Author: astitcher
Date: Wed Oct 24 05:51:45 2012
New Revision: 1401561
URL: http://svn.apache.org/viewvc?rev=1401561&view=rev
Log:
QPID-4272: Large amounts of code are duplicated between the SSL and TCP
transports
Refactor SslMux support simplifying it and remove need for separate
SslHandler and SslIo code.
Refactored SSL client code to use the same connect and broker SSL to use the
same
accept sequences as the TCP code. This also solves QPID-3565: IPv6 support for
SSL
transport on Unix C++ client/broker
Remove now unneeded ssl files.
Removed:
qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslHandler.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslHandler.h
qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslIo.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslIo.h
Modified:
qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/Socket.h
qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/posix/AsynchIO.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.h
qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.h
qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.cpp
qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.h
qpid/trunk/qpid/cpp/src/ssl.cmake
qpid/trunk/qpid/cpp/src/ssl.mk
Modified: qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/client/SslConnector.cpp Wed Oct 24 05:51:45
2012
@@ -30,8 +30,9 @@
#include "qpid/framing/AMQFrame.h"
#include "qpid/framing/InitiationHandler.h"
#include "qpid/sys/ssl/util.h"
-#include "qpid/sys/ssl/SslIo.h"
+#include "qpid/sys/AsynchIO.h"
#include "qpid/sys/ssl/SslSocket.h"
+#include "qpid/sys/SocketAddress.h"
#include "qpid/sys/Dispatcher.h"
#include "qpid/sys/Poller.h"
#include "qpid/sys/SecuritySettings.h"
@@ -72,7 +73,8 @@ class SslConnector : public Connector
sys::ssl::SslSocket socket;
- sys::ssl::SslIO* aio;
+ sys::AsynchConnector* connector;
+ sys::AsynchIO* aio;
std::string identifier;
Poller::shared_ptr poller;
SecuritySettings securitySettings;
@@ -86,6 +88,8 @@ class SslConnector : public Connector
void disconnected(AsynchIO&);
void connect(const std::string& host, const std::string& port);
+ void connected(const sys::Socket&);
+ void connectFailed(const std::string& msg);
void close();
void send(framing::AMQFrame& frame);
void abort() {} // TODO: Need to fix for heartbeat timeouts to work
@@ -164,24 +168,28 @@ SslConnector::~SslConnector() {
close();
}
-void SslConnector::connect(const std::string& host, const std::string& port){
+void SslConnector::connect(const std::string& host, const std::string& port) {
Mutex::ScopedLock l(lock);
assert(closed);
- try {
- socket.connect(SocketAddress(host, port));
- } catch (const std::exception& e) {
- socket.close();
- throw TransportFailure(e.what());
- }
-
+ connector = AsynchConnector::create(
+ socket,
+ host, port,
+ boost::bind(&SslConnector::connected, this, _1),
+ boost::bind(&SslConnector::connectFailed, this, _3));
closed = false;
- aio = new SslIO(socket,
- boost::bind(&SslConnector::readbuff, this, _1, _2),
- boost::bind(&SslConnector::eof, this, _1),
- boost::bind(&SslConnector::disconnected, this, _1),
- boost::bind(&SslConnector::socketClosed, this, _1, _2),
- 0, // nobuffs
- boost::bind(&SslConnector::writebuff, this, _1));
+
+ connector->start(poller);
+}
+
+void SslConnector::connected(const Socket&) {
+ connector = 0;
+ aio = AsynchIO::create(socket,
+ boost::bind(&SslConnector::readbuff, this, _1, _2),
+ boost::bind(&SslConnector::eof, this, _1),
+ boost::bind(&SslConnector::disconnected, this, _1),
+ boost::bind(&SslConnector::socketClosed, this, _1,
_2),
+ 0, // nobuffs
+ boost::bind(&SslConnector::writebuff, this, _1));
aio->createBuffers(maxFrameSize);
identifier = str(format("[%1%]") % socket.getFullAddress());
@@ -190,6 +198,16 @@ void SslConnector::connect(const std::st
aio->start(poller);
}
+void SslConnector::connectFailed(const std::string& msg) {
+ connector = 0;
+ QPID_LOG(warning, "Connect failed: " << msg);
+ socket.close();
+ if (!closed)
+ closed = true;
+ if (shutdownHandler)
+ shutdownHandler->shutdown();
+}
+
void SslConnector::close() {
Mutex::ScopedLock l(lock);
if (!closed) {
@@ -265,7 +283,7 @@ void SslConnector::writebuff(AsynchIO& /
return;
}
- SslIO::BufferBase* buffer = aio->getQueuedBuffer();
+ AsynchIOBufferBase* buffer = aio->getQueuedBuffer();
if (buffer) {
size_t encoded = encode(buffer->bytes, buffer->byteCount);
@@ -343,7 +361,7 @@ size_t SslConnector::decode(const char*
}
void SslConnector::writeDataBlock(const AMQDataBlock& data) {
- SslIO::BufferBase* buff = aio->getQueuedBuffer();
+ AsynchIOBufferBase* buff = aio->getQueuedBuffer();
assert(buff);
framing::Buffer out(buff->bytes, buff->byteCount);
data.encode(out);
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/Socket.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/Socket.h?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/Socket.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/Socket.h Wed Oct 24 05:51:45 2012
@@ -46,6 +46,7 @@ public:
virtual void setTcpNoDelay() const = 0;
virtual void connect(const SocketAddress&) const = 0;
+ virtual void finishConnect(const SocketAddress&) const = 0;
virtual void close() const = 0;
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/SslPlugin.cpp Wed Oct 24 05:51:45 2012
@@ -22,20 +22,17 @@
#include "qpid/sys/ProtocolFactory.h"
#include "qpid/Plugin.h"
-#include "qpid/sys/ssl/check.h"
-#include "qpid/sys/ssl/util.h"
-#include "qpid/sys/ssl/SslHandler.h"
+#include "qpid/broker/Broker.h"
+#include "qpid/log/Statement.h"
#include "qpid/sys/AsynchIOHandler.h"
#include "qpid/sys/AsynchIO.h"
-#include "qpid/sys/ssl/SslIo.h"
+#include "qpid/sys/ssl/util.h"
#include "qpid/sys/ssl/SslSocket.h"
#include "qpid/sys/SocketAddress.h"
-#include "qpid/broker/Broker.h"
-#include "qpid/log/Statement.h"
+#include "qpid/sys/Poller.h"
#include <boost/bind.hpp>
-#include <memory>
-
+#include <boost/ptr_container/ptr_vector.hpp>
namespace qpid {
namespace sys {
@@ -65,38 +62,33 @@ struct SslServerOptions : ssl::SslOption
}
};
-template <class T>
-class SslProtocolFactoryTmpl : public ProtocolFactory {
- private:
-
+class SslProtocolFactory : public ProtocolFactory {
+ boost::ptr_vector<Socket> listeners;
+ boost::ptr_vector<AsynchAcceptor> acceptors;
Timer& brokerTimer;
uint32_t maxNegotiateTime;
+ uint16_t listeningPort;
const bool tcpNoDelay;
- T listener;
- const uint16_t listeningPort;
- std::auto_ptr<SslAcceptor> acceptor;
bool nodict;
public:
- SslProtocolFactoryTmpl(const std::string& host, const std::string& port,
+ SslProtocolFactory(const std::string& host, const std::string& port,
const SslServerOptions&,
int backlog, bool nodelay,
Timer& timer, uint32_t maxTime);
void accept(Poller::shared_ptr, ConnectionCodec::Factory*);
void connect(Poller::shared_ptr, const std::string& host, const
std::string& port,
ConnectionCodec::Factory*,
- boost::function2<void, int, std::string> failed);
+ ConnectFailedCallback);
uint16_t getPort() const;
private:
void established(Poller::shared_ptr, const Socket&,
ConnectionCodec::Factory*,
bool isClient);
+ void connectFailed(const Socket&, int, const std::string&,
ConnectFailedCallback);
};
-typedef SslProtocolFactoryTmpl<SslSocket> SslProtocolFactory;
-typedef SslProtocolFactoryTmpl<SslMuxSocket> SslMuxProtocolFactory;
-
// Static instance to initialise plugin
static struct SslPlugin : public Plugin {
@@ -125,7 +117,7 @@ static struct SslPlugin : public Plugin
}
}
}
-
+
void initialize(Target& target) {
QPID_LOG(trace, "Initialising SSL plugin");
broker::Broker* broker = dynamic_cast<broker::Broker*>(&target);
@@ -140,12 +132,7 @@ static struct SslPlugin : public Plugin
const broker::Broker::Options& opts = broker->getOptions();
- ProtocolFactory::shared_ptr protocol(options.multiplex ?
- static_cast<ProtocolFactory*>(new
SslMuxProtocolFactory("", boost::lexical_cast<std::string>(options.port),
-
options,
-
opts.connectionBacklog,
-
opts.tcpNoDelay,
-
broker->getTimer(), opts.maxNegotiateTime)) :
+ ProtocolFactory::shared_ptr protocol(
static_cast<ProtocolFactory*>(new
SslProtocolFactory("", boost::lexical_cast<std::string>(options.port),
options,
opts.connectionBacklog,
@@ -153,7 +140,7 @@ static struct SslPlugin : public Plugin
broker->getTimer(), opts.maxNegotiateTime)));
QPID_LOG(notice, "Listening for " <<
(options.multiplex ? "SSL or TCP" :
"SSL") <<
- " connections on TCP port " <<
+ " connections on TCP/TCP6 port " <<
protocol->getPort());
broker->registerProtocolFactory("ssl", protocol);
} catch (const std::exception& e) {
@@ -164,79 +151,48 @@ static struct SslPlugin : public Plugin
}
} sslPlugin;
-template <class T>
-SslProtocolFactoryTmpl<T>::SslProtocolFactoryTmpl(const std::string& host,
const std::string& port,
+SslProtocolFactory::SslProtocolFactory(const std::string& host, const
std::string& port,
const SslServerOptions&
options,
int backlog, bool nodelay,
Timer& timer, uint32_t
maxTime) :
brokerTimer(timer),
maxNegotiateTime(maxTime),
tcpNoDelay(nodelay),
- listener(options.certName, options.clientAuth),
- listeningPort(listener.listen(SocketAddress(host, port), backlog)),
nodict(options.nodict)
-{}
-
-void SslEstablished(Poller::shared_ptr poller, const qpid::sys::SslSocket& s,
- ConnectionCodec::Factory* f, bool isClient,
- Timer& timer, uint32_t maxTime, bool tcpNoDelay, bool
nodict) {
- qpid::sys::ssl::SslHandler* async = new
qpid::sys::ssl::SslHandler(s.getFullAddress(), f, nodict);
-
- if (tcpNoDelay) {
- s.setTcpNoDelay();
- QPID_LOG(info, "Set TCP_NODELAY on connection to " <<
s.getPeerAddress());
- }
+{
+ SocketAddress sa(host, port);
- if (isClient) {
- async->setClient();
+ // We must have at least one resolved address
+ QPID_LOG(info, "Listening to: " << sa.asString())
+ Socket* s = options.multiplex ?
+ new SslMuxSocket(options.certName, options.clientAuth) :
+ new SslSocket(options.certName, options.clientAuth);
+ uint16_t lport = s->listen(sa, backlog);
+ QPID_LOG(debug, "Listened to: " << lport);
+ listeners.push_back(s);
+
+ listeningPort = lport;
+
+ // Try any other resolved addresses
+ while (sa.nextAddress()) {
+ // Hack to ensure that all listening connections are on the same port
+ sa.setAddrInfoPort(listeningPort);
+ QPID_LOG(info, "Listening to: " << sa.asString())
+ Socket* s = options.multiplex ?
+ new SslMuxSocket(options.certName, options.clientAuth) :
+ new SslSocket(options.certName, options.clientAuth);
+ uint16_t lport = s->listen(sa, backlog);
+ QPID_LOG(debug, "Listened to: " << lport);
+ listeners.push_back(s);
}
- qpid::sys::ssl::SslIO* aio = new qpid::sys::ssl::SslIO(s,
-
boost::bind(&qpid::sys::ssl::SslHandler::readbuff, async, _1, _2),
- boost::bind(&qpid::sys::ssl::SslHandler::eof,
async, _1),
-
boost::bind(&qpid::sys::ssl::SslHandler::disconnect, async, _1),
-
boost::bind(&qpid::sys::ssl::SslHandler::closedSocket, async, _1, _2),
-
boost::bind(&qpid::sys::ssl::SslHandler::nobuffs, async, _1),
-
boost::bind(&qpid::sys::ssl::SslHandler::idle, async, _1));
-
- async->init(aio,timer, maxTime);
- aio->start(poller);
}
-template <>
+
void SslProtocolFactory::established(Poller::shared_ptr poller, const Socket&
s,
ConnectionCodec::Factory* f, bool
isClient) {
- const SslSocket *sslSock = dynamic_cast<const SslSocket*>(&s);
-
- SslEstablished(poller, *sslSock, f, isClient, brokerTimer,
maxNegotiateTime, tcpNoDelay, nodict);
-}
-template <class T>
-uint16_t SslProtocolFactoryTmpl<T>::getPort() const {
- return listeningPort; // Immutable no need for lock.
