[omniORB] omniORB 4.0 vs. JacORB 1.4.1 using Callbacks over SSL

Martin Hellebrandt Martin.Hellebrandt@t-mobile.de
Mon Dec 23 13:11:01 2002


Hello,

while trying to get omniORB and JacORB to use callbacks over an
SSL-encrypted link I observed a little problem. Here's the test setup:

A server using omniORB publishes it's IOR using TAG_SSL_SEC_TRANS. A
client using JacORB connects to the server, correctly using an
SSL-encrypted teansport. The client registers a callback, again
containing an SSL component, but omniORB doesn't correctly analyse the
provided IOR and only generates an addresss for the provided TCP
endpoint. Therefore it calls methods on the callback using an
unencrypted connection.

The reason appers to be a bug in IIOP::unmarshalMultiComponentProfile()
or it's callers. The components field in the passed 'body' is already
populated and will be overwritten in 
IIOP::unmarshalMultiComponentProfile(). Therefore the TAG_SSL_SEC_TRANS
component from the iiop profile is lost and no address is generated for
it. 

The following hack solved the problem for me but I don't know what else
it might break. It's only provided to give an idea about what's going
wrong.

Best regards,

Martin


--- ior.cc      2002-08-16 18:00:50.000000000 +0200
+++ ior_patched.cc      2002-12-23 14:03:29.000000000 +0100
@@ -423,8 +423,9 @@
     if (!s.checkInputOverrun(1,total))
       OMNIORB_THROW(MARSHAL,MARSHAL_InvalidIOR,CORBA::COMPLETED_NO);
 
+    total += body.length();
     body.length(total);
-    for (CORBA::ULong index = 0; index<total; index++) {
+    for (CORBA::ULong index = body.length(); index<total; index++) {
       body[index] <<= s;
     }
   }