注:此仓库已停止维护,请移步https://github.com/jntass/TASSL-1.1.1
最终代码保留至tag->final_code
此仓库已停止维护,请移步https://github.com/jntass/TASSL-1.1.1
Home Page: http://www.tass.com.cn
License: Other
注:此仓库已停止维护,请移步https://github.com/jntass/TASSL-1.1.1
最终代码保留至tag->final_code
rt
你好,请问示例程序 Tassl_demo\cert\certs 里服务器证书有 SS.pem和SE.pem,SE.pem是如何使用的?
个人理解SS是服务器证书,SE是服务器加密证书。服务器证书好理解,TLS握手时认证用。加密证书需要吗?加密时应该是用协商出来会话密钥来进行加密通信吧,感觉不需要什么加密证书。
客户端的CS.pem和CE.pem也是类似情况。
运行示例程序,如果去掉某个证书的校验,后面会握手失败。
如题.
您好,非常感谢贵公司的贡献,开发人员的辛苦努力贡献出这么优秀的开源产品,在编译过程中碰到如下问题:
编译环境:Vs 2017
编译参数:VC-WIN32
编译版本:v1.4
编译失败,编译过程中碰到的问题:
报错1,报错2能根据原有代码意思解决,但是报错3不知道如何处理,麻烦指点一下。
报错4打开文件修改一下文件编码即可。
请问这个是密钥协商么?编译不通过。SM2DH_DATA 这个数据结构找不到啊。
国密TLS中没有构建加密证书证书链,没有校验加密证书是否来自可信根,甚至没有校验加密证书是否过期
经排查以下位置强转出错,请修正。
TASSL-1.1.1b/ssl/statem/statem_lib.c
Line 273 in 5521677
我在做一个支持ECC_WITH_SM4_SM3的客户端,客户端发送TA生成的双证书,将tassl/gmssl/sm2only.ovssl.cn作为国密的server进行连接调试,发现有个可以与gmssl,sm2only.ovssl.cn成功连接通信的状况下,tassl-1.1.1b会报错tls_process_cert_verify:bad signature:ssl/statem/statem_lib.c
,通过比对发现
在tls_process_cert_verify中497行
if(s->s3->tmp.new_cipher->id == TLS1_CK_ECC_WITH_SM4_SM3 || s->s3->tmp.new_cipher->id == TLS1_CK_ECDHE_WITH_SM4_SM3){
md_ctx = EVP_MD_CTX_new();
EVP_DigestInit(md_ctx, EVP_sm3());
EVP_DigestUpdate(md_ctx, (const void *)hdata, hdatalen);
EVP_DigestFinal(md_ctx, cert_verify_md, (unsigned int *)&hdatalen);
if(md_ctx != NULL)
EVP_MD_CTX_free(md_ctx);
hdata = cert_verify_md;
}
hdata = cert_verify_md;
这样在hdata就是进行过hash的数据,在568行将hdata作为输入调用EVP_DigestVerify时,会将hdata再次hash一遍,这样最终会导致签名验证失败
我把这个分支跳过则可以验证通过
请问这样hash两次是有什么特殊的设定么
在函数tls_construct_cke_sm2dh中,有内存泄漏
修复方法:
static int tls_construct_cke_sm2dh(SSL *s, WPACKET *pkt)
{
unsigned char *encodedPoint = NULL;
size_t encoded_pt_len = 0;
EVP_PKEY *ckey = NULL, *skey = NULL;
int ret = 0;
uint16_t curve_id = 0;
ENGINE *e_tmp = NULL;
EVP_PKEY_CTX *pctx = NULL;
skey = s->s3->peer_tmp;
if (skey == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_SM2DH,
ERR_R_INTERNAL_ERROR);
return 0;
}
/*签名私钥使用引擎时,使用引擎产生临时秘钥对*/
if(s->cert->pkeys[SSL_PKEY_ECC].privatekey)
e_tmp = EVP_PKEY_pmeth_engine(s->cert->pkeys[SSL_PKEY_ECC].privatekey);
else{
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_SM2DH,
ERR_R_INTERNAL_ERROR);
goto err;
}
ckey = EVP_PKEY_new();
pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_SM2, e_tmp);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_CTX_set_sm2_paramgen_curve_nid(pctx, NID_sm2);
EVP_PKEY_CTX_set_ec_param_enc(pctx, OPENSSL_EC_NAMED_CURVE);
if(!EVP_PKEY_keygen(pctx, &ckey))
{
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_SM2DH,
ERR_R_INTERNAL_ERROR);
goto err;
}
if (ssl_derive_SM2(s, ckey, skey, 0) == 0) {
/* SSLfatal() already called */
goto err;
}
/* Generate encoding of client key */
encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(ckey, &encodedPoint);
if (encoded_pt_len == 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_SM2DH,
ERR_R_EC_LIB);
goto err;
}
/* 国密局检测用的是00,有的厂商用的也是00,所以默认用00 */
#ifdef STD_CURVE_ID
curve_id = tls1_nid2group_id(NID_sm2);
#else
curve_id = 0;
#endif
if (!WPACKET_put_bytes_u8(pkt, NAMED_CURVE_TYPE)
|| !WPACKET_put_bytes_u8(pkt, 0)
|| !WPACKET_put_bytes_u8(pkt, curve_id)
|| !WPACKET_sub_memcpy_u8(pkt, encodedPoint, encoded_pt_len)){
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_SM2DH,
ERR_R_INTERNAL_ERROR);
goto err;
}
ret = 1;
err:
OPENSSL_free(encodedPoint);
EVP_PKEY_free(ckey);
//!!!这里添加释放
EVP_PKEY_CTX_free(pctx);
return ret;
}
extern "C" {
}
如果不定义 OPENSSL_NO_SM3 但是定义了 __cplusplus {}
不匹配
您好,请问当前最新1.1.1b版本是否不支持国密TLS1.3?
