You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by ta...@apache.org on 2010/05/26 15:56:57 UTC
svn commit: r948427 -
/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/
Author: tabish
Date: Wed May 26 13:56:56 2010
New Revision: 948427
URL: http://svn.apache.org/viewvc?rev=948427&view=rev
Log:
https://issues.apache.org/activemq/browse/AMQCPP-140
Modify the Socket classes to use the OpenSSLParameters class to store all settings.
Modified:
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.cpp
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.h
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.cpp
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.h
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocketFactory.cpp
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.h
activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocketFactory.cpp
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.cpp
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.cpp?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.cpp (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.cpp Wed May 26 13:56:56 2010
@@ -36,7 +36,8 @@ using namespace decaf::internal::net::ss
#ifdef HAVE_OPENSSL
////////////////////////////////////////////////////////////////////////////////
-OpenSSLParameters::OpenSSLParameters( SSL_CTX* context ) : context( context ) {
+OpenSSLParameters::OpenSSLParameters( SSL_CTX* context ) :
+ needClientAuth( false ), wantClientAuth( false ), useClientMode( true ), context( context ), ssl( NULL ) {
if( context == NULL ) {
throw NullPointerException( __FILE__, __LINE__, "SSL Context was NULL" );
@@ -80,6 +81,8 @@ std::vector<std::string> OpenSSLParamete
////////////////////////////////////////////////////////////////////////////////
void OpenSSLParameters::setEnabledCipherSuites( const std::vector<std::string>& suites ) {
+ // Cache the setting for quicker retrieval
+ this->enabledCipherSuites = suites;
}
////////////////////////////////////////////////////////////////////////////////
@@ -90,6 +93,8 @@ std::vector<std::string> OpenSSLParamete
////////////////////////////////////////////////////////////////////////////////
void OpenSSLParameters::setEnabledProtocols( const std::vector<std::string>& protocols ) {
+ // Cache the setting for quicker retrieval
+ this->enabledProtocols = protocols;
}
////////////////////////////////////////////////////////////////////////////////
@@ -99,8 +104,8 @@ OpenSSLParameters* OpenSSLParameters::cl
std::auto_ptr<OpenSSLParameters> cloned( new OpenSSLParameters( this->context ) );
- cloned->setEnabledCipherSuites( this->getEnabledCipherSuites() );
- cloned->setEnabledProtocols( this->getEnabledProtocols() );
+ cloned->enabledProtocols = this->enabledProtocols;
+ cloned->enabledCipherSuites = this->enabledCipherSuites;
cloned->needClientAuth = this->needClientAuth;
cloned->wantClientAuth = this->wantClientAuth;
cloned->useClientMode = this->useClientMode;
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.h
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.h?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.h (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLParameters.h Wed May 26 13:56:56 2010
@@ -50,6 +50,9 @@ namespace openssl {
SSL* ssl;
#endif
+ std::vector<std::string> enabledCipherSuites;
+ std::vector<std::string> enabledProtocols;
+
public:
#ifdef HAVE_OPENSSL
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.cpp
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.cpp?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.cpp (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.cpp Wed May 26 13:56:56 2010
@@ -30,6 +30,7 @@
#include <decaf/lang/exceptions/NullPointerException.h>
#include <decaf/lang/exceptions/IndexOutOfBoundsException.h>
#include <decaf/internal/net/SocketFileDescriptor.h>
+#include <decaf/internal/net/ssl/openssl/OpenSSLParameters.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLSocketException.h>
using namespace decaf;
@@ -53,27 +54,11 @@ namespace openssl {
class ServerSocketData {
public:
-#ifdef HAVE_OPENSSL
- SSL* ssl;
-#else
- void* ssl;
-#endif
-
- bool needsClientAuth;
- bool wantsClientAuth;
-
- public:
-
- ServerSocketData() : ssl( NULL ), needsClientAuth( false ), wantsClientAuth( false ) {
+ ServerSocketData() {
}
~ServerSocketData() {
try{
-#ifdef HAVE_OPENSSL
- if( ssl ) {
- SSL_free( ssl );
- }
-#endif
} catch(...) {}
}
@@ -82,20 +67,24 @@ namespace openssl {
}}}}}
////////////////////////////////////////////////////////////////////////////////
-OpenSSLServerSocket::OpenSSLServerSocket( void* ssl ) : SSLServerSocket(), data( new ServerSocketData() ) {
+OpenSSLServerSocket::OpenSSLServerSocket( OpenSSLParameters* parameters ) :
+ SSLServerSocket(), data( new ServerSocketData() ), parameters( parameters ) {
- if( ssl == NULL ) {
+ if( parameters == NULL ) {
throw NullPointerException(
- __FILE__, __LINE__, "The OpenSSL SSL object instance passed was NULL." );
+ __FILE__, __LINE__, "The OpenSSL Parameters object instance passed was NULL." );
}
-
-#ifdef HAVE_OPENSSL
- this->data->ssl = static_cast<SSL*>( ssl );
-#endif
}
////////////////////////////////////////////////////////////////////////////////
OpenSSLServerSocket::~OpenSSLServerSocket() {
+
+ try{
+ delete data;
+ delete parameters;
+ }
+ DECAF_CATCH_NOTHROW( Exception )
+ DECAF_CATCHALL_NOTHROW()
}
////////////////////////////////////////////////////////////////////////////////
@@ -112,48 +101,42 @@ std::vector<std::string> OpenSSLServerSo
////////////////////////////////////////////////////////////////////////////////
std::vector<std::string> OpenSSLServerSocket::getEnabledCipherSuites() const {
-
- return std::vector<std::string>();
+ return this->parameters->getEnabledCipherSuites();
}
////////////////////////////////////////////////////////////////////////////////
-void OpenSSLServerSocket::setEnabledCipherSuites( const std::vector<std::string>& suites DECAF_UNUSED ) {
-
+void OpenSSLServerSocket::setEnabledCipherSuites( const std::vector<std::string>& suites ) {
+ this->parameters->setEnabledCipherSuites( suites );
}
////////////////////////////////////////////////////////////////////////////////
std::vector<std::string> OpenSSLServerSocket::getEnabledProtocols() const {
-
- return std::vector<std::string>();
+ return this->parameters->getEnabledProtocols();
}
////////////////////////////////////////////////////////////////////////////////
-void OpenSSLServerSocket::setEnabledProtocols( const std::vector<std::string>& protocols DECAF_UNUSED ) {
-
+void OpenSSLServerSocket::setEnabledProtocols( const std::vector<std::string>& protocols ) {
+ this->parameters->setEnabledProtocols( protocols );
}
////////////////////////////////////////////////////////////////////////////////
bool OpenSSLServerSocket::getNeedClientAuth() const {
- return this->data->needsClientAuth;
+ return this->parameters->getNeedClientAuth();
}
////////////////////////////////////////////////////////////////////////////////
void OpenSSLServerSocket::setNeedClientAuth( bool value ) {
-
- this->data->needsClientAuth = value;
- this->data->wantsClientAuth = value;
+ this->parameters->setNeedClientAuth( value );
}
////////////////////////////////////////////////////////////////////////////////
bool OpenSSLServerSocket::getWantClientAuth() const {
- return this->data->wantsClientAuth;
+ return this->parameters->getWantClientAuth();
}
////////////////////////////////////////////////////////////////////////////////
void OpenSSLServerSocket::setWantClientAuth( bool value ) {
-
- this->data->needsClientAuth = value;
- this->data->wantsClientAuth = value;
+ this->parameters->setWantClientAuth( value );
}
////////////////////////////////////////////////////////////////////////////////
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.h
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.h?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.h (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocket.h Wed May 26 13:56:56 2010
@@ -28,6 +28,7 @@ namespace net {
namespace ssl {
namespace openssl {
+ class OpenSSLParameters;
class ServerSocketData;
/**
@@ -40,9 +41,11 @@ namespace openssl {
ServerSocketData* data;
+ OpenSSLParameters* parameters;
+
public:
- OpenSSLServerSocket( void* ssl );
+ OpenSSLServerSocket( OpenSSLParameters* parameters );
virtual ~OpenSSLServerSocket();
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocketFactory.cpp
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocketFactory.cpp?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocketFactory.cpp (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLServerSocketFactory.cpp Wed May 26 13:56:56 2010
@@ -20,6 +20,7 @@
#include <decaf/lang/exceptions/NullPointerException.h>
#include <decaf/lang/exceptions/UnsupportedOperationException.h>
+#include <decaf/internal/net/ssl/openssl/OpenSSLParameters.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLSocket.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLContextSpi.h>
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.cpp Wed May 26 13:56:56 2010
@@ -32,6 +32,7 @@
#include <decaf/lang/exceptions/NullPointerException.h>
#include <decaf/lang/exceptions/IndexOutOfBoundsException.h>
#include <decaf/internal/net/SocketFileDescriptor.h>
+#include <decaf/internal/net/ssl/openssl/OpenSSLParameters.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLSocketException.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLSocketInputStream.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLSocketOutputStream.h>
@@ -59,14 +60,6 @@ namespace openssl {
class SocketData {
public:
-#ifdef HAVE_OPENSSL
- SSL* ssl;
-#else
- void* ssl;
-#endif
- bool needsClientAuth;
- bool wantsClientAuth;
- bool useClientMode;
bool handshakeStarted;
bool handshakeCompleted;
std::string commonName;
@@ -75,18 +68,10 @@ namespace openssl {
public:
- SocketData() : ssl( NULL ), needsClientAuth( false ), wantsClientAuth( false ),
- useClientMode( true ), handshakeStarted( false ), handshakeCompleted( false ) {
+ SocketData() : handshakeStarted( false ), handshakeCompleted( false ) {
}
~SocketData() {
- try{
-#ifdef HAVE_OPENSSL
- if( ssl ) {
- SSL_free( ssl );
- }
-#endif
- } catch(...) {}
}
#ifdef HAVE_OPENSSL
@@ -106,17 +91,13 @@ namespace openssl {
}}}}}
////////////////////////////////////////////////////////////////////////////////
-OpenSSLSocket::OpenSSLSocket( void* ssl ) :
- SSLSocket(), data( new SocketData() ), input( NULL ), output( NULL ) {
+OpenSSLSocket::OpenSSLSocket( OpenSSLParameters* parameters ) :
+ SSLSocket(), data( new SocketData() ), parameters( parameters ), input( NULL ), output( NULL ) {
- if( ssl == NULL ) {
+ if( parameters == NULL ) {
throw NullPointerException(
- __FILE__, __LINE__, "The OpenSSL SSL object instance passed was NULL." );
+ __FILE__, __LINE__, "The OpenSSL Parameters object instance passed was NULL." );
}
-
-#ifdef HAVE_OPENSSL
- this->data->ssl = static_cast<SSL*>( ssl );
-#endif
}
////////////////////////////////////////////////////////////////////////////////
@@ -126,13 +107,14 @@ OpenSSLSocket::~OpenSSLSocket() {
SSLSocket::close();
#ifdef HAVE_OPENSSL
- if( this->data->ssl ) {
- SSL_set_shutdown( this->data->ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN );
- SSL_shutdown( this->data->ssl );
+ if( this->parameters->getSSL() ) {
+ SSL_set_shutdown( this->parameters->getSSL(), SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN );
+ SSL_shutdown( this->parameters->getSSL() );
}
#endif
delete data;
+ delete parameters;
delete input;
delete output;
}
@@ -171,7 +153,7 @@ void OpenSSLSocket::connect( const std::
}
BIO_set_fd( bio, (int)fd->getValue(), BIO_NOCLOSE );
- SSL_set_bio( this->data->ssl, bio, bio );
+ SSL_set_bio( this->parameters->getSSL(), bio, bio );
// Later when startHandshake is called we will check for this common name
// in the provided certificate
@@ -327,19 +309,19 @@ void OpenSSLSocket::startHandshake() {
this->data->handshakeStarted = true;
- if( this->data->useClientMode ) {
+ if( this->parameters->getUseClientMode() ) {
// Since we are a client we want to enforce peer verification, we set a
// callback so we can collect data on why a verify failed for debugging.
