axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fred Preston <PREST...@uk.ibm.com>
Subject RE: SSL Client
Date Tue, 21 Feb 2006 16:37:14 GMT
Hi Iwan,
        Did you get SSL working?  Also, you should not be downloading the 
Axis code from CVS repository as this abandoned months ago and the new 
Axis repository is now in SVN (it should all be on the Apache web site :-) 
).  From your code snippets, it looks like you are using quite an old 
version of the code and it could be that some of your problems have 
already been resolved when you try the latest code extracted from SVN 
repository :-)

Regards,

Fred Preston.





Iwan Tomlow <iwan.tomlow@seagha.com>
21/02/2006 07:57
Please respond to "Apache AXIS C User List"
 
        To:     "'Apache AXIS C User List'" <axis-c-user@ws.apache.org>
        cc:     "'axis-c-dev@ws.apache.org'" <axis-c-dev@ws.apache.org>
        Subject:        RE: SSL Client

 

One thing I forgot to mention: to prevent the crash, I also had to change
the following in xml\XMLParserXerces.cpp:

Ln 79:
const AnyElement* XMLParserXerces::next(bool isCharData)
{
    bool bCanParseMore = false;
        if(!m_bFirstParsed)
        {
-           m_pParser->parseFirst(*m_pInputSource, m_ScanToken);
-           m_bFirstParsed = TRUE;
+           m_bFirstParsed = m_pParser->parseFirst(*m_pInputSource,
m_ScanToken);
+           if (!m_bFirstParsed)
+                                                return NULL;
        }

Kind regards,
Iwan Tomlow

-----Original Message-----
From: Iwan Tomlow [mailto:iwan.tomlow@seagha.com] 
Sent: dinsdag 21 februari 2006 8:53
To: 'Apache AXIS C User List'
Cc: 'axis-c-dev@ws.apache.org'
Subject: RE: SSL Client


Hello,

Just to let you know I managed to get the SSL configured using
vc\transport\Axis3\HTTPSSLChannel.
However, I think I stumbled over a bug in the transport layer, because the
Axis-client was always crashing when using SSL. Can't seem to access the
CVS-sources at the moment, so I don't know if it has been noticed and 
fixed
already, so I'll post it here.

Debugging showed the Xerces-parser was using bogus data to throw a
UTF8FormatException, so the following code in ClientAxisEngine.cpp failed:

Ln 223:
        int nSoapVersion = m_pDZ->getVersion ();
        if (nSoapVersion == VERSION_LAST)     /* version not supported */
        {
            Status = AXIS_FAIL;
                                 //              return AXIS_FAIL;

The status was indeed AXIS_FAIL, but because the return-statement is
commented out, the subsequent call to "m_pDZ->getHeader ();" caused a 
crash
in the Xerces parser.

I finally tracked it down to what I think is a bug in the getBytes() in
axis3/HTTPTransport.cpp (Ln 588). Probably because of using SSL, what I 
was
receiving after the HTTP-header was always a first chunk containing *only*
the chunk size + CRLF, nothing more. This caused the following code to 
never
execute extra reads to really get any of the chunk data:

                                 //There might be chunk extensions in 
there too but we may
not need them
                                                                 unsigned 
int endOfChunkData =
m_strReceived.find( "\r\n");

                                 // make sure we have read at least some 
part of the message
                                                                 if ( 
endOfChunkData == std::string::npos)
                                                                 {

endOfChunkData was 3 in this case (data was "4db\r\n"), and data was never
read. I tried to fix it like this, which worked for me (not at all sure 
that
this is a complete and trustworhty fix); this should make sure at least 
some
of the actual chunk data is read before continuing:

                                 // make sure we have read at least some 
part of the message
-                                                                if( 
endOfChunkData == std::string::npos)
+ std::string::size_type nLen =
m_strReceived.length ();
+                                                                if ( 
endOfChunkData == std::string::npos ||
+                endOfChunkData + 2 >= nLen )
                                                                 {
  iIterationCountdown = 100;

  do
  {
                 m_pszRxBuffer [0] = '\0';
                 *m_pActiveChannel >>
m_pszRxBuffer;

                 if( strlen( m_pszRxBuffer)
== 0)
                 {
 
iIterationCountdown--;
                 }
                 else
                 {
                                 iIterationCountdown
= 100;
                 }

-                m_strReceived =
m_pszRxBuffer;
-                endOfChunkData =
m_strReceived.find( "\r\n");
-  } while( endOfChunkData ==
std::string::npos && iIterationCountdown > 0);
+                m_strReceived +=
m_pszRxBuffer;
+                nLen = m_strReceived.length
();
+                endOfChunkData =
m_strReceived.find("\r\n");
+  } while( ( endOfChunkData ==
std::string::npos || endOfChunkData + 2 >= nLen ) 
+                                                &&
iIterationCountdown > 0);
                                                                 }

Kind regards,
Iwan Tomlow


-----Original Message-----
From: Iwan Tomlow [mailto:iwan.tomlow@seagha.com] 
Sent: vrijdag 17 februari 2006 16:31
To: 'axis-c-user@ws.apache.org'
Subject: SSL Client


Hi, I've been happily using Axis C++ 1.5 for client development, but now
urgently (and unwarned) need to be able to access the webserver over 
https.
I know it should be possible to link OpenSSL with Axis, but seem to be
unable to find the right documentation (the info at
http://ws.apache.org/axis/cpp/winuser-guide.html#ssl is absolutely cryptic
to me - where is vc\transport\Axis2\Axis2SSLChannel?)

Does anyone know how to get a client working over https?
What I get now = HTTPTransportException:Client attempted to use secure
transport (https) without an SSL layer

Strange thing is that the client works automatically when testing 
internally
- does Axis somehow 'downgrade' to normal htpp if https can't be used? Or
does this have to do something with me already having build OpenSSL on my
development machine?

Thanks in advance for any pointers,
Iwan Tomlow


Mime
View raw message