diff options
| author | Steve Huston <shuston@riverace.com> | 2001-12-20 16:38:01 +0000 |
|---|---|---|
| committer | Steve Huston <shuston@riverace.com> | 2001-12-20 16:38:01 +0000 |
| commit | 72469a31a9531badbc275e6c3dbe3b35dc5dd21a (patch) | |
| tree | 242c3e533d74bd16860bd13ae1fd6392b73d2d0a | |
| parent | 0d1f887c56aa6d9759fbe701b39fe6260e3aa949 (diff) | |
| download | ATCD-72469a31a9531badbc275e6c3dbe3b35dc5dd21a.tar.gz | |
ChangeLogTag:Thu Dec 20 11:34:51 2001 Steve Huston <shuston@riverace.com>
| -rw-r--r-- | ChangeLog | 26 | ||||
| -rw-r--r-- | ChangeLogs/ChangeLog-02a | 26 | ||||
| -rw-r--r-- | ChangeLogs/ChangeLog-03a | 26 | ||||
| -rw-r--r-- | ace/SSL/Makefile | 2 | ||||
| -rw-r--r-- | ace/SSL/Makefile.bor | 2 | ||||
| -rw-r--r-- | ace/SSL/SSL_Accept_Handler.cpp | 163 | ||||
| -rw-r--r-- | ace/SSL/SSL_Accept_Handler.h | 86 | ||||
| -rw-r--r-- | ace/SSL/SSL_Connect_Handler.cpp | 168 | ||||
| -rw-r--r-- | ace/SSL/SSL_Connect_Handler.h | 86 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Acceptor.cpp | 367 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Acceptor.h | 41 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Acceptor.i | 31 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Connector.cpp | 226 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Connector.h | 42 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Connector.i | 21 |
15 files changed, 345 insertions, 968 deletions
diff --git a/ChangeLog b/ChangeLog index e194f086dbd..35dd5ab9de8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,29 @@ +Thu Dec 20 11:34:51 2001 Steve Huston <shuston@riverace.com> + + * ace/SSL/SSL_SOCK_Acceptor.(h cpp i): + * ace/SSL/SSL_SOCK_Connector.(h cpp i): Series of changes: + - Does not use an ACE_Reactor any longer. Waiting for socket + I/O possibility is done using ACE::select. It's simpler and + doesn't suffer on Win32. + - The basic socket acceptance is referred to ACE_SOCK_Acceptor, + so the shared_accept_start and shared_accept_finish methods + are gone (in SSL_SOCK_Acceptor.*; no affect on Connector). + - The timed and non-timed versions of ssl_accept/connect are + now combined into one function. The timeout value passed to + the ACE_SSL_SOCK_Acceptor::accept() method is used, and it + correctly drives ACE::accept. + + * ace/SSL/SSL_Connecto_Handler.(cpp h): + * ace/SSL/SSL_Accept_Handler.(cpp h): These are no longer needed. + since all of the accept handshaking activity is paced by + ACE::accept, not a reactor. + + * ace/SSL/Makefile: + * ace/SSL/Makefile.bor: + * ace/SSL/ACE_SSL.dsp: + * ace/SSL/ACE_SSL_LIB.dsp: Removed SSL_Accept_Handler and + SSL_Connect_Handler. + Thu Dec 20 09:03:12 2001 Johnny Willemsen <jwillemsen@remedy.nl> * Makefile.bor: diff --git a/ChangeLogs/ChangeLog-02a b/ChangeLogs/ChangeLog-02a index e194f086dbd..35dd5ab9de8 100644 --- a/ChangeLogs/ChangeLog-02a +++ b/ChangeLogs/ChangeLog-02a @@ -1,3 +1,29 @@ +Thu Dec 20 11:34:51 2001 Steve Huston <shuston@riverace.com> + + * ace/SSL/SSL_SOCK_Acceptor.(h cpp i): + * ace/SSL/SSL_SOCK_Connector.(h cpp i): Series of changes: + - Does not use an ACE_Reactor any longer. Waiting for socket + I/O possibility is done using ACE::select. It's simpler and + doesn't suffer on Win32. + - The basic socket acceptance is referred to ACE_SOCK_Acceptor, + so the shared_accept_start and shared_accept_finish methods + are gone (in SSL_SOCK_Acceptor.*; no affect on Connector). + - The timed and non-timed versions of ssl_accept/connect are + now combined into one function. The timeout value passed to + the ACE_SSL_SOCK_Acceptor::accept() method is used, and it + correctly drives ACE::accept. + + * ace/SSL/SSL_Connecto_Handler.(cpp h): + * ace/SSL/SSL_Accept_Handler.(cpp h): These are no longer needed. + since all of the accept handshaking activity is paced by + ACE::accept, not a reactor. + + * ace/SSL/Makefile: + * ace/SSL/Makefile.bor: + * ace/SSL/ACE_SSL.dsp: + * ace/SSL/ACE_SSL_LIB.dsp: Removed SSL_Accept_Handler and + SSL_Connect_Handler. + Thu Dec 20 09:03:12 2001 Johnny Willemsen <jwillemsen@remedy.nl> * Makefile.bor: diff --git a/ChangeLogs/ChangeLog-03a b/ChangeLogs/ChangeLog-03a index e194f086dbd..35dd5ab9de8 100644 --- a/ChangeLogs/ChangeLog-03a +++ b/ChangeLogs/ChangeLog-03a @@ -1,3 +1,29 @@ +Thu Dec 20 11:34:51 2001 Steve Huston <shuston@riverace.com> + + * ace/SSL/SSL_SOCK_Acceptor.(h cpp i): + * ace/SSL/SSL_SOCK_Connector.(h cpp i): Series of changes: + - Does not use an ACE_Reactor any longer. Waiting for socket + I/O possibility is done using ACE::select. It's simpler and + doesn't suffer on Win32. + - The basic socket acceptance is referred to ACE_SOCK_Acceptor, + so the shared_accept_start and shared_accept_finish methods + are gone (in SSL_SOCK_Acceptor.*; no affect on Connector). + - The timed and non-timed versions of ssl_accept/connect are + now combined into one function. The timeout value passed to + the ACE_SSL_SOCK_Acceptor::accept() method is used, and it + correctly drives ACE::accept. + + * ace/SSL/SSL_Connecto_Handler.(cpp h): + * ace/SSL/SSL_Accept_Handler.(cpp h): These are no longer needed. + since all of the accept handshaking activity is paced by + ACE::accept, not a reactor. + + * ace/SSL/Makefile: + * ace/SSL/Makefile.bor: + * ace/SSL/ACE_SSL.dsp: + * ace/SSL/ACE_SSL_LIB.dsp: Removed SSL_Accept_Handler and + SSL_Connect_Handler. + Thu Dec 20 09:03:12 2001 Johnny Willemsen <jwillemsen@remedy.nl> * Makefile.bor: diff --git a/ace/SSL/Makefile b/ace/SSL/Makefile index c505f51f1ff..ce18a0db161 100644 --- a/ace/SSL/Makefile +++ b/ace/SSL/Makefile @@ -20,8 +20,6 @@ FILES = \ SSL_SOCK_Acceptor \ SSL_SOCK_Connector \ SSL_SOCK_Stream \ - SSL_Accept_Handler \ - SSL_Connect_Handler \ SSL_Asynch_Stream \ SSL_Asynch_BIO diff --git a/ace/SSL/Makefile.bor b/ace/SSL/Makefile.bor index ada581fa9d5..4ac97d0ab86 100644 --- a/ace/SSL/Makefile.bor +++ b/ace/SSL/Makefile.bor @@ -13,8 +13,6 @@ OBJFILES = \ $(OBJDIR)\SSL_SOCK_Acceptor.obj \ $(OBJDIR)\SSL_SOCK_Connector.obj \ $(OBJDIR)\SSL_SOCK_Stream.obj \ - $(OBJDIR)\SSL_Accept_Handler.obj \ - $(OBJDIR)\SSL_Connect_Handler.obj \ $(OBJDIR)\SSL_Asynch_Stream.obj \ $(OBJDIR)\SSL_Asynch_BIO.obj diff --git a/ace/SSL/SSL_Accept_Handler.cpp b/ace/SSL/SSL_Accept_Handler.cpp deleted file mode 100644 index 74019d20729..00000000000 --- a/ace/SSL/SSL_Accept_Handler.cpp +++ /dev/null @@ -1,163 +0,0 @@ -// -*- C++ -*- - -#include "SSL_Accept_Handler.h" -#include "SSL_SOCK_Stream.h" - -#if defined (ACE_WIN32) -# include "ace/Reactor.h" -#endif /* ACE_WIN32 */ - -#include <openssl/err.h> - -ACE_RCSID (ACE_SSL, - SSL_Accept_Handler, - "$Id$") - - -ACE_SSL_Accept_Handler::ACE_SSL_Accept_Handler (ACE_SSL_SOCK_Stream &s, - int &handler_closed) - : ssl_stream_ (s), - handler_closed_ (handler_closed) -{ -} - -ACE_SSL_Accept_Handler::~ACE_SSL_Accept_Handler (void) -{ -} - -ACE_HANDLE -ACE_SSL_Accept_Handler::get_handle (void) const -{ - return this->ssl_stream_.get_handle (); -} - -int -ACE_SSL_Accept_Handler::handle_input (ACE_HANDLE) -{ -#if defined (ACE_WIN32) - // Cancel the wakeup callback we set earlier because Winsock doesn't - // trigger multiple "You can write now" - (void) this->reactor ()->cancel_wakeup (this, - ACE_Event_Handler::READ_MASK); -#endif /* ACE_WIN32 */ - - return this->ssl_accept (); -} - -int -ACE_SSL_Accept_Handler::handle_output (ACE_HANDLE) -{ -#if defined (ACE_WIN32) - // Cancel the wakeup callback we set earlier because Winsock doesn't - // trigger multiple "You can write now" - (void) this->reactor ()->cancel_wakeup (this, - ACE_Event_Handler::WRITE_MASK); -#endif /* ACE_WIN32 */ - - return this->ssl_accept (); -} - -int -ACE_SSL_Accept_Handler::handle_close (ACE_HANDLE /* handle */, - ACE_Reactor_Mask /* close_mask */) -{ - this->handler_closed_ = 1; - - return this->ssl_stream_.close (); -} - - -int -ACE_SSL_Accept_Handler::ssl_accept (void) -{ - SSL *ssl = this->ssl_stream_.ssl (); - - // A race condition exists where data may be sent over an SSL - // session after the SSL passive connection is completed but before - // this event handler is deregistered from the Reactor. - // Specifically data meant to be handled by SSL_read() could end up - // being handled by the SSL_accept() call below, resulting in an SSL - // protocol error (i.e. "SSL_ERROR_SSL" error status). The - // following check avoids the race condition. - if (SSL_is_init_finished (ssl)) - return 0; - - int status = ::SSL_accept (ssl); - - switch (::SSL_get_error (ssl, status)) - { - case SSL_ERROR_NONE: - break; - - case SSL_ERROR_WANT_WRITE: -#if defined (ACE_WIN32) - // On Win32 platforms, it is necessary to schedule a "wakeup" in - // the Reactor if an IO call would block. This is necessary - // since Windows events are only notified once. Hence, event - // handlers must be rescheduled. - if (this->reactor ()->schedule_wakeup ( - this, - ACE_Event_Handler::WRITE_MASK) == -1) - return -1; -#endif /* ACE_WIN32 */ - - // If data is still buffered within OpenSSL's internal buffer, - // then force the Reactor to invoke the SSL connect event handler - // (with the appropriate mask) before waiting for more events - // (e.g. blocking on select()). All pending data must be - // processed before waiting for more events to come in on the - // SSL handle. - if (::SSL_pending (ssl)) - return 1; - - break; - - case SSL_ERROR_WANT_READ: -#if defined (ACE_WIN32) - // See SSL_ERROR_WANT_WRITE case for an explanation of why this - // is necessary. - if (this->reactor ()->schedule_wakeup ( - this, - ACE_Event_Handler::READ_MASK) == -1) - return -1; -#endif /* ACE_WIN32 */ - - // See SSL_ERROR_WANT_WRITE case for an explanation of why this - // is necessary. - if (::SSL_pending (ssl)) - return 1; - - break; - - case SSL_ERROR_ZERO_RETURN: - // The peer has notified us that it is shutting down via - // the SSL "close_notify" message so we need to - // shutdown, too. - // - // Removing this event handler causes the SSL stream to be - // shutdown. - return -1; - - case SSL_ERROR_SYSCALL: - // On some platforms (e.g. MS Windows) OpenSSL does not - // store the last error in errno so explicitly do so. - // - // Explicitly check for EWOULDBLOCK since it doesn't get - // converted to an SSL_ERROR_WANT_{READ,WRITE} on some - // platforms, such as AIX. - if (ACE_OS::set_errno_to_last_error () == EWOULDBLOCK) - { - if (::SSL_pending (ssl)) - return 1; - - break; - } - - default: - ACE_SSL_Context::report_error (); - - return -1; - } - - return 0; -} diff --git a/ace/SSL/SSL_Accept_Handler.h b/ace/SSL/SSL_Accept_Handler.h deleted file mode 100644 index b22ff9e9001..00000000000 --- a/ace/SSL/SSL_Accept_Handler.h +++ /dev/null @@ -1,86 +0,0 @@ -// -*- C++ -*- - -//============================================================================= -/** - * @file SSL_Accept_Handler.h - * - * $Id$ - * - * @author Ossama Othman <ossama@uci.edu> - */ -//============================================================================= - - -#ifndef ACE_SSL_ACCEPT_HANDLER_H -#define ACE_SSL_ACCEPT_HANDLER_H - -#include "ace/pre.h" - -#include "SSL_Export.h" - -#if !defined (ACE_LACKS_PRAGMA_ONCE) -# pragma once -#endif /* ACE_LACKS_PRAGMA_ONCE */ - -#include "ace/Event_Handler.h" - -class ACE_SSL_SOCK_Stream; - -/** - * @class ACE_SSL_Accept_Handler - * - * @brief Event handler designed to complete non-blocking passive - * connections. - * - * This event handler is used internally by the ACE_SSL - * implementation. It is not meant for external use. - */ -class ACE_SSL_Accept_Handler : public ACE_Event_Handler -{ -public: - - /// Constructor. - ACE_SSL_Accept_Handler (ACE_SSL_SOCK_Stream &ssl_stream, - int &handler_closed); - - /// Destructor. - virtual ~ACE_SSL_Accept_Handler (void); - - /// Get the handle associated with this event handler. - virtual ACE_HANDLE get_handle (void) const; - - /// Called when input events occur (e.g., connection or data). - virtual int handle_input (ACE_HANDLE fd = ACE_INVALID_HANDLE); - - /// Called when output events are possible (e.g., flow control - /// abates). - virtual int handle_output (ACE_HANDLE fd = ACE_INVALID_HANDLE); - - /// Called when a handle_*() method returns -1 or when the - /// remove_handler() method is called on an ACE_Reactor. The - /// close_mask indicates which event has triggered the - /// handle_close() method callback on a particular handle. - virtual int handle_close (ACE_HANDLE handle, - ACE_Reactor_Mask close_mask); - -private: - - /// Perform the SSL accept. - int ssl_accept (void); - -private: - - /// Reference to the SSL_SOCK_Stream for which the passive - /// connection is being established. - ACE_SSL_SOCK_Stream &ssl_stream_; - - /// Flag that is set to true (non-zero) if this event handler is - /// closed before the SSL connection is established. - int &handler_closed_; - -}; - - -#include "ace/post.h" - -#endif /* ACE_SSL_ACCEPT_HANDLER_H */ diff --git a/ace/SSL/SSL_Connect_Handler.cpp b/ace/SSL/SSL_Connect_Handler.cpp deleted file mode 100644 index 2b622971ffb..00000000000 --- a/ace/SSL/SSL_Connect_Handler.cpp +++ /dev/null @@ -1,168 +0,0 @@ -// -*- C++ -*- - -#include "SSL_Connect_Handler.h" -#include "SSL_SOCK_Stream.h" - -#include <openssl/err.h> - -#if defined (ACE_WIN32) -# include "ace/Reactor.h" -#endif /* ACE_WIN32 */ - - -ACE_RCSID (ACE_SSL, - SSL_Connect_Handler, - "$Id$") - - -ACE_SSL_Connect_Handler::ACE_SSL_Connect_Handler (ACE_SSL_SOCK_Stream &s, - int &handler_closed) - : ssl_stream_ (s), - handler_closed_ (handler_closed) -{ -} - -ACE_SSL_Connect_Handler::~ACE_SSL_Connect_Handler (void) -{ -} - -ACE_HANDLE -ACE_SSL_Connect_Handler::get_handle (void) const -{ - return this->ssl_stream_.get_handle (); -} - -int -ACE_SSL_Connect_Handler::handle_input (ACE_HANDLE) -{ -#if defined (ACE_WIN32) - // Cancel the wakeup callback we set earlier because Winsock doesn't - // trigger multiple "You can write now" - (void) this->reactor ()->cancel_wakeup (this, - ACE_Event_Handler::READ_MASK); -#endif /* ACE_WIN32 */ - - return this->ssl_connect (); -} - -int -ACE_SSL_Connect_Handler::handle_output (ACE_HANDLE) -{ -#if defined (ACE_WIN32) - // Cancel the wakeup callback we set earlier because Winsock doesn't - // trigger multiple "You can write now" - (void) this->reactor ()->cancel_wakeup (this, - ACE_Event_Handler::WRITE_MASK); -#endif /* ACE_WIN32 */ - - return this->ssl_connect (); -} - -int -ACE_SSL_Connect_Handler::handle_close (ACE_HANDLE /* handle */, - ACE_Reactor_Mask /* close_mask */) -{ - this->handler_closed_ = 1; - - return this->ssl_stream_.close (); -} - - -int -ACE_SSL_Connect_Handler::ssl_connect (void) -{ - SSL *ssl = this->ssl_stream_.ssl (); - - // A race condition exists where data may be sent over an SSL - // session after the SSL active connection is completed but before - // this event handler is deregistered from the Reactor. - // Specifically data meant to be handled by SSL_read() could end up - // being handled by the SSL_connect() call below, resulting in an SSL - // protocol error (i.e. "SSL_ERROR_SSL" error status). The - // following check avoids the race condition. - if (SSL_is_init_finished (ssl)) - return 0; - - int status = ::SSL_connect (ssl); - - switch (::SSL_get_error (ssl, status)) - { - case SSL_ERROR_NONE: - // Start out with non-blocking disabled on the SSL stream. - this->ssl_stream_.disable (ACE_NONBLOCK); - - // Active connection completed. - break; - - case SSL_ERROR_WANT_WRITE: -#if defined (ACE_WIN32) - // On Win32 platforms, it is necessary to schedule a "wakeup" in - // the Reactor if an IO call would block. This is necessary - // since Windows events are only notified once. Hence, event - // handlers must be rescheduled. - if (this->reactor ()->schedule_wakeup ( - this, - ACE_Event_Handler::WRITE_MASK) == -1) - return -1; -#endif /* ACE_WIN32 */ - - // If data is still buffered within OpenSSL's internal buffer, - // then force the Reactor to invoke the SSL connect event handler - // (with the appropriate mask) before waiting for more events - // (e.g. blocking on select()). All pending data must be - // processed before waiting for more events to come in on the - // SSL handle. - if (::SSL_pending (ssl)) - return 1; - - break; - - case SSL_ERROR_WANT_READ: -#if defined (ACE_WIN32) - // See SSL_ERROR_WANT_WRITE case for an explanation of why this - // is necessary. - if (this->reactor ()->schedule_wakeup ( - this, - ACE_Event_Handler::READ_MASK) == -1) - return -1; -#endif /* ACE_WIN32 */ - - // See SSL_ERROR_WANT_WRITE case for an explanation of why this - // is necessary. - if (::SSL_pending (ssl)) - return 1; - - break; - - case SSL_ERROR_ZERO_RETURN: - // The peer has notified us that it is shutting down via - // the SSL "close_notify" message so we need to - // shutdown, too. - // - // Removing this event handler causes the SSL stream to be - // shutdown. - return -1; - - case SSL_ERROR_SYSCALL: - // On some platforms (e.g. MS Windows) OpenSSL does not - // store the last error in errno so explicitly do so. - // - // Explicitly check for EWOULDBLOCK since it doesn't get - // converted to an SSL_ERROR_WANT_{READ,WRITE} on some - // platforms, such as AIX. - if (ACE_OS::set_errno_to_last_error () == EWOULDBLOCK) - { - if (::SSL_pending (ssl)) - return 1; - - break; - } - - default: - ACE_SSL_Context::report_error (); - - return -1; - } - - return 0; -} diff --git a/ace/SSL/SSL_Connect_Handler.h b/ace/SSL/SSL_Connect_Handler.h deleted file mode 100644 index 859e6503fce..00000000000 --- a/ace/SSL/SSL_Connect_Handler.h +++ /dev/null @@ -1,86 +0,0 @@ -// -*- C++ -*- - -//============================================================================= -/** - * @file SSL_Connect_Handler.h - * - * $Id$ - * - * @author Ossama Othman <ossama@uci.edu> - */ -//============================================================================= - - -#ifndef ACE_SSL_CONNECT_HANDLER_H -#define ACE_SSL_CONNECT_HANDLER_H - -#include "ace/pre.h" - -#include "SSL_Export.h" - -#if !defined (ACE_LACKS_PRAGMA_ONCE) -# pragma once -#endif /* ACE_LACKS_PRAGMA_ONCE */ - -#include "ace/Event_Handler.h" - -class ACE_SSL_SOCK_Stream; - -/** - * @class ACE_SSL_Connect_Handler - * - * @brief Event handler designed to complete non-blocking active - * connections. - * - * This event handler is used internally by the ACE_SSL - * implementation. It is not meant for external use. - */ -class ACE_SSL_Connect_Handler : public ACE_Event_Handler -{ -public: - - /// Constructor. - ACE_SSL_Connect_Handler (ACE_SSL_SOCK_Stream &ssl_stream, - int &handler_closed); - - /// Destructor. - virtual ~ACE_SSL_Connect_Handler (void); - - /// Get the handle associated with this event handler. - virtual ACE_HANDLE get_handle (void) const; - - /// Called when input events occur (e.g., connection or data). - virtual int handle_input (ACE_HANDLE fd = ACE_INVALID_HANDLE); - - /// Called when output events are possible (e.g., flow control - /// abates). - virtual int handle_output (ACE_HANDLE fd = ACE_INVALID_HANDLE); - - /// Called when a handle_*() method returns -1 or when the - /// remove_handler() method is called on an ACE_Reactor. The - /// close_mask indicates which event has triggered the - /// handle_close() method callback on a particular handle. - virtual int handle_close (ACE_HANDLE handle, - ACE_Reactor_Mask close_mask); - -private: - - /// Perform the SSL connect. - int ssl_connect (void); - -private: - - /// Reference to the SSL_SOCK_Stream for which the active - /// connection is being established. - ACE_SSL_SOCK_Stream &ssl_stream_; - - /// Flag that is set to true (non-zero) if this event handler is - /// closed before the SSL connection is established. - int &handler_closed_; - -}; - - -#include "ace/post.h" - -#endif /* ACE_SSL_CONNECT_HANDLER_H */ diff --git a/ace/SSL/SSL_SOCK_Acceptor.cpp b/ace/SSL/SSL_SOCK_Acceptor.cpp index b134df7450f..783d5b03a1e 100644 --- a/ace/SSL/SSL_SOCK_Acceptor.cpp +++ b/ace/SSL/SSL_SOCK_Acceptor.cpp @@ -4,8 +4,8 @@ #include "SSL_SOCK_Acceptor.h" -#include "SSL_Accept_Handler.h" +#include "ace/OS_Errno.h" #include "ace/Log_Msg.h" ACE_ALLOC_HOOK_DEFINE(ACE_SSL_SOCK_Acceptor) @@ -23,179 +23,136 @@ ACE_SSL_SOCK_Acceptor::~ACE_SSL_SOCK_Acceptor (void) ACE_TRACE ("ACE_SSL_SOCK_Acceptor::~ACE_SSL_SOCK_Acceptor"); } + int -ACE_SSL_SOCK_Acceptor::shared_accept_start (ACE_Time_Value *timeout, - int restart, - int &in_blocking_mode) const +ACE_SSL_SOCK_Acceptor::ssl_accept (ACE_SSL_SOCK_Stream &new_stream, + ACE_Time_Value *timeout) const { - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::shared_accept_start"); + SSL *ssl = new_stream.ssl (); + + if (SSL_is_init_finished (ssl)) + return 0; - ACE_HANDLE handle = this->get_handle (); + if (!SSL_in_accept_init (ssl)) + ::SSL_set_accept_state (ssl); - // Handle the case where we're doing a timed <accept>. + ACE_HANDLE handle = new_stream.get_handle (); + + // We're going to call SSL_accept, optionally doing ACE::select and + // retrying the SSL_accept, until the SSL handshake is done or + // it fails. + // To get the timeout affect, set the socket to nonblocking mode + // before beginning if there is a timeout specified. If the timeout + // is 0 (wait as long as it takes) then don't worry about the blocking + // status; we'll block in SSL_accept if the socket is blocking, and + // block in ACE::select if not. + int reset_blocking_mode = 0; if (timeout != 0) { - if (ACE::handle_timed_accept (handle, - timeout, - restart) == -1) - return -1; - else - { - in_blocking_mode = ACE_BIT_DISABLED (ACE::get_flags (handle), - ACE_NONBLOCK); + reset_blocking_mode = ACE_BIT_DISABLED (ACE::get_flags (handle), + ACE_NONBLOCK); // Set the handle into non-blocking mode if it's not already // in it. - if (in_blocking_mode + if (reset_blocking_mode && ACE::set_flags (handle, ACE_NONBLOCK) == -1) return -1; - } } - return 0; -} - -int -ACE_SSL_SOCK_Acceptor::shared_accept_finish (ACE_SSL_SOCK_Stream& new_stream, - int in_blocking_mode, - int reset_new_handle) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::shared_accept_finish ()"); - - ACE_HANDLE new_handle = new_stream.get_handle (); - - // Check to see if we were originally in blocking mode, and if so, - // set the <new_stream>'s handle and <this> handle to be in blocking - // mode. - if (in_blocking_mode) + int status; + do { - // Save/restore errno. - ACE_Errno_Guard error (errno); - - // Only disable ACE_NONBLOCK if we weren't in non-blocking mode - // originally. - ACE::clr_flags (this->get_handle (), - ACE_NONBLOCK); - ACE::clr_flags (new_handle, - ACE_NONBLOCK); - } - -#if defined (ACE_HAS_WINSOCK2) && (ACE_HAS_WINSOCK2 != 0) - if (reset_new_handle) - // Reset the event association inherited by the new handle. - ::WSAEventSelect ((SOCKET) new_handle, 0, 0); -#else - ACE_UNUSED_ARG (reset_new_handle); -#endif /* ACE_WIN32 */ - - if (new_handle == ACE_INVALID_HANDLE) - return -1; - - return 0; -} - -int -ACE_SSL_SOCK_Acceptor::ssl_accept (ACE_SSL_SOCK_Stream &new_stream) const -{ - if (SSL_is_init_finished (new_stream.ssl ())) - return 0; - - if (!SSL_in_accept_init (new_stream.ssl ())) - ::SSL_set_accept_state (new_stream.ssl ()); - - int status = ::SSL_accept (new_stream.ssl ()); - - switch (::SSL_get_error (new_stream.ssl (), status)) - { - case SSL_ERROR_NONE: - break; - case SSL_ERROR_ZERO_RETURN: - // The peer has notified us that it is shutting down via - // the SSL "close_notify" message so we need to - // shutdown, too. - (void) new_stream.close (); - return -1; - default: - ACE_SSL_Context::report_error (); - - return -1; - } - - return 0; -} + // These handle sets are used to set up for whatever SSL_accept + // says it wants next. They're reset on each pass around the loop. + ACE_Handle_Set rd_handle; + ACE_Handle_Set wr_handle; -int -ACE_SSL_SOCK_Acceptor::ssl_accept (ACE_SSL_SOCK_Stream &new_stream, - ACE_Time_Value *timeout) const -{ - SSL *ssl = new_stream.ssl (); + status = ::SSL_accept (ssl); + switch (::SSL_get_error (ssl, status)) + { + case SSL_ERROR_NONE: + status = 0; // To tell caller about success + break; // Done + + case SSL_ERROR_WANT_WRITE: + wr_handle.set_bit (handle); + status = 1; // Wait for more activity + break; + + case SSL_ERROR_WANT_READ: + rd_handle.set_bit (handle); + status = 1; // Wait for more activity + break; + + case SSL_ERROR_ZERO_RETURN: + // The peer has notified us that it is shutting down via + // the SSL "close_notify" message so we need to + // shutdown, too. + status = -1; + break; + + case SSL_ERROR_SYSCALL: + // On some platforms (e.g. MS Windows) OpenSSL does not + // store the last error in errno so explicitly do so. + // + // Explicitly check for EWOULDBLOCK since it doesn't get + // converted to an SSL_ERROR_WANT_{READ,WRITE} on some + // platforms, such as AIX. + if (ACE_OS::set_errno_to_last_error () == EWOULDBLOCK) + { + // Since we don't know whether this should have been + // SSL_ERROR_WANT_READ or WANT_WRITE, set up for both. + // This will potentially cause some busy-looping on + // platforms where it's not reported correctly, but + // the alternative is to deadlock. + rd_handle.set_bit (handle); + wr_handle.set_bit (handle); + status = 1; // Wait for more activity + } + else + status = -1; + break; + + default: + ACE_SSL_Context::report_error (); + status = -1; + break; + } - if (SSL_is_init_finished (ssl)) - return 0; + if (status == 1) + { + // Must have at least one handle to wait for at this point. + ACE_ASSERT (rd_handle.num_set() == 1 || wr_handle.num_set () == 1); + status = ACE::select (handle + 1, + &rd_handle, + &wr_handle, + 0, + timeout); + // 0 is timeout, so we're done. + // -1 is error, so we're done. + // Could be both handles set (same handle in both masks) so set to 1. + if (status >= 1) + status = 1; + } - if (!SSL_in_accept_init (ssl)) - ::SSL_set_accept_state (ssl); + } while (status == 1 && !SSL_is_init_finished (ssl)); - // Flag that is set to true (non-zero) if the SSL_Connect_Handler - // was closed before an SSL connection was established. This flag - // is used to break out of the below event handling loop. - int handler_closed = 0; - - // Register an event handler to complete the non-blocking SSL - // accept. A specialized event handler is necessary since since - // the ACE Acceptor strategies are not designed for protocols - // that require additional handshakes after the initial accept. - ACE_SSL_Accept_Handler eh (new_stream, handler_closed); - - const ACE_Reactor_Mask reactor_mask = - ACE_Event_Handler::READ_MASK | - ACE_Event_Handler::WRITE_MASK; - - // In case a thread other than the one running the Reactor event - // loop performs the passive SSL connection establishment, transfer - // ownership of the Reactor to the current thread. Control will be - // passed back to the previous owner when accepting or rejecting the - // passive SSL connection. - ACE_thread_t old_owner; - - if (this->reactor_->owner (ACE_Thread::self (), - &old_owner) != 0) - return -1; // Failed to transfer ownership! Should never happen! - - if (this->reactor_->register_handler ( - new_stream.get_handle (), - &eh, - reactor_mask) == -1) - return -1; + ACE_ASSERT (::SSL_pending (ssl) == 0); - // Have the Reactor complete the SSL passive connection. Run the - // event loop until the passive connection is completed or until the - // event handler is closed (due to an error). Since the Reactor is - // used, this isn't a busy wait. - while (!SSL_is_init_finished (ssl)) + if (reset_blocking_mode) { - if (this->reactor_->handle_events (timeout) <= 0 - || handler_closed) - { - (void) this->reactor_->remove_handler (&eh, reactor_mask); - (void) this->reactor_->owner (old_owner); - return -1; - } + ACE_Errno_Guard eguard (errno); + ACE::clr_flags (handle, ACE_NONBLOCK); } - ACE_ASSERT (::SSL_pending (ssl) == 0); + return (status == -1 ? -1 : 0); - // SSL passive connection was completed. Deregister the event - // handler from the Reactor, but don't close it. - (void) this->reactor_->remove_handler (&eh, - reactor_mask | - ACE_Event_Handler::DONT_CALL); - - // Transfer control of the Reactor to the previous owner. - return this->reactor_->owner (old_owner); } // General purpose routine for accepting new connections. +// Since our underlying acceptor is of the plain old ACE_SOCK_Acceptor +// variety, get the basic socket setup done with it, then take care of +// the SSL handshake if the socket is accepted. int ACE_SSL_SOCK_Acceptor::accept (ACE_SSL_SOCK_Stream &new_stream, ACE_Addr *remote_addr, @@ -205,54 +162,26 @@ ACE_SSL_SOCK_Acceptor::accept (ACE_SSL_SOCK_Stream &new_stream, { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::accept"); - int in_blocking_mode = 0; - if (this->shared_accept_start (timeout, - restart, - in_blocking_mode) == -1) + ACE_SOCK_Stream temp_stream; + if (-1 == this->acceptor_.accept (temp_stream, + remote_addr, + timeout, + restart, + reset_new_handle)) return -1; - else - { - // On Win32 the third parameter to <accept> must be a NULL - // pointer if we want to ignore the client's address. - int *len_ptr = 0; - sockaddr *addr = 0; - int len = 0; - if (remote_addr != 0) - { - len = remote_addr->get_size (); - len_ptr = &len; - addr = (sockaddr *) remote_addr->get_addr (); - } + new_stream.set_handle (temp_stream.get_handle ()); + temp_stream.set_handle (ACE_INVALID_HANDLE); - ACE_HANDLE handle; - do - handle = ACE_OS::accept (this->get_handle (), - addr, - len_ptr); - while (handle == ACE_INVALID_HANDLE - && restart != 0 - && errno == EINTR - && timeout == 0); - - // Reset the size of the addr, which is only necessary for UNIX - // domain sockets. - if (handle != ACE_INVALID_HANDLE - && remote_addr != 0) - remote_addr->set_size (len); - - new_stream.set_handle (handle); + if (this->ssl_accept (new_stream, timeout) == -1) + { + new_stream.close (); + new_stream.set_handle (ACE_INVALID_HANDLE); + return -1; } - if (this->shared_accept_finish (new_stream, - in_blocking_mode, - reset_new_handle) != 0) - return -1; - - if (in_blocking_mode) - return this->ssl_accept (new_stream); + return 0; - return this->ssl_accept (new_stream, timeout); } int @@ -265,53 +194,25 @@ ACE_SSL_SOCK_Acceptor::accept (ACE_SSL_SOCK_Stream &new_stream, { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::accept"); - int in_blocking_mode = 0; - if (this->shared_accept_start (timeout, - restart, - in_blocking_mode) == -1) + ACE_SOCK_Stream temp_stream; + if (-1 == this->acceptor_.accept (temp_stream, + qos_params, + remote_addr, + timeout, + restart, + reset_new_handle)) return -1; - else - { - // On Win32 the third parameter to <accept> must be a NULL - // pointer if we want to ignore the client's address. - int *len_ptr = 0; - sockaddr *addr = 0; - int len = 0; - if (remote_addr != 0) - { - len = remote_addr->get_size (); - len_ptr = &len; - addr = (sockaddr *) remote_addr->get_addr (); - } + new_stream.set_handle (temp_stream.get_handle ()); + temp_stream.set_handle (ACE_INVALID_HANDLE); - ACE_HANDLE handle; - do - handle = ACE_OS::accept (this->get_handle (), - addr, - len_ptr, - qos_params); - while (handle == ACE_INVALID_HANDLE - && restart != 0 - && errno == EINTR - && timeout == 0); - - // Reset the size of the addr, which is only necessary for UNIX - // domain sockets. - if (handle != ACE_INVALID_HANDLE - && remote_addr != 0) - remote_addr->set_size (len); - - new_stream.set_handle (handle); + if (this->ssl_accept (new_stream, timeout) == -1) + { + new_stream.close (); + new_stream.set_handle (ACE_INVALID_HANDLE); + return -1; } - if (this->shared_accept_finish (new_stream, - in_blocking_mode, - reset_new_handle) != 0) - return -1; - - if (in_blocking_mode) - return this->ssl_accept (new_stream); + return 0; - return this->ssl_accept (new_stream, timeout); } diff --git a/ace/SSL/SSL_SOCK_Acceptor.h b/ace/SSL/SSL_SOCK_Acceptor.h index 2d9bc979d7e..c313d7dd94a 100644 --- a/ace/SSL/SSL_SOCK_Acceptor.h +++ b/ace/SSL/SSL_SOCK_Acceptor.h @@ -58,8 +58,7 @@ class ACE_SSL_Export ACE_SSL_SOCK_Acceptor : public ACE_SSL_SOCK public: /// Default constructor. - ACE_SSL_SOCK_Acceptor (ACE_Reactor *reactor = - ACE_Reactor::instance ()); + ACE_SSL_SOCK_Acceptor (void); /// Default dtor. ~ACE_SSL_SOCK_Acceptor (void); @@ -73,10 +72,7 @@ public: int reuse_addr = 0, int protocol_family = PF_INET, int backlog = ACE_DEFAULT_BACKLOG, - int protocol = 0, - ACE_Reactor *reactor = - ACE_Reactor::instance () -); + int protocol = 0); /// Initiate a passive-mode QoS-enabled acceptor socket. ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, @@ -86,9 +82,7 @@ public: int reuse_addr, int protocol_family, int backlog = ACE_DEFAULT_BACKLOG, - int protocol = 0, - ACE_Reactor *reactor = - ACE_Reactor::instance ()); + int protocol = 0); /** * Initiate a passive mode SSL/BSD-style acceptor socket. @@ -135,14 +129,6 @@ public: int reset_new_handle = 0) const; //@} - /// Set the Reactor used when completing the SSL passive - /// connection. - void reactor (ACE_Reactor *r); - - /// Return the Reactor used when completing the SSL passive - /// connection. - ACE_Reactor *reactor (void) const; - /// Meta-type info //@{ typedef ACE_INET_Addr PEER_ADDR; @@ -154,22 +140,7 @@ public: protected: - /// Perform operations that must occur before ACE_OS::accept() is - /// called. - int shared_accept_start (ACE_Time_Value *timeout, - int restart, - int &in_blocking_mode) const; - - /// Perform operations that must occur after ACE_OS::accept() is - /// called. - int shared_accept_finish (ACE_SSL_SOCK_Stream &new_stream, - int in_blocking_mode, - int reset_new_handle) const; - - /// Complete blocking SSL passive connection establishment. - int ssl_accept (ACE_SSL_SOCK_Stream &new_stream) const; - - /// Complete non-blocking SSL passive connection establishment. + /// Complete SSL passive connection establishment. int ssl_accept (ACE_SSL_SOCK_Stream &new_stream, ACE_Time_Value *timeout) const; @@ -178,10 +149,6 @@ private: /// The BSD-socket workhorse ACE_SOCK_Acceptor acceptor_; - /// Pointer to the Reactor responsible for dispatching the event - /// handler responsible for completing the SSL passive connection. - ACE_Reactor *reactor_; - }; #if !defined (ACE_LACKS_INLINE_FUNCTIONS) diff --git a/ace/SSL/SSL_SOCK_Acceptor.i b/ace/SSL/SSL_SOCK_Acceptor.i index 349fdf17dcb..69c0fb60372 100644 --- a/ace/SSL/SSL_SOCK_Acceptor.i +++ b/ace/SSL/SSL_SOCK_Acceptor.i @@ -4,9 +4,8 @@ ASYS_INLINE -ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor (ACE_Reactor *reactor) - : acceptor_ (), - reactor_ (reactor) +ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor (void) + : acceptor_ () { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor"); } @@ -16,14 +15,12 @@ ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, int reuse_addr, int protocol_family, int backlog, - int protocol, - ACE_Reactor *reactor) + int protocol) : acceptor_ (local_sap, reuse_addr, protocol_family, backlog, - protocol), - reactor_ (reactor) + protocol) { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor"); @@ -38,8 +35,7 @@ ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, int reuse_addr, int protocol_family, int backlog, - int protocol, - ACE_Reactor *reactor) + int protocol) : acceptor_ (local_sap, protocolinfo, g, @@ -47,8 +43,7 @@ ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, reuse_addr, protocol_family, backlog, - protocol), - reactor_ (reactor) + protocol) { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor"); @@ -85,17 +80,3 @@ ACE_SSL_SOCK_Acceptor::close (void) return result; } - -ASYS_INLINE void -ACE_SSL_SOCK_Acceptor::reactor (ACE_Reactor *r) -{ - // NOTE: Be careful not to change the Reactor in the middle of a - // non-blocking accept(). - this->reactor_ = r; -} - -ASYS_INLINE ACE_Reactor * -ACE_SSL_SOCK_Acceptor::reactor (void) const -{ - return this->reactor_; -} diff --git a/ace/SSL/SSL_SOCK_Connector.cpp b/ace/SSL/SSL_SOCK_Connector.cpp index 0096c7723fb..fb8d5c212ae 100644 --- a/ace/SSL/SSL_SOCK_Connector.cpp +++ b/ace/SSL/SSL_SOCK_Connector.cpp @@ -1,7 +1,6 @@ // -*- C++ -*- #include "SSL_SOCK_Connector.h" -#include "SSL_Connect_Handler.h" #include "ace/INET_Addr.h" #include "ace/Synch_T.h" @@ -25,50 +24,9 @@ ACE_SSL_SOCK_Connector::~ACE_SSL_SOCK_Connector (void) ACE_TRACE ("ACE_SSL_SOCK_Connector::~ACE_SSL_SOCK_Connector"); } - -int -ACE_SSL_SOCK_Connector::ssl_connect (ACE_SSL_SOCK_Stream &new_stream) -{ - if (SSL_is_init_finished (new_stream.ssl ())) - return 0; - - // Check if a connection is already pending for the given SSL - // structure. - if (!SSL_in_connect_init (new_stream.ssl ())) - ::SSL_set_connect_state (new_stream.ssl ()); - - int status = ::SSL_connect (new_stream.ssl ()); - - switch (::SSL_get_error (new_stream.ssl (), status)) - { - case SSL_ERROR_NONE: - break; - - case SSL_ERROR_ZERO_RETURN: - // The peer has notified us that it is shutting down via - // the SSL "close_notify" message so we need to - // shutdown, too. - (void) new_stream.close (); - - return -1; - - case SSL_ERROR_SYSCALL: - // On some platforms (e.g. MS Windows) OpenSSL does not store - // the last error in errno so explicitly do so. - ACE_OS::set_errno_to_last_error (); - - default: - ACE_SSL_Context::report_error (); - - return -1; - } - - return 0; -} - int ACE_SSL_SOCK_Connector::ssl_connect (ACE_SSL_SOCK_Stream &new_stream, - const ACE_Time_Value *max_wait_time) + const ACE_Time_Value *timeout) { SSL *ssl = new_stream.ssl (); @@ -80,69 +38,119 @@ ACE_SSL_SOCK_Connector::ssl_connect (ACE_SSL_SOCK_Stream &new_stream, if (!SSL_in_connect_init (ssl)) ::SSL_set_connect_state (ssl); - // Flag that is set to true (non-zero) if the SSL_Connect_Handler - // was closed before an SSL connection was established. This flag - // is used to break out of the below event handling loop. - int handler_closed = 0; - - // Register an event handler to complete the non-blocking SSL - // connect. A specialized event handler is necessary since since - // the ACE Connector strategies are not designed for protocols - // that require additional handshakes after the initial connect. - ACE_SSL_Connect_Handler eh (new_stream, handler_closed); - - const ACE_Reactor_Mask reactor_mask = - ACE_Event_Handler::READ_MASK | - ACE_Event_Handler::WRITE_MASK; - - if (this->reactor_->register_handler ( - new_stream.get_handle (), - &eh, - reactor_mask) == -1) - return -1; - - ACE_Time_Value tv; - if (max_wait_time != 0) - tv += (*max_wait_time); // Make a copy. - - ACE_Time_Value *timeout = (max_wait_time == 0 ? 0 : &tv); + ACE_HANDLE handle = new_stream.get_handle (); + + // We're going to call SSL_connect, optionally doing ACE::select and + // retrying the SSL_connect, until the SSL handshake is done or + // it fails. + // To get the timeout affect, set the socket to nonblocking mode + // before beginning if there is a timeout specified. If the timeout + // is 0 (wait as long as it takes) then don't worry about the blocking + // status; we'll block in SSL_connect if the socket is blocking, and + // block in ACE::select if not. + int reset_blocking_mode = 0; + if (timeout != 0) + { + reset_blocking_mode = ACE_BIT_DISABLED (ACE::get_flags (handle), + ACE_NONBLOCK); + // Set the handle into non-blocking mode if it's not already + // in it. + if (reset_blocking_mode + && ACE::set_flags (handle, + ACE_NONBLOCK) == -1) + return -1; + } - // In case a thread other than the one running the Reactor event - // loop performs the passive SSL connection establishment, transfer - // ownership of the Reactor to the current thread. Control will be - // passed back to the previous owner when accepting or rejecting the - // passive SSL connection. - ACE_thread_t old_owner; + int status; + do + { + // These handle sets are used to set up for whatever SSL_accept + // says it wants next. They're reset on each pass around the loop. + ACE_Handle_Set rd_handle; + ACE_Handle_Set wr_handle; - if (this->reactor_->owner (ACE_Thread::self (), - &old_owner) != 0) - return -1; // Failed to transfer ownership! Should never happen! + status = ::SSL_connect (ssl); + switch (::SSL_get_error (ssl, status)) + { + case SSL_ERROR_NONE: + // Start out with non-blocking disabled on the SSL stream. + new_stream.disable (ACE_NONBLOCK); + status = 0; // To tell caller about success + break; // Done + + case SSL_ERROR_WANT_WRITE: + wr_handle.set_bit (handle); + status = 1; // Wait for more activity + break; + + case SSL_ERROR_WANT_READ: + rd_handle.set_bit (handle); + status = 1; // Wait for more activity + break; + + case SSL_ERROR_ZERO_RETURN: + // The peer has notified us that it is shutting down via + // the SSL "close_notify" message so we need to + // shutdown, too. + status = -1; + break; + + case SSL_ERROR_SYSCALL: + // On some platforms (e.g. MS Windows) OpenSSL does not + // store the last error in errno so explicitly do so. + // + // Explicitly check for EWOULDBLOCK since it doesn't get + // converted to an SSL_ERROR_WANT_{READ,WRITE} on some + // platforms, such as AIX. + if (ACE_OS::set_errno_to_last_error () == EWOULDBLOCK) + { + // Since we don't know whether this should have been + // SSL_ERROR_WANT_READ or WANT_WRITE, set up for both. + // This will potentially cause some busy-looping on + // platforms where it's not reported correctly, but + // the alternative is to deadlock. + rd_handle.set_bit (handle); + wr_handle.set_bit (handle); + status = 1; // Wait for more activity + } + else + status = -1; + break; + + default: + ACE_SSL_Context::report_error (); + status = -1; + break; + } - // Have the Reactor complete the SSL active connection. Run the - // event loop until the active connection is completed or until the - // event handler is closed (due to an error). Since the Reactor is - // used, this isn't a busy wait. - while (!SSL_is_init_finished (ssl)) - { - if (this->reactor_->handle_events (timeout) <= 0 - || handler_closed) + if (status == 1) { - (void) this->reactor_->remove_handler (&eh, reactor_mask); - (void) this->reactor_->owner (old_owner); - return -1; + // Must have at least one handle to wait for at this point. + ACE_ASSERT (rd_handle.num_set() == 1 || wr_handle.num_set () == 1); + status = ACE::select (handle + 1, + &rd_handle, + &wr_handle, + 0, + timeout); + // 0 is timeout, so we're done. + // -1 is error, so we're done. + // Could be both handles set (same handle in both masks) so set to 1. + if (status >= 1) + status = 1; } - } + + } while (status == 1 && !SSL_is_init_finished (ssl)); ACE_ASSERT (::SSL_pending (ssl) == 0); - // SSL active connection was completed. Deregister the event - // handler from the Reactor, but don't close it. - (void) this->reactor_->remove_handler (&eh, - reactor_mask | - ACE_Event_Handler::DONT_CALL); + if (reset_blocking_mode) + { + ACE_Errno_Guard eguard (errno); + ACE::clr_flags (handle, ACE_NONBLOCK); + } + + return (status == -1 ? -1 : 0); - // Transfer control of the Reactor to the previous owner. - return this->reactor_->owner (old_owner); } int @@ -171,11 +179,7 @@ ACE_SSL_SOCK_Connector::connect (ACE_SSL_SOCK_Stream &new_stream, else if (new_stream.get_handle () == ACE_INVALID_HANDLE) new_stream.set_handle (new_stream.peer ().get_handle ()); - // Enable non-blocking, if required. - if (timeout != 0 && new_stream.enable (ACE_NONBLOCK) == 0) - return this->ssl_connect (new_stream, timeout); - else - return this->ssl_connect (new_stream); + return this->ssl_connect (new_stream, timeout); } int @@ -210,11 +214,7 @@ ACE_SSL_SOCK_Connector::connect (ACE_SSL_SOCK_Stream &new_stream, else if (new_stream.get_handle () == ACE_INVALID_HANDLE) new_stream.set_handle (new_stream.peer ().get_handle ()); - // Enable non-blocking, if required. - if (timeout != 0 && new_stream.enable (ACE_NONBLOCK) == 0) - return this->ssl_connect (new_stream, timeout); - else - return this->ssl_connect (new_stream); + return this->ssl_connect (new_stream, timeout); } // Try to complete a non-blocking connection. @@ -246,10 +246,8 @@ ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector ( int flags, int perms, int protocol_family, - int protocol, - ACE_Reactor *reactor) - : connector_ (), - reactor_ (reactor) + int protocol) + : connector_ () { ACE_TRACE ("ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector"); if (this->connect (new_stream, @@ -280,10 +278,8 @@ ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector ( int reuse_addr, int perms, int protocol_family, - int protocol, - ACE_Reactor *reactor) - : connector_ (), - reactor_ (reactor) + int protocol) + : connector_ () { ACE_TRACE ("ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector"); diff --git a/ace/SSL/SSL_SOCK_Connector.h b/ace/SSL/SSL_SOCK_Connector.h index a7a1f871cdb..f83353ed20a 100644 --- a/ace/SSL/SSL_SOCK_Connector.h +++ b/ace/SSL/SSL_SOCK_Connector.h @@ -44,13 +44,8 @@ * "data-mode" sockets. Therefore, there's no need to inherit * ACE_SSL_SOCK_Connector from ACE_SSL_SOCK. * - * Since SSL is record-oriented, some additional steps must be taken - * to make the ACE_SSL_SOCK_Connector interact properly with the - * Reactor (if one is used) when performing non-blocking connect() - * calls. In particular, the ACE_SSL_SOCK_Connector registers an - * event handler with the Reactor set in the constructor or in the - * ACE_SSL_SOCK_Connector::reactor() method. If no Reactor is - * explicitly set, the singleton Reactor instance will be used. + * Since SSL is record-oriented, some additional work is done after + * the plain socket is connected. * * @note The user must currently ensure that only one thread services * a given SSL session at any given time since some underlying @@ -63,8 +58,7 @@ class ACE_SSL_Export ACE_SSL_SOCK_Connector public: /// Default constructor. - ACE_SSL_SOCK_Connector (ACE_Reactor *reactor = - ACE_Reactor::instance ()); + ACE_SSL_SOCK_Connector (void); /** * Actively connect and produce a <new_stream> if things go well. @@ -88,10 +82,8 @@ public: int reuse_addr = 0, int flags = 0, int perms = 0, - int protocol_family = PF_INET, - int protocol = 0, - ACE_Reactor *reactor = - ACE_Reactor::instance ()); + int protocol_family = ACE_PROTOCOL_FAMILY_INET, + int protocol = 0); /** * Actively connect and produce a <new_stream> if things go well. @@ -119,10 +111,8 @@ public: u_long flags = 0, int reuse_addr = 0, int perms = 0, - int protocol_family = PF_INET, - int protocol = 0, - ACE_Reactor *reactor = - ACE_Reactor::instance ()); + int protocol_family = ACE_PROTOCOL_FAMILY_INET, + int protocol = 0); /// Default dtor. ~ACE_SSL_SOCK_Connector (void); @@ -149,7 +139,7 @@ public: int reuse_addr = 0, int flags = 0, int perms = 0, - int protocol_family = PF_INET, + int protocol_family = ACE_PROTOCOL_FAMILY_INET, int protocol = 0); /** @@ -178,7 +168,7 @@ public: u_long flags = 0, int reuse_addr = 0, int perms = 0, - int protocol_family = PF_INET, + int protocol_family = ACE_PROTOCOL_FAMILY_INET, int protocol = 0); /** @@ -194,14 +184,6 @@ public: /// Resets any event associations on this handle int reset_new_handle (ACE_HANDLE handle); - /// Set the Reactor used when completing the SSL active - /// connection. - void reactor (ACE_Reactor *r); - - /// Return the Reactor used when completing the SSL active - /// connection. - ACE_Reactor *reactor (void) const; - /// Meta-type info //@{ typedef ACE_INET_Addr PEER_ADDR; @@ -216,9 +198,6 @@ public: protected: - /// Complete blocking SSL active connection. - int ssl_connect (ACE_SSL_SOCK_Stream &new_stream); - /// Complete non-blocking SSL active connection. int ssl_connect (ACE_SSL_SOCK_Stream &new_stream, const ACE_Time_Value *timeout); @@ -229,9 +208,6 @@ private: /// It is default contructed, and subsequently used by connect(). ACE_SOCK_Connector connector_; - /// Pointer to the Reactor responsible for dispatching the event - /// handler responsible for completing the SSL active connection. - ACE_Reactor *reactor_; }; #if !defined (ACE_LACKS_INLINE_FUNCTIONS) diff --git a/ace/SSL/SSL_SOCK_Connector.i b/ace/SSL/SSL_SOCK_Connector.i index 176eec49170..60cfd9db89b 100644 --- a/ace/SSL/SSL_SOCK_Connector.i +++ b/ace/SSL/SSL_SOCK_Connector.i @@ -4,9 +4,8 @@ // SSL_SOCK_Connector.i ASYS_INLINE -ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector (ACE_Reactor *reactor) - : connector_ (), - reactor_ (reactor) +ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector (void) + : connector_ () { ACE_TRACE ("ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector"); } @@ -22,19 +21,5 @@ ASYS_INLINE void ACE_SSL_SOCK_Connector::dump (void) const { ACE_TRACE ("ACE_SSL_SOCK_Connector::dump"); -} - -ASYS_INLINE void -ACE_SSL_SOCK_Connector::reactor (ACE_Reactor *r) -{ - // NOTE: Be careful not to change the Reactor in the middle of a - // non-blocking connect(). - - this->reactor_ = r; -} - -ASYS_INLINE ACE_Reactor * -ACE_SSL_SOCK_Connector::reactor (void) const -{ - return this->reactor_; + this->connector_.dump (); } |