CODEWITHSUNDEEP
sslsoapopensslssl-certificategsoap
Lunodzo
Lunodzo

Reputation: 23

Is soap_ssl_accept() function required in SSL implementation in gSOAP?

I am implementing SSL in a gSOAP-based application with the following scripts on the server and client side. But I am getting an error that SSL_accept() fails in soap_ssl_accept().

gSOAP release: 2.8.123 OpenSSL version:

Server implementation

if (soap_ssl_server_context(&soap, 
    SOAP_SSL_DEFAULT, //Authenticate the client using TLS v1 to 1.3
    "/home/xxx/CA/server.pem", //private key
    "xxxx", //password to read server.pem
    NULL, //CA file certificate to verify client
    "/home/xxxx/CA/cacert.pem", //CA path to verify client
    NULL, //RSA used for key exchange
    NULL, //seed the PRNG using the specified file with random data
    NULL //identification for SSL session caching to speed up TLS
    )) 
    {
     soap_print_fault(&soap, stderr);
     exit(EXIT_FAILURE);
}

Then I initialised SSL with soap_ssl_init(); in the main loop.

After initialization I call the soap_ssl_accept(&soap) function as follows

if (soap_ssl_accept(&soap)){
    soap_print_fault(&soap, stderr);
    fprintf(stderr, "SSL_accept error: %s\n", soap_faultstring(&soap));             
        exit(EXIT_FAILURE);             
}

Client implementation

Initialisation and certificate verification callback

soap_ssl_init(); //Initialize the SSL/TLS library
  
   //Define certification verfification call back function
   int ssl_verify_callback_allow_self_signed_certificates(int ok, X509_STORE_CTX *store)
   {
     if(!ok && X509_STORE_CTX_get_error(store) == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN)
     {
       X509_STORE_CTX_set_error(store, X509_V_OK);
       ok = 1;
     }
     return ok;
   }
   
   soap.fsslverify = ssl_verify_callback_allow_self_signed_certificates;

Its context

if (soap_ssl_client_context(&soap, 
                               SOAP_SSL_DEFAULT | SOAP_SSL_SKIP_HOST_CHECK,
                               "/home/xxx/CA/client.pem",
                               "xxxx",
                               NULL,
                               "/home/xxx/CA/cacert.pem",
                               NULL
   ))
   {
     soap_print_fault(&soap, stderr);
     exit(EXIT_FAILURE);
   }

Running this code code with soap_ssl_accept() function generates SSL_ERROR_SSL: 0A00009C:SSL routines::http request error.

With detail: SSL_accept() failed in soap_ssl_accept()

I commented the soap_ssl_accept() function, and the code works fine. According to the documentation this function should be called to perform the SSL/TLS handshake with a connected client. This function enforces HTTPS connections that are initialised with soap_ssl_server_context.

Would SSL implementation be complete without it? If not, how can I make it work?

Upvotes: 0

Views: 101

Answers (0)

Related Questions