- SSL_set_verify( this->data->ssl, SSL_VERIFY_PEER, SocketData::verifyCallback );
+ SSL_set_verify( this->parameters->getSSL(), SSL_VERIFY_PEER, SocketData::verifyCallback );
- int result = SSL_connect( this->data->ssl );
+ int result = SSL_connect( this->parameters->getSSL() );
// Checks the error status, when things go right we still perform a deeper
// check on the provided certificate to ensure that it matches the host name
// that we connected to, this prevents someone from using any certificate
// signed by a signing authority that we trust.
- switch( SSL_get_error( this->data->ssl, result ) ) {
+ switch( SSL_get_error( this->parameters->getSSL(), result ) ) {
case SSL_ERROR_NONE:
verifyServerCert( this->data->commonName );
std::cout << "OpenSSLSocket::startHandshake() - Verified name: "
@@ -356,19 +338,19 @@ void OpenSSLSocket::startHandshake() {
int mode = SSL_VERIFY_NONE;
- if( this->data->wantsClientAuth ) {
+ if( this->parameters->getWantClientAuth() ) {
mode = SSL_VERIFY_PEER;
}
- if( this->data->needsClientAuth ) {
+ if( this->parameters->getNeedClientAuth() ) {
mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
}
// Since we are a client we want to enforce peer verification, we set a
// callback so we can collect data on why a verify failed for debugging.
- SSL_set_verify( this->data->ssl, mode, SocketData::verifyCallback );
+ SSL_set_verify( this->parameters->getSSL(), mode, SocketData::verifyCallback );
- int result = SSL_accept( this->data->ssl );
+ int result = SSL_accept( this->parameters->getSSL() );
if( result != SSL_ERROR_NONE ) {
SSLSocket::close();
@@ -392,35 +374,33 @@ void OpenSSLSocket::setUseClientMode( bo
__FILE__, __LINE__, "Handshake has already been started cannot change mode." );
}
- this->data->useClientMode = value;
+ this->parameters->setUseClientMode( value );
}
}
////////////////////////////////////////////////////////////////////////////////
bool OpenSSLSocket::getUseClientMode() const {
- return this->data->useClientMode;
+ return this->parameters->getUseClientMode();
}
////////////////////////////////////////////////////////////////////////////////
void OpenSSLSocket::setNeedClientAuth( bool value ) {
- this->data->needsClientAuth = value;
- this->data->wantsClientAuth = false;
+ this->parameters->setNeedClientAuth( value );
}
////////////////////////////////////////////////////////////////////////////////
bool OpenSSLSocket::getNeedClientAuth() const {
- return this->data->needsClientAuth;
+ return this->parameters->getNeedClientAuth();
}
////////////////////////////////////////////////////////////////////////////////
void OpenSSLSocket::setWantClientAuth( bool value ) {
- this->data->wantsClientAuth = value;
- this->data->needsClientAuth = false;
+ this->parameters->setWantClientAuth( value );
}
////////////////////////////////////////////////////////////////////////////////
bool OpenSSLSocket::getWantClientAuth() const {
- return this->data->wantsClientAuth;
+ return this->parameters->getWantClientAuth();
}
////////////////////////////////////////////////////////////////////////////////
@@ -467,9 +447,9 @@ int OpenSSLSocket::read( unsigned char*
}
// Read data from the socket.
- int result = SSL_read( this->data->ssl, buffer + offset, length );
+ int result = SSL_read( this->parameters->getSSL(), buffer + offset, length );
- switch( SSL_get_error( this->data->ssl, result ) ) {
+ switch( SSL_get_error( this->parameters->getSSL(), result ) ) {
case SSL_ERROR_NONE:
return result;
case SSL_ERROR_ZERO_RETURN:
@@ -536,9 +516,9 @@ void OpenSSLSocket::write( const unsigne
while( remaining > 0 && !isClosed() ) {
- int written = SSL_write( this->data->ssl, buffer + offset, remaining );
+ int written = SSL_write( this->parameters->getSSL(), buffer + offset, remaining );
- switch( SSL_get_error( this->data->ssl, written ) ) {
+ switch( SSL_get_error( this->parameters->getSSL(), written ) ) {
case SSL_ERROR_NONE:
offset += written;
remaining -= written;
@@ -568,7 +548,7 @@ int OpenSSLSocket::available() {
#ifdef HAVE_OPENSSL
if( !isClosed() ) {
- return SSL_pending( this->data->ssl );
+ return SSL_pending( this->parameters->getSSL() );
}
#else
throw SocketException( __FILE__, __LINE__, "Not Supported" );
@@ -584,7 +564,7 @@ int OpenSSLSocket::available() {
void OpenSSLSocket::verifyServerCert( const std::string& serverName ) {
#ifdef HAVE_OPENSSL
- X509* cert = SSL_get_peer_certificate( this->data->ssl );
+ X509* cert = SSL_get_peer_certificate( this->parameters->getSSL() );
if( cert == NULL ) {
this->close();
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.h
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.h?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.h (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocket.h Wed May 26 13:56:56 2010
@@ -31,6 +31,7 @@ namespace net {
namespace ssl {
namespace openssl {
+ class OpenSSLParameters;
class SocketData;
/**
@@ -45,6 +46,9 @@ namespace openssl {
// Private data related to the OpenSSL Socket impl.
