Main Page   Class Hierarchy   Alphabetical List   Compound List   File List   Compound Members   File Members   Related Pages  

ACE_SSL_SOCK_Acceptor Class Reference

Defines a factory that creates new ACE_SSL_SOCK_Stream objects passively. More...

#include <SSL_SOCK_Acceptor.h>

Inheritance diagram for ACE_SSL_SOCK_Acceptor:

Inheritance graph
[legend]
Collaboration diagram for ACE_SSL_SOCK_Acceptor:

Collaboration graph
[legend]
List of all members.

Public Types

typedef ACE_INET_Addr PEER_ADDR
typedef ACE_SSL_SOCK_Stream PEER_STREAM

Public Methods

 ACE_SSL_SOCK_Acceptor (void)
 Default constructor. More...

 ~ACE_SSL_SOCK_Acceptor (void)
 Default destructor. More...

 ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, int reuse_addr=0, int protocol_family=PF_UNSPEC, int backlog=ACE_DEFAULT_BACKLOG, int protocol=0)
 ACE_SSL_SOCK_Acceptor (const ACE_Addr &local_sap, ACE_Protocol_Info *protocolinfo, ACE_SOCK_GROUP g, u_long flags, int reuse_addr, int protocol_family=PF_UNSPEC, int backlog=ACE_DEFAULT_BACKLOG, int protocol=0)
int open (const ACE_Addr &local_sap, int reuse_addr=0, int protocol_family=PF_UNSPEC, int backlog=ACE_DEFAULT_BACKLOG, int protocol=0)
int close (void)
 Close the listening socket. More...

Passive Connection "accept" Methods
These are the canonical methods exposed by the Acceptor pattern.

int accept (ACE_SSL_SOCK_Stream &new_stream, ACE_Addr *remote_addr=0, ACE_Time_Value *timeout=0, int restart=1, int reset_new_handle=0) const
int accept (ACE_SSL_SOCK_Stream &new_stream, ACE_Accept_QoS_Params qos_params, ACE_Addr *remote_addr=0, ACE_Time_Value *timeout=0, int restart=1, int reset_new_handle=0) const

Public Attributes

 ACE_ALLOC_HOOK_DECLARE
 Declare the dynamic allocation hooks. More...


Protected Methods

int ssl_accept (ACE_SSL_SOCK_Stream &new_stream, ACE_Time_Value *timeout) const
 Complete SSL passive connection establishment. More...


Private Attributes

ACE_SOCK_Acceptor acceptor_
 The BSD-socket workhorse. More...


Detailed Description

Defines a factory that creates new ACE_SSL_SOCK_Stream objects passively.

The ACE_SSL_SOCK_Acceptor has its own ACE_SOCK_Acceptor which handles the basic socket acceptance. This class is a wrapper which adds the SSL acceptance handshake handling. Since SSL is record oriented, some additional steps must be taken after the basic socket acceptance to complete the SSL handshake that takes place at session establishment.

Note:
The user must currently ensure that only one thread services a given SSL session at any given time since some underlying SSL implementations, such as OpenSSL, are not entirely thread-safe or reentrant.

Definition at line 50 of file SSL_SOCK_Acceptor.h.


Member Typedef Documentation

typedef ACE_INET_Addr ACE_SSL_SOCK_Acceptor::PEER_ADDR
 

Definition at line 168 of file SSL_SOCK_Acceptor.h.

typedef ACE_SSL_SOCK_Stream ACE_SSL_SOCK_Acceptor::PEER_STREAM
 

Definition at line 169 of file SSL_SOCK_Acceptor.h.


Constructor & Destructor Documentation

ASYS_INLINE ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor void   
 

Default constructor.

Definition at line 7 of file SSL_SOCK_Acceptor.i.

References ACE_TRACE.

00008   : acceptor_ ()
00009 {
00010   ACE_TRACE ("ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor");
00011 }

ACE_SSL_SOCK_Acceptor::~ACE_SSL_SOCK_Acceptor void   
 

Default destructor.

ASYS_INLINE ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor const ACE_Addr   local_sap,
int    reuse_addr = 0,
int    protocol_family = PF_UNSPEC,
int    backlog = ACE_DEFAULT_BACKLOG,
int    protocol = 0
 

Initiate a passive mode SSL/BSD-style acceptor socket.

Parameters:
local_sap  The address that we're going to listen for connections on. If this is ACE_Addr::sap_any, this socket listens on an the "any" IP address and selects an unused port. To find out what port was selected, call this object's ACE_SOCK::get_local_addr(ACE_Addr&) method upon return.

Definition at line 14 of file SSL_SOCK_Acceptor.i.

References ACE_TRACE, and ACE_SSL_SOCK::set_handle.

00019   : acceptor_ (local_sap,
00020                reuse_addr,
00021                protocol_family,
00022                backlog,
00023                protocol)
00024 {
00025   ACE_TRACE ("ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor");
00026 
00027   this->set_handle (this->acceptor_.get_handle ());
00028 }

ASYS_INLINE ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor const ACE_Addr   local_sap,
ACE_Protocol_Info   protocolinfo,
ACE_SOCK_GROUP    g,
u_long    flags,
int    reuse_addr,
int    protocol_family = PF_UNSPEC,
int    backlog = ACE_DEFAULT_BACKLOG,
int    protocol = 0
 

Initiate a passive-mode QoS-enabled acceptor socket.

Parameters:
local_sap  The address that we're going to listen for connections on. If this is ACE_Addr::sap_any, this socket listens on an the "any" IP address and selects an unused port. To find out what port was selected, call this object's ACE_SOCK::get_local_addr(ACE_Addr&) method upon return.

Definition at line 31 of file SSL_SOCK_Acceptor.i.

References ACE_SOCK_GROUP, ACE_TRACE, and ACE_SSL_SOCK::set_handle.

00039   : acceptor_ (local_sap,
00040                protocolinfo,
00041                g,
00042                flags,
00043                reuse_addr,
00044                protocol_family,
00045                backlog,
00046                protocol)
00047 {
00048   ACE_TRACE ("ACE_SSL_SOCK_Acceptor::ACE_SSL_SOCK_Acceptor");
00049 
00050   this->set_handle (this->acceptor_.get_handle ());
00051 }


Member Function Documentation

int ACE_SSL_SOCK_Acceptor::accept ACE_SSL_SOCK_Stream   new_stream,
ACE_Accept_QoS_Params    qos_params,
ACE_Addr   remote_addr = 0,
ACE_Time_Value   timeout = 0,
int    restart = 1,
int    reset_new_handle = 0
const
 

Accept a new ACE_SSL_SOCK_Stream connection using the RVSP QoS information in qos_params.

Parameters:
new_stream  The ACE_SSL_SOCK_Stream object that will receive the new SSL socket.
remote_addr  Pointer to an ACE_INET_Addr object that will receive the address of the peer that connected.
timeout  The maximum time to wait for the combined socket acceptance and handshake completion. 0 means block forever, a timeout of {0, 0} means poll.
restart  1 means "restart if interrupted," that is, if errno == EINTR.
Returns:
0 if success; -1 for failure (errno contains error code).

Definition at line 207 of file SSL_SOCK_Acceptor.cpp.

References ACE_SOCK_Acceptor::accept, acceptor_, ACE_TRACE, ACE_SSL_SOCK_Stream::close, ACE_SSL_SOCK_Stream::set_handle, ssl_accept, and ACE_Countdown_Time::update.

00213 {
00214   ACE_TRACE ("ACE_SSL_SOCK_Acceptor::accept");
00215 
00216   // Take into account the time to complete the basic TCP handshake
00217   // and the SSL handshake.
00218   ACE_Countdown_Time countdown (timeout);
00219 
00220   ACE_SOCK_Stream temp_stream;
00221   if (-1 == this->acceptor_.accept (temp_stream,
00222                                     qos_params,
00223                                     remote_addr,
00224                                     timeout,
00225                                     restart,
00226                                     reset_new_handle))
00227     return -1;
00228 
00229   (void) countdown.update ();
00230 
00231   new_stream.set_handle (temp_stream.get_handle ());
00232   temp_stream.set_handle (ACE_INVALID_HANDLE);
00233 
00234   if (this->ssl_accept (new_stream, timeout) == -1)
00235     {
00236       new_stream.close ();
00237       new_stream.set_handle (ACE_INVALID_HANDLE);
00238       return -1;
00239     }
00240 
00241   return 0;
00242 
00243 }

int ACE_SSL_SOCK_Acceptor::accept ACE_SSL_SOCK_Stream   new_stream,
ACE_Addr   remote_addr = 0,
ACE_Time_Value   timeout = 0,
int    restart = 1,
int    reset_new_handle = 0
const
 

Accept a new ACE_SSL_SOCK_Stream connection. On successful return, the socket has been accepted and the SSL handshake has been completed.

Parameters:
new_stream  The ACE_SSL_SOCK_Stream object that will receive the new SSL socket.
remote_addr  Pointer to an ACE_INET_Addr object that will receive the address of the peer that connected.
timeout  The maximum time to wait for the combined socket acceptance and handshake completion. 0 means block forever, a timeout of {0, 0} means poll.
restart  1 means "restart if interrupted," that is, if errno == EINTR.
Returns:
0 if success; -1 for failure (errno contains error code).

Definition at line 170 of file SSL_SOCK_Acceptor.cpp.

References ACE_SOCK_Acceptor::accept, acceptor_, ACE_TRACE, ACE_SSL_SOCK_Stream::close, ACE_SSL_SOCK_Stream::set_handle, ssl_accept, and ACE_Countdown_Time::update.

00175 {
00176   ACE_TRACE ("ACE_SSL_SOCK_Acceptor::accept");
00177 
00178   // Take into account the time to complete the basic TCP handshake
00179   // and the SSL handshake.
00180   ACE_Countdown_Time countdown (timeout);
00181 
00182   ACE_SOCK_Stream temp_stream;
00183   if (-1 == this->acceptor_.accept (temp_stream,
00184                                     remote_addr,
00185                                     timeout,
00186                                     restart,
00187                                     reset_new_handle))
00188     return -1;
00189 
00190   (void) countdown.update ();
00191 
00192   new_stream.set_handle (temp_stream.get_handle ());
00193   temp_stream.set_handle (ACE_INVALID_HANDLE);
00194 
00195   if (this->ssl_accept (new_stream, timeout) == -1)
00196     {
00197       new_stream.close ();
00198       new_stream.set_handle (ACE_INVALID_HANDLE);
00199       return -1;
00200     }
00201 
00202   return 0;
00203 
00204 }

ASYS_INLINE int ACE_SSL_SOCK_Acceptor::close void   
 

Close the listening socket.

Reimplemented from ACE_SOCK.

Definition at line 74 of file SSL_SOCK_Acceptor.i.

References acceptor_, ACE_TRACE, ACE_SOCK_Acceptor::close, and ACE_SSL_SOCK::set_handle.

00075 {
00076   ACE_TRACE ("ACE_SSL_SOCK_Acceptor::close ()");
00077 
00078   int result = this->acceptor_.close ();
00079   this->set_handle (ACE_INVALID_HANDLE);
00080 
00081   return result;
00082 }

ASYS_INLINE int ACE_SSL_SOCK_Acceptor::open const ACE_Addr   local_sap,
int    reuse_addr = 0,
int    protocol_family = PF_UNSPEC,
int    backlog = ACE_DEFAULT_BACKLOG,
int    protocol = 0
 

Initiate a passive mode SSL/BSD-style acceptor socket.

Parameters:
local_sap  The address that we're going to listen for connections on. If this is ACE_Addr::sap_any, this socket listens on an the "any" IP address and selects an unused port. To find out what port was selected, call this object's ACE_SOCK::get_local_addr(ACE_Addr&) method upon return.
Returns:
0 if success; -1 for failure (errno contains error code).

Definition at line 54 of file SSL_SOCK_Acceptor.i.

References acceptor_, ACE_TRACE, ACE_SOCK_Acceptor::open, and ACE_SSL_SOCK::set_handle.

00059 {
00060   ACE_TRACE ("ACE_SSL_SOCK_Acceptor::open");
00061   if (this->acceptor_.open (local_sap,
00062                             reuse_addr,
00063                             protocol_family,
00064                             backlog,
00065                             protocol) != 0)
00066     return -1;
00067   else
00068     this->set_handle (this->acceptor_.get_handle ());
00069 
00070   return 0;
00071 }

int ACE_SSL_SOCK_Acceptor::ssl_accept ACE_SSL_SOCK_Stream   new_stream,
ACE_Time_Value   timeout
const [protected]
 

Complete SSL passive connection establishment.

Definition at line 29 of file SSL_SOCK_Acceptor.cpp.

References ACE_ASSERT, ACE_BIT_DISABLED, ACE_NONBLOCK, ACE_Flag_Manip::clr_flags, EWOULDBLOCK, ACE_SSL_SOCK::get_handle, ACE_Handle_Set::num_set, ACE_SSL_Context::report_error, ACE::select, ACE_Handle_Set::set_bit, ACE_OS::set_errno_to_last_error, ACE_Flag_Manip::set_flags, ACE_SSL_SOCK_Stream::ssl, and ACE_Countdown_Time::update.

Referenced by accept.

