zeroc-ice 3.7.3 → 3.7.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/ext/Communicator.cpp +3 -0
- data/ext/Config.h +11 -0
- data/ext/Types.cpp +18 -2
- data/ext/Util.cpp +15 -3
- data/ext/Util.h +36 -0
- data/ext/ice/cpp/include/Ice/Exception.h +3 -3
- data/ext/ice/cpp/include/Ice/Functional.h +3 -1
- data/ext/ice/cpp/include/Ice/IconvStringConverter.h +1 -1
- data/ext/ice/cpp/include/Ice/Initialize.h +1 -1
- data/ext/ice/cpp/include/Ice/Object.h +7 -0
- data/ext/ice/cpp/include/Ice/Optional.h +1 -1
- data/ext/ice/cpp/include/Ice/OutgoingAsync.h +15 -0
- data/ext/ice/cpp/include/Ice/Proxy.h +56 -25
- data/ext/ice/cpp/include/Ice/Service.h +1 -1
- data/ext/ice/cpp/include/IceSSL/Plugin.h +142 -0
- data/ext/ice/cpp/include/IceUtil/Config.h +3 -2
- data/ext/ice/cpp/include/IceUtil/Functional.h +3 -1
- data/ext/ice/cpp/include/IceUtil/MutexPtrLock.h +4 -4
- data/ext/ice/cpp/include/IceUtil/ResourceConfig.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/BuiltinSequences.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Communicator.h +10 -4
- data/ext/ice/cpp/include/generated/Ice/CommunicatorF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Connection.h +58 -15
- data/ext/ice/cpp/include/generated/Ice/ConnectionF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Current.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Endpoint.h +50 -14
- data/ext/ice/cpp/include/generated/Ice/EndpointF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/EndpointTypes.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/FacetMap.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Identity.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/ImplicitContext.h +8 -2
- data/ext/ice/cpp/include/generated/Ice/ImplicitContextF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Instrumentation.h +62 -2
- data/ext/ice/cpp/include/generated/Ice/InstrumentationF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/LocalException.h +523 -127
- data/ext/ice/cpp/include/generated/Ice/Locator.h +62 -14
- data/ext/ice/cpp/include/generated/Ice/LocatorF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Logger.h +8 -2
- data/ext/ice/cpp/include/generated/Ice/LoggerF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Metrics.h +79 -27
- data/ext/ice/cpp/include/generated/Ice/ObjectAdapter.h +8 -2
- data/ext/ice/cpp/include/generated/Ice/ObjectAdapterF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/ObjectFactory.h +8 -2
- data/ext/ice/cpp/include/generated/Ice/Plugin.h +14 -2
- data/ext/ice/cpp/include/generated/Ice/PluginF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Process.h +10 -4
- data/ext/ice/cpp/include/generated/Ice/ProcessF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/Properties.h +8 -2
- data/ext/ice/cpp/include/generated/Ice/PropertiesAdmin.h +11 -5
- data/ext/ice/cpp/include/generated/Ice/PropertiesF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/RemoteLogger.h +26 -8
- data/ext/ice/cpp/include/generated/Ice/Router.h +18 -6
- data/ext/ice/cpp/include/generated/Ice/RouterF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/ServantLocator.h +8 -2
- data/ext/ice/cpp/include/generated/Ice/ServantLocatorF.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/SliceChecksumDict.h +2 -2
- data/ext/ice/cpp/include/generated/Ice/ValueFactory.h +14 -2
- data/ext/ice/cpp/include/generated/Ice/Version.h +2 -2
- data/ext/ice/cpp/include/generated/IceSSL/ConnectionInfo.h +10 -5
- data/ext/ice/cpp/include/generated/IceSSL/ConnectionInfoF.h +2 -2
- data/ext/ice/cpp/include/generated/IceSSL/EndpointInfo.h +8 -3
- data/ext/ice/cpp/src/Ice/ArgVector.cpp +1 -1
- data/ext/ice/cpp/src/Ice/BuiltinSequences.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Communicator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/CommunicatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Connection.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ConnectionF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ConnectionFactory.cpp +3 -3
- data/ext/ice/cpp/src/Ice/Current.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Endpoint.cpp +2 -2
- data/ext/ice/cpp/src/Ice/EndpointF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/EndpointTypes.cpp +2 -2
- data/ext/ice/cpp/src/Ice/FacetMap.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Identity.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ImplicitContext.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ImplicitContextF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ImplicitContextI.cpp +1 -1
- data/ext/ice/cpp/src/Ice/Initialize.cpp +1 -1
- data/ext/ice/cpp/src/Ice/InputStream.cpp +29 -14
