TAO_SSLIOP  2.0.8
Public Member Functions
TAO::IIOP_SSL_Transport Class Reference

IIOP Transport designed to be "SSL aware," i.e. it is aware of the existence of the SSLIOP Transport. It makes sure that SSL session state from a previous connection is not associated with the non-SSL connection handled by this handler. More...

#include <IIOP_SSL_Transport.h>

Inheritance diagram for TAO::IIOP_SSL_Transport:
Inheritance graph
[legend]
Collaboration diagram for TAO::IIOP_SSL_Transport:
Collaboration graph
[legend]

List of all members.

Public Member Functions

 IIOP_SSL_Transport (IIOP_SSL_Connection_Handler *handler, TAO_ORB_Core *orb_core)
 Constructor.
 ~IIOP_SSL_Transport (void)
 Default destructor.

Overridden Template Methods

Please check the documentation in "tao/Transport.h" for more details.

TAO::SSLIOP::Current_var current_
 Reference to the TAO::SSLIOP::Current object.
virtual int handle_input (TAO_Resume_Handle &rh, ACE_Time_Value *max_wait_time=0)
 Reference to the TAO::SSLIOP::Current object.

Detailed Description

IIOP Transport designed to be "SSL aware," i.e. it is aware of the existence of the SSLIOP Transport. It makes sure that SSL session state from a previous connection is not associated with the non-SSL connection handled by this handler.

However, this class overrides the handle_input() method to invalidate the current TSS SSL state during a standard IIOP (insecure) upcall. This prevents SSL session state from a previous SSL connection from being associated with non-SSL connections processed by this connection handler. In particular, this is very important for closing a security hole in nested upcalls. For example, an SSLIOP request is made. During that secure upcall, an insecure nested upcall is made. A naive implementation would associate the TSS SSL state from the secure upcall with the insecure upcall. This implementation closes that security hole.

Constructor & Destructor Documentation

TAO::IIOP_SSL_Transport::IIOP_SSL_Transport ( IIOP_SSL_Connection_Handler handler,
TAO_ORB_Core orb_core 
)

Constructor.

TAO::IIOP_SSL_Transport::~IIOP_SSL_Transport ( void  )

Default destructor.

Member Function Documentation

int TAO::IIOP_SSL_Transport::handle_input ( TAO_Resume_Handle rh,
ACE_Time_Value max_wait_time = 0 
) [virtual]

Reference to the TAO::SSLIOP::Current object.

Reimplemented from TAO_Transport.

Member Data Documentation

TAO::SSLIOP::Current_var TAO::IIOP_SSL_Transport::current_ [protected]

Reference to the TAO::SSLIOP::Current object.

The documentation for this class was generated from the following files:
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Defines
Generated by   doxygen 1.7.5.1