bool
TAO_Acceptor_Registry::is_collocated (const TAO_MProfile &mprofile)
{
TAO_AcceptorSetIterator const end = this->end ();
CORBA::ULong const count = mprofile.profile_count ();
// If at least one endpoint in one of the profiles matches one of
// the acceptors, we are collocated.
for (TAO_AcceptorSetIterator i = this->begin (); i != end; ++i)
{
for (TAO_PHandle j = 0; j != count; ++j)
{
const TAO_Profile *profile = mprofile.get_profile (j);
// @@ We need to invoke a nonconst <endpoint> method on
// <profile>. The content of profile/endpoint will not
// be modified.
TAO_Profile *pf = const_cast<TAO_Profile *> (profile);
// Check all endpoints for address equality.
if ((*i)->tag () == pf->tag ())
{
// @note This can be a potentially expensive (O(n^2))
// operation if the below is_collocated() call
// also executes a loop.
for (TAO_Endpoint *endp = pf->endpoint ();
endp != 0;
endp = endp->next ())
{
if ((*i)->is_collocated (endp))
{
return true;
}
}
}
}
}
return false;
}
int
TAO::SSLIOP::Acceptor::create_shared_profile (const TAO::ObjectKey &object_key,
TAO_MProfile &mprofile,
CORBA::Short priority)
{
size_t index = 0;
TAO_Profile *pfile = 0;
TAO_SSLIOP_Profile *ssliop_profile = 0;
// First see if <mprofile> already contains a SSLIOP profile.
for (TAO_PHandle i = 0; i != mprofile.profile_count (); ++i)
{
pfile = mprofile.get_profile (i);
if (pfile->tag () == IOP::TAG_INTERNET_IOP)
{
ssliop_profile = dynamic_cast<TAO_SSLIOP_Profile *> (pfile);
if (ssliop_profile == 0)
return -1;
break;
}
}
// If <mprofile> doesn't contain SSLIOP_Profile, we need to create
// one.
if (ssliop_profile == 0)
{
// @@ We need to create an SSLIOP::SSL component for the object
// we're creating an MProfile for. This will allow us to
// properly embed secure invocation policies in the generated
// IOR, i.e. secure invocation policies on a per-object
// basis, rather than on a per-endpoint basis. If no secure
// invocation policies have been set then we should use the
// below default SSLIOP::SSL component.
ACE_NEW_RETURN (ssliop_profile,
TAO_SSLIOP_Profile (this->hosts_[0],
this->addrs_[0].get_port_number (),
object_key,
this->addrs_[0],
this->version_,
this->orb_core_,
&(this->ssl_component_)),
-1);
TAO_SSLIOP_Endpoint * const ssliop_endp =
dynamic_cast<TAO_SSLIOP_Endpoint *> (ssliop_profile->endpoint ());
if (!ssliop_endp)
return -1;
ssliop_endp->priority (priority);
ssliop_endp->iiop_endpoint ()->priority (priority);
if (mprofile.give_profile (ssliop_profile) == -1)
{
ssliop_profile->_decr_refcnt ();
ssliop_profile = 0;
return -1;
}
if (this->orb_core_->orb_params ()->std_profile_components () != 0)
{
ssliop_profile->tagged_components ().set_orb_type (TAO_ORB_TYPE);
TAO_Codeset_Manager *csm = this->orb_core_->codeset_manager();
if (csm)
csm->set_codeset(ssliop_profile->tagged_components());
IOP::TaggedComponent component;
component.tag = ::SSLIOP::TAG_SSL_SEC_TRANS;
// @@???? Check this code, only intended as guideline...
TAO_OutputCDR cdr;
cdr << TAO_OutputCDR::from_boolean (TAO_ENCAP_BYTE_ORDER);
// @@ We need to create an SSLIOP::SSL component for the
// object we're creating an MProfile for. This will
// allow us to properly embed secure invocation policies
// in the generated IOR, i.e. secure invocation policies
// on a per-object basis, rather than on a per-endpoint
// basis. If no secure invocation policies have been set
// then we should use the below default SSLIOP::SSL
// component.
cdr << this->ssl_component_;
// TAO extension, replace the contents of the octet sequence with
// the CDR stream
CORBA::ULong length = cdr.total_length ();
component.component_data.length (length);
CORBA::Octet *buf = component.component_data.get_buffer ();
for (const ACE_Message_Block *i = cdr.begin ();
i != 0;
i = i->cont ())
{
ACE_OS::memcpy (buf, i->rd_ptr (), i->length ());
buf += i->length ();
}
ssliop_profile->tagged_components ().set_component (component);
}
index = 1;
}
// Add any remaining endpoints to the SSLIOP_Profile.
for (;
index < this->endpoint_count_;
++index)
{
TAO_SSLIOP_Endpoint *ssl_endp = 0;
TAO_IIOP_Endpoint *iiop_endp = 0;
ACE_NEW_RETURN (iiop_endp,
TAO_IIOP_Endpoint (this->hosts_[index],
this->addrs_[index].get_port_number (),
this->addrs_[index]),
-1);
iiop_endp->priority (priority);
ACE_NEW_RETURN (ssl_endp,
TAO_SSLIOP_Endpoint (&(this->ssl_component_),
iiop_endp),
-1);
ssl_endp->priority (priority);
ssliop_profile->add_endpoint (ssl_endp);
}
return 0;
}
void
TAO_RT_Invocation_Endpoint_Selector::select_endpoint_based_on_client_protocol_policy (
TAO::Profile_Transport_Resolver &r,
RTCORBA::ClientProtocolPolicy_ptr client_protocol_policy,
RTCORBA::ProtocolList &client_protocols,
ACE_Time_Value *val)
{
CORBA::Boolean valid_profile_found = false;
// Even though cycling through all the protocols is the correct
// things to do to find a match, starting from the start of the
// profile list is not. In addition, this code is also ignoring the
// forwarded reference (if it exists). This behavior is caused by
// problems with the profile management in TAO which are documented
// in bugzilla bugs 1237, 1238, and 1239. Once the above problems
// are fixed, this behavior should be fixed to do the right thing.
for (CORBA::ULong protocol_index = 0;
protocol_index < client_protocols.length ();
++protocol_index)
{
// Find the profiles that match the current protocol.
TAO_Profile *profile = 0;
TAO_MProfile &mprofile = (r.stub ()->forward_profiles() == 0) ?
r.stub ()->base_profiles () : *r.stub ()->forward_profiles();
for (TAO_PHandle i = 0;
i < mprofile.profile_count ();
++i)
{
profile = mprofile.get_profile (i);
if (profile->tag () == client_protocols[protocol_index].protocol_type)
{
valid_profile_found = true;
r.profile (profile);
if (this->endpoint_from_profile (r, val) == 1)
return;
// @@ Else we should check for potential forwarding here.
}
}
}
// We have tried all the profiles specified in the client protocol
// policy with no success. Throw exception.
if (!valid_profile_found)
{
CORBA::PolicyList *p = r.inconsistent_policies ();
if (p)
{
p->length (1);
(*p)[0u] = CORBA::Policy::_duplicate (client_protocol_policy);
}
throw ::CORBA::INV_POLICY ();
}
// If we get here, we completely failed to find an endpoint
// that we know how to use. We used to throw an exception
// but that would prevent any request interception points
// being called. They may know how to fix the problem so
// we wait to throw the exception in
// Synch_Twoway_Invocation::remote_twoway and
// Synch_Oneway_Invocation::remote_oneway instead.
}
