diff options
| author | Mark Spruiell <mes@zeroc.com> | 2005-06-14 17:00:21 +0000 |
|---|---|---|
| committer | Mark Spruiell <mes@zeroc.com> | 2005-06-14 17:00:21 +0000 |
| commit | 5344f3b20f8f0889c82b5fb124076f5894179437 (patch) | |
| tree | f965fb6f7b70dbd96cac2cb637b4a578e936d3d7 /cpp/src/IceSSL/SslTransceiver.cpp | |
| parent | Added application name to all the tests Made test executable unique names (diff) | |
| download | ice-5344f3b20f8f0889c82b5fb124076f5894179437.tar.bz2 ice-5344f3b20f8f0889c82b5fb124076f5894179437.tar.xz ice-5344f3b20f8f0889c82b5fb124076f5894179437.zip | |
fix for bug 332: IceSSL: is handshake retry loop necessary?
Diffstat (limited to 'cpp/src/IceSSL/SslTransceiver.cpp')
| -rw-r--r-- | cpp/src/IceSSL/SslTransceiver.cpp | 79 |
1 files changed, 34 insertions, 45 deletions
diff --git a/cpp/src/IceSSL/SslTransceiver.cpp b/cpp/src/IceSSL/SslTransceiver.cpp index b0ae47f270c..d0343372fb9 100644 --- a/cpp/src/IceSSL/SslTransceiver.cpp +++ b/cpp/src/IceSSL/SslTransceiver.cpp @@ -347,59 +347,49 @@ IceSSL::SslTransceiver::toString() const void IceSSL::SslTransceiver::forceHandshake() { - int retryCount = 0; - - while(retryCount < _handshakeRetries) + try { - ++retryCount; - - try - { - if(handshake(_handshakeReadTimeout) > 0) - { - // Handshake complete. - break; - } - } - catch(TimeoutException) - { - // Do nothing. - } + if(handshake(_readTimeout) > 0) + { + return; // Handshake complete. + } + } + catch(const TimeoutException&) + { + // Fall through. } - if(retryCount >= _handshakeRetries) + if(_traceLevels->security >= IceSSL::SECURITY_WARNINGS) { - if(_traceLevels->security >= IceSSL::SECURITY_WARNINGS) - { - Trace out(_logger, _traceLevels->securityCat); - out << "Handshake retry maximum reached.\n" << toString(); - } + Trace out(_logger, _traceLevels->securityCat); + if(_readTimeout >= 0) + { + out << "Timeout occurred during SSL handshake.\n" << toString(); + } + else + { + out << "Failure occurred during SSL handshake.\n" << toString(); + } + } - close(); + close(); - // If the handshake fails, we consider the connection as refused. - ConnectionRefusedException ex(__FILE__, __LINE__); + if(_readTimeout >= 0) + { + throw ConnectTimeoutException(__FILE__, __LINE__); + } + else + { + ConnectionRefusedException ex(__FILE__, __LINE__); #ifdef _WIN32 - ex.error = WSAECONNREFUSED; + ex.error = WSAECONNREFUSED; #else - ex.error = ECONNREFUSED; + ex.error = ECONNREFUSED; #endif - throw ex; + throw ex; } } -void -IceSSL::SslTransceiver::setHandshakeReadTimeout(int timeout) -{ - _handshakeReadTimeout = timeout; -} - -void -IceSSL::SslTransceiver::setHandshakeRetries(int retries) -{ - _handshakeRetries = retries; -} - IceSSL::SslTransceiverPtr IceSSL::SslTransceiver::getTransceiver(SSL* sslPtr) { @@ -1057,8 +1047,10 @@ IceSSL::SslTransceiver::showClientCAList(BIO* bio, const char* connType) IceSSL::SslTransceiver::SslTransceiver(const OpenSSLPluginIPtr& plugin, SOCKET fd, const CertificateVerifierPtr& certificateVerifier, - SSL* sslConnection) : + SSL* sslConnection, + int timeout) : _sslConnection(sslConnection), + _readTimeout(timeout), _plugin(plugin), _traceLevels(plugin->getTraceLevels()), _logger(plugin->getLogger()), @@ -1081,9 +1073,6 @@ IceSSL::SslTransceiver::SslTransceiver(const OpenSSLPluginIPtr& plugin, _initWantRead = 0; _initWantWrite = 0; - _handshakeReadTimeout = 0; - _handshakeRetries = 0; - // Set up the SSL to be able to refer back to our connection object. addTransceiver(_sslConnection, this); } |