int doShutdown(SSL *ssl)
{
// Recommended sequence for clean shutdown (with close_notify being
// sent in both directions).
int ret = sslShutdown(ssl);
if (ret == SSL_OK) return ret;
for (int i = 0; i < 10; i++) {
ret = sslShutdown(ssl);
if (ret == SSL_OK) break;
// If there is unread data queued before the peer close notify
// we seem to get a SYSCALL error, so retry...
// A real SYSCALL error hopefully will set errno.
int err = SSL_get_error(ssl,ret);
if (ret == 0 || err != SSL_ERROR_SYSCALL || errno != 0) break;
fprintf(stderr,"Trying to shutdown\n");
}
return ret;
}
int
agentMain (rsComm_t *rsComm)
{
int status = 0;
int retryCnt = 0;
while (1) {
if (rsComm->gsiRequest==1) {
status = igsiServersideAuth(rsComm) ;
rsComm->gsiRequest=0;
}
if (rsComm->gsiRequest==2) {
status = ikrbServersideAuth(rsComm) ;
rsComm->gsiRequest=0;
}
#ifdef USE_SSL
if (rsComm->ssl_do_accept) {
status = sslAccept(rsComm);
rsComm->ssl_do_accept = 0;
}
if (rsComm->ssl_do_shutdown) {
status = sslShutdown(rsComm);
rsComm->ssl_do_shutdown = 0;
}
#endif
status = readAndProcClientMsg (rsComm, READ_HEADER_TIMEOUT);
#if 0
status = readAndProcClientMsg (rsComm, 0);
#endif
if (status >= 0) {
retryCnt = 0;
continue;
} else {
if (status == DISCONN_STATUS) {
status = 0;
break;
} else {
break;
}
}
}
return (status);
}
SSLServer::~SSLServer()
{
// GNASH_REPORT_FUNCTION;
sslShutdown();
}
int agentMain(
rsComm_t *rsComm ) {
if ( !rsComm ) {
return SYS_INTERNAL_NULL_INPUT_ERR;
}
int status = 0;
// =-=-=-=-=-=-=-
// capture server properties
irods::server_properties& props = irods::server_properties::getInstance();
irods::error result = props.capture_if_needed();
if ( !result.ok() ) {
irods::log( PASSMSG( "failed to read server configuration", result ) );
}
// =-=-=-=-=-=-=-
// compiler backwards compatibility hack
// see header file for more details
irods::dynamic_cast_hack();
while ( result.ok() && status >= 0 ) {
// set default to the native auth scheme here.
if ( rsComm->auth_scheme == NULL ) {
rsComm->auth_scheme = strdup( "native" );
}
// construct an auth object based on the scheme specified in the comm
irods::auth_object_ptr auth_obj;
irods::error ret = irods::auth_factory( rsComm->auth_scheme, &rsComm->rError, auth_obj );
if ( ( result = ASSERT_PASS( ret, "Failed to factory an auth object for scheme: \"%s\".", rsComm->auth_scheme ) ).ok() ) {
irods::plugin_ptr ptr;
ret = auth_obj->resolve( irods::AUTH_INTERFACE, ptr );
if ( ( result = ASSERT_PASS( ret, "Failed to resolve the auth plugin for scheme: \"%s\".",
rsComm->auth_scheme ) ).ok() ) {
irods::auth_ptr auth_plugin = boost::dynamic_pointer_cast< irods::auth >( ptr );
// Call agent start
char* foo = "";
ret = auth_plugin->call < const char* > ( rsComm, irods::AUTH_AGENT_START, auth_obj, foo );
result = ASSERT_PASS( ret, "Failed during auth plugin agent start for scheme: \"%s\".", rsComm->auth_scheme );
}
// =-=-=-=-=-=-=-
// add the user info to the server properties for
// reach by the operation wrapper for access by the
// dynamic policy enforcement points
set_rule_engine_globals( rsComm, props );
}
if ( result.ok() ) {
if ( rsComm->ssl_do_accept ) {
status = sslAccept( rsComm );
if ( status < 0 ) {
rodsLog( LOG_ERROR, "sslAccept failed in agentMain with status %d", status );
}
rsComm->ssl_do_accept = 0;
}
if ( rsComm->ssl_do_shutdown ) {
status = sslShutdown( rsComm );
if ( status < 0 ) {
rodsLog( LOG_ERROR, "sslShutdown failed in agentMain with status %d", status );
}
rsComm->ssl_do_shutdown = 0;
}
status = readAndProcClientMsg( rsComm, READ_HEADER_TIMEOUT );
if ( status < 0 ) {
if ( status == DISCONN_STATUS ) {
status = 0;
break;
}
}
}
}
if ( !result.ok() ) {
irods::log( result );
status = result.code();
return status;
}
// =-=-=-=-=-=-=-
// determine if we even need to connect, break the
// infinite reconnect loop.
if ( !resc_mgr.need_maintenance_operations() ) {
return status;
}
// =-=-=-=-=-=-=-
// find the icat host
rodsServerHost_t *rodsServerHost = 0;
status = getRcatHost( MASTER_RCAT, 0, &rodsServerHost );
if ( status < 0 ) {
irods::log( ERROR( status, "getRcatHost failed." ) );
return status;
}
// =-=-=-=-=-=-=-
// connect to the icat host
status = svrToSvrConnect( rsComm, rodsServerHost );
if ( status < 0 ) {
irods::log( ERROR( status, "svrToSvrConnect failed." ) );
return status;
}
// =-=-=-=-=-=-=-
// call post disconnect maintenance operations before exit
status = resc_mgr.call_maintenance_operations( rodsServerHost->conn );
return status;
}
