Cryptography Reference
In-Depth Information
One thing that's particularly interesting about this approach to supporting
HTTPS through proxies is that it means that, in order to properly support HTTPS,
the proxy must be capable of establishing arbitrary connections with arbitrary
hosts as long as the authentication is completed properly. This capability can
be used to tunnel any protocol through an HTTP proxy, although the client
software has to be modifi ed to support it.
SSL with OpenSSL
It would be irresponsible of me to recommend using a tried-and-true SSL library,
such as OpenSSL, but then not show you how to do so, especially if your desire is
to do production-grade security work. Listing 10-3 reworks the HTTPS example
from Chapter 6 using the OpenSSL library.
Listing 10-3: “https.c” with OpenSSL
#include <openssl/ssl.h>
int http_get( int connection,
const char *path,
const char *host,
SSL *ssl )
{
static char get_command[ MAX_GET_COMMAND ];
sprintf( get_command, “GET /%s HTTP/1.1\r\n”, path );
if ( SSL_write( ssl, get_command, strlen( get_command ) ) == -1 )
{
return -1;
}
sprintf( get_command, “Host: %s\r\n”, host );
if ( SSL_write( ssl, get_command, strlen( get_command ) ) == -1 )
{
return -1;
}
strcpy( get_command, “Connection: Close\r\n\r\n” );
if ( SSL_write( ssl, get_command, strlen( get_command ) ) == -1 )
{
return -1;
}
return 0;
}
void display_result( int connection, SSL *ssl )
 
Search WWH ::




Custom Search