IIOP Transport designed to be "SSL aware," i.e. it is aware of the existence of the SSLIOP Transport. It makes sure that SSL session state from a previous connection is not associated with the non-SSL connection handled by this handler. More...
#include <IIOP_SSL_Transport.h>
Public Member Functions | |
| IIOP_SSL_Transport (IIOP_SSL_Connection_Handler *handler, TAO_ORB_Core *orb_core) | |
| Constructor. | |
| ~IIOP_SSL_Transport () | |
| Default destructor. | |
Overridden Template Methods | |
Please check the documentation in "tao/Transport.h" for more details. | |
| TAO::SSLIOP::Current_var | current_ |
| Reference to the TAO::SSLIOP::Current object. | |
| virtual int | handle_input (TAO_Resume_Handle &rh, ACE_Time_Value *max_wait_time=0) |
| Reference to the TAO::SSLIOP::Current object. | |
Detailed Description
IIOP Transport designed to be "SSL aware," i.e. it is aware of the existence of the SSLIOP Transport. It makes sure that SSL session state from a previous connection is not associated with the non-SSL connection handled by this handler.
However, this class overrides the handle_input() method to invalidate the current TSS SSL state during a standard IIOP (insecure) upcall. This prevents SSL session state from a previous SSL connection from being associated with non-SSL connections processed by this connection handler. In particular, this is very important for closing a security hole in nested upcalls. For example, an SSLIOP request is made. During that secure upcall, an insecure nested upcall is made. A naive implementation would associate the TSS SSL state from the secure upcall with the insecure upcall. This implementation closes that security hole.
Constructor & Destructor Documentation
◆ IIOP_SSL_Transport()
| TAO::IIOP_SSL_Transport::IIOP_SSL_Transport | ( | IIOP_SSL_Connection_Handler * | handler, |
| TAO_ORB_Core * | orb_core ) |
Constructor.
◆ ~IIOP_SSL_Transport()
| TAO::IIOP_SSL_Transport::~IIOP_SSL_Transport | ( | ) |
Default destructor.
Member Function Documentation
◆ handle_input()
|
virtual |
Reference to the TAO::SSLIOP::Current object.
Member Data Documentation
◆ current_
|
protected |
Reference to the TAO::SSLIOP::Current object.
The documentation for this class was generated from the following files:
