I am trying to implement secure websocket connection (WSS) in c++ . I don't want to use any external library. I have the code which is working for normal (ws) connections. I want to add the support for HTTPS also. Can any body suggest me how to proceed in this.
Example: for normal ws connections:
GET /foo HTTP/1.1
Host: example.server.com
Upgrade: websocket
Connection: keep-alive, Upgrade
Sec-WebSocket-Key: dfGsdNhbXBsZSBub25REQ==
Sec-WebSocket-Version: 13.
The code which i have already is sending these type of requests, after creating normal socket and connected to server. In the same manner i want to do WSS also.
Please suggest me on how to do that.
Thanks,
VVK.
Related
I'm a bit new to websocket programming. I've been trying to use this example :- https://www.boost.org/doc/libs/develop/libs/beast/example/websocket/client/async-ssl/websocket_client_async_ssl.cpp to connect to the coinbase websocket api over here :- https://docs.pro.coinbase.com/#websocket-feed
However, I keep getting 400 - Bad Request in the response on wireshark.
Here is a snapshot of my TCP request :-
Any idea what I might be doing wrong here?
So turns out I am really new to web programming. The standard TLS port is 443. Also, coinbase's TLS api requires you to only set the hostname in the SNI field and not the hostname:port
Otherwise, the example worked as is!
I am working on Client Server application. Client side uses Windows Networking API's to establish connection with server. There are many HTTP requests I am requesting,which can use persistent connection. However for one HTTP Request I have to send it through seperate TCP stream,how can I achieve this? Currently my HTTP request is using the already used TCP stream which is causing issue. I have control on client code,so is there any header I can include to make sure http request does not share the connection
WinHttpSetOption(handle, WINHTTP_OPTION_MAX_CONNS_PER_SERVER, &maxConnections,
sizeof(maxConnections));
I want to connect to a proxy server that only allows HTTP connections, to speak with the target server by HTTPS.
The proxy server documentation states that the only way to do that is by means of the HTTP Connect verb (they are planning to add direct HTTPS connections to the proxy server itself, but for the moment only HTTP connections are allowed).
In my C++ program, I successfully connected and worked with the target server using ssl_stream's during a couple of months, using boost::asio without boost::beast, but I want now to use a proxy using boost::beast to make things easier; so, I now how to work with boost::asio but I'm a boost::beast newbie (and I don't fully understand how SSL works either).
The think is that, in my understanding, when you use a ssl_stream, you encript the whole communication, however, what I need now is to insert the encrypted message within the CONNECT HTTP body, and I don't know how to do that.
I've readed that this has something to do with the lowest_layer/next_layer thing but I'm not sure.
Could anybody provide an example of a full read/write connection with a proxy-server? or at least further clarifications?
Declare a variable for the connection (ioc is the io_context)
boost::asio::ssl::stream<boost::asio::ip::tcp::socket> stream{ioc};
Build a CONNECT HTTP request message (req) using Beast
Send the request to the proxy in plain-text (note next_layer())
boost::beast::http::write(stream.next_layer(), req);
Read the HTTP response from the proxy
If the response has OK status, the tunnel is established
Now perform the SSL handshake:
stream.handshake(boost::asio::ssl::stream_base::client);
At this point you can write HTTP requests to stream and read HTTP responses from stream using Beast as normal (do not use next_layer() again).
We have a C\S model program. And users use client to connect our server. But some company users surf the Internet via HTTP proxy Server(not SOCKS4 or SOCKS5 proxy server). In this case, we need provide a feature to set the client proxy server(just like some other software). If do so, we should package our original data to Http protocol. So I want to know:
Is the method OK? Or there are some other better method to solve the problem.
If do so, Can our server send data to client initiatively?
Do you know other released software which have the feature to set proxy server how to deal this problem?
That is not how HTTP proxies work. You do not have to re-package your existing data as HTTP. All you need to do is:
connect to the HTTP proxy port, and send it an HTTP CONNECT request specifying the host/IP and port to connect to, eg:
CONNECT hostname:port HTTP/1.0
User-agent: MyApp
If the proxy requires authentication, you can also provide a Proxy-authorization header containing the encoded credentials as needed, eg:
CONNECT hostname:port HTTP/1.0
User-agent: MyApp
Proxy-authorization: basic dGVzdDp0ZXN0
if the proxy accepts the request and is successful in connecting to the requested host, it will send back an HTTP 200 reply, eg:
HTTP/1.0 200 Connection established
Proxy-agent: ProxyApp/1.1
you can now send and receive your data as you were already doing before, and the proxy will pass the data as-is between the client the host in both directions. You do not have to change any code logic other than to establish the proxy connection.
See Tunneling TCP based protocols through Web proxy servers
for more details.
This process is similar to the way other proxy protocols work, like SOCKS. The client connects to the proxy, requests a connection to the server host, and then the client and server pass data back and forth as if the proxy were not present.
I'm using boost::asio and I've been looking at the example code on how to connect to an ssl host. But I want to send a get request after I've connected to the server through ssl, how is this possible? Do I send a get request as the http example do exactly?
After the handshake is done (handle_handshake in the example) and there was no errors, you should be able to use the connection just as any other Boost ASIO connection.