From a87f73de1aba389cb70836534d093edfe30ff7e9 Mon Sep 17 00:00:00 2001 From: Matthew Newhook Date: Tue, 8 Nov 2005 05:51:21 +0000 Subject: http://bugzilla.zeroc.com/bugzilla/show_bug.cgi?id=534 --- cpp/src/Ice/ConnectionI.cpp | 2 + cpp/src/Ice/TcpTransceiver.cpp | 5 + cpp/src/Ice/TcpTransceiver.h | 1 + cpp/src/Ice/Transceiver.h | 1 + cpp/src/Ice/UdpTransceiver.cpp | 5 + cpp/src/Ice/UdpTransceiver.h | 1 + cpp/src/IceSSL/.depend | 20 +- cpp/src/IceSSL/ClientContext.cpp | 4 +- cpp/src/IceSSL/ClientContext.h | 4 +- cpp/src/IceSSL/Context.h | 18 +- cpp/src/IceSSL/Makefile | 6 +- cpp/src/IceSSL/OpenSSLPluginI.cpp | 37 +- cpp/src/IceSSL/OpenSSLPluginI.h | 11 +- cpp/src/IceSSL/OpenSSLUtils.cpp | 1 + cpp/src/IceSSL/ServerContext.cpp | 4 +- cpp/src/IceSSL/ServerContext.h | 4 +- cpp/src/IceSSL/SslAcceptor.cpp | 4 +- cpp/src/IceSSL/SslAcceptor.h | 10 +- cpp/src/IceSSL/SslClientTransceiver.cpp | 407 ------------- cpp/src/IceSSL/SslClientTransceiver.h | 37 -- cpp/src/IceSSL/SslConnector.cpp | 29 +- cpp/src/IceSSL/SslConnector.h | 8 +- cpp/src/IceSSL/SslServerTransceiver.cpp | 376 ------------ cpp/src/IceSSL/SslServerTransceiver.h | 36 -- cpp/src/IceSSL/SslTransceiver.cpp | 995 +++++++++++++++----------------- cpp/src/IceSSL/SslTransceiver.h | 169 +----- 26 files changed, 591 insertions(+), 1604 deletions(-) delete mode 100644 cpp/src/IceSSL/SslClientTransceiver.cpp delete mode 100644 cpp/src/IceSSL/SslClientTransceiver.h delete mode 100644 cpp/src/IceSSL/SslServerTransceiver.cpp delete mode 100644 cpp/src/IceSSL/SslServerTransceiver.h (limited to 'cpp') diff --git a/cpp/src/Ice/ConnectionI.cpp b/cpp/src/Ice/ConnectionI.cpp index dc50521f6cb..2115665397b 100644 --- a/cpp/src/Ice/ConnectionI.cpp +++ b/cpp/src/Ice/ConnectionI.cpp @@ -114,6 +114,7 @@ Ice::ConnectionI::validate() traceHeader("sending validate connection", os, _logger, _traceLevels); try { + _transceiver->initialize(timeout); _transceiver->write(os, timeout); } catch(const TimeoutException&) @@ -128,6 +129,7 @@ Ice::ConnectionI::validate() is.i = is.b.begin(); try { + _transceiver->initialize(timeout); _transceiver->read(is, timeout); } catch(const TimeoutException&) diff --git a/cpp/src/Ice/TcpTransceiver.cpp b/cpp/src/Ice/TcpTransceiver.cpp index 6586aee2201..03bdfce556d 100644 --- a/cpp/src/Ice/TcpTransceiver.cpp +++ b/cpp/src/Ice/TcpTransceiver.cpp @@ -326,6 +326,11 @@ IceInternal::TcpTransceiver::toString() const return _desc; } +void +IceInternal::TcpTransceiver::initialize(int) +{ +} + IceInternal::TcpTransceiver::TcpTransceiver(const InstancePtr& instance, SOCKET fd) : _traceLevels(instance->traceLevels()), _logger(instance->logger()), diff --git a/cpp/src/Ice/TcpTransceiver.h b/cpp/src/Ice/TcpTransceiver.h index e9e9a870500..aa22dc5d3ea 100644 --- a/cpp/src/Ice/TcpTransceiver.h +++ b/cpp/src/Ice/TcpTransceiver.h @@ -34,6 +34,7 @@ public: virtual void read(Buffer&, int); virtual std::string type() const; virtual std::string toString() const; + virtual void initialize(int); private: diff --git a/cpp/src/Ice/Transceiver.h b/cpp/src/Ice/Transceiver.h index c05169af7aa..3c0073eb818 100644 --- a/cpp/src/Ice/Transceiver.h +++ b/cpp/src/Ice/Transceiver.h @@ -37,6 +37,7 @@ public: virtual void read(Buffer&, int) = 0; virtual std::string type() const = 0; virtual std::string toString() const = 0; + virtual void initialize(int) = 0; }; } diff --git a/cpp/src/Ice/UdpTransceiver.cpp b/cpp/src/Ice/UdpTransceiver.cpp index 5111f857368..53ca5127097 100644 --- a/cpp/src/Ice/UdpTransceiver.cpp +++ b/cpp/src/Ice/UdpTransceiver.cpp @@ -286,6 +286,11 @@ IceInternal::UdpTransceiver::toString() const return fdToString(_fd); } +void +IceInternal::UdpTransceiver::initialize(int) +{ +} + bool IceInternal::UdpTransceiver::equivalent(const string& host, int port) const { diff --git a/cpp/src/Ice/UdpTransceiver.h b/cpp/src/Ice/UdpTransceiver.h index 6076b33d735..127e2a110f7 100644 --- a/cpp/src/Ice/UdpTransceiver.h +++ b/cpp/src/Ice/UdpTransceiver.h @@ -40,6 +40,7 @@ public: virtual void read(Buffer&, int); virtual std::string type() const; virtual std::string toString() const; + virtual void initialize(int); bool equivalent(const std::string&, int) const; int effectivePort() const; diff --git a/cpp/src/IceSSL/.depend b/cpp/src/IceSSL/.depend index 0e4d3230fbc..f5a3c7a6295 100644 --- a/cpp/src/IceSSL/.depend +++ b/cpp/src/IceSSL/.depend @@ -4,32 +4,30 @@ CertificateDesc.o: CertificateDesc.cpp ../IceSSL/CertificateDesc.h ../../include CertificateVerifierF.o: CertificateVerifierF.cpp ../../include/IceSSL/CertificateVerifierF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h CertificateVerifier.o: CertificateVerifier.cpp ../../include/IceSSL/CertificateVerifier.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/IceSSL/Plugin.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../../include/Ice/BasicStream.h ../../include/Ice/InstanceF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/Buffer.h ../../include/Ice/Object.h ../../include/Ice/GCShared.h ../../include/Ice/GCRecMutex.h ../../include/IceUtil/RecMutex.h ../../include/Ice/IncomingAsyncF.h CertificateVerifierOpenSSL.o: CertificateVerifierOpenSSL.cpp ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceUtil/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/IceSSL/Plugin.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h -ClientContext.o: ClientContext.cpp ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LoggerUtil.h ../../include/IceSSL/Exception.h ../IceSSL/ClientContext.h ../IceSSL/Context.h ../../include/Ice/BuiltinSequences.h ../IceSSL/OpenSSL.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/GeneralConfig.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/CertificateDesc.h ../IceSSL/TempCerts.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/SslTransceiverF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/SslClientTransceiver.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h +ClientContext.o: ClientContext.cpp ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LoggerUtil.h ../../include/IceSSL/Exception.h ../IceSSL/ClientContext.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/Context.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/ContextF.h ../../include/Ice/BuiltinSequences.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/GeneralConfig.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/CertificateDesc.h ../IceSSL/TempCerts.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h ConfigParser.o: ConfigParser.cpp ../IceSSL/ConfigParser.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../IceSSL/CertificateDesc.h ../IceSSL/GeneralConfig.h ../IceSSL/OpenSSL.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/TraceLevelsF.h ../../include/IceXML/Parser.h ../../include/IceSSL/Exception.h -Context.o: Context.cpp ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LoggerUtil.h ../../include/Ice/Properties.h ../../include/Ice/BuiltinSequences.h ../IceSSL/DefaultCertificateVerifier.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../../include/IceSSL/Exception.h ../../include/IceSSL/RSAKeyPair.h ../../include/IceSSL/RSAKeyPairF.h ../../include/IceSSL/RSACertificateGenF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/RSAPublicKeyF.h ../IceSSL/CertificateDesc.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/SslTransceiverF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/Context.h ../IceSSL/OpenSSL.h ../IceSSL/GeneralConfig.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../IceSSL/OpenSSLJanitors.h ../IceSSL/OpenSSLUtils.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h +Context.o: Context.cpp ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LoggerUtil.h ../../include/Ice/Properties.h ../../include/Ice/BuiltinSequences.h ../IceSSL/DefaultCertificateVerifier.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../../include/IceSSL/Exception.h ../../include/IceSSL/RSAKeyPair.h ../../include/IceSSL/RSAKeyPairF.h ../../include/IceSSL/RSACertificateGenF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/RSAPublicKeyF.h ../IceSSL/CertificateDesc.h ../IceSSL/SslTransceiver.h ../IceSSL/SslTransceiverF.h ../IceSSL/OpenSSLPluginIF.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/Context.h ../IceSSL/ContextF.h ../IceSSL/OpenSSL.h ../IceSSL/GeneralConfig.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../../include/IceSSL/RSAPublicKey.h ../IceSSL/OpenSSLJanitors.h ../IceSSL/OpenSSLUtils.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h Convert.o: Convert.cpp ../../include/IceUtil/Config.h ../IceSSL/Convert.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h DefaultCertificateVerifier.o: DefaultCertificateVerifier.cpp ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/Properties.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/LoggerUtil.h ../IceSSL/OpenSSL.h ../IceSSL/DefaultCertificateVerifier.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/OpenSSLUtils.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h DHParams.o: DHParams.cpp ../IceSSL/DHParams.h ../../include/IceUtil/Shared.h ../../include/IceUtil/Config.h ../IceSSL/DHParamsF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h Exception.o: Exception.cpp ../../include/IceSSL/Exception.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h GeneralConfig.o: GeneralConfig.cpp ../IceSSL/GeneralConfig.h ../IceSSL/OpenSSL.h ../../include/IceUtil/Config.h OpenSSLJanitors.o: OpenSSLJanitors.cpp ../IceSSL/OpenSSLJanitors.h ../../include/IceUtil/Config.h -OpenSSLPluginI.o: OpenSSLPluginI.cpp ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/Properties.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/ProtocolPluginFacade.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/Ice/EndpointFactoryF.h ../../include/Ice/InstanceF.h ../../include/Ice/Communicator.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LocalException.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h ../IceSSL/TraceLevels.h ../../include/IceSSL/Exception.h ../IceSSL/ConfigParser.h ../../include/IceXML/Parser.h ../IceSSL/OpenSSLJanitors.h ../IceSSL/OpenSSLUtils.h ../IceSSL/DefaultCertificateVerifier.h ../IceSSL/SingleCertificateVerifier.h ../IceSSL/SslEndpointI.h ../Ice/EndpointI.h ../Ice/ConnectorF.h ../Ice/AcceptorF.h ../../include/Ice/EndpointFactory.h ../../include/IceSSL/RSAPrivateKey.h ../IceSSL/DHParams.h -OpenSSLUtils.o: OpenSSLUtils.cpp ../../include/IceUtil/StaticMutex.h ../../include/IceUtil/Config.