zeroc-ice 3.6.2 → 3.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/slice2rb +0 -0
- data/ext/Slice.cpp +32 -39
- data/ext/ice/cpp/include/Ice/BasicStream.h +15 -4
- data/ext/ice/cpp/include/Ice/BuiltinSequences.h +2 -2
- data/ext/ice/cpp/include/Ice/Communicator.h +2 -2
- data/ext/ice/cpp/include/Ice/CommunicatorF.h +2 -2
- data/ext/ice/cpp/include/Ice/Connection.h +2 -2
- data/ext/ice/cpp/include/Ice/ConnectionF.h +2 -2
- data/ext/ice/cpp/include/Ice/Current.h +2 -2
- data/ext/ice/cpp/include/Ice/Endpoint.h +2 -2
- data/ext/ice/cpp/include/Ice/EndpointF.h +2 -2
- data/ext/ice/cpp/include/Ice/EndpointTypes.h +2 -2
- data/ext/ice/cpp/include/Ice/FacetMap.h +2 -2
- data/ext/ice/cpp/include/Ice/Identity.h +2 -2
- data/ext/ice/cpp/include/Ice/ImplicitContext.h +2 -2
- data/ext/ice/cpp/include/Ice/ImplicitContextF.h +2 -2
- data/ext/ice/cpp/include/Ice/Instrumentation.h +2 -2
- data/ext/ice/cpp/include/Ice/InstrumentationF.h +2 -2
- data/ext/ice/cpp/include/Ice/LocalException.h +2 -2
- data/ext/ice/cpp/include/Ice/Locator.h +2 -2
- data/ext/ice/cpp/include/Ice/LocatorF.h +2 -2
- data/ext/ice/cpp/include/Ice/Logger.h +2 -2
- data/ext/ice/cpp/include/Ice/LoggerF.h +2 -2
- data/ext/ice/cpp/include/Ice/Metrics.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectAdapter.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectAdapterF.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectFactory.h +2 -2
- data/ext/ice/cpp/include/Ice/ObjectFactoryF.h +2 -2
- data/ext/ice/cpp/include/Ice/Plugin.h +2 -2
- data/ext/ice/cpp/include/Ice/PluginF.h +2 -2
- data/ext/ice/cpp/include/Ice/Process.h +2 -2
- data/ext/ice/cpp/include/Ice/ProcessF.h +2 -2
- data/ext/ice/cpp/include/Ice/Properties.h +2 -2
- data/ext/ice/cpp/include/Ice/PropertiesAdmin.h +2 -2
- data/ext/ice/cpp/include/Ice/PropertiesF.h +2 -2
- data/ext/ice/cpp/include/Ice/RemoteLogger.h +2 -2
- data/ext/ice/cpp/include/Ice/Router.h +2 -2
- data/ext/ice/cpp/include/Ice/RouterF.h +2 -2
- data/ext/ice/cpp/include/Ice/ServantLocator.h +2 -2
- data/ext/ice/cpp/include/Ice/ServantLocatorF.h +2 -2
- data/ext/ice/cpp/include/Ice/SliceChecksumDict.h +2 -2
- data/ext/ice/cpp/include/Ice/SlicedData.h +6 -0
- data/ext/ice/cpp/include/Ice/Version.h +2 -2
- data/ext/ice/cpp/include/IceSSL/ConnectionInfo.h +2 -2
- data/ext/ice/cpp/include/IceSSL/EndpointInfo.h +2 -2
- data/ext/ice/cpp/include/IceUtil/Config.h +86 -26
- data/ext/ice/cpp/include/IceUtil/IconvStringConverter.h +1 -1
- data/ext/ice/cpp/include/IceUtil/Time.h +3 -2
- data/ext/ice/cpp/include/Slice/PythonUtil.h +1 -1
- data/ext/ice/cpp/include/Slice/RubyUtil.h +1 -1
- data/ext/ice/cpp/include/Slice/Util.h +5 -0
- data/ext/ice/cpp/src/Ice/BuiltinSequences.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Communicator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/CommunicatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Connection.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ConnectionF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ConnectionFactory.cpp +57 -42
- data/ext/ice/cpp/src/Ice/ConnectionFactory.h +2 -0
- data/ext/ice/cpp/src/Ice/Current.cpp +2 -2
- data/ext/ice/cpp/src/Ice/DynamicLibrary.cpp +9 -5
- data/ext/ice/cpp/src/Ice/Endpoint.cpp +2 -2
- data/ext/ice/cpp/src/Ice/EndpointF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/EndpointTypes.cpp +2 -2
- data/ext/ice/cpp/src/Ice/FacetMap.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Identity.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ImplicitContext.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ImplicitContextF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Incoming.cpp +11 -4
- data/ext/ice/cpp/src/Ice/Instance.cpp +4 -2
- data/ext/ice/cpp/src/Ice/Instrumentation.cpp +2 -2
- data/ext/ice/cpp/src/Ice/InstrumentationF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/InstrumentationI.cpp +1 -3
- data/ext/ice/cpp/src/Ice/LocalException.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Locator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LocatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Logger.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LoggerF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LoggerI.cpp +94 -5
- data/ext/ice/cpp/src/Ice/LoggerI.h +7 -1
