From cfcb1a2c11dd1500cb62a31dce41442a83deaf23 Mon Sep 17 00:00:00 2001 From: JoelKatz Date: Thu, 10 Jan 2013 09:10:40 -0800 Subject: [PATCH] Get rid of the redundant SSL contexts. --- src/cpp/ripple/Application.h | 1 + src/cpp/ripple/ConnectionPool.cpp | 19 +++---------------- src/cpp/ripple/ConnectionPool.h | 6 +++--- src/cpp/ripple/PeerDoor.h | 1 + 4 files changed, 8 insertions(+), 19 deletions(-) diff --git a/src/cpp/ripple/Application.h b/src/cpp/ripple/Application.h index ed950f22e..7ba1003ce 100644 --- a/src/cpp/ripple/Application.h +++ b/src/cpp/ripple/Application.h @@ -114,6 +114,7 @@ public: LoadManager& getLoadManager() { return mLoadMgr; } LoadFeeTrack& getFeeTrack() { return mFeeTrack; } TXQueue& getTxnQueue() { return mTxnQueue; } + PeerDoor& getPeerDoor() { return *mPeerDoor; } bool isNew(const uint256& s) { return mSuppressions.addSuppression(s); } diff --git a/src/cpp/ripple/ConnectionPool.cpp b/src/cpp/ripple/ConnectionPool.cpp index 2d4920338..cbc12e159 100644 --- a/src/cpp/ripple/ConnectionPool.cpp +++ b/src/cpp/ripple/ConnectionPool.cpp @@ -10,6 +10,7 @@ #include "Config.h" #include "Peer.h" +#include "PeerDoor.h" #include "Application.h" #include "utils.h" #include "Log.h" @@ -28,21 +29,6 @@ void splitIpPort(const std::string& strIpPort, std::string& strIp, int& iPort) iPort = boost::lexical_cast(vIpPort[1]); } -ConnectionPool::ConnectionPool(boost::asio::io_service& io_service) : - mLastPeer(0), - mCtx(boost::asio::ssl::context::sslv23), - mScanTimer(io_service), - mPolicyTimer(io_service) -{ - mCtx.set_options( - boost::asio::ssl::context::default_workarounds - | boost::asio::ssl::context::no_sslv2 - | boost::asio::ssl::context::single_dh_use); - - if (1 != SSL_CTX_set_cipher_list(mCtx.native_handle(), theConfig.PEER_SSL_CIPHER_LIST.c_str())) - std::runtime_error("Error setting cipher list (no valid ciphers)."); -} - void ConnectionPool::start() { if (theConfig.RUN_STANDALONE) @@ -329,7 +315,8 @@ Peer::pointer ConnectionPool::peerConnect(const std::string& strIp, int iPort) if ((it = mIpMap.find(pipPeer)) == mIpMap.end()) { - Peer::pointer ppNew(Peer::create(theApp->getIOService(), mCtx, ++mLastPeer)); + Peer::pointer ppNew(Peer::create(theApp->getIOService(), + theApp->getPeerDoor().getSSLContext(), ++mLastPeer)); // Did not find it. Not already connecting or connected. ppNew->connect(strIp, iPort); diff --git a/src/cpp/ripple/ConnectionPool.h b/src/cpp/ripple/ConnectionPool.h index e02caf198..3cdc77317 100644 --- a/src/cpp/ripple/ConnectionPool.h +++ b/src/cpp/ripple/ConnectionPool.h @@ -38,8 +38,6 @@ private: // Connections with have a 64-bit identifier boost::unordered_map mPeerIdMap; - boost::asio::ssl::context mCtx; - Peer::pointer mScanning; boost::asio::deadline_timer mScanTimer; std::string mScanIp; @@ -60,7 +58,9 @@ private: Peer::pointer peerConnect(const std::string& strIp, int iPort); public: - ConnectionPool(boost::asio::io_service& io_service); + ConnectionPool(boost::asio::io_service& io_service) : + mLastPeer(0), mScanTimer(io_service), mPolicyTimer(io_service) + { ; } // Begin enforcing connection policy. void start(); diff --git a/src/cpp/ripple/PeerDoor.h b/src/cpp/ripple/PeerDoor.h index 9ea247152..5f03c5914 100644 --- a/src/cpp/ripple/PeerDoor.h +++ b/src/cpp/ripple/PeerDoor.h @@ -25,6 +25,7 @@ private: public: PeerDoor(boost::asio::io_service& io_service); + boost::asio::ssl::context& getSSLContext() { return mCtx; } }; #endif