From 65de3fb46b694a1bb38de44ed1cac273c6bfe777 Mon Sep 17 00:00:00 2001 From: Jose Date: Tue, 9 Apr 2024 14:51:05 +0200 Subject: [PATCH 01/28] Checkpoint --- .github/actions/setup-dependencies/action.yml | 4 +- config/PropertyNames.xml | 12 - cpp/include/IceSSL/Plugin.h | 14 - cpp/src/Ice/PropertyNames.cpp | 134 +- cpp/src/Ice/PropertyNames.h | 84 +- cpp/src/IceSSL/OpenSSLEngine.cpp | 401 +-- cpp/src/IceSSL/OpenSSLEngine.h | 12 +- cpp/src/IceSSL/PluginI.cpp | 26 - cpp/src/IceSSL/PluginI.h | 6 - cpp/src/IceSSL/SChannelEngine.cpp | 88 +- cpp/src/IceSSL/SChannelPluginI.cpp | 5 +- cpp/src/IceSSL/SChannelTransceiverI.cpp | 3 + cpp/src/IceSSL/SSLEngine.cpp | 127 +- cpp/src/IceSSL/SSLEngine.h | 24 +- cpp/src/IceSSL/SecureTransportEngine.cpp | 40 +- cpp/src/IceSSL/TrustManager.cpp | 10 - cpp/src/IceSSL/Util.cpp | 25 - cpp/src/IceSSL/Util.h | 34 +- cpp/test/IceSSL/configuration/AllTests.cpp | 390 +-- csharp/src/Ice/IceSSL/AcceptorI.cs | 4 +- csharp/src/Ice/IceSSL/ConnectorI.cs | 18 +- csharp/src/Ice/IceSSL/Instance.cs | 4 - csharp/src/Ice/IceSSL/SSLEngine.cs | 197 +- csharp/src/Ice/IceSSL/TransceiverI.cs | 419 +-- csharp/src/Ice/PropertyNames.cs | 14 +- csharp/test/IceSSL/configuration/AllTests.cs | 412 +-- csharp/test/IceSSL/configuration/TestI.cs | 4 +- .../com/zeroc/IceInternal/PropertyNames.java | 2512 ++++++++--------- js/src/Ice/PropertyNames.js | 2 +- 29 files changed, 1689 insertions(+), 3336 deletions(-) diff --git a/.github/actions/setup-dependencies/action.yml b/.github/actions/setup-dependencies/action.yml index 4c4e5a3812d..6fb6b00cee7 100644 --- a/.github/actions/setup-dependencies/action.yml +++ b/.github/actions/setup-dependencies/action.yml @@ -15,7 +15,7 @@ runs: steps: # Python3 is already installed though Homebrew - name: Install brew dependencies - run: brew install ruby openjdk node php lmdb mcpp || true + run: brew install ruby node php lmdb mcpp || true shell: bash if: runner.os == 'macOS' @@ -60,7 +60,7 @@ runs: with: distribution: "oracle" java-version: "17" - if: runner.os == 'Linux' + if: matrix.language == 'java' - name: Install testing dependencies from pip run: python3 -m pip install passlib cryptography numpy diff --git a/config/PropertyNames.xml b/config/PropertyNames.xml index 2885d57fb3b..ef0aa6b503f 100644 --- a/config/PropertyNames.xml +++ b/config/PropertyNames.xml @@ -545,23 +545,15 @@ generated from the section label.
- - - - - - - - @@ -569,9 +561,6 @@ generated from the section label. - - - @@ -584,7 +573,6 @@ generated from the section label. -
diff --git a/cpp/include/IceSSL/Plugin.h b/cpp/include/IceSSL/Plugin.h index 09bdd4d0ec7..84b5f3fe39e 100644 --- a/cpp/include/IceSSL/Plugin.h +++ b/cpp/include/IceSSL/Plugin.h @@ -523,20 +523,6 @@ namespace IceSSL public: virtual ~Plugin(); - /** - * Establish the certificate verifier object. This should be done - * before any connections are established. - * @param v The verifier. - */ - virtual void setCertificateVerifier(std::function v) = 0; - - /** - * Establish the password prompt object. This must be done before - * the plug-in is initialized. - * @param p The password prompt. - */ - virtual void setPasswordPrompt(std::function p) = 0; - /** * Load the certificate from a file. The certificate must use the * PEM encoding format. diff --git a/cpp/src/Ice/PropertyNames.cpp b/cpp/src/Ice/PropertyNames.cpp index 271f812a0a0..d229c9e4d3c 100644 --- a/cpp/src/Ice/PropertyNames.cpp +++ b/cpp/src/Ice/PropertyNames.cpp @@ -1,13 +1,14 @@ // // Copyright (c) ZeroC, Inc. All rights reserved. // -// Generated by makeprops.py from file ./config/PropertyNames.xml, Thu Apr 4 16:59:06 2024 +// Generated by makeprops.py from file .\config\PropertyNames.xml, Tue Apr 9 14:47:18 2024 // IMPORTANT: Do not edit this file -- any edits made here will be lost! #include "PropertyNames.h" -const IceInternal::Property IcePropsData[] = { +const IceInternal::Property IcePropsData[] = +{ IceInternal::Property("Ice.AcceptClassCycles", false, 0), IceInternal::Property("Ice.ACM.Client", true, 0), IceInternal::Property("Ice.ACM.Server", true, 0), @@ -188,9 +189,11 @@ const IceInternal::Property IcePropsData[] = { }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceProps(IcePropsData, sizeof(IcePropsData) / sizeof(IcePropsData[0])); + IceInternal::PropertyNames::IceProps(IcePropsData, + sizeof(IcePropsData)/sizeof(IcePropsData[0])); -const IceInternal::Property IceMXPropsData[] = { +const IceInternal::Property IceMXPropsData[] = +{ IceInternal::Property("IceMX.Metrics.*.GroupBy", false, 0), IceInternal::Property("IceMX.Metrics.*.Map", false, 0), IceInternal::Property("IceMX.Metrics.*.RetainDetached", false, 0), @@ -200,9 +203,11 @@ const IceInternal::Property IceMXPropsData[] = { }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceMXProps(IceMXPropsData, sizeof(IceMXPropsData) / sizeof(IceMXPropsData[0])); + IceInternal::PropertyNames::IceMXProps(IceMXPropsData, + sizeof(IceMXPropsData)/sizeof(IceMXPropsData[0])); -const IceInternal::Property IceDiscoveryPropsData[] = { +const IceInternal::Property IceDiscoveryPropsData[] = +{ IceInternal::Property("IceDiscovery.Multicast.ACM.Timeout", false, 0), IceInternal::Property("IceDiscovery.Multicast.ACM.Heartbeat", false, 0), IceInternal::Property("IceDiscovery.Multicast.ACM.Close", false, 0), @@ -324,11 +329,12 @@ const IceInternal::Property IceDiscoveryPropsData[] = { IceInternal::Property("IceDiscovery.DomainId", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::IceDiscoveryProps( - IceDiscoveryPropsData, - sizeof(IceDiscoveryPropsData) / sizeof(IceDiscoveryPropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::IceDiscoveryProps(IceDiscoveryPropsData, + sizeof(IceDiscoveryPropsData)/sizeof(IceDiscoveryPropsData[0])); -const IceInternal::Property IceLocatorDiscoveryPropsData[] = { +const IceInternal::Property IceLocatorDiscoveryPropsData[] = +{ IceInternal::Property("IceLocatorDiscovery.Reply.ACM.Timeout", false, 0), IceInternal::Property("IceLocatorDiscovery.Reply.ACM.Heartbeat", false, 0), IceInternal::Property("IceLocatorDiscovery.Reply.ACM.Close", false, 0), @@ -414,11 +420,12 @@ const IceInternal::Property IceLocatorDiscoveryPropsData[] = { IceInternal::Property("IceLocatorDiscovery.Trace.Lookup", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::IceLocatorDiscoveryProps( - IceLocatorDiscoveryPropsData, - sizeof(IceLocatorDiscoveryPropsData) / sizeof(IceLocatorDiscoveryPropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::IceLocatorDiscoveryProps(IceLocatorDiscoveryPropsData, + sizeof(IceLocatorDiscoveryPropsData)/sizeof(IceLocatorDiscoveryPropsData[0])); -const IceInternal::Property IceBoxPropsData[] = { +const IceInternal::Property IceBoxPropsData[] = +{ IceInternal::Property("IceBox.InheritProperties", false, 0), IceInternal::Property("IceBox.InstanceName", true, 0), IceInternal::Property("IceBox.LoadOrder", false, 0), @@ -439,9 +446,11 @@ const IceInternal::Property IceBoxPropsData[] = { }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceBoxProps(IceBoxPropsData, sizeof(IceBoxPropsData) / sizeof(IceBoxPropsData[0])); + IceInternal::PropertyNames::IceBoxProps(IceBoxPropsData, + sizeof(IceBoxPropsData)/sizeof(IceBoxPropsData[0])); -const IceInternal::Property IceBoxAdminPropsData[] = { +const IceInternal::Property IceBoxAdminPropsData[] = +{ IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy.EndpointSelection", false, 0), IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy.ConnectionCached", false, 0), IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy.PreferSecure", false, 0), @@ -454,11 +463,12 @@ const IceInternal::Property IceBoxAdminPropsData[] = { IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::IceBoxAdminProps( - IceBoxAdminPropsData, - sizeof(IceBoxAdminPropsData) / sizeof(IceBoxAdminPropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::IceBoxAdminProps(IceBoxAdminPropsData, + sizeof(IceBoxAdminPropsData)/sizeof(IceBoxAdminPropsData[0])); -const IceInternal::Property IceBridgePropsData[] = { +const IceInternal::Property IceBridgePropsData[] = +{ IceInternal::Property("IceBridge.Source.ACM.Timeout", false, 0), IceInternal::Property("IceBridge.Source.ACM.Heartbeat", false, 0), IceInternal::Property("IceBridge.Source.ACM.Close", false, 0), @@ -500,11 +510,12 @@ const IceInternal::Property IceBridgePropsData[] = { IceInternal::Property("IceBridge.InstanceName", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::IceBridgeProps( - IceBridgePropsData, - sizeof(IceBridgePropsData) / sizeof(IceBridgePropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::IceBridgeProps(IceBridgePropsData, + sizeof(IceBridgePropsData)/sizeof(IceBridgePropsData[0])); -const IceInternal::Property IceGridAdminPropsData[] = { +const IceInternal::Property IceGridAdminPropsData[] = +{ IceInternal::Property("IceGridAdmin.AuthenticateUsingSSL", false, 0), IceInternal::Property("IceGridAdmin.MetricsConfig", false, 0), IceInternal::Property("IceGridAdmin.Username", false, 0), @@ -631,11 +642,12 @@ const IceInternal::Property IceGridAdminPropsData[] = { IceInternal::Property("IceGridAdmin.Trace.SaveToRegistry", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::IceGridAdminProps( - IceGridAdminPropsData, - sizeof(IceGridAdminPropsData) / sizeof(IceGridAdminPropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::IceGridAdminProps(IceGridAdminPropsData, + sizeof(IceGridAdminPropsData)/sizeof(IceGridAdminPropsData[0])); -const IceInternal::Property IceGridPropsData[] = { +const IceInternal::Property IceGridPropsData[] = +{ IceInternal::Property("IceGrid.AdminRouter.ACM.Timeout", false, 0), IceInternal::Property("IceGrid.AdminRouter.ACM.Heartbeat", false, 0), IceInternal::Property("IceGrid.AdminRouter.ACM.Close", false, 0), @@ -1038,28 +1050,22 @@ const IceInternal::Property IceGridPropsData[] = { }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceGridProps(IceGridPropsData, sizeof(IceGridPropsData) / sizeof(IceGridPropsData[0])); + IceInternal::PropertyNames::IceGridProps(IceGridPropsData, + sizeof(IceGridPropsData)/sizeof(IceGridPropsData[0])); -const IceInternal::Property IceSSLPropsData[] = { +const IceInternal::Property IceSSLPropsData[] = +{ IceInternal::Property("IceSSL.Alias", false, 0), IceInternal::Property("IceSSL.CAs", false, 0), - IceInternal::Property("IceSSL.CertAuthDir", true, "IceSSL.CAs"), - IceInternal::Property("IceSSL.CertAuthFile", true, "IceSSL.CAs"), IceInternal::Property("IceSSL.CertStore", false, 0), IceInternal::Property("IceSSL.CertStoreLocation", false, 0), IceInternal::Property("IceSSL.CertFile", false, 0), - IceInternal::Property("IceSSL.CertVerifier", false, 0), IceInternal::Property("IceSSL.CheckCertName", false, 0), IceInternal::Property("IceSSL.CheckCRL", false, 0), IceInternal::Property("IceSSL.Ciphers", false, 0), IceInternal::Property("IceSSL.CertificateRevocationListFiles", false, 0), IceInternal::Property("IceSSL.DefaultDir", false, 0), - IceInternal::Property("IceSSL.DH.*", false, 0), - IceInternal::Property("IceSSL.DHParams", false, 0), - IceInternal::Property("IceSSL.EntropyDaemon", false, 0), IceInternal::Property("IceSSL.FindCert", false, 0), - IceInternal::Property("IceSSL.FindCert.*", true, 0), - IceInternal::Property("IceSSL.InitOpenSSL", false, 0), IceInternal::Property("IceSSL.KeyFile", false, 0), IceInternal::Property("IceSSL.Keychain", false, 0), IceInternal::Property("IceSSL.KeychainPassword", false, 0), @@ -1067,9 +1073,6 @@ const IceInternal::Property IceSSLPropsData[] = { IceInternal::Property("IceSSL.KeystorePassword", false, 0), IceInternal::Property("IceSSL.KeystoreType", false, 0), IceInternal::Property("IceSSL.Password", false, 0), - IceInternal::Property("IceSSL.PasswordCallback", false, 0), - IceInternal::Property("IceSSL.PasswordRetryMax", false, 0), - IceInternal::Property("IceSSL.Random", false, 0), IceInternal::Property("IceSSL.RevocationCheck", false, 0), IceInternal::Property("IceSSL.RevocationCheckCacheOnly", false, 0), IceInternal::Property("IceSSL.SchannelStrongCrypto", false, 0), @@ -1082,32 +1085,36 @@ const IceInternal::Property IceSSLPropsData[] = { IceInternal::Property("IceSSL.TruststorePassword", false, 0), IceInternal::Property("IceSSL.TruststoreType", false, 0), IceInternal::Property("IceSSL.UsePlatformCAs", false, 0), - IceInternal::Property("IceSSL.VerifyDepthMax", false, 0), IceInternal::Property("IceSSL.VerifyPeer", false, 0), }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceSSLProps(IceSSLPropsData, sizeof(IceSSLPropsData) / sizeof(IceSSLPropsData[0])); + IceInternal::PropertyNames::IceSSLProps(IceSSLPropsData, + sizeof(IceSSLPropsData)/sizeof(IceSSLPropsData[0])); -const IceInternal::Property IceStormAdminPropsData[] = { +const IceInternal::Property IceStormAdminPropsData[] = +{ IceInternal::Property("IceStormAdmin.TopicManager.*", false, 0), IceInternal::Property("IceStormAdmin.Host", false, 0), IceInternal::Property("IceStormAdmin.Port", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::IceStormAdminProps( - IceStormAdminPropsData, - sizeof(IceStormAdminPropsData) / sizeof(IceStormAdminPropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::IceStormAdminProps(IceStormAdminPropsData, + sizeof(IceStormAdminPropsData)/sizeof(IceStormAdminPropsData[0])); -const IceInternal::Property IceBTPropsData[] = { +const IceInternal::Property IceBTPropsData[] = +{ IceInternal::Property("IceBT.RcvSize", false, 0), IceInternal::Property("IceBT.SndSize", false, 0), }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceBTProps(IceBTPropsData, sizeof(IceBTPropsData) / sizeof(IceBTPropsData[0])); + IceInternal::PropertyNames::IceBTProps(IceBTPropsData, + sizeof(IceBTPropsData)/sizeof(IceBTPropsData[0])); -const IceInternal::Property Glacier2PropsData[] = { +const IceInternal::Property Glacier2PropsData[] = +{ IceInternal::Property("Glacier2.AddConnectionContext", false, 0), IceInternal::Property("Glacier2.Client.ACM.Timeout", false, 0), IceInternal::Property("Glacier2.Client.ACM.Heartbeat", false, 0), @@ -1249,20 +1256,22 @@ const IceInternal::Property Glacier2PropsData[] = { IceInternal::Property("Glacier2.Trace.Session", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::Glacier2Props( - Glacier2PropsData, - sizeof(Glacier2PropsData) / sizeof(Glacier2PropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::Glacier2Props(Glacier2PropsData, + sizeof(Glacier2PropsData)/sizeof(Glacier2PropsData[0])); -const IceInternal::Property Glacier2CryptPermissionsVerifierPropsData[] = { +const IceInternal::Property Glacier2CryptPermissionsVerifierPropsData[] = +{ IceInternal::Property("Glacier2CryptPermissionsVerifier.*.PermissionsVerifier", false, 0), IceInternal::Property("Glacier2CryptPermissionsVerifier.*.AdminPermissionsVerifier", false, 0), }; -const IceInternal::PropertyArray IceInternal::PropertyNames::Glacier2CryptPermissionsVerifierProps( - Glacier2CryptPermissionsVerifierPropsData, - sizeof(Glacier2CryptPermissionsVerifierPropsData) / sizeof(Glacier2CryptPermissionsVerifierPropsData[0])); +const IceInternal::PropertyArray + IceInternal::PropertyNames::Glacier2CryptPermissionsVerifierProps(Glacier2CryptPermissionsVerifierPropsData, + sizeof(Glacier2CryptPermissionsVerifierPropsData)/sizeof(Glacier2CryptPermissionsVerifierPropsData[0])); -const IceInternal::PropertyArray IceInternal::PropertyNames::validProps[] = { +const IceInternal::PropertyArray IceInternal::PropertyNames::validProps[] = +{ IceProps, IceMXProps, IceDiscoveryProps, @@ -1277,9 +1286,11 @@ const IceInternal::PropertyArray IceInternal::PropertyNames::validProps[] = { IceBTProps, Glacier2Props, Glacier2CryptPermissionsVerifierProps, - IceInternal::PropertyArray(0, 0)}; + IceInternal::PropertyArray(0,0) +}; -const char* IceInternal::PropertyNames::clPropNames[] = { +const char* IceInternal::PropertyNames::clPropNames[] = +{ "Ice", "IceMX", "IceDiscovery", @@ -1294,4 +1305,5 @@ const char* IceInternal::PropertyNames::clPropNames[] = { "IceBT", "Glacier2", "Glacier2CryptPermissionsVerifier", - 0}; + 0 +}; diff --git a/cpp/src/Ice/PropertyNames.h b/cpp/src/Ice/PropertyNames.h index 04548b6b16c..51ac6790298 100644 --- a/cpp/src/Ice/PropertyNames.h +++ b/cpp/src/Ice/PropertyNames.h @@ -1,7 +1,7 @@ // // Copyright (c) ZeroC, Inc. All rights reserved. // -// Generated by makeprops.py from file ./config/PropertyNames.xml, Thu Apr 4 16:59:06 2024 +// Generated by makeprops.py from file .\config\PropertyNames.xml, Tue Apr 9 14:47:18 2024 // IMPORTANT: Do not edit this file -- any edits made here will be lost! @@ -13,46 +13,62 @@ namespace IceInternal { - struct Property +struct Property +{ + const char* pattern; + bool deprecated; + const char* deprecatedBy; + + Property(const char* n, bool d, const char* b) : + pattern(n), + deprecated(d), + deprecatedBy(b) + { + } + + Property() : + pattern(0), + deprecated(false), + deprecatedBy(0) { - const char* pattern; - bool deprecated; - const char* deprecatedBy; + } - Property(const char* n, bool d, const char* b) : pattern(n), deprecated(d), deprecatedBy(b) {} +}; - Property() : pattern(0), deprecated(false), deprecatedBy(0) {} - }; +struct PropertyArray +{ + const Property* properties; + const int length; - struct PropertyArray + PropertyArray(const Property* p, size_t len) : + properties(p), + length(static_cast(len)) { - const Property* properties; - const int length; + } +}; + +class PropertyNames +{ +public: - PropertyArray(const Property* p, size_t len) : properties(p), length(static_cast(len)) {} - }; + static const PropertyArray IceProps; + static const PropertyArray IceMXProps; + static const PropertyArray IceDiscoveryProps; + static const PropertyArray IceLocatorDiscoveryProps; + static const PropertyArray IceBoxProps; + static const PropertyArray IceBoxAdminProps; + static const PropertyArray IceBridgeProps; + static const PropertyArray IceGridAdminProps; + static const PropertyArray IceGridProps; + static const PropertyArray IceSSLProps; + static const PropertyArray IceStormAdminProps; + static const PropertyArray IceBTProps; + static const PropertyArray Glacier2Props; + static const PropertyArray Glacier2CryptPermissionsVerifierProps; - class PropertyNames - { - public: - static const PropertyArray IceProps; - static const PropertyArray IceMXProps; - static const PropertyArray IceDiscoveryProps; - static const PropertyArray IceLocatorDiscoveryProps; - static const PropertyArray IceBoxProps; - static const PropertyArray IceBoxAdminProps; - static const PropertyArray IceBridgeProps; - static const PropertyArray IceGridAdminProps; - static const PropertyArray IceGridProps; - static const PropertyArray IceSSLProps; - static const PropertyArray IceStormAdminProps; - static const PropertyArray IceBTProps; - static const PropertyArray Glacier2Props; - static const PropertyArray Glacier2CryptPermissionsVerifierProps; - - static const PropertyArray validProps[]; - static const char* clPropNames[]; - }; + static const PropertyArray validProps[]; + static const char * clPropNames[]; +}; } diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 055bfb8268d..b2cc1436430 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -45,11 +45,11 @@ namespace } extern "C" { - int IceSSL_opensslPasswordCallback(char* buf, int size, int flag, void* userData) + int IceSSL_opensslPasswordCallback(char* buf, int size, int /*flag*/, void* userData) { OpenSSL::SSLEngine* p = reinterpret_cast(userData); assert(p); - string passwd = p->password(flag == 1); + string passwd = p->password(); int sz = static_cast(passwd.size()); if (sz > size) { @@ -69,15 +69,6 @@ extern "C" return sz; } - -#ifndef OPENSSL_NO_DH - DH* IceSSL_opensslDHCallback(SSL* ssl, int /*isExport*/, int keyLength) - { - SSL_CTX* ctx = SSL_get_SSL_CTX(ssl); - OpenSSL::SSLEngine* p = reinterpret_cast(SSL_CTX_get_ex_data(ctx, 0)); - return p->dhParams(keyLength); - } -#endif } namespace @@ -91,129 +82,9 @@ namespace } } -OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : IceSSL::SSLEngine(communicator), _ctx(0) -{ - // - // Initialize OpenSSL if necessary. - // - lock_guard lock(staticMutex); - instanceCount++; - - if (instanceCount == 1) - { - PropertiesPtr properties = communicator->getProperties(); - - // - // The IceSSL.InitOpenSSL property specifies whether we should perform the global - // startup (and shutdown) tasks for the OpenSSL library. - // - // If an application uses multiple components that each depend on OpenSSL, the - // application should disable OpenSSL initialization in those components and - // perform the initialization itself. - // - initOpenSSL = properties->getPropertyAsIntWithDefault("IceSSL.InitOpenSSL", 1) > 0; - if (initOpenSSL) - { - // - // Initialize the PRNG. - // - char randFile[1024]; - if (RAND_file_name(randFile, sizeof(randFile))) // Gets the name of a default seed file. - { - RAND_load_file(randFile, 1024); - } - - string randFiles = properties->getProperty("IceSSL.Random"); +OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : IceSSL::SSLEngine(communicator), _ctx(0) {} - if (!randFiles.empty()) - { - vector files; - const string defaultDir = properties->getProperty("IceSSL.DefaultDir"); - - if (!IceUtilInternal::splitString(randFiles, IceUtilInternal::pathsep, files)) - { - cleanup(); - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: invalid value for IceSSL.Random:\n" + randFiles); - } - for (vector::iterator p = files.begin(); p != files.end(); ++p) - { - string file = *p; - string resolved; - if (!checkPath(file, defaultDir, false, resolved)) - { - cleanup(); - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: entropy data file not found:\n" + file); - } - if (!RAND_load_file(resolved.c_str(), 1024)) - { - cleanup(); - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: unable to load entropy data from " + resolved); - } - } - } -#if !defined(_WIN32) && !defined(OPENSSL_NO_EGD) - // - // The Entropy Gathering Daemon (EGD) is not available on Windows. - // The file should be a Unix domain socket for the daemon. - // - string entropyDaemon = properties->getProperty("IceSSL.EntropyDaemon"); - if (!entropyDaemon.empty()) - { - if (RAND_egd(entropyDaemon.c_str()) <= 0) - { - cleanup(); - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: EGD failure using file " + entropyDaemon); - } - } -#endif - if (!RAND_status()) - { - getLogger()->warning("IceSSL: insufficient data to initialize PRNG"); - } - } - else - { - if (!properties->getProperty("IceSSL.Random").empty()) - { - getLogger()->warning("IceSSL: ignoring IceSSL.Random because OpenSSL initialization is disabled"); - } -#ifndef _WIN32 - else if (!properties->getProperty("IceSSL.EntropyDaemon").empty()) - { - getLogger()->warning( - "IceSSL: ignoring IceSSL.EntropyDaemon because OpenSSL initialization is disabled"); - } -#endif - } - } -} - -void -OpenSSL::SSLEngine::cleanup() -{ - // - // Must be called with the static mutex locked. - // - --instanceCount; -} - -OpenSSL::SSLEngine::~SSLEngine() -{ - lock_guard lock(staticMutex); - cleanup(); -} +OpenSSL::SSLEngine::~SSLEngine() {} void OpenSSL::SSLEngine::initialize() @@ -251,9 +122,7 @@ OpenSSL::SSLEngine::initialize() #if defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3_METHOD) defaultProtocols.push_back("tls1_3"); #endif - // // Create an SSL context if the application hasn't supplied one. - // if (!_ctx) { _ctx = SSL_CTX_new(getMethod()); @@ -278,33 +147,12 @@ OpenSSL::SSLEngine::initialize() } } - // - // Check for a default directory. We look in this directory for - // files mentioned in the configuration. - // + // Check for a default directory. We look in this directory for files mentioned in the configuration. const string defaultDir = properties->getProperty(propPrefix + "DefaultDir"); - // - // If the configuration defines a password, or the application has supplied - // a password prompt object, then register a password callback. Otherwise, - // let OpenSSL use its default behavior. - // - { - // TODO: Support quoted value? - string password = properties->getProperty(propPrefix + "Password"); - if (!password.empty() || getPasswordPrompt()) - { - SSL_CTX_set_default_passwd_cb(_ctx, IceSSL_opensslPasswordCallback); - SSL_CTX_set_default_passwd_cb_userdata(_ctx, this); - setPassword(password); - } - } - - int passwordRetryMax = properties->getPropertyAsIntWithDefault(propPrefix + "PasswordRetryMax", 3); + _password = properties->getProperty(propPrefix + "Password"); - // // Establish the location of CA certificates. - // { string path = properties->getProperty(propPrefix + "CAs"); string resolved; @@ -338,22 +186,8 @@ OpenSSL::SSLEngine::initialize() if (file || dir) { - // - // The certificate may be stored in an encrypted file, so handle - // password retries. - // - int count = 0; - int success = 0; - while (count < passwordRetryMax) - { - ERR_clear_error(); - if ((success = SSL_CTX_load_verify_locations(_ctx, file, dir)) != 0 || !passwordError()) - { - break; - } - ++count; - } - if (!success) + // The certificate may be stored in an encrypted file. + if (!SSL_CTX_load_verify_locations(_ctx, file, dir)) { string msg = "IceSSL: unable to establish CA certificates"; if (passwordError()) @@ -410,10 +244,7 @@ OpenSSL::SSLEngine::initialize() } file = resolved; - // - // First we try to load the certificate using PKCS12 format if that fails - // we fallback to PEM format. - // + // First we try to load the certificate using PKCS12 format if that fails we fallback to PEM format. vector buffer; readFile(file, buffer); int success = 0; @@ -430,72 +261,66 @@ OpenSSL::SSLEngine::initialize() int count = 0; try { - while (count < passwordRetryMax) + ERR_clear_error(); + // chain may have a bogus value from a previous call to PKCS12_parse, so we reset it prior + // to each call. + key = 0; + cert = 0; + chain = 0; + if ((success = PKCS12_parse(p12, password().c_str(), &key, &cert, &chain)) == 0) { - ERR_clear_error(); - // - // chain may have a bogus value from a previous call to PKCS12_parse, so we - // reset it prior to each call. - // - key = 0; - cert = 0; - chain = 0; - if ((success = PKCS12_parse(p12, password(false).c_str(), &key, &cert, &chain)) == 0) + if (passwordError()) { - if (passwordError()) - { - count++; - continue; - } - break; + count++; + continue; } + break; + } - if (!cert || !SSL_CTX_use_certificate(_ctx, cert)) - { - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: unable to load SSL certificate:\n" + - (cert ? sslErrors() : "certificate not found")); - } + if (!cert || !SSL_CTX_use_certificate(_ctx, cert)) + { + throw PluginInitializationException( + __FILE__, + __LINE__, + "IceSSL: unable to load SSL certificate:\n" + + (cert ? sslErrors() : "certificate not found")); + } - if (!key || !SSL_CTX_use_PrivateKey(_ctx, key)) - { - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: unable to load SSL private key:\n" + - (key ? sslErrors() : "key not found")); - } - keyLoaded = true; + if (!key || !SSL_CTX_use_PrivateKey(_ctx, key)) + { + throw PluginInitializationException( + __FILE__, + __LINE__, + "IceSSL: unable to load SSL private key:\n" + + (key ? sslErrors() : "key not found")); + } + keyLoaded = true; - if (chain && sk_X509_num(chain)) + if (chain && sk_X509_num(chain)) + { + // Pop each cert from the stack so we can free the stack later. + // The CTX destruction will take care of the certificates + X509* c = 0; + while ((c = sk_X509_pop(chain)) != 0) { - // Pop each cert from the stack so we can free the stack later. - // The CTX destruction will take care of the certificates - X509* c = 0; - while ((c = sk_X509_pop(chain)) != 0) + if (!SSL_CTX_add_extra_chain_cert(_ctx, c)) { - if (!SSL_CTX_add_extra_chain_cert(_ctx, c)) - { - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: unable to add extra SSL certificate:\n" + sslErrors()); - } + throw PluginInitializationException( + __FILE__, + __LINE__, + "IceSSL: unable to add extra SSL certificate:\n" + sslErrors()); } } + } - if (chain) - { - // This chain should now be empty. No need to call sk_X509_pop_free() - sk_X509_free(chain); - } - assert(key && cert); - EVP_PKEY_free(key); - X509_free(cert); - break; + if (chain) + { + // This chain should now be empty. No need to call sk_X509_pop_free() + sk_X509_free(chain); } + assert(key && cert); + EVP_PKEY_free(key); + X509_free(cert); PKCS12_free(p12); } catch (...) @@ -520,24 +345,9 @@ OpenSSL::SSLEngine::initialize() } else { - // - // The certificate may be stored in an encrypted file, so handle - // password retries. - // - int count = 0; - while (count < passwordRetryMax) - { - ERR_clear_error(); - if ((success = SSL_CTX_use_certificate_chain_file(_ctx, file.c_str())) == 0) - { - if (passwordError()) - { - count++; - continue; - } - } - count++; - } + // The certificate may be stored in an encrypted file, so handle password retries. + ERR_clear_error(); + success = SSL_CTX_use_certificate_chain_file(_ctx, file.c_str()); } if (!success) @@ -581,46 +391,33 @@ OpenSSL::SSLEngine::initialize() __LINE__, "IceSSL: " + propPrefix + "KeyFile does not agree with " + propPrefix + "CertFile"); } - for (vector::iterator p = files.begin(); p != files.end(); ++p) + for (const auto& file : files) { - string file = *p; string resolved; if (!checkPath(file, defaultDir, false, resolved)) { throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: key file not found:\n" + file); } - file = resolved; - // - // The private key may be stored in an encrypted file, so handle password retries. - // - int count = 0; - int err = 0; - while (count < passwordRetryMax) - { - ERR_clear_error(); - err = SSL_CTX_use_PrivateKey_file(_ctx, file.c_str(), SSL_FILETYