diff options
Diffstat (limited to 'lib/orber')
| -rw-r--r-- | lib/orber/COSS/CosNaming/Makefile | 2 | ||||
| -rw-r--r-- | lib/orber/doc/src/Makefile | 2 | ||||
| -rw-r--r-- | lib/orber/doc/src/ch_install.xml | 122 | ||||
| -rw-r--r-- | lib/orber/doc/src/ch_security.xml | 91 | ||||
| -rw-r--r-- | lib/orber/doc/src/corba.xml | 16 | ||||
| -rw-r--r-- | lib/orber/doc/src/corba_object.xml | 11 | ||||
| -rw-r--r-- | lib/orber/doc/src/notes.xml | 46 | ||||
| -rw-r--r-- | lib/orber/doc/src/orber.xml | 94 | ||||
| -rw-r--r-- | lib/orber/examples/Stack/Makefile | 2 | ||||
| -rw-r--r-- | lib/orber/priv/Makefile | 2 | ||||
| -rw-r--r-- | lib/orber/src/Makefile | 2 | ||||
| -rw-r--r-- | lib/orber/src/orber.erl | 14 | ||||
| -rw-r--r-- | lib/orber/src/orber_diagnostics.erl | 2 | ||||
| -rw-r--r-- | lib/orber/src/orber_env.erl | 28 | ||||
| -rw-r--r-- | lib/orber/src/orber_ifr.erl | 2 | ||||
| -rw-r--r-- | lib/orber/src/orber_iiop_net.erl | 8 | ||||
| -rw-r--r-- | lib/orber/src/orber_iiop_pm.erl | 10 | ||||
| -rw-r--r-- | lib/orber/src/orber_tb.erl | 4 | ||||
| -rw-r--r-- | lib/orber/test/Makefile | 1 | ||||
| -rw-r--r-- | lib/orber/test/orber_acl_SUITE.erl | 2 | ||||
| -rw-r--r-- | lib/orber/test/orber_test_lib.erl | 8 |
21 files changed, 148 insertions, 321 deletions
diff --git a/lib/orber/COSS/CosNaming/Makefile b/lib/orber/COSS/CosNaming/Makefile index d4b2079036..064447f148 100644 --- a/lib/orber/COSS/CosNaming/Makefile +++ b/lib/orber/COSS/CosNaming/Makefile @@ -1,7 +1,7 @@ # # %CopyrightBegin% # -# Copyright Ericsson AB 1997-2009. All Rights Reserved. +# Copyright Ericsson AB 1997-2011. All Rights Reserved. # # The contents of this file are subject to the Erlang Public License, # Version 1.1, (the "License"); you may not use this file except in diff --git a/lib/orber/doc/src/Makefile b/lib/orber/doc/src/Makefile index 8a555cb408..68fbe3dce0 100644 --- a/lib/orber/doc/src/Makefile +++ b/lib/orber/doc/src/Makefile @@ -1,7 +1,7 @@ # # %CopyrightBegin% # -# Copyright Ericsson AB 1997-2010. All Rights Reserved. +# Copyright Ericsson AB 1997-2011. All Rights Reserved. # # The contents of this file are subject to the Erlang Public License, # Version 1.1, (the "License"); you may not use this file except in diff --git a/lib/orber/doc/src/ch_install.xml b/lib/orber/doc/src/ch_install.xml index dde4bf4006..de9c0e3a9d 100644 --- a/lib/orber/doc/src/ch_install.xml +++ b/lib/orber/doc/src/ch_install.xml @@ -1,10 +1,10 @@ -<?xml version="1.0" encoding="latin1" ?> +<?xml version="1.0" encoding="iso-8859-1" ?> <!DOCTYPE chapter SYSTEM "chapter.dtd"> <chapter> <header> <copyright> - <year>1997</year><year>2010</year> + <year>1997</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -394,84 +394,16 @@ nodeB@hostB> orber:start(). <cell align="left" valign="middle">The same as <c>iiop_ssl_port</c></cell> </row> <row> - <cell align="left" valign="middle">ssl_server_cacertfile</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_server_certfile</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_server_verify</cell> - <cell align="left" valign="middle">0 | 1 | 2</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_server_depth</cell> - <cell align="left" valign="middle">integer()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_server_password</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_server_keyfile</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_server_ciphers</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> + <cell align="left" valign="middle">ssl_server_options</cell> + <cell align="left" valign="middle">list()</cell> + <cell align="left" valign="middle">See the <seealso marker="ssl:ssl">SSL</seealso> application + for valid options.</cell> </row> <row> - <cell align="left" valign="middle">ssl_server_cachetimeout</cell> - <cell align="left" valign="middle">integer() | infinity</cell> - <cell align="left" valign="middle">infinity</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_cacertfile</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_certfile</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_verify</cell> - <cell align="left" valign="middle">0 | 1 | 2</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_depth</cell> - <cell align="left" valign="middle">integer()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_password</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_keyfile</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_ciphers</cell> - <cell align="left" valign="middle">string()</cell> - <cell align="left" valign="middle">-</cell> - </row> - <row> - <cell align="left" valign="middle">ssl_client_cachetimeout</cell> - <cell align="left" valign="middle">integer() | infinity</cell> - <cell align="left" valign="middle">infinity</cell> + <cell align="left" valign="middle">ssl_client_options</cell> + <cell align="left" valign="middle">list()</cell> + <cell align="left" valign="middle">See the <seealso marker="ssl:ssl">SSL</seealso> application + for valid options.