diff options
| author | Jose <jose@zeroc.com> | 2016-07-01 22:06:44 +0200 |
|---|---|---|
| committer | Jose <jose@zeroc.com> | 2016-07-01 22:06:44 +0200 |
| commit | f46cc14601a5ac724bed901f03bc547bdb41cb60 (patch) | |
| tree | f6048cf559b4124ce34bf6650b93144791f94d32 /cpp/src | |
| parent | Fixed ICE-7210 - Added IceSSL dependency when building tests (diff) | |
| parent | OpenSSL-1.1.0-pre5 support (diff) | |
| download | ice-f46cc14601a5ac724bed901f03bc547bdb41cb60.tar.bz2 ice-f46cc14601a5ac724bed901f03bc547bdb41cb60.tar.xz ice-f46cc14601a5ac724bed901f03bc547bdb41cb60.zip | |
Merge remote-tracking branch 'origin/3.6'
Conflicts:
config/Make.common.rules
cpp/Makefile
cpp/config/Make.rules
cpp/config/Make.rules.Linux
cpp/src/Ice/InstrumentationI.cpp
cpp/src/Ice/PropertyNames.cpp
cpp/src/Ice/PropertyNames.h
cpp/src/IceSSL/Makefile
cpp/src/IceUtil/Makefile
cpp/test/Glacier2/attack/Makefile
cpp/test/Glacier2/attack/Makefile.mak
cpp/test/Glacier2/router/Makefile
cpp/test/Glacier2/sessionHelper/Makefile
cpp/test/Glacier2/staticFiltering/Makefile
cpp/test/Ice/objects/Makefile
cpp/test/IceSSL/configuration/AllTests.cpp
cpp/test/IceUtil/stacktrace/StackTrace.debug.Linux
cpp/test/IceUtil/stacktrace/StackTrace.release.Linux
csharp/src/Ice/PropertyNames.cs
java/Makefile
java/gradle.properties
java/gradle/ice.gradle
java/src/Ice/src/main/java/IceInternal/PropertyNames.java
java/test/build.gradle
js/src/Ice/PropertyNames.js
man/man1/icegridadmin.1
man/man1/transformdb.1
php/BuildInstructionsWindows.md
php/Makefile
php/config/Make.rules.Darwin
php/config/Make.rules.mak.php
php/config/Make.rules.php
php/src/IcePHP/Makefile
php/src/Makefile
php/src/Makefile.mak
php/src/php5/.depend.mak
php/src/php5/Communicator.cpp
php/src/php5/Config.h
php/src/php5/Connection.cpp
php/src/php5/Endpoint.cpp
php/src/php5/IcePHP.rc
php/src/php5/Makefile
php/src/php5/Makefile.mak
php/src/php5/Operation.cpp
php/src/php5/Types.cpp
php/src/php5/Types.h
php/src/php5/Util.cpp
php/src/php7/Communicator.cpp
php/src/php7/Communicator.h
php/src/php7/Config.h
php/src/php7/Connection.cpp
php/src/php7/Endpoint.cpp
php/src/php7/IcePHP.rc
php/src/php7/Makefile
php/src/php7/Operation.cpp
php/src/php7/Types.cpp
php/src/php7/Types.h
php/src/php7/Util.cpp
scripts/TestUtil.py
Diffstat (limited to 'cpp/src')
| -rw-r--r-- | cpp/src/Glacier2CryptPermissionsVerifier/CryptPermissionsVerifierI.cpp | 37 | ||||
| -rw-r--r-- | cpp/src/Ice/Cond.cpp | 2 | ||||
| -rw-r--r-- | cpp/src/Ice/Instance.cpp | 2 | ||||
| -rw-r--r-- | cpp/src/Ice/InstrumentationI.cpp | 5 | ||||
| -rwxr-xr-x | cpp/src/Ice/Network.cpp | 10 | ||||
| -rwxr-xr-x | cpp/src/Ice/Network.h | 2 | ||||
| -rw-r--r-- | cpp/src/Ice/PropertyNames.cpp | 3 | ||||
| -rw-r--r-- | cpp/src/Ice/PropertyNames.h | 2 | ||||
| -rw-r--r-- | cpp/src/IceGrid/Activator.cpp | 2 | ||||
| -rw-r--r-- | cpp/src/IceGrid/PlatformInfo.cpp | 6 | ||||
| -rw-r--r-- | cpp/src/IceSSL/OpenSSLEngine.cpp | 62 | ||||
| -rwxr-xr-x | cpp/src/IceSSL/Util.cpp | 159 | ||||
| -rw-r--r-- | cpp/src/IceUtil/Time.cpp | 4 | ||||
| -rw-r--r-- | cpp/src/Slice/Preprocessor.cpp | 4 |
14 files changed, 270 insertions, 30 deletions
diff --git a/cpp/src/Glacier2CryptPermissionsVerifier/CryptPermissionsVerifierI.cpp b/cpp/src/Glacier2CryptPermissionsVerifier/CryptPermissionsVerifierI.cpp index 9bc1ea38a5c..e3387c4667d 100644 --- a/cpp/src/Glacier2CryptPermissionsVerifier/CryptPermissionsVerifierI.cpp +++ b/cpp/src/Glacier2CryptPermissionsVerifier/CryptPermissionsVerifierI.cpp @@ -18,6 +18,8 @@ #if defined(__GLIBC__) || defined(_AIX) # include <crypt.h> +#elif defined(__FreeBSD__) +# include <unistd.h> #elif defined(__APPLE__) # include <CoreFoundation/CoreFoundation.h> # include <Security/Security.h> @@ -34,6 +36,34 @@ using namespace Glacier2; namespace { +#if defined(__FreeBSD__) && !defined(__GLIBC__) + +// +// FreeBSD crypt is no reentrat we use this global mutex +// to serialize access. +// +IceUtil::Mutex* _staticMutex = 0; + +class Init +{ +public: + + Init() + { + _staticMutex = new IceUtil::Mutex; + } + + ~Init() + { + delete _staticMutex; + _staticMutex = 0; + } +}; + +Init init; +#endif + + class CryptPermissionsVerifierI : public PermissionsVerifier { public: @@ -142,7 +172,7 @@ CryptPermissionsVerifierI::checkPermissions(const string& userId, const string& { return false; } -#if defined(__GLIBC__) +#if defined(__GLIBC__) || defined(__FreeBSD__) size_t i = p->second.rfind('$'); string salt; if(i == string::npos) @@ -164,9 +194,14 @@ CryptPermissionsVerifierI::checkPermissions(const string& userId, const string& return false; } } +# if defined(__GLIBC__) struct crypt_data data; data.initialized = 0; return p->second == crypt_r(password.c_str(), salt.c_str(), &data); +# else + IceUtilInternal::MutexPtrLock<IceUtil::Mutex> lock(_staticMutex); + return p->second == crypt(password.c_str(), salt.c_str()) +# endif #elif defined(__APPLE__) || defined(_WIN32) // // Pbkdf2 string format: diff --git a/cpp/src/Ice/Cond.cpp b/cpp/src/Ice/Cond.cpp index b833036e87b..1ec40216661 100644 --- a/cpp/src/Ice/Cond.cpp +++ b/cpp/src/Ice/Cond.cpp @@ -332,7 +332,7 @@ IceUtil::Cond::Cond() throw ThreadSyscallException(__FILE__, __LINE__, rc); } -#if !defined(__hpux) && !defined(__APPLE__) +#if !defined(__hppa) && !defined(__APPLE__) && !defined(__FreeBSD__) rc = pthread_condattr_setclock(&attr, CLOCK_MONOTONIC); if(rc != 0) { diff --git a/cpp/src/Ice/Instance.cpp b/cpp/src/Ice/Instance.cpp index 460ec504c4f..bb3260b9139 100644 --- a/cpp/src/Ice/Instance.cpp +++ b/cpp/src/Ice/Instance.cpp @@ -63,7 +63,7 @@ # include <sys/types.h> #endif -#if defined(__linux) || defined(__sun) || defined(_AIX) +#if defined(__linux) || defined(__sun) || defined(_AIX) || defined(__GLIBC__) # include <grp.h> // for initgroups #endif diff --git a/cpp/src/Ice/InstrumentationI.cpp b/cpp/src/Ice/InstrumentationI.cpp index 62f8bda1285..0f816647a11 100644 --- a/cpp/src/Ice/InstrumentationI.cpp +++ b/cpp/src/Ice/InstrumentationI.cpp @@ -31,8 +31,6 @@ using namespace IceMX; namespace { -Context emptyCtx; - int ThreadMetrics::* getThreadStateMetric(ThreadState s) { @@ -373,8 +371,7 @@ public: } }; static Attributes attributes; - - InvocationHelper(const ObjectPrxPtr& proxy, const string& op, const Context& ctx = emptyCtx) : + InvocationHelper(const ObjectPrxPtr& proxy, const string& op, const Context& ctx) : _proxy(proxy), _operation(op), _context(ctx) { } diff --git a/cpp/src/Ice/Network.cpp b/cpp/src/Ice/Network.cpp index 5cccc3c6e61..09688766350 100755 --- a/cpp/src/Ice/Network.cpp +++ b/cpp/src/Ice/Network.cpp @@ -1371,7 +1371,17 @@ IceInternal::closeSocket(SOCKET fd) WSASetLastError(error); #else int error = errno; + +# if defined(__FreeBSD__) || defined(__FreeBSD_kernel__) + // + // FreeBSD returns ECONNRESET if the underlying object was + // a stream socket that was shut down by the peer before all + // pending data was delivered. + // + if(close(fd) == SOCKET_ERROR && getSocketErrno() != ECONNRESET) +# else if(close(fd) == SOCKET_ERROR) +# endif { SocketException ex(__FILE__, __LINE__); ex.error = getSocketErrno(); diff --git a/cpp/src/Ice/Network.h b/cpp/src/Ice/Network.h index 9d85d061925..f313e30a560 100755 --- a/cpp/src/Ice/Network.h +++ b/cpp/src/Ice/Network.h @@ -45,7 +45,7 @@ typedef int ssize_t; #if defined(__linux) && !defined(ICE_NO_EPOLL) # define ICE_USE_EPOLL 1 -#elif (defined(__APPLE__) || defined(__FreeBSD__)) && TARGET_OS_IPHONE == 0 && !defined(ICE_NO_KQUEUE) +#elif (defined(__APPLE__) || defined(__FreeBSD__) || defined(__FreeBSD_kernel__)) && TARGET_OS_IPHONE == 0 && !defined(ICE_NO_KQUEUE) # define ICE_USE_KQUEUE 1 #elif defined(__APPLE__) && !defined(ICE_NO_CFSTREAM) # define ICE_USE_CFSTREAM 1 diff --git a/cpp/src/Ice/PropertyNames.cpp b/cpp/src/Ice/PropertyNames.cpp index 1c2680eaa11..f0ea3285ed6 100644 --- a/cpp/src/Ice/PropertyNames.cpp +++ b/cpp/src/Ice/PropertyNames.cpp @@ -6,7 +6,7 @@ // ICE_LICENSE file included in this distribution. // // ********************************************************************** -// Generated by makeprops.py from file ./config/PropertyNames.xml, Thu Apr 7 10:41:53 2016 +// Generated by makeprops.py from file ../config/PropertyNames.xml, Fri Jul 1 19:50:59 2016 // IMPORTANT: Do not edit this file -- any edits made here will be lost! @@ -1026,6 +1026,7 @@ const IceInternal::Property IceSSLPropsData[] = IceInternal::Property("IceSSL.ProtocolVersionMax", false, 0), IceInternal::Property("IceSSL.ProtocolVersionMin", false, 0), IceInternal::Property("IceSSL.Random", false, 0), + IceInternal::Property("IceSSL.SecurityLevel", false, 0), IceInternal::Property("IceSSL.Trace.Security", false, 0), IceInternal::Property("IceSSL.TrustOnly", false, 0), IceInternal::Property("IceSSL.TrustOnly.Client", false, 0), diff --git a/cpp/src/Ice/PropertyNames.h b/cpp/src/Ice/PropertyNames.h index 67fa3cf08a7..f73b3a5192b 100644 --- a/cpp/src/Ice/PropertyNames.h +++ b/cpp/src/Ice/PropertyNames.h @@ -6,7 +6,7 @@ // ICE_LICENSE file included in this distribution. // // ********************************************************************** -// Generated by makeprops.py from file ./config/PropertyNames.xml, Thu Apr 7 10:41:53 2016 +// Generated by makeprops.py from file ../config/PropertyNames.xml, Fri Jul 1 19:50:59 2016 // IMPORTANT: Do not edit this file -- any edits made here will be lost! diff --git a/cpp/src/IceGrid/Activator.cpp b/cpp/src/IceGrid/Activator.cpp index dafb88e0f3e..cdb5ed64c03 100644 --- a/cpp/src/IceGrid/Activator.cpp +++ b/cpp/src/IceGrid/Activator.cpp @@ -37,7 +37,7 @@ #endif #endif -#if defined(__linux) || defined(__sun) || defined(_AIX) +#if defined(__linux) || defined(__sun) || defined(_AIX) || defined(__GLIBC__) # include <grp.h> // for initgroups #endif diff --git a/cpp/src/IceGrid/PlatformInfo.cpp b/cpp/src/IceGrid/PlatformInfo.cpp index a227c8a8c55..320181cfaa3 100644 --- a/cpp/src/IceGrid/PlatformInfo.cpp +++ b/cpp/src/IceGrid/PlatformInfo.cpp @@ -24,7 +24,7 @@ # include <pdhmsg.h> // For PDH_MORE_DATA #else # include <sys/utsname.h> -# if defined(__APPLE__) || defined(__FreeBSD__) +# if defined(__APPLE__) || defined(__FreeBSD__) || defined(__FreeBSD_kernel__) # include <sys/sysctl.h> # elif defined(__sun) # include <sys/loadavg.h> @@ -222,7 +222,7 @@ PlatformInfo::PlatformInfo(const string& prefix, SYSTEM_INFO sysInfo; GetSystemInfo(&sysInfo); _nProcessorThreads = sysInfo.dwNumberOfProcessors; -#elif defined(__FreeBSD__) +#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__) static int ncpu[2] = { CTL_HW, HW_NCPU }; size_t sz = sizeof(_nProcessorThreads); if(sysctl(ncpu, 2, &_nProcessorThreads, &sz, 0, 0) == -1) @@ -450,7 +450,7 @@ PlatformInfo::getLoadInfo() info.avg1 = static_cast<float>(_last1Total) / _usages1.size() / 100.0f; info.avg5 = static_cast<float>(_last5Total) / _usages5.size() / 100.0f; info.avg15 = static_cast<float>(_last15Total) / _usages15.size() / 100.0f; -#elif defined(__sun) || defined(__linux) || defined(__APPLE__) || defined(__FreeBSD__) +#elif defined(__sun) || defined(__linux) || defined(__APPLE__) || defined(__FreeBSD__) || defined(__FreeBSD_kernel__) // // We use the load average divided by the number of // processors to figure out if the machine is busy or diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 76c83464b54..a7232b06f7f 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -42,7 +42,10 @@ namespace IceUtil::Mutex* staticMutex = 0; int instanceCount = 0; bool initOpenSSL = false; + +#if OPENSSL_VERSION_NUMBER < 0x10100000L IceUtil::Mutex* locks = 0; +#endif class Init { @@ -55,14 +58,22 @@ public: ~Init() { - delete staticMutex; - staticMutex = 0; + // + // OpenSSL 1.1.0 introduces a new thread API and removes + // the need to use a custom thread callback. + // +#if OPENSSL_VERSION_NUMBER < 0x10100000L + CRYPTO_set_locking_callback(0); + CRYPTO_set_id_callback(0); if(locks) { delete[] locks; locks = 0; } +#endif + delete staticMutex; + staticMutex = 0; } }; @@ -73,6 +84,11 @@ extern "C" { // +// OpenSSL 1.1.0 introduces a new thread API and removes +// the need to use a custom thread callback. +// +#if OPENSSL_VERSION_NUMBER < 0x10100000L +// // OpenSSL mutex callback. // void @@ -102,7 +118,7 @@ IceSSL_opensslThreadIdCallback() // On some platforms, pthread_t is a pointer to a per-thread structure. // return reinterpret_cast<unsigned long>(pthread_self()); -# elif (defined(__linux) || defined(__sun) || defined(__hpux)) || defined(_AIX) +# elif defined(__linux) || defined(__sun) || defined(__hpux) || defined(_AIX) || defined(__GLIBC__) // // On Linux, Solaris, HP-UX and AIX, pthread_t is an integer. // @@ -111,6 +127,7 @@ IceSSL_opensslThreadIdCallback() # error "Unknown platform" # endif } +#endif int IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData) @@ -141,7 +158,12 @@ IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData) DH* IceSSL_opensslDHCallback(SSL* ssl, int /*isExport*/, int keyLength) { - OpenSSLEngine* p = reinterpret_cast<OpenSSLEngine*>(SSL_CTX_get_ex_data(ssl->ctx, 0)); +# if OPENSSL_VERSION_NUMBER >= 0x10100000L + SSL_CTX* ctx = SSL_get_SSL_CTX(ssl); +# else + SSL_CTX* ctx = ssl->ctx; +# endif + OpenSSLEngine* p = reinterpret_cast<OpenSSLEngine*>(SSL_CTX_get_ex_data(ctx, 0)); return p->dhParams(keyLength); } # endif @@ -193,6 +215,11 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) : initOpenSSL = properties->getPropertyAsIntWithDefault("IceSSL.InitOpenSSL", 1) > 0; if(initOpenSSL) { + + // + // OpenSSL 1.1.0 remove the need for library initialization and cleanup. + // +#if OPENSSL_VERSION_NUMBER < 0x10100000L // // Create the mutexes and set the callbacks. // @@ -218,13 +245,11 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) : // load private key files generated by OpenSSL 1.x. // OpenSSL_add_all_algorithms(); +#endif // // Initialize the PRNG. // -# ifdef WINDOWS - RAND_screen(); // Uses data from the screen if possible. -# endif char randFile[1024]; if(RAND_file_name(randFile, sizeof(randFile))) // Gets the name of a default seed file. { @@ -298,6 +323,10 @@ OpenSSLEngine::OpenSSLEngine(const CommunicatorPtr& communicator) : OpenSSLEngine::~OpenSSLEngine() { +// +// OpenSSL 1.1.0 remove the need for library initialization and cleanup. +// +#if OPENSSL_VERSION_NUMBER < 0x10100000L // // Clean up OpenSSL resources. // @@ -320,6 +349,7 @@ OpenSSLEngine::~OpenSSLEngine() ERR_free_strings(); EVP_cleanup(); } +#endif } bool @@ -369,6 +399,18 @@ OpenSSLEngine::initialize() "IceSSL: unable to create SSL context:\n" + sslErrors()); } +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + int securityLevel = properties->getPropertyAsIntWithDefault(propPrefix + "SecurityLevel", -1); + if(securityLevel != -1) + { + SSL_CTX_set_security_level(_ctx, securityLevel); + if(SSL_CTX_get_security_level(_ctx) != securityLevel) + { + throw PluginInitializationException(__FILE__, __LINE__, + "IceSSL: unable to set SSL security level:\n" + sslErrors()); + } + } +#endif // // Check for a default directory. We look in this directory for // files mentioned in the configuration. @@ -525,6 +567,7 @@ OpenSSLEngine::initialize() "IceSSL: certificate file not found:\n" + file); } file = resolved; + // // First we try to load the certificate using PKCS12 format if that fails // we fallback to PEM format. @@ -942,6 +985,9 @@ OpenSSLEngine::parseProtocols(const StringSeq& protocols) const SSL_METHOD* OpenSSLEngine::getMethod(int /*protocols*/) { +#if OPENSSL_VERSION_NUMBER >= 0x10100000L + SSL_METHOD* meth = const_cast<SSL_METHOD*>(TLS_method()); +#else // // Despite its name, the SSLv23 method can negotiate SSL3, TLS1.0, TLS1.1, and TLS1.2. // We use the const_cast for backward compatibility with older OpenSSL releases. @@ -956,7 +1002,7 @@ OpenSSLEngine::getMethod(int /*protocols*/) meth = const_cast<SSL_METHOD*>(TLSv1_2_method()); } */ - +#endif return meth; } diff --git a/cpp/src/IceSSL/Util.cpp b/cpp/src/IceSSL/Util.cpp index 9a5f6bce50e..ced265c943e 100755 --- a/cpp/src/IceSSL/Util.cpp +++ b/cpp/src/IceSSL/Util.cpp @@ -87,7 +87,8 @@ parseBytes(const string& arg, vector<unsigned char>& buffer) namespace { -# ifndef OPENSSL_NO_DH +# ifndef OPENSSL_NO_DH +# if OPENSSL_VERSION_NUMBER < 0x10100000L // The following arrays are predefined Diffie Hellman group parameters. // These are known strong primes, distributed with the OpenSSL library @@ -201,11 +202,127 @@ unsigned char dh4096_p[] = unsigned char dh4096_g[] = { 0x02 }; +# else +// +// With OpenSSL 1.1.0 is no longer possible to acess the DH p and g +// data members to set the DH params. We still use the same default +// parameters but they were converted to DER format using +// i2d_DHparams and can be restored using d2i_DHparams + +unsigned char dh512[] = +{ + 0x30,0x46,0x02,0x41,0x00,0xF5,0x2A,0xFF,0x3C,0xE1,0xB1,0x29, + 0x40,0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A,0x72,0xD6,0x86,0xC4, + 0x03,0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95,0x0C,0xD9,0x96,0x9F, + 0xAB,0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3,0x08,0x3D,0x66,0xA4, + 0x5D,0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B,0x22,0x19,0x26,0xBA, + 0xAB,0xA2,0x5E,0xC3,0x55,0xE9,0x2A,0x05,0x5F,0x02,0x01,0x02, +}; + +unsigned char dh1024[] = +{ + 0x30,0x81,0x87,0x02,0x81,0x81,0x00,0xF4,0x88,0xFD,0x58,0x4E, + 0x49,0xDB,0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,0x33, + 0x6C,0x38,0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,0x5B, + 0x2D,0x8E,0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,0x18, + 0x8D,0x8E,0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,0x7C, + 0x17,0x57,0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,0xB5, + 0x2A,0xFF,0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,0x84, + 0xA7,0x0A,0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,0x7A, + 0xCA,0x95,0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,0x02, + 0x46,0xD3,0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,0xBD, + 0x89,0x4B,0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,0xE9, + 0x2F,0x78,0xC7,0x02,0x01,0x02, +}; + +unsigned char dh2048[] = +{ + 0x30,0x82,0x01,0x08,0x02,0x82,0x01,0x01,0x00,0xF6,0x42,0x57, + 0xB7,0x08,0x7F,0x08,0x17,0x72,0xA2,0xBA,0xD6,0xA9,0x42,0xF3, + 0x05,0xE8,0xF9,0x53,0x11,0x39,0x4F,0xB6,0xF1,0x6E,0xB9,0x4B, + 0x38,0x20,0xDA,0x01,0xA7,0x56,0xA3,0x14,0xE9,0x8F,0x40,0x55, + 0xF3,0xD0,0x07,0xC6,0xCB,0x43,0xA9,0x94,0xAD,0xF7,0x4C,0x64, + 0x86,0x49,0xF8,0x0C,0x83,0xBD,0x65,0xE9,0x17,0xD4,0xA1,0xD3, + 0x50,0xF8,0xF5,0x59,0x5F,0xDC,0x76,0x52,0x4F,0x3D,0x3D,0x8D, + 0xDB,0xCE,0x99,0xE1,0x57,0x92,0x59,0xCD,0xFD,0xB8,0xAE,0x74, + 0x4F,0xC5,0xFC,0x76,0xBC,0x83,0xC5,0x47,0x30,0x61,0xCE,0x7C, + 0xC9,0x66,0xFF,0x15,0xF9,0xBB,0xFD,0x91,0x5E,0xC7,0x01,0xAA, + 0xD3,0x5B,0x9E,0x8D,0xA0,0xA5,0x72,0x3A,0xD4,0x1A,0xF0,0xBF, + 0x46,0x00,0x58,0x2B,0xE5,0xF4,0x88,0xFD,0x58,0x4E,0x49,0xDB, + 0xCD,0x20,0xB4,0x9D,0xE4,0x91,0x07,0x36,0x6B,0x33,0x6C,0x38, + 0x0D,0x45,0x1D,0x0F,0x7C,0x88,0xB3,0x1C,0x7C,0x5B,0x2D,0x8E, + 0xF6,0xF3,0xC9,0x23,0xC0,0x43,0xF0,0xA5,0x5B,0x18,0x8D,0x8E, + 0xBB,0x55,0x8C,0xB8,0x5D,0x38,0xD3,0x34,0xFD,0x7C,0x17,0x57, + 0x43,0xA3,0x1D,0x18,0x6C,0xDE,0x33,0x21,0x2C,0xB5,0x2A,0xFF, + 0x3C,0xE1,0xB1,0x29,0x40,0x18,0x11,0x8D,0x7C,0x84,0xA7,0x0A, + 0x72,0xD6,0x86,0xC4,0x03,0x19,0xC8,0x07,0x29,0x7A,0xCA,0x95, + 0x0C,0xD9,0x96,0x9F,0xAB,0xD0,0x0A,0x50,0x9B,0x02,0x46,0xD3, + 0x08,0x3D,0x66,0xA4,0x5D,0x41,0x9F,0x9C,0x7C,0xBD,0x89,0x4B, + 0x22,0x19,0x26,0xBA,0xAB,0xA2,0x5E,0xC3,0x55,0xE9,0x32,0x0B, + 0x3B,0x02,0x01,0x02, +}; + +unsigned char dh4096[] = +{ + 0x30,0x82,0x02,0x08,0x02,0x82,0x02,0x01,0x00,0xFA,0x14,0x72, + 0x52,0xC1,0x4D,0xE1,0x5A,0x49,0xD4,0xEF,0x09,0x2D,0xC0,0xA8, + 0xFD,0x55,0xAB,0xD7,0xD9,0x37,0x04,0x28,0x09,0xE2,0xE9,0x3E, + 0x77,0xE2,0xA1,0x7A,0x18,0xDD,0x46,0xA3,0x43,0x37,0x23,0x90, + 0x97,0xF3,0x0E,0xC9,0x03,0x50,0x7D,0x65,0xCF,0x78,0x62,0xA6, + 0x3A,0x62,0x22,0x83,0xA1,0x2F,0xFE,0x79,0xBA,0x35,0xFF,0x59, + 0xD8,0x1D,0x61,0xDD,0x1E,0x21,0x13,0x17,0xFE,0xCD,0x38,0x87, + 0x9E,0xF5,0x4F,0x79,0x10,0x61,0x8D,0xD4,0x22,0xF3,0x5A,0xED, + 0x5D,0xEA,0x21,0xE9,0x33,0x6B,0x48,0x12,0x0A,0x20,0x77,0xD4, + 0x25,0x60,0x61,0xDE,0xF6,0xB4,0x4F,0x1C,0x63,0x40,0x8B,0x3A, + 0x21,0x93,0x8B,0x79,0x53,0x51,0x2C,0xCA,0xB3,0x7B,0x29,0x56, + 0xA8,0xC7,0xF8,0xF4,0x7B,0x08,0x5E,0xA6,0xDC,0xA2,0x45,0x12, + 0x56,0xDD,0x41,0x92,0xF2,0xDD,0x5B,0x8F,0x23,0xF0,0xF3,0xEF, + 0xE4,0x3B,0x0A,0x44,0xDD,0xED,0x96,0x84,0xF1,0xA8,0x32,0x46, + 0xA3,0xDB,0x4A,0xBE,0x3D,0x45,0xBA,0x4E,0xF8,0x03,0xE5,0xDD, + 0x6B,0x59,0x0D,0x84,0x1E,0xCA,0x16,0x5A,0x8C,0xC8,0xDF,0x7C, + 0x54,0x44,0xC4,0x27,0xA7,0x3B,0x2A,0x97,0xCE,0xA3,0x7D,0x26, + 0x9C,0xAD,0xF4,0xC2,0xAC,0x37,0x4B,0xC3,0xAD,0x68,0x84,0x7F, + 0x99,0xA6,0x17,0xEF,0x6B,0x46,0x3A,0x7A,0x36,0x7A,0x11,0x43, + 0x92,0xAD,0xE9,0x9C,0xFB,0x44,0x6C,0x3D,0x82,0x49,0xCC,0x5C, + 0x6A,0x52,0x42,0xF8,0x42,0xFB,0x44,0xF9,0x39,0x73,0xFB,0x60, + 0x79,0x3B,0xC2,0x9E,0x0B,0xDC,0xD4,0xA6,0x67,0xF7,0x66,0x3F, + 0xFC,0x42,0x3B,0x1B,0xDB,0x4F,0x66,0xDC,0xA5,0x8F,0x66,0xF9, + 0xEA,0xC1,0xED,0x31,0xFB,0x48,0xA1,0x82,0x7D,0xF8,0xE0,0xCC, + 0xB1,0xC7,0x03,0xE4,0xF8,0xB3,0xFE,0xB7,0xA3,0x13,0x73,0xA6, + 0x7B,0xC1,0x0E,0x39,0xC7,0x94,0x48,0x26,0x00,0x85,0x79,0xFC, + 0x6F,0x7A,0xAF,0xC5,0x52,0x35,0x75,0xD7,0x75,0xA4,0x40,0xFA, + 0x14,0x74,0x61,0x16,0xF2,0xEB,0x67,0x11,0x6F,0x04,0x43,0x3D, + 0x11,0x14,0x4C,0xA7,0x94,0x2A,0x39,0xA1,0xC9,0x90,0xCF,0x83, + 0xC6,0xFF,0x02,0x8F,0xA3,0x2A,0xAC,0x26,0xDF,0x0B,0x8B,0xBE, + 0x64,0x4A,0xF1,0xA1,0xDC,0xEE,0xBA,0xC8,0x03,0x82,0xF6,0x62, + 0x2C,0x5D,0xB6,0xBB,0x13,0x19,0x6E,0x86,0xC5,0x5B,0x2B,0x5E, + 0x3A,0xF3,0xB3,0x28,0x6B,0x70,0x71,0x3A,0x8E,0xFF,0x5C,0x15, + 0xE6,0x02,0xA4,0xCE,0xED,0x59,0x56,0xCC,0x15,0x51,0x07,0x79, + 0x1A,0x0F,0x25,0x26,0x27,0x30,0xA9,0x15,0xB2,0xC8,0xD4,0x5C, + 0xCC,0x30,0xE8,0x1B,0xD8,0xD5,0x0F,0x19,0xA8,0x80,0xA4,0xC7, + 0x01,0xAA,0x8B,0xBA,0x53,0xBB,0x47,0xC2,0x1F,0x6B,0x54,0xB0, + 0x17,0x60,0xED,0x79,0x21,0x95,0xB6,0x05,0x84,0x37,0xC8,0x03, + 0xA4,0xDD,0xD1,0x06,0x69,0x8F,0x4C,0x39,0xE0,0xC8,0x5D,0x83, + 0x1D,0xBE,0x6A,0x9A,0x99,0xF3,0x9F,0x0B,0x45,0x29,0xD4,0xCB, + 0x29,0x66,0xEE,0x1E,0x7E,0x3D,0xD7,0x13,0x4E,0xDB,0x90,0x90, + 0x58,0xCB,0x5E,0x9B,0xCD,0x2E,0x2B,0x0F,0xA9,0x4E,0x78,0xAC, + 0x05,0x11,0x7F,0xE3,0x9E,0x27,0xD4,0x99,0xE1,0xB9,0xBD,0x78, + 0xE1,0x84,0x41,0xA0,0xDF,0x02,0x01,0x02, +}; +# endif + } // // Convert a predefined parameter set into a DH value. // +# if OPENSSL_VERSION_NUMBER >= 0x10100000L +static DH* +convertDH(const unsigned char* buf, int len) +{ + return d2i_DHparams(0, &buf, len); +} +# else static DH* convertDH(unsigned char* p, int plen, unsigned char* g, int glen) { @@ -225,9 +342,9 @@ convertDH(unsigned char* p, int plen, unsigned char* g, int glen) dh = 0; } } - return dh; } +# endif IceSSL::DHParams::DHParams() : _dh512(0), _dh1024(0), _dh2048(0), _dh4096(0) @@ -289,7 +406,40 @@ IceSSL::DHParams::get(int keyLength) // No match found. Use one of the predefined parameter sets instead. // IceUtil::Mutex::Lock sync(*this); - +# if OPENSSL_VERSION_NUMBER >= 0x10100000L + if(keyLength >= 4096) + { + if(!_dh4096) + { + _dh4096 = convertDH(dh4096, (int) sizeof(dh4096)); + } + return _dh4096; + } + else if(keyLength >= 2048) + { + if(!_dh2048) + { + _dh2048 = convertDH(dh2048, (int) sizeof(dh2048)); + } + return _dh2048; + } + else if(keyLength >= 1024) + { + if(!_dh1024) + { + _dh1024 = convertDH(dh1024, (int) sizeof(dh1024)); + } + return _dh1024; + } + else + { + if(!_dh512) + { + _dh512 = convertDH(dh512, (int) sizeof(dh512)); + } + return _dh512; + } +# else if(keyLength >= 4096) { if(!_dh4096) @@ -322,9 +472,10 @@ IceSSL::DHParams::get(int keyLength) } return _dh512; } +# endif } -# endif +# endif string IceSSL::getSslErrors(bool verbose) diff --git a/cpp/src/IceUtil/Time.cpp b/cpp/src/IceUtil/Time.cpp index a771815ddb6..1dbf23e1d72 100644 --- a/cpp/src/IceUtil/Time.cpp +++ b/cpp/src/IceUtil/Time.cpp @@ -63,7 +63,7 @@ InitializeFrequency frequencyInitializer; } #endif -#ifdef __APPLE__ +#if defined(__APPLE__) namespace { @@ -137,7 +137,7 @@ IceUtil::Time::now(Clock clock) # endif return Time(static_cast<Int64>(tb.time) * ICE_INT64(1000000) + tb.millitm * 1000); } -#elif defined(__hpux) +#elif defined(__hppa) // // HP does not support CLOCK_MONOTONIC // diff --git a/cpp/src/Slice/Preprocessor.cpp b/cpp/src/Slice/Preprocessor.cpp index b5470ff19a0..26f4bee7db1 100644 --- a/cpp/src/Slice/Preprocessor.cpp +++ b/cpp/src/Slice/Preprocessor.cpp @@ -236,10 +236,10 @@ Slice::Preprocessor::preprocess(bool keepComments, const string& extraArgs) // process call _tempnam before any of them call fopen and // they will end up using the same tmp file. // - char* name = _tempnam(0, ("slice-" + IceUtil::generateUUID()).c_str()); + wchar_t* name = _wtempnam(0, IceUtil::stringToWstring("slice-" + IceUtil::generateUUID()).c_str()); if(name) { - _cppFile = name; + _cppFile = IceUtil::wstringToString(name); free(name); _cppHandle = IceUtilInternal::fopen(_cppFile, "w+"); } |