对soap_ssl_accept的调用始终会导致错误SSL23_GET_CLIENT_HELLO:unknown protocol。我通过设置SOAP_SSL_NO_AUTHENTICATION尽可能简化了服务器身份验证。我将其分解为以下服务器和客户端代码。你能帮我找一个有效的例子吗?
服务器端:
#include <cstdio>
#include "ADService.nsmap" // get namespace bindings
#include "stdsoap2.h"
#include "soapH.h"
int ns1__add(struct soap *soap, xsd__int a, xsd__int b, xsd__int& c) {
c = a + b;
return SOAP_OK;
}
int main() {
int m, s;
struct soap soap;
soap_ssl_init(); // init OpenSSL (just once)
soap_init(&soap);
if (soap_ssl_server_context(&soap,
SOAP_SSL_NO_AUTHENTICATION,
NULL, // keyfile: required when server must authenticate to clients
NULL, // password to read the key file
NULL, // optional cacert file to store trusted certificates
NULL, // optional capath to directory with trusted certificates
NULL, // DH file name or DH key len bits
NULL, // if randfile!=NULL: use a file with random data
NULL)) {
soap_print_fault(&soap, stderr);
exit(1);
}
m = soap_bind(&soap, NULL, 18000, 100); // use port 18000
if (m < 0) {
soap_print_fault(&soap, stderr);
exit(1);
}
printf("Socket connection successful: master socket = %d\n", m);
for (;;) {
s = soap_accept(&soap);
printf("Socket connection successful: slave socket = %d\n", s);
if (s < 0) {
soap_print_fault(&soap, stderr);
break;
}
if (soap_ssl_accept(&soap))
soap_print_fault(&soap, stderr);
else
soap_serve(&soap);
soap_destroy(&soap);
soap_end(&soap);
soap_free(&soap); // done and free context
}
soap_done(&soap); /* deallocates SSL context */
return 0;
}
客户端:
#include <iostream>
#include "soapH.h" // obtain the generated stub
#include "ADService.nsmap" // obtain the namespace mapping table
int main(int argc, const char* argv[]) {
soap soap;
soap_ssl_init();
soap_init(&soap);
if (soap_ssl_client_context(&soap,
SOAP_SSL_NO_AUTHENTICATION,
NULL, // keyfile: required only when client must authenticate to server
NULL, // password to read the key file (not used with GNUTLS)
NULL, // cacert file to store trusted certificates
NULL, // capath to directory with trusted certificates
NULL // if randfile!=NULL: use a file with random data to seed randomness
)) {
soap_print_fault(&soap, stderr);
return 1;
}
xsd__int result;
if(soap_call_ns1__add(
&soap, "localhost:18000", 0, 1, 2, result) != SOAP_OK) {
soap_print_fault(&soap, stderr);
soap_print_fault_location(&soap, stderr);
return 1;
}
printf("Result = %d", result);
soap_destroy(&soap);
soap_end(&soap);
soap_done(&soap);
return 0;
}
服务器端的输出:
套接字连接成功:主插座= 1916
套接字连接成功:slave socket = 1912
错误30错误:SOAP-ENV:服务器[无子代码]
“SSL_ERROR_SSL
错误:140760FC:SSL例程:SSL23_GET_CLIENT_HELLO:unknown&gt;协议“
细节:soap_ssl_accept()中的SSL_accept()失败 按任意键继续
答案 0 :(得分:0)
这不是一个明确的答案。但可能有所帮助。我怎么会得到你所看到的错误:
3077928696:错误:140760FC:SSL例程:SSL23_GET_CLIENT_HELLO:未知协议:s23_srvr.c:628
当与服务器成功进行TCP连接时,客户端会发送格式错误的client_hello消息。我基本上在我的测试中发送TCP连接后的垃圾字节。
捕获tcpdump b / w服务器和客户端,看看从客户端发出什么。
答案 1 :(得分:0)
使用主机名soap_call_ns1__add拨打https://localhost:18000解决了这个问题。