- data/ext/ice/cpp/src/Ice/Metrics.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Network.cpp +23 -7
- data/ext/ice/cpp/src/Ice/Network.h +1 -1
- data/ext/ice/cpp/src/Ice/ObjectAdapter.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectAdapterF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectFactory.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectFactoryF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Plugin.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PluginF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PluginManagerI.cpp +5 -0
- data/ext/ice/cpp/src/Ice/Process.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ProcessF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Properties.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertiesAdmin.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertiesF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertyNames.cpp +4 -3
- data/ext/ice/cpp/src/Ice/PropertyNames.h +1 -1
- data/ext/ice/cpp/src/Ice/RemoteLogger.cpp +2 -2
- data/ext/ice/cpp/src/Ice/RetryQueue.cpp +1 -1
- data/ext/ice/cpp/src/Ice/Router.cpp +2 -2
- data/ext/ice/cpp/src/Ice/RouterF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ServantLocator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ServantLocatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/SliceChecksumDict.cpp +2 -2
- data/ext/ice/cpp/src/Ice/StreamSocket.cpp +19 -3
- data/ext/ice/cpp/src/Ice/Version.cpp +2 -2
- data/ext/ice/cpp/src/Ice/WSConnector.h +2 -2
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.cpp +2 -2
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.h +2 -2
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.cpp +2 -2
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.h +2 -2
- data/ext/ice/cpp/src/IceSSL/ConnectionInfo.cpp +2 -2
- data/ext/ice/cpp/src/IceSSL/EndpointInfo.cpp +2 -2
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.cpp +54 -39
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +5 -8
- data/ext/ice/cpp/src/IceSSL/Util.cpp +155 -4
- data/ext/ice/cpp/src/IceUtil/Cond.cpp +1 -1
- data/ext/ice/cpp/src/IceUtil/FileUtil.cpp +8 -0
- data/ext/ice/cpp/src/IceUtil/FileUtil.h +18 -5
- data/ext/ice/cpp/src/IceUtil/OutputUtil.cpp +5 -5
- data/ext/ice/cpp/src/IceUtil/Time.cpp +25 -17
- data/ext/ice/cpp/src/Slice/JavaUtil.cpp +5 -11
- data/ext/ice/cpp/src/Slice/Preprocessor.cpp +3 -3
- data/ext/ice/cpp/src/Slice/Python.cpp +14 -17
- data/ext/ice/cpp/src/Slice/PythonUtil.cpp +183 -48
- data/ext/ice/cpp/src/Slice/Ruby.cpp +6 -6
- data/ext/ice/cpp/src/Slice/RubyUtil.cpp +0 -10
- data/ext/ice/cpp/src/Slice/Util.cpp +28 -3
- data/ext/ice/mcpp/Makefile +10 -6
- data/ext/ice/mcpp/configed.H +3 -0
- data/ext/ice/mcpp/main.c +2 -2
- data/ext/ice/mcpp/mcpp.gyp +6 -0
- data/ext/ice/mcpp/support.c +1 -1
- data/ext/ice/mcpp/system.H +6 -1
- data/ext/ice/mcpp/system.c +52 -15
- data/ice.gemspec +1 -1
- data/lib/Glacier2/Metrics.rb +1 -1
- data/lib/Glacier2/PermissionsVerifier.rb +1 -1
- data/lib/Glacier2/PermissionsVerifierF.rb +1 -1
- data/lib/Glacier2/Router.rb +1 -1
- data/lib/Glacier2/RouterF.rb +1 -1
- data/lib/Glacier2/SSLInfo.rb +1 -1
- data/lib/Glacier2/Session.rb +1 -1
- data/lib/Ice/BuiltinSequences.rb +1 -1
- data/lib/Ice/Communicator.rb +1 -1
- data/lib/Ice/CommunicatorF.rb +1 -1
- data/lib/Ice/Connection.rb +1 -1
- data/lib/Ice/ConnectionF.rb +1 -1
- data/lib/Ice/Current.rb +1 -1
- data/lib/Ice/Endpoint.rb +1 -1
- data/lib/Ice/EndpointF.rb +1 -1
- data/lib/Ice/EndpointTypes.rb +1 -1
- data/lib/Ice/FacetMap.rb +1 -1
- data/lib/Ice/Identity.rb +1 -1
- data/lib/Ice/ImplicitContext.rb +1 -1
- data/lib/Ice/ImplicitContextF.rb +1 -1
- data/lib/Ice/Instrumentation.rb +1 -1
- data/lib/Ice/InstrumentationF.rb +1 -1
- data/lib/Ice/LocalException.rb +1 -1
- data/lib/Ice/Locator.rb +1 -1
- data/lib/Ice/LocatorF.rb +1 -1
- data/lib/Ice/Logger.rb +1 -1
- data/lib/Ice/LoggerF.rb +1 -1
- data/lib/Ice/Metrics.rb +1 -1
- data/lib/Ice/ObjectAdapterF.rb +1 -1
- data/lib/Ice/ObjectFactory.rb +1 -1
- data/lib/Ice/ObjectFactoryF.rb +1 -1
- data/lib/Ice/Plugin.rb +1 -1
- data/lib/Ice/PluginF.rb +1 -1
- data/lib/Ice/Process.rb +1 -1
- data/lib/Ice/ProcessF.rb +1 -1
- data/lib/Ice/Properties.rb +1 -1
- data/lib/Ice/PropertiesAdmin.rb +1 -1
- data/lib/Ice/PropertiesF.rb +1 -1
- data/lib/Ice/RemoteLogger.rb +1 -1
- data/lib/Ice/Router.rb +1 -1
- data/lib/Ice/RouterF.rb +1 -1
- data/lib/Ice/SliceChecksumDict.rb +1 -1
- data/lib/Ice/Version.rb +1 -1
- data/lib/IceBox/IceBox.rb +1 -1
- data/lib/IceGrid/Admin.rb +1 -1
- data/lib/IceGrid/Descriptor.rb +1 -1
- data/lib/IceGrid/Exception.rb +1 -1
- data/lib/IceGrid/FileParser.rb +1 -1
- data/lib/IceGrid/Locator.rb +1 -1
- data/lib/IceGrid/Observer.rb +1 -1
- data/lib/IceGrid/Query.rb +1 -1
- data/lib/IceGrid/Registry.rb +1 -1
- data/lib/IceGrid/Session.rb +1 -1
- data/lib/IceGrid/UserAccountMapper.rb +1 -1
- data/lib/IcePatch2/FileInfo.rb +1 -1
- data/lib/IcePatch2/FileServer.rb +1 -1
- data/lib/IceStorm/IceStorm.rb +1 -1
- data/lib/IceStorm/Metrics.rb +1 -1
- data/slice/Glacier2/PermissionsVerifier.ice +0 -3
- data/slice/Glacier2/Session.ice +2 -9
- data/slice/Ice/Communicator.ice +3 -3
- data/slice/Ice/ImplicitContext.ice +4 -5
- data/slice/Ice/Instrumentation.ice +26 -26
- data/slice/Ice/LocalException.ice +1 -1
- data/slice/Ice/Locator.ice +5 -3
- data/slice/Ice/Metrics.ice +1 -1
- data/slice/Ice/ObjectFactory.ice +0 -2
- data/slice/Ice/RemoteLogger.ice +32 -32
- data/slice/Ice/Router.ice +3 -0
- data/slice/IceGrid/Session.ice +5 -9
- data/slice/IceLocatorDiscovery/IceLocatorDiscovery.ice +7 -7
- data/slice/IcePatch2/FileServer.ice +28 -34
- metadata +30 -30
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
# if ICE_INT_VERSION % 100 > 50
|
|
36
36
|
# error Beta header file detected
|
|
37
37
|
# endif
|
|
38
|
-
# if ICE_INT_VERSION % 100 <
|
|
38
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
39
39
|
# error Ice patch level mismatch!
|
|
40
40
|
# endif
|
|
41
41
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -44,7 +44,7 @@
|
|
|
44
44
|
# if ICE_INT_VERSION % 100 > 50
|
|
45
45
|
# error Beta header file detected
|
|
46
46
|
# endif
|
|
47
|
-
# if ICE_INT_VERSION % 100 <
|
|
47
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
48
48
|
# error Ice patch level mismatch!
|
|
49
49
|
# endif
|
|
50
50
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
# if ICE_INT_VERSION % 100 > 50
|
|
36
36
|
# error Beta header file detected
|
|
37
37
|
# endif
|
|
38
|
-
# if ICE_INT_VERSION % 100 <
|
|
38
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
39
39
|
# error Ice patch level mismatch!
|
|
40
40
|
# endif
|
|
41
41
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -46,7 +46,7 @@
|
|
|
46
46
|
# if ICE_INT_VERSION % 100 > 50
|
|
47
47
|
# error Beta header file detected
|
|
48
48
|
# endif
|
|
49
|
-
# if ICE_INT_VERSION % 100 <
|
|
49
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
50
50
|
# error Ice patch level mismatch!
|
|
51
51
|
# endif
|
|
52
52
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -35,7 +35,7 @@
|
|
|
35
35
|
# if ICE_INT_VERSION % 100 > 50
|
|
36
36
|
# error Beta header file detected
|
|
37
37
|
# endif
|
|
38
|
-
# if ICE_INT_VERSION % 100 <
|
|
38
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
39
39
|
# error Ice patch level mismatch!
|
|
40
40
|
# endif
|
|
41
41
|
#endif
|
|
@@ -7,7 +7,7 @@
|
|
|
7
7
|
//
|
|
8
8
|
// **********************************************************************
|
|
9
9
|
//
|
|
10
|
-
// Ice version 3.6.
|
|
10
|
+
// Ice version 3.6.3
|
|
11
11
|
//
|
|
12
12
|
// <auto-generated>
|
|
13
13
|
//
|
|
@@ -34,7 +34,7 @@
|
|
|
34
34
|
# if ICE_INT_VERSION % 100 > 50
|
|
35
35
|
# error Beta header file detected
|
|
36
36
|
# endif
|
|
37
|
-
# if ICE_INT_VERSION % 100 <
|
|
37
|
+
# if ICE_INT_VERSION % 100 < 3
|
|
38
38
|
# error Ice patch level mismatch!
|
|
39
39
|
# endif
|
|
40
40
|
#endif
|
|
@@ -42,7 +42,10 @@ namespace
|
|
|
42
42
|
IceUtil::Mutex* staticMutex = 0;
|
|
43
43
|
int instanceCount = 0;
|
|
44
44
|
bool initOpenSSL = false;
|
|
45
|
+
|
|
46
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
45
47
|
IceUtil::Mutex* locks = 0;
|
|
48
|
+
#endif
|
|
46
49
|
|
|
47
50
|
class Init
|
|
48
51
|
{
|
|
@@ -55,14 +58,22 @@ public:
|
|
|
55
58
|
|
|
56
59
|
~Init()
|
|
57
60
|
{
|
|
58
|
-
|
|
59
|
-
|
|
61
|
+
//
|
|
62
|
+
// OpenSSL 1.1.0 introduces a new thread API and removes
|
|
63
|
+
// the need to use a custom thread callback.
|
|
64
|
+
//
|
|
65
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
66
|
+
CRYPTO_set_locking_callback(0);
|
|
67
|
+
CRYPTO_set_id_callback(0);
|
|
60
68
|
|
|
61
69
|
if(locks)
|
|
62
70
|
{
|
|
63
71
|
delete[] locks;
|
|
64
72
|
locks = 0;
|
|
65
73
|
}
|
|
74
|
+
#endif
|
|
75
|
+
delete staticMutex;
|
|
76
|
+
staticMutex = 0;
|
|
66
77
|
}
|
|
67
78
|
};
|
|
68
79
|
|
|
@@ -72,6 +83,11 @@ Init init;
|
|
|
72
83
|
extern "C"
|
|
73
84
|
{
|
|
74
85
|
|
|
86
|
+
//
|
|
87
|
+
// OpenSSL 1.1.0 introduces a new thread API and removes
|
|
88
|
+
// the need to use a custom thread callback.
|
|
89
|
+
//
|
|
90
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
75
91
|
//
|
|
76
92
|
// OpenSSL mutex callback.
|
|
77
93
|
//
|
|
@@ -102,7 +118,7 @@ IceSSL_opensslThreadIdCallback()
|
|
|
102
118
|
// On some platforms, pthread_t is a pointer to a per-thread structure.
|
|
103
119
|
//
|
|
104
120
|
return reinterpret_cast<unsigned long>(pthread_self());
|
|
105
|
-
# elif
|
|
121
|
+
# elif defined(__linux) || defined(__sun) || defined(__hpux) || defined(_AIX) || defined(__GLIBC__)
|
|
106
122
|
//
|
|
107
123
|
// On Linux, Solaris, HP-UX and AIX, pthread_t is an integer.
|
|
108
124
|
//
|
|
@@ -111,6 +127,7 @@ IceSSL_opensslThreadIdCallback()
|
|
|
111
127
|
# error "Unknown platform"
|
|
112
128
|
# endif
|
|
113
129
|
}
|
|
130
|
+
#endif
|
|
114
131
|
|
|
115
132
|
int
|
|
116
133
|
IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData)
|
|
@@ -141,7 +158,12 @@ IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData)
|
|
|
141
158
|
DH*
|
|
142
159
|
IceSSL_opensslDHCallback(SSL* ssl, int /*isExport*/, int keyLength)
|
|
143
160
|
{
|
|
144
|
-
|
|
161
|
+
# if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
162
|
+
SSL_CTX* ctx = SSL_get_SSL_CTX(ssl);
|
|
163
|
+
# else
|
|
164
|
+
SSL_CTX* ctx = ssl->ctx;
|
|
165
|
+
# endif
|
|
166
|
+
OpenSSLEngine* p = reinterpret_cast<OpenSSLEngine*>(SSL_CTX_get_ex_data(ctx, 0));
|
|
145
167
|
return p->dhParams(keyLength);
|
|
146
168
|
}
|
|
147
169
|
# endif
|
|
@@ -193,6 +215,11 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) :
|
|
|
193
215
|
initOpenSSL = properties->getPropertyAsIntWithDefault("IceSSL.InitOpenSSL", 1) > 0;
|
|
194
216
|
if(initOpenSSL)
|
|
195
217
|
{
|
|
218
|
+
|
|
219
|
+
//
|
|
220
|
+
// OpenSSL 1.1.0 remove the need for library initialization and cleanup.
|
|
221
|
+
//
|
|
222
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
196
223
|
//
|
|
197
224
|
// Create the mutexes and set the callbacks.
|
|
198
225
|
//
|
|
@@ -218,13 +245,11 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) :
|
|
|
218
245
|
// load private key files generated by OpenSSL 1.x.
|
|
219
246
|
//
|
|
220
247
|
OpenSSL_add_all_algorithms();
|
|
248
|
+
#endif
|
|
221
249
|
|
|
222
250
|
//
|
|
223
251
|
// Initialize the PRNG.
|
|
224
252
|
//
|
|
225
|
-
# ifdef WINDOWS
|
|
226
|
-
RAND_screen(); // Uses data from the screen if possible.
|
|
227
|
-
# endif
|
|
228
253
|
char randFile[1024];
|
|
229
254
|
if(RAND_file_name(randFile, sizeof(randFile))) // Gets the name of a default seed file.
|
|
230
255
|
{
|
|
@@ -298,6 +323,10 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) :
|
|
|
298
323
|
|
|
299
324
|
OpenSSLEngine::~OpenSSLEngine()
|
|
300
325
|
{
|
|
326
|
+
//
|
|
327
|
+
// OpenSSL 1.1.0 remove the need for library initialization and cleanup.
|
|
328
|
+
//
|
|
329
|
+
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
301
330
|
//
|
|
302
331
|
// Clean up OpenSSL resources.
