Overview
Features
Download
Documentation
Community
Add-Ons & Services

SSL sockets

A general discussion forum.

SSL sockets

Postby thready » 20 Jan 2010, 17:37

Hi Poco Experts,

I'm interested in creating an SSL server that can accept SSL sockets and not just the HTTPS protocol. The HTTPS protocol seems to be the only thing shown in the samples, etc. Is there such thing as a straight SSL socket in Poco? I've recently come across the BigSpeed Secure Socket Library and it looks great, but my love of Poco, which stems from the amazing support it has with Windows Services, makes me want to dive into Poco's SSL sockets support instead... But how can I set this up? And is there a way to simplify an SSL connection so that certificates are not required (like BigSpeed offers)? That for me would put Poco way over the top... The Open Services Platform looks simply amazing as well...

Thanks,
Mike
thready
 
Posts: 39
Joined: 20 Jan 2010, 17:20

Re: SSL sockets

Postby alex » 20 Jan 2010, 20:51

thready wrote:Is there such thing as a straight SSL socket in Poco?

Yes - Poco::Net::SecureServerSocket and Poco::Net::SecureStreamSocket
thready wrote:But how can I set this up?

See TCPServerTest
thready wrote:And is there a way to simplify an SSL connection so that certificates are not required (like BigSpeed offers)?

I never dealt with it, but I'm guessing that Context::VerificationMode::VERIFY_NONE should take care of that.
thready wrote:The Open Services Platform looks simply amazing as well...

OSP is indeed great - I'm using it myself. You do, however, realize it is not free, right?
alex
 
Posts: 1044
Joined: 11 Jul 2006, 16:27
Location: United_States

Re: SSL sockets

Postby thready » 21 Jan 2010, 16:55

Thanks for the info Alex, I will dive right in with what you said. As for OSP not being free, I noticed that, but I think something that powerful would pay for itself over and over again, not having to worry too much about how to do things right in updating a client's app.

Cheers,
Mike
thready
 
Posts: 39
Joined: 20 Jan 2010, 17:20

Re: SSL sockets

Postby thready » 21 Jan 2010, 17:08

Alex - do you think it's straight forward enough to retro-fit 3 finished apps (MFC apps that make use of OpenGL, ATL), into OSP? Or is MFC not very fitting? I noticed that some Win32 API functions were undefined in Poco as well...

Thanks,
Mike
thready
 
Posts: 39
Joined: 20 Jan 2010, 17:20

Re: SSL sockets

Postby alex » 21 Jan 2010, 17:55

thready wrote:Alex - do you think it's straight forward enough to retro-fit 3 finished apps (MFC apps that make use of OpenGL, ATL), into OSP? Or is MFC not very fitting?

It is hard to give a sound advice without knowing more details. It sounds like you are talking about GUI applications. If that is the case, then OSP is not your best fit because it is more geared toward server-side and background service functionality. At one point, we had a go at WebWidgets as server-side GUI support, but that development got stalled. I am doing web-based GUI stuff directly in ExtJS, using OSP as application server. There's some ExtJS server-side support in the sandbox.
thready wrote:I noticed that some Win32 API functions were undefined in Poco as well...

Actually, what is undefined is the horrible MS macro mess aimed at compilation of Unicode-sensitive API functions - Poco is calling these directly.
alex
 
Posts: 1044
Joined: 11 Jul 2006, 16:27
Location: United_States

Re: SSL sockets

Postby thready » 21 Jan 2010, 18:23

Thank you again Alex!
Cheers,
Mike
thready
 
Posts: 39
Joined: 20 Jan 2010, 17:20

Re: SSL sockets

Postby thready » 25 Jan 2010, 18:16

Hmmm.. It looks like the testsuite thinks that SecureStreamSocket is in the Net folder - it's really in the NetSSL folder. I tried to build the test suite from my own actual installation as well and I cannot locate PocoNetSSL.lib or PocoNetSSLd.lib. Am I missing something?
thready
 
Posts: 39
Joined: 20 Jan 2010, 17:20

Re: SSL sockets

Postby alex » 25 Jan 2010, 20:39

thready wrote:Am I missing something?

Probably so - I can not make any sense from your description. Download a clean POCO source archive and see if everything builds as expected. If you still have a problem, provide information about POCO version, platform and compiler version/environment as well as build method you are using (i.e. how to reproduce your problem).
alex
 
Posts: 1044
Joined: 11 Jul 2006, 16:27
Location: United_States

Re: SSL sockets

Postby thready » 25 Jan 2010, 20:44

Found the problem. My installation of OpenSSL had VC-specific libraries under the lib folder in another folder called VC. I had to move them up one level so they could be found by Poco's build for Crypto and NetSSL. All is good now.

Thanks,
Mike
thready
 
Posts: 39
Joined: 20 Jan 2010, 17:20

Re: SSL sockets

Postby thready » 04 Feb 2010, 21:34

When creating an SSL socket, I saw on the wiki that you can specify none as certificate verification. Stupid newbie question --> can I create an SSL connection without a private key and without a cert (if I'm not verifying anything)? i.e., can SSL negociation be automatic (if I don't care about authentication/verification)?

If all I care about is hiding what is being transferred and allow the unknown protocol I'm using under the encryption to prevent hacking, this to me is enough. But is Poco configurable to allow me to do this? I'm getting the error "SSL Exception: Configuration error: no certificate file has been specified."

Thanks,
Mike
thready
 
Posts: 39
Joined: 20 Jan 2010, 17:20

Next

Return to General Discussion

Who is online

Users browsing this forum: Baidu [Spider] and 1 guest