Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

Can Winsock do HTTPS through a proxy?

47 views

Skip to first unread message

ad...@videx.com

unread,

Jun 3, 2009, 1:14:54 PM6/3/09

Hello,

How do I use the Winsock API to convert a connected, non-secure TCP/IP
socket to a secure one?

I've been challenged with the task of adding proxy support to our
Windows CE application. Currently the app talks HTTPS to a web
service. Now it needs to be able to do this communication through a
proxy.

From my understanding unsecured HTTP through a proxy is simple:
Instead of connecting to the remote server, connect to the proxy, then
start issuing requests as usual.

HTTPS is slightly more complicated [http://curl.haxx.se/rfc/draft-
luotonen-web-proxy-tunneling-01.txt]:
1) Establish an unencrypted connection to the proxy server.
2) Issue the HTTP CONNECT request which triggers the proxy to
connect to the remote server
3) Receive the 200 OK response
4) Do the SSL hand shaking to encrypt the connection
5) start issuing HTTP requests as usual

Here's the winsock code I use currently to create a secure connection
(minus the error handling):
==============
SOCKET socketHandle = socket(AF_INET, SOCK_STREAM, 0);

//put the socket in secure mode
DWORD dwVal = SO_SEC_SSL;
setsockopt(socketHandle, SOL_SOCKET, SO_SECURE, (LPSTR)&dwVal, sizeof
(DWORD));

//set the certificate validation callback
SSLVALIDATECERTHOOK hook;
hook.HookFunc = mySSLValidateCertFunc;
hook.pvArg = 0;

WSAIoctl(socketHandle, SO_SSL_SET_VALIDATE_CERT_HOOK, &hook, sizeof
(SSLVALIDATECERTHOOK),
NULL, 0, NULL, NULL, NULL)

//specify support for only the Transport Layer Security (TLS) version
1 protocol
SSLPROTOCOLS protocols;
protocols.dwCount = 1;
protocols.ProtocolList[0].dwProtocol = SSL_PROTOCOL_TLS1;
protocols.ProtocolList[0].dwVersion = 0;
protocols.ProtocolList[0].dwFlags = 0;

WSAIoctl(socketHandle, SO_SSL_SET_PROTOCOLS, &protocols, sizeof
(protocols),
NULL, 0, NULL, NULL, NULL)

//establish a connection with the sever
connect(socketHandle, (PSOCKADDR)&serverAddress, sizeof
(serverAddress))
==============

The above code sets up the secure socket options before the connection
happens. How do I do it after the connection has been established?

Any help would be greatly appreciated. Thanks!
- Adam

tru...@arcor.de

unread,

Jun 4, 2009, 11:32:52 AM6/4/09

Using a Deferred Handshake: http://msdn.microsoft.com/en-us/library/aa922192.aspx

AdamB

unread,

Jun 8, 2009, 1:56:54 PM6/8/09

Thanks! Worked like a charm.

0 new messages