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/IceUtil/Exception.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/RecMutex.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Proxy.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../IceSSL/SslTransceiver.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h ../IceSSL/OpenSSLUtils.h +OpenSSLPluginI.o: OpenSSLPluginI.cpp ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/IceUtil/Config.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/IceUtil/Exception.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../IceSSL/OpenSSLPluginIF.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/ContextF.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../IceSSL/DHParamsF.h ../../include/Ice/LoggerUtil.h ../../include/Ice/Properties.h ../../include/Ice/ProtocolPluginFacade.h ../../include/Ice/EndpointFactoryF.h ../../include/Ice/InstanceF.h ../../include/Ice/Communicator.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LocalException.h ../IceSSL/TraceLevels.h ../../include/IceSSL/Exception.h ../IceSSL/ConfigParser.h ../../include/IceXML/Parser.h ../IceSSL/OpenSSLJanitors.h ../IceSSL/OpenSSLUtils.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/DefaultCertificateVerifier.h ../IceSSL/SingleCertificateVerifier.h ../IceSSL/SslEndpointI.h ../Ice/EndpointI.h ../Ice/ConnectorF.h ../Ice/AcceptorF.h ../../include/Ice/EndpointFactory.h ../../include/IceSSL/RSAPrivateKey.h ../IceSSL/DHParams.h +OpenSSLUtils.o: OpenSSLUtils.cpp ../../include/IceUtil/StaticMutex.h ../../include/IceUtil/Config.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/IceUtil/Exception.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../IceSSL/OpenSSLPluginIF.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/ContextF.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../IceSSL/DHParamsF.h ../IceSSL/OpenSSLUtils.h ../IceSSL/SslTransceiver.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h PluginF.o: PluginF.cpp ../../include/IceSSL/PluginF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h Plugin.o: Plugin.cpp ../../include/IceSSL/Plugin.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../../include/Ice/BasicStream.h ../../include/Ice/InstanceF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/Buffer.h ../../include/Ice/Object.h ../../include/Ice/GCShared.h ../../include/Ice/GCRecMutex.h ../../include/IceUtil/RecMutex.h ../../include/Ice/IncomingAsyncF.h RSACertificateGen.o: RSACertificateGen.cpp ../../include/IceUtil/Config.h ../../include/IceSSL/RSACertificateGen.h ../../include/IceSSL/RSAKeyPairF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h ../../include/IceSSL/Config.h ../IceSSL/OpenSSLJanitors.h ../../include/IceSSL/RSAKeyPair.h ../../include/IceUtil/Shared.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/LocalObjectF.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/IceSSL/RSACertificateGenF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAPrivateKey.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/Exception.h ../IceSSL/OpenSSLUtils.h RSAKeyPair.o: RSAKeyPair.cpp ../../include/IceUtil/Config.h ../../include/IceUtil/Base64.h ../../include/IceSSL/RSAKeyPair.h ../../include/IceUtil/Shared.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/IceSSL/RSAKeyPairF.h ../../include/IceSSL/Config.h ../../include/IceSSL/RSACertificateGenF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAPrivateKey.h ../../include/IceSSL/RSAPublicKey.h RSAPrivateKey.o: RSAPrivateKey.cpp ../../include/IceUtil/Config.h ../../include/IceUtil/Base64.h ../../include/IceSSL/RSAPrivateKey.h ../../include/IceUtil/Shared.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/IceSSL/Config.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/Convert.h ../IceSSL/OpenSSLUtils.h ../../include/IceSSL/Exception.h RSAPublicKey.o: RSAPublicKey.cpp ../../include/IceUtil/Config.h ../../include/IceUtil/Base64.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceUtil/Shared.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/IceSSL/Config.h ../../include/IceSSL/RSAPublicKeyF.h ../IceSSL/Convert.h ../IceSSL/OpenSSLUtils.h ../../include/IceSSL/Exception.h -ServerContext.o: ServerContext.cpp ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LoggerUtil.h ../../include/IceSSL/Exception.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../../include/Ice/BuiltinSequences.h ../IceSSL/OpenSSL.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/GeneralConfig.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/CertificateDesc.h ../IceSSL/TempCerts.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/SslTransceiverF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/SslServerTransceiver.h ../IceSSL/OpenSSLUtils.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h +ServerContext.o: ServerContext.cpp ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/LoggerUtil.h ../../include/IceSSL/Exception.h ../IceSSL/ServerContext.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/Context.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/ContextF.h ../../include/Ice/BuiltinSequences.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/GeneralConfig.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/CertificateDesc.h ../IceSSL/TempCerts.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/OpenSSLUtils.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h SingleCertificateVerifier.o: SingleCertificateVerifier.cpp ../IceSSL/SingleCertificateVerifier.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/Convert.h -SslAcceptor.o: SslAcceptor.cpp ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../Ice/Network.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/IceUtil/RecMutex.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Proxy.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h ../IceSSL/SslAcceptor.h ../Ice/Acceptor.h ../Ice/AcceptorF.h ../IceSSL/TraceLevels.h -SslClientTransceiver.o: SslClientTransceiver.cpp ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/Stats.h ../Ice/Network.h ../../include/Ice/LocalException.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../IceSSL/OpenSSL.h ../IceSSL/SslClientTransceiver.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../../include/Ice/StatsF.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/SslTransceiverF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/GeneralConfig.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h ../IceSSL/TraceLevels.h ../IceSSL/OpenSSLUtils.h ../../include/IceSSL/Exception.h ../IceSSL/OpenSSLJanitors.h -SslConnector.o: SslConnector.cpp ../../include/Ice/Logger.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../Ice/Network.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/IceUtil/RecMutex.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Proxy.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h ../IceSSL/SslConnector.h ../Ice/Connector.h ../Ice/ConnectorF.h ../IceSSL/TraceLevels.h -SslEndpointI.o: SslEndpointI.cpp ../Ice/Network.h ../../include/Ice/Config.h ../../include/IceUtil/Config.h ../../include/Ice/BasicStream.h ../../include/Ice/InstanceF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/ObjectF.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/Buffer.h ../../include/Ice/LocalException.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/ProtocolPluginFacade.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/Ice/EndpointFactoryF.h ../IceSSL/SslEndpointI.h ../Ice/EndpointI.h ../Ice/TransceiverF.h ../Ice/ConnectorF.h ../Ice/AcceptorF.h ../../include/Ice/EndpointFactory.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/SslAcceptor.h ../../include/Ice/LoggerF.h ../Ice/Acceptor.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslConnector.h ../Ice/Connector.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../../include/Ice/StatsF.h ../Ice/Transceiver.h ../IceSSL/SslTransceiverF.h ../../include/IceSSL/CertificateVerifierF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/Ice/PropertiesF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/OpenSSL.h ../IceSSL/GeneralConfig.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h +SslAcceptor.o: SslAcceptor.cpp ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../Ice/Network.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../IceSSL/OpenSSLPluginIF.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/ContextF.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../IceSSL/DHParamsF.h ../IceSSL/SslAcceptor.h ../Ice/TransceiverF.h ../Ice/Acceptor.h ../Ice/AcceptorF.h ../IceSSL/SslServerTransceiver.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../../include/Ice/Buffer.h ../IceSSL/TraceLevels.h +SslConnector.o: SslConnector.cpp ../Ice/Network.h ../../include/Ice/Config.h ../../include/IceUtil/Config.h ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../IceSSL/OpenSSLPluginIF.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../../include/IceSSL/RSAPrivateKeyF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Plugin.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/ContextF.h ../IceSSL/OpenSSL.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../IceSSL/DHParamsF.h ../IceSSL/SslConnector.h ../Ice/TransceiverF.h ../Ice/Connector.h ../Ice/ConnectorF.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../../include/Ice/Buffer.h ../IceSSL/TraceLevels.h +SslEndpointI.o: SslEndpointI.cpp ../Ice/Network.h ../../include/Ice/Config.h ../../include/IceUtil/Config.h ../../include/Ice/BasicStream.h ../../include/Ice/InstanceF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/ObjectF.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/Buffer.h ../../include/Ice/LocalException.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/ProtocolPluginFacade.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/Ice/EndpointFactoryF.h ../IceSSL/SslEndpointI.h ../Ice/EndpointI.h ../Ice/TransceiverF.h ../Ice/ConnectorF.h ../Ice/AcceptorF.h ../../include/Ice/EndpointFactory.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/SslAcceptor.h ../../include/Ice/LoggerF.h ../IceSSL/TraceLevelsF.h ../Ice/Acceptor.h ../IceSSL/SslConnector.h ../Ice/Connector.h ../IceSSL/SslTransceiver.h ../../include/Ice/StatsF.h ../IceSSL/SslTransceiverF.h ../../include/IceSSL/CertificateVerifierF.