Loading ...
Sorry, an error occurred while loading the content.

Re: SSL and SOAP server (again)

Expand Messages
  • Thomas J Pinkl
    ... I cannot post the code, as it is part of a commercial product that is sold by my employer. In pseudo code, it would look like so (untested): use
    Message 1 of 3 , Sep 9 1:59 PM
    • 0 Attachment
      On Tue, Sep 09, 2008 at 05:42:37PM -0000, fistan11 wrote:
      > Thomas, can you put any example here? Multithreaded SSL standalone
      > server could be MUCH MORE expressive than thousands of doc lines.
      > Thank you!

      I cannot post the code, as it is part of a commercial product that
      is sold by my employer. In pseudo code, it would look like so
      (untested):

      use IO::Socket;
      use HTTP::Daemon::SSL;
      use SOAP::Transport::HTTP;
      ...

      # set up HTTP and SSL options
      my %https_opts = ();
      $https_opts{LocalPort} = 443;
      $https_opts{Proto} = "tcp";
      $https_opts{Type} = SOCK_STREAM;
      $https_opts{Listen} = SOMAXCONN;
      $https_opts{ReuseAddr} = 1;
      $https_opts{Timeout} = 300;
      $https_opts{SSL_version} = 'SSLv2/3';
      $https_opts{SSL_cipher_list} = 'ALL:!LOW:!EXP';
      $https_opts{SSL_use_cert} = 1;
      $https_opts{SSL_key_file} = "server.key";
      $https_opts{SSL_cert_file} = "server.crt";
      $https_opts{SSL_ca_file} = "ca-bundle.crt";
      $https_opts{SSL_ca_path} = "/path/to/CA/certs";
      $https_opts{SSL_verify_mode} = 0x01|0x02;
      $https_opts{SSL_check_crl} = 0;
      ...

      sub https_daemon {
      # become a daemon (optional)
      &make_me_a_daemon();

      # start HTTPS listener
      my $server = HTTP::Daemon::SSL->new( %https_opts );

      # accept loop
      while (1) {
      # wait for a client connection
      my $client = $server->accept();
      next if (! $client);

      # start a child process to handle the connection
      &start_child($server,$client);

      # parent process closes the connected socket
      $client->close();
      }
      }

      sub start_child {
      my $server = shift;
      my $client = shift;

      my $pid = fork();
      return if (! defined $pid);

      if ($pid > 0) {
      # parent process
      return;
      } else {
      # child process
      $server->close();

      # handle the HTTP connection and exit
      &handle_http_connection($client);
      $client->close();
      exit(0);
      }
      }

      sub handle_http_connection {
      my $client = shift;

      my $soap = new SOAP::Transport::HTTP::Server;
      $soap->dispatch_to( $SOME_LIST_OF_MODULES );

      while (1) {
      # read HTTP request
      my $req = $client->get_request();
      last if (! $req);

      # handle HTTP request and generate HTTP response
      my $resp = &handle_http_request( $req, $soap );

      # send HTTP response
      if ($resp) {
      $client->send_response( $resp );
      } else {
      last;
      }
      }
      }

      sub handle_http_request {
      my $req = shift;
      my $soap = shift;

      # process the SOAP request
      $soap->request( $req );
      $soap->handle();

      # return the SOAP response
      return $soap->response();
      }

      Note that error and signal handling have been omitted to save space
      and to direct attention to the main concepts.

      Also note that this represents a forking server, suitable for a UNIX
      type system (eg. Linux). It is not multi-threaded and it may not
      work on Windows.

      --
      Thomas J. Pinkl


      This communication, including any attachments, may contain information that is confidential and may be privileged and exempt from disclosure under applicable law. It is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are hereby notified that any use, disclosure, dissemination, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the sender. Thank you for your cooperation.
    Your message has been successfully submitted and would be delivered to recipients shortly.