如何在 C++ 中使用 SSL gSOAP 生成的类
我需要在 C++ 中使用 gsoap 库,并且需要使用 https。文档说明了如何在 C 中使用 HTTPS,但在 C++ 中则不然 (http://www.cs.fsu.edu/~engelen/soapdoc2.html#tth_sEc19.20)。特别是,我在 soap_ssl_init(); 函数上出现计算错误。我查看了 /usr/lib/libgsoap* 文件并找到了 ligsoapssl++.a 文件并链接到它。此错误已消失,但我收到错误:14090086:SSL例程:SSL3_GET_SERVER_CERTIFICATE:证书验证失败。这意味着我需要调用soap_ssl_client_context函数,但C++生成的类中没有。我应该怎么办?
UPD:我自己解决了这个问题。但这是一种古怪、非常古怪的方式。 gSOAP 生成继承自 struct Soap 的 C++ 类,它包含以下属性:
BIO *bio;
SSL *ssl;
SSL_CTX *ctx;
unsigned short ssl_flags;
const char *keyfile;
const char *password;
const char *dhfile;
const char *cafile;
const char *capath;
const char *crlfile;
const char *randfile;
SSL_SESSION *session;
因此我们可以像 OpenSSL 库中一样自行设置必要的属性(标志、参数)。在简单的情况下,调用 soap_ssl_init() 一次并设置 ssl_flags = SOAP_SSL_NO_AUTHENTICATION 就足够了。它对我有用。如果有人知道更好的方法,我会很高兴看到。
i need to use gsoap library in C++ and i need to use https. documentation says how to work with HTTPS in C, but not in C++ (http://www.cs.fsu.edu/~engelen/soapdoc2.html#tth_sEc19.20). in particular, i have compulation error on soap_ssl_init(); function. i've looked /usr/lib/libgsoap* files and found ligsoapssl++.a file and linked against it. this error has gone, but i get error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed. that's mean i need to call soap_ssl_client_context func, but there isn't in C++ generated classes. What should i do?
UPD: i've solved this trouble by myself. but it's quirky, very quirky way. gSOAP generates C++ classes inherited from struct soap, it contains following attrs:
BIO *bio;
SSL *ssl;
SSL_CTX *ctx;
unsigned short ssl_flags;
const char *keyfile;
const char *password;
const char *dhfile;
const char *cafile;
const char *capath;
const char *crlfile;
const char *randfile;
SSL_SESSION *session;
so we can setup necessary attrs (flags, params) as in OpenSSL library by ourselves. In simple case it's enough to call soap_ssl_init() once and set ssl_flags = SOAP_SSL_NO_AUTHENTICATION. it works for me. if anyone knows better way i'll glad to see.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
这对我有用:
其中 m_proxy 是使用 gSOAP 生成的客户端代理的实例:
This works for me:
where m_proxy is an instance of the client proxy generated using gSOAP:
我自己解决了这个麻烦。但这是一种古怪、非常古怪的方式。 gSOAP 生成继承自 struct Soap 的 C++ 类,它包含以下属性:
因此我们可以像 OpenSSL 库中一样自行设置必要的属性(标志、参数)。在简单的情况下,调用
soap_ssl_init()一次并设置ssl_flags = SOAP_SSL_NO_AUTHENTICATION就足够了。它对我有用。如果有人知道更好的方法我会很高兴i've solved this trouble by myself. but it's quirky, very quirky way. gSOAP generates C++ classes inherited from
struct soap, it contains following attrs:so we can setup necessary attrs (flags, params) as in OpenSSL library by ourselves. In simple case it's enough to call
soap_ssl_init()once and setssl_flags = SOAP_SSL_NO_AUTHENTICATION. it works for me. if anyone knows better way i'll gla我在我的 c++ 程序中使用了 gsoap 上的 SSL 支持,并且没有遇到任何问题。我使用 -DWITH_OPENSSL 指令编译了源文件 stdsoap2.cpp (与 gsoap 一起提供)(您错过了这个吗?)。我使用了 obj 文件,并将我的程序与其链接。
I have used SSL support on gsoap in my c++ program, and I have had no problems. I compiled the source file stdsoap2.cpp (which comes along with gsoap), with the -DWITH_OPENSSL directive (did you miss this?). I used the obj file, and linked my program with it.
我今天也遇到了同样的问题。我在 VirtualBox 和 Gsoap 2.8.21 上使用 Ubuntu 14.04。
我使用命令生成了 C++ 代理类:
首先,我使用了上述解决方案并将 ssl_flags 设置为 SOAP_SSL_NO_AUTHENTICATION。感谢这个错误消失了。
此外,我观察到,在将标志更改为 SOAP_TLSv1 时,它也会使错误消失。导致头痛的标志是 SOAP_SSL_REQUIRE_SERVER_AUTHENTICATION,默认情况下在 SOAP_SSL_DEFAULT 标志内设置。
一切看起来都很好,直到我使用标志 --enable-debug 从源代码重新编译了 gsoap。不久之后,我开始看到类似以下内容:
SSL 验证错误或深度 1 证书的警告:无法获取本地颁发者证书
到目前为止,我发现的最佳解决方案是从 gsoap 下载 cacerts.pem 文件网站 https://www.cs.fsu.edu/~engelen/cacerts.pem.zip 并将它们解压缩到可执行文件旁边。
当然,在您的代码中应该有类似的内容:
然后所有警告和错误消息都会消失。
I have experienced the same problem today. I was using Ubuntu 14.04 on VirtualBox and Gsoap 2.8.21.
I generated C++ proxy classes with command:
At a first place, I used the aforementioned solution and set ssl_flags to SOAP_SSL_NO_AUTHENTICATION. Thanks to this error disappeared.
Moreover I observed that while changing flags to SOAP_TLSv1, it also makes the errors disappear. The flag that causes headaches was SOAP_SSL_REQUIRE_SERVER_AUTHENTICATION which is by default set inside SOAP_SSL_DEFAULT flag.
Everything seemed fine, until I recompiled gsoap from source with flag --enable-debug. Soon after I started to see something like:
SSL verify error or warning with certificate at depth 1: unable to get local issuer certificate
The best solution I found so far is to download the cacerts.pem file from gsoap site https://www.cs.fsu.edu/~engelen/cacerts.pem.zip and unzip them next to your executable.
And of course in your code you should have something similar to:
Then all the warning and error messages disappear.