zeroc-ice 3.6b1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/ICE_LICENSE +54 -0
- data/LICENSE +339 -0
- data/bin/slice2rb +17 -0
- data/ext/Communicator.cpp +596 -0
- data/ext/Communicator.h +25 -0
- data/ext/Config.h +111 -0
- data/ext/Connection.cpp +381 -0
- data/ext/Connection.h +26 -0
- data/ext/Endpoint.cpp +311 -0
- data/ext/Endpoint.h +27 -0
- data/ext/ImplicitContext.cpp +152 -0
- data/ext/ImplicitContext.h +25 -0
- data/ext/Init.cpp +52 -0
- data/ext/Logger.cpp +151 -0
- data/ext/Logger.h +28 -0
- data/ext/ObjectFactory.cpp +140 -0
- data/ext/ObjectFactory.h +50 -0
- data/ext/Operation.cpp +676 -0
- data/ext/Operation.h +36 -0
- data/ext/Properties.cpp +369 -0
- data/ext/Properties.h +25 -0
- data/ext/Proxy.cpp +1354 -0
- data/ext/Proxy.h +27 -0
- data/ext/Slice.cpp +223 -0
- data/ext/Slice.h +22 -0
- data/ext/Types.cpp +3160 -0
- data/ext/Types.h +545 -0
- data/ext/Util.cpp +792 -0
- data/ext/Util.h +511 -0
- data/ext/extconf.rb +118 -0
- data/ext/ice/BZIP_LICENSE +42 -0
- data/ext/ice/MCPP_LICENSE +36 -0
- data/ext/ice/bzip2/blocksort.c +1094 -0
- data/ext/ice/bzip2/bzlib.c +1572 -0
- data/ext/ice/bzip2/bzlib.h +282 -0
- data/ext/ice/bzip2/bzlib_private.h +509 -0
- data/ext/ice/bzip2/compress.c +672 -0
- data/ext/ice/bzip2/crctable.c +104 -0
- data/ext/ice/bzip2/decompress.c +646 -0
- data/ext/ice/bzip2/huffman.c +205 -0
- data/ext/ice/bzip2/randtable.c +84 -0
- data/ext/ice/cpp/include/Ice/ACMF.h +30 -0
- data/ext/ice/cpp/include/Ice/Application.h +156 -0
- data/ext/ice/cpp/include/Ice/AsyncResult.h +363 -0
- data/ext/ice/cpp/include/Ice/AsyncResultF.h +26 -0
- data/ext/ice/cpp/include/Ice/BasicStream.h +1315 -0
- data/ext/ice/cpp/include/Ice/Buffer.h +159 -0
- data/ext/ice/cpp/include/Ice/BuiltinSequences.h +74 -0
- data/ext/ice/cpp/include/Ice/Communicator.h +194 -0
- data/ext/ice/cpp/include/Ice/CommunicatorAsync.h +115 -0
- data/ext/ice/cpp/include/Ice/CommunicatorF.h +60 -0
- data/ext/ice/cpp/include/Ice/Config.h +97 -0
- data/ext/ice/cpp/include/Ice/Connection.h +495 -0
- data/ext/ice/cpp/include/Ice/ConnectionAsync.h +115 -0
- data/ext/ice/cpp/include/Ice/ConnectionF.h +72 -0
- data/ext/ice/cpp/include/Ice/ConnectionFactoryF.h +30 -0
- data/ext/ice/cpp/include/Ice/ConnectionIF.h +37 -0
- data/ext/ice/cpp/include/Ice/Current.h +94 -0
- data/ext/ice/cpp/include/Ice/DefaultObjectFactory.h +48 -0
- data/ext/ice/cpp/include/Ice/DeprecatedStringConverter.h +62 -0
- data/ext/ice/cpp/include/Ice/DispatchInterceptor.h +33 -0
- data/ext/ice/cpp/include/Ice/Dispatcher.h +51 -0
- data/ext/ice/cpp/include/Ice/DynamicLibrary.h +105 -0
- data/ext/ice/cpp/include/Ice/DynamicLibraryF.h +29 -0
- data/ext/ice/cpp/include/Ice/Endpoint.h +350 -0
- data/ext/ice/cpp/include/Ice/EndpointF.h +97 -0
- data/ext/ice/cpp/include/Ice/EndpointTypes.h +74 -0
- data/ext/ice/cpp/include/Ice/Exception.h +114 -0
- data/ext/ice/cpp/include/Ice/FacetMap.h +56 -0
- data/ext/ice/cpp/include/Ice/FactoryTable.h +69 -0
- data/ext/ice/cpp/include/Ice/FactoryTableInit.h +87 -0
- data/ext/ice/cpp/include/Ice/Format.h +39 -0
- data/ext/ice/cpp/include/Ice/Functional.h +138 -0
- data/ext/ice/cpp/include/Ice/GCObject.h +73 -0
- data/ext/ice/cpp/include/Ice/Handle.h +192 -0
- data/ext/ice/cpp/include/Ice/Ice.h +54 -0
- data/ext/ice/cpp/include/Ice/Identity.h +160 -0
- data/ext/ice/cpp/include/Ice/ImplicitContext.h +96 -0
- data/ext/ice/cpp/include/Ice/ImplicitContextF.h +60 -0
- data/ext/ice/cpp/include/Ice/Incoming.h +131 -0
- data/ext/ice/cpp/include/Ice/IncomingAsync.h +108 -0
- data/ext/ice/cpp/include/Ice/IncomingAsyncF.h +35 -0
- data/ext/ice/cpp/include/Ice/Initialize.h +141 -0
- data/ext/ice/cpp/include/Ice/InstanceF.h +26 -0
- data/ext/ice/cpp/include/Ice/Instrumentation.h +377 -0
- data/ext/ice/cpp/include/Ice/InstrumentationF.h +71 -0
- data/ext/ice/cpp/include/Ice/LocalException.h +1022 -0
- data/ext/ice/cpp/include/Ice/LocalObject.h +36 -0
- data/ext/ice/cpp/include/Ice/LocalObjectF.h +26 -0
- data/ext/ice/cpp/include/Ice/Locator.h +2191 -0
- data/ext/ice/cpp/include/Ice/LocatorF.h +89 -0
- data/ext/ice/cpp/include/Ice/Logger.h +94 -0
- data/ext/ice/cpp/include/Ice/LoggerF.h +60 -0
- data/ext/ice/cpp/include/Ice/LoggerUtil.h +153 -0
- data/ext/ice/cpp/include/Ice/Makefile +26 -0
- data/ext/ice/cpp/include/Ice/Metrics.h +2989 -0
- data/ext/ice/cpp/include/Ice/MetricsAdminI.h +662 -0
- data/ext/ice/cpp/include/Ice/MetricsFunctional.h +144 -0
- data/ext/ice/cpp/include/Ice/MetricsObserverI.h +576 -0
- data/ext/ice/cpp/include/Ice/NativePropertiesAdmin.h +55 -0
- data/ext/ice/cpp/include/Ice/Object.h +165 -0
- data/ext/ice/cpp/include/Ice/ObjectAdapter.h +162 -0
- data/ext/ice/cpp/include/Ice/ObjectAdapterF.h +60 -0
- data/ext/ice/cpp/include/Ice/ObjectAdapterFactoryF.h +26 -0
- data/ext/ice/cpp/include/Ice/ObjectF.h +26 -0
- data/ext/ice/cpp/include/Ice/ObjectFactory.h +86 -0
- data/ext/ice/cpp/include/Ice/ObjectFactoryF.h +60 -0
- data/ext/ice/cpp/include/Ice/ObjectFactoryManagerF.h +26 -0
- data/ext/ice/cpp/include/Ice/ObserverHelper.h +177 -0
- data/ext/ice/cpp/include/Ice/Outgoing.h +197 -0
- data/ext/ice/cpp/include/Ice/OutgoingAsync.h +264 -0
- data/ext/ice/cpp/include/Ice/OutgoingAsyncF.h +38 -0
- data/ext/ice/cpp/include/Ice/Plugin.h +121 -0
- data/ext/ice/cpp/include/Ice/PluginF.h +66 -0
- data/ext/ice/cpp/include/Ice/Process.h +568 -0
- data/ext/ice/cpp/include/Ice/ProcessF.h +77 -0
- data/ext/ice/cpp/include/Ice/Properties.h +130 -0
- data/ext/ice/cpp/include/Ice/PropertiesAdmin.h +824 -0
- data/ext/ice/cpp/include/Ice/PropertiesF.h +83 -0
- data/ext/ice/cpp/include/Ice/Protocol.h +242 -0
- data/ext/ice/cpp/include/Ice/Proxy.h +2448 -0
- data/ext/ice/cpp/include/Ice/ProxyF.h +78 -0
- data/ext/ice/cpp/include/Ice/ProxyFactoryF.h +26 -0
- data/ext/ice/cpp/include/Ice/ProxyHandle.h +330 -0
- data/ext/ice/cpp/include/Ice/ReferenceF.h +34 -0
- data/ext/ice/cpp/include/Ice/RemoteLogger.h +1496 -0
- data/ext/ice/cpp/include/Ice/RequestHandlerF.h +29 -0
- data/ext/ice/cpp/include/Ice/ResponseHandlerF.h +25 -0
- data/ext/ice/cpp/include/Ice/Router.h +1155 -0
- data/ext/ice/cpp/include/Ice/RouterF.h +77 -0
- data/ext/ice/cpp/include/Ice/ServantLocator.h +90 -0
- data/ext/ice/cpp/include/Ice/ServantLocatorF.h +60 -0
- data/ext/ice/cpp/include/Ice/ServantManagerF.h +26 -0
- data/ext/ice/cpp/include/Ice/Service.h +260 -0
- data/ext/ice/cpp/include/Ice/SliceChecksumDict.h +56 -0
- data/ext/ice/cpp/include/Ice/SliceChecksums.h +34 -0
- data/ext/ice/cpp/include/Ice/SlicedData.h +103 -0
- data/ext/ice/cpp/include/Ice/SlicedDataF.h +34 -0
- data/ext/ice/cpp/include/Ice/Stream.h +449 -0
- data/ext/ice/cpp/include/Ice/StreamF.h +30 -0
- data/ext/ice/cpp/include/Ice/StreamHelpers.h +877 -0
- data/ext/ice/cpp/include/Ice/ThreadPoolF.h +28 -0
- data/ext/ice/cpp/include/Ice/UserExceptionFactory.h +56 -0
- data/ext/ice/cpp/include/Ice/Version.h +254 -0
- data/ext/ice/cpp/include/IceSSL/Config.h +23 -0
- data/ext/ice/cpp/include/IceSSL/ConnectionInfo.h +119 -0
- data/ext/ice/cpp/include/IceSSL/EndpointInfo.h +101 -0
- data/ext/ice/cpp/include/IceSSL/IceSSL.h +22 -0
- data/ext/ice/cpp/include/IceSSL/Makefile +26 -0
- data/ext/ice/cpp/include/IceSSL/Plugin.h +558 -0
- data/ext/ice/cpp/include/IceUtil/AbstractMutex.h +119 -0
- data/ext/ice/cpp/include/IceUtil/Cache.h +362 -0
- data/ext/ice/cpp/include/IceUtil/Cond.h +323 -0
- data/ext/ice/cpp/include/IceUtil/Config.h +234 -0
- data/ext/ice/cpp/include/IceUtil/CountDownLatch.h +50 -0
- data/ext/ice/cpp/include/IceUtil/CtrlCHandler.h +70 -0
- data/ext/ice/cpp/include/IceUtil/DisableWarnings.h +45 -0
- data/ext/ice/cpp/include/IceUtil/Exception.h +184 -0
- data/ext/ice/cpp/include/IceUtil/Functional.h +389 -0
- data/ext/ice/cpp/include/IceUtil/Handle.h +266 -0
- data/ext/ice/cpp/include/IceUtil/IceUtil.h +51 -0
- data/ext/ice/cpp/include/IceUtil/IconvStringConverter.h +302 -0
- data/ext/ice/cpp/include/IceUtil/InputUtil.h +47 -0
- data/ext/ice/cpp/include/IceUtil/Iterator.h +36 -0
- data/ext/ice/cpp/include/IceUtil/Lock.h +135 -0
- data/ext/ice/cpp/include/IceUtil/Makefile +26 -0
- data/ext/ice/cpp/include/IceUtil/Monitor.h +249 -0
- data/ext/ice/cpp/include/IceUtil/Mutex.h +357 -0
- data/ext/ice/cpp/include/IceUtil/MutexProtocol.h +28 -0
- data/ext/ice/cpp/include/IceUtil/MutexPtrLock.h +83 -0
- data/ext/ice/cpp/include/IceUtil/MutexPtrTryLock.h +82 -0
- data/ext/ice/cpp/include/IceUtil/Optional.h +322 -0
- data/ext/ice/cpp/include/IceUtil/Options.h +141 -0
- data/ext/ice/cpp/include/IceUtil/OutputUtil.h +362 -0
- data/ext/ice/cpp/include/IceUtil/PopDisableWarnings.h +19 -0
- data/ext/ice/cpp/include/IceUtil/PushDisableWarnings.h +26 -0
- data/ext/ice/cpp/include/IceUtil/Random.h +24 -0
- data/ext/ice/cpp/include/IceUtil/RecMutex.h +113 -0
- data/ext/ice/cpp/include/IceUtil/SHA1.h +65 -0
- data/ext/ice/cpp/include/IceUtil/ScannerConfig.h +44 -0
- data/ext/ice/cpp/include/IceUtil/ScopedArray.h +97 -0
- data/ext/ice/cpp/include/IceUtil/Shared.h +168 -0
- data/ext/ice/cpp/include/IceUtil/StringConverter.h +175 -0
- data/ext/ice/cpp/include/IceUtil/StringUtil.h +91 -0
- data/ext/ice/cpp/include/IceUtil/Thread.h +181 -0
- data/ext/ice/cpp/include/IceUtil/ThreadException.h +108 -0
- data/ext/ice/cpp/include/IceUtil/Time.h +209 -0
- data/ext/ice/cpp/include/IceUtil/Timer.h +143 -0
- data/ext/ice/cpp/include/IceUtil/UUID.h +22 -0
- data/ext/ice/cpp/include/IceUtil/UndefSysMacros.h +42 -0
- data/ext/ice/cpp/include/IceUtil/UniquePtr.h +101 -0
- data/ext/ice/cpp/include/Slice/CPlusPlusUtil.h +64 -0
- data/ext/ice/cpp/include/Slice/Checksum.h +26 -0
- data/ext/ice/cpp/include/Slice/CsUtil.h +92 -0
- data/ext/ice/cpp/include/Slice/DotNetNames.h +34 -0
- data/ext/ice/cpp/include/Slice/FileTracker.h +71 -0
- data/ext/ice/cpp/include/Slice/JavaUtil.h +277 -0
- data/ext/ice/cpp/include/Slice/Makefile +26 -0
- data/ext/ice/cpp/include/Slice/PHPUtil.h +50 -0
- data/ext/ice/cpp/include/Slice/Parser.h +1116 -0
- data/ext/ice/cpp/include/Slice/Preprocessor.h +68 -0
- data/ext/ice/cpp/include/Slice/PythonUtil.h +64 -0
- data/ext/ice/cpp/include/Slice/RubyUtil.h +54 -0
- data/ext/ice/cpp/include/Slice/Util.h +33 -0
- data/ext/ice/cpp/src/Ice/ACM.cpp +343 -0
- data/ext/ice/cpp/src/Ice/ACM.h +117 -0
- data/ext/ice/cpp/src/Ice/Acceptor.cpp +16 -0
- data/ext/ice/cpp/src/Ice/Acceptor.h +41 -0
- data/ext/ice/cpp/src/Ice/AcceptorF.h +30 -0
- data/ext/ice/cpp/src/Ice/Application.cpp +760 -0
- data/ext/ice/cpp/src/Ice/AsyncResult.cpp +599 -0
- data/ext/ice/cpp/src/Ice/Base64.cpp +269 -0
- data/ext/ice/cpp/src/Ice/Base64.h +36 -0
- data/ext/ice/cpp/src/Ice/BasicStream.cpp +3393 -0
- data/ext/ice/cpp/src/Ice/Buffer.cpp +98 -0
- data/ext/ice/cpp/src/Ice/BuiltinSequences.cpp +34 -0
- data/ext/ice/cpp/src/Ice/CollocatedRequestHandler.cpp +718 -0
- data/ext/ice/cpp/src/Ice/CollocatedRequestHandler.h +106 -0
- data/ext/ice/cpp/src/Ice/Communicator.cpp +45 -0
- data/ext/ice/cpp/src/Ice/CommunicatorF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/CommunicatorI.cpp +386 -0
- data/ext/ice/cpp/src/Ice/CommunicatorI.h +112 -0
- data/ext/ice/cpp/src/Ice/ConnectRequestHandler.cpp +546 -0
- data/ext/ice/cpp/src/Ice/ConnectRequestHandler.h +97 -0
- data/ext/ice/cpp/src/Ice/Connection.cpp +58 -0
- data/ext/ice/cpp/src/Ice/ConnectionF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/ConnectionFactory.cpp +1639 -0
- data/ext/ice/cpp/src/Ice/ConnectionFactory.h +236 -0
- data/ext/ice/cpp/src/Ice/ConnectionI.cpp +3876 -0
- data/ext/ice/cpp/src/Ice/ConnectionI.h +364 -0
- data/ext/ice/cpp/src/Ice/ConnectionRequestHandler.cpp +115 -0
- data/ext/ice/cpp/src/Ice/ConnectionRequestHandler.h +50 -0
- data/ext/ice/cpp/src/Ice/Connector.cpp +16 -0
- data/ext/ice/cpp/src/Ice/Connector.h +36 -0
- data/ext/ice/cpp/src/Ice/ConnectorF.h +26 -0
- data/ext/ice/cpp/src/Ice/Current.cpp +38 -0
- data/ext/ice/cpp/src/Ice/DefaultsAndOverrides.cpp +168 -0
- data/ext/ice/cpp/src/Ice/DefaultsAndOverrides.h +57 -0
- data/ext/ice/cpp/src/Ice/DefaultsAndOverridesF.h +26 -0
- data/ext/ice/cpp/src/Ice/DeprecatedStringConverter.cpp +60 -0
- data/ext/ice/cpp/src/Ice/DispatchInterceptor.cpp +49 -0
- data/ext/ice/cpp/src/Ice/DynamicLibrary.cpp +281 -0
- data/ext/ice/cpp/src/Ice/Endpoint.cpp +53 -0
- data/ext/ice/cpp/src/Ice/EndpointF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/EndpointFactory.cpp +25 -0
- data/ext/ice/cpp/src/Ice/EndpointFactory.h +44 -0
- data/ext/ice/cpp/src/Ice/EndpointFactoryF.h +26 -0
- data/ext/ice/cpp/src/Ice/EndpointFactoryManager.cpp +208 -0
- data/ext/ice/cpp/src/Ice/EndpointFactoryManager.h +46 -0
- data/ext/ice/cpp/src/Ice/EndpointFactoryManagerF.h +26 -0
- data/ext/ice/cpp/src/Ice/EndpointI.cpp +87 -0
- data/ext/ice/cpp/src/Ice/EndpointI.h +165 -0
- data/ext/ice/cpp/src/Ice/EndpointIF.h +41 -0
- data/ext/ice/cpp/src/Ice/EndpointTypes.cpp +38 -0
- data/ext/ice/cpp/src/Ice/EventHandler.cpp +35 -0
- data/ext/ice/cpp/src/Ice/EventHandler.h +78 -0
- data/ext/ice/cpp/src/Ice/EventHandlerF.h +26 -0
- data/ext/ice/cpp/src/Ice/EventLoggerMsg.h +53 -0
- data/ext/ice/cpp/src/Ice/Exception.cpp +832 -0
- data/ext/ice/cpp/src/Ice/FacetMap.cpp +34 -0
- data/ext/ice/cpp/src/Ice/FactoryTable.cpp +158 -0
- data/ext/ice/cpp/src/Ice/FactoryTableInit.cpp +95 -0
- data/ext/ice/cpp/src/Ice/GCObject.cpp +444 -0
- data/ext/ice/cpp/src/Ice/HashUtil.h +59 -0
- data/ext/ice/cpp/src/Ice/HttpParser.cpp +680 -0
- data/ext/ice/cpp/src/Ice/HttpParser.h +124 -0
- data/ext/ice/cpp/src/Ice/IPEndpointI.cpp +733 -0
- data/ext/ice/cpp/src/Ice/IPEndpointI.h +157 -0
- data/ext/ice/cpp/src/Ice/IPEndpointIF.h +29 -0
- data/ext/ice/cpp/src/Ice/Identity.cpp +42 -0
- data/ext/ice/cpp/src/Ice/ImplicitContext.cpp +41 -0
- data/ext/ice/cpp/src/Ice/ImplicitContextF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/ImplicitContextI.cpp +639 -0
- data/ext/ice/cpp/src/Ice/ImplicitContextI.h +51 -0
- data/ext/ice/cpp/src/Ice/Incoming.cpp +757 -0
- data/ext/ice/cpp/src/Ice/IncomingAsync.cpp +340 -0
- data/ext/ice/cpp/src/Ice/IncomingRequest.h +37 -0
- data/ext/ice/cpp/src/Ice/Initialize.cpp +401 -0
- data/ext/ice/cpp/src/Ice/Instance.cpp +1928 -0
- data/ext/ice/cpp/src/Ice/Instance.h +198 -0
- data/ext/ice/cpp/src/Ice/Instrumentation.cpp +68 -0
- data/ext/ice/cpp/src/Ice/InstrumentationF.cpp +43 -0
- data/ext/ice/cpp/src/Ice/InstrumentationI.cpp +1083 -0
- data/ext/ice/cpp/src/Ice/InstrumentationI.h +262 -0
- data/ext/ice/cpp/src/Ice/LocalException.cpp +2091 -0
- data/ext/ice/cpp/src/Ice/LocalObject.cpp +29 -0
- data/ext/ice/cpp/src/Ice/Locator.cpp +1946 -0
- data/ext/ice/cpp/src/Ice/LocatorF.cpp +39 -0
- data/ext/ice/cpp/src/Ice/LocatorInfo.cpp +917 -0
- data/ext/ice/cpp/src/Ice/LocatorInfo.h +193 -0
- data/ext/ice/cpp/src/Ice/LocatorInfoF.h +34 -0
- data/ext/ice/cpp/src/Ice/Logger.cpp +40 -0
- data/ext/ice/cpp/src/Ice/LoggerAdminI.cpp +862 -0
- data/ext/ice/cpp/src/Ice/LoggerAdminI.h +46 -0
- data/ext/ice/cpp/src/Ice/LoggerF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/LoggerI.cpp +199 -0
- data/ext/ice/cpp/src/Ice/LoggerI.h +57 -0
- data/ext/ice/cpp/src/Ice/LoggerUtil.cpp +107 -0
- data/ext/ice/cpp/src/Ice/Makefile +190 -0
- data/ext/ice/cpp/src/Ice/Metrics.cpp +2159 -0
- data/ext/ice/cpp/src/Ice/MetricsAdminI.cpp +669 -0
- data/ext/ice/cpp/src/Ice/MetricsObserverI.cpp +14 -0
- data/ext/ice/cpp/src/Ice/Network.cpp +2694 -0
- data/ext/ice/cpp/src/Ice/Network.h +291 -0
- data/ext/ice/cpp/src/Ice/NetworkF.h +28 -0
- data/ext/ice/cpp/src/Ice/NetworkProxy.cpp +325 -0
- data/ext/ice/cpp/src/Ice/NetworkProxy.h +74 -0
- data/ext/ice/cpp/src/Ice/NetworkProxyF.h +26 -0
- data/ext/ice/cpp/src/Ice/Object.cpp +440 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapter.cpp +41 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapterF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactory.cpp +241 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactory.h +52 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapterI.cpp +1498 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapterI.h +155 -0
- data/ext/ice/cpp/src/Ice/ObjectFactory.cpp +41 -0
- data/ext/ice/cpp/src/Ice/ObjectFactoryF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/ObjectFactoryManager.cpp +140 -0
- data/ext/ice/cpp/src/Ice/ObjectFactoryManager.h +43 -0
- data/ext/ice/cpp/src/Ice/ObserverHelper.cpp +84 -0
- data/ext/ice/cpp/src/Ice/OpaqueEndpointI.cpp +407 -0
- data/ext/ice/cpp/src/Ice/OpaqueEndpointI.h +70 -0
- data/ext/ice/cpp/src/Ice/Outgoing.cpp +737 -0
- data/ext/ice/cpp/src/Ice/OutgoingAsync.cpp +874 -0
- data/ext/ice/cpp/src/Ice/Plugin.cpp +43 -0
- data/ext/ice/cpp/src/Ice/PluginF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/PluginManagerI.cpp +503 -0
- data/ext/ice/cpp/src/Ice/PluginManagerI.h +67 -0
- data/ext/ice/cpp/src/Ice/Process.cpp +299 -0
- data/ext/ice/cpp/src/Ice/ProcessF.cpp +39 -0
- data/ext/ice/cpp/src/Ice/Properties.cpp +45 -0
- data/ext/ice/cpp/src/Ice/PropertiesAdmin.cpp +555 -0
- data/ext/ice/cpp/src/Ice/PropertiesAdminI.cpp +207 -0
- data/ext/ice/cpp/src/Ice/PropertiesAdminI.h +45 -0
- data/ext/ice/cpp/src/Ice/PropertiesF.cpp +39 -0
- data/ext/ice/cpp/src/Ice/PropertiesI.cpp +759 -0
- data/ext/ice/cpp/src/Ice/PropertiesI.h +78 -0
- data/ext/ice/cpp/src/Ice/PropertyNames.cpp +1293 -0
- data/ext/ice/cpp/src/Ice/PropertyNames.h +81 -0
- data/ext/ice/cpp/src/Ice/Protocol.cpp +137 -0
- data/ext/ice/cpp/src/Ice/ProtocolInstance.cpp +98 -0
- data/ext/ice/cpp/src/Ice/ProtocolInstance.h +91 -0
- data/ext/ice/cpp/src/Ice/ProtocolInstanceF.h +26 -0
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacade.cpp +51 -0
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacade.h +67 -0
- data/ext/ice/cpp/src/Ice/ProtocolPluginFacadeF.h +26 -0
- data/ext/ice/cpp/src/Ice/Proxy.cpp +1810 -0
- data/ext/ice/cpp/src/Ice/ProxyFactory.cpp +305 -0
- data/ext/ice/cpp/src/Ice/ProxyFactory.h +57 -0
- data/ext/ice/cpp/src/Ice/Reference.cpp +1947 -0
- data/ext/ice/cpp/src/Ice/Reference.h +305 -0
- data/ext/ice/cpp/src/Ice/ReferenceFactory.cpp +937 -0
- data/ext/ice/cpp/src/Ice/ReferenceFactory.h +81 -0
- data/ext/ice/cpp/src/Ice/ReferenceFactoryF.h +24 -0
- data/ext/ice/cpp/src/Ice/RemoteLogger.cpp +958 -0
- data/ext/ice/cpp/src/Ice/ReplyStatus.h +29 -0
- data/ext/ice/cpp/src/Ice/RequestHandler.cpp +40 -0
- data/ext/ice/cpp/src/Ice/RequestHandler.h +90 -0
- data/ext/ice/cpp/src/Ice/RequestHandlerFactory.cpp +70 -0
- data/ext/ice/cpp/src/Ice/RequestHandlerFactory.h +41 -0
- data/ext/ice/cpp/src/Ice/ResponseHandler.cpp +20 -0
- data/ext/ice/cpp/src/Ice/ResponseHandler.h +39 -0
- data/ext/ice/cpp/src/Ice/RetryQueue.cpp +154 -0
- data/ext/ice/cpp/src/Ice/RetryQueue.h +69 -0
- data/ext/ice/cpp/src/Ice/RetryQueueF.h +24 -0
- data/ext/ice/cpp/src/Ice/Router.cpp +849 -0
- data/ext/ice/cpp/src/Ice/RouterF.cpp +39 -0
- data/ext/ice/cpp/src/Ice/RouterInfo.cpp +381 -0
- data/ext/ice/cpp/src/Ice/RouterInfo.h +148 -0
- data/ext/ice/cpp/src/Ice/RouterInfoF.h +30 -0
- data/ext/ice/cpp/src/Ice/Selector.cpp +926 -0
- data/ext/ice/cpp/src/Ice/Selector.h +231 -0
- data/ext/ice/cpp/src/Ice/ServantLocator.cpp +41 -0
- data/ext/ice/cpp/src/Ice/ServantLocatorF.cpp +38 -0
- data/ext/ice/cpp/src/Ice/ServantManager.cpp +495 -0
- data/ext/ice/cpp/src/Ice/ServantManager.h +74 -0
- data/ext/ice/cpp/src/Ice/Service.cpp +1897 -0
- data/ext/ice/cpp/src/Ice/SharedContext.h +51 -0
- data/ext/ice/cpp/src/Ice/SliceChecksumDict.cpp +34 -0
- data/ext/ice/cpp/src/Ice/SliceChecksums.cpp +80 -0
- data/ext/ice/cpp/src/Ice/SlicedData.cpp +80 -0
- data/ext/ice/cpp/src/Ice/Stream.cpp +53 -0
- data/ext/ice/cpp/src/Ice/StreamI.cpp +832 -0
- data/ext/ice/cpp/src/Ice/StreamI.h +198 -0
- data/ext/ice/cpp/src/Ice/StreamSocket.cpp +521 -0
- data/ext/ice/cpp/src/Ice/StreamSocket.h +85 -0
- data/ext/ice/cpp/src/Ice/StringConverterPlugin.cpp +145 -0
- data/ext/ice/cpp/src/Ice/SysLoggerI.cpp +167 -0
- data/ext/ice/cpp/src/Ice/SysLoggerI.h +43 -0
- data/ext/ice/cpp/src/Ice/TcpAcceptor.cpp +235 -0
- data/ext/ice/cpp/src/Ice/TcpAcceptor.h +67 -0
- data/ext/ice/cpp/src/Ice/TcpConnector.cpp +133 -0
- data/ext/ice/cpp/src/Ice/TcpConnector.h +51 -0
- data/ext/ice/cpp/src/Ice/TcpEndpointI.cpp +397 -0
- data/ext/ice/cpp/src/Ice/TcpEndpointI.h +93 -0
- data/ext/ice/cpp/src/Ice/TcpTransceiver.cpp +127 -0
- data/ext/ice/cpp/src/Ice/TcpTransceiver.h +61 -0
- data/ext/ice/cpp/src/Ice/ThreadPool.cpp +1357 -0
- data/ext/ice/cpp/src/Ice/ThreadPool.h +399 -0
- data/ext/ice/cpp/src/Ice/TraceLevels.cpp +43 -0
- data/ext/ice/cpp/src/Ice/TraceLevels.h +50 -0
- data/ext/ice/cpp/src/Ice/TraceLevelsF.h +26 -0
- data/ext/ice/cpp/src/Ice/TraceUtil.cpp +452 -0
- data/ext/ice/cpp/src/Ice/TraceUtil.h +28 -0
- data/ext/ice/cpp/src/Ice/Transceiver.cpp +24 -0
- data/ext/ice/cpp/src/Ice/Transceiver.h +52 -0
- data/ext/ice/cpp/src/Ice/TransceiverF.h +38 -0
- data/ext/ice/cpp/src/Ice/UdpConnector.cpp +144 -0
- data/ext/ice/cpp/src/Ice/UdpConnector.h +51 -0
- data/ext/ice/cpp/src/Ice/UdpEndpointI.cpp +483 -0
- data/ext/ice/cpp/src/Ice/UdpEndpointI.h +95 -0
- data/ext/ice/cpp/src/Ice/UdpTransceiver.cpp +1156 -0
- data/ext/ice/cpp/src/Ice/UdpTransceiver.h +123 -0
- data/ext/ice/cpp/src/Ice/Version.cpp +46 -0
- data/ext/ice/cpp/src/Ice/WSAcceptor.cpp +103 -0
- data/ext/ice/cpp/src/Ice/WSAcceptor.h +61 -0
- data/ext/ice/cpp/src/Ice/WSConnector.cpp +113 -0
- data/ext/ice/cpp/src/Ice/WSConnector.h +51 -0
- data/ext/ice/cpp/src/Ice/WSEndpoint.cpp +441 -0
- data/ext/ice/cpp/src/Ice/WSEndpoint.h +97 -0
- data/ext/ice/cpp/src/Ice/WSTransceiver.cpp +1728 -0
- data/ext/ice/cpp/src/Ice/WSTransceiver.h +149 -0
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.cpp +594 -0
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.h +1035 -0
- data/ext/ice/cpp/src/IceDiscovery/LocatorI.cpp +208 -0
- data/ext/ice/cpp/src/IceDiscovery/LocatorI.h +78 -0
- data/ext/ice/cpp/src/IceDiscovery/LookupI.cpp +308 -0
- data/ext/ice/cpp/src/IceDiscovery/LookupI.h +183 -0
- data/ext/ice/cpp/src/IceDiscovery/Makefile +61 -0
- data/ext/ice/cpp/src/IceDiscovery/PluginI.cpp +148 -0
- data/ext/ice/cpp/src/IceDiscovery/PluginI.h +39 -0
- data/ext/ice/cpp/src/IceSSL/AcceptorI.cpp +258 -0
- data/ext/ice/cpp/src/IceSSL/AcceptorI.h +66 -0
- data/ext/ice/cpp/src/IceSSL/Certificate.cpp +1334 -0
- data/ext/ice/cpp/src/IceSSL/ConnectionInfo.cpp +42 -0
- data/ext/ice/cpp/src/IceSSL/ConnectorI.cpp +151 -0
- data/ext/ice/cpp/src/IceSSL/ConnectorI.h +56 -0
- data/ext/ice/cpp/src/IceSSL/EndpointI.cpp +397 -0
- data/ext/ice/cpp/src/IceSSL/EndpointI.h +96 -0
- data/ext/ice/cpp/src/IceSSL/EndpointInfo.cpp +41 -0
- data/ext/ice/cpp/src/IceSSL/Instance.cpp +38 -0
- data/ext/ice/cpp/src/IceSSL/Instance.h +42 -0
- data/ext/ice/cpp/src/IceSSL/InstanceF.h +34 -0
- data/ext/ice/cpp/src/IceSSL/Makefile +82 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.cpp +1001 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.cpp +607 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.h +75 -0
- data/ext/ice/cpp/src/IceSSL/PluginI.cpp +102 -0
- data/ext/ice/cpp/src/IceSSL/PluginI.h +56 -0
- data/ext/ice/cpp/src/IceSSL/RFC2253.cpp +541 -0
- data/ext/ice/cpp/src/IceSSL/RFC2253.h +67 -0