- data/ext/ice/cpp/src/Ice/Instance.cpp +3 -0
- data/ext/ice/cpp/src/Ice/Instance.h +2 -0
- data/ext/ice/cpp/src/Ice/Instrumentation.cpp +2 -2
- data/ext/ice/cpp/src/Ice/InstrumentationF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LocalException.cpp +398 -2
- data/ext/ice/cpp/src/Ice/Locator.cpp +32 -2
- data/ext/ice/cpp/src/Ice/LocatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LocatorInfo.cpp +3 -3
- data/ext/ice/cpp/src/Ice/Logger.cpp +2 -2
- data/ext/ice/cpp/src/Ice/LoggerF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Metrics.cpp +8 -2
- data/ext/ice/cpp/src/Ice/Network.cpp +1 -1
- data/ext/ice/cpp/src/Ice/Network.h +0 -0
- data/ext/ice/cpp/src/Ice/ObjectAdapter.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectAdapterF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ObjectAdapterFactory.cpp +4 -4
- data/ext/ice/cpp/src/Ice/ObjectAdapterI.cpp +8 -8
- data/ext/ice/cpp/src/Ice/ObjectFactory.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Plugin.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PluginF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Process.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ProcessF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Properties.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertiesAdmin.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertiesF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/PropertyNames.cpp +6 -3
- data/ext/ice/cpp/src/Ice/PropertyNames.h +1 -1
- data/ext/ice/cpp/src/Ice/ProxyFactory.cpp +9 -0
- data/ext/ice/cpp/src/Ice/RemoteLogger.cpp +8 -2
- data/ext/ice/cpp/src/Ice/RetryQueue.cpp +5 -2
- data/ext/ice/cpp/src/Ice/Router.cpp +2 -2
- data/ext/ice/cpp/src/Ice/RouterF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/RouterInfo.cpp +6 -2
- data/ext/ice/cpp/src/Ice/SHA1.cpp +2 -0
- data/ext/ice/cpp/src/Ice/ServantLocator.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ServantLocatorF.cpp +2 -2
- data/ext/ice/cpp/src/Ice/SliceChecksumDict.cpp +2 -2
- data/ext/ice/cpp/src/Ice/StreamSocket.cpp +0 -0
- data/ext/ice/cpp/src/Ice/Thread.cpp +2 -2
- data/ext/ice/cpp/src/Ice/ThreadPool.cpp +5 -1
- data/ext/ice/cpp/src/Ice/ThreadPool.h +0 -4
- data/ext/ice/cpp/src/Ice/UdpTransceiver.cpp +0 -0
- data/ext/ice/cpp/src/Ice/ValueFactory.cpp +2 -2
- data/ext/ice/cpp/src/Ice/Version.cpp +2 -2
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.cpp +2 -2
- data/ext/ice/cpp/src/IceDiscovery/IceDiscovery.h +491 -6
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.cpp +2 -2
- data/ext/ice/cpp/src/IceLocatorDiscovery/IceLocatorDiscovery.h +16 -4
- data/ext/ice/cpp/src/IceLocatorDiscovery/PluginI.cpp +12 -1
- data/ext/ice/cpp/src/IceSSL/CertificateI.cpp +23 -1
- data/ext/ice/cpp/src/IceSSL/ConnectionInfo.cpp +2 -2
- data/ext/ice/cpp/src/IceSSL/ConnectionInfoF.cpp +2 -2
- data/ext/ice/cpp/src/IceSSL/EndpointInfo.cpp +2 -2
- data/ext/ice/cpp/src/IceSSL/OpenSSLCertificateI.cpp +124 -19
- data/ext/ice/cpp/src/IceSSL/OpenSSLEngine.cpp +60 -1
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.cpp +105 -2
- data/ext/ice/cpp/src/IceSSL/OpenSSLTransceiverI.h +1 -0
- data/ext/ice/cpp/src/IceSSL/OpenSSLUtil.cpp +2 -0
- data/ext/ice/cpp/src/IceSSL/PluginI.cpp +114 -0
- data/ext/ice/cpp/src/IceSSL/PluginI.h +21 -0
- data/ext/ice/cpp/src/IceSSL/SChannelCertificateI.cpp +142 -1
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.cpp +117 -3
- data/ext/ice/cpp/src/IceSSL/SChannelTransceiverI.h +1 -0
- data/ext/ice/cpp/src/IceSSL/SSLEngine.cpp +20 -1
- data/ext/ice/cpp/src/IceSSL/SSLEngine.h +4 -0
- data/ext/ice/cpp/src/IceSSL/SecureTransportCertificateI.cpp +133 -2
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +151 -89
- data/ext/ice/cpp/src/IceSSL/SecureTransportTransceiverI.h +1 -0
- data/ext/ice/cpp/src/IceSSL/Util.cpp +0 -0
- data/ext/ice/cpp/src/IceUtil/StringConverter.cpp +6 -0
- data/ext/ice/cpp/src/IceUtil/Time.cpp +8 -10
- data/ext/ice/cpp/src/Slice/CPlusPlusUtil.cpp +6 -2
- data/ext/ice/cpp/src/Slice/JavaUtil.cpp +12 -4
- data/ext/ice/cpp/src/Slice/PHPUtil.cpp +4 -0
- data/ext/ice/cpp/src/Slice/Parser.cpp +11 -7
- data/ext/ice/cpp/src/Slice/Parser.h +2 -2
- data/ext/ice/cpp/src/Slice/Preprocessor.cpp +12 -0
- data/ext/ice/cpp/src/Slice/Preprocessor.h +1 -1
- data/ext/ice/cpp/src/Slice/Python.cpp +1 -1
- data/ext/ice/cpp/src/Slice/PythonUtil.cpp +17 -5
- data/ext/ice/cpp/src/Slice/Scanner.cpp +621 -369
- data/ext/ice/mcpp/CMakeLists.txt +80 -0
- data/ext/ice/mcpp/expand.c +6 -6
- data/ice.gemspec +1 -1
- data/lib/Glacier2/Metrics.rb +1 -1
- data/lib/Glacier2/PermissionsVerifier.rb +1 -1
- data/lib/Glacier2/PermissionsVerifierF.rb +1 -1
- data/lib/Glacier2/Router.rb +1 -1
