gsoap https 问题

linxren 2011-09-05 09:50:18

现在使用WITH_OPENSS选项编译。

客户端加入：
soap_ssl_init();
if( soap_ssl_client_context(&SmsWBS_soap, SOAP_SSL_NO_AUTHENTICATION, NULL, NULL, NULL, NULL, NULL) ) {
soap_print_fault(&SmsWBS_soap, stderr);
return -1;
}

服务端加入：
soap_ssl_init();
if( soap_ssl_server_context( &SmsWBS_soap, SOAP_SSL_DEFAULT, "pem/server.pem", "password", NULL, NULL, "pem/dh512.pem", NULL, argv[0] ) ){
soap_print_fault(&SmsWBS_soap, stderr);
exit(-1);
}

编译调用都成功。但是客户端调用服务很久才有返回，差不多10秒吧。我跟代码，发现gsoap服务端最后调用soap_closesock函数很慢。
是soap_ssl_client_context 和 soap_ssl_server_context这两个函数引起的吗？这两个函数中的证书怎么用？

...全文

512 7 打赏收藏转发到动态举报

写回复

用AI写文章

7 条回复

切换为时间正序

请发表友善的回复…

发表回复

linxren 2011-09-06

打赏
举报

解决了：
http://www.cs.fsu.edu/~engelen/soapbugs.html
中提到了修正这个bug：
The following is a fix to improve SSL shutdown speed (stdsoap2.c[pp] line 4630) by replacing SOAP_TCP_SELECT_SND by SOAP_TCP_SELECT_RCV:

{ /*
wait up to 10 seconds for close_notify to be sent by peer (if peer not
present, this avoids calling SSL_shutdown() which has a lengthy return
timeout)
*/
r = tcp_select(soap, soap->socket, SOAP_TCP_SELECT_RCV | SOAP_TCP_SELECT_ERR, 10);

在stdsoap2.c[pp]文件中，找到tcp_disconnect函数，将上面的tcp_select调用中的SOAP_TCP_SELECT_SND 改成 SOAP_TCP_SELECT_RCV 就可以了。

linxren 2011-09-05

打赏
举报

为什么SSL_shutdown(soap->ssl)会返回0，是不是表示还没收到对方的关闭消息？

linxren 2011-09-05

打赏
举报

#ifndef WITH_NOIO

#ifndef PALM_1

static int

tcp_disconnect(struct soap *soap)

{

#ifdef WITH_OPENSSL

  if (soap->ssl)

  { int r, s = 0;

    if (soap->session)

    { SSL_SESSION_free(soap->session);

      soap->session = NULL;

    }

    if (*soap->host)

    { soap->session = SSL_get1_session(soap->ssl);

      if (soap->session)

      { strcpy(soap->session_host, soap->host);

        soap->session_port = soap->port;

      }

    }

    r = SSL_shutdown(soap->ssl);

    /* SSL shutdown does not work when reads are pending */

    while (SSL_want_read(soap->ssl))

    { SSL_read(soap->ssl, NULL, 0);

      if (soap_socket_errno(soap->socket) != SOAP_EAGAIN)

      { r = SSL_shutdown(soap->ssl);

	break;

      }

    }

    if (r == 0)

    { if (soap_valid_socket(soap->socket))

      { if (!soap->fshutdownsocket(soap, soap->socket, 1))

        { /*

          wait up to 10 seconds for close_notify to be sent by peer (if peer not

          present, this avoids calling SSL_shutdown() which has a lengthy return

          timeout)

          */

          //这一句它等了10s？  这是为什么呢？

          r = tcp_select(soap, soap->socket, SOAP_TCP_SELECT_SND | SOAP_TCP_SELECT_ERR, 10);

          if (r <= 0 && soap->errnum != SOAP_EINTR)

          { soap->errnum = 0;

            DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Connection lost...\n"));

            soap->fclosesocket(soap, soap->socket);

            soap->socket = SOAP_INVALID_SOCKET;

            ERR_remove_state(0);

            return SOAP_OK;

          }

        }

      }

    }

    if (r != 1)

    { s = ERR_get_error();

      if (s)

      { DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Shutdown failed: %d\n", SSL_get_error(soap->ssl, r)));

        if (soap_valid_socket(soap->socket) && !(soap->omode & SOAP_IO_UDP))

        { soap->fclosesocket(soap, soap->socket);

          soap->socket = SOAP_INVALID_SOCKET;

        }

      }

    }

    SSL_free(soap->ssl);

    soap->ssl = NULL;

    if (s)

      return SOAP_SSL_ERROR;

    ERR_remove_state(0);

  }

#endif

  if (soap_valid_socket(soap->socket) && !(soap->omode & SOAP_IO_UDP))

  { soap->fshutdownsocket(soap, soap->socket, 2);

    soap->fclosesocket(soap, soap->socket);

    soap->socket = SOAP_INVALID_SOCKET;

  }

  return SOAP_OK;

}

#endif

#endif



/******************************************************************************/

#ifndef WITH_NOIO

#ifndef PALM_1

static int

tcp_closesocket(struct soap *soap, SOAP_SOCKET fd)

{ DBGLOG(TEST, SOAP_MESSAGE(fdebug, "Close socket %d\n", (int)fd));

  return soap_closesocket(fd);

}

#endif

#endif