zeroc-ice 3.6.2 → 3.6.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/slice2rb +0 -0
- data/ext/Slice.cpp +32 -39
- data/ext/ice/cpp/include/Ice/BasicStream.h +15 -4
- data/ext/ice/cpp/include/Ice/BuiltinSequences.h +2 -2
- data/ext/ice/cpp/include/Ice/Communicator.h +2 -2
- data/ext/ice/cpp/include/Ice/CommunicatorF.h +2 -2
- data/ext/ice/cpp/include/Ice/Connection.h +2 -2
- data/ext/ice/cpp/include/Ice/ConnectionF.h +2 -2
- data/ext/ice/cpp/include/Ice/Current.h +2 -2
- data/ext/ice/cpp/include/Ice/Endpoint.h +2 -2
- data/ext/ice/cpp/include/Ice/EndpointF.h +2 -2
- data/ext/ice/cpp/include/Ice/EndpointTypes.h +2 -2
- data/ext/ice/cpp/include/Ice/FacetMap.h +2 -2
- data/ext/ice/cpp/include/Ice/Identity.h +2 -2
- data/ext/ice/cpp/include/Ice/ImplicitContext.h +2 -2
- data/ext/ice/cpp/include/Ice/ImplicitContextF.h +2 -2
- data/ext/ice/cpp/include/Ice/Instrumentation.h +2 -2
- data/ext/ice/cpp/include/Ice/InstrumentationF.h +2 -2
- data/ext/ice/cpp/include/Ice/LocalException.h +2 -2
- data/ext/ice/cpp/include/Ice/Locator.h +2 -2
- data/ext/ice/cpp/include/Ice/LocatorF.h +2 -2
- data/ext/ice/cpp/include/Ice/Logger.h +2 -2
- data/ext/ice/cpp/include/Ice/LoggerF.h +2 -2
- data/ext/ice/cpp/include/Ice/Metrics.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectAdapter.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectAdapterF.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectFactory.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectFactoryF.h +2 -2
- data/ext/ice/cpp/include/Ice/Plugin.h +2 -2
- data/ext/ice/cpp/include/Ice/PluginF.h +2 -2
- data/ext/ice/cpp/include/Ice/Process.h +2 -2
- data/ext/ice/cpp/include/Ice/ProcessF.h +2 -2
- data/ext/ice/cpp/include/Ice/Properties.h +2 -2
- data/ext/ice/cpp/include/Ice/PropertiesAdmin.h +2 -2
- data/ext/ice/cpp/include/Ice/PropertiesF.h +2 -2
- data/ext/ice/cpp/include/Ice/RemoteLogger.h +2 -2
- data/ext/ice/cpp/include/Ice/Router.h +2 -2
- data/ext/ice/cpp/include/Ice/RouterF.h +2 -2
- data/ext/ice/cpp/include/Ice/ServantLocator.h +2 -2
- data/ext/ice/cpp/include/Ice/ServantLocatorF.h +2 -2
- data/ext/ice/cpp/include/Ice/SliceChecksumDict.h +2 -2
- data/ext/ice/cpp/include/Ice/SlicedData.h +6 -0
- data/ext/ice/cpp/include/Ice/Version.h +2 -2
- data/ext/ice/cpp/include/IceSSL/ConnectionInfo.h +2 -2
- data/ext/ice/cpp/include/IceSSL/EndpointInfo.h +2 -2
- data/ext/ice/cpp/include/IceUtil/Config.h +86 -26
- data/ext/ice/cpp/include/IceUtil/IconvStringConverter.h +1 -1
- data/ext/ice/cpp/include/IceUtil/Time.h +3 -2
- data/ext/ice/cpp/include/Slice/PythonUtil.h +1 -1
- data/ext/ice/cpp/include/Slice/RubyUtil.h +1 -1
- data/ext/ice/cpp/include/Slice/Util.h +5 -0
- data/ext/ice/cpp/src/Ice/BuiltinSequences.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Communicator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/CommunicatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Connection.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ConnectionF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ConnectionFactory.cpp +57 -42
- data/ext/ice/cpp/src/Ice/ConnectionFactory.h +2 -0
- data/ext/ice/cpp/src/Ice/Current.cpp +2 -2
- data/ext/ice/cpp/src/Ice/DynamicLibrary.cpp +9 -5
- data/ext/ice/cpp/src/Ice/Endpoint.cpp +2 -2
- data/ext/ice/cpp/src/Ice/EndpointF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/EndpointTypes.cpp +2 -2
- data/ext/ice/cpp/src/Ice/FacetMap.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Identity.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ImplicitContext.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ImplicitContextF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Incoming.cpp +11 -4
- data/ext/ice/cpp/src/Ice/Instance.cpp +4 -2
- data/ext/ice/cpp/src/Ice/Instrumentation.cpp +2 -2
- data/ext/ice/cpp/src/Ice/InstrumentationF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/InstrumentationI.cpp +1 -3
- data/ext/ice/cpp/src/Ice/LocalException.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Locator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LocatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Logger.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LoggerF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LoggerI.cpp +94 -5
- data/ext/ice/cpp/src/Ice/LoggerI.h +7 -1
- data/ext/ice/cpp/src/Ice/Metrics.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Network.cpp +23 -7
- data/ext/ice/cpp/src/Ice/Network.h +1 -1
- data/ext/ice/cpp/src/Ice/ObjectAdapter.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectAdapterF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectFactory.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectFactoryF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Plugin.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PluginF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PluginManagerI.cpp +5 -0
- data/ext/ice/cpp/src/Ice/Process.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ProcessF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Properties.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertiesAdmin.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertiesF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertyNames.cpp +4 -3
- data/ext/ice/cpp/src/Ice/PropertyNames.h +1 -1
- data/ext/ice/cpp/src/Ice/RemoteLogger.cpp +2 -2
- data/ext/ice/cpp/src/Ice/RetryQueue.cpp +1 -1
- data/ext/ice/cpp/src/Ice/Router.cpp +2 -2
- data/ext/ice/cpp/src/Ice/RouterF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ServantLocator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ServantLocatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/SliceChecksumDict.cpp +2 -2
- data/ext/ice/cpp/src/Ice/StreamSocket.cpp +19 -3
- data/ext/ice/cpp/src/Ice/Version.cpp +2 -2
- data/ext/ice/cpp/src/Ice/WSConnector.h +2 -2
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.cpp +2 -2
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.h +2 -2
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.cpp +2 -2
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.h +2 -2
- data/ext/ice/cpp/src/IceSSL/ConnectionInfo.cpp +2 -2
- data/ext/ice/cpp/src/IceSSL/EndpointInfo.cpp +2 -2
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.cpp +54 -39
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +5 -8
- data/ext/ice/cpp/src/IceSSL/Util.cpp +155 -4
- data/ext/ice/cpp/src/IceUtil/Cond.cpp +1 -1
- data/ext/ice/cpp/src/IceUtil/FileUtil.cpp +8 -0
- data/ext/ice/cpp/src/IceUtil/FileUtil.h +18 -5
- data/ext/ice/cpp/src/IceUtil/OutputUtil.cpp +5 -5
- data/ext/ice/cpp/src/IceUtil/Time.cpp +25 -17
- data/ext/ice/cpp/src/Slice/JavaUtil.cpp +5 -11
- data/ext/ice/cpp/src/Slice/Preprocessor.cpp +3 -3
- data/ext/ice/cpp/src/Slice/Python.cpp +14 -17
- data/ext/ice/cpp/src/Slice/PythonUtil.cpp +183 -48
- data/ext/ice/cpp/src/Slice/Ruby.cpp +6 -6
- data/ext/ice/cpp/src/Slice/RubyUtil.cpp +0 -10
- data/ext/ice/cpp/src/Slice/Util.cpp +28 -3
- data/ext/ice/mcpp/Makefile +10 -6
- data/ext/ice/mcpp/configed.H +3 -0
- data/ext/ice/mcpp/main.c +2 -2
- data/ext/ice/mcpp/mcpp.gyp +6 -0
- data/ext/ice/mcpp/support.c +1 -1
- data/ext/ice/mcpp/system.H +6 -1
- data/ext/ice/mcpp/system.c +52 -15
- data/ice.gemspec +1 -1
- data/lib/Glacier2/Metrics.rb +1 -1
- data/lib/Glacier2/PermissionsVerifier.rb +1 -1
- data/lib/Glacier2/PermissionsVerifierF.rb +1 -1
- data/lib/Glacier2/Router.rb +1 -1
- data/lib/Glacier2/RouterF.rb +1 -1
- data/lib/Glacier2/SSLInfo.rb +1 -1
- data/lib/Glacier2/Session.rb +1 -1
- data/lib/Ice/BuiltinSequences.rb +1 -1
- data/lib/Ice/Communicator.rb +1 -1
- data/lib/Ice/CommunicatorF.rb +1 -1
- data/lib/Ice/Connection.rb +1 -1
- data/lib/Ice/ConnectionF.rb +1 -1
- data/lib/Ice/Current.rb +1 -1
- data/lib/Ice/Endpoint.rb +1 -1
- data/lib/Ice/EndpointF.rb +1 -1
- data/lib/Ice/EndpointTypes.rb +1 -1
- data/lib/Ice/FacetMap.rb +1 -1
- data/lib/Ice/Identity.rb +1 -1
- data/lib/Ice/ImplicitContext.rb +1 -1
- data/lib/Ice/ImplicitContextF.rb +1 -1
- data/lib/Ice/Instrumentation.rb +1 -1
- data/lib/Ice/InstrumentationF.rb +1 -1
- data/lib/Ice/LocalException.rb +1 -1
- data/lib/Ice/Locator.rb +1 -1
- data/lib/Ice/LocatorF.rb +1 -1
- data/lib/Ice/Logger.rb +1 -1
- data/lib/Ice/LoggerF.rb +1 -1
- data/lib/Ice/Metrics.rb +1 -1
- data/lib/Ice/ObjectAdapterF.rb +1 -1
- data/lib/Ice/ObjectFactory.rb +1 -1
- data/lib/Ice/ObjectFactoryF.rb +1 -1
- data/lib/Ice/Plugin.rb +1 -1
- data/lib/Ice/PluginF.rb +1 -1
- data/lib/Ice/Process.rb +1 -1
- data/lib/Ice/ProcessF.rb +1 -1
- data/lib/Ice/Properties.rb +1 -1
- data/lib/Ice/PropertiesAdmin.rb +1 -1
- data/lib/Ice/PropertiesF.rb +1 -1
- data/lib/Ice/RemoteLogger.rb +1 -1
- data/lib/Ice/Router.rb +1 -1
- data/lib/Ice/RouterF.rb +1 -1
- data/lib/Ice/SliceChecksumDict.rb +1 -1
- data/lib/Ice/Version.rb +1 -1
- data/lib/IceBox/IceBox.rb +1 -1
- data/lib/IceGrid/Admin.rb +1 -1
- data/lib/IceGrid/Descriptor.rb +1 -1
- data/lib/IceGrid/Exception.rb +1 -1
- data/lib/IceGrid/FileParser.rb +1 -1
- data/lib/IceGrid/Locator.rb +1 -1
- data/lib/IceGrid/Observer.rb +1 -1
- data/lib/IceGrid/Query.rb +1 -1
- data/lib/IceGrid/Registry.rb +1 -1
- data/lib/IceGrid/Session.rb +1 -1
- data/lib/IceGrid/UserAccountMapper.rb +1 -1
- data/lib/IcePatch2/FileInfo.rb +1 -1
- data/lib/IcePatch2/FileServer.rb +1 -1
- data/lib/IceStorm/IceStorm.rb +1 -1
- data/lib/IceStorm/Metrics.rb +1 -1
- data/slice/Glacier2/PermissionsVerifier.ice +0 -3
- data/slice/Glacier2/Session.ice +2 -9
- data/slice/Ice/Communicator.ice +3 -3
- data/slice/Ice/ImplicitContext.ice +4 -5
- data/slice/Ice/Instrumentation.ice +26 -26
- data/slice/Ice/LocalException.ice +1 -1
- data/slice/Ice/Locator.ice +5 -3
- data/slice/Ice/Metrics.ice +1 -1
- data/slice/Ice/ObjectFactory.ice +0 -2
- data/slice/Ice/RemoteLogger.ice +32 -32
- data/slice/Ice/Router.ice +3 -0
- data/slice/IceGrid/Session.ice +5 -9
- data/slice/IceLocatorDiscovery/IceLocatorDiscovery.ice +7 -7
- data/slice/IcePatch2/FileServer.ice +28 -34
- metadata +30 -30
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
# if ICE_INT_VERSION % 100 > 50
|
|
36
36
|
# error Beta header file detected
|
|
37
37
|
# endif
|
|
38
|
-
# if ICE_INT_VERSION % 100 <
|
|
38
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
39
39
|
# error Ice patch level mismatch!
|
|
40
40
|
# endif
|
|
41
41
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -44,7 +44,7 @@
|
|
|
44
44
|
# if ICE_INT_VERSION % 100 > 50
|
|
45
45
|
# error Beta header file detected
|
|
46
46
|
# endif
|
|
47
|
-
# if ICE_INT_VERSION % 100 <
|
|
47
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
48
48
|
# error Ice patch level mismatch!
|
|
49
49
|
# endif
|
|
50
50
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
# if ICE_INT_VERSION % 100 > 50
|
|
36
36
|
# error Beta header file detected
|
|
37
37
|
# endif
|
|
38
|
-
# if ICE_INT_VERSION % 100 <
|
|
38
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
39
39
|
# error Ice patch level mismatch!
|
|
40
40
|
# endif
|
|
41
41
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -46,7 +46,7 @@
|
|
|
46
46
|
# if ICE_INT_VERSION % 100 > 50
|
|
47
47
|
# error Beta header file detected
|
|
48
48
|
# endif
|
|
49
|
-
# if ICE_INT_VERSION % 100 <
|
|
49
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
50
50
|
# error Ice patch level mismatch!
|
|
51
51
|
# endif
|
|
52
52
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
# if ICE_INT_VERSION % 100 > 50
|
|
36
36
|
# error Beta header file detected
|
|
37
37
|
# endif
|
|
38
|
-
# if ICE_INT_VERSION % 100 <
|
|
38
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
39
39
|
# error Ice patch level mismatch!
|
|
40
40
|
# endif
|
|
41
41
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -34,7 +34,7 @@
|
|
|
34
34
|
# if ICE_INT_VERSION % 100 > 50
|
|
35
35
|
# error Beta header file detected
|
|
36
36
|
# endif
|
|
37
|
-
# if ICE_INT_VERSION % 100 <
|
|
37
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
38
38
|
# error Ice patch level mismatch!
|
|
39
39
|
# endif
|
|
40
40
|
#endif
|
|
@@ -42,7 +42,10 @@ namespace
|
|
|
42
42
|
IceUtil::Mutex* staticMutex = 0;
|
|
43
43
|
int instanceCount = 0;
|
|
44
44
|
bool initOpenSSL = false;
|
|
45
|
+
|
|
46
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
45
47
|
IceUtil::Mutex* locks = 0;
|
|
48
|
+
#endif
|
|
46
49
|
|
|
47
50
|
class Init
|
|
48
51
|
{
|
|
@@ -55,14 +58,22 @@ public:
|
|
|
55
58
|
|
|
56
59
|
~Init()
|
|
57
60
|
{
|
|
58
|
-
|
|
59
|
-
|
|
61
|
+
//
|
|
62
|
+
// OpenSSL 1.1.0 introduces a new thread API and removes
|
|
63
|
+
// the need to use a custom thread callback.