</cell> </row> <row> <cell align="left" valign="middle">iiop_ssl_out_keepalive</cell> @@ -698,40 +630,10 @@ nodeB@hostB> orber:start(). <item>If set, the value must be an integer greater than zero or <c>{local, DefaultNATPort, [{Port, NATPort}]}</c>. See also <seealso marker="ch_install#firewall">Firewall Configuration</seealso>.</item> - <tag><em>ssl_server_cacertfile</em></tag> + <tag><em>ssl_server_options</em></tag> <item>the file path to a server side CA certificate.</item> - <tag><em>ssl_server_certfile</em></tag> - <item>The path to a file containing a chain of PEM encoded certificates.</item> - <tag><em>ssl_server_verify</em></tag> - <item>The type of verification used by SSL during authentication of the - other peer for incoming calls.</item> - <tag><em>ssl_server_depth</em></tag> - <item>The SSL verification depth for outgoing calls.</item> - <tag><em>ssl_server_password</em></tag> - <item>The server side key string.</item> - <tag><em>ssl_server_keyfile</em></tag> - <item>The file path to a server side key.</item> - <tag><em>ssl_server_ciphers</em></tag> - <item>The server side cipher string.</item> - <tag><em>ssl_server_cachetimeout</em></tag> - <item>The server side cache timeout.</item> - <tag><em>ssl_client_cacertfile</em></tag> - <item>The file path to a client side CA certificate.</item> - <tag><em>ssl_client_certfile</em></tag> + <tag><em>ssl_client_options</em></tag> <item>The path to a file containing a chain of PEM encoded certificates.</item> - <tag><em>ssl_client_verify</em></tag> - <item>The type of verification used by SSL during authentication of the - other peer for outgoing calls.</item> - <tag><em>ssl_client_depth</em></tag> - <item>The SSL verification depth for incoming calls.</item> - <tag><em>ssl_client_password</em></tag> - <item>The client side key string.</item> - <tag><em>ssl_client_keyfile</em></tag> - <item>The file path to a client side key.</item> - <tag><em>ssl_client_ciphers</em></tag> - <item>The client side cipher string.</item> - <tag><em>ssl_client_cachetimeout</em></tag> - <item>The client side cache timeout.</item> <tag><em>iiop_ssl_out_keepalive</em></tag> <item>Enables periodic transmission on a connected socket, when no other data is being exchanged. If the other end does not respond, the diff --git a/lib/orber/doc/src/ch_security.xml b/lib/orber/doc/src/ch_security.xml index 938025a629..a25a8a5052 100644 --- a/lib/orber/doc/src/ch_security.xml +++ b/lib/orber/doc/src/ch_security.xml @@ -1,10 +1,10 @@ -<?xml version="1.0" encoding="latin1" ?> +<?xml version="1.0" encoding="iso-8859-1" ?> <!DOCTYPE chapter SYSTEM "chapter.dtd"> <chapter> <header> <copyright> - <year>1999</year><year>2009</year> + <year>1999</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -55,40 +55,15 @@ <section> <title>Configurations when Orber is Used on the Server Side</title> - <p>The following three configuration variables can be used to configure Orber's SSL - behavior on the server side.</p> + <p>There is a variable to conficure Orber's SSL behavior on the server side.</p> <list type="bulleted"> - <item><em>ssl_server_certfile</em> - which is a path to a file containing a - chain of PEM encoded certificates for the Orber domain as server.</item> - <item><em>ssl_server_cacertfile</em> - which is a path to a file containing - a chain of PEM encoded certificates for the Orber domain as server.</item> - <item><em>ssl_server_verify</em> - which specifies type of verification: - 0 = do not verify peer; 1 = verify peer, verify client once, - 2 = verify peer, verify client once, fail if no peer certificate. - The default value is 0.</item> - <item><em>ssl_server_depth</em> - which specifies verification depth, i.e. - how far in a chain of certificates the verification process shall - proceed before the verification is considered successful. The default - value is 1. </item> - <item><em>ssl_server_keyfile</em> - which is a path to a file containing a - PEM encoded key for the Orber domain as server.</item> - <item><em>ssl_server_password</em> - only used if the private keyfile is - password protected.