#include <IIOP_SSL_Transport.h>
Inheritance diagram for TAO_IIOP_SSL_Transport
Public Methods | |
TAO_IIOP_SSL_Transport (TAO_IIOP_SSL_Connection_Handler *handler, TAO_ORB_Core *orb_core, TAO_SSLIOP_Current_ptr current, CORBA::Boolean flag = 0) | |
Constructor. | |
~TAO_IIOP_SSL_Transport (void) | |
Default destructor. | |
virtual int | handle_input_i (TAO_Resume_Handle &rh, ACE_Time_Value *max_wait_time = 0, int block = 0) |
Protected Attributes | |
TAO_SSLIOP_Current_var | current_ |
Reference to the SSLIOP::Current object (downcast to gain access to the low-level management methods). |
However, this class overrides the handle_input_i() method to invalidate the current TSS SSL state during a standard IIOP (insecure) upcall. This prevents SSL session state from a previous SSL connection from being associated with non-SSL connections processed by this connection handler. In particular, this is very important for closing a security hole in nested upcalls. For example, an SSLIOP request is made. During that secure upcall, an insecure nested upcall is made. A naive implementation would associate the TSS SSL state from the secure upcall with the insecure upcall. This implementation closes that security hole.
|
Constructor.
|
|
Default destructor.
|
|
Reimplemented from TAO_Transport. |
|
Reference to the SSLIOP::Current object (downcast to gain access to the low-level management methods).
|