|
|
64
|
+
//
|
|
65
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
66
|
+
CRYPTO_set_locking_callback(0);
|
|
67
|
+
CRYPTO_set_id_callback(0);
|
|
60
68
|
|
|
61
69
|
if(locks)
|
|
62
70
|
{
|
|
63
71
|
delete[] locks;
|
|
64
72
|
locks = 0;
|
|
65
73
|
}
|
|
74
|
+
#endif
|
|
75
|
+
delete staticMutex;
|
|
76
|
+
staticMutex = 0;
|
|
66
77
|
}
|
|
67
78
|
};
|
|
68
79
|
|
|
@@ -72,6 +83,11 @@ Init init;
|
|
|
72
83
|
extern "C"
|
|
73
84
|
{
|
|
74
85
|
|
|
86
|
+
//
|
|
87
|
+
// OpenSSL 1.1.0 introduces a new thread API and removes
|
|
88
|
+
// the need to use a custom thread callback.
|
|
89
|
+
//
|
|
90
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
75
91
|
//
|
|
76
92
|
// OpenSSL mutex callback.
|
|
77
93
|
//
|
|
@@ -102,7 +118,7 @@ IceSSL_opensslThreadIdCallback()
|
|
|
102
118
|
// On some platforms, pthread_t is a pointer to a per-thread structure.
|
|
103
119
|
//
|
|
104
120
|
return reinterpret_cast<unsigned long>(pthread_self());
|
|
105
|
-
# elif
|
|
121
|
+
# elif defined(__linux) || defined(__sun) || defined(__hpux) || defined(_AIX) || defined(__GLIBC__)
|
|
106
122
|
//
|
|
107
123
|
// On Linux, Solaris, HP-UX and AIX, pthread_t is an integer.
|
|
108
124
|
//
|
|
@@ -111,6 +127,7 @@ IceSSL_opensslThreadIdCallback()
|
|
|
111
127
|
# error "Unknown platform"
|
|
112
128
|
# endif
|
|
113
129
|
}
|
|
130
|
+
#endif
|
|
114
131
|
|
|
115
132
|
int
|
|
116
133
|
IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData)
|
|
@@ -141,7 +158,12 @@ IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData)
|
|
|
141
158
|
DH*
|
|
142
159
|
IceSSL_opensslDHCallback(SSL* ssl, int /*isExport*/, int keyLength)
|
|
143
160
|
{
|
|
144
|
-
|
|
161
|
+
# if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
162
|
+
SSL_CTX* ctx = SSL_get_SSL_CTX(ssl);
|
|
163
|
+
# else
|
|
164
|
+
SSL_CTX* ctx = ssl->ctx;
|
|
165
|
+
# endif
|
|
166
|
+
OpenSSLEngine* p = reinterpret_cast<OpenSSLEngine*>(SSL_CTX_get_ex_data(ctx, 0));
|
|
145
167
|
return p->dhParams(keyLength);
|
|
146
168
|
}
|
|
147
169
|
# endif
|
|
@@ -193,6 +215,11 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) :
|
|
|
193
215
|
initOpenSSL = properties->getPropertyAsIntWithDefault("IceSSL.InitOpenSSL", 1) > 0;
|
|
194
216
|
if(initOpenSSL)
|
|
195
217
|
{
|
|
218
|
+
|
|
219
|
+
//
|
|
220
|
+
// OpenSSL 1.1.0 remove the need for library initialization and cleanup.
|
|
221
|
+
//
|
|
222
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
196
223
|
//
|
|
197
224
|
// Create the mutexes and set the callbacks.
|
|
198
225
|
//
|
|
@@ -218,13 +245,11 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) :
|
|
|
218
245
|
// load private key files generated by OpenSSL 1.x.
|
|
219
246
|
//
|
|
220
247
|
OpenSSL_add_all_algorithms();
|
|
248
|
+
#endif
|
|
221
249
|
|
|
222
250
|
//
|
|
223
251
|
// Initialize the PRNG.
|
|
224
252
|
//
|
|
225
|
-
# ifdef WINDOWS
|
|
226
|
-
RAND_screen(); // Uses data from the screen if possible.
|
|
227
|
-
# endif
|
|
228
253
|
char randFile[1024];
|
|
229
254
|
if(RAND_file_name(randFile, sizeof(randFile))) // Gets the name of a default seed file.
|
|
230
255
|
{
|
|
@@ -298,6 +323,10 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) :
|
|
|
298
323
|
|
|
299
324
|
OpenSSLEngine::~OpenSSLEngine()
|
|
300
325
|
{
|
|
326
|
+
//
|
|
327
|
+
// OpenSSL 1.1.0 remove the need for library initialization and cleanup.
|
|
328
|
+
//
|
|
329
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
301
330
|
//
|
|
302
331
|
// Clean up OpenSSL resources.