00031 {
00032   SSL *ssl = new_stream.ssl ();
00033 
00034   if (SSL_is_init_finished (ssl))
00035     return 0;
00036 
00037   if (!SSL_in_accept_init (ssl))
00038     ::SSL_set_accept_state (ssl);
00039 
00040   ACE_HANDLE handle = new_stream.get_handle ();
00041 
00042   // We're going to call SSL_accept, optionally doing ACE::select and
00043   // retrying the SSL_accept, until the SSL handshake is done or
00044   // it fails.
00045   // To get the timeout affect, set the socket to nonblocking mode
00046   // before beginning if there is a timeout specified. If the timeout
00047   // is 0 (wait as long as it takes) then don't worry about the blocking
00048   // status; we'll block in SSL_accept if the socket is blocking, and
00049   // block in ACE::select if not.
00050   int reset_blocking_mode = 0;
00051   if (timeout != 0)
00052     {
00053       reset_blocking_mode = ACE_BIT_DISABLED (ACE::get_flags (handle),
00054                                               ACE_NONBLOCK);
00055           // Set the handle into non-blocking mode if it's not already
00056           // in it.
00057           if (reset_blocking_mode
00058               && ACE::set_flags (handle,
00059                                  ACE_NONBLOCK) == -1)
00060             return -1;
00061     }
00062 
00063   // Take into account the time between each select() call below.
00064   ACE_Countdown_Time countdown (timeout);
00065 
00066   int status;
00067   do
00068     {
00069       // These handle sets are used to set up for whatever SSL_accept
00070       // says it wants next. They're reset on each pass around the loop.
00071       ACE_Handle_Set rd_handle;
00072       ACE_Handle_Set wr_handle;
00073 
00074       status = ::SSL_accept (ssl);
00075       switch (::SSL_get_error (ssl, status))
00076         {
00077         case SSL_ERROR_NONE:
00078           status = 0;               // To tell caller about success
00079           break;                    // Done
00080 
00081         case SSL_ERROR_WANT_WRITE:
00082           wr_handle.set_bit (handle);
00083           status = 1;               // Wait for more activity
00084           break;
00085 
00086         case SSL_ERROR_WANT_READ:
00087           rd_handle.set_bit (handle);
00088           status = 1;               // Wait for more activity
00089           break;
00090 
00091         case SSL_ERROR_ZERO_RETURN:
00092           // The peer has notified us that it is shutting down via
00093           // the SSL "close_notify" message so we need to
00094           // shutdown, too.
00095           status = -1;
00096           break;
00097 
00098         case SSL_ERROR_SYSCALL:
00099           // On some platforms (e.g. MS Windows) OpenSSL does not
00100           // store the last error in errno so explicitly do so.
00101           //
00102           // Explicitly check for EWOULDBLOCK since it doesn't get
00103           // converted to an SSL_ERROR_WANT_{READ,WRITE} on some
00104           // platforms. If SSL_accept failed outright, though, don't
00105           // bother checking more. This can happen if the socket gets
00106           // closed during the handshake.
00107           if (ACE_OS::set_errno_to_last_error () == EWOULDBLOCK &&
00108               status == -1)
00109             {
00110               // Although the SSL_ERROR_WANT_READ/WRITE isn't getting
00111               // set correctly, the read/write state should be valid.
00112               // Use that to decide what to do.
00113               status = 1;               // Wait for more activity
00114               if (SSL_want_write (ssl))
00115                 wr_handle.set_bit (handle);
00116               else if (SSL_want_read (ssl))
00117                 rd_handle.set_bit (handle);
00118               else
00119                 status = -1;            // Doesn't want anything - bail out
00120             }
00121           else
00122             status = -1;
00123           break;
00124 
00125         default:
00126           ACE_SSL_Context::report_error ();
00127           status = -1;
00128           break;
00129         }
00130 
00131       if (status == 1)
00132         {
00133           // Must have at least one handle to wait for at this point.
00134           ACE_ASSERT (rd_handle.num_set() == 1 || wr_handle.num_set () == 1);
00135           status = ACE::select (int (handle) + 1,
00136                                 &rd_handle,
00137                                 &wr_handle,
00138                                 0,
00139                                 timeout);
00140 
00141           (void) countdown.update ();
00142 
00143           // 0 is timeout, so we're done.
00144           // -1 is error, so we're done.
00145           // Could be both handles set (same handle in both masks) so
00146           // set to 1.
00147           if (status >= 1)
00148             status = 1;
00149           else                   // Timeout or failure
00150             status = -1;
00151         }
00152 
00153     } while (status == 1 && !SSL_is_init_finished (ssl));
00154 
00155   if (reset_blocking_mode)
00156     {
00157       ACE_Errno_Guard eguard (errno);
00158       ACE::clr_flags (handle, ACE_NONBLOCK);
00159     }
00160 
00161   return (status == -1 ? -1 : 0);
00162 
00163 }


Member Data Documentation

ACE_SOCK_Acceptor ACE_SSL_SOCK_Acceptor::acceptor_ [private]
 

The BSD-socket workhorse.

Definition at line 184 of file SSL_SOCK_Acceptor.h.

Referenced by accept, close, and open.

ACE_SSL_SOCK_Acceptor::ACE_ALLOC_HOOK_DECLARE
 

Declare the dynamic allocation hooks.

Reimplemented from ACE_SOCK.

Definition at line 173 of file SSL_SOCK_Acceptor.h.


The documentation for this class was generated from the following files:
Generated on Mon Jun 16 13:16:18 2003 for ACE_SSL by doxygen1.2.14 written by Dimitri van Heesch, © 1997-2002