SSL_read confusion

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

SSL_read confusion

Carlos Roberto Zainos H
Hi guys!
 
I have some doubts in SSL functions, specially in  SSL_read function.
 
I'm trying to write an HTTPS generic client (POST and GET methods must be availables), I've written the code for connection via win sockets (blocking socket) and used the next code for the SSL handshake:
 
if ((ctx = SSL_CTX_new (meth)) == NULL )
   // Error

SSL_CTX_set_options(ctx,0);
if ((ssl = SSL_new (ctx)) == NULL)
  //Error
if ((SSL_set_fd (ssl, s)) != 1)
  //Error
SSL_set_connect_state(ssl);
 
if ((SSL_connect(ssl)) !=1 )
  //Error
/* Until here there's no problem */
 
The misunderstood becomes when I compose a GET request and try to recover the server's answer with SSL_read:
 
char read [1024];
char head[1024];
 
sprintf(head,"GET /index.html HTTP/1.1 \t\n\t");
res = SSL_write (ssl, head, strlen(head)); // OK
 
// try to recover the index.html resource
 
memset(read, 0, sizeof(read));
res = SSL_read (ssl, &(read[0]), sizeof(read)-1);
 
//The last line only recover the 'H' from the HTTP/1.0 header spec; this means only read 1 byte, the docs say SSL_read attempt to read sizeof(read)-1 bytes and put them in &(read[0]... so I don't understand why I'm only getting one byte.
 
If I put it on bucle then I get the complete response
 for (i=0; i<=70; i++)
 {
  res = SSL_read (ssl, &(read[0]), sizeof(read)-1); //res =0
  res = SSL_get_error(ssl, res);
  fprintf (stderr,"%s \n", res);
  memset(read, 0, sizeof(read));
 }
 
HTTP/1.0 200 OK
Content-Lenght: 2428
Content-Type:text/html
 
<!-- DOCTYPE HTML PUBLIC ....
-->
 
WIN XP Pro
MVC/C++ 6.0 compiler
OpenSSL 0.9.7f
 
 
Any Suggestions or pointing will be appreciated
 
Best regards
 
Zainos
 



Do You Yahoo!?
Yahoo! Net: La mejor conexión a internet y 25MB extra a tu correo por $100 al mes.
Reply | Threaded
Open this post in threaded view
|

RE: SSL_read confusion

JoelKatz

> sprintf(head,"GET /index.html HTTP/1.1 \t\n\t");

        That should be "GET /index.html HTTP/1.1\r\nHost: <whatever>\r\n\r\n". For
an HTTP/1.1 request, a 'Host' header is required. You also have to handle
chunked encoding if you claim 1.1 compliance.

> memset(read, 0, sizeof(read));
> res = SSL_read (ssl, &(read[0]), sizeof(read)-1);

> //The last line only recover the 'H' from the HTTP/1.0
> header spec; this means only read 1 byte, the docs say
> SSL_read attempt to read sizeof(read)-1 bytes and put
> them in &(read[0]... so I don't understand why I'm
> only getting one byte.

        Apparently only one byte was ready at the time you called SSL_read. If you
call it later, you might get more. Nothing in the SSL protocol 'glues' bytes
together. For all the SSL engine knows, one byte is all you were ever going
to get, so it couldn't wait for more.

> If I put it on bucle then I get the complete response

> for (i=0; i<=70; i++)
> {
>  res = SSL_read (ssl, &(read[0]), sizeof(read)-1); //res =0
>  res = SSL_get_error(ssl, res);
>  fprintf (stderr,"%s \n", res);
>  memset(read, 0, sizeof(read));
> }

        Exactly.

> Any Suggestions or pointing will be appreciated

        What exactly do you need help with? Follow the protocol and call 'SSL_read'
whenever the protocol suggests that you should be reading data from the
other side.

        DS


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]