How to workaround PHP’s SOAPClient bug when connecting over SSL

Posted November 12th, 2009 in PHP by Damian

Today, while integrating SecPay (aka PayPoint) payment gateway with an ecommerce site I’m working on, I came across a very annoying problem with PHP’s SOAPClient implementation.

When talking to a SOAP interface the first thing you want to do is obviously connect to the endpoint:

$this->soap = new SoapClient('');

This looks correct and innocent, however it produces this nasty error:

SoapClient::SoapClient() [function.SoapClient-SoapClient]: SSL: fatal protocol error

Changing SOAPClient parameters doesn’t help and disabling wsdl cache in php.ini doesn’t do much either.

After googling a bit I found a couple of bug reports. It turns out PHP has issues talking to endpoints over SSL. *Sigh*.

Here’s a workaround I came up with to force PHP to connect:

$orig_error_reporting = error_reporting();
$this->soap = new SoapClient('');

As you can see the idea is simple. Just turn off error reporting before instantiating soapclient and restore it afterwards.

I hope this helps some of you frustrated by this bug.

Secure Windows File Sharing (Samba) over the Internet without Putty.

Posted November 2nd, 2009 in Linux, Windows by Damian

There are numerous articles describing tunnelling Samba over SSH with putty. In this post I will show you how to set up Samba tunnelling for everyday use without putty running all the time.

Things you need before you start:

An SSH server between you and the shares you want to connect to. It may be running on the same machine as the shares you want to access.

Also, File Sharing (Windows) or Samba (Linux) should be configured correctly on the machine you want to access. Make sure your firewall lets the SSH server connect to your Samba or Windows shares.

Step 1: Create a local loopback interface

We need to create a loopback interface on your local computer first. There is a lot of HOWTOs on the web describing this. I suggest you read this one. As soon as you have the loopback working and putting properly forwarding ports to the local loopback interface, go to step 2.

Step 2: Set up the tunnelling app

So you have the forwarding working now. Technically, that’s all you need. However, if you plan to use shares on a daily basis, there are a few things you will notice:

  • It’s annoying to have the putty window open all the time,
  • If you close it, your shares will become unavailable,
  • If your network goes down for a while, putty won’t be able to reconnect your ssh session.

There’s a solution to these problems: a tunnelling tray application. Personally, I like myentunnel. It’s a simple wrapper for plink.exe from the putty package. Sitting quietly in the task-bar’s tray, it’s unobtrusive and reconnects automatically after a network failure.

Install and run myentunnel. Then set your hostname, username and password stuff in the Settings tab and go to the Tunnels tab. Add the Samba port and IPs in the Local box, press Save and then Connect. If putty connected and forwarded the ports properly, myentunnel should work without a hitch too.

If you have multiple servers to connect to, you can create server profiles. Read the myentunnel documentation for details.

That’s all, enjoy.