📄 ssliop_acceptor.cpp
字号:
// This may look like C, but it's really -*- C++ -*-
//
// SSLIOP_Acceptor.cpp,v 1.41 2003/05/19 18:06:55 ossama Exp
#include "SSLIOP_Acceptor.h"
#include "SSLIOP_Profile.h"
#include "SSLIOP_Current.h"
#include "SSLIOP_Util.h"
#include "tao/MProfile.h"
#include "tao/ORB_Core.h"
#include "tao/Server_Strategy_Factory.h"
#include "tao/debug.h"
#include "tao/Codeset_Manager.h"
#if !defined(__ACE_INLINE__)
#include "SSLIOP_Acceptor.i"
#endif /* __ACE_INLINE__ */
ACE_RCSID (TAO_SSLIOP,
SSLIOP_Acceptor,
"SSLIOP_Acceptor.cpp,v 1.41 2003/05/19 18:06:55 ossama Exp")
#if defined (ACE_HAS_EXPLICIT_TEMPLATE_INSTANTIATION)
template class ACE_Acceptor<TAO_SSLIOP_Connection_Handler, ACE_SSL_SOCK_ACCEPTOR>;
template class ACE_Strategy_Acceptor<TAO_SSLIOP_Connection_Handler, ACE_SSL_SOCK_ACCEPTOR>;
template class ACE_Creation_Strategy<TAO_SSLIOP_Connection_Handler>;
template class ACE_Concurrency_Strategy<TAO_SSLIOP_Connection_Handler>;
template class ACE_Scheduling_Strategy<TAO_SSLIOP_Connection_Handler>;
template class TAO_Creation_Strategy<TAO_SSLIOP_Connection_Handler>;
template class TAO_Concurrency_Strategy<TAO_SSLIOP_Connection_Handler>;
#elif defined (ACE_HAS_TEMPLATE_INSTANTIATION_PRAGMA)
#pragma instantiate ACE_Acceptor<TAO_SSLIOP_Connection_Handler, ACE_SSL_SOCK_ACCEPTOR>
#pragma instantiate ACE_Strategy_Acceptor<TAO_SSLIOP_Connection_Handler, ACE_SSL_SOCK_ACCEPTOR>
#pragma instantiate ACE_Creation_Strategy<TAO_SSLIOP_Connection_Handler>
#pragma instantiate ACE_Concurrency_Strategy<TAO_SSLIOP_Connection_Handler>
#pragma instantiate ACE_Scheduling_Strategy<TAO_SSLIOP_Connection_Handler>
#pragma instantiate TAO_Creation_Strategy<TAO_SSLIOP_Connection_Handler>
#pragma instantiate TAO_Concurrency_Strategy<TAO_SSLIOP_Connection_Handler>
#endif /* ACE_HAS_EXPLICIT_TEMPLATE_INSTANTIATION */
TAO_SSLIOP_Acceptor::TAO_SSLIOP_Acceptor (Security::QOP qop,
const ACE_Time_Value & timeout)
: TAO_IIOP_SSL_Acceptor (),
ssl_acceptor_ (),
creation_strategy_ (0),
concurrency_strategy_ (0),
accept_strategy_ (0),
handler_state_ (),
timeout_ (timeout)
{
// Clear all bits in the SSLIOP::SSL association option fields.
this->ssl_component_.target_supports = 0;
this->ssl_component_.target_requires = 0;
// SSLIOP requires these Security::AssociationOptions by default.
ACE_SET_BITS (this->ssl_component_.target_requires,
Security::Integrity
| Security::Confidentiality
| Security::NoDelegation);
// SSLIOP supports these Security::AssociationOptions by default.
ACE_SET_BITS (this->ssl_component_.target_supports,
Security::Integrity
| Security::Confidentiality
| Security::EstablishTrustInTarget
| Security::NoDelegation);
// Initialize the default SSL port to zero (wild card port).
this->ssl_component_.port = 0;
// @@ This should go away once we support setting security
// association options through policies.
if (qop == Security::SecQOPNoProtection)
ACE_SET_BITS (this->ssl_component_.target_supports,
Security::NoProtection);
}
TAO_SSLIOP_Acceptor::~TAO_SSLIOP_Acceptor (void)
{
// Make sure we are closed before we start destroying the
// strategies.
this->close ();
delete this->creation_strategy_;
delete this->concurrency_strategy_;
delete this->accept_strategy_;
}
int
TAO_SSLIOP_Acceptor::create_profile (const TAO::ObjectKey &object_key,
TAO_MProfile &mprofile,
CORBA::Short priority)
{
// Sanity check.
if (this->endpoint_count_ == 0)
return -1;
// Check if multiple endpoints should be put in one profile or
// if they should be spread across multiple profiles.
if (priority == TAO_INVALID_PRIORITY)
return this->create_new_profile (object_key,
mprofile,
priority);
else
return this->create_shared_profile (object_key,
mprofile,
priority);
}
int
TAO_SSLIOP_Acceptor::create_new_profile (const TAO::ObjectKey &object_key,
TAO_MProfile &mprofile,
CORBA::Short priority)
{
// Adding this->endpoint_count_ to the TAO_MProfile.
int count = mprofile.profile_count ();
if ((mprofile.size () - count) < this->endpoint_count_
&& mprofile.grow (count + this->endpoint_count_) == -1)
return -1;
// Create a profile for each acceptor endpoint.
for (size_t i = 0; i < this->endpoint_count_; ++i)
{
TAO_SSLIOP_Profile *pfile = 0;
// @@ We need to create an SSLIOP::SSL component for the object
// we're creating an MProfile for. This will allow us to
// properly embed secure invocation policies in the generated
// IOR, i.e. secure invocation policies on a per-object
// basis, rather than on a per-endpoint basis. If no secure
// invocation policies have been set then we should use the
// below default SSLIOP::SSL component.
ACE_NEW_RETURN (pfile,
TAO_SSLIOP_Profile (this->hosts_[i],
this->addrs_[i].get_port_number (),
object_key,
this->addrs_[i],
this->version_,
this->orb_core_,
&(this->ssl_component_)),
-1);
pfile->endpoint ()->priority (priority);
if (mprofile.give_profile (pfile) == -1)
{
pfile->_decr_refcnt ();
pfile = 0;
return -1;
}
if (this->orb_core_->orb_params ()->std_profile_components () == 0)
continue;
pfile->tagged_components ().set_orb_type (TAO_ORB_TYPE);
this->orb_core_->codeset_manager()->
set_codeset(pfile->tagged_components());
IOP::TaggedComponent component;
component.tag = SSLIOP::TAG_SSL_SEC_TRANS;
// @@???? Check this code, only intended as guideline...
TAO_OutputCDR cdr;
cdr << TAO_OutputCDR::from_boolean (TAO_ENCAP_BYTE_ORDER);
// @@ We need to create an SSLIOP::SSL component for the object
// we're creating an MProfile for. This will allow us to
// properly embed secure invocation policies in the generated
// IOR, i.e. secure invocation policies on a per-object
// basis, rather than on a per-endpoint basis. If no secure
// invocation policies have been set then we should use the
// below default SSLIOP::SSL component.
cdr << this->ssl_component_;
// TAO extension, replace the contents of the octet sequence with
// the CDR stream
CORBA::ULong length = cdr.total_length ();
component.component_data.length (length);
CORBA::Octet *buf = component.component_data.get_buffer ();
for (const ACE_Message_Block *i = cdr.begin ();
i != 0;
i = i->cont ())
{
ACE_OS::memcpy (buf, i->rd_ptr (), i->length ());
buf += i->length ();
}
pfile->tagged_components ().set_component (component);
}
return 0;
}
int
TAO_SSLIOP_Acceptor::create_shared_profile (const TAO::ObjectKey &object_key,
TAO_MProfile &mprofile,
CORBA::Short priority)
{
size_t index = 0;
TAO_Profile *pfile = 0;
TAO_SSLIOP_Profile *ssliop_profile = 0;
// First see if <mprofile> already contains a SSLIOP profile.
for (TAO_PHandle i = 0; i != mprofile.profile_count (); ++i)
{
pfile = mprofile.get_profile (i);
if (pfile->tag () == IOP::TAG_INTERNET_IOP)
{
ssliop_profile = ACE_dynamic_cast (TAO_SSLIOP_Profile *,
pfile);
if (ssliop_profile == 0)
return -1;
break;
}
}
// If <mprofile> doesn't contain SSLIOP_Profile, we need to create
// one.
if (ssliop_profile == 0)
{
// @@ We need to create an SSLIOP::SSL component for the object
// we're creating an MProfile for. This will allow us to
// properly embed secure invocation policies in the generated
// IOR, i.e. secure invocation policies on a per-object
// basis, rather than on a per-endpoint basis. If no secure
// invocation policies have been set then we should use the
// below default SSLIOP::SSL component.
