Merge pull request #1113 from jwillemsen/jwi-sslimprov

Minor ACE SSL related changes

12 files changed, 43 insertions, 66 deletions

diff --git a/ACE/ace/SSL/SSL_Asynch_Stream.cpp b/ACE/ace/SSL/SSL_Asynch_Stream.cpp
index b493e98a750..f084c5375e7 100644
--- a/ACE/ace/SSL/SSL_Asynch_Stream.cpp
+++ b/ACE/ace/SSL/SSL_Asynch_Stream.cpp
@@ -256,7 +256,6 @@ ACE_SSL_Asynch_Stream::open (ACE_Handler & handler,
         ACE_TEXT ("- invalid handle")),
        -1);
 
-
   // Get a proactor for/from the user.
   this->proactor_    = this->get_proactor (proactor, handler);
   this->ext_handler_ = & handler;
@@ -407,8 +406,7 @@ ACE_SSL_Asynch_Stream::do_SSL_state_machine (void)
 {
   // this protected member should be called
   // with locked mutex_
-
-  int retval = this->do_SSL_handshake ();
+  int const retval = this->do_SSL_handshake ();
 
   if (retval == 0)          // handshake in progress ?
     return 0;
@@ -527,7 +525,7 @@ ACE_SSL_Asynch_Stream::do_SSL_handshake (void)
          -1);
     }
 
-  int status = ::SSL_get_error (this->ssl_, retval);
+  int const status = ::SSL_get_error (this->ssl_, retval);
 
   switch (status)
     {
@@ -552,7 +550,6 @@ ACE_SSL_Asynch_Stream::do_SSL_handshake (void)
   return 1;
 }
 
-
 bool
 ACE_SSL_Asynch_Stream::post_handshake_check (void)
 {
diff --git a/ACE/ace/SSL/SSL_Context.cpp b/ACE/ace/SSL/SSL_Context.cpp
index bbbfb632541..e0d6530f426 100644
--- a/ACE/ace/SSL/SSL_Context.cpp
+++ b/ACE/ace/SSL/SSL_Context.cpp
@@ -352,7 +352,6 @@ ACE_SSL_Context::filter_versions (const char* versionlist)
   return 0;
 }
 
-
 bool
 ACE_SSL_Context::check_host (const ACE_INET_Addr &host, SSL *peerssl)
 {
@@ -360,7 +359,6 @@ ACE_SSL_Context::check_host (const ACE_INET_Addr &host, SSL *peerssl)
 
   this->check_context ();
 
-  int result = 0;
   char name[MAXHOSTNAMELEN+1];
 
   if (peerssl == 0 || host.get_host_name (name, MAXHOSTNAMELEN) == -1)
@@ -379,13 +377,13 @@ ACE_SSL_Context::check_host (const ACE_INET_Addr &host, SSL *peerssl)
   int flags = X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT;
   size_t len = ACE_OS::strlen (name);
 
-  result = ::X509_check_host (cert, name, len, flags, peerarg);
+  int const result = ::X509_check_host (cert, name, len, flags, peerarg);
 
   if (ACE::debug ())
     {
       ACELIB_DEBUG ((LM_DEBUG,
                   ACE_TEXT ("ACE (%P|%t) SSL_Context::check_host ")
-                  ACE_TEXT ("name <%s> returns %d, peer <%s>\n"),
+                  ACE_TEXT ("name <%C> returns %d, peer <%s>\n"),
                   name, result, peer));
     }
   if (peer != 0)
@@ -516,7 +514,6 @@ ACE_SSL_Context::load_trusted_ca (const char* ca_file,
   return 0;
 }
 
-
 int
 ACE_SSL_Context::private_key (const char *file_name,
                               int type)
@@ -598,8 +595,7 @@ ACE_SSL_Context::set_verify_peer (int strict, int once, int depth)
 {
   this->check_context ();
 
-  // Setup the peer verififcation mode.
-
+  // Setup the peer verification mode.
   int verify_mode = SSL_VERIFY_PEER;
   if (once)
     verify_mode |= SSL_VERIFY_CLIENT_ONCE;
@@ -615,7 +611,6 @@ ACE_SSL_Context::set_verify_peer (int strict, int once, int depth)
     ::SSL_CTX_set_verify_depth (this->context_, depth + 1);
 }
 