-}
-
-template <class T>
-void SslProtocolFactoryTmpl<T>::accept(Poller::shared_ptr poller,
- ConnectionCodec::Factory* fact) {
- acceptor.reset(
- new SslAcceptor(listener,
- boost::bind(&SslProtocolFactoryTmpl<T>::established,
- this, poller, _1, fact, false)));
- acceptor->start(poller);
-}
-
-template <>
-void SslMuxProtocolFactory::established(Poller::shared_ptr poller, const
Socket& s,
- ConnectionCodec::Factory* f, bool
isClient) {
- const SslSocket *sslSock = dynamic_cast<const SslSocket*>(&s);
-
- if (sslSock) {
- SslEstablished(poller, *sslSock, f, isClient, brokerTimer,
maxNegotiateTime, tcpNoDelay, nodict);
- return;
- }
-
- AsynchIOHandler* async = new AsynchIOHandler(s.getFullAddress(), f, false);
+ AsynchIOHandler* async = new AsynchIOHandler(s.getFullAddress(), f,
nodict);
if (tcpNoDelay) {
s.setTcpNoDelay();
@@ -246,21 +202,44 @@ void SslMuxProtocolFactory::established(
if (isClient) {
async->setClient();
}
- AsynchIO* aio = AsynchIO::create
- (s,
- boost::bind(&AsynchIOHandler::readbuff, async, _1, _2),
- boost::bind(&AsynchIOHandler::eof, async, _1),
- boost::bind(&AsynchIOHandler::disconnect, async, _1),
- boost::bind(&AsynchIOHandler::closedSocket, async, _1, _2),
- boost::bind(&AsynchIOHandler::nobuffs, async, _1),
- boost::bind(&AsynchIOHandler::idle, async, _1));
+
+ AsynchIO* aio = AsynchIO::create(
+ s,
+ boost::bind(&AsynchIOHandler::readbuff, async, _1, _2),
+ boost::bind(&AsynchIOHandler::eof, async, _1),
+ boost::bind(&AsynchIOHandler::disconnect, async, _1),
+ boost::bind(&AsynchIOHandler::closedSocket, async, _1, _2),
+ boost::bind(&AsynchIOHandler::nobuffs, async, _1),
+ boost::bind(&AsynchIOHandler::idle, async, _1));
async->init(aio, brokerTimer, maxNegotiateTime);
aio->start(poller);
}
-template <class T>
-void SslProtocolFactoryTmpl<T>::connect(
+uint16_t SslProtocolFactory::getPort() const {
+ return listeningPort; // Immutable no need for lock.
+}
+
+void SslProtocolFactory::accept(Poller::shared_ptr poller,
+ ConnectionCodec::Factory* fact) {
+ for (unsigned i = 0; i<listeners.size(); ++i) {
+ acceptors.push_back(
+ AsynchAcceptor::create(listeners[i],
+ boost::bind(&SslProtocolFactory::established,
this, poller, _1, fact, false)));
+ acceptors[i].start(poller);
+ }
+}
+
+void SslProtocolFactory::connectFailed(
+ const Socket& s, int ec, const std::string& emsg,
+ ConnectFailedCallback failedCb)
+{
+ failedCb(ec, emsg);
+ s.close();
+ delete &s;
+}
+
+void SslProtocolFactory::connect(
Poller::shared_ptr poller,
const std::string& host, const std::string& port,
ConnectionCodec::Factory* fact,
@@ -272,10 +251,23 @@ void SslProtocolFactoryTmpl<T>::connect(
// shutdown. The allocated SslConnector frees itself when it
// is no longer needed.
