79575686

Date: 2025-04-15 17:09:37
Score: 4
Natty:
Report link

The following code worked, the original issue was raised long back , do we have any alternate solution than resetting security flags?

       // Send the request with body if present
       BOOL sendResult = false;
       bool retry = false;
       do
       {
           retry = false;

           sendResult = WinHttpSendRequest(
               hRequestRaw,
               WINHTTP_NO_ADDITIONAL_HEADERS,
               0,
               (bodyVector.empty() ? NULL : static_cast<LPVOID>(bodyVector.data())),
               (bodyVector.empty() ? 0 : static_cast<DWORD>(bodyVector.size())),
               (bodyVector.empty() ? 0 : static_cast<DWORD>(bodyVector.size())),
               NULL
           );
           // no retry on success, possible retry on failure
           if (sendResult == FALSE)
           {
               DWORD sendError = GetLastError();

               // (1) If you want to allow SSL certificate errors and continue
               // with the connection, you must allow and initial failure and then
               // reset the security flags. From: "HOWTO: Handle Invalid Certificate
               // Authority Error with WinInet"
               // http://support.microsoft.com/default.aspx?scid=kb;EN-US;182888
               if (sendError == ERROR_WINHTTP_SECURE_FAILURE)
               {
                   DWORD dwFlags =
                       SECURITY_FLAG_IGNORE_UNKNOWN_CA |
                       SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE |
                       SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
                       SECURITY_FLAG_IGNORE_CERT_DATE_INVALID;

                   if (WinHttpSetOption(
                       hRequestRaw,
                       WINHTTP_OPTION_SECURITY_FLAGS,
                       &dwFlags,
                       sizeof(dwFlags)))
                   {
                       retry = true;
                   }
               }
               // (2) Negotiate authorization handshakes may return this error
               // and require multiple attempts
               // http://msdn.microsoft.com/en-us/library/windows/desktop/aa383144%28v=vs.85%29.aspx
               else if (sendError == ERROR_WINHTTP_RESEND_REQUEST)
               {
                   retry = true;
               }
           }
       } while (retry);
Reasons:
  • RegEx Blacklisted phrase (2.5): do we have any
  • Long answer (-1):
  • Has code block (-0.5):
  • Ends in question mark (2):
  • Low reputation (1):
Posted by: Vipul P