Main Page | Namespace List | Class Hierarchy | Alphabetical List | Class List | File List | Namespace Members | Class Members | File Members | Related Pages | Search for 

SSLIOP_Accept_Strategy.cpp

Go to the documentation of this file.
00001 #include "orbsvcs/SSLIOP/SSLIOP_Accept_Strategy.h"
00002 
00003 
00004 ACE_RCSID (SSLIOP,
00005            SSLIOP_Accept_Strategy,
00006            "SSLIOP_Accept_Strategy.cpp,v 1.5 2006/03/14 06:14:35 jtc Exp")
00007 
00008 TAO_BEGIN_VERSIONED_NAMESPACE_DECL
00009 
00010 TAO::SSLIOP::Accept_Strategy::Accept_Strategy (
00011   TAO_ORB_Core * orb_core,
00012   const ACE_Time_Value & timeout)
00013   : TAO_Accept_Strategy<TAO::SSLIOP::Connection_Handler,
00014                         ACE_SSL_SOCK_ACCEPTOR> (orb_core),
00015     timeout_ (timeout)
00016 {
00017 }
00018 
00019 int
00020 TAO::SSLIOP::Accept_Strategy::accept_svc_handler (handler_type * svc_handler)
00021 {
00022   ACE_TRACE ("TAO::SSLIOP::Accept_Strategy::accept_svc_handler");
00023 
00024   // The following code is basically the same code found in
00025   // ACE_Accept_Strategy::accept_svc_handler().  The only difference
00026   // is that a timeout value is passed to the peer acceptor's accept()
00027   // method.  A timeout is necessary to prevent malicious or
00028   // misbehaved clients from only completing the TCP handshake and not
00029   // the SSL handshake.  Without the timeout, a denial-of-service
00030   // vulnerability would exist where multiple incomplete SSL passive
00031   // connections (i.e. where only the TCP handshake is completed)
00032   // could result in the server process running out of file
00033   // descriptors.  That would be due to the SSL handshaking process
00034   // blocking/waiting for the handshake to complete.
00035 
00036   // The timeout value will be modified.  Make a copy.
00037   ACE_Time_Value timeout (this->timeout_);
00038 
00039   // Try to find out if the implementation of the reactor that we are
00040   // using requires us to reset the event association for the newly
00041   // created handle. This is because the newly created handle will
00042   // inherit the properties of the listen handle, including its event
00043   // associations.
00044   const int reset_new_handle = this->reactor_->uses_event_associations ();
00045 
00046   if (this->peer_acceptor_.accept (svc_handler->peer (), // stream
00047                                    0,                // remote address
00048                                    &timeout,         // timeout
00049                                    1,                // restart
00050                                    reset_new_handle  // reset new handler
00051                                    ) == -1)
00052     {
00053       // Close down handler to avoid memory leaks.
00054       svc_handler->close (0);
00055 
00056       return -1;
00057     }
00058   else
00059     return 0;
00060 }
00061 
00062 TAO_END_VERSIONED_NAMESPACE_DECL
Generated on Thu Nov 9 13:54:13 2006 for TAO_SSLIOP by doxygen 1.3.6