Discussion:
Talking to a raw SSL Socket (aka TCP/IP/SSL)
Raymond DeGennaro II
2006-09-11 19:45:07 UTC
Permalink
I have a need to talk to a raw socket (not HTTP, etc. protocol) via
SSL, basically text in and text back out. Can cURL handle that?

Ray
Dan Fandrich
2006-09-11 20:13:03 UTC
Permalink
Post by Raymond DeGennaro II
I have a need to talk to a raw socket (not HTTP, etc. protocol) via
SSL, basically text in and text back out. Can cURL handle that?
If you just need a raw socket, why do you need curl? Use use OpenSSL or
another SSL library directly.
Post by Raymond DeGennaro II
Dan
--
http://www.MoveAnnouncer.com The web change of address service
Let webmasters know that your web site has moved
Peter Sylvester
2006-09-12 12:07:10 UTC
Permalink
Post by Dan Fandrich
Post by Raymond DeGennaro II
I have a need to talk to a raw socket (not HTTP, etc. protocol) via
SSL, basically text in and text back out. Can cURL handle that?
If you just need a raw socket, why do you need curl? Use use OpenSSL or
another SSL library directly.
Sometimes the 'raw' application is behind one of those proxies that
curls handles
quite nicely. One case is a proxy with a CONNECT, many client applications
support this, since it is simple, but then there are the proxy
authentications etc.
Why not having a little spin off of curl just for the proxy parts.
--
To verify the signature, see http://edelpki.edelweb.fr/
Cela vous permet de charger le certificat de l'autorité;
die Liste mit zurückgerufenen Zertifikaten finden Sie da auch.
Daniel Stenberg
2006-09-12 12:13:47 UTC
Permalink
Sometimes the 'raw' application is behind one of those proxies that curls
handles quite nicely. One case is a proxy with a CONNECT, many client
applications support this, since it is simple, but then there are the proxy
authentications etc. Why not having a little spin off of curl just for the
proxy parts.
Right, that can be done if you use libcurl's CURLOPT_CONNECT_ONLY option
together with CURLINFO_LASTSOCKET.
--
Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Peter Sylvester
2006-09-12 12:29:15 UTC
Permalink
Post by Daniel Stenberg
Post by Peter Sylvester
Sometimes the 'raw' application is behind one of those proxies that
curls handles quite nicely. One case is a proxy with a CONNECT, many
client applications support this, since it is simple, but then there
are the proxy authentications etc. Why not having a little spin off
of curl just for the proxy parts.
Right, that can be done if you use libcurl's CURLOPT_CONNECT_ONLY
option together with CURLINFO_LASTSOCKET.
Isn't it nice that curl already supports all the required stuff? with
openssl then one just gives the
fd to the SSL and you continue withe the openssl api.
--
To verify the signature, see http://edelpki.edelweb.fr/
Cela vous permet de charger le certificat de l'autorité;
die Liste mit zurückgerufenen Zertifikaten finden Sie da auch.
Kevin Carothers
2006-09-11 20:24:08 UTC
Permalink
Hi Ray
Post by Raymond DeGennaro II
I have a need to talk to a raw socket (not HTTP, etc. protocol) via
SSL, basically text in and text back out. Can cURL handle that?
You didn't really give us a hint as to what environment you're on- but as a
Perl user my first inclination would be to look at IO::Socket::SSL (
www.cpan.org) -

HTH

KC
Daniel Stenberg
2006-09-11 20:18:06 UTC
Permalink
I have a need to talk to a raw socket (not HTTP, etc. protocol) via SSL,
basically text in and text back out. Can cURL handle that?
I'd suggest you use nc and stunnel for that.
--
Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Raymond DeGennaro II
2006-09-15 12:55:43 UTC
Permalink
{Odd, none of these replies made it to me.}
From: Dan Fandrich <dan_at_coneharvesters.com>
Date: 2006-09-11
Post by Raymond DeGennaro II
I have a need to talk to a raw socket (not HTTP, etc. protocol) via
SSL, basically text in and text back out. Can cURL handle that?
If you just need a raw socket, why do you need curl? Use use OpenSSL or
another SSL library directly.
I'm shelling out from a database, need to call an OS-level executable
and would rather not reinvent the wheel.
From: Daniel Stenberg <daniel_at_haxx.se>
Date: 2006-09-11
I'd suggest you use nc and stunnel for that.
I know there's other tools, I just already have a wrapper around curl
and didn't want to add another parameter to the call or write an
almost duplicate routine. I'm not sure how ubiquitous nc and stunnel
are.
From: Kevin Carothers <kevindotcar_at_gmail.com>
Date: 2006-09-11
You didn't really give us a hint as to what environment you're on- but as a
Perl user my first inclination would be to look at IO::Socket::SSL (
www.cpan.org)
Perl is great, but it's surprising how many platforms do not have it
installed by default, how many platforms don't ship with ANSI
compilers and how many platforms it's a pain to install one or both.

cURL is nice because I can just throw a URL and some option flags at
it and it does what we need. The install is minimally painful
because I can build full-static versions (OpenSSL built in) and only
need to find one server of each given OS (we're supporting several
flavors of linux, HP-UX 10/20 and 11/20, AIX, Solaris, DG-UX, Win32
-- I feel I'm missing one ...) that has an ANSI compiler,the GNU
tools, OpenSSL and perl (if OpenSSL needs to be built).
From my point of view, I'd love to see cURL enhanced to handle a
<socket://> URL, but I understand why that could be unrealistic.
Ray
Daniel Stenberg
2006-09-15 13:06:21 UTC
Permalink
From my point of view, I'd love to see cURL enhanced to handle a
<socket://> URL, but I understand why that could be unrealistic.
Well, that's pretty much what telnet:// is, isn't it?
--
Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Raymond DeGennaro II
2006-09-15 13:31:31 UTC
Permalink
Post by Daniel Stenberg
From my point of view, I'd love to see cURL enhanced to handle a
<socket://> URL, but I understand why that could be unrealistic.
Well, that's pretty much what telnet:// is, isn't it?
Kind of, but I can't just do something like:
curl telnet://1.2.3.4:5678 --data-ascii "blah blah blah"
to throw a chunk of text at socket via SSL and get the response back, can I?

Ray
Daniel Stenberg
2006-09-15 13:39:36 UTC
Permalink
Post by Raymond DeGennaro II
Post by Daniel Stenberg
Well, that's pretty much what telnet:// is, isn't it?
curl telnet://1.2.3.4:5678 --data-ascii "blah blah blah"
to throw a chunk of text at socket via SSL and get the response back, can I?
First, telnet:// is not SSL so it'd of course only work on a "plain socket",
and then you'd have to:

echo "blablablah" | curl telnet://1.2.3.4:5678 > output

... but all this said, the telnet support in curl isn't the best integrated
protocol.
--
Commercial curl and libcurl Technical Support: http://haxx.se/curl.html
Loading...