TAO_SSLIOP_Profile Class Reference

#include <SSLIOP_Profile.h>

Inheritance diagram for TAO_SSLIOP_Profile:

[legend]Collaboration diagram for TAO_SSLIOP_Profile:

[legend]List of all members.

Public Member Functions
	TAO_SSLIOP_Profile (const ACE_INET_Addr &addr, const TAO::ObjectKey &object_key, const TAO_GIOP_Message_Version &version, TAO_ORB_Core *orb_core, const::SSLIOP::SSL *ssl_component)
	TAO_SSLIOP_Profile (const char *host, CORBA::UShort port, const TAO::ObjectKey &object_key, const ACE_INET_Addr &addr, const TAO_GIOP_Message_Version &version, TAO_ORB_Core *orb_core, const::SSLIOP::SSL *ssl_component)
	TAO_SSLIOP_Profile (TAO_ORB_Core *orb_core, const::SSLIOP::SSL *ssl_component)
	Create profile with the given SSLIOP tagged component.
	TAO_SSLIOP_Profile (TAO_ORB_Core *orb_core, int ssl_only=0)
virtual int	decode (TAO_InputCDR &cdr)
virtual int	encode_endpoints (void)
virtual TAO_Endpoint *	endpoint (void)
virtual void	parse_string (const char *string)
void	add_endpoint (TAO_SSLIOP_Endpoint *endp)
Protected Member Functions
	~TAO_SSLIOP_Profile (void)
	Destructor.
virtual CORBA::Boolean	do_is_equivalent (const TAO_Profile *other_profile)
	Profile equivalence template method.
Private Member Functions
int	decode_tagged_endpoints (void)
Private Attributes
TAO_SSLIOP_Endpoint	ssl_endpoint_
int	ssl_only_

---

Constructor & Destructor Documentation

TAO_BEGIN_VERSIONED_NAMESPACE_DECL TAO_SSLIOP_Profile::TAO_SSLIOP_Profile (  const ACE_INET_Addr &  addr, const TAO::ObjectKey &  object_key, const TAO_GIOP_Message_Version &  version, TAO_ORB_Core *  orb_core, const::SSLIOP::SSL *  ssl_component )

Profile constructor, same as above except the object_key has already been marshaled. Definition at line 15 of file SSLIOP_Profile.cpp. References TAO_SSLIOP_Endpoint::iiop_endpoint(), and ssl_endpoint_. : TAO_IIOP_Profile (addr, object_key, version, orb_core), ssl_endpoint_ (ssl_component, 0), ssl_only_ (0) { this->ssl_endpoint_.iiop_endpoint (&this->endpoint_, true); }

TAO_SSLIOP_Profile::TAO_SSLIOP_Profile (  const char *  host, CORBA::UShort  port, const TAO::ObjectKey &  object_key, const ACE_INET_Addr &  addr, const TAO_GIOP_Message_Version &  version, TAO_ORB_Core *  orb_core, const::SSLIOP::SSL *  ssl_component )

Profile constructor, this is the most efficient since it doesn't require any address resolution processing. Definition at line 30 of file SSLIOP_Profile.cpp. References TAO_SSLIOP_Endpoint::iiop_endpoint(), and ssl_endpoint_. : TAO_IIOP_Profile (host, port, object_key, addr, version, orb_core), ssl_endpoint_ (ssl_component, 0), ssl_only_ (0) { this->ssl_endpoint_.iiop_endpoint (&this->endpoint_, true); }

TAO_SSLIOP_Profile::TAO_SSLIOP_Profile (  TAO_ORB_Core *  orb_core, const::SSLIOP::SSL *  ssl_component )

Create profile with the given SSLIOP tagged component. Definition at line 49 of file SSLIOP_Profile.cpp. References TAO_SSLIOP_Endpoint::iiop_endpoint(), and ssl_endpoint_. : TAO_IIOP_Profile (orb_core), ssl_endpoint_ (ssl_component, 0), ssl_only_ (0) { this->ssl_endpoint_.iiop_endpoint (&this->endpoint_, true); }

