replacing asio openssl with schannel on win32
Has anyone developed a win32 schannel based ssl implementation for asio? Regards, George.
Hi George, On Fri, 15 Dec 2006 21:40:03 -0500, "George M. Garner Jr." <gmgarner@erols.com> said:
Has anyone developed a win32 schannel based ssl implementation for asio?
Not that I am aware of. It would be nice to have support for SSL on Windows without the dependency on openssl. I have no idea of the scope of such a task though, but I'm sure it's a non-trivial exercise. Cheers, Chris
Christopher,
I have no idea of the scope of such a task though, but I'm sure it's a non-trivial exercise. <
Actually, SSL is almost trivial on Windows, particularly when you compare it with the OpenSSL implementation. See e.g., http://www.codeproject.com/internet/sslsocket.asp. Doing SSL within the context of IOCompletion ports is a bit more complicated, which this sample doesn't deal with. But presumable you have already cracked that nut with your OpenSSL implementation. I have just begun reviewing your object model. I am trying to identify which interface implementations I need to replace. I thought perhaps you could help me in that regard. Really, once the ssl implementation should be largely transparent once the ssl socket object has been constructed. Regards, George. "Christopher Kohlhoff" <chris@kohlhoff.com> wrote in message news:1166439105.5815.280961457@webmail.messagingengine.com...
Hi George,
On Fri, 15 Dec 2006 21:40:03 -0500, "George M. Garner Jr." <gmgarner@erols.com> said:
Has anyone developed a win32 schannel based ssl implementation for asio?
Not that I am aware of. It would be nice to have support for SSL on Windows without the dependency on openssl. I have no idea of the scope of such a task though, but I'm sure it's a non-trivial exercise.
Cheers, Chris _______________________________________________ Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost
Christopher, Actually, to answer my own question, it looks like I would need to parameterize the service_impl_type in the context_service class: class context_service template<typename _SERVICE_IMPLACE_TYPE = :detail::openssl_context_service> public asio::io_service::service { private: // The type of the platform-specific implementation. typedef _SERVICE_IMPLACE_TYPE service_impl_type; ... }; Is that correct? Is 0.3.7 still the current release? Regards, George. "Christopher Kohlhoff" <chris@kohlhoff.com> wrote in message news:1166439105.5815.280961457@webmail.messagingengine.com...
Hi George,
On Fri, 15 Dec 2006 21:40:03 -0500, "George M. Garner Jr." <gmgarner@erols.com> said:
Has anyone developed a win32 schannel based ssl implementation for asio?
Not that I am aware of. It would be nice to have support for SSL on Windows without the dependency on openssl. I have no idea of the scope of such a task though, but I'm sure it's a non-trivial exercise.
Cheers, Chris _______________________________________________ Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost
Hi George, On Mon, 18 Dec 2006 17:50:03 -0500, "George M. Garner Jr." <gmgarner@erols.com> said:
Actually, SSL is almost trivial on Windows, particularly when you compare it with the OpenSSL implementation. See e.g., http://www.codeproject.com/internet/sslsocket.asp. Doing SSL within the context of IOCompletion ports is a bit more complicated, which this sample doesn't deal with. But presumable you have already cracked that nut with your OpenSSL implementation.
The openssl support was contributed, but I take your point. However this would be a good opportunity to rework the async support so that it supports stuff like custom memory allocation etc (the current one doesn't).
Actually, to answer my own question, it looks like I would need to parameterize the service_impl_type in the context_service class: [...]
I suggest doing an initial implementation that doesn't need to modify asio itself, and so simply provide new implementations of the ssl::basic_context's Service template parameter and the ssl::stream's Service template parameter. E.g.: class schannel_context_service { ... }; class schannel_stream_service { ... }; typedef ssl::basic_context<schannel_context_service> my_ssl_context; typedef ssl::stream<ip::tcp::socket, schannel_stream_service> my_ssl_socket; Once that's working we can look at merging it in as the default implementation on Windows.
Is 0.3.7 still the current release?
It would be much better to work against what's in CVS, if you can. Cheers, Chris
Christopher,
It would be much better to work against what's in CVS, if you can.
Does that depend on boost-1.34.0? I would prefer something that is able to build under boost-1.33.x. I am reluctant to rely upon something that might never see the light of day. Why don't you just make a new snapshot available if 0.3.7 is out of date? Regards, George.
On 12/20/06, George M. Garner Jr. <gmgarner@erols.com> wrote:
Christopher,
It would be much better to work against what's in CVS, if you can.
Does that depend on boost-1.34.0? I would prefer something that is able to build under boost-1.33.x. I am reluctant to rely upon something that might never see the light of day. Why don't you just make a new snapshot available if 0.3.7 is out of date?
What do you mean with something that might never see the light of day?
Regards,
George.
-- Felipe Magno de Almeida
Felipe,
What do you mean with something that might never see the light of day?
Because the future has yet to be done it is inherently uncertain; and since there is as yet not even a schedule for the 1.34.0 release, I do not deem it prudent to tie my own production schedule to something that may or may not happen in the future. If there were at least a release candidate I might be willing to take a chance on it. But as you see, that is not the case. Regards, George.
participants (3)
-
Christopher Kohlhoff -
Felipe Magno de Almeida -
George M. Garner Jr.