</item> - <item><em>ssl_server_ciphers</em> - which is string of ciphers as a colon - separated list of ciphers.</item> - <item><em>ssl_server_cachetimeout</em> - which is the session cache timeout - in seconds.</item> + <item><em>ssl_server_options</em> - which is a list of options to ssl. + See the <seealso marker="ssl:ssl">SSL</seealso> application for further + descriptions on these options.</item> </list> - <p>There also exist a number of API functions for accessing the values of these variables:</p> + <p>There also exist an API function for accessing the value of this variable:</p> <list type="bulleted"> - <item>orber:ssl_server_certfile/0</item> - <item>orber:ssl_server_cacertfile/0</item> - <item>orber:ssl_server_verify/0</item> - <item>orber:ssl_server_depth/0</item> - <item>orber:ssl_server_keyfile/0</item> - <item>orber:ssl_server_password/0</item> - <item>orber:ssl_server_ciphers/0</item> - <item>orber:ssl_server_cachetimeout/0</item> + <item>orber:ssl_server_options/0</item> </list> </section> @@ -97,50 +72,22 @@ <p>When the Orber enabled application is the client side in the secure connection the different configurations can be set per client process instead and not for the whole domain as for incoming calls.</p> - <p>One can use configuration variables to set default values for the domain but they can be changed - per client process. Below is the list of client configuration variables.</p> + <p>There is a variable to set default values for the domain but they can be changed + per client process.</p> <list type="bulleted"> - <item><em>ssl_client_certfile</em> - which is a path to a file containing a - chain of PEM encoded certificates used in outgoing calls in the current - process.</item> - <item><em>ssl_client_cacertfile</em> - which is a path to a file containing a - chain of PEM encoded CA certificates used in outgoing calls in the - current process.</item> - <item><em>ssl_client_verify</em> - which specifies type of verification: - 0 = do not verify peer; 1 = verify peer, verify client once, - 2 = verify peer, verify client once, fail if no peer certificate. - The default value is 0.</item> - <item><em>ssl_client_depth</em> - which specifies verification depth, i.e. - how far in a chain of certificates the verification process shall proceed - before the verification is considered successful. The default value is 1. </item> - <item><em>ssl_client_keyfile</em> - which is a path to a file containing a - PEM encoded key when Orber act as client side ORB.</item> - <item><em>ssl_client_password</em> - only used if the private keyfile is - password protected.</item> - <item><em>ssl_client_ciphers</em> - which is string of ciphers as a colon - separated list of ciphers.</item> - <item><em>ssl_client_cachetimeout</em> - which is the session cache timeout - in seconds.</item> + <item><em>ssl_client_options</em> - which is a list of options to ssl. + See the <seealso marker="ssl:ssl">SSL</seealso> application for further + descriptions on these options.</item> </list> - <p>There also exist a number of API functions for accessing and changing the values of this - variables in the client processes.</p> - <p>Access functions:</p> + <p>There also exist two API functions for accessing and changing the values of this + variable in the client processes.</p> + <p>Access function:</p> <list type="bulleted"> - <item>orber:ssl_client_certfile/0</item> - <item>orber:ssl_client_cacertfile/0</item> - <item>orber:ssl_client_verify/0</item> - <item>orber:ssl_client_depth/0</item> - <item>orber:ssl_client_keyfile/0</item> - <item>orber:ssl_client_password/0</item> - <item>orber:ssl_client_ciphers/0</item> - <item>orber:ssl_client_cachetimeout/0</item> + <item>orber:ssl_client_options/0</item> </list> - <p>Modify functions:</p> + <p>Modify function:</p> <list type="bulleted"> - <item>orber:set_ssl_client_certfile/1</item> - <item>orber:set_ssl_client_cacertfile/1</item> - <item>orber:set_ssl_client_verify/1</item> - <item>orber:set_ssl_client_depth/1</item> + <item>orber:set_ssl_client_options/1</item> </list> </section> </section> diff --git a/lib/orber/doc/src/corba.xml b/lib/orber/doc/src/corba.xml index cae0e09b0b..08ec555f94 100644 --- a/lib/orber/doc/src/corba.xml +++ b/lib/orber/doc/src/corba.xml @@ -1,10 +1,10 @@ -<?xml version="1.0" encoding="latin1" ?> +<?xml version="1.0" encoding="iso-8859-1" ?