参考gsoap代码中sslclient.c:
01.int main()
02.{ struct soap soap;
03. double a, b, result;
04. /* Init SSL */
05. soap_ssl_init(); <SPAN style="COLOR: #ff6600">--------里面调用SSL_library_init,OpenSSL_add_all_algorithms,SSL_load_error_strings,RAND_load_file</SPAN>
06. if (CRYPTO_thread_setup()) <SPAN style="COLOR: #ff6600">------ 用于多线程</SPAN>
07. { fprintf(stderr, "Cannot setup thread mutex for OpenSSL\n");
08. exit(1);
09. }
10. a = 10.0;
11. b = 20.0;
12. /* Init gSOAP context */
13. soap_init(&soap); <SPAN style="COLOR: #ff6600">-------- 调用soap_versioning(soap_init)(struct soap *soap, soap_mode imode, soap_mode omode)。调用soap_init_mht,soap_init_logs等<SPAN style="FONT-FAMILY: Arial, Helvetica, sans-serif">。会调用SSL_CTX_new。如果没有调用过</SPAN></SPAN><SPAN style="FONT-FAMILY: Arial, Helvetica, sans-serif; COLOR: rgb(255,102,0)">soap_ssl_init,里面会调用。</SPAN><SPAN style="COLOR: #ff6600">
14.</SPAN>
15. /* The supplied server certificate "server.pem" assumes that the server is
16. running on 'localhost', so clients can only connect from the same host when
17. verifying the server's certificate. Use SOAP_SSL_NO_AUTHENTICATION to omit
18. the authentication of the server and use encryption directly from any site.
19. To verify the certificates of third-party services, they must provide a
20. certificate issued by Verisign or another trusted CA. At the client-side,
21. the capath parameter should point to a directory that contains these
22. trusted (root) certificates or the cafile parameter should refer to one
23. file will all certificates. To help you out, the supplied "cacerts.pem"
24. file contains the certificates issued by various CAs. You should use this
25. file for the cafile parameter instead of "cacert.pem" to connect to trusted
26. servers. Note that the client may fail to connect if the server's
27. credentials have problems (e.g. expired). Use SOAP_SSL_NO_AUTHENTICATION
28. and set cacert to NULL to encrypt messages if you don't care about the
29. trustworthyness of the server.
30. Note 1: the password and capath are not used with GNUTLS
31. Note 2: setting capath may not work on Windows.
32. */
33. if (soap_ssl_client_context(&soap, <SPAN style="COLOR: #ff6600">------------ 设置上下文。</SPAN>
34. /* SOAP_SSL_NO_AUTHENTICATION, */ /* for encryption w/o authentication */
35. /* SOAP_SSL_DEFAULT | SOAP_SSL_SKIP_HOST_CHECK, */ /* if we don't want the host name checks since these will change from machine to machine */
36. SOAP_SSL_DEFAULT, /* use SOAP_SSL_DEFAULT in production code */
37. NULL, /* keyfile (cert+key): required only when client must authenticate to server (see SSL docs to create this file) */
38. NULL, /* password to read the keyfile */
39. "cacert.pem", /* optional cacert file to store trusted certificates, use cacerts.pem for all public certificates issued by common CAs */
40. NULL, /* optional capath to directory with trusted certificates */
41. NULL /* if randfile!=NULL: use a file with random data to seed randomness */
42. ))
43. { soap_print_fault(&soap, stderr);
44. exit(1);
45. }
46. soap.connect_timeout = 60; /* try to connect for 1 minute */
47. soap.send_timeout = soap.recv_timeout = 30; /* if I/O stalls, then timeout after 30 seconds */
48. if (<SPAN style="COLOR: #ff6600">soap_call_ns__add</SPAN>(&soap, server, "", a, b, &result) == SOAP_OK)<SPAN style="COLOR: #ff6600">--------------编译出的soap桩接口</SPAN>
49. fprintf(stdout, "Result: %f + %f = %f\n", a, b, result);
50. else
51. soap_print_fault(&soap, stderr);
52. soap_destroy(&soap); /* C++ */
53. soap_end(&soap);
54. soap_done(&soap);
55. CRYPTO_thread_cleanup();
56. return 0;
57.}
sslserver.c:
01.int main()
02.{ SOAP_SOCKET m;
03.#if defined(_POSIX_THREADS) || defined(_SC_THREADS)
04. pthread_t tid;
05.#endif
06. struct soap soap, *tsoap;
07. /* Need SIGPIPE handler on Unix/Linux systems to catch broken pipes: */
08. signal(SIGPIPE, sigpipe_handle); <SPAN style="COLOR: #ff6600">-------------- 只有这样,pipe对端断开连接,本端才能接收到EPIPE信号。</SPAN>
09. if (CRYPTO_thread_setup()) -<SPAN style="COLOR: #ff6600">-- 多线程</SPAN>
10. { fprintf(stderr, "Cannot setup thread mutex for OpenSSL\n");
11. exit(1);
12. }
13. /* init gsoap context and SSL */
14. <STRONG><SPAN style="COLOR: #ff0000">soap_init</SPAN></STRONG>(&soap); <SPAN style="COLOR: #ff6600">--- 初始化context。里面会调用</SPAN><SPAN style="FONT-FAMILY: Arial, Helvetica, sans-serif; COLOR: rgb(255,102,0)">soap_ssl_init等</SPAN><SPAN style="COLOR: #ff6600">
15.</SPAN>
16. /* The supplied server certificate "server.pem" assumes that the server is
17. running on 'localhost', so clients can only connect from the same host when
18. verifying the server's certificate.
