Main Page | Namespace List | Class Hierarchy | Alphabetical List | Class List | File List | Namespace Members | Class Members | File Members | Related Pages | Search for 

IIOP_SSL_Transport.h

Go to the documentation of this file.
00001 // -*- C++ -*-
00002 
00003 //=============================================================================
00004 /**
00005  *  @file   IIOP_SSL_Transport.h
00006  *
00007  *  IIOP_SSL_Transport.h,v 1.10 2006/03/14 06:14:35 jtc Exp
00008  *
00009  *  @author Ossama Othman <ossama@uci.edu>
00010  */
00011 //=============================================================================
00012 
00013 
00014 #ifndef TAO_IIOP_SSL_TRANSPORT_H
00015 #define TAO_IIOP_SSL_TRANSPORT_H
00016 
00017 #include /**/ "ace/pre.h"
00018 
00019 #include "orbsvcs/SSLIOP/SSLIOP_Current.h"
00020 
00021 #if !defined (ACE_LACKS_PRAGMA_ONCE)
00022 #pragma once
00023 #endif /* ACE_LACKS_PRAGMA_ONCE */
00024 
00025 #include "tao/IIOP_Transport.h"
00026 
00027 TAO_BEGIN_VERSIONED_NAMESPACE_DECL
00028 
00029 class TAO_ORB_Core;
00030 class TAO_Resume_Handle;
00031 
00032 namespace TAO
00033 {
00034   class IIOP_SSL_Connection_Handler;
00035 
00036   /**
00037    * @class IIOP_SSL_Transport
00038    *
00039    * @brief
00040    * IIOP Transport designed to be "SSL aware," i.e. it is
00041    * aware of the existence of the SSLIOP Transport.   It makes
00042    * sure that SSL session state from a previous connection is not
00043    * associated with the non-SSL connection handled by this handler.
00044    *
00045    * However, this class overrides the handle_input() method to
00046    * invalidate the current TSS SSL state during a standard IIOP
00047    * (insecure) upcall.  This prevents SSL session state from a
00048    * previous SSL connection from being associated with non-SSL
00049    * connections processed by this connection handler.  In particular,
00050    * this is very important for closing a security hole in nested
00051    * upcalls.  For example, an SSLIOP request is made.  During that
00052    * secure upcall, an insecure nested upcall is made.  A naive
00053    * implementation would associate the TSS SSL state from the secure
00054    * upcall with the insecure upcall.  This implementation closes that
00055    * security hole.
00056    */
00057   class IIOP_SSL_Transport : public TAO_IIOP_Transport
00058   {
00059   public:
00060     /// Constructor.
00061     IIOP_SSL_Transport (IIOP_SSL_Connection_Handler *handler,
00062                         TAO_ORB_Core *orb_core,
00063                         CORBA::Boolean flag = 0);
00064 
00065     /// Default destructor.
00066     ~IIOP_SSL_Transport (void);
00067 
00068     /** @name Overridden Template Methods
00069      *
00070      * Please check the documentation in "tao/Transport.h" for more
00071      * details.
00072      */
00073     virtual int handle_input (TAO_Resume_Handle &rh,
00074                               ACE_Time_Value *max_wait_time = 0,
00075                               int block = 0);
00076 
00077   protected:
00078 
00079     /// Reference to the TAO::SSLIOP::Current object.
00080     TAO::SSLIOP::Current_var current_;
00081 
00082   };
00083 
00084 }  // End TAO namespace.
00085 
00086 TAO_END_VERSIONED_NAMESPACE_DECL
00087 
00088 #include /**/ "ace/post.h"
00089 
00090 #endif /* TAO_IIOP_SSL_TRANSPORT_H */
Generated on Thu Nov 9 13:54:13 2006 for TAO_SSLIOP by doxygen 1.3.6