Share via

Secure Socket Control Codes (Compact 2013)

  • Article

3/26/2014

You can specify a particular operation to perform by calling WSAIoctl or WSPIoctl with a specific control code, as defined by the dwIoControlCode parameter. This parameter allows protocol and vendor independence when adding new control codes, while it retains backward compatibility with the Winsock 1.1 and Unix control codes.

The following table shows the available control codes.

Control Code

Description

SO_SSL_GET_PROTOCOLS

Specify a particular security protocol, or determine the default protocols. Then call WSAIoctl with the SO_SSL_SET_PROTOCOLS control code to select the protocols to be enabled. Otherwise, Windows Embedded Compact selects the protocol.

SO_SSL_PERFORM_HANDSHAKE

Switch to secure mode and pass in the target server name.

SO_SSL_SET_FLAGS

Set the socket in the mode determined by the flag. For example, if the control code is SO_SSL_SET_FLAGS and the flag is set to SSL_FLAG_DEFER_HANDSHAKE, then the socket is in deferred handshake mode.

SO_SSL_SET_PEERNAME

Ensure that the server on the certificate is the same name as the desired server.

SO_SSL_SET_PROTOCOLS

Selects the protocols to be enabled. Otherwise, Windows Embedded Compact selects the protocol.

SO_SSL_SET_VALIDATE_CERT_HOOK

Specify the certificate validation callback function

For information about the form for the dwIoControlCode parameter, see WSAIoctl or WSPIoctl.

SO_SSL_SET_PEERNAME

By using Winsock secure sockets, you can ensure that the server on the certificate has the same name as the desired server. You do this by passing the SCH_CRED_NO_SERVERNAME_CHECK flag to the CompletionRoutine.

CompletionRoutine is a placeholder for an application-defined or library-defined function.

For more information about CompletionRoutine, see WSAIoctl. For more information about the SCH_CRED_NO_SERVERNAME_CHECK flag, see SCHANNEL_CRED.

You should call WSAIoctl with the SO_SSL_SET_PEERNAME control code after setting up the secure socket and prior to making the connection. The following code example shows how it should be called.

WSAIoctl(m_socket,
   SO_SSL_SET_PEERNAME,
   "www.<domain>.com", strlen("www.<domain>.com")+1,
   NULL, 0,
   NULL, NULL, NULL);.

The input buffer, parameter 3 is the ASCII null-terminated servername. The input buffer length is parameter 4.

See Also

Reference

Winsock Reference