summaryrefslogtreecommitdiff
path: root/cpp/src/Ice/SUdpServerControlChannel.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'cpp/src/Ice/SUdpServerControlChannel.cpp')
-rw-r--r--cpp/src/Ice/SUdpServerControlChannel.cpp534
1 files changed, 267 insertions, 267 deletions
diff --git a/cpp/src/Ice/SUdpServerControlChannel.cpp b/cpp/src/Ice/SUdpServerControlChannel.cpp
index 55fd9d57f76..be2d5415e3b 100644
--- a/cpp/src/Ice/SUdpServerControlChannel.cpp
+++ b/cpp/src/Ice/SUdpServerControlChannel.cpp
@@ -1,267 +1,267 @@
-// **********************************************************************
-//
-// Copyright (c) 2002
-// MutableRealms, Inc.
-// Huntsville, AL, USA
-//
-// All Rights Reserved
-//
-// **********************************************************************
-
-#include <Ice/Security.h>
-#include <Ice/Buffer.h>
-#include <Ice/SUdpServerControlChannel.h>
-#include <Ice/SUdpClient.h>
-#include <Ice/Instance.h>
-#include <Ice/Communicator.h>
-#include <Ice/ObjectAdapter.h>
-#include <Ice/IdentityUtil.h>
-#include <Ice/SUdpTransceiver.h>
-#include <Ice/MessageAuthenticator.h>
-#include <Ice/Cryptor.h>
-#include <Ice/BasicStream.h>
-#include <Ice/TraceLevels.h>
-#include <Ice/Logger.h>
-#include <sstream>
-
-using namespace std;
-using namespace Ice;
-using namespace IceSecurity::SecureUdp;
-using IceInternal::Buffer;
-using IceInternal::BasicStream;
-
-void
-IceSecurity::SecureUdp::ServerControlChannel::clientHello(const ClientChannelPrx& client,
- const ByteSeq& MACkey,
- const Current&)
-{
- IceUtil::Mutex::Lock sync(_mutex);
-
- ICE_METHOD_INV("ServerControlChannel::clientHello()");
-
- Long clientID = getNewClientID();
-
- MessageAuthenticatorPtr messageAuthenticator = new MessageAuthenticator(MACkey);
-
- ICE_DEV_DEBUG("Creating new SUdpClient()");
-
- SUdpClientPtr sudpClient = new SUdpClient(clientID, client, messageAuthenticator);
-
- ICE_DEV_DEBUG("Creating new CryptKey()");
-
- assert(_cryptor);
-
- CryptKeyPtr cryptKey = _cryptor->getNewKey();
-
- ICE_DEV_DEBUG("Sending serverHello()");
-
- sudpClient->serverHello(cryptKey);
-
- ICE_DEV_DEBUG("adding new SUdpClient() to map.");
-
- newSUdpClient(sudpClient);
-
- ICE_METHOD_RET("ServerControlChannel::clientHello()");
-}
-
-void
-IceSecurity::SecureUdp::ServerControlChannel::clientKeyAcknowledge(Long clientID,
- Long msgID,
- const ByteSeq& key,
- const Current&)
-{
- IceUtil::Mutex::Lock sync(_mutex);
-
- ICE_METHOD_INV("ServerControlChannel::clientKeyAcknowledge()");
-
- SUdpClientPtr sudpClient = getSUdpClient(clientID);
-
- CryptKeyPtr cryptKey = _cryptor->getKey(key);
-
- sudpClient->setNewCryptKey(msgID, cryptKey);
-
- ICE_METHOD_RET("ServerControlChannel::clientKeyAcknowledge()");
-}
-
-void
-IceSecurity::SecureUdp::ServerControlChannel::clientKeyRequest(Long clientID, const Current&)
-{
- IceUtil::Mutex::Lock sync(_mutex);
-
- ICE_METHOD_INV("ServerControlChannel::clientKeyRequest()");
-
- SUdpClientPtr sudpClient = getSUdpClient(clientID);
-
- CryptKeyPtr cryptKey = _cryptor->getNewKey();
-
- sudpClient->serverKeyChange(cryptKey);
-
- ICE_METHOD_RET("ServerControlChannel::clientKeyRequest()");
-}
-
-void
-IceSecurity::SecureUdp::ServerControlChannel::clientGoodbye(Long clientID, const Current&)
-{
- IceUtil::Mutex::Lock sync(_mutex);
-
- ICE_METHOD_INV("ServerControlChannel::clientGoodbye()");
-
- deleteSUdpClient(clientID);
-
- ICE_METHOD_RET("ServerControlChannel::clientGoodbye()");
-}
-
-// IceSecurity::SecureUdp::ServerControlChannel::ServerControlChannel(const SUdpTransceiverPtr& transceiver,
-IceSecurity::SecureUdp::ServerControlChannel::ServerControlChannel(SUdpTransceiver* transceiver,
- const InstancePtr& instance,
- int port) :
- ControlChannel(transceiver, instance)
-{
- ICE_METHOD_INV("ServerControlChannel::ServerControlChannel()");
-
- _clientIDGenerator = 0L;
-
- // Create the Server Channel's name
- ostringstream objectName;
- objectName << "sudpServer" << dec << port;
-
- // This MUST be an SSL endpoint - secure handshake take place over this.
- ostringstream endpt;
- endpt << "ssl -p " << dec << port << " -h 127.0.0.1";
-
- // Create the ObjectAdapter's name
- ostringstream objectAdapterName;
- objectAdapterName << "sudpServerControl" << dec << port;
-
- Ice::CommunicatorPtr communicator = _instance->communicator();
-
- ICE_DEV_DEBUG("Creating ObjectAdapter.");
-
- // Create our ObjectAdapter
- _adapter = communicator->createObjectAdapterWithEndpoints(objectAdapterName.str(), endpt.str());
-
- ICE_DEV_DEBUG("ObjectAdapter created.");
-
- // The server control channel is the implemenation.
- ServerChannelPtr serverChannel = this;
-
- ICE_DEV_DEBUG("Adding serverChannel to ObjectAdapter.");
-
- _adapter->add(serverChannel, Ice::stringToIdentity(objectName.str()));
-
- ICE_DEV_DEBUG("Added serverChannel named: " + objectName.str());
-
- ICE_DEV_DEBUG("Activating ObjectAdapter.");
-
- // Okay, allow the object to begin accepting requests
- _adapter->activate();
-
- ICE_DEV_DEBUG("ObjectAdapter activated.");
-
- ICE_METHOD_RET("ServerControlChannel::ServerControlChannel()");
-}
-
-IceSecurity::SecureUdp::ServerControlChannel::~ServerControlChannel()
-{
- // Make it impossible for the control channel to access the Transceiver
- // after transceiver destruction.
- unsetTransceiver();
-}
-
-void
-IceSecurity::SecureUdp::ServerControlChannel::decryptPacket(Buffer& encryptedPacket, Buffer& decryptedPacket)
-{
- IceUtil::Mutex::Lock sync(_mutex);
-
- // Header information at the beginning of the packet.
- Byte version;
- Long clientID;
- Long msgID;
- Long length;
-
- // The encrypted message, final portion of the packet.
- ByteSeq encryptedMessage;
-
-
- // 1. Break apart header and encrypted Message
- BasicStream sudpPacket(0);
- sudpPacket.read(version);
- sudpPacket.read(clientID);
- sudpPacket.read(msgID);
- sudpPacket.read(length);
- sudpPacket.read(encryptedMessage);
-
- // TODO: Perform version check here.
-
- // Check to make sure the encrypted message is the correct length
- Long messageLength = encryptedMessage.end() - encryptedMessage.begin();
- if (messageLength != length)
- {
- // TODO: Bad scene, this message is not the right length!
- }
-
-
- // 2. Decrypt the Encrypted message
- ByteSeq signedMessage;
- SUdpClientPtr sudpClient = getSUdpClient(clientID);
- CryptKeyPtr cryptKey = sudpClient->getCryptKey(msgID);
- _cryptor->decrypt(cryptKey, encryptedMessage, signedMessage);
-
-
- // 3. Split out the message and MAC code from the signedMessage
- // Note: We're reusing the messageLength variable here.
- BasicStream signedMessageStream(0);
- ByteSeq messageAndMAC;
- signedMessageStream.write(signedMessage);
- signedMessageStream.read(messageLength);
- signedMessageStream.read(messageAndMAC);
- ByteSeq::iterator current = messageAndMAC.begin();
- ByteSeq::iterator macPos = current + messageLength;
- ByteSeq::iterator end = messageAndMAC.end();
- ByteSeq message(current, macPos);
- ByteSeq macCode(macPos, end);
-
-
- // 4. Compute MAC and compare
- MessageAuthenticatorPtr messageAuthenticator = sudpClient->getMessageAuthenticator();
- if (messageAuthenticator->authenticate(message, macCode))
- {
- // TODO: Bad scene, the MAC codes don't match, this message is invalid!
- }
-
- decryptedPacket.b = message;
-}
-
-Long
-IceSecurity::SecureUdp::ServerControlChannel::getNewClientID()
-{
- IceUtil::Mutex::Lock sync(_clientIDMutex);
- return ++_clientIDGenerator;
-}
-
-SUdpClientPtr&
-IceSecurity::SecureUdp::ServerControlChannel::getSUdpClient(Long clientID)
-{
- IceUtil::Mutex::Lock sync(_clientMapMutex);
-
- return _clientMap[clientID];
-}
-
-void
-IceSecurity::SecureUdp::ServerControlChannel::newSUdpClient(const SUdpClientPtr& sudpClient)
-{
- IceUtil::Mutex::Lock sync(_clientMapMutex);
-
- pair<Long, SUdpClientPtr> clientPair(sudpClient->getClientID(), sudpClient);
-
- _clientMap.insert(clientPair);
-}
-
-void
-IceSecurity::SecureUdp::ServerControlChannel::deleteSUdpClient(Long clientID)
-{
- IceUtil::Mutex::Lock sync(_clientMapMutex);
-
- _clientMap.erase(clientID);
-}
-
+// **********************************************************************
+//
+// Copyright (c) 2002
+// MutableRealms, Inc.
+// Huntsville, AL, USA
+//
+// All Rights Reserved
+//
+// **********************************************************************
+
+#include <Ice/Security.h>
+#include <Ice/Buffer.h>
+#include <Ice/SUdpServerControlChannel.h>
+#include <Ice/SUdpClient.h>
+#include <Ice/Instance.h>
+#include <Ice/Communicator.h>
+#include <Ice/ObjectAdapter.h>
+#include <Ice/IdentityUtil.h>
+#include <Ice/SUdpTransceiver.h>
+#include <Ice/MessageAuthenticator.h>
+#include <Ice/Cryptor.h>
+#include <Ice/BasicStream.h>
+#include <Ice/TraceLevels.h>
+#include <Ice/Logger.h>
+#include <sstream>
+
+using namespace std;
+using namespace Ice;
+using namespace IceSecurity::SecureUdp;
+using IceInternal::Buffer;
+using IceInternal::BasicStream;
+
+void
+IceSecurity::SecureUdp::ServerControlChannel::clientHello(const ClientChannelPrx& client,
+ const ByteSeq& MACkey,
+ const Current&)
+{
+ IceUtil::Mutex::Lock sync(_mutex);
+
+ ICE_METHOD_INV("ServerControlChannel::clientHello()");
+
+ Long clientID = getNewClientID();
+
+ MessageAuthenticatorPtr messageAuthenticator = new MessageAuthenticator(MACkey);
+
+ ICE_DEV_DEBUG("Creating new SUdpClient()");
+
+ SUdpClientPtr sudpClient = new SUdpClient(clientID, client, messageAuthenticator);
+
+ ICE_DEV_DEBUG("Creating new CryptKey()");
+
+ assert(_cryptor);
+
+ CryptKeyPtr cryptKey = _cryptor->getNewKey();
+
+ ICE_DEV_DEBUG("Sending serverHello()");
+
+ sudpClient->serverHello(cryptKey);
+
+ ICE_DEV_DEBUG("adding new SUdpClient() to map.");
+
