I'd like to use SChannel or some other Microsoft API to support TLS for my TCP/IP application. Ideally what I'd like to do is use SChannel to create a kind of TLS tunnel within my app so I can pass off a SOCKET handle to another library. Is this something SChannel can do for me or do I have to implement the tunnel myself?
+2
A:
SChannel does not create its own SOCKET, it operates on top of your own SOCKET. If you pass your SChannel SOCKET to another library, it will have direct access to the underlying TCP/IP connection, bypassing SChannel altogether. It sounds like what you are looking for is to create two SOCKETs - one to communicate securely with a remote peer, and one to communicate unsecurely with the local library, and then manually pass data between the two in your code as needed.
Remy Lebeau - TeamB
2010-05-04 19:40:42