|
|
303
332
|
//
|
|
@@ -320,6 +349,7 @@ OpenSSLEngine::~OpenSSLEngine()
|
|
|
320
349
|
ERR_free_strings();
|
|
321
350
|
EVP_cleanup();
|
|
322
351
|
}
|
|
352
|
+
#endif
|
|
323
353
|
}
|
|
324
354
|
|
|
325
355
|
bool
|
|
@@ -369,6 +399,18 @@ OpenSSLEngine::initialize()
|
|
|
369
399
|
"IceSSL: unable to create SSL context:\n" + sslErrors());
|
|
370
400
|
}
|
|
371
401
|
|
|
402
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
403
|
+
int securityLevel = properties->getPropertyAsIntWithDefault(propPrefix + "SecurityLevel", -1);
|
|
404
|
+
if(securityLevel != -1)
|
|
405
|
+
{
|
|
406
|
+
SSL_CTX_set_security_level(_ctx, securityLevel);
|
|
407
|
+
if(SSL_CTX_get_security_level(_ctx) != securityLevel)
|
|
408
|
+
{
|
|
409
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
|
410
|
+
"IceSSL: unable to set SSL security level:\n" + sslErrors());
|
|
411
|
+
}
|
|
412
|
+
}
|
|
413
|
+
#endif
|
|
372
414
|
//
|
|
373
415
|
// Check for a default directory. We look in this directory for
|
|
374
416
|
// files mentioned in the configuration.
|
|
@@ -425,37 +467,6 @@ OpenSSLEngine::initialize()
|
|
|
425
467
|
}
|
|
426
468
|
}
|
|
427
469
|
|
|
428
|
-
if(!file && !dir)
|
|
429
|
-
{
|
|
430
|
-
// Deprecated properties
|
|
431
|
-
path = properties->getProperty(propPrefix + "CertAuthFile");
|
|
432
|
-
if(!path.empty())
|
|
433
|
-
{
|
|
434
|
-
if(!checkPath(path, defaultDir, false, resolved))
|
|
435
|
-
{
|
|
436
|
-
throw PluginInitializationException(__FILE__, __LINE__,
|
|
437
|
-
"IceSSL: CA certificate file not found:\n" + path);
|
|
438
|
-
}
|
|
439
|
-
path = resolved;
|
|
440
|
-
file = path.c_str();
|
|
441
|
-
}
|
|
442
|
-
else
|
|
443
|
-
{
|
|
444
|
-
path = properties->getProperty(propPrefix + "CertAuthDir");
|
|
445
|
-
if(!path.empty())
|
|
446
|
-
{
|
|
447
|
-
if(!checkPath(path, defaultDir, true, resolved))
|
|
448
|
-
{
|
|
449
|
-
throw PluginInitializationException(__FILE__, __LINE__,
|
|
450
|
-
"IceSSL: CA certificate directory not found:\n" +
|
|
451
|
-
path);
|
|
452
|
-
}
|
|
453
|
-
path = resolved;
|
|
454
|
-
dir = path.c_str();
|
|
455
|
-
}
|
|
456
|
-
}
|
|
457
|
-
}
|
|
458
|
-
|
|
459
470
|
if(file || dir)
|
|
460
471
|
{
|
|
461
472
|
//
|
|
@@ -525,6 +536,7 @@ OpenSSLEngine::initialize()
|
|
|
525
536
|
"IceSSL: certificate file not found:\n" + file);
|
|
526
537
|
}
|
|
527
538
|
file = resolved;
|
|
539
|
+
|
|
528
540
|
//
|
|
529
541
|
// First we try to load the certificate using PKCS12 format if that fails
|
|
530
542
|
// we fallback to PEM format.
|
|
@@ -942,6 +954,9 @@ OpenSSLEngine::parseProtocols(const StringSeq& protocols) const
|
|
|
942
954
|
SSL_METHOD*
|
|
943
955
|
OpenSSLEngine::getMethod(int /*protocols*/)
|
|
944
956
|
{
|
|
957
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
958
|
+
SSL_METHOD* meth = const_cast<SSL_METHOD*>(TLS_method());
|
|
959
|
+
#else
|
|
945
960
|
//
|
|
946
961
|
// Despite its name, the SSLv23 method can negotiate SSL3, TLS1.0, TLS1.1, and TLS1.2.
|
|
947
962
|
// We use the const_cast for backward compatibility with older OpenSSL releases.
|
|
@@ -956,7 +971,7 @@ OpenSSLEngine::getMethod(int /*protocols*/)
|
|
|
956
971
|
meth = const_cast<SSL_METHOD*>(TLSv1_2_method());
|
|
957
972
|
}
|
|
958
973
|
*/
|
|
959
|
-
|
|
974
|
+
#endif
|
|
960
975
|
return meth;
|
|
961
976
|
}
|
|
962
977
|
|
|
@@ -136,7 +136,7 @@ checkTrustResult(SecTrustRef trust, const SecureTransportEnginePtr& engine, cons
|
|
|
136
136
|
}
|
|
137
137
|
default:
|
|
138
138
|
// case kSecTrustResultInvalid:
|
|
139
|
-
//
|
|
139
|
+
// case kSecTrustResultConfirm: // Used in old OS X versions
|
|
140
140
|
// case kSecTrustResultDeny:
|
|
141
141
|
// case kSecTrustResultRecoverableTrustFailure:
|
|
142
142
|
// case kSecTrustResultFatalTrustFailure:
|
|
@@ -225,14 +225,11 @@ IceSSL::TransceiverI::initialize(IceInternal::Buffer& readBuffer, IceInternal::B
|
|
|
225
225
|
{
|
|
226
226
|
assert(!_trust);
|
|
227
227
|
err = SSLCopyPeerTrust(_ssl, &_trust);
|
|
228
|
-
if(_incoming &&
|
|
228
|
+
if(_incoming && _engine->getVerifyPeer() == 1 && (err == errSSLBadCert || _trust == 0))
|
|
229
229
|
{
|
|
230
|
-
//
|
|
231
|
-
//
|
|
232
|
-
// certificate
|
|
233
|
-
// configured to verify to not require the client
|
|
234
|
-
// certificate so we ignore the failure.
|
|
235
|
-
//
|
|
230
|
+
// This is expected if the client doesn't provide a certificate. With 10.10 and 10.11 errSSLBadCert
|
|
231
|
+
// is expected, the server is configured to verify but not require the client
|
|
232
|
+
// certificate so we ignore the failure. In 10.12 there is no error and trust is 0.
|
|
236
233
|
continue;
|
|
237
234
|
}
|
|
238
235
|
if(err == noErr)
|
|
@@ -109,7 +109,8 @@ parseBytes(const string& arg, vector<unsigned char>& buffer)
|
|
|
109
109
|
namespace
|
|
110
110
|
{
|
|
111
111
|
|
|
112
|
-
#
|
|
112
|
+
# ifndef OPENSSL_NO_DH
|
|
113
|
+
# if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
113
114
|
|
|
114
115
|
// The following arrays are predefined Diffie Hellman group parameters.
|
|
115
116
|
// These are known strong primes, distributed with the OpenSSL library
|
|
@@ -223,11 +224,127 @@ unsigned char dh4096_p[] =
|
|
|
223
224
|
|
|
224
225
|
unsigned char dh4096_g[] = { 0x02 };
|
|
225
226
|
|
|
227
|
+
# else
|
|
228
|
+
//
|
|
229
|
+
// With OpenSSL 1.1.0 is no longer possible to acess the DH p and g
|
|
230
|
+
// data members to set the DH params. We still use the same default
|
|
231
|
+
// parameters but they were converted to DER format using
|
|
232
|
+
// i2d_DHparams and can be restored using d2i_DHparams
|
|
233
|
+
|
|
234
|
+
unsigned char dh512[] =
|
|
235
|
+
{
|
|
236
|
+
0x30,0x46,0x02,0x41,0x00,0xF5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,
|
|
237
|
+
0x40,0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,
|
|
238
|
+
0x03,0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,
|
|
239
|
+
0xAB,0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,
|
|
240
|
+
0x5D,0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,
|
|
241
|
+
0xAB,0xA2,0x5E,0xC3,0x55,0xE9,0x2A,0x05,0x5F,0x02,0x01,0x02,
|
|
242
|
+
};
|
|
243
|
+
|
|
244
|
+
unsigned char dh1024[] =
|
|
245
|
+
{
|
|
246
|
+
0x30,0x81,0x87,0x02,0x81,0x81,0x00,0xF4,0x88,0xFD,0x58,0x4E,
|
|
247
|
+
0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,0x33,
|
|
248
|
+
0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,0x5B,
|
|
249
|
+
0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,0x18,
|
|
250
|
+
0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,0x7C,
|
|
251
|
+
0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,0xB5,
|
|
252
|
+
0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,0x84,
|
|
253
|
+
0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,0x7A,
|
|
254
|
+
0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,0x02,
|
|
255
|
+
0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,0xBD,
|
|
256
|
+
0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,0xE9,
|
|
257
|
+
0x2F,0x78,0xC7,0x02,0x01,0x02,
|
|
258
|
+
};
|
|
259
|
+
|
|
260
|
+
unsigned char dh2048[] =
|
|
261
|
+
{
|
|
262
|
+
0x30,0x82,0x01,0x08,0x02,0x82,0x01,0x01,0x00,0xF6,0x42,0x57,
|
|
263
|
+
0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,0xA9,0x42,0xF3,
|
|
264
|
+
0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,0x6E,0xB9,0x4B,
|
|
265
|
+
0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,0x8F,0x40,0x55,
|
|
266
|
+
0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,0xF7,0x4C,0x64,
|
|
267
|
+
0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,0xD4,0xA1,0xD3,
|
|
268
|
+
0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,0x3D,0x3D,0x8D,
|
|
269
|
+
0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,0xB8,0xAE,0x74,
|
|
270
|
+
0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,0x61,0xCE,0x7C,
|
|
271
|
+
0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,0xC7,0x01,0xAA,
|
|
272
|
+
0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,0x1A,0xF0,0xBF,
|
|
273
|
+
0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,0x4E,0x49,0xDB,
|
|
274
|
+
0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,0x33,0x6C,0x38,
|
|
275
|
+
0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,0x5B,0x2D,0x8E,
|
|
276
|
+
0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,0x18,0x8D,0x8E,
|
|
277
|
+
0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,0x7C,0x17,0x57,
|
|
278
|
+
0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,0xB5,0x2A,0xFF,
|
|
279
|
+
0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A,
|
|
280
|
+
0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95,
|
|
281
|
+
0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3,
|
|
282
|
+
0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B,
|
|
283
|
+
0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,0xE9,0x32,0x0B,
|
|
284
|
+
0x3B,0x02,0x01,0x02,
|
|
285
|
+
};
|
|
286
|
+
|
|
287
|
+
unsigned char dh4096[] =
|
|
288
|
+
{
|
|
289
|
+
0x30,0x82,0x02,0x08,0x02,0x82,0x02,0x01,0x00,0xFA,0x14,0x72,
|
|
290
|
+
0x52,0xC1,0x4D,0xE1,0x5A,0x49,0xD4,0xEF,0x09,0x2D,0xC0,0xA8,
|
|
291
|
+
0xFD,0x55,0xAB,0xD7,0xD9,0x37,0x04,0x28,0x09,0xE2,0xE9,0x3E,
|
|
292
|
+
0x77,0xE2,0xA1,0x7A,0x18,0xDD,0x46,0xA3,0x43,0x37,0x23,0x90,
|
|
293
|
+
0x97,0xF3,0x0E,0xC9,0x03,0x50,0x7D,0x65,0xCF,0x78,0x62,0xA6,
|
|
294
|
+
0x3A,0x62,0x22,0x83,0xA1,0x2F,0xFE,0x79,0xBA,0x35,0xFF,0x59,
|
|
295
|
+
0xD8,0x1D,0x61,0xDD,0x1E,0x21,0x13,0x17,0xFE,0xCD,0x38,0x87,
|
|
296
|
+
0x9E,0xF5,0x4F,0x79,0x10,0x61,0x8D,0xD4,0x22,0xF3,0x5A,0xED,
|
|
297
|
+
0x5D,0xEA,0x21,0xE9,0x33,0x6B,0x48,0x12,0x0A,0x20,0x77,0xD4,
|
|
298
|
+
0x25,0x60,0x61,0xDE,0xF6,0xB4,0x4F,0x1C,0x63,0x40,0x8B,0x3A,
|
|
299
|
+
0x21,0x93,0x8B,0x79,0x53,0x51,0x2C,0xCA,0xB3,0x7B,0x29,0x56,
|
|
300
|
+
0xA8,0xC7,0xF8,0xF4,0x7B,0x08,0x5E,0xA6,0xDC,0xA2,0x45,0x12,
|
|
301
|
+
0x56,0xDD,0x41,0x92,0xF2,0xDD,0x5B,0x8F,0x23,0xF0,0xF3,0xEF,
|
|
302
|
+
0xE4,0x3B,0x0A,0x44,0xDD,0xED,0x96,0x84,0xF1,0xA8,0x32,0x46,
|
|
303
|
+
0xA3,0xDB,0x4A,0xBE,0x3D,0x45,0xBA,0x4E,0xF8,0x03,0xE5,0xDD,
|
|
304
|
+
0x6B,0x59,0x0D,0x84,0x1E,0xCA,0x16,0x5A,0x8C,0xC8,0xDF,0x7C,
|
|
305
|
+
0x54,0x44,0xC4,0x27,0xA7,0x3B,0x2A,0x97,0xCE,0xA3,0x7D,0x26,
|
|
306
|
+
0x9C,0xAD,0xF4,0xC2,0xAC,0x37,0x4B,0xC3,0xAD,0x68,0x84,0x7F,
|
|
307
|
+
0x99,0xA6,0x17,0xEF,0x6B,0x46,0x3A,0x7A,0x36,0x7A,0x11,0x43,
|
|
308
|
+
0x92,0xAD,0xE9,0x9C,0xFB,0x44,0x6C,0x3D,0x82,0x49,0xCC,0x5C,
|
|
309
|
+
0x6A,0x52,0x42,0xF8,0x42,0xFB,0x44,0xF9,0x39,0x73,0xFB,0x60,
|
|
310
|
+
0x79,0x3B,0xC2,0x9E,0x0B,0xDC,0xD4,0xA6,0x67,0xF7,0x66,0x3F,
|
|
311
|
+
0xFC,0x42,0x3B,0x1B,0xDB,0x4F,0x66,0xDC,0xA5,0x8F,0x66,0xF9,
|
|
312
|
+
0xEA,0xC1,0xED,0x31,0xFB,0x48,0xA1,0x82,0x7D,0xF8,0xE0,0xCC,
|
|
313
|
+
0xB1,0xC7,0x03,0xE4,0xF8,0xB3,0xFE,0xB7,0xA3,0x13,0x73,0xA6,
|
|
314
|
+
0x7B,0xC1,0x0E,0x39,0xC7,0x94,0x48,0x26,0x00,0x85,0x79,0xFC,
|
|
315
|
+
0x6F,0x7A,0xAF,0xC5,0x52,0x35,0x75,0xD7,0x75,0xA4,0x40,0xFA,
|
|
316
|
+
0x14,0x74,0x61,0x16,0xF2,0xEB,0x67,0x11,0x6F,0x04,0x43,0x3D,
|
|
317
|
+
0x11,0x14,0x4C,0xA7,0x94,0x2A,0x39,0xA1,0xC9,0x90,0xCF,0x83,
|
|
318
|
+
