diff options
author | Eric Milkie <milkie@10gen.com> | 2012-12-03 14:40:49 -0500 |
---|---|---|
committer | Eric Milkie <milkie@10gen.com> | 2012-12-04 10:57:49 -0500 |
commit | e4de169d6ac4e34a5e30d6d70db7d32a55555467 (patch) | |
tree | 9e06cfc7b8cf9efd1b02c511ec33355a4fcb9a60 /src/mongo/util/net/miniwebserver.cpp | |
parent | ddddf3b6a4bb3ff70fe12dd83e3ab0f43ffdd318 (diff) | |
download | mongo-e4de169d6ac4e34a5e30d6d70db7d32a55555467.tar.gz |
SERVER-7202 proper error handling framework for SSL
1. change "postFork()" to "doSSLHandshake()"
2. properly catch socket exceptions thrown by doSSLHandshake
3. properly handle error statuses from SSL_new, SSL_set_fd, SSL_connect,
SSL_accept
4. thread-safe implementation to fetch error text from SSL errors
(_getSSLErrorMessage)
5. check that private key and certificate match each other at startup time
Diffstat (limited to 'src/mongo/util/net/miniwebserver.cpp')
-rw-r--r-- | src/mongo/util/net/miniwebserver.cpp | 36 |
1 files changed, 21 insertions, 15 deletions
diff --git a/src/mongo/util/net/miniwebserver.cpp b/src/mongo/util/net/miniwebserver.cpp index 1e04693337f..dc890923bb0 100644 --- a/src/mongo/util/net/miniwebserver.cpp +++ b/src/mongo/util/net/miniwebserver.cpp @@ -109,25 +109,31 @@ namespace mongo { } void MiniWebServer::accepted(boost::shared_ptr<Socket> psock, long long connectionId ) { - psock->postFork(); - psock->setTimeout(8); char buf[4096]; int len = 0; - while ( 1 ) { - int left = sizeof(buf) - 1 - len; - if( left == 0 ) - break; - int x = psock->unsafe_recv( buf + len , left ); - if ( x <= 0 ) { - psock->close(); - return; - } - len += x; - buf[ len ] = 0; - if ( fullReceive( buf ) ) { - break; + try { + psock->doSSLHandshake(); + psock->setTimeout(8); + while ( 1 ) { + int left = sizeof(buf) - 1 - len; + if( left == 0 ) + break; + int x = psock->unsafe_recv( buf + len , left ); + if ( x <= 0 ) { + psock->close(); + return; + } + len += x; + buf[ len ] = 0; + if ( fullReceive( buf ) ) { + break; + } } } + catch (const SocketException& e) { + LOG(1) << "couldn't recv data via http client: " << e << endl; + return; + } buf[len] = 0; string responseMsg; |