summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOssama Othman <ossama-othman@users.noreply.github.com>2002-01-17 06:50:53 +0000
committerOssama Othman <ossama-othman@users.noreply.github.com>2002-01-17 06:50:53 +0000
commit88e9cab6f18d8436b503553ae595a4a7bc4cc6c6 (patch)
tree76239f6a6d2b4ebc2d710f432023322a6788fcd0
parented0959200a1f301be71aaf2c3b4b897e39cdf7e4 (diff)
downloadATCD-88e9cab6f18d8436b503553ae595a4a7bc4cc6c6.tar.gz
ChangeLogTag:Wed Jan 16 22:46:12 2002 Ossama Othman <ossama@uci.edu>
Diffstat
-rw-r--r--TAO/ChangeLogs/ChangeLog-02a22
-rw-r--r--TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.cpp66
-rw-r--r--TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.h3
-rw-r--r--TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp54
4 files changed, 95 insertions, 50 deletions
diff --git a/TAO/ChangeLogs/ChangeLog-02a b/TAO/ChangeLogs/ChangeLog-02a
index 1bd2a89b69b..96bc25be36f 100644
--- a/TAO/ChangeLogs/ChangeLog-02a
+++ b/TAO/ChangeLogs/ChangeLog-02a
@@ -1,3 +1,25 @@
+Wed Jan 16 22:46:12 2002 Ossama Othman <ossama@uci.edu>
+
+ * orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.h (ssliop_connect):
+
+ Updated this method to accept a "no protection" parameter.
+
+ * orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.cpp
+ (connect, ssliop_connect):
+
+ In the "NoProtection/EstablishTrust" case, establish a
+ connection using the "eNULL" cipher. This disables encryption
+ but allows certificate authentication to occur. Previously two
+ connections were used, one to authenticate over SSL and the
+ other to invoke requests over plain IIOP, which is clearly
+ undesirable.
+
+ * orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp (init):
+
+ If "NoProtection" is enabled, then add the "eNULL" cipher to the
+ default cipher list. This allows encryption to be disabled
+ while allowing certificate authentication to occur.
+
Wed Jan 16 20:08:39 2002 Ossama Othman <ossama@uci.edu>
* orbsvcs/orbsvcs/Security/PrincipalAuthenticator.h:
diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.cpp
index 75036087f93..490f740242d 100644
--- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.cpp
+++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.cpp
@@ -159,23 +159,25 @@ TAO_SSLIOP_Connector::connect (TAO_GIOP_Invocation *invocation,
// if no establishment of trust policy was set. Specifically, if
// the "trust" pointer below is zero, then the SSLIOP pluggable
// protocol default value will be used.
- Security::EstablishTrust *trust = 0;
- Security::EstablishTrust tmp_trust = { 0 , 0 };
+ Security::EstablishTrust trust = { 0 , 0 };
if (!CORBA::is_nil (trust_policy.in ()))
{
- tmp_trust = trust_policy->trust (TAO_ENV_SINGLE_ARG_PARAMETER);
+ trust = trust_policy->trust (TAO_ENV_SINGLE_ARG_PARAMETER);
ACE_CHECK_RETURN (-1);
-
- trust = &tmp_trust;
}
+ // Flag that states whether any form of establishment of trust
+ // should occur.
+ CORBA::Boolean establish_trust =
+ trust.trust_in_target || trust.trust_in_client;
+
// @@ Should this be in a "policy validator?"
//
// If the SSL port is zero, then no SSLIOP tagged component was
// available in the IOR, meaning that there is no way to establish
// trust. Throw an exception.
if (ssl_endpoint->ssl_component ().port == 0
- && trust != 0)
+ && establish_trust)
{
if (TAO_debug_level > 0)
{
@@ -235,34 +237,16 @@ TAO_SSLIOP_Connector::connect (TAO_GIOP_Invocation *invocation,
-1);
}
- if (no_protection || ssl_endpoint->ssl_component ().port == 0)
+ if ((!establish_trust && no_protection)
+ || ssl_endpoint->ssl_component ().port == 0)
{
- // If establishment of trust is required, then establish an
- // SSLIOP connection first. Certificate verification will occur
- // during the connection negotiation. If the SSLIOP connection
- // is successfully negotiated, then trust is established and
- // continue on to the unprotected connection.
