diff options
| author | Anthony Neal <aneal@zeroc.com> | 2001-12-19 16:48:31 +0000 |
|---|---|---|
| committer | Anthony Neal <aneal@zeroc.com> | 2001-12-19 16:48:31 +0000 |
| commit | 73e15974110b3538960ecd4613187d79bd32c47a (patch) | |
| tree | 56a62cdb2752e295d4f46810dd2d88623e38e96d /cpp/src/Ice/SslConnectionOpenSSLServer.cpp | |
| parent | Fix for ActivePython bug under WIN32. (diff) | |
| download | ice-73e15974110b3538960ecd4613187d79bd32c47a.tar.bz2 ice-73e15974110b3538960ecd4613187d79bd32c47a.tar.xz ice-73e15974110b3538960ecd4613187d79bd32c47a.zip | |
This is the 'fix' for the IceStorm related bug having to do with oneways.
It requires that Marc make it legal for read() to return 0 bytes.
Diffstat (limited to 'cpp/src/Ice/SslConnectionOpenSSLServer.cpp')
| -rw-r--r-- | cpp/src/Ice/SslConnectionOpenSSLServer.cpp | 279 |
1 files changed, 134 insertions, 145 deletions
diff --git a/cpp/src/Ice/SslConnectionOpenSSLServer.cpp b/cpp/src/Ice/SslConnectionOpenSSLServer.cpp index 40991e654ae..415cdafaae1 100644 --- a/cpp/src/Ice/SslConnectionOpenSSLServer.cpp +++ b/cpp/src/Ice/SslConnectionOpenSSLServer.cpp @@ -37,8 +37,6 @@ IceSecurity::Ssl::OpenSSL::ServerConnection::~ServerConnection() { ICE_METHOD_INV("OpenSSL::ServerConnection::~ServerConnection()"); - shutdown(); - ICE_METHOD_RET("OpenSSL::ServerConnection::~ServerConnection()"); } @@ -47,31 +45,6 @@ IceSecurity::Ssl::OpenSSL::ServerConnection::shutdown() { ICE_METHOD_INV("OpenSSL::ServerConnection::shutdown()"); - if (_sslConnection != 0) - { - // NOTE: This call is how the server application shuts down, but they are - // also using SSL_CTX_set_quiet_shutdown(). - // SSL_set_shutdown(_sslConnection,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); - - int shutdown = 0; - int retries = 100; - - do - { - shutdown = SSL_shutdown(_sslConnection); - retries--; - } - while ((shutdown == 0) && (retries > 0)); - - if (shutdown <= 0) - { - ostringstream s; - s << "SSL shutdown failure encountered: code[" << shutdown << "] retries["; - s << retries << "]\n" << fdToString(SSL_get_fd(_sslConnection)); - ICE_PROTOCOL_DEBUG(s.str()); - } - } - Connection::shutdown(); ICE_METHOD_RET("OpenSSL::ServerConnection::shutdown()"); @@ -80,40 +53,38 @@ IceSecurity::Ssl::OpenSSL::ServerConnection::shutdown() int IceSecurity::Ssl::OpenSSL::ServerConnection::init(int timeout) { - JTCSyncT<JTCMutex> sync(_initMutex); - - ICE_METHOD_INV("OpenSSL::ServerConnection::init()");
-
- if (_timeoutEncountered)
- {
- throw TimeoutException(__FILE__, __LINE__);
- }
-
+ ICE_METHOD_INV("OpenSSL::ServerConnection::init()"); + + if (_timeoutEncountered) + { + throw TimeoutException(__FILE__, __LINE__); + } + int retCode = SSL_is_init_finished(_sslConnection); while (!retCode) { int i = 0; - _readTimeout = timeout > _handshakeReadTimeout ? timeout : _handshakeReadTimeout;
-
- try
- {
- if (_initWantRead)
- {
- i = readSelect(_readTimeout);
- }
- else if (_initWantWrite)
- {
- i = writeSelect(timeout);
- }
- }
- catch (const TimeoutException&)
- {
- _timeoutEncountered = true;
- throw;
- }
-
+ _readTimeout = timeout > _handshakeReadTimeout ? timeout : _handshakeReadTimeout; + + try + { + if (_initWantRead) + { + i = readSelect(_readTimeout); + } + else if (_initWantWrite) + { + i = writeSelect(timeout); + } + } + catch (const TimeoutException&) + { + _timeoutEncountered = true; + throw; + } + if (_initWantRead && i == 0) { return 0; @@ -204,12 +175,14 @@ IceSecurity::Ssl::OpenSSL::ServerConnection::init(int timeout) if (connectionLost()) { + ICE_DEV_DEBUG("ServerConnection::init(): Throwing ConnectionLostException... SslConnectionOpenSSLServer.cpp, 207"); ConnectionLostException ex(__FILE__, __LINE__); ex.error = getSocketErrno(); throw ex; } else { + ICE_DEV_DEBUG("ServerConnection::init(): Throwing SocketException... SslConnectionOpenSSLServer.cpp, 214"); SocketException ex(__FILE__, __LINE__); ex.error = getSocketErrno(); throw ex; @@ -294,7 +267,7 @@ IceSecurity::Ssl::OpenSSL::ServerConnection::write(Buffer& buf, int timeout) int totalBytesWritten = 0; int bytesWritten = 0; - int packetSize = buf.b.end() - buf.i;
+ int packetSize = buf.b.end() - buf.i; #ifdef WIN32 // @@ -310,124 +283,140 @@ IceSecurity::Ssl::OpenSSL::ServerConnection::write(Buffer& buf, int timeout) while (buf.i != buf.b.end()) { // Ensure we're initialized. - if (init(timeout)) + int initReturn = initialize(timeout); + + if (initReturn == -1) { - // Perform a select on the socket. - if (!writeSelect(timeout)) - { - // We're done here. - break; - } + // Handshake underway, we should just return with what we've got (even if that's nothing). + break; + } + + if (initReturn == 0) + { + // Retry the initialize call + continue; + } + + // initReturn must be > 0, so we're okay to try a write - bytesWritten = sslWrite((char *)buf.i, packetSize); + // Perform a select on the socket. + if (!writeSelect(timeout)) + { + // We're done here. + break; + } + + bytesWritten = sslWrite((char *)buf.i, packetSize); - switch (getLastError()) + switch (getLastError()) + { + case SSL_ERROR_NONE: { - case SSL_ERROR_NONE: - { - if (_traceLevels->network >= 3)
- {
- ostringstream s;
- s << "sent " << bytesWritten << " of " << packetSize;
- s << " bytes via ssl\n" << fdToString(SSL_get_fd(_sslConnection));
- _logger->trace(_traceLevels->networkCat, s.str());
- }
-
- totalBytesWritten += bytesWritten; - - buf.i += bytesWritten; - - if (packetSize > buf.b.end() - buf.i) - { - packetSize = buf.b.end() - buf.i; - } - continue; + if (_traceLevels->network >= 3) + { + ostringstream s; + s << "sent " << bytesWritten << " of " << packetSize; + s << " bytes via ssl\n" << fdToString(SSL_get_fd(_sslConnection)); + _logger->trace(_traceLevels->networkCat, s.str()); } - case SSL_ERROR_WANT_WRITE: // Retry... - { - ICE_PROTOCOL("Error SSL_ERROR_WANT_WRITE: Repeating as per protocol."); + totalBytesWritten += bytesWritten; - continue; - } + buf.i += bytesWritten; - case SSL_ERROR_WANT_READ: // The demo server ignores this error. + if (packetSize > buf.b.end() - buf.i) { - ICE_PROTOCOL("Error SSL_ERROR_WANT_READ: Ignoring as per protocol."); - - continue; + packetSize = buf.b.end() - buf.i; } + continue; + } - case SSL_ERROR_WANT_X509_LOOKUP: // The demo server ignores this error. - { - ICE_PROTOCOL("Error SSL_ERROR_WANT_X509_LOOKUP: Repeating as per protocol."); + case SSL_ERROR_WANT_WRITE: // Retry... + { + ICE_PROTOCOL("Error SSL_ERROR_WANT_WRITE: Repeating as per protocol."); - continue; - } + continue; + } - case SSL_ERROR_SYSCALL: - { - if (bytesWritten == -1) - { - // IO Error in underlying BIO - - if (interrupted()) - { - break; - } - - if (wouldBlock()) - { - break; - } - - if (connectionLost()) - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - else - { - SocketException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - } - else - { - ProtocolException protocolEx(__FILE__, __LINE__); + case SSL_ERROR_WANT_READ: // The demo server ignores this error. + { + ICE_PROTOCOL("Error SSL_ERROR_WANT_READ: Ignoring as per protocol."); - // Protocol Error: Unexpected EOF - protocolEx._message = "Encountered an EOF that violates the SSL Protocol."; + continue; + } + + case SSL_ERROR_WANT_X509_LOOKUP: // The demo server ignores this error. + { + ICE_PROTOCOL("Error SSL_ERROR_WANT_X509_LOOKUP: Repeating as per protocol."); - ICE_SSLERRORS(protocolEx._message); - ICE_EXCEPTION(protocolEx._message); + continue; + } - throw protocolEx; + case SSL_ERROR_SYSCALL: + { + if (bytesWritten == -1) + { + // IO Error in underlying BIO + + if (interrupted()) + { + break; + } + + if (wouldBlock()) + { + break; } - } - case SSL_ERROR_SSL: + if (connectionLost()) + { + ICE_DEV_DEBUG("ServerConnection::write(): Throwing ConnectionLostException... SslConnectionOpenSSLServer.cpp, 388"); + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } + else + { + ICE_DEV_DEBUG("ServerConnection::write(): Throwing SocketException... SslConnectionOpenSSLServer.cpp, 395"); + SocketException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } + } + else { ProtocolException protocolEx(__FILE__, __LINE__); - protocolEx._message = "Encountered a violation of the SSL Protocol."; + // Protocol Error: Unexpected EOF + protocolEx._message = "Encountered an EOF that violates the SSL Protocol."; ICE_SSLERRORS(protocolEx._message); ICE_EXCEPTION(protocolEx._message); throw protocolEx; } + } - case SSL_ERROR_ZERO_RETURN: - { - ICE_EXCEPTION("SSL_ERROR_ZERO_RETURN"); + case SSL_ERROR_SSL: + { + ProtocolException protocolEx(__FILE__, __LINE__); - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } + protocolEx._message = "Encountered a violation of the SSL Protocol."; + + ICE_SSLERRORS(protocolEx._message); + ICE_EXCEPTION(protocolEx._message); + + throw protocolEx; + } + + case SSL_ERROR_ZERO_RETURN: + { + ICE_EXCEPTION("SSL_ERROR_ZERO_RETURN"); + ICE_DEV_DEBUG("ServerConnection::write(): Throwing ConnectionLostException... SslConnectionOpenSSLServer.cpp, 430"); + + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; } } } |