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/Ice/PropertiesF.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/ContextF.h ../IceSSL/OpenSSL.h ../IceSSL/GeneralConfig.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../IceSSL/DHParamsF.h SslException.o: SslException.cpp ../../include/Ice/LocalException.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/IceSSL/Exception.h -SslServerTransceiver.o: SslServerTransceiver.cpp ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/Stats.h ../Ice/Network.h ../../include/Ice/LocalException.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../IceSSL/OpenSSL.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../../include/IceSSL/CertificateVerifierF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../IceSSL/GeneralConfig.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h ../IceSSL/TraceLevels.h ../IceSSL/OpenSSLUtils.h ../../include/IceSSL/Exception.h ../IceSSL/OpenSSLJanitors.h ../IceSSL/SslServerTransceiver.h -SslTransceiver.o: SslTransceiver.cpp ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/Stats.h ../../include/Ice/Buffer.h ../Ice/Network.h ../../include/Ice/LocalException.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/Properties.h ../IceSSL/OpenSSL.h ../IceSSL/SslTransceiver.h ../../include/IceUtil/StaticMutex.h ../../include/Ice/StatsF.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../IceSSL/SslTransceiverF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierF.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/Ice/PropertiesF.h ../../include/Ice/ProtocolPluginFacadeF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/GeneralConfig.h ../IceSSL/ContextF.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/DHParamsF.h ../IceSSL/TraceLevels.h ../../include/IceSSL/Exception.h ../IceSSL/OpenSSLUtils.h +SslTransceiver.o: SslTransceiver.cpp ../../include/Ice/LoggerUtil.h ../../include/Ice/LoggerF.h ../../include/Ice/LocalObjectF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/IceUtil/Config.h ../../include/Ice/Config.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/IceUtil/Shared.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/Stats.h ../Ice/Network.h ../../include/Ice/LocalException.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/BuiltinSequences.h ../IceSSL/SslTransceiver.h ../../include/Ice/StatsF.h ../IceSSL/SslTransceiverF.h ../IceSSL/OpenSSLPluginIF.h ../IceSSL/TraceLevelsF.h ../../include/IceSSL/CertificateVerifierF.h ../../include/IceUtil/StaticMutex.h ../Ice/Transceiver.h ../Ice/TransceiverF.h ../../include/Ice/Buffer.h ../../include/IceSSL/CertificateVerifierOpenSSL.h ../../include/IceSSL/Config.h ../../include/IceSSL/CertificateVerifier.h ../../include/IceSSL/Plugin.h ../../include/Ice/Plugin.h ../IceSSL/TraceLevels.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/IceSSL/Exception.h ../IceSSL/OpenSSLPluginI.h ../../include/IceUtil/RecMutex.h ../../include/Ice/PropertiesF.h ../../include/IceSSL/RSAPrivateKeyF.h ../IceSSL/CertificateDesc.h ../IceSSL/CertificateAuthority.h ../IceSSL/BaseCerts.h ../IceSSL/TempCerts.h ../IceSSL/ServerContext.h ../IceSSL/Context.h ../IceSSL/ContextF.h ../IceSSL/OpenSSL.h ../IceSSL/GeneralConfig.h ../../include/IceSSL/RSAPublicKey.h ../../include/IceSSL/RSAPublicKeyF.h ../../include/IceSSL/RSAKeyPairF.h ../IceSSL/ClientContext.h ../IceSSL/DHParamsF.h ../IceSSL/OpenSSLUtils.h TempCerts.o: TempCerts.cpp ../IceSSL/TempCerts.h ../IceSSL/CertificateDesc.h ../../include/IceUtil/Config.h TraceLevels.o: TraceLevels.cpp ../IceSSL/TraceLevels.h ../../include/IceUtil/Shared.h ../../include/IceUtil/Config.h ../../include/Ice/ProtocolPluginFacadeF.h ../../include/Ice/Handle.h ../../include/IceUtil/Handle.h ../../include/IceUtil/Exception.h ../../include/Ice/Config.h ../IceSSL/TraceLevelsF.h ../../include/Ice/Communicator.h ../../include/Ice/LocalObjectF.h ../../include/Ice/ProxyF.h ../../include/Ice/ProxyHandle.h ../../include/Ice/ObjectF.h ../../include/Ice/Exception.h ../../include/Ice/LocalObject.h ../../include/Ice/Proxy.h ../../include/IceUtil/Mutex.h ../../include/IceUtil/Lock.h ../../include/IceUtil/ThreadException.h ../../include/Ice/ProxyFactoryF.h ../../include/Ice/ConnectionIF.h ../../include/Ice/EndpointIF.h ../../include/Ice/Endpoint.h ../../include/Ice/UndefSysMacros.h ../../include/Ice/ObjectAdapterF.h ../../include/Ice/ReferenceF.h ../../include/Ice/OutgoingAsyncF.h ../../include/Ice/Current.h ../../include/Ice/ConnectionF.h ../../include/Ice/Identity.h ../../include/Ice/StreamF.h ../../include/Ice/CommunicatorF.h ../../include/Ice/LoggerF.h ../../include/Ice/StatsF.h ../../include/Ice/PropertiesF.h ../../include/Ice/ObjectFactoryF.h ../../include/Ice/RouterF.h ../../include/Ice/LocatorF.h ../../include/Ice/PluginF.h ../../include/Ice/Properties.h ../../include/Ice/BuiltinSequences.h ../../include/Ice/ProtocolPluginFacade.h ../../include/Ice/EndpointFactoryF.h ../../include/Ice/InstanceF.h Exception.cpp: ../../slice/IceSSL/Exception.ice diff --git a/cpp/src/IceSSL/ClientContext.cpp b/cpp/src/IceSSL/ClientContext.cpp index eaac6778704..b85cd88c01c 100644 --- a/cpp/src/IceSSL/ClientContext.cpp +++ b/cpp/src/IceSSL/ClientContext.cpp @@ -12,7 +12,7 @@ #include #include -#include +#include #include using namespace std; @@ -60,7 +60,7 @@ IceSSL::ClientContext::createTransceiver(int socket, const OpenSSLPluginIPtr& pl } SSL* ssl = createSSLConnection(socket); - return new SslClientTransceiver(plugin, socket, _certificateVerifier, ssl, timeout); + return new SslTransceiver(IceSSL::Client, plugin, socket, _certificateVerifier, ssl, timeout); } IceSSL::ClientContext::ClientContext(const TraceLevelsPtr& traceLevels, const CommunicatorPtr& communicator) : diff --git a/cpp/src/IceSSL/ClientContext.h b/cpp/src/IceSSL/ClientContext.h index 6e0289668bd..8cf5ff84d24 100644 --- a/cpp/src/IceSSL/ClientContext.h +++ b/cpp/src/IceSSL/ClientContext.h @@ -10,6 +10,7 @@ #ifndef ICESSL_CLIENT_CONTEXT_H #define ICESSL_CLIENT_CONTEXT_H +#include #include namespace IceSSL @@ -23,8 +24,7 @@ public: const CertificateAuthority&, const BaseCertificates&); - // Takes a socket fd as the first parameter, and the initial handshake timeout as the final. - virtual SslTransceiverPtr createTransceiver(int, const OpenSSLPluginIPtr&, int); + SslTransceiverPtr createTransceiver(int, const OpenSSLPluginIPtr&, int); protected: diff --git a/cpp/src/IceSSL/Context.h b/cpp/src/IceSSL/Context.h index 6e6ccb8588c..7e7222c3c6f 100644 --- a/cpp/src/IceSSL/Context.h +++ b/cpp/src/IceSSL/Context.h @@ -11,16 +11,17 @@ #define ICESSL_CONTEXT_H #include +#include +#include +#include + #include #include -#include #include #include #include #include #include -#include -#include #include #include @@ -38,20 +39,11 @@ public: void cleanUp(); virtual void setCertificateVerifier(const CertificateVerifierPtr&); - virtual void addTrustedCertificateBase64(const std::string&); - virtual void addTrustedCertificate(const Ice::ByteSeq&); - virtual void setRSAKeysBase64(const std::string&, const std::string&); - virtual void setRSAKeys(const Ice::ByteSeq&, const Ice::ByteSeq&); - - virtual void configure(const GeneralConfig&, - const CertificateAuthority&, - const BaseCertificates&); - - // Takes a socket fd as the first parameter, and the initial handshake timeout as the final. + virtual void configure(const GeneralConfig&, const CertificateAuthority&, const BaseCertificates&); virtual SslTransceiverPtr createTransceiver(int, const OpenSSLPluginIPtr&, int) = 0; protected: diff --git a/cpp/src/IceSSL/Makefile b/cpp/src/IceSSL/Makefile index 112c0c15432..6b706191a5e 100644 --- a/cpp/src/IceSSL/Makefile +++ b/cpp/src/IceSSL/Makefile @@ -32,8 +32,8 @@ OBJS = BaseCerts.o \ OpenSSLJanitors.o \ OpenSSLPluginI.o \ OpenSSLUtils.o \ - PluginF.o \ - Plugin.o \ + PluginF.o \ + Plugin.o \ RSACertificateGen.o \ RSAKeyPair.o \ RSAPrivateKey.o \ @@ -41,11 +41,9 @@ OBJS = BaseCerts.o \ ServerContext.o \ SingleCertificateVerifier.o \ SslAcceptor.o \ - SslClientTransceiver.o \ SslConnector.o \ SslEndpointI.o \ SslException.o \ - SslServerTransceiver.o \ SslTransceiver.o \ TempCerts.o \ TraceLevels.o diff --git a/cpp/src/IceSSL/OpenSSLPluginI.cpp b/cpp/src/IceSSL/OpenSSLPluginI.cpp index e3d0b833696..8a440184c58 100644 --- a/cpp/src/IceSSL/OpenSSLPluginI.cpp +++ b/cpp/src/IceSSL/OpenSSLPluginI.cpp @@ -7,13 +7,14 @@ // // ********************************************************************** +#include + #include #include #include #include #include -#include #include #include #include @@ -247,37 +248,35 @@ IceSSL::OpenSSLPluginI::~OpenSSLPluginI() } SslTransceiverPtr -IceSSL::OpenSSLPluginI::createTransceiver(ContextType connectionType, int socket, int timeout) +IceSSL::OpenSSLPluginI::createServerTransceiver(int socket, int timeout) { IceUtil::RecMutex::Lock sync(_configMutex); - if(connectionType == ClientServer) + // Configure the context if need be. + if(!isConfigured(IceSSL::Server)) { - UnsupportedContextException unsupportedException(__FILE__, __LINE__); + configure(IceSSL::Server); + } - unsupportedException.message = "unable to create client/server connections"; + SslTransceiverPtr transceiver; - throw unsupportedException; - } + return _serverContext.createTransceiver(socket, this, timeout); +} + +SslTransceiverPtr +IceSSL::OpenSSLPluginI::createClientTransceiver(int socket, int timeout) +{ + IceUtil::RecMutex::Lock sync(_configMutex); // Configure the context if need be. - if(!isConfigured(connectionType)) + if(!isConfigured(IceSSL::Client)) { - configure(connectionType); + configure(IceSSL::Client); } SslTransceiverPtr transceiver; - if(connectionType == Client) - { - transceiver = _clientContext.createTransceiver(socket, this, timeout); - } - else if(connectionType == Server) - { - transceiver = _serverContext.createTransceiver(socket, this, timeout); - } - - return transceiver; + return _clientContext.createTransceiver(socket, this, timeout); } bool diff --git a/cpp/src/IceSSL/OpenSSLPluginI.h b/cpp/src/IceSSL/OpenSSLPluginI.h index 635f721cf7d..d4373120cb2 100644 --- a/cpp/src/IceSSL/OpenSSLPluginI.h +++ b/cpp/src/IceSSL/OpenSSLPluginI.h @@ -10,7 +10,6 @@ #ifndef ICE_SSL_OPENSSL_PLUGIN_I_H #define ICE_SSL_OPENSSL_PLUGIN_I_H -#include #include #include @@ -18,18 +17,19 @@ #include #include -#include #include #include #include #include +#include + +#include #include #include #include #include #include #include -#include #include #include @@ -50,8 +50,8 @@ public: OpenSSLPluginI(const IceInternal::ProtocolPluginFacadePtr&); virtual ~OpenSSLPluginI(); - - virtual SslTransceiverPtr createTransceiver(ContextType, int, int); + SslTransceiverPtr createServerTransceiver(int, int); + SslTransceiverPtr createClientTransceiver(int, int); virtual bool isConfigured(ContextType); virtual void configure(); @@ -138,4 +138,3 @@ private: } #endif - diff --git a/cpp/src/IceSSL/OpenSSLUtils.cpp b/cpp/src/IceSSL/OpenSSLUtils.cpp index b57b72c1481..16e5e11bdca 100644 --- a/cpp/src/IceSSL/OpenSSLUtils.cpp +++ b/cpp/src/IceSSL/OpenSSLUtils.cpp @@ -10,6 +10,7 @@ #include #include #include +#include #include diff --git a/cpp/src/IceSSL/ServerContext.cpp b/cpp/src/IceSSL/ServerContext.cpp index 068348cf9c4..7434450e697 100644 --- a/cpp/src/IceSSL/ServerContext.cpp +++ b/cpp/src/IceSSL/ServerContext.cpp @@ -12,7 +12,7 @@ #include #include -#include +#include #include #include @@ -81,7 +81,7 @@ IceSSL::ServerContext::createTransceiver(int socket, const OpenSSLPluginIPtr& pl } SSL* ssl = createSSLConnection(socket); - return new SslServerTransceiver(plugin, socket, _certificateVerifier, ssl, timeout); + return new SslTransceiver(IceSSL::Server, plugin, socket, _certificateVerifier, ssl, timeout); } // diff --git a/cpp/src/IceSSL/ServerContext.h b/cpp/src/IceSSL/ServerContext.h index d164ce57fbe..390f0cdd391 100644 --- a/cpp/src/IceSSL/ServerContext.h +++ b/cpp/src/IceSSL/ServerContext.h @@ -10,6 +10,7 @@ #ifndef ICESSL_SERVER_CONTEXT_H #define ICESSL_SERVER_CONTEXT_H +#include #include namespace IceSSL @@ -23,8 +24,7 @@ public: const CertificateAuthority&, const BaseCertificates&); - // Takes a socket fd as the first parameter, and the initial handshake timeout as the final. - virtual SslTransceiverPtr createTransceiver(int, const OpenSSLPluginIPtr&, int); + SslTransceiverPtr createTransceiver(int, const OpenSSLPluginIPtr&, int); protected: diff --git a/cpp/src/IceSSL/SslAcceptor.cpp b/cpp/src/IceSSL/SslAcceptor.cpp index 242fe32f992..b3ee099055f 100644 --- a/cpp/src/IceSSL/SslAcceptor.cpp +++ b/cpp/src/IceSSL/SslAcceptor.cpp @@ -12,7 +12,7 @@ #include #include -#include +#include #include using namespace std; @@ -71,7 +71,7 @@ IceSSL::SslAcceptor::accept(int timeout) out << "accepted ssl connection\n" << fdToString(fd); } - return _plugin->createTransceiver(IceSSL::Server, fd, timeout); + return _plugin->createServerTransceiver(fd, timeout); } void diff --git a/cpp/src/IceSSL/SslAcceptor.h b/cpp/src/IceSSL/SslAcceptor.h index 92b711bb272..c093281a9e6 100644 --- a/cpp/src/IceSSL/SslAcceptor.h +++ b/cpp/src/IceSSL/SslAcceptor.h @@ -12,9 +12,9 @@ #include #include -#include -#include #include +#include +#include #ifndef _WIN32 # include // For struct sockaddr_in @@ -45,9 +45,9 @@ private: virtual ~SslAcceptor(); friend class SslEndpointI; - OpenSSLPluginIPtr _plugin; - TraceLevelsPtr _traceLevels; - ::Ice::LoggerPtr _logger; + const OpenSSLPluginIPtr _plugin; + const TraceLevelsPtr _traceLevels; + const ::Ice::LoggerPtr _logger; SOCKET _fd; int _backlog; struct sockaddr_in _addr; diff --git a/cpp/src/IceSSL/SslClientTransceiver.cpp b/cpp/src/IceSSL/SslClientTransceiver.cpp deleted file mode 100644 index 84da556f77f..00000000000 --- a/cpp/src/IceSSL/SslClientTransceiver.cpp +++ /dev/null @@ -1,407 +0,0 @@ -// ********************************************************************** -// -// Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved. -// -// This copy of Ice is licensed to you under the terms described in the -// ICE_LICENSE file included in this distribution. -// -// ********************************************************************** - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -using namespace std; -using namespace Ice; -using namespace IceInternal; - -// -// Public Methods -// - -void -IceSSL::SslClientTransceiver::write(Buffer& buf, int timeout) -{ - assert(_fd != INVALID_SOCKET); - - _plugin->registerThread(); - - int totalBytesWritten = 0; - int bytesWritten = 0; - - Buffer::Container::difference_type packetSize = - static_cast(buf.b.end() - buf.i); - -#ifdef _WIN32 - // - // Limit packet size to avoid performance problems on WIN32. - // (blatantly ripped off from Marc Laukien) - // - if(packetSize > 64 * 1024) - { - packetSize = 64 * 1024; - } -#endif - - // We keep reading until we're done - while(buf.i != buf.b.end()) - { - // Ensure we're initialized. - if(initialize(timeout) <= 0) - { - // Retry the initialize call - continue; - } - - // initialize() must have returned > 0, so we're okay to try a write. - - // Perform a select on the socket. - if(!writeSelect(timeout)) - { - // We're done here. - break; - } - - bytesWritten = sslWrite(&*buf.i, static_cast(packetSize)); - - switch(getLastError()) - { - case SSL_ERROR_NONE: - { - if(bytesWritten > 0) - { - if(_traceLevels->network >= 3) - { - Trace out(_logger, _traceLevels->networkCat); - out << "sent " << bytesWritten << " of " << packetSize; - out << " bytes via ssl\n" << fdToString(SSL_get_fd(_sslConnection)); - } - - if(_stats) - { - _stats->bytesSent(type(), bytesWritten); - } - - totalBytesWritten += bytesWritten; - - buf.i += bytesWritten; - - if(packetSize > buf.b.end() - buf.i) - { - packetSize = static_cast(buf.b.end() - buf.i); - } - } - continue; - } - - case SSL_ERROR_WANT_WRITE: - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_X509_LOOKUP: - { - // Perform another read. The read should take care of this. - continue; - } - - case SSL_ERROR_SYSCALL: - { - // NOTE: The OpenSSL demo client only raises and error condition if there were - // actually bytes written. This is considered to be an error status - // requiring shutdown. - // If nothing was written, the demo client stops writing - we continue. - // This is potentially something wierd to watch out for. - if(bytesWritten == -1) - { - // IO Error in underlying BIO - - if(interrupted()) - { - break; - } - - if(wouldBlock()) - { - break; - } - - if(connectionLost()) - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - - SocketException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - else if(bytesWritten > 0) - { - ProtocolException protocolEx(__FILE__, __LINE__); - - // Protocol Error: Unexpected EOF - protocolEx.message = "encountered an EOF that violates the ssl protocol\n"; - protocolEx.message += sslGetErrors(); - - throw protocolEx; - } - else // bytesWritten == 0 - { - // Didn't write anything, continue, should be fine. - break; - } - } - - case SSL_ERROR_SSL: - { - ProtocolException protocolEx(__FILE__, __LINE__); - - protocolEx.message = "encountered a violation of the ssl protocol\n"; - protocolEx.message += sslGetErrors(); - - throw protocolEx; - } - - case SSL_ERROR_ZERO_RETURN: - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - } - } -} - -int -IceSSL::SslClientTransceiver::handshake(int timeout) -{ - assert(_sslConnection != 0); - - int retCode = SSL_is_init_finished(_sslConnection); - - while(!retCode) - { - if(_initWantRead) - { - int i = readSelect(timeout); - - if(i == 0) - { - return 0; - } - - _initWantRead = 0; - } - else if(_initWantWrite) - { - int i = writeSelect(timeout); - - if(i == 0) - { - return 0; - } - - _initWantWrite = 0; - } - - if(_traceLevels->security >= IceSSL::SECURITY_PROTOCOL) - { - Trace out(_logger, _traceLevels->securityCat); - out << "Performing handshake.\n"; - out << fdToString(SSL_get_fd(_sslConnection)); - } - - int result = connect(); - - switch(getLastError()) - { - case SSL_ERROR_WANT_READ: - { - _initWantRead = 1; - break; - } - - case SSL_ERROR_WANT_WRITE: - { - _initWantWrite = 1; - break; - } - - - case SSL_ERROR_NONE: - case SSL_ERROR_WANT_X509_LOOKUP: - { - // Retry connect. - break; - } - - case SSL_ERROR_SYSCALL: - { - // This is a SOCKET_ERROR, but we don't use - // this define here as OpenSSL doesn't refer - // to it as a SOCKET_ERROR (but that's what it is - // if you look at their code). - - if(result == -1) - { - // IO Error in underlying BIO - - if(interrupted()) - { - break; - } - - if(wouldBlock()) - { - readSelect(timeout); - break; - } - - if(connectionLost()) - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - - SocketException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - else // result == 0 - { - // - // The OpenSSL docs say that a result code of 0 - // indicates a graceful shutdown. In order to - // cause a retry in the Ice core, we raise - // ConnectionRefusedException. However, errno - // isn't set in this situation, so we always use - // ECONNREFUSED. - // - ConnectionRefusedException ex(__FILE__, __LINE__); -#ifdef _WIN32 - ex.error = WSAECONNREFUSED; -#else - ex.error = ECONNREFUSED; -#endif - throw ex; - } - } - - case SSL_ERROR_SSL: - { - long verifyError = SSL_get_verify_result(_sslConnection); - - if(verifyError != X509_V_OK && verifyError != 1) - { - CertificateVerificationException certVerEx(__FILE__, __LINE__); - - certVerEx.message = getVerificationError(verifyError); - - string errors = sslGetErrors(); - - if(!errors.empty()) - { - certVerEx.message += "\n"; - certVerEx.message += errors; - } - - throw certVerEx; - } - else - { - ProtocolException protocolEx(__FILE__, __LINE__); - - protocolEx.message = "encountered a violation of the ssl protocol during handshake\n"; - protocolEx.message += sslGetErrors(); - - throw protocolEx; - } - } - - case SSL_ERROR_ZERO_RETURN: - { - // Indicates that that the SSL Connection has been closed. - // But does not necessarily indicate that the underlying transport - // has been closed (in the case of Ice, it definitely hasn't yet). - - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - } - - retCode = SSL_is_init_finished(_sslConnection); - - if(retCode > 0) - { - _phase = Connected; - - // Init finished, look at the connection information. - showConnectionInfo(); - } - } - - return retCode; -} - -// -// Protected Methods -// - -void -IceSSL::SslClientTransceiver::showConnectionInfo() -{ - if(_traceLevels->security >= SECURITY_PROTOCOL_DEBUG) - { -#ifdef ICE_SSL_EXTRA_TRACING - // - // Only in extreme cases do we enable this, partially because it doesn't use the Logger. - // - BIOJanitor bioJanitor(BIO_new_fp(stdout, BIO_NOCLOSE)); - BIO* bio = bioJanitor.get(); - - showCertificateChain(bio); - - showPeerCertificate(bio,"Client"); - - showClientCAList(bio, "Client"); - - showSharedCiphers(bio); - - showSelectedCipherInfo(bio); - - showHandshakeStats(bio); - - showSessionInfo(bio); -#endif - } -} - -// -// Private Methods -// - -// Note: I would use a using directive of the form: -// using IceSSL::CertificateVerifierPtr; -// but unfortunately, it appears that this is not properly picked up. -// - -IceSSL::SslClientTransceiver::SslClientTransceiver(const OpenSSLPluginIPtr& plugin, - SOCKET fd, - const CertificateVerifierPtr& certVerifier, - SSL* sslConnection, - int timeout) : - SslTransceiver(plugin, fd, certVerifier, sslConnection, timeout) -{ - // Set the Connect Connection state for this connection. - SSL_set_connect_state(_sslConnection); -} - diff --git a/cpp/src/IceSSL/SslClientTransceiver.h b/cpp/src/IceSSL/SslClientTransceiver.h deleted file mode 100644 index fa392f467f0..00000000000 --- a/cpp/src/IceSSL/SslClientTransceiver.h +++ /dev/null @@ -1,37 +0,0 @@ -// ********************************************************************** -// -// Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved. -// -// This copy of Ice is licensed to you under the terms described in the -// ICE_LICENSE file included in this distribution. -// -// ********************************************************************** - -#ifndef ICE_SSL_CLIENT_TRANSCEIVER_H -#define ICE_SSL_CLIENT_TRANSCEIVER_H - -#include - -namespace IceSSL -{ - -class ClientContext; - -class SslClientTransceiver : public SslTransceiver -{ -public: - - virtual int handshake(int timeout = 0); - virtual void write(IceInternal::Buffer&, int); - -protected: - - virtual void showConnectionInfo(); - - SslClientTransceiver(const OpenSSLPluginIPtr&, SOCKET, const CertificateVerifierPtr&, SSL*, int); - friend class ClientContext; -}; - -} - -#endif diff --git a/cpp/src/IceSSL/SslConnector.cpp b/cpp/src/IceSSL/SslConnector.cpp index c496d082a9b..1cdfd2d8ced 100644 --- a/cpp/src/IceSSL/SslConnector.cpp +++ b/cpp/src/IceSSL/SslConnector.cpp @@ -7,8 +7,8 @@ // // ********************************************************************** -#include #include +#include #include #include @@ -22,32 +22,23 @@ using namespace IceInternal; TransceiverPtr IceSSL::SslConnector::connect(int timeout) { - TraceLevelsPtr traceLevels = _plugin->getTraceLevels(); - LoggerPtr logger = _plugin->getLogger(); - - if(traceLevels->network >= 2) + if(_traceLevels->network >= 2) { - ostringstream s; - s << "trying to establish ssl connection to " << toString(); - logger->trace(traceLevels->networkCat, s.str()); + Trace out(_logger, _traceLevels->networkCat); + out << "trying to establish ssl connection to " << toString(); } SOCKET fd = createSocket(false); setBlock(fd, false); doConnect(fd, _addr, timeout); - if(traceLevels->network >= 1) + if(_traceLevels->network >= 1) { - ostringstream s; - s << "ssl connection established\n" << fdToString(fd); - logger->trace(traceLevels->networkCat, s.str()); + Trace out(_logger, _traceLevels->networkCat); + out << "ssl connection established\n" << fdToString(fd); } - SslTransceiverPtr transceiver = _plugin->createTransceiver(IceSSL::Client, fd, timeout); - - transceiver->forceHandshake(); - - return transceiver; + return _plugin->createClientTransceiver(fd, timeout); } string @@ -57,7 +48,9 @@ IceSSL::SslConnector::toString() const } IceSSL::SslConnector::SslConnector(const OpenSSLPluginIPtr& plugin, const string& host, int port) : - _plugin(plugin) + _plugin(plugin), + _traceLevels(plugin->getTraceLevels()), + _logger(plugin->getLogger()) { getAddress(host, port, _addr); } diff --git a/cpp/src/IceSSL/SslConnector.h b/cpp/src/IceSSL/SslConnector.h index b45823d86af..1950f1a8ecf 100644 --- a/cpp/src/IceSSL/SslConnector.h +++ b/cpp/src/IceSSL/SslConnector.h @@ -11,8 +11,10 @@ #define ICE_SSL_CONNECTOR_H #include -#include +#include +#include #include +#include #ifndef _WIN32 # include // For struct sockaddr_in @@ -36,8 +38,10 @@ private: virtual ~SslConnector(); friend class SslEndpointI; - OpenSSLPluginIPtr _plugin; + const OpenSSLPluginIPtr _plugin; struct sockaddr_in _addr; + const TraceLevelsPtr _traceLevels; + const ::Ice::LoggerPtr _logger; }; } diff --git a/cpp/src/IceSSL/SslServerTransceiver.cpp b/cpp/src/IceSSL/SslServerTransceiver.cpp deleted file mode 100644 index 48a70620961..00000000000 --- a/cpp/src/IceSSL/SslServerTransceiver.cpp +++ /dev/null @@ -1,376 +0,0 @@ -// ********************************************************************** -// -// Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved. -// -// This copy of Ice is licensed to you under the terms described in the -// ICE_LICENSE file included in this distribution. -// -// ********************************************************************** - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -using namespace std; -using namespace Ice; -using namespace IceInternal; - -// -// Public Methods -// - -void -IceSSL::SslServerTransceiver::write(Buffer& buf, int timeout) -{ - assert(_fd != INVALID_SOCKET); - - _plugin->registerThread(); - - int totalBytesWritten = 0; - int bytesWritten = 0; - - Buffer::Container::difference_type packetSize = - static_cast(buf.b.end() - buf.i); - -#ifdef _WIN32 - // - // Limit packet size to avoid performance problems on WIN32. - // - if(packetSize > 64 * 1024) - { - packetSize = 64 * 1024; - } -#endif - - // We keep writing until we're done. - while(buf.i != buf.b.end()) - { - // Ensure we're initialized. - if(initialize(timeout) <= 0) - { - // Retry the initialize call - continue; - } - - // initialize() must have returned > 0, so we're okay to try a write. - - // Perform a select on the socket. - if(!writeSelect(timeout)) - { - // We're done here. - break; - } - - bytesWritten = sslWrite(&*buf.i, static_cast(packetSize)); - - switch(getLastError()) - { - case SSL_ERROR_NONE: - { - if(_traceLevels->network >= 3) - { - Trace out(_logger, _traceLevels->networkCat); - out << "sent " << bytesWritten << " of " << packetSize; - out << " bytes via ssl\n" << fdToString(SSL_get_fd(_sslConnection)); - } - - if(_stats) - { - _stats->bytesSent(type(), bytesWritten); - } - - totalBytesWritten += bytesWritten; - - buf.i += bytesWritten; - - if(packetSize > buf.b.end() - buf.i) - { - packetSize = static_cast(buf.b.end() - buf.i); - } - continue; - } - - case SSL_ERROR_WANT_WRITE: - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_X509_LOOKUP: - { - continue; - } - - case SSL_ERROR_SYSCALL: - { - if(bytesWritten == -1) - { - // IO Error in underlying BIO - - if(interrupted()) - { - break; - } - - if(wouldBlock()) - { - break; - } - - if(connectionLost()) - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - - SocketException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - else - { - ProtocolException protocolEx(__FILE__, __LINE__); - - // Protocol Error: Unexpected EOF. - protocolEx.message = "encountered an EOF that violates the ssl protocol\n"; - protocolEx.message += IceSSL::sslGetErrors(); - - throw protocolEx; - } - } - - case SSL_ERROR_SSL: - { - ProtocolException protocolEx(__FILE__, __LINE__); - - protocolEx.message = "encountered a violation of the ssl protocol\n"; - protocolEx.message += IceSSL::sslGetErrors(); - - throw protocolEx; - } - - case SSL_ERROR_ZERO_RETURN: - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - } - } -} - -int -IceSSL::SslServerTransceiver::handshake(int timeout) -{ - assert(_sslConnection != 0); - - int retCode = SSL_is_init_finished(_sslConnection); - - while(!retCode) - { - if(_initWantWrite) - { - int i = writeSelect(timeout); - - if(i == 0) - { - return 0; - } - - _initWantWrite = 0; - } - else - { - int i = readSelect(timeout); - - if(i == 0) - { - return 0; - } - } - - if(_traceLevels->security >= IceSSL::SECURITY_PROTOCOL) - { - Trace out(_logger, _traceLevels->securityCat); - out << "Performing handshake.\n"; - out << fdToString(SSL_get_fd(_sslConnection)); - } - - int result = accept(); - - // We're doing an Accept and we don't get a retry on the socket. - if((result <= 0) && (BIO_sock_should_retry(result) == 0)) - { - // Socket can't retry - bad scene, find out why. - long verifyError = SSL_get_verify_result(_sslConnection); - - if(verifyError != X509_V_OK) - { - // Flag the connection for shutdown, let the - // usual initialization take care of it. - - _phase = Shutdown; - - return 0; - } - else - { - ProtocolException protocolEx(__FILE__, __LINE__); - - protocolEx.message = "encountered an ssl protocol violation during handshake\n"; - protocolEx.message += IceSSL::sslGetErrors(); - - throw protocolEx; - } - } - - // Find out what the error was (if any). - switch(getLastError()) - { - case SSL_ERROR_WANT_WRITE: - { - _initWantWrite = 1; - break; - } - - case SSL_ERROR_WANT_READ: - case SSL_ERROR_NONE: - case SSL_ERROR_WANT_X509_LOOKUP: - { - // Do nothing, life is good! - break; - } - - case SSL_ERROR_SYSCALL: - { - // This is a SOCKET_ERROR, but we don't use - // this define here as OpenSSL doesn't refer - // to it as a SOCKET_ERROR (but that's what it is - // if you look at their code). - if(result == -1) - { - if(interrupted()) - { - break; - } - - if(wouldBlock()) - { - readSelect(timeout); - break; - } - - if(connectionLost()) - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - - SocketException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - else - { - // - // NOTE: Should this be ConnectionRefusedException like in the Client? - // - - ProtocolException protocolEx(__FILE__, __LINE__); - - // Protocol Error: Unexpected EOF - protocolEx.message = "encountered an eof during handshake that violates the ssl protocol\n"; - protocolEx.message += IceSSL::sslGetErrors(); - - throw protocolEx; - } - } - - case SSL_ERROR_SSL: - { - ProtocolException protocolEx(__FILE__, __LINE__); - - protocolEx.message = "encountered a violation of the ssl protocol during handshake\n"; - protocolEx.message += IceSSL::sslGetErrors(); - - throw protocolEx; - } - - case SSL_ERROR_ZERO_RETURN: - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - } - - retCode = SSL_is_init_finished(_sslConnection); - - if(retCode > 0) - { - _phase = Connected; - - // Init finished, look at the connection information. - showConnectionInfo(); - } - } - - return retCode; -} - -// -// Protected Methods -// - -void -IceSSL::SslServerTransceiver::showConnectionInfo() -{ - if((_traceLevels->security >= IceSSL::SECURITY_PROTOCOL_DEBUG) && 0) - { -#ifdef ICE_SSL_EXTRA_TRACING - // - // Only in extreme cases do we enable this, partially because it doesn't use the Logger. - // - BIOJanitor bioJanitor(BIO_new_fp(stdout, BIO_NOCLOSE)); - BIO* bio = bioJanitor.get(); - - showCertificateChain(bio); - - showPeerCertificate(bio,"Server"); - - showSharedCiphers(bio); - - showSelectedCipherInfo(bio); - - showHandshakeStats(bio); - - showSessionInfo(bio); -#endif - } -} - -// Note: I would use a using directive of the form: -// using IceSSL::CertificateVerifierPtr; -// but unfortunately, it appears that this is not properly picked up. -// - -IceSSL::SslServerTransceiver::SslServerTransceiver(const OpenSSLPluginIPtr& plugin, - SOCKET fd, - const IceSSL::CertificateVerifierPtr& certVerifier, - SSL* sslConnection, - int timeout) : - SslTransceiver(plugin, fd, certVerifier, sslConnection, timeout) -{ - // Set the Accept Connection state for this connection. - SSL_set_accept_state(sslConnection); -} - - diff --git a/cpp/src/IceSSL/SslServerTransceiver.h b/cpp/src/IceSSL/SslServerTransceiver.h deleted file mode 100644 index a1ae934d589..00000000000 --- a/cpp/src/IceSSL/SslServerTransceiver.h +++ /dev/null @@ -1,36 +0,0 @@ -// ********************************************************************** -// -// Copyright (c) 2003-2005 ZeroC, Inc. All rights reserved. -// -// This copy of Ice is licensed to you under the terms described in the -// ICE_LICENSE file included in this distribution. -// -// ********************************************************************** - -#ifndef ICE_SSL_SERVER_TRANSCEIVER_H -#define ICE_SSL_SERVER_TRANSCEIVER_H - -#include - -namespace IceSSL -{ - -class SslServerTransceiver : public SslTransceiver -{ -public: - - virtual int handshake(int timeout = 0); - virtual void write(IceInternal::Buffer&, int); - -protected: - - virtual void showConnectionInfo(); - - SslServerTransceiver(const OpenSSLPluginIPtr&, SOCKET, const CertificateVerifierPtr&, SSL*, int); - friend class ServerContext; -}; - -} - -#endif - diff --git a/cpp/src/IceSSL/SslTransceiver.cpp b/cpp/src/IceSSL/SslTransceiver.cpp index 501fb30248e..b23974e1ebf 100644 --- a/cpp/src/IceSSL/SslTransceiver.cpp +++ b/cpp/src/IceSSL/SslTransceiver.cpp @@ -9,23 +9,16 @@ #include #include -#include #include #include -#include -#include #include -#include #include #include #include -#include #include #include -#include - using namespace std; using namespace Ice; using namespace IceInternal; @@ -63,19 +56,12 @@ IceSSL::SslTransceiver::close() try { - int shutdown = 0; - int numRetries = 100; - int retries = -numRetries; - do - { - shutdown = internalShutdownWrite(0); - retries++; - } - while((shutdown == 0) && (retries < 0)); + internalShutdownWrite(10 * 1000); } - catch(...) + catch(const Ice::Exception& e) { - // Ignore, close() should not throw exceptions. + Warning warn(_logger); + warn << "error in shutting down ssl connection " << e; } assert(_fd != INVALID_SOCKET); @@ -100,15 +86,15 @@ IceSSL::SslTransceiver::shutdownWrite() out << "shutting down ssl connection for writing\n" << toString(); } - int shutdown = 0; - int numRetries = 100; - int retries = -numRetries; - do + try { - shutdown = internalShutdownWrite(0); - retries++; + internalShutdownWrite(10 * 1000); + } + catch(const Ice::Exception& e) + { + Warning warn(_logger); + warn << "error in shutting down ssl connection " << e; } - while((shutdown == 0) && (retries < 0)); assert(_fd != INVALID_SOCKET); shutdownSocketWrite(_fd); @@ -123,212 +109,267 @@ IceSSL::SslTransceiver::shutdownReadWrite() out << "shutting down ssl connection for reading and writing\n" << toString(); } -/* - int shutdown = 0; - int numRetries = 100; - int retries = -numRetries; - do - { - shutdown = internalShutdownWrite(0); - retries++; - } - while((shutdown == 0) && (retries < 0)); -*/ - assert(_fd != INVALID_SOCKET); shutdownSocketReadWrite(_fd); } void -IceSSL::SslTransceiver::read(Buffer& buf, int timeout) +IceSSL::SslTransceiver::write(Buffer& buf, int timeout) { assert(_fd != INVALID_SOCKET); _plugin->registerThread(); + Buffer::Container::difference_type packetSize = static_cast(buf.b.end() - buf.i); - int totalBytesRead = 0; - int bytesRead; - int initReturn = 0; +#ifdef _WIN32 + // + // Limit packet size to avoid performance problems on WIN32. + // + if(packetSize > 64 * 1024) + { + packetSize = 64 * 1024; + } +#endif - // We keep reading until we're done. + // We keep writing until we're done. while(buf.i != buf.b.end()) { - // Ensure we're initialized. - initReturn = initialize(timeout); - - if(initReturn == -1) + ERR_clear_error(); + int ret = SSL_write(_sslConnection, &*buf.i, static_cast(packetSize)); + switch(SSL_get_error(_sslConnection, ret)) { - // Handshake underway, timeout immediately, easy way to deal with this. - throw TimeoutException(__FILE__, __LINE__); - } + case SSL_ERROR_NONE: + break; + + case SSL_ERROR_WANT_WRITE: + { + writeSelect(timeout); + break; + } + + // + // If session renegotiation is ever enabled this could + // occur. + // + //case SSL_ERROR_WANT_READ: + //{ + // readSelect(timeout); + // break; + //} - if(initReturn == 0) - { - // Retry the initialize call - continue; - } + case SSL_ERROR_SYSCALL: + { + if(ret == -1) + { + // IO Error in underlying BIO - // initReturn must be > 0, so we're okay to try a read + if(interrupted()) + { + continue; + } - if(!pending() && !readSelect(_readTimeout)) - { - // Nothing is left to read (according to SSL). - if(_traceLevels->security >= IceSSL::SECURITY_PROTOCOL) + if(noBuffers() && packetSize > 1024) + { + packetSize /= 2; + continue; + } + + // + // Its not clear whether this can occur, isn't + // this the same as SSL_ERROR_WANT_WRITE? + // + if(wouldBlock()) + { + writeSelect(timeout); + continue; + } + + if(connectionLost()) + { + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } + else + { + SocketException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } + } + // fall through + } + + case SSL_ERROR_ZERO_RETURN: { - Trace out(_logger, _traceLevels->securityCat); - out << "no pending application-level bytes"; + assert(ret == 0); + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = 0; + throw ex; } - // We're done here. - break; + case SSL_ERROR_SSL: + { + ProtocolException ex(__FILE__, __LINE__); + ex.message = "encountered a violation of the ssl protocol\n"; + ex.message += IceSSL::sslGetErrors(); + throw ex; + } + + default: + { + Warning warn(_logger); + warn << "IceSSL: unexpected result from SSL_write: " << SSL_get_error(_sslConnection, ret); + } } - _readTimeout = timeout; + if(_traceLevels->network >= 3) + { + Trace out(_logger, _traceLevels->networkCat); + out << "sent " << ret << " of " << packetSize; out << " bytes via ssl\n" + << fdToString(SSL_get_fd(_sslConnection)); + } - bytesRead = sslRead(&*buf.i, static_cast(packetSize)); + if(_stats) + { + _stats->bytesSent(type(), ret); + } - switch(getLastError()) - { - case SSL_ERROR_NONE: - { - if(bytesRead > 0) - { - if(_traceLevels->network >= 3) - { - Trace out(_logger, _traceLevels->networkCat); - out << "received " << bytesRead << " of " << packetSize; - out << " bytes via ssl\n" << toString(); - } + buf.i += ret; - if(_stats) - { - _stats->bytesReceived(type(), bytesRead); - } + if(packetSize > buf.b.end() - buf.i) + { + packetSize = static_cast(buf.b.end() - buf.i); + } + } +} - totalBytesRead += bytesRead; +void +IceSSL::SslTransceiver::read(Buffer& buf, int timeout) +{ + assert(_fd != INVALID_SOCKET); - buf.i += bytesRead; + _plugin->registerThread(); - if(packetSize > buf.b.end() - buf.i) - { - packetSize = static_cast(buf.b.end() - buf.i); - } - } - continue; - } + Buffer::Container::difference_type packetSize = + static_cast(buf.b.end() - buf.i); + + while(buf.i != buf.b.end()) + { + ERR_clear_error(); + int ret = SSL_read(_sslConnection, &*buf.i, static_cast(packetSize)); + switch(SSL_get_error(_sslConnection, ret)) + { + case SSL_ERROR_NONE: + break; case SSL_ERROR_WANT_READ: { - if(!readSelect(timeout)) - { - // Timeout and wait for them to arrive. - throw TimeoutException(__FILE__, __LINE__); - } + readSelect(timeout); continue; } - case SSL_ERROR_WANT_WRITE: - case SSL_ERROR_WANT_X509_LOOKUP: - { - // Perform another read. The read should take care of this. - continue; - } + // + // If session renegotiation is ever enabled this could + // occur. + // + //case SSL_ERROR_WANT_WRITE: + //{ + // writeSelect(timeout); + // break; + //} case SSL_ERROR_SYSCALL: { - if(bytesRead == -1) + if(ret == -1) { // IO Error in underlying BIO if(interrupted()) { - break; + continue; } + if(noBuffers() && packetSize > 1024) + { + packetSize /= 2; + continue; + } + + // + // Its not clear whether this can occur, isn't + // this the same as SSL_ERROR_WANT_READ? + // if(wouldBlock()) { - break; + readSelect(timeout); + continue; } - if(connectionLost()) + if(!connectionLost()) { - // - // If the connection is lost when reading data, we shut - // down the write end of the socket. This helps to unblock - // threads that are stuck in send() or select() while - // sending data. Note: I don't really understand why - // send() or select() sometimes don't detect a connection - // loss. Therefore this helper to make them detect it. - // - //assert(_fd != INVALID_SOCKET); - //shutdownSocket(_fd); - - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - - SocketException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - else // (bytesRead == 0) - { - // - // See the commment above about shutting down the - // socket if the connection is lost while reading - // data. - // - //assert(_fd != INVALID_SOCKET); - //shutdownSocket(_fd); - - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = 0; - throw ex; + SocketException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } } - } - - case SSL_ERROR_SSL: - { - ProtocolException protocolEx(__FILE__, __LINE__); - - protocolEx.message = "encountered a violation of the ssl protocol\n"; - protocolEx.message += sslGetErrors(); - - throw protocolEx; - } + // fall throught + } case SSL_ERROR_ZERO_RETURN: - { + { + // - // See the commment above about shutting down the - // socket if the connection is lost while reading - // data. + // If the connection is lost when reading data, we shut + // down the write end of the socket. This helps to unblock + // threads that