- if (ssl_endpoint->ssl_component ().port != 0
- && trust != 0
- && trust->trust_in_target)
- {
- int result = this->ssliop_connect (ssl_endpoint,
- trust,
- invocation,
- desc
- TAO_ENV_ARG_PARAMETER);
- ACE_CHECK_RETURN (-1);
-
- if (result != 0)
- return -1;
- }
-
return this->iiop_connect (ssl_endpoint,
invocation
TAO_ENV_ARG_PARAMETER);
}
return this->ssliop_connect (ssl_endpoint,
+ no_protection,
trust,
invocation,
desc
@@ -353,7 +337,8 @@ TAO_SSLIOP_Connector::iiop_connect (TAO_SSLIOP_Endpoint *ssl_endpoint,
int
TAO_SSLIOP_Connector::ssliop_connect (TAO_SSLIOP_Endpoint *ssl_endpoint,
- Security::EstablishTrust *trust,
+ int no_protection,
+ const Security::EstablishTrust &trust,
TAO_GIOP_Invocation *invocation,
TAO_Transport_Descriptor_Interface *desc
TAO_ENV_ARG_DECL)
@@ -435,8 +420,7 @@ TAO_SSLIOP_Connector::ssliop_connect (TAO_SSLIOP_Endpoint *ssl_endpoint,
// ACE_Strategy_Connector (the "base_connector_"). This is
// thread-safe and reentrant, hence no synchronization is
// necessary.
- if (trust != 0
- &&(trust->trust_in_client || trust->trust_in_target)
+ if ((trust.trust_in_client || trust.trust_in_target)
&& this->base_connector_.creation_strategy ()->make_svc_handler (
svc_handler) == 0)
{
@@ -448,11 +432,11 @@ TAO_SSLIOP_Connector::ssliop_connect (TAO_SSLIOP_Endpoint *ssl_endpoint,
//
// In SSLIOP's case, trust_in_client also implies
// trust_in_target.
- if (trust->trust_in_client)
+ if (trust.trust_in_client)
verify_mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
// Require verification of the target's certificate.
- else if (trust->trust_in_target)
+ else if (trust.trust_in_target)
verify_mode = SSL_VERIFY_PEER;
// Trust in neither the client nor the target is required.
@@ -462,6 +446,18 @@ TAO_SSLIOP_Connector::ssliop_connect (TAO_SSLIOP_Endpoint *ssl_endpoint,
::SSL_set_verify (svc_handler->peer().ssl(),
verify_mode,
0);
+
+ if (no_protection
+ && ::SSL_set_cipher_list (svc_handler->peer().ssl(),
+ "eNULL") == 0)
+ {
+ if (TAO_debug_level > 0)
+ ACE_DEBUG ((LM_ERROR,
+ ACE_TEXT ("(%P|%t) Unable to set eNULL ")
+ ACE_TEXT ("SSL cipher.\n")));
+
+ ACE_THROW_RETURN (CORBA::INV_POLICY (), -1);
+ }
}
// @@ This needs to change in the next round when we implement
@@ -490,7 +486,7 @@ TAO_SSLIOP_Connector::ssliop_connect (TAO_SSLIOP_Endpoint *ssl_endpoint,
if (TAO_debug_level > 0)
ACE_DEBUG ((LM_DEBUG,
- ACE_TEXT ("(%P|%t) SSLIOP_Connector::connect ")
+ ACE_TEXT ("(%P|%t) SSLIOP_Connector::connect - ")
ACE_TEXT ("The result is <%d> \n"), result));
if (result == -1)
@@ -501,10 +497,8 @@ TAO_SSLIOP_Connector::ssliop_connect (TAO_SSLIOP_Endpoint *ssl_endpoint,
ssl_endpoint->addr_to_string (buffer,
sizeof (buffer) - 1);
ACE_DEBUG ((LM_ERROR,
- ACE_TEXT ("(%P|%t) %s:%u, connection to ")
+ ACE_TEXT ("(%P|%t) %N:%l, connection to ")
ACE_TEXT ("%s, SSL port %d failed (%p)\n"),
- __FILE__,
- __LINE__,
buffer,
remote_address.get_port_number (),
ACE_TEXT ("errno")));
diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.h b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.h
index 5c11930cfc4..a33118639a9 100644
--- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.h
+++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Connector.h
@@ -82,7 +82,8 @@ protected:
/// SSLIOP-specific connection establishment.