> <!DOCTYPE erlref SYSTEM "erlref.dtd"> <erlref> <header> <copyright> - <year>1997</year><year>2009</year> + <year>1997</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -221,8 +221,7 @@ Example: <v>CtxData = {interface, Interface} | {userspecific, term()} | {configuration, Options}</v> <v>Interface = string()</v> <v>Options = [{Key, Value}]</v> - <v>Key = ssl_client_verify | ssl_client_depth | ssl_client_certfile | ssl_client_cacertfile | - ssl_client_password | ssl_client_keyfile | ssl_client_ciphers | ssl_client_cachetimeout</v> + <v>Key = ssl_client_options</v> <v>Value = allowed value associated with the given key</v> <v>Object = #objref</v> </type> @@ -287,8 +286,7 @@ Example: <v>CtxData = {interface, Interface} | {userspecific, term()} | {configuration, Options}</v> <v>Interface = string()</v> <v>Options = [{Key, Value}]</v> - <v>Key = ssl_client_verify | ssl_client_depth | ssl_client_certfile | ssl_client_cacertfile | - ssl_client_password | ssl_client_keyfile | ssl_client_ciphers | ssl_client_cachetimeout</v> + <v>Key = ssl_client_options</v> <v>Value = allowed value associated with the given key</v> <v>Object = #objref</v> </type> @@ -319,8 +317,7 @@ Example: <v>CtxData = {interface, Interface} | {userspecific, term()} | {configuration, Options}</v> <v>Interface = string()</v> <v>Options = [{Key, Value}]</v> - <v>Key = ssl_client_verify | ssl_client_depth | ssl_client_certfile | ssl_client_cacertfile | - ssl_client_password | ssl_client_keyfile | ssl_client_ciphers | ssl_client_cachetimeout</v> + <v>Key = ssl_client_options</v> <v>Value = allowed value associated with the given key</v> <v>ObjectId = string()</v> </type> @@ -360,8 +357,7 @@ Example: <v>CtxData = {interface, Interface} | {userspecific, term()} | {configuration, Options}</v> <v>Interface = string()</v> <v>Options = [{Key, Value}]</v> - <v>Key = ssl_client_verify | ssl_client_depth | ssl_client_certfile | ssl_client_cacertfile | - ssl_client_password | ssl_client_keyfile | ssl_client_ciphers | ssl_client_cachetimeout</v> + <v>Key = ssl_client_options</v> <v>Value = allowed value associated with the given key</v> <v>Object = #objref</v> </type> diff --git a/lib/orber/doc/src/corba_object.xml b/lib/orber/doc/src/corba_object.xml index e0f9a9f503..ef440f1a2d 100644 --- a/lib/orber/doc/src/corba_object.xml +++ b/lib/orber/doc/src/corba_object.xml @@ -1,4 +1,4 @@ -<?xml version="1.0" encoding="latin1" ?> +<?xml version="1.0" encoding="iso-8859-1" ?> <!DOCTYPE erlref SYSTEM "erlref.dtd"> <erlref> @@ -75,8 +75,7 @@ <v>CtxData = {interface, Interface} | {userspecific, term()} | {configuration, Options}</v> <v>Interface = string()</v> <v>Options = [{Key, Value}]</v> - <v>Key = ssl_client_verify | ssl_client_depth | ssl_client_certfile | ssl_client_cacertfile | - ssl_client_password | ssl_client_keyfile | ssl_client_ciphers | ssl_client_cachetimeout</v> + <v>Key = ssl_client_options</v> <v>Value = allowed value associated with the given key</v> <v>Return = boolean() | {'EXCEPTION', E}</v> </type> @@ -117,8 +116,7 @@ <v>CtxData = {interface, Interface} | {userspecific, term()} | {configuration, Options}</v> <v>Interface = string()</v> <v>Options = [{Key, Value}]</v> - <v>Key = ssl_client_verify | ssl_client_depth | ssl_client_certfile | ssl_client_cacertfile | - ssl_client_password | ssl_client_keyfile | ssl_client_ciphers | ssl_client_cachetimeout</v> + <v>Key = ssl_client_options</v> <v>Value = allowed value associated with the given key</v> <v>Return = boolean() | {'EXCEPTION', E}</v> </type> @@ -149,8 +147,7 @@ <v>CtxData = {interface, Interface} | {userspecific, term()} | {configuration, Options}</v> <v>Interface = string()</v> <v>Options = [{Key, Value}]</v> - <v>Key = ssl_client_verify | ssl_client_depth | ssl_client_certfile | ssl_client_cacertfile | - ssl_client_password | ssl_client_keyfile | ssl_client_ciphers | ssl_client_cachetimeout</v> + <v>Key = ssl_client_options</v> <v>Value = allowed value associated with the given key</v> <v>Return = boolean() | {'EXCEPTION', E}</v> </type> diff --git a/lib/orber/doc/src/notes.xml b/lib/orber/doc/src/notes.xml index c8477d9252..35ee5e35dd 100644 --- a/lib/orber/doc/src/notes.xml +++ b/lib/orber/doc/src/notes.xml @@ -32,7 +32,51 @@ <file>notes.xml</file> </header> - <section><title>Orber 3.6.22</title> + <section><title>Orber 3.6.23</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> Remove usage of ssl:seed/1 in orber test cases. </p> + <p> + Own Id: OTP-9728</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p>Erlang/OTP can now be built using parallel make if you + limit the number of jobs, for instance using '<c>make + -j6</c>' or '<c>make -j10</c>'. '<c>make -j</c>' does not + work at the moment because of some missing + dependencies.