- qpid::sys::ssl::SslSocket* socket = new qpid::sys::ssl::SslSocket();
- new SslConnector(*socket, poller, host, port,
- boost::bind(&SslProtocolFactoryTmpl<T>::established,
this, poller, _1, fact, true),
- failed);
+ Socket* socket = new qpid::sys::ssl::SslSocket();
+ try {
+ AsynchConnector* c = AsynchConnector::create(
+ *socket,
+ host,
+ port,
+ boost::bind(&SslProtocolFactory::established,
+ this, poller, _1, fact, true),
+ boost::bind(&SslProtocolFactory::connectFailed,
+ this, _1, _2, _3, failed));
+ c->start(poller);
+ } catch (std::exception&) {
+ // TODO: Design question - should we do the error callback and also
throw?
+ int errCode = socket->getError();
+ connectFailed(*socket, errCode, strError(errCode), failed);
+ throw;
+ }
}
}} // namespace qpid::sys
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/TCPIOPlugin.cpp Wed Oct 24 05:51:45 2012
@@ -20,15 +20,15 @@
*/
#include "qpid/sys/ProtocolFactory.h"
-#include "qpid/sys/AsynchIOHandler.h"
-#include "qpid/sys/AsynchIO.h"
#include "qpid/Plugin.h"
+#include "qpid/broker/Broker.h"
+#include "qpid/log/Statement.h"
+#include "qpid/sys/AsynchIOHandler.h"
+#include "qpid/sys/AsynchIO.h"
#include "qpid/sys/Socket.h"
#include "qpid/sys/SocketAddress.h"
#include "qpid/sys/Poller.h"
-#include "qpid/broker/Broker.h"
-#include "qpid/log/Statement.h"
#include <boost/bind.hpp>
#include <boost/ptr_container/ptr_vector.hpp>
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/posix/AsynchIO.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/posix/AsynchIO.cpp?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/posix/AsynchIO.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/posix/AsynchIO.cpp Wed Oct 24 05:51:45 2012
@@ -196,6 +196,13 @@ void AsynchConnector::connComplete(Dispa
int errCode = socket.getError();
if (errCode == 0) {
h.stopWatch();
+ try {
+ socket.finishConnect(sa);
+ } catch (const std::exception& e) {
+ failCallback(socket, 0, e.what());
+ DispatchHandle::doDelete();
+ return;
+ }
connCallback(socket);
} else {
// Retry while we cause an immediate exception
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.cpp?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.cpp Wed Oct 24 05:51:45
2012
@@ -176,6 +176,10 @@ void BSDSocket::connect(const SocketAddr
}
}
+void BSDSocket::finishConnect(const SocketAddress&) const
+{
+}
+
void
BSDSocket::close() const
{
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.h?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/posix/BSDSocket.h Wed Oct 24 05:51:45 2012
@@ -55,6 +55,7 @@ public:
QPID_COMMON_EXTERN virtual void setTcpNoDelay() const;
QPID_COMMON_EXTERN virtual void connect(const SocketAddress&) const;
+ QPID_COMMON_EXTERN virtual void finishConnect(const SocketAddress&) const;
QPID_COMMON_EXTERN virtual void close() const;
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.cpp Wed Oct 24 05:51:45 2012
@@ -87,6 +87,7 @@ SslSocket::SslSocket(const std::string&
{
//configure prototype socket:
prototype = SSL_ImportFD(0, PR_NewTCPSocket());
+
if (clientAuth) {
NSS_CHECK(SSL_OptionSet(prototype, SSL_REQUEST_CERTIFICATE, PR_TRUE));
NSS_CHECK(SSL_OptionSet(prototype, SSL_REQUIRE_CERTIFICATE, PR_TRUE));
@@ -131,7 +132,10 @@ void SslSocket::setTcpNoDelay() const
void SslSocket::connect(const SocketAddress& addr) const
{
BSDSocket::connect(addr);
+}
+void SslSocket::finishConnect(const SocketAddress& addr) const
+{
nssSocket = SSL_ImportFD(0, PR_ImportTCPSocket(fd));
void* arg;
@@ -167,9 +171,9 @@ void SslSocket::close() const
int SslSocket::listen(const SocketAddress& sa, int backlog) const
{
//get certificate and key (is this the correct way?)