TAO_SSLIOP_Profile::TAO_SSLIOP_Profile (  TAO_ORB_Core *  orb_core, int  ssl_only = 0 )

Profile constructor. ssl_only != 0 will force secure connections, pnly. Definition at line 58 of file SSLIOP_Profile.cpp. References TAO_SSLIOP_Endpoint::iiop_endpoint(), and ssl_endpoint_. : TAO_IIOP_Profile (orb_core), ssl_endpoint_ (0, 0), ssl_only_ (ssl_only) { this->ssl_endpoint_.iiop_endpoint (&this->endpoint_, true); }

TAO_SSLIOP_Profile::~TAO_SSLIOP_Profile (  void   )  [protected]

Destructor. Protected destructor to enforce proper memory management through the reference counting mechanism. Definition at line 66 of file SSLIOP_Profile.cpp. References TAO_Endpoint::next(), TAO_SSLIOP_Endpoint::next(), and ssl_endpoint_. { // Clean up the list of endpoints since we own it. // Skip the head, since it is not dynamically allocated. TAO_Endpoint *tmp = 0; for (TAO_Endpoint *next = this->ssl_endpoint_.next (); next != 0; next = tmp) { tmp = next->next (); delete next; } }

---

Member Function Documentation

void TAO_SSLIOP_Profile::add_endpoint (  TAO_SSLIOP_Endpoint *  endp  )

Add endp to this profile's list of endpoints (it is inserted next to the head of the list). This profiles takes ownership of endp. If endp's iiop_endpoint_ member is not 0, it is added to our parent's class endpoint list. Definition at line 204 of file SSLIOP_Profile.cpp. References TAO_IIOP_Profile::add_endpoint(), TAO_SSLIOP_Endpoint::iiop_endpoint(), TAO_SSLIOP_Endpoint::next_, and ssl_endpoint_. Referenced by TAO::SSLIOP::Acceptor::create_shared_profile(), decode(), and decode_tagged_endpoints(). { endp->next_ = this->ssl_endpoint_.next_; this->ssl_endpoint_.next_ = endp; // We do not want to add our IIOP endpoint counterpart when we are // decoding a profile, and IIOP endpoints have been added before we // even get to SSLIOP-specific decoding. if (endp->iiop_endpoint () != 0) this->TAO_IIOP_Profile::add_endpoint (endp->iiop_endpoint ()); }

int TAO_SSLIOP_Profile::decode (  TAO_InputCDR &  cdr  )  [virtual]

Reimplemented from TAO_Profile. Definition at line 86 of file SSLIOP_Profile.cpp. References ACE_NEW_RETURN, add_endpoint(), IOP::TaggedComponent::component_data, TAO_Profile::decode(), decode_tagged_endpoints(), TAO::unbounded_value_sequence< T >::get_buffer(), TAO_Tagged_Components::get_component(), TAO_SSLIOP_Endpoint::iiop_endpoint(), TAO::unbounded_value_sequence< T >::length(), TAO_IIOP_Endpoint::next_, TAO_SSLIOP_Endpoint::next_, TAO_Endpoint::priority(), ACE_InputCDR::reset_byte_order(), TAO_SSLIOP_Endpoint::ssl_component_, ssl_endpoint_, IOP::TaggedComponent::tag, and TAO_Profile::tagged_components(). { int r = this->TAO_IIOP_Profile::decode (cdr); if (r != 1) return r; // Attempt to decode SSLIOP::SSL tagged component. It may not be // there if we are dealing with pure IIOP profile. int ssl_component_found = 0; IOP::TaggedComponent component; component.tag = ::SSLIOP::TAG_SSL_SEC_TRANS; if (this->tagged_components ().get_component (component)) { TAO_InputCDR cdr (reinterpret_cast<const char*> ( component.component_data.get_buffer ()), component.component_data.length ()); CORBA::Boolean byte_order; if ((cdr >> ACE_InputCDR::to_boolean (byte_order)) == 0) return -1; cdr.reset_byte_order (static_cast<int> (byte_order)); if (cdr >> this->ssl_endpoint_.ssl_component_) ssl_component_found = 1; else return -1; } // Since IIOP portion of the profile has already been decoded, we // know how many endpoints it should contain and can finish // initialization accordingly. if (this->count_ < 2) { // This profile contains only one endpoint. Finish initializing // it. this->ssl_endpoint_.iiop_endpoint (&this->endpoint_, true); this->ssl_endpoint_.priority (this->endpoint_.priority ()); return 1; } else { // This profile contains more than one endpoint. if (ssl_component_found) { // It is true ssl profile, i.e., not just IIOP, so must have // ssl endpoints encoded. if (this->decode_tagged_endpoints () == -1) return -1; return 1; } else { // IIOP profile - doesn't have ssl endpoints encoded. We // must create 'dummy' ssl endpoint list anyways, in order to // make iiop endpoints accessable and usable. for (size_t i = 0; i < this->count_; ++i) { TAO_SSLIOP_Endpoint *endpoint = 0; ACE_NEW_RETURN (endpoint, TAO_SSLIOP_Endpoint (0, 0), -1); this->add_endpoint (endpoint); } // Now that we have a complete list of ssl endpoins, we can // connect them with their iiop counterparts. TAO_IIOP_Endpoint *iiop_endp = &this->endpoint_; for (TAO_SSLIOP_Endpoint * ssl_endp = &this->ssl_endpoint_; ssl_endp != 0; ssl_endp = ssl_endp->next_) { ssl_endp->iiop_endpoint (iiop_endp, true); ssl_endp->priority (iiop_endp->priority ()); iiop_endp = iiop_endp->next_; } return 1; } } }

int TAO_SSLIOP_Profile::decode_tagged_endpoints (  void   )  [private]

Helper for decode. Decodes TAO_TAG_SSL_ENDPOINTS from a tagged component. Decode only if RTCORBA is enabled. Returns: 0 on success and -1 on failure. Note: This should be enabled only when RTCORBA is enabled, but sadly others pay the price (of footprint) under normal operations. Definition at line 274 of file SSLIOP_Profile.cpp. References ACE_NEW_RETURN, add_endpoint(), IOP::TaggedComponent::component_data, TAO::unbounded_value_sequence< T >::get_buffer(), TAO_Tagged_Components::get_component(), TAO_SSLIOP_Endpoint::iiop_endpoint(), TAO::unbounded_value_sequence< T >::length(), TAO_IIOP_Endpoint::next_, TAO_SSLIOP_Endpoint::next_, TAO_Endpoint::priority(), ACE_InputCDR::reset_byte_order(), TAO_SSLIOP_Endpoint::ssl_component_, ssl_endpoint_, and IOP::TaggedComponent::tag. Referenced by decode(). { IOP::TaggedComponent tagged_component; tagged_component.tag = TAO::TAG_SSL_ENDPOINTS; if (this->tagged_components_.get_component (tagged_component)) { const CORBA::Octet *buf = tagged_component.component_data.get_buffer (); TAO_InputCDR in_cdr (reinterpret_cast<const char* > (buf), tagged_component.component_data.length ()); // Extract the Byte Order. CORBA::Boolean byte_order; if ((in_cdr >> ACE_InputCDR::to_boolean (byte_order)) == 0) return -1; in_cdr.reset_byte_order (static_cast<int> (byte_order)); // Extract endpoints sequence. TAO_SSLEndpointSequence endpoints; if ((in_cdr >> endpoints) == 0) return -1; // Use information extracted from the tagged component to // populate the profile. Begin from the end of the sequence to // preserve endpoint order, since <add_endpoint> method reverses // the order of endpoints in the list. for (CORBA::ULong i = endpoints.length () - 1; (i + 1) != 0; --i) { TAO_SSLIOP_Endpoint *endpoint = 0; ACE_NEW_RETURN (endpoint, TAO_SSLIOP_Endpoint (0, 0), -1); endpoint->ssl_component_ = endpoints[i]; this->add_endpoint (endpoint); } // Now that we have a complete list of ssl endpoins, we can // connect them with their iiop counterparts, which have been // extracted/chained during the IIOP profile decoding. TAO_IIOP_Endpoint *iiop_endp = &this->endpoint_; for (TAO_SSLIOP_Endpoint * ssl_endp = &this->ssl_endpoint_; ssl_endp != 0; ssl_endp = ssl_endp->next_) { ssl_endp->iiop_endpoint (iiop_endp, true); ssl_endp->priority (iiop_endp->priority ()); iiop_endp = iiop_endp->next_; } return 0; } // Since this method is only called if we are expecting // TAO_TAG_SSL_ENDPOINTS component, failure to find it is an error. return -1; }