+ newSUdpClient(sudpClient);
+
+ ICE_METHOD_RET("ServerControlChannel::clientHello()");
+}
+
+void
+IceSecurity::SecureUdp::ServerControlChannel::clientKeyAcknowledge(Long clientID,
+ Long msgID,
+ const ByteSeq& key,
+ const Current&)
+{
+ IceUtil::Mutex::Lock sync(_mutex);
+
+ ICE_METHOD_INV("ServerControlChannel::clientKeyAcknowledge()");
+
+ SUdpClientPtr sudpClient = getSUdpClient(clientID);
+
+ CryptKeyPtr cryptKey = _cryptor->getKey(key);
+
+ sudpClient->setNewCryptKey(msgID, cryptKey);
+
+ ICE_METHOD_RET("ServerControlChannel::clientKeyAcknowledge()");
+}
+
+void
+IceSecurity::SecureUdp::ServerControlChannel::clientKeyRequest(Long clientID, const Current&)
+{
+ IceUtil::Mutex::Lock sync(_mutex);
+
+ ICE_METHOD_INV("ServerControlChannel::clientKeyRequest()");
+
+ SUdpClientPtr sudpClient = getSUdpClient(clientID);
+
+ CryptKeyPtr cryptKey = _cryptor->getNewKey();
+
+ sudpClient->serverKeyChange(cryptKey);
+
+ ICE_METHOD_RET("ServerControlChannel::clientKeyRequest()");
+}
+
+void
+IceSecurity::SecureUdp::ServerControlChannel::clientGoodbye(Long clientID, const Current&)
+{
+ IceUtil::Mutex::Lock sync(_mutex);
+
+ ICE_METHOD_INV("ServerControlChannel::clientGoodbye()");
+
+ deleteSUdpClient(clientID);
+
+ ICE_METHOD_RET("ServerControlChannel::clientGoodbye()");
+}
+
+// IceSecurity::SecureUdp::ServerControlChannel::ServerControlChannel(const SUdpTransceiverPtr& transceiver,
+IceSecurity::SecureUdp::ServerControlChannel::ServerControlChannel(SUdpTransceiver* transceiver,
+ const InstancePtr& instance,
+ int port) :
+ ControlChannel(transceiver, instance)
+{
+ ICE_METHOD_INV("ServerControlChannel::ServerControlChannel()");
+
+ _clientIDGenerator = 0L;
+
+ // Create the Server Channel's name
+ ostringstream objectName;
+ objectName << "sudpServer" << dec << port;
+
+ // This MUST be an SSL endpoint - secure handshake take place over this.
+ ostringstream endpt;
+ endpt << "ssl -p " << dec << port << " -h 127.0.0.1";
+
+ // Create the ObjectAdapter's name
+ ostringstream objectAdapterName;
+ objectAdapterName << "sudpServerControl" << dec << port;
+
+ Ice::CommunicatorPtr communicator = _instance->communicator();
+
+ ICE_DEV_DEBUG("Creating ObjectAdapter.");
+
+ // Create our ObjectAdapter
+ _adapter = communicator->createObjectAdapterWithEndpoints(objectAdapterName.str(), endpt.str());
+
+ ICE_DEV_DEBUG("ObjectAdapter created.");
+
+ // The server control channel is the implemenation.
+ ServerChannelPtr serverChannel = this;
+
+ ICE_DEV_DEBUG("Adding serverChannel to ObjectAdapter.");
+
+ _adapter->add(serverChannel, Ice::stringToIdentity(objectName.str()));
+
+ ICE_DEV_DEBUG("Added serverChannel named: " + objectName.str());
+
+ ICE_DEV_DEBUG("Activating ObjectAdapter.");
+
+ // Okay, allow the object to begin accepting requests
+ _adapter->activate();
+
+ ICE_DEV_DEBUG("ObjectAdapter activated.");
+
+ ICE_METHOD_RET("ServerControlChannel::ServerControlChannel()");
+}
+
+IceSecurity::SecureUdp::ServerControlChannel::~ServerControlChannel()
+{
+ // Make it impossible for the control channel to access the Transceiver
+ // after transceiver destruction.