0xC6,0xFF,0x02,0x8F,0xA3,0x2A,0xAC,0x26,0xDF,0x0B,0x8B,0xBE,
|
|
319
|
+
0x64,0x4A,0xF1,0xA1,0xDC,0xEE,0xBA,0xC8,0x03,0x82,0xF6,0x62,
|
|
320
|
+
0x2C,0x5D,0xB6,0xBB,0x13,0x19,0x6E,0x86,0xC5,0x5B,0x2B,0x5E,
|
|
321
|
+
0x3A,0xF3,0xB3,0x28,0x6B,0x70,0x71,0x3A,0x8E,0xFF,0x5C,0x15,
|
|
322
|
+
0xE6,0x02,0xA4,0xCE,0xED,0x59,0x56,0xCC,0x15,0x51,0x07,0x79,
|
|
323
|
+
0x1A,0x0F,0x25,0x26,0x27,0x30,0xA9,0x15,0xB2,0xC8,0xD4,0x5C,
|
|
324
|
+
0xCC,0x30,0xE8,0x1B,0xD8,0xD5,0x0F,0x19,0xA8,0x80,0xA4,0xC7,
|
|
325
|
+
0x01,0xAA,0x8B,0xBA,0x53,0xBB,0x47,0xC2,0x1F,0x6B,0x54,0xB0,
|
|
326
|
+
0x17,0x60,0xED,0x79,0x21,0x95,0xB6,0x05,0x84,0x37,0xC8,0x03,
|
|
327
|
+
0xA4,0xDD,0xD1,0x06,0x69,0x8F,0x4C,0x39,0xE0,0xC8,0x5D,0x83,
|
|
328
|
+
0x1D,0xBE,0x6A,0x9A,0x99,0xF3,0x9F,0x0B,0x45,0x29,0xD4,0xCB,
|
|
329
|
+
0x29,0x66,0xEE,0x1E,0x7E,0x3D,0xD7,0x13,0x4E,0xDB,0x90,0x90,
|
|
330
|
+
0x58,0xCB,0x5E,0x9B,0xCD,0x2E,0x2B,0x0F,0xA9,0x4E,0x78,0xAC,
|
|
331
|
+
0x05,0x11,0x7F,0xE3,0x9E,0x27,0xD4,0x99,0xE1,0xB9,0xBD,0x78,
|
|
332
|
+
0xE1,0x84,0x41,0xA0,0xDF,0x02,0x01,0x02,
|
|
333
|
+
};
|
|
334
|
+
# endif
|
|
335
|
+
|
|
226
336
|
}
|
|
227
337
|
|
|
228
338
|
//
|
|
229
339
|
// Convert a predefined parameter set into a DH value.
|
|
230
340
|
//
|
|
341
|
+
# if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
342
|
+
static DH*
|
|
343
|
+
convertDH(const unsigned char* buf, int len)
|
|
344
|
+
{
|
|
345
|
+
return d2i_DHparams(0, &buf, len);
|
|
346
|
+
}
|
|
347
|
+
# else
|
|
231
348
|
static DH*
|
|
232
349
|
convertDH(unsigned char* p, int plen, unsigned char* g, int glen)
|
|
233
350
|
{
|
|
@@ -247,9 +364,9 @@ convertDH(unsigned char* p, int plen, unsigned char* g, int glen)
|
|
|
247
364
|
dh = 0;
|
|
248
365
|
}
|
|
249
366
|
}
|
|
250
|
-
|
|
251
367
|
return dh;
|
|
252
368
|
}
|
|
369
|
+
# endif
|
|
253
370
|
|
|
254
371
|
IceSSL::DHParams::DHParams() :
|
|
255
372
|
_dh512(0), _dh1024(0), _dh2048(0), _dh4096(0)
|
|
@@ -311,7 +428,40 @@ IceSSL::DHParams::get(int keyLength)
|
|
|
311
428
|
// No match found. Use one of the predefined parameter sets instead.
|
|
312
429
|
//
|
|
313
430
|
IceUtil::Mutex::Lock sync(*this);
|
|
314
|
-
|
|
431
|
+
# if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
432
|
+
if(keyLength >= 4096)
|
|
433
|
+
{
|
|
434
|
+
if(!_dh4096)
|
|
435
|
+
{
|
|
436
|
+
_dh4096 = convertDH(dh4096, (int) sizeof(dh4096));
|
|
437
|
+
}
|
|
438
|
+
return _dh4096;
|
|
439
|
+
}
|
|
440
|
+
else if(keyLength >= 2048)
|
|
441
|
+
{
|
|
442
|
+
if(!_dh2048)
|
|
443
|
+
{
|
|
444
|
+
_dh2048 = convertDH(dh2048, (int) sizeof(dh2048));
|
|
445
|
+
}
|
|
446
|
+
return _dh2048;
|
|
447
|
+
}
|
|
448
|
+
else if(keyLength >= 1024)
|
|
449
|
+
{
|
|
450
|
+
if(!_dh1024)
|
|
451
|
+
{
|
|
452
|
+
_dh1024 = convertDH(dh1024, (int) sizeof(dh1024));
|
|
453
|
+
}
|
|
454
|
+
return _dh1024;
|
|
455
|
+
}
|
|
456
|
+
else
|
|
457
|
+
{
|
|
458
|
+
if(!_dh512)
|
|
459
|
+
{
|
|
460
|
+
_dh512 = convertDH(dh512, (int) sizeof(dh512));
|
|
461
|
+
}
|
|
462
|
+
return _dh512;
|
|
463
|
+
}
|
|
464
|
+
# else
|
|
315
465
|
if(keyLength >= 4096)
|
|
316
466
|
{
|
|
317
467
|
if(!_dh4096)
|
|
@@ -344,9 +494,10 @@ IceSSL::DHParams::get(int keyLength)
|
|
|
344
494
|
}
|
|
345
495
|
return _dh512;
|
|
346
496
|
}
|
|
497
|
+
# endif
|
|
347
498
|
}
|
|
348
499
|
|
|
349
|
-
#
|
|
500
|
+
# endif
|
|
350
501
|
|
|
351
502
|
string
|
|
352
503
|
IceSSL::getSslErrors(bool verbose)
|