SocketData* data;
+ // Parameters object containing the OpenSSL settings and objects for this Socket.
+ OpenSSLParameters* parameters;
+
// The InputStream owned by this Socket
decaf::io::InputStream* input;
@@ -53,7 +57,7 @@ namespace openssl {
public:
- OpenSSLSocket( void* ssl );
+ OpenSSLSocket( OpenSSLParameters* parameters );
virtual ~OpenSSLSocket();
Modified: activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocketFactory.cpp
URL: http://svn.apache.org/viewvc/activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocketFactory.cpp?rev=948427&r1=948426&r2=948427&view=diff
==============================================================================
--- activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocketFactory.cpp (original)
+++ activemq/activemq-cpp/trunk/activemq-cpp/src/main/decaf/internal/net/ssl/openssl/OpenSSLSocketFactory.cpp Wed May 26 13:56:56 2010
@@ -21,6 +21,7 @@
#include <decaf/lang/exceptions/UnsupportedOperationException.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLSocket.h>
+#include <decaf/internal/net/ssl/openssl/OpenSSLParameters.h>
#include <decaf/internal/net/ssl/openssl/OpenSSLContextSpi.h>
#include <memory>
@@ -73,7 +74,8 @@ Socket* OpenSSLSocketFactory::createSock
#ifdef HAVE_OPENSSL
// Create a new SSL object for the Socket then create a new unconnected Socket.
SSL_CTX* ctx = static_cast<SSL_CTX*>( this->parent->getOpenSSLCtx() );
- return new OpenSSLSocket( SSL_new( ctx ) );
+ std::auto_ptr<OpenSSLParameters> parameters( new OpenSSLParameters( ctx ) );
+ return new OpenSSLSocket( parameters.release() );
#else
return NULL;
#endif
@@ -92,7 +94,8 @@ Socket* OpenSSLSocketFactory::createSock
#ifdef HAVE_OPENSSL
// Create a new SSL object for the Socket then create a new unconnected Socket.
SSL_CTX* ctx = static_cast<SSL_CTX*>( this->parent->getOpenSSLCtx() );
- std::auto_ptr<SSLSocket> socket( new OpenSSLSocket( SSL_new( ctx ) ) );
+ std::auto_ptr<OpenSSLParameters> parameters( new OpenSSLParameters( ctx ) );
+ std::auto_ptr<SSLSocket> socket( new OpenSSLSocket( parameters.release() ) );
socket->connect( hostname, port );
return socket.release();
#else
@@ -114,7 +117,8 @@ Socket* OpenSSLSocketFactory::createSock
#ifdef HAVE_OPENSSL
// Create a new SSL object for the Socket then create a new unconnected Socket.
SSL_CTX* ctx = static_cast<SSL_CTX*>( this->parent->getOpenSSLCtx() );
- std::auto_ptr<SSLSocket> socket( new OpenSSLSocket( SSL_new( ctx ) ) );
+ std::auto_ptr<OpenSSLParameters> parameters( new OpenSSLParameters( ctx ) );
+ std::auto_ptr<SSLSocket> socket( new OpenSSLSocket( parameters.release() ) );
std::string bindAddress = ifAddress == NULL ? "0.0.0.0" : ifAddress->getHostAddress();
socket->bind( bindAddress, localPort );
socket->connect( hostname, port );