CORBA::Boolean TAO_SSLIOP_Profile::do_is_equivalent (  const TAO_Profile *  other_profile  )  [protected, virtual]

Profile equivalence template method. See also: TAO_Profile::do_is_equivalent() Reimplemented from TAO_IIOP_Profile. Definition at line 173 of file SSLIOP_Profile.cpp. References TAO_SSLIOP_Endpoint::is_equivalent(), TAO_SSLIOP_Endpoint::next_, and ssl_endpoint_. { const TAO_SSLIOP_Profile *op = dynamic_cast<const TAO_SSLIOP_Profile *> (other_profile); // Make sure we have a TAO_SSLIOP_Profile. if (op == 0) return 0; // Now verify TAO_SSLIOP_Endpoint equivalence. const TAO_SSLIOP_Endpoint *other_endp = &op->ssl_endpoint_; for (TAO_SSLIOP_Endpoint *endp = &this->ssl_endpoint_; endp != 0; endp = endp->next_) { if (endp->is_equivalent (other_endp)) other_endp = other_endp->next_; else return 0; } return 1; }

int TAO_SSLIOP_Profile::encode_endpoints (  void   )  [virtual]

Reimplemented from TAO_IIOP_Profile. Definition at line 217 of file SSLIOP_Profile.cpp. References ACE_OutputCDR::begin(), IOP::TaggedComponent::component_data, ACE_Message_Block::cont(), TAO_IIOP_Profile::encode_endpoints(), TAO::unbounded_value_sequence< T >::get_buffer(), ACE_Message_Block::length(), TAO::unbounded_value_sequence< T >::length(), ACE_OS::memcpy(), TAO_SSLIOP_Endpoint::next_, ACE_Message_Block::rd_ptr(), TAO_Tagged_Components::set_component(), TAO_SSLIOP_Endpoint::ssl_component(), ssl_endpoint_, IOP::TaggedComponent::tag, TAO_ENCAP_BYTE_ORDER, and ACE_OutputCDR::total_length(). { // If we have more than one endpoint, we encode info about others // into a tagged component for wire transfer. if (this->count_ > 1) { // Encode all endpoints except the first one, since it is always // transferred through standard profile component. // Create a data structure and fill it with endpoint info for wire // transfer. TAO_SSLEndpointSequence endpoints; endpoints.length (this->count_ - 1); const TAO_SSLIOP_Endpoint *endpoint = this->ssl_endpoint_.next_; for (size_t i = 0; i < this->count_ - 1; ++i) { endpoints[i] = endpoint->ssl_component (); endpoint = endpoint->next_; } // Encode the data structure. TAO_OutputCDR out_cdr; if ((out_cdr << ACE_OutputCDR::from_boolean (TAO_ENCAP_BYTE_ORDER) == 0) || (out_cdr << endpoints) == 0) return -1; const CORBA::ULong length = out_cdr.total_length (); IOP::TaggedComponent tagged_component; tagged_component.tag = TAO::TAG_SSL_ENDPOINTS; tagged_component.component_data.length (length); CORBA::Octet *buf = tagged_component.component_data.get_buffer (); for (const ACE_Message_Block *iterator = out_cdr.begin (); iterator != 0; iterator = iterator->cont ()) { CORBA::ULong i_length = iterator->length (); ACE_OS::memcpy (buf, iterator->rd_ptr (), i_length); buf += i_length; } // Add component with encoded endpoint data to this profile's // TaggedComponents. tagged_components_.set_component (tagged_component); } return this->TAO_IIOP_Profile::encode_endpoints (); }