-
 int
 ACE_SSL_Context::random_seed (const char * seed)
 {
diff --git a/ACE/ace/SSL/SSL_SOCK_Stream.h b/ACE/ace/SSL/SSL_SOCK_Stream.h
index c9a54fe98af..bce3cd9ec6f 100644
--- a/ACE/ace/SSL/SSL_SOCK_Stream.h
+++ b/ACE/ace/SSL/SSL_SOCK_Stream.h
@@ -75,7 +75,7 @@ public:
   /// Destructor
   ~ACE_SSL_SOCK_Stream (void);
 
-  /// Send an n byte buffer to the ssl socket using the semantics of
+  /// Send an @a n byte buffer to the ssl socket using the semantics of
   /// send(3n).
   /**
    * ACE_SSL supports no flags for sending at this time.
@@ -84,7 +84,7 @@ public:
                 size_t n,
                 int flags) const;
 
-  /// Recv an n byte buffer from the ssl socket using the semantics of
+  /// Recv an @a n byte buffer from the ssl socket using the semantics of
   /// recv(3n).
   /**
    * ACE_SSL supports MSG_PEEK, but no other flags at this time.
@@ -93,17 +93,17 @@ public:
                 size_t n,
                 int flags) const;
 
-  /// Send an n byte buffer to the ssl socket using the semantics of
+  /// Send an @a n byte buffer to the ssl socket using the semantics of
   /// write(2).
   ssize_t send (const void *buf,
                 size_t n) const;
 
-  /// Recv an n byte buffer from the ssl socket using the semantics of
+  /// Recv an @a n byte buffer from the ssl socket using the semantics of
   /// read(2).
   ssize_t recv (void *buf,
                 size_t n) const;
 
-  /// Send an iovec of size n to the ssl socket.
+  /// Send an iovec of size @a n to the ssl socket.
   /**
    * Note that it is not possible to perform a "scattered" write with
    * the underlying OpenSSL implementation.  As such, the expected
@@ -136,8 +136,8 @@ public:
                 const ACE_Time_Value *timeout) const;
 
   /**
-   * Wait up to timeout amount of time to receive up to n bytes into
-   * buf (uses the recv() call).  If recv() times out -1 is returned
+   * Wait up to timeout amount of time to receive up to @a n bytes into
+   * @a buf (uses the recv() call).  If recv() times out -1 is returned
    * with errno == ETIME.  If it succeeds the number of bytes received
    * is returned.  MSG_PEEK is the only supported flag.
    */
diff --git a/ACE/examples/IPC_SAP/SSL_SAP/README b/ACE/examples/IPC_SAP/SSL_SAP/README
index 6e7f0b51e27..f47c084da13 100644
--- a/ACE/examples/IPC_SAP/SSL_SAP/README
+++ b/ACE/examples/IPC_SAP/SSL_SAP/README
@@ -1,5 +1,3 @@
-
-
 This directory contains groups of client and server test programs that
 exercise the various C++ wrappers for SSL sockets.  In general, the
 test programs do more or less the same thing -- the client establishes
diff --git a/ACE/examples/IPC_SAP/SSL_SAP/SSL-client-simple.h b/ACE/examples/IPC_SAP/SSL_SAP/SSL-client-simple.h
index 66e030b51bc..db1ad45bf4c 100644
--- a/ACE/examples/IPC_SAP/SSL_SAP/SSL-client-simple.h
+++ b/ACE/examples/IPC_SAP/SSL_SAP/SSL-client-simple.h
@@ -73,7 +73,7 @@ private:
   // Sleep_Time value.
 
   enum {QUIT_STRING_SIZE = 128};
-  char quit_string_[QUIT_STRING_SIZE];
+  char quit_string_[QUIT_STRING_SIZE + 1];
   // String that shuts down the client/server.
 
   size_t message_len_;
diff --git a/ACE/examples/IPC_SAP/SSL_SAP/SSL-client.h b/ACE/examples/IPC_SAP/SSL_SAP/SSL-client.h
index 073ca0f9cac..e445e35c147 100644
--- a/ACE/examples/IPC_SAP/SSL_SAP/SSL-client.h
+++ b/ACE/examples/IPC_SAP/SSL_SAP/SSL-client.h
@@ -10,80 +10,79 @@
 
 #include "ace/SSL/SSL_SOCK_Stream.h"
 
