I've written a class to wrap OpenSSL and ASINET.  So far I've managed to
successfully connect to an HTTPS server and exchange requests/data.

Aside from client-side connections, it should also support an application
as an SSL-enabled server, although this is untested and also requires
either a CA-certified or self-certified certificate.

If anyone wants to play around/experiment with it, let me know.

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

Boy, that's bad!!

I would be interested.

Phil Ide wrote:
> I've written a class to wrap OpenSSL and ASINET.  So far I've managed to
> successfully connect to an HTTPS server and exchange requests/data.
> 
> Aside from client-side connections, it should also support an application
> as an SSL-enabled server, although this is untested and also requires
> either a CA-certified or self-certified certificate.
> 
> If anyone wants to play around/experiment with it, let me know.
> 
> Regards,

Can we get a sample of this 'work in progress'. Also, do you know any
URL's that give details on using ASINET to simulate the commands a
browser sends/receives when connecting to a web site.

>I've written a class to wrap OpenSSL and ASINET.  So far I've managed to
>successfully connect to an HTTPS server and exchange requests/data.
>
>Aside from client-side connections, it should also support an application
>as an SSL-enabled server, although this is untested and also requires
>either a CA-certified or self-certified certificate.
>
>If anyone wants to play around/experiment with it, let me know.
>
>Regards,

Geoff,

> Can we get a sample of this 'work in progress'. Also, do you know any
> URL's that give details on using ASINET to simulate the commands a
> browser sends/receives when connecting to a web site.


ftp://ftp.rfc-editor.org/in-notes/rfc2616.txt

Basically, the format for an HTTP request is:

GET <URI> HTTP/<ver>

where <URI> is the resource to fetch.  For example, the above RFC could be
recovered (if it were located on an HTTP server and not on an FTP server)
using the URI '/in-notes/rfc2616.txt'.

<ver> should be 1.0 or 1.1.

The request should be terminated by two CRLF pairs.

So, for this URL:
http://www.despair.com/2004calendar.html

You would do this:

GET /2004calendar.html HTTP/1.1

As for seeing the 'work-in-progress', I've found a bug.  As soon as I've
fixed it, I'll make the code available.

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

Hepaticocholecystostcholecystenterostomy

Geoff,

I've found my bug 

If the server you send the URI to is hosting multiple sites, you need to
tell it which host the URI is respective to.  If the port is not the
default (80), you should also specify the port.  Note that adding this
extra info does no harm if the server is not vhosting.

> Basically, the format for an HTTP request is:
> 
> GET <URI> HTTP/<ver>

Becomes:

GET <URI> HTTP/1.1
Host: <host>[:port]

So, to look at a thawte SSL page:

GET /cgi/server/status.exe HTTP/1.1<CRLF>
Host: www.thawte.com:443<CRLF>
<CRLF>

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

Nothing cures a case of nerves like a case of beer.

Still going off my head. Guess before I start bothering you with some stupid
questions, I must read something about SSL and HTTPS.

Still a simple question. Currently I simulate (very small small things)
HTTP-POSTs via ASINET's LoadFromUrl()
But I could access HTTP sites only (well, frankly didnt tried a HTTPS site
yet).

Using this, can I access sites like Hotmail/yahoo to fetch and send mails ?
(Well this is not what am looking for, but still)

Or its gonna work from the server side ?

Anand

NB: Excuse me for some stupid queries.

"Phil Ide" <phil@idep.org.uk> wrote in message
news:1wor1sxvjbeuu.dlg@idep.org.uk...
> Geoff,
>
> I've found my bug 
>
> If the server you send the URI to is hosting multiple sites, you need to
> tell it which host the URI is respective to.  If the port is not the
> default (80), you should also specify the port.  Note that adding this
> extra info does no harm if the server is not vhosting.
>
> > Basically, the format for an HTTP request is:
> >
> > GET <URI> HTTP/<ver>
>
> Becomes:
>
> GET <URI> HTTP/1.1
> Host: <host>[:port]
>
> So, to look at a thawte SSL page:
>
> GET /cgi/server/status.exe HTTP/1.1<CRLF>
> Host: www.thawte.com:443<CRLF>
> <CRLF>
>
> Regards,
> --
> Phil Ide
>
> ***************************************
> * Xbase++ FAQ, Libraries and Sources: *
> * goto: http://www.idep.org.uk/xbase  *
> ***************************************
>
> Nothing cures a case of nerves like a case of beer.

Anand,

> Still a simple question. Currently I simulate (very small small things)
> HTTP-POSTs via ASINET's LoadFromUrl()
> But I could access HTTP sites only (well, frankly didnt tried a HTTPS site
> yet).
> 
> Using this, can I access sites like Hotmail/yahoo to fetch and send mails ?
> (Well this is not what am looking for, but still)
> 
> Or its gonna work from the server side ?

It will work for both client and server sides.  Essentially, using the
XbSSL() class, you can request pages (and other data) from SSL sites.
Using the sample code that Alaska (was it Andreas?) posted to extract data
from a page, you could fill out forms and submit them without user
intervention, totally under the control of your program code.

So yes, you could interface with your webmail server 

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

I think, therefore I thwim.

Hi Phil

<snip>
>
> It will work for both client and server sides.  Essentially, using the
> XbSSL() class, you can request pages (and other data) from SSL sites.
> Using the sample code that Alaska (was it Andreas?) posted to extract data
> from a page, you could fill out forms and submit them without user
> intervention, totally under the control of your program code.
>
> So yes, you could interface with your webmail server 
Wow that sounds absolutely neat. I must get my hands laid on this
ASAPppppppppppppppppp

Thanks once again for your amazing contribution to the community (atleast to
me forsure).

Anand

Hi,

> I've written a class to wrap OpenSSL and ASINET.  So far I've managed to
> successfully connect to an HTTPS server and exchange requests/data.

This is now available from my site, item #60.

Please read the readme.html (in the package) for caveates and requirements.

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

Whatever it is, I'm against it! - Groucho Marx

Phil Ide <phil@idep.org.uk> wrote in news:1j1cvnxkvn755.dlg@idep.org.uk:

> Aside from client-side connections, it should also support an application
> as an SSL-enabled server, although this is untested and also requires
> either a CA-certified or self-certified certificate.

Yes you should be able to create an SSL server. In fact, Roger Donnay is 
already using Stunnel (it uses OpenSSL) as a SSL proxy for his website that 
is written in Xb2.NET, eg:

straight to Xb2.NET server: http://www.donnay-software.com
going through Stunnel proxy: https://www.donnay-software.com

Best regards,
Boris Borzic

http://www.Xb2.NET
http://www.SQLExpress.net
industrial strength Xbase++ development tools

Boris,

>> Aside from client-side connections, it should also support an application
>> as an SSL-enabled server, although this is untested and also requires
>> either a CA-certified or self-certified certificate.
> 
> Yes you should be able to create an SSL server. In fact, Roger Donnay is 
> already using Stunnel (it uses OpenSSL) as a SSL proxy for his website that 
> is written in Xb2.NET, eg:
> 
> straight to Xb2.NET server: http://www.donnay-software.com
> going through Stunnel proxy: https://www.donnay-software.com

When I get a chance, I'll try and knock up an Xb2.NET demo showing how to
make the server SSL using my lib.  Of course, that will automatically make
both the web and the SOAP SSL.  It will also give me the chance to test the
server side of the library.

I warn everyone though, that my diary is pretty full at the moment, so if
someone else want to have a go first, be my guest. 

Regards,

Phil Ide

***************************************
* Xbase++ FAQ, Libraries and Sources: *
* goto: http://www.idep.org.uk/xbase  *
***************************************

The agony of delete...