+ unsetTransceiver();
+}
+
+void
+IceSecurity::SecureUdp::ServerControlChannel::decryptPacket(Buffer& encryptedPacket, Buffer& decryptedPacket)
+{
+ IceUtil::Mutex::Lock sync(_mutex);
+
+ // Header information at the beginning of the packet.
+ Byte version;
+ Long clientID;
+ Long msgID;
+ Long length;
+
+ // The encrypted message, final portion of the packet.
+ ByteSeq encryptedMessage;
+
+
+ // 1. Break apart header and encrypted Message
+ BasicStream sudpPacket(0);
+ sudpPacket.read(version);
+ sudpPacket.read(clientID);
+ sudpPacket.read(msgID);
+ sudpPacket.read(length);
+ sudpPacket.read(encryptedMessage);
+
+ // TODO: Perform version check here.
+
+ // Check to make sure the encrypted message is the correct length
+ Long messageLength = encryptedMessage.end() - encryptedMessage.begin();
+ if (messageLength != length)
+ {
+ // TODO: Bad scene, this message is not the right length!
+ }
+
+
+ // 2. Decrypt the Encrypted message
+ ByteSeq signedMessage;
+ SUdpClientPtr sudpClient = getSUdpClient(clientID);
+ CryptKeyPtr cryptKey = sudpClient->getCryptKey(msgID);
+ _cryptor->decrypt(cryptKey, encryptedMessage, signedMessage);
+
+
+ // 3. Split out the message and MAC code from the signedMessage
+ // Note: We're reusing the messageLength variable here.
+ BasicStream signedMessageStream(0);
+ ByteSeq messageAndMAC;
+ signedMessageStream.write(signedMessage);
+ signedMessageStream.read(messageLength);
+ signedMessageStream.read(messageAndMAC);
+ ByteSeq::iterator current = messageAndMAC.begin();
+ ByteSeq::iterator macPos = current + messageLength;
+ ByteSeq::iterator end = messageAndMAC.end();
+ ByteSeq message(current, macPos);
+ ByteSeq macCode(macPos, end);
+
+
+ // 4. Compute MAC and compare
+ MessageAuthenticatorPtr messageAuthenticator = sudpClient->getMessageAuthenticator();
+ if (messageAuthenticator->authenticate(message, macCode))
+ {
+ // TODO: Bad scene, the MAC codes don't match, this message is invalid!
+ }
+
+ decryptedPacket.b = message;
+}
+
+Long
+IceSecurity::SecureUdp::ServerControlChannel::getNewClientID()
+{
+ IceUtil::Mutex::Lock sync(_clientIDMutex);
+ return ++_clientIDGenerator;
+}
+
+SUdpClientPtr&
+IceSecurity::SecureUdp::ServerControlChannel::getSUdpClient(Long clientID)
+{
+ IceUtil::Mutex::Lock sync(_clientMapMutex);
+
+ return _clientMap[clientID];
+}
+
+void
+IceSecurity::SecureUdp::ServerControlChannel::newSUdpClient(const SUdpClientPtr& sudpClient)
+{
+ IceUtil::Mutex::Lock sync(_clientMapMutex);
+
+ pair<Long, SUdpClientPtr> clientPair(sudpClient->getClientID(), sudpClient);
+
+ _clientMap.insert(clientPair);
+}
+
+void
+IceSecurity::SecureUdp::ServerControlChannel::deleteSUdpClient(Long clientID)
+{
+ IceUtil::Mutex::Lock sync(_clientMapMutex);
+
+ _clientMap.erase(clientID);
+}
+
generated by cgit v1.2.3 (git 2.46.0) at 2025-08-04 00:01:42 +0000