int ssliop_connect (TAO_SSLIOP_Endpoint *ssliop_endpoint,
- Security::EstablishTrust *trust,
+ int no_protection,
+ const Security::EstablishTrust &trust,
TAO_GIOP_Invocation *invocation,
TAO_Transport_Descriptor_Interface *desc
TAO_ENV_ARG_DECL);
diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
index ddba949a6b3..4787652afe6 100644
--- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
+++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
@@ -66,19 +66,24 @@ TAO_SSLIOP_Protocol_Factory::init (int argc,
for (int curarg = 0; curarg != argc; ++curarg)
{
if (ACE_OS::strcasecmp (argv[curarg],
- "-SSLDisable") == 0)
+ "-SSLNoProtection") == 0)
{
- ACE_ERROR ((LM_WARNING,
- ACE_TEXT ("(%P|%t) \"-SSLDisable\" has been ")
- ACE_TEXT ("superceded by the ")
- ACE_TEXT ("\"-SSLNoProtection\" option.\n")));
+ // Enable the eNULL cipher. Note that enabling the "eNULL"
+ // cipher only disables encryption. However, certificate
+ // exchanges will still occur.
+ if (::SSL_CTX_set_cipher_list (
+ ACE_SSL_Context::instance ()->context (),
+ "DEFAULT:eNULL") == 0)
+ {
+ if (TAO_debug_level > 0)
+ ACE_DEBUG ((LM_ERROR,
+ ACE_TEXT ("(%P|%t) Unable to set eNULL ")
+ ACE_TEXT ("SSL cipher in SSLIOP ")
+ ACE_TEXT ("factory.\n")));
- this->no_protection_ = 1;
- }
+ return -1;
+ }
- else if (ACE_OS::strcasecmp (argv[curarg],
- "-SSLNoProtection") == 0)
- {
this->no_protection_ = 1;
}
@@ -94,6 +99,7 @@ TAO_SSLIOP_Protocol_Factory::init (int argc,
const char *path =
ACE_OS::strtok_r (0, ":", &lasts);
int type = -1;
+
if (ACE_OS::strcasecmp (type_name, "ASN1") == 0)
{
type = SSL_FILETYPE_ASN1;
@@ -102,7 +108,17 @@ TAO_SSLIOP_Protocol_Factory::init (int argc,
{
type = SSL_FILETYPE_PEM;
}
- ACE_SSL_Context::instance ()->certificate (path, type);
+
+ if (ACE_SSL_Context::instance ()->certificate (path, type) != 0)
+ {
+ if (TAO_debug_level > 0)
+ ACE_DEBUG ((LM_ERROR,
+ ACE_TEXT ("(%P|%t) Unable to set eNULL ")
+ ACE_TEXT ("SSL cipher in SSLIOP ")
+ ACE_TEXT ("factory.\n")));
+
+ return -1;
+ }
}
}
@@ -126,7 +142,18 @@ TAO_SSLIOP_Protocol_Factory::init (int argc,
{
type = SSL_FILETYPE_PEM;
}
- ACE_SSL_Context::instance ()->private_key (path, type);
+
+ if (ACE_SSL_Context::instance ()->private_key (path, type) != 0)
+ {
+ if (TAO_debug_level > 0)
+ ACE_DEBUG ((LM_ERROR,
+ ACE_TEXT ("(%P|%t) Unable to set eNULL ")
+ ACE_TEXT ("SSL cipher in SSLIOP ")
+ ACE_TEXT ("factory.\n")));
+
+ return -1;
+ }
+
}
}
@@ -149,8 +176,9 @@ TAO_SSLIOP_Protocol_Factory::init (int argc,
|| ACE_OS::strcasecmp (argv[curarg],
"SERVER_AND_CLIENT") == 0)
{
- mode = SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
+ mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
}
+
ACE_SSL_Context::instance ()->default_verify_mode (mode);
}
}
View Lorry Controller Status