Main Page   Namespace List   Class Hierarchy   Alphabetical List   Compound List   File List   Namespace Members   Compound Members   File Members  

TAO_IIOP_SSL_Transport Class Reference

IIOP Transport designed to be "SSL aware," i.e. it is aware of the existence of the SSLIOP Transport. It makes sure that SSL session state from a previous connection is not associated with the non-SSL connection handled by this handler. More...

#include <IIOP_SSL_Transport.h>

Inheritance diagram for TAO_IIOP_SSL_Transport:

Inheritance graph
[legend]
Collaboration diagram for TAO_IIOP_SSL_Transport:

Collaboration graph
[legend]
List of all members.

Public Methods

 TAO_IIOP_SSL_Transport (TAO_IIOP_SSL_Connection_Handler *handler, TAO_ORB_Core *orb_core, TAO_SSLIOP_Current_ptr current, CORBA::Boolean flag=0)
 Constructor. More...

 ~TAO_IIOP_SSL_Transport (void)
 Default destructor. More...

virtual int handle_input_i (TAO_Resume_Handle &rh, ACE_Time_Value *max_wait_time=0, int block=0)

Protected Attributes

TAO_SSLIOP_Current_var current_
 Reference to the SSLIOP::Current object (downcast to gain access to the low-level management methods). More...


Detailed Description

IIOP Transport designed to be "SSL aware," i.e. it is aware of the existence of the SSLIOP Transport. It makes sure that SSL session state from a previous connection is not associated with the non-SSL connection handled by this handler.

However, this class overrides the handle_input_i() method to invalidate the current TSS SSL state during a standard IIOP (insecure) upcall. This prevents SSL session state from a previous SSL connection from being associated with non-SSL connections processed by this connection handler. In particular, this is very important for closing a security hole in nested upcalls. For example, an SSLIOP request is made. During that secure upcall, an insecure nested upcall is made. A naive implementation would associate the TSS SSL state from the secure upcall with the insecure upcall. This implementation closes that security hole.


Constructor & Destructor Documentation

TAO_IIOP_SSL_Transport::TAO_IIOP_SSL_Transport TAO_IIOP_SSL_Connection_Handler   handler,
TAO_ORB_Core   orb_core,
TAO_SSLIOP_Current_ptr    current,
CORBA::Boolean    flag = 0
 

Constructor.

TAO_IIOP_SSL_Transport::~TAO_IIOP_SSL_Transport void   
 

Default destructor.


Member Function Documentation

int TAO_IIOP_SSL_Transport::handle_input_i TAO_Resume_Handle   rh,
ACE_Time_Value   max_wait_time = 0,
int    block = 0
[virtual]
 

Reimplemented from TAO_Transport.


Member Data Documentation

TAO_SSLIOP_Current_var TAO_IIOP_SSL_Transport::current_ [protected]
 

Reference to the SSLIOP::Current object (downcast to gain access to the low-level management methods).


The documentation for this class was generated from the following files:
Generated on Sun Feb 17 21:07:03 2002 for TAO_SSLIOP by doxygen1.2.13.1 written by Dimitri van Heesch, © 1997-2001