diff options
| author | Anthony Neal <aneal@zeroc.com> | 2002-03-26 21:27:15 +0000 |
|---|---|---|
| committer | Anthony Neal <aneal@zeroc.com> | 2002-03-26 21:27:15 +0000 |
| commit | 91c4282aba368df0ea155431f5f2be42ce3c09ea (patch) | |
| tree | dcf3f1f9a595d00ac6b442bdd4c19014ef432043 /cpp/src/Ice/SslConnectionOpenSSLClient.cpp | |
| parent | Updated to allow for the removal of RequestQueue?.h. (diff) | |
| download | ice-91c4282aba368df0ea155431f5f2be42ce3c09ea.tar.bz2 ice-91c4282aba368df0ea155431f5f2be42ce3c09ea.tar.xz ice-91c4282aba368df0ea155431f5f2be42ce3c09ea.zip | |
Conformance to Code Style review. As well, cleaned out some old code that
wasn't needed any more.
Diffstat (limited to 'cpp/src/Ice/SslConnectionOpenSSLClient.cpp')
| -rw-r--r-- | cpp/src/Ice/SslConnectionOpenSSLClient.cpp | 93 |
1 files changed, 17 insertions, 76 deletions
diff --git a/cpp/src/Ice/SslConnectionOpenSSLClient.cpp b/cpp/src/Ice/SslConnectionOpenSSLClient.cpp index 519ca3f9d7f..328d9d6a5e1 100644 --- a/cpp/src/Ice/SslConnectionOpenSSLClient.cpp +++ b/cpp/src/Ice/SslConnectionOpenSSLClient.cpp @@ -13,7 +13,8 @@ #include <Ice/OpenSSLUtils.h> #include <Ice/Network.h> #include <Ice/OpenSSL.h> -#include <Ice/SslException.h> +#include <Ice/SslException.h>
+#include <Ice/OpenSSLJanitors.h> #include <Ice/SslConnectionOpenSSLClient.h> #include <Ice/TraceLevels.h> @@ -45,13 +46,12 @@ using std::dec; // but unfortunately, it appears that this is not properly picked up. // -IceSSL::OpenSSL::ClientConnection::ClientConnection( - const IceInternal::TraceLevelsPtr& traceLevels, - const Ice::LoggerPtr& logger, - const IceSSL::CertificateVerifierPtr& certificateVerifier, - SSL* connection, - const IceSSL::SystemInternalPtr& system) : - Connection(traceLevels, logger, certificateVerifier, connection, system) +IceSSL::OpenSSL::ClientConnection::ClientConnection(const IceInternal::TraceLevelsPtr& traceLevels, + const Ice::LoggerPtr& logger, + const IceSSL::CertificateVerifierPtr& certificateVerifier, + SSL* connection, + const IceSSL::SystemInternalPtr& system) : + Connection(traceLevels, logger, certificateVerifier, connection, system) { assert(_sslConnection != 0); @@ -106,10 +106,7 @@ IceSSL::OpenSSL::ClientConnection::init(int timeout) int result = connect(); - // Find out what the error was (if any). - int code = getLastError(); -
- switch (code) + switch (getLastError()) { case SSL_ERROR_WANT_READ: { @@ -222,34 +219,6 @@ IceSSL::OpenSSL::ClientConnection::init(int timeout) } int -IceSSL::OpenSSL::ClientConnection::read(Buffer& buf, int timeout) -{ - int totalBytesRead = 0; - - // Initialization to 1 is a cheap trick to ensure we enter the loop. - int bytesRead = 1; - - // We keep reading until we're done. - while ((buf.i != buf.b.end()) && bytesRead) - { - // Copy over bytes from _inBuffer to buf. - bytesRead = readInBuffer(buf); - - // Nothing in the _inBuffer? - if (!bytesRead) - { - // Read from SSL. - bytesRead = readSSL(buf, timeout); - } - - // Keep track of the total number of bytes read. - totalBytesRead += bytesRead; - } - - return totalBytesRead; -} - -int IceSSL::OpenSSL::ClientConnection::write(Buffer& buf, int timeout) { int totalBytesWritten = 0; @@ -268,21 +237,17 @@ IceSSL::OpenSSL::ClientConnection::write(Buffer& buf, int timeout) } #endif - int initReturn = 0; - // We keep reading until we're done while (buf.i != buf.b.end()) { // Ensure we're initialized. - initReturn = initialize(timeout); - - if (initReturn <= 0) + if (initialize(timeout) <= 0) { // Retry the initialize call continue; } - // initReturn must be > 0, so we're okay to try a write + // initialize() must have returned > 0, so we're okay to try a write. // Perform a select on the socket. if (!writeSelect(timeout)) @@ -320,25 +285,7 @@ IceSSL::OpenSSL::ClientConnection::write(Buffer& buf, int timeout) } case SSL_ERROR_WANT_WRITE: - { - // Repeat with the same arguments! (as in the OpenSSL documentation) - // Whatever happened, the last write didn't actually write anything - // for us. This is effectively a retry. - continue; - } - case SSL_ERROR_WANT_READ: - { - // TODO: Probably don't need this - remove later if not needed. - - // If we get this error here, it HAS to be because - // the protocol wants to do something handshake related. - // In the case that we might actually get some application data, - // we will use the base SSL read method, using the _inBuffer. - // readSSL(_inBuffer, timeout); - continue; - } - case SSL_ERROR_WANT_X509_LOOKUP: { // Perform another read. The read should take care of this. @@ -347,8 +294,9 @@ IceSSL::OpenSSL::ClientConnection::write(Buffer& buf, int timeout) case SSL_ERROR_SYSCALL: { - // NOTE: The demo client only throws an exception if there were actually bytes - // written. This is considered to be an error status requiring shutdown. + // NOTE: The OpenSSL demo client only raises and error condition if there were
+ // actually bytes written. This is considered to be an error status
+ // requiring shutdown. // If nothing was written, the demo client stops writing - we continue. // This is potentially something wierd to watch out for. if (bytesWritten == -1) @@ -421,20 +369,19 @@ IceSSL::OpenSSL::ClientConnection::write(Buffer& buf, int timeout) // Protected Methods // -// This code blatantly stolen from OpenSSL demos, slightly repackaged, and completely ugly... void IceSSL::OpenSSL::ClientConnection::showConnectionInfo() { // Only in extreme cases do we enable this, partially because it doesn't use the Logger. if ((_traceLevels->security >= IceSSL::SECURITY_PROTOCOL_DEBUG) && 0) - { - BIO* bio = BIO_new_fp(stdout, BIO_NOCLOSE); + {
+ BIOJanitor bioJanitor(BIO_new_fp(stdout, BIO_NOCLOSE)); + BIO* bio = bioJanitor.get(); showCertificateChain(bio); showPeerCertificate(bio,"Client"); - // Something extra for the client showClientCAList(bio, "Client"); showSharedCiphers(bio); @@ -444,11 +391,5 @@ IceSSL::OpenSSL::ClientConnection::showConnectionInfo() showHandshakeStats(bio); showSessionInfo(bio); - - if (bio != 0) - { - BIO_free(bio); - bio = 0; - } } } |