My Https C++ Code Doesn't Work On Some Sites (binance)

- 1 answer

I made a https class in C++ using OpenSSL. It works on most sites/urls, but doesn't work with the following sites/urls:

I can open them using a browser/wget/postman, so they aren't bad link. I'm also sure my request/headers are valid & correct. I suspected SSL versions problems, but I tried all the versions in OpenSSL but no luck (SSLv3, TLS 1.1/1.2)

The server close my connection immediately, even before I send my headers.

This is an example of what my request looks like, and I don't think it's wrong. Because I can't find anything wrong and the same code works with other sites/urls.

GET /api/v1/exchangeInfo HTTP/1.1
Accept: */*
Accept-Encoding: gzip,deflate
Connection: keep-alive
User-Agent: evo

I have no idea what caused it. Anyone knows why?


  SslSocket ssl;
  st = ssl.create();
  st = ssl.connect("");

  const char* req_header = "GET /api/v1/exchangeInfo HTTP/1.1\r\n"
      "Host: " "" "\r\n"
  st = ssl.send(req_header, strlen(req_header));

  while (true){
      char buff[ 1024 ] = {};
      size_t recv_size = 0;
      st = ssl.recv(recv_size, buff, sizeof(buff) - 1);
      if (!st) break;

      if (recv_size > 0)
          fwrite(buff, 1, recv_size, stdout);

I did something like this to setup my ssl socket:

const SSL_METHOD *method = SSLv23_client_method(); 
_ctx = SSL_CTX_new(method);
_ssl = SSL_new(_ctx);
SSL_set_fd(_ssl, _socket.fd());
printf("SSL_get_version2: %s\n", SSL_get_version(_ssl));


This site requires that the client is using the SNI extension. Without SNI extension you get this:

$ openssl s_client -connect
140269619467928:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:772:
    Protocol  : TLSv1.2
    Cipher    : 0000

With SNI extension you get this:

$ openssl s_client -connect -servername
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256

To use SNI in your code use SSL_set_tlsext_host_name. See this code in s_client.c for how to use this function.