[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL to Bank of America (was RE: SSL/GSKit message)

To: ftpapi@xxxxxxxxxxxxx
Subject: Re: SSL to Bank of America (was RE: SSL/GSKit message)
From: Sean Porterfield <sporter@xxxxxxxxxxxx>
Date: Fri, 07 Apr 2006 17:42:08 -0400
In-reply-to: <EA985E321704D411BD0F009027B1030C091EBF05@wv_exch.watervalley.ets.borgwarner.net>
Organization: Best Distributing Co.
References: <EA985E321704D411BD0F009027B1030C091EBF05@wv_exch.watervalley.ets.borgwarner.net>
Reply-to: ftpapi@xxxxxxxxxxxxx
Sender: owner-ftpapi@xxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)

Sender: Sean Porterfield <sporter@xxxxxxxxxxxx>

Goodbar, Loyd (ETS - Water Valley) wrote:

Sender: "Goodbar, Loyd (ETS - Water Valley)" <LGoodbar@xxxxxxxxxxxxxx>

Just a thought, I would try using the http_url_encoder. Do you need to send
the trailing CRLF on your post data? I let Scott's code handle the setup and
encoding.

I didn't RTFM enough to know about http_url_encoder and had only added the CRLF based on information I found in another post. I have now changed my code accordingly.

Just in case, I tried it with https_init and https_cleanup as well. If I got a certificate error, I could understand needing to do that (because I would have configured the application to trust the certificate but the default might not). I don't see that problem, though.

Their program doesn't like what I'm sending, but I don't know why.

H DFTACTGRP(*NO) ACTGRP(*NEW) BNDDIR('LIBHTTP/HTTPAPI')

D/copy libhttp/qrpglesrc,httpapi_h

     D Enc             s                   like(HTTP_URL_ENCODER)
     D rc              s             10I 0
     D msg             s             52A
     D URI             s           1024A
     D myPointer       s               *
     D dataSize        s             10I 0
     D USERID          s              8A   INZ('TEST    ')
     D PASSWD          s              8A   INZ('TEST    ')

c eval *inlr = *on

      * Turn on debugging
     c                   callp     http_debug(*ON)
      * Turn on cookie support
     c                   callp     http_use_cookies(*ON)

      *--------------------------------------------------------------------
      * BOA provided the URL of https://elink-http4.bankofamerica.com which
      * has HTTP-EQUIV "Refresh" CONTENT="0;URL=cehttp/html/main.htm"

      * main.htm is a frameset which contains:
      *  top:   logo.htm
      *  left:  linkdoc.htm
      *  right: splash.htm

      * linkdoc.htm is the one that interests us because it links to
      * logon.htm (Logon), download.htm (Receive), upload.htm (Send)

      * logon.htm has the following fields:
      *   remote
      *   password
      *   Submit = Submit
      *   operation = LOGON
      *--------------------------------------------------------------------

     c                   eval      URI = 'https://elink-http4.bankofamerica' +
     c                             '.com/servlet/MailboxServlet'
     c                   eval      Enc = http_url_encoder_new
     c                   callp     http_url_encoder_addvar_s( Enc
     c                                                      : 'remote'
     c                                                      : USERID )
     c                   callp     http_url_encoder_addvar_s( Enc
     c                                                      : 'password'
     c                                                      : PASSWD )
     c                   callp     http_url_encoder_addvar_s( Enc
     c                                                      : 'Submit'
     c                                                      : 'Submit' )
     c                   callp     http_url_encoder_addvar_s( Enc
     c                                                      : 'operation'
     c                                                      : 'LOGON' )
     c                   callp     http_url_encoder_getptr( Enc
     c                                                      : myPointer
     c                                                      : dataSize )
     c                   eval      rc = http_url_post(URI: myPointer :
     c                             dataSize :
     c                             '/tmp/httptest.html':
     c                             HTTP_TIMEOUT:
     c                             HTTP_USERAGENT:
     c                             'application/x-www-form-urlencoded')
     c                   callp     http_url_encoder_free( Enc )
     c                   if        rc <> 1
     c                   eval      msg = http_error
     c                   dsply                   msg
     c                   return
     c                   endif

c return

/tmp/httptest.html contains: Your browser sent a message this server could not understand.

httpapi_debug.txt contains:

HTTPAPI Ver 1.15 released 2006-03-30

New iconv() objects set, ASCII=819. EBCDIC=0

http_url_post(): entered

http_persist_open(): entered

http_long_ParseURL(): entered

https_init(): entered

------------------------------------------------------------------------------------- Dump of local-side certificate information:

------------------------------------------------------------------------------------- ------------------------------------------------------------------------------------- Dump of server-side certificate information:

------------------------------------------------------------------------------------- Cert Validation Code = 0

-----BEGIN CERTIFICATE-----

[certificate data here] -----END CERTIFICATE-----

Serial Number: 0F:88:9C:83:C1:BB:10:5B:64:52:35:B3:D1:77:73:C8

Common Name: elink-http4.bankofamerica.com

Country: US

State/Province: North Carolina

Locality: Charlotte

Org Unit: Bank of America Corporation

Org: Terms of use at www.verisign.com/rpa (c)00, OU=ETIS

Issuer Org: VeriSign Trust Network

Issuer Org Unit: www.verisign.com/CPS Incorp.by Ref. LIABILITY LTD.(c)97 VeriSign, OU=VeriSign International Server CA - Class 3, OU Unknown Field: 03

Unknown Field: 20060108200000

Unknown Field: 20070109195959

Unknown Field: 1.2.840.113549.1.1.5


Protocol Used: SSL Version 3
http_persist_post(): entered
http_long_ParseURL(): entered
do_post(): entered
POST /servlet/MailboxServlet
Host: elink-http4.bankofamerica.com
User-Agent: http-api/1.15
Content-Type: application/x-www-form-urlencoded
Expect: 100-continue
Content-Length: 63


recvresp(): entered
HTTP/1.1 400 Bad Request
Server: Netscape-Enterprise/3.6 SP3

SetError() #13: HTTP/1.1 400 Bad Request

recvdoc parms: identity 0

header_load_cookies() entered

recvdoc(): entered

SetError() #0:

Your browser sent a message this server could not understand.

(GSKit) An operation which is not valid for the current SSL session state was attempted. ssl_error(5): (GSKit) An operation which is not valid for the current SSL session state was attempted. SetError() #44: CommSSL_read: read:(GSKit) An operation which is not valid for the current SSL SetError() #13: HTTP/1.1 400 Bad Request

http_close(): entered

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------

Follow-Ups:
- Re: SSL to Bank of America (was RE: SSL/GSKit message)
  - From: Scott Klement

References:
- RE: SSL to Bank of America (was RE: SSL/GSKit message)
  - From: Goodbar, Loyd (ETS - Water Valley)

Prev by Date: Re: HTTPAPI http_use_cookies
Next by Date: Re: SSL to Bank of America (was RE: SSL/GSKit message)
Previous by thread: RE: SSL to Bank of America (was RE: SSL/GSKit message)
Next by thread: Re: SSL to Bank of America (was RE: SSL/GSKit message)
Index(es):
- Date
- Thread