diff options
Diffstat (limited to 'cpp/src/IceSSL/PluginI.cpp')
| -rw-r--r-- | cpp/src/IceSSL/PluginI.cpp | 183 |
1 files changed, 0 insertions, 183 deletions
diff --git a/cpp/src/IceSSL/PluginI.cpp b/cpp/src/IceSSL/PluginI.cpp index 25be708e998..005862c605e 100644 --- a/cpp/src/IceSSL/PluginI.cpp +++ b/cpp/src/IceSSL/PluginI.cpp @@ -10,25 +10,10 @@ #include <IceSSL/PluginI.h> #include <IceSSL/Instance.h> #include <IceSSL/TransceiverI.h> -#include <IceSSL/Util.h> -#include <Ice/BuiltinSequences.h> -#include <Ice/Communicator.h> #include <Ice/LocalException.h> -#include <Ice/Logger.h> -#include <Ice/Properties.h> - -#include <IceUtil/StaticMutex.h> -#include <IceUtil/StringUtil.h> - #include <Ice/ConnectionI.h> // For implementation of getConnectionInfo. -#include <openssl/crypto.h> -#include <openssl/err.h> -#include <openssl/evp.h> -#include <openssl/rand.h> -#include <openssl/ssl.h> - using namespace std; using namespace Ice; using namespace IceSSL; @@ -48,61 +33,11 @@ createIceSSL(const CommunicatorPtr& communicator, const string& name, const Stri } -static IceUtil::StaticMutex staticMutex = ICE_STATIC_MUTEX_INITIALIZER; -static int instanceCount = 0; -static IceUtil::Mutex* locks = 0; - -extern "C" -{ - -// -// OpenSSL mutex callback. -// -void -IceSSL_opensslLockCallback(int mode, int n, const char* file, int line) -{ - if(mode & CRYPTO_LOCK) - { - locks[n].lock(); - } - else - { - locks[n].unlock(); - } -} - -// -// OpenSSL thread id callback. -// -unsigned long -IceSSL_opensslThreadIdCallback() -{ -#if defined(_WIN32) - return static_cast<unsigned long>(GetCurrentThreadId()); -#elif defined(__FreeBSD__) || defined(__APPLE__) || defined(__osf1__) - // - // On some platforms, pthread_t is a pointer to a per-thread structure. - // - return reinterpret_cast<unsigned long>(pthread_self()); -#elif (defined(__linux) || defined(__sun) || defined(__hpux)) || defined(_AIX) - // - // On Linux, Solaris, HP-UX and AIX, pthread_t is an integer. - // - return static_cast<unsigned long>(pthread_self()); -#else -# error "Unknown platform" -#endif -} - -} - // // Plugin implementation. // IceSSL::PluginI::PluginI(const Ice::CommunicatorPtr& communicator) { - setupSSL(communicator); - _instance = new Instance(communicator); } @@ -117,8 +52,6 @@ IceSSL::PluginI::destroy() { _instance->destroy(); _instance = 0; - - cleanupSSL(); } void @@ -145,122 +78,6 @@ IceSSL::PluginI::setPasswordPrompt(const PasswordPromptPtr& prompt) _instance->setPasswordPrompt(prompt); } -void -IceSSL::PluginI::setupSSL(const CommunicatorPtr& communicator) -{ - // - // Initialize OpenSSL. - // - IceUtil::StaticMutex::Lock sync(staticMutex); - instanceCount++; - - if(instanceCount == 1) - { - PropertiesPtr properties = communicator->getProperties(); - - // - // Create the mutexes and set the callbacks. - // - locks = new IceUtil::Mutex[CRYPTO_num_locks()]; - CRYPTO_set_locking_callback(IceSSL_opensslLockCallback); - CRYPTO_set_id_callback(IceSSL_opensslThreadIdCallback); - - // - // Load human-readable error messages. - // - SSL_load_error_strings(); - - // - // Initialize the SSL library. - // - SSL_library_init(); - - // - // Initialize the PRNG. - // -#ifdef WINDOWS - RAND_screen(); // Uses data from the screen if possible. -#endif - char randFile[1024]; - if(RAND_file_name(randFile, sizeof(randFile))) // Gets the name of a default seed file. - { - RAND_load_file(randFile, 1024); - } - string randFiles = properties->getProperty("IceSSL.Random"); - if(!randFiles.empty()) - { - vector<string> files; -#ifdef _WIN32 - const string sep = ";"; -#else - const string sep = ":"; -#endif - string defaultDir = properties->getProperty("IceSSL.DefaultDir"); - if(!IceUtilInternal::splitString(randFiles, sep, files)) - { - PluginInitializationException ex(__FILE__, __LINE__); - ex.reason = "IceSSL: invalid value for IceSSL.Random:\n" + randFiles; - throw ex; - } - for(vector<string>::iterator p = files.begin(); p != files.end(); ++p) - { - string file = *p; - if(!checkPath(file, defaultDir, false)) - { - PluginInitializationException ex(__FILE__, __LINE__); - ex.reason = "IceSSL: entropy data file not found:\n" + file; - throw ex; - } - if(!RAND_load_file(file.c_str(), 1024)) - { - PluginInitializationException ex(__FILE__, __LINE__); - ex.reason = "IceSSL: unable to load entropy data from " + file; - throw ex; - } - } - } -#ifndef _WIN32 - // - // The Entropy Gathering Daemon (EGD) is not available on Windows. - // The file should be a Unix domain socket for the daemon. - // - string entropyDaemon = properties->getProperty("IceSSL.EntropyDaemon"); - if(!entropyDaemon.empty()) - { - if(RAND_egd(entropyDaemon.c_str()) <= 0) - { - PluginInitializationException ex(__FILE__, __LINE__); - ex.reason = "IceSSL: EGD failure using file " + entropyDaemon; - throw ex; - } - } -#endif - if(!RAND_status()) - { - communicator->getLogger()->warning("IceSSL: insufficient data to initialize PRNG"); - } - } -} - -void -IceSSL::PluginI::cleanupSSL() -{ - IceUtil::StaticMutex::Lock sync(staticMutex); - - if(--instanceCount == 0) - { - CRYPTO_set_locking_callback(0); - CRYPTO_set_id_callback(0); - delete[] locks; - locks = 0; - - CRYPTO_cleanup_all_ex_data(); - RAND_cleanup(); - ERR_free_strings(); - EVP_cleanup(); - } -} - const char* IceSSL::ConnectionInvalidException::_name = "IceSSL::ConnectionInvalidException"; ConnectionInvalidException::ConnectionInvalidException(const char* file, int line, const string& r) : |