Get rid of the redundant SSL contexts.

2025-12-06 17:27:52 +00:00 · 2013-01-10 09:10:40 -08:00
parent ce3ce7820b
commit cfcb1a2c11
4 changed files with 8 additions and 19 deletions
--- a/src/cpp/ripple/Application.h
+++ b/src/cpp/ripple/Application.h
@@ -114,6 +114,7 @@ public:
 	LoadManager& getLoadManager()					{ return mLoadMgr; }
 	LoadFeeTrack& getFeeTrack()						{ return mFeeTrack; }
 	TXQueue& getTxnQueue()							{ return mTxnQueue; }
+	PeerDoor& getPeerDoor()							{ return *mPeerDoor; }


 	bool isNew(const uint256& s)					{ return mSuppressions.addSuppression(s); }
--- a/src/cpp/ripple/ConnectionPool.cpp
+++ b/src/cpp/ripple/ConnectionPool.cpp
@@ -10,6 +10,7 @@

 #include "Config.h"
 #include "Peer.h"
+#include "PeerDoor.h"
 #include "Application.h"
 #include "utils.h"
 #include "Log.h"
@@ -28,21 +29,6 @@ void splitIpPort(const std::string& strIpPort, std::string& strIp, int& iPort)
 	iPort	= boost::lexical_cast<int>(vIpPort[1]);
 }

-ConnectionPool::ConnectionPool(boost::asio::io_service& io_service) :
-	mLastPeer(0),
-	mCtx(boost::asio::ssl::context::sslv23),
-	mScanTimer(io_service),
-	mPolicyTimer(io_service)
-{
-	mCtx.set_options(
-		boost::asio::ssl::context::default_workarounds
-		| boost::asio::ssl::context::no_sslv2
-		| boost::asio::ssl::context::single_dh_use);
-
-	if (1 != SSL_CTX_set_cipher_list(mCtx.native_handle(), theConfig.PEER_SSL_CIPHER_LIST.c_str()))
-		std::runtime_error("Error setting cipher list (no valid ciphers).");
-}
-
 void ConnectionPool::start()
 {
 	if (theConfig.RUN_STANDALONE)
@@ -329,7 +315,8 @@ Peer::pointer ConnectionPool::peerConnect(const std::string& strIp, int iPort)

 		if ((it = mIpMap.find(pipPeer)) == mIpMap.end())
 		{
-			Peer::pointer	ppNew(Peer::create(theApp->getIOService(), mCtx, ++mLastPeer));
+			Peer::pointer	ppNew(Peer::create(theApp->getIOService(),
+				theApp->getPeerDoor().getSSLContext(), ++mLastPeer));

 			// Did not find it.  Not already connecting or connected.
 			ppNew->connect(strIp, iPort);
--- a/src/cpp/ripple/ConnectionPool.h
+++ b/src/cpp/ripple/ConnectionPool.h
@@ -38,8 +38,6 @@ private:
    // Connections with have a 64-bit identifier
    boost::unordered_map<uint64, Peer::pointer>			mPeerIdMap;

-    boost::asio::ssl::context							mCtx;
-
 	Peer::pointer										mScanning;
 	boost::asio::deadline_timer							mScanTimer;
 	std::string											mScanIp;
@@ -60,7 +58,9 @@ private:
 	Peer::pointer	peerConnect(const std::string& strIp, int iPort);

 public:
-	ConnectionPool(boost::asio::io_service& io_service);
+	ConnectionPool(boost::asio::io_service& io_service) :
+		mLastPeer(0), mScanTimer(io_service), mPolicyTimer(io_service)
+	{ ; }

 	// Begin enforcing connection policy.
 	void start();
--- a/src/cpp/ripple/PeerDoor.h
+++ b/src/cpp/ripple/PeerDoor.h
@@ -25,6 +25,7 @@ private:

 public:
 	PeerDoor(boost::asio::io_service& io_service);
+	boost::asio::ssl::context&	getSSLContext()	{ return mCtx; }
 };

 #endif