Click here to Skip to main content
15,867,308 members
Articles / Desktop Programming / MFC
Article

CAsyncSslSocketLayer - SSL layer class for CAsyncSocketEx

Rate me:
Please Sign up or sign in to vote.
4.88/5 (13 votes)
1 Jun 20033 min read 90.3K   61   18
This class is an SSL layer for CAsyncSocketEx using OpenSSL.

Introduction

CAsyncSslSocketLayer is a layer class for CAsyncSocketEx which allows you to establish SSL secured connections to servers.

For information about CAsyncSocketEx and the layer system in general, please read my CAsyncSocketEx article.

How to use

Using this class is really simple. In the easiest case, just add an instance of CAsyncSslSocketLayer to your socket and call InitClientSsl after creation of the socket.

This class only has three new public functions:

  • InitClientSsl();

    This functions establishes an SSL connection to the server. You can call it at any time once the socket has been created. Most likely you want to call this function right after calling Create for the socket. But sometimes, you'll need to call this function later. One example is for an FTP connection with explicit SSL: In this case you would have to call InitClientSsl after receiving the reply to an AUTH SSL command.

  • UsingSSL();

    Returns true if you've previously called InitClientSsl()

  • SetNotifyReply(int nID, int nCode, int result);

    You can call this function only after receiving a layer specific callback with the SSL_VERIFY_CERT ID. See below for details.

This layer sends some layer specific notifications to your socket instance, you can handle them in OnLayerCallback of your socket class. Valid notification IDs are:

  • SSL_INFO 0

    There are two possible values for param2:

    • SSL_INFO_ESTABLISHED 0 - You'll get this notification if the SSL negotiation was successful.
    • SSL_INFO_SHUTDOWNCOMPLETE 1 - You'll get this notification if the SSL connection has been shut down successfully. See below for details.
  • SSL_FAILURE 1

    This notification is sent if the SSL connection could not be established or if an existing connection failed. Valid values for param2 are:

    • SSL_FAILURE_UNKNOWN 0 - Details may have been sent with a SSL_VERBOSE_WARNING or SSL_VERBOSE_INFO notification.
    • SSL_FAILURE_ESTABLISH 1 - Problem during SSL negotiation
    • SSL_FAILURE_LOADDLLS 2
    • SSL_FAILURE_INITSSL 4
    • SSL_FAILURE_VERIFYCERT 8 - The remote SSL certificate was invalid
  • SSL_VERBOSE_WARNING 3
  • SSL_VERBOSE_INFO 4

    These two notifications contain some additional information. The value given by param2 is a pointer to a null-terminated character string (char *) with some useful information.

  • SSL_VERIFY_CERT 2

    This notification is sent each time a remote certificate has to be verified. param2 is a pointer to a t_SslCertData structure which contains some information about the remote certificate. Return 1 if you trust the certificate and 0 if you don't trust it. If you're unsure so that the user has to choose to trust the certificate, return 2. In this case, you have to call SetNotifyReply later to resume the SSL connection. nID has to be the priv_data element of the t_SslCertData structure and nCode has to be SSL_VERIFY_CERT. Set nAction to 1 if you trust the certificate and 0 if you don't trust it.

Be careful with closing the connection after sending data, not all data may have been sent already. Before closing the connection, you should call Shutdown() and wait for the SSL_INFO_SHUTDOWNCOMPLETE notification. This assures that all encrypted data really has been sent.

License

Feel free to use this class, as long as you don't claim that you wrote it and this copyright notice stays intact in the source files. If you use this class in commercial applications, please send a short message to tim.kosse@gmx.de.

This product includes software developed by the OpenSSL project for use in the OpenSSL Toolkit.

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


Written By
Web Developer
Germany Germany
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.

Comments and Discussions

 
QuestionDid anybody succeeded in using CAsyncSocketEx+CAsyncSslSocketLayer? Please help! Pin
ehaerim3-Aug-18 21:22
ehaerim3-Aug-18 21:22 
Questionhow to I use this in console application? Pin
vvvjjj23-Apr-12 20:10
vvvjjj23-Apr-12 20:10 
Questiondemo project works, in my project fails with ssl works without ssl Pin
vvvjjj20-Apr-12 1:36
vvvjjj20-Apr-12 1:36 
GeneralSSL_INFO_ESTABLISHED Pin
Shi Zhu20-Apr-10 19:04
Shi Zhu20-Apr-10 19:04 
GeneralClose SSL Socket [modified] Pin
filippov.anton8-Jul-09 21:44
filippov.anton8-Jul-09 21:44 
GeneralIf I use ssl layer how did I know a larger message recv completed? such as 20KB size message. Pin
Andy Mao18-Dec-08 20:25
Andy Mao18-Dec-08 20:25 
GeneralSSL Server Pin
choupani23-Jul-08 1:42
choupani23-Jul-08 1:42 
Generalerror LNK2001: unresolved external symbol "public: virtual void __thiscall CAsyncSocketEx::OnSend(int)" Pin
tabataa6-May-08 0:15
tabataa6-May-08 0:15 
GeneralRe: error LNK2001: unresolved external symbol "public: virtual void __thiscall CAsyncSocketEx::OnSend(int)" Pin
Member 317484311-Aug-08 17:55
Member 317484311-Aug-08 17:55 
GeneralError in pSSL_library_init() Pin
canido26-Jul-06 5:24
canido26-Jul-06 5:24 
GeneralRe: Error in pSSL_library_init() Pin
StarMeteor30-Jan-08 17:16
StarMeteor30-Jan-08 17:16 
QuestionHow should I verify the certification?^_^ Pin
qiuweihang29-Nov-05 21:45
qiuweihang29-Nov-05 21:45 
Generalsend fails Pin
Andrew K3-May-05 16:55
Andrew K3-May-05 16:55 
GeneralRe: send fails Pin
canido24-Aug-06 3:50
canido24-Aug-06 3:50 
GeneralRe: send fails Pin
uxcallme2-Jan-08 20:43
uxcallme2-Jan-08 20:43 
GeneralRe: send fails Pin
Member 31748437-Aug-08 0:04
Member 31748437-Aug-08 0:04 
AnswerRe: send fails Pin
Member 317484311-Aug-08 17:52
Member 317484311-Aug-08 17:52 
Generalnot getting structure returned Pin
jbone441-Jul-03 3:34
jbone441-Jul-03 3:34 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.