axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bruce McHaffie <bruce.mchaf...@entrust.com>
Subject RE: Closing a secure channel
Date Mon, 20 Jun 2005 14:38:08 GMT
Thanks Fred. I will fix up the destructor. My original problem was that my
SSL library didn't get notified when the channel closed a socket. I'm
working around that now by testing for socket == 0 on all existing
connection objects (which I keep in a pool) whenever openSSLConnection()
gets called. It's not pretty, but seems to work so far. If you can think of
a reason why this would fail embarassingly please let me know :-).
 
Bruce.
 
-----Original Message-----
From: Fred Preston [mailto:PRESTONF@uk.ibm.com] 
Sent: June 17, 2005 6:23 AM
To: Apache AXIS C User List
Subject: RE: Closing a secure channel




Hi Bruce, 
        You're right.  Axis2 SSL was a bit of a mess and that's why it was
dropped.  It works, but is untidy and unfinished.  Looking at the
Axis2Transport code, the currently loaded channel will be deleted (and it's
destructor called) when the Axis2Transport is deleted (i.e when the web
service is deleted).  The openConnection and closeConnection do very little
in Axis2Transport and unfortunately do not communicate with the underlying
channel.  I was hoping that there might be a 'back door' to getting the
channel object and then be able to call methods on it, but there is not... 

Just to recap, all of the channel close socket communication happens on the
destructor (as it does in channel::~Channel()).  This is missing from the
SSL channel.  Thus, when the web service is deleted, the Axis2Transport will
delete the currently active channel (before being deleted itself).  This
will call the channel destructor and if it is an SSL channel nothing happens
because the destructor is empty.  This will leave the SSL library open
causing memory leaks. 

The only solution to your problem is, if you have the OpenSSLChannel
project, add 'closeSecureSocket();' to the empty destructor method and
rebuild. 

Regards,

Fred Preston.




	Bruce McHaffie <bruce.mchaffie@entrust.com> 


06/16/2005 04:24 PM 
Please respond to "Apache AXIS C User List" 

        
        To:        "'Apache AXIS C User List'" <axis-c-user@ws.apache.org> 
        cc:         
        Subject:        RE: Closing a secure channel 

       


Hi Fred, thanks for the reply. That would work, except the destructor for
the secure channel object (derived from Channel) is empty too. So when the
channel object is destroyed in the transport destructor, the secure channel
destructor gets called but doesn't do anything. So closeSSLChannel() doesn't
get called when the transport object disappears. Neither does
destroySSLChannelObject(), which is a shame because it would give my SSL
library a chance to clean up after itself. In fact I'm not sure the SSL
library gets unloaded at all. Or again, maybe I'm missing something. 

Bruce. 
  
PS: I'm looking at 1.5 now, but for this release I'm stuck with 1.4. 
  
-----Original Message-----
From: Fred Preston [mailto:PRESTONF@uk.ibm.com] 
Sent: June 16, 2005 6:08 AM
To: Apache AXIS C User List
Subject: Re: Closing a secure channel


Hi Bruce, 
       You should now be using AXIS3 transport.  The reason why the method
is empty is because the socket was not closed until you deleted the web
service which in turn would call the destructor on the transport object,
closing and then deleting the channel object. 

Regards,

Fred Preston.



	Bruce McHaffie <bruce.mchaffie@entrust.com> 


06/15/2005 08:30 PM 
Please respond to "Apache AXIS C User List" 

        
       To:        "'Apache AXIS C User List'" <axis-c-user@ws.apache.org> 
       cc:         
       Subject:        Closing a secure channel 

      



A 1.4 question for you: in axis2/SecureChannel.cpp the close() method
doesn't do anything. Shouldn't it at least close the connection that is
opened in the open() method? For instance: 

void SecureChannel::close() 
{ 
      m_pSSLChannel->closeSSLChannel() 
} 


Or am I missing something here? 


Thanks, 


Bruce. 





Mime
View raw message