</p> + <p> + Own Id: OTP-9451</p> + </item> + <item> + <p> The SSL option handling has been changed. There are + now two new orber options <c>ssl_server_options</c> and + <c>ssl_client_options</c> which takes a list of options + to the socket. </p> <p> The old options are now + deprecated and removed from the documentation but they + can still be used for backward compatibility as long as + the two new options not are used. </p> <p> If + <c>ssl_server_options</c> and <c>ssl_client_options</c> + contain an TCP option that <c>orber</c> needs to set to a + specific value it will be skipped and a warning will be + written to the error_log. </p> + <p> + Own Id: OTP-9773 Aux Id: seq11932 </p> + </item> + </list> + </section> + +</section> + +<section><title>Orber 3.6.22</title> <section><title>Fixed Bugs and Malfunctions</title> <list> diff --git a/lib/orber/doc/src/orber.xml b/lib/orber/doc/src/orber.xml index 5e38e4cf9f..35e9f57008 100644 --- a/lib/orber/doc/src/orber.xml +++ b/lib/orber/doc/src/orber.xml @@ -1,10 +1,10 @@ -<?xml version="1.0" encoding="latin1" ?> +<?xml version="1.0" encoding="iso-8859-1" ?> <!DOCTYPE erlref SYSTEM "erlref.dtd"> <erlref> <header> <copyright> - <year>1997</year><year>2010</year> + <year>1997</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -356,7 +356,7 @@ <v>Type = normal | ssl</v> <v>Port = integer() > 0</v> <v>ConfigurationParameters = [{Key, Value}]</v> - <v>Key = flags | iiop_in_connection_timeout | iiop_max_fragments | iiop_max_in_requests | interceptors | iiop_port | iiop_ssl_port</v> + <v>Key = flags | iiop_in_connection_timeout | iiop_max_fragments | iiop_max_in_requests | interceptors | iiop_port | iiop_ssl_port | ssl_server_options</v> <v>Value = as described in the User's Guide</v> <v>Result = {ok, Ref} | {error, Reason} | {'EXCEPTION', #'BAD_PARAM'{}}</v> <v>Ref = #Ref</v> @@ -378,7 +378,7 @@ counterparts (See the <seealso marker="ch_install#config">Configuration</seealso> chapter in the User's Guide). - But the following parameters there are a few restrictions:</p> + But for the following parameters there are a few restrictions:</p> <list type="bulleted"> <item><em>flags</em> - currently it is only possible to override the global setting for the <c>Use Current Interface in IOR</c> and @@ -450,92 +450,32 @@ </desc> </func> <func> - <name>ssl_server_certfile() -> string()</name> - <fsummary>Display the path to the server certificate</fsummary> + <name>ssl_server_options() -> list()</name> + <fsummary>Display the SSL server options</fsummary> <desc> - <p>This function returns a path to a file containing a chain of PEM encoded - certificates for the Orber domain as server. + <p>This function returns the list of SSL options set for the Orber domain as server. This is configured by setting the application variable - <em>ssl_server_certfile</em>.</p> + <em>ssl_server_options</em>.</p> </desc> </func> <func> - <name>ssl_client_certfile() -> string()</name> - <fsummary>Display the path to the client certificate</fsummary> + <name>ssl_client_options() -> list()</name> + <fsummary>Display the SSL client options</fsummary> <desc> - <p>This function returns a path to a file containing a chain of PEM encoded - certificates used in outgoing calls in the current process. + <p>This function returns the list of SSL options used in outgoing calls in the current process. The default value is configured by setting the application variable - <em>ssl_client_certfile</em>.</p> + <em>ssl_client_options</em>.</p> </desc> </func> <func> - <name>set_ssl_client_certfile(Path) -> ok</name> - <fsummary>Set the value of the client certificate</fsummary> + <name>set_ssl_client_options(Options) -> ok</name> + <fsummary>Set the SSL options for the client</fsummary> <type> - <v>Path = string()</v> + <v>Options = list()</v> </type> <desc> - <p>This function takes a path to a file containing a chain of PEM encoded - certificates as parameter and sets it for the current process.</p> - </desc> - </func> - <func> - <name>ssl_server_verify() -> 0 | 1 | 2</name> - <fsummary>Display the SSL verification type for incoming calls</fsummary> - <desc> - <p>This function returns the type of verification used by SSL during authentication of the other - peer for incoming calls. - It is configured by setting the application variable - <em>ssl_server_verify</em>.