TAO_Endpoint * TAO_SSLIOP_Profile::endpoint (  void   )  [virtual]

Reimplemented from TAO_IIOP_Profile. Definition at line 198 of file SSLIOP_Profile.cpp. References ssl_endpoint_. Referenced by TAO::SSLIOP::Acceptor::create_new_profile(), and TAO::SSLIOP::Acceptor::create_shared_profile(). { return &this->ssl_endpoint_; }

void TAO_SSLIOP_Profile::parse_string (  const char *  string  )  [virtual]

Override parse_string() from the base class to update the SSL endpoint's iiop endpoint once the base class has completed parsing the string. Initialize this object using the given input string. URL-style string contain only one endpoint. Reimplemented from TAO_Profile. Definition at line 337 of file SSLIOP_Profile.cpp. References ACE_CHECK, ACE_CLR_BITS, ACE_ENV_ARG_PARAMETER, TAO_SSLIOP_Endpoint::iiop_endpoint(), TAO_Profile::parse_string(), SSLIOP::SSL::port, TAO_IIOP_Endpoint::port_, TAO_SSLIOP_Endpoint::ssl_component_, ssl_endpoint_, and ssl_only_. { TAO_IIOP_Profile::parse_string (ior ACE_ENV_ARG_PARAMETER); ACE_CHECK; this->ssl_endpoint_.iiop_endpoint (&this->endpoint_, true); if( ssl_only_) { this->ssl_endpoint_.ssl_component_.port = this->endpoint_.port_; // Note that the Security::NoProtection bit is cleared since we // are sure the server supports SSL (we're told so) ACE_CLR_BITS (this->ssl_endpoint_.ssl_component_.target_supports, Security::NoProtection); } }

---

Member Data Documentation

TAO_SSLIOP_Endpoint TAO_SSLIOP_Profile::ssl_endpoint_ [private]

Head of this profile's list of endpoints. This endpoint is not dynamically allocated because a profile always contains at least one endpoint. Currently, a profile contains more than one endpoint, i.e., list contains more than just the head, only when RTCORBA is enabled. However, in the near future, this will be used in non-RT mode as well, e.g., to support TAG_ALTERNATE_IIOP_ADDRESS feature. Since SSLIOP profile is an extension of IIOP profile, its addressing info is contained in two places: IIOP parent class contains all iiop addressing while this class contains SSL-specific addressing additions to iiop. This means that there are two lists of endpoints: one maintained in the parent class and one maintained here. Each ssl endpoint maintains a pointer to its counterpart in the parent class endpoint list. For transmission of IIOP addressing information, see TAO_IIOP_Profile. Addressing info of the default SSL endpoint, i.e., head of the list, is transmitted using standard SSLIOP::TAG_SSL_SEC_TRANS tagged component. See encode_endpoints method documentation above for how the rest of the SSL endpoint list is transmitted. Definition at line 159 of file SSLIOP_Profile.h. Referenced by add_endpoint(), decode(), decode_tagged_endpoints(), do_is_equivalent(), encode_endpoints(), endpoint(), parse_string(), TAO_SSLIOP_Profile(), and ~TAO_SSLIOP_Profile().

int TAO_SSLIOP_Profile::ssl_only_ [private]

Allways treat this endpoint as secure, even if the constructor did not explicitely specify a tagged component for SSL. Most likely the parse_string() will supply a subset of the attributes - port number, for instance. Definition at line 168 of file SSLIOP_Profile.h. Referenced by parse_string().

---

The documentation for this class was generated from the following files:

• SSLIOP_Profile.h
• SSLIOP_Profile.cpp

---