diff options
| author | Steve Huston <shuston@riverace.com> | 2006-04-06 21:19:15 +0000 |
|---|---|---|
| committer | Steve Huston <shuston@riverace.com> | 2006-04-06 21:19:15 +0000 |
| commit | d3624bb2115581bb1411c44bdcd6d601f86d0fcd (patch) | |
| tree | c96f83599d9e7326d7711039845c41a5a26230c5 | |
| parent | e755bd38a7eb122012ca9cc8eb1a2a8ac57408b6 (diff) | |
| download | ATCD-d3624bb2115581bb1411c44bdcd6d601f86d0fcd.tar.gz | |
ChangeLogTag:Thu Apr 6 21:11:24 UTC 2006 Steve Huston <shuston@riverace.com>
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | ace/SSL/SSL_Context.cpp | 37 |
2 files changed, 32 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog index 6167491dd08..e809d466b5f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +Thu Apr 6 21:11:24 UTC 2006 Steve Huston <shuston@riverace.com> + + * ace/SSL/SSL_Context.cpp (private_key, context, dh_params): If setting + up the new file fails, reset the corresponding + ACE_SSL_Data_File member to allow retries to proceed. + Thu Apr 6 19:15:12 UTC 2006 Johnny Willemsen <jwillemsen@remedy.nl> * ace/Thread.cpp: diff --git a/ace/SSL/SSL_Context.cpp b/ace/SSL/SSL_Context.cpp index 8ddb3db3587..54ce70a6d2c 100644 --- a/ace/SSL/SSL_Context.cpp +++ b/ace/SSL/SSL_Context.cpp @@ -397,7 +397,10 @@ ACE_SSL_Context::private_key (const char *file_name, if (::SSL_CTX_use_PrivateKey_file (this->context_, this->private_key_.file_name (), this->private_key_.type ()) <= 0) - return -1; + { + this->private_key_ = ACE_SSL_Data_File (); + return -1; + } else return this->verify_private_key (); } @@ -424,7 +427,10 @@ ACE_SSL_Context::certificate (const char *file_name, if (::SSL_CTX_use_certificate_file (this->context_, this->certificate_.file_name (), this->certificate_.type ()) <= 0) - return -1; + { + this->certificate_ = ACE_SSL_Data_File (); + return -1; + } else return 0; } @@ -525,30 +531,39 @@ ACE_SSL_Context::dh_params (const char *file_name, if (this->dh_params_.type () != -1) return 0; + // For now we only support PEM encodings + if (type != SSL_FILETYPE_PEM) + return -1; + this->dh_params_ = ACE_SSL_Data_File (file_name, type); this->check_context (); { - // For now we only support PEM encodings - if (this->dh_params_.type () != SSL_FILETYPE_PEM) - return -1; - // Swiped from Rescorla's examples and the OpenSSL s_server.c app DH * ret=0; BIO * bio = 0; if ((bio = ::BIO_new_file (this->dh_params_.file_name (), "r")) == NULL) - return -1; + { + this->dh_params_ = ACE_SSL_Data_File (); + return -1; + } ret = PEM_read_bio_DHparams (bio, NULL, NULL, NULL); BIO_free (bio); if (ret == 0) - return -1; - - if(::SSL_CTX_set_tmp_dh (this->context_, ret) < 0) - return -1; + { + this->dh_params_ = ACE_SSL_Data_File (); + return -1; + } + + if (::SSL_CTX_set_tmp_dh (this->context_, ret) < 0) + { + this->dh_params_ = ACE_SSL_Data_File (); + return -1; + } DH_free (ret); } |