tags:

views:

812

answers:

5
+1  Q: 

How to speak SSL from a Windows MFC client?

Hi,

I've an MFC application that currently uses CAtlHttpClient to query a web server for some information.

I'd like to change this so that the query goes over securely, with server authentication, using SSL.

Googling reveals that Microsoft has changed the way they support this several times, e.g., WinInet, WinHTTP, but for the life of me I can't figure out how to do the above using MFC under MSVS 2005.

The application is in C++, and if at all possible, I'd like to avoid dragging .Net into the picture.

Any help, hints, suggestions or pointers gratefully appreciated!

Thanks,

ony

+2  A: 

Back in 2002 I wrote an article for Windows Developer Magazine that showed how to use OpenSSL to provide SSL for MFC's CAsyncSocket. The code and article are here: http://www.lenholgate.com/archives/000456.html and might help you.You could also do something similar using Microsoft's SChannel but it's a little more involved as OpenSSL does some of the buffering for you so all you need to do is push bytes into it until you get clear text out...

Len Holgate  2008-12-18 17:51:43
Thanks - nice article!I'd prefer a solution that allows me to leverage on Microsoft's code, though, rather than haul in OpenSSL. SChannels seem a bit too low-level...Thanks again.Rony
ronys  2008-12-18 18:38:56
+4  A: 

You could take a look at Ultimate TCP/IP - it is MS friendly and might do what you're after:

http://www.codeproject.com/KB/MFC/UltimateTCPIP.aspx

I use this toolkit and it's very good.

Rob  2008-12-18 18:50:18
Thanks for the pointer - looks like a useful toolkit, although perhaps a bit of an overkill for my project.Also, the license is "The Code Project Open License (CPOL) 1.02", which isn't among the OSI approved licenses in http://opensource.org/licenses.Rony
ronys  2008-12-18 21:46:16
... What, so using MFC is ok, but a free license that isn't 'OSI approved' isn't? And because it doesn't do exactly what you need but a bit more it's 'overkill'? If you don't like the answers, don't ask the question...
Roel  2008-12-19 15:00:15
The beauty of Ultimate TCP/IP is that you only need to compile in the parts you want - in this case just the HTTPS support - hardly overkill IMHO.
Rob  2008-12-19 18:38:50
+2  A: 

Found a pointer to some Microsoft sample code which might fit the bill: http://msdn.microsoft.com/en-us/library/s2ya483s(VS.80).aspx

However this fails on AcquireCredentialsHandle, which will be my next question to this august forum...

ronys  2008-12-18 21:48:05
A: 

What about using the libeay32.dll and ssleay32.dll files that come as part of OpenSSL:

http://www.deanlee.cn/programming/openssl-for-windows/

jussij  2008-12-18 23:44:10
A: 

Just use WinHttp, It's a great API and has all you need to do SSL over HTTP (plus works with the Proxy configuration of Vista going forward)

 2008-12-30 17:06:28

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS