zeroc-ice 3.6.5 → 3.7.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/ICE_LICENSE +17 -17
- data/LICENSE +12 -12
- data/bin/slice2rb +1 -6
- data/ext/Communicator.cpp +223 -61
- data/ext/Communicator.h +1 -6
- data/ext/Config.h +23 -7
- data/ext/Connection.cpp +108 -76
- data/ext/Connection.h +4 -6
- data/ext/Endpoint.cpp +16 -54
- data/ext/Endpoint.h +1 -6
- data/ext/ImplicitContext.cpp +1 -10
- data/ext/ImplicitContext.h +1 -6
- data/ext/Init.cpp +4 -6
- data/ext/Logger.cpp +1 -6
- data/ext/Logger.h +1 -6
- data/ext/Operation.cpp +38 -54
- data/ext/Operation.h +1 -6
- data/ext/Properties.cpp +3 -8
- data/ext/Properties.h +1 -6
- data/ext/Proxy.cpp +111 -70
- data/ext/Proxy.h +1 -6
- data/ext/Slice.cpp +5 -20
- data/ext/Slice.h +1 -6
- data/ext/Types.cpp +313 -224
- data/ext/Types.h +118 -71
- data/ext/Util.cpp +69 -36
- data/ext/Util.h +117 -42
- data/ext/ValueFactoryManager.cpp +440 -0
- data/ext/ValueFactoryManager.h +95 -0
- data/ext/extconf.rb +52 -48
- data/ext/ice/cpp/include/Ice/Application.h +275 -105
- data/ext/ice/cpp/include/Ice/AsyncResult.h +124 -337
- data/ext/ice/cpp/include/Ice/AsyncResultF.h +4 -7
- data/ext/ice/cpp/include/Ice/BatchRequestInterceptor.h +39 -16
- data/ext/ice/cpp/include/Ice/BatchRequestQueueF.h +1 -6
- data/ext/ice/cpp/include/Ice/Buffer.h +10 -15
- data/ext/ice/cpp/include/Ice/CommunicatorAsync.h +56 -17
- data/ext/ice/cpp/include/Ice/Comparable.h +205 -0
- data/ext/ice/cpp/include/Ice/Config.h +16 -39
- data/ext/ice/cpp/include/Ice/ConnectionAsync.h +203 -16
- data/ext/ice/cpp/include/Ice/ConnectionIF.h +7 -6
- data/ext/ice/cpp/include/Ice/ConsoleUtil.h +23 -0
- data/ext/ice/cpp/include/Ice/DefaultValueFactory.h +57 -0
- data/ext/ice/cpp/include/Ice/DispatchInterceptor.h +20 -12
- data/ext/ice/cpp/include/Ice/Dispatcher.h +35 -19
- data/ext/ice/cpp/include/Ice/DynamicLibrary.h +7 -10
- data/ext/ice/cpp/include/Ice/DynamicLibraryF.h +1 -6
- data/ext/ice/cpp/include/Ice/Exception.h +110 -63
- data/ext/ice/cpp/include/Ice/ExceptionHelpers.h +74 -0
- data/ext/ice/cpp/include/Ice/FactoryTable.h +22 -18
- data/ext/ice/cpp/include/Ice/FactoryTableInit.h +28 -31
- data/ext/ice/cpp/include/Ice/Format.h +17 -18
- data/ext/ice/cpp/include/Ice/Functional.h +38 -38
- data/ext/ice/cpp/include/Ice/GCObject.h +9 -10
- data/ext/ice/cpp/include/Ice/Handle.h +6 -16
- data/ext/ice/cpp/include/Ice/Ice.h +9 -10
- data/ext/ice/cpp/include/Ice/IconvStringConverter.h +377 -0
- data/ext/ice/cpp/include/Ice/Incoming.h +132 -38
- data/ext/ice/cpp/include/Ice/IncomingAsync.h +109 -31
- data/ext/ice/cpp/include/Ice/IncomingAsyncF.h +7 -6
- data/ext/ice/cpp/include/Ice/Initialize.h +872 -60
- data/ext/ice/cpp/include/Ice/InputStream.h +1514 -0
- data/ext/ice/cpp/include/Ice/InstanceF.h +1 -7
- data/ext/ice/cpp/include/Ice/InterfaceByValue.h +57 -0
- data/ext/ice/cpp/include/Ice/LocalObject.h +13 -14
- data/ext/ice/cpp/include/Ice/LocalObjectF.h +1 -6
- data/ext/ice/cpp/include/Ice/LoggerUtil.h +56 -24
- data/ext/ice/cpp/include/Ice/MetricsAdminI.h +124 -71
- data/ext/ice/cpp/include/Ice/MetricsFunctional.h +25 -10
- data/ext/ice/cpp/include/Ice/MetricsObserverI.h +116 -32
- data/ext/ice/cpp/include/Ice/NativePropertiesAdmin.h +61 -30
- data/ext/ice/cpp/include/Ice/Object.h +413 -78
- data/ext/ice/cpp/include/Ice/ObjectF.h +12 -8
- data/ext/ice/cpp/include/Ice/ObserverHelper.h +18 -13
- data/ext/ice/cpp/include/Ice/Optional.h +1114 -0
- data/ext/ice/cpp/include/Ice/OutgoingAsync.h +684 -89
- data/ext/ice/cpp/include/Ice/OutgoingAsyncF.h +12 -11
- data/ext/ice/cpp/include/Ice/OutputStream.h +1092 -0
- data/ext/ice/cpp/include/Ice/Protocol.h +49 -17
- data/ext/ice/cpp/include/Ice/Proxy.h +3438 -745
- data/ext/ice/cpp/include/Ice/ProxyF.h +13 -38
- data/ext/ice/cpp/include/Ice/ProxyFactoryF.h +1 -6
- data/ext/ice/cpp/include/Ice/ProxyHandle.h +43 -55
- data/ext/ice/cpp/include/Ice/ReferenceF.h +1 -6
- data/ext/ice/cpp/include/Ice/RegisterPlugins.h +84 -12
- data/ext/ice/cpp/include/Ice/RequestHandlerF.h +10 -9
- data/ext/ice/cpp/include/Ice/ResponseHandlerF.h +6 -6
- data/ext/ice/cpp/include/Ice/SHA1.h +42 -0
- data/ext/ice/cpp/include/Ice/ServantManagerF.h +1 -6
- data/ext/ice/cpp/include/Ice/Service.h +273 -154
- data/ext/ice/cpp/include/Ice/SliceChecksums.h +5 -6
- data/ext/ice/cpp/include/Ice/SlicedData.h +121 -53
- data/ext/ice/cpp/include/Ice/SlicedDataF.h +17 -11
- data/ext/ice/cpp/include/Ice/StreamHelpers.h +453 -140
- data/ext/ice/cpp/include/Ice/StringConverter.h +78 -0
- data/ext/ice/cpp/include/Ice/ThreadPoolF.h +1 -6
- data/ext/ice/cpp/include/Ice/UUID.h +19 -0
- data/ext/ice/cpp/include/{IceUtil → Ice}/UniquePtr.h +22 -28
- data/ext/ice/cpp/include/Ice/UniqueRef.h +97 -0
- data/ext/ice/cpp/include/Ice/UserExceptionFactory.h +45 -13
- data/ext/ice/cpp/include/Ice/Value.h +139 -0
- data/ext/ice/cpp/include/Ice/ValueF.h +21 -0
- data/ext/ice/cpp/include/IceSSL/Config.h +8 -28
- data/ext/ice/cpp/include/IceSSL/IceSSL.h +17 -11
- data/ext/ice/cpp/include/IceSSL/OpenSSL.h +147 -0
- data/ext/ice/cpp/include/IceSSL/Plugin.h +461 -448
- data/ext/ice/cpp/include/IceSSL/SChannel.h +72 -0
- data/ext/ice/cpp/include/IceSSL/SecureTransport.h +72 -0
- data/ext/ice/cpp/include/IceSSL/UWP.h +62 -0
- data/ext/ice/cpp/include/IceUtil/Atomic.h +7 -14
- data/ext/ice/cpp/include/IceUtil/Cond.h +17 -23
- data/ext/ice/cpp/include/IceUtil/Config.h +166 -46
- data/ext/ice/cpp/include/IceUtil/ConsoleUtil.h +92 -0
- data/ext/ice/cpp/include/IceUtil/CountDownLatch.h +5 -10
- data/ext/ice/cpp/include/IceUtil/CtrlCHandler.h +63 -41
- data/ext/ice/cpp/include/IceUtil/DisableWarnings.h +5 -13
- data/ext/ice/cpp/include/IceUtil/Exception.h +284 -75
- data/ext/ice/cpp/include/IceUtil/FileUtil.h +143 -0
- data/ext/ice/cpp/include/IceUtil/Functional.h +4 -6
- data/ext/ice/cpp/include/IceUtil/Handle.h +11 -16
- data/ext/ice/cpp/include/IceUtil/IceUtil.h +4 -15
- data/ext/ice/cpp/include/IceUtil/InputUtil.h +3 -8
- data/ext/ice/cpp/include/IceUtil/Iterator.h +2 -7
- data/ext/ice/cpp/include/IceUtil/Lock.h +8 -15
- data/ext/ice/cpp/include/IceUtil/Monitor.h +1 -7
- data/ext/ice/cpp/include/IceUtil/Mutex.h +19 -23
- data/ext/ice/cpp/include/IceUtil/MutexProtocol.h +2 -7
- data/ext/ice/cpp/include/IceUtil/MutexPtrLock.h +4 -9
- data/ext/ice/cpp/include/IceUtil/MutexPtrTryLock.h +4 -9
- data/ext/ice/cpp/include/IceUtil/Optional.h +134 -23
- data/ext/ice/cpp/include/IceUtil/Options.h +17 -23
- data/ext/ice/cpp/include/IceUtil/OutputUtil.h +61 -37
- data/ext/ice/cpp/include/IceUtil/PopDisableWarnings.h +6 -11
- data/ext/ice/cpp/include/IceUtil/PushDisableWarnings.h +18 -15
- data/ext/ice/cpp/include/IceUtil/Random.h +39 -8
- data/ext/ice/cpp/include/IceUtil/RecMutex.h +7 -13
- data/ext/ice/cpp/include/IceUtil/ResourceConfig.h +53 -0
- data/ext/ice/cpp/include/IceUtil/ScannerConfig.h +10 -15
- data/ext/ice/cpp/include/IceUtil/ScopedArray.h +8 -7
- data/ext/ice/cpp/include/IceUtil/Shared.h +5 -12
- data/ext/ice/cpp/{src → include}/IceUtil/StopWatch.h +2 -7
- data/ext/ice/cpp/include/IceUtil/StringConverter.h +146 -126
- data/ext/ice/cpp/include/IceUtil/StringUtil.h +32 -26
- data/ext/ice/cpp/include/IceUtil/Thread.h +10 -17
- data/ext/ice/cpp/include/IceUtil/ThreadException.h +33 -47
- data/ext/ice/cpp/include/IceUtil/Time.h +3 -8
- data/ext/ice/cpp/include/IceUtil/Timer.h +18 -18
- data/ext/ice/cpp/include/IceUtil/UUID.h +6 -7
- data/ext/ice/cpp/include/IceUtil/UndefSysMacros.h +1 -6
- data/ext/ice/cpp/include/generated/Ice/BuiltinSequences.h +170 -0
- data/ext/ice/cpp/include/generated/Ice/Communicator.h +1156 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/CommunicatorF.h +51 -16
- data/ext/ice/cpp/include/generated/Ice/Connection.h +1660 -0
- data/ext/ice/cpp/include/generated/Ice/ConnectionF.h +119 -0
- data/ext/ice/cpp/include/generated/Ice/Current.h +322 -0
- data/ext/ice/cpp/include/generated/Ice/Endpoint.h +943 -0
- data/ext/ice/cpp/include/generated/Ice/EndpointF.h +166 -0
- data/ext/ice/cpp/include/generated/Ice/EndpointTypes.h +118 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/FacetMap.h +31 -15
- data/ext/ice/cpp/include/generated/Ice/Identity.h +264 -0
- data/ext/ice/cpp/include/generated/Ice/ImplicitContext.h +278 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ImplicitContextF.h +51 -16
- data/ext/ice/cpp/include/generated/Ice/Instrumentation.h +1143 -0
- data/ext/ice/cpp/include/generated/Ice/InstrumentationF.h +128 -0
- data/ext/ice/cpp/include/generated/Ice/LocalException.h +7041 -0
- data/ext/ice/cpp/include/generated/Ice/Locator.h +3850 -0
- data/ext/ice/cpp/include/generated/Ice/LocatorF.h +147 -0
- data/ext/ice/cpp/include/generated/Ice/Logger.h +231 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/LoggerF.h +51 -16
- data/ext/ice/cpp/include/generated/Ice/Metrics.h +4717 -0
- data/ext/ice/cpp/include/generated/Ice/ObjectAdapter.h +1175 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ObjectAdapterF.h +51 -16
- data/ext/ice/cpp/include/generated/Ice/ObjectFactory.h +197 -0
- data/ext/ice/cpp/include/generated/Ice/Plugin.h +306 -0
- data/ext/ice/cpp/include/generated/Ice/PluginF.h +110 -0
- data/ext/ice/cpp/include/generated/Ice/Process.h +971 -0
- data/ext/ice/cpp/include/generated/Ice/ProcessF.h +125 -0
- data/ext/ice/cpp/include/generated/Ice/Properties.h +446 -0
- data/ext/ice/cpp/include/generated/Ice/PropertiesAdmin.h +1360 -0
- data/ext/ice/cpp/include/generated/Ice/PropertiesF.h +134 -0
- data/ext/ice/cpp/include/generated/Ice/RemoteLogger.h +2689 -0
- data/ext/ice/cpp/include/generated/Ice/Router.h +1838 -0
- data/ext/ice/cpp/include/generated/Ice/RouterF.h +125 -0
- data/ext/ice/cpp/include/generated/Ice/ServantLocator.h +299 -0
- data/ext/ice/cpp/include/{Ice → generated/Ice}/ServantLocatorF.h +51 -16
- data/ext/ice/cpp/include/{Ice → generated/Ice}/SliceChecksumDict.h +34 -14
- data/ext/ice/cpp/include/generated/Ice/ValueFactory.h +318 -0
- data/ext/ice/cpp/include/generated/Ice/Version.h +357 -0
- data/ext/ice/cpp/include/generated/IceSSL/ConnectionInfo.h +223 -0
- data/ext/ice/cpp/include/generated/IceSSL/ConnectionInfoF.h +101 -0
- data/ext/ice/cpp/include/generated/IceSSL/EndpointInfo.h +181 -0
- data/ext/ice/cpp/src/Ice/ACM.cpp +38 -27
- data/ext/ice/cpp/src/Ice/ACM.h +9 -7
- data/ext/ice/cpp/src/Ice/ACMF.h +30 -0
- data/ext/ice/cpp/src/Ice/Acceptor.cpp +6 -6
- data/ext/ice/cpp/src/Ice/Acceptor.h +4 -8
- data/ext/ice/cpp/src/Ice/AcceptorF.h +1 -6
- data/ext/ice/cpp/src/Ice/ArgVector.cpp +59 -0
- data/ext/ice/cpp/src/Ice/ArgVector.h +36 -0
- data/ext/ice/cpp/src/Ice/AsyncResult.cpp +15 -544
- data/ext/ice/cpp/src/Ice/Base64.cpp +22 -28
- data/ext/ice/cpp/src/Ice/Base64.h +1 -6
- data/ext/ice/cpp/src/Ice/BatchRequestQueue.cpp +41 -18
- data/ext/ice/cpp/src/Ice/BatchRequestQueue.h +15 -15
- data/ext/ice/cpp/src/Ice/Buffer.cpp +75 -18
- data/ext/ice/cpp/src/Ice/BuiltinSequences.cpp +21 -12
- data/ext/ice/cpp/src/Ice/CollocatedRequestHandler.cpp +86 -197
- data/ext/ice/cpp/src/Ice/CollocatedRequestHandler.h +17 -23
- data/ext/ice/cpp/src/Ice/Communicator.cpp +43 -15
- data/ext/ice/cpp/src/Ice/CommunicatorF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/CommunicatorI.cpp +318 -117
- data/ext/ice/cpp/src/Ice/CommunicatorI.h +95 -40
- data/ext/ice/cpp/src/{IceUtil → Ice}/Cond.cpp +3 -8
- data/ext/ice/cpp/src/Ice/ConnectRequestHandler.cpp +55 -122
- data/ext/ice/cpp/src/Ice/ConnectRequestHandler.h +15 -31
- data/ext/ice/cpp/src/Ice/ConnectRequestHandlerF.h +6 -7
- data/ext/ice/cpp/src/Ice/Connection.cpp +111 -20
- data/ext/ice/cpp/src/Ice/ConnectionF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/ConnectionFactory.cpp +300 -107
- data/ext/ice/cpp/src/Ice/ConnectionFactory.h +44 -28
- data/ext/ice/cpp/src/Ice/ConnectionFactoryF.h +30 -0
- data/ext/ice/cpp/src/Ice/ConnectionI.cpp +785 -713
- data/ext/ice/cpp/src/Ice/ConnectionI.h +105 -80
- data/ext/ice/cpp/src/Ice/ConnectionRequestHandler.cpp +2 -20
- data/ext/ice/cpp/src/Ice/ConnectionRequestHandler.h +5 -9
- data/ext/ice/cpp/src/Ice/Connector.cpp +6 -6
- data/ext/ice/cpp/src/Ice/Connector.h +4 -8
- data/ext/ice/cpp/src/Ice/ConnectorF.h +1 -6
- data/ext/ice/cpp/src/{IceUtil → Ice}/CountDownLatch.cpp +4 -9
- data/ext/ice/cpp/src/Ice/Current.cpp +30 -12
- data/ext/ice/cpp/src/Ice/DefaultsAndOverrides.cpp +10 -16
- data/ext/ice/cpp/src/Ice/DefaultsAndOverrides.h +1 -6
- data/ext/ice/cpp/src/Ice/DefaultsAndOverridesF.h +1 -6
- data/ext/ice/cpp/src/Ice/DispatchInterceptor.cpp +13 -25
- data/ext/ice/cpp/src/Ice/DynamicLibrary.cpp +34 -28
- data/ext/ice/cpp/src/Ice/Endpoint.cpp +107 -19
- data/ext/ice/cpp/src/Ice/EndpointF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/EndpointFactory.cpp +152 -6
- data/ext/ice/cpp/src/Ice/EndpointFactory.h +72 -11
- data/ext/ice/cpp/src/Ice/EndpointFactoryF.h +1 -6
- data/ext/ice/cpp/src/Ice/EndpointFactoryManager.cpp +41 -36
- data/ext/ice/cpp/src/Ice/EndpointFactoryManager.h +10 -9
- data/ext/ice/cpp/src/Ice/EndpointFactoryManagerF.h +1 -6
- data/ext/ice/cpp/src/Ice/EndpointI.cpp +18 -7
- data/ext/ice/cpp/src/Ice/EndpointI.h +39 -18
- data/ext/ice/cpp/src/Ice/EndpointIF.h +18 -10
- data/ext/ice/cpp/src/Ice/EndpointTypes.cpp +19 -12
- data/ext/ice/cpp/src/Ice/EventHandler.cpp +6 -9
- data/ext/ice/cpp/src/Ice/EventHandler.h +13 -13
- data/ext/ice/cpp/src/Ice/EventHandlerF.h +5 -7
- data/ext/ice/cpp/src/Ice/Exception.cpp +102 -98
- data/ext/ice/cpp/src/Ice/FacetMap.cpp +21 -12
- data/ext/ice/cpp/src/Ice/FactoryTable.cpp +37 -33
- data/ext/ice/cpp/src/Ice/FactoryTableInit.cpp +2 -9
- data/ext/ice/cpp/src/Ice/GCObject.cpp +29 -31
- data/ext/ice/cpp/src/Ice/HashUtil.h +3 -9
- data/ext/ice/cpp/src/Ice/HttpParser.cpp +1 -7
- data/ext/ice/cpp/src/Ice/HttpParser.h +1 -6
- data/ext/ice/cpp/src/Ice/IPEndpointI.cpp +128 -111
- data/ext/ice/cpp/src/Ice/IPEndpointI.h +23 -19
- data/ext/ice/cpp/src/Ice/IPEndpointIF.h +6 -7
- data/ext/ice/cpp/src/Ice/IconvStringConverter.cpp +51 -0
- data/ext/ice/cpp/src/Ice/Identity.cpp +25 -16
- data/ext/ice/cpp/src/Ice/ImplicitContext.cpp +41 -13
- data/ext/ice/cpp/src/Ice/ImplicitContextF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/ImplicitContextI.cpp +11 -28
- data/ext/ice/cpp/src/Ice/ImplicitContextI.h +7 -10
- data/ext/ice/cpp/src/Ice/Incoming.cpp +284 -255
- data/ext/ice/cpp/src/Ice/IncomingAsync.cpp +104 -214
- data/ext/ice/cpp/src/Ice/IncomingRequest.h +5 -9
- data/ext/ice/cpp/src/Ice/Initialize.cpp +309 -193
- data/ext/ice/cpp/src/Ice/InputStream.cpp +2726 -0
- data/ext/ice/cpp/src/Ice/Instance.cpp +243 -262
- data/ext/ice/cpp/src/Ice/Instance.h +30 -23
- data/ext/ice/cpp/src/Ice/Instrumentation.cpp +137 -23
- data/ext/ice/cpp/src/Ice/InstrumentationF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/InstrumentationI.cpp +118 -105
- data/ext/ice/cpp/src/Ice/InstrumentationI.h +30 -36
- data/ext/ice/cpp/src/Ice/LocalException.cpp +1191 -422
- data/ext/ice/cpp/src/Ice/LocalObject.cpp +1 -7
- data/ext/ice/cpp/src/Ice/Locator.cpp +1282 -1222
- data/ext/ice/cpp/src/Ice/LocatorF.cpp +30 -12
- data/ext/ice/cpp/src/Ice/LocatorInfo.cpp +150 -186
- data/ext/ice/cpp/src/Ice/LocatorInfo.h +31 -36
- data/ext/ice/cpp/src/Ice/LocatorInfoF.h +1 -6
- data/ext/ice/cpp/src/Ice/Logger.cpp +39 -12
- data/ext/ice/cpp/src/Ice/LoggerAdminI.cpp +182 -88
- data/ext/ice/cpp/src/Ice/LoggerAdminI.h +4 -9
- data/ext/ice/cpp/src/Ice/LoggerF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/LoggerI.cpp +26 -55
- data/ext/ice/cpp/src/Ice/LoggerI.h +7 -18
- data/ext/ice/cpp/src/Ice/LoggerUtil.cpp +10 -17
- data/ext/ice/cpp/src/Ice/Metrics.cpp +1280 -1107
- data/ext/ice/cpp/src/Ice/MetricsAdminI.cpp +58 -33
- data/ext/ice/cpp/src/Ice/MetricsObserverI.cpp +1 -7
- data/ext/ice/cpp/src/Ice/Network.cpp +753 -408
- data/ext/ice/cpp/src/Ice/Network.h +99 -36
- data/ext/ice/cpp/src/Ice/NetworkF.h +2 -7
- data/ext/ice/cpp/src/Ice/NetworkProxy.cpp +20 -19
- data/ext/ice/cpp/src/Ice/NetworkProxy.h +5 -7
- data/ext/ice/cpp/src/Ice/NetworkProxyF.h +1 -6
- data/ext/ice/cpp/src/Ice/OSLogLoggerI.cpp +57 -0
- data/ext/ice/cpp/src/Ice/OSLogLoggerI.h +40 -0
- data/ext/ice/cpp/src/Ice/Object.cpp +227 -232
- data/ext/ice/cpp/src/Ice/ObjectAdapter.cpp +45 -13
- data/ext/ice/cpp/src/Ice/ObjectAdapterF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactory.cpp +83 -33
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactory.h +13 -12
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactoryF.h +25 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapterI.cpp +298 -191
- data/ext/ice/cpp/src/Ice/ObjectAdapterI.h +44 -39
- data/ext/ice/cpp/src/Ice/ObjectFactory.cpp +41 -13
- data/ext/ice/cpp/src/Ice/ObserverHelper.cpp +9 -37
- data/ext/ice/cpp/src/Ice/OpaqueEndpointI.cpp +67 -67
- data/ext/ice/cpp/src/Ice/OpaqueEndpointI.h +15 -11
- data/ext/ice/cpp/src/Ice/OutgoingAsync.cpp +801 -366
- data/ext/ice/cpp/src/Ice/OutputStream.cpp +1367 -0
- data/ext/ice/cpp/src/Ice/Plugin.cpp +52 -14
- data/ext/ice/cpp/src/Ice/PluginF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/PluginManagerI.cpp +27 -51
- data/ext/ice/cpp/src/Ice/PluginManagerI.h +7 -13
- data/ext/ice/cpp/src/Ice/Process.cpp +294 -128
- data/ext/ice/cpp/src/Ice/ProcessF.cpp +30 -12
- data/ext/ice/cpp/src/Ice/Properties.cpp +42 -15
- data/ext/ice/cpp/src/Ice/PropertiesAdmin.cpp +382 -340
- data/ext/ice/cpp/src/Ice/PropertiesAdminI.cpp +83 -24
- data/ext/ice/cpp/src/Ice/PropertiesAdminI.h +29 -10
- data/ext/ice/cpp/src/Ice/PropertiesF.cpp +30 -12
- data/ext/ice/cpp/src/Ice/PropertiesI.cpp +46 -57
- data/ext/ice/cpp/src/Ice/PropertiesI.h +18 -26
- data/ext/ice/cpp/src/Ice/PropertyNames.cpp +112 -19
- data/ext/ice/cpp/src/Ice/PropertyNames.h +4 -7
- data/ext/ice/cpp/src/Ice/Protocol.cpp +6 -19
- data/ext/ice/cpp/src/Ice/ProtocolInstance.cpp +37 -7
- data/ext/ice/cpp/src/Ice/ProtocolInstance.h +9 -25
- data/ext/ice/cpp/src/Ice/ProtocolInstanceF.h +1 -6
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacade.cpp +6 -6
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacade.h +3 -6
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacadeF.h +1 -6
- data/ext/ice/cpp/src/Ice/Proxy.cpp +729 -957
- data/ext/ice/cpp/src/Ice/ProxyFactory.cpp +33 -38
- data/ext/ice/cpp/src/Ice/ProxyFactory.h +16 -16
- data/ext/ice/cpp/src/Ice/Reference.cpp +190 -106
- data/ext/ice/cpp/src/Ice/Reference.h +39 -28
- data/ext/ice/cpp/src/Ice/ReferenceFactory.cpp +69 -118
- data/ext/ice/cpp/src/Ice/ReferenceFactory.h +12 -17
- data/ext/ice/cpp/src/Ice/ReferenceFactoryF.h +1 -6
- data/ext/ice/cpp/src/Ice/RegisterPluginsInit.cpp +19 -9
- data/ext/ice/cpp/src/Ice/RegisterPluginsInit.h +1 -6
- data/ext/ice/cpp/src/Ice/RemoteLogger.cpp +766 -565
- data/ext/ice/cpp/src/Ice/ReplyStatus.h +1 -6
- data/ext/ice/cpp/src/Ice/RequestHandler.cpp +5 -8
- data/ext/ice/cpp/src/Ice/RequestHandler.h +10 -18
- data/ext/ice/cpp/src/Ice/RequestHandlerFactory.cpp +10 -11
