CODEWITHSUNDEEP
c++winapiwinhttp
Storm
Storm

Reputation: 13

How to receive data with WinHttpSendRequest from localhost

I try to receive some data using GET Parameter. When i try to get the data from a webadress it works fine. Just i changed the webserver to localhost i will not receive the data and get ERROR 12175

What do i have to change, that my code works for web-connection AND for localhost testing?

When i type the localhost adress to my browser i wil receive the expected result.

LPCWSTR server = L"www.airfieldmanager-game.de";    //this works fine
//LPCWSTR server = L"localhost";    //causes Error 12175 at WinHttpSendRequest. Variables hSession, hConnect and cRequest looks fine.
LPCWSTR serverRequest = L"/php/TestCURL.php?data=1&param=Gesendete Daten!";

// Use WinHttpOpen to obtain a session handle.
hSession = WinHttpOpen(L"WinHTTP Example/1.0",
    WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
    WINHTTP_NO_PROXY_NAME,
    WINHTTP_NO_PROXY_BYPASS, 0);

// Specify an HTTP server.
if (hSession)
    hConnect = WinHttpConnect(hSession, server,
    INTERNET_DEFAULT_HTTP_PORT, 0);

// Create an HTTP request handle.
if (hConnect)
    hRequest = WinHttpOpenRequest(hConnect, L"GET", serverRequest,
    NULL, WINHTTP_NO_REFERER,
    WINHTTP_DEFAULT_ACCEPT_TYPES,
    WINHTTP_FLAG_SECURE);

// Send a request.
if (hRequest)
    bResults = WinHttpSendRequest(hRequest,
    WINHTTP_NO_ADDITIONAL_HEADERS, 0,
    WINHTTP_NO_REQUEST_DATA, 0,
    0, 0);


// End the request.
if (bResults)
    bResults = WinHttpReceiveResponse(hRequest, NULL);

if (!bResults)
{
    int i = GetLastError();    //when using loscalhost i becomes 12175
}

Upvotes: 1

Views: 3701

Answers (1)

RbMm
RbMm

Reputation: 33716

error 12175 this is ERROR_WINHTTP_SECURE_FAILURE. the WinHttpSendRequest explain when this error happens and how get more info about it:

One or more errors were found in the Secure Sockets Layer (SSL) certificate sent by the server. To determine what type of error was encountered, verify through a WINHTTP_CALLBACK_STATUS_SECURE_FAILURE notification in a status callback function.

so for debug diagnostic how minimum you need write self cb:

void CALLBACK WinHttpStatusCB(
                                      __in  HINTERNET hInternet,
                                      __in  DWORD_PTR dwContext,
                                      __in  DWORD dwInternetStatus,
                                      __in  LPVOID lpvStatusInformation,
                                      __in  DWORD dwStatusInformationLength
                                      )
{
    switch (dwInternetStatus)
    {
    case WINHTTP_CALLBACK_STATUS_SECURE_FAILURE:
        if (lpvStatusInformation && dwStatusInformationLength == sizeof(ULONG))
        {
            DbgPrint("SECURE_FAILURE:[%x]\n", *(PULONG)lpvStatusInformation);
            // ...
        }
        break;
    //...
    }
}

and activate it:

WinHttpSetStatusCallback(hSession, WinHttpStatusCB, WINHTTP_CALLBACK_FLAG_ALL_NOTIFICATIONS, 0);

or 

WinHttpSetStatusCallback(hSession, WinHttpStatusCB, WINHTTP_CALLBACK_FLAG_SECURE_FAILURE, 0);

with this you can gor exactly reason of failure - several WINHTTP_CALLBACK_STATUS_FLAG_* flags.

If the dwInternetStatus argument is WINHTTP_CALLBACK_STATUS_SECURE_FAILURE, then lpvStatusInformation points to a DWORD which is a bitwise-OR combination of one or more of the following values. read more

however and from general view we can understand - the CN in sertificat which use server must be the same as site dns name used in request. if you use localhost here - then CN name of server certificate must be also local host or you got how minimum WINHTTP_CALLBACK_STATUS_FLAG_CERT_CN_INVALID:

SSL certificate common name (host name field) is incorrect, for example, if you entered localhost and the common name on the certificate says heilpraxis-einssein.de.

for not got such errors you can use WinHttpSetOption with WINHTTP_OPTION_SECURITY_FLAGS. you need think how minimum set SECURITY_FLAG_IGNORE_CERT_CN_INVALID

Allows an invalid common name in a certificate; that is, the server name specified by the application does not match the common name in the certificate. If this flag is set, the application does not receive a WINHTTP_CALLBACK_STATUS_FLAG_CERT_CN_INVALID callback.

but can set multiple flags:

            ULONG flags = 
                SECURITY_FLAG_IGNORE_UNKNOWN_CA|
                SECURITY_FLAG_IGNORE_CERT_DATE_INVALID|
                SECURITY_FLAG_IGNORE_CERT_CN_INVALID|
                SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;

            WinHttpSetOption(hRequest, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));

Upvotes: 2

Related Questions