19. To verify the certificates of third-party services, they must provide a
20. certificate issued by Verisign or another trusted CA. At the client-side,
21. the capath parameter should point to a directory that contains these
22. trusted (root) certificates or the cafile parameter should refer to one
23. file will all certificates. To help you out, the supplied "cacerts.pem"
24. file contains the certificates issued by various CAs. You should use this
25. file for the cafile parameter instead of "cacert.pem" to connect to trusted
26. servers. Note that the client may fail to connect if the server's
27. credentials have problems (e.g. expired).
28. Note 1: the password and capath are not used with GNUTLS
29. Note 2: setting capath may not work on Windows.
30. */
31. if (soap_ssl_server_context(&soap, ------------ server context
32. SOAP_SSL_DEFAULT, /* use SOAP_SSL_REQUIRE_CLIENT_AUTHENTICATION to verify clients: client must provide a key file e.g. "client.pem" and "password" */
33. "server.pem", /* keyfile (cert+key): see SSL docs to create this file */
34. "password", /* password to read the private key in the key file */
35. "cacert.pem", /* cacert file to store trusted certificates (to authenticate clients) */
36. NULL, /* capath */
37. "dh512.pem", /* DH file name or DH param key len bits (e.g. "1024"), if NULL use RSA 2048 bits (SOAP_SSL_RSA_BITS) */
38. NULL, /* if randfile!=NULL: use a file with random data to seed randomness */
39. "sslserver" /* server identification for SSL session cache (unique server name, e.g. use argv[0]) */
40. ))
41. { soap_print_fault(&soap, stderr);
42. exit(1);
43. }
44. soap.accept_timeout = 60; /* server times out after 1 minute inactivity */
45. soap.send_timeout = soap.recv_timeout = 30; /* if I/O stalls, then timeout after 30 seconds */
46. m =<SPAN style="COLOR: #ff6600"> soap_bind</SPAN>(&soap, NULL, 18081, 100);
47. if (!soap_valid_socket(m))
48. { soap_print_fault(&soap, stderr);
49. exit(1);
50. }
51. fprintf(stderr, "Bind successful: socket = %d\n", m);
52. for (;;)
53. { SOAP_SOCKET s = soap_accept(&soap);
54. if (!soap_valid_socket(s))
55. { if (soap.errnum)
56. soap_print_fault(&soap, stderr);
57. else
58. fprintf(stderr, "Server timed out (timeout set to %d seconds)\n", soap.accept_timeout);
59. break;
60. }
61. fprintf(stderr, "Socket %d connection from IP %d.%d.%d.%d\n", s, (int)(soap.ip>>24)&0xFF, (int)(soap.ip>>16)&0xFF, (int)(soap.ip>>8)&0xFF, (int)soap.ip&0xFF);
62. <SPAN style="COLOR: #ff6600">tsoap = soap_copy(&soap);</SPAN>
63. if (!tsoap)
64. { soap_closesock(&soap);
65. continue;
66. }
67.#if defined(_POSIX_THREADS) || defined(_SC_THREADS)
68. pthread_create(&tid, NULL, (void*(*)(void*))&process_request, <SPAN style="COLOR: #ff6600">tsoap</SPAN>);
69.#else
70. process_request(tsoap);
71.#endif
72. }
73. soap_destroy(&soap);
74. soap_end(&soap);
75. soap_done(&soap); /* MUST call before CRYPTO_thread_cleanup */
76. CRYPTO_thread_cleanup();
77. return 0;
78.}
01.void *process_request(struct soap *soap)
02.{
03.#if defined(_POSIX_THREADS) || defined(_SC_THREADS)
04. pthread_detach(pthread_self());
05.#endif
06. if (<SPAN style="COLOR: #ff6600">soap_ssl_accept</SPAN>(soap) != SOAP_OK) <SPAN style="COLOR: #ff6600">---------- 会调用SSL_new,SSL_accept</SPAN>
07. { /* when soap_ssl_accept() fails, socket is closed and SSL data reset */
08. soap_print_fault(soap, stderr);
09. fprintf(stderr, "SSL request failed, continue with next call...\n");
10. }
11. else
12. <SPAN style="COLOR: #ff6600">soap_serve</SPAN>(soap);
13. soap_destroy(soap); /* for C++ */
14. soap_end(soap);
15. soap_free(soap);
16. return NULL;
17.}