visual c++ - WinHttp doesn't download from Amazon S3 on WinXP -

-

recently amazon has disabled support of ssl s3 buckets , seems causes problems on win xp sp3. use code

hsession = winhttpopen(l"mysession",                     winhttp_access_type_default_proxy,                     winhttp_no_proxy_name,                     winhttp_no_proxy_bypass, 0);   if (bhttps) {   dword flags = winhttp_flag_secure_protocol_tls1;   winhttpsetoption(hsession, winhttp_option_secure_protocols, &flags, sizeof(flags)); }  port = bhttps ? internet_default_https_port : internet_default_http_port; hconnect = winhttpconnect(hsession, srv_w, port, 0);     hrequest = winhttpopenrequest(hconnect, vrb_w, adr_w, null, winhttp_no_referer, null,  winhttp_flag_refresh | (bhttps ? winhttp_flag_secure : 0));  if (bhttps) {   dword dwsecflag = security_flag_ignore_cert_cn_invalid |                          security_flag_ignore_cert_date_invalid |                          security_flag_ignore_unknown_ca |                          security_flag_ignore_cert_wrong_usage;    winhttpsetoption(hrequest, winhttp_option_security_flags, &dwsecflag, sizeof(dwsecflag)); }  winhttpsendrequest(hrequest, hdr_w, (headers != null) ? -1 : 0, data, size, size, 0); winhttpreceiveresponse(hrequest, null);

this works on win7 , worked month or ago on winxp. winhttp error 12152: server returned invalid or unrecognized response. have enabled tracing , log fiel has different error:

17:47:47.057 ::*0000001* :: winhttpsendrequest(0x10a0000, "", 0, 0x0, 0, 0, 0) 17:47:47.135 ::*0000001* :: "s3.amazonaws.com" resolved 17:47:47.307 ::*0000001* :: winsock/rpc/ssl/transport error: 0x90312 [sec_i_continue_needed]

is there way fix problem without using 3rd party libraries? (browsers, including ie, download files without problems).

i'm having same issue. think may caused problem ssl_rsa_with_3des_ede_sha cipher chosen in winhttp on xp. try test: on xp machine, add new dword value called "enabled" key:

hkey_local_machine\system\currentcontrolset\control\securityproviders\schannel\ciphers\triple des 168/168

this disables cipher , seems fix issue me. not ideal solution however, , i'm still not sure of underlying issue. perhaps problem whatever crypto provider amazon using?


Comments

Post a Comment

Popular posts from this blog

c++ - No viable overloaded operator for references a map -

-
i trying use map can make tag names reference number. when try , use it, in code error (6 in total every time reference map): src/main.cpp:25:45: error: no viable overloaded operator[] type 'std::map<std::string, std::string>' const char* idcs = node.child_value(tagmap[3]); this code: #include "pugi/pugixml.hpp" #include <iostream> #include <string> #include <map> int main() { pugi::xml_document doca, docb; std::map<std::string, pugi::xml_node> mapa, mapb; std::map<std::string, std::string> tagmap {{"1", "data"}, {"2", "entry"}, {"3", "id"}, {"4", "content"}}; if (!doca.load_file("a.xml") || !docb.load_file("b.xml")) { std::cout << "can't find input files"; return 1; } (auto& node: doca.child(tagmap[1]).children(tagmap[2])) { co
Read more

java - Custom OutputStreamAppender not run: LOGBACK: No context given for <MYAPPENDER> -

-
i wish write custom appender on basis of outputstreamappender . wrote following class package tests; import java.io.ioexception; import java.io.outputstream; import ch.qos.logback.core.outputstreamappender; public class myappender<e> extends outputstreamappender<e> { public myappender() { system.out.println("myappender created"); setoutputstream(new outputstream() { @override public void write(int b) throws ioexception { throw new unsupportedoperationexception(); } }); } } then wrote following runner: package tests; import org.slf4j.loggerfactory; import ch.qos.logback.classic.logger; public class runner { private static final logger log = (logger) loggerfactory.getlogger(runner.class); public static void main(string[] args) { //log.addappender(new myappender<iloggingevent>()); log.info("hello world"); } } finall
Read more

java - Cannot secure connection using TLS -

-
i'm trying establish secure socket connection between java client applet (built jdk 1.7.0_75-b13) , vc++ server application. as test vehicle, used vc++ client/server sample found in msdn forums, modified use schannel , able establish socket using cipher suite tls_rsa_with_aes_128_cbc_sha. works of tls 1.0/1.1/1.2. when try opening socket java applet same server application, connection rejected server reporting following: tls 1.0 acceptsecuritycontext failed: 0x80090327 tls 1.1 acceptsecuritycontext failed: 0x80090331 tls 1.2 acceptsecuritycontext failed: 0x80090331 this java code used create socket: debugprint("setting secure connection"); sslsocketfactory sslsocketfactory = (sslsocketfactory) sslsocketfactory.getdefault(); sslsocket sslsocket = (sslsocket) sslsocketfactory.createsocket("127.0.0.1", socketnumber); debugprint("starting handshake"); sslsocket.settcpnodelay(true); sslsocket.setsolinger(false, 0); sslsocket.s
Read more