wqweto / VbAsyncSocket

Sockets with pure VB6 impl of TLS encryption
MIT License
166 stars 33 forks source link

Unable to receive response in Windows 10 for POST request to API #42

Open mskhaled opened 8 months ago

mskhaled commented 8 months ago

I'm encountering an issue where a particular section of code is not returning a response when executed on Windows 10. The code snippet in question is as follows:

.Open_ "POST", "https://apiv1.spapharmainvest.com:5443/efa_sud/api/login", False
.SetRequestHeader "Authorization", "Basic Q0wwMDAwMjM6T0xyVENkcmE="
.SetRequestHeader "Cache-Control", "no-cache"
.SetRequestHeader "Content-Length", 0
.SetRequestHeader "Accept", "*/*"
.SetRequestHeader "Connection", "keep-alive"
.SetRequestHeader "Accept-Encoding", "gzip, deflate" ', br"
.SetRequestHeader "Accept-Language", "fr-FR,fr;q=0.8"
.Option_(WinHttpRequestOption_UserAgentString) = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.87 Safari/537.36"       
.Send

This code is intended to send a POST request to the specified API endpoint, but it fails to return a response when run on a Windows 10 environment. However, it seems to work as expected on other platforms.

Expected behavior: The code should send a POST request to the specified API endpoint and receive a response, regardless of the operating system.

Actual behavior: The code executes without errors, but it does not receive a response on Windows 10.

Steps to reproduce:

Run the provided code snippet on a Windows 10 environment. Observe that no response is received.

Environment: Operating System: Windows 10 Programming Language: VB6

wqweto commented 8 months ago

Note that apiv1.spapharmainvest.com:5443 TLS server does not support TLS 1.2 (and TLS 1.3)

C:> openssl s_client -connect apiv1.spapharmainvest.com:5443 -state -tls1_2
CONNECTED(0000020C)
SSL_connect:before SSL initialization
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS write client hello
SSL3 alert write:fatal:protocol version
SSL_connect:error in error
13164:error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol:../openssl-1.1.1m/ssl/statem/statem_lib.c:1957:

... but only supports up to TLSv1

C:> openssl s_client -connect apiv1.spapharmainvest.com:5443 -state -tls1
CONNECTED(00000218)
SSL_connect:before SSL initialization
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS read server hello
depth=0 CN = WebServ-PC.phi-sud.com
verify error:num=18:self signed certificate
verify return:1
depth=0 CN = WebServ-PC.phi-sud.com
verify return:1
SSL_connect:SSLv3/TLS read server certificate
SSL_connect:SSLv3/TLS read server done
SSL_connect:SSLv3/TLS write client key exchange
SSL_connect:SSLv3/TLS write change cipher spec
SSL_connect:SSLv3/TLS write finished
SSL_connect:SSLv3/TLS write finished
SSL_connect:SSLv3/TLS read change cipher spec
SSL_connect:SSLv3/TLS read finished
---
Certificate chain
 0 s:CN = WebServ-PC.phi-sud.com
   i:CN = WebServ-PC.phi-sud.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIC8DCCAdigAwIBAgIQQuXtY9/bg4dM/eGOyqElYzANBgkqhkiG9w0BAQUFADAh
MR8wHQYDVQQDExZXZWJTZXJ2LVBDLnBoaS1zdWQuY29tMB4XDTIzMTEwNTE0Mzcw
...

. . . but VbAsyncSocket supports only TLS 1.2 and TLS 1.3 incl. cHttpRequest replacement object.

Next release will report protocol unsupported versions more clearly since commit 41a63737f279d03dc2ab62a557f1f8846effb198

mskhaled commented 8 months ago

witch Alternative can you suggest for having response from that server?

wqweto commented 8 months ago

You can use built-in WinHttpRequest object for older TLS versions. On Win11 it even supports latest TLS 1.3

One caveat is that it does not support gzip/deflate compression on response so traffic volume might affect performance somewhat.

mskhaled commented 8 months ago

Thanks.