctx,
                 x->x_certificate_entry_off + x->x_certificate_entry_len,
                 x->x_headers_len -
                 (x->x_certificate_entry_off + x->x_certificate_entry_len));

    /*
     * Then, each section in turn, as specified in the PE Section Table.
     *
     * XXX: Sorting.
     */
    sum_of_bytes_hashed = x->x_headers_len;
    for (i = 0; i < x->x_nsections; i++) {
        digest_range(x, mdctx,
                     x->x_section_off[i], x->x_section_len[i]);
        sum_of_bytes_hashed += x->x_section_len[i];
    }

    /*
     * I believe this can happen with overlapping sections.
     */
    if (sum_of_bytes_hashed > x->x_len)
        errx(1, "number of bytes hashed is larger than file size");

    /*
     * I can't really explain this one; just do what the spec says.
     */
    if (sum_of_bytes_hashed < x->x_len) {
        digest_range(x, mdctx, sum_of_bytes_hashed,
                     x->x_len - (signature_size(x) + sum_of_bytes_hashed));
    }

    ok = EVP_DigestFinal_ex(mdctx, x->x_digest, &x->x_digest_len);
    if (ok == 0) {
        ERR_print_errors_fp(stderr);
        errx(1, "EVP_DigestFinal_ex(3) failed");
    }

    EVP_MD_CTX_destroy(mdctx);
}
开发者ID:jaredmcneill,项目名称:freebsd,代码行数:90,代码来源:child.c


示例7: while

/**
 * \brief Funtion that listens for new connetions
 *
 * Runs in a thread and adds new connections to plugin_conf->master set
 *
 * \param[in, out] config Plugin configuration structure
 * \return NULL always
 */
void *input_listen(void *config)
{
	struct plugin_conf *conf = (struct plugin_conf *) config;
	int new_sock;
	/* use IPv6 sockaddr structure to store address information (IPv4 fits easily) */
	struct sockaddr_in6 *address = NULL;
	socklen_t addr_length;
	char src_addr[INET6_ADDRSTRLEN];
	struct input_info_list *input_info;
#ifdef TLS_SUPPORT
	int ret;
	int i;
	SSL *ssl = NULL;           /* structure for TLS connection */
	X509 *peer_cert = NULL;    /* peer's certificate */
	struct cleanup maid;       /* auxiliary struct for TLS error handling */
#endif

	/* loop ends when thread is cancelled by pthread_cancel() function */
	while (1) {
		/* allocate space for the address */
		addr_length = sizeof(struct sockaddr_in6);
		address = malloc(addr_length);
		if (!address) {
			MSG_ERROR(msg_module, "Memory allocation failed (%s:%d)", __FILE__, __LINE__);
			break;
		}

		/* ensure that address will be freed when thread is canceled */ 
		pthread_cleanup_push(input_listen_cleanup, (void *) address);

		if ((new_sock = accept(conf->socket, (struct sockaddr*) address, &addr_length)) == -1) {
			MSG_ERROR(msg_module, "Cannot accept new socket: %s", strerror(errno));
			/* exit and call cleanup */
			pthread_exit(0);
		}
#ifdef TLS_SUPPORT
		/* preparation for TLS error handling */
		maid.address = address;
		maid.ssl = NULL;
		maid.peer_cert = NULL;

		if (conf->tls) {
			/* create a new SSL structure for the connection */
			ssl = SSL_new(conf->ctx);
			if (!ssl) {
				MSG_ERROR(msg_module, "Unable to create SSL structure");
				ERR_print_errors_fp(stderr);
				/* cleanup */
				input_listen_tls_cleanup(conf, &maid);
				continue;
			}
			maid.ssl = ssl;

			/* connect the SSL object with the socket */
			ret = SSL_set_fd(ssl, new_sock);
			if (ret != 1) {
				MSG_ERROR(msg_module, "Unable to connect the SSL object with the socket");
				ERR_print_errors_fp(stderr);
				/* cleanup */
				input_listen_tls_cleanup(conf, &maid);
				continue;
			}