</p> - </desc> - </func> - <func> - <name>ssl_client_verify() -> 0 | 1 | 2</name> - <fsummary>Display the SSL verification type for outgoing calls</fsummary> - <desc> - <p>This function returns the type of verification used by SSL during authentication of the other - peer for outgoing calls. - The default value is configured by setting the application variable - <em>ssl_client_verify</em>.</p> - </desc> - </func> - <func> - <name>set_ssl_client_verify(Value) -> ok</name> - <fsummary>Set the value of the SSL verification type for outgoing calls</fsummary> - <type> - <v>Value = 0 | 1 | 2</v> - </type> - <desc> - <p>This function sets the SSL verification type for the other peer of outgoing calls.</p> - </desc> - </func> - <func> - <name>ssl_server_depth() -> int()</name> - <fsummary>Display the SSL verification depth for incoming calls</fsummary> - <desc> - <p>This function returns the SSL verification depth for incoming calls. - It is configured by setting the application variable - <em>ssl_server_depth</em>.</p> - </desc> - </func> - <func> - <name>ssl_client_depth() -> int()</name> - <fsummary>Display the SSL verification depth for outgoing calls</fsummary> - <desc> - <p>This function returns the SSL verification depth for outgoing calls. - The default value is configured by setting the application variable - <em>ssl_client_depth</em>.</p> - </desc> - </func> - <func> - <name>set_ssl_client_depth(Depth) -> ok</name> - <fsummary>Sets the value of the SSL verification depth for outgoing calls</fsummary> - <type> - <v>Depth = int()</v> - </type> - <desc> - <p>This function sets the SSL verification depth for the other peer of outgoing calls.</p> + <p>This function takes a list of SSL options as parameter and sets + it for the current process.</p> </desc> </func> <func> diff --git a/lib/orber/examples/Stack/Makefile b/lib/orber/examples/Stack/Makefile index 215e57fcbe..b985f348fa 100644 --- a/lib/orber/examples/Stack/Makefile +++ b/lib/orber/examples/Stack/Makefile @@ -1,7 +1,7 @@ # # %CopyrightBegin% # -# Copyright Ericsson AB 1997-2009. All Rights Reserved. +# Copyright Ericsson AB 1997-2011. All Rights Reserved. # # The contents of this file are subject to the Erlang Public License, # Version 1.1, (the "License"); you may not use this file except in diff --git a/lib/orber/priv/Makefile b/lib/orber/priv/Makefile index 2847727035..af82177466 100644 --- a/lib/orber/priv/Makefile +++ b/lib/orber/priv/Makefile @@ -1,7 +1,7 @@ # # %CopyrightBegin% # -# Copyright Ericsson AB 2001-2009. All Rights Reserved. +# Copyright Ericsson AB 2001-2011. All Rights Reserved. # # The contents of this file are subject to the Erlang Public License, # Version 1.1, (the "License"); you may not use this file except in diff --git a/lib/orber/src/Makefile b/lib/orber/src/Makefile index e812e22b46..d2e98686da 100644 --- a/lib/orber/src/Makefile +++ b/lib/orber/src/Makefile @@ -1,7 +1,7 @@ # # %CopyrightBegin% # -# Copyright Ericsson AB 1997-2009. All Rights Reserved. +# Copyright Ericsson AB 1997-2011. All Rights Reserved. # # The contents of this file are subject to the Erlang Public License, # Version 1.1, (the "License"); you may not use this file except in diff --git a/lib/orber/src/orber.erl b/lib/orber/src/orber.erl index 4e43d42638..5ab240e046 100644 --- a/lib/orber/src/orber.erl +++ b/lib/orber/src/orber.erl @@ -36,7 +36,7 @@ -export([start/0, start/1, stop/0, install/1, install/2, orber_nodes/0, iiop_port/0, domain/0, iiop_ssl_port/0, iiop_out_ports/0, iiop_out_ports_random/0, iiop_out_ports_attempts/0, - ssl_server_opts/0, ssl_client_opts/0, set_ssl_client_opts/1, + ssl_server_options/0, ssl_client_options/0, set_ssl_client_options/1, ssl_server_certfile/0, ssl_client_certfile/0, set_ssl_client_certfile/1, ssl_server_verify/0, ssl_client_verify/0, set_ssl_client_verify/1, ssl_server_depth/0, ssl_client_depth/0, set_ssl_client_depth/1, @@ -525,14 +525,14 @@ iiop_ssl_port() -> nat_iiop_ssl_port() -> orber_env:nat_iiop_ssl_port(). -ssl_server_opts() -> - orber_env:ssl_server_opts(). +ssl_server_options() -> + orber_env:ssl_server_options(). -ssl_client_opts() -> - orber_env:ssl_client_opts(). +ssl_client_options() -> + orber_env:ssl_client_options(). -set_ssl_client_opts(Value) -> - orber_env:set_ssl_client_opts(Value). +set_ssl_client_options(Value) -> + orber_env:set_ssl_client_options(Value). ssl_server_certfile() -> orber_env:ssl_server_certfile(). diff --git a/lib/orber/src/orber_diagnostics.erl b/lib/orber/src/orber_diagnostics.erl index c115d79524..3ab55c448d 100644 --- a/lib/orber/src/orber_diagnostics.erl +++ b/lib/orber/src/orber_diagnostics.erl @@ -2,7 +2,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2003-2009. All