- data/ext/ice/cpp/src/Ice/RequestHandlerFactory.h +2 -7
- data/ext/ice/cpp/src/Ice/ResponseHandler.cpp +3 -11
- data/ext/ice/cpp/src/Ice/ResponseHandler.h +16 -12
- data/ext/ice/cpp/src/Ice/RetryQueue.cpp +12 -20
- data/ext/ice/cpp/src/Ice/RetryQueue.h +7 -11
- data/ext/ice/cpp/src/Ice/RetryQueueF.h +1 -6
- data/ext/ice/cpp/src/Ice/Router.cpp +614 -492
- data/ext/ice/cpp/src/Ice/RouterF.cpp +30 -12
- data/ext/ice/cpp/src/Ice/RouterInfo.cpp +93 -99
- data/ext/ice/cpp/src/Ice/RouterInfo.h +42 -38
- data/ext/ice/cpp/src/Ice/RouterInfoF.h +1 -6
- data/ext/ice/cpp/src/{IceUtil → Ice}/SHA1.cpp +23 -28
- data/ext/ice/cpp/src/Ice/Selector.cpp +948 -855
- data/ext/ice/cpp/src/Ice/Selector.h +100 -152
- data/ext/ice/cpp/src/Ice/ServantLocator.cpp +41 -13
- data/ext/ice/cpp/src/Ice/ServantLocatorF.cpp +28 -11
- data/ext/ice/cpp/src/Ice/ServantManager.cpp +24 -45
- data/ext/ice/cpp/src/Ice/ServantManager.h +1 -6
- data/ext/ice/cpp/src/Ice/SharedContext.h +2 -7
- data/ext/ice/cpp/src/Ice/SliceChecksumDict.cpp +21 -12
- data/ext/ice/cpp/src/Ice/SliceChecksums.cpp +2 -7
- data/ext/ice/cpp/src/Ice/SlicedData.cpp +72 -25
- data/ext/ice/cpp/src/Ice/StreamSocket.cpp +208 -76
- data/ext/ice/cpp/src/Ice/StreamSocket.h +13 -9
- data/ext/ice/cpp/src/Ice/StringConverterPlugin.cpp +57 -22
- data/ext/ice/cpp/src/Ice/StringUtil.h +30 -0
- data/ext/ice/cpp/src/Ice/SysLoggerI.cpp +6 -7
- data/ext/ice/cpp/src/Ice/SysLoggerI.h +2 -8
- data/ext/ice/cpp/src/Ice/SystemdJournalI.cpp +66 -0
- data/ext/ice/cpp/src/Ice/SystemdJournalI.h +39 -0
- data/ext/ice/cpp/src/Ice/TcpAcceptor.cpp +169 -49
- data/ext/ice/cpp/src/Ice/TcpAcceptor.h +12 -10
- data/ext/ice/cpp/src/Ice/TcpConnector.cpp +6 -12
- data/ext/ice/cpp/src/Ice/TcpConnector.h +1 -7
- data/ext/ice/cpp/src/Ice/TcpEndpointI.cpp +51 -46
- data/ext/ice/cpp/src/Ice/TcpEndpointI.h +12 -14
- data/ext/ice/cpp/src/Ice/TcpTransceiver.cpp +17 -32
- data/ext/ice/cpp/src/Ice/TcpTransceiver.h +7 -15
- data/ext/ice/cpp/src/{IceUtil → Ice}/Thread.cpp +41 -54
- data/ext/ice/cpp/src/Ice/ThreadPool.cpp +242 -274
- data/ext/ice/cpp/src/Ice/ThreadPool.h +46 -48
- data/ext/ice/cpp/src/{IceUtil → Ice}/Timer.cpp +38 -26
- data/ext/ice/cpp/src/Ice/TraceLevels.cpp +2 -7
- data/ext/ice/cpp/src/Ice/TraceLevels.h +1 -6
- data/ext/ice/cpp/src/Ice/TraceLevelsF.h +2 -7
- data/ext/ice/cpp/src/Ice/TraceUtil.cpp +53 -36
- data/ext/ice/cpp/src/Ice/TraceUtil.h +13 -11
- data/ext/ice/cpp/src/Ice/Transceiver.cpp +1 -7
- data/ext/ice/cpp/src/Ice/Transceiver.h +8 -12
- data/ext/ice/cpp/src/Ice/TransceiverF.h +3 -8
- data/ext/ice/cpp/src/Ice/UdpConnector.cpp +5 -13
- data/ext/ice/cpp/src/Ice/UdpConnector.h +1 -7
- data/ext/ice/cpp/src/Ice/UdpEndpointI.cpp +118 -60
- data/ext/ice/cpp/src/Ice/UdpEndpointI.h +13 -10
- data/ext/ice/cpp/src/Ice/UdpTransceiver.cpp +177 -236
- data/ext/ice/cpp/src/Ice/UdpTransceiver.h +15 -22
- data/ext/ice/cpp/src/Ice/Value.cpp +76 -0
- data/ext/ice/cpp/src/Ice/ValueFactory.cpp +83 -0
- data/ext/ice/cpp/src/Ice/ValueFactoryManagerI.cpp +61 -0
- data/ext/ice/cpp/src/Ice/ValueFactoryManagerI.h +37 -0
- data/ext/ice/cpp/src/Ice/Version.cpp +25 -20
- data/ext/ice/cpp/src/Ice/VirtualShared.h +38 -0
- data/ext/ice/cpp/src/Ice/WSAcceptor.cpp +3 -14
- data/ext/ice/cpp/src/Ice/WSAcceptor.h +3 -12
- data/ext/ice/cpp/src/Ice/WSConnector.cpp +5 -16
- data/ext/ice/cpp/src/Ice/WSConnector.h +3 -11
- data/ext/ice/cpp/src/Ice/WSEndpoint.cpp +188 -89
- data/ext/ice/cpp/src/Ice/WSEndpoint.h +22 -37
- data/ext/ice/cpp/src/Ice/WSTransceiver.cpp +65 -66
- data/ext/ice/cpp/src/Ice/WSTransceiver.h +7 -27
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.cpp +596 -281
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.h +1383 -543
- data/ext/ice/cpp/src/IceDiscovery/LocatorI.cpp +89 -32
- data/ext/ice/cpp/src/IceDiscovery/LocatorI.h +59 -28
- data/ext/ice/cpp/src/IceDiscovery/LookupI.cpp +315 -66
- data/ext/ice/cpp/src/IceDiscovery/LookupI.h +83 -41
- data/ext/ice/cpp/src/IceDiscovery/PluginI.cpp +57 -64
- data/ext/ice/cpp/src/IceDiscovery/PluginI.h +3 -8
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.cpp +450 -172
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.h +863 -406
- data/ext/ice/cpp/src/IceLocatorDiscovery/Plugin.h +47 -0
- data/ext/ice/cpp/src/IceLocatorDiscovery/PluginI.cpp +636 -144
- data/ext/ice/cpp/src/IceSSL/AcceptorI.cpp +20 -173
- data/ext/ice/cpp/src/IceSSL/AcceptorI.h +8 -22
- data/ext/ice/cpp/src/IceSSL/CertificateI.cpp +279 -0
- data/ext/ice/cpp/src/IceSSL/CertificateI.h +64 -0
- data/ext/ice/cpp/src/IceSSL/ConnectionInfo.cpp +42 -17
- data/ext/ice/cpp/src/IceSSL/ConnectionInfoF.cpp +61 -0
- data/ext/ice/cpp/src/IceSSL/ConnectorI.cpp +15 -64
- data/ext/ice/cpp/src/IceSSL/ConnectorI.h +6 -18
- data/ext/ice/cpp/src/IceSSL/EndpointI.cpp +207 -204
- data/ext/ice/cpp/src/IceSSL/EndpointI.h +43 -40
- data/ext/ice/cpp/src/IceSSL/EndpointInfo.cpp +42 -16
- data/ext/ice/cpp/src/IceSSL/Instance.cpp +1 -11
- data/ext/ice/cpp/src/IceSSL/Instance.h +7 -12
- data/ext/ice/cpp/src/IceSSL/InstanceF.h +11 -12
- data/ext/ice/cpp/src/IceSSL/OpenSSLCertificateI.cpp +583 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.cpp +134 -115
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.h +59 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngineF.h +27 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLPluginI.cpp +127 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.cpp +477 -182
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.h +32 -26
- data/ext/ice/cpp/src/IceSSL/OpenSSLUtil.cpp +286 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLUtil.h +58 -0
- data/ext/ice/cpp/src/IceSSL/PluginI.cpp +71 -46
- data/ext/ice/cpp/src/IceSSL/PluginI.h +13 -23
- data/ext/ice/cpp/src/IceSSL/RFC2253.cpp +9 -60
- data/ext/ice/cpp/src/IceSSL/RFC2253.h +7 -12
- data/ext/ice/cpp/src/IceSSL/SChannelCertificateI.cpp +580 -0
- data/ext/ice/cpp/src/IceSSL/SChannelEngine.cpp +523 -74
- data/ext/ice/cpp/src/IceSSL/SChannelEngine.h +123 -0
- data/ext/ice/cpp/src/IceSSL/SChannelEngineF.h +31 -0
- data/ext/ice/cpp/src/IceSSL/SChannelPluginI.cpp +73 -0
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.cpp +187 -221
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.h +24 -26
- data/ext/ice/cpp/src/IceSSL/SSLEngine.cpp +97 -94
- data/ext/ice/cpp/src/IceSSL/SSLEngine.h +26 -192
- data/ext/ice/cpp/src/IceSSL/SSLEngineF.h +4 -24
- data/ext/ice/cpp/src/IceSSL/SecureTransportCertificateI.cpp +868 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportEngine.cpp +69 -201
- data/ext/ice/cpp/src/IceSSL/SecureTransportEngine.h +59 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportEngineF.h +29 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportPluginI.cpp +75 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +174 -161
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.h +29 -33
- data/ext/ice/cpp/src/IceSSL/SecureTransportUtil.cpp +864 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportUtil.h +45 -0
- data/ext/ice/cpp/src/IceSSL/TrustManager.cpp +12 -22
- data/ext/ice/cpp/src/IceSSL/TrustManager.h +4 -9
- data/ext/ice/cpp/src/IceSSL/TrustManagerF.h +3 -8
- data/ext/ice/cpp/src/IceSSL/UWPCertificateI.cpp +266 -0
- data/ext/ice/cpp/src/IceSSL/UWPEngine.cpp +338 -0
- data/ext/ice/cpp/src/IceSSL/UWPEngine.h +41 -0
- data/ext/ice/cpp/src/IceSSL/UWPEngineF.h +26 -0
- data/ext/ice/cpp/src/IceSSL/UWPPluginI.cpp +89 -0
- data/ext/ice/cpp/src/IceSSL/UWPTransceiverI.cpp +383 -0
- data/ext/ice/cpp/src/IceSSL/UWPTransceiverI.h +71 -0
- data/ext/ice/cpp/src/IceSSL/Util.cpp +71 -1260
- data/ext/ice/cpp/src/IceSSL/Util.h +48 -142
- data/ext/ice/cpp/src/IceUtil/ConsoleUtil.cpp +157 -0
- data/ext/ice/cpp/src/IceUtil/ConvertUTF.cpp +22 -27
- data/ext/ice/cpp/src/IceUtil/ConvertUTF.h +34 -31
- data/ext/ice/cpp/src/IceUtil/CtrlCHandler.cpp +22 -36
- data/ext/ice/cpp/src/IceUtil/FileUtil.cpp +30 -126
- data/ext/ice/cpp/src/IceUtil/InputUtil.cpp +1 -6
- data/ext/ice/cpp/src/IceUtil/MutexProtocol.cpp +1 -6
- data/ext/ice/cpp/src/IceUtil/Options.cpp +20 -33
- data/ext/ice/cpp/src/IceUtil/OutputUtil.cpp +47 -21
- data/ext/ice/cpp/src/IceUtil/Random.cpp +15 -20
- data/ext/ice/cpp/src/IceUtil/RecMutex.cpp +4 -19
- data/ext/ice/cpp/src/IceUtil/Shared.cpp +8 -8
- data/ext/ice/cpp/src/IceUtil/StringConverter.cpp +501 -269
- data/ext/ice/cpp/src/IceUtil/StringUtil.cpp +582 -244
- data/ext/ice/cpp/src/IceUtil/ThreadException.cpp +37 -79
- data/ext/ice/cpp/src/IceUtil/Time.cpp +6 -11
- data/ext/ice/cpp/src/IceUtil/UUID.cpp +17 -22
- data/ext/ice/cpp/src/IceUtil/Unicode.cpp +97 -101
- data/ext/ice/cpp/src/IceUtil/Unicode.h +21 -40
- data/ext/ice/cpp/src/IceUtil/UtilException.cpp +839 -0
- data/ext/ice/cpp/src/Slice/CPlusPlusUtil.cpp +894 -234
- data/ext/ice/cpp/src/Slice/CPlusPlusUtil.h +72 -0
- data/ext/ice/cpp/src/Slice/Checksum.cpp +2 -7
- data/ext/ice/cpp/src/Slice/Checksum.h +21 -0
- data/ext/ice/cpp/src/Slice/FileTracker.cpp +25 -83
- data/ext/ice/cpp/{include → src}/Slice/FileTracker.h +9 -14
- data/ext/ice/cpp/src/Slice/Grammar.cpp +1981 -1944
- data/ext/ice/cpp/src/Slice/Grammar.h +39 -19
- data/ext/ice/cpp/src/Slice/GrammarUtil.h +14 -20
- data/ext/ice/cpp/src/Slice/JavaUtil.cpp +2752 -1948
- data/ext/ice/cpp/src/Slice/JavaUtil.h +398 -0
- data/ext/ice/cpp/src/Slice/MD5.cpp +1 -6
- data/ext/ice/cpp/src/Slice/MD5.h +1 -6
- data/ext/ice/cpp/src/Slice/MD5I.cpp +8 -1
- data/ext/ice/cpp/src/Slice/MD5I.h +1 -1
