I need to send an HTTP request to a server using HTTPS on Linux using plain sockets. Is there a way to do this?
Code is appreciated.
Thanks
You can encrypt the traffic with the OpenSSL library. Here is an example HTTP client: http://www.w3.org/Library/src/HTTP.c
You need an implementation of TLS (Transport Layer Security, formerly known as Secure Sockets Layer, specified in RFC 5246), whether it be OpenSSL, GnuTLS, Ajisai, yaSSL, NSS, or your own implementation (not recommended).
I think you'll need to use an SSL library, such as OpenSSL (which should be available on nearly every Linux system, or trivially available if not installed by default). AFAIK, there is no way to do SSL with only a absic Berkeley-style sockets implementation.
Related
I am implementing a socket which accepts connection using TLS.
I found some information on SO on how it can be implemented using OpenSSL. Turn a simple socket into an SSL socket
My question is,
Do I have to use openssl (or some other library) to implement TLS compatible socket. Is there any standard C methods to implement it?
There is no standard C library for TLS. There is OpenSSL which is used a lot and works on many platforms but there are also platform specific libraries like SChannel (Microsoft) or Secure Transport (Apple). And there are many more cross-platform like NSS, GnuTLS, Botan, ... . See Wikipedia: Comparison of TLS implementations for more information.
Of course, you could in theory implement everything yourself but TLS is a complex protocol. And implementation of cryptographic stuff are much harder to get fully right than most other programming tasks, so better use an established library.
I am trying to incorporate some SSL/TLS into some Windows Sockets. I can't find any good examples so right now I am looking into the WinHTTP API.
I am wondering if this can be used like traditional socket send() and recv() functionality? I found an example of some code from Windows here:
https://github.com/Microsoft/Windows-classic-samples/blob/master/Samples/WinhttpWebsocket/cpp/WinhttpWebsocket.cpp
I have compiled it and tested using nc and I am getting the HTTP Headers printed to the command prompt. I don't need any of those headers as I want to create my own protocol and send my own data. Is it possible to not use those headers and not use any kind of GET/POST keywords and just treat this as normal socket operations?
Or should I be looking somewhere else? I don't want to use OpenSSL or any 3rd party libraries.
WinHTTP was developed as a light-weight HTTP library to replace WinINet in service applications. It is basically WinINet without FTP/Gopher support and no user preferences.
I doubt WinHTTP allows you to perform connections that are not based on the HTTP protocol, you need to go to a lower layer like SChannel for example. SChannel supports SSL and TLS.
The Windows SDK used to have a SSPI example.
I m working with libcurl. It's very good (as client) and I used to open a socket to a server and then send my http packets.
I'm wondering if it's possible to develop http server with the libcurl. the http server will listen on a given port then when it receive a http packet then the http server return a need to a digest authentication.
I made some research in stackoverflow and in the curl website but without result.
Is it possible to do that with libcurl ? and how to do it?
To repeat what others have said: no, libcurl is not for servers. It is even said in the curl FAQ:
5.17 Can I write a server with libcurl?
No. libcurl offers no functions or building blocks to build any kind
of internet protocol server. libcurl is only a client-side library.
For server libraries, you need to continue your search elsewhere but
there exist many good open source ones out there for most protocols
you could possibly want a server for. And there are really good
stand-alone ones that have been tested and proven for many years.
There's no need for you to reinvent them!
You need some HTTP server library (since libcurl is only an HTTP client librart) I would suggest to use libonion but there are several other HTTP server frameworks (libmicrohttpd, POCO & Wt in C++, ....).
HTTP is a complex protocol, even if coding a server for a tiny subset (like plain GET requests, without all the useful features like conditional requests, encoding & compression, etc...) of it is reasonably feasible. Hence I recommend using a full-fledged HTTP server library, and that cannot be a tiny library.
Do you know of any HTTP client library in C (with SSL support) that also allows direct communication with the remote server?
I have a client-server application where the client uses HTTP to start a session in the server and then tells the server to switch the connection from HTTP to a different protocol. All communication is encapsulated in SSL. It is written in Perl and works well, but I'm looking into implementing the client in C.
I know libcurl gives you access to the underlaying socket but it's not enough because of the SSL requirement.
Notice that libcurl doesn't do the SSL part by itself, it uses OpenSSL. So, if you can get the socket handle from libcurl after the first HTTP interactions, AND the session key it uses (some spelunking required) you can go on directly with OpenSSL from that point.
I think that you must be looking for this otherwise you must have to write it yourself, like this
Sounds like you want Web Sockets. Don't know if there's a C library available though. I would assume there is, if you dig.
I'm looking to add SSL support to a client application written in C/C++ that I'm developing (it is multi-platform, designed to work on Linux and Windows). OpenSSL documentation is pretty poor, but I found a good working tutorial here. To my knowledge, however, there is no way to bind the socket to a local IP address using the BIO handle. There is a rather old ticket on the OpenSSL bug tracker that addresses this, but I think that no solution has been found (one comment suggests using BIO_get_accept_socket, but that will obviously not work for my client application). Any suggestions, solutions, or alternative libraries that offer this kind of functionality?
You can just create, bind and connect the socket yourself, then use SSL_set_fd to pass the socket to OpenSSL, followed by SSL_connect to set up the session.