Rights Reserved. +%% Copyright Ericsson AB 2003-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in diff --git a/lib/orber/src/orber_env.erl b/lib/orber/src/orber_env.erl index 8fb3908710..8758450104 100644 --- a/lib/orber/src/orber_env.erl +++ b/lib/orber/src/orber_env.erl @@ -2,7 +2,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2004-2010. All Rights Reserved. +%% Copyright Ericsson AB 2004-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -51,7 +51,7 @@ get_local_interceptors/0, get_cached_interceptors/0, set_interceptors/1, is_lightweight/0, get_lightweight_nodes/0, secure/0, iiop_ssl_backlog/0, iiop_ssl_port/0, nat_iiop_ssl_port/0, nat_iiop_ssl_port/1, - ssl_server_opts/0, ssl_client_opts/0, set_ssl_client_opts/1, + ssl_server_options/0, ssl_client_options/0, set_ssl_client_options/1, ssl_server_certfile/0, ssl_client_certfile/0, set_ssl_client_certfile/1, ssl_server_verify/0, ssl_client_verify/0, set_ssl_client_verify/1, ssl_server_depth/0, ssl_client_depth/0, set_ssl_client_depth/1, @@ -101,7 +101,7 @@ ssl_client_cachetimeout, ssl_server_cachetimeout, orber_debug_level, iiop_packet_size, iiop_in_keepalive, iiop_out_keepalive, iiop_ssl_in_keepalive, iiop_ssl_out_keepalive, iiop_ssl_accept_timeout, - ssl_server_opts, ssl_client_opts]). + ssl_server_options, ssl_client_options]). %% The 'flags' parameter must be first in the list. %-define(ENV_KEYS, @@ -926,16 +926,16 @@ nat_iiop_ssl_port(LocalPort) -> -1 end. -ssl_server_opts() -> - case application:get_env(orber, ssl_server_opts) of +ssl_server_options() -> + case application:get_env(orber, ssl_server_options) of {ok, V1} when is_list(V1) -> V1; _ -> [] end. -ssl_client_opts() -> - case application:get_env(orber, ssl_client_opts) of +ssl_client_options() -> + case application:get_env(orber, ssl_client_options) of {ok, V1} when is_list(V1) -> V1; _ -> @@ -961,16 +961,16 @@ check_ssl_opts([binary |T], Acc) -> check_ssl_opts([_ |T], Acc) -> check_ssl_opts(T, Acc). -set_ssl_client_opts(Value) when is_list(Value) -> +set_ssl_client_options(Value) when is_list(Value) -> case check_ssl_opts(Value) of ok -> ok; {error, List} -> exit(lists:flatten( - io_lib:format("TCP options ~p is not allowed in set_ssl_client_opts()", + io_lib:format("TCP options ~p is not allowed in set_ssl_client_options()", [List]))) end, - put(ssl_client_opts, Value), ok. + put(ssl_client_options, Value), ok. ssl_server_certfile() -> case application:get_env(orber, ssl_server_certfile) of @@ -1369,10 +1369,10 @@ configure(iiop_ssl_port, Value, Status) when is_integer(Value) -> do_safe_configure(iiop_ssl_port, Value, Status); %% New SSL options -configure(ssl_server_opts, Value, Status) when is_list(Value) -> - do_safe_configure(ssl_server_opts, Value, Status); -configure(ssl_client_opts, Value, Status) when is_list(Value) -> - do_safe_configure(ssl_client_opts, Value, Status); +configure(ssl_server_options, Value, Status) when is_list(Value) -> + do_safe_configure(ssl_server_options, Value, Status); +configure(ssl_client_options, Value, Status) when is_list(Value) -> + do_safe_configure(ssl_client_options, Value, Status); %% Old SSL options configure(ssl_server_certfile, Value, Status) when is_list(Value) -> diff --git a/lib/orber/src/orber_ifr.erl b/lib/orber/src/orber_ifr.erl index 9631a268e4..c23374cd68 100644 --- a/lib/orber/src/orber_ifr.erl +++ b/lib/orber/src/orber_ifr.erl @@ -2,7 +2,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 1997-2009. All Rights Reserved. +%% Copyright Ericsson AB 1997-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in diff --git a/lib/orber/src/orber_iiop_net.erl b/lib/orber/src/orber_iiop_net.erl index 5620b5d94f..2eed0b538a 100644 --- a/lib/orber/src/orber_iiop_net.erl +++ b/lib/orber/src/orber_iiop_net.erl @@ -2,7 +2,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 1997-2009. All Rights Reserved. +%% Copyright Ericsson AB 1997-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -163,8 +163,8 @@ get_options(normal, _Options) -> []; get_options(ssl, Options) -> SSLOpts = - case orber_tb:keysearch(ssl_server_opts, Options, - orber_env:ssl_server_opts()) of + case orber_tb:keysearch(ssl_server_options, Options, + orber_env:ssl_server_options()) of [] -> Verify = orber_tb:keysearch(ssl_server_verify, Options, orber_env:ssl_server_verify()), @@ -511,6 +511,6 @@ check_old_ssl_server_options(Options) -> _:_ -> io:format("hej\n",[]), error_logger:warning_report([{application, orber}, - "Ignoring deprecated ssl server options used together with the ssl_server_opts"]) + "Ignoring