ACE_NEW_RETURN (ssliop_profile,
TAO_SSLIOP_Profile (this->hosts_[0],
this->addrs_[0].get_port_number (),
object_key,
this->addrs_[0],
this->version_,
this->orb_core_,
&(this->ssl_component_)),
-1);
TAO_SSLIOP_Endpoint *ssliop_endp =
ACE_dynamic_cast (TAO_SSLIOP_Endpoint *,
ssliop_profile->endpoint ());
ssliop_endp->priority (priority);
ssliop_endp->iiop_endpoint ()->priority (priority);
if (mprofile.give_profile (ssliop_profile) == -1)
{
ssliop_profile->_decr_refcnt ();
ssliop_profile = 0;
return -1;
}
if (this->orb_core_->orb_params ()->std_profile_components () != 0)
{
ssliop_profile->tagged_components ().set_orb_type (TAO_ORB_TYPE);
this->orb_core_->codeset_manager()->
set_codeset(ssliop_profile->tagged_components());
IOP::TaggedComponent component;
component.tag = SSLIOP::TAG_SSL_SEC_TRANS;
// @@???? Check this code, only intended as guideline...
TAO_OutputCDR cdr;
cdr << TAO_OutputCDR::from_boolean (TAO_ENCAP_BYTE_ORDER);
// @@ We need to create an SSLIOP::SSL component for the
// object we're creating an MProfile for. This will
// allow us to properly embed secure invocation policies
// in the generated IOR, i.e. secure invocation policies
// on a per-object basis, rather than on a per-endpoint
// basis. If no secure invocation policies have been set
// then we should use the below default SSLIOP::SSL
// component.
cdr << this->ssl_component_;
// TAO extension, replace the contents of the octet sequence with
// the CDR stream
CORBA::ULong length = cdr.total_length ();
component.component_data.length (length);
CORBA::Octet *buf = component.component_data.get_buffer ();
for (const ACE_Message_Block *i = cdr.begin ();
i != 0;
i = i->cont ())
{
ACE_OS::memcpy (buf, i->rd_ptr (), i->length ());
buf += i->length ();
}
ssliop_profile->tagged_components ().set_component (component);
}
index = 1;
}
// Add any remaining endpoints to the SSLIOP_Profile.
for (;
index < this->endpoint_count_;
++index)
{
TAO_SSLIOP_Endpoint *ssl_endp = 0;
TAO_IIOP_Endpoint *iiop_endp = 0;
ACE_NEW_RETURN (iiop_endp,
TAO_IIOP_Endpoint (this->hosts_[index],
this->addrs_[index].get_port_number (),
this->addrs_[index]),
-1);
iiop_endp->priority (priority);
ACE_NEW_RETURN (ssl_endp,
TAO_SSLIOP_Endpoint (&(this->ssl_component_),
iiop_endp),
-1);
ssl_endp->priority (priority);
ssliop_profile->add_endpoint (ssl_endp);
}
return 0;
}
int
TAO_SSLIOP_Acceptor::is_collocated (const TAO_Endpoint *endpoint)
{
const TAO_SSLIOP_Endpoint *endp =
ACE_dynamic_cast (const TAO_SSLIOP_Endpoint *,
endpoint);
// Make sure the dynamically cast pointer is valid.
if (endp == 0)
return 0;
for (size_t i = 0; i < this->endpoint_count_; ++i)
{
// @@ TODO The following code looks funky, why only the address
// is compared? What about the IIOP address? Why force a
// DNS lookup every time an SSLIOP object is decoded:
//
// http://deuce.doc.wustl.edu/bugzilla/show_bug.cgi?id=1220
//
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -