diff options
| -rw-r--r-- | ace/SSL/SSL_Context.cpp | 25 | ||||
| -rw-r--r-- | ace/SSL/SSL_Context.h | 2 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK.cpp | 72 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK.h | 92 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK.i | 64 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Acceptor.cpp | 117 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Acceptor.h | 50 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Acceptor.i | 57 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Connector.cpp | 114 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Connector.h | 6 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Stream.cpp | 196 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Stream.h | 89 | ||||
| -rw-r--r-- | ace/SSL/SSL_SOCK_Stream.i | 181 | ||||
| -rw-r--r-- | examples/IPC_SAP/SSL_SAP/Makefile | 124 |
14 files changed, 571 insertions, 618 deletions
diff --git a/ace/SSL/SSL_Context.cpp b/ace/SSL/SSL_Context.cpp index b9ac186721e..9af17e62e94 100644 --- a/ace/SSL/SSL_Context.cpp +++ b/ace/SSL/SSL_Context.cpp @@ -1,21 +1,20 @@ // -*- C++ -*- // $Id$ -// -// ======================================================================== +// ========================================================================== // // = LIBRARY -// ace +// ACE_SSL // // = FILENAME // SSL_Context.cpp // // = AUTHOR // Chris Zimman -// Carlos O'Ryan <coryan@ece.uciedu> -// Ossama Othman <ossama@ece.uci.du> +// Carlos O'Ryan <coryan@ece.uci.edu> +// Ossama Othman <ossama@ece.uci.edu> // -// ======================================================================== +// ========================================================================== #if defined (ACE_HAS_SSL) @@ -46,7 +45,7 @@ static const char rnd_seed[] = "string to make the random number generator think int ACE_SSL_Context::library_init_count_ = 0; -ACE_SSL_Context::ACE_SSL_Context () +ACE_SSL_Context::ACE_SSL_Context (void) : context_ (0), mode_ (-1), default_verify_mode_ (SSL_VERIFY_NONE) @@ -54,18 +53,19 @@ ACE_SSL_Context::ACE_SSL_Context () ACE_SSL_Context::ssl_library_init (); } -ACE_SSL_Context::~ACE_SSL_Context () +ACE_SSL_Context::~ACE_SSL_Context (void) { if (this->context_) { - ::SSL_CTX_free(this->context_); + ::SSL_CTX_free (this->context_); this->context_ = 0; } + ACE_SSL_Context::ssl_library_fini (); } void -ACE_SSL_Context::ssl_library_init () +ACE_SSL_Context::ssl_library_init (void) { ACE_MT (ACE_GUARD (ACE_Recursive_Thread_Mutex, ace_ssl_mon, @@ -112,7 +112,7 @@ ACE_SSL_Context::ssl_library_init () } void -ACE_SSL_Context::ssl_library_fini () +ACE_SSL_Context::ssl_library_fini (void) { ACE_MT (ACE_GUARD (ACE_Recursive_Thread_Mutex, ace_ssl_mon, @@ -130,6 +130,8 @@ ACE_SSL_Context::ssl_library_fini () delete [] ACE_SSL_Context::lock_; #endif /* ACE_HAS_THREADS */ + + ::EVP_cleanup (); } } @@ -227,6 +229,7 @@ ACE_SSL_Context::set_mode (int mode) // ACE_ERROR ((LM_ERROR, "Mismatch in key/certificate\n")); return -1; } + return 0; } diff --git a/ace/SSL/SSL_Context.h b/ace/SSL/SSL_Context.h index cb639d0d25f..2473301dc5e 100644 --- a/ace/SSL/SSL_Context.h +++ b/ace/SSL/SSL_Context.h @@ -121,7 +121,7 @@ public: // function has no effect and returns -1. // Once the mode is set the underlying SSL_CTX is initialized and // the class can be used. - // If the mode is not set, the the class automatically initializes + // If the mode is not set, then the class automatically initializes // itself to the default mode. int get_mode (void) const; diff --git a/ace/SSL/SSL_SOCK.cpp b/ace/SSL/SSL_SOCK.cpp new file mode 100644 index 00000000000..f6b1f9a48b8 --- /dev/null +++ b/ace/SSL/SSL_SOCK.cpp @@ -0,0 +1,72 @@ +// -*- C++ -*- +// $Id$ + + +#include "SSL_SOCK.h" + +#if defined (ACE_HAS_SSL) + +#if defined (ACE_LACKS_INLINE_FUNCTIONS) +#include "SSL_SOCK.i" +#endif + +ACE_RCSID(ACE_SSL, SSL_SOCK, "$Id$") + + +ACE_SSL_SOCK::ACE_SSL_SOCK (void) +{ + ACE_TRACE ("ACE_SSL_SOCK::ACE_SSL_SOCK"); +} + +ACE_SSL_SOCK::~ACE_SSL_SOCK (void) +{ + ACE_TRACE ("ACE_SSL_SOCK::~ACE_SSL_SOCK"); +} + +int +ACE_SSL_SOCK::enable (int value) const +{ + ACE_TRACE ("ACE_SSL_SOCK::enable"); + + switch (value) + { +#ifdef SIGURG + case SIGURG: + case ACE_SIGURG: +#endif /* SIGURG */ + case SIGIO: + case ACE_SIGIO: + case ACE_CLOEXEC: + ACE_NOTSUP_RETURN (-1); + case ACE_NONBLOCK: + return ACE_IPC_SAP::enable (value); + default: + return -1; + } + return 0; +} + +int +ACE_SSL_SOCK::disable (int value) const +{ + ACE_TRACE("ACE_SSL_SOCK::disable"); + switch (value) + { +#ifdef SIGURG + case SIGURG: + case ACE_SIGURG: +#endif /* SIGURG */ + case SIGIO: + case ACE_SIGIO: + case ACE_CLOEXEC: + ACE_NOTSUP_RETURN (-1); + case ACE_NONBLOCK: + return ACE_IPC_SAP::disable (value); + default: + return -1; + } + return 0; +} + + +#endif /* ACE_HAS_SSL */ diff --git a/ace/SSL/SSL_SOCK.h b/ace/SSL/SSL_SOCK.h new file mode 100644 index 00000000000..98a7a785f2f --- /dev/null +++ b/ace/SSL/SSL_SOCK.h @@ -0,0 +1,92 @@ +// -*- C++ -*- +// $Id$ + +//============================================================================ +// +// = LIBRARY +// ACE_SSL +// +// = FILENAME +// SSL_SOCK.h +// +// = AUTHOR +// Ossama Othman <ossama@ece.uci.edu> +// +//============================================================================ + +#ifndef ACE_SSL_SOCK_H +#define ACE_SSL_SOCK_H + +#include "ace/pre.h" + +#include "ace/SOCK.h" + +#include "SSL_Export.h" + +#if !defined (ACE_LACKS_PRAGMA_ONCE) +# pragma once +#endif /* ACE_LACKS_PRAGMA_ONCE */ + + +#if defined (ACE_HAS_TEMPLATE_TYPEDEFS) +# define ACE_SSL_SOCK_ACCEPTOR ACE_SSL_SOCK_Acceptor +# define ACE_SSL_SOCK_CONNECTOR ACE_SSL_SOCK_Connector +# define ACE_SSL_SOCK_STREAM ACE_SSL_SOCK_Stream +#else +# define ACE_SSL_SOCK_ACCEPTOR ACE_SSL_SOCK_Acceptor, ACE_INET_Addr +# define ACE_SSL_SOCK_CONNECTOR ACE_SSL_SOCK_Connector, ACE_INET_Addr +# define ACE_SSL_SOCK_STREAM ACE_SSL_SOCK_Stream, ACE_INET_Addr +#endif /* ACE_HAS_TEMPLATE_TYPEDEFS */ + +class ACE_SSL_Export ACE_SSL_SOCK : public ACE_SOCK +{ + // = TITLE + // An abstract class that forms the basis for more specific + // classes, such as <ACE_SSL_SOCK_Acceptor> and + // <ACE_SSL_SOCK_Stream>. + // Do not instantiate this class. + // + // = DESCRIPTION + // This class provides functions that are common to all of the + // <ACE_SSL_SOCK_*> classes. <ACE_SSL_SOCK> provides the ability + // to get and set socket options, get the local and remote + // addresses, and close the socket. +public: + + ~ACE_SSL_SOCK (void); + // Default destructor. + + // Override ACE_SOCK base class implementations with these SSL + // specific ones. + + int set_option (int level, + int option, + void *optval, + int optlen) const; + int get_option (int level, + int option, + void *optval, + int *optlen) const; + int enable (int value) const; + int disable (int value) const; + void set_handle (ACE_HANDLE); + ACE_HANDLE get_handle (void) const; + int control (int cmd, void *arg) const; + +protected: + + ACE_SSL_SOCK (void); + // Default constructor is private to prevent instances of this class + // from being defined. +}; + +#if !defined (ACE_LACKS_INLINE_FUNCTIONS) +#include "SSL_SOCK.i" +#endif /* ACE_LACKS_INLINE_FUNCTIONS */ + +#include "ace/post.h" +#endif /* ACE_SSL_SOCK_H */ + + + + diff --git a/ace/SSL/SSL_SOCK.i b/ace/SSL/SSL_SOCK.i new file mode 100644 index 00000000000..d4cf07e4c9b --- /dev/null +++ b/ace/SSL/SSL_SOCK.i @@ -0,0 +1,64 @@ +// -*- C++ -*- +// $Id$ + +ASYS_INLINE void +ACE_SSL_SOCK::set_handle (ACE_HANDLE fd) +{ + this->ACE_SOCK::set_handle (fd); +} + +ASYS_INLINE ACE_HANDLE +ACE_SSL_SOCK::get_handle (void) const +{ + // return this->ssl_ ? (ACE_HANDLE) ::SSL_get_fd (this->ssl_) : ACE_INVALID_HANDLE; + return this->ACE_SOCK::get_handle (); +} + + +ASYS_INLINE int +ACE_SSL_SOCK::control (int cmd, void *arg) const +{ + return ACE_OS::ioctl (this->get_handle (), cmd, arg); +} + +ASYS_INLINE int +ACE_SSL_SOCK::set_option (int level, + int option, + void *optval, + int optlen) const +{ + switch (option) + { +// case SO_SNDBUF: +// return ::BIO_set_write_buffer_size (this->io_bio_, *((int *) optval)); +// case SO_RCVCBUF: +// return ::BIO_set_read_buffer_size (this->io_bio_, *((int *) optval)); + default: + return ACE_OS::setsockopt (this->get_handle (), + level, + option, (char *) optval, + optlen); + } +} + +// Provides access to the ACE_OS::getsockopt system call. + +ASYS_INLINE int +ACE_SSL_SOCK::get_option (int level, + int option, + void *optval, + int *optlen) const +{ + switch (option) + { +// case SO_SNDBUF: +// return ::BIO_get_write_buffer_size (this->io_bio_, *((int *) optval)); +// case SO_RCVCBUF: +// return ::BIO_get_read_buffer_size (this->io_bio_, *((int *) optval)); + default: + return ACE_OS::getsockopt (this->get_handle (), + level, + option, (char *) optval, + optlen); + } +} diff --git a/ace/SSL/SSL_SOCK_Acceptor.cpp b/ace/SSL/SSL_SOCK_Acceptor.cpp index b77ca714554..d611c919704 100644 --- a/ace/SSL/SSL_SOCK_Acceptor.cpp +++ b/ace/SSL/SSL_SOCK_Acceptor.cpp @@ -1,16 +1,15 @@ -// +// -*- C++ -*- // $Id$ // #define ACE_BUILD_DLL #include "SSL_SOCK_Acceptor.h" -#include "SSL.h" - -#include "ace/Synch.h" #if defined (ACE_HAS_SSL) +#include <openssl/err.h> + ACE_ALLOC_HOOK_DEFINE(ACE_SSL_SOCK_Acceptor) #if defined (ACE_LACKS_INLINE_FUNCTIONS) @@ -82,7 +81,34 @@ ACE_SSL_SOCK_Acceptor::shared_accept_finish (ACE_SSL_SOCK_Stream& new_stream, ACE_UNUSED_ARG (reset_new_handle); #endif /* ACE_WIN32 */ - return new_handle == ACE_INVALID_HANDLE ? -1 : 0; + if (new_handle == ACE_INVALID_HANDLE) + return -1; + + return this->ssl_accept (new_stream); +} + +int +ACE_SSL_SOCK_Acceptor::ssl_accept (ACE_SSL_SOCK_Stream &new_stream) const +{ + if (SSL_is_init_finished (new_stream.ssl ())) + return 0; + + ::SSL_set_accept_state (new_stream.ssl ()); + + int status = ::SSL_accept (new_stream.ssl ()); + if (status < 0) + { + if (::BIO_sock_should_retry (status)) + { + errno = EAGAIN; + } + else + ERR_print_errors_fp (stderr); + + return -1; + } + + return 0; } // General purpose routine for accepting new connections. @@ -131,21 +157,9 @@ ACE_SSL_SOCK_Acceptor::accept (ACE_SSL_SOCK_Stream &new_stream, remote_addr->set_size (len); } - if(!new_stream.ssl_init_finished () - && new_stream.get_SSL_fd () != new_stream.get_handle ()) - { - if (new_stream.set_SSL_fd (new_stream.get_handle ()) - == -1) - return -1; - } - - return (((new_stream.accept () == -1) - && errno == EAGAIN - && timeout == 0) ? - -1 : - this->shared_accept_finish (new_stream, - in_blocking_mode, - reset_new_handle)); + return this->shared_accept_finish (new_stream, + in_blocking_mode, + reset_new_handle); } int @@ -154,7 +168,7 @@ ACE_SSL_SOCK_Acceptor::accept (ACE_SSL_SOCK_Stream &new_stream, ACE_Addr *remote_addr, ACE_Time_Value *timeout, int restart, - int reset_new_handle) const + int reset_new_handle) const { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::accept"); @@ -195,64 +209,9 @@ ACE_SSL_SOCK_Acceptor::accept (ACE_SSL_SOCK_Stream &new_stream, remote_addr->set_size (len); } - if(!new_stream.ssl_init_finished () - && new_stream.get_SSL_fd () != new_stream.get_handle ()) - { - if (new_stream.set_SSL_fd (new_stream.get_handle ()) - == -1) - return -1; - } - - return (((new_stream.accept() == -1) - && errno == EAGAIN - && timeout == 0) ? - -1 : - this->shared_accept_finish (new_stream, - in_blocking_mode, - reset_new_handle)); -} - -int -ACE_SSL_SOCK_Acceptor::enable (int value) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::enable"); - switch (value) - { -#ifdef SIGURG - case SIGURG: - case ACE_SIGURG: -#endif /* SIGURG */ - case SIGIO: - case ACE_SIGIO: - case ACE_CLOEXEC: - ACE_NOTSUP_RETURN (-1); - case ACE_NONBLOCK: - return this->acceptor_.enable (value); - default: - return -1; - } - return 0; -} -int -ACE_SSL_SOCK_Acceptor::disable (int value) const -{ - ACE_TRACE("ACE_SSL_SOCK_Acceptor::disable"); - switch (value) - { -#ifdef SIGURG - case SIGURG: - case ACE_SIGURG: -#endif /* SIGURG */ - case SIGIO: - case ACE_SIGIO: - case ACE_CLOEXEC: - ACE_NOTSUP_RETURN (-1); - case ACE_NONBLOCK: - return this->acceptor_.disable (value); - default: - return -1; - } - return 0; + return this->shared_accept_finish (new_stream, + in_blocking_mode, + reset_new_handle); } #endif /* ACE_HAS_SSL */ diff --git a/ace/SSL/SSL_SOCK_Acceptor.h b/ace/SSL/SSL_SOCK_Acceptor.h index 3e9c18d3e3d..6a17c8186b1 100644 --- a/ace/SSL/SSL_SOCK_Acceptor.h +++ b/ace/SSL/SSL_SOCK_Acceptor.h @@ -1,16 +1,17 @@ -/* -*- C++ -*- */ +// -*- C++ -*- // $Id$ // ============================================================================ // // = LIBRARY -// ace +// ACE_SSL // // = FILENAME // SSL_SOCK_Acceptor.h // // = AUTHOR // John Heitmann and Chris Zimman +// Ossama Othman <ossama@ece.uci.edu> // // ============================================================================ @@ -26,15 +27,16 @@ #if defined (ACE_HAS_SSL) -class ACE_SSL_Export ACE_SSL_SOCK_Acceptor +class ACE_SSL_Export ACE_SSL_SOCK_Acceptor : public ACE_SSL_SOCK { // = TITLE - // Defines a factory that creates new <ACE_SSL_SOCK_Stream>s passively. + // Defines a factory that creates new <ACE_SSL_SOCK_Stream>s + // passively. // // = DESCRIPTION - // The <ACE_SSL_SOCK_Acceptor> has its own <ACE_SOCK_Acceptor> which - // handles virtually all of the socket acceptance. This class is a wrapper - // which only adds the ssl acceptance. + // The <ACE_SSL_SOCK_Acceptor> has its own <ACE_SOCK_Acceptor> + // which handles virtually all of the socket acceptance. This + // class is a wrapper which only adds the SSL acceptance. public: // = Initialization and termination methods. ACE_SSL_SOCK_Acceptor (void); @@ -65,7 +67,7 @@ public: int protocol_family = PF_INET, int backlog = ACE_DEFAULT_BACKLOG, int protocol = 0); - // Initiate a passive mode ssl/BSD-style acceptor socket. + // Initiate a passive mode SSL/BSD-style acceptor socket. // <local_sap> is the address that we-re going to listen for // connections on. @@ -95,37 +97,10 @@ public: // forever, a <timeout> of {0, 0} means poll. <restart> == 1 means // "restart if interrupted," i.e., if errno == EINTR. - int control (int cmd, void *) const; - // Interface for ioctl. - - // = Common I/O handle options related to sockets. - - int enable (int value) const; - // Enable asynchronous I/O (ACE_SIGIO), urgent data (ACE_SIGURG), - // non-blocking I/O (ACE_NONBLOCK), or close-on-exec (ACE_CLOEXEC), - // which is passed as the <value>. - - int disable (int value) const; - // Disable asynchronous I/O (ACE_SIGIO), urgent data (ACE_SIGURG), - // non-blocking I/O (ACE_NONBLOCK), or close-on-exec (ACE_CLOEXEC), - // which is passed as the <value>. - - ACE_HANDLE get_handle (void) const; - // Get the underlying handle. - - void set_handle (ACE_HANDLE handle); - // Set the underlying handle. - - int get_local_addr (ACE_Addr &) const; - // Gets the address which is being listened on. - // = Meta-type info typedef ACE_INET_Addr PEER_ADDR; typedef ACE_SSL_SOCK_Stream PEER_STREAM; - void dump (void) const; - // Dump the state of an object. - ACE_ALLOC_HOOK_DECLARE; // Declare the dynamic allocation hooks. @@ -137,12 +112,15 @@ protected: // Perform operations that must occur before <ACE_OS::accept> is // called. - int shared_accept_finish (ACE_SSL_SOCK_Stream& new_stream, + int shared_accept_finish (ACE_SSL_SOCK_Stream &new_stream, int in_blocking_mode, int reset_new_handle) const; // Perform operations that must occur after <ACE_OS::accept> is // called. + int ssl_accept (ACE_SSL_SOCK_Stream &new_stream) const; + // Complete SSL passive connection establishment. + private: ACE_SOCK_Acceptor acceptor_; // The BSD-socket workhorse diff --git a/ace/SSL/SSL_SOCK_Acceptor.i b/ace/SSL/SSL_SOCK_Acceptor.i index a75b7b1b374..d36209832b1 100644 --- a/ace/SSL/SSL_SOCK_Acceptor.i +++ b/ace/SSL/SSL_SOCK_Acceptor.i @@ -19,11 +19,14 @@ ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, int protocol_family, int backlog, int protocol) - : acceptor_ (local_sap, reuse_addr, protocol_family, backlog, protocol) + : acceptor_ (local_sap, + reuse_addr, + protocol_family, + backlog, + protocol) { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor"); } -// Performs the timed accept operation. ACE_INLINE ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, @@ -54,11 +57,16 @@ ACE_SSL_SOCK_Acceptor::open (const ACE_Addr &local_sap, int protocol) { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::open"); - return this->acceptor_.open (local_sap, - reuse_addr, - protocol_family, - backlog, - protocol); + if (this->acceptor_.open (local_sap, + reuse_addr, + protocol_family, + backlog, + protocol) != 0) + return -1; + else + this->set_handle (this->acceptor_.get_handle ()); + + return 0; } ACE_INLINE int @@ -68,46 +76,11 @@ ACE_SSL_SOCK_Acceptor::close (void) return this->acceptor_.close (); } - ACE_INLINE ACE_SSL_SOCK_Acceptor::~ACE_SSL_SOCK_Acceptor (void) { ACE_TRACE ("ACE_SSL_SOCK_Acceptor::~ACE_SSL_SOCK_Acceptor"); } -ACE_INLINE int -ACE_SSL_SOCK_Acceptor::control (int cmd, void* dummy) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::control"); - return this->acceptor_.control (cmd, dummy); -} - -ACE_INLINE ACE_HANDLE -ACE_SSL_SOCK_Acceptor::get_handle (void) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::get_handle"); - return this->acceptor_.get_handle (); -} - -ACE_INLINE void -ACE_SSL_SOCK_Acceptor::set_handle (ACE_HANDLE handle) -{ - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::set_handle"); - this->acceptor_.set_handle (handle); -} - -ACE_INLINE int -ACE_SSL_SOCK_Acceptor::get_local_addr (ACE_Addr &addr) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::get_local_addr"); - return this->acceptor_.get_local_addr (addr); -} - -ACE_INLINE void -ACE_SSL_SOCK_Acceptor::dump (void) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Acceptor::dump"); - this->acceptor_.dump (); -} #endif /* ACE_HAS_SSL */ diff --git a/ace/SSL/SSL_SOCK_Connector.cpp b/ace/SSL/SSL_SOCK_Connector.cpp index 67a2a931861..86a4d1f4bf3 100644 --- a/ace/SSL/SSL_SOCK_Connector.cpp +++ b/ace/SSL/SSL_SOCK_Connector.cpp @@ -1,4 +1,4 @@ -// SSL_SOCK_Connector.cpp +// -*- C++ -*- // $Id$ @@ -90,6 +90,33 @@ ACE_SSL_SOCK_Connector::shared_connect_finish (ACE_SSL_SOCK_Stream &new_stream, } int +ACE_SSL_SOCK_Connector::ssl_connect (ACE_SSL_SOCK_Stream &new_stream) +{ + if (SSL_is_init_finished (new_stream.ssl ())) + return 0; + + // @@ This is awkward. + new_stream.set_handle (new_stream.peer ().get_handle ()); + + int status = ::SSL_connect (new_stream.ssl ()); + if (status < 0) + { + // ACE_DEBUG ((LM_DEBUG, " ACE_SSL::connect - failed (%d)\n", + // status)); + if (::BIO_sock_should_retry (status)) + { + errno = EAGAIN; + } + else + ERR_print_errors_fp (stderr); + + return -1; + } + + return 0; +} + +int ACE_SSL_SOCK_Connector::connect (ACE_SSL_SOCK_Stream &new_stream, const ACE_Addr &remote_sap, ACE_Time_Value *timeout, @@ -114,16 +141,7 @@ ACE_SSL_SOCK_Connector::connect (ACE_SSL_SOCK_Stream &new_stream, return -1; } - if (new_stream.get_SSL_fd () != new_stream.get_handle ()) - { - new_stream.set_SSL_fd (new_stream.get_handle ()); - - if (timeout) - new_stream.disable (ACE_NONBLOCK); - } - - return new_stream.connect (); - + return this->ssl_connect (new_stream); } int @@ -157,15 +175,7 @@ ACE_SSL_SOCK_Connector::connect (ACE_SSL_SOCK_Stream &new_stream, return -1; } - if (new_stream.get_SSL_fd () != new_stream.get_handle ()) - { - new_stream.set_SSL_fd (new_stream.get_handle ()); - - if (timeout) - new_stream.disable (ACE_NONBLOCK); - } - - return new_stream.connect (); + return this->ssl_connect (new_stream); } // Try to complete a non-blocking connection. @@ -182,15 +192,7 @@ ACE_SSL_SOCK_Connector::complete (ACE_SSL_SOCK_Stream &new_stream, return -1; } - if (new_stream.get_SSL_fd () != new_stream.get_handle ()) - { - new_stream.set_SSL_fd (new_stream.get_handle ()); - - if (tv) - new_stream.disable (ACE_NONBLOCK); - } - - return new_stream.connect (); + return this->ssl_connect (new_stream); } @@ -222,36 +224,8 @@ ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector ( ASYS_TEXT ( "ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector" ))); - else - { - if (new_stream.get_SSL_fd () != new_stream.get_handle ()) - { - if (new_stream.set_SSL_fd (new_stream.get_handle ()) - == -1) - ACE_ERROR ((LM_ERROR, - ASYS_TEXT ("ACE_SSL_SOCK_Connector::" - "ACE_SSL_SOCK_Connector: " - "invalid handle\n"))); - - if (timeout) - new_stream.disable (ACE_NONBLOCK); - } - - if (new_stream.connect () != 0) - { -// ACE_ERROR ((LM_ERROR, -// ASYS_TEXT ("%p\n"), -// ASYS_TEXT ("ACE_SSL_SOCK_Connector::" -// "ACE_SSL_SOCK_Connector" -// ))); - - ::ERR_print_errors_fp (stderr); - } - } } - - ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector ( ACE_SSL_SOCK_Stream &new_stream, const ACE_Addr &remote_sap, @@ -287,32 +261,6 @@ ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector ( ASYS_TEXT ( "ACE_SSL_SOCK_Connector::ACE_SSL_SOCK_Connector" ))); - else - { - if (new_stream.get_SSL_fd () != new_stream.get_handle()) - { - if (new_stream.set_SSL_fd (new_stream.get_handle ()) - == -1) - ACE_ERROR ((LM_ERROR, - ASYS_TEXT ("ACE_SSL_SOCK_Connector::" - "ACE_SSL_SOCK_Connector: " - "invalid handle\n"))); - - if (timeout) - new_stream.disable (ACE_NONBLOCK); - } - - if (new_stream.connect () != 0) - { -// ACE_ERROR ((LM_ERROR, -// ASYS_TEXT ("%p\n"), -// ASYS_TEXT ("ACE_SSL_SOCK_Connector::" -// "ACE_SSL_SOCK_Connector" -// ))); - - ::ERR_print_errors_fp (stderr); - } - } } #endif /* ACE_HAS_SSL */ diff --git a/ace/SSL/SSL_SOCK_Connector.h b/ace/SSL/SSL_SOCK_Connector.h index 36ae878090e..1f2070d6212 100644 --- a/ace/SSL/SSL_SOCK_Connector.h +++ b/ace/SSL/SSL_SOCK_Connector.h @@ -172,6 +172,7 @@ public: ACE_ALLOC_HOOK_DECLARE; // Declare the dynamic allocation hooks. + protected: int shared_connect_start(ACE_SSL_SOCK_Stream &new_stream, ACE_Time_Value *timeout = 0, @@ -181,10 +182,13 @@ protected: ACE_Time_Value *timeout = 0, int result = 0); + int ssl_connect (ACE_SSL_SOCK_Stream &new_stream); + // Complete SSL active connection establishment. + private: ACE_SOCK_Connector connector_; // The class that does all of the non-secure socket connection. - // It is default contructed, and susequently used by connect(). + // It is default contructed, and subsequently used by connect(). }; #if !defined (ACE_LACKS_INLINE_FUNCTIONS) diff --git a/ace/SSL/SSL_SOCK_Stream.cpp b/ace/SSL/SSL_SOCK_Stream.cpp index 106fef22f32..5efa93f6562 100644 --- a/ace/SSL/SSL_SOCK_Stream.cpp +++ b/ace/SSL/SSL_SOCK_Stream.cpp @@ -1,17 +1,20 @@ -// SSL_SOCK_Stream.cpp +// -*- C++ -*- // $Id$ #define ACE_BUILD_DLL -#include "SSL_SOCK_Stream.h" #include "ace/Handle_Set.h" +#if defined (ACE_HAS_SSL) + +#include <openssl/err.h> + +#include "SSL_SOCK_Stream.h" + #if defined (ACE_LACKS_INLINE_FUNCTIONS) #include "SSL_SOCK_Stream.i" #endif -#if defined (ACE_HAS_SSL) - ACE_ALLOC_HOOK_DEFINE(ACE_SSL_SOCK_Stream) ssize_t @@ -31,7 +34,7 @@ ACE_SSL_SOCK_Stream::sendv (const iovec iov[], } if (result == -1) - return -1; + bytes_sent = -1; return bytes_sent; } @@ -244,22 +247,23 @@ ACE_SSL_SOCK_Stream::send_n (const void *buf, flags, timeout); - if (n == -1) - { - // If blocked, try again. - if (errno == EWOULDBLOCK) - { - n = 0; - continue; - } - - // - // No timeouts in this version. - // - - // Other errors. - return -1; - } + if (n < 0) + { + switch (::SSL_get_error (this->ssl_, n)) + { + // + // No timeouts in this version. + // + + case SSL_ERROR_WANT_WRITE: + // If blocked, try again. + n = 0; + continue; + + default: + return -1; + } + } else if (n == 0) break; } @@ -292,24 +296,24 @@ ACE_SSL_SOCK_Stream::recv_n (void *buf, len - bytes_transferred, flags, timeout); -// if (n == -1 || n == 0) -// break; - if (n == -1) - { - // If blocked, try again. - if (errno == EWOULDBLOCK) - { - n = 0; - continue; - } - - // - // No timeouts in this version. - // - - // Other errors. - return -1; - } + + if (n < 0) + { + switch (::SSL_get_error (this->ssl_, n)) + { + // + // No timeouts in this version. + // + + case SSL_ERROR_WANT_READ: + // If blocked, try again. + n = 0; + continue; + + default: + return -1; + } + } else if (n == 0) break; } @@ -338,25 +342,25 @@ ACE_SSL_SOCK_Stream::recv_n (void *buf, int len, int flags) const n = this->recv ((char*) buf + bytes_transferred, len - bytes_transferred, flags); - - if (n == -1) - { - // If blocked, try again. - if (errno == EWOULDBLOCK) - { - n = 0; - continue; - } - - // - // No timeouts in this version. - // - - // Other errors. - return -1; - } + if (n < 0) + { + switch (::SSL_get_error (this->ssl_, n)) + { + // + // No timeouts in this version. + // + + case SSL_ERROR_WANT_READ: + // If blocked, try again. + n = 0; + continue; + + default: + return -1; + } + } else if (n == 0) - break; + break; } return bytes_transferred; @@ -382,23 +386,23 @@ ACE_SSL_SOCK_Stream::send_n (const void *buf, int len, int flags) const n = this->send ((const char*) buf + bytes_transferred, len - bytes_transferred, flags); - - if (n == -1) - { - // If blocked, try again. - if (errno == EWOULDBLOCK) - { - n = 0; - continue; - } - - // - // No timeouts in this version. - // - - // Other errors. - return -1; - } + if (n < 0) + { + switch (::SSL_get_error (this->ssl_, n)) + { + // + // No timeouts in this version. + // + + case SSL_ERROR_WANT_WRITE: + // If blocked, try again. + n = 0; + continue; + + default: + return -1; + } + } else if (n == 0) break; } @@ -499,48 +503,4 @@ ACE_SSL_SOCK_Stream::recvv_n (iovec iov[], size_t n) const } -int -ACE_SSL_SOCK_Stream::enable (int value) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Stream::enable"); - switch (value) - { -#ifdef SIGURG - case SIGURG: - case ACE_SIGURG: -#endif /* SIGURG */ - case SIGIO: - case ACE_SIGIO: - case ACE_CLOEXEC: - ACE_NOTSUP_RETURN (-1); - case ACE_NONBLOCK: - return this->stream_.enable (value); - default: - return -1; - } - return 0; -} - -int -ACE_SSL_SOCK_Stream::disable (int value) const -{ - ACE_TRACE("ACE_SSL_SOCK_Stream::disable"); - switch (value) - { -#ifdef SIGURG - case SIGURG: - case ACE_SIGURG: -#endif /* SIGURG */ - case SIGIO: - case ACE_SIGIO: - case ACE_CLOEXEC: - ACE_NOTSUP_RETURN (-1); - case ACE_NONBLOCK: - return this->stream_.disable (value); - default: - return -1; - } - return 0; -} - #endif /* ACE_HAS_SSL */ diff --git a/ace/SSL/SSL_SOCK_Stream.h b/ace/SSL/SSL_SOCK_Stream.h index 0be8331982f..78ef79d1f78 100644 --- a/ace/SSL/SSL_SOCK_Stream.h +++ b/ace/SSL/SSL_SOCK_Stream.h @@ -4,54 +4,56 @@ // ============================================================================ // // = LIBRARY -// ace +// ACE_SSL // // = FILENAME // SSL_SOCK_Stream.h // // = AUTHOR // John Heitmann -// Carlos O'Ryan <coryan@cs.wustl.edu> -// Ossama Othman <othman@cs.wustl.edu> +// Carlos O'Ryan <coryan@ece.uci.edu> +// Ossama Othman <ossama@ece.uci.edu> // // ============================================================================ #ifndef ACE_SSL_SOCK_STREAM_H #define ACE_SSL_SOCK_STREAM_H -#include "SSL.h" +#include "ace/SOCK_Stream.h" #if defined (ACE_HAS_SSL) -#include "ace/SOCK_Stream.h" +#include "SSL_SOCK.h" +#include "SSL_Context.h" + #if !defined (ACE_LACKS_PRAGMA_ONCE) # pragma once #endif /* ACE_LACKS_PRAGMA_ONCE */ -class ACE_SSL_Export ACE_SSL_SOCK_Stream : public ACE_SSL +class ACE_SSL_Export ACE_SSL_SOCK_Stream : public ACE_SSL_SOCK { // = TITLE // Defines methods in the <ACE_SSL_SOCK_Stream> abstraction. // // = DESCRIPTION - // This adds ssl functionality to an <ACE_SOCK_IO> interface by + // This adds SSL functionality to an <ACE_SOCK_IO> interface by // wrapping around an <ACE_SSL_SOCK_Stream> implementation. // public: // = Initializtion and termination functions. - ACE_SSL_SOCK_Stream (void); - // Constructor (sets the underlying <ACE_HANDLE> with <h>, and - // <SSL*> with <session>). If the handle in <session> does not - // match <h>, it will set <session's> handle to <h>. + ACE_SSL_SOCK_Stream (ACE_SSL_Context *context = + ACE_SSL_Context::instance ()); + // Constructor - ACE_SSL_SOCK_Stream (ACE_HANDLE h); - // Constructor (sets <ACE_HANDLE> with the handle in <session> - // and the underlying <SSL*> with session. + ACE_SSL_SOCK_Stream (ACE_HANDLE h, + ACE_SSL_Context *context = + ACE_SSL_Context::instance ()); + // Constructor ~ACE_SSL_SOCK_Stream (void); - //Destructor + // Destructor ssize_t send (const void *buf, size_t n, @@ -198,58 +200,33 @@ public: // = Meta-type info typedef ACE_INET_Addr PEER_ADDR; - void dump (void) const; - // Dump the state of an object. - ACE_ALLOC_HOOK_DECLARE; // Declare the dynamic allocation hooks. - int set_option (int level, - int option, - void *optval, - int optlen) const; - // Wrapper around the setsockopt() system call. - - int get_option (int level, - int option, - void *optval, - int *optlen) const; - // Wrapper around the getsockopt() system call. + ACE_SSL_Context *context (void) const; + // Return a pointer to the underlying SSL context. - int control (int cmd, void *) const; - // Interface for ioctl. + SSL *ssl (void) const; + // Return a pointer to the underlying SSL structure. - // = Common I/O handle options related to sockets. - - int enable (int value) const; - // Enable asynchronous I/O (ACE_SIGIO), urgent data (ACE_SIGURG), - // non-blocking I/O (ACE_NONBLOCK), or close-on-exec (ACE_CLOEXEC), - // which is passed as the <value>. - - int disable (int value) const; - // Disable asynchronous I/O (ACE_SIGIO), urgent data (ACE_SIGURG), - // non-blocking I/O (ACE_NONBLOCK), or close-on-exec (ACE_CLOEXEC), - // which is passed as the <value>. + friend class ACE_SSL_SOCK_Connector; + // friend class ACE_SSL_SOCK_Acceptor; - int get_local_addr (ACE_Addr &) const; - // Return the local endpoint address in the referenced <ACE_Addr>. + void set_handle (ACE_HANDLE fd); + // Overridden set_handle() method. - int get_remote_addr (ACE_Addr &) const; - // Return the address of the remotely connected peer (if there is - // one), in the referenced ACE_Addr. Returns 0 if successful, else -1. +protected: - ACE_HANDLE get_handle (void) const; - // Get the underlying handle + ACE_SOCK_Stream & peer (void); + // Return the underlying <ACE_SOCK_Stream> which SSL runs atop of. - void set_handle (ACE_HANDLE handle); - // Set the underlying handle +protected: - friend class ACE_SSL_SOCK_Connector; - friend class ACE_SSL_SOCK_Acceptor; + ACE_SSL_Context *context_; + // The SSL context. -private: - ACE_SOCK_Stream& peer (void); - // Return the underlying <ACE_SOCK_Stream> which ssl runs on top of. + SSL *ssl_; + // The SSL session. ACE_SOCK_Stream stream_; // The stream which works under the ssl connection. diff --git a/ace/SSL/SSL_SOCK_Stream.i b/ace/SSL/SSL_SOCK_Stream.i index 14955943823..4c9b8a1b07d 100644 --- a/ace/SSL/SSL_SOCK_Stream.i +++ b/ace/SSL/SSL_SOCK_Stream.i @@ -5,23 +5,73 @@ #if defined (ACE_HAS_SSL) +ASYS_INLINE void +ACE_SSL_SOCK_Stream::set_handle (ACE_HANDLE fd) +{ + if (this->ssl_ == 0) + { + this->ACE_SSL_SOCK::set_handle (ACE_INVALID_HANDLE); + return; + } + else + { + (void) ::SSL_set_fd (this->ssl_, (int) fd); + this->ACE_SSL_SOCK::set_handle (fd); + this->stream_.set_handle (fd); + } +} + ASYS_INLINE -ACE_SSL_SOCK_Stream::ACE_SSL_SOCK_Stream (void) +ACE_SSL_SOCK_Stream::ACE_SSL_SOCK_Stream (ACE_SSL_Context *context) + : context_ (context == 0 ? ACE_SSL_Context::instance () : context), + ssl_ (::SSL_new (this->context_->context ())) { ACE_TRACE ("ACE_SSL_SOCK_Stream::ACE_SSL_SOCK_Stream"); + + if (this->ssl_ == 0) + ACE_ERROR ((LM_ERROR, + "(%P|%t) ACE_SSL_SOCK_Stream - cannot allocate new " + "SSL structure%p\n", + "")); + + ::SSL_set_verify (this->ssl_, + this->context_->default_verify_mode (), + 0); } ASYS_INLINE -ACE_SSL_SOCK_Stream::ACE_SSL_SOCK_Stream (ACE_HANDLE h) - : stream_ (h) +ACE_SSL_SOCK_Stream::ACE_SSL_SOCK_Stream (ACE_HANDLE h, + ACE_SSL_Context *context) + : context_ (context == 0 ? ACE_SSL_Context::instance () : context), + ssl_ (::SSL_new (this->context_->context ())), + stream_ (h) { ACE_TRACE ("ACE_SSL_SOCK_Stream::ACE_SSL_SOCK_Stream"); + + if (this->ssl_ == 0) + ACE_ERROR ((LM_ERROR, + "(%P|%t) ACE_SSL - cannot allocate new SSL session:%p\n", + "")); + + ::SSL_set_verify (this->ssl_, + this->context_->default_verify_mode (), + 0); + + this->set_handle (h); } ASYS_INLINE ACE_SSL_SOCK_Stream::~ACE_SSL_SOCK_Stream (void) { ACE_TRACE ("ACE_SSL_SOCK_Stream::~ACE_SSL_SOCK_Stream"); + + ::SSL_free (this->ssl_); + this->ssl_ = 0; + + // @@ Question: should we reference count the Context object or + // leave that to the application developer? We do not reference + // count reactors (for example) and following some simple rules + // seems to work fine! } ASYS_INLINE ssize_t @@ -31,22 +81,13 @@ ACE_SSL_SOCK_Stream::send (const void *buf, { ACE_TRACE ("ACE_SSL_SOCK_Stream::send"); - if (!this->ssl_init_finished ()) - { - ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::send - init\n")); - return -1; - } - // No send flags are supported in SSL. if (flags != 0) ACE_NOTSUP_RETURN (-1); - int r = - ::SSL_write (this->ssl_, ACE_static_cast (const char*, buf), n); - - // ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::send - %d/%d\n", - // r, n)); - return r; + return ::SSL_write (this->ssl_, + ACE_static_cast (const char*, buf), + n); } ASYS_INLINE ssize_t @@ -56,24 +97,17 @@ ACE_SSL_SOCK_Stream::recv (void *buf, { ACE_TRACE ("ACE_SSL_SOCK_Stream::recv"); - if (!this->ssl_init_finished ()) - { - ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::recv - init\n")); - return -1; - } - if (flags) { if (ACE_BIT_ENABLED (flags, MSG_PEEK)) - return ::SSL_peek (this->ssl_, ACE_static_cast (char*, buf), n); - ACE_NOTSUP_RETURN (-1); + return ::SSL_peek (this->ssl_, + ACE_static_cast (char*, buf), + n); + else + ACE_NOTSUP_RETURN (-1); } - int r = - ::SSL_read (this->ssl_, ACE_static_cast (char *, buf), n); - // ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::recv - %d/%d\n", - // r, n)); - return r; + return ::SSL_read (this->ssl_, ACE_static_cast (char *, buf), n); } ASYS_INLINE ssize_t @@ -82,16 +116,9 @@ ACE_SSL_SOCK_Stream::send (const void *buf, { ACE_TRACE ("ACE_SSL_SOCK_Stream::send"); - if (!this->ssl_init_finished ()) - { - ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::send - init\n")); - return -1; - } - - int r = ::SSL_write (this->ssl_, ACE_static_cast (const char *, buf), n); - ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::send - %d/%d\n", - r, n)); - return r; + return ::SSL_write (this->ssl_, + ACE_static_cast (const char *, buf), + n); } ASYS_INLINE ssize_t @@ -99,16 +126,8 @@ ACE_SSL_SOCK_Stream::recv (void *buf, size_t n) const { ACE_TRACE ("ACE_SSL_SOCK_Stream::recv"); - if (!this->ssl_init_finished ()) - { - ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::recv - init\n")); - return -1; - } - int r = ::SSL_read (this->ssl_, ACE_static_cast (char*, buf), n); - ACE_DEBUG ((LM_DEBUG, "ACE_SSL_SOCK_Stream::recv - %d/%d\n", - r, n)); - return r; + return ::SSL_read (this->ssl_, ACE_static_cast (char*, buf), n); } ASYS_INLINE ssize_t @@ -162,77 +181,33 @@ ACE_SSL_SOCK_Stream::close (void) { ACE_TRACE ("ACE_SSL_SOCK_Stream::close"); - (void) this->ssl_close (); + if (this->ssl_ == 0) + return -1; + + ::SSL_shutdown (this->ssl_); return this->stream_.close (); } -ASYS_INLINE void -ACE_SSL_SOCK_Stream::dump (void) const +ASYS_INLINE ACE_SOCK_Stream & +ACE_SSL_SOCK_Stream::peer (void) { - ACE_TRACE ("ACE_SSL_SOCK_Stream::dump"); - this->stream_.dump (); -} - -ASYS_INLINE ACE_SOCK_Stream& -ACE_SSL_SOCK_Stream::peer () { ACE_TRACE ("ACE_SSL_SOCK_Stream::peer"); return this->stream_; } -ASYS_INLINE int -ACE_SSL_SOCK_Stream::control (int cmd, void* dummy) const +ASYS_INLINE ACE_SSL_Context * +ACE_SSL_SOCK_Stream::context (void) const { - ACE_TRACE ("ACE_SSL_SOCK_Stream::control"); - return this->stream_.control (cmd, dummy); + return this->context_; } -ASYS_INLINE int -ACE_SSL_SOCK_Stream::set_option (int level, - int option, - void *optval, - int optlen) const +ASYS_INLINE SSL * +ACE_SSL_SOCK_Stream::ssl (void) const { - ACE_TRACE ("ACE_SSL_SOCK_Stream::set_option"); - return this->stream_.set_option (level, option, optval, optlen); + return this->ssl_; } -ASYS_INLINE int -ACE_SSL_SOCK_Stream::get_option (int level, - int option, - void *optval, - int *optlen) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Stream::get_option"); - return this->stream_.get_option (level, option, optval, optlen); -} -ASYS_INLINE int -ACE_SSL_SOCK_Stream::get_local_addr (ACE_Addr &addr) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Stream::get_local_addr"); - return this->stream_.get_local_addr (addr); -} - -ASYS_INLINE int -ACE_SSL_SOCK_Stream::get_remote_addr (ACE_Addr &addr) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Stream::get_remote_addr"); - return this->stream_.get_remote_addr (addr); -} - -ASYS_INLINE ACE_HANDLE -ACE_SSL_SOCK_Stream::get_handle (void) const -{ - ACE_TRACE ("ACE_SSL_SOCK_Stream::get_handle"); - return this->stream_.get_handle (); -} - -ASYS_INLINE void -ACE_SSL_SOCK_Stream::set_handle (ACE_HANDLE handle) -{ - ACE_TRACE ("ACE_SSL_SOCK_Stream::set_handle"); - this->stream_.set_handle (handle); -} #endif /* ACE_HAS_SSL */ diff --git a/examples/IPC_SAP/SSL_SAP/Makefile b/examples/IPC_SAP/SSL_SAP/Makefile index e7784a9aade..089ceb215ec 100644 --- a/examples/IPC_SAP/SSL_SAP/Makefile +++ b/examples/IPC_SAP/SSL_SAP/Makefile @@ -130,11 +130,6 @@ endif $(ACE_ROOT)/ace/High_Res_Timer.h \ $(ACE_ROOT)/ace/High_Res_Timer.i \ ../../SSLIOP/SSL_SOCK_Connector.h ../../SSLIOP/SSL_SOCK_Stream.h \ - ../../SSLIOP/SSL.h ../../SSLIOP/SSL_Context.h \ - $(ACE_ROOT)/ace/SString.h \ - $(ACE_ROOT)/ace/SString.i \ - ../../SSLIOP/SSL_Export.h ../../SSLIOP/SSL_Context.i \ - ../../SSLIOP/SSL.i \ $(ACE_ROOT)/ace/SOCK_Stream.h \ $(ACE_ROOT)/ace/SOCK_IO.h \ $(ACE_ROOT)/ace/SOCK.h \ @@ -144,7 +139,11 @@ endif $(ACE_ROOT)/ace/SOCK.i \ $(ACE_ROOT)/ace/SOCK_IO.i \ $(ACE_ROOT)/ace/SOCK_Stream.i \ - ../../SSLIOP/SSL_SOCK_Stream.i \ + ../../SSLIOP/SSL_SOCK.h ../../SSLIOP/SSL_Export.h \ + ../../SSLIOP/SSL_SOCK.i ../../SSLIOP/SSL_Context.h \ + $(ACE_ROOT)/ace/SString.h \ + $(ACE_ROOT)/ace/SString.i \ + ../../SSLIOP/SSL_Context.i ../../SSLIOP/SSL_SOCK_Stream.i \ $(ACE_ROOT)/ace/SOCK_Connector.h \ $(ACE_ROOT)/ace/Time_Value.h \ $(ACE_ROOT)/ace/SOCK_Connector.i \ @@ -198,45 +197,21 @@ endif $(ACE_ROOT)/ace/High_Res_Timer.h \ $(ACE_ROOT)/ace/High_Res_Timer.i \ ../../SSLIOP/SSL_SOCK_Connector.h ../../SSLIOP/SSL_SOCK_Stream.h \ - ../../SSLIOP/SSL.h ../../SSLIOP/SSL_Context.h \ - $(ACE_ROOT)/ace/SString.h \ - $(ACE_ROOT)/ace/SString.i \ - $(ACE_ROOT)/ace/Malloc_Base.h \ - ../../SSLIOP/SSL_Export.h ../../SSLIOP/SSL_Context.i \ - ../../SSLIOP/SSL.i \ $(ACE_ROOT)/ace/SOCK_Stream.h \ $(ACE_ROOT)/ace/SOCK_IO.h \ $(ACE_ROOT)/ace/SOCK.h \ $(ACE_ROOT)/ace/IPC_SAP.h \ $(ACE_ROOT)/ace/IPC_SAP.i \ $(ACE_ROOT)/ace/QoS_Session.h \ - $(ACE_ROOT)/ace/Containers_T.h \ - $(ACE_ROOT)/ace/Containers.h \ - $(ACE_ROOT)/ace/Containers.i \ - $(ACE_ROOT)/ace/Containers_T.i \ - $(ACE_ROOT)/ace/Containers_T.cpp \ - $(ACE_ROOT)/ace/Malloc.h \ - $(ACE_ROOT)/ace/Based_Pointer_T.h \ - $(ACE_ROOT)/ace/Based_Pointer_T.i \ - $(ACE_ROOT)/ace/Based_Pointer_T.cpp \ - $(ACE_ROOT)/ace/Based_Pointer_Repository.h \ - $(ACE_ROOT)/ace/Malloc.i \ - $(ACE_ROOT)/ace/Malloc_T.h \ - $(ACE_ROOT)/ace/Free_List.h \ - $(ACE_ROOT)/ace/Free_List.i \ - $(ACE_ROOT)/ace/Free_List.cpp \ - $(ACE_ROOT)/ace/Malloc_T.i \ - $(ACE_ROOT)/ace/Malloc_T.cpp \ - $(ACE_ROOT)/ace/Memory_Pool.h \ - $(ACE_ROOT)/ace/Signal.h \ - $(ACE_ROOT)/ace/Signal.i \ - $(ACE_ROOT)/ace/Mem_Map.h \ - $(ACE_ROOT)/ace/Mem_Map.i \ - $(ACE_ROOT)/ace/Memory_Pool.i \ $(ACE_ROOT)/ace/SOCK.i \ $(ACE_ROOT)/ace/SOCK_IO.i \ $(ACE_ROOT)/ace/SOCK_Stream.i \ - ../../SSLIOP/SSL_SOCK_Stream.i \ + ../../SSLIOP/SSL_SOCK.h ../../SSLIOP/SSL_Export.h \ + ../../SSLIOP/SSL_SOCK.i ../../SSLIOP/SSL_Context.h \ + $(ACE_ROOT)/ace/SString.h \ + $(ACE_ROOT)/ace/SString.i \ + $(ACE_ROOT)/ace/Malloc_Base.h \ + ../../SSLIOP/SSL_Context.i ../../SSLIOP/SSL_SOCK_Stream.i \ $(ACE_ROOT)/ace/SOCK_Connector.h \ $(ACE_ROOT)/ace/Time_Value.h \ $(ACE_ROOT)/ace/SOCK_Connector.i \ @@ -315,11 +290,6 @@ endif $(ACE_ROOT)/ace/High_Res_Timer.i \ $(ACE_ROOT)/ace/Profile_Timer.i \ ../../SSLIOP/SSL_SOCK_Acceptor.h ../../SSLIOP/SSL_SOCK_Stream.h \ - ../../SSLIOP/SSL.h ../../SSLIOP/SSL_Context.h \ - $(ACE_ROOT)/ace/SString.h \ - $(ACE_ROOT)/ace/SString.i \ - ../../SSLIOP/SSL_Export.h ../../SSLIOP/SSL_Context.i \ - ../../SSLIOP/SSL.i \ $(ACE_ROOT)/ace/SOCK_Stream.h \ $(ACE_ROOT)/ace/SOCK_IO.h \ $(ACE_ROOT)/ace/SOCK.h \ @@ -333,7 +303,11 @@ endif $(ACE_ROOT)/ace/SOCK.i \ $(ACE_ROOT)/ace/SOCK_IO.i \ $(ACE_ROOT)/ace/SOCK_Stream.i \ - ../../SSLIOP/SSL_SOCK_Stream.i \ + ../../SSLIOP/SSL_SOCK.h ../../SSLIOP/SSL_Export.h \ + ../../SSLIOP/SSL_SOCK.i ../../SSLIOP/SSL_Context.h \ + $(ACE_ROOT)/ace/SString.h \ + $(ACE_ROOT)/ace/SString.i \ + ../../SSLIOP/SSL_Context.i ../../SSLIOP/SSL_SOCK_Stream.i \ $(ACE_ROOT)/ace/SOCK_Acceptor.h \ $(ACE_ROOT)/ace/SOCK_Acceptor.i \ ../../SSLIOP/SSL_SOCK_Acceptor.i @@ -479,9 +453,6 @@ endif $(ACE_ROOT)/ace/Get_Opt.h \ $(ACE_ROOT)/ace/Get_Opt.i \ ../../SSLIOP/SSL_SOCK_Acceptor.h ../../SSLIOP/SSL_SOCK_Stream.h \ - ../../SSLIOP/SSL.h ../../SSLIOP/SSL_Context.h \ - ../../SSLIOP/SSL_Export.h ../../SSLIOP/SSL_Context.i \ - ../../SSLIOP/SSL.i \ $(ACE_ROOT)/ace/SOCK_Stream.h \ $(ACE_ROOT)/ace/SOCK_IO.h \ $(ACE_ROOT)/ace/SOCK.h \ @@ -495,7 +466,9 @@ endif $(ACE_ROOT)/ace/SOCK.i \ $(ACE_ROOT)/ace/SOCK_IO.i \ $(ACE_ROOT)/ace/SOCK_Stream.i \ - ../../SSLIOP/SSL_SOCK_Stream.i \ + ../../SSLIOP/SSL_SOCK.h ../../SSLIOP/SSL_Export.h \ + ../../SSLIOP/SSL_SOCK.i ../../SSLIOP/SSL_Context.h \ + ../../SSLIOP/SSL_Context.i ../../SSLIOP/SSL_SOCK_Stream.i \ $(ACE_ROOT)/ace/SOCK_Acceptor.h \ $(ACE_ROOT)/ace/SOCK_Acceptor.i \ ../../SSLIOP/SSL_SOCK_Acceptor.i SSL-server-fancy.h @@ -573,11 +546,6 @@ endif $(ACE_ROOT)/ace/High_Res_Timer.i \ $(ACE_ROOT)/ace/Profile_Timer.i \ ../../SSLIOP/SSL_SOCK_Acceptor.h ../../SSLIOP/SSL_SOCK_Stream.h \ - ../../SSLIOP/SSL.h ../../SSLIOP/SSL_Context.h \ - $(ACE_ROOT)/ace/SString.h \ - $(ACE_ROOT)/ace/SString.i \ - ../../SSLIOP/SSL_Export.h ../../SSLIOP/SSL_Context.i \ - ../../SSLIOP/SSL.i \ $(ACE_ROOT)/ace/SOCK_Stream.h \ $(ACE_ROOT)/ace/SOCK_IO.h \ $(ACE_ROOT)/ace/SOCK.h \ @@ -591,7 +559,11 @@ endif $(ACE_ROOT)/ace/SOCK.i \ $(ACE_ROOT)/ace/SOCK_IO.i \ $(ACE_ROOT)/ace/SOCK_Stream.i \ - ../../SSLIOP/SSL_SOCK_Stream.i \ + ../../SSLIOP/SSL_SOCK.h ../../SSLIOP/SSL_Export.h \ + ../../SSLIOP/SSL_SOCK.i ../../SSLIOP/SSL_Context.h \ + $(ACE_ROOT)/ace/SString.h \ + $(ACE_ROOT)/ace/SString.i \ + ../../SSLIOP/SSL_Context.i ../../SSLIOP/SSL_SOCK_Stream.i \ $(ACE_ROOT)/ace/SOCK_Acceptor.h \ $(ACE_ROOT)/ace/SOCK_Acceptor.i \ ../../SSLIOP/SSL_SOCK_Acceptor.i @@ -618,7 +590,17 @@ endif $(ACE_ROOT)/ace/Addr.i \ $(ACE_ROOT)/ace/INET_Addr.i \ ../../SSLIOP/SSL_SOCK_Acceptor.h ../../SSLIOP/SSL_SOCK_Stream.h \ - ../../SSLIOP/SSL.h ../../SSLIOP/SSL_Context.h \ + $(ACE_ROOT)/ace/SOCK_Stream.h \ + $(ACE_ROOT)/ace/SOCK_IO.h \ + $(ACE_ROOT)/ace/SOCK.h \ + $(ACE_ROOT)/ace/IPC_SAP.h \ + $(ACE_ROOT)/ace/IPC_SAP.i \ + $(ACE_ROOT)/ace/QoS_Session.h \ + $(ACE_ROOT)/ace/SOCK.i \ + $(ACE_ROOT)/ace/SOCK_IO.i \ + $(ACE_ROOT)/ace/SOCK_Stream.i \ + ../../SSLIOP/SSL_SOCK.h ../../SSLIOP/SSL_Export.h \ + ../../SSLIOP/SSL_SOCK.i ../../SSLIOP/SSL_Context.h \ $(ACE_ROOT)/ace/SString.h \ $(ACE_ROOT)/ace/SString.i \ $(ACE_ROOT)/ace/Malloc_Base.h \ @@ -644,41 +626,7 @@ endif $(ACE_ROOT)/ace/Managed_Object.h \ $(ACE_ROOT)/ace/Managed_Object.i \ $(ACE_ROOT)/ace/Managed_Object.cpp \ - ../../SSLIOP/SSL_Export.h ../../SSLIOP/SSL_Context.i \ - ../../SSLIOP/SSL.i \ - $(ACE_ROOT)/ace/SOCK_Stream.h \ - $(ACE_ROOT)/ace/SOCK_IO.h \ - $(ACE_ROOT)/ace/SOCK.h \ - $(ACE_ROOT)/ace/IPC_SAP.h \ - $(ACE_ROOT)/ace/IPC_SAP.i \ - $(ACE_ROOT)/ace/QoS_Session.h \ - $(ACE_ROOT)/ace/Containers_T.h \ - $(ACE_ROOT)/ace/Containers.h \ - $(ACE_ROOT)/ace/Containers.i \ - $(ACE_ROOT)/ace/Containers_T.i \ - $(ACE_ROOT)/ace/Containers_T.cpp \ - $(ACE_ROOT)/ace/Malloc.h \ - $(ACE_ROOT)/ace/Based_Pointer_T.h \ - $(ACE_ROOT)/ace/Based_Pointer_T.i \ - $(ACE_ROOT)/ace/Based_Pointer_T.cpp \ - $(ACE_ROOT)/ace/Based_Pointer_Repository.h \ - $(ACE_ROOT)/ace/Malloc.i \ - $(ACE_ROOT)/ace/Malloc_T.h \ - $(ACE_ROOT)/ace/Free_List.h \ - $(ACE_ROOT)/ace/Free_List.i \ - $(ACE_ROOT)/ace/Free_List.cpp \ - $(ACE_ROOT)/ace/Malloc_T.i \ - $(ACE_ROOT)/ace/Malloc_T.cpp \ - $(ACE_ROOT)/ace/Memory_Pool.h \ - $(ACE_ROOT)/ace/Signal.h \ - $(ACE_ROOT)/ace/Signal.i \ - $(ACE_ROOT)/ace/Mem_Map.h \ - $(ACE_ROOT)/ace/Mem_Map.i \ - $(ACE_ROOT)/ace/Memory_Pool.i \ - $(ACE_ROOT)/ace/SOCK.i \ - $(ACE_ROOT)/ace/SOCK_IO.i \ - $(ACE_ROOT)/ace/SOCK_Stream.i \ - ../../SSLIOP/SSL_SOCK_Stream.i \ + ../../SSLIOP/SSL_Context.i ../../SSLIOP/SSL_SOCK_Stream.i \ $(ACE_ROOT)/ace/SOCK_Acceptor.h \ $(ACE_ROOT)/ace/Time_Value.h \ $(ACE_ROOT)/ace/SOCK_Acceptor.i \ |