summaryrefslogtreecommitdiff
path: root/cpp/src
diff options
context:
space:
mode:
authorBenoit Foucher <benoit@zeroc.com>2008-01-07 10:30:13 +0100
committerBenoit Foucher <benoit@zeroc.com>2008-01-07 10:30:13 +0100
commitd9ce265d9766f0d48c6a6c10491be1f782424a2c (patch)
tree62df7123b09ccbcc617c6024c4b30e1bec45f16b /cpp/src
parentFixed IceBox/configuration test failure when run with --protocol=ssl (diff)
downloadice-d9ce265d9766f0d48c6a6c10491be1f782424a2c.tar.bz2
ice-d9ce265d9766f0d48c6a6c10491be1f782424a2c.tar.xz
ice-d9ce265d9766f0d48c6a6c10491be1f782424a2c.zip
Fixed bug 2304
Diffstat (limited to 'cpp/src')
-rw-r--r--cpp/src/Ice/TcpConnector.cpp28
-rw-r--r--cpp/src/Ice/TcpTransceiver.cpp19
-rw-r--r--cpp/src/IceSSL/ConnectorI.cpp64
-rw-r--r--cpp/src/IceSSL/TransceiverI.cpp200
4 files changed, 180 insertions, 131 deletions
diff --git a/cpp/src/Ice/TcpConnector.cpp b/cpp/src/Ice/TcpConnector.cpp
index eadb705f8e8..956907ad2c6 100644
--- a/cpp/src/Ice/TcpConnector.cpp
+++ b/cpp/src/Ice/TcpConnector.cpp
@@ -29,19 +29,31 @@ IceInternal::TcpConnector::connect(int timeout)
out << "trying to establish tcp connection to " << toString();
}
- SOCKET fd = createSocket(false, _addr.ss_family);
- setBlock(fd, false);
- setTcpBufSize(fd, _instance->initializationData().properties, _logger);
- bool connected = doConnect(fd, _addr, timeout);
- if(connected)
+ try
{
- if(_traceLevels->network >= 1)
+ SOCKET fd = createSocket(false, _addr.ss_family);
+ setBlock(fd, false);
+ setTcpBufSize(fd, _instance->initializationData().properties, _logger);
+ bool connected = doConnect(fd, _addr, timeout);
+ if(connected)
+ {
+ if(_traceLevels->network >= 1)
+ {
+ Trace out(_logger, _traceLevels->networkCat);
+ out << "tcp connection established\n" << fdToString(fd);
+ }
+ }
+ return new TcpTransceiver(_instance, fd, connected);
+ }
+ catch(const Ice::LocalException& ex)
+ {
+ if(_traceLevels->network >= 2)
{
Trace out(_logger, _traceLevels->networkCat);
- out << "tcp connection established\n" << fdToString(fd);
+ out << "failed to establish tcp connection to " << toString() << "\n" << ex;
}
+ throw;
}
- return new TcpTransceiver(_instance, fd, connected);
}
Short
diff --git a/cpp/src/Ice/TcpTransceiver.cpp b/cpp/src/Ice/TcpTransceiver.cpp
index 09f54e846fa..e7f0ee4acab 100644
--- a/cpp/src/Ice/TcpTransceiver.cpp
+++ b/cpp/src/Ice/TcpTransceiver.cpp
@@ -372,9 +372,22 @@ IceInternal::TcpTransceiver::initialize(int timeout)
}
else if(_state <= StateConnectPending)
{
- doFinishConnect(_fd, timeout);
- _state = StateConnected;
- _desc = fdToString(_fd);
+ try
+ {
+ doFinishConnect(_fd, timeout);
+ _state = StateConnected;
+ _desc = fdToString(_fd);
+ }
+ catch(const Ice::LocalException& ex)
+ {
+ if(_traceLevels->network >= 2)
+ {
+ Trace out(_logger, _traceLevels->networkCat);
+ out << "failed to establish tcp connection\n" << _desc << "\n" << ex;
+ }
+ throw;
+ }
+
if(_traceLevels->network >= 1)
{
Trace out(_logger, _traceLevels->networkCat);
diff --git a/cpp/src/IceSSL/ConnectorI.cpp b/cpp/src/IceSSL/ConnectorI.cpp
index 31f2c176e15..b66c005dc09 100644
--- a/cpp/src/IceSSL/ConnectorI.cpp
+++ b/cpp/src/IceSSL/ConnectorI.cpp
@@ -40,36 +40,48 @@ IceSSL::ConnectorI::connect(int timeout)
out << "trying to establish ssl connection to " << toString();
}
- SOCKET fd = IceInternal::createSocket(false, _addr.ss_family);
- IceInternal::setBlock(fd, false);
- IceInternal::setTcpBufSize(fd, _instance->communicator()->getProperties(), _logger);
- bool connected = IceInternal::doConnect(fd, _addr, timeout);
-
- // This static_cast is necessary due to 64bit windows. There SOCKET is a non-int type.
- BIO* bio = BIO_new_socket(static_cast<int>(fd), BIO_CLOSE);
- if(!bio)
+ try
{
- IceInternal::closeSocketNoThrow(fd);
- SecurityException ex(__FILE__, __LINE__);
- ex.reason = "openssl failure";
- throw ex;
+ SOCKET fd = IceInternal::createSocket(false, _addr.ss_family);
+ IceInternal::setBlock(fd, false);
+ IceInternal::setTcpBufSize(fd, _instance->communicator()->getProperties(), _logger);
+ bool connected = IceInternal::doConnect(fd, _addr, timeout);
+
+ // This static_cast is necessary due to 64bit windows. There SOCKET is a non-int type.
+ BIO* bio = BIO_new_socket(static_cast<int>(fd), BIO_CLOSE);
+ if(!bio)
+ {
+ IceInternal::closeSocketNoThrow(fd);
+ SecurityException ex(__FILE__, __LINE__);
+ ex.reason = "openssl failure";
+ throw ex;
+ }
+
+ SSL* ssl = SSL_new(_instance->context());
+ if(!ssl)
+ {
+ BIO_free(bio); // Also closes the socket.
+ SecurityException ex(__FILE__, __LINE__);
+ ex.reason = "openssl failure";
+ throw ex;
+ }
+ SSL_set_bio(ssl, bio, bio);
+
+ //
+ // SSL handshaking is performed in TransceiverI::initialize, since
+ // connect must not block.
+ //
+ return new TransceiverI(_instance, ssl, fd, connected, false);
}
-
- SSL* ssl = SSL_new(_instance->context());
- if(!ssl)
+ catch(const Ice::LocalException& ex)
{
- BIO_free(bio); // Also closes the socket.
- SecurityException ex(__FILE__, __LINE__);
- ex.reason = "openssl failure";
- throw ex;
+ if(_instance->networkTraceLevel() >= 2)
+ {
+ Trace out(_logger, _instance->networkTraceCategory());
+ out << "failed to establish ssl connection to " << toString() << "\n" << ex;
+ }
+ throw;
}
- SSL_set_bio(ssl, bio, bio);
-
- //
- // SSL handshaking is performed in TransceiverI::initialize, since
- // connect must not block.
- //
- return new TransceiverI(_instance, ssl, fd, connected, false);
}
Short
diff --git a/cpp/src/IceSSL/TransceiverI.cpp b/cpp/src/IceSSL/TransceiverI.cpp
index 9b4fdb7f726..6a03d3f3975 100644
--- a/cpp/src/IceSSL/TransceiverI.cpp
+++ b/cpp/src/IceSSL/TransceiverI.cpp
@@ -420,145 +420,157 @@ IceSSL::TransceiverI::toString() const
IceInternal::SocketStatus
IceSSL::TransceiverI::initialize(int timeout)
{
- if(_state == StateNeedConnect && timeout == 0)
+ try
{
- _state = StateConnectPending;
- return IceInternal::NeedConnect;
- }
- else if(_state <= StateConnectPending)
- {
- IceInternal::doFinishConnect(_fd, timeout);
- _state = StateConnected;
- _desc = IceInternal::fdToString(_fd);
- }
- assert(_state == StateConnected);
-
- do
- {
- //
- // Only one thread calls initialize(), so synchronization is not necessary here.
- //
- int ret = _incoming ? SSL_accept(_ssl) : SSL_connect(_ssl);
- switch(SSL_get_error(_ssl, ret))
+ if(_state == StateNeedConnect && timeout == 0)
{
- case SSL_ERROR_NONE:
- assert(SSL_is_init_finished(_ssl));
- break;
- case SSL_ERROR_ZERO_RETURN:
+ _state = StateConnectPending;
+ return IceInternal::NeedConnect;
+ }
+ else if(_state <= StateConnectPending)
{
- ConnectionLostException ex(__FILE__, __LINE__);
- ex.error = IceInternal::getSocketErrno();
- throw ex;
+ IceInternal::doFinishConnect(_fd, timeout);
+ _state = StateConnected;
+ _desc = IceInternal::fdToString(_fd);
}
- case SSL_ERROR_WANT_READ:
+ assert(_state == StateConnected);
+
+ do
{
- if(timeout == 0)
+ //
+ // Only one thread calls initialize(), so synchronization is not necessary here.
+ //
+ int ret = _incoming ? SSL_accept(_ssl) : SSL_connect(_ssl);
+ switch(SSL_get_error(_ssl, ret))
{
- return IceInternal::NeedRead;
- }
- if(!selectRead(_fd, timeout))
+ case SSL_ERROR_NONE:
+ assert(SSL_is_init_finished(_ssl));
+ break;
+ case SSL_ERROR_ZERO_RETURN:
{
- throw ConnectTimeoutException(__FILE__, __LINE__);
+ ConnectionLostException ex(__FILE__, __LINE__);
+ ex.error = IceInternal::getSocketErrno();
+ throw ex;
}
- break;
- }
- case SSL_ERROR_WANT_WRITE:
- {
- if(timeout == 0)
+ case SSL_ERROR_WANT_READ:
{
- return IceInternal::NeedWrite;
+ if(timeout == 0)
+ {
+ return IceInternal::NeedRead;
+ }
+ if(!selectRead(_fd, timeout))
+ {
+ throw ConnectTimeoutException(__FILE__, __LINE__);
+ }
+ break;
}
- if(!selectWrite(_fd, timeout))
+ case SSL_ERROR_WANT_WRITE:
{
- throw ConnectTimeoutException(__FILE__, __LINE__);
+ if(timeout == 0)
+ {
+ return IceInternal::NeedWrite;
+ }
+ if(!selectWrite(_fd, timeout))
+ {
+ throw ConnectTimeoutException(__FILE__, __LINE__);
+ }
+ break;
}
- break;
- }
- case SSL_ERROR_SYSCALL:
- {
- if(ret == -1)
+ case SSL_ERROR_SYSCALL:
{
- if(IceInternal::interrupted())
+ if(ret == -1)
{
- break;
- }
+ if(IceInternal::interrupted())
+ {
+ break;
+ }
- if(IceInternal::wouldBlock())
- {
- if(SSL_want_read(_ssl))
+ if(IceInternal::wouldBlock())
{
- if(timeout == 0)
+ if(SSL_want_read(_ssl))
{
- return IceInternal::NeedRead;
+ if(timeout == 0)
+ {
+ return IceInternal::NeedRead;
+ }
+ if(!selectRead(_fd, timeout))
+ {
+ throw ConnectTimeoutException(__FILE__, __LINE__);
+ }
}
- if(!selectRead(_fd, timeout))
+ else if(SSL_want_write(_ssl))
{
- throw ConnectTimeoutException(__FILE__, __LINE__);
+ if(timeout == 0)
+ {
+ return IceInternal::NeedWrite;
+ }
+ if(!selectWrite(_fd, timeout))
+ {
+ throw ConnectTimeoutException(__FILE__, __LINE__);
+ }
}
+
+ break;
}
- else if(SSL_want_write(_ssl))
+
+ if(IceInternal::connectionLost())
{
- if(timeout == 0)
- {
- return IceInternal::NeedWrite;
- }
- if(!selectWrite(_fd, timeout))
- {
- throw ConnectTimeoutException(__FILE__, __LINE__);
- }
+ ConnectionLostException ex(__FILE__, __LINE__);
+ ex.error = IceInternal::getSocketErrno();
+ throw ex;
}
-
- break;
}
-
- if(IceInternal::connectionLost())
+
+ if(ret == 0)
{
ConnectionLostException ex(__FILE__, __LINE__);
- ex.error = IceInternal::getSocketErrno();
+ ex.error = 0;
throw ex;
}
- }
- if(ret == 0)
- {
- ConnectionLostException ex(__FILE__, __LINE__);
- ex.error = 0;
+ SocketException ex(__FILE__, __LINE__);
+ ex.error = IceInternal::getSocketErrno();
throw ex;
}
-
- SocketException ex(__FILE__, __LINE__);
- ex.error = IceInternal::getSocketErrno();
- throw ex;
- }
- case SSL_ERROR_SSL:
- {
- struct sockaddr_storage remoteAddr;
- string desc;
- if(IceInternal::fdToRemoteAddress(_fd, remoteAddr))
+ case SSL_ERROR_SSL:
{
- desc = IceInternal::addrToString(remoteAddr);
+ struct sockaddr_storage remoteAddr;
+ string desc;
+ if(IceInternal::fdToRemoteAddress(_fd, remoteAddr))
+ {
+ desc = IceInternal::addrToString(remoteAddr);
+ }
+ ProtocolException ex(__FILE__, __LINE__);
+ ex.reason = "SSL error occurred for new incoming connection:\nremote address = " + desc + "\n" +
+ _instance->sslErrors();
+ throw ex;
+ }
}
- ProtocolException ex(__FILE__, __LINE__);
- ex.reason = "SSL error occurred for new incoming connection:\nremote address = " + desc + "\n" +
- _instance->sslErrors();
- throw ex;
}
+ while(!SSL_is_init_finished(_ssl));
+
+ _instance->verifyPeer(_ssl, _fd, "", _adapterName, _incoming);
+ }
+ catch(const Ice::LocalException& ex)
+ {
+ if(_instance->networkTraceLevel() >= 2)
+ {
+ Trace out(_logger, _instance->networkTraceCategory());
+ out << "failed to establish ssl connection\n" << _desc << "\n" << ex;
}
+ throw;
}
- while(!SSL_is_init_finished(_ssl));
-
- _instance->verifyPeer(_ssl, _fd, "", _adapterName, _incoming);
if(_instance->networkTraceLevel() >= 1)
{
Trace out(_logger, _instance->networkTraceCategory());
if(_incoming)
{
- out << "accepted ssl connection\n" << IceInternal::fdToString(_fd);
+ out << "accepted ssl connection\n" << _desc;
}
else
{
- out << "ssl connection established\n" << IceInternal::fdToString(_fd);
+ out << "ssl connection established\n" << _desc;
}
}
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-03 18:05:22 +0000