int doShutdown(SSL *ssl) { // Recommended sequence for clean shutdown (with close_notify being // sent in both directions). int ret = sslShutdown(ssl); if (ret == SSL_OK) return ret; for (int i = 0; i < 10; i++) { ret = sslShutdown(ssl); if (ret == SSL_OK) break; // If there is unread data queued before the peer close notify // we seem to get a SYSCALL error, so retry... // A real SYSCALL error hopefully will set errno. int err = SSL_get_error(ssl,ret); if (ret == 0 || err != SSL_ERROR_SYSCALL || errno != 0) break; fprintf(stderr,"Trying to shutdown\n"); } return ret; }
int agentMain (rsComm_t *rsComm) { int status = 0; int retryCnt = 0; while (1) { if (rsComm->gsiRequest==1) { status = igsiServersideAuth(rsComm) ; rsComm->gsiRequest=0; } if (rsComm->gsiRequest==2) { status = ikrbServersideAuth(rsComm) ; rsComm->gsiRequest=0; } #ifdef USE_SSL if (rsComm->ssl_do_accept) { status = sslAccept(rsComm); rsComm->ssl_do_accept = 0; } if (rsComm->ssl_do_shutdown) { status = sslShutdown(rsComm); rsComm->ssl_do_shutdown = 0; } #endif status = readAndProcClientMsg (rsComm, READ_HEADER_TIMEOUT); #if 0 status = readAndProcClientMsg (rsComm, 0); #endif if (status >= 0) { retryCnt = 0; continue; } else { if (status == DISCONN_STATUS) { status = 0; break; } else { break; } } } return (status); }
SSLServer::~SSLServer() { // GNASH_REPORT_FUNCTION; sslShutdown(); }
int agentMain( rsComm_t *rsComm ) { if ( !rsComm ) { return SYS_INTERNAL_NULL_INPUT_ERR; } int status = 0; // =-=-=-=-=-=-=- // capture server properties irods::server_properties& props = irods::server_properties::getInstance(); irods::error result = props.capture_if_needed(); if ( !result.ok() ) { irods::log( PASSMSG( "failed to read server configuration", result ) ); } // =-=-=-=-=-=-=- // compiler backwards compatibility hack // see header file for more details irods::dynamic_cast_hack(); while ( result.ok() && status >= 0 ) { // set default to the native auth scheme here. if ( rsComm->auth_scheme == NULL ) { rsComm->auth_scheme = strdup( "native" ); } // construct an auth object based on the scheme specified in the comm irods::auth_object_ptr auth_obj; irods::error ret = irods::auth_factory( rsComm->auth_scheme, &rsComm->rError, auth_obj ); if ( ( result = ASSERT_PASS( ret, "Failed to factory an auth object for scheme: \"%s\".", rsComm->auth_scheme ) ).ok() ) { irods::plugin_ptr ptr; ret = auth_obj->resolve( irods::AUTH_INTERFACE, ptr ); if ( ( result = ASSERT_PASS( ret, "Failed to resolve the auth plugin for scheme: \"%s\".", rsComm->auth_scheme ) ).ok() ) { irods::auth_ptr auth_plugin = boost::dynamic_pointer_cast< irods::auth >( ptr ); // Call agent start char* foo = ""; ret = auth_plugin->call < const char* > ( rsComm, irods::AUTH_AGENT_START, auth_obj, foo ); result = ASSERT_PASS( ret, "Failed during auth plugin agent start for scheme: \"%s\".", rsComm->auth_scheme ); } // =-=-=-=-=-=-=- // add the user info to the server properties for // reach by the operation wrapper for access by the // dynamic policy enforcement points set_rule_engine_globals( rsComm, props ); } if ( result.ok() ) { if ( rsComm->ssl_do_accept ) { status = sslAccept( rsComm ); if ( status < 0 ) { rodsLog( LOG_ERROR, "sslAccept failed in agentMain with status %d", status ); } rsComm->ssl_do_accept = 0; } if ( rsComm->ssl_do_shutdown ) { status = sslShutdown( rsComm ); if ( status < 0 ) { rodsLog( LOG_ERROR, "sslShutdown failed in agentMain with status %d", status ); } rsComm->ssl_do_shutdown = 0; } status = readAndProcClientMsg( rsComm, READ_HEADER_TIMEOUT ); if ( status < 0 ) { if ( status == DISCONN_STATUS ) { status = 0; break; } } } } if ( !result.ok() ) { irods::log( result ); status = result.code(); return status; } // =-=-=-=-=-=-=- // determine if we even need to connect, break the // infinite reconnect loop. if ( !resc_mgr.need_maintenance_operations() ) { return status; } // =-=-=-=-=-=-=- // find the icat host rodsServerHost_t *rodsServerHost = 0; status = getRcatHost( MASTER_RCAT, 0, &rodsServerHost ); if ( status < 0 ) { irods::log( ERROR( status, "getRcatHost failed." ) ); return status; } // =-=-=-=-=-=-=- // connect to the icat host status = svrToSvrConnect( rsComm, rodsServerHost ); if ( status < 0 ) { irods::log( ERROR( status, "svrToSvrConnect failed." ) ); return status; } // =-=-=-=-=-=-=- // call post disconnect maintenance operations before exit status = resc_mgr.call_maintenance_operations( rodsServerHost->conn ); return status; }