#include <SSLIOP_Current_Impl.h>
Inheritance diagram for TAO::SSLIOP::Current_Impl:
Public Member Functions | |
| Current_Impl (void) | |
| Constructor. | |
| ~Current_Impl (void) | |
| Destructor. | |
| virtual SecurityLevel3::ClientCredentials_ptr | client_credentials () |
| virtual CORBA::Boolean | request_is_local () |
| void | get_peer_certificate (::SSLIOP::ASN_1_Cert *certificate) |
| void | get_peer_certificate_chain (::SSLIOP::SSL_Cert *cert_chain) |
| void | ssl (SSL *s) |
| Set the pointer to the underlying SSL session state. | |
| SSL * | ssl (void) |
| Return pointer to the SSL session state for the current upcall. | |
Protected Member Functions | |
| virtual CORBA::ULong | tag (void) const |
| Return the unique tag that identifies the concrete subclass. | |
Private Member Functions | |
| Current_Impl (const Current_Impl &) | |
| void | operator= (const Current_Impl &) |
Private Attributes | |
| SSL * | ssl_ |
| The SSL session state corresponding to the current upcall. | |
This class encapsulates the thread-specific state of an SSL session during a given upcall.
Definition at line 45 of file SSLIOP_Current_Impl.h.
|
|
Constructor.
Definition at line 9 of file SSLIOP_Current_Impl.inl.
00010 : ssl_ (0) 00011 { 00012 } |
|
|
Destructor.
Definition at line 24 of file SSLIOP_Current_Impl.cpp.
00025 {
00026 }
|
|
|
Prevent copying through the copy constructor and the assignment operator. |
|
|
Implementation of the SSLIOP-specific SecurityLevel3::client_credentials() method. Implements TAO::SL3::SecurityCurrent_Impl. Definition at line 29 of file SSLIOP_Current_Impl.cpp. References ACE_NEW_THROW_EX, TAO::SSLIOP::OpenSSL_st_var< T >::in(), TAO::SSLIOP::OpenSSL_st_var< T >::ptr(), and TAO::SSLIOP::X509_var.
00030 {
00031 TAO::SSLIOP::X509_var cert = ::SSL_get_peer_certificate (this->ssl_);
00032 if (cert.ptr () == 0)
00033 throw CORBA::BAD_OPERATION ();
00034
00035 SecurityLevel3::ClientCredentials_ptr creds;
00036 ACE_NEW_THROW_EX (creds,
00037 TAO::SSLIOP::ClientCredentials (cert.in (),
00038 0,
00039 this->ssl_),
00040 CORBA::NO_MEMORY (
00041 CORBA::SystemException::_tao_minor_code (
00042 TAO::VMCID,
00043 ENOMEM),
00044 CORBA::COMPLETED_NO));
00045
00046 return creds;
00047 }
|
|
|
Return the SSL peer certificate associated with the current request as an octet sequence, i.e. a DER encoded certificate. Definition at line 56 of file SSLIOP_Current_Impl.cpp. References SSLIOP::ASN_1_Cert, TAO::SSLIOP::OpenSSL_st_var< T >::in(), TAO::SSLIOP::OpenSSL_st_var< T >::ptr(), and TAO::SSLIOP::X509_var. Referenced by TAO::SSLIOP::Current::get_peer_certificate().
00058 {
00059 if (this->ssl_ == 0)
00060 return;
00061
00062 TAO::SSLIOP::X509_var cert = ::SSL_get_peer_certificate (this->ssl_);
00063 if (cert.ptr () == 0)
00064 return;
00065
00066 // Get the size of the ASN.1 encoding.
00067 int const cert_length = ::i2d_X509 (cert.in (), 0);
00068 if (cert_length <= 0)
00069 return;
00070
00071 certificate->length (cert_length);
00072
00073 CORBA::Octet *buffer = certificate->get_buffer ();
00074
00075 // Convert from the internal X509 representation to the DER encoding
00076 // representation.
00077 (void) ::i2d_X509 (cert.in (), &buffer);
00078 }
|
|
|
Return the SSL peer certificate chain associated with the current request as a sequence of DER encoded certificates. Definition at line 81 of file SSLIOP_Current_Impl.cpp. References SSLIOP::SSL_Cert, and X509. Referenced by TAO::SSLIOP::Current::get_peer_certificate_chain().
00083 {
00084 if (this->ssl_ == 0)
00085 return;
00086
00087 STACK_OF (X509) *certs = ::SSL_get_peer_cert_chain (this->ssl_);
00088 if (certs == 0)
00089 return;
00090
00091 const int chain_length = sk_X509_num (certs);
00092 cert_chain->length (chain_length);
00093
00094 // Copy the peer certificate chain to the SSLIOP::SSL_Cert
00095 // sequence.
00096 for (int i = 0; i < chain_length; ++i)
00097 {
00098 // Extract the certificate from the OpenSSL X509 stack.
00099 ::X509 *x = sk_X509_value (certs, i);
00100
00101 // Get the size of the ASN.1 encoding.
00102 const int cert_length = ::i2d_X509 (x, 0);
00103 if (cert_length <= 0)
00104 continue; // @@ What do we do if there is an error?
00105
00106 ::SSLIOP::ASN_1_Cert &certificate = (*cert_chain)[i];
00107 certificate.length (cert_length);
00108
00109 CORBA::Octet *buffer = certificate.get_buffer ();
00110
00111 // Convert from the internal X509 representation to the DER
00112 // encoding representation.
00113 (void) ::i2d_X509 (x, &buffer);
00114 }
00115 }
|
|
|
Prevent copying through the copy constructor and the assignment operator. |
|
|
Implementation of the SSLIOP-specific SecurityLevel3::request_is_local() method. Implements TAO::SL3::SecurityCurrent_Impl. Definition at line 50 of file SSLIOP_Current_Impl.cpp.
00051 {
00052 throw CORBA::NO_IMPLEMENT ();
00053 }
|
|
|
Return pointer to the SSL session state for the current upcall.
Definition at line 21 of file SSLIOP_Current_Impl.inl.
00022 {
00023 return this->ssl_;
00024 }
|
|
|
Set the pointer to the underlying SSL session state.
Definition at line 15 of file SSLIOP_Current_Impl.inl. Referenced by TAO::SSLIOP::Connection_Handler::setup_ssl_state().
00016 {
00017 this->ssl_ = s;
00018 }
|
|
|
Return the unique tag that identifies the concrete subclass.
Implements TAO::SL3::SecurityCurrent_Impl. Definition at line 118 of file SSLIOP_Current_Impl.cpp.
00119 {
00120 return ::SSLIOP::TAG_SSL_SEC_TRANS;
00121 }
|
|
|
The SSL session state corresponding to the current upcall.
Definition at line 95 of file SSLIOP_Current_Impl.h. |
1.3.6