- std::string certName( (certname == "") ? "localhost.localdomain" :
certname);
- CERTCertificate *cert =
PK11_FindCertFromNickname(const_cast<char*>(certName.c_str()), 0);
- if (!cert) throw Exception(QPID_MSG("Failed to load certificate '" <<
certName << "'"));
+ std::string cName( (certname == "") ? "localhost.localdomain" : certname);
+ CERTCertificate *cert =
PK11_FindCertFromNickname(const_cast<char*>(cName.c_str()), 0);
+ if (!cert) throw Exception(QPID_MSG("Failed to load certificate '" <<
cName << "'"));
SECKEYPrivateKey *key = PK11_FindKeyByAnyCert(cert, 0);
if (!key) throw Exception(QPID_MSG("Failed to retrieve private key from
certificate"));
NSS_CHECK(SSL_ConfigSecureServer(prototype, cert, key,
NSS_FindCertKEAType(cert)));
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.h?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/ssl/SslSocket.h Wed Oct 24 05:51:45 2012
@@ -57,6 +57,7 @@ public:
void setCertName(const std::string& certName);
void connect(const SocketAddress&) const;
+ void finishConnect(const SocketAddress&) const;
void close() const;
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.cpp
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.cpp?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.cpp (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.cpp Wed Oct 24 05:51:45
2012
@@ -165,6 +165,11 @@ WinSocket::connect(const SocketAddress&
}
void
+WinSocket::finishConnect(const SocketAddress&) const
+{
+}
+
+void
WinSocket::close() const
{
SOCKET& socket = handle->fd;
Modified: qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.h
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.h?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.h (original)
+++ qpid/trunk/qpid/cpp/src/qpid/sys/windows/WinSocket.h Wed Oct 24 05:51:45
2012
@@ -61,6 +61,7 @@ public:
QPID_COMMON_EXTERN virtual void setTcpNoDelay() const;
QPID_COMMON_EXTERN virtual void connect(const SocketAddress&) const;
+ QPID_COMMON_EXTERN virtual void finishConnect(const SocketAddress&) const;
QPID_COMMON_EXTERN virtual void close() const;
Modified: qpid/trunk/qpid/cpp/src/ssl.cmake
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/ssl.cmake?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/ssl.cmake (original)
+++ qpid/trunk/qpid/cpp/src/ssl.cmake Wed Oct 24 05:51:45 2012
@@ -69,8 +69,6 @@ if (BUILD_SSL)
qpid/sys/ssl/util.cpp
qpid/sys/ssl/SslSocket.h
qpid/sys/ssl/SslSocket.cpp
- qpid/sys/ssl/SslIo.h
- qpid/sys/ssl/SslIo.cpp
)
add_library (sslcommon SHARED ${sslcommon_SOURCES})
@@ -87,8 +85,6 @@ if (BUILD_SSL)
set (ssl_SOURCES
qpid/sys/SslPlugin.cpp
- qpid/sys/ssl/SslHandler.h
- qpid/sys/ssl/SslHandler.cpp
)
add_library (ssl MODULE ${ssl_SOURCES})
target_link_libraries (ssl qpidbroker sslcommon
${Boost_PROGRAM_OPTIONS_LIBRARY})
Modified: qpid/trunk/qpid/cpp/src/ssl.mk
URL:
http://svn.apache.org/viewvc/qpid/trunk/qpid/cpp/src/ssl.mk?rev=1401561&r1=1401560&r2=1401561&view=diff
==============================================================================
--- qpid/trunk/qpid/cpp/src/ssl.mk (original)
+++ qpid/trunk/qpid/cpp/src/ssl.mk Wed Oct 24 05:51:45 2012
@@ -25,9 +25,7 @@ libsslcommon_la_SOURCES = \
qpid/sys/ssl/util.h \
qpid/sys/ssl/util.cpp \
qpid/sys/ssl/SslSocket.h \
- qpid/sys/ssl/SslSocket.cpp \
- qpid/sys/ssl/SslIo.h \
- qpid/sys/ssl/SslIo.cpp
+ qpid/sys/ssl/SslSocket.cpp
SSLCOMMON_VERSION_INFO = 2:0:0
libsslcommon_la_LDFLAGS = -version-info $(SSLCOMMON_VERSION_INFO)
@@ -37,9 +35,7 @@ libsslcommon_la_CXXFLAGS=$(AM_CXXFLAGS)
lib_LTLIBRARIES += libsslcommon.la
ssl_la_SOURCES = \
- qpid/sys/SslPlugin.cpp \
- qpid/sys/ssl/SslHandler.h \
- qpid/sys/ssl/SslHandler.cpp
+ qpid/sys/SslPlugin.cpp
ssl_la_LIBADD= libqpidbroker.la libsslcommon.la
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
