I've seen the questions and have asked them myself, but I've finally
gotten it to work. This does NOT use anything fancy in SSL: it performs
the handshake that SSL_connect() gives you, but that's it: no
certificates, etc... so this is the bare minimum (that I'm aware of)
needed to do an HTTPS post.
Some of the extras (e.g. the https server you're talking to, meaningful
header details, a more meaningful message body, etc...) will obviously
need to be filled in by yourself... and if you are using certificates
and so forth, you're own your own adding that stuff: I have no need for
it so haven't even tried... (the O'Reilly book can probably get you from
this snippet the rest of the way, though: I have it and it was little
help for the ultra-basics, but it did cover the extra stuff nicely
enough).
This also does no error checking whatsoever: no fluff to interfere with
the bare essentials, but certainly not production quality!
PS: this is Windows specific: the only difference in UNIX would be in
the initial socket connection, which should be pretty straightforward.
So, here it is.
Hope it helps!
======================================================================
#include <stdio.h>
#include <memory.h>
#include <winsock2.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
main()
{
char buff1[65536];
char buff2[65536];
char head[1024];
char tmpstr[256];
// regular (Windows) socket stuff...
int sock;
struct sockaddr_in sa;
WSADATA myWSAData;
// SSL specific stuff...
SSL_METHOD *meth = NULL;
SSL_CTX *ctx = NULL;
SSL *ssl = NULL;
// create POST body.
strcpy(buff1, "This is the body of our post... fill in with something
your server expects.");
// create POST header...
strcpy(head, "POST <post-path> HTTP/1.1\r\n"); // replace <post-path>
with something meaningful.
strcat(head, "User-Agent: <agent>\r\n"); // replace <agent>
with something meaningful.
strcat(head, "Host: <hostname>\r\n"); // replace <hostname>
with something meaningful.
strcat(head, "Pragma: no-cache\r\n");
strcat(head, "Accept: */*\r\n");
strcat(head, "Content-Type: text/*\r\n");
strcat(head, "Content-Length: ");
sprintf(tmpstr, "%d", strlen(buff1)); // body length is
given in the header
strcat(head, tmpstr);
strcat(head, "\r\n");
strcat(head, "Expect: 100-continue\r\n");
strcat(head, "\r\n");
// connect socket...
WSAStartup(MAKEWORD(2,2), &myWSAData);
sock = socket (AF_INET, SOCK_STREAM, 0);
memset (&sa, '\0', sizeof(sa));
sa.sin_family = AF_INET;
sa.sin_addr.s_addr = inet_addr(x.x.x.x); // replace with something
meaningful...
sa.sin_port = htons(443); // https port is usually 443
connect(sock, (struct sockaddr*) &sa, sizeof(sa));
// establish SSL
SSL_load_error_strings();
SSL_library_init();
meth = SSLv3_client_method();
ctx = SSL_CTX_new(meth);
ssl = SSL_new (ctx);
SSL_set_fd (ssl, sock);
SSL_connect (ssl);
// do the POST...
SSL_write (ssl, head, strlen(head)); // send post header
memset(buff2, 0x00, sizeof(buff2)); // init recv buffer
SSL_read (ssl, buff2, sizeof(buff2) - 1); // read server response
printf("%s\n", buff2); // should say "100
Continue" etc...
SSL_write (ssl, buff1, strlen(buff1)); // send post body
memset(buff2, 0x00, sizeof(buff2)); // init recv buffer
SSL_read (ssl, buff2, sizeof(buff2) - 1); // read server response
printf("%s\n", buff2); // should see "200 OK" and
reponse header
memset(buff2, 0x00, sizeof(buff2)); // init recv buffer
SSL_read (ssl, buff2, sizeof(buff2) - 1); // read server response
printf("%s\n", buff2); // should see response body
// clean up...
SSL_shutdown (ssl);
SSL_free (ssl);
SSL_CTX_free (ctx);
ERR_free_strings();
close (sock);
WSACleanup();
return(0);
}
======================================================================
This e-mail is confidential. If you are not the intended recipient, you must
not disclose or use the information contained in it. If you have received this
e-mail in error, please tell us immediately by return e-mail to [EMAIL
PROTECTED] and delete the document.
E-mails containing unprofessional, discourteous or offensive remarks violate
Sentry policy. You may report employee violations by forwarding the message to
[EMAIL PROTECTED]
No recipient may use the information in this e-mail in violation of any civil
or criminal statute. Sentry disclaims all liability for any unauthorized uses
of this e-mail or its contents.
This e-mail constitutes neither an offer nor an acceptance of any offer. No
contract may be entered into by a Sentry employee without express approval from
an authorized Sentry manager.
Warning: Computer viruses can be transmitted via e-mail. Sentry accepts no
liability or responsibility for any damage caused by any virus transmitted with
this e-mail.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
