zeroc-ice 3.8.1 → 3.8.2

data/dist/ice/cpp/src/Ice/WSEndpoint.cpp

@@ -10,6 +10,7 @@
 #include "TargetCompare.h"
 #include "WSAcceptor.h"
 #include "WSConnector.h"
+#include "WSTransceiver.h"
 
 #include <algorithm>
 
@@ -21,6 +22,36 @@ namespace
 {
     const char* const wsPluginName = "IceWS";
 
+    // Parse the values of the ObjectAdapter property "AllowedOrigins" into a canonicalized set of origins.
+    // Each entry is "scheme://host[:port]", lowercased, with the default port for the scheme (80/443) omitted.
+    // The literal "*" disables enforcement; in that case the returned set is empty -- handleRequest treats an empty
+    // allowlist as "allow any origin", so the two cases (unset and wildcard) collapse into one.
+    // Throws PropertyException if any entry is not a syntactically valid origin; propertyName is included in the
+    // message so the operator can identify which adapter is misconfigured.
+    set<string> parseAllowedOrigins(const vector<string>& entries, const string& propertyName)
+    {
+        set<string> result;
+        for (const auto& entry : entries)
+        {
+            if (entry == "*")
+            {
+                return {};
+            }
+            try
+            {
+                result.insert(canonicalizeOrigin(entry));
+            }
+            catch (const std::invalid_argument&)
+            {
+                throw PropertyException(
+                    __FILE__,
+                    __LINE__,
+                    "malformed origin '" + entry + "' in property '" + propertyName + "'");
+            }
+        }
+        return result;
+    }
+
     class WSEndpointFactoryPlugin : public Plugin
     {
     public:
@@ -246,8 +277,20 @@ IceInternal::WSEndpoint::acceptor(
     const string& adapterName,
     const optional<Ice::SSL::ServerAuthenticationOptions>& serverAuthenticationOptions) const
 {
+    // Parse AllowedOrigins before creating the delegate acceptor so a malformed property doesn't leave an open socket
+    // hanging on a TcpAcceptor whose destructor asserts INVALID_SOCKET.
+    set<string> allowedOrigins;
+    if (!adapterName.empty())
+    {
+        const string propertyName = adapterName + ".AllowedOrigins";
+        allowedOrigins = parseAllowedOrigins(_instance->properties()->getPropertyAsList(propertyName), propertyName);
+    }
     AcceptorPtr acceptor = _delegate->acceptor(adapterName, serverAuthenticationOptions);
-    return make_shared<WSAcceptor>(const_cast<WSEndpoint*>(this)->shared_from_this(), _instance, acceptor);
+    return make_shared<WSAcceptor>(
+        const_cast<WSEndpoint*>(this)->shared_from_this(),
+        _instance,
+        acceptor,
+        std::move(allowedOrigins));
 }
 
 WSEndpointPtr
@@ -255,7 +298,7 @@ IceInternal::WSEndpoint::endpoint(const EndpointIPtr& delEndp) const
 {
     if (delEndp.get() == _delegate.get())
     {
-        return dynamic_pointer_cast<WSEndpoint>(const_cast<WSEndpoint*>(this)->shared_from_this());
+        return static_pointer_cast<WSEndpoint>(const_cast<WSEndpoint*>(this)->shared_from_this());
     }
     else
     {

data/dist/ice/cpp/src/Ice/WSTransceiver.cpp

@@ -15,6 +15,7 @@
 
 #include <climits>
 #include <cstdint>
+#include <stdexcept>
 
 using namespace std;
 using namespace Ice;
@@ -124,6 +125,49 @@ namespace
     }
 }
 
+string
+IceInternal::canonicalizeOrigin(string_view origin)
+{
+    // Throws std::invalid_argument for any input that is not a serialized origin per RFC 6454.
+    auto sep = origin.find("://");
+    if (sep == string_view::npos || sep == 0)
+    {
+        throw invalid_argument{"malformed origin '" + string{origin} + "'"};
+    }
+    string scheme{origin.substr(0, sep)};
+    transform(
+        scheme.begin(),
+        scheme.end(),
+        scheme.begin(),
+        [](unsigned char c) { return static_cast<char>(std::tolower(c)); });
+    string_view authority = origin.substr(sep + 3);
+    // Tolerate a single trailing slash (some peers send "https://example.com/" as an Origin); reject any other
+    // path/query/fragment/userinfo.
+    if (!authority.empty() && authority.back() == '/')
+    {
+        authority.remove_suffix(1);
+    }
+    if (authority.empty() || authority.find_first_of("/?#@") != string_view::npos)
+    {
+        throw invalid_argument{"malformed origin '" + string{origin} + "'"};
+    }
+    string hostAndPort{authority};
+    transform(
+        hostAndPort.begin(),
+        hostAndPort.end(),
+        hostAndPort.begin(),
+        [](unsigned char c) { return static_cast<char>(std::tolower(c)); });
+    if (auto colon = hostAndPort.rfind(':'); colon != string::npos)
+    {
+        string_view port = string_view{hostAndPort}.substr(colon + 1);
+        if ((scheme == "http" && port == "80") || (scheme == "https" && port == "443"))
+        {
+            hostAndPort = hostAndPort.substr(0, colon);
+        }
+    }
+    return scheme + "://" + hostAndPort;
+}
+
 NativeInfoPtr
 IceInternal::WSTransceiver::getNativeInfo()
 {
@@ -845,9 +889,10 @@ IceInternal::WSTransceiver::WSTransceiver(
     //
 }
 
-IceInternal::WSTransceiver::WSTransceiver(ProtocolInstancePtr instance, TransceiverPtr del)
+IceInternal::WSTransceiver::WSTransceiver(ProtocolInstancePtr instance, TransceiverPtr del, set<string> allowedOrigins)
     : _instance(std::move(instance)),
       _delegate(std::move(del)),
+      _allowedOrigins(std::move(allowedOrigins)),
       _incoming(true),
       _state(StateInitializeDelegate),
       _parser(make_shared<HttpParser>()),
@@ -961,6 +1006,32 @@ IceInternal::WSTransceiver::handleRequest(Buffer& responseBuffer)
         throw WebSocketException("invalid value '" + key + "' for WebSocket key");
     }
 
+    //
+    // Optionally validate the Origin header against the adapter's allowed-origins list.
+    // Browsers always send Origin; non-browser clients do not, so an absent header bypasses the check.
+    // A wildcard ("*") allowlist is normalized to an empty set at parse time, so empty here means "no enforcement".
+    //
+    if (!_allowedOrigins.empty())
+    {
+        string origin;
+        if (_parser->getHeader("Origin", origin, false))
+        {
+            string canonical;
+            try
+            {
+                canonical = canonicalizeOrigin(IceInternal::trim(origin));
+            }
+            catch (const std::invalid_argument&)
+            {
+                throw WebSocketException("invalid Origin header '" + origin + "'");
+            }
+            if (_allowedOrigins.count(canonical) == 0)
+            {
+                throw WebSocketException("origin '" + origin + "' is not allowed");
+            }
+        }
+    }
+
     //
     // Retain the target resource.
     //
@@ -1120,6 +1191,16 @@ IceInternal::WSTransceiver::preRead(Buffer& buf)
             byte ch = *_readI++;
             _readOpCode = static_cast<int>(ch & byte{0xf});
 
+            //
+            // No extension is negotiated, so the RSV1, RSV2, and RSV3 bits must all be 0.
+            //
+            if ((ch & byte{0x70}) != byte{0})
+            {
+                throw ProtocolException(__FILE__, __LINE__, "invalid WebSocket frame: RSV bits must be 0");
+            }
+
+            const bool finalFrame = (ch & byte{FLAG_FINAL}) == byte{FLAG_FINAL};
+
             //
             // Remember if last frame if we're going to read a data or
             // continuation frame, this is only for protocol
@@ -1131,7 +1212,7 @@ IceInternal::WSTransceiver::preRead(Buffer& buf)
                 {
                     throw ProtocolException(__FILE__, __LINE__, "invalid data frame, no FIN on previous frame");
                 }
-                _readLastFrame = (ch & byte{FLAG_FINAL}) == byte{FLAG_FINAL};
+                _readLastFrame = finalFrame;
             }
             else if (_readOpCode == OP_CONT)
             {
@@ -1139,7 +1220,7 @@ IceInternal::WSTransceiver::preRead(Buffer& buf)
                 {
                     throw ProtocolException(__FILE__, __LINE__, "invalid continuation frame, previous frame FIN set");
                 }
-                _readLastFrame = (ch & byte{FLAG_FINAL}) == byte{FLAG_FINAL};
+                _readLastFrame = finalFrame;
             }
 
             ch = *_readI++;
@@ -1162,6 +1243,30 @@ IceInternal::WSTransceiver::preRead(Buffer& buf)
             // 127:   The subsequent eight bytes contain the payload length
             //
             _readPayloadLength = static_cast<size_t>((ch & byte{0x7f}));
+
+            //
+            // RFC 6455 section 5.5: control frames (close, ping, and pong) must not be fragmented
+            // and must have a payload length of 125 bytes or less - they cannot use the 16-bit or
+            // 64-bit extended length encoding. Enforce this before allocating any payload buffer.
+            //
+            if (_readOpCode == OP_CLOSE || _readOpCode == OP_PING || _readOpCode == OP_PONG)
+            {
+                if (!finalFrame)
+                {
+                    throw ProtocolException(
+                        __FILE__,
+                        __LINE__,
+                        "invalid WebSocket control frame: the FIN bit is not set");
+                }
+                if (_readPayloadLength > 125)
+                {
+                    throw ProtocolException(
+                        __FILE__,
+                        __LINE__,
+                        "invalid WebSocket control frame: the payload length exceeds 125 bytes");
+                }
+            }
+
             if (_readPayloadLength < 126)
             {
                 _readHeaderLength = 0;
@@ -1194,7 +1299,10 @@ IceInternal::WSTransceiver::preRead(Buffer& buf)
 
             if (_readPayloadLength == 126)
             {
-                _readPayloadLength = static_cast<size_t>(ntohs(*reinterpret_cast<uint16_t*>(_readI)));
+                // memcpy avoids the alignment UB of a direct uint16_t* dereference on _readI.
+                uint16_t length;
+                memcpy(&length, _readI, sizeof(length));
+                _readPayloadLength = static_cast<size_t>(ntohs(length));
                 _readI += 2;
             }
             else if (_readPayloadLength == 127)
@@ -1467,8 +1575,9 @@ IceInternal::WSTransceiver::preWrite(Buffer& buf)
         {
             prepareWriteHeader(OP_CLOSE, 2);
 
-            // Write closing reason
-            *reinterpret_cast<uint16_t*>(_writeBuffer.i) = htons(static_cast<uint16_t>(_closingReason));
+            // Write closing reason. memcpy avoids the alignment UB of a direct uint16_t* store.
+            const uint16_t reason = htons(static_cast<uint16_t>(_closingReason));
+            memcpy(_writeBuffer.i, &reason, sizeof(reason));
             if (!_incoming)
             {
                 *_writeBuffer.i++ ^= _writeMask[0];
@@ -1688,7 +1797,9 @@ IceInternal::WSTransceiver::prepareWriteHeader(uint8_t opCode, IceInternal::Buff
         // Use an extra 16 bits to encode the payload length.
         //
         *_writeBuffer.i++ = byte{126};
-        *reinterpret_cast<uint16_t*>(_writeBuffer.i) = htons(static_cast<uint16_t>(payloadLength));
+        // memcpy avoids the alignment UB of a direct uint16_t* store.
+        const uint16_t length = htons(static_cast<uint16_t>(payloadLength));
+        memcpy(_writeBuffer.i, &length, sizeof(length));
         _writeBuffer.i += 2;
     }
     else if (payloadLength > USHRT_MAX)

data/dist/ice/cpp/src/Ice/WSTransceiver.h

@@ -10,16 +10,26 @@
 #include "ProtocolInstance.h"
 #include "Transceiver.h"
 
+#include <set>
+#include <string>
+#include <string_view>
+
 namespace IceInternal
 {
     class ConnectorI;
     class AcceptorI;
 
+    // Canonicalize an origin string: lowercase scheme and host, omit the default port (80 for http, 443 for https).
+    // A single trailing slash is tolerated. Throws std::invalid_argument if the input is not a syntactically valid
+    // origin per RFC 6454 -- "scheme://host[:port]" with no path beyond a trailing slash, no query, fragment, or
+    // userinfo.
+    std::string canonicalizeOrigin(std::string_view origin);
+
     class WSTransceiver final : public Transceiver
     {
     public:
         WSTransceiver(ProtocolInstancePtr, TransceiverPtr, std::string, std::string);
-        WSTransceiver(ProtocolInstancePtr, TransceiverPtr);
+        WSTransceiver(ProtocolInstancePtr, TransceiverPtr, std::set<std::string> allowedOrigins);
         ~WSTransceiver();
 
         NativeInfoPtr getNativeInfo() final;
@@ -66,6 +76,7 @@ namespace IceInternal
         const TransceiverPtr _delegate;
         const std::string _host;
         const std::string _resource;
+        const std::set<std::string> _allowedOrigins;
         const bool _incoming;
 
         enum State

data/dist/ice/cpp/src/Ice/generated/BuiltinSequences.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'BuiltinSequences.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/Context.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Context.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/EndpointTypes.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'EndpointTypes.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/Identity.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Identity.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/Locator.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Locator.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/LocatorRegistry.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'LocatorRegistry.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/Metrics.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Metrics.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -33,7 +33,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/OperationMode.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'OperationMode.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/Process.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Process.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -33,7 +33,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/PropertiesAdmin.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'PropertiesAdmin.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -33,7 +33,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/PropertyDict.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'PropertyDict.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/RemoteLogger.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'RemoteLogger.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -33,7 +33,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/ReplyStatus.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'ReplyStatus.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif
@@ -64,6 +64,8 @@ Ice::operator<<(std::ostream& os, ReplyStatus value)
             return os << "InvalidData";
         case ReplyStatus::Unauthorized:
             return os << "Unauthorized";
+        case ReplyStatus::NotSupported:
+            return os << "NotSupported";
         default:
             return os << static_cast<std::int32_t>(value);
     }

data/dist/ice/cpp/src/Ice/generated/Router.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Router.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -33,7 +33,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/SliceChecksumDict.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'SliceChecksumDict.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -33,7 +33,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/Ice/generated/Version.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Version.ice'.</auto-generated>
 
 #ifndef ICE_API_EXPORTS
@@ -34,7 +34,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/IceDiscovery/generated/Lookup.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Lookup.ice'.</auto-generated>
 
 #define ICE_BUILDING_GENERATED_CODE
@@ -30,7 +30,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif

data/dist/ice/cpp/src/IceLocatorDiscovery/generated/Lookup.cpp

@@ -1,6 +1,6 @@
 // Copyright (c) ZeroC, Inc.
 
-// slice2cpp version 3.8.1
+// slice2cpp version 3.8.2
 // <auto-generated>Generated from Slice file 'Lookup.ice'.</auto-generated>
 
 #define ICE_BUILDING_GENERATED_CODE
@@ -30,7 +30,7 @@
 #   if ICE_INT_VERSION % 100 >= 50
 #       error Beta header file detected
 #   endif
-#   if ICE_INT_VERSION % 100 < 1
+#   if ICE_INT_VERSION % 100 < 2
 #       error Ice patch level mismatch!
 #   endif
 #endif