fixes

author: Marc Laukien <marc@zeroc.com> 2002-03-09 16:47:17 +0000
committer: Marc Laukien <marc@zeroc.com> 2002-03-09 16:47:17 +0000
commit: d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b (patch)
tree: a18d4d49d8336adb8ea935c8c8b8a2eda202c690 /cpp
parent: fixes (diff)
download: ice-d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b.tar.bz2
ice-d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b.tar.xz
ice-d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b.zip
3 files changed, 27 insertions, 18 deletions
diff --git a/cpp/src/Glacier/GlacierI.cpp b/cpp/src/Glacier/GlacierI.cpp
index d70be2d3dd6..2ef6cdd84ce 100644
--- a/cpp/src/Glacier/GlacierI.cpp
+++ b/cpp/src/Glacier/GlacierI.cpp
@@ -9,10 +9,9 @@
 // **********************************************************************
 
 #include <IceUtil/UUID.h>
+#include <Ice/SslRSAKeyPair.h>
 #include <Glacier/GlacierI.h>
 #include <fcntl.h>
-#include <Ice/SslRSAKeyPair.h>
-//#include <sys/wait.h>
 
 #ifdef WIN32
 #   error Sorry, the glacier starter is not yet supported on WIN32.
@@ -33,6 +32,10 @@ Glacier::StarterI::StarterI(const CommunicatorPtr& communicator) :
     _traceLevel = atoi(_properties->getProperty("Glacier.Trace.Starter").c_str());
 
     // Set up the Certificate Generation context
+    // TODO: Why do we need these from properties? Isn't the value of
+    // all these properties completely irrelevant, as this is for
+    // temporary certificate? If so, why not just supply some dummy
+    // values, and get rid of all these properties?
     _certContext.setCountry(_properties->getProperty("Glacier.Starter.Certificate.Country"));
     _certContext.setStateProvince(_properties->getProperty("Glacier.Starter.Certificate.StateProvince"));
     _certContext.setLocality(_properties->getProperty("Glacier.Starter.Certificate.Locality"));
@@ -56,7 +59,8 @@ Glacier::StarterI::destroy()
 }
 
 RouterPrx
-Glacier::StarterI::startRouter(const string& userId, const string& password, ByteSeq& privateKey, ByteSeq& publicKey, ByteSeq& routerCert, const Current&)
+Glacier::StarterI::startRouter(const string& userId, const string& password, ByteSeq& privateKey, ByteSeq& publicKey,
+			       ByteSeq& routerCert, const Current&)
 {
     assert(_communicator); // Destroyed?
 
@@ -149,6 +153,11 @@ Glacier::StarterI::startRouter(const string& userId, const string& password, Byt
 	//
 	StringSeq args = _properties->getCommandLineOptions();
 	args.push_back("--Glacier.Router.Identity=" + uuid);
+	//
+	// TODO: Potential security risk, command line parameters can
+	// be seen with `ps'. Keys and certificate should rather be
+	// passed through a pipe? (ML will take care of this...)
+	//
         args.push_back("--Ice.Security.Ssl.Overrides.Server.RSA.PrivateKey=" + routerPrivateKeyBase64);
         args.push_back("--Ice.Security.Ssl.Overrides.Server.RSA.Certificate=" + routerCertificateBase64);
         args.push_back("--Ice.Security.Ssl.Overrides.Client.RSA.PrivateKey=" + routerPrivateKeyBase64);
diff --git a/cpp/test/Glacier/starter/CertVerifier.cpp b/cpp/test/Glacier/starter/CertVerifier.cpp
index 22e6f2de4a2..13f143352c0 100644
--- a/cpp/test/Glacier/starter/CertVerifier.cpp
+++ b/cpp/test/Glacier/starter/CertVerifier.cpp
@@ -16,7 +16,7 @@
 using namespace std;
 
 CertVerifier::CertVerifier(const ByteSeq& publicKey) :
-             _publicKey(publicKey)
+    _publicKey(publicKey)
 {
 }
 
@@ -97,17 +97,17 @@ CertVerifier::verify(int preVerifyOkay, X509_STORE_CTX* x509StoreContext, SSL* s
 ByteSeq
 CertVerifier::toByteSeq(X509* certificate)
 {
-    ByteSeq certByteSeq;
-
-    // Convert the X509 to a unsigned char buffer.
-    unsigned int certSize = i2d_X509(certificate, 0);
-    unsigned char* certBuffer = new unsigned char[certSize];
-    unsigned char* certPtr = certBuffer;
-    i2d_X509(certificate, &certPtr);
-
-    // Yet another conversion to a ByteSeq (easy comparison this way).
-    copy(certBuffer, (certBuffer + certSize), back_inserter(certByteSeq));
-    delete []certBuffer;
+    ByteSeq certByteSeq;
+
+    // Convert the X509 to a unsigned char buffer.
+    unsigned int certSize = i2d_X509(certificate, 0);
+    unsigned char* certBuffer = new unsigned char[certSize];
+    unsigned char* certPtr = certBuffer;
+    i2d_X509(certificate, &certPtr);
+
+    // Yet another conversion to a ByteSeq (easy comparison this way).
+    copy(certBuffer, (certBuffer + certSize), back_inserter(certByteSeq));
+    delete []certBuffer;
 
     return certByteSeq;
 }
diff --git a/cpp/test/Glacier/starter/run.py b/cpp/test/Glacier/starter/run.py
index 7b8eb8a6908..2f29c4aea95 100755
--- a/cpp/test/Glacier/starter/run.py
+++ b/cpp/test/Glacier/starter/run.py
@@ -56,8 +56,8 @@ print "ok"
 name = os.path.join("Glacier", "starter")
 TestUtil.clientServerTest(toplevel, name)
 
-# print "shutting down glacier starter...",
-# TestUtil.killServers() # TODO: Graceful shutdown
-# print "ok"
+print "shutting down glacier starter...",
+TestUtil.killServers() # TODO: Graceful shutdown
+print "ok"
 
 sys.exit(0)
author	Marc Laukien <marc@zeroc.com>	2002-03-09 16:47:17 +0000
committer	Marc Laukien <marc@zeroc.com>	2002-03-09 16:47:17 +0000
commit	d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b (patch)
tree	a18d4d49d8336adb8ea935c8c8b8a2eda202c690 /cpp
parent	fixes (diff)
download	ice-d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b.tar.bz2 ice-d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b.tar.xz ice-d87d8257eb8eeffc47a8be67f7bfc8e3ae3ff29b.zip