- data/lib/Glacier2/RouterF.rb +1 -1
- data/lib/Glacier2/SSLInfo.rb +1 -1
- data/lib/Glacier2/Session.rb +1 -1
- data/lib/Ice/BuiltinSequences.rb +1 -1
- data/lib/Ice/Communicator.rb +1 -1
- data/lib/Ice/CommunicatorF.rb +1 -1
- data/lib/Ice/Connection.rb +1 -1
- data/lib/Ice/ConnectionF.rb +1 -1
- data/lib/Ice/Current.rb +1 -1
- data/lib/Ice/Endpoint.rb +1 -1
- data/lib/Ice/EndpointF.rb +1 -1
- data/lib/Ice/EndpointTypes.rb +1 -1
- data/lib/Ice/FacetMap.rb +1 -1
- data/lib/Ice/Identity.rb +1 -1
- data/lib/Ice/ImplicitContext.rb +1 -1
- data/lib/Ice/ImplicitContextF.rb +1 -1
- data/lib/Ice/Instrumentation.rb +1 -1
- data/lib/Ice/InstrumentationF.rb +1 -1
- data/lib/Ice/LocalException.rb +1 -1
- data/lib/Ice/Locator.rb +1 -1
- data/lib/Ice/LocatorF.rb +1 -1
- data/lib/Ice/Logger.rb +1 -1
- data/lib/Ice/LoggerF.rb +1 -1
- data/lib/Ice/Metrics.rb +1 -1
- data/lib/Ice/ObjectAdapter.rb +1 -1
- data/lib/Ice/ObjectAdapterF.rb +1 -1
- data/lib/Ice/ObjectFactory.rb +1 -1
- data/lib/Ice/Plugin.rb +1 -1
- data/lib/Ice/PluginF.rb +1 -1
- data/lib/Ice/Process.rb +1 -1
- data/lib/Ice/ProcessF.rb +1 -1
- data/lib/Ice/Properties.rb +1 -1
- data/lib/Ice/PropertiesAdmin.rb +1 -1
- data/lib/Ice/PropertiesF.rb +1 -1
- data/lib/Ice/RemoteLogger.rb +1 -1
- data/lib/Ice/Router.rb +1 -1
- data/lib/Ice/RouterF.rb +1 -1
- data/lib/Ice/ServantLocator.rb +1 -1
- data/lib/Ice/ServantLocatorF.rb +1 -1
- data/lib/Ice/SliceChecksumDict.rb +1 -1
- data/lib/Ice/ValueFactory.rb +1 -1
- data/lib/Ice/Version.rb +1 -1
- data/lib/IceBox/IceBox.rb +1 -1
- data/lib/IceGrid/Admin.rb +1 -1
- data/lib/IceGrid/Descriptor.rb +1 -1
- data/lib/IceGrid/Exception.rb +1 -1
- data/lib/IceGrid/FileParser.rb +1 -1
- data/lib/IceGrid/PluginFacade.rb +1 -1
- data/lib/IceGrid/Registry.rb +1 -1
- data/lib/IceGrid/Session.rb +1 -1
- data/lib/IceGrid/UserAccountMapper.rb +1 -1
- data/lib/IcePatch2/FileInfo.rb +1 -1
- data/lib/IcePatch2/FileServer.rb +1 -1
- data/lib/IceStorm/IceStorm.rb +1 -1
- data/lib/IceStorm/Metrics.rb +1 -1
- data/slice/Ice/Communicator.ice +1 -1
- data/slice/IceBox/IceBox.ice +17 -2
- data/slice/IceDiscovery/IceDiscovery.ice +56 -0
- metadata +4 -4
@@ -8,7 +8,7 @@
|
|
8
8
|
//
|
9
9
|
#include <IceUtil/DisableWarnings.h>
|
10
10
|
|
11
|
-
#include <IceSSL/
|
11
|
+
#include <IceSSL/PluginI.h>
|
12
12
|
#include <IceSSL/SecureTransport.h>
|
13
13
|
#include <IceSSL/CertificateI.h>
|
14
14
|
#include <IceSSL/SecureTransportUtil.h>
|
@@ -32,6 +32,29 @@ using namespace std;
|
|
32
32
|
namespace
|
33
33
|
{
|
34
34
|
|
35
|
+
static unsigned char _ekuAnyKeyUsage[4] = {0x55, 0x1d, 0x25, 0x00};
|
36
|
+
static unsigned char _ekuServerAuthentication[8] = {0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x01};
|
37
|
+
static unsigned char _ekuClientAuthentication[8] = {0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x02};
|
38
|
+
static unsigned char _ekuCodeSigning[8] = {0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x03};
|
39
|
+
static unsigned char _ekuEmailProtection[8] = {0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x04};
|
40
|
+
static unsigned char _ekuTimeStamping[8] = {0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x08};
|
41
|
+
static unsigned char _ekuOCSPSigning[8] = {0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x09};
|
42
|
+
|
43
|
+
static CFDataRef ekuAnyKeyUsage =
|
44
|
+
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, _ekuAnyKeyUsage, 4, kCFAllocatorNull);
|
45
|
+
static CFDataRef ekuServerAuthentication =
|
46
|
+
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, _ekuServerAuthentication, 8, kCFAllocatorNull);
|
47
|
+
static CFDataRef ekuClientAuthentication =
|
48
|
+
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, _ekuClientAuthentication, 8, kCFAllocatorNull);
|
49
|
+
static CFDataRef ekuCodeSigning =
|
50
|
+
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, _ekuCodeSigning, 8, kCFAllocatorNull);
|
51
|
+
static CFDataRef ekuEmailProtection =
|
52
|
+
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, _ekuEmailProtection, 8, kCFAllocatorNull);
|
53
|
+
static CFDataRef ekuTimeStamping =
|
54
|
+
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, _ekuTimeStamping, 8, kCFAllocatorNull);
|
55
|
+
static CFDataRef ekuOCSPSigning =
|
56
|
+
CFDataCreateWithBytesNoCopy(kCFAllocatorDefault, _ekuOCSPSigning, 8, kCFAllocatorNull);
|
57
|
+
|
35
58
|
string
|
36
59
|
certificateOIDAlias(const string& name)
|
37
60
|
{
|
@@ -226,7 +249,8 @@ private:
|
|
226
249
|
#endif
|
227
250
|
|
228
251
|
class SecureTransportCertificateI ICE_FINAL : public IceSSL::SecureTransport::Certificate,
|
229
|
-
public IceSSL::CertificateI
|
252
|
+
public IceSSL::CertificateI,
|
253
|
+
public IceSSL::CertificateExtendedInfo
|
230
254
|
{
|
231
255
|
public:
|
232
256
|
|
@@ -254,6 +278,8 @@ public:
|
|
254
278
|
virtual vector<pair<int, string> > getSubjectAlternativeNames() const;
|
255
279
|
virtual int getVersion() const;
|
256
280
|
virtual SecCertificateRef getCert() const;
|
281
|
+
virtual unsigned int getKeyUsage() const;
|
282
|
+
virtual unsigned int getExtendedKeyUsage() const;
|
257
283
|
|
258
284
|
private:
|
259
285
|
|
@@ -792,6 +818,111 @@ SecureTransportCertificateI::initializeAttributes() const
|
|
792
818
|
}
|
793
819
|
#endif
|
794
820
|
|
821
|
+
unsigned int
|
822
|
+
SecureTransportCertificateI::getKeyUsage() const
|
823
|
+
{
|
824
|
+
#ifdef ICE_USE_SECURE_TRANSPORT_IOS
|
825
|
+
throw Ice::FeatureNotSupportedException(__FILE__, __LINE__);
|
826
|
+
#else
|
827
|
+
unsigned int keyUsage = 0;
|
828
|
+
UniqueRef<CFDictionaryRef> property(getCertificateProperty(_cert.get(), kSecOIDKeyUsage));
|
829
|
+
if(property)
|
830
|
+
{
|
831
|
+
CFNumberRef value = static_cast<CFNumberRef>(CFDictionaryGetValue(property.get(), kSecPropertyKeyValue));
|
832
|
+
if(value)
|
833
|
+
{
|
834
|
+
unsigned int usageBits = 0;
|
835
|
+
CFNumberGetValue(value, kCFNumberSInt32Type, &usageBits);
|
836
|
+
if(usageBits & kSecKeyUsageDigitalSignature)
|
837
|
+
{
|
838
|
+
keyUsage |= KEY_USAGE_DIGITAL_SIGNATURE;
|
839
|
+
}
|
840
|
+
if(usageBits & kSecKeyUsageNonRepudiation)
|
841
|
+
{
|
842
|
+
keyUsage |= KEY_USAGE_NON_REPUDIATION;
|
843
|
+
}
|
844
|
+
if(usageBits & kSecKeyUsageKeyEncipherment)
|
845
|
+
{
|
846
|
+
keyUsage |= KEY_USAGE_KEY_ENCIPHERMENT;
|
847
|
+
}
|
848
|
+
if(usageBits & kSecKeyUsageDataEncipherment)
|
849
|
+
{
|
850
|
+
keyUsage |= KEY_USAGE_DATA_ENCIPHERMENT;
|
851
|
+
}
|
852
|
+
if(usageBits & kSecKeyUsageKeyAgreement)
|
853
|
+
{
|
854
|
+
keyUsage |= KEY_USAGE_KEY_AGREEMENT;
|
855
|
+
}
|
856
|
+
if(usageBits & kSecKeyUsageKeyCertSign)
|
857
|
+
{
|
858
|
+
keyUsage |= KEY_USAGE_KEY_CERT_SIGN;
|
859
|
+
}
|
860
|
+
if(usageBits & kSecKeyUsageCRLSign)
|
861
|
+
{
|
862
|
+
keyUsage |= KEY_USAGE_CRL_SIGN;
|
863
|
+
}
|
864
|
+
if(usageBits & kSecKeyUsageEncipherOnly)
|
865
|
+
{
|
866
|
+
keyUsage |= KEY_USAGE_ENCIPHER_ONLY;
|
867
|
+
}
|
868
|
+
if(usageBits & kSecKeyUsageDecipherOnly)
|
869
|
+
{
|
870
|
+
keyUsage |= KEY_USAGE_DECIPHER_ONLY;
|
871
|
+
}
|
872
|
+
}
|
873
|
+
}
|
874
|
+
return keyUsage;
|
875
|
+
#endif
|
876
|
+
}
|
877
|
+
|
878
|
+
unsigned int
|
879
|
+
SecureTransportCertificateI::getExtendedKeyUsage() const
|
880
|
+
{
|
881
|
+
#ifdef ICE_USE_SECURE_TRANSPORT_IOS
|
882
|
+
throw Ice::FeatureNotSupportedException(__FILE__, __LINE__);
|
883
|
+
#else
|
884
|
+
unsigned int extendedKeyUsage = 0;
|
885
|
+
UniqueRef<CFDictionaryRef> property(getCertificateProperty(_cert.get(), kSecOIDExtendedKeyUsage));
|
886
|
+
if(property)
|
887
|
+
{
|
888
|
+
CFArrayRef usages = static_cast<CFArrayRef>(CFDictionaryGetValue(property.get(), kSecPropertyKeyValue));
|
889
|
+
if(usages)
|
890
|
+
{
|
891
|
+
long size = CFArrayGetCount(usages);
|
892
|
+
if (CFArrayContainsValue(usages, CFRangeMake(0, size), ekuAnyKeyUsage))
|
893
|
+
{
|
894
|
+
extendedKeyUsage |= EXTENDED_KEY_USAGE_ANY_KEY_USAGE;
|
895
|
+
}
|
896
|
+
if (CFArrayContainsValue(usages, CFRangeMake(0, size), ekuServerAuthentication))
|
897
|
+
{
|
898
|
+
extendedKeyUsage |= EXTENDED_KEY_USAGE_SERVER_AUTH;
|
899
|
+
}
|
900
|
+
if (CFArrayContainsValue(usages, CFRangeMake(0, size), ekuClientAuthentication))
|
901
|
+
{
|
902
|
+
extendedKeyUsage |= EXTENDED_KEY_USAGE_CLIENT_AUTH;
|
903
|
+
}
|
904
|
+
if (CFArrayContainsValue(usages, CFRangeMake(0, size), ekuCodeSigning))
|
905
|
+
{
|
906
|
+
extendedKeyUsage |= EXTENDED_KEY_USAGE_CODE_SIGNING;
|
907
|
+
}
|
908
|
+
if (CFArrayContainsValue(usages, CFRangeMake(0, size), ekuEmailProtection))
|
909
|
+
{
|
910
|
+
extendedKeyUsage |= EXTENDED_KEY_USAGE_EMAIL_PROTECTION;
|
911
|
+
}
|
912
|
+
if (CFArrayContainsValue(usages, CFRangeMake(0, size), ekuTimeStamping))
|
913
|
+
{
|
914
|
+
extendedKeyUsage |= EXTENDED_KEY_USAGE_TIME_STAMPING;
|
915
|
+
}
|
916
|
+
if (CFArrayContainsValue(usages, CFRangeMake(0, size), ekuOCSPSigning))
|
917
|
+
{
|
918
|
+
extendedKeyUsage |= EXTENDED_KEY_USAGE_OCSP_SIGNING;
|
919
|
+
}
|
920
|
+
}
|
921
|
+
}
|
922
|
+
return extendedKeyUsage;
|
923
|
+
#endif
|
924
|
+
}
|
925
|
+
|
795
926
|
IceSSL::SecureTransport::CertificatePtr
|
796
927
|
IceSSL::SecureTransport::Certificate::create(SecCertificateRef cert)
|
797
928
|
{
|
@@ -4,6 +4,7 @@
|
|
4
4
|
|
5
5
|
#include <IceSSL/SecureTransportTransceiverI.h>
|
6
6
|
#include <IceSSL/Instance.h>
|
7
|
+
#include <IceSSL/PluginI.h>
|
7
8
|
#include <IceSSL/SecureTransportEngine.h>
|
8
9
|
#include <IceSSL/SecureTransportUtil.h>
|
9
10
|
#include <IceSSL/ConnectionInfo.h>
|
@@ -20,36 +21,6 @@ using namespace IceSSL::SecureTransport;
|
|
20
21
|
namespace
|
21
22
|
{
|
22
23
|
|
23
|
-
string
|
24
|
-
trustResultDescription(SecTrustResultType result)
|
25
|
-
{
|
26
|
-
switch(result)
|
27
|
-
{
|
28
|
-
case kSecTrustResultInvalid:
|
29
|
-
{
|
30
|
-
return "Invalid setting or result";
|
31
|
-
}
|
32
|
-
case kSecTrustResultDeny:
|
33
|
-
{
|
34
|
-
return "The user specified that the certificate should not be trusted";
|
35
|
-
}
|
36
|
-
case kSecTrustResultRecoverableTrustFailure:
|
37
|
-
case kSecTrustResultFatalTrustFailure:
|
38
|
-
{
|
39
|
-
return "Trust denied";
|
40
|
-
}
|
41
|
-
case kSecTrustResultOtherError:
|
42
|
-
{
|
43
|
-
return "Other error internal error";
|
44
|
-
}
|
45
|
-
default:
|
46
|
-
{
|
47
|
-
assert(false);
|
48
|
-
return "";
|
49
|
-
}
|
50
|
-
}
|
51
|
-
}
|
52
|
-
|
53
24
|
string
|
54
25
|
protocolName(SSLProtocol protocol)
|
55
26
|
{
|
@@ -92,99 +63,187 @@ socketRead(SSLConnectionRef connection, void* data, size_t* length)
|
|
92
63
|
return transceiver->readRaw(reinterpret_cast<char*>(data), length);
|
93
64
|
}
|
94
65
|
|
95
|
-
|
66
|
+
TrustError errorToTrustError(CFErrorRef err)
|
67
|
+
{
|
68
|
+
long errorCode = CFErrorGetCode(err);
|
69
|
+
switch (errorCode)
|
70
|
+
{
|
71
|
+
case errSecPathLengthConstraintExceeded:
|
72
|
+
{
|
73
|
+
return IceSSL::ICE_ENUM(TrustError, ChainTooLong);
|
74
|
+
}
|
75
|
+
case errSecUnknownCRLExtension:
|
76
|
+
case errSecUnknownCriticalExtensionFlag:
|
77
|
+
{
|
78
|
+
return IceSSL::ICE_ENUM(TrustError, HasNonSupportedCriticalExtension);
|
79
|
+
}
|
80
|
+
case errSecHostNameMismatch:
|
81
|
+
{
|
82
|
+
return IceSSL::ICE_ENUM(TrustError, HostNameMismatch);
|
83
|
+
}
|
84
|
+
case errSecCodeSigningNoBasicConstraints:
|
85
|
+
case errSecNoBasicConstraints:
|
86
|
+
case errSecNoBasicConstraintsCA:
|
87
|
+
{
|
88
|
+
return IceSSL::ICE_ENUM(TrustError, InvalidBasicConstraints);
|
89
|
+
}
|
90
|
+
case errSecMissingRequiredExtension:
|
91
|
+
case errSecUnknownCertExtension:
|
92
|
+
{
|
93
|
+
return IceSSL::ICE_ENUM(TrustError, InvalidExtension);
|
94
|
+
}
|
95
|
+
case errSecCertificateNameNotAllowed:
|
96
|
+
case errSecInvalidName:
|
97
|
+
{
|
98
|
+
return IceSSL::ICE_ENUM(TrustError, InvalidNameConstraints);
|
99
|
+
}
|
100
|
+
case errSecCertificatePolicyNotAllowed:
|
101
|
+
case errSecInvalidPolicyIdentifiers:
|
102
|
+
case errSecInvalidCertificateRef:
|
103
|
+
case errSecInvalidDigestAlgorithm:
|
104
|
+
case errSecUnsupportedKeySize:
|
105
|
+
{
|
106
|
+
return IceSSL::ICE_ENUM(TrustError, InvalidPolicyConstraints);
|
107
|
+
}
|
108
|
+
case errSecInvalidExtendedKeyUsage:
|
109
|
+
case errSecInvalidKeyUsageForPolicy:
|
110
|
+
{
|
111
|
+
return IceSSL::ICE_ENUM(TrustError, InvalidPurpose);
|
112
|
+
}
|
113
|
+
case errSecInvalidSignature:
|
114
|
+
{
|
115
|
+
return IceSSL::ICE_ENUM(TrustError, InvalidSignature);
|
116
|
+
}
|
117
|
+
case errSecCertificateExpired:
|
118
|
+
case errSecCertificateNotValidYet:
|
119
|
+
case errSecCertificateValidityPeriodTooLong:
|
120
|
+
{
|
121
|
+
return IceSSL::ICE_ENUM(TrustError, InvalidTime);
|
122
|
+
}
|
123
|
+
case errSecCreateChainFailed:
|
124
|
+
{
|
125
|
+
return IceSSL::ICE_ENUM(TrustError, PartialChain);
|
126
|
+
}
|
127
|
+
case errSecCertificateRevoked:
|
128
|
+
{
|
129
|
+
return IceSSL::ICE_ENUM(TrustError, Revoked);
|
130
|
+
}
|
131
|
+
case errSecIncompleteCertRevocationCheck:
|
132
|
+
case errSecOCSPNotTrustedToAnchor:
|
133
|
+
{
|
134
|
+
return IceSSL::ICE_ENUM(TrustError, RevocationStatusUnknown);
|
135
|
+
}
|
136
|
+
case errSecNotTrusted:
|
137
|
+
case errSecVerifyActionFailed:
|
138
|
+
{
|
139
|
+
return IceSSL::ICE_ENUM(TrustError, UntrustedRoot);
|
140
|
+
}
|
141
|
+
default:
|
142
|
+
{
|
143
|
+
return IceSSL::ICE_ENUM(TrustError, UnknownTrustFailure);
|
144
|
+
}
|
145
|
+
}
|
146
|
+
}
|
147
|
+
|
148
|
+
TrustError
|
96
149
|
checkTrustResult(SecTrustRef trust,
|
97
150
|
const IceSSL::SecureTransport::SSLEnginePtr& engine,
|
98
151
|
const IceSSL::InstancePtr& instance,
|
99
152
|
const string& host)
|
100
153
|
{
|
101
154
|
OSStatus err = noErr;
|
102
|
-
|
155
|
+
UniqueRef<CFErrorRef> trustErr;
|
103
156
|
if(trust)
|
104
157
|
{
|
105
|
-
|
106
|
-
{
|
107
|
-
throw SecurityException(__FILE__, __LINE__, "IceSSL: handshake failure:\n" + sslErrorToString(err));
|
108
|
-
}
|
109
|
-
|
110
|
-
//
|
111
|
-
// Disable network fetch, we don't want this to block.
|
112
|
-
//
|
158
|
+
// Do not allow to fetch missing intermediate certificates from the network.
|
113
159
|
if((err = SecTrustSetNetworkFetchAllowed(trust, false)))
|
114
160
|
{
|
115
161
|
throw SecurityException(__FILE__, __LINE__, "IceSSL: handshake failure:\n" + sslErrorToString(err));
|
116
162
|
}
|
117
163
|
|
118
|
-
|
119
|
-
// Add SSL trust policy if we need to check the certificate name.
|
120
|
-
//
|
164
|
+
UniqueRef<CFMutableArrayRef> policies(CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks));
|
165
|
+
// Add SSL trust policy if we need to check the certificate name, otherwise use basic x509 policy.
|
121
166
|
if(engine->getCheckCertName() && !host.empty())
|
122
167
|
{
|
123
168
|
UniqueRef<CFStringRef> hostref(toCFString(host));
|
124
|
-
UniqueRef<SecPolicyRef> policy(SecPolicyCreateSSL(
|
125
|
-
|
126
|
-
|
169
|
+
UniqueRef<SecPolicyRef> policy(SecPolicyCreateSSL(true, hostref.get()));
|
170
|
+
CFArrayAppendValue(policies.get(), policy.get());
|
171
|
+
}
|
172
|
+
else
|
173
|
+
{
|
174
|
+
UniqueRef<SecPolicyRef> policy(SecPolicyCreateBasicX509());
|
175
|
+
CFArrayAppendValue(policies.get(), policy.get());
|
176
|
+
}
|
177
|
+
|
178
|
+
int revocationCheck = engine->getRevocationCheck();
|
179
|
+
if(revocationCheck > 0)
|
180
|
+
{
|
181
|
+
CFOptionFlags revocationFlags = kSecRevocationUseAnyAvailableMethod | kSecRevocationRequirePositiveResponse;
|
182
|
+
if(engine->getRevocationCheckCacheOnly())
|
127
183
|
{
|
128
|
-
|
184
|
+
revocationFlags |= kSecRevocationNetworkAccessDisabled;
|
129
185
|
}
|
130
|
-
|
131
|
-
|
132
|
-
if(
|
186
|
+
|
187
|
+
UniqueRef<SecPolicyRef> revocationPolicy(SecPolicyCreateRevocation(revocationFlags));
|
188
|
+
if(!revocationPolicy)
|
133
189
|
{
|
134
|
-
throw SecurityException(__FILE__,
|
190
|
+
throw SecurityException(__FILE__,
|
191
|
+
__LINE__,
|
192
|
+
"IceSSL: handshake failure: error creating revocation policy");
|
135
193
|
}
|
194
|
+
CFArrayAppendValue(policies.get(), revocationPolicy.get());
|
136
195
|
}
|
137
196
|
|
138
|
-
|
139
|
-
// Evaluate the trust
|
140
|
-
//
|
141
|
-
if((err = SecTrustEvaluate(trust, &trustResult)))
|
197
|
+
if((err = SecTrustSetPolicies(trust, policies.get())))
|
142
198
|
{
|
143
199
|
throw SecurityException(__FILE__, __LINE__, "IceSSL: handshake failure:\n" + sslErrorToString(err));
|
144
200
|
}
|
145
|
-
}
|
146
201
|
|
147
|
-
|
148
|
-
|
149
|
-
case kSecTrustResultUnspecified:
|
150
|
-
case kSecTrustResultProceed:
|
151
|
-
{
|
152
|
-
//
|
153
|
-
// Trust verify success.
|
154
|
-
//
|
155
|
-
return true;
|
156
|
-
}
|
157
|
-
default:
|
158
|
-
// case kSecTrustResultInvalid:
|
159
|
-
// case kSecTrustResultConfirm: // Used in old macOS versions
|
160
|
-
// case kSecTrustResultDeny:
|
161
|
-
// case kSecTrustResultRecoverableTrustFailure:
|
162
|
-
// case kSecTrustResultFatalTrustFailure:
|
163
|
-
// case kSecTrustResultOtherError:
|
164
|
-
{
|
165
|
-
if(engine->getVerifyPeer() == 0)
|
202
|
+
CFArrayRef certificateAuthorities = engine->getCertificateAuthorities();
|
203
|
+
if(certificateAuthorities != 0)
|
166
204
|
{
|
167
|
-
if(
|
205
|
+
if((err = SecTrustSetAnchorCertificates(trust, certificateAuthorities)))
|
168
206
|
{
|
169
|
-
|
170
|
-
os << "IceSSL: ignoring certificate verification failure:\n" << trustResultDescription(trustResult);
|
171
|
-
instance->logger()->trace(instance->traceCategory(), os.str());
|
207
|
+
throw SecurityException(__FILE__, __LINE__, "IceSSL: handshake failure:\n" + sslErrorToString(err));
|
172
208
|
}
|
173
|
-
|
209
|
+
SecTrustSetAnchorCertificatesOnly(trust, true);
|
210
|
+
}
|
211
|
+
|
212
|
+
//
|
213
|
+
// Evaluate the trust
|
214
|
+
//
|
215
|
+
if(SecTrustEvaluateWithError(trust, &trustErr.get()))
|
216
|
+
{
|
217
|
+
return IceSSL::ICE_ENUM(TrustError, NoError);
|
174
218
|
}
|
175
219
|
else
|
176
220
|
{
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
221
|
+
TrustError trustError = errorToTrustError(trustErr.get());
|
222
|
+
if(engine->getVerifyPeer() == 0)
|
223
|
+
{
|
224
|
+
if(instance->traceLevel() >= 1)
|
225
|
+
{
|
226
|
+
ostringstream os;
|
227
|
+
os << "IceSSL: ignoring certificate verification failure:\n"
|
228
|
+
<< getTrustErrorDescription(trustError);
|
229
|
+
instance->logger()->trace(instance->traceCategory(), os.str());
|
230
|
+
}
|
231
|
+
return trustError;
|
232
|
+
}
|
233
|
+
else
|
181
234
|
{
|
182
|
-
|
235
|
+
ostringstream os;
|
236
|
+
os << "IceSSL: certificate verification failure:\n" << getTrustErrorDescription(trustError);
|
237
|
+
string msg = os.str();
|
238
|
+
if(instance->traceLevel() >= 1)
|
239
|
+
{
|
240
|
+
instance->logger()->trace(instance->traceCategory(), msg);
|
241
|
+
}
|
242
|
+
throw SecurityException(__FILE__, __LINE__, msg);
|
183
243
|
}
|
184
|
-
throw SecurityException(__FILE__, __LINE__, msg);
|
185
244
|
}
|
186
245
|
}
|
187
|
-
|
246
|
+
return IceSSL::ICE_ENUM(TrustError, UnknownTrustFailure);
|
188
247
|
}
|
189
248
|
}
|
190
249
|
|
@@ -288,7 +347,8 @@ IceSSL::SecureTransport::TransceiverI::initialize(IceInternal::Buffer& readBuffe
|
|
288
347
|
}
|
289
348
|
if(err == noErr)
|
290
349
|
{
|
291
|
-
|
350
|
+
_trustError = checkTrustResult(_trust.get(), _engine, _instance, _host);
|
351
|
+
_verified = _trustError == IceSSL::ICE_ENUM(TrustError, NoError);
|
292
352
|
continue; // Call SSLHandshake to resume the handsake.
|
293
353
|
}
|
294
354
|
// Let it fall through, this will raise a SecurityException with the SSLCopyPeerTrust error.
|
@@ -546,13 +606,15 @@ IceSSL::SecureTransport::TransceiverI::toDetailedString() const
|
|
546
606
|
Ice::ConnectionInfoPtr
|
547
607
|
IceSSL::SecureTransport::TransceiverI::getInfo() const
|
548
608
|
{
|
549
|
-
IceSSL::
|
609
|
+
IceSSL::ExtendedConnectionInfoPtr info = ICE_MAKE_SHARED(IceSSL::ExtendedConnectionInfo);
|
550
610
|
info->underlying = _delegate->getInfo();
|
551
611
|
info->incoming = _incoming;
|
552
612
|
info->adapterName = _adapterName;
|
553
613
|
info->cipher = _cipher;
|
554
614
|
info->certs = _certs;
|
555
615
|
info->verified = _verified;
|
616
|
+
info->errorCode = _trustError;
|
617
|
+
info->host = _incoming ? "" : _host;
|
556
618
|
return info;
|
557
619
|
}
|
558
620
|
|
File without changes
|
@@ -2,6 +2,12 @@
|
|
2
2
|
// Copyright (c) ZeroC, Inc. All rights reserved.
|
3
3
|
//
|
4
4
|
|
5
|
+
#if defined(_MSC_VER) && (_MSVC_LANG >= 201703L)
|
6
|
+
// TODO codecvt was deprecated in C++17 and cause build failures with VC++ compiler
|
7
|
+
// we should replace this code with MultiByteToWideChar() and WideCharToMultiByte()
|
8
|
+
# define _SILENCE_CXX17_CODECVT_HEADER_DEPRECATION_WARNING
|
9
|
+
#endif
|
10
|
+
|
5
11
|
#include <IceUtil/StringConverter.h>
|
6
12
|
#include <IceUtil/MutexPtrLock.h>
|
7
13
|
#include <IceUtil/Mutex.h>
|
@@ -97,7 +97,7 @@ IceUtil::Time::now(Clock clock)
|
|
97
97
|
struct timeb tb;
|
98
98
|
ftime(&tb);
|
99
99
|
# endif
|
100
|
-
return Time(static_cast<Int64>(tb.time) * ICE_INT64(1000000) + tb.millitm * 1000);
|
100
|
+
return Time(static_cast<Int64>(tb.time) * ICE_INT64(1000000) + Int64(tb.millitm) * 1000);
|
101
101
|
#else
|
102
102
|
struct timeval tv;
|
103
103
|
if(gettimeofday(&tv, 0) < 0)
|
@@ -130,7 +130,7 @@ IceUtil::Time::now(Clock clock)
|
|
130
130
|
struct timeb tb;
|
131
131
|
ftime(&tb);
|
132
132
|
# endif
|
133
|
-
return Time(static_cast<Int64>(tb.time) * ICE_INT64(1000000) + tb.millitm * 1000);
|
133
|
+
return Time(static_cast<Int64>(tb.time) * ICE_INT64(1000000) + Int64(tb.millitm) * 1000);
|
134
134
|
}
|
135
135
|
#elif defined(__hppa)
|
136
136
|
//
|
@@ -246,7 +246,7 @@ IceUtil::Time::toDateTime() const
|
|
246
246
|
os << toString("%x %H:%M:%S") << ".";
|
247
247
|
os.fill('0');
|
248
248
|
os.width(3);
|
249
|
-
os << static_cast<
|
249
|
+
os << static_cast<Int64>(_usec % 1000000 / 1000);
|
250
250
|
return os.str();
|
251
251
|
}
|
252
252
|
|
@@ -278,19 +278,17 @@ IceUtil::Time::toDuration() const
|
|
278
278
|
std::string
|
279
279
|
IceUtil::Time::toString(const std::string& format) const
|
280
280
|
{
|
281
|
-
time_t time = static_cast<
|
281
|
+
time_t time = static_cast<time_t>(_usec / 1000000);
|
282
282
|
|
283
|
-
struct tm* t;
|
284
|
-
#ifdef _WIN32
|
285
|
-
t = localtime(&time);
|
286
|
-
#else
|
287
283
|
struct tm tr;
|
284
|
+
#ifdef _MSC_VER
|
285
|
+
localtime_s(&tr, &time);
|
286
|
+
#else
|
288
287
|
localtime_r(&time, &tr);
|
289
|
-
t = &tr;
|
290
288
|
#endif
|
291
289
|
|
292
290
|
char buf[32];
|
293
|
-
if(strftime(buf, sizeof(buf), format.c_str(),
|
291
|
+
if(strftime(buf, sizeof(buf), format.c_str(), &tr) == 0)
|
294
292
|
{
|
295
293
|
return std::string();
|
296
294
|
}
|
@@ -1196,8 +1196,8 @@ lookupKwd(const string& name)
|
|
1196
1196
|
"decltype", "default", "delete", "do", "double", "dynamic_cast",
|
1197
1197
|
"else", "enum", "explicit", "export", "extern", "false", "float", "for", "friend",
|
1198
1198
|
"goto", "if", "inline", "int", "long", "mutable", "namespace", "new", "noexcept", "not", "not_eq",
|
1199
|
-
"operator", "or", "or_eq", "private", "protected", "public", "register", "reinterpret_cast", "
|
1200
|
-
"short", "signed", "sizeof", "static", "static_assert", "static_cast", "struct", "switch",
|
1199
|
+
"operator", "or", "or_eq", "private", "protected", "public", "register", "reinterpret_cast", "requires",
|
1200
|
+
"return", "short", "signed", "sizeof", "static", "static_assert", "static_cast", "struct", "switch",
|
1201
1201
|
"template", "this", "thread_local", "throw", "true", "try", "typedef", "typeid", "typename",
|
1202
1202
|
"union", "unsigned", "using", "virtual", "void", "volatile", "wchar_t", "while", "xor", "xor_eq"
|
1203
1203
|
};
|
@@ -1257,7 +1257,11 @@ Slice::fixKwd(const string& name)
|
|
1257
1257
|
return lookupKwd(name);
|
1258
1258
|
}
|
1259
1259
|
StringList ids = splitScopedName(name);
|
1260
|
+
#ifdef ICE_CPP11_COMPILER
|
1261
|
+
transform(ids.begin(), ids.end(), ids.begin(), [](const string& id) -> string { return lookupKwd(id); });
|
1262
|
+
#else
|
1260
1263
|
transform(ids.begin(), ids.end(), ids.begin(), ptr_fun(lookupKwd));
|
1264
|
+
#endif
|
1261
1265
|
stringstream result;
|
1262
1266
|
for(StringList::const_iterator i = ids.begin(); i != ids.end(); ++i)
|
1263
1267
|
{
|
@@ -139,7 +139,7 @@ public:
|
|
139
139
|
static const string prefix = "java:";
|
140
140
|
|
141
141
|
//
|
142
|
-
// Validate
|
142
|
+
// Validate file metadata in the top-level file and all included files.
|
143
143
|
//
|
144
144
|
StringList files = p->allFiles();
|
145
145
|
|
@@ -166,7 +166,7 @@ public:
|
|
166
166
|
}
|
167
167
|
else
|
168
168
|
{
|
169
|
-
dc->warning(InvalidMetaData, file, "", "ignoring invalid
|
169
|
+
dc->warning(InvalidMetaData, file, "", "ignoring invalid file metadata `" + s + "'");
|
170
170
|
globalMetaData.remove(s);
|
171
171
|
continue;
|
172
172
|
}
|
@@ -868,7 +868,11 @@ Slice::JavaCompatGenerator::fixKwd(const string& name) const
|
|
868
868
|
return lookupKwd(name);
|
869
869
|
}
|
870
870
|
StringList ids = splitScopedName(name);
|
871
|
+
#ifdef ICE_CPP11_COMPILER
|
872
|
+
transform(ids.begin(), ids.end(), ids.begin(), [](const string& id) -> string { return lookupKwd(id); });
|
873
|
+
#else
|
871
874
|
transform(ids.begin(), ids.end(), ids.begin(), ptr_fun(lookupKwd));
|
875
|
+
#endif
|
872
876
|
stringstream result;
|
873
877
|
for(StringList::const_iterator i = ids.begin(); i != ids.end(); ++i)
|
874
878
|
{
|
@@ -953,7 +957,7 @@ Slice::JavaCompatGenerator::getPackagePrefix(const ContainedPtr& cont) const
|
|
953
957
|
assert(m);
|
954
958
|
|
955
959
|
//
|
956
|
-
// The java:package metadata can be defined as
|
960
|
+
// The java:package metadata can be defined as file metadata or applied to a top-level module.
|
957
961
|
// We check for the metadata at the top-level module first and then fall back to the global scope.
|
958
962
|
//
|
959
963
|
static const string prefix = "java:package:";
|
@@ -3348,7 +3352,11 @@ Slice::JavaGenerator::fixKwd(const string& name) const
|
|
3348
3352
|
return lookupKwd(name);
|
3349
3353
|
}
|
3350
3354
|
StringList ids = splitScopedName(name);
|
3355
|
+
#ifdef ICE_CPP11_COMPILER
|
3356
|
+
transform(ids.begin(), ids.end(), ids.begin(), [](const string& id) -> string { return lookupKwd(id); });
|
3357
|
+
#else
|
3351
3358
|
transform(ids.begin(), ids.end(), ids.begin(), ptr_fun(lookupKwd));
|
3359
|
+
#endif
|
3352
3360
|
stringstream result;
|
3353
3361
|
for(StringList::const_iterator i = ids.begin(); i != ids.end(); ++i)
|
3354
3362
|
{
|
@@ -3433,7 +3441,7 @@ Slice::JavaGenerator::getPackagePrefix(const ContainedPtr& cont) const
|
|
3433
3441
|
assert(m);
|
3434
3442
|
|
3435
3443
|
//
|
3436
|
-
// The java:package metadata can be defined as
|
3444
|
+
// The java:package metadata can be defined as file metadata or applied to a top-level module.
|
3437
3445
|
// We check for the metadata at the top-level module first and then fall back to the global scope.
|
3438
3446
|
//
|
3439
3447
|
static const string prefix = "java:package:";
|
@@ -128,7 +128,11 @@ Slice::PHP::fixIdent(const string& ident)
|
|
128
128
|
return lookupKwd(ident);
|
129
129
|
}
|
130
130
|
vector<string> ids = splitScopedName(ident);
|
131
|
+
#ifdef ICE_CPP11_COMPILER
|
132
|
+
transform(ids.begin(), ids.end(), ids.begin(), [](const string& id) -> string { return lookupKwd(id); });
|
133
|
+
#else
|
131
134
|
transform(ids.begin(), ids.end(), ids.begin(), ptr_fun(lookupKwd));
|
135
|
+
#endif
|
132
136
|
stringstream result;
|
133
137
|
for(vector<string>::const_iterator i = ids.begin(); i != ids.end(); ++i)
|
134
138
|
{
|