- data/ext/ice/cpp/src/Slice/PHPUtil.cpp +17 -20
- data/ext/ice/cpp/src/Slice/PHPUtil.h +36 -0
- data/ext/ice/cpp/src/Slice/Parser.cpp +1190 -426
- data/ext/ice/cpp/{include → src}/Slice/Parser.h +143 -91
- data/ext/ice/cpp/src/Slice/Preprocessor.cpp +67 -36
- data/ext/ice/cpp/{include → src}/Slice/Preprocessor.h +8 -18
- data/ext/ice/cpp/src/Slice/Python.cpp +218 -111
- data/ext/ice/cpp/src/Slice/PythonUtil.cpp +787 -699
- data/ext/ice/cpp/src/Slice/PythonUtil.h +70 -0
- data/ext/ice/cpp/src/Slice/Ruby.cpp +42 -43
- data/ext/ice/cpp/src/Slice/RubyUtil.cpp +175 -445
- data/ext/ice/cpp/{include → src}/Slice/RubyUtil.h +6 -11
- data/ext/ice/cpp/src/Slice/Scanner.cpp +390 -399
- data/ext/ice/cpp/src/Slice/{Util.cpp → SliceUtil.cpp} +36 -69
- data/ext/ice/cpp/src/Slice/StringLiteralUtil.cpp +456 -0
- data/ext/ice/cpp/src/Slice/Util.h +50 -0
- data/ice.gemspec +2 -9
- data/lib/Glacier2.rb +1 -6
- data/lib/Glacier2/Metrics.rb +6 -50
- data/lib/Glacier2/PermissionsVerifier.rb +23 -99
- data/lib/Glacier2/PermissionsVerifierF.rb +2 -7
- data/lib/Glacier2/Router.rb +31 -78
- data/lib/Glacier2/RouterF.rb +2 -7
- data/lib/Glacier2/SSLInfo.rb +3 -11
- data/lib/Glacier2/Session.rb +87 -311
- data/lib/Ice.rb +84 -58
- data/lib/Ice/BuiltinSequences.rb +3 -8
- data/lib/Ice/Communicator.rb +54 -61
- data/lib/Ice/CommunicatorF.rb +2 -7
- data/lib/Ice/Connection.rb +152 -166
- data/lib/Ice/ConnectionF.rb +2 -7
- data/lib/Ice/Current.rb +3 -15
- data/lib/Ice/Endpoint.rb +56 -137
- data/lib/Ice/EndpointF.rb +2 -7
- data/lib/Ice/EndpointTypes.rb +2 -11
- data/lib/Ice/FacetMap.rb +3 -8
- data/lib/Ice/Identity.rb +4 -12
- data/lib/Ice/ImplicitContext.rb +4 -38
- data/lib/Ice/ImplicitContextF.rb +2 -7
- data/lib/Ice/Instrumentation.rb +22 -279
- data/lib/Ice/InstrumentationF.rb +2 -7
- data/lib/Ice/LocalException.rb +94 -145
- data/lib/Ice/Locator.rb +50 -169
- data/lib/Ice/LocatorF.rb +2 -7
- data/lib/Ice/Logger.rb +4 -38
- data/lib/Ice/LoggerF.rb +2 -7
- data/lib/Ice/Metrics.rb +60 -420
- data/lib/Ice/ObjectAdapter.rb +29 -0
- data/lib/Ice/ObjectAdapterF.rb +2 -7
- data/lib/Ice/ObjectFactory.rb +4 -34
- data/lib/Ice/Plugin.rb +6 -64
- data/lib/Ice/PluginF.rb +2 -7
- data/lib/Ice/Process.rb +15 -56
- data/lib/Ice/ProcessF.rb +2 -7
- data/lib/Ice/Properties.rb +4 -45
- data/lib/Ice/PropertiesAdmin.rb +18 -60
- data/lib/Ice/PropertiesF.rb +2 -7
- data/lib/Ice/RemoteLogger.rb +33 -119
- data/lib/Ice/Router.rb +28 -105
- data/lib/Ice/RouterF.rb +2 -7
- data/lib/Ice/ServantLocator.rb +26 -0
- data/lib/Ice/ServantLocatorF.rb +24 -0
- data/lib/Ice/SliceChecksumDict.rb +2 -7
- data/lib/Ice/ValueFactory.rb +28 -0
- data/lib/Ice/Version.rb +4 -15
- data/lib/IceBox.rb +1 -6
- data/lib/IceBox/IceBox.rb +43 -152
- data/lib/IceGrid.rb +1 -9
- data/lib/IceGrid/Admin.rb +550 -431
- data/lib/IceGrid/Descriptor.rb +61 -533
- data/lib/IceGrid/Exception.rb +23 -49
- data/lib/IceGrid/FileParser.rb +13 -54
- data/lib/IceGrid/PluginFacade.rb +35 -0
- data/lib/IceGrid/Registry.rb +150 -62
- data/lib/IceGrid/Session.rb +24 -68
- data/lib/IceGrid/UserAccountMapper.rb +13 -54
- data/lib/IcePatch2.rb +1 -6
- data/lib/IcePatch2/FileInfo.rb +4 -15
- data/lib/IcePatch2/FileServer.rb +32 -80
- data/lib/IceStorm.rb +1 -6
- data/lib/IceStorm/IceStorm.rb +78 -210
- data/lib/IceStorm/Metrics.rb +10 -93
- data/slice/Glacier2/Metrics.ice +20 -10
- data/slice/Glacier2/PermissionsVerifier.ice +19 -12
- data/slice/Glacier2/PermissionsVerifierF.ice +16 -9
- data/slice/Glacier2/Router.ice +19 -13
- data/slice/Glacier2/RouterF.ice +16 -9
- data/slice/Glacier2/SSLInfo.ice +17 -10
- data/slice/Glacier2/Session.ice +24 -18
- data/slice/Ice/BuiltinSequences.ice +18 -9
- data/slice/Ice/Communicator.ice +180 -64
- data/slice/Ice/CommunicatorF.ice +18 -9
- data/slice/Ice/Connection.ice +208 -75
- data/slice/Ice/ConnectionF.ice +18 -9
- data/slice/Ice/Current.ice +37 -28
- data/slice/Ice/Endpoint.ice +73 -21
- data/slice/Ice/EndpointF.ice +19 -10
- data/slice/Ice/EndpointTypes.ice +21 -13
- data/slice/Ice/FacetMap.ice +19 -10
- data/slice/Ice/Identity.ice +24 -10
- data/slice/Ice/ImplicitContext.ice +41 -33
- data/slice/Ice/ImplicitContextF.ice +17 -9
- data/slice/Ice/Instrumentation.ice +37 -30
- data/slice/Ice/InstrumentationF.ice +19 -10
- data/slice/Ice/LocalException.ice +118 -112
- data/slice/Ice/Locator.ice +28 -21
- data/slice/Ice/LocatorF.ice +18 -9
- data/slice/Ice/Logger.ice +26 -18
- data/slice/Ice/LoggerF.ice +18 -9
- data/slice/Ice/Metrics.ice +42 -30
- data/slice/Ice/ObjectAdapter.ice +88 -53
- data/slice/Ice/ObjectAdapterF.ice +18 -9
- data/slice/Ice/ObjectFactory.ice +28 -17
- data/slice/Ice/Plugin.ice +25 -13
- data/slice/Ice/PluginF.ice +22 -9
- data/slice/Ice/Process.ice +20 -11
- data/slice/Ice/ProcessF.ice +18 -9
- data/slice/Ice/Properties.ice +42 -28
- data/slice/Ice/PropertiesAdmin.ice +20 -10
- data/slice/Ice/PropertiesF.ice +18 -9
- data/slice/Ice/RemoteLogger.ice +23 -19
- data/slice/Ice/Router.ice +28 -13
- data/slice/Ice/RouterF.ice +18 -9
- data/slice/Ice/ServantLocator.ice +40 -29
- data/slice/Ice/ServantLocatorF.ice +18 -9
- data/slice/Ice/SliceChecksumDict.ice +18 -9
- data/slice/Ice/ValueFactory.ice +132 -0
- data/slice/Ice/Version.ice +20 -10
- data/slice/IceBT/ConnectionInfo.ice +58 -0
- data/slice/IceBT/EndpointInfo.ice +56 -0
- data/slice/IceBT/Types.ice +44 -0
- data/slice/IceBox/IceBox.ice +45 -27
- data/slice/IceDiscovery/IceDiscovery.ice +75 -10
- data/slice/IceGrid/Admin.ice +410 -44
- data/slice/IceGrid/Descriptor.ice +47 -34
- data/slice/IceGrid/Exception.ice +43 -32
- data/slice/IceGrid/FileParser.ice +21 -12
- data/slice/IceGrid/PluginFacade.ice +26 -18
- data/slice/IceGrid/Registry.ice +150 -21
- data/slice/IceGrid/Session.ice +25 -17
- data/slice/IceGrid/UserAccountMapper.ice +23 -14
- data/slice/IceIAP/ConnectionInfo.ice +73 -0
- data/slice/IceIAP/EndpointInfo.ice +67 -0
- data/slice/IceLocatorDiscovery/IceLocatorDiscovery.ice +19 -12
- data/slice/IcePatch2/FileInfo.ice +19 -13
- data/slice/IcePatch2/FileServer.ice +27 -18
- data/slice/IceSSL/ConnectionInfo.ice +27 -23
- data/slice/IceSSL/ConnectionInfoF.ice +30 -0
- data/slice/IceSSL/EndpointInfo.ice +21 -36
- data/slice/IceStorm/IceStorm.ice +33 -24
- data/slice/IceStorm/Metrics.ice +19 -11
- metadata +148 -120
- data/ext/ObjectFactory.cpp +0 -140
- data/ext/ObjectFactory.h +0 -50
- data/ext/ice/cpp/include/Ice/ACMF.h +0 -30
- data/ext/ice/cpp/include/Ice/BasicStream.h +0 -1335
- data/ext/ice/cpp/include/Ice/BuiltinSequences.h +0 -82
- data/ext/ice/cpp/include/Ice/Communicator.h +0 -200
- data/ext/ice/cpp/include/Ice/Connection.h +0 -497
- data/ext/ice/cpp/include/Ice/ConnectionF.h +0 -74
- data/ext/ice/cpp/include/Ice/ConnectionFactoryF.h +0 -30
- data/ext/ice/cpp/include/Ice/Current.h +0 -102
- data/ext/ice/cpp/include/Ice/DefaultObjectFactory.h +0 -48
- data/ext/ice/cpp/include/Ice/DeprecatedStringConverter.h +0 -62
- data/ext/ice/cpp/include/Ice/Endpoint.h +0 -341
- data/ext/ice/cpp/include/Ice/EndpointF.h +0 -93
- data/ext/ice/cpp/include/Ice/EndpointTypes.h +0 -82
- data/ext/ice/cpp/include/Ice/Identity.h +0 -168
- data/ext/ice/cpp/include/Ice/ImplicitContext.h +0 -102
- data/ext/ice/cpp/include/Ice/Instrumentation.h +0 -365
- data/ext/ice/cpp/include/Ice/InstrumentationF.h +0 -75
- data/ext/ice/cpp/include/Ice/LocalException.h +0 -1030
- data/ext/ice/cpp/include/Ice/Locator.h +0 -2193
- data/ext/ice/cpp/include/Ice/LocatorF.h +0 -93
- data/ext/ice/cpp/include/Ice/Logger.h +0 -100
- data/ext/ice/cpp/include/Ice/Metrics.h +0 -2974
- data/ext/ice/cpp/include/Ice/ObjectAdapter.h +0 -168
- data/ext/ice/cpp/include/Ice/ObjectAdapterFactoryF.h +0 -26
- data/ext/ice/cpp/include/Ice/ObjectFactory.h +0 -92
- data/ext/ice/cpp/include/Ice/ObjectFactoryF.h +0 -66
- data/ext/ice/cpp/include/Ice/ObjectFactoryManagerF.h +0 -26
- data/ext/ice/cpp/include/Ice/Outgoing.h +0 -225
- data/ext/ice/cpp/include/Ice/Plugin.h +0 -125
- data/ext/ice/cpp/include/Ice/PluginF.h +0 -70
- data/ext/ice/cpp/include/Ice/Process.h +0 -574
- data/ext/ice/cpp/include/Ice/ProcessF.h +0 -83
- data/ext/ice/cpp/include/Ice/Properties.h +0 -136
- data/ext/ice/cpp/include/Ice/PropertiesAdmin.h +0 -830
- data/ext/ice/cpp/include/Ice/PropertiesF.h +0 -87
- data/ext/ice/cpp/include/Ice/RemoteLogger.h +0 -1500
- data/ext/ice/cpp/include/Ice/Router.h +0 -1159
- data/ext/ice/cpp/include/Ice/RouterF.h +0 -83
- data/ext/ice/cpp/include/Ice/ServantLocator.h +0 -96
- data/ext/ice/cpp/include/Ice/Stream.h +0 -447
- data/ext/ice/cpp/include/Ice/StreamF.h +0 -30
- data/ext/ice/cpp/include/Ice/Version.h +0 -262
- data/ext/ice/cpp/include/IceSSL/ConnectionInfo.h +0 -158
- data/ext/ice/cpp/include/IceSSL/EndpointInfo.h +0 -142
- data/ext/ice/cpp/include/IceUtil/AbstractMutex.h +0 -119
- data/ext/ice/cpp/include/IceUtil/Cache.h +0 -362
- data/ext/ice/cpp/include/IceUtil/IconvStringConverter.h +0 -302
- data/ext/ice/cpp/include/IceUtil/SHA1.h +0 -47
- data/ext/ice/cpp/include/Slice/CPlusPlusUtil.h +0 -65
- data/ext/ice/cpp/include/Slice/Checksum.h +0 -26
- data/ext/ice/cpp/include/Slice/CsUtil.h +0 -92
- data/ext/ice/cpp/include/Slice/DotNetNames.h +0 -34
- data/ext/ice/cpp/include/Slice/JavaUtil.h +0 -279
- data/ext/ice/cpp/include/Slice/ObjCUtil.h +0 -127
- data/ext/ice/cpp/include/Slice/PHPUtil.h +0 -50
- data/ext/ice/cpp/include/Slice/PythonUtil.h +0 -64
- data/ext/ice/cpp/include/Slice/Util.h +0 -56
