diff options
author | Adam Mitz <mitza@ociweb.com> | 2018-09-14 10:37:21 -0500 |
---|---|---|
committer | Adam Mitz <mitza@ociweb.com> | 2018-09-14 10:37:21 -0500 |
commit | 07537d121db79a027dea811939fba8b13c2c44c3 (patch) | |
tree | 46990cbccf3637bbb428354e7900e86b7bf8ac76 | |
parent | cf17fe5fa4028d4010d1223f1af8c5750216b690 (diff) | |
download | ATCD-07537d121db79a027dea811939fba8b13c2c44c3.tar.gz |
Updated SSLECName option (see PR #683) for compatibility with OpenSSL libraries built without EC support; applied style guidelines
-rw-r--r-- | TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp | 88 |
1 files changed, 45 insertions, 43 deletions
diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp index 9956fad29a0..6cea0ee37ed 100644 --- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp +++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp @@ -548,16 +548,15 @@ TAO::SSLIOP::Protocol_Factory::init (int argc, ACE_TCHAR* argv[]) { this->check_host_ = true; } - else if (ACE_OS::strcasecmp(argv[curarg], - ACE_TEXT("-SSLEcName")) == 0) - { - curarg++; + else if (ACE_OS::strcasecmp (argv[curarg], + ACE_TEXT ("-SSLEcName")) == 0) + { + ++curarg; if (curarg < argc) - { + { ec_name = static_cast<const char *>(ACE_TEXT_ALWAYS_CHAR(argv[curarg])); - } - } - + } + } } if (pem_passwd_.length() > 0) @@ -740,50 +739,53 @@ TAO::SSLIOP::Protocol_Factory::init (int argc, ACE_TCHAR* argv[]) } } - if (ec_name.in() != 0) - { - int ec_nid = OBJ_sn2nid(ec_name.in()); + if (ec_name.in ()) + { +#ifdef OPENSSL_NO_EC + ORBSVCS_ERROR ((LM_ERROR, + ACE_TEXT ("TAO (%P|%t) - Unable to apply -SSLEcName ") + ACE_TEXT ("due to lack of EC support in OpenSSL\n"))); + return -1; +#else + int const ec_nid = OBJ_sn2nid (ec_name.in ()); if (ec_nid == NID_undef) - { - ORBSVCS_ERROR((LM_ERROR, - ACE_TEXT("TAO (%P|%t) - Unable to obtain ") - ACE_TEXT("EC NID for <%C> ") - ACE_TEXT("in SSLIOP factory.\n"), - ec_name.in())); + { + ORBSVCS_ERROR ((LM_ERROR, + ACE_TEXT ("TAO (%P|%t) - Unable to obtain ") + ACE_TEXT ("EC NID for <%C> in SSLIOP factory.\n"), + ec_name.in ())); return -1; - } + } - EC_KEY *ecdh = EC_KEY_new_by_curve_name(ec_nid); + EC_KEY *const ecdh = EC_KEY_new_by_curve_name (ec_nid); if (!ecdh) - { - ORBSVCS_ERROR((LM_ERROR, - ACE_TEXT("TAO (%P|%t) - Unable to set ") - ACE_TEXT("Curve Name ") - ACE_TEXT("<%C> in SSLIOP factory.\n"), - ec_name.in())); + { + ORBSVCS_ERROR ((LM_ERROR, + ACE_TEXT ("TAO (%P|%t) - Unable to set Curve Name ") + ACE_TEXT ("<%C> in SSLIOP factory.\n"), + ec_name.in ())); return -1; - } + } - if (1 != ::SSL_CTX_set_tmp_ecdh(ssl_ctx->context(), ecdh)) - { - ORBSVCS_ERROR((LM_ERROR, - ACE_TEXT("TAO (%P|%t) - Unable to set ") - ACE_TEXT("temp ECDH ") - ACE_TEXT("<%C> in SSLIOP factory.\n"), - ec_name.in())); + if (1 != ::SSL_CTX_set_tmp_ecdh (ssl_ctx->context (), ecdh)) + { + ORBSVCS_ERROR ((LM_ERROR, + ACE_TEXT ("TAO (%P|%t) - Unable to set temp ECDH ") + ACE_TEXT ("<%C> in SSLIOP factory.\n"), + ec_name.in ())); return -1; - } + } - if (TAO_debug_level > 0) - { - ORBSVCS_DEBUG((LM_INFO, - ACE_TEXT("TAO (%P|%t) - SSLIOP set ") - ACE_TEXT("EC Curve Name ") - ACE_TEXT("to <%C>\n"), - ec_name.in())); - } - } + if (TAO_debug_level) + { + ORBSVCS_DEBUG ((LM_INFO, + ACE_TEXT ("TAO (%P|%t) - SSLIOP set EC Curve Name ") + ACE_TEXT ("to <%C>\n"), + ec_name.in ())); + } +#endif + } if (this->register_orb_initializer () != 0) return -1; |