deprecated ssl server options used together with the ssl_server_options"]) end. diff --git a/lib/orber/src/orber_iiop_pm.erl b/lib/orber/src/orber_iiop_pm.erl index d86de36939..927d12b3b2 100644 --- a/lib/orber/src/orber_iiop_pm.erl +++ b/lib/orber/src/orber_iiop_pm.erl @@ -2,7 +2,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 1999-2009. All Rights Reserved. +%% Copyright Ericsson AB 1999-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -109,7 +109,7 @@ connect(Host, Port, SocketType, Timeout, Chars, Wchars, Ctx) get_ssl_socket_options([]) -> SSLOpts = - case orber_env:ssl_client_opts() of + case orber_env:ssl_client_options() of [] -> [{verify, orber_env:ssl_client_verify()}, {depth, orber_env:ssl_client_depth()}, @@ -137,8 +137,8 @@ get_ssl_socket_options([#'IOP_ServiceContext' {context_id=?ORBER_GENERIC_CTX_ID, context_data = {configuration, Options}}|_]) -> SSLOpts = - case orber_tb:keysearch(ssl_client_opts, Options, - orber_env:ssl_client_opts()) of + case orber_tb:keysearch(ssl_client_options, Options, + orber_env:ssl_client_options()) of [] -> Verify = orber_tb:keysearch(ssl_client_verify, Options, orber_env:ssl_client_verify()), @@ -878,7 +878,7 @@ check_old_ssl_client_options(Options) -> catch _:_ -> error_logger:warning_report([{application, orber}, - "Ignoring deprecated ssl client options used together with the ssl_client_opts"]) + "Ignoring deprecated ssl client options used together with the ssl_client_options"]) end. diff --git a/lib/orber/src/orber_tb.erl b/lib/orber/src/orber_tb.erl index cce95f7237..d3e3a8497d 100644 --- a/lib/orber/src/orber_tb.erl +++ b/lib/orber/src/orber_tb.erl @@ -2,7 +2,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2004-2010. All Rights Reserved. +%% Copyright Ericsson AB 2004-2011. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -209,7 +209,7 @@ check_illegal_tcp_options([binary |T], IllegalOpts) -> check_illegal_tcp_options(T,[binary |IllegalOpts]); check_illegal_tcp_options([{reuseaddr, V} |T], IllegalOpts) -> check_illegal_tcp_options(T,[{reuseaddr, V} |IllegalOpts]); -check_illegal_tcp_options([H|T], IllegalOpts) -> +check_illegal_tcp_options([_H|T], IllegalOpts) -> check_illegal_tcp_options(T, IllegalOpts). %%---------------------------------------------------------------------- diff --git a/lib/orber/test/Makefile b/lib/orber/test/Makefile index 996d0d1874..d4be009af3 100644 --- a/lib/orber/test/Makefile +++ b/lib/orber/test/Makefile @@ -176,6 +176,7 @@ clean: rm -f idl_output/* rm -f $(TARGET_FILES) rm -f errs core *~ + rm IDL-GENERATED docs: diff --git a/lib/orber/test/orber_acl_SUITE.erl b/lib/orber/test/orber_acl_SUITE.erl index b43a00be19..49107cde84 100644 --- a/lib/orber/test/orber_acl_SUITE.erl +++ b/lib/orber/test/orber_acl_SUITE.erl @@ -80,7 +80,7 @@ end_per_group(_GroupName, Config) -> %%----------------------------------------------------------------- init_per_suite(Config) -> if - list(Config) -> + is_list(Config) -> Config; true -> exit("Config not a list") diff --git a/lib/orber/test/orber_test_lib.erl b/lib/orber/test/orber_test_lib.erl index 3119bcf281..0ddde49cd6 100644 --- a/lib/orber/test/orber_test_lib.erl +++ b/lib/orber/test/orber_test_lib.erl @@ -372,12 +372,12 @@ get_options(ssl, Role, 2, Options) -> {certfile, filename:join([Dir, Role, "cert.pem"])} |Options]; get_options(iiop_ssl, _Role, 2, Options) -> Dir = filename:join([code:lib_dir(ssl), "examples", "certs", "etc"]), - [{ssl_server_opts, [{depth, 2}, + [{ssl_server_options, [{depth, 2}, {verify, 2}, {certfile, filename:join([Dir, "server", "cert.pem"])}, {cacertfile, filename:join([Dir, "server", "cacerts.pem"])}, {keyfile, filename:join([Dir, "server", "key.pem"])}]}, - {ssl_client_opts, [{depth, 2}, + {ssl_client_options, [{depth, 2}, {verify, 2}, {certfile, filename:join([Dir, "client", "cert.pem"])}, {cacertfile, filename:join([Dir, "client", "cacerts.pem"])}, @@ -385,12 +385,12 @@ get_options(iiop_ssl, _Role, 2, Options) -> {secure, ssl} |Options]; get_options(iiop_ssl, _Role, 1, Options) -> Dir = filename:join([code:lib_dir(ssl), "examples", "certs", "etc"]), - [{ssl_server_opts, [{depth, 1}, + [{ssl_server_options, [{depth, 1}, {verify, 0}, {certfile, filename:join([Dir, "server", "cert.pem"])}, {cacertfile, filename:join([Dir, "server", "cacerts.pem"])}, {keyfile, filename:join([Dir, "server", "key.pem"])}]}, - {ssl_client_opts, [{depth, 1}, + {ssl_client_options, [{depth, 1}, {verify, 0}, {certfile, filename:join([Dir, "client", "cert.pem"])}, {cacertfile, filename:join([Dir, "client", "cacerts.pem"])}, |