- data/ext/ice/cpp/src/Ice/BasicStream.cpp +0 -3428
- data/ext/ice/cpp/src/Ice/DeprecatedStringConverter.cpp +0 -62
- data/ext/ice/cpp/src/Ice/ObjectFactoryF.cpp +0 -44
- data/ext/ice/cpp/src/Ice/ObjectFactoryManager.cpp +0 -139
- data/ext/ice/cpp/src/Ice/ObjectFactoryManager.h +0 -43
- data/ext/ice/cpp/src/Ice/Outgoing.cpp +0 -694
- data/ext/ice/cpp/src/Ice/Stream.cpp +0 -53
- data/ext/ice/cpp/src/Ice/StreamI.cpp +0 -832
- data/ext/ice/cpp/src/Ice/StreamI.h +0 -198
- data/ext/ice/cpp/src/IceSSL/Certificate.cpp +0 -1336
- data/ext/ice/cpp/src/IceUtil/ArgVector.cpp +0 -64
- data/ext/ice/cpp/src/IceUtil/ArgVector.h +0 -41
- data/ext/ice/cpp/src/IceUtil/Exception.cpp +0 -792
- data/ext/ice/cpp/src/IceUtil/FileUtil.h +0 -185
- data/ext/ice/cpp/src/Slice/CsUtil.cpp +0 -2660
- data/ext/ice/cpp/src/Slice/DotNetNames.cpp +0 -146
- data/ext/ice/cpp/src/Slice/ObjCUtil.cpp +0 -1310
- data/lib/Ice/ObjectFactoryF.rb +0 -29
- data/lib/IceGrid/Locator.rb +0 -106
- data/lib/IceGrid/Observer.rb +0 -572
- data/lib/IceGrid/Query.rb +0 -169
- data/slice/Freeze/BackgroundSaveEvictor.ice +0 -111
- data/slice/Freeze/CatalogData.ice +0 -49
- data/slice/Freeze/Connection.ice +0 -121
- data/slice/Freeze/ConnectionF.ice +0 -20
- data/slice/Freeze/DB.ice +0 -37
- data/slice/Freeze/Evictor.ice +0 -346
- data/slice/Freeze/EvictorF.ice +0 -22
- data/slice/Freeze/EvictorStorage.ice +0 -72
- data/slice/Freeze/Exception.ice +0 -100
- data/slice/Freeze/Transaction.ice +0 -58
- data/slice/Freeze/TransactionalEvictor.ice +0 -50
- data/slice/Ice/ObjectFactoryF.ice +0 -21
- data/slice/IceGrid/Locator.ice +0 -57
- data/slice/IceGrid/Observer.ice +0 -395
- data/slice/IceGrid/Query.ice +0 -131
@@ -1,53 +1,47 @@
|
|
1
|
-
// **********************************************************************
|
2
1
|
//
|
3
|
-
// Copyright (c)
|
2
|
+
// Copyright (c) ZeroC, Inc. All rights reserved.
|
4
3
|
//
|
5
|
-
// This copy of Ice is licensed to you under the terms described in the
|
6
|
-
// ICE_LICENSE file included in this distribution.
|
7
|
-
//
|
8
|
-
// **********************************************************************
|
9
4
|
|
10
|
-
#ifndef
|
11
|
-
#define
|
5
|
+
#ifndef ICESSL_SECURE_TRANSPORT_TRANSCEIVER_I_H
|
6
|
+
#define ICESSL_SECURE_TRANSPORT_TRANSCEIVER_I_H
|
7
|
+
|
8
|
+
#ifdef __APPLE__
|
12
9
|
|
13
10
|
#include <IceSSL/Config.h>
|
14
11
|
#include <IceSSL/InstanceF.h>
|
15
|
-
#include <IceSSL/
|
12
|
+
#include <IceSSL/SecureTransportEngineF.h>
|
16
13
|
#include <IceSSL/Plugin.h>
|
17
14
|
|
18
15
|
#include <Ice/Transceiver.h>
|
16
|
+
#include <Ice/UniqueRef.h>
|
19
17
|
#include <Ice/Network.h>
|
20
|
-
#include <Ice/StreamSocket.h>
|
21
|
-
#include <Ice/WSTransceiver.h>
|
22
|
-
|
23
|
-
#ifdef ICE_USE_SECURE_TRANSPORT
|
24
18
|
|
25
19
|
#include <Security/Security.h>
|
20
|
+
#include <Security/SecureTransport.h>
|
26
21
|
#include <CoreFoundation/CoreFoundation.h>
|
27
22
|
|
28
23
|
namespace IceSSL
|
29
24
|
{
|
30
25
|
|
31
|
-
|
32
|
-
|
26
|
+
namespace SecureTransport
|
27
|
+
{
|
33
28
|
|
34
|
-
class TransceiverI : public IceInternal::Transceiver
|
29
|
+
class TransceiverI : public IceInternal::Transceiver
|
35
30
|
{
|
36
31
|
public:
|
37
32
|
|
38
33
|
virtual IceInternal::NativeInfoPtr getNativeInfo();
|
39
34
|
|
40
|
-
virtual IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer
|
35
|
+
virtual IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&);
|
41
36
|
virtual IceInternal::SocketOperation closing(bool, const Ice::LocalException&);
|
42
37
|
virtual void close();
|
43
38
|
virtual IceInternal::SocketOperation write(IceInternal::Buffer&);
|
44
|
-
virtual IceInternal::SocketOperation read(IceInternal::Buffer
|
39
|
+
virtual IceInternal::SocketOperation read(IceInternal::Buffer&);
|
45
40
|
|
46
41
|
virtual std::string protocol() const;
|
47
42
|
virtual std::string toString() const;
|
48
43
|
virtual std::string toDetailedString() const;
|
49
44
|
virtual Ice::ConnectionInfoPtr getInfo() const;
|
50
|
-
virtual Ice::ConnectionInfoPtr getWSInfo(const Ice::HeaderDict&) const;
|
51
45
|
virtual void checkSendSize(const IceInternal::Buffer&);
|
52
46
|
virtual void setBufferSize(int rcvSize, int sndSize);
|
53
47
|
|
@@ -56,39 +50,41 @@ public:
|
|
56
50
|
|
57
51
|
private:
|
58
52
|
|
59
|
-
TransceiverI(const InstancePtr&, const IceInternal::
|
53
|
+
TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool);
|
60
54
|
virtual ~TransceiverI();
|
61
55
|
|
62
|
-
|
63
|
-
|
64
|
-
friend class ConnectorI;
|
65
|
-
friend class AcceptorI;
|
56
|
+
friend class IceSSL::SecureTransport::SSLEngine;
|
66
57
|
|
67
58
|
const InstancePtr _instance;
|
68
|
-
const
|
59
|
+
const SSLEnginePtr _engine;
|
69
60
|
const std::string _host;
|
70
61
|
const std::string _adapterName;
|
71
62
|
const bool _incoming;
|
72
|
-
const IceInternal::
|
63
|
+
const IceInternal::TransceiverPtr _delegate;
|
64
|
+
|
65
|
+
IceInternal::UniqueRef<SSLContextRef> _ssl;
|
66
|
+
IceInternal::UniqueRef<SecTrustRef> _trust;
|
67
|
+
bool _connected;
|
73
68
|
|
74
|
-
SSLContextRef _ssl;
|
75
|
-
SecTrustRef _trust;
|
76
|
-
bool _verified;
|
77
|
-
|
78
|
-
size_t _buffered;
|
79
69
|
enum SSLWantFlags
|
80
70
|
{
|
81
71
|
SSLWantRead = 0x1,
|
82
72
|
SSLWantWrite = 0x2
|
83
73
|
};
|
84
74
|
|
85
|
-
mutable Ice::Byte
|
75
|
+
mutable Ice::Byte _tflags;
|
86
76
|
size_t _maxSendPacketSize;
|
87
77
|
size_t _maxRecvPacketSize;
|
78
|
+
std::string _cipher;
|
79
|
+
std::vector<CertificatePtr> _certs;
|
80
|
+
bool _verified;
|
81
|
+
size_t _buffered;
|
88
82
|
};
|
89
83
|
typedef IceUtil::Handle<TransceiverI> TransceiverIPtr;
|
90
84
|
|
91
|
-
}
|
85
|
+
} // SecureTransport namespace end
|
86
|
+
|
87
|
+
} // IceSSL namespace end
|
92
88
|
|
93
89
|
#endif
|
94
90
|
|
@@ -0,0 +1,864 @@
|
|
1
|
+
//
|
2
|
+
// Copyright (c) ZeroC, Inc. All rights reserved.
|
3
|
+
//
|
4
|
+
|
5
|
+
#include <IceSSL/SecureTransportUtil.h>
|
6
|
+
#include <IceSSL/Plugin.h>
|
7
|
+
|
8
|
+
#include <Ice/Base64.h>
|
9
|
+
#include <Ice/UniqueRef.h>
|
10
|
+
#include <Ice/LocalException.h>
|
11
|
+
|
12
|
+
#include <IceUtil/FileUtil.h>
|
13
|
+
#include <IceUtil/StringUtil.h>
|
14
|
+
|
15
|
+
#include <fstream>
|
16
|
+
|
17
|
+
#include <Security/Security.h>
|
18
|
+
#include <CoreFoundation/CoreFoundation.h>
|
19
|
+
|
20
|
+
using namespace Ice;
|
21
|
+
using namespace IceInternal;
|
22
|
+
using namespace IceSSL;
|
23
|
+
using namespace IceSSL::SecureTransport;
|
24
|
+
using namespace std;
|
25
|
+
|
26
|
+
namespace
|
27
|
+
{
|
28
|
+
|
29
|
+
CFMutableDataRef
|
30
|
+
readCertFile(const string& file)
|
31
|
+
{
|
32
|
+
ifstream is(IceUtilInternal::streamFilename(file).c_str(), ios::in | ios::binary);
|
33
|
+
if(!is.good())
|
34
|
+
{
|
35
|
+
throw CertificateReadException(__FILE__, __LINE__, "error opening file " + file);
|
36
|
+
}
|
37
|
+
|
38
|
+
is.seekg(0, is.end);
|
39
|
+
size_t size = static_cast<size_t>(is.tellg());
|
40
|
+
is.seekg(0, is.beg);
|
41
|
+
|
42
|
+
UniqueRef<CFMutableDataRef> data(CFDataCreateMutable(kCFAllocatorDefault, static_cast<CFIndex>(size)));
|
43
|
+
CFDataSetLength(data.get(), static_cast<CFIndex>(size));
|
44
|
+
is.read(reinterpret_cast<char*>(CFDataGetMutableBytePtr(data.get())),
|
45
|
+
static_cast<streamsize>(size));
|
46
|
+
if(!is.good())
|
47
|
+
{
|
48
|
+
throw CertificateReadException(__FILE__, __LINE__, "error reading file " + file);
|
49
|
+
}
|
50
|
+
return data.release();
|
51
|
+
}
|
52
|
+
|
53
|
+
}
|
54
|
+
|
55
|
+
string
|
56
|
+
IceSSL::SecureTransport::sslErrorToString(CFErrorRef err)
|
57
|
+
{
|
58
|
+
ostringstream os;
|
59
|
+
if(err)
|
60
|
+
{
|
61
|
+
UniqueRef<CFStringRef> s(CFErrorCopyDescription(err));
|
62
|
+
os << "(error: " << CFErrorGetCode(err) << " description: " << fromCFString(s.get()) << ")";
|
63
|
+
}
|
64
|
+
return os.str();
|
65
|
+
}
|
66
|
+
|
67
|
+
string
|
68
|
+
IceSSL::SecureTransport::sslErrorToString(OSStatus status)
|
69
|
+
{
|
70
|
+
ostringstream os;
|
71
|
+
os << "(error: " << status;
|
72
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_MACOS)
|
73
|
+
UniqueRef<CFStringRef> s(SecCopyErrorMessageString(status, 0));
|
74
|
+
if(s)
|
75
|
+
{
|
76
|
+
os << " description: " << fromCFString(s.get());
|
77
|
+
}
|
78
|
+
#endif
|
79
|
+
os << ")";
|
80
|
+
return os.str();
|
81
|
+
}
|
82
|
+
|
83
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_MACOS)
|
84
|
+
CFDictionaryRef
|
85
|
+
IceSSL::SecureTransport::getCertificateProperty(SecCertificateRef cert, CFTypeRef key)
|
86
|
+
{
|
87
|
+
UniqueRef<CFDictionaryRef> property;
|
88
|
+
UniqueRef<CFArrayRef> keys(CFArrayCreate(ICE_NULLPTR, &key , 1, &kCFTypeArrayCallBacks));
|
89
|
+
UniqueRef<CFErrorRef> err;
|
90
|
+
UniqueRef<CFDictionaryRef> values(SecCertificateCopyValues(cert, keys.get(), &err.get()));
|
91
|
+
if(err)
|
92
|
+
{
|
93
|
+
ostringstream os;
|
94
|
+
os << "IceSSL: error getting property for certificate:\n" << sslErrorToString(err);
|
95
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
96
|
+
}
|
97
|
+
|
98
|
+
assert(values);
|
99
|
+
property.retain(static_cast<CFDictionaryRef>(CFDictionaryGetValue(values.get(), key)));
|
100
|
+
return property.release();
|
101
|
+
}
|
102
|
+
|
103
|
+
namespace
|
104
|
+
{
|
105
|
+
|
106
|
+
//
|
107
|
+
// Check the certificate basic constraints to check if the certificate is marked as a CA.
|
108
|
+
//
|
109
|
+
bool
|
110
|
+
isCA(SecCertificateRef cert)
|
111
|
+
{
|
112
|
+
UniqueRef<CFDictionaryRef> property(getCertificateProperty(cert, kSecOIDBasicConstraints));
|
113
|
+
if(property)
|
114
|
+
{
|
115
|
+
CFArrayRef propertyValues = static_cast<CFArrayRef>(CFDictionaryGetValue(property.get(), kSecPropertyKeyValue));
|
116
|
+
for(CFIndex i = 0, size = CFArrayGetCount(propertyValues); i < size; ++i)
|
117
|
+
{
|
118
|
+
CFDictionaryRef dict = static_cast<CFDictionaryRef>(CFArrayGetValueAtIndex(propertyValues, i));
|
119
|
+
CFStringRef label = static_cast<CFStringRef>(CFDictionaryGetValue(dict, kSecPropertyKeyLabel));
|
120
|
+
if(CFEqual(label, CFSTR("Certificate Authority")))
|
121
|
+
{
|
122
|
+
return CFEqual(static_cast<CFStringRef>(CFDictionaryGetValue(dict, kSecPropertyKeyValue)), CFSTR("Yes"));
|
123
|
+
}
|
124
|
+
}
|
125
|
+
}
|
126
|
+
return false;
|
127
|
+
}
|
128
|
+
|
129
|
+
//
|
130
|
+
// Load keychain items (Certificates or Private Keys) from a file. On return items param contain
|
131
|
+
// the list of items, the caller must release it.
|
132
|
+
//
|
133
|
+
CFArrayRef
|
134
|
+
loadKeychainItems(const string& file, SecExternalItemType type, SecKeychainRef keychain, const string& passphrase,
|
135
|
+
const PasswordPromptPtr& prompt, int retryMax)
|
136
|
+
{
|
137
|
+
UniqueRef<CFMutableDataRef> data(readCertFile(file));
|
138
|
+
|
139
|
+
SecItemImportExportKeyParameters params;
|
140
|
+
memset(¶ms, 0, sizeof(params));
|
141
|
+
params.version = SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION;
|
142
|
+
params.flags |= kSecKeyNoAccessControl;
|
143
|
+
UniqueRef<CFStringRef> passphraseHolder;
|
144
|
+
if(!passphrase.empty())
|
145
|
+
{
|
146
|
+
passphraseHolder.reset(toCFString(passphrase));
|
147
|
+
params.passphrase = passphraseHolder.get();
|
148
|
+
}
|
149
|
+
|
150
|
+
UniqueRef<CFArrayRef> items;
|
151
|
+
SecExternalItemType importType = type;
|
152
|
+
SecExternalFormat format = type == kSecItemTypeUnknown ? kSecFormatPKCS12 : kSecFormatUnknown;
|
153
|
+
UniqueRef<CFStringRef> path(toCFString(file));
|
154
|
+
OSStatus err = SecItemImport(data.get(), path.get(), &format, &importType, 0, ¶ms, keychain, &items.get());
|
155
|
+
|
156
|
+
//
|
157
|
+
// If passphrase failure and no password was configured, we obtain
|
158
|
+
// the password from the given prompt or configure the import to
|
159
|
+
// prompt the user with an alert dialog.
|
160
|
+
//
|
161
|
+
UniqueRef<CFStringRef> alertPromptHolder;
|
162
|
+
if(passphrase.empty() &&
|
163
|
+
(err == errSecPassphraseRequired || err == errSecInvalidData || err == errSecPkcs12VerifyFailure))
|
164
|
+
{
|
165
|
+
if(!prompt)
|
166
|
+
{
|
167
|
+
params.flags |= kSecKeySecurePassphrase;
|
168
|
+
ostringstream os;
|
169
|
+
os << "Enter the password for\n" << file;
|
170
|
+
alertPromptHolder.reset(toCFString(os.str()));
|
171
|
+
params.alertPrompt = alertPromptHolder.get();
|
172
|
+
}
|
173
|
+
|
174
|
+
int count = 0;
|
175
|
+
while((err == errSecPassphraseRequired || err == errSecInvalidData || err == errSecPkcs12VerifyFailure) &&
|
176
|
+
count < retryMax)
|
177
|
+
{
|
178
|
+
if(prompt)
|
179
|
+
{
|
180
|
+
passphraseHolder.reset(toCFString(prompt->getPassword()));
|
181
|
+
params.passphrase = passphraseHolder.get();
|
182
|
+
}
|
183
|
+
err = SecItemImport(data.get(), path.get(), &format, &importType, 0, ¶ms, keychain, &items.get());
|
184
|
+
++count;
|
185
|
+
}
|
186
|
+
}
|
187
|
+
|
188
|
+
if(err != noErr)
|
189
|
+
{
|
190
|
+
ostringstream os;
|
191
|
+
os << "IceSSL: error reading " << (type == kSecItemTypePrivateKey ? "private key" : "certificate");
|
192
|
+
os << " `" << file << "':\n" << sslErrorToString(err);
|
193
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
194
|
+
}
|
195
|
+
|
196
|
+
if(type != kSecItemTypeUnknown && importType != kSecItemTypeAggregate && importType != type)
|
197
|
+
{
|
198
|
+
ostringstream os;
|
199
|
+
os << "IceSSL: error reading " << (type == kSecItemTypePrivateKey ? "private key" : "certificate");
|
200
|
+
os << " `" << file << "' doesn't contain the expected item";
|
201
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
202
|
+
}
|
203
|
+
|
204
|
+
return items.release();
|
205
|
+
}
|
206
|
+
|
207
|
+
SecKeychainRef
|
208
|
+
openKeychain(const std::string& path, const std::string& keychainPassword)
|
209
|
+
{
|
210
|
+
string keychainPath = path;
|
211
|
+
UniqueRef<SecKeychainRef> keychain;
|
212
|
+
OSStatus err = 0;
|
213
|
+
if(keychainPath.empty())
|
214
|
+
{
|
215
|
+
if((err = SecKeychainCopyDefault(&keychain.get())))
|
216
|
+
{
|
217
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
218
|
+
"IceSSL: unable to retrieve default keychain:\n" + sslErrorToString(err));
|
219
|
+
}
|
220
|
+
}
|
221
|
+
else
|
222
|
+
{
|
223
|
+
//
|
224
|
+
// KeyChain path is relative to the current working directory.
|
225
|
+
//
|
226
|
+
if(!IceUtilInternal::isAbsolutePath(keychainPath))
|
227
|
+
{
|
228
|
+
string cwd;
|
229
|
+
if(IceUtilInternal::getcwd(cwd) == 0)
|
230
|
+
{
|
231
|
+
keychainPath = string(cwd) + '/' + keychainPath;
|
232
|
+
}
|
233
|
+
}
|
234
|
+
|
235
|
+
if((err = SecKeychainOpen(keychainPath.c_str(), &keychain.get())))
|
236
|
+
{
|
237
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unable to open keychain: `" +
|
238
|
+
keychainPath + "'\n" + sslErrorToString(err));
|
239
|
+
}
|
240
|
+
}
|
241
|
+
|
242
|
+
SecKeychainStatus status;
|
243
|
+
err = SecKeychainGetStatus(keychain.get(), &status);
|
244
|
+
if(err == noErr)
|
245
|
+
{
|
246
|
+
const char* pass = keychainPassword.empty() ? 0 : keychainPassword.c_str();
|
247
|
+
if((err = SecKeychainUnlock(keychain.get(), static_cast<UInt32>(keychainPassword.size()), pass, pass != 0)))
|
248
|
+
{
|
249
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
250
|
+
"IceSSL: unable to unlock keychain:\n" + sslErrorToString(err));
|
251
|
+
}
|
252
|
+
}
|
253
|
+
else if(err == errSecNoSuchKeychain)
|
254
|
+
{
|
255
|
+
const char* pass = keychainPassword.empty() ? 0 : keychainPassword.c_str();
|
256
|
+
keychain.reset(0);
|
257
|
+
if((err = SecKeychainCreate(keychainPath.c_str(),
|
258
|
+
static_cast<UInt32>(keychainPassword.size()), pass, pass == 0, 0, &keychain.get())))
|
259
|
+
{
|
260
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
261
|
+
"IceSSL: unable to create keychain:\n" + sslErrorToString(err));
|
262
|
+
}
|
263
|
+
}
|
264
|
+
else
|
265
|
+
{
|
266
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
267
|
+
"IceSSL: unable to open keychain:\n" + sslErrorToString(err));
|
268
|
+
}
|
269
|
+
|
270
|
+
//
|
271
|
+
// Set keychain settings to avoid keychain lock.
|
272
|
+
//
|
273
|
+
SecKeychainSettings settings;
|
274
|
+
settings.version = SEC_KEYCHAIN_SETTINGS_VERS1;
|
275
|
+
settings.lockOnSleep = FALSE;
|
276
|
+
settings.useLockInterval = FALSE;
|
277
|
+
settings.lockInterval = INT_MAX;
|
278
|
+
if((err = SecKeychainSetSettings(keychain.get(), &settings)))
|
279
|
+
{
|
280
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
281
|
+
"IceSSL: error setting keychain settings:\n" + sslErrorToString(err));
|
282
|
+
}
|
283
|
+
|
284
|
+
return keychain.release();
|
285
|
+
}
|
286
|
+
|
287
|
+
//
|
288
|
+
// Imports a certificate private key and optionally add it to a keychain.
|
289
|
+
//
|
290
|
+
SecIdentityRef
|
291
|
+
loadPrivateKey(const string& file, SecCertificateRef cert, SecKeychainRef keychain, const string& password,
|
292
|
+
const PasswordPromptPtr& prompt, int retryMax)
|
293
|
+
{
|
294
|
+
//
|
295
|
+
// Check if we already imported the certificate
|
296
|
+
//
|
297
|
+
UniqueRef<CFDataRef> hash;
|
298
|
+
UniqueRef<CFDictionaryRef> subjectKeyProperty(getCertificateProperty(cert, kSecOIDSubjectKeyIdentifier));
|
299
|
+
if(subjectKeyProperty)
|
300
|
+
{
|
301
|
+
CFArrayRef values = static_cast<CFArrayRef>(CFDictionaryGetValue(subjectKeyProperty.get(),
|
302
|
+
kSecPropertyKeyValue));
|
303
|
+
for(int i = 0; i < CFArrayGetCount(values); ++i)
|
304
|
+
{
|
305
|
+
CFDictionaryRef dict = static_cast<CFDictionaryRef>(CFArrayGetValueAtIndex(values, i));
|
306
|
+
if(CFEqual(CFDictionaryGetValue(dict, kSecPropertyKeyLabel), CFSTR("Key Identifier")))
|
307
|
+
{
|
308
|
+
hash.retain(static_cast<CFDataRef>(CFDictionaryGetValue(dict, kSecPropertyKeyValue)));
|
309
|
+
break;
|
310
|
+
}
|
311
|
+
}
|
312
|
+
}
|
313
|
+
|
314
|
+
const void* values[] = { keychain };
|
315
|
+
UniqueRef<CFArrayRef> searchList(CFArrayCreate(kCFAllocatorDefault, values, 1, &kCFTypeArrayCallBacks));
|
316
|
+
|
317
|
+
UniqueRef<CFMutableDictionaryRef> query(CFDictionaryCreateMutable(0,
|
318
|
+
0,
|
319
|
+
&kCFTypeDictionaryKeyCallBacks,
|
320
|
+
&kCFTypeDictionaryValueCallBacks));
|
321
|
+
|
322
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
323
|
+
CFDictionarySetValue(query.get(), kSecMatchLimit, kSecMatchLimitOne);
|
324
|
+
CFDictionarySetValue(query.get(), kSecMatchSearchList, searchList.get());
|
325
|
+
CFDictionarySetValue(query.get(), kSecAttrSubjectKeyID, hash.get());
|
326
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
327
|
+
|
328
|
+
UniqueRef<CFTypeRef> value(0);
|
329
|
+
OSStatus err = SecItemCopyMatching(query.get(), &value.get());
|
330
|
+
UniqueRef<SecCertificateRef> item(static_cast<SecCertificateRef>(const_cast<void*>(value.release())));
|
331
|
+
if(err == noErr)
|
332
|
+
{
|
333
|
+
//
|
334
|
+
// If the certificate has already been imported, create the
|
335
|
+
// identity. The key should also have been imported.
|
336
|
+
//
|
337
|
+
UniqueRef<SecIdentityRef> identity;
|
338
|
+
err = SecIdentityCreateWithCertificate(keychain, item.get(), &identity.get());
|
339
|
+
if(err != noErr)
|
340
|
+
{
|
341
|
+
ostringstream os;
|
342
|
+
os << "IceSSL: error creating certificate identity:\n" << sslErrorToString(err);
|
343
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
344
|
+
}
|
345
|
+
return identity.release();
|
346
|
+
}
|
347
|
+
else if(err != errSecItemNotFound)
|
348
|
+
{
|
349
|
+
ostringstream os;
|
350
|
+
os << "IceSSL: error searching for keychain items:\n" << sslErrorToString(err);
|
351
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
352
|
+
}
|
353
|
+
|
354
|
+
//
|
355
|
+
// If the certificate isn't already in the keychain, load the
|
356
|
+
// private key into the keychain and add the certificate.
|
357
|
+
//
|
358
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypePrivateKey, keychain, password, prompt, retryMax));
|
359
|
+
CFIndex count = CFArrayGetCount(items.get());
|
360
|
+
UniqueRef<SecKeyRef> key;
|
361
|
+
for(CFIndex i = 0; i < count; ++i)
|
362
|
+
{
|
363
|
+
SecKeychainItemRef itemRef =
|
364
|
+
static_cast<SecKeychainItemRef>(const_cast<void*>(CFArrayGetValueAtIndex(items.get(), 0)));
|
365
|
+
if(SecKeyGetTypeID() == CFGetTypeID(itemRef))
|
366
|
+
{
|
367
|
+
key.retain(reinterpret_cast<SecKeyRef>(itemRef));
|
368
|
+
break;
|
369
|
+
}
|
370
|
+
}
|
371
|
+
if(!key)
|
372
|
+
{
|
373
|
+
throw CertificateReadException(__FILE__, __LINE__, "IceSSL: no key in file `" + file + "'");
|
374
|
+
}
|
375
|
+
|
376
|
+
//
|
377
|
+
// Add the certificate to the keychain
|
378
|
+
//
|
379
|
+
query.reset(CFDictionaryCreateMutable(kCFAllocatorDefault,
|
380
|
+
0,
|
381
|
+
&kCFTypeDictionaryKeyCallBacks,
|
382
|
+
&kCFTypeDictionaryValueCallBacks));
|
383
|
+
|
384
|
+
CFDictionarySetValue(query.get(), kSecUseKeychain, keychain);
|
385
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
386
|
+
CFDictionarySetValue(query.get(), kSecValueRef, cert);
|
387
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
388
|
+
|
389
|
+
value.reset(0);
|
390
|
+
err = SecItemAdd(query.get(), static_cast<CFTypeRef*>(&value.get()));
|
391
|
+
UniqueRef<CFArrayRef> added(static_cast<CFArrayRef>(value.release()));
|
392
|
+
if(err != noErr)
|
393
|
+
{
|
394
|
+
ostringstream os;
|
395
|
+
os << "IceSSL: failure adding certificate to keychain\n" << sslErrorToString(err);
|
396
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
397
|
+
}
|
398
|
+
item.retain(static_cast<SecCertificateRef>(const_cast<void*>(CFArrayGetValueAtIndex(added.get(), 0))));
|
399
|
+
|
400
|
+
//
|
401
|
+
// Create the association between the private key and the certificate,
|
402
|
+
// kSecKeyLabel attribute should match the subject key identifier.
|
403
|
+
//
|
404
|
+
vector<SecKeychainAttribute> attributes;
|
405
|
+
if(hash)
|
406
|
+
{
|
407
|
+
SecKeychainAttribute attr;
|
408
|
+
attr.tag = kSecKeyLabel;
|
409
|
+
attr.data = const_cast<UInt8*>(CFDataGetBytePtr(hash.get()));
|
410
|
+
attr.length = static_cast<UInt32>(CFDataGetLength(hash.get()));
|
411
|
+
attributes.push_back(attr);
|
412
|
+
}
|
413
|
+
|
414
|
+
//
|
415
|
+
// kSecKeyPrintName attribute correspond to the keychain display
|
416
|
+
// name.
|
417
|
+
//
|
418
|
+
string label;
|
419
|
+
UniqueRef<CFStringRef> commonName(0);
|
420
|
+
if(SecCertificateCopyCommonName(item.get(), &commonName.get()) == noErr)
|
421
|
+
{
|
422
|
+
label = fromCFString(commonName.get());
|
423
|
+
SecKeychainAttribute attr;
|
424
|
+
attr.tag = kSecKeyPrintName;
|
425
|
+
attr.data = const_cast<char*>(label.c_str());
|
426
|
+
attr.length = static_cast<UInt32>(label.size());
|
427
|
+
attributes.push_back(attr);
|
428
|
+
}
|
429
|
+
|
430
|
+
SecKeychainAttributeList attrs;
|
431
|
+
attrs.attr = &attributes[0];
|
432
|
+
attrs.count = static_cast<UInt32>(attributes.size());
|
433
|
+
SecKeychainItemModifyAttributesAndData(reinterpret_cast<SecKeychainItemRef>(key.get()), &attrs, 0, 0);
|
434
|
+
|
435
|
+
UniqueRef<SecIdentityRef> identity;
|
436
|
+
err = SecIdentityCreateWithCertificate(keychain, item.get(), &identity.get());
|
437
|
+
if(err != noErr)
|
438
|
+
{
|
439
|
+
ostringstream os;
|
440
|
+
os << "IceSSL: error creating certificate identity:\n" << sslErrorToString(err);
|
441
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
442
|
+
}
|
443
|
+
return identity.release();
|
444
|
+
}
|
445
|
+
|
446
|
+
} // anonymous namespace end
|
447
|
+
|
448
|
+
#else
|
449
|
+
|
450
|
+
namespace
|
451
|
+
{
|
452
|
+
|
453
|
+
CFArrayRef
|
454
|
+
loadCerts(const string& file)
|
455
|
+
{
|
456
|
+
UniqueRef<CFArrayRef> certs(CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks));
|
457
|
+
if(file.find(".pem") != string::npos)
|
458
|
+
{
|
459
|
+
vector<char> buffer;
|
460
|
+
readFile(file, buffer);
|
461
|
+
string strbuf(buffer.begin(), buffer.end());
|
462
|
+
string::size_type size, startpos, endpos = 0;
|
463
|
+
bool first = true;
|
464
|
+
while(true)
|
465
|
+
{
|
466
|
+
startpos = strbuf.find("-----BEGIN CERTIFICATE-----", endpos);
|
467
|
+
if(startpos != string::npos)
|
468
|
+
{
|
469
|
+
startpos += sizeof("-----BEGIN CERTIFICATE-----");
|
470
|
+
endpos = strbuf.find("-----END CERTIFICATE-----", startpos);
|
471
|
+
if(endpos == string::npos)
|
472
|
+
{
|
473
|
+
throw InitializationException(__FILE__, __LINE__, "IceSSL: certificate " + file +
|
474
|
+
" is not a valid PEM-encoded certificate");
|
475
|
+
}
|
476
|
+
size = endpos - startpos;
|
477
|
+
}
|
478
|
+
else if(first)
|
479
|
+
{
|
480
|
+
startpos = 0;
|
481
|
+
endpos = string::npos;
|
482
|
+
size = strbuf.size();
|
483
|
+
}
|
484
|
+
else
|
485
|
+
{
|
486
|
+
break;
|
487
|
+
}
|
488
|
+
|
489
|
+
vector<unsigned char> data(IceInternal::Base64::decode(string(&buffer[startpos], size)));
|
490
|
+
UniqueRef<CFDataRef> certdata(CFDataCreate(kCFAllocatorDefault, &data[0],
|
491
|
+
static_cast<CFIndex>(data.size())));
|
492
|
+
UniqueRef<SecCertificateRef> cert(SecCertificateCreateWithData(0, certdata.get()));
|
493
|
+
if(!cert)
|
494
|
+
{
|
495
|
+
throw InitializationException(__FILE__, __LINE__, "IceSSL: certificate " + file +
|
496
|
+
" is not a valid PEM-encoded certificate");
|
497
|
+
}
|
498
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(certs.get()), cert.get());
|
499
|
+
first = false;
|
500
|
+
}
|
501
|
+
}
|
502
|
+
else
|
503
|
+
{
|
504
|
+
UniqueRef<CFDataRef> data(readCertFile(file));
|
505
|
+
UniqueRef<SecCertificateRef> cert(SecCertificateCreateWithData(0, data.get()));
|
506
|
+
if(!cert)
|
507
|
+
{
|
508
|
+
throw InitializationException(__FILE__, __LINE__, "IceSSL: certificate " + file +
|
509
|
+
" is not a valid DER-encoded certificate");
|
510
|
+
}
|
511
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(certs.get()), cert.get());
|
512
|
+
}
|
513
|
+
return certs.release();
|
514
|
+
}
|
515
|
+
|
516
|
+
}
|
517
|
+
|
518
|
+
#endif
|
519
|
+
|
520
|
+
//
|
521
|
+
// Imports a certificate (it might contain an identity or certificate depending on the format).
|
522
|
+
//
|
523
|
+
CFArrayRef
|
524
|
+
IceSSL::SecureTransport::loadCertificateChain(const string& file,
|
525
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
526
|
+
const string& /*keyFile*/,
|
527
|
+
const std::string& /*keychainPath*/,
|
528
|
+
const string& /*keychainPassword*/,
|
529
|
+
#else
|
530
|
+
const string& keyFile,
|
531
|
+
const std::string& keychainPath,
|
532
|
+
const string& keychainPassword,
|
533
|
+
#endif
|
534
|
+
const string& password,
|
535
|
+
const PasswordPromptPtr& prompt,
|
536
|
+
int retryMax)
|
537
|
+
{
|
538
|
+
UniqueRef<CFArrayRef> chain;
|
539
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
540
|
+
UniqueRef<CFDataRef> cert(readCertFile(file));
|
541
|
+
|
542
|
+
UniqueRef<CFMutableDictionaryRef> settings(CFDictionaryCreateMutable(0,
|
543
|
+
1,
|
544
|
+
&kCFTypeDictionaryKeyCallBacks,
|
545
|
+
&kCFTypeDictionaryValueCallBacks));
|
546
|
+
UniqueRef<CFArrayRef> items;
|
547
|
+
OSStatus err;
|
548
|
+
int count = 0;
|
549
|
+
do
|
550
|
+
{
|
551
|
+
items.reset();
|
552
|
+
UniqueRef<CFStringRef> pass(toCFString(password.empty() && prompt ? prompt->getPassword() : password));
|
553
|
+
CFDictionarySetValue(settings.get(), kSecImportExportPassphrase, pass.get());
|
554
|
+
err = SecPKCS12Import(cert.get(), settings.get(), &items.get());
|
555
|
+
++count;
|
556
|
+
}
|
557
|
+
while(password.empty() && prompt && err == errSecAuthFailed && count < retryMax);
|
558
|
+
|
559
|
+
if(err != noErr)
|
560
|
+
{
|
561
|
+
ostringstream os;
|
562
|
+
os << "IceSSL: unable to import certificate from file " << file << " (error = " << err << ")";
|
563
|
+
throw InitializationException(__FILE__, __LINE__, os.str());
|
564
|
+
}
|
565
|
+
|
566
|
+
for(int i = 0; i < CFArrayGetCount(items.get()); ++i)
|
567
|
+
{
|
568
|
+
CFDictionaryRef dict = static_cast<CFDictionaryRef>(CFArrayGetValueAtIndex(items.get(), i));
|
569
|
+
SecIdentityRef identity = static_cast<SecIdentityRef>(
|
570
|
+
const_cast<void*>(CFDictionaryGetValue(dict, kSecImportItemIdentity)));
|
571
|
+
if(identity)
|
572
|
+
{
|
573
|
+
CFArrayRef certs = static_cast<CFArrayRef>(CFDictionaryGetValue(dict, kSecImportItemCertChain));
|
574
|
+
chain.reset(CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, certs));
|
575
|
+
CFArraySetValueAtIndex(const_cast<CFMutableArrayRef>(chain.get()), 0, identity);
|
576
|
+
}
|
577
|
+
}
|
578
|
+
|
579
|
+
if(!chain)
|
580
|
+
{
|
581
|
+
ostringstream os;
|
582
|
+
os << "IceSSL: couldn't find identity in file " << file;
|
583
|
+
throw InitializationException(__FILE__, __LINE__, os.str());
|
584
|
+
}
|
585
|
+
#else
|
586
|
+
UniqueRef<SecKeychainRef> keychain(openKeychain(keychainPath, keychainPassword));
|
587
|
+
if(keyFile.empty())
|
588
|
+
{
|
589
|
+
chain.reset(loadKeychainItems(file, kSecItemTypeUnknown, keychain.get(), password, prompt, retryMax));
|
590
|
+
}
|
591
|
+
else
|
592
|
+
{
|
593
|
+
//
|
594
|
+
// Load the certificate, don't load into the keychain as it
|
595
|
+
// might already have been imported.
|
596
|
+
//
|
597
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypeCertificate, 0, password, prompt, retryMax));
|
598
|
+
SecCertificateRef cert =
|
599
|
+
static_cast<SecCertificateRef>(const_cast<void*>(CFArrayGetValueAtIndex(items.get(), 0)));
|
600
|
+
if(SecCertificateGetTypeID() != CFGetTypeID(cert))
|
601
|
+
{
|
602
|
+
ostringstream os;
|
603
|
+
os << "IceSSL: couldn't find certificate in `" << file << "'";
|
604
|
+
throw CertificateReadException(__FILE__, __LINE__, os.str());
|
605
|
+
}
|
606
|
+
|
607
|
+
//
|
608
|
+
// Load the private key for the given certificate. This will
|
609
|
+
// add the certificate/key to the keychain if they aren't
|
610
|
+
// already present in the keychain.
|
611
|
+
//
|
612
|
+
UniqueRef<SecIdentityRef> identity(loadPrivateKey(keyFile, cert, keychain.get(), password, prompt, retryMax));
|
613
|
+
chain.reset(CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, items.get()));
|
614
|
+
CFArraySetValueAtIndex(const_cast<CFMutableArrayRef>(chain.get()), 0, identity.get());
|
615
|
+
}
|
616
|
+
#endif
|
617
|
+
return chain.release();
|
618
|
+
}
|
619
|
+
|
620
|
+
SecCertificateRef
|
621
|
+
IceSSL::SecureTransport::loadCertificate(const string& file)
|
622
|
+
{
|
623
|
+
UniqueRef<SecCertificateRef> cert;
|
624
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
625
|
+
UniqueRef<CFArrayRef> certs(loadCerts(file));
|
626
|
+
assert(CFArrayGetCount(certs.get()) > 0);
|
627
|
+
cert.retain((SecCertificateRef)CFArrayGetValueAtIndex(certs.get(), 0));
|
628
|
+
#else
|
629
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "", 0, 0));
|
630
|
+
cert.retain((SecCertificateRef)CFArrayGetValueAtIndex(items.get(), 0));
|
631
|
+
#endif
|
632
|
+
return cert.release();
|
633
|
+
}
|
634
|
+
|
635
|
+
CFArrayRef
|
636
|
+
IceSSL::SecureTransport::loadCACertificates(const string& file)
|
637
|
+
{
|
638
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
639
|
+
return loadCerts(file);
|
640
|
+
#else
|
641
|
+
UniqueRef<CFArrayRef> items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "", 0, 0));
|
642
|
+
UniqueRef<CFArrayRef> certificateAuthorities(CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks));
|
643
|
+
CFIndex count = CFArrayGetCount(items.get());
|
644
|
+
for(CFIndex i = 0; i < count; ++i)
|
645
|
+
{
|
646
|
+
SecCertificateRef cert =
|
647
|
+
static_cast<SecCertificateRef>(const_cast<void*>(CFArrayGetValueAtIndex(items.get(), i)));
|
648
|
+
assert(SecCertificateGetTypeID() == CFGetTypeID(cert));
|
649
|
+
if(isCA(cert))
|
650
|
+
{
|
651
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(certificateAuthorities.get()), cert);
|
652
|
+
}
|
653
|
+
}
|
654
|
+
return certificateAuthorities.release();
|
655
|
+
#endif
|
656
|
+
}
|
657
|
+
|
658
|
+
CFArrayRef
|
659
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
660
|
+
IceSSL::SecureTransport::findCertificateChain(const std::string&,
|
661
|
+
const std::string&,
|
662
|
+
const string& value)
|
663
|
+
#else
|
664
|
+
IceSSL::SecureTransport::findCertificateChain(const std::string& keychainPath,
|
665
|
+
const std::string& keychainPassword,
|
666
|
+
const string& value)
|
667
|
+
#endif
|
668
|
+
{
|
669
|
+
//
|
670
|
+
// Search the keychain using key:value pairs. The following keys are supported:
|
671
|
+
//
|
672
|
+
// Label
|
673
|
+
// Serial
|
674
|
+
// Subject
|
675
|
+
// SubjectKeyId
|
676
|
+
//
|
677
|
+
// A value must be enclosed in single or double quotes if it contains whitespace.
|
678
|
+
//
|
679
|
+
UniqueRef<CFMutableDictionaryRef> query(CFDictionaryCreateMutable(0,
|
680
|
+
0,
|
681
|
+
&kCFTypeDictionaryKeyCallBacks,
|
682
|
+
&kCFTypeDictionaryValueCallBacks));
|
683
|
+
|
684
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_MACOS)
|
685
|
+
UniqueRef<SecKeychainRef> keychain(openKeychain(keychainPath, keychainPassword));
|
686
|
+
const void* values[] = { keychain.get() };
|
687
|
+
UniqueRef<CFArrayRef> searchList(CFArrayCreate(kCFAllocatorDefault, values, 1, &kCFTypeArrayCallBacks));
|
688
|
+
CFDictionarySetValue(query.get(), kSecMatchSearchList, searchList.get());
|
689
|
+
#endif
|
690
|
+
CFDictionarySetValue(query.get(), kSecMatchLimit, kSecMatchLimitOne);
|
691
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
692
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
693
|
+
CFDictionarySetValue(query.get(), kSecMatchCaseInsensitive, kCFBooleanTrue);
|
694
|
+
|
695
|
+
size_t start = 0;
|
696
|
+
size_t pos;
|
697
|
+
bool valid = false;
|
698
|
+
while((pos = value.find(':', start)) != string::npos)
|
699
|
+
{
|
700
|
+
string field = IceUtilInternal::toUpper(IceUtilInternal::trim(value.substr(start, pos - start)));
|
701
|
+
string arg;
|
702
|
+
if(field != "LABEL" && field != "SERIAL" && field != "SUBJECT" && field != "SUBJECTKEYID")
|
703
|
+
{
|
704
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unknown key in `" + value + "'");
|
705
|
+
}
|
706
|
+
|
707
|
+
start = pos + 1;
|
708
|
+
while(start < value.size() && (value[start] == ' ' || value[start] == '\t'))
|
709
|
+
{
|
710
|
+
++start;
|
711
|
+
}
|
712
|
+
|
713
|
+
if(start == value.size())
|
714
|
+
{
|
715
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: missing argument in `" + value + "'");
|
716
|
+
}
|
717
|
+
|
718
|
+
if(value[start] == '"' || value[start] == '\'')
|
719
|
+
{
|
720
|
+
size_t end = start;
|
721
|
+
++end;
|
722
|
+
while(end < value.size())
|
723
|
+
{
|
724
|
+
if(value[end] == value[start] && value[end - 1] != '\\')
|
725
|
+
{
|
726
|
+
break;
|
727
|
+
}
|
728
|
+
++end;
|
729
|
+
}
|
730
|
+
if(end == value.size() || value[end] != value[start])
|
731
|
+
{
|
732
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unmatched quote in `" + value + "'");
|
733
|
+
}
|
734
|
+
++start;
|
735
|
+
arg = value.substr(start, end - start);
|
736
|
+
start = end + 1;
|
737
|
+
}
|
738
|
+
else
|
739
|
+
{
|
740
|
+
size_t end = value.find_first_of(" \t", start);
|
741
|
+
if(end == string::npos)
|
742
|
+
{
|
743
|
+
arg = value.substr(start);
|
744
|
+
start = value.size();
|
745
|
+
}
|
746
|
+
else
|
747
|
+
{
|
748
|
+
arg = value.substr(start, end - start);
|
749
|
+
start = end + 1;
|
750
|
+
}
|
751
|
+
}
|
752
|
+
|
753
|
+
if(field == "SUBJECT" || field == "LABEL")
|
754
|
+
{
|
755
|
+
UniqueRef<CFStringRef> v(toCFString(arg));
|
756
|
+
CFDictionarySetValue(query.get(), field == "LABEL" ? kSecAttrLabel : kSecMatchSubjectContains, v.get());
|
757
|
+
valid = true;
|
758
|
+
}
|
759
|
+
else if(field == "SUBJECTKEYID" || field == "SERIAL")
|
760
|
+
{
|
761
|
+
vector<unsigned char> buffer;
|
762
|
+
if(!parseBytes(arg, buffer))
|
763
|
+
{
|
764
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: invalid value `" + value + "'");
|
765
|
+
}
|
766
|
+
UniqueRef<CFDataRef> v(CFDataCreate(kCFAllocatorDefault, &buffer[0], static_cast<CFIndex>(buffer.size())));
|
767
|
+
CFDictionarySetValue(query.get(), field == "SUBJECTKEYID" ? kSecAttrSubjectKeyID : kSecAttrSerialNumber,
|
768
|
+
v.get());
|
769
|
+
valid = true;
|
770
|
+
}
|
771
|
+
}
|
772
|
+
|
773
|
+
if(!valid)
|
774
|
+
{
|
775
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: invalid value `" + value + "'");
|
776
|
+
}
|
777
|
+
|
778
|
+
UniqueRef<SecCertificateRef> cert;
|
779
|
+
OSStatus err = SecItemCopyMatching(query.get(), (CFTypeRef*)&cert.get());
|
780
|
+
if(err != noErr)
|
781
|
+
{
|
782
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
783
|
+
"IceSSL: find certificate `" + value + "' failed:\n" + sslErrorToString(err));
|
784
|
+
}
|
785
|
+
|
786
|
+
//
|
787
|
+
// Retrieve the certificate chain
|
788
|
+
//
|
789
|
+
UniqueRef<SecPolicyRef> policy(SecPolicyCreateSSL(true, 0));
|
790
|
+
UniqueRef<SecTrustRef> trust;
|
791
|
+
err = SecTrustCreateWithCertificates(reinterpret_cast<CFArrayRef>(cert.get()), policy.get(), &trust.get());
|
792
|
+
if(err || !trust)
|
793
|
+
{
|
794
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
795
|
+
"IceSSL: error creating trust object" +
|
796
|
+
(err ? ":\n" + sslErrorToString(err) : ""));
|
797
|
+
}
|
798
|
+
|
799
|
+
SecTrustResultType trustResult;
|
800
|
+
if((err = SecTrustEvaluate(trust.get(), &trustResult)))
|
801
|
+
{
|
802
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
803
|
+
"IceSSL: error evaluating trust:\n" + sslErrorToString(err));
|
804
|
+
}
|
805
|
+
|
806
|
+
CFIndex chainLength = SecTrustGetCertificateCount(trust.get());
|
807
|
+
UniqueRef<CFArrayRef> items(CFArrayCreateMutable(kCFAllocatorDefault, chainLength, &kCFTypeArrayCallBacks));
|
808
|
+
for(int i = 0; i < chainLength; ++i)
|
809
|
+
{
|
810
|
+
CFArrayAppendValue(const_cast<CFMutableArrayRef>(items.get()), SecTrustGetCertificateAtIndex(trust.get(), i));
|
811
|
+
}
|
812
|
+
|
813
|
+
//
|
814
|
+
// Replace the first certificate in the chain with the
|
815
|
+
// identity.
|
816
|
+
//
|
817
|
+
UniqueRef<SecIdentityRef> identity;
|
818
|
+
#if defined(ICE_USE_SECURE_TRANSPORT_IOS)
|
819
|
+
|
820
|
+
//
|
821
|
+
// SecIdentityCreateWithCertificate isn't supported on iOS so we lookup the identity
|
822
|
+
// using the certicate label. If the user added the identity with SecItemAdd the
|
823
|
+
// identity has the same label as the certificate.
|
824
|
+
//
|
825
|
+
query.reset(CFDictionaryCreateMutable(0, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
|
826
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassCertificate);
|
827
|
+
CFDictionarySetValue(query.get(), kSecValueRef, cert.get());
|
828
|
+
CFDictionarySetValue(query.get(), kSecReturnAttributes, kCFBooleanTrue);
|
829
|
+
UniqueRef<CFDictionaryRef> attributes;
|
830
|
+
err = SecItemCopyMatching(query.get(), reinterpret_cast<CFTypeRef*>(&attributes.get()));
|
831
|
+
if(err != noErr)
|
832
|
+
{
|
833
|
+
ostringstream os;
|
834
|
+
os << "IceSSL: couldn't create identity for certificate found in the keychain:\n" << sslErrorToString(err);
|
835
|
+
throw PluginInitializationException(__FILE__, __LINE__, os.str());
|
836
|
+
}
|
837
|
+
|
838
|
+
// Now lookup the identity with the label
|
839
|
+
query.reset(CFDictionaryCreateMutable(0, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
|
840
|
+
CFDictionarySetValue(query.get(), kSecMatchLimit, kSecMatchLimitOne);
|
841
|
+
CFDictionarySetValue(query.get(), kSecClass, kSecClassIdentity);
|
842
|
+
CFDictionarySetValue(query.get(), kSecAttrLabel, (CFDataRef)CFDictionaryGetValue(attributes.get(), kSecAttrLabel));
|
843
|
+
CFDictionarySetValue(query.get(), kSecReturnRef, kCFBooleanTrue);
|
844
|
+
err = SecItemCopyMatching(query.get(), (CFTypeRef*)&identity.get());
|
845
|
+
if(err == noErr)
|
846
|
+
{
|
847
|
+
UniqueRef<SecCertificateRef> cert2;
|
848
|
+
if((err = SecIdentityCopyCertificate(identity.get(), &cert2.get())) == noErr)
|
849
|
+
{
|
850
|
+
err = CFEqual(cert2.get(), cert.get()) ? noErr : errSecItemNotFound;
|
851
|
+
}
|
852
|
+
}
|
853
|
+
#else
|
854
|
+
err = SecIdentityCreateWithCertificate(keychain.get(), cert.get(), &identity.get());
|
855
|
+
#endif
|
856
|
+
if(err != noErr)
|
857
|
+
{
|
858
|
+
ostringstream os;
|
859
|
+
os << "IceSSL: couldn't create identity for certificate found in the keychain:\n" << sslErrorToString(err);
|
860
|
+
throw PluginInitializationException(__FILE__, __LINE__, os.str());
|
861
|
+
}
|
862
|
+
CFArraySetValueAtIndex(const_cast<CFMutableArrayRef>(items.get()), 0, identity.get());
|
863
|
+
return items.release();
|
864
|
+
}
|