are stuck in send() or select() while + // sending data. Note: I don't really understand why + // send() or select() sometimes don't detect a connection + // loss. Therefore this helper to make them detect it. // //assert(_fd != INVALID_SOCKET); //shutdownSocket(_fd); - // Indicates that that the SSL Connection has been closed. - // But does not necessarily indicate that the underlying transport - // has been closed (in the case of Ice, it definitely hasn't yet). + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); + case SSL_ERROR_SSL: + { + ProtocolException ex(__FILE__, __LINE__); + ex.message = "encountered a violation of the ssl protocol\n"; + ex.message += sslGetErrors(); throw ex; } - } - } - if(totalBytesRead == 0) - { - if(_traceLevels->security >= IceSSL::SECURITY_WARNINGS) - { - Trace out(_logger, _traceLevels->securityCat); - out << "WRN reading from ssl connection returns no bytes"; + default: + { + Warning warn(_logger); + warn << "IceSSL: unexpected result from SSL_write: " << SSL_get_error(_sslConnection, ret); + } } + + if(_traceLevels->network >= 3) + { + Trace out(_logger, _traceLevels->networkCat); + out << "received " << ret << " of " << packetSize; out << " bytes via ssl\n" << toString(); + } + + if(_stats) + { + _stats->bytesReceived(type(), ret); + } + + buf.i += ret; + + if(packetSize > buf.b.end() - buf.i) + { + packetSize = static_cast(buf.b.end() - buf.i); + } } } @@ -345,48 +386,163 @@ IceSSL::SslTransceiver::toString() const } void -IceSSL::SslTransceiver::forceHandshake() +IceSSL::SslTransceiver::initialize(int timeout) { - try - { - if(handshake(_readTimeout) > 0) - { - return; // Handshake complete. - } - } - catch(const TimeoutException&) + assert(_sslConnection != 0); + + if(_traceLevels->security >= IceSSL::SECURITY_PROTOCOL) { - // Fall through. + Trace out(_logger, _traceLevels->securityCat); + out << "Performing handshake.\n"; + out << fdToString(SSL_get_fd(_sslConnection)); } - if(_traceLevels->security >= IceSSL::SECURITY_WARNINGS) + while(true) { - Trace out(_logger, _traceLevels->securityCat); - if(_readTimeout >= 0) + ERR_clear_error(); + int result; + if(_contextType == IceSSL::Client) { - out << "Timeout occurred during SSL handshake.\n" << toString(); + result = SSL_connect(_sslConnection); } else { - out << "Failure occurred during SSL handshake.\n" << toString(); + result = SSL_accept(_sslConnection); } - } - - close(); - if(_readTimeout >= 0) - { - throw ConnectTimeoutException(__FILE__, __LINE__); - } - else - { - ConnectionRefusedException ex(__FILE__, __LINE__); -#ifdef _WIN32 - ex.error = WSAECONNREFUSED; -#else - ex.error = ECONNREFUSED; + // + // Success? + // + if(result == 1) + { + assert(SSL_is_init_finished(_sslConnection)); + + // + // Init finished, look at the connection information. + // + if((_traceLevels->security >= IceSSL::SECURITY_PROTOCOL_DEBUG) && 0) + { +#ifdef ICE_SSL_EXTRA_TRACING + // + // Only in extreme cases do we enable this, partially because it doesn't use the Logger. + // + BIOJanitor bioJanitor(BIO_new_fp(stdout, BIO_NOCLOSE)); + BIO* bio = bioJanitor.get(); + + showCertificateChain(bio); + + showPeerCertificate(bio, _contextType == IceSSL::Server : "Server" ? "Client"); + + showSharedCiphers(bio); + + showSelectedCipherInfo(bio); + + showHandshakeStats(bio); + + showSessionInfo(bio); #endif - throw ex; + } + return; + } + + switch(SSL_get_error(_sslConnection, result)) + { + case SSL_ERROR_WANT_READ: + { + readSelect(timeout); + continue; + } + + case SSL_ERROR_WANT_WRITE: + { + writeSelect(timeout); + continue; + } + + case SSL_ERROR_NONE: + { + continue; + } + + case SSL_ERROR_WANT_X509_LOOKUP: + { + Warning warn(_logger); + warn << "SSL_ERROR_NONE"; + continue; + } + + case SSL_ERROR_SYSCALL: + { + if(result == -1) + { + if(interrupted()) + { + break; + } + + assert(!wouldBlock()); + + if(connectionLost()) + { + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } + } + + SocketException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } + + case SSL_ERROR_SSL: + { + long err = SSL_get_verify_result(_sslConnection); + if(err != X509_V_OK) + { + // + // On a client we raise the CertificateVerificationException. On the + // server side we simply close the connection. + // + if(_contextType == IceSSL::Client) + { + CertificateVerificationException ex(__FILE__, __LINE__); + ex.message = getVerificationError(err); + string errors = sslGetErrors(); + if(!errors.empty()) + { + ex.message += "\n"; + ex.message += errors; + } + throw ex; + } + else + { + // + // Validation failed, close the connection. + // + throw ConnectionRefusedException(__FILE__, __LINE__); + } + } + + // + // This happens if the client or server silently drop + // the connection. That can occur if the server + // doesn't trust the client for example. + // + ProtocolException ex(__FILE__, __LINE__); + ex.message = "encountered a violation of the ssl protocol during handshake\n"; + ex.message += sslGetErrors(); + throw ex; + } + + case SSL_ERROR_ZERO_RETURN: + { + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } + } } } @@ -405,10 +561,11 @@ IceSSL::SslTransceiver::getTransceiver(SSL* sslPtr) } // -// Note: Do not throw exceptions from verifyCertificate - it would rip through the OpenSSL system, -// interfering with the usual handling and alert system of the handshake. Exceptions should -// be caught here (if they can be generated), logged and then a fail return code (0) should -// returned. +// Note: Do not throw exceptions from verifyCertificate - it would rip +// through the OpenSSL system, interfering with the usual handling and +// alert system of the handshake. Exceptions should be caught here +// (if they can be generated), logged and then a fail return code (0) +// should returned. // int IceSSL::SslTransceiver::verifyCertificate(int preVerifyOkay, X509_STORE_CTX* x509StoreContext) @@ -468,305 +625,112 @@ IceSSL::SslTransceiver::verifyCertificate(int preVerifyOkay, X509_STORE_CTX* x50 // Protected Methods // -// Note: I would use a using directive of the form: -// using IceSSL::CertificateVerifierPtr; -// but unfortunately, it appears that this is not properly picked up. -// - -int +void IceSSL::SslTransceiver::internalShutdownWrite(int timeout) { - if(_sslConnection == 0) - { - return 1; - } - - int retCode = 0; - - if(_initWantWrite) - { - int i = writeSelect(timeout); - - if(i == 0) - { - return 0; - } - - _initWantWrite = 0; - } - else if(_initWantRead) - { - int i = readSelect(timeout); - - if(i == 0) - { - return 0; - } - - _initWantRead = 0; - } - - ERR_clear_error(); - - retCode = SSL_shutdown(_sslConnection); - - if(retCode == 1) - { - // Shutdown successful - shut down the socket for writing. - shutdownSocketWrite(SSL_get_fd(_sslConnection)); - } - else if(retCode == -1) - { - setLastError(retCode); - - // Shutdown failed due to an error. - - switch(getLastError()) - { - case SSL_ERROR_WANT_WRITE: - { - _initWantWrite = 1; - retCode = 0; - break; - } - - case SSL_ERROR_WANT_READ: - { - _initWantRead = 1; - retCode = 0; - break; - } - - case SSL_ERROR_NONE: - case SSL_ERROR_WANT_X509_LOOKUP: - { - // Ignore - retCode = 0; - break; - } - - case SSL_ERROR_SYSCALL: - { - // - // Some error with the underlying transport. - // - - if(interrupted()) - { - retCode = 0; - break; - } - - if(wouldBlock()) - { - readSelect(timeout); - retCode = 0; - break; - } - - if(connectionLost()) - { - ConnectionLostException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - - // - // Non-specific socket problem. - // - SocketException ex(__FILE__, __LINE__); - ex.error = getSocketErrno(); - throw ex; - } - - case SSL_ERROR_SSL: - { - // - // Error in the SSL library, usually a Protocol error. - // - - ProtocolException protocolEx(__FILE__, __LINE__); - - protocolEx.message = "encountered a violation of the ssl protocol during shutdown\n"; - protocolEx.message += sslGetErrors(); - - throw protocolEx; - } - - case SSL_ERROR_ZERO_RETURN: - { - // - // Indicates that the SSL connection has been closed. For SSLv3.0 - // and TLSv1.0, it indicates that a closure alert was received, - // and thus the connection has been closed cleanly. - // - - CloseConnectionException ex(__FILE__, __LINE__); - throw ex; - } - } - } - - return retCode; -} - -int -IceSSL::SslTransceiver::connect() -{ - assert(_sslConnection != 0); - - ERR_clear_error(); - int result = SSL_connect(_sslConnection); - - setLastError(result); - - return result; -} - -int -IceSSL::SslTransceiver::accept() -{ - assert(_sslConnection != 0); - - ERR_clear_error(); - int result = SSL_accept(_sslConnection); - - setLastError(result); - - return result; -} - -// NOTE: Currently not used, maybe later. -int -IceSSL::SslTransceiver::renegotiate() -{ - assert(_sslConnection != 0); - return SSL_renegotiate(_sslConnection); -} - -int -IceSSL::SslTransceiver::initialize(int timeout) -{ - int retCode = 0; - while(true) { - // One lucky thread will get the honor of carrying out the hanshake, - // if there is one to perform. The HandshakeSentinel effectively - // establishes a first-come, first-serve policy. One thread will own - // the handshake, and the others will either return rejected to the - // caller (who will figure out what to do with them) OR wait until - // our lead thread is done. Then, the shuffle begins again. - // Eventually, all threads will filter through. - - HandshakeSentinel handshakeSentinel(_handshakeFlag); - - if(!handshakeSentinel.ownHandshake()) - { - if(timeout >= 0) - { - // We should return immediately here - do not block, - // leave it to the caller to figure this out. - retCode = -1; - break; - } - else - { - // We will wait here - blocking IO is being used. - IceUtil::Mutex::Lock sync(_handshakeWaitMutex); - } - } - else - { - // Perform our init(), then leave. - IceUtil::Mutex::Lock sync(_handshakeWaitMutex); - - // Here we 'take the ball and run with it' for as long as we can - // get away with it. As long as we don't encounter some error - // status (or completion), this thread continues to service the - // initialize() call. - while(retCode == 0) - { - switch(_phase) - { - case Handshake : - { - retCode = handshake(timeout); - break; - } - - case Shutdown : - { - retCode = internalShutdownWrite(timeout); - break; - } - - case Connected : - { - retCode = SSL_is_init_finished(_sslConnection); - - if(!retCode) - { - // In