Example #1
0
  /**
   * Create a transport mechanism {@code TaggedComponent} to be stuffed into a {@code
   * CompoundSecMech}.
   *
   * <p>If no {@code TransportConfig} metadata is specified, or ssl port is negative, or the
   * specified metadata indicates that transport config is not supported, then a {@code
   * TAG_NULL_TAG} (empty) {@code TaggedComponent} will be returned.
   *
   * <p>Otherwise a {@code CSIIOP.TLS_SEC_TRANS}, tagged as {@code TAG_TLS_SEC_TRANS} will be
   * returned, indicating support for TLS/SSL as a CSIv2 transport mechanism.
   *
   * <p>Multiple {@code TransportAddress} may be included in the SSL info (host/port pairs), but we
   * only include one.
   *
   * @param tconfig the transport configuration metadata.
   * @param codec the {@code Codec} used to encode the transport configuration.
   * @param sslPort an {@code int} representing the SSL port.
   * @param orb a reference to the running {@code ORB}.
   * @return the constructed {@code TaggedComponent}.
   */
  public static TaggedComponent createTransportMech(
      TransportConfig tconfig, Codec codec, int sslPort, ORB orb) {

    TaggedComponent tc;

    // what we support and require as a target.
    int support = 0;
    int require = 0;

    if (tconfig != null) {
      require = createTargetRequires(tconfig);
      support = createTargetSupports(tconfig);
    }

    if (tconfig == null || support == 0 || sslPort < 0) {
      // no support for transport security.
      tc = new TaggedComponent(TAG_NULL_TAG.value, new byte[0]);
    } else {
      // my ip address.
      String host;
      try {
        host = InetAddress.getLocalHost().getHostAddress();
      } catch (java.net.UnknownHostException e) {
        host = "127.0.0.1";
      }

      // this will create only one transport address.
      TransportAddress[] taList = createTransportAddress(host, sslPort);
      TLS_SEC_TRANS tst = new TLS_SEC_TRANS((short) support, (short) require, taList);

      // The tricky part, we must encode TLS_SEC_TRANS into an octet sequence.
      try {
        Any any = orb.create_any();
        TLS_SEC_TRANSHelper.insert(any, tst);
        byte[] b = codec.encode_value(any);
        tc = new TaggedComponent(TAG_TLS_SEC_TRANS.value, b);
      } catch (InvalidTypeForEncoding e) {
        log.warn("Caught unexcepted exception while encoding TLS_SEC_TRANS", e);
        throw new RuntimeException(e);
      }
    }

    return tc;
  }
Example #2
0
  private static void printTlsSecTrans(byte[] tagData, PrintWriter out) {
    CDRInputStream in = new CDRInputStream(tagData);

    try {
      in.openEncapsulatedArray();
      TLS_SEC_TRANS tls = TLS_SEC_TRANSHelper.read(in);
      out.println("\t\t\tTLS SEC TRANS target requires: " + tls.target_requires);
      out.println("\t\t\tTLS SEC TRANS target supports: " + tls.target_supports);

      for (int i = 0; i < tls.addresses.length; i++) {
        int ssl_port = tls.addresses[i].port;
        if (ssl_port < 0) {
          ssl_port += 65536;
        }
        out.println("\t\t\tTLS SEC TRANS address: " + tls.addresses[i].host_name + ":" + ssl_port);
      }
    } catch (Exception ex) {
      out.print("\t\t\tTLS SEC TRANS: ");
      dumpHex(tagData, out);
      out.println();
    }
  }
Example #3
0
  /**
   * Create a transport mechanism {@code TaggedComponent} to be stuffed into a {@code
   * CompoundSecMech}.
   *
   * <p>If no {@code TransportConfig} metadata is specified, or ssl port is negative, or the
   * specified metadata indicates that transport config is not supported, then a {@code
   * TAG_NULL_TAG} (empty) {@code TaggedComponent} will be returned.
   *
   * <p>Otherwise a {@code CSIIOP.TLS_SEC_TRANS}, tagged as {@code TAG_TLS_SEC_TRANS} will be
   * returned, indicating support for TLS/SSL as a CSIv2 transport mechanism.
   *
   * <p>Multiple {@code TransportAddress} may be included in the SSL info (host/port pairs), but we
   * only include one.
   *
   * @param tconfig the transport configuration metadata.
   * @param codec the {@code Codec} used to encode the transport configuration.
   * @param sslPort an {@code int} representing the SSL port.
   * @param orb a reference to the running {@code ORB}.
   * @return the constructed {@code TaggedComponent}.
   */
  public static TaggedComponent createTransportMech(
      IORTransportConfigMetaData tconfig, Codec codec, int sslPort, ORB orb) {

    TaggedComponent tc;

    // what we support and require as a target.
    int support = 0;
    int require = 0;

    if (tconfig != null) {
      require = createTargetRequires(tconfig);
      support = createTargetSupports(tconfig);
    }

    if (tconfig == null || support == 0 || sslPort < 0) {
      // no support for transport security.
      tc = new TaggedComponent(TAG_NULL_TAG.value, new byte[0]);
    } else {
      // my ip address.
      String host = CorbaORBService.getORBProperty(JacORBSubsystemConstants.ORB_ADDRESS);

      // this will create only one transport address.
      TransportAddress[] taList = createTransportAddress(host, sslPort);
      TLS_SEC_TRANS tst = new TLS_SEC_TRANS((short) support, (short) require, taList);

      // The tricky part, we must encode TLS_SEC_TRANS into an octet sequence.
      try {
        Any any = orb.create_any();
        TLS_SEC_TRANSHelper.insert(any, tst);
        byte[] b = codec.encode_value(any);
        tc = new TaggedComponent(TAG_TLS_SEC_TRANS.value, b);
      } catch (InvalidTypeForEncoding e) {
        throw JacORBLogger.ROOT_LOGGER.unexpectedException(e);
      }
    }

    return tc;
  }