Click here to Skip to main content
14,423,065 members
Rate this:
Please Sign up or sign in to vote.
See more:

I developed a client and server that use the OpenSSL to communicate using TLS via TCP, and it is working very well.

But I need to communicate via Namedpipe, and there is the question:
When I create a namedpipe, I call:
HANDLE hPipe = CreateNamedPipe(...);
ConnectNamedPipe(hPipe, NULL);

After the Namedpipe is connected, I need call:
int SSL_set_fd(SSL *ssl, int fd);

As we can see, the "hPipe" is a HANDLE, but I need convert this HANDLE to int. So I tried to use the below to get a "int" then call SSL_set_fd(ssl, fd):
int fd = _open_osfhandle(reinterpret_cast<intptr_t>(hPipe), 0); 

The return of _open_osfhandle() will be "3", but OpenSSL isn't accepting when I try call "SSL_accept()".

Am I doing something wrong?
Is there other way to use OpenSSL with Namedpipe?
Note: I'm using the Microsoft Visual Studio, C++.

Thank you.
[no name] 1-Feb-14 14:11pm
a.) why you need to convert to int?

b.) why in case it is need to convert, why you do not convert to a better matching type like e.g. DWORD
Haruks 1-Feb-14 14:24pm
Because I need call "SSL_set_fd(SSL *ssl, int fd)" from OpenSSL. The second parameter is a "int" (the file descriptor) that will be associated with the "ssl" object.
[no name] 1-Feb-14 15:14pm
Thanks for your feedback. Unfortunately I can't help you in this matter. But I think other members will help you ;)
Why named pipes, not sockets? Just to have some extra difficulties? :-)
Haruks 2-Feb-14 11:29am
I need that two local process exchanges data (IPC), but it must be a exclusive communication channel (just two process can connect - just the server and one client). The use of TCP with loopback address is a option, but I wish to avoid problems with third-party firewall softwares.
Hm... I don't know why do you think pipes can help you. I don't think the firewall would make any difference. They just look at the lower-level packages and ports numbers...
Haruks 2-Feb-14 16:25pm
I want to avoid that a firewall blocks loopback connections.
I know that exists firewall for namedpipes, but is more common to TCP.
[no name] 4-Feb-14 11:02am
Dear Sergey
Can you help me with this (in case you think it is worth to ask a question I will ask it in the forum)?
I agree named pipes gives some extra difficulties. But one advantage for me is I do not have to decide for a portnumber on which the server has to listen. Or can this be automated with sockets? N.B: I need to have an IPC between a service and a background process.

Thank you in advance.
Regards, Bruno
They are not too difficult or different (yes, there are some extra hassles), I used the myself. Note that they also can be used via the "IPC" channel of "classical" remoting or WCF, consider it — it would allow you to change channels (TCP, pipes, whatever else...) without changing the rest of the code.

I just don't know the difference they probably can make in relation to firewalls. You can use pipes (originally designed as IPC working on the same computers) across network. I don't really know the protocols used for that, but I assume that firewalls cannot see the difference, is it a pipe or not. Firewall use brute force to block something. Can you see the point?

KarstenK 3-Feb-14 6:06am
Client and server architecture is a very strong argument for using TCP.
Haruks 3-Feb-14 6:26am
I agree, but in this case, there is a IPC/local communication, between two local process.
I want to use NamedPipe, because if I use TCP, is possible that a firewall (on the local machine) blocks the communication. I wish to avoid problems like that. In this case, the NamedPipe will be better.

1 solution

Rate this:
Please Sign up or sign in to vote.

Solution 1

You are trying to convert a HANDLE into an FD.
Maybe open_osf_handle doesn't work as it should.

Try skipping that step.
In Unix named pipes are opened directly with fopen
FILE* fpwrite = fopen("\\\\.\\pipe\\SamplePipe", ....)

According to[^] someone answered that it should be possible in Windows too.

I have never seen anyone run SSL over a named pipe.
I am not 100% sure it will work, but it is worth a try of course.
Good luck.
Haruks 5-Feb-14 20:55pm
First of all, thank you by submit a solution.
Unfortunately, the fopen() can open a existing namedpipe (client side), but doesn't create the namedpipe (server side), it returns NULL.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100