|
|
303
332
|
//
|
|
@@ -320,6 +349,7 @@ OpenSSLEngine::~OpenSSLEngine()
|
|
|
320
349
|
ERR_free_strings();
|
|
321
350
|
EVP_cleanup();
|
|
322
351
|
}
|
|
352
|
+
#endif
|
|
323
353
|
}
|
|
324
354
|
|
|
325
355
|
bool
|
|
@@ -369,6 +399,18 @@ OpenSSLEngine::initialize()
|
|
|
369
399
|
"IceSSL: unable to create SSL context:\n" + sslErrors());
|
|
370
400
|
}
|
|
371
401
|
|
|
402
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
403
|
+
int securityLevel = properties->getPropertyAsIntWithDefault(propPrefix + "SecurityLevel", -1);
|
|
404
|
+
if(securityLevel != -1)
|
|
405
|
+
{
|
|
406
|
+
SSL_CTX_set_security_level(_ctx, securityLevel);
|
|
407
|
+
if(SSL_CTX_get_security_level(_ctx) != securityLevel)
|
|
408
|
+
{
|
|
409
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
|
410
|
+
"IceSSL: unable to set SSL security level:\n" + sslErrors());
|
|
411
|
+
}
|
|
412
|
+
}
|
|
413
|
+
#endif
|
|
372
414
|
//
|
|
373
415
|
// Check for a default directory. We look in this directory for
|
|
374
416
|
// files mentioned in the configuration.
|
|
@@ -425,37 +467,6 @@ OpenSSLEngine::initialize()
|
|
|
425
467
|
}
|
|
426
468
|
}
|
|
427
469
|
|
|
428
|
-
if(!file && !dir)
|
|
429
|
-
{
|
|
430
|
-
// Deprecated properties
|
|
431
|
-
path = properties->getProperty(propPrefix + "CertAuthFile");
|
|
432
|
-
if(!path.empty())
|
|
433
|
-
{
|
|
434
|
-
if(!checkPath(path, defaultDir, false, resolved))
|
|
435
|
-
{
|
|
436
|
-
throw PluginInitializationException(__FILE__, __LINE__,
|
|
437
|
-
"IceSSL: CA certificate file not found:\n" + path);
|
|
438
|
-
}
|
|
439
|
-
path = resolved;
|
|
440
|
-
file = path.c_str();
|
|
441
|
-
}
|
|
442
|
-
else
|
|
443
|
-
{
|
|
444
|
-
path = properties->getProperty(propPrefix + "CertAuthDir");
|
|
445
|
-
if(!path.empty())
|
|
446
|
-
{
|
|
447
|
-
if(!checkPath(path, defaultDir, true, resolved))
|
|
448
|
-
{
|
|
449
|
-
throw PluginInitializationException(__FILE__, __LINE__,
|
|
450
|
-
"IceSSL: CA certificate directory not found:\n" +
|
|
451
|
-
path);
|
|
452
|
-
}
|
|
453
|
-
path = resolved;
|
|
454
|
-
dir = path.c_str();
|
|
455
|
-
}
|
|
456
|
-
}
|
|
457
|
-
}
|
|
458
|
-
|
|
459
470
|
if(file || dir)
|
|
460
471
|
{
|
|
461
472
|
//
|
|
@@ -525,6 +536,7 @@ OpenSSLEngine::initialize()
|
|
|
525
536
|
"IceSSL: certificate file not found:\n" + file);
|
|
526
537
|
}
|
|
527
538
|
file = resolved;
|
|
539
|
+
|
|
528
540
|
//
|
|
529
541
|
// First we try to load the certificate using PKCS12 format if that fails
|
|
530
542
|
// we fallback to PEM format.
|
|
@@ -942,6 +954,9 @@ OpenSSLEngine::parseProtocols(const StringSeq& protocols) const
|
|
|
942
954
|
SSL_METHOD*
|
|
943
955
|
OpenSSLEngine::getMethod(int /*protocols*/)
|
|
944
956
|
{
|
|
957
|
+
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
958
|
+
SSL_METHOD* meth = const_cast<SSL_METHOD*>(TLS_method());
|
|
959
|
+
#else
|
|
945
960
|
//
|
|
946
961
|
// Despite its name, the SSLv23 method can negotiate SSL3, TLS1.0, TLS1.1, and TLS1.2.
|
|
947
962
|
// We use the const_cast for backward compatibility with older OpenSSL releases.
|
|
@@ -956,7 +971,7 @@ OpenSSLEngine::getMethod(int /*protocols*/)
|
|
|
956
971
|
meth = const_cast<SSL_METHOD*>(TLSv1_2_method());
|
|
957
972
|
}
|
|
958
973
|
*/
|
|
959
|
-
|
|
974
|
+
#endif
|
|
960
975
|
return meth;
|
|
961
976
|
}
|
|
962
977
|
|
|
@@ -136,7 +136,7 @@ checkTrustResult(SecTrustRef trust, const SecureTransportEnginePtr& engine, cons
|
|
|
136
136
|
}
|
|
137
137
|
default:
|
|
138
138
|
// case kSecTrustResultInvalid:
|
|
139
|
-
//
|
|
139
|
+
// case kSecTrustResultConfirm: // Used in old OS X versions
|
|
140
140
|
// case kSecTrustResultDeny:
|
|
141
141
|
// case kSecTrustResultRecoverableTrustFailure:
|
|
142
142
|
// case kSecTrustResultFatalTrustFailure:
|
|
@@ -225,14 +225,11 @@ IceSSL::TransceiverI::initialize(IceInternal::Buffer& readBuffer, IceInternal::B
|
|
|
225
225
|
{
|
|
226
226
|
assert(!_trust);
|
|
227
227
|
err = SSLCopyPeerTrust(_ssl, &_trust);
|
|
228
|
-
if(_incoming &&
|
|
228
|
+
if(_incoming && _engine->getVerifyPeer() == 1 && (err == errSSLBadCert || _trust == 0))
|
|
229
229
|
{
|
|
230
|
-
//
|
|
231
|
-
//
|
|
232
|
-
// certificate
|
|
233
|
-
// configured to verify to not require the client
|
|
234
|
-
// certificate so we ignore the failure.
|
|
235
|
-
//
|
|
230
|
+
// This is expected if the client doesn't provide a certificate. With 10.10 and 10.11 errSSLBadCert
|
|
231
|
+
// is expected, the server is configured to verify but not require the client
|
|
232
|
+
// certificate so we ignore the failure. In 10.12 there is no error and trust is 0.
|
|
236
233
|
continue;
|
|
237
234
|
}
|
|
238
235
|
if(err == noErr)
|
|
@@ -109,7 +109,8 @@ parseBytes(const string& arg, vector<unsigned char>& buffer)
|
|
|
109
109
|
namespace
|
|
110
110
|
{
|
|
111
111
|
|
|
112
|
-
#
|
|
112
|
+
# ifndef OPENSSL_NO_DH
|
|
113
|
+
# if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
113
114
|
|
|
114
115
|
// The following arrays are predefined Diffie Hellman group parameters.
|
|
115
116
|
// These are known strong primes, distributed with the OpenSSL library
|
|
@@ -223,11 +224,127 @@ unsigned char dh4096_p[] =
|
|
|
223
224
|
|
|
224
225
|
unsigned char dh4096_g[] = { 0x02 };
|
|
225
226
|
|
|
227
|
+
# else
|
|
228
|
+
//
|
|
229
|
+
// With OpenSSL 1.1.0 is no longer possible to acess the DH p and g
|
|
230
|
+
// data members to set the DH params. We still use the same default
|
|
231
|
+
// parameters but they were converted to DER format using
|
|
232
|
+
// i2d_DHparams and can be restored using d2i_DHparams
|
|
233
|
+
|
|
234
|
+
unsigned char dh512[] =
|
|
235
|
+
{
|
|
236
|
+
0x30,0x46,0x02,0x41,0x00,0xF5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29,
|
|
237
|
+
0x40,0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4,
|
|
238
|
+
0x03,0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F,
|
|
239
|
+
0xAB,0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4,
|
|
240
|
+
0x5D,0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA,
|
|
241
|
+
0xAB,0xA2,0x5E,0xC3,0x55,0xE9,0x2A,0x05,0x5F,0x02,0x01,0x02,
|
|
242
|
+
};
|
|
243
|
+
|
|
244
|
+
unsigned char dh1024[] =
|
|
245
|
+
{
|
|
246
|
+
0x30,0x81,0x87,0x02,0x81,0x81,0x00,0xF4,0x88,0xFD,0x58,0x4E,
|
|
247
|
+
0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,0x33,
|
|
248
|
+
0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,0x5B,
|
|
249
|
+
0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,0x18,
|
|
250
|
+
0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,0x7C,
|
|
251
|
+
0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,0xB5,
|
|
252
|
+
0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,0x84,
|
|
253
|
+
0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,0x7A,
|
|
254
|
+
0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,0x02,
|
|
255
|
+
0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,0xBD,
|
|
256
|
+
0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,0xE9,
|
|
257
|
+
0x2F,0x78,0xC7,0x02,0x01,0x02,
|
|
258
|
+
};
|
|
259
|
+
|
|
260
|
+
unsigned char dh2048[] =
|
|
261
|
+
{
|
|
262
|
+
0x30,0x82,0x01,0x08,0x02,0x82,0x01,0x01,0x00,0xF6,0x42,0x57,
|
|
263
|
+
0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,0xA9,0x42,0xF3,
|
|
264
|
+
0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,0x6E,0xB9,0x4B,
|
|
265
|
+
0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,0x8F,0x40,0x55,
|
|
266
|
+
0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,0xF7,0x4C,0x64,
|
|
267
|
+
0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,0xD4,0xA1,0xD3,
|
|
268
|
+
0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,0x3D,0x3D,0x8D,
|
|
269
|
+
