zeroc-ice 3.6.5 → 3.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/BZIP2_LICENSE +42 -0
- data/ICE_LICENSE +17 -17
- data/LICENSE +12 -12
- data/bin/slice2rb +1 -1
- data/ext/Communicator.cpp +150 -53
- data/ext/Communicator.h +1 -1
- data/ext/Config.h +2 -12
- data/ext/Connection.cpp +89 -68
- data/ext/Connection.h +1 -1
- data/ext/Endpoint.cpp +16 -45
- data/ext/Endpoint.h +1 -1
- data/ext/ImplicitContext.cpp +1 -5
- data/ext/ImplicitContext.h +1 -1
- data/ext/Init.cpp +4 -1
- data/ext/Logger.cpp +1 -1
- data/ext/Logger.h +1 -1
- data/ext/Operation.cpp +33 -44
- data/ext/Operation.h +1 -1
- data/ext/Properties.cpp +1 -1
- data/ext/Properties.h +1 -1
- data/ext/Proxy.cpp +22 -57
- data/ext/Proxy.h +1 -1
- data/ext/Slice.cpp +5 -5
- data/ext/Slice.h +1 -1
- data/ext/Types.cpp +244 -171
- data/ext/Types.h +118 -66
- data/ext/Util.cpp +13 -9
- data/ext/Util.h +10 -10
- data/ext/ValueFactoryManager.cpp +445 -0
- data/ext/ValueFactoryManager.h +100 -0
- data/ext/extconf.rb +47 -45
- data/ext/ice/bzip2/blocksort.c +1094 -0
- data/ext/ice/bzip2/bzlib.c +1572 -0
- data/ext/ice/bzip2/bzlib.h +282 -0
- data/ext/ice/bzip2/bzlib_private.h +509 -0
- data/ext/ice/bzip2/compress.c +672 -0
- data/ext/ice/bzip2/crctable.c +104 -0
- data/ext/ice/bzip2/decompress.c +646 -0
- data/ext/ice/bzip2/huffman.c +205 -0
- data/ext/ice/bzip2/randtable.c +84 -0
- data/ext/ice/cpp/include/Ice/Application.h +77 -60
- data/ext/ice/cpp/include/Ice/AsyncResult.h +34 -318
- data/ext/ice/cpp/include/Ice/AsyncResultF.h +4 -2
- data/ext/ice/cpp/include/Ice/BatchRequestInterceptor.h +5 -10
- data/ext/ice/cpp/include/Ice/BatchRequestQueueF.h +1 -1
- data/ext/ice/cpp/include/Ice/Buffer.h +10 -10
- data/ext/ice/cpp/include/Ice/CommunicatorAsync.h +14 -12
- data/ext/ice/cpp/include/Ice/Comparable.h +130 -0
- data/ext/ice/cpp/include/Ice/Config.h +7 -36
- data/ext/ice/cpp/include/Ice/ConnectionAsync.h +107 -11
- data/ext/ice/cpp/include/Ice/ConnectionIF.h +5 -1
- data/ext/ice/cpp/include/Ice/ConsoleUtil.h +28 -0
- data/ext/ice/cpp/include/Ice/{DefaultObjectFactory.h → DefaultValueFactory.h} +28 -14
- data/ext/ice/cpp/include/Ice/DispatchInterceptor.h +4 -6
- data/ext/ice/cpp/include/Ice/Dispatcher.h +14 -13
- data/ext/ice/cpp/include/Ice/DynamicLibrary.h +7 -5
- data/ext/ice/cpp/include/Ice/DynamicLibraryF.h +1 -1
- data/ext/ice/cpp/include/Ice/Exception.h +66 -56
- data/ext/ice/cpp/include/Ice/ExceptionHelpers.h +69 -0
- data/ext/ice/cpp/include/Ice/FactoryTable.h +11 -12
- data/ext/ice/cpp/include/Ice/FactoryTableInit.h +27 -25
- data/ext/ice/cpp/include/Ice/Format.h +6 -1
- data/ext/ice/cpp/include/Ice/Functional.h +33 -33
- data/ext/ice/cpp/include/Ice/GCObject.h +9 -5
- data/ext/ice/cpp/include/Ice/Handle.h +6 -11
- data/ext/ice/cpp/include/Ice/Ice.h +9 -5
- data/ext/ice/cpp/include/{IceUtil → Ice}/IconvStringConverter.h +108 -62
- data/ext/ice/cpp/include/Ice/Incoming.h +109 -33
- data/ext/ice/cpp/include/Ice/IncomingAsync.h +63 -23
- data/ext/ice/cpp/include/Ice/IncomingAsyncF.h +7 -1
- data/ext/ice/cpp/include/Ice/Initialize.h +178 -38
- data/ext/ice/cpp/include/Ice/InputStream.h +994 -0
- data/ext/ice/cpp/include/Ice/InstanceF.h +1 -2
- data/ext/ice/cpp/include/Ice/InterfaceByValue.h +46 -0
- data/ext/ice/cpp/include/Ice/LocalObject.h +9 -9
- data/ext/ice/cpp/include/Ice/LocalObjectF.h +1 -1
- data/ext/ice/cpp/include/Ice/LoggerUtil.h +20 -14
- data/ext/ice/cpp/include/Ice/MetricsAdminI.h +114 -65
- data/ext/ice/cpp/include/Ice/MetricsFunctional.h +23 -5
- data/ext/ice/cpp/include/Ice/MetricsObserverI.h +99 -26
- data/ext/ice/cpp/include/Ice/NativePropertiesAdmin.h +17 -4
- data/ext/ice/cpp/include/Ice/Object.h +105 -56
- data/ext/ice/cpp/include/Ice/ObjectF.h +8 -3
- data/ext/ice/cpp/include/Ice/ObserverHelper.h +18 -8
- data/ext/ice/cpp/include/Ice/Optional.h +1084 -0
- data/ext/ice/cpp/include/Ice/OutgoingAsync.h +655 -84
- data/ext/ice/cpp/include/Ice/OutgoingAsyncF.h +12 -6
- data/ext/ice/cpp/include/Ice/OutputStream.h +753 -0
- data/ext/ice/cpp/include/Ice/Protocol.h +19 -12
- data/ext/ice/cpp/include/Ice/Proxy.h +1329 -717
- data/ext/ice/cpp/include/Ice/ProxyF.h +11 -33
- data/ext/ice/cpp/include/Ice/ProxyFactoryF.h +1 -1
- data/ext/ice/cpp/include/Ice/ProxyHandle.h +34 -50
- data/ext/ice/cpp/include/Ice/ReferenceF.h +1 -1
- data/ext/ice/cpp/include/Ice/RegisterPlugins.h +22 -3
- data/ext/ice/cpp/include/Ice/RequestHandlerF.h +10 -4
- data/ext/ice/cpp/include/Ice/ResponseHandlerF.h +6 -1
- data/ext/ice/cpp/include/{IceUtil → Ice}/SHA1.h +16 -16
- data/ext/ice/cpp/include/Ice/ServantManagerF.h +1 -1
- data/ext/ice/cpp/include/Ice/Service.h +13 -18
- data/ext/ice/cpp/include/Ice/SliceChecksums.h +1 -1
- data/ext/ice/cpp/include/Ice/SlicedData.h +46 -20
- data/ext/ice/cpp/include/Ice/SlicedDataF.h +14 -6
- data/ext/ice/cpp/include/Ice/StreamHelpers.h +159 -49
- data/ext/ice/cpp/include/Ice/StringConverter.h +52 -0
- data/ext/ice/cpp/include/Ice/ThreadPoolF.h +1 -1
- data/{slice/Ice/ObjectFactoryF.ice → ext/ice/cpp/include/Ice/UUID.h} +9 -7
- data/ext/ice/cpp/include/{IceUtil → Ice}/UniquePtr.h +21 -22
- data/ext/ice/cpp/include/Ice/UniqueRef.h +98 -0
- data/ext/ice/cpp/include/Ice/UserExceptionFactory.h +40 -8
- data/ext/ice/cpp/include/Ice/Value.h +104 -0
- data/{slice/Freeze/ConnectionF.ice → ext/ice/cpp/include/Ice/ValueF.h} +11 -7
- data/ext/ice/cpp/include/IceSSL/Config.h +8 -23
- data/ext/ice/cpp/include/IceSSL/IceSSL.h +17 -6
- data/ext/ice/cpp/include/IceSSL/OpenSSL.h +130 -0
- data/ext/ice/cpp/include/IceSSL/Plugin.h +172 -259
- data/ext/ice/cpp/include/IceSSL/SChannel.h +66 -0
- data/ext/ice/cpp/include/IceSSL/SecureTransport.h +66 -0
- data/ext/ice/cpp/include/IceSSL/UWP.h +58 -0
- data/ext/ice/cpp/include/IceUtil/Atomic.h +8 -10
- data/ext/ice/cpp/include/IceUtil/Cond.h +17 -18
- data/ext/ice/cpp/include/IceUtil/Config.h +138 -39
- data/ext/ice/cpp/include/IceUtil/ConsoleUtil.h +97 -0
- data/ext/ice/cpp/include/IceUtil/CountDownLatch.h +5 -5
- data/ext/ice/cpp/include/IceUtil/CtrlCHandler.h +23 -17
- data/ext/ice/cpp/include/IceUtil/DisableWarnings.h +1 -3
- data/ext/ice/cpp/include/IceUtil/Exception.h +157 -67
- data/ext/ice/cpp/include/IceUtil/FileUtil.h +148 -0
- data/ext/ice/cpp/include/IceUtil/Functional.h +1 -2
- data/ext/ice/cpp/include/IceUtil/Handle.h +11 -11
- data/ext/ice/cpp/include/IceUtil/IceUtil.h +4 -10
- data/ext/ice/cpp/include/IceUtil/InputUtil.h +3 -3
- data/ext/ice/cpp/include/IceUtil/Iterator.h +2 -2
- data/ext/ice/cpp/include/IceUtil/Lock.h +8 -10
- data/ext/ice/cpp/include/IceUtil/Monitor.h +1 -2
- data/ext/ice/cpp/include/IceUtil/Mutex.h +17 -11
- data/ext/ice/cpp/include/IceUtil/MutexProtocol.h +2 -2
- data/ext/ice/cpp/include/IceUtil/MutexPtrLock.h +4 -4
- data/ext/ice/cpp/include/IceUtil/MutexPtrTryLock.h +4 -4
- data/ext/ice/cpp/include/IceUtil/Optional.h +32 -18
- data/ext/ice/cpp/include/IceUtil/Options.h +17 -18
- data/ext/ice/cpp/include/IceUtil/OutputUtil.h +55 -29
- data/ext/ice/cpp/include/IceUtil/PopDisableWarnings.h +6 -6
- data/ext/ice/cpp/include/IceUtil/PushDisableWarnings.h +11 -10
- data/ext/ice/cpp/include/IceUtil/Random.h +3 -3
- data/ext/ice/cpp/include/IceUtil/RecMutex.h +7 -8
- data/ext/ice/cpp/include/IceUtil/ResourceConfig.h +58 -0
- data/ext/ice/cpp/include/IceUtil/ScannerConfig.h +1 -9
- data/ext/ice/cpp/include/IceUtil/ScopedArray.h +8 -2
- data/ext/ice/cpp/include/IceUtil/Shared.h +5 -7
- data/ext/ice/cpp/{src → include}/IceUtil/StopWatch.h +2 -2
- data/ext/ice/cpp/include/IceUtil/StringConverter.h +77 -72
- data/ext/ice/cpp/include/IceUtil/StringUtil.h +32 -21
- data/ext/ice/cpp/include/IceUtil/Thread.h +10 -12
- data/ext/ice/cpp/include/IceUtil/ThreadException.h +33 -42
- data/ext/ice/cpp/include/IceUtil/Time.h +3 -3
- data/ext/ice/cpp/include/IceUtil/Timer.h +14 -13
- data/ext/ice/cpp/include/IceUtil/UUID.h +2 -2
- data/ext/ice/cpp/include/IceUtil/UndefSysMacros.h +1 -1
- data/ext/ice/cpp/include/{Ice → generated/Ice}/BuiltinSequences.h +41 -8
- data/ext/ice/cpp/include/generated/Ice/Communicator.h +364 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/CommunicatorF.h +40 -8
- data/ext/ice/cpp/include/generated/Ice/Connection.h +872 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ConnectionF.h +46 -8
- data/ext/ice/cpp/include/{Ice → generated/Ice}/Current.h +71 -8
- data/ext/ice/cpp/include/generated/Ice/Endpoint.h +582 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/EndpointF.h +62 -8
- data/ext/ice/cpp/include/{Ice → generated/Ice}/EndpointTypes.h +31 -16
- data/ext/ice/cpp/include/{Ice → generated/Ice}/FacetMap.h +23 -8
- data/ext/ice/cpp/include/generated/Ice/Identity.h +221 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ImplicitContext.h +72 -13
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ImplicitContextF.h +40 -8
- data/ext/ice/cpp/include/generated/Ice/Instrumentation.h +602 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/InstrumentationF.h +54 -8
- data/ext/ice/cpp/include/generated/Ice/LocalException.h +2802 -0
- data/ext/ice/cpp/include/generated/Ice/Locator.h +2036 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/LocatorF.h +53 -12
- data/ext/ice/cpp/include/{Ice → generated/Ice}/Logger.h +71 -13
- data/ext/ice/cpp/include/{Ice → generated/Ice}/LoggerF.h +40 -8
- data/ext/ice/cpp/include/generated/Ice/Metrics.h +2649 -0
- data/ext/ice/cpp/include/generated/Ice/ObjectAdapter.h +302 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ObjectAdapterF.h +40 -8
- data/ext/ice/cpp/include/generated/Ice/ObjectFactory.h +142 -0
- data/ext/ice/cpp/include/generated/Ice/Plugin.h +197 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/PluginF.h +43 -8
- data/ext/ice/cpp/include/generated/Ice/Process.h +536 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ProcessF.h +45 -10
- data/ext/ice/cpp/include/{Ice → generated/Ice}/Properties.h +88 -21
- data/ext/ice/cpp/include/generated/Ice/PropertiesAdmin.h +749 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/PropertiesF.h +48 -10
- data/ext/ice/cpp/include/generated/Ice/RemoteLogger.h +1449 -0
- data/ext/ice/cpp/include/generated/Ice/Router.h +1032 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/RouterF.h +45 -10
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ServantLocator.h +65 -13
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ServantLocatorF.h +40 -8
- data/ext/ice/cpp/include/{Ice → generated/Ice}/SliceChecksumDict.h +23 -8
- data/ext/ice/cpp/include/generated/Ice/ValueFactory.h +169 -0
- data/ext/ice/cpp/include/generated/Ice/Version.h +334 -0
- data/ext/ice/cpp/include/generated/IceSSL/ConnectionInfo.h +172 -0
- data/ext/ice/cpp/include/generated/IceSSL/ConnectionInfoF.h +98 -0
- data/ext/ice/cpp/include/generated/IceSSL/EndpointInfo.h +156 -0
- data/ext/ice/cpp/src/Ice/ACM.cpp +18 -14
- data/ext/ice/cpp/src/Ice/ACM.h +9 -2
- data/ext/ice/cpp/{include → src}/Ice/ACMF.h +10 -5
- data/ext/ice/cpp/src/Ice/Acceptor.cpp +6 -1
- data/ext/ice/cpp/src/Ice/Acceptor.h +4 -3
- data/ext/ice/cpp/src/Ice/AcceptorF.h +1 -1
- data/ext/ice/cpp/src/{IceUtil → Ice}/ArgVector.cpp +9 -9
- data/ext/ice/cpp/src/{IceUtil → Ice}/ArgVector.h +7 -7
- data/ext/ice/cpp/src/Ice/AsyncResult.cpp +15 -538
- data/ext/ice/cpp/src/Ice/Base64.cpp +11 -11
- data/ext/ice/cpp/src/Ice/Base64.h +1 -1
- data/ext/ice/cpp/src/Ice/BatchRequestQueue.cpp +40 -12
- data/ext/ice/cpp/src/Ice/BatchRequestQueue.h +15 -10
- data/ext/ice/cpp/src/Ice/Buffer.cpp +74 -12
- data/ext/ice/cpp/src/Ice/BuiltinSequences.cpp +20 -6
- data/ext/ice/cpp/src/Ice/CollocatedRequestHandler.cpp +85 -190
- data/ext/ice/cpp/src/Ice/CollocatedRequestHandler.h +17 -18
- data/ext/ice/cpp/src/Ice/Communicator.cpp +39 -8
- data/ext/ice/cpp/src/Ice/CommunicatorF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/CommunicatorI.cpp +271 -104
- data/ext/ice/cpp/src/Ice/CommunicatorI.h +84 -28
- data/ext/ice/cpp/src/{IceUtil → Ice}/Cond.cpp +3 -3
- data/ext/ice/cpp/src/Ice/ConnectRequestHandler.cpp +58 -125
- data/ext/ice/cpp/src/Ice/ConnectRequestHandler.h +11 -22
- data/ext/ice/cpp/src/Ice/ConnectRequestHandlerF.h +6 -2
- data/ext/ice/cpp/src/Ice/Connection.cpp +88 -8
- data/ext/ice/cpp/src/Ice/ConnectionF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/ConnectionFactory.cpp +158 -80
- data/ext/ice/cpp/src/Ice/ConnectionFactory.h +41 -23
- data/ext/ice/cpp/{include → src}/Ice/ConnectionFactoryF.h +8 -3
- data/ext/ice/cpp/src/Ice/ConnectionI.cpp +707 -653
- data/ext/ice/cpp/src/Ice/ConnectionI.h +97 -69
- data/ext/ice/cpp/src/Ice/ConnectionRequestHandler.cpp +2 -15
- data/ext/ice/cpp/src/Ice/ConnectionRequestHandler.h +4 -3
- data/ext/ice/cpp/src/Ice/Connector.cpp +6 -1
- data/ext/ice/cpp/src/Ice/Connector.h +4 -3
- data/ext/ice/cpp/src/Ice/ConnectorF.h +1 -1
- data/ext/ice/cpp/src/{IceUtil → Ice}/CountDownLatch.cpp +4 -4
- data/ext/ice/cpp/src/Ice/Current.cpp +29 -6
- data/ext/ice/cpp/src/Ice/DefaultsAndOverrides.cpp +6 -5
- data/ext/ice/cpp/src/Ice/DefaultsAndOverrides.h +1 -1
- data/ext/ice/cpp/src/Ice/DefaultsAndOverridesF.h +1 -1
- data/ext/ice/cpp/src/Ice/DispatchInterceptor.cpp +5 -25
- data/ext/ice/cpp/src/Ice/DynamicLibrary.cpp +29 -19
- data/ext/ice/cpp/src/Ice/Endpoint.cpp +85 -6
- data/ext/ice/cpp/src/Ice/EndpointF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/EndpointFactory.cpp +152 -1
- data/ext/ice/cpp/src/Ice/EndpointFactory.h +72 -6
- data/ext/ice/cpp/src/Ice/EndpointFactoryF.h +1 -1
- data/ext/ice/cpp/src/Ice/EndpointFactoryManager.cpp +35 -19
- data/ext/ice/cpp/src/Ice/EndpointFactoryManager.h +10 -4
- data/ext/ice/cpp/src/Ice/EndpointFactoryManagerF.h +1 -1
- data/ext/ice/cpp/src/Ice/EndpointI.cpp +17 -1
- data/ext/ice/cpp/src/Ice/EndpointI.h +35 -9
- data/ext/ice/cpp/src/Ice/EndpointIF.h +18 -5
- data/ext/ice/cpp/src/Ice/EndpointTypes.cpp +18 -6
- data/ext/ice/cpp/src/Ice/EventHandler.cpp +6 -4
- data/ext/ice/cpp/src/Ice/EventHandler.h +13 -8
- data/ext/ice/cpp/src/Ice/EventHandlerF.h +5 -2
- data/ext/ice/cpp/src/Ice/Exception.cpp +95 -86
- data/ext/ice/cpp/src/Ice/FacetMap.cpp +20 -6
- data/ext/ice/cpp/src/Ice/FactoryTable.cpp +37 -28
- data/ext/ice/cpp/src/Ice/FactoryTableInit.cpp +2 -4
- data/ext/ice/cpp/src/Ice/GCObject.cpp +28 -25
- data/ext/ice/cpp/src/Ice/HashUtil.h +2 -3
- data/ext/ice/cpp/src/Ice/HttpParser.cpp +1 -2
- data/ext/ice/cpp/src/Ice/HttpParser.h +1 -1
- data/ext/ice/cpp/src/Ice/IPEndpointI.cpp +92 -53
- data/ext/ice/cpp/src/Ice/IPEndpointI.h +19 -10
- data/ext/ice/cpp/src/Ice/IPEndpointIF.h +6 -2
- data/ext/ice/cpp/src/Ice/IconvStringConverter.cpp +56 -0
- data/ext/ice/cpp/src/Ice/Identity.cpp +24 -10
- data/ext/ice/cpp/src/Ice/ImplicitContext.cpp +37 -6
- data/ext/ice/cpp/src/Ice/ImplicitContextF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/ImplicitContextI.cpp +14 -14
- data/ext/ice/cpp/src/Ice/ImplicitContextI.h +7 -5
- data/ext/ice/cpp/src/Ice/Incoming.cpp +276 -245
- data/ext/ice/cpp/src/Ice/IncomingAsync.cpp +104 -209
- data/ext/ice/cpp/src/Ice/IncomingRequest.h +5 -4
- data/ext/ice/cpp/src/Ice/Initialize.cpp +299 -172
- data/ext/ice/cpp/src/Ice/InputStream.cpp +2773 -0
- data/ext/ice/cpp/src/Ice/Instance.cpp +191 -231
- data/ext/ice/cpp/src/Ice/Instance.h +30 -18
- data/ext/ice/cpp/src/Ice/Instrumentation.cpp +106 -7
- data/ext/ice/cpp/src/Ice/InstrumentationF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/InstrumentationI.cpp +117 -99
- data/ext/ice/cpp/src/Ice/InstrumentationI.h +30 -31
- data/ext/ice/cpp/src/Ice/LocalException.cpp +1190 -416
- data/ext/ice/cpp/src/Ice/LocalObject.cpp +1 -2
- data/ext/ice/cpp/src/Ice/Locator.cpp +1167 -1215
- data/ext/ice/cpp/src/Ice/LocatorF.cpp +29 -6
- data/ext/ice/cpp/src/Ice/LocatorInfo.cpp +129 -163
- data/ext/ice/cpp/src/Ice/LocatorInfo.h +29 -29
- data/ext/ice/cpp/src/Ice/LocatorInfoF.h +1 -1
- data/ext/ice/cpp/src/Ice/Logger.cpp +35 -5
- data/ext/ice/cpp/src/Ice/LoggerAdminI.cpp +178 -73
- data/ext/ice/cpp/src/Ice/LoggerAdminI.h +4 -4
- data/ext/ice/cpp/src/Ice/LoggerF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/LoggerI.cpp +14 -44
- data/ext/ice/cpp/src/Ice/LoggerI.h +7 -13
- data/ext/ice/cpp/src/Ice/LoggerUtil.cpp +10 -12
- data/ext/ice/cpp/src/Ice/Metrics.cpp +1059 -1069
- data/ext/ice/cpp/src/Ice/MetricsAdminI.cpp +49 -19
- data/ext/ice/cpp/src/Ice/MetricsObserverI.cpp +1 -2
- data/ext/ice/cpp/src/Ice/Network.cpp +534 -170
- data/ext/ice/cpp/src/Ice/Network.h +100 -23
- data/ext/ice/cpp/src/Ice/NetworkF.h +2 -2
- data/ext/ice/cpp/src/Ice/NetworkProxy.cpp +21 -14
- data/ext/ice/cpp/src/Ice/NetworkProxy.h +5 -2
- data/ext/ice/cpp/src/Ice/NetworkProxyF.h +1 -1
- data/ext/ice/cpp/src/Ice/Object.cpp +217 -221
- data/ext/ice/cpp/src/Ice/ObjectAdapter.cpp +41 -6
- data/ext/ice/cpp/src/Ice/ObjectAdapterF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactory.cpp +35 -14
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactory.h +13 -7
- data/ext/ice/cpp/{include → src}/Ice/ObjectAdapterFactoryF.h +5 -1
- data/ext/ice/cpp/src/Ice/ObjectAdapterI.cpp +184 -58
- data/ext/ice/cpp/src/Ice/ObjectAdapterI.h +32 -26
- data/ext/ice/cpp/src/Ice/ObjectFactory.cpp +37 -6
- data/ext/ice/cpp/src/Ice/ObserverHelper.cpp +9 -32
- data/ext/ice/cpp/src/Ice/OpaqueEndpointI.cpp +40 -18
- data/ext/ice/cpp/src/Ice/OpaqueEndpointI.h +14 -5
- data/ext/ice/cpp/src/Ice/OutgoingAsync.cpp +803 -365
- data/ext/ice/cpp/src/Ice/OutputStream.cpp +1399 -0
- data/ext/ice/cpp/src/Ice/Plugin.cpp +45 -6
- data/ext/ice/cpp/src/Ice/PluginF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/PluginManagerI.cpp +13 -13
- data/ext/ice/cpp/src/Ice/PluginManagerI.h +5 -6
- data/ext/ice/cpp/src/Ice/Process.cpp +256 -114
- data/ext/ice/cpp/src/Ice/ProcessF.cpp +29 -6
- data/ext/ice/cpp/src/Ice/Properties.cpp +38 -8
- data/ext/ice/cpp/src/Ice/PropertiesAdmin.cpp +340 -328
- data/ext/ice/cpp/src/Ice/PropertiesAdminI.cpp +81 -17
- data/ext/ice/cpp/src/Ice/PropertiesAdminI.h +29 -5
- data/ext/ice/cpp/src/Ice/PropertiesF.cpp +29 -6
- data/ext/ice/cpp/src/Ice/PropertiesI.cpp +25 -26
- data/ext/ice/cpp/src/Ice/PropertiesI.h +8 -11
- data/ext/ice/cpp/src/Ice/PropertyNames.cpp +107 -50
- data/ext/ice/cpp/src/Ice/PropertyNames.h +4 -2
- data/ext/ice/cpp/src/Ice/Protocol.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ProtocolInstance.cpp +37 -2
- data/ext/ice/cpp/src/Ice/ProtocolInstance.h +9 -20
- data/ext/ice/cpp/src/Ice/ProtocolInstanceF.h +1 -1
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacade.cpp +6 -1
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacade.h +3 -1
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacadeF.h +1 -1
- data/ext/ice/cpp/src/Ice/Proxy.cpp +690 -964
- data/ext/ice/cpp/src/Ice/ProxyFactory.cpp +23 -32
- data/ext/ice/cpp/src/Ice/ProxyFactory.h +16 -11
- data/ext/ice/cpp/src/Ice/Reference.cpp +75 -69
- data/ext/ice/cpp/src/Ice/Reference.h +27 -22
- data/ext/ice/cpp/src/Ice/ReferenceFactory.cpp +18 -21
- data/ext/ice/cpp/src/Ice/ReferenceFactory.h +12 -12
- data/ext/ice/cpp/src/Ice/ReferenceFactoryF.h +1 -1
- data/ext/ice/cpp/src/Ice/RegisterPluginsInit.cpp +18 -4
- data/ext/ice/cpp/src/Ice/RegisterPluginsInit.h +1 -1
- data/ext/ice/cpp/src/Ice/RemoteLogger.cpp +672 -552
- data/ext/ice/cpp/src/Ice/ReplyStatus.h +1 -1
- data/ext/ice/cpp/src/Ice/RequestHandler.cpp +5 -3
- data/ext/ice/cpp/src/Ice/RequestHandler.h +10 -13
- data/ext/ice/cpp/src/Ice/RequestHandlerFactory.cpp +10 -6
- data/ext/ice/cpp/src/Ice/RequestHandlerFactory.h +2 -2
- data/ext/ice/cpp/src/Ice/ResponseHandler.cpp +3 -6
- data/ext/ice/cpp/src/Ice/ResponseHandler.h +16 -7
- data/ext/ice/cpp/src/Ice/RetryQueue.cpp +6 -12
- data/ext/ice/cpp/src/Ice/RetryQueue.h +7 -6
- data/ext/ice/cpp/src/Ice/RetryQueueF.h +1 -1
- data/ext/ice/cpp/src/Ice/Router.cpp +523 -474
- data/ext/ice/cpp/src/Ice/RouterF.cpp +29 -6
- data/ext/ice/cpp/src/Ice/RouterInfo.cpp +91 -70
- data/ext/ice/cpp/src/Ice/RouterInfo.h +43 -32
- data/ext/ice/cpp/src/Ice/RouterInfoF.h +1 -1
- data/ext/ice/cpp/src/{IceUtil → Ice}/SHA1.cpp +21 -21
- data/ext/ice/cpp/src/Ice/Selector.cpp +989 -923
- data/ext/ice/cpp/src/Ice/Selector.h +100 -147
- data/ext/ice/cpp/src/Ice/ServantLocator.cpp +37 -6
- data/ext/ice/cpp/src/Ice/ServantLocatorF.cpp +27 -5
- data/ext/ice/cpp/src/Ice/ServantManager.cpp +9 -9
- data/ext/ice/cpp/src/Ice/ServantManager.h +1 -1
- data/ext/ice/cpp/src/Ice/SharedContext.h +2 -2
- data/ext/ice/cpp/src/Ice/SliceChecksumDict.cpp +20 -6
- data/ext/ice/cpp/src/Ice/SliceChecksums.cpp +2 -2
- data/ext/ice/cpp/src/Ice/SlicedData.cpp +72 -20
- data/ext/ice/cpp/src/Ice/StreamSocket.cpp +173 -18
- data/ext/ice/cpp/src/Ice/StreamSocket.h +13 -4
- data/ext/ice/cpp/src/Ice/StringConverterPlugin.cpp +48 -17
- data/ext/ice/cpp/src/Ice/StringUtil.h +35 -0
- data/ext/ice/cpp/src/Ice/SysLoggerI.cpp +8 -4
- data/ext/ice/cpp/src/Ice/SysLoggerI.h +2 -3
- data/ext/ice/cpp/src/Ice/TcpAcceptor.cpp +158 -32
- data/ext/ice/cpp/src/Ice/TcpAcceptor.h +12 -5
- data/ext/ice/cpp/src/Ice/TcpConnector.cpp +1 -7
- data/ext/ice/cpp/src/Ice/TcpConnector.h +1 -2
- data/ext/ice/cpp/src/Ice/TcpEndpointI.cpp +40 -32
- data/ext/ice/cpp/src/Ice/TcpEndpointI.h +11 -8
- data/ext/ice/cpp/src/Ice/TcpTransceiver.cpp +12 -27
- data/ext/ice/cpp/src/Ice/TcpTransceiver.h +7 -10
- data/ext/ice/cpp/src/{IceUtil → Ice}/Thread.cpp +24 -41
- data/ext/ice/cpp/src/Ice/ThreadPool.cpp +175 -267
- data/ext/ice/cpp/src/Ice/ThreadPool.h +38 -43
- data/ext/ice/cpp/src/{IceUtil → Ice}/Timer.cpp +28 -21
- data/ext/ice/cpp/src/Ice/TraceLevels.cpp +2 -2
- data/ext/ice/cpp/src/Ice/TraceLevels.h +1 -1
- data/ext/ice/cpp/src/Ice/TraceLevelsF.h +2 -2
- data/ext/ice/cpp/src/Ice/TraceUtil.cpp +53 -31
- data/ext/ice/cpp/src/Ice/TraceUtil.h +13 -6
- data/ext/ice/cpp/src/Ice/Transceiver.cpp +1 -2
- data/ext/ice/cpp/src/Ice/Transceiver.h +8 -7
- data/ext/ice/cpp/src/Ice/TransceiverF.h +1 -1
- data/ext/ice/cpp/src/Ice/UdpConnector.cpp +2 -8
- data/ext/ice/cpp/src/Ice/UdpConnector.h +1 -2
- data/ext/ice/cpp/src/Ice/UdpEndpointI.cpp +92 -31
- data/ext/ice/cpp/src/Ice/UdpEndpointI.h +12 -4
- data/ext/ice/cpp/src/Ice/UdpTransceiver.cpp +150 -179
- data/ext/ice/cpp/src/Ice/UdpTransceiver.h +15 -17
- data/ext/ice/cpp/src/Ice/Value.cpp +81 -0
- data/ext/ice/cpp/src/Ice/ValueFactory.cpp +84 -0
- data/ext/ice/cpp/src/Ice/ValueFactoryManagerI.cpp +70 -0
- data/ext/ice/cpp/src/Ice/ValueFactoryManagerI.h +42 -0
- data/ext/ice/cpp/src/Ice/Version.cpp +24 -14
- data/ext/ice/cpp/src/Ice/VirtualShared.h +43 -0
- data/ext/ice/cpp/src/Ice/WSAcceptor.cpp +3 -9
- data/ext/ice/cpp/src/Ice/WSAcceptor.h +3 -7
- data/ext/ice/cpp/src/Ice/WSConnector.cpp +5 -11
- data/ext/ice/cpp/src/Ice/WSConnector.h +3 -6
- data/ext/ice/cpp/src/Ice/WSEndpoint.cpp +185 -80
- data/ext/ice/cpp/src/Ice/WSEndpoint.h +21 -31
- data/ext/ice/cpp/src/Ice/WSTransceiver.cpp +41 -37
- data/ext/ice/cpp/src/Ice/WSTransceiver.h +7 -21
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.cpp +526 -264
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.h +341 -455
- data/ext/ice/cpp/src/IceDiscovery/LocatorI.cpp +86 -26
- data/ext/ice/cpp/src/IceDiscovery/LocatorI.h +59 -23
- data/ext/ice/cpp/src/IceDiscovery/LookupI.cpp +315 -61
- data/ext/ice/cpp/src/IceDiscovery/LookupI.h +83 -36
- data/ext/ice/cpp/src/IceDiscovery/PluginI.cpp +57 -59
- data/ext/ice/cpp/src/IceDiscovery/PluginI.h +3 -3
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.cpp +396 -159
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.h +251 -355
- data/ext/ice/cpp/src/IceLocatorDiscovery/Plugin.h +52 -0
- data/ext/ice/cpp/src/IceLocatorDiscovery/PluginI.cpp +526 -131
- data/ext/ice/cpp/src/IceSSL/AcceptorI.cpp +19 -165
- data/ext/ice/cpp/src/IceSSL/AcceptorI.h +8 -17
- data/ext/ice/cpp/src/IceSSL/CertificateI.cpp +284 -0
- data/ext/ice/cpp/src/IceSSL/CertificateI.h +69 -0
- data/ext/ice/cpp/src/IceSSL/ConnectionInfo.cpp +39 -11
- data/ext/ice/cpp/src/{Ice/ObjectFactoryF.cpp → IceSSL/ConnectionInfoF.cpp} +31 -9
- data/ext/ice/cpp/src/IceSSL/ConnectorI.cpp +14 -56
- data/ext/ice/cpp/src/IceSSL/ConnectorI.h +6 -13
- data/ext/ice/cpp/src/IceSSL/EndpointI.cpp +205 -197
- data/ext/ice/cpp/src/IceSSL/EndpointI.h +41 -33
- data/ext/ice/cpp/src/IceSSL/EndpointInfo.cpp +39 -10
- data/ext/ice/cpp/src/IceSSL/Instance.cpp +1 -6
- data/ext/ice/cpp/src/IceSSL/Instance.h +7 -7
- data/ext/ice/cpp/src/IceSSL/InstanceF.h +11 -7
- data/ext/ice/cpp/src/IceSSL/OpenSSLCertificateI.cpp +588 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.cpp +117 -152
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.h +64 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngineF.h +32 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLPluginI.cpp +132 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.cpp +400 -89
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.h +36 -21
- data/ext/ice/cpp/src/IceSSL/OpenSSLUtil.cpp +291 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLUtil.h +63 -0
- data/ext/ice/cpp/src/IceSSL/PluginI.cpp +71 -41
- data/ext/ice/cpp/src/IceSSL/PluginI.h +13 -18
- data/ext/ice/cpp/src/IceSSL/RFC2253.cpp +9 -54
- data/ext/ice/cpp/src/IceSSL/RFC2253.h +7 -7
- data/ext/ice/cpp/src/IceSSL/SChannelCertificateI.cpp +585 -0
- data/ext/ice/cpp/src/IceSSL/SChannelEngine.cpp +491 -75
- data/ext/ice/cpp/src/IceSSL/SChannelEngine.h +126 -0
- data/ext/ice/cpp/src/IceSSL/SChannelEngineF.h +32 -0
- data/ext/ice/cpp/src/IceSSL/SChannelPluginI.cpp +78 -0
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.cpp +126 -169
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.h +19 -22
- data/ext/ice/cpp/src/IceSSL/SSLEngine.cpp +79 -74
- data/ext/ice/cpp/src/IceSSL/SSLEngine.h +24 -187
- data/ext/ice/cpp/src/IceSSL/SSLEngineF.h +4 -19
- data/ext/ice/cpp/src/IceSSL/SecureTransportCertificateI.cpp +862 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportEngine.cpp +56 -214
- data/ext/ice/cpp/src/IceSSL/SecureTransportEngine.h +60 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportEngineF.h +31 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportPluginI.cpp +80 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +137 -144
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.h +25 -28
- data/ext/ice/cpp/src/IceSSL/SecureTransportUtil.cpp +857 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportUtil.h +46 -0
- data/ext/ice/cpp/src/IceSSL/TrustManager.cpp +9 -13
- data/ext/ice/cpp/src/IceSSL/TrustManager.h +4 -4
- data/ext/ice/cpp/src/IceSSL/TrustManagerF.h +3 -3
- data/ext/ice/cpp/src/IceSSL/UWPCertificateI.cpp +271 -0
- data/ext/ice/cpp/src/IceSSL/UWPEngine.cpp +343 -0
- data/ext/ice/cpp/src/IceSSL/UWPEngine.h +46 -0
- data/ext/ice/cpp/{include/Ice/ObjectFactoryManagerF.h → src/IceSSL/UWPEngineF.h} +13 -8
- data/ext/ice/cpp/src/IceSSL/UWPPluginI.cpp +94 -0
- data/ext/ice/cpp/src/IceSSL/UWPTransceiverI.cpp +388 -0
- data/ext/ice/cpp/src/IceSSL/UWPTransceiverI.h +76 -0
- data/ext/ice/cpp/src/IceSSL/Util.cpp +66 -1256
- data/ext/ice/cpp/src/IceSSL/Util.h +48 -137
- data/ext/ice/cpp/src/IceUtil/ConsoleUtil.cpp +162 -0
- data/ext/ice/cpp/src/IceUtil/ConvertUTF.cpp +22 -22
- data/ext/ice/cpp/src/IceUtil/ConvertUTF.h +34 -26
- data/ext/ice/cpp/src/IceUtil/CtrlCHandler.cpp +20 -31
- data/ext/ice/cpp/src/IceUtil/FileUtil.cpp +25 -116
- data/ext/ice/cpp/src/IceUtil/InputUtil.cpp +1 -1
- data/ext/ice/cpp/src/IceUtil/MutexProtocol.cpp +1 -1
- data/ext/ice/cpp/src/IceUtil/Options.cpp +23 -46
- data/ext/ice/cpp/src/IceUtil/OutputUtil.cpp +7 -6
- data/ext/ice/cpp/src/IceUtil/Random.cpp +13 -13
- data/ext/ice/cpp/src/IceUtil/RecMutex.cpp +3 -9
- data/ext/ice/cpp/src/IceUtil/Shared.cpp +8 -3
- data/ext/ice/cpp/src/IceUtil/StringConverter.cpp +501 -264
- data/ext/ice/cpp/src/IceUtil/StringUtil.cpp +540 -235
- data/ext/ice/cpp/src/IceUtil/ThreadException.cpp +37 -74
- data/ext/ice/cpp/src/IceUtil/Time.cpp +1 -1
- data/ext/ice/cpp/src/IceUtil/UUID.cpp +10 -10
- data/ext/ice/cpp/src/IceUtil/Unicode.cpp +98 -97
- data/ext/ice/cpp/src/IceUtil/Unicode.h +21 -35
- data/ext/ice/cpp/src/IceUtil/UtilException.cpp +838 -0
- data/ext/ice/cpp/src/Slice/CPlusPlusUtil.cpp +815 -163
- data/ext/ice/cpp/src/Slice/CPlusPlusUtil.h +76 -0
- data/ext/ice/cpp/src/Slice/Checksum.cpp +2 -2
- data/ext/ice/cpp/{include → src}/Slice/Checksum.h +2 -2
- data/ext/ice/cpp/src/Slice/FileTracker.cpp +25 -78
- data/ext/ice/cpp/{include → src}/Slice/FileTracker.h +9 -9
- data/ext/ice/cpp/src/Slice/Grammar.cpp +1994 -1943
- data/ext/ice/cpp/src/Slice/Grammar.h +44 -24
- data/ext/ice/cpp/src/Slice/GrammarUtil.h +14 -14
- data/ext/ice/cpp/src/Slice/JavaUtil.cpp +2658 -1927
- data/ext/ice/cpp/{include → src}/Slice/JavaUtil.h +178 -59
- data/ext/ice/cpp/src/Slice/MD5.cpp +1 -1
- data/ext/ice/cpp/src/Slice/MD5.h +1 -1
- data/ext/ice/cpp/src/Slice/MD5I.cpp +0 -1
- data/ext/ice/cpp/src/Slice/MD5I.h +1 -1
- data/ext/ice/cpp/src/Slice/PHPUtil.cpp +12 -15
- data/ext/ice/cpp/{include → src}/Slice/PHPUtil.h +6 -15
- data/ext/ice/cpp/src/Slice/Parser.cpp +802 -307
- data/ext/ice/cpp/{include → src}/Slice/Parser.h +76 -84
- data/ext/ice/cpp/src/Slice/Preprocessor.cpp +43 -21
- data/ext/ice/cpp/{include → src}/Slice/Preprocessor.h +7 -12
- data/ext/ice/cpp/src/Slice/Python.cpp +207 -86
- data/ext/ice/cpp/src/Slice/PythonUtil.cpp +683 -679
- data/ext/ice/cpp/{include → src}/Slice/PythonUtil.h +19 -8
- data/ext/ice/cpp/src/Slice/Ruby.cpp +38 -34
- data/ext/ice/cpp/src/Slice/RubyUtil.cpp +177 -445
- data/ext/ice/cpp/{include → src}/Slice/RubyUtil.h +6 -6
- data/ext/ice/cpp/src/Slice/Scanner.cpp +218 -306
- data/ext/ice/cpp/src/Slice/{Util.cpp → SliceUtil.cpp} +37 -64
- data/ext/ice/cpp/src/Slice/StringLiteralUtil.cpp +374 -0
- data/ext/ice/cpp/src/Slice/Util.h +54 -0
- data/ext/ice/mcpp/Makefile +5 -2
- data/ice.gemspec +2 -7
- data/lib/Glacier2.rb +1 -1
- data/lib/Glacier2/Metrics.rb +7 -46
- data/lib/Glacier2/PermissionsVerifier.rb +24 -95
- data/lib/Glacier2/PermissionsVerifierF.rb +3 -3
- data/lib/Glacier2/Router.rb +32 -74
- data/lib/Glacier2/RouterF.rb +3 -3
- data/lib/Glacier2/SSLInfo.rb +4 -7
- data/lib/Glacier2/Session.rb +88 -307
- data/lib/Ice.rb +83 -52
- data/lib/Ice/BuiltinSequences.rb +4 -4
- data/lib/Ice/Communicator.rb +56 -58
- data/lib/Ice/CommunicatorF.rb +3 -3
- data/lib/Ice/Connection.rb +153 -162
- data/lib/Ice/ConnectionF.rb +3 -3
- data/lib/Ice/Current.rb +4 -11
- data/lib/Ice/Endpoint.rb +57 -133
- data/lib/Ice/EndpointF.rb +3 -3
- data/lib/Ice/EndpointTypes.rb +3 -7
- data/lib/Ice/FacetMap.rb +4 -4
- data/lib/Ice/Identity.rb +5 -8
- data/lib/Ice/ImplicitContext.rb +5 -34
- data/lib/Ice/ImplicitContextF.rb +3 -3
- data/lib/Ice/Instrumentation.rb +23 -275
- data/lib/Ice/InstrumentationF.rb +3 -3
- data/lib/Ice/LocalException.rb +95 -141
- data/lib/Ice/Locator.rb +51 -165
- data/lib/Ice/LocatorF.rb +3 -3
- data/lib/Ice/Logger.rb +5 -34
- data/lib/Ice/LoggerF.rb +3 -3
- data/lib/Ice/Metrics.rb +61 -416
- data/lib/Ice/ObjectAdapter.rb +34 -0
- data/lib/Ice/ObjectAdapterF.rb +3 -3
- data/lib/Ice/ObjectFactory.rb +5 -30
- data/lib/Ice/Plugin.rb +7 -60
- data/lib/Ice/PluginF.rb +3 -3
- data/lib/Ice/Process.rb +16 -52
- data/lib/Ice/ProcessF.rb +3 -3
- data/lib/Ice/Properties.rb +5 -41
- data/lib/Ice/PropertiesAdmin.rb +19 -56
- data/lib/Ice/PropertiesF.rb +3 -3
- data/lib/Ice/RemoteLogger.rb +34 -115
- data/lib/Ice/Router.rb +29 -101
- data/lib/Ice/RouterF.rb +3 -3
- data/lib/Ice/ServantLocator.rb +31 -0
- data/lib/Ice/{ObjectFactoryF.rb → ServantLocatorF.rb} +6 -6
- data/lib/Ice/SliceChecksumDict.rb +3 -3
- data/lib/Ice/ValueFactory.rb +33 -0
- data/lib/Ice/Version.rb +5 -11
- data/lib/IceBox.rb +1 -1
- data/lib/IceBox/IceBox.rb +44 -148
- data/lib/IceGrid.rb +1 -4
- data/lib/IceGrid/Admin.rb +551 -427
- data/lib/IceGrid/Descriptor.rb +62 -529
- data/lib/IceGrid/Exception.rb +24 -45
- data/lib/IceGrid/FileParser.rb +14 -50
- data/lib/IceGrid/PluginFacade.rb +40 -0
- data/lib/IceGrid/Registry.rb +151 -58
- data/lib/IceGrid/Session.rb +25 -64
- data/lib/IceGrid/UserAccountMapper.rb +14 -50
- data/lib/IcePatch2.rb +1 -1
- data/lib/IcePatch2/FileInfo.rb +5 -11
- data/lib/IcePatch2/FileServer.rb +33 -76
- data/lib/IceStorm.rb +1 -1
- data/lib/IceStorm/IceStorm.rb +79 -206
- data/lib/IceStorm/Metrics.rb +11 -89
- data/slice/Glacier2/Metrics.ice +8 -4
- data/slice/Glacier2/PermissionsVerifier.ice +10 -7
- data/slice/Glacier2/PermissionsVerifierF.ice +7 -4
- data/slice/Glacier2/Router.ice +10 -8
- data/slice/Glacier2/RouterF.ice +7 -4
- data/slice/Glacier2/SSLInfo.ice +8 -5
- data/slice/Glacier2/Session.ice +15 -13
- data/slice/Ice/BuiltinSequences.ice +7 -4
- data/slice/Ice/Communicator.ice +141 -66
- data/slice/Ice/CommunicatorF.ice +7 -4
- data/slice/Ice/Connection.ice +183 -86
- data/slice/Ice/ConnectionF.ice +7 -4
- data/slice/Ice/Current.ice +13 -9
- data/slice/Ice/Endpoint.ice +63 -14
- data/slice/Ice/EndpointF.ice +7 -4
- data/slice/Ice/EndpointTypes.ice +8 -6
- data/slice/Ice/FacetMap.ice +7 -4
- data/slice/Ice/Identity.ice +13 -5
- data/slice/Ice/ImplicitContext.ice +20 -18
- data/slice/Ice/ImplicitContextF.ice +7 -4
- data/slice/Ice/Instrumentation.ice +20 -19
- data/slice/Ice/InstrumentationF.ice +8 -5
- data/slice/Ice/LocalException.ice +87 -87
- data/slice/Ice/Locator.ice +19 -18
- data/slice/Ice/LocatorF.ice +7 -4
- data/slice/Ice/Logger.ice +9 -7
- data/slice/Ice/LoggerF.ice +7 -4
- data/slice/Ice/Metrics.ice +18 -14
- data/slice/Ice/ObjectAdapter.ice +30 -13
- data/slice/Ice/ObjectAdapterF.ice +7 -4
- data/slice/Ice/ObjectFactory.ice +15 -12
- data/slice/Ice/Plugin.ice +9 -6
- data/slice/Ice/PluginF.ice +8 -5
- data/slice/Ice/Process.ice +9 -6
- data/slice/Ice/ProcessF.ice +7 -4
- data/slice/Ice/Properties.ice +15 -12
- data/slice/Ice/PropertiesAdmin.ice +9 -5
- data/slice/Ice/PropertiesF.ice +7 -4
- data/slice/Ice/RemoteLogger.ice +33 -24
- data/slice/Ice/Router.ice +16 -7
- data/slice/Ice/RouterF.ice +7 -4
- data/slice/Ice/ServantLocator.ice +13 -10
- data/slice/Ice/ServantLocatorF.ice +7 -4
- data/slice/Ice/SliceChecksumDict.ice +7 -4
- data/slice/Ice/ValueFactory.ice +127 -0
- data/slice/Ice/Version.ice +9 -5
- data/slice/IceBT/ConnectionInfo.ice +53 -0
- data/slice/IceBT/EndpointInfo.ice +51 -0
- data/slice/IceBT/Types.ice +39 -0
- data/slice/IceBox/IceBox.ice +20 -21
- data/slice/IceDiscovery/IceDiscovery.ice +9 -5
- data/slice/IceGrid/Admin.ice +390 -30
- data/slice/IceGrid/Descriptor.ice +37 -29
- data/slice/IceGrid/Exception.ice +33 -27
- data/slice/IceGrid/FileParser.ice +9 -6
- data/slice/IceGrid/PluginFacade.ice +11 -9
- data/slice/IceGrid/Registry.ice +139 -16
- data/slice/IceGrid/Session.ice +10 -8
- data/slice/IceGrid/UserAccountMapper.ice +9 -6
- data/slice/IceIAP/ConnectionInfo.ice +70 -0
- data/slice/IceIAP/EndpointInfo.ice +64 -0
- data/slice/IceLocatorDiscovery/IceLocatorDiscovery.ice +9 -7
- data/slice/IcePatch2/FileInfo.ice +9 -8
- data/slice/IcePatch2/FileServer.ice +17 -13
- data/slice/IceSSL/ConnectionInfo.ice +14 -17
- data/slice/IceSSL/ConnectionInfoF.ice +24 -0
- data/slice/IceSSL/EndpointInfo.ice +9 -30
- data/slice/IceStorm/IceStorm.ice +22 -18
- data/slice/IceStorm/Metrics.ice +9 -5
- metadata +154 -120
- data/ext/ObjectFactory.cpp +0 -140
- data/ext/ObjectFactory.h +0 -50
- data/ext/ice/cpp/include/Ice/BasicStream.h +0 -1335
- data/ext/ice/cpp/include/Ice/Communicator.h +0 -200
- data/ext/ice/cpp/include/Ice/Connection.h +0 -497
- data/ext/ice/cpp/include/Ice/DeprecatedStringConverter.h +0 -62
- data/ext/ice/cpp/include/Ice/Endpoint.h +0 -341
- data/ext/ice/cpp/include/Ice/Identity.h +0 -168
- data/ext/ice/cpp/include/Ice/Instrumentation.h +0 -365
- data/ext/ice/cpp/include/Ice/LocalException.h +0 -1030
- data/ext/ice/cpp/include/Ice/Locator.h +0 -2193
- data/ext/ice/cpp/include/Ice/Metrics.h +0 -2974
- data/ext/ice/cpp/include/Ice/ObjectAdapter.h +0 -168
- data/ext/ice/cpp/include/Ice/ObjectFactory.h +0 -92
- data/ext/ice/cpp/include/Ice/ObjectFactoryF.h +0 -66
- data/ext/ice/cpp/include/Ice/Outgoing.h +0 -225
- data/ext/ice/cpp/include/Ice/Plugin.h +0 -125
- data/ext/ice/cpp/include/Ice/Process.h +0 -574
- data/ext/ice/cpp/include/Ice/PropertiesAdmin.h +0 -830
- data/ext/ice/cpp/include/Ice/RemoteLogger.h +0 -1500
- data/ext/ice/cpp/include/Ice/Router.h +0 -1159
- data/ext/ice/cpp/include/Ice/Stream.h +0 -447
- data/ext/ice/cpp/include/Ice/StreamF.h +0 -30
- data/ext/ice/cpp/include/Ice/Version.h +0 -262
- data/ext/ice/cpp/include/IceSSL/ConnectionInfo.h +0 -158
- data/ext/ice/cpp/include/IceSSL/EndpointInfo.h +0 -142
- data/ext/ice/cpp/include/IceUtil/AbstractMutex.h +0 -119
- data/ext/ice/cpp/include/IceUtil/Cache.h +0 -362
- data/ext/ice/cpp/include/Slice/CPlusPlusUtil.h +0 -65
- data/ext/ice/cpp/include/Slice/CsUtil.h +0 -92
- data/ext/ice/cpp/include/Slice/DotNetNames.h +0 -34
- data/ext/ice/cpp/include/Slice/ObjCUtil.h +0 -127
- data/ext/ice/cpp/include/Slice/Util.h +0 -56
- data/ext/ice/cpp/src/Ice/BasicStream.cpp +0 -3428
- data/ext/ice/cpp/src/Ice/DeprecatedStringConverter.cpp +0 -62
- data/ext/ice/cpp/src/Ice/ObjectFactoryManager.cpp +0 -139
- data/ext/ice/cpp/src/Ice/ObjectFactoryManager.h +0 -43
- data/ext/ice/cpp/src/Ice/Outgoing.cpp +0 -694
- data/ext/ice/cpp/src/Ice/Stream.cpp +0 -53
- data/ext/ice/cpp/src/Ice/StreamI.cpp +0 -832
- data/ext/ice/cpp/src/Ice/StreamI.h +0 -198
- data/ext/ice/cpp/src/IceSSL/Certificate.cpp +0 -1336
- data/ext/ice/cpp/src/IceUtil/Exception.cpp +0 -792
- data/ext/ice/cpp/src/IceUtil/FileUtil.h +0 -185
- data/ext/ice/cpp/src/Slice/CsUtil.cpp +0 -2660
- data/ext/ice/cpp/src/Slice/DotNetNames.cpp +0 -146
- data/ext/ice/cpp/src/Slice/ObjCUtil.cpp +0 -1310
- data/lib/IceGrid/Locator.rb +0 -106
- data/lib/IceGrid/Observer.rb +0 -572
- data/lib/IceGrid/Query.rb +0 -169
- data/slice/Freeze/BackgroundSaveEvictor.ice +0 -111
- data/slice/Freeze/CatalogData.ice +0 -49
- data/slice/Freeze/Connection.ice +0 -121
- data/slice/Freeze/DB.ice +0 -37
- data/slice/Freeze/Evictor.ice +0 -346
- data/slice/Freeze/EvictorF.ice +0 -22
- data/slice/Freeze/EvictorStorage.ice +0 -72
- data/slice/Freeze/Exception.ice +0 -100
- data/slice/Freeze/Transaction.ice +0 -58
- data/slice/Freeze/TransactionalEvictor.ice +0 -50
- data/slice/IceGrid/Locator.ice +0 -57
- data/slice/IceGrid/Observer.ice +0 -395
- data/slice/IceGrid/Query.ice +0 -131
@@ -1,53 +1,50 @@
|
|
1
1
|
// **********************************************************************
|
2
2
|
//
|
3
|
-
// Copyright (c) 2003-
|
3
|
+
// Copyright (c) 2003-2017 ZeroC, Inc. All rights reserved.
|
4
4
|
//
|
5
5
|
// This copy of Ice is licensed to you under the terms described in the
|
6
6
|
// ICE_LICENSE file included in this distribution.
|
7
7
|
//
|
8
8
|
// **********************************************************************
|
9
9
|
|
10
|
-
#ifndef
|
11
|
-
#define
|
10
|
+
#ifndef ICESSL_SECURE_TRANSPORT_TRANSCEIVER_I_H
|
11
|
+
#define ICESSL_SECURE_TRANSPORT_TRANSCEIVER_I_H
|
12
12
|
|
13
13
|
#include <IceSSL/Config.h>
|
14
14
|
#include <IceSSL/InstanceF.h>
|
15
|
-
#include <IceSSL/
|
15
|
+
#include <IceSSL/SecureTransportEngineF.h>
|
16
16
|
#include <IceSSL/Plugin.h>
|
17
17
|
|
18
18
|
#include <Ice/Transceiver.h>
|
19
|
+
#include <Ice/UniqueRef.h>
|
19
20
|
#include <Ice/Network.h>
|
20
|
-
#include <Ice/StreamSocket.h>
|
21
|
-
#include <Ice/WSTransceiver.h>
|
22
|
-
|
23
|
-
#ifdef ICE_USE_SECURE_TRANSPORT
|
24
21
|
|
25
22
|
#include <Security/Security.h>
|
23
|
+
#include <Security/SecureTransport.h>
|
26
24
|
#include <CoreFoundation/CoreFoundation.h>
|
27
25
|
|
28
26
|
namespace IceSSL
|
29
27
|
{
|
30
28
|
|
31
|
-
|
32
|
-
|
29
|
+
namespace SecureTransport
|
30
|
+
{
|
33
31
|
|
34
|
-
class TransceiverI : public IceInternal::Transceiver
|
32
|
+
class TransceiverI : public IceInternal::Transceiver
|
35
33
|
{
|
36
34
|
public:
|
37
35
|
|
38
36
|
virtual IceInternal::NativeInfoPtr getNativeInfo();
|
39
37
|
|
40
|
-
virtual IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer
|
38
|
+
virtual IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&);
|
41
39
|
virtual IceInternal::SocketOperation closing(bool, const Ice::LocalException&);
|
42
40
|
virtual void close();
|
43
41
|
virtual IceInternal::SocketOperation write(IceInternal::Buffer&);
|
44
|
-
virtual IceInternal::SocketOperation read(IceInternal::Buffer
|
42
|
+
virtual IceInternal::SocketOperation read(IceInternal::Buffer&);
|
45
43
|
|
46
44
|
virtual std::string protocol() const;
|
47
45
|
virtual std::string toString() const;
|
48
46
|
virtual std::string toDetailedString() const;
|
49
47
|
virtual Ice::ConnectionInfoPtr getInfo() const;
|
50
|
-
virtual Ice::ConnectionInfoPtr getWSInfo(const Ice::HeaderDict&) const;
|
51
48
|
virtual void checkSendSize(const IceInternal::Buffer&);
|
52
49
|
virtual void setBufferSize(int rcvSize, int sndSize);
|
53
50
|
|
@@ -56,26 +53,22 @@ public:
|
|
56
53
|
|
57
54
|
private:
|
58
55
|
|
59
|
-
TransceiverI(const InstancePtr&, const IceInternal::
|
56
|
+
TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool);
|
60
57
|
virtual ~TransceiverI();
|
61
58
|
|
62
|
-
|
63
|
-
|
64
|
-
friend class ConnectorI;
|
65
|
-
friend class AcceptorI;
|
59
|
+
friend class IceSSL::SecureTransport::SSLEngine;
|
66
60
|
|
67
61
|
const InstancePtr _instance;
|
68
|
-
const
|
62
|
+
const SSLEnginePtr _engine;
|
69
63
|
const std::string _host;
|
70
64
|
const std::string _adapterName;
|
71
65
|
const bool _incoming;
|
72
|
-
const IceInternal::
|
66
|
+
const IceInternal::TransceiverPtr _delegate;
|
67
|
+
|
68
|
+
IceInternal::UniqueRef<SSLContextRef> _ssl;
|
69
|
+
IceInternal::UniqueRef<SecTrustRef> _trust;
|
70
|
+
bool _connected;
|
73
71
|
|
74
|
-
SSLContextRef _ssl;
|
75
|
-
SecTrustRef _trust;
|
76
|
-
bool _verified;
|
77
|
-
|
78
|
-
size_t _buffered;
|
79
72
|
enum SSLWantFlags
|
80
73
|
{
|
81
74
|
SSLWantRead = 0x1,
|
@@ -85,11 +78,15 @@ private:
|
|
85
78
|
mutable Ice::Byte _flags;
|
86
79
|
size_t _maxSendPacketSize;
|
87
80
|
size_t _maxRecvPacketSize;
|
81
|
+
std::string _cipher;
|
82
|
+
std::vector<CertificatePtr> _certs;
|
83
|
+
bool _verified;
|
84
|
+
size_t _buffered;
|
88
85
|
};
|
89
86
|
typedef IceUtil::Handle<TransceiverI> TransceiverIPtr;
|
90
87
|
|
91
|
-
}
|
88
|
+
} // SecureTransport namespace end
|
92
89
|
|
93
|
-
|
90
|
+
} // IceSSL namespace end
|
94
91
|
|
95
92
|
#endif
|
@@ -0,0 +1,857 @@
|
|
1
|
+
// **********************************************************************
|
2
|
+
//
|
3
|
+
// Copyright (c) 2003-2017 ZeroC, Inc. All rights reserved.
|
4
|
+
//
|
5
|
+
// This copy of Ice is licensed to you under the terms described in the
|
6
|
+
// ICE_LICENSE file included in this distribution.
|
7
|
+
//
|
8
|
+
// **********************************************************************
|
9
|
+
|
10
|
+
#include <IceSSL/SecureTransportUtil.h>
|
11
|
+
#include <IceSSL/Plugin.h>
|
12
|
+
|
13
|
+
#include <Ice/Base64.h>
|
14
|
+
#include <Ice/UniqueRef.h>
|
15
|
+
#include <Ice/LocalException.h>
|
16
|
+
|
17
|
+
#include <IceUtil/FileUtil.h>
|
18
|
+
#include <IceUtil/StringUtil.h>
|
19
|
+
|
20
|
+
#include <fstream>
|
21
|
+
|
22
|
+
#include <Security/Security.h>
|
23
|
+
#include <CoreFoundation/CoreFoundation.h>
|
24
|
+
|
25
|
+
using namespace Ice;
|
26
|
+
using namespace IceInternal;
|
27
|
+
using namespace IceSSL;
|
28
|
+
using namespace IceSSL::SecureTransport;
|
29
|
+
using namespace std;
|
30
|
+
|
31
|
+
namespace
|
32
|
+
{
|
33
|
+
|
34
|
+
CFMutableDataRef
|
35
|
+
readCertFile(const string& file)
|
36
|
+
{
|
37
|
+
ifstream is(IceUtilInternal::streamFilename(file).c_str(), ios::in | ios::binary);
|
38
|
+
if(!is.good())
|
39
|
+
{
|
40
|
+
throw CertificateReadException(__FILE__, __LINE__, "error opening file " + file);
|
41
|
+
}
|
42
|
+
|
43
|
+
is.seekg(0, is.end);
|
44
|
+
size_t size = is.tellg();
|
45
|
+
is.seekg(0, is.beg);
|
46
|
+
|
47
|
+
UniqueRef<CFMutableDataRef> data(CFDataCreateMutable(kCFAllocatorDefault, size));
|
48
|
+
CFDataSetLength(data.get(), size);
|
49
|
+
is.read(reinterpret_cast<char*>(CFDataGetMutableBytePtr(data.get())), size);
|
50
|
+
if(!is.good())
|
51
|
+
{
|
52
|
+
throw CertificateReadException(__FILE__, __LINE__, "error reading file " + file);
|
53
|
+
}
|
54
|
+
return data.release();
|
55
|
+
}
|
56
|
+
|
57
|
+
}
|
58
|
+
|
59
|
+
string
|
60
|
+
IceSSL::SecureTransport::sslErrorToString(CFErrorRef err)
|
61
|
+
{
|
62
|
+
ostringstream os;
|
63
|
+
if(err)
|
64
|
+
{
|
65
|
+
UniqueRef<CFStringRef> s(CFErrorCopyDescription(err));
|
66
|
+
os << "(error: " << CFErrorGetCode(err) << " description: " << fromCFString(s.get()) << ")";
|
67
|
+
}
|
68
|
+
return os.str();
|
69
|
+
}
|
70
|
+
|
71
|
+
string
|
72
|
+
IceSSL::SecureTransport::sslErrorToString(OSStatus status)
|
73
|
+
{
|
74
|
+
ostringstream os;
|
75
|
+
os << "(error: " << status;
|
76
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_MACOS)
|
77
|
+
UniqueRef<CFStringRef> s(SecCopyErrorMessageString(status, 0));
|
78
|
+
if(s)
|
79
|
+
{
|
80
|
+
os << " description: " << fromCFString(s.get());
|
81
|
+
}
|
82
|
+
#endif
|
83
|
+
os << ")";
|
84
|
+
return os.str();
|
85
|
+
}
|
86
|
+
|
87
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_MACOS)
|
88
|
+
CFDictionaryRef
|
89
|
+
IceSSL::SecureTransport::getCertificateProperty(SecCertificateRef cert, CFTypeRef key)
|
90
|
+
{
|
91
|
+
UniqueRef<CFDictionaryRef> property;
|
92
|
+
UniqueRef<CFArrayRef> keys(CFArrayCreate(ICE_NULLPTR, &key , 1, &kCFTypeArrayCallBacks));
|
93
|
+
UniqueRef<CFErrorRef> err;
|
94
|
+
UniqueRef<CFDictionaryRef> values(SecCertificateCopyValues(cert, keys.get(), &err.get()));
|
95
|
+
if(err)
|
96
|
+
{
|
97
|
+
ostringstream os;
|
98
|
+
os << "IceSSL: error getting property for certificate:\n" << sslErrorToString(err);
|
99
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
100
|
+
}
|
101
|
+
|
102
|
+
assert(values);
|
103
|
+
property.retain(static_cast<CFDictionaryRef>(CFDictionaryGetValue(values.get(), key)));
|
104
|
+
return property.release();
|
105
|
+
}
|
106
|
+
|
107
|
+
namespace
|
108
|
+
{
|
109
|
+
|
110
|
+
//
|
111
|
+
// Check the certificate basic constraints to check if the certificate is marked as a CA.
|
112
|
+
//
|
113
|
+
bool
|
114
|
+
isCA(SecCertificateRef cert)
|
115
|
+
{
|
116
|
+
UniqueRef<CFDictionaryRef> property(getCertificateProperty(cert, kSecOIDBasicConstraints));
|
117
|
+
if(property)
|
118
|
+
{
|
119
|
+
CFArrayRef propertyValues = static_cast<CFArrayRef>(CFDictionaryGetValue(property.get(), kSecPropertyKeyValue));
|
120
|
+
for(int i = 0, size = CFArrayGetCount(propertyValues); i < size; ++i)
|
121
|
+
{
|
122
|
+
CFDictionaryRef dict = static_cast<CFDictionaryRef>(CFArrayGetValueAtIndex(propertyValues, i));
|
123
|
+
CFStringRef label = static_cast<CFStringRef>(CFDictionaryGetValue(dict, kSecPropertyKeyLabel));
|
124
|
+
if(CFEqual(label, CFSTR("Certificate Authority")))
|
125
|
+
{
|
126
|
+
return CFEqual(static_cast<CFStringRef>(CFDictionaryGetValue(dict, kSecPropertyKeyValue)), CFSTR("Yes"));
|
127
|
+
}
|
128
|
+
}
|
129
|
+
}
|
130
|
+
return false;
|
131
|
+
}
|
132
|
+
|
133
|
+
//
|
134
|
+
// Load keychain items (Certificates or Private Keys) from a file. On return items param contain
|
135
|
+
// the list of items, the caller must release it.
|
136
|
+
//
|
137
|
+
CFArrayRef
|
138
|
+
loadKeychainItems(const string& file, SecExternalItemType type, SecKeychainRef keychain, const string& passphrase,
|
139
|
+
const PasswordPromptPtr& prompt, int retryMax)
|
140
|
+
{
|
141
|
+
UniqueRef<CFMutableDataRef> data(readCertFile(file));
|
142
|
+
|
143
|
+
SecItemImportExportKeyParameters params;
|
144
|
+
memset(¶ms, 0, sizeof(params));
|
145
|
+
params.version = SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION;
|
146
|
+
params.flags |= kSecKeyNoAccessControl;
|
147
|
+
UniqueRef<CFStringRef> passphraseHolder;
|
148
|
+
if(!passphrase.empty())
|
149
|
+
{
|
150
|
+
passphraseHolder.reset(toCFString(passphrase));
|
151
|
+
params.passphrase = passphraseHolder.get();
|
152
|
+
}
|
153
|
+
|
154
|
+
UniqueRef<CFArrayRef> items;
|
155
|
+
SecExternalItemType importType = type;
|
156
|
+
SecExternalFormat format = type == kSecItemTypeUnknown ? kSecFormatPKCS12 : kSecFormatUnknown;
|
157
|
+
UniqueRef<CFStringRef> path(toCFString(file));
|
158
|
+
OSStatus err = SecItemImport(data.get(), path.get(), &format, &importType, 0, ¶ms, keychain, &items.get());
|
159
|
+
|
160
|
+
//
|
161
|
+
// If passphrase failure and no password was configured, we obtain
|
162
|
+
// the password from the given prompt or configure the import to
|
163
|
+
// prompt the user with an alert dialog.
|
164
|
+
//
|
165
|
+
UniqueRef<CFStringRef> alertPromptHolder;
|
166
|
+
if(passphrase.empty() &&
|
167
|
+
(err == errSecPassphraseRequired || err == errSecInvalidData || err == errSecPkcs12VerifyFailure))
|
168
|
+
{
|
169
|
+
if(!prompt)
|
170
|
+
{
|
171
|
+
params.flags |= kSecKeySecurePassphrase;
|
172
|
+
ostringstream os;
|
173
|
+
os << "Enter the password for\n" << file;
|
174
|
+
alertPromptHolder.reset(toCFString(os.str()));
|
175
|
+
params.alertPrompt = alertPromptHolder.get();
|
176
|
+
}
|
177
|
+
|
178
|
+
int count = 0;
|
179
|
+
while((err == errSecPassphraseRequired || err == errSecInvalidData || err == errSecPkcs12VerifyFailure) &&
|
180
|
+
count < retryMax)
|
181
|
+
{
|
182
|
+
if(prompt)
|
183
|
+
{
|
184
|
+
passphraseHolder.reset(toCFString(prompt->getPassword()));
|
185
|
+
params.passphrase = passphraseHolder.get();
|
186
|
+
}
|
187
|
+
err = SecItemImport(data.get(), path.get(), &format, &importType, 0, ¶ms, keychain, &items.get());
|
188
|
+
++count;
|
189
|
+
}
|
190
|
+
}
|
191
|
+
|
192
|
+
if(err != noErr)
|
193
|
+
{
|
194
|
+
ostringstream os;
|
195
|
+
os << "IceSSL: error reading " << (type == kSecItemTypePrivateKey ? "private key" : "certificate");
|
196
|
+
os << " `" << file << "':\n" << sslErrorToString(err);
|
197
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
198
|
+
}
|
199
|
+
|
200
|
+
if(type != kSecItemTypeUnknown && importType != kSecItemTypeAggregate && importType != type)
|
201
|
+
{
|
202
|
+
ostringstream os;
|
203
|
+
os << "IceSSL: error reading " << (type == kSecItemTypePrivateKey ? "private key" : "certificate");
|
204
|
+
os << " `" << file << "' doesn't contain the expected item";
|
205
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
206
|
+
}
|
207
|
+
|
208
|
+
return items.release();
|
209
|
+
}
|
210
|
+
|
211
|
+
SecKeychainRef
|
212
|
+
openKeychain(const std::string& path, const std::string& keychainPassword)
|
213
|
+
{
|
214
|
+
string keychainPath = path;
|
215
|
+
UniqueRef<SecKeychainRef> keychain;
|
216
|
+
OSStatus err = 0;
|
217
|
+
if(keychainPath.empty())
|
218
|
+
{
|
219
|
+
if((err = SecKeychainCopyDefault(&keychain.get())))
|
220
|
+
{
|
221
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
222
|
+
"IceSSL: unable to retrieve default keychain:\n" + sslErrorToString(err));
|
223
|
+
}
|
224
|
+
}
|
225
|
+
else
|
226
|
+
{
|
227
|
+
//
|
228
|
+
// KeyChain path is relative to the current working directory.
|
229
|
+
//
|
230
|
+
if(!IceUtilInternal::isAbsolutePath(keychainPath))
|
231
|
+
{
|
232
|
+
string cwd;
|
233
|
+
if(IceUtilInternal::getcwd(cwd) == 0)
|
234
|
+
{
|
235
|
+
keychainPath = string(cwd) + '/' + keychainPath;
|
236
|
+
}
|
237
|
+
}
|
238
|
+
|
239
|
+
if((err = SecKeychainOpen(keychainPath.c_str(), &keychain.get())))
|
240
|
+
{
|
241
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unable to open keychain: `" +
|
242
|
+
keychainPath + "'\n" + sslErrorToString(err));
|
243
|
+
}
|
244
|
+
}
|
245
|
+
|
246
|
+
SecKeychainStatus status;
|
247
|
+
err = SecKeychainGetStatus(keychain.get(), &status);
|
248
|
+
if(err == noErr)
|
249
|
+
{
|
250
|
+
const char* pass = keychainPassword.empty() ? 0 : keychainPassword.c_str();
|
251
|
+
if((err = SecKeychainUnlock(keychain.get(), keychainPassword.size(), pass, pass != 0)))
|
252
|
+
{
|
253
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
254
|
+
"IceSSL: unable to unlock keychain:\n" + sslErrorToString(err));
|
255
|
+
}
|
256
|
+
}
|
257
|
+
else if(err == errSecNoSuchKeychain)
|
258
|
+
{
|
259
|
+
const char* pass = keychainPassword.empty() ? 0 : keychainPassword.c_str();
|
260
|
+
keychain.reset(0);
|
261
|
+
if((err = SecKeychainCreate(keychainPath.c_str(), keychainPassword.size(), pass, pass == 0, 0, &keychain.get())))
|
262
|
+
{
|
263
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
264
|
+
"IceSSL: unable to create keychain:\n" + sslErrorToString(err));
|
265
|
+
}
|
266
|
+
}
|
267
|
+
else
|
268
|
+
{
|
269
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
270
|
+
"IceSSL: unable to open keychain:\n" + sslErrorToString(err));
|
271
|
+
}
|
272
|
+
|
273
|
+
//
|
274
|
+
// Set keychain settings to avoid keychain lock.
|
275
|
+
//
|
276
|
+
SecKeychainSettings settings;
|
277
|
+
settings.version = SEC_KEYCHAIN_SETTINGS_VERS1;
|
278
|
+
settings.lockOnSleep = FALSE;
|
279
|
+
settings.useLockInterval = FALSE;
|
280
|
+
settings.lockInterval = INT_MAX;
|
281
|
+
if((err = SecKeychainSetSettings(keychain.get(), &settings)))
|
282
|
+
{
|
283
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
284
|
+
"IceSSL: error setting keychain settings:\n" + sslErrorToString(err));
|
285
|
+
}
|
286
|
+
|
287
|
+
return keychain.release();
|
288
|
+
}
|
289
|
+
|
290
|
+
//
|
291
|
+
// Imports a certificate private key and optionally add it to a keychain.
|
292
|
+
//
|
293
|
+
SecIdentityRef
|
294
|
+
loadPrivateKey(const string& file, SecCertificateRef cert, SecKeychainRef keychain, const string& password,
|
295
|
+
const PasswordPromptPtr& prompt, int retryMax)
|
296
|
+
{
|
297
|
+
//
|
298
|
+
// Check if we already imported the certificate
|
299
|
+
//
|
300
|
+
UniqueRef<CFDataRef> hash;
|
301
|
+
UniqueRef<CFDictionaryRef> subjectKeyProperty(getCertificateProperty(cert, kSecOIDSubjectKeyIdentifier));
|
302
|
+
if(subjectKeyProperty)
|
303
|
+
{
|
304
|
+
CFArrayRef values = static_cast<CFArrayRef>(CFDictionaryGetValue(subjectKeyProperty.get(),
|
305
|
+
kSecPropertyKeyValue));
|
306
|
+
for(int i = 0; i < CFArrayGetCount(values); ++i)
|
307
|
+
{
|
308
|
+
CFDictionaryRef dict = static_cast<CFDictionaryRef>(CFArrayGetValueAtIndex(values, i));
|
309
|
+
if(CFEqual(CFDictionaryGetValue(dict, kSecPropertyKeyLabel), CFSTR("Key Identifier")))
|
310
|
+
{
|
311
|
+
hash.retain(static_cast<CFDataRef>(CFDictionaryGetValue(dict, kSecPropertyKeyValue)));
|
312
|
+
break;
|
313
|
+
}
|
314
|
+
}
|
315
|
+
}
|
316
|
+
|
317
|
+
const void* values[] = { keychain };
|
318
|
+
UniqueRef<CFArrayRef> searchList(CFArrayCreate(kCFAllocatorDefault, values, 1, &kCFTypeArrayCallBacks));
|
319
|
+
|
320
|
+
UniqueRef<CFMutableDictionaryRef> query(CFDictionaryCreateMutable(0,
|
321
|
+
0,
|
322
|
+
&kCFTypeDictionaryKeyCallBacks,
|
323
|
+
&kCFTypeDictionaryValueCallBacks));
|
324
|
+
|
325
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
326
|
+
CFDictionarySetValue(query.get(), kSecMatchLimit, kSecMatchLimitOne);
|
327
|
+
CFDictionarySetValue(query.get(), kSecMatchSearchList, searchList.get());
|
328
|
+
CFDictionarySetValue(query.get(), kSecAttrSubjectKeyID, hash.get());
|
329
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
330
|
+
|
331
|
+
UniqueRef<CFTypeRef> value(0);
|
332
|
+
OSStatus err = SecItemCopyMatching(query.get(), &value.get());
|
333
|
+
UniqueRef<SecCertificateRef> item(static_cast<SecCertificateRef>(const_cast<void*>(value.release())));
|
334
|
+
if(err == noErr)
|
335
|
+
{
|
336
|
+
//
|
337
|
+
// If the certificate has already been imported, create the
|
338
|
+
// identity. The key should also have been imported.
|
339
|
+
//
|
340
|
+
UniqueRef<SecIdentityRef> identity;
|
341
|
+
err = SecIdentityCreateWithCertificate(keychain, item.get(), &identity.get());
|
342
|
+
if(err != noErr)
|
343
|
+
{
|
344
|
+
ostringstream os;
|
345
|
+
os << "IceSSL: error creating certificate identity:\n" << sslErrorToString(err);
|
346
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
347
|
+
}
|
348
|
+
return identity.release();
|
349
|
+
}
|
350
|
+
else if(err != errSecItemNotFound)
|
351
|
+
{
|
352
|
+
ostringstream os;
|
353
|
+
os << "IceSSL: error searching for keychain items:\n" << sslErrorToString(err);
|
354
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
355
|
+
}
|
356
|
+
|
357
|
+
//
|
358
|
+
// If the certificate isn't already in the keychain, load the
|
359
|
+
// private key into the keychain and add the certificate.
|
360
|
+
//
|
361
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypePrivateKey, keychain, password, prompt, retryMax));
|
362
|
+
int count = CFArrayGetCount(items.get());
|
363
|
+
UniqueRef<SecKeyRef> key;
|
364
|
+
for(int i = 0; i < count; ++i)
|
365
|
+
{
|
366
|
+
SecKeychainItemRef item =
|
367
|
+
static_cast<SecKeychainItemRef>(const_cast<void*>(CFArrayGetValueAtIndex(items.get(), 0)));
|
368
|
+
if(SecKeyGetTypeID() == CFGetTypeID(item))
|
369
|
+
{
|
370
|
+
key.retain(reinterpret_cast<SecKeyRef>(item));
|
371
|
+
break;
|
372
|
+
}
|
373
|
+
}
|
374
|
+
if(!key)
|
375
|
+
{
|
376
|
+
throw CertificateReadException(__FILE__, __LINE__, "IceSSL: no key in file `" + file + "'");
|
377
|
+
}
|
378
|
+
|
379
|
+
//
|
380
|
+
// Add the certificate to the keychain
|
381
|
+
//
|
382
|
+
query.reset(CFDictionaryCreateMutable(kCFAllocatorDefault,
|
383
|
+
0,
|
384
|
+
&kCFTypeDictionaryKeyCallBacks,
|
385
|
+
&kCFTypeDictionaryValueCallBacks));
|
386
|
+
|
387
|
+
CFDictionarySetValue(query.get(), kSecUseKeychain, keychain);
|
388
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
389
|
+
CFDictionarySetValue(query.get(), kSecValueRef, cert);
|
390
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
391
|
+
|
392
|
+
value.reset(0);
|
393
|
+
err = SecItemAdd(query.get(), static_cast<CFTypeRef*>(&value.get()));
|
394
|
+
UniqueRef<CFArrayRef> added(static_cast<CFArrayRef>(value.release()));
|
395
|
+
if(err != noErr)
|
396
|
+
{
|
397
|
+
ostringstream os;
|
398
|
+
os << "IceSSL: failure adding certificate to keychain\n" << sslErrorToString(err);
|
399
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
400
|
+
}
|
401
|
+
item.retain(static_cast<SecCertificateRef>(const_cast<void*>(CFArrayGetValueAtIndex(added.get(), 0))));
|
402
|
+
|
403
|
+
//
|
404
|
+
// Create the association between the private key and the certificate,
|
405
|
+
// kSecKeyLabel attribute should match the subject key identifier.
|
406
|
+
//
|
407
|
+
vector<SecKeychainAttribute> attributes;
|
408
|
+
if(hash)
|
409
|
+
{
|
410
|
+
SecKeychainAttribute attr;
|
411
|
+
attr.tag = kSecKeyLabel;
|
412
|
+
attr.data = const_cast<UInt8*>(CFDataGetBytePtr(hash.get()));
|
413
|
+
attr.length = CFDataGetLength(hash.get());
|
414
|
+
attributes.push_back(attr);
|
415
|
+
}
|
416
|
+
|
417
|
+
//
|
418
|
+
// kSecKeyPrintName attribute correspond to the keychain display
|
419
|
+
// name.
|
420
|
+
//
|
421
|
+
string label;
|
422
|
+
UniqueRef<CFStringRef> commonName(0);
|
423
|
+
if(SecCertificateCopyCommonName(item.get(), &commonName.get()) == noErr)
|
424
|
+
{
|
425
|
+
label = fromCFString(commonName.get());
|
426
|
+
SecKeychainAttribute attr;
|
427
|
+
attr.tag = kSecKeyPrintName;
|
428
|
+
attr.data = const_cast<char*>(label.c_str());
|
429
|
+
attr.length = label.size();
|
430
|
+
attributes.push_back(attr);
|
431
|
+
}
|
432
|
+
|
433
|
+
SecKeychainAttributeList attrs;
|
434
|
+
attrs.attr = &attributes[0];
|
435
|
+
attrs.count = attributes.size();
|
436
|
+
SecKeychainItemModifyAttributesAndData(reinterpret_cast<SecKeychainItemRef>(key.get()), &attrs, 0, 0);
|
437
|
+
|
438
|
+
UniqueRef<SecIdentityRef> identity;
|
439
|
+
err = SecIdentityCreateWithCertificate(keychain, item.get(), &identity.get());
|
440
|
+
if(err != noErr)
|
441
|
+
{
|
442
|
+
ostringstream os;
|
443
|
+
os << "IceSSL: error creating certificate identity:\n" << sslErrorToString(err);
|
444
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
445
|
+
}
|
446
|
+
return identity.release();
|
447
|
+
}
|
448
|
+
|
449
|
+
} // anonymous namespace end
|
450
|
+
|
451
|
+
#else
|
452
|
+
|
453
|
+
namespace
|
454
|
+
{
|
455
|
+
|
456
|
+
CFArrayRef
|
457
|
+
loadCerts(const string& file)
|
458
|
+
{
|
459
|
+
UniqueRef<CFArrayRef> certs(CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks));
|
460
|
+
if(file.find(".pem") != string::npos)
|
461
|
+
{
|
462
|
+
vector<char> buffer;
|
463
|
+
readFile(file, buffer);
|
464
|
+
string strbuf(buffer.begin(), buffer.end());
|
465
|
+
string::size_type size, startpos, endpos = 0;
|
466
|
+
bool first = true;
|
467
|
+
while(true)
|
468
|
+
{
|
469
|
+
startpos = strbuf.find("-----BEGIN CERTIFICATE-----", endpos);
|
470
|
+
if(startpos != string::npos)
|
471
|
+
{
|
472
|
+
startpos += sizeof("-----BEGIN CERTIFICATE-----");
|
473
|
+
endpos = strbuf.find("-----END CERTIFICATE-----", startpos);
|
474
|
+
if(endpos == string::npos)
|
475
|
+
{
|
476
|
+
InitializationException ex(__FILE__, __LINE__);
|
477
|
+
ex.reason = "IceSSL: certificate " + file + " is not a valid PEM-encoded certificate";
|
478
|
+
throw ex;
|
479
|
+
}
|
480
|
+
size = endpos - startpos;
|
481
|
+
}
|
482
|
+
else if(first)
|
483
|
+
{
|
484
|
+
startpos = 0;
|
485
|
+
endpos = string::npos;
|
486
|
+
size = strbuf.size();
|
487
|
+
}
|
488
|
+
else
|
489
|
+
{
|
490
|
+
break;
|
491
|
+
}
|
492
|
+
|
493
|
+
vector<unsigned char> data(IceInternal::Base64::decode(string(&buffer[startpos], size)));
|
494
|
+
UniqueRef<CFDataRef> certdata(CFDataCreate(kCFAllocatorDefault, &data[0], data.size()));
|
495
|
+
UniqueRef<SecCertificateRef> cert(SecCertificateCreateWithData(0, certdata.get()));
|
496
|
+
if(!cert)
|
497
|
+
{
|
498
|
+
InitializationException ex(__FILE__, __LINE__);
|
499
|
+
ex.reason = "IceSSL: certificate " + file + " is not a valid PEM-encoded certificate";
|
500
|
+
throw ex;
|
501
|
+
}
|
502
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(certs.get()), cert.get());
|
503
|
+
first = false;
|
504
|
+
}
|
505
|
+
}
|
506
|
+
else
|
507
|
+
{
|
508
|
+
UniqueRef<CFDataRef> data(readCertFile(file));
|
509
|
+
UniqueRef<SecCertificateRef> cert(SecCertificateCreateWithData(0, data.get()));
|
510
|
+
if(!cert)
|
511
|
+
{
|
512
|
+
InitializationException ex(__FILE__, __LINE__);
|
513
|
+
ex.reason = "IceSSL: certificate " + file + " is not a valid DER-encoded certificate";
|
514
|
+
throw ex;
|
515
|
+
}
|
516
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(certs.get()), cert.get());
|
517
|
+
}
|
518
|
+
return certs.release();
|
519
|
+
}
|
520
|
+
|
521
|
+
}
|
522
|
+
|
523
|
+
#endif
|
524
|
+
|
525
|
+
//
|
526
|
+
// Imports a certificate (it might contain an identity or certificate depending on the format).
|
527
|
+
//
|
528
|
+
CFArrayRef
|
529
|
+
IceSSL::SecureTransport::loadCertificateChain(const string& file,
|
530
|
+
const string& keyFile,
|
531
|
+
const std::string& keychainPath,
|
532
|
+
const string& keychainPassword,
|
533
|
+
const string& password,
|
534
|
+
const PasswordPromptPtr& prompt,
|
535
|
+
int retryMax)
|
536
|
+
{
|
537
|
+
UniqueRef<CFArrayRef> chain;
|
538
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
539
|
+
UniqueRef<CFDataRef> cert(readCertFile(file));
|
540
|
+
|
541
|
+
UniqueRef<CFMutableDictionaryRef> settings(CFDictionaryCreateMutable(0,
|
542
|
+
1,
|
543
|
+
&kCFTypeDictionaryKeyCallBacks,
|
544
|
+
&kCFTypeDictionaryValueCallBacks));
|
545
|
+
UniqueRef<CFArrayRef> items;
|
546
|
+
OSStatus err;
|
547
|
+
int count = 0;
|
548
|
+
do
|
549
|
+
{
|
550
|
+
items.reset();
|
551
|
+
UniqueRef<CFStringRef> pass(toCFString(password.empty() && prompt ? prompt->getPassword() : password));
|
552
|
+
CFDictionarySetValue(settings.get(), kSecImportExportPassphrase, pass.get());
|
553
|
+
err = SecPKCS12Import(cert.get(), settings.get(), &items.get());
|
554
|
+
++count;
|
555
|
+
}
|
556
|
+
while(password.empty() && prompt && err == errSecAuthFailed && count < retryMax);
|
557
|
+
|
558
|
+
if(err != noErr)
|
559
|
+
{
|
560
|
+
ostringstream os;
|
561
|
+
os << "IceSSL: unable to import certificate from file " << file << " (error = " << err << ")";
|
562
|
+
throw InitializationException(__FILE__, __LINE__, os.str());
|
563
|
+
}
|
564
|
+
|
565
|
+
for(int i = 0; i < CFArrayGetCount(items.get()); ++i)
|
566
|
+
{
|
567
|
+
CFDictionaryRef dict = static_cast<CFDictionaryRef>(CFArrayGetValueAtIndex(items.get(), i));
|
568
|
+
SecIdentityRef identity = static_cast<SecIdentityRef>(
|
569
|
+
const_cast<void*>(CFDictionaryGetValue(dict, kSecImportItemIdentity)));
|
570
|
+
if(identity)
|
571
|
+
{
|
572
|
+
CFArrayRef certs = static_cast<CFArrayRef>(CFDictionaryGetValue(dict, kSecImportItemCertChain));
|
573
|
+
chain.reset(CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, certs));
|
574
|
+
CFArraySetValueAtIndex(const_cast<CFMutableArrayRef>(chain.get()), 0, identity);
|
575
|
+
}
|
576
|
+
}
|
577
|
+
|
578
|
+
if(!chain)
|
579
|
+
{
|
580
|
+
ostringstream os;
|
581
|
+
os << "IceSSL: couldn't find identity in file " << file;
|
582
|
+
throw InitializationException(__FILE__, __LINE__, os.str());
|
583
|
+
}
|
584
|
+
#else
|
585
|
+
UniqueRef<SecKeychainRef> keychain(openKeychain(keychainPath, keychainPassword));
|
586
|
+
if(keyFile.empty())
|
587
|
+
{
|
588
|
+
chain.reset(loadKeychainItems(file, kSecItemTypeUnknown, keychain.get(), password, prompt, retryMax));
|
589
|
+
}
|
590
|
+
else
|
591
|
+
{
|
592
|
+
//
|
593
|
+
// Load the certificate, don't load into the keychain as it
|
594
|
+
// might already have been imported.
|
595
|
+
//
|
596
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypeCertificate, 0, password, prompt, retryMax));
|
597
|
+
SecCertificateRef cert =
|
598
|
+
static_cast<SecCertificateRef>(const_cast<void*>(CFArrayGetValueAtIndex(items.get(), 0)));
|
599
|
+
if(SecCertificateGetTypeID() != CFGetTypeID(cert))
|
600
|
+
{
|
601
|
+
ostringstream os;
|
602
|
+
os << "IceSSL: couldn't find certificate in `" << file << "'";
|
603
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
604
|
+
}
|
605
|
+
|
606
|
+
//
|
607
|
+
// Load the private key for the given certificate. This will
|
608
|
+
// add the certificate/key to the keychain if they aren't
|
609
|
+
// already present in the keychain.
|
610
|
+
//
|
611
|
+
UniqueRef<SecIdentityRef> identity(loadPrivateKey(keyFile, cert, keychain.get(), password, prompt, retryMax));
|
612
|
+
chain.reset(CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, items.get()));
|
613
|
+
CFArraySetValueAtIndex(const_cast<CFMutableArrayRef>(chain.get()), 0, identity.get());
|
614
|
+
}
|
615
|
+
#endif
|
616
|
+
return chain.release();
|
617
|
+
}
|
618
|
+
|
619
|
+
SecCertificateRef
|
620
|
+
IceSSL::SecureTransport::loadCertificate(const string& file)
|
621
|
+
{
|
622
|
+
UniqueRef<SecCertificateRef> cert;
|
623
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
624
|
+
UniqueRef<CFArrayRef> certs(loadCerts(file));
|
625
|
+
assert(CFArrayGetCount(certs.get()) > 0);
|
626
|
+
cert.retain((SecCertificateRef)CFArrayGetValueAtIndex(certs.get(), 0));
|
627
|
+
#else
|
628
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "", 0, 0));
|
629
|
+
cert.retain((SecCertificateRef)CFArrayGetValueAtIndex(items.get(), 0));
|
630
|
+
#endif
|
631
|
+
return cert.release();
|
632
|
+
}
|
633
|
+
|
634
|
+
CFArrayRef
|
635
|
+
IceSSL::SecureTransport::loadCACertificates(const string& file)
|
636
|
+
{
|
637
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
638
|
+
return loadCerts(file);
|
639
|
+
#else
|
640
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "", 0, 0));
|
641
|
+
UniqueRef<CFArrayRef> certificateAuthorities(CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks));
|
642
|
+
int count = CFArrayGetCount(items.get());
|
643
|
+
for(CFIndex i = 0; i < count; ++i)
|
644
|
+
{
|
645
|
+
SecCertificateRef cert =
|
646
|
+
static_cast<SecCertificateRef>(const_cast<void*>(CFArrayGetValueAtIndex(items.get(), i)));
|
647
|
+
assert(SecCertificateGetTypeID() == CFGetTypeID(cert));
|
648
|
+
if(isCA(cert))
|
649
|
+
{
|
650
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(certificateAuthorities.get()), cert);
|
651
|
+
}
|
652
|
+
}
|
653
|
+
return certificateAuthorities.release();
|
654
|
+
#endif
|
655
|
+
}
|
656
|
+
|
657
|
+
CFArrayRef
|
658
|
+
IceSSL::SecureTransport::findCertificateChain(const std::string& keychainPath,
|
659
|
+
const std::string& keychainPassword,
|
660
|
+
const string& value)
|
661
|
+
{
|
662
|
+
//
|
663
|
+
// Search the keychain using key:value pairs. The following keys are supported:
|
664
|
+
//
|
665
|
+
// Label
|
666
|
+
// Serial
|
667
|
+
// Subject
|
668
|
+
// SubjectKeyId
|
669
|
+
//
|
670
|
+
// A value must be enclosed in single or double quotes if it contains whitespace.
|
671
|
+
//
|
672
|
+
UniqueRef<CFMutableDictionaryRef> query(CFDictionaryCreateMutable(0,
|
673
|
+
0,
|
674
|
+
&kCFTypeDictionaryKeyCallBacks,
|
675
|
+
&kCFTypeDictionaryValueCallBacks));
|
676
|
+
|
677
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_MACOS)
|
678
|
+
UniqueRef<SecKeychainRef> keychain(openKeychain(keychainPath, keychainPassword));
|
679
|
+
const void* values[] = { keychain.get() };
|
680
|
+
UniqueRef<CFArrayRef> searchList(CFArrayCreate(kCFAllocatorDefault, values, 1, &kCFTypeArrayCallBacks));
|
681
|
+
CFDictionarySetValue(query.get(), kSecMatchSearchList, searchList.get());
|
682
|
+
#endif
|
683
|
+
CFDictionarySetValue(query.get(), kSecMatchLimit, kSecMatchLimitOne);
|
684
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
685
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
686
|
+
CFDictionarySetValue(query.get(), kSecMatchCaseInsensitive, kCFBooleanTrue);
|
687
|
+
|
688
|
+
size_t start = 0;
|
689
|
+
size_t pos;
|
690
|
+
bool valid = false;
|
691
|
+
while((pos = value.find(':', start)) != string::npos)
|
692
|
+
{
|
693
|
+
string field = IceUtilInternal::toUpper(IceUtilInternal::trim(value.substr(start, pos - start)));
|
694
|
+
string arg;
|
695
|
+
if(field != "LABEL" && field != "SERIAL" && field != "SUBJECT" && field != "SUBJECTKEYID")
|
696
|
+
{
|
697
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unknown key in `" + value + "'");
|
698
|
+
}
|
699
|
+
|
700
|
+
start = pos + 1;
|
701
|
+
while(start < value.size() && (value[start] == ' ' || value[start] == '\t'))
|
702
|
+
{
|
703
|
+
++start;
|
704
|
+
}
|
705
|
+
|
706
|
+
if(start == value.size())
|
707
|
+
{
|
708
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: missing argument in `" + value + "'");
|
709
|
+
}
|
710
|
+
|
711
|
+
if(value[start] == '"' || value[start] == '\'')
|
712
|
+
{
|
713
|
+
size_t end = start;
|
714
|
+
++end;
|
715
|
+
while(end < value.size())
|
716
|
+
{
|
717
|
+
if(value[end] == value[start] && value[end - 1] != '\\')
|
718
|
+
{
|
719
|
+
break;
|
720
|
+
}
|
721
|
+
++end;
|
722
|
+
}
|
723
|
+
if(end == value.size() || value[end] != value[start])
|
724
|
+
{
|
725
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unmatched quote in `" + value + "'");
|
726
|
+
}
|
727
|
+
++start;
|
728
|
+
arg = value.substr(start, end - start);
|
729
|
+
start = end + 1;
|
730
|
+
}
|
731
|
+
else
|
732
|
+
{
|
733
|
+
size_t end = value.find_first_of(" \t", start);
|
734
|
+
if(end == string::npos)
|
735
|
+
{
|
736
|
+
arg = value.substr(start);
|
737
|
+
start = value.size();
|
738
|
+
}
|
739
|
+
else
|
740
|
+
{
|
741
|
+
arg = value.substr(start, end - start);
|
742
|
+
start = end + 1;
|
743
|
+
}
|
744
|
+
}
|
745
|
+
|
746
|
+
if(field == "SUBJECT" || field == "LABEL")
|
747
|
+
{
|
748
|
+
UniqueRef<CFStringRef> v(toCFString(arg));
|
749
|
+
CFDictionarySetValue(query.get(), field == "LABEL" ? kSecAttrLabel : kSecMatchSubjectContains, v.get());
|
750
|
+
valid = true;
|
751
|
+
}
|
752
|
+
else if(field == "SUBJECTKEYID" || field == "SERIAL")
|
753
|
+
{
|
754
|
+
vector<unsigned char> buffer;
|
755
|
+
if(!parseBytes(arg, buffer))
|
756
|
+
{
|
757
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: invalid value `" + value + "'");
|
758
|
+
}
|
759
|
+
UniqueRef<CFDataRef> v(CFDataCreate(kCFAllocatorDefault, &buffer[0], buffer.size()));
|
760
|
+
CFDictionarySetValue(query.get(), field == "SUBJECTKEYID" ? kSecAttrSubjectKeyID : kSecAttrSerialNumber,
|
761
|
+
v.get());
|
762
|
+
valid = true;
|
763
|
+
}
|
764
|
+
}
|
765
|
+
|
766
|
+
if(!valid)
|
767
|
+
{
|
768
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: invalid value `" + value + "'");
|
769
|
+
}
|
770
|
+
|
771
|
+
UniqueRef<SecCertificateRef> cert;
|
772
|
+
OSStatus err = SecItemCopyMatching(query.get(), (CFTypeRef*)&cert.get());
|
773
|
+
if(err != noErr)
|
774
|
+
{
|
775
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
776
|
+
"IceSSL: find certificate `" + value + "' failed:\n" + sslErrorToString(err));
|
777
|
+
}
|
778
|
+
|
779
|
+
//
|
780
|
+
// Retrieve the certificate chain
|
781
|
+
//
|
782
|
+
UniqueRef<SecPolicyRef> policy(SecPolicyCreateSSL(true, 0));
|
783
|
+
UniqueRef<SecTrustRef> trust;
|
784
|
+
err = SecTrustCreateWithCertificates(reinterpret_cast<CFArrayRef>(cert.get()), policy.get(), &trust.get());
|
785
|
+
if(err || !trust)
|
786
|
+
{
|
787
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
788
|
+
"IceSSL: error creating trust object" +
|
789
|
+
(err ? ":\n" + sslErrorToString(err) : ""));
|
790
|
+
}
|
791
|
+
|
792
|
+
SecTrustResultType trustResult;
|
793
|
+
if((err = SecTrustEvaluate(trust.get(), &trustResult)))
|
794
|
+
{
|
795
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
796
|
+
"IceSSL: error evaluating trust:\n" + sslErrorToString(err));
|
797
|
+
}
|
798
|
+
|
799
|
+
int chainLength = SecTrustGetCertificateCount(trust.get());
|
800
|
+
UniqueRef<CFArrayRef> items(CFArrayCreateMutable(kCFAllocatorDefault, chainLength, &kCFTypeArrayCallBacks));
|
801
|
+
for(int i = 0; i < chainLength; ++i)
|
802
|
+
{
|
803
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(items.get()), SecTrustGetCertificateAtIndex(trust.get(), i));
|
804
|
+
}
|
805
|
+
|
806
|
+
//
|
807
|
+
// Replace the first certificate in the chain with the
|
808
|
+
// identity.
|
809
|
+
//
|
810
|
+
UniqueRef<SecIdentityRef> identity;
|
811
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
812
|
+
|
813
|
+
//
|
814
|
+
// SecIdentityCreateWithCertificate isn't supported on iOS so we lookup the identity
|
815
|
+
// using the certicate label. If the user added the identity with SecItemAdd the
|
816
|
+
// identity has the same label as the certificate.
|
817
|
+
//
|
818
|
+
query.reset(CFDictionaryCreateMutable(0, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
|
819
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
820
|
+
CFDictionarySetValue(query.get(), kSecValueRef, cert.get());
|
821
|
+
CFDictionarySetValue(query.get(), kSecReturnAttributes, kCFBooleanTrue);
|
822
|
+
UniqueRef<CFDictionaryRef> attributes;
|
823
|
+
err = SecItemCopyMatching(query.get(), reinterpret_cast<CFTypeRef*>(&attributes.get()));
|
824
|
+
if(err != noErr)
|
825
|
+
{
|
826
|
+
ostringstream os;
|
827
|
+
os << "IceSSL: couldn't create identity for certificate found in the keychain:\n" << sslErrorToString(err);
|
828
|
+
throw PluginInitializationException(__FILE__, __LINE__, os.str());
|
829
|
+
}
|
830
|
+
|
831
|
+
// Now lookup the identity with the label
|
832
|
+
query.reset(CFDictionaryCreateMutable(0, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
|
833
|
+
CFDictionarySetValue(query.get(), kSecMatchLimit, kSecMatchLimitOne);
|
834
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassIdentity);
|
835
|
+
CFDictionarySetValue(query.get(), kSecAttrLabel, (CFDataRef)CFDictionaryGetValue(attributes.get(), kSecAttrLabel));
|
836
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
837
|
+
err = SecItemCopyMatching(query.get(), (CFTypeRef*)&identity.get());
|
838
|
+
if(err == noErr)
|
839
|
+
{
|
840
|
+
UniqueRef<SecCertificateRef> cert2;
|
841
|
+
if((err = SecIdentityCopyCertificate(identity.get(), &cert2.get())) == noErr)
|
842
|
+
{
|
843
|
+
err = CFEqual(cert2.get(), cert.get()) ? noErr : errSecItemNotFound;
|
844
|
+
}
|
845
|
+
}
|
846
|
+
#else
|
847
|
+
err = SecIdentityCreateWithCertificate(keychain.get(), cert.get(), &identity.get());
|
848
|
+
#endif
|
849
|
+
if(err != noErr)
|
850
|
+
{
|
851
|
+
ostringstream os;
|
852
|
+
os << "IceSSL: couldn't create identity for certificate found in the keychain:\n" << sslErrorToString(err);
|
853
|
+
throw PluginInitializationException(__FILE__, __LINE__, os.str());
|
854
|
+
}
|
855
|
+
CFArraySetValueAtIndex(const_cast<CFMutableArrayRef>(items.get()), 0, identity.get());
|
856
|
+
return items.release();
|
857
|
+
}
|