+/// Define the options for this test.
 class Options
-  // = TITLE
-  //   Define the options for this test.
 {
 public:
-  Options (void);
   // Constructor.
+  Options (void);
 
-  ~Options (void);
   // Destructor.
+  ~Options (void);
 
-  int parse_args (int argc, ACE_TCHAR *argv[]);
   // Parse the command-line arguments.
+  int parse_args (int argc, ACE_TCHAR *argv[]);
 
-  const ACE_Time_Value &sleep_time (void) const;
   // Return the amount of time to sleep in order to implement the
   // proper transmission rates.
+  const ACE_Time_Value &sleep_time (void) const;
 
-  u_short port (void) const;
   // Port of the server.
+  u_short port (void) const;
 
-  const ACE_TCHAR *host (void) const;
   // Host of the server.
+  const ACE_TCHAR *host (void) const;
 
-  size_t threads (void) const;
   // Number of threads.
+  size_t threads (void) const;
 
-  const char *quit_string (void) const;
   // String that shuts down the client/server.
+  const char *quit_string (void) const;
 
-  ssize_t read (void *buf, size_t len, size_t &iterations);
   // Read from the appropriate location.
+  ssize_t read (void *buf, size_t len, size_t &iterations);
 
-  size_t message_len (void) const;
   // Returns the length of the message to send.
+  size_t message_len (void) const;
 
-  const void *message_buf (void) const;
   // Returns a pointer to the message.
+  const void *message_buf (void) const;
 
-  ACE_THR_FUNC thr_func (void);
   // Returns a pointer to the entry point into the thread that runs
   // the client test function.
+  ACE_THR_FUNC thr_func (void);
 
 private:
-  int init (void);
   // Initialize the message we're sending to the user and set up the
   // barrier.
+  int init (void);
 
-  char *shared_client_test (u_short port,
-                            ACE_SSL_SOCK_Stream &cli_stream);
   // Performs the shared behavior of the oneway and twoway client
   // tests.
+  char *shared_client_test (u_short port,
+                            ACE_SSL_SOCK_Stream &cli_stream);
 
-  static void *twoway_client_test (void *);
   // Performs the twoway test.
+  static void *twoway_client_test (void *);
 
-  static void *oneway_client_test (void *);
   // Performs the oneway test.
+  static void *oneway_client_test (void *);
 
-  const ACE_TCHAR *host_;
   // Host of the server.
+  const ACE_TCHAR *host_;
 
-  u_short port_;
   // Port of the server.
+  u_short port_;
 
-  ACE_Time_Value sleep_time_;
   // Sleep_Time value.
+  ACE_Time_Value sleep_time_;
 
-  size_t threads_;
   // Number of threads.
+  size_t threads_;
 
-  enum {QUIT_STRING_SIZE = 128};
-  char quit_string_[QUIT_STRING_SIZE];
   // String that shuts down the client/server.
+  enum {QUIT_STRING_SIZE = 128};
+  char quit_string_[QUIT_STRING_SIZE + 1];
 
   size_t message_len_;
   // Size of the message we send to the server.
diff --git a/ACE/examples/IPC_SAP/SSL_SAP/SSL-server-simple.cpp b/ACE/examples/IPC_SAP/SSL_SAP/SSL-server-simple.cpp
index 07f599db404..b6cae2fe044 100644
--- a/ACE/examples/IPC_SAP/SSL_SAP/SSL-server-simple.cpp
+++ b/ACE/examples/IPC_SAP/SSL_SAP/SSL-server-simple.cpp
@@ -5,13 +5,10 @@
 #include "ace/Handle_Set.h"
 #include "ace/Profile_Timer.h"
 #include "ace/OS_NS_sys_select.h"
-
 #include "ace/SSL/SSL_SOCK_Acceptor.h"
 
-
-
 // Are we running verbosely?
-static int verbose = 1;
+static bool verbose = true;
 
 // Function entry point into the twoway server task.
 
diff --git a/ACE/examples/IPC_SAP/SSL_SAP/SSL-server.cpp b/ACE/examples/IPC_SAP/SSL_SAP/SSL-server.cpp
index 2b23d67d8bc..012ac569d99 100644
--- a/ACE/examples/IPC_SAP/SSL_SAP/SSL-server.cpp
+++ b/ACE/examples/IPC_SAP/SSL_SAP/SSL-server.cpp
@@ -10,10 +10,8 @@
 