0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,0xB8,0xAE,0x74,
|
|
270
|
+
0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,0x61,0xCE,0x7C,
|
|
271
|
+
0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,0xC7,0x01,0xAA,
|
|
272
|
+
0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,0x1A,0xF0,0xBF,
|
|
273
|
+
0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,0x4E,0x49,0xDB,
|
|
274
|
+
0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,0x33,0x6C,0x38,
|
|
275
|
+
0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,0x5B,0x2D,0x8E,
|
|
276
|
+
0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,0x18,0x8D,0x8E,
|
|
277
|
+
0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,0x7C,0x17,0x57,
|
|
278
|
+
0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,0xB5,0x2A,0xFF,
|
|
279
|
+
0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A,
|
|
280
|
+
0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95,
|
|
281
|
+
0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3,
|
|
282
|
+
0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B,
|
|
283
|
+
0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,0xE9,0x32,0x0B,
|
|
284
|
+
0x3B,0x02,0x01,0x02,
|
|
285
|
+
};
|
|
286
|
+
|
|
287
|
+
unsigned char dh4096[] =
|
|
288
|
+
{
|
|
289
|
+
0x30,0x82,0x02,0x08,0x02,0x82,0x02,0x01,0x00,0xFA,0x14,0x72,
|
|
290
|
+
0x52,0xC1,0x4D,0xE1,0x5A,0x49,0xD4,0xEF,0x09,0x2D,0xC0,0xA8,
|
|
291
|
+
0xFD,0x55,0xAB,0xD7,0xD9,0x37,0x04,0x28,0x09,0xE2,0xE9,0x3E,
|
|
292
|
+
0x77,0xE2,0xA1,0x7A,0x18,0xDD,0x46,0xA3,0x43,0x37,0x23,0x90,
|
|
293
|
+
0x97,0xF3,0x0E,0xC9,0x03,0x50,0x7D,0x65,0xCF,0x78,0x62,0xA6,
|
|
294
|
+
0x3A,0x62,0x22,0x83,0xA1,0x2F,0xFE,0x79,0xBA,0x35,0xFF,0x59,
|
|
295
|
+
0xD8,0x1D,0x61,0xDD,0x1E,0x21,0x13,0x17,0xFE,0xCD,0x38,0x87,
|
|
296
|
+
0x9E,0xF5,0x4F,0x79,0x10,0x61,0x8D,0xD4,0x22,0xF3,0x5A,0xED,
|
|
297
|
+
0x5D,0xEA,0x21,0xE9,0x33,0x6B,0x48,0x12,0x0A,0x20,0x77,0xD4,
|
|
298
|
+
0x25,0x60,0x61,0xDE,0xF6,0xB4,0x4F,0x1C,0x63,0x40,0x8B,0x3A,
|
|
299
|
+
0x21,0x93,0x8B,0x79,0x53,0x51,0x2C,0xCA,0xB3,0x7B,0x29,0x56,
|
|
300
|
+
0xA8,0xC7,0xF8,0xF4,0x7B,0x08,0x5E,0xA6,0xDC,0xA2,0x45,0x12,
|
|
301
|
+
0x56,0xDD,0x41,0x92,0xF2,0xDD,0x5B,0x8F,0x23,0xF0,0xF3,0xEF,
|
|
302
|
+
0xE4,0x3B,0x0A,0x44,0xDD,0xED,0x96,0x84,0xF1,0xA8,0x32,0x46,
|
|
303
|
+
0xA3,0xDB,0x4A,0xBE,0x3D,0x45,0xBA,0x4E,0xF8,0x03,0xE5,0xDD,
|
|
304
|
+
0x6B,0x59,0x0D,0x84,0x1E,0xCA,0x16,0x5A,0x8C,0xC8,0xDF,0x7C,
|
|
305
|
+
0x54,0x44,0xC4,0x27,0xA7,0x3B,0x2A,0x97,0xCE,0xA3,0x7D,0x26,
|
|
306
|
+
0x9C,0xAD,0xF4,0xC2,0xAC,0x37,0x4B,0xC3,0xAD,0x68,0x84,0x7F,
|
|
307
|
+
0x99,0xA6,0x17,0xEF,0x6B,0x46,0x3A,0x7A,0x36,0x7A,0x11,0x43,
|
|
308
|
+
0x92,0xAD,0xE9,0x9C,0xFB,0x44,0x6C,0x3D,0x82,0x49,0xCC,0x5C,
|
|
309
|
+
0x6A,0x52,0x42,0xF8,0x42,0xFB,0x44,0xF9,0x39,0x73,0xFB,0x60,
|
|
310
|
+
0x79,0x3B,0xC2,0x9E,0x0B,0xDC,0xD4,0xA6,0x67,0xF7,0x66,0x3F,
|
|
311
|
+
0xFC,0x42,0x3B,0x1B,0xDB,0x4F,0x66,0xDC,0xA5,0x8F,0x66,0xF9,
|
|
312
|
+
0xEA,0xC1,0xED,0x31,0xFB,0x48,0xA1,0x82,0x7D,0xF8,0xE0,0xCC,
|
|
313
|
+
0xB1,0xC7,0x03,0xE4,0xF8,0xB3,0xFE,0xB7,0xA3,0x13,0x73,0xA6,
|
|
314
|
+
0x7B,0xC1,0x0E,0x39,0xC7,0x94,0x48,0x26,0x00,0x85,0x79,0xFC,
|
|
315
|
+
0x6F,0x7A,0xAF,0xC5,0x52,0x35,0x75,0xD7,0x75,0xA4,0x40,0xFA,
|
|
316
|
+
0x14,0x74,0x61,0x16,0xF2,0xEB,0x67,0x11,0x6F,0x04,0x43,0x3D,
|
|
317
|
+
0x11,0x14,0x4C,0xA7,0x94,0x2A,0x39,0xA1,0xC9,0x90,0xCF,0x83,
|
|
318
|
+
0xC6,0xFF,0x02,0x8F,0xA3,0x2A,0xAC,0x26,0xDF,0x0B,0x8B,0xBE,
|
|
319
|
+
0x64,0x4A,0xF1,0xA1,0xDC,0xEE,0xBA,0xC8,0x03,0x82,0xF6,0x62,
|
|
320
|
+
0x2C,0x5D,0xB6,0xBB,0x13,0x19,0x6E,0x86,0xC5,0x5B,0x2B,0x5E,
|
|
321
|
+
0x3A,0xF3,0xB3,0x28,0x6B,0x70,0x71,0x3A,0x8E,0xFF,0x5C,0x15,
|
|
322
|
+
0xE6,0x02,0xA4,0xCE,0xED,0x59,0x56,0xCC,0x15,0x51,0x07,0x79,
|
|
323
|
+
0x1A,0x0F,0x25,0x26,0x27,0x30,0xA9,0x15,0xB2,0xC8,0xD4,0x5C,
|
|
324
|
+
0xCC,0x30,0xE8,0x1B,0xD8,0xD5,0x0F,0x19,0xA8,0x80,0xA4,0xC7,
|
|
325
|
+
0x01,0xAA,0x8B,0xBA,0x53,0xBB,0x47,0xC2,0x1F,0x6B,0x54,0xB0,
|
|
326
|
+
0x17,0x60,0xED,0x79,0x21,0x95,0xB6,0x05,0x84,0x37,0xC8,0x03,
|
|
327
|
+
0xA4,0xDD,0xD1,0x06,0x69,0x8F,0x4C,0x39,0xE0,0xC8,0x5D,0x83,
|
|
328
|
+
0x1D,0xBE,0x6A,0x9A,0x99,0xF3,0x9F,0x0B,0x45,0x29,0xD4,0xCB,
|
|
329
|
+
0x29,0x66,0xEE,0x1E,0x7E,0x3D,0xD7,0x13,0x4E,0xDB,0x90,0x90,
|
|
330
|
+
0x58,0xCB,0x5E,0x9B,0xCD,0x2E,0x2B,0x0F,0xA9,0x4E,0x78,0xAC,
|
|
331
|
+
0x05,0x11,0x7F,0xE3,0x9E,0x27,0xD4,0x99,0xE1,0xB9,0xBD,0x78,
|
|
332
|
+
0xE1,0x84,0x41,0xA0,0xDF,0x02,0x01,0x02,
|
|
333
|
+
};
|
|
334
|
+
# endif
|
|
335
|
+
|
|
226
336
|
}
|
|
227
337
|
|
|
228
338
|
//
|
|
229
339
|
// Convert a predefined parameter set into a DH value.
|
|
230
340
|
//
|
|
341
|
+
# if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
342
|
+
static DH*
|
|
343
|
+
convertDH(const unsigned char* buf, int len)
|
|
344
|
+
{
|
|
345
|
+
return d2i_DHparams(0, &buf, len);
|
|
346
|
+
}
|
|
347
|
+
# else
|
|
231
348
|
static DH*
|
|
232
349
|
convertDH(unsigned char* p, int plen, unsigned char* g, int glen)
|
|
233
350
|
{
|
|
@@ -247,9 +364,9 @@ convertDH(unsigned char* p, int plen, unsigned char* g, int glen)
|
|
|
247
364
|
dh = 0;
|
|
248
365
|
}
|
|
249
366
|
}
|
|
250
|
-
|
|
251
367
|
return dh;
|
|
252
368
|
}
|
|
369
|
+
# endif
|
|
253
370
|
|
|
254
371
|
IceSSL::DHParams::DHParams() :
|
|
255
372
|
_dh512(0), _dh1024(0), _dh2048(0), _dh4096(0)
|
|
@@ -311,7 +428,40 @@ IceSSL::DHParams::get(int keyLength)
|
|
|
311
428
|
// No match found. Use one of the predefined parameter sets instead.
|
|
312
429
|
//
|
|
313
430
|
IceUtil::Mutex::Lock sync(*this);
|
|
314
|
-
|
|
431
|
+
# if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
432
|
+
if(keyLength >= 4096)
|
|
433
|
+
{
|
|
434
|
+
if(!_dh4096)
|
|
435
|
+
{
|
|
436
|
+
_dh4096 = convertDH(dh4096, (int) sizeof(dh4096));
|
|
437
|
+
}
|
|
438
|
+
return _dh4096;
|
|
439
|
+
}
|
|
440
|
+
else if(keyLength >= 2048)
|
|
441
|
+
{
|
|
442
|
+
if(!_dh2048)
|
|
443
|
+
{
|
|
444
|
+
_dh2048 = convertDH(dh2048, (int) sizeof(dh2048));
|
|
445
|
+
}
|
|
446
|
+
return _dh2048;
|
|
447
|
+
}
|
|
448
|
+
else if(keyLength >= 1024)
|
|
449
|
+
{
|
|
450
|
+
if(!_dh1024)
|
|
451
|
+
{
|
|
452
|
+
_dh1024 = convertDH(dh1024, (int) sizeof(dh1024));
|
|
453
|
+
}
|
|
454
|
+
return _dh1024;
|
|
455
|
+
}
|
|
456
|
+
else
|
|
457
|
+
{
|
|
458
|
+
if(!_dh512)
|
|
459
|
+
{
|
|
460
|
+
_dh512 = convertDH(dh512, (int) sizeof(dh512));
|
|
461
|
+
}
|
|
462
|
+
return _dh512;
|
|
463
|
+
}
|
|
464
|
+
# else
|
|
315
465
|
if(keyLength >= 4096)
|
|
316
466
|
{
|
|
317
467
|
if(!_dh4096)
|
|
@@ -344,9 +494,10 @@ IceSSL::DHParams::get(int keyLength)
|
|
|
344
494
|
}
|
|
345
495
|
return _dh512;
|
|
346
496
|
}
|
|
497
|
+
# endif
|
|
347
498
|
}
|
|
348
499
|
|
|
349
|
-
#
|
|
500
|
+
# endif
|
|
350
501
|
|
|
351
502
|
string
|
|
352
503
|
IceSSL::getSslErrors(bool verbose)
|