patterncppMinor
TCP socket server using OpenSSL
Viewed 0 times
tcpusingserveropensslsocket
Problem
I've written this basic TCP socket server that uses SSL. This is my first experience with sockets in C++. The client is a Qt desktop application.
Code overview:
Does this code look safe and scalable? Any other comments or improvements I could make?
I've removed the
```
class TCP
{
private:
fd_set active_fd_set, read_fd_set;
int i;
struct sockaddr_in addr;
uint len;
SSL *ssl;
int sock;
SSL_CTX *ctx;
const SSL_METHOD *method;
auto CreateSocket(int port)->int;
auto InitialiseOpenSSL()->void;
auto CreateContext()->SSL_CTX*;
auto ConfigureContext(SSL_CTX *ctx)->void;
auto Listen()->int;
public:
TCP();
~TCP();
auto INI()->void;
};
TCP::TCP():len(sizeof(addr)),ssl(new SSL),ctx(new SSL_CTX){};
TCP::~TCP()
{
delete ssl;
delete ctx;
SSL_free(ssl);
SSL_CTX_free(ctx);
EVP_cleanup();
};
auto TCP::INI()->void
{
this->InitialiseOpenSSL();
this->CreateContext();
this->ConfigureContext(ctx);
sock=CreateSocket(3000);
ssl=SSL_new(ctx);
FD_ZERO(&active_fd_set);
FD_SET(sock,&active_fd_set);
this->Listen();
}
auto TCP::Listen()->int
{
while(1)
{
read_fd_set=active_fd_set;
if(select(FD_SETSIZE, &read_fd_set, NULL,NULL,NULL) SSL HANDSHAKE COMPLETED" NEW SOCKET CREATED & MESSAGE FROM CLIENT: " RESPONSE SENT TO CLIENT: " ORIGINAL SOCKET USED & RESPONSE FROM CLIENT: " SOCKET CLOSED: "int
{
int s;
struct sockaddr_in addr;
addr.sin_family=AF_INET;
addr.sin_port=htons(port);
addr.sin_addr.s_addr=htonl(INADDR_ANY);
s=socket(AF_INET,SOCK_STREAM,0);
if(svoid
{
SSL_load_error_strings(); OpenSSL_add_ssl_algorithms();
}
auto TCP::Cre
Code overview:
- Receive incoming connection.
- Check if connection is from an existing socket, if so reply via that socket, otherwise, create, bind and send response via new socket.
- Close socket connections when response has been made.
Does this code look safe and scalable? Any other comments or improvements I could make?
I've removed the
#include statements for simplicity, but I'm using OpenSSL bindings along with sys/socket.h.```
class TCP
{
private:
fd_set active_fd_set, read_fd_set;
int i;
struct sockaddr_in addr;
uint len;
SSL *ssl;
int sock;
SSL_CTX *ctx;
const SSL_METHOD *method;
auto CreateSocket(int port)->int;
auto InitialiseOpenSSL()->void;
auto CreateContext()->SSL_CTX*;
auto ConfigureContext(SSL_CTX *ctx)->void;
auto Listen()->int;
public:
TCP();
~TCP();
auto INI()->void;
};
TCP::TCP():len(sizeof(addr)),ssl(new SSL),ctx(new SSL_CTX){};
TCP::~TCP()
{
delete ssl;
delete ctx;
SSL_free(ssl);
SSL_CTX_free(ctx);
EVP_cleanup();
};
auto TCP::INI()->void
{
this->InitialiseOpenSSL();
this->CreateContext();
this->ConfigureContext(ctx);
sock=CreateSocket(3000);
ssl=SSL_new(ctx);
FD_ZERO(&active_fd_set);
FD_SET(sock,&active_fd_set);
this->Listen();
}
auto TCP::Listen()->int
{
while(1)
{
read_fd_set=active_fd_set;
if(select(FD_SETSIZE, &read_fd_set, NULL,NULL,NULL) SSL HANDSHAKE COMPLETED" NEW SOCKET CREATED & MESSAGE FROM CLIENT: " RESPONSE SENT TO CLIENT: " ORIGINAL SOCKET USED & RESPONSE FROM CLIENT: " SOCKET CLOSED: "int
{
int s;
struct sockaddr_in addr;
addr.sin_family=AF_INET;
addr.sin_port=htons(port);
addr.sin_addr.s_addr=htonl(INADDR_ANY);
s=socket(AF_INET,SOCK_STREAM,0);
if(svoid
{
SSL_load_error_strings(); OpenSSL_add_ssl_algorithms();
}
auto TCP::Cre
Solution
The worst problem with this code (IMO) is the readability, please take 10 minutes to have a look at other people's code on this site. I suspect you won't get much input because of the layout of your code.
To answer all you questions:
- Name variables properly, you might know what I is for now, but in 6 months...
- You are deleting ssl and ctx without checking they have been allocated.
- You aren't initialising all variables.
- One statement, one line. Its possible to change an earlier statement and screw up later ones. (Your constructor and if statements)
- while(1) ?? You should have a flag that can be controlled from outside the class, giving your code time to shutdown properly.
- Your code is difficult to read because of lack of spaces.
- Your code is difficult to follow because of lack of comments.
- Hard coding 1024 is limiting it should be a constant or possibly a parameter.
- Use const reference for parameters unless you are changing them.
- Try C++ exceptions rather than exit statements, it will be easier to perform a controlled shutdown.
To answer all you questions:
- Does it look safe? No - See point 2 above.
- Is it scalable? I can't tell.
Context
StackExchange Code Review Q#145769, answer score: 4
Revisions (0)
No revisions yet.