 #include "ace/SSL/SSL_SOCK_Acceptor.h"
 
-
-
 // Are we running verbosely?
-static int verbose = 0;
+static bool verbose = false;
 
 static void
 run_server (ACE_THR_FUNC server,
@@ -34,7 +32,6 @@ run_server (ACE_THR_FUNC server,
 }
 
 // Function entry point into the twoway server task.
-
 static ACE_THR_FUNC_RETURN
 twoway_server (void *arg)
 {
diff --git a/ACE/tests/SSL/Bug_2912_Regression_Test.cpp b/ACE/tests/SSL/Bug_2912_Regression_Test.cpp
index c713456137a..653b9ade93d 100644
--- a/ACE/tests/SSL/Bug_2912_Regression_Test.cpp
+++ b/ACE/tests/SSL/Bug_2912_Regression_Test.cpp
@@ -114,7 +114,6 @@ Client_Proactor_Task::svc (void)
   return 0;
 }
 
-
 /**
  * Server's proactor
  */
diff --git a/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.cpp b/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.cpp
index 8008e7351ab..548c18f1e89 100644
--- a/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.cpp
+++ b/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.cpp
@@ -32,7 +32,6 @@
  */
 //=============================================================================
 
-
 #include "../test_config.h"
 #include "ace/OS_NS_string.h"
 #include "ace/OS_NS_unistd.h"
@@ -43,8 +42,6 @@
 #include "ace/SSL/SSL_SOCK_Connector.h"
 #include "ace/SSL/SSL_SOCK_Acceptor.h"
 
-
-
 #if defined (ACE_HAS_THREADS)
 
 #include "Thread_Pool_Reactor_SSL_Test.h"
@@ -104,7 +101,7 @@ parse_arg (int argc, ACE_TCHAR *argv[])
           break;
         default:
           ACE_ERROR ((LM_ERROR,
-                      "Usage: Thread_Pool_Reactor_Test [-r <hostname:port#>]"
+                      "Usage: Thread_Pool_Reactor_SSL_Test [-r <hostname:port#>]"
                       "\t[-s <server thr#>] [-c <client thr#>] [-d <delay>]"
                       "\t[-i <client conn attempt#>]"
                       "[-n <client request# per conn>]\n"));
diff --git a/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.h b/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.h
index 64f251f2f62..6d96043f40f 100644
--- a/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.h
+++ b/ACE/tests/SSL/Thread_Pool_Reactor_SSL_Test.h
@@ -11,7 +11,6 @@
  */
 //=============================================================================
 
-
 #ifndef ACE_TESTS_THREAD_POOL_REACTOR_TEST_SSL_H
 #define ACE_TESTS_THREAD_POOL_REACTOR_TEST_SSL_H
 
@@ -23,11 +22,10 @@
 
 #include "ace/Svc_Handler.h"
 
+///   This class is the Svc_Handler used by <Acceptor>.
 class Request_Handler : public ACE_Svc_Handler<ACE_SSL_SOCK_Stream,
                                                ACE_MT_SYNCH>
 {
-  // = TITLE
-  //   This class is the Svc_Handler used by <Acceptor>.
 public:
   /// The default constructor makes sure the right reactor is used.
   Request_Handler (ACE_Thread_Manager *tm = 0);
@@ -37,7 +35,7 @@ protected:
   virtual int handle_close (ACE_HANDLE fd, ACE_Reactor_Mask = 0);
 
 private:
-  size_t  nr_msgs_rcvd_;
+  size_t nr_msgs_rcvd_;
 };
 
 #endif /* ACE_TESTS_THREAD_POOL_REACTOR_TEST_SSL_H */
diff --git a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
index 6cea0ee37ed..907e7246983 100644
--- a/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
+++ b/TAO/orbsvcs/orbsvcs/SSLIOP/SSLIOP_Factory.cpp
@@ -336,7 +336,7 @@ TAO::SSLIOP::Protocol_Factory::init (int argc, ACE_TCHAR* argv[])
       ? SSL_MAX_SSL_SESSION_ID_LENGTH
       : sizeof session_id_context_;
 
-  // Note that this function returns 1, if the operation succeded.
+  // Note that this function returns 1, if the operation succeeded.
   // See SSL_CTX_set_session_id_context(3)
   if( 1 != ::SSL_CTX_set_session_id_context (ssl_ctx->context(),
                                              session_id_context_,