this case, we are essentially renegotiating - // the connection at the behest of the peer. - _phase = Handshake; - continue; - } - - // Done here. - return retCode; - } - } - } - - break; - } - } - - return retCode; -} - -int -IceSSL::SslTransceiver::pending() -{ - assert(_sslConnection != 0); - return SSL_pending(_sslConnection); -} - -int -IceSSL::SslTransceiver::getLastError() const -{ - assert(_sslConnection != 0); - return SSL_get_error(_sslConnection, _lastError); -} - -int -IceSSL::SslTransceiver::sslRead(unsigned char* buffer, int bufferSize) -{ - assert(_sslConnection != 0); - - ERR_clear_error(); - int bytesRead = SSL_read(_sslConnection, buffer, bufferSize); + ERR_clear_error(); + int result = SSL_shutdown(_sslConnection); + if(result == 0) + { + // + // From the documentation: + // + // The shutdown is not yet finished. Call SSL_shutdown() + // for a second time, if a bidirectional shutdown shall be + // performed. The output of SSL_get_error(3) may be + // misleading, as an erroneous SSL_ERROR_SYSCALL may be + // flagged even though no error occurred. + // + // Call it one more time. If the result is 0 then we're done. + // + result = SSL_shutdown(_sslConnection); + if(result == 0) + { + return; + } + } + if(result == 1) + { + // Shutdown successful - shut down the socket for writing. + shutdownSocketWrite(SSL_get_fd(_sslConnection)); + return; + } + else if(result == -1) + { + switch(SSL_get_error(_sslConnection, result)) + { + case SSL_ERROR_WANT_WRITE: + { + writeSelect(timeout); + continue; + } + + case SSL_ERROR_WANT_READ: + { + readSelect(timeout); + continue; + } + + case SSL_ERROR_NONE: + case SSL_ERROR_WANT_X509_LOOKUP: + { + continue; + } + + case SSL_ERROR_SYSCALL: + { + if(interrupted()) + { + continue; + } - setLastError(bytesRead); + assert(!wouldBlock()); - return bytesRead; -} + if(connectionLost()) + { + ConnectionLostException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } -int -IceSSL::SslTransceiver::sslWrite(unsigned char* buffer, int bufferSize) -{ - assert(_sslConnection != 0); + // + // Non-specific socket problem. + // + SocketException ex(__FILE__, __LINE__); + ex.error = getSocketErrno(); + throw ex; + } - ERR_clear_error(); - int bytesWritten = SSL_write(_sslConnection, buffer, bufferSize); + case SSL_ERROR_SSL: + { + // + // Error in the SSL library, usually a Protocol error. + // - setLastError(bytesWritten); + ProtocolException ex(__FILE__, __LINE__); + ex.message = "encountered a violation of the ssl protocol during shutdown\n"; + ex.message += sslGetErrors(); + throw ex; + } - return bytesWritten; + case SSL_ERROR_ZERO_RETURN: + { + // + // Indicates that the SSL connection has been + // closed. For SSLv3.0 and TLSv1.0, it indicates + // that a closure alert was received, and thus the + // connection has been closed cleanly. + // + throw CloseConnectionException(__FILE__, __LINE__); + } + } + } + } } -int +void IceSSL::SslTransceiver::select(int timeout, bool write) { int ret; @@ -824,20 +788,18 @@ IceSSL::SslTransceiver::select(int timeout, bool write) { throw TimeoutException(__FILE__, __LINE__); } - - return FD_ISSET(fd, &rwFdSet); } -int +void IceSSL::SslTransceiver::readSelect(int timeout) { - return select(timeout, false); + select(timeout, false); } -int +void IceSSL::SslTransceiver::writeSelect(int timeout) { - return select(timeout, true); + select(timeout, true); } // @@ -1044,34 +1006,34 @@ IceSSL::SslTransceiver::showClientCAList(BIO* bio, const char* connType) // Private Methods // -IceSSL::SslTransceiver::SslTransceiver(const OpenSSLPluginIPtr& plugin, +IceSSL::SslTransceiver::SslTransceiver(const ContextType contextType, + const OpenSSLPluginIPtr& plugin, SOCKET fd, const CertificateVerifierPtr& certificateVerifier, SSL* sslConnection, int timeout) : - _sslConnection(sslConnection), - _readTimeout(timeout), + _contextType(contextType), _plugin(plugin), - _traceLevels(plugin->getTraceLevels()), - _logger(plugin->getLogger()), - _stats(plugin->getStats()), _fd(fd), - _certificateVerifier(certificateVerifier) + _certificateVerifier(certificateVerifier), + _sslConnection(sslConnection), + _logger(plugin->getLogger()), + _traceLevels(plugin->getTraceLevels()), + _stats(plugin->getStats()) { assert(sslConnection != 0); - FD_ZERO(&_rFdSet); - FD_ZERO(&_wFdSet); - SSL_set_ex_data(sslConnection, 0, static_cast(plugin.get())); - // We always start off in a Handshake - _phase = Handshake; - - _lastError = SSL_ERROR_NONE; - - _initWantRead = 0; - _initWantWrite = 0; + // Set the Connect Connection state for this connection. + if(contextType == IceSSL::Client) + { + SSL_set_connect_state(_sslConnection); + } + else + { + SSL_set_accept_state(_sslConnection); + } // Set up the SSL to be able to refer back to our connection object. addTransceiver(_sslConnection, this); @@ -1079,11 +1041,10 @@ IceSSL::SslTransceiver::SslTransceiver(const OpenSSLPluginIPtr& plugin, IceSSL::SslTransceiver::~SslTransceiver() { - if(_sslConnection != 0) - { - removeTransceiver(_sslConnection); - SSL_set_ex_data(_sslConnection, 0, 0); - SSL_free(_sslConnection); - _sslConnection = 0; - } + assert(_sslConnection != 0); + + removeTransceiver(_sslConnection); + SSL_set_ex_data(_sslConnection, 0, 0); + SSL_free(_sslConnection); + _sslConnection = 0; } diff --git a/cpp/src/IceSSL/SslTransceiver.h b/cpp/src/IceSSL/SslTransceiver.h index 8d875451235..6e1e35d167f 100644 --- a/cpp/src/IceSSL/SslTransceiver.h +++ b/cpp/src/IceSSL/SslTransceiver.h @@ -11,15 +11,16 @@ #define ICE_SSL_TRANSCEIVER_H #include -#include #include #include -#include -#include #include #include #include #include + +#include +#include +#include #include #include @@ -28,102 +29,15 @@ namespace IceSSL { -class SafeFlag -{ -public: - - SafeFlag(bool flagVal = false) - { - _flag = flagVal; - } - - ~SafeFlag() - { - } - - bool checkAndSet() - { - IceUtil::Mutex::Lock sync(_mutex); - - if(_flag) - { - return false; - } - else - { - _flag = true; - return true; - } - } - - bool check() - { - IceUtil::Mutex::Lock sync(_mutex); - return _flag; - } - - void set() - { - IceUtil::Mutex::Lock sync(_mutex); - _flag = true; - } - - void unset() - { - IceUtil::Mutex::Lock sync(_mutex); - _flag = false; - } - -private: - - IceUtil::Mutex _mutex; - bool _flag; -}; - -class HandshakeSentinel -{ -public: - - HandshakeSentinel(SafeFlag& handshakeFlag) : - _flag(handshakeFlag) - { - _ownHandshake = _flag.checkAndSet(); - } - - ~HandshakeSentinel() - { - if(_ownHandshake) - { - _flag.unset(); - } - } - - bool ownHandshake() - { - return _ownHandshake; - } - -private: - - bool _ownHandshake; - SafeFlag& _flag; -}; - -// NOTE: This is a mapping from SSL* to SslTransceiver*, for use with the verifyCallback. -// I have purposely not used SslTransceiverPtr here, as connections register themselves -// with this map on construction and unregister themselves in the destructor. If -// this map used SslTransceiverPtr, SslTransceiver instances would never destruct as there -// would always be a reference to them from the map. +// NOTE: This is a mapping from SSL* to SslTransceiver*, for use with +// the verifyCallback. I have purposely not used SslTransceiverPtr +// here, as connections register themselves with this map on +// construction and unregister themselves in the destructor. If this +// map used SslTransceiverPtr, SslTransceiver instances would never +// destruct as there would always be a reference to them from the map. class SslTransceiver; typedef std::map SslTransceiverMap; -typedef enum -{ - Handshake, // The connection is negotiating a connection with the peer. - Shutdown, // The connection is in the process of shutting down. - Connected // The connection is connected - communication may continue. -} ConnectPhase; - class SslTransceiver : public IceInternal::Transceiver { public: @@ -132,38 +46,24 @@ public: virtual void close(); virtual void shutdownWrite(); virtual void shutdownReadWrite(); - virtual void write(IceInternal::Buffer&, int) = 0; + virtual void write(IceInternal::Buffer&, int); virtual void read(IceInternal::Buffer&, int); virtual std::string type() const; virtual std::string toString() const; + virtual void initialize(int timeout); - void forceHandshake(); - virtual int handshake(int timeout = 0) = 0; static SslTransceiverPtr getTransceiver(SSL*); // Callback from OpenSSL for purposes of certificate verification int verifyCertificate(int, X509_STORE_CTX*); -protected: - - int internalShutdownWrite(int timeout); - - int connect(); - int accept(); - int renegotiate(); - int initialize(int timeout); - - int pending(); - int getLastError() const; - - int sslRead(unsigned char*, int); - int sslWrite(unsigned char*, int); +private: - int select(int, bool); - int readSelect(int); - int writeSelect(int); + void internalShutdownWrite(int timeout); - int readSSL(IceInternal::Buffer&, int); + void select(int, bool); + void readSelect(int); + void writeSelect(int); static void addTransceiver(SSL*, SslTransceiver*); static void removeTransceiver(SSL*); @@ -176,40 +76,23 @@ protected: void showHandshakeStats(BIO*); void showClientCAList(BIO*, const char*); - void setLastError(int errorCode) { _lastError = errorCode; } - - virtual void showConnectionInfo() = 0; - static SslTransceiverMap _transceiverMap; static IceUtil::StaticMutex _transceiverRepositoryMutex; - // Pointer to the OpenSSL Connection structure. - SSL* _sslConnection; - - int _lastError; - - IceUtil::Mutex _handshakeWaitMutex; - - SafeFlag _handshakeFlag; - int _initWantRead; - int _initWantWrite; - int _readTimeout; - - ConnectPhase _phase; - - SslTransceiver(const OpenSSLPluginIPtr&, SOCKET, const IceSSL::CertificateVerifierPtr&, SSL*, int); + SslTransceiver(ContextType, const OpenSSLPluginIPtr&, SOCKET, const IceSSL::CertificateVerifierPtr&, SSL*, int); virtual ~SslTransceiver(); + friend class ClientContext; + friend class ServerContext; + // Pointer to the OpenSSL Connection structure. + const ContextType _contextType; const OpenSSLPluginIPtr _plugin; - const TraceLevelsPtr _traceLevels; + SOCKET _fd; + const IceSSL::CertificateVerifierPtr _certificateVerifier; + /*const*/ SSL* _sslConnection; const Ice::LoggerPtr _logger; + const TraceLevelsPtr _traceLevels; const Ice::StatsPtr _stats; - - SOCKET _fd; - fd_set _rFdSet; - fd_set _wFdSet; - - IceSSL::CertificateVerifierPtr _certificateVerifier; }; } -- cgit v1.2.3