SSL Socket in Windows. Library? Synchronous/Asynchronous? Threads?

Question

Hello

I have a 2 threads application. One GUI thread and one worker thread (CWinThread) in which I make time consuming operations - calculations and HTTP comunication.

I have to switch from HTTP to SSL socket connection. I also need to make a verification of server certificate (is it trusted, is it expired, is it revoked)

1. Which library to use for SSL Socket (MFC, Boost or something else)?

2. Do I have to use synchronous or asynchronous operations? I think that If I use asynchronous operations I may implement Cancel functionality which may be called from GUI thread.

3. And If I use asynchronous operations is it better to move socket operations in first thread?

4. Does SSL protocol support compression of stream data?

Answer 1

For the SSL support - take a look at openssl.org

Cancel support is nice; to do it you have to check on regular basis from the worker thread if cancel was requested. Pay attention to use volatile variable or protected the access to it with a Critical section. Do not do the network operation from the GUI thread, even if it asynchronous. It is a nice policy not to do any kind of IO from the GUI thread to ensure it is responsive and more important, that it won't hang.

Answer 2

+1 for OpenSSL.org

I wrote about integrating OpenSSL with async windows sockets in "Windows Developer Magazine" back in 2002 and the article can be found here: http://www.lenholgate.com/archives/000456.html which includes source code for a simple MFC client that uses OpenSSL.

Answer 3

There is another free library, SOcketPro, available here:

http://www.udaparts.com/document/articles/demome.htm

Rgds, moster67