			/* TLS handshake */
			ret = SSL_accept(ssl);
			if (ret != 1) {
				/* handshake wasn't successful */
				MSG_ERROR(msg_module, "TLS handshake was not successful");
				ERR_print_errors_fp(stderr);
				/* cleanup */
				input_listen_tls_cleanup(conf, &maid);
				continue;
			}

			/* obtain peer's certificate */
			peer_cert = SSL_get_peer_certificate(ssl);
			if (!peer_cert) {
				MSG_ERROR(msg_module, "No certificate was presented by the peer");
				/* cleanup */
				input_listen_tls_cleanup(conf, &maid);
				continue;
			}
			maid.peer_cert = peer_cert;

			/* verify peer's certificate */
			if (SSL_get_verify_result(ssl) != X509_V_OK) {
				MSG_ERROR(msg_module, "Client sent bad certificate; verification failed");
				/* cleanup */
				input_listen_tls_cleanup(conf, &maid);
				continue;
			}

//.........这里部分代码省略.........
开发者ID:VisBlank,项目名称:ipfixcol,代码行数:101,代码来源:tcp_input.c


示例8: fips_check_rsa

int fips_check_rsa(RSA *rsa)
    {
    int n, ret = 0;
    unsigned char tctext[256], *ctext = tctext;
    unsigned char tptext[256], *ptext = tptext;
    /* The longest we can have with PKCS#1 v1.5 padding and a 512 bit key,
     * namely 512/8-11-1 = 52 bytes */
    static const unsigned char original_ptext[] =
	"\x01\x23\x45\x67\x89\xab\xcd\xef\x01\x23\x45\x67\x89\xab\xcd\xef"
	"\x01\x23\x45\x67\x89\xab\xcd\xef\x01\x23\x45\x67\x89\xab\xcd\xef"
	"\x01\x23\x45\x67\x89\xab\xcd\xef\x01\x23\x45\x67\x89\xab\xcd\xef"
	"\x01\x23\x45\x67";

    if (RSA_size(rsa) > sizeof(tctext))
	{
	ctext = OPENSSL_malloc(RSA_size(rsa));
	ptext = OPENSSL_malloc(RSA_size(rsa));
	if (!ctext || !ptext)
		{
		ERR_print_errors_fp(OPENSSL_stderr());
		exit(1);
		}
	}
	

    /* this will fail for keys shorter than 512 bits */
    n=RSA_private_encrypt(sizeof(original_ptext)-1,original_ptext,ctext,rsa,
			 RSA_PKCS1_PADDING);
    if(n < 0)
	{
	ERR_print_errors_fp(OPENSSL_stderr());
	exit(1);
	}
    if(!memcmp(ctext,original_ptext,n))
  	{
  	FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
 	goto error;
 	}
    n=RSA_public_decrypt(n,ctext,ptext,rsa,RSA_PKCS1_PADDING);
    if(n < 0)
	{
	ERR_print_errors_fp(OPENSSL_stderr());
	exit(1);
	}
    if(n != sizeof(original_ptext)-1 || memcmp(ptext,original_ptext,n))
	{
	FIPSerr(FIPS_F_FIPS_CHECK_RSA,FIPS_R_PAIRWISE_TEST_FAILED);
	goto error;
	}

    ret = 1;

    error:

    if (RSA_size(rsa) > sizeof(tctext))
	{
	OPENSSL_free(ctext);
	OPENSSL_free(ptext);
	}

    return ret;
    }
开发者ID:aosm,项目名称:OpenSSL097,代码行数:62,代码来源:fips_rsa_gen.c


示例9: krb5_cproxy_process

krb5_data *
krb5_cproxy_process(char *servername, char *port, krb5_data *request) {
  /* SSL init */
  SSL_library_init(); /* always returns 1 */
  SSL_load_error_strings();
  OpenSSL_add_all_algorithms();
  const SSL_METHOD *method = SSLv23_client_method(); /* includes TLSv1 */
  if (!method) {
    ERR_print_errors_fp(stderr);
    EVP_cleanup();
    return NULL;
  }
  SSL_CTX *gamma = SSL_CTX_new(method);
  if (!gamma) {
    ERR_print_errors_fp(stderr);
    EVP_cleanup();
    return NULL;
  }
  SSL_CTX_set_verify(gamma, SSL_VERIFY_PEER, NULL);
  if (!SSL_CTX_set_default_verify_paths(gamma)) {
    ERR_print_errors_fp(stderr);
    SSL_CTX_free(gamma);
    EVP_cleanup();
    return NULL;
  }
  SSL *ssl = SSL_new(gamma);
  if (!ssl) {
    ERR_print_errors_fp(stderr);
    SSL_CTX_free(gamma);
    EVP_cleanup();
    return NULL;
  }

  /* Encoding */
  char *req;
  gsize out_len;
  char *fmt = "POST / HTTP/1.0\r\n"
    "Host: %s\r\n" /* MSFT gets upset without this */
    "Content-type: application/kerberos\r\n"
    "Content-length: %d\r\n"
    "\r\n%s";
  char *g_buf = g_base64_encode((guchar *) request->data, request->length);
  size_t reqlen = asprintf(&req, fmt, servername, strlen(g_buf), g_buf);
  g_free(g_buf);

  /* connect to other proxy */
  struct addrinfo khints, *kserverdata;
  memset(&khints, 0, sizeof(khints));
  khints.ai_family = AF_UNSPEC;
  khints.ai_socktype = SOCK_STREAM;   /* TCP for HTTP */
  int gai_ret = getaddrinfo(servername, port, &khints, &kserverdata);
  if (gai_ret) {
    fprintf(stderr, "%s\n", gai_strerror(gai_ret));
    SSL_CTX_free(gamma);
    EVP_cleanup();
    free(req);
    return NULL;
  }

  int fd_prox = -1;
  for (struct addrinfo *cur = kserverdata;
       cur != NULL && fd_prox == -1;
       cur = cur->ai_next) {
    fd_prox = socket(cur->ai_family, cur->ai_socktype, cur->ai_protocol);
    if (fd_prox == -1) {
      fprintf(stderr, "failed to socket\n");
    } else if (connect(fd_prox, cur->ai_addr, cur->ai_addrlen) == -1) {
      close(fd_prox);
      fd_prox = -1;
      fprintf(stderr, "failed to connect\n");
    }
  }
  freeaddrinfo(kserverdata);
  if (fd_prox == -1) {
    fprintf(stderr, "unable to connect to any sockets\n");
    SSL_CTX_free(gamma);
    EVP_cleanup();
    free(req);
    return NULL;
  }

  /* SSL the socket */
  if (!SSL_set_fd(ssl, fd_prox)) {
    ERR_print_errors_fp(stderr);
    close(fd_prox);
    free(req);
    SSL_free(ssl);
    SSL_CTX_free(gamma);
    EVP_cleanup();
    return NULL;
  }
  if (SSL_connect(ssl) != 1) {
    ERR_print_errors_fp(stderr); /* maybe? */
    close(fd_prox);
    free(req);
    SSL_free(ssl);
    SSL_CTX_free(gamma);
    EVP_cleanup();
    return NULL;
  }
//.........这里部分代码省略.........
开发者ID:frozencemetery,项目名称:krb-proxies,代码行数:101,代码来源:cside.c


示例10: main


//.........这里部分代码省略.........
				fprintf(stdout, "%s: scep msg: %s", pname,
									http_string);
			}

			/*
			 * Send http message.
			 * Response is written to http_response struct "reply".
			 */
			reply.payload = NULL;
			if ((c = send_msg (&reply, http_string, host_name,
					host_port, operation_flag)) == 1) {
				fprintf(stderr, "%s: error while sending "
					"message\n", pname);
				exit (SCEP_PKISTATUS_NET);
			}
			if (reply.payload == NULL) {
				fprintf(stderr, "%s: no data, perhaps you "
				   "should define CA identifier (-i)\n", pname);
				exit (SCEP_PKISTATUS_SUCCESS);
			}
			if (v_flag){
				printf("%s: valid response from server\n", pname);
			}
			if (reply.type == SCEP_MIME_GETCA_RA) {
				/* XXXXXXXXXXXXXXXXXXXXX chain not verified */
				write_ca_ra(&reply);
			}
			/* Read payload as DER X.509 object: */
			bp = BIO_new_mem_buf(reply.payload, reply.bytes);
			cacert = d2i_X509_bio(bp, NULL);

			/* Read and print certificate information */
			if (!X509_digest(cacert, fp_alg, md, &n)) {
				ERR_print_errors_fp(stderr);
				exit (SCEP_PKISTATUS_ERROR);
			}
			if (v_flag){
				printf("%s: %s fingerprint: ", pname,
					OBJ_nid2sn(EVP_MD_type(fp_alg)));
				for (c = 0; c < (int)n; c++) {
					printf("%02X%c",md[c],
						(c + 1 == (int)n) ?'\n':':');
				}

			}

			/* Write PEM-formatted file: */
			#ifdef WIN32
			if ((fopen_s(&fp,c_char , "w")))
			#else
			if (!(fp = fopen(c_char, "w")))
			#endif
			{
				fprintf(stderr, "%s: cannot open CA file for "
					"writing\n", pname);
				exit (SCEP_PKISTATUS_ERROR);
			}
			if (PEM_write_X509(fp, c_char) != 1) {
				fprintf(stderr, "%s: error while writing CA "
					"file\n", pname);
				ERR_print_errors_fp(stderr);
				exit (SCEP_PKISTATUS_ERROR);
			}
			if (v_flag)
			printf("%s: CA certificate written as %s\n",
				pname, c_char);
开发者ID:flomar,项目名称:sscep,代码行数:67,代码来源:sscep.c


示例11: SSL_library_init

/* Init necessary structures for SSL in WebIf*/
SSL_CTX *SSL_Webif_Init(void)
{
	SSL_library_init();
	SSL_load_error_strings();
	ERR_load_BIO_strings();
	ERR_load_SSL_strings();

	SSL_CTX *ctx;

	static const char *cs_cert = "oscam.pem";

	if(pthread_key_create(&getssl, NULL))
	{
		cs_log("Could not create getssl");
	}

	// set locking callbacks for SSL
	int32_t i, num = CRYPTO_num_locks();
	lock_cs = (CS_MUTEX_LOCK *) OPENSSL_malloc(num * sizeof(CS_MUTEX_LOCK));

	for(i = 0; i < num; ++i)
	{
		cs_lock_create(&lock_cs[i], "ssl_lock_cs", 10000);
	}
	/* static lock callbacks */
	CRYPTO_set_id_callback(SSL_id_function);
	CRYPTO_set_locking_callback(SSL_locking_function);
	/* dynamic lock callbacks */
	CRYPTO_set_dynlock_create_callback(SSL_dyn_create_function);
	CRYPTO_set_dynlock_lock_callback(SSL_dyn_lock_function);
	CRYPTO_set_dynlock_destroy_callback(SSL_dyn_destroy_function);

	if(cfg.http_force_sslv3)
	{
		ctx = SSL_CTX_new(SSLv3_server_method());
#ifdef SSL_CTX_clear_options
		SSL_CTX_clear_options(ctx, SSL_OP_ALL); //we CLEAR all bug workarounds! This is for security reason
#else
		cs_log("WARNING: You enabled to force sslv3 but your system does not support to clear the ssl workarounds! SSL security will be reduced!");
#endif
		SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2); // we force SSL v3 !
		SSL_CTX_set_cipher_list(ctx, SSL_TXT_RC4);
	}
	else
		{ ctx = SSL_CTX_new(SSLv23_server_method()); }

	char path[128];

	if(!cfg.http_cert)
		{ get_config_filename(path, sizeof(path), cs_cert); }
	else
		{ cs_strncpy(path, cfg.http_cert, sizeof(path)); }

	if(!ctx)
	{
		ERR_print_errors_fp(stderr);
		return NULL;
	}

	if(SSL_CTX_use_certificate_file(ctx, path, SSL_FILETYPE_PEM) <= 0)
	{
		ERR_print_errors_fp(stderr);
		return NULL;
	}

	if(SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0)
	{
		ERR_print_errors_fp(stderr);
		return NULL;
	}

	if(!SSL_CTX_check_private_key(ctx))
	{
		cs_log("SSL: Private key does not match the certificate public key");
		return NULL;
	}
	cs_log("load ssl certificate file %s", path);
	return ctx;
}
开发者ID:jackuzzy,项目名称:oscam_private,代码行数:80,代码来源:module-webif-lib.c


示例12: krx_ssl_ctx_init

int krx_ssl_ctx_init(krx* k, const char* keyname) {

  int r = 0;

  /* create a new context using DTLS */
  k->ctx = SSL_CTX_new(DTLSv1_method());
  if(!k->ctx) {
    printf("Error: cannot create SSL_CTX.\n");
    ERR_print_errors_fp(stderr);
    return -1;
  }

  /* set our supported ciphers */
  r = SSL_CTX_set_cipher_list(k->ctx, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");
  if(r != 1) {
    printf("Error: cannot set the cipher list.\n");
    ERR_print_errors_fp(stderr);
    return -2;
  }

  /* the client doesn't have to send it's certificate */
  SSL_CTX_set_verify(k->ctx, SSL_VERIFY_PEER, krx_ssl_verify_peer);

  /* enable srtp */
  r = SSL_CTX_set_tlsext_use_srtp(k->ctx, "SRTP_AES128_CM_SHA1_80");
  if(r != 0) {
    printf("Error: cannot setup srtp.\n");
    ERR_print_errors_fp(stderr);
    return -3;
  }

  /* load key and certificate */
  char certfile[1024];
  char keyfile[1024];
  sprintf(certfile, "./%s-cert.pem", keyname);
  sprintf(keyfile, "./%s-key.pem", keyname);

  /* certificate file; contains also the public key */
  r = SSL_CTX_use_certificate_file(k->ctx, certfile, SSL_FILETYPE_PEM);
  if(r != 1) {
    printf("Error: cannot load certificate file.\n");
    ERR_print_errors_fp(stderr);
    return -4;
  }

  /* load private key */
  r = SSL_CTX_use_PrivateKey_file(k->ctx, keyfile, SSL_FILETYPE_PEM);
  if(r != 1) {
    printf("Error: cannot load private key file.\n");
    ERR_print_errors_fp(stderr);
    return -5;
  }
  
  /* check if the private key is valid */
  r = SSL_CTX_check_private_key(k->ctx);
  if(r != 1) {
    printf("Error: checking the private key failed. \n");
    ERR_print_errors_fp(stderr);
    return -6;
  }

  sprintf(k->name, "+ %s", keyname);

  return 0;
}
开发者ID:roxlu,项目名称:krx_rtc,代码行数:65,代码来源:text_ssl2.c


示例13: main

int main(int argc, char *argv[]) {
	BIO *sbio;
	SSL_CTX *ssl_ctx;
	SSL *ssl;
	X509 *server_cert;

	// Initialize OpenSSL
	OpenSSL_add_all_algorithms();
	SSL_library_init();
	SSL_load_error_strings();

 	// Check OpenSSL PRNG
	if(RAND_status() != 1) {
		fprintf(stderr, "OpenSSL PRNG not seeded with enough data.");
		goto error_1;
	}

	ssl_ctx = SSL_CTX_new(TLSv1_client_method());
	
	// Enable certificate validation
	SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, NULL);
	// Configure the CA trust store to be used
	if (SSL_CTX_load_verify_locations(ssl_ctx, TRUSTED_CA_PATHNAME, NULL) != 1) {
		fprintf(stderr, "Couldn't load certificate trust store.\n");
		goto error_2;
	}

	// Only support secure cipher suites
	if (SSL_CTX_set_cipher_list(ssl_ctx, SECURE_CIPHER_LIST) != 1)
		goto error_2;

	// Create the SSL connection
	sbio = BIO_new_ssl_connect(ssl_ctx);
	BIO_get_ssl(sbio, &ssl); 
	if(!ssl) {
	  fprintf(stderr, "Can't locate SSL pointer\n");
		goto error_3;
	}

	// Do the SSL handshake
	BIO_set_conn_hostname(sbio, TARGET_SERVER);
	if(SSL_do_handshake(ssl) <= 0) {
		// SSL Handshake failed
		long verify_err = SSL_get_verify_result(ssl);
		if (verify_err != X509_V_OK) { 
			// It failed because the certificate chain validation failed
			fprintf(stderr, "Certificate chain validation failed: %s\n", X509_verify_cert_error_string(verify_err));
		}
		else {
			// It failed for another reason
			ERR_print_errors_fp(stderr);
		}
		goto error_3;
	}

	// Recover the server's certificate
	server_cert =  SSL_get_peer_certificate(ssl);
	if (server_cert == NULL) {
		// The handshake was successful although the server did not provide a certificate
		// Most likely using an insecure anonymous cipher suite... get out!
		goto error_4;
	}

	// Validate the hostname
	if (validate_hostname(TARGET_HOST, server_cert) != MatchFound) {
		fprintf(stderr, "Hostname validation failed.\n");
		goto error_5;
	}

	// Hostname validation succeeded; we can start sending data
	send_http_get_and_print(sbio);


error_5:
	X509_free(server_cert);

error_4:
	BIO_ssl_shutdown(sbio);

error_3:
	BIO_free_all(sbio);

error_2:
	SSL_CTX_free(ssl_ctx);

error_1: // OpenSSL cleanup
    EVP_cleanup();
    ERR_free_strings();

	return 0;
}
开发者ID:TrickyCat,项目名称:ssl-conservatory,代码行数:91,代码来源:test_client.c


示例14: test_ecdh_curve


//.........这里部分代码省略.........
	BN_print(out,y_b);
	BIO_puts(out,"\n");
#else
	BIO_printf(out,".");
	(void)BIO_flush(out);
#endif

	alen=KDF1_SHA1_len;
	abuf=(unsigned char *)OPENSSL_malloc(alen);
	aout=ECDH_compute_key(abuf,alen,EC_KEY_get0_public_key(b),a,KDF1_SHA1);

#ifdef NOISY
	BIO_puts(out,"  key1 =");
	for (i=0; i<aout; i++)
		{
		TINYCLR_SSL_SPRINTF(buf,"%02X",abuf[i]);
		BIO_puts(out,buf);
		}
	BIO_puts(out,"\n");
#else
	BIO_printf(out,".");
	(void)BIO_flush(out);
#endif

	blen=KDF1_SHA1_len;
	bbuf=(unsigned char *)OPENSSL_malloc(blen);
	bout=ECDH_compute_key(bbuf,blen,EC_KEY_get0_public_key(a),b,KDF1_SHA1);

#ifdef NOISY
	BIO_puts(out,"  key2 =");
	for (i=0; i<bout; i++)
		{
		TINYCLR_SSL_SPRINTF(buf,"%02X",bbuf[i]);
		BIO_puts(out,buf);
		}
	BIO_puts(out,"\n");
#else
	BIO_printf(out,".");
	(void)BIO_flush(out);
#endif

	if ((aout < 4) || (bout != aout) || (TINYCLR_SSL_MEMCMP(abuf,bbuf,aout) != 0))
		{
#ifndef NOISY
		BIO_printf(out, " failed\n\n");
		BIO_printf(out, "key a:\n");
		BIO_printf(out, "private key: ");
		BN_print(out, EC_KEY_get0_private_key(a));
		BIO_printf(out, "\n");
		BIO_printf(out, "public key (x,y): ");
		BN_print(out, x_a);
		BIO_printf(out, ",");
		BN_print(out, y_a);
		BIO_printf(out, "\nkey b:\n");
		BIO_printf(out, "private key: ");
		BN_print(out, EC_KEY_get0_private_key(b));
		BIO_printf(out, "\n");
		BIO_printf(out, "public key (x,y): ");
		BN_print(out, x_b);
		BIO_printf(out, ",");
		BN_print(out, y_b);
		BIO_printf(out, "\n");
		BIO_printf(out, "generated key a: ");
		for (i=0; i<bout; i++)
			{
			TINYCLR_SSL_SPRINTF(buf, "%02X", bbuf[i]);
			BIO_puts(out, buf);
			}
		BIO_printf(out, "\n");
		BIO_printf(out, "generated key b: ");
		for (i=0; i<aout; i++)
			{
			TINYCLR_SSL_SPRINTF(buf, "%02X", abuf[i]);
			BIO_puts(out,buf);
			}
		BIO_printf(out, "\n");
#endif
		TINYCLR_SSL_FPRINTF(OPENSSL_TYPE__FILE_STDERR,"Error in ECDH routines\n");
		ret=0;
		}
	else
		{
#ifndef NOISY
		BIO_printf(out, " ok\n");
#endif
		ret=1;
		}
err:
	ERR_print_errors_fp(OPENSSL_TYPE__FILE_STDERR);

	if (abuf != NULL) OPENSSL_free(abuf);
	if (bbuf != NULL) OPENSSL_free(bbuf);
	if (x_a) BN_free(x_a);
	if (y_a) BN_free(y_a);
	if (x_b) BN_free(x_b);
	if (y_b) BN_free(y_b);
	if (b) EC_KEY_free(b);
	if (a) EC_KEY_free(a);
	return(ret);
	}
开发者ID:EddieGarmon,项目名称:netduino-netmf,代码行数:101,代码来源:ecdhtest.cpp


示例15: handle_error

void handle_error(const char *file, int linenum, const char *msg) {
	
	fprintf(stderr, "*** %s:%i %s\n", file, linenum, msg);
	ERR_print_errors_fp(stderr);
	exit(-1);
}
开发者ID:modsix,项目名称:destroyd,代码行数:6,代码来源:common.c


示例16: main

int main(int argc, char *argv[])
{
    char *port = "*:4433";
    BIO *ssl_bio, *tmp;
    SSL_CTX *ctx;
    SSL_CONF_CTX *cctx;
    char buf[512];
    BIO *in = NULL;
    int ret = 1, i;
    char **args = argv + 1;
    int nargs = argc - 1;

    SSL_load_error_strings();

    /* Add ciphers and message digests */
    OpenSSL_add_ssl_algorithms();

    ctx = SSL_CTX_new(SSLv23_server_method());

    cctx = SSL_CONF_CTX_new();
    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_SERVER);
    SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);
    SSL_CONF_CTX_set_ssl_ctx(cctx, ctx);
    while (*args && **args == '-') {
        int rv;
        /* Parse standard arguments */
        rv = SSL_CONF_cmd_argv(cctx, &nargs, &args);
        if (rv == -3) {
            fprintf(stderr, "Missing argument for %s\n", *args);
            goto err;
        }
        if (rv < 0) {
            fprintf(stderr, "Error in command %s\n", *args);
            ERR_print_errors_fp(stderr);
            goto err;
        }
        /* If rv > 0 we processed something so proceed to next arg */
        if (rv > 0)
            continue;
        /* Otherwise application specific argument processing */
        if (!strcmp(*args, "-port")) {
            port = args[1];
            if (port == NULL) {
                fprintf(stderr, "Missing -port argument\n");
                goto err;
            }
            args += 2;
            nargs -= 2;
            continue;
        } else {
            fprintf(stderr, "Unknown argument %s\n", *args);
            goto err;
        }
    }

    if (!SSL_CONF_CTX_finish(cctx)) {
        fprintf(stderr, "Finish error\n");
        ERR_print_errors_fp(stderr);
        goto err;
    }
#ifdef ITERATE_CERTS
    /*
     * Demo of how to iterate over all certificates in an SSL_CTX structure.
     */
    {
        X509 *x;
        int rv;
        rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_FIRST);
        while (rv) {
            X509 *x = SSL_CTX_get0_certificate(ctx);
            X509_NAME_print_ex_fp(stdout, X509_get_subject_name(x), 0,
                                  XN_FLAG_ONELINE);
            printf("\n");
            rv = SSL_CTX_set_current_cert(ctx, SSL_CERT_SET_NEXT);
        }
        fflush(stdout);
    }
#endif
    /* Setup server side SSL bio */
    ssl_bio = BIO_new_ssl(ctx, 0);

    if ((in = BIO_new_accept(port)) == NULL)
        goto err;

    /*
     * This means that when a new connection is accepted on 'in', The ssl_bio
     * will be 'duplicated' and have the new socket BIO push into it.
     * Basically it means the SSL BIO will be automatically setup
     */
    BIO_set_accept_bios(in, ssl_bio);

 again:
    /*
     * The first call will setup the accept socket, and the second will get a
     * socket.  In this loop, the first actual accept will occur in the
     * BIO_read() function.
     */

    if (BIO_do_accept(in) <= 0)
        goto err;
//.........这里部分代码省略.........
开发者ID:Adallom,项目名称:openssl,代码行数:101,代码来源:server-arg.c


示例17: secure_and_send

void secure_and_send(int client_fd, char* read_pipe, char* write_pipe, int index, FILE* d_out){
	BIO* bio;
	SSL* ssl;
	SSL_CTX* ctx;
	
	/*init ssl library*/
	SSL_library_init();
	ERR_load_BIO_strings();
	SSL_load_error_strings();
	OpenSSL_add_all_algorithms();
	
	/* Set up the SSL context */

    ctx = SSL_CTX_new(SSLv23_client_method());

    /* Load the trust store */

    if(! SSL_CTX_load_verify_locations(ctx, "cacerts.pem", NULL))
    {
        fprintf(stderr, "Error loading trust store\n");
        ERR_print_errors_fp(stderr);
        SSL_CTX_free(ctx);
        return;
    }
    /* Setup the connection */

    bio = BIO_new_ssl_connect(ctx);

    /* Set the SSL_MODE_AUTO_RETRY flag */

    BIO_get_ssl(bio, & ssl);
    SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
    
    /* Create and setup the connection */
	char host[LINE];
	sprintf(host,"%s:%s",safe_host[index],safe_port[index]);
    BIO_set_conn_hostname(bio, safe_host[index]);
    BIO_set_conn_port(bio,safe_port[index]);

    if(BIO_do_connect(bio) <= 0)
    {
        fprintf(stderr, "Error attempting to connect\n");
        ERR_print_errors_fp(stderr);
        BIO_free_all(bio);
        SSL_CTX_free(ctx);
        return;
    }

    /* Check the certificate */

    if(SSL_get_verify_result(ssl) != X509_V_OK)
    {
        fprintf(stderr, "Certificate verification error: %lu\n", SSL_get_verify_result(ssl));
        BIO_free_all(bio);
        SSL_CTX_free(ctx);
        return;
    }
    /* Send the request */

    BIO_write(bio, read_pipe, strlen(read_pipe));

    /* Read in the response */

    for(;;)
    {
        int p = BIO_read(bio, write_pipe, PIPE_MAX);
        if(p <= 0) break;
        p = write(client_fd,write_pipe,p);
    }

    /* Close the connection and free the context */
	
    BIO_free_all(bio);
    SSL_CTX_free(ctx);
    close(client_fd);
    fclose(d_out);
    return;
}
开发者ID:optemino,项目名称:iggy-proxy,代码行数:78,代码来源:iggyssl.c


示例18: handleErrors

void handleErrors(void)
{
  ERR_print_errors_fp(stderr);
  abort();
}
开发者ID:deepanshululla,项目名称:Network-security,代码行数:5,代码来源:client.c


示例19: main


//.........这里部分代码省略.........
                        {
                            *tmpstr = '\0';
                            verbose("%s: INFO: Received request for a new agent (%s) from: %s", ARGV0, agentname, srcip);
                            parseok = 1;
                            break;
                        }
                        tmpstr++;
                    }
                }
                if(parseok == 0)
                {
                    merror("%s: ERROR: Invalid request for new agent from: %s", ARGV0, srcip);
                }
                else
                {
                    int acount = 2;
                  

鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
C++ ERR_remove_state函数代码示例发布时间:2022-05-30
下一篇:
C++ ERR_print_errors函数代码示例发布时间:2022-05-30
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap