PROTON-1068: c++ remove counted_ptr use in ssl.hpp Missed by previous commit.
Project: http://git-wip-us.apache.org/repos/asf/qpid-proton/repo Commit: http://git-wip-us.apache.org/repos/asf/qpid-proton/commit/a8e95823 Tree: http://git-wip-us.apache.org/repos/asf/qpid-proton/tree/a8e95823 Diff: http://git-wip-us.apache.org/repos/asf/qpid-proton/diff/a8e95823 Branch: refs/heads/go1 Commit: a8e95823321acbc9b31ebc80c0fe326247a2c194 Parents: 5045ec0 Author: Alan Conway <[email protected]> Authored: Fri Dec 4 13:46:32 2015 -0500 Committer: Alan Conway <[email protected]> Committed: Fri Dec 4 13:46:32 2015 -0500 ---------------------------------------------------------------------- .../cpp/include/proton/connection_options.hpp | 1 - proton-c/bindings/cpp/include/proton/ssl.hpp | 36 +++++------- proton-c/bindings/cpp/src/ssl_domain.cpp | 61 ++++++++------------ 3 files changed, 41 insertions(+), 57 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/a8e95823/proton-c/bindings/cpp/include/proton/connection_options.hpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/include/proton/connection_options.hpp b/proton-c/bindings/cpp/include/proton/connection_options.hpp index 6c78f54..e221e5b 100644 --- a/proton-c/bindings/cpp/include/proton/connection_options.hpp +++ b/proton-c/bindings/cpp/include/proton/connection_options.hpp @@ -26,7 +26,6 @@ #include "proton/pn_unique_ptr.hpp" #include "proton/reconnect_timer.hpp" #include "proton/types.hpp" -//#include "proton/ssl.hpp" #include <vector> #include <string> http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/a8e95823/proton-c/bindings/cpp/include/proton/ssl.hpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/include/proton/ssl.hpp b/proton-c/bindings/cpp/include/proton/ssl.hpp index d5d80d7..911bbed 100644 --- a/proton-c/bindings/cpp/include/proton/ssl.hpp +++ b/proton-c/bindings/cpp/include/proton/ssl.hpp @@ -23,9 +23,6 @@ */ #include "proton/export.hpp" #include "proton/pn_unique_ptr.hpp" -#include "proton/counted.hpp" -#include "proton/counted_ptr.hpp" - #include "proton/ssl.h" #include <string> @@ -75,17 +72,25 @@ class ssl_certificate { friend class server_domain; }; -class ssl_domain : public counted { - ssl_domain(bool server_type); +// Base class for SSL configuration +class ssl_domain { + public: ~ssl_domain(); + + protected: + ssl_domain(); + pn_ssl_domain_t *init(bool is_server); + pn_ssl_domain_t *pn_domain(); + private: pn_ssl_domain_t *impl_; - friend class client_domain; - friend class server_domain; + + friend class connection_options; + friend class container_impl; }; /** SSL/TLS configuration for inbound connections created from a listener */ -class server_domain { +class server_domain : public ssl_domain { public: /** A server domain based on the supplied X509 certificate specifier. */ PN_CPP_EXTERN server_domain(ssl_certificate &cert); @@ -95,28 +100,19 @@ class server_domain { ssl::verify_mode_t mode = ssl::VERIFY_PEER); /** A server domain restricted to available anonymous cipher suites on the platform. */ PN_CPP_EXTERN server_domain(); - private: - pn_ssl_domain_t *pn_domain(); - counted_ptr<ssl_domain> ssl_domain_; - server_domain(ssl_domain *); - friend class connection_options; - friend class container_impl; }; /** SSL/TLS configuration for outgoing connections created */ -class client_domain { +class client_domain : public ssl_domain { public: PN_CPP_EXTERN client_domain(const std::string &trust_db, ssl::verify_mode_t = ssl::VERIFY_PEER_NAME); PN_CPP_EXTERN client_domain(ssl_certificate&, const std::string &trust_db, ssl::verify_mode_t = ssl::VERIFY_PEER_NAME); /** A client domain restricted to available anonymous cipher suites on the platform. */ PN_CPP_EXTERN client_domain(); + private: - pn_ssl_domain_t *pn_domain(); - counted_ptr<ssl_domain> ssl_domain_; - client_domain(ssl_domain *); - friend class connection_options; - friend class container_impl; + client_domain(ssl_domain); }; http://git-wip-us.apache.org/repos/asf/qpid-proton/blob/a8e95823/proton-c/bindings/cpp/src/ssl_domain.cpp ---------------------------------------------------------------------- diff --git a/proton-c/bindings/cpp/src/ssl_domain.cpp b/proton-c/bindings/cpp/src/ssl_domain.cpp index ce50aa4..8bb081f 100644 --- a/proton-c/bindings/cpp/src/ssl_domain.cpp +++ b/proton-c/bindings/cpp/src/ssl_domain.cpp @@ -26,14 +26,22 @@ namespace proton { -ssl_domain::ssl_domain(bool server_type) { +ssl_domain::ssl_domain() : impl_(0) {} + +// Create on demand +pn_ssl_domain_t *ssl_domain::init(bool server_type) { + if (impl_) return impl_; impl_ = pn_ssl_domain(server_type ? PN_SSL_MODE_SERVER : PN_SSL_MODE_CLIENT); if (!impl_) throw error(MSG("SSL/TLS unavailable")); + return impl_; } -ssl_domain::~ssl_domain() { pn_ssl_domain_free(impl_); } +pn_ssl_domain_t *ssl_domain::pn_domain() { return impl_; } + +ssl_domain::~ssl_domain() { if (impl_) pn_ssl_domain_free(impl_); } namespace { + void set_cred(pn_ssl_domain_t *dom, const std::string &main, const std::string &extra, const std::string &pass, bool pwset) { const char *cred2 = extra.empty() ? NULL : extra.c_str(); const char *pw = pwset ? pass.c_str() : NULL; @@ -43,15 +51,17 @@ void set_cred(pn_ssl_domain_t *dom, const std::string &main, const std::string & } } -server_domain::server_domain(ssl_certificate &cert) : - ssl_domain_(new ssl_domain(true)) { - set_cred(ssl_domain_->impl_, cert.certdb_main_, cert.certdb_extra_, cert.passwd_, cert.pw_set_); +server_domain::server_domain(ssl_certificate &cert) { + set_cred(init(true), cert.certdb_main_, cert.certdb_extra_, cert.passwd_, cert.pw_set_); } -server_domain::server_domain(ssl_certificate &cert, const std::string &trust_db, const std::string &advertise_db, - ssl::verify_mode_t mode) : - ssl_domain_(new ssl_domain(true)) { - pn_ssl_domain_t *dom = ssl_domain_->impl_; +server_domain::server_domain( + ssl_certificate &cert, + const std::string &trust_db, + const std::string &advertise_db, + ssl::verify_mode_t mode) +{ + pn_ssl_domain_t* dom = init(true); set_cred(dom, cert.certdb_main_, cert.certdb_extra_, cert.passwd_, cert.pw_set_); if (pn_ssl_domain_set_trusted_ca_db(dom, trust_db.c_str())) throw error(MSG("SSL trust store initialization failure for " << trust_db)); @@ -60,16 +70,7 @@ server_domain::server_domain(ssl_certificate &cert, const std::string &trust_db, throw error(MSG("SSL server configuration failure requiring client certificates using " << db)); } -// Keep default constructor low overhead for default use in connection_options. -server_domain::server_domain() : ssl_domain_(0) {} - -pn_ssl_domain_t* server_domain::pn_domain() { - if (!ssl_domain_) { - // Lazily create anonymous domain context (no cert). Could make it a singleton, but rare use? - ssl_domain_.reset(new ssl_domain(true)); - } - return ssl_domain_->impl_; -} +server_domain::server_domain() {} namespace { void client_setup(pn_ssl_domain_t *dom, const std::string &trust_db, ssl::verify_mode_t mode) { @@ -80,28 +81,17 @@ void client_setup(pn_ssl_domain_t *dom, const std::string &trust_db, ssl::verify } } -client_domain::client_domain(const std::string &trust_db, ssl::verify_mode_t mode) : - ssl_domain_(new ssl_domain(false)) { - client_setup(ssl_domain_->impl_, trust_db, mode); +client_domain::client_domain(const std::string &trust_db, ssl::verify_mode_t mode) { + client_setup(init(false), trust_db, mode); } -client_domain::client_domain(ssl_certificate &cert, const std::string &trust_db, ssl::verify_mode_t mode) : - ssl_domain_(new ssl_domain(false)) { - pn_ssl_domain_t *dom = ssl_domain_->impl_; +client_domain::client_domain(ssl_certificate &cert, const std::string &trust_db, ssl::verify_mode_t mode) { + pn_ssl_domain_t *dom = init(false); set_cred(dom, cert.certdb_main_, cert.certdb_extra_, cert.passwd_, cert.pw_set_); client_setup(dom, trust_db, mode); } -client_domain::client_domain() : ssl_domain_(0) {} - -pn_ssl_domain_t* client_domain::pn_domain() { - if (!ssl_domain_) { - // Lazily create anonymous domain context (no CA). Could make it a singleton, but rare use? - ssl_domain_.reset(new ssl_domain(false)); - } - return ssl_domain_->impl_; -} - +client_domain::client_domain() {} ssl_certificate::ssl_certificate(const std::string &main, const std::string &extra) : certdb_main_(main), certdb_extra_(extra), pw_set_(false) {} @@ -109,5 +99,4 @@ ssl_certificate::ssl_certificate(const std::string &main, const std::string &ext ssl_certificate::ssl_certificate(const std::string &main, const std::string &extra, const std::string &pw) : certdb_main_(main), certdb_extra_(extra), passwd_(pw), pw_set_(true) {} - } // namespace --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