- data/ext/ice/cpp/src/IceSSL/SChannelEngine.cpp +729 -0
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.cpp +1062 -0
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.h +130 -0
- data/ext/ice/cpp/src/IceSSL/SSLEngine.cpp +291 -0
- data/ext/ice/cpp/src/IceSSL/SSLEngine.h +264 -0
- data/ext/ice/cpp/src/IceSSL/SSLEngineF.h +41 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportEngine.cpp +1514 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +609 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.h +91 -0
- data/ext/ice/cpp/src/IceSSL/TrustManager.cpp +246 -0
- data/ext/ice/cpp/src/IceSSL/TrustManager.h +51 -0
- data/ext/ice/cpp/src/IceSSL/TrustManagerF.h +26 -0
- data/ext/ice/cpp/src/IceSSL/Util.cpp +1423 -0
- data/ext/ice/cpp/src/IceSSL/Util.h +136 -0
- data/ext/ice/cpp/src/IceUtil/ArgVector.cpp +65 -0
- data/ext/ice/cpp/src/IceUtil/ArgVector.h +41 -0
- data/ext/ice/cpp/src/IceUtil/Cond.cpp +386 -0
- data/ext/ice/cpp/src/IceUtil/ConvertUTF.cpp +477 -0
- data/ext/ice/cpp/src/IceUtil/ConvertUTF.h +144 -0
- data/ext/ice/cpp/src/IceUtil/CountDownLatch.cpp +184 -0
- data/ext/ice/cpp/src/IceUtil/CtrlCHandler.cpp +273 -0
- data/ext/ice/cpp/src/IceUtil/Exception.cpp +782 -0
- data/ext/ice/cpp/src/IceUtil/FileUtil.cpp +532 -0
- data/ext/ice/cpp/src/IceUtil/FileUtil.h +159 -0
- data/ext/ice/cpp/src/IceUtil/InputUtil.cpp +41 -0
- data/ext/ice/cpp/src/IceUtil/Makefile +68 -0
- data/ext/ice/cpp/src/IceUtil/MutexProtocol.cpp +24 -0
- data/ext/ice/cpp/src/IceUtil/Options.cpp +1049 -0
- data/ext/ice/cpp/src/IceUtil/OutputUtil.cpp +591 -0
- data/ext/ice/cpp/src/IceUtil/Random.cpp +185 -0
- data/ext/ice/cpp/src/IceUtil/RecMutex.cpp +257 -0
- data/ext/ice/cpp/src/IceUtil/SHA1.cpp +126 -0
- data/ext/ice/cpp/src/IceUtil/Shared.cpp +200 -0
- data/ext/ice/cpp/src/IceUtil/StopWatch.h +54 -0
- data/ext/ice/cpp/src/IceUtil/StringConverter.cpp +450 -0
- data/ext/ice/cpp/src/IceUtil/StringUtil.cpp +842 -0
- data/ext/ice/cpp/src/IceUtil/Thread.cpp +809 -0
- data/ext/ice/cpp/src/IceUtil/ThreadException.cpp +172 -0
- data/ext/ice/cpp/src/IceUtil/Time.cpp +306 -0
- data/ext/ice/cpp/src/IceUtil/Timer.cpp +251 -0
- data/ext/ice/cpp/src/IceUtil/UUID.cpp +174 -0
- data/ext/ice/cpp/src/IceUtil/Unicode.cpp +131 -0
- data/ext/ice/cpp/src/IceUtil/Unicode.h +49 -0
- data/ext/ice/cpp/src/Slice/CPlusPlusUtil.cpp +1139 -0
- data/ext/ice/cpp/src/Slice/Checksum.cpp +452 -0
- data/ext/ice/cpp/src/Slice/CsUtil.cpp +2650 -0
- data/ext/ice/cpp/src/Slice/DotNetNames.cpp +146 -0
- data/ext/ice/cpp/src/Slice/FileTracker.cpp +203 -0
- data/ext/ice/cpp/src/Slice/Grammar.cpp +4755 -0
- data/ext/ice/cpp/src/Slice/Grammar.h +98 -0
- data/ext/ice/cpp/src/Slice/GrammarUtil.h +234 -0
- data/ext/ice/cpp/src/Slice/JavaUtil.cpp +4376 -0
- data/ext/ice/cpp/src/Slice/MD5.cpp +57 -0
- data/ext/ice/cpp/src/Slice/MD5.h +44 -0
- data/ext/ice/cpp/src/Slice/MD5I.cpp +385 -0
- data/ext/ice/cpp/src/Slice/MD5I.h +91 -0
- data/ext/ice/cpp/src/Slice/Makefile +65 -0
- data/ext/ice/cpp/src/Slice/PHPUtil.cpp +156 -0
- data/ext/ice/cpp/src/Slice/Parser.cpp +6386 -0
- data/ext/ice/cpp/src/Slice/Preprocessor.cpp +686 -0
- data/ext/ice/cpp/src/Slice/Python.cpp +675 -0
- data/ext/ice/cpp/src/Slice/PythonUtil.cpp +2614 -0
- data/ext/ice/cpp/src/Slice/Ruby.cpp +317 -0
- data/ext/ice/cpp/src/Slice/RubyUtil.cpp +1774 -0
- data/ext/ice/cpp/src/Slice/Scanner.cpp +2426 -0
- data/ext/ice/cpp/src/Slice/Util.cpp +325 -0
- data/ext/ice/mcpp/config.h.Darwin +227 -0
- data/ext/ice/mcpp/config.h.Linux +227 -0
- data/ext/ice/mcpp/config.h.MINGW +7 -0
- data/ext/ice/mcpp/configed.H +382 -0
- data/ext/ice/mcpp/directive.c +1699 -0
- data/ext/ice/mcpp/eval.c +1673 -0
- data/ext/ice/mcpp/expand.c +2980 -0
- data/ext/ice/mcpp/internal.H +564 -0
- data/ext/ice/mcpp/main.c +1131 -0
- data/ext/ice/mcpp/mbchar.c +869 -0
- data/ext/ice/mcpp/mcpp_lib.h +31 -0
- data/ext/ice/mcpp/mcpp_out.h +13 -0
- data/ext/ice/mcpp/support.c +2811 -0
- data/ext/ice/mcpp/system.H +396 -0
- data/ext/ice/mcpp/system.c +4940 -0
- data/ice.gemspec +41 -0
- data/lib/Glacier2.rb +12 -0
- data/lib/Glacier2/Metrics.rb +99 -0
- data/lib/Glacier2/PermissionsVerifier.rb +168 -0
- data/lib/Glacier2/PermissionsVerifierF.rb +34 -0
- data/lib/Glacier2/Router.rb +141 -0
- data/lib/Glacier2/RouterF.rb +29 -0
- data/lib/Glacier2/SSLInfo.rb +79 -0
- data/lib/Glacier2/Session.rb +470 -0
- data/lib/Ice.rb +659 -0
- data/lib/Ice/BuiltinSequences.rb +64 -0
- data/lib/Ice/Communicator.rb +93 -0
- data/lib/Ice/CommunicatorF.rb +28 -0
- data/lib/Ice/Connection.rb +414 -0
- data/lib/Ice/ConnectionF.rb +36 -0
- data/lib/Ice/Current.rb +152 -0
- data/lib/Ice/Endpoint.rb +265 -0
- data/lib/Ice/EndpointF.rb +52 -0
- data/lib/Ice/EndpointTypes.rb +77 -0
- data/lib/Ice/FacetMap.rb +28 -0
- data/lib/Ice/Identity.rb +70 -0
- data/lib/Ice/ImplicitContext.rb +59 -0
- data/lib/Ice/ImplicitContextF.rb +28 -0
- data/lib/Ice/Instrumentation.rb +425 -0
- data/lib/Ice/InstrumentationF.rb +35 -0
- data/lib/Ice/LocalException.rb +1081 -0
- data/lib/Ice/Locator.rb +314 -0
- data/lib/Ice/LocatorF.rb +34 -0
- data/lib/Ice/Logger.rb +57 -0
- data/lib/Ice/LoggerF.rb +28 -0
- data/lib/Ice/Metrics.rb +696 -0
- data/lib/Ice/ObjectAdapterF.rb +28 -0
- data/lib/Ice/ObjectFactory.rb +53 -0
- data/lib/Ice/ObjectFactoryF.rb +28 -0
- data/lib/Ice/Plugin.rb +87 -0
- data/lib/Ice/PluginF.rb +32 -0
- data/lib/Ice/Process.rb +93 -0
- data/lib/Ice/ProcessF.rb +29 -0
- data/lib/Ice/Properties.rb +65 -0
- data/lib/Ice/PropertiesAdmin.rb +104 -0
- data/lib/Ice/PropertiesF.rb +33 -0
- data/lib/Ice/Router.rb +163 -0
- data/lib/Ice/RouterF.rb +29 -0
- data/lib/Ice/SliceChecksumDict.rb +28 -0
- data/lib/Ice/Version.rb +100 -0
- data/lib/IceBox.rb +10 -0
- data/lib/IceBox/IceBox.rb +272 -0
- data/lib/IceGrid.rb +17 -0
- data/lib/IceGrid/Admin.rb +1076 -0
- data/lib/IceGrid/Descriptor.rb +1505 -0
- data/lib/IceGrid/Exception.rb +401 -0
- data/lib/IceGrid/FileParser.rb +105 -0
- data/lib/IceGrid/Locator.rb +105 -0
- data/lib/IceGrid/Observer.rb +571 -0
- data/lib/IceGrid/Query.rb +168 -0
- data/lib/IceGrid/Registry.rb +120 -0
- data/lib/IceGrid/Session.rb +114 -0
- data/lib/IceGrid/UserAccountMapper.rb +101 -0
- data/lib/IcePatch2.rb +10 -0
- data/lib/IcePatch2/FileInfo.rb +75 -0
- data/lib/IcePatch2/FileServer.rb +141 -0
- data/lib/IceStorm.rb +11 -0
- data/lib/IceStorm/IceStorm.rb +463 -0
- data/lib/IceStorm/Metrics.rb +155 -0
- data/slice/Freeze/BackgroundSaveEvictor.ice +111 -0
- data/slice/Freeze/CatalogData.ice +49 -0
- data/slice/Freeze/Connection.ice +111 -0
- data/slice/Freeze/ConnectionF.ice +20 -0
- data/slice/Freeze/DB.ice +37 -0
- data/slice/Freeze/Evictor.ice +339 -0
- data/slice/Freeze/EvictorF.ice +22 -0
- data/slice/Freeze/EvictorStorage.ice +72 -0
- data/slice/Freeze/Exception.ice +100 -0
- data/slice/Freeze/Transaction.ice +57 -0
- data/slice/Freeze/TransactionalEvictor.ice +50 -0
- data/slice/Glacier2/Metrics.ice +77 -0
- data/slice/Glacier2/PermissionsVerifier.ice +105 -0
- data/slice/Glacier2/PermissionsVerifierF.ice +21 -0
- data/slice/Glacier2/Router.ice +178 -0
- data/slice/Glacier2/RouterF.ice +20 -0
- data/slice/Glacier2/SSLInfo.ice +50 -0
- data/slice/Glacier2/Session.ice +273 -0
- data/slice/Ice/BuiltinSequences.ice +48 -0
- data/slice/Ice/Communicator.ice +567 -0
- data/slice/Ice/CommunicatorF.ice +20 -0
- data/slice/Ice/Connection.ice +323 -0
- data/slice/Ice/ConnectionF.ice +22 -0
- data/slice/Ice/Current.ice +160 -0
- data/slice/Ice/Endpoint.ice +227 -0
- data/slice/Ice/EndpointF.ice +32 -0
- data/slice/Ice/EndpointTypes.ice +38 -0
- data/slice/Ice/FacetMap.ice +25 -0
- data/slice/Ice/Identity.ice +59 -0
- data/slice/Ice/ImplicitContext.ice +109 -0
- data/slice/Ice/ImplicitContextF.ice +20 -0
- data/slice/Ice/Instrumentation.ice +499 -0
- data/slice/Ice/InstrumentationF.ice +26 -0
- data/slice/Ice/LocalException.ice +1015 -0
- data/slice/Ice/Locator.ice +227 -0
- data/slice/Ice/LocatorF.ice +21 -0
- data/slice/Ice/Logger.ice +86 -0
- data/slice/Ice/LoggerF.ice +20 -0
- data/slice/Ice/Metrics.ice +422 -0
- data/slice/Ice/ObjectAdapter.ice +673 -0
- data/slice/Ice/ObjectAdapterF.ice +20 -0
- data/slice/Ice/ObjectFactory.ice +60 -0
- data/slice/Ice/ObjectFactoryF.ice +20 -0
- data/slice/Ice/Plugin.ice +117 -0
- data/slice/Ice/PluginF.ice +21 -0
- data/slice/Ice/Process.ice +54 -0
- data/slice/Ice/ProcessF.ice +20 -0
- data/slice/Ice/Properties.ice +228 -0
- data/slice/Ice/PropertiesAdmin.ice +75 -0
- data/slice/Ice/PropertiesF.ice +21 -0
- data/slice/Ice/RemoteLogger.ice +232 -0
- data/slice/Ice/Router.ice +83 -0
- data/slice/Ice/RouterF.ice +20 -0
- data/slice/Ice/ServantLocator.ice +117 -0
- data/slice/Ice/ServantLocatorF.ice +20 -0
- data/slice/Ice/SliceChecksumDict.ice +25 -0
- data/slice/Ice/Version.ice +39 -0
- data/slice/IceBox/IceBox.ice +194 -0
- data/slice/IceDiscovery/IceDiscovery.ice +32 -0
- data/slice/IceGrid/Admin.ice +1578 -0
- data/slice/IceGrid/Descriptor.ice +1079 -0
- data/slice/IceGrid/Discovery.ice +73 -0
- data/slice/IceGrid/Exception.ice +383 -0
- data/slice/IceGrid/FileParser.ice +61 -0
- data/slice/IceGrid/Locator.ice +56 -0
- data/slice/IceGrid/Observer.ice +394 -0
- data/slice/IceGrid/PluginFacade.ice +316 -0
- data/slice/IceGrid/Query.ice +130 -0
- data/slice/IceGrid/Registry.ice +138 -0
- data/slice/IceGrid/Session.ice +124 -0
- data/slice/IceGrid/UserAccountMapper.ice +58 -0
- data/slice/IcePatch2/FileInfo.ice +49 -0
- data/slice/IcePatch2/FileServer.ice +129 -0
- data/slice/IceSSL/ConnectionInfo.ice +34 -0
- data/slice/IceSSL/EndpointInfo.ice +41 -0
- data/slice/IceStorm/IceStorm.ice +405 -0
- data/slice/IceStorm/Metrics.ice +71 -0
- metadata +737 -0
@@ -0,0 +1,41 @@
|
|
1
|
+
// **********************************************************************
|
2
|
+
//
|
3
|
+
// Copyright (c) 2003-2014 ZeroC, Inc. All rights reserved.
|
4
|
+
//
|
5
|
+
// This copy of Ice is licensed to you under the terms described in the
|
6
|
+
// ICE_LICENSE file included in this distribution.
|
7
|
+
//
|
8
|
+
// **********************************************************************
|
9
|
+
|
10
|
+
#ifndef ICE_SSL_ENGINE_F_H
|
11
|
+
#define ICE_SSL_ENGINE_F_H
|
12
|
+
|
13
|
+
#include <IceUtil/Shared.h>
|
14
|
+
#include <Ice/Handle.h>
|
15
|
+
|
16
|
+
#include <IceSSL/Plugin.h>
|
17
|
+
|
18
|
+
namespace IceSSL
|
19
|
+
{
|
20
|
+
|
21
|
+
class SSLEngine;
|
22
|
+
ICE_SSL_API IceUtil::Shared* upCast(IceSSL::SSLEngine*);
|
23
|
+
typedef IceInternal::Handle<SSLEngine> SSLEnginePtr;
|
24
|
+
|
25
|
+
#if defined(ICE_USE_SECURE_TRANSPORT)
|
26
|
+
class SecureTransportEngine;
|
27
|
+
ICE_SSL_API IceUtil::Shared* upCast(IceSSL::SecureTransportEngine*);
|
28
|
+
typedef IceInternal::Handle<SecureTransportEngine> SecureTransportEnginePtr;
|
29
|
+
#elif defined(ICE_USE_SCHANNEL)
|
30
|
+
class SChannelEngine;
|
31
|
+
ICE_SSL_API IceUtil::Shared* upCast(IceSSL::SChannelEngine*);
|
32
|
+
typedef IceInternal::Handle<SChannelEngine> SChannelEnginePtr;
|
33
|
+
#else // OpenSSL
|
34
|
+
class OpenSSLEngine;
|
35
|
+
ICE_SSL_API IceUtil::Shared* upCast(IceSSL::OpenSSLEngine*);
|
36
|
+
typedef IceInternal::Handle<OpenSSLEngine> OpenSSLEnginePtr;
|
37
|
+
#endif
|
38
|
+
|
39
|
+
}
|
40
|
+
|
41
|
+
#endif
|
@@ -0,0 +1,1514 @@
|
|
1
|
+
// **********************************************************************
|
2
|
+
//
|
3
|
+
// Copyright (c) 2003-2014 ZeroC, Inc. All rights reserved.
|
4
|
+
//
|
5
|
+
// This copy of Ice is licensed to you under the terms described in the
|
6
|
+
// ICE_LICENSE file included in this distribution.
|
7
|
+
//
|
8
|
+
// **********************************************************************
|
9
|
+
|
10
|
+
#include <IceSSL/Config.h>
|
11
|
+
|
12
|
+
#include <IceUtil/FileUtil.h>
|
13
|
+
#include <IceUtil/StringUtil.h>
|
14
|
+
|
15
|
+
#include <Ice/LocalException.h>
|
16
|
+
#include <Ice/Properties.h>
|
17
|
+
#include <Ice/Communicator.h>
|
18
|
+
#include <Ice/Logger.h>
|
19
|
+
#include <Ice/LoggerUtil.h>
|
20
|
+
|
21
|
+
#include <IceSSL/SecureTransportTransceiverI.h>
|
22
|
+
#include <IceSSL/Plugin.h>
|
23
|
+
#include <IceSSL/SSLEngine.h>
|
24
|
+
#include <IceSSL/Util.h>
|
25
|
+
|
26
|
+
#ifdef ICE_USE_SECURE_TRANSPORT
|
27
|
+
|
28
|
+
#include <regex.h>
|
29
|
+
|
30
|
+
using namespace std;
|
31
|
+
using namespace IceUtil;
|
32
|
+
using namespace Ice;
|
33
|
+
using namespace IceSSL;
|
34
|
+
|
35
|
+
namespace
|
36
|
+
{
|
37
|
+
|
38
|
+
IceUtil::Mutex* staticMutex = 0;
|
39
|
+
|
40
|
+
class Init
|
41
|
+
{
|
42
|
+
public:
|
43
|
+
|
44
|
+
Init()
|
45
|
+
{
|
46
|
+
staticMutex = new IceUtil::Mutex;
|
47
|
+
}
|
48
|
+
|
49
|
+
~Init()
|
50
|
+
{
|
51
|
+
delete staticMutex;
|
52
|
+
staticMutex = 0;
|
53
|
+
}
|
54
|
+
};
|
55
|
+
|
56
|
+
Init init;
|
57
|
+
|
58
|
+
class RegExp : public IceUtil::Shared
|
59
|
+
{
|
60
|
+
public:
|
61
|
+
|
62
|
+
RegExp(const string&);
|
63
|
+
~RegExp();
|
64
|
+
bool match(const string&);
|
65
|
+
|
66
|
+
private:
|
67
|
+
|
68
|
+
regex_t _preg;
|
69
|
+
};
|
70
|
+
typedef IceUtil::Handle<RegExp> RegExpPtr;
|
71
|
+
|
72
|
+
RegExp::RegExp(const string& regexp)
|
73
|
+
{
|
74
|
+
int err = regcomp(&_preg, regexp.c_str(), REG_EXTENDED | REG_NOSUB);
|
75
|
+
if(err)
|
76
|
+
{
|
77
|
+
throw IceUtil::SyscallException(__FILE__, __LINE__, err);
|
78
|
+
}
|
79
|
+
}
|
80
|
+
|
81
|
+
RegExp::~RegExp()
|
82
|
+
{
|
83
|
+
regfree(&_preg);
|
84
|
+
}
|
85
|
+
|
86
|
+
bool
|
87
|
+
RegExp::match(const string& value)
|
88
|
+
{
|
89
|
+
return regexec(&_preg, value.c_str(), 0, 0, 0) == 0;
|
90
|
+
}
|
91
|
+
|
92
|
+
struct CipherExpression
|
93
|
+
{
|
94
|
+
bool negation;
|
95
|
+
string cipher;
|
96
|
+
RegExpPtr re;
|
97
|
+
};
|
98
|
+
|
99
|
+
class CiphersHelper
|
100
|
+
{
|
101
|
+
public:
|
102
|
+
|
103
|
+
static void initialize();
|
104
|
+
static SSLCipherSuite cipherForName(const string& name);
|
105
|
+
static string cipherName(SSLCipherSuite cipher);
|
106
|
+
static map<string, SSLCipherSuite> ciphers();
|
107
|
+
|
108
|
+
private:
|
109
|
+
|
110
|
+
static map<string, SSLCipherSuite> _ciphers;
|
111
|
+
};
|
112
|
+
|
113
|
+
map<string, SSLCipherSuite> CiphersHelper::_ciphers;
|
114
|
+
|
115
|
+
//
|
116
|
+
// Initialize a dictionary with the names of ciphers
|
117
|
+
//
|
118
|
+
void
|
119
|
+
CiphersHelper::initialize()
|
120
|
+
{
|
121
|
+
IceUtilInternal::MutexPtrLock<IceUtil::Mutex> sync(staticMutex);
|
122
|
+
if(_ciphers.empty())
|
123
|
+
{
|
124
|
+
_ciphers["NULL_WITH_NULL_NULL"] = SSL_NULL_WITH_NULL_NULL;
|
125
|
+
_ciphers["RSA_WITH_NULL_MD5"] = SSL_RSA_WITH_NULL_MD5;
|
126
|
+
_ciphers["RSA_WITH_NULL_SHA"] = SSL_RSA_WITH_NULL_SHA;
|
127
|
+
_ciphers["RSA_EXPORT_WITH_RC4_40_MD5"] = SSL_RSA_EXPORT_WITH_RC4_40_MD5;
|
128
|
+
_ciphers["RSA_WITH_RC4_128_MD5"] = SSL_RSA_WITH_RC4_128_MD5;
|
129
|
+
_ciphers["RSA_WITH_RC4_128_SHA"] = SSL_RSA_WITH_RC4_128_SHA;
|
130
|
+
_ciphers["RSA_EXPORT_WITH_RC2_CBC_40_MD5"] = SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5;
|
131
|
+
_ciphers["RSA_WITH_IDEA_CBC_SHA"] = SSL_RSA_WITH_IDEA_CBC_SHA;
|
132
|
+
_ciphers["RSA_EXPORT_WITH_DES40_CBC_SHA"] = SSL_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
133
|
+
_ciphers["RSA_WITH_DES_CBC_SHA"] = SSL_RSA_WITH_DES_CBC_SHA;
|
134
|
+
_ciphers["RSA_WITH_3DES_EDE_CBC_SHA"] = SSL_RSA_WITH_3DES_EDE_CBC_SHA;
|
135
|
+
_ciphers["DH_DSS_EXPORT_WITH_DES40_CBC_SHA"] = SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA;
|
136
|
+
_ciphers["DH_DSS_WITH_DES_CBC_SHA"] = SSL_DH_DSS_WITH_DES_CBC_SHA;
|
137
|
+
_ciphers["DH_DSS_WITH_3DES_EDE_CBC_SHA"] = SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA;
|
138
|
+
_ciphers["DH_RSA_EXPORT_WITH_DES40_CBC_SHA"] = SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
139
|
+
_ciphers["DH_RSA_WITH_DES_CBC_SHA"] = SSL_DH_RSA_WITH_DES_CBC_SHA;
|
140
|
+
_ciphers["DH_RSA_WITH_3DES_EDE_CBC_SHA"] = SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA;
|
141
|
+
_ciphers["DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"] = SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA;
|
142
|
+
_ciphers["DHE_DSS_WITH_DES_CBC_SHA"] = SSL_DHE_DSS_WITH_DES_CBC_SHA;
|
143
|
+
_ciphers["DHE_DSS_WITH_3DES_EDE_CBC_SHA"] = SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA;
|
144
|
+
_ciphers["DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"] = SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA;
|
145
|
+
_ciphers["DHE_RSA_WITH_DES_CBC_SHA"] = SSL_DHE_RSA_WITH_DES_CBC_SHA;
|
146
|
+
_ciphers["DHE_RSA_WITH_3DES_EDE_CBC_SHA"] = SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
|
147
|
+
_ciphers["DH_anon_EXPORT_WITH_RC4_40_MD5"] = SSL_DH_anon_EXPORT_WITH_RC4_40_MD5;
|
148
|
+
_ciphers["DH_anon_WITH_RC4_128_MD5"] = SSL_DH_anon_WITH_RC4_128_MD5;
|
149
|
+
_ciphers["DH_anon_EXPORT_WITH_DES40_CBC_SHA"] = SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA;
|
150
|
+
_ciphers["DH_anon_WITH_DES_CBC_SHA"] = SSL_DH_anon_WITH_DES_CBC_SHA;
|
151
|
+
_ciphers["DH_anon_WITH_3DES_EDE_CBC_SHA"] = SSL_DH_anon_WITH_3DES_EDE_CBC_SHA;
|
152
|
+
_ciphers["FORTEZZA_DMS_WITH_NULL_SHA"] = SSL_FORTEZZA_DMS_WITH_NULL_SHA;
|
153
|
+
_ciphers["FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA"] = SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA;
|
154
|
+
|
155
|
+
//
|
156
|
+
// TLS addenda using AES, per RFC 3268
|
157
|
+
//
|
158
|
+
_ciphers["RSA_WITH_AES_128_CBC_SHA"] = TLS_RSA_WITH_AES_128_CBC_SHA;
|
159
|
+
_ciphers["DH_DSS_WITH_AES_128_CBC_SHA"] = TLS_DH_DSS_WITH_AES_128_CBC_SHA;
|
160
|
+
_ciphers["DH_RSA_WITH_AES_128_CBC_SHA"] = TLS_DH_RSA_WITH_AES_128_CBC_SHA;
|
161
|
+
_ciphers["DHE_DSS_WITH_AES_128_CBC_SHA"] = TLS_DHE_DSS_WITH_AES_128_CBC_SHA;
|
162
|
+
_ciphers["DHE_RSA_WITH_AES_128_CBC_SHA"] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA;
|
163
|
+
_ciphers["DH_anon_WITH_AES_128_CBC_SHA"] = TLS_DH_anon_WITH_AES_128_CBC_SHA;
|
164
|
+
_ciphers["RSA_WITH_AES_256_CBC_SHA"] = TLS_RSA_WITH_AES_256_CBC_SHA;
|
165
|
+
_ciphers["DH_DSS_WITH_AES_256_CBC_SHA"] = TLS_DH_DSS_WITH_AES_256_CBC_SHA;
|
166
|
+
_ciphers["DH_RSA_WITH_AES_256_CBC_SHA"] = TLS_DH_RSA_WITH_AES_256_CBC_SHA;
|
167
|
+
_ciphers["DHE_DSS_WITH_AES_256_CBC_SHA"] = TLS_DHE_DSS_WITH_AES_256_CBC_SHA;
|
168
|
+
_ciphers["DHE_RSA_WITH_AES_256_CBC_SHA"] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA;
|
169
|
+
_ciphers["DH_anon_WITH_AES_256_CBC_SHA"] = TLS_DH_anon_WITH_AES_256_CBC_SHA;
|
170
|
+
|
171
|
+
//
|
172
|
+
// ECDSA addenda, RFC 4492
|
173
|
+
//
|
174
|
+
_ciphers["ECDH_ECDSA_WITH_NULL_SHA"] = TLS_ECDH_ECDSA_WITH_NULL_SHA;
|
175
|
+
_ciphers["ECDH_ECDSA_WITH_RC4_128_SHA"] = TLS_ECDH_ECDSA_WITH_RC4_128_SHA;
|
176
|
+
_ciphers["ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"] = TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA;
|
177
|
+
_ciphers["ECDH_ECDSA_WITH_AES_128_CBC_SHA"] = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA;
|
178
|
+
_ciphers["ECDH_ECDSA_WITH_AES_256_CBC_SHA"] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA;
|
179
|
+
_ciphers["ECDHE_ECDSA_WITH_NULL_SHA"] = TLS_ECDHE_ECDSA_WITH_NULL_SHA;
|
180
|
+
_ciphers["ECDHE_ECDSA_WITH_RC4_128_SHA"] = TLS_ECDHE_ECDSA_WITH_RC4_128_SHA;
|
181
|
+
_ciphers["ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"] = TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA;
|
182
|
+
_ciphers["ECDHE_ECDSA_WITH_AES_128_CBC_SHA"] = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA;
|
183
|
+
_ciphers["ECDHE_ECDSA_WITH_AES_256_CBC_SHA"] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA;
|
184
|
+
_ciphers["ECDH_RSA_WITH_NULL_SHA"] = TLS_ECDH_RSA_WITH_NULL_SHA;
|
185
|
+
_ciphers["ECDH_RSA_WITH_RC4_128_SHA"] = TLS_ECDH_RSA_WITH_RC4_128_SHA;
|
186
|
+
_ciphers["ECDH_RSA_WITH_3DES_EDE_CBC_SHA"] = TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA;
|
187
|
+
_ciphers["ECDH_RSA_WITH_AES_128_CBC_SHA"] = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA;
|
188
|
+
_ciphers["ECDH_RSA_WITH_AES_256_CBC_SHA"] = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA;
|
189
|
+
_ciphers["ECDHE_RSA_WITH_NULL_SHA"] = TLS_ECDHE_RSA_WITH_NULL_SHA;
|
190
|
+
_ciphers["ECDHE_RSA_WITH_RC4_128_SHA"] = TLS_ECDHE_RSA_WITH_RC4_128_SHA;
|
191
|
+
_ciphers["ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"] = TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA;
|
192
|
+
_ciphers["ECDHE_RSA_WITH_AES_128_CBC_SHA"] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA;
|
193
|
+
_ciphers["ECDHE_RSA_WITH_AES_256_CBC_SHA"] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA;
|
194
|
+
_ciphers["ECDH_anon_WITH_NULL_SHA"] = TLS_ECDH_anon_WITH_NULL_SHA;
|
195
|
+
_ciphers["ECDH_anon_WITH_RC4_128_SHA"] = TLS_ECDH_anon_WITH_RC4_128_SHA;
|
196
|
+
_ciphers["ECDH_anon_WITH_3DES_EDE_CBC_SHA"] = TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA;
|
197
|
+
_ciphers["ECDH_anon_WITH_AES_128_CBC_SHA"] = TLS_ECDH_anon_WITH_AES_128_CBC_SHA;
|
198
|
+
_ciphers["ECDH_anon_WITH_AES_256_CBC_SHA"] = TLS_ECDH_anon_WITH_AES_256_CBC_SHA;
|
199
|
+
|
200
|
+
//
|
201
|
+
// TLS 1.2 addenda, RFC 5246
|
202
|
+
//
|
203
|
+
//_ciphers["NULL_WITH_NULL_NULL"] = TLS_NULL_WITH_NULL_NULL;
|
204
|
+
|
205
|
+
//
|
206
|
+
// Server provided RSA certificate for key exchange.
|
207
|
+
//
|
208
|
+
//_ciphers["RSA_WITH_NULL_MD5"] = TLS_RSA_WITH_NULL_MD5;
|
209
|
+
//_ciphers["RSA_WITH_NULL_SHA"] = TLS_RSA_WITH_NULL_SHA;
|
210
|
+
//_ciphers["RSA_WITH_RC4_128_MD5"] = TLS_RSA_WITH_RC4_128_MD5;
|
211
|
+
//_ciphers["RSA_WITH_RC4_128_SHA"] = TLS_RSA_WITH_RC4_128_SHA;
|
212
|
+
//_ciphers["RSA_WITH_3DES_EDE_CBC_SHA"] = TLS_RSA_WITH_3DES_EDE_CBC_SHA;
|
213
|
+
_ciphers["RSA_WITH_NULL_SHA256"] = TLS_RSA_WITH_NULL_SHA256;
|
214
|
+
_ciphers["RSA_WITH_AES_128_CBC_SHA256"] = TLS_RSA_WITH_AES_128_CBC_SHA256;
|
215
|
+
_ciphers["RSA_WITH_AES_256_CBC_SHA256"] = TLS_RSA_WITH_AES_256_CBC_SHA256;
|
216
|
+
|
217
|
+
//
|
218
|
+
// Server-authenticated (and optionally client-authenticated) Diffie-Hellman.
|
219
|
+
//
|
220
|
+
//_ciphers["DH_DSS_WITH_3DES_EDE_CBC_SHA"] = TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA;
|
221
|
+
//_ciphers["DH_RSA_WITH_3DES_EDE_CBC_SHA"] = TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA;
|
222
|
+
//_ciphers["DHE_DSS_WITH_3DES_EDE_CBC_SHA"] = TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA;
|
223
|
+
//_ciphers["DHE_RSA_WITH_3DES_EDE_CBC_SHA"] = TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
|
224
|
+
_ciphers["DH_DSS_WITH_AES_128_CBC_SHA256"] = TLS_DH_DSS_WITH_AES_128_CBC_SHA256;
|
225
|
+
_ciphers["DH_RSA_WITH_AES_128_CBC_SHA256"] = TLS_DH_RSA_WITH_AES_128_CBC_SHA256;
|
226
|
+
_ciphers["DHE_DSS_WITH_AES_128_CBC_SHA256"] = TLS_DHE_DSS_WITH_AES_128_CBC_SHA256;
|
227
|
+
_ciphers["DHE_RSA_WITH_AES_128_CBC_SHA256"] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA256;
|
228
|
+
_ciphers["DH_DSS_WITH_AES_256_CBC_SHA256"] = TLS_DH_DSS_WITH_AES_256_CBC_SHA256;
|
229
|
+
_ciphers["DH_RSA_WITH_AES_256_CBC_SHA256"] = TLS_DH_RSA_WITH_AES_256_CBC_SHA256;
|
230
|
+
_ciphers["DHE_DSS_WITH_AES_256_CBC_SHA256"] = TLS_DHE_DSS_WITH_AES_256_CBC_SHA256;
|
231
|
+
_ciphers["DHE_RSA_WITH_AES_256_CBC_SHA256"] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA256;
|
232
|
+
|
233
|
+
//
|
234
|
+
// Completely anonymous Diffie-Hellman
|
235
|
+
//
|
236
|
+
//_ciphers["DH_anon_WITH_RC4_128_MD5"] = TLS_DH_anon_WITH_RC4_128_MD5;
|
237
|
+
//_ciphers["DH_anon_WITH_3DES_EDE_CBC_SHA"] = TLS_DH_anon_WITH_3DES_EDE_CBC_SHA;
|
238
|
+
_ciphers["DH_anon_WITH_AES_128_CBC_SHA256"] = TLS_DH_anon_WITH_AES_128_CBC_SHA256;
|
239
|
+
_ciphers["DH_anon_WITH_AES_256_CBC_SHA256"] = TLS_DH_anon_WITH_AES_256_CBC_SHA256;
|
240
|
+
|
241
|
+
//
|
242
|
+
// Addendum from RFC 4279, TLS PSK
|
243
|
+
//
|
244
|
+
_ciphers["PSK_WITH_RC4_128_SHA"] = TLS_PSK_WITH_RC4_128_SHA;
|
245
|
+
_ciphers["PSK_WITH_3DES_EDE_CBC_SHA"] = TLS_PSK_WITH_3DES_EDE_CBC_SHA;
|
246
|
+
_ciphers["PSK_WITH_AES_128_CBC_SHA"] = TLS_PSK_WITH_AES_128_CBC_SHA;
|
247
|
+
_ciphers["PSK_WITH_AES_256_CBC_SHA"] = TLS_PSK_WITH_AES_256_CBC_SHA;
|
248
|
+
_ciphers["DHE_PSK_WITH_RC4_128_SHA"] = TLS_DHE_PSK_WITH_RC4_128_SHA;
|
249
|
+
_ciphers["DHE_PSK_WITH_3DES_EDE_CBC_SHA"] = TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA;
|
250
|
+
_ciphers["DHE_PSK_WITH_AES_128_CBC_SHA"] = TLS_DHE_PSK_WITH_AES_128_CBC_SHA;
|
251
|
+
_ciphers["DHE_PSK_WITH_AES_256_CBC_SHA"] = TLS_DHE_PSK_WITH_AES_256_CBC_SHA;
|
252
|
+
_ciphers["RSA_PSK_WITH_RC4_128_SHA"] = TLS_RSA_PSK_WITH_RC4_128_SHA;
|
253
|
+
_ciphers["RSA_PSK_WITH_3DES_EDE_CBC_SHA"] = TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA;
|
254
|
+
_ciphers["RSA_PSK_WITH_AES_128_CBC_SHA"] = TLS_RSA_PSK_WITH_AES_128_CBC_SHA;
|
255
|
+
_ciphers["RSA_PSK_WITH_AES_256_CBC_SHA"] = TLS_RSA_PSK_WITH_AES_256_CBC_SHA;
|
256
|
+
|
257
|
+
//
|
258
|
+
// RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
|
259
|
+
//
|
260
|
+
_ciphers["PSK_WITH_NULL_SHA"] = TLS_PSK_WITH_NULL_SHA;
|
261
|
+
_ciphers["DHE_PSK_WITH_NULL_SHA"] = TLS_DHE_PSK_WITH_NULL_SHA;
|
262
|
+
_ciphers["RSA_PSK_WITH_NULL_SHA"] = TLS_RSA_PSK_WITH_NULL_SHA;
|
263
|
+
|
264
|
+
//
|
265
|
+
// Addenda from rfc 5288 AES Galois Counter Mode (GCM) Cipher Suites for TLS.
|
266
|
+
//
|
267
|
+
_ciphers["RSA_WITH_AES_128_GCM_SHA256"] = TLS_RSA_WITH_AES_128_GCM_SHA256;
|
268
|
+
_ciphers["RSA_WITH_AES_256_GCM_SHA384"] = TLS_RSA_WITH_AES_256_GCM_SHA384;
|
269
|
+
_ciphers["DHE_RSA_WITH_AES_128_GCM_SHA256"] = TLS_DHE_RSA_WITH_AES_128_GCM_SHA256;
|
270
|
+
_ciphers["DHE_RSA_WITH_AES_256_GCM_SHA384"] = TLS_DHE_RSA_WITH_AES_256_GCM_SHA384;
|
271
|
+
_ciphers["DH_RSA_WITH_AES_128_GCM_SHA256"] = TLS_DH_RSA_WITH_AES_128_GCM_SHA256;
|
272
|
+
_ciphers["DH_RSA_WITH_AES_256_GCM_SHA384"] = TLS_DH_RSA_WITH_AES_256_GCM_SHA384;
|
273
|
+
_ciphers["DHE_DSS_WITH_AES_128_GCM_SHA256"] = TLS_DHE_DSS_WITH_AES_128_GCM_SHA256;
|
274
|
+
_ciphers["DHE_DSS_WITH_AES_256_GCM_SHA384"] = TLS_DHE_DSS_WITH_AES_256_GCM_SHA384;
|
275
|
+
_ciphers["DH_DSS_WITH_AES_128_GCM_SHA256"] = TLS_DH_DSS_WITH_AES_128_GCM_SHA256;
|
276
|
+
_ciphers["DH_DSS_WITH_AES_256_GCM_SHA384"] = TLS_DH_DSS_WITH_AES_256_GCM_SHA384;
|
277
|
+
_ciphers["DH_anon_WITH_AES_128_GCM_SHA256"] = TLS_DH_anon_WITH_AES_128_GCM_SHA256;
|
278
|
+
_ciphers["DH_anon_WITH_AES_256_GCM_SHA384"] = TLS_DH_anon_WITH_AES_256_GCM_SHA384;
|
279
|
+
|
280
|
+
//
|
281
|
+
// RFC 5487 - PSK with SHA-256/384 and AES GCM
|
282
|
+
//
|
283
|
+
_ciphers["PSK_WITH_AES_128_GCM_SHA256"] = TLS_PSK_WITH_AES_128_GCM_SHA256;
|
284
|
+
_ciphers["PSK_WITH_AES_256_GCM_SHA384"] = TLS_PSK_WITH_AES_256_GCM_SHA384;
|
285
|
+
_ciphers["DHE_PSK_WITH_AES_128_GCM_SHA256"] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256;
|
286
|
+
_ciphers["DHE_PSK_WITH_AES_256_GCM_SHA384"] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384;
|
287
|
+
_ciphers["RSA_PSK_WITH_AES_128_GCM_SHA256"] = TLS_RSA_PSK_WITH_AES_128_GCM_SHA256;
|
288
|
+
_ciphers["RSA_PSK_WITH_AES_256_GCM_SHA384"] = TLS_RSA_PSK_WITH_AES_256_GCM_SHA384;
|
289
|
+
|
290
|
+
_ciphers["PSK_WITH_AES_128_CBC_SHA256"] = TLS_PSK_WITH_AES_128_CBC_SHA256;
|
291
|
+
_ciphers["PSK_WITH_AES_256_CBC_SHA384"] = TLS_PSK_WITH_AES_256_CBC_SHA384;
|
292
|
+
_ciphers["PSK_WITH_NULL_SHA256"] = TLS_PSK_WITH_NULL_SHA256;
|
293
|
+
_ciphers["PSK_WITH_NULL_SHA384"] = TLS_PSK_WITH_NULL_SHA384;
|
294
|
+
|
295
|
+
_ciphers["DHE_PSK_WITH_AES_128_CBC_SHA256"] = TLS_DHE_PSK_WITH_AES_128_CBC_SHA256;
|
296
|
+
_ciphers["DHE_PSK_WITH_AES_256_CBC_SHA384"] = TLS_DHE_PSK_WITH_AES_256_CBC_SHA384;
|
297
|
+
_ciphers["DHE_PSK_WITH_NULL_SHA256"] = TLS_DHE_PSK_WITH_NULL_SHA256;
|
298
|
+
_ciphers["DHE_PSK_WITH_NULL_SHA384"] = TLS_DHE_PSK_WITH_NULL_SHA384;
|
299
|
+
|
300
|
+
_ciphers["RSA_PSK_WITH_AES_128_CBC_SHA256"] = TLS_RSA_PSK_WITH_AES_128_CBC_SHA256;
|
301
|
+
_ciphers["RSA_PSK_WITH_AES_256_CBC_SHA384"] = TLS_RSA_PSK_WITH_AES_256_CBC_SHA384;
|
302
|
+
_ciphers["RSA_PSK_WITH_NULL_SHA256"] = TLS_RSA_PSK_WITH_NULL_SHA256;
|
303
|
+
_ciphers["RSA_PSK_WITH_NULL_SHA384"] = TLS_RSA_PSK_WITH_NULL_SHA384;
|
304
|
+
|
305
|
+
//
|
306
|
+
// Addenda from rfc 5289 Elliptic Curve Cipher Suites with HMAC SHA-256/384.
|
307
|
+
//
|
308
|
+
_ciphers["ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"] = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
|
309
|
+
_ciphers["ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
|
310
|
+
_ciphers["ECDH_ECDSA_WITH_AES_128_CBC_SHA256"] = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256;
|
311
|
+
_ciphers["ECDH_ECDSA_WITH_AES_256_CBC_SHA384"] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384;
|
312
|
+
_ciphers["ECDHE_RSA_WITH_AES_128_CBC_SHA256"] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
|
313
|
+
_ciphers["ECDHE_RSA_WITH_AES_256_CBC_SHA384"] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384;
|
314
|
+
_ciphers["ECDH_RSA_WITH_AES_128_CBC_SHA256"] = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256;
|
315
|
+
_ciphers["ECDH_RSA_WITH_AES_256_CBC_SHA384"] = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384;
|
316
|
+
|
317
|
+
//
|
318
|
+
// Addenda from rfc 5289 Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)
|
319
|
+
//
|
320
|
+
_ciphers["ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"] = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
|
321
|
+
_ciphers["ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"] = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
|
322
|
+
_ciphers["ECDH_ECDSA_WITH_AES_128_GCM_SHA256"] = TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256;
|
323
|
+
_ciphers["ECDH_ECDSA_WITH_AES_256_GCM_SHA384"] = TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384;
|
324
|
+
_ciphers["ECDHE_RSA_WITH_AES_128_GCM_SHA256"] = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
|
325
|
+
_ciphers["ECDHE_RSA_WITH_AES_256_GCM_SHA384"] = TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
|
326
|
+
_ciphers["ECDH_RSA_WITH_AES_128_GCM_SHA256"] = TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256;
|
327
|
+
_ciphers["ECDH_RSA_WITH_AES_256_GCM_SHA384"] = TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384;
|
328
|
+
|
329
|
+
//
|
330
|
+
// RFC 5746 - Secure Renegotiation
|
331
|
+
//
|
332
|
+
_ciphers["EMPTY_RENEGOTIATION_INFO_SCSV"] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV;
|
333
|
+
|
334
|
+
//
|
335
|
+
// Tags for SSL 2 cipher kinds that are not specified for SSL 3.
|
336
|
+
//
|
337
|
+
_ciphers["RSA_WITH_RC2_CBC_MD5"] = SSL_RSA_WITH_RC2_CBC_MD5;
|
338
|
+
_ciphers["RSA_WITH_IDEA_CBC_MD5"] = SSL_RSA_WITH_IDEA_CBC_MD5;
|
339
|
+
_ciphers["RSA_WITH_DES_CBC_MD5"] = SSL_RSA_WITH_DES_CBC_MD5;
|
340
|
+
_ciphers["RSA_WITH_3DES_EDE_CBC_MD5"] = SSL_RSA_WITH_3DES_EDE_CBC_MD5;
|
341
|
+
_ciphers["NO_SUCH_CIPHERSUITE"] = SSL_NO_SUCH_CIPHERSUITE;
|
342
|
+
}
|
343
|
+
}
|
344
|
+
|
345
|
+
SSLCipherSuite
|
346
|
+
CiphersHelper::cipherForName(const string& name)
|
347
|
+
{
|
348
|
+
map<string, SSLCipherSuite>::const_iterator i = _ciphers.find(name);
|
349
|
+
if(i == _ciphers.end() || i->second == SSL_NO_SUCH_CIPHERSUITE)
|
350
|
+
{
|
351
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: no such cipher " + name);
|
352
|
+
}
|
353
|
+
return i->second;
|
354
|
+
}
|
355
|
+
|
356
|
+
//
|
357
|
+
// Retrive the name of a cipher, SSLCipherSuite inlude duplicated values for TLS/SSL
|
358
|
+
// protocol ciphers, for example SSL_RSA_WITH_RC4_128_MD5/TLS_RSA_WITH_RC4_128_MD5
|
359
|
+
// are represeted by the same SSLCipherSuite value, the names return by this method
|
360
|
+
// doesn't include a protocol prefix.
|
361
|
+
//
|
362
|
+
string
|
363
|
+
CiphersHelper::cipherName(SSLCipherSuite cipher)
|
364
|
+
{
|
365
|
+
switch(cipher)
|
366
|
+
{
|
367
|
+
case SSL_NULL_WITH_NULL_NULL:
|
368
|
+
return "NULL_WITH_NULL_NULL";
|
369
|
+
case SSL_RSA_WITH_NULL_MD5:
|
370
|
+
return "RSA_WITH_NULL_MD5";
|
371
|
+
case SSL_RSA_WITH_NULL_SHA:
|
372
|
+
return "RSA_WITH_NULL_SHA";
|
373
|
+
case SSL_RSA_EXPORT_WITH_RC4_40_MD5:
|
374
|
+
return "RSA_EXPORT_WITH_RC4_40_MD5";
|
375
|
+
case SSL_RSA_WITH_RC4_128_MD5:
|
376
|
+
return "RSA_WITH_RC4_128_MD5";
|
377
|
+
case SSL_RSA_WITH_RC4_128_SHA:
|
378
|
+
return "RSA_WITH_RC4_128_SHA";
|
379
|
+
case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5:
|
380
|
+
return "RSA_EXPORT_WITH_RC2_CBC_40_MD5";
|
381
|
+
case SSL_RSA_WITH_IDEA_CBC_SHA:
|
382
|
+
return "RSA_WITH_IDEA_CBC_SHA";
|
383
|
+
case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA:
|
384
|
+
return "RSA_EXPORT_WITH_DES40_CBC_SHA";
|
385
|
+
case SSL_RSA_WITH_DES_CBC_SHA:
|
386
|
+
return "RSA_WITH_DES_CBC_SHA";
|
387
|
+
case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
|
388
|
+
return "RSA_WITH_3DES_EDE_CBC_SHA";
|
389
|
+
case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA:
|
390
|
+
return "DH_DSS_EXPORT_WITH_DES40_CBC_SHA";
|
391
|
+
case SSL_DH_DSS_WITH_DES_CBC_SHA:
|
392
|
+
return "DH_DSS_WITH_DES_CBC_SHA";
|
393
|
+
case SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA:
|
394
|
+
return "DH_DSS_WITH_3DES_EDE_CBC_SHA";
|
395
|
+
case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA:
|
396
|
+
return "DH_RSA_EXPORT_WITH_DES40_CBC_SHA";
|
397
|
+
case SSL_DH_RSA_WITH_DES_CBC_SHA:
|
398
|
+
return "DH_RSA_WITH_DES_CBC_SHA";
|
399
|
+
case SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA:
|
400
|
+
return "DH_RSA_WITH_3DES_EDE_CBC_SHA";
|
401
|
+
case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
|
402
|
+
return "DHE_DSS_EXPORT_WITH_DES40_CBC_SHA";
|
403
|
+
case SSL_DHE_DSS_WITH_DES_CBC_SHA:
|
404
|
+
return "DHE_DSS_WITH_DES_CBC_SHA";
|
405
|
+
case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
|
406
|
+
return "DHE_DSS_WITH_3DES_EDE_CBC_SHA";
|
407
|
+
case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
|
408
|
+
return "DHE_RSA_EXPORT_WITH_DES40_CBC_SHA";
|
409
|
+
case SSL_DHE_RSA_WITH_DES_CBC_SHA:
|
410
|
+
return "DHE_RSA_WITH_DES_CBC_SHA";
|
411
|
+
case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
|
412
|
+
return "DHE_RSA_WITH_3DES_EDE_CBC_SHA";
|
413
|
+
case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5:
|
414
|
+
return "DH_anon_EXPORT_WITH_RC4_40_MD5";
|
415
|
+
case SSL_DH_anon_WITH_RC4_128_MD5:
|
416
|
+
return "DH_anon_WITH_RC4_128_MD5";
|
417
|
+
case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA:
|
418
|
+
return "DH_anon_EXPORT_WITH_DES40_CBC_SHA";
|
419
|
+
case SSL_DH_anon_WITH_DES_CBC_SHA:
|
420
|
+
return "DH_anon_WITH_DES_CBC_SHA";
|
421
|
+
case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA:
|
422
|
+
return "DH_anon_WITH_3DES_EDE_CBC_SHA";
|
423
|
+
case SSL_FORTEZZA_DMS_WITH_NULL_SHA:
|
424
|
+
return "FORTEZZA_DMS_WITH_NULL_SHA";
|
425
|
+
case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA:
|
426
|
+
return "FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA";
|
427
|
+
|
428
|
+
//
|
429
|
+
// TLS addenda using AES, per RFC 3268
|
430
|
+
//
|
431
|
+
case TLS_RSA_WITH_AES_128_CBC_SHA:
|
432
|
+
return "RSA_WITH_AES_128_CBC_SHA";
|
433
|
+
case TLS_DH_DSS_WITH_AES_128_CBC_SHA:
|
434
|
+
return "DH_DSS_WITH_AES_128_CBC_SHA";
|
435
|
+
case TLS_DH_RSA_WITH_AES_128_CBC_SHA:
|
436
|
+
return "DH_RSA_WITH_AES_128_CBC_SHA";
|
437
|
+
case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
|
438
|
+
return "DHE_DSS_WITH_AES_128_CBC_SHA";
|
439
|
+
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
|
440
|
+
return "DHE_RSA_WITH_AES_128_CBC_SHA";
|
441
|
+
case TLS_DH_anon_WITH_AES_128_CBC_SHA:
|
442
|
+
return "DH_anon_WITH_AES_128_CBC_SHA";
|
443
|
+
case TLS_RSA_WITH_AES_256_CBC_SHA:
|
444
|
+
return "RSA_WITH_AES_256_CBC_SHA";
|
445
|
+
case TLS_DH_DSS_WITH_AES_256_CBC_SHA:
|
446
|
+
return "DH_DSS_WITH_AES_256_CBC_SHA";
|
447
|
+
case TLS_DH_RSA_WITH_AES_256_CBC_SHA:
|
448
|
+
return "DH_RSA_WITH_AES_256_CBC_SHA";
|
449
|
+
case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
|
450
|
+
return "DHE_DSS_WITH_AES_256_CBC_SHA";
|
451
|
+
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
|
452
|
+
return "DHE_RSA_WITH_AES_256_CBC_SHA";
|
453
|
+
case TLS_DH_anon_WITH_AES_256_CBC_SHA:
|
454
|
+
return "DH_anon_WITH_AES_256_CBC_SHA";
|
455
|
+
|
456
|
+
//
|
457
|
+
// ECDSA addenda, RFC 4492
|
458
|
+
//
|
459
|
+
case TLS_ECDH_ECDSA_WITH_NULL_SHA:
|
460
|
+
return "ECDH_ECDSA_WITH_NULL_SHA";
|
461
|
+
case TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
|
462
|
+
return "ECDH_ECDSA_WITH_RC4_128_SHA";
|
463
|
+
case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
|
464
|
+
return "ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA";
|
465
|
+
case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
|
466
|
+
return "ECDH_ECDSA_WITH_AES_128_CBC_SHA";
|
467
|
+
case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
|
468
|
+
return "ECDH_ECDSA_WITH_AES_256_CBC_SHA";
|
469
|
+
case TLS_ECDHE_ECDSA_WITH_NULL_SHA:
|
470
|
+
return "ECDHE_ECDSA_WITH_NULL_SHA";
|
471
|
+
case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
|
472
|
+
return "ECDHE_ECDSA_WITH_RC4_128_SHA";
|
473
|
+
case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
|
474
|
+
return "ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA";
|
475
|
+
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
|
476
|
+
return "ECDHE_ECDSA_WITH_AES_128_CBC_SHA";
|
477
|
+
case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
|
478
|
+
return "ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
|
479
|
+
case TLS_ECDH_RSA_WITH_NULL_SHA:
|
480
|
+
return "ECDH_RSA_WITH_NULL_SHA";
|
481
|
+
case TLS_ECDH_RSA_WITH_RC4_128_SHA:
|
482
|
+
return "ECDH_RSA_WITH_RC4_128_SHA";
|
483
|
+
case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
|
484
|
+
return "ECDH_RSA_WITH_3DES_EDE_CBC_SHA";
|
485
|
+
case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
|
486
|
+
return "ECDH_RSA_WITH_AES_128_CBC_SHA";
|
487
|
+
case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
|
488
|
+
return "ECDH_RSA_WITH_AES_256_CBC_SHA";
|
489
|
+
case TLS_ECDHE_RSA_WITH_NULL_SHA:
|
490
|
+
return "ECDHE_RSA_WITH_NULL_SHA";
|
491
|
+
case TLS_ECDHE_RSA_WITH_RC4_128_SHA:
|
492
|
+
return "ECDHE_RSA_WITH_RC4_128_SHA";
|
493
|
+
case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
|
494
|
+
return "ECDHE_RSA_WITH_3DES_EDE_CBC_SHA";
|
495
|
+
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
|
496
|
+
return "ECDHE_RSA_WITH_AES_128_CBC_SHA";
|
497
|
+
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
|
498
|
+
return "ECDHE_RSA_WITH_AES_256_CBC_SHA";
|
499
|
+
case TLS_ECDH_anon_WITH_NULL_SHA:
|
500
|
+
return "ECDH_anon_WITH_NULL_SHA";
|
501
|
+
case TLS_ECDH_anon_WITH_RC4_128_SHA:
|
502
|
+
return "ECDH_anon_WITH_RC4_128_SHA";
|
503
|
+
case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
|
504
|
+
return "ECDH_anon_WITH_3DES_EDE_CBC_SHA";
|
505
|
+
case TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
|
506
|
+
return "ECDH_anon_WITH_AES_128_CBC_SHA";
|
507
|
+
case TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
|
508
|
+
return "ECDH_anon_WITH_AES_256_CBC_SHA";
|
509
|
+
|
510
|
+
//
|
511
|
+
// TLS 1.2 addenda, RFC 5246
|
512
|
+
//
|
513
|
+
//case TLS_NULL_WITH_NULL_NULL:
|
514
|
+
// return "NULL_WITH_NULL_NULL";
|
515
|
+
|
516
|
+
//
|
517
|
+
// Server provided RSA certificate for key exchange.
|
518
|
+
//
|
519
|
+
//case TLS_RSA_WITH_NULL_MD5:
|
520
|
+
// return "RSA_WITH_NULL_MD5";
|
521
|
+
//case TLS_RSA_WITH_NULL_SHA:
|
522
|
+
// return "RSA_WITH_NULL_SHA";
|
523
|
+
//case TLS_RSA_WITH_RC4_128_MD5:
|
524
|
+
// return "RSA_WITH_RC4_128_MD5";
|
525
|
+
//case TLS_RSA_WITH_RC4_128_SHA:
|
526
|
+
// return "RSA_WITH_RC4_128_SHA";
|
527
|
+
//case TLS_RSA_WITH_3DES_EDE_CBC_SHA:
|
528
|
+
// return "RSA_WITH_3DES_EDE_CBC_SHA";
|
529
|
+
case TLS_RSA_WITH_NULL_SHA256:
|
530
|
+
return "RSA_WITH_NULL_SHA256";
|
531
|
+
case TLS_RSA_WITH_AES_128_CBC_SHA256:
|
532
|
+
return "RSA_WITH_AES_128_CBC_SHA256";
|
533
|
+
case TLS_RSA_WITH_AES_256_CBC_SHA256:
|
534
|
+
return "RSA_WITH_AES_256_CBC_SHA256";
|
535
|
+
|
536
|
+
//
|
537
|
+
// Server-authenticated (and optionally client-authenticated) Diffie-Hellman.
|
538
|
+
//
|
539
|
+
//case TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
|
540
|
+
// return "DH_DSS_WITH_3DES_EDE_CBC_SHA";
|
541
|
+
//case TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
|
542
|
+
// return "DH_RSA_WITH_3DES_EDE_CBC_SHA";
|
543
|
+
//case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
|
544
|
+
// return "DHE_DSS_WITH_3DES_EDE_CBC_SHA";
|
545
|
+
//case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
|
546
|
+
// return "DHE_RSA_WITH_3DES_EDE_CBC_SHA";
|
547
|
+
case TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
|
548
|
+
return "DH_DSS_WITH_AES_128_CBC_SHA256";
|
549
|
+
case TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
|
550
|
+
return "DH_RSA_WITH_AES_128_CBC_SHA256";
|
551
|
+
case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
|
552
|
+
return "DHE_DSS_WITH_AES_128_CBC_SHA256";
|
553
|
+
case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
|
554
|
+
return "DHE_RSA_WITH_AES_128_CBC_SHA256";
|
555
|
+
case TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
|
556
|
+
return "DH_DSS_WITH_AES_256_CBC_SHA256";
|
557
|
+
case TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
|
558
|
+
return "DH_RSA_WITH_AES_256_CBC_SHA256";
|
559
|
+
case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
|
560
|
+
return "DHE_DSS_WITH_AES_256_CBC_SHA256";
|
561
|
+
case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
|
562
|
+
return "DHE_RSA_WITH_AES_256_CBC_SHA256";
|
563
|
+
|
564
|
+
//
|
565
|
+
// Completely anonymous Diffie-Hellman
|
566
|
+
//
|
567
|
+
//case TLS_DH_anon_WITH_RC4_128_MD5:
|
568
|
+
// return "DH_anon_WITH_RC4_128_MD5";
|
569
|
+
//case TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
|
570
|
+
// return "DH_anon_WITH_3DES_EDE_CBC_SHA";
|
571
|
+
case TLS_DH_anon_WITH_AES_128_CBC_SHA256:
|
572
|
+
return "DH_anon_WITH_AES_128_CBC_SHA256";
|
573
|
+
case TLS_DH_anon_WITH_AES_256_CBC_SHA256:
|
574
|
+
return "DH_anon_WITH_AES_256_CBC_SHA256";
|
575
|
+
|
576
|
+
//
|
577
|
+
// Addendum from RFC 4279, TLS PSK
|
578
|
+
//
|
579
|
+
case TLS_PSK_WITH_RC4_128_SHA:
|
580
|
+
return "PSK_WITH_RC4_128_SHA";
|
581
|
+
case TLS_PSK_WITH_3DES_EDE_CBC_SHA:
|
582
|
+
return "PSK_WITH_3DES_EDE_CBC_SHA";
|
583
|
+
case TLS_PSK_WITH_AES_128_CBC_SHA:
|
584
|
+
return "PSK_WITH_AES_128_CBC_SHA";
|
585
|
+
case TLS_PSK_WITH_AES_256_CBC_SHA:
|
586
|
+
return "PSK_WITH_AES_256_CBC_SHA";
|
587
|
+
case TLS_DHE_PSK_WITH_RC4_128_SHA:
|
588
|
+
return "DHE_PSK_WITH_RC4_128_SHA";
|
589
|
+
case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
|
590
|
+
return "DHE_PSK_WITH_3DES_EDE_CBC_SHA";
|
591
|
+
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
|
592
|
+
return "DHE_PSK_WITH_AES_128_CBC_SHA";
|
593
|
+
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
|
594
|
+
return "DHE_PSK_WITH_AES_256_CBC_SHA";
|
595
|
+
case TLS_RSA_PSK_WITH_RC4_128_SHA:
|
596
|
+
return "RSA_PSK_WITH_RC4_128_SHA";
|
597
|
+
case TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
|
598
|
+
return "RSA_PSK_WITH_3DES_EDE_CBC_SHA";
|
599
|
+
case TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
|
600
|
+
return "RSA_PSK_WITH_AES_128_CBC_SHA";
|
601
|
+
case TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
|
602
|
+
return "RSA_PSK_WITH_AES_256_CBC_SHA";
|
603
|
+
|
604
|
+
//
|
605
|
+
// RFC 4785 - Pre-Shared Key (PSK) Ciphersuites with NULL Encryption
|
606
|
+
//
|
607
|
+
case TLS_PSK_WITH_NULL_SHA:
|
608
|
+
return "PSK_WITH_NULL_SHA";
|
609
|
+
case TLS_DHE_PSK_WITH_NULL_SHA:
|
610
|
+
return "DHE_PSK_WITH_NULL_SHA";
|
611
|
+
case TLS_RSA_PSK_WITH_NULL_SHA:
|
612
|
+
return "RSA_PSK_WITH_NULL_SHA";
|
613
|
+
|
614
|
+
//
|
615
|
+
// Addenda from rfc 5288 AES Galois Counter Mode (GCM) Cipher Suites for TLS.
|
616
|
+
//
|
617
|
+
case TLS_RSA_WITH_AES_128_GCM_SHA256:
|
618
|
+
return "RSA_WITH_AES_128_GCM_SHA256";
|
619
|
+
case TLS_RSA_WITH_AES_256_GCM_SHA384:
|
620
|
+
return "RSA_WITH_AES_256_GCM_SHA384";
|
621
|
+
case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
|
622
|
+
return "DHE_RSA_WITH_AES_128_GCM_SHA256";
|
623
|
+
case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
|
624
|
+
return "DHE_RSA_WITH_AES_256_GCM_SHA384";
|
625
|
+
case TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
|
626
|
+
return "DH_RSA_WITH_AES_128_GCM_SHA256";
|
627
|
+
case TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
|
628
|
+
return "DH_RSA_WITH_AES_256_GCM_SHA384";
|
629
|
+
case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
|
630
|
+
return "DHE_DSS_WITH_AES_128_GCM_SHA256";
|
631
|
+
case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
|
632
|
+
return "DHE_DSS_WITH_AES_256_GCM_SHA384";
|
633
|
+
case TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
|
634
|
+
return "DH_DSS_WITH_AES_128_GCM_SHA256";
|
635
|
+
case TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
|
636
|
+
return "DH_DSS_WITH_AES_256_GCM_SHA384";
|
637
|
+
case TLS_DH_anon_WITH_AES_128_GCM_SHA256:
|
638
|
+
return "DH_anon_WITH_AES_128_GCM_SHA256";
|
639
|
+
case TLS_DH_anon_WITH_AES_256_GCM_SHA384:
|
640
|
+
return "DH_anon_WITH_AES_256_GCM_SHA384";
|
641
|
+
|
642
|
+
//
|
643
|
+
// RFC 5487 - PSK with SHA-256/384 and AES GCM
|
644
|
+
//
|
645
|
+
case TLS_PSK_WITH_AES_128_GCM_SHA256:
|
646
|
+
return "PSK_WITH_AES_128_GCM_SHA256";
|
647
|
+
case TLS_PSK_WITH_AES_256_GCM_SHA384:
|
648
|
+
return "PSK_WITH_AES_256_GCM_SHA384";
|
649
|
+
case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
|
650
|
+
return "DHE_PSK_WITH_AES_128_GCM_SHA256";
|
651
|
+
case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
|
652
|
+
return "DHE_PSK_WITH_AES_256_GCM_SHA384";
|
653
|
+
case TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
|
654
|
+
return "RSA_PSK_WITH_AES_128_GCM_SHA256";
|
655
|
+
case TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
|
656
|
+
return "RSA_PSK_WITH_AES_256_GCM_SHA384";
|
657
|
+
|
658
|
+
case TLS_PSK_WITH_AES_128_CBC_SHA256:
|
659
|
+
return "PSK_WITH_AES_128_CBC_SHA256";
|
660
|
+
case TLS_PSK_WITH_AES_256_CBC_SHA384:
|
661
|
+
return "PSK_WITH_AES_256_CBC_SHA384";
|
662
|
+
case TLS_PSK_WITH_NULL_SHA256:
|
663
|
+
return "WITH_NULL_SHA256";
|
664
|
+
case TLS_PSK_WITH_NULL_SHA384:
|
665
|
+
return "PSK_WITH_NULL_SHA384";
|
666
|
+
|
667
|
+
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
|
668
|
+
return "DHE_PSK_WITH_AES_128_CBC_SHA256";
|
669
|
+
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
|
670
|
+
return "DHE_PSK_WITH_AES_256_CBC_SHA384";
|
671
|
+
case TLS_DHE_PSK_WITH_NULL_SHA256:
|
672
|
+
return "DHE_PSK_WITH_NULL_SHA256";
|
673
|
+
case TLS_DHE_PSK_WITH_NULL_SHA384:
|
674
|
+
return "DHE_PSK_WITH_NULL_SHA384";
|
675
|
+
|
676
|
+
case TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
|
677
|
+
return "RSA_PSK_WITH_AES_128_CBC_SHA256";
|
678
|
+
case TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
|
679
|
+
return "RSA_PSK_WITH_AES_256_CBC_SHA384";
|
680
|
+
case TLS_RSA_PSK_WITH_NULL_SHA256:
|
681
|
+
return "RSA_PSK_WITH_NULL_SHA256";
|
682
|
+
case TLS_RSA_PSK_WITH_NULL_SHA384:
|
683
|
+
return "RSA_PSK_WITH_NULL_SHA384";
|
684
|
+
|
685
|
+
//
|
686
|
+
// Addenda from rfc 5289 Elliptic Curve Cipher Suites with HMAC SHA-256/384.
|
687
|
+
//
|
688
|
+
case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
|
689
|
+
return "ECDHE_ECDSA_WITH_AES_128_CBC_SHA256";
|
690
|
+
case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
|
691
|
+
return "ECDHE_ECDSA_WITH_AES_256_CBC_SHA384";
|
692
|
+
case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
|
693
|
+
return "ECDH_ECDSA_WITH_AES_128_CBC_SHA256";
|
694
|
+
case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
|
695
|
+
return "ECDH_ECDSA_WITH_AES_256_CBC_SHA384";
|
696
|
+
case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
|
697
|
+
return "ECDHE_RSA_WITH_AES_128_CBC_SHA256";
|
698
|
+
case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
|
699
|
+
return "ECDHE_RSA_WITH_AES_256_CBC_SHA384";
|
700
|
+
case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
|
701
|
+
return "ECDH_RSA_WITH_AES_128_CBC_SHA256";
|
702
|
+
case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
|
703
|
+
return "ECDH_RSA_WITH_AES_256_CBC_SHA384";
|
704
|
+
|
705
|
+
//
|
706
|
+
// Addenda from rfc 5289 Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois Counter Mode (GCM)
|
707
|
+
//
|
708
|
+
case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
|
709
|
+
return "ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
|
710
|
+
case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
|
711
|
+
return "ECDHE_ECDSA_WITH_AES_256_GCM_SHA384";
|
712
|
+
case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
|
713
|
+
return "ECDH_ECDSA_WITH_AES_128_GCM_SHA256";
|
714
|
+
case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
|
715
|
+
return "ECDH_ECDSA_WITH_AES_256_GCM_SHA384";
|
716
|
+
case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
|
717
|
+
return "ECDHE_RSA_WITH_AES_128_GCM_SHA256";
|
718
|
+
case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
|
719
|
+
return "ECDHE_RSA_WITH_AES_256_GCM_SHA384";
|
720
|
+
case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
|
721
|
+
return "ECDH_RSA_WITH_AES_128_GCM_SHA256";
|
722
|
+
case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
|
723
|
+
return "ECDH_RSA_WITH_AES_256_GCM_SHA384";
|
724
|
+
|
725
|
+
//
|
726
|
+
// RFC 5746 - Secure Renegotiation
|
727
|
+
//
|
728
|
+
case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
|
729
|
+
return "EMPTY_RENEGOTIATION_INFO_SCSV";
|
730
|
+
|
731
|
+
//
|
732
|
+
// Tags for SSL 2 cipher kinds that are not specified for SSL 3.
|
733
|
+
//
|
734
|
+
case SSL_RSA_WITH_RC2_CBC_MD5:
|
735
|
+
return "RSA_WITH_RC2_CBC_MD5";
|
736
|
+
case SSL_RSA_WITH_IDEA_CBC_MD5:
|
737
|
+
return "RSA_WITH_IDEA_CBC_MD5";
|
738
|
+
case SSL_RSA_WITH_DES_CBC_MD5:
|
739
|
+
return "RSA_WITH_DES_CBC_MD5";
|
740
|
+
case SSL_RSA_WITH_3DES_EDE_CBC_MD5:
|
741
|
+
return "RSA_WITH_3DES_EDE_CBC_MD5";
|
742
|
+
default:
|
743
|
+
return "";
|
744
|
+
}
|
745
|
+
}
|
746
|
+
|
747
|
+
map<string, SSLCipherSuite>
|
748
|
+
CiphersHelper::ciphers()
|
749
|
+
{
|
750
|
+
return _ciphers;
|
751
|
+
}
|
752
|
+
|
753
|
+
SSLProtocol
|
754
|
+
parseProtocol(const string& p)
|
755
|
+
{
|
756
|
+
const string prot = IceUtilInternal::toUpper(p);
|
757
|
+
if(prot == "SSL3" || prot == "SSLV3")
|
758
|
+
{
|
759
|
+
return kSSLProtocol3;
|
760
|
+
}
|
761
|
+
else if(prot == "TLS" || prot == "TLS1" || prot == "TLSV1" || prot == "TLS1_0" || prot == "TLSV1_0")
|
762
|
+
{
|
763
|
+
return kTLSProtocol1;
|
764
|
+
}
|
765
|
+
else if(prot == "TLS1_1" || prot == "TLSV1_1")
|
766
|
+
{
|
767
|
+
return kTLSProtocol11;
|
768
|
+
}
|
769
|
+
else if(prot == "TLS1_2" || prot == "TLSV1_2")
|
770
|
+
{
|
771
|
+
return kTLSProtocol12;
|
772
|
+
}
|
773
|
+
else
|
774
|
+
{
|
775
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unrecognized protocol `" + p + "'");
|
776
|
+
}
|
777
|
+
}
|
778
|
+
|
779
|
+
}
|
780
|
+
|
781
|
+
IceUtil::Shared* IceSSL::upCast(IceSSL::SecureTransportEngine* p) { return p; }
|
782
|
+
|
783
|
+
IceSSL::SecureTransportEngine::SecureTransportEngine(const Ice::CommunicatorPtr& communicator) :
|
784
|
+
SSLEngine(communicator),
|
785
|
+
_initialized(false),
|
786
|
+
_certificateAuthorities(0),
|
787
|
+
_chain(0),
|
788
|
+
_protocolVersionMax(kSSLProtocolUnknown),
|
789
|
+
_protocolVersionMin(kSSLProtocolUnknown)
|
790
|
+
{
|
791
|
+
}
|
792
|
+
|
793
|
+
bool
|
794
|
+
IceSSL::SecureTransportEngine::initialized() const
|
795
|
+
{
|
796
|
+
IceUtil::Mutex::Lock lock(_mutex);
|
797
|
+
return _initialized;
|
798
|
+
}
|
799
|
+
//
|
800
|
+
// Setup the engine.
|
801
|
+
//
|
802
|
+
void
|
803
|
+
IceSSL::SecureTransportEngine::initialize()
|
804
|
+
{
|
805
|
+
IceUtil::Mutex::Lock lock(_mutex);
|
806
|
+
if(_initialized)
|
807
|
+
{
|
808
|
+
return;
|
809
|
+
}
|
810
|
+
|
811
|
+
SSLEngine::initialize();
|
812
|
+
|
813
|
+
const string propPrefix = "IceSSL.";
|
814
|
+
const PropertiesPtr properties = communicator()->getProperties();
|
815
|
+
|
816
|
+
//
|
817
|
+
// Check for a default directory. We look in this directory for
|
818
|
+
// files mentioned in the configuration.
|
819
|
+
//
|
820
|
+
string defaultDir = properties->getProperty(propPrefix + "DefaultDir");
|
821
|
+
|
822
|
+
//
|
823
|
+
// Open the application KeyChain or create it if the keychain doesn't exists
|
824
|
+
//
|
825
|
+
string keychainPath = properties->getProperty("IceSSL.Keychain");
|
826
|
+
string keychainPassword = properties->getProperty("IceSSL.KeychainPassword");
|
827
|
+
|
828
|
+
bool usePassword = !keychainPassword.empty();
|
829
|
+
size_t size = keychainPassword.size();
|
830
|
+
const char* password = usePassword ? keychainPassword.c_str() : 0;
|
831
|
+
|
832
|
+
CFDataRef hash = 0;
|
833
|
+
SecKeychainRef keychain = 0;
|
834
|
+
SecCertificateRef cert = 0;
|
835
|
+
SecKeyRef key = 0;
|
836
|
+
SecIdentityRef identity = 0;
|
837
|
+
|
838
|
+
try
|
839
|
+
{
|
840
|
+
OSStatus err = 0;
|
841
|
+
if(keychainPath.empty())
|
842
|
+
{
|
843
|
+
if((err = SecKeychainCopyDefault(&keychain)))
|
844
|
+
{
|
845
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
846
|
+
"IceSSL: unable to retrieve default keychain:\n" + errorToString(err));
|
847
|
+
}
|
848
|
+
}
|
849
|
+
else
|
850
|
+
{
|
851
|
+
//
|
852
|
+
// KeyChain path is relative to the current working directory.
|
853
|
+
//
|
854
|
+
if(!IceUtilInternal::isAbsolutePath(keychainPath))
|
855
|
+
{
|
856
|
+
string cwd;
|
857
|
+
if(IceUtilInternal::getcwd(cwd) == 0)
|
858
|
+
{
|
859
|
+
keychainPath = string(cwd) + '/' + keychainPath;
|
860
|
+
}
|
861
|
+
}
|
862
|
+
|
863
|
+
if((err = SecKeychainOpen(keychainPath.c_str(), &keychain)))
|
864
|
+
{
|
865
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: unable to open keychain: `" +
|
866
|
+
keychainPath + "'\n" + errorToString(err));
|
867
|
+
}
|
868
|
+
}
|
869
|
+
|
870
|
+
SecKeychainStatus status;
|
871
|
+
err = SecKeychainGetStatus(keychain, &status);
|
872
|
+
|
873
|
+
if(err == noErr)
|
874
|
+
{
|
875
|
+
if((err = SecKeychainUnlock(keychain, size, password, usePassword)))
|
876
|
+
{
|
877
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
878
|
+
"IceSSL: unable to unlock keychain:\n" + errorToString(err));
|
879
|
+
}
|
880
|
+
}
|
881
|
+
else if(err == errSecNoSuchKeychain)
|
882
|
+
{
|
883
|
+
if((err = SecKeychainCreate(keychainPath.c_str(), size, password, keychainPassword.empty(), 0, &keychain)))
|
884
|
+
{
|
885
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
886
|
+
"IceSSL: unable to create keychain:\n" + errorToString(err));
|
887
|
+
}
|
888
|
+
}
|
889
|
+
else
|
890
|
+
{
|
891
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
892
|
+
"IceSSL: unable to open keychain:\n" + errorToString(err));
|
893
|
+
}
|
894
|
+
|
895
|
+
//
|
896
|
+
// Set keychain settings to avoid keychain lock.
|
897
|
+
//
|
898
|
+
SecKeychainSettings settings;
|
899
|
+
settings.version = SEC_KEYCHAIN_SETTINGS_VERS1;
|
900
|
+
settings.lockOnSleep = FALSE;
|
901
|
+
settings.useLockInterval = FALSE;
|
902
|
+
settings.lockInterval = INT_MAX;
|
903
|
+
|
904
|
+
if((err = SecKeychainSetSettings(keychain, &settings)))
|
905
|
+
{
|
906
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
907
|
+
"IceSSL: error setting keychain settings:\n" + errorToString(err));
|
908
|
+
}
|
909
|
+
|
910
|
+
int passwordRetryMax = properties->getPropertyAsIntWithDefault(propPrefix + "PasswordRetryMax", 3);
|
911
|
+
PasswordPromptPtr passwordPrompt = getPasswordPrompt();
|
912
|
+
|
913
|
+
//
|
914
|
+
// Load the CA certificates used to authenticate peers into
|
915
|
+
// _certificateAuthorities array.
|
916
|
+
//
|
917
|
+
{
|
918
|
+
try
|
919
|
+
{
|
920
|
+
string caFile = properties->getProperty(propPrefix + "CertAuthFile");
|
921
|
+
if(!caFile.empty())
|
922
|
+
{
|
923
|
+
if(!checkPath(caFile, defaultDir, false))
|
924
|
+
{
|
925
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
926
|
+
"IceSSL: CA certificate file not found:\n" + caFile);
|
927
|
+
}
|
928
|
+
_certificateAuthorities = loadCACertificates(caFile);
|
929
|
+
}
|
930
|
+
}
|
931
|
+
catch(const CertificateReadException& ce)
|
932
|
+
{
|
933
|
+
throw PluginInitializationException(__FILE__, __LINE__, ce.reason);
|
934
|
+
}
|
935
|
+
catch(const CertificateEncodingException& ce)
|
936
|
+
{
|
937
|
+
throw PluginInitializationException(__FILE__, __LINE__, ce.reason);
|
938
|
+
}
|
939
|
+
}
|
940
|
+
|
941
|
+
//
|
942
|
+
// Import the application certificate and private keys into the application
|
943
|
+
// keychain.
|
944
|
+
//
|
945
|
+
{
|
946
|
+
string certFile = properties->getProperty(propPrefix + "CertFile");
|
947
|
+
string keyFile = properties->getPropertyWithDefault(propPrefix + "KeyFile", certFile);
|
948
|
+
vector<string>::size_type numCerts = 0;
|
949
|
+
|
950
|
+
if(!certFile.empty())
|
951
|
+
{
|
952
|
+
vector<string> files;
|
953
|
+
if(!IceUtilInternal::splitString(certFile, IceUtilInternal::pathsep, files) || files.size() > 2)
|
954
|
+
{
|
955
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: invalid value for " + propPrefix +
|
956
|
+
"CertFile:\n" + certFile);
|
957
|
+
}
|
958
|
+
numCerts = files.size();
|
959
|
+
for(vector<string>::iterator p = files.begin(); p != files.end();)
|
960
|
+
{
|
961
|
+
string file = *p;
|
962
|
+
if(!checkPath(file, defaultDir, false))
|
963
|
+
{
|
964
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
965
|
+
"IceSSL: certificate file not found:\n" + file);
|
966
|
+
}
|
967
|
+
|
968
|
+
try
|
969
|
+
{
|
970
|
+
loadCertificate(&cert, &hash, &key, keychain, file,
|
971
|
+
properties->getProperty(propPrefix + "Password"), passwordPrompt,
|
972
|
+
passwordRetryMax);
|
973
|
+
break;
|
974
|
+
}
|
975
|
+
catch(const CertificateReadException& ce)
|
976
|
+
{
|
977
|
+
//
|
978
|
+
// If this is the last certificate rethrow the exception as PluginInitializationException,
|
979
|
+
// otherwise try the next certificate.
|
980
|
+
//
|
981
|
+
if(++p == files.end())
|
982
|
+
{
|
983
|
+
throw PluginInitializationException(__FILE__, __LINE__, ce.reason);
|
984
|
+
}
|
985
|
+
}
|
986
|
+
}
|
987
|
+
}
|
988
|
+
|
989
|
+
if(!key && !keyFile.empty())
|
990
|
+
{
|
991
|
+
vector<string> files;
|
992
|
+
if(!IceUtilInternal::splitString(keyFile, IceUtilInternal::pathsep, files) || files.size() > 2)
|
993
|
+
{
|
994
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
995
|
+
"IceSSL: invalid value for " + propPrefix + "KeyFile:\n" + keyFile);
|
996
|
+
}
|
997
|
+
if(files.size() != numCerts)
|
998
|
+
{
|
999
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1000
|
+
"IceSSL: IceSSL.KeyFile does not agree with IceSSL.CertFile");
|
1001
|
+
}
|
1002
|
+
for(vector<string>::iterator p = files.begin(); p != files.end();)
|
1003
|
+
{
|
1004
|
+
string file = *p;
|
1005
|
+
if(!checkPath(file, defaultDir, false))
|
1006
|
+
{
|
1007
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1008
|
+
"IceSSL: key file not found:\n" + file);
|
1009
|
+
}
|
1010
|
+
|
1011
|
+
try
|
1012
|
+
{
|
1013
|
+
loadPrivateKey(&key, keyLabel(cert), hash, keychain, file,
|
1014
|
+
properties->getProperty(propPrefix + "Password"),
|
1015
|
+
passwordPrompt, passwordRetryMax);
|
1016
|
+
break;
|
1017
|
+
}
|
1018
|
+
catch(const CertificateReadException& ce)
|
1019
|
+
{
|
1020
|
+
//
|
1021
|
+
// If this is the last key rethrow the exception as PluginInitializationException,
|
1022
|
+
// otherwise try the next certificate.
|
1023
|
+
//
|
1024
|
+
if(++p == files.end())
|
1025
|
+
{
|
1026
|
+
PluginInitializationException ex(__FILE__, __LINE__, ce.reason);
|
1027
|
+
throw ex;
|
1028
|
+
}
|
1029
|
+
}
|
1030
|
+
}
|
1031
|
+
}
|
1032
|
+
|
1033
|
+
if(!cert)
|
1034
|
+
{
|
1035
|
+
const string prop = propPrefix + "FindCert";
|
1036
|
+
string val = properties->getProperty(prop);
|
1037
|
+
if(!val.empty())
|
1038
|
+
{
|
1039
|
+
if(!(cert = findCertificates(keychain, prop, val)))
|
1040
|
+
{
|
1041
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: no certificates found");
|
1042
|
+
}
|
1043
|
+
}
|
1044
|
+
}
|
1045
|
+
|
1046
|
+
if(cert)
|
1047
|
+
{
|
1048
|
+
if((err = SecIdentityCreateWithCertificate(keychain, cert, &identity)) != noErr)
|
1049
|
+
{
|
1050
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1051
|
+
"IceSSL: error creating certificate identity:\n" + errorToString(err));
|
1052
|
+
}
|
1053
|
+
}
|
1054
|
+
|
1055
|
+
if(identity)
|
1056
|
+
{
|
1057
|
+
SecTrustRef trust = 0;
|
1058
|
+
try
|
1059
|
+
{
|
1060
|
+
//
|
1061
|
+
// Retrieve the certificate chain
|
1062
|
+
//
|
1063
|
+
SecPolicyRef policy = SecPolicyCreateSSL(true, 0);
|
1064
|
+
err = SecTrustCreateWithCertificates((CFArrayRef)cert, policy, &trust);
|
1065
|
+
CFRelease(policy);
|
1066
|
+
if(err || !trust)
|
1067
|
+
{
|
1068
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1069
|
+
"IceSSL: error creating trust object" + (err ? ":\n" + errorToString(err) : ""));
|
1070
|
+
}
|
1071
|
+
|
1072
|
+
if((err = SecTrustSetAnchorCertificates(trust, _certificateAuthorities)))
|
1073
|
+
{
|
1074
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1075
|
+
"IceSSL: error while establish the anchor certificates:\n" + errorToString(err));
|
1076
|
+
}
|
1077
|
+
|
1078
|
+
SecTrustResultType trustResult;
|
1079
|
+
if((err = SecTrustEvaluate(trust, &trustResult)))
|
1080
|
+
{
|
1081
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1082
|
+
"IceSSL: error evaluating trust:\n" + errorToString(err));
|
1083
|
+
}
|
1084
|
+
|
1085
|
+
int chainLength = SecTrustGetCertificateCount(trust);
|
1086
|
+
_chain = CFArrayCreateMutable(kCFAllocatorDefault, chainLength, &kCFTypeArrayCallBacks);
|
1087
|
+
CFArrayAppendValue(_chain, identity);
|
1088
|
+
for(int i = 1; i < chainLength; ++i)
|
1089
|
+
{
|
1090
|
+
CFArrayAppendValue(_chain, SecTrustGetCertificateAtIndex(trust, i));
|
1091
|
+
}
|
1092
|
+
CFRelease(trust);
|
1093
|
+
}
|
1094
|
+
catch(...)
|
1095
|
+
{
|
1096
|
+
if(trust)
|
1097
|
+
{
|
1098
|
+
CFRelease(trust);
|
1099
|
+
}
|
1100
|
+
throw;
|
1101
|
+
}
|
1102
|
+
}
|
1103
|
+
|
1104
|
+
if(hash)
|
1105
|
+
{
|
1106
|
+
CFRelease(hash);
|
1107
|
+
}
|
1108
|
+
|
1109
|
+
if(keychain)
|
1110
|
+
{
|
1111
|
+
CFRelease(keychain);
|
1112
|
+
}
|
1113
|
+
|
1114
|
+
if(cert)
|
1115
|
+
{
|
1116
|
+
CFRelease(cert);
|
1117
|
+
}
|
1118
|
+
|
1119
|
+
if(key)
|
1120
|
+
{
|
1121
|
+
CFRelease(key);
|
1122
|
+
}
|
1123
|
+
|
1124
|
+
if(identity)
|
1125
|
+
{
|
1126
|
+
CFRelease(identity);
|
1127
|
+
}
|
1128
|
+
}
|
1129
|
+
}
|
1130
|
+
catch(...)
|
1131
|
+
{
|
1132
|
+
if(hash)
|
1133
|
+
{
|
1134
|
+
CFRelease(hash);
|
1135
|
+
}
|
1136
|
+
|
1137
|
+
if(keychain)
|
1138
|
+
{
|
1139
|
+
CFRelease(keychain);
|
1140
|
+
}
|
1141
|
+
|
1142
|
+
if(cert)
|
1143
|
+
{
|
1144
|
+
CFRelease(cert);
|
1145
|
+
}
|
1146
|
+
|
1147
|
+
if(key)
|
1148
|
+
{
|
1149
|
+
CFRelease(key);
|
1150
|
+
}
|
1151
|
+
|
1152
|
+
if(identity)
|
1153
|
+
{
|
1154
|
+
CFRelease(identity);
|
1155
|
+
}
|
1156
|
+
|
1157
|
+
throw;
|
1158
|
+
}
|
1159
|
+
//
|
1160
|
+
// DiffieHellmanParams in DER format.
|
1161
|
+
//
|
1162
|
+
string dhFile = properties->getProperty(propPrefix + "DHParams");
|
1163
|
+
if(!dhFile.empty())
|
1164
|
+
{
|
1165
|
+
if(!checkPath(dhFile, defaultDir, false))
|
1166
|
+
{
|
1167
|
+
throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: DH params file not found:\n" + dhFile);
|
1168
|
+
}
|
1169
|
+
|
1170
|
+
readFile(dhFile, _dhParams);
|
1171
|
+
}
|
1172
|
+
|
1173
|
+
//
|
1174
|
+
// Establish the cipher list.
|
1175
|
+
//
|
1176
|
+
string ciphers = properties->getProperty(propPrefix + "Ciphers");
|
1177
|
+
CiphersHelper::initialize();
|
1178
|
+
|
1179
|
+
if(!ciphers.empty())
|
1180
|
+
{
|
1181
|
+
parseCiphers(ciphers);
|
1182
|
+
}
|
1183
|
+
|
1184
|
+
if(securityTraceLevel() >= 1)
|
1185
|
+
{
|
1186
|
+
ostringstream os;
|
1187
|
+
os << "enabling SSL ciphersuites:";
|
1188
|
+
|
1189
|
+
if(_ciphers.empty())
|
1190
|
+
{
|
1191
|
+
map<string, SSLCipherSuite> enabled = CiphersHelper::ciphers();
|
1192
|
+
for(map<string, SSLCipherSuite>::const_iterator i = enabled.begin(); i != enabled.end(); ++i)
|
1193
|
+
{
|
1194
|
+
os << "\n " << i->first;
|
1195
|
+
}
|
1196
|
+
}
|
1197
|
+
else
|
1198
|
+
{
|
1199
|
+
for(vector<SSLCipherSuite>::const_iterator i = _ciphers.begin(); i != _ciphers.end(); ++i)
|
1200
|
+
{
|
1201
|
+
os << "\n " << getCipherName(*i);
|
1202
|
+
}
|
1203
|
+
}
|
1204
|
+
getLogger()->trace(securityTraceCategory(), os.str());
|
1205
|
+
}
|
1206
|
+
|
1207
|
+
//
|
1208
|
+
// Parse protocols
|
1209
|
+
//
|
1210
|
+
const string protocolVersionMax = properties->getProperty(propPrefix + "ProtocolVersionMax");
|
1211
|
+
if(!protocolVersionMax.empty())
|
1212
|
+
{
|
1213
|
+
_protocolVersionMax = parseProtocol(protocolVersionMax);
|
1214
|
+
}
|
1215
|
+
|
1216
|
+
//
|
1217
|
+
// The default min protocol version is set to TLS1.0 to avoid security issues with SSLv3
|
1218
|
+
//
|
1219
|
+
const string protocolVersionMin = properties->getPropertyWithDefault(propPrefix + "ProtocolVersionMin", "tls1_0");
|
1220
|
+
if(!protocolVersionMin.empty())
|
1221
|
+
{
|
1222
|
+
_protocolVersionMin = parseProtocol(protocolVersionMin);
|
1223
|
+
}
|
1224
|
+
_initialized = true;
|
1225
|
+
}
|
1226
|
+
|
1227
|
+
//
|
1228
|
+
// Destroy the engine.
|
1229
|
+
//
|
1230
|
+
void
|
1231
|
+
IceSSL::SecureTransportEngine::destroy()
|
1232
|
+
{
|
1233
|
+
if(_certificateAuthorities)
|
1234
|
+
{
|
1235
|
+
CFRelease(_certificateAuthorities);
|
1236
|
+
_certificateAuthorities = 0;
|
1237
|
+
}
|
1238
|
+
|
1239
|
+
if(_chain)
|
1240
|
+
{
|
1241
|
+
CFRelease(_chain);
|
1242
|
+
_chain = 0;
|
1243
|
+
}
|
1244
|
+
}
|
1245
|
+
|
1246
|
+
SSLContextRef
|
1247
|
+
IceSSL::SecureTransportEngine::newContext(bool incoming)
|
1248
|
+
{
|
1249
|
+
SSLContextRef ssl = SSLCreateContext(kCFAllocatorDefault, incoming ? kSSLServerSide : kSSLClientSide,
|
1250
|
+
kSSLStreamType);
|
1251
|
+
if(!ssl)
|
1252
|
+
{
|
1253
|
+
throw SecurityException(__FILE__, __LINE__, "IceSSL: unable to create SSL context");
|
1254
|
+
}
|
1255
|
+
|
1256
|
+
OSStatus err = noErr;
|
1257
|
+
if(incoming)
|
1258
|
+
{
|
1259
|
+
switch(getVerifyPeer())
|
1260
|
+
{
|
1261
|
+
case 0:
|
1262
|
+
{
|
1263
|
+
SSLSetClientSideAuthenticate(ssl, kNeverAuthenticate);
|
1264
|
+
break;
|
1265
|
+
}
|
1266
|
+
case 1:
|
1267
|
+
{
|
1268
|
+
SSLSetClientSideAuthenticate(ssl, kTryAuthenticate);
|
1269
|
+
break;
|
1270
|
+
}
|
1271
|
+
case 2:
|
1272
|
+
{
|
1273
|
+
SSLSetClientSideAuthenticate(ssl, kAlwaysAuthenticate);
|
1274
|
+
break;
|
1275
|
+
}
|
1276
|
+
default:
|
1277
|
+
{
|
1278
|
+
assert(false);
|
1279
|
+
break;
|
1280
|
+
}
|
1281
|
+
}
|
1282
|
+
|
1283
|
+
if(!_dhParams.empty())
|
1284
|
+
{
|
1285
|
+
if((err = SSLSetDiffieHellmanParams(ssl, &_dhParams[0], _dhParams.size())))
|
1286
|
+
{
|
1287
|
+
throw SecurityException(__FILE__, __LINE__,
|
1288
|
+
"IceSSL: unable to create the trust object:\n" + errorToString(err));
|
1289
|
+
}
|
1290
|
+
}
|
1291
|
+
}
|
1292
|
+
|
1293
|
+
if(_chain && (err = SSLSetCertificate(ssl, _chain)))
|
1294
|
+
{
|
1295
|
+
throw SecurityException(__FILE__, __LINE__,
|
1296
|
+
"IceSSL: error while setting the SSL context certificate:\n" + errorToString(err));
|
1297
|
+
}
|
1298
|
+
|
1299
|
+
|
1300
|
+
if(!_ciphers.empty())
|
1301
|
+
{
|
1302
|
+
if((err = SSLSetEnabledCiphers(ssl, &_ciphers[0], _ciphers.size())))
|
1303
|
+
{
|
1304
|
+
throw SecurityException(__FILE__, __LINE__, "IceSSL: error while setting ciphers:\n" + errorToString(err));
|
1305
|
+
}
|
1306
|
+
}
|
1307
|
+
|
1308
|
+
if((err = SSLSetSessionOption(ssl, incoming ? kSSLSessionOptionBreakOnClientAuth :
|
1309
|
+
kSSLSessionOptionBreakOnServerAuth,
|
1310
|
+
true)))
|
1311
|
+
{
|
1312
|
+
throw SecurityException(__FILE__, __LINE__, "IceSSL: error while setting SSL option:\n" + errorToString(err));
|
1313
|
+
}
|
1314
|
+
|
1315
|
+
if(_protocolVersionMax != kSSLProtocolUnknown)
|
1316
|
+
{
|
1317
|
+
if((err = SSLSetProtocolVersionMax(ssl, _protocolVersionMax)))
|
1318
|
+
{
|
1319
|
+
throw SecurityException(__FILE__, __LINE__,
|
1320
|
+
"IceSSL: error while setting SSL protocol version max:\n" + errorToString(err));
|
1321
|
+
}
|
1322
|
+
}
|
1323
|
+
|
1324
|
+
if(_protocolVersionMin != kSSLProtocolUnknown)
|
1325
|
+
{
|
1326
|
+
if((err = SSLSetProtocolVersionMin(ssl, _protocolVersionMin)))
|
1327
|
+
{
|
1328
|
+
throw SecurityException(__FILE__, __LINE__,
|
1329
|
+
"IceSSL: error while setting SSL protocol version min:\n" + errorToString(err));
|
1330
|
+
}
|
1331
|
+
}
|
1332
|
+
|
1333
|
+
return ssl;
|
1334
|
+
}
|
1335
|
+
|
1336
|
+
CFArrayRef
|
1337
|
+
IceSSL::SecureTransportEngine::getCertificateAuthorities() const
|
1338
|
+
{
|
1339
|
+
return _certificateAuthorities;
|
1340
|
+
}
|
1341
|
+
|
1342
|
+
string
|
1343
|
+
IceSSL::SecureTransportEngine::getCipherName(SSLCipherSuite cipher) const
|
1344
|
+
{
|
1345
|
+
return CiphersHelper::cipherName(cipher);
|
1346
|
+
}
|
1347
|
+
|
1348
|
+
void
|
1349
|
+
IceSSL::SecureTransportEngine::parseCiphers(const string& ciphers)
|
1350
|
+
{
|
1351
|
+
vector<string> tokens;
|
1352
|
+
vector<CipherExpression> cipherExpressions;
|
1353
|
+
|
1354
|
+
bool allCiphers = false;
|
1355
|
+
IceUtilInternal::splitString(ciphers, " \t", tokens);
|
1356
|
+
for(vector<string>::const_iterator i = tokens.begin(); i != tokens.end(); ++i)
|
1357
|
+
{
|
1358
|
+
string token(*i);
|
1359
|
+
if(token == "ALL")
|
1360
|
+
{
|
1361
|
+
if(i != tokens.begin())
|
1362
|
+
{
|
1363
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1364
|
+
"IceSSL: `ALL' must be first in cipher list `" + ciphers + "'");
|
1365
|
+
}
|
1366
|
+
allCiphers = true;
|
1367
|
+
}
|
1368
|
+
else if(token == "NONE")
|
1369
|
+
{
|
1370
|
+
if(i != tokens.begin())
|
1371
|
+
{
|
1372
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1373
|
+
"IceSSL: `NONE' must be first in cipher list `" + ciphers + "'");
|
1374
|
+
}
|
1375
|
+
}
|
1376
|
+
else
|
1377
|
+
{
|
1378
|
+
CipherExpression ce;
|
1379
|
+
if(token.find('!') == 0)
|
1380
|
+
{
|
1381
|
+
ce.negation = true;
|
1382
|
+
if(token.size() > 1)
|
1383
|
+
{
|
1384
|
+
token = token.substr(1);
|
1385
|
+
}
|
1386
|
+
else
|
1387
|
+
{
|
1388
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1389
|
+
"IceSSL: invalid cipher expression `" + token + "'");
|
1390
|
+
}
|
1391
|
+
}
|
1392
|
+
else
|
1393
|
+
{
|
1394
|
+
ce.negation = false;
|
1395
|
+
}
|
1396
|
+
|
1397
|
+
if(token.find('(') == 0)
|
1398
|
+
{
|
1399
|
+
if(token.rfind(')') != token.size() - 1)
|
1400
|
+
{
|
1401
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1402
|
+
"IceSSL: invalid cipher expression `" + token + "'");
|
1403
|
+
}
|
1404
|
+
|
1405
|
+
try
|
1406
|
+
{
|
1407
|
+
ce.re = new RegExp(token.substr(1, token.size() - 2));
|
1408
|
+
}
|
1409
|
+
catch(const Ice::SyscallException&)
|
1410
|
+
{
|
1411
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1412
|
+
"IceSSL: invalid cipher expression `" + token + "'");
|
1413
|
+
}
|
1414
|
+
}
|
1415
|
+
else
|
1416
|
+
{
|
1417
|
+
ce.cipher = token;
|
1418
|
+
}
|
1419
|
+
|
1420
|
+
cipherExpressions.push_back(ce);
|
1421
|
+
}
|
1422
|
+
}
|
1423
|
+
|
1424
|
+
//
|
1425
|
+
// Context used to get the cipher list
|
1426
|
+
//
|
1427
|
+
SSLContextRef ctx = SSLCreateContext(kCFAllocatorDefault, kSSLServerSide, kSSLStreamType);
|
1428
|
+
size_t numSupportedCiphers = 0;
|
1429
|
+
SSLGetNumberSupportedCiphers(ctx, &numSupportedCiphers);
|
1430
|
+
|
1431
|
+
vector<SSLCipherSuite> supported;
|
1432
|
+
supported.resize(numSupportedCiphers);
|
1433
|
+
|
1434
|
+
OSStatus err = SSLGetSupportedCiphers(ctx, &supported[0], &numSupportedCiphers);
|
1435
|
+
if(err)
|
1436
|
+
{
|
1437
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1438
|
+
"IceSSL: unable to get supported ciphers list:\n" + errorToString(err));
|
1439
|
+
}
|
1440
|
+
|
1441
|
+
vector<SSLCipherSuite> enabled;
|
1442
|
+
if(allCiphers)
|
1443
|
+
{
|
1444
|
+
enabled = supported;
|
1445
|
+
}
|
1446
|
+
|
1447
|
+
for(vector<CipherExpression>::const_iterator i = cipherExpressions.begin(); i != cipherExpressions.end(); ++i)
|
1448
|
+
{
|
1449
|
+
CipherExpression ce = *i;
|
1450
|
+
if(ce.negation)
|
1451
|
+
{
|
1452
|
+
for(vector<SSLCipherSuite>::iterator j = enabled.begin(); j != enabled.end();)
|
1453
|
+
{
|
1454
|
+
SSLCipherSuite cipher = *j;
|
1455
|
+
string name = CiphersHelper::cipherName(cipher);
|
1456
|
+
|
1457
|
+
if(ce.cipher.empty())
|
1458
|
+
{
|
1459
|
+
if(ce.re->match(name))
|
1460
|
+
{
|
1461
|
+
j = enabled.erase(j);
|
1462
|
+
continue;
|
1463
|
+
}
|
1464
|
+
}
|
1465
|
+
else
|
1466
|
+
{
|
1467
|
+
if(ce.cipher == name)
|
1468
|
+
{
|
1469
|
+
j = enabled.erase(j);
|
1470
|
+
continue;
|
1471
|
+
}
|
1472
|
+
}
|
1473
|
+
j++;
|
1474
|
+
}
|
1475
|
+
}
|
1476
|
+
else
|
1477
|
+
{
|
1478
|
+
if(ce.cipher.empty())
|
1479
|
+
{
|
1480
|
+
for(vector<SSLCipherSuite>::const_iterator j = supported.begin(); j != supported.end(); ++j)
|
1481
|
+
{
|
1482
|
+
SSLCipherSuite cipher = *j;
|
1483
|
+
string name = CiphersHelper::cipherName(cipher);
|
1484
|
+
if(ce.re->match(name))
|
1485
|
+
{
|
1486
|
+
vector<SSLCipherSuite>::const_iterator k = find(enabled.begin(), enabled.end(), cipher);
|
1487
|
+
if(k == enabled.end())
|
1488
|
+
{
|
1489
|
+
enabled.push_back(cipher);
|
1490
|
+
}
|
1491
|
+
}
|
1492
|
+
}
|
1493
|
+
}
|
1494
|
+
else
|
1495
|
+
{
|
1496
|
+
SSLCipherSuite cipher = CiphersHelper::cipherForName(ce.cipher);
|
1497
|
+
vector<SSLCipherSuite>::const_iterator k = find(enabled.begin(), enabled.end(), cipher);
|
1498
|
+
if(k == enabled.end())
|
1499
|
+
{
|
1500
|
+
enabled.push_back(cipher);
|
1501
|
+
}
|
1502
|
+
}
|
1503
|
+
}
|
1504
|
+
}
|
1505
|
+
_ciphers = enabled;
|
1506
|
+
|
1507
|
+
if(_ciphers.empty())
|
1508
|
+
{
|
1509
|
+
throw PluginInitializationException(__FILE__, __LINE__,
|
1510
|
+
"IceSSL: invalid value for IceSSL.Ciphers:\n" + ciphers +
|
1511
|
+
"\nThe result cipher list does not contain any entries");
|
1512
|
+
}
|
1513
|
+
}
|
1514
|
+
#endif
|