看贵公司网站 http://www.tass.com.cn/portal/about/news_view-58.html 的意思,好像支持国密TLS1.3了,快速迭代,江南天安做到了。我理解为贵公司走在了“GMT 0024-2014”的前面。但是使用tassl_demo的示例程序,svr和cli握手抓包,好像还是TLS1.2两次往返,并非TLS1.3的一次往返。
crypto\ec\ec_pmeth.c(230) : error C2220: 警告被视为错误 - 没有生成“object”文件
crypto\ec\ec_pmeth.c(230) : warning C4013: “SM2Kap_compute_key”未定义;假设外
部返回 int
NMAKE : fatal error U1077: “"D:\Program Files (x86)\Microsoft Visual Studio 10.
0\VC\BIN\cl.EXE"”: 返回代码“0x2”
Stop.
NMAKE : fatal error U1077: “"D:\Program Files (x86)\Microsoft Visual Studio 10.
0\VC\BIN\nmake.exe"”: 返回代码“0x2”
Stop.
TASSL-1.1.1b/crypto/sm2/sm2_crypt.c
Line 685 in 5521677
ios编译失败,失败日志如下:
clang -arch armv7 -I. -Icrypto/include -Iinclude -fPIC -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS14.4.sdk -fno-common -O3 -DOPENSSL_PIC -DOPENSSLDIR=""/sslPath/-armv7/ssl"" -DENGINESDIR=""/sslPath/-armv7/lib/engines-1.1"" -D_REENTRANT -DNDEBUG -MMD -MF crypto/evp/evp_enc.d.tmp -MT crypto/evp/evp_enc.o -c -o crypto/evp/evp_enc.o crypto/evp/evp_enc.c
crypto/evp/evp_enc.c:56:9: error: use of undeclared identifier
'ENGINE_CIPHERS_PTR'
ENGINE_CIPHERS_PTR fn = NULL;
^
crypto/evp/evp_enc.c:57:9: error: use of undeclared identifier 'fn'
fn = ENGINE_get_ciphers(impl);
^
crypto/evp/evp_enc.c:57:14: warning: implicit declaration of function
'ENGINE_get_ciphers' is invalid in C99 [-Wimplicit-function-declaration]
fn = ENGINE_get_ciphers(impl);
^
crypto/evp/evp_enc.c:58:12: error: use of undeclared identifier 'fn'
if(fn){
^
crypto/evp/evp_enc.c:59:13: warning: implicit declaration of function 'fn' is
invalid in C99 [-Wimplicit-function-declaration]
fn(impl, &ret, NULL, nid);
^
2 warnings and 3 errors generated.
make[1]: *** [Makefile:3358: crypto/evp/evp_enc.o] Error 1
make[1]: Leaving directory '/TASSL-1.1.1b/TASSL-1.1.1b-master'
make: *** [Makefile:172: all] Error 2
麻烦帮忙看看是什么问题,感谢!
1.s_client和s_server没有实现国密相关功能(希望能够补充下),服务端使用 Nginx_Tassl + TASSL-1.1.1b
nginx配置如下:
server {
listen 4433 ssl;
server_name gm.com;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-SM4-SM3;
ssl_certificate /home/TASSL-1.1.1b-master/tassl_demo/cert/sm2Certs/SS.cert.pem;
ssl_certificate_key /home/TASSL-1.1.1b-master/tassl_demo/cert/sm2Certs/SS.key.pem;
ssl_enc_certificate /home/TASSL-1.1.1b-master/tassl_demo/cert/sm2Certs/SE.cert.pem;
ssl_enc_certificate_key /home/TASSL-1.1.1b-master/tassl_demo/cert/sm2Certs/SE.key.pem;
location / {
root html;
}
}
使用TASSL-master编译出来的客户端进行测试
./apps/openssl s_client -connect 127.0.0.1:4433 -cert Tassl_demo/mk_tls_cert/s m2Certs/SS.cert.pem -key Tassl_demo/mk_tls_cert/sm2Certs/SS.key.pem -enc_cert Tassl_demo/mk_tls_cert/sm2Certs/SE.cert.pem -e nc_key Tassl_demo/mk_tls_cert/sm2Certs/SE.key.pem -cntls -cipher ECDHE-SM4-SM3
握手失败
抓包发现:服务端发送 Alert (Level: Fatal, Description: Bad Record MAC)
gdb堆栈如下
#0 ossl_statem_fatal (s=0x55902d81d9c0, al=20, func=143, reason=281, file=0x55902c65fe90 "ssl/record/ssl3_record.c", line=681) at ssl/statem/statem.c:121
#1 0x000055902c4021ae in ssl3_get_record (s=0x55902d81d9c0) at ssl/record/ssl3_record.c:680
#2 0x000055902c3fedbf in ssl3_read_bytes (s=0x55902d81d9c0, type=22, recvd_type=0x7ffcb599d2c4, buf=0x55902d87bdd0 "\001", len=4, peek=0, readbytes=0x7ffcb599d2d0)
at ssl/record/rec_layer_s3.c:1293
#3 0x000055902c4487d1 in tls_get_message_header (s=0x55902d81d9c0, mt=0x7ffcb599d310) at ssl/statem/statem_lib.c:1343
#4 0x000055902c4373dd in read_state_machine (s=0x55902d81d9c0) at ssl/statem/statem.c:583
#5 0x000055902c43705c in state_machine (s=0x55902d81d9c0, server=1) at ssl/statem/statem.c:438
#6 0x000055902c436b74 in ossl_statem_accept (s=0x55902d81d9c0) at ssl/statem/statem.c:255
#7 0x000055902c41c929 in SSL_do_handshake (s=0x55902d81d9c0) at ssl/ssl_lib.c:3740
git clone https://github.com/jntass/TASSL-1.1.1b.git
ln -sf TASSL-1.1.1b openssl
export LUAJIT_INC=/usr/local/include/luajit
export LUAJIT_LIB=/usr/local/lib
./configure --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-openssl=/usr/local/src/openssl --with-openssl-opt='enable-tls1_3' --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_degradation_module --with-http_flv_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-stream=dynamic --with-stream_ssl_module --with-stream_realip_module --with-stream_geoip_module=dynamic --with-stream_ssl_preread_module --with-stream_sni --with-jemalloc --with-pcre --with-pcre-jit --with-cc-opt='-O2 -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=native' --with-ld-opt='-Wl,-z,relro -Wl,-E' --add-dynamic-module=./modules/ngx_http_concat_module --add-dynamic-module=./modules/ngx_http_footer_filter_module --add-dynamic-module=./modules/ngx_http_proxy_connect_module --add-dynamic-module=./modules/ngx_http_reqstat_module --add-dynamic-module=./modules/ngx_http_sysguard_module --add-dynamic-module=./modules/ngx_http_trim_filter_module --add-dynamic-module=./modules/ngx_http_upstream_check_module --add-dynamic-module=./modules/ngx_http_upstream_consistent_hash_module --add-dynamic-module=./modules/ngx_http_upstream_dynamic_module --add-dynamic-module=./modules/ngx_http_upstream_dyups_module --add-dynamic-module=./modules/ngx_http_upstream_session_sticky_module --add-dynamic-module=./modules/ngx_http_user_agent_module --add-dynamic-module=./modules/ngx_slab_stat --add-dynamic-module=./modules/ngx_http_lua_module --add-dynamic-module=/usr/local/src/ngx_devel_kit --add-dynamic-module=./modules/ngx_http_slice_module
make[2]: Leaving directory `/usr/local/src/TASSL-1.1.1b'
/bin/sh: line 2: ./config: Permission denied
make[1]: *** [/usr/local/src/openssl/.openssl/include/openssl/ssl.h] Error 126
make[1]: Leaving directory `/usr/local/src/tengine-2.3.0'
make: *** [build] Error 2
您 好,这个双license是什么意思,可以用于商用分发中吗?
TASSL-1.1.1b移除了1.0.2版本中的s_client -cntls参数,那现在用s_client怎么指定cntls协议呢?尝试用了-cipher 'ECC-SM4-SM3:ECDHE-SM4-SM3',但是没有用
使用 openssl s_server -accept 4433 -CAfile cert/CA.pem -cert certs/SS.pem -cert_enc certs/SE.pem 报错:
error:140BF13E:SSL routines:ssl_set_cert:ecc cert not for signing:ssl/ssl_rsa.c:347
这个怎么解决?
1 实际测试发现有些证书链上面上面的证书DATA_ENCIPHERMENT字段都为0,但是key_enc有值。这里面主要有两个阶段,第一个就是客户端验证签名使用的证书,tls_process_key_exchange函数里面。第二个是客户端发送加密数据给服务端,tls_construct_cke_sm2ecc里面。可能会有出错的情况,目前还没有找到标准有规定这两个阶段分别使用哪个证书。
只有sm1和sm3、sm4的?
我是直接在终端执行:openssl sm2
crypto \ ec \ ec_pmeth.c(230):错误C2220:警告被视为错误 - 没有生成“object”文件
加密\ EC \ ec_pmeth.c(230):警告C4013:“SM2Kap_compute_key”未定义;外假设
部报道查看INT
NMAKE:致命错误U1077:““d:\程序文件(x86)\微软的Visual Studio 10
0 \ VC \ BIN \ cl.EXE“”:返回代码“0x2”
停止。
NMAKE:致命错误U1077:“”D:\ Program Files(x86)\ Microsoft Visual Studio 10.
0 \ VC \ BIN \ nmake.exe“”:返回代码“0x2”
停止。
nginx-1.15.12 TASSL-1.1.1b-master
server {
listen 443 ssl;
ssl on;
ssl_certificate mycert.pem;
ssl_certificate_key mykey.pem;
ssl_certificate mycert_enc.pem;
ssl_certificate_key mykey_enc.pem;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECC-SM4-SM3;
location / {
root html;
proxy_pass http://192.168.66.10;
}
}
[root@localhost sbin]# ./nginx
nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /home/gm/run//conf/nginx.conf:103
nginx: [emerg] SSL_CTX_use_PrivateKey("/home/gm/run//conf/mykey_enc.pem") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
./config -static
make
/usr/bin/ld: cannot find -ldl
/usr/bin/ld: cannot find -lc
collect2: error: ld returned 1 exit status
make[1]: *** [test/rsa_complex] Error 1
make[1]: *** Waiting for unfinished jobs....
ar: creating libcrypto.a
ranlib libcrypto.a || echo Never mind.
make[1]: Leaving directory `/root/TASSL-1.1.1b'
make: *** [all] Error 2
经过和 openssl-1.1.1c 对比,发现 TASSL 多了 ECC-SM4-SM3:ECDHE-SM4-SM3
,多实现的这部分包含 SM2么?
# openssl > ciphers
ECC-SM4-SM3:ECDHE-SM4-SM3
报文交互描述:
问题:
当client需要协商SSLv3版本,这个时候,是否会协商成功?
问题详细描述:
因为添加了国密的版本号(0x0101),client在协商SSLv3版本的时候,会失败。服务端选择版本号的时候从高版本往下选择,ssl_choose_server_version,选择到了国密的版本(0x0101),则返回。导致SSLv3客户端握手失败。
make test时候,卡死在../test/recipes/25-test_pkcs7.t .................... 1/3这个上;
sudo make install的时候,
sed -i '1i\CERT_DIR=$(INSTALLTOP)/tassl_demo/cert/' $(GEN_SM2_CERT_FILE).sh
sed -i '1i\OPENSSL_DIR=$(INSTALLTOP)' $(GEN_SM2_CERT_FILE).sh
sed -i '1i\export LD_LIBRARY_PATH=$$LD_LIBRARY_PATH:$(INSTALLTOP)/lib' $(GEN_SM2_CERT_FILE).sh
sed -i '1i#!/bin/sh' $(GEN_SM2_CERT_FILE).sh
sed -i '1i\INC_DIR=$(INSTALLTOP)/include' $(SSL_MK_FILE).sh
sed -i '1i\LIB_DIR=$(INSTALLTOP)/lib' $(SSL_MK_FILE).sh
sed -i '1i\#!/bin/sh' $(SSL_MK_FILE).sh
sed -i '1i\INC_DIR=$(INSTALLTOP)/include' $(CRYPTO_MK_FILE).sh
sed -i '1i\LIB_DIR=$(INSTALLTOP)/lib' $(CRYPTO_MK_FILE).sh
sed -i '1i\#!/bin/sh' $(CRYPTO_MK_FILE).sh
在makefile文件,这个没有适配apple的平台导致的。
错误如下:
sed -i '1i\CERT_DIR=/usr/local//tassl_demo/cert/' /usr/local//tassl_demo/cert/gen_sm2_cert.sh
sed: 1: "/usr/local//tassl_demo/ ...": extra characters at the end of l command
make: *** [install_tass] Error 1
请帮忙看一下
SSL_CTX_use_enc_PrivateKey_ASN1()、SSL_use_enc_PrivateKey_file() 这些函数在新版本1.1.1b里面没有封装,上一个版本1.0.2里面都有,希望管理员检查并提交下遗漏的部分代码。
访问到 EC_KEY 等结构体内部成员变量,在编译时报错:
error: dereferencing pointer to incomplete type ‘EC_KEY’
看到 EC_KEY
的结构体定义在 ec_clc.h 中,而编译安装后开放头文件中不包含这个文件,请问是可以直接拷贝出来使用么?或者是有其他使用注意事项?
你好,感谢贵公司提供开源国密openssl版本。我在win10上VS2013/VS2015 nmake TaSSL1.1.1b均成功。但是用VS2008 nmake报错(试了下,2008 编译openssl1.1.1b是OK的):
ssl\statem\statem_lib.c(264) : error C2143: 语法错误 : 缺少“;”(在“类型”的前面)
ssl\statem\statem_lib.c(265) : error C2275: “EVP_MD_CTX”: 将此类型用作表达式非法
我用你们定制的nginx1.16版本编译安装后,用demo里根证书配置在nginx里,密信浏览器和360浏览器可以访问,但是https上有❌❌,尝试把demo里ca根证书导入密信和360安全浏览器失败,请问怎么解决
最新版本的ios静态库编译出现异常
异常代码如下:
ssl/s3_lib.c:4748:13: error: implicit declaration of function 'ENGINE_get_pkey_meth_engine' is invalid in C99 [-Werror,-Wimplicit-function-declaration] tmp_e = ENGINE_get_pkey_meth_engine(NID_sm2);
^ ssl/s3_lib.c:4748:11: warning: incompatible integer to pointer conversion assigning to 'ENGINE *' (aka 'struct engine_st *') from 'int' [-Wint-conversion] tmp_e = ENGINE_get_pkey_meth_engine(NID_sm2);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ssl/s3_lib.c:4765:9: error: implicit declaration of function 'ENGINE_free' is invalid in C99 [-Werror,-Wimplicit-function-declaration] ENGINE_free(tmp_e);
^ 1 warning and 2 errors generated. make[1]: *** [ssl/s3_lib.o] Error 1 make: *** [all] Error 2
编译Mac os版本10.15.6
编译方式:
export CC="clang -arch armv7"
export PATH="/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin:$PATH"
export CROSS_TOP=/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Developer
export CROSS_SDK=iPhoneOS13.6.sdk
export IPHONEOS_DEPLOYMENT_TARGET=8.0
./Configure iphoneos-cross no-shared
make
Xcode版本11.6
使用相同方式编译官方openssl-1.1.1b可以正常编译使用。
使用老版本的TASSL,使用Tass-demo中的sm2svr.c sm2tls.c,测试做ssl双向认证通信可以成功握手。改用TASSL-1.1.1B,使用Tass-demo/ssl sm2cli.c sm2svr.c,测试握手失败,通过过抓包,服务端请求证书类型中没有ECDSA sign类型。客户端发送证书长度为0。服务端验证客户端证书失败,挥手。请问在该版本的tassl进行双向认证时是否还需要别的设置?
在tassl_demo/ssl 中的client 和server 使用不同CA生成的 CE.pem SE.pem 也能成功建立连接 ,这是为啥?
您好,这个cntls_client_method 是很重要的入口函数,我发现tassl1.1的版本这个代码没有开源,请问有什么办法不?
1.基于当前版本,我进行了编译与测试,发现无法和格尔的互通;
2.由于格尔的是通过国密局检测的产品,故来询问
Linux下有sh脚本,Windows下怎么生成调试
ngix测试,tlsV1.1可以,tlsv1.2在360和密信都失败,是否已经支持tls V1.2,如果支持,加密套件应怎么写?还是需要其他配置?
使用CNTLS_client_method建立ssl连接,在同一个进程循环建立和关闭,发现会出现内存泄漏。如果改为TLS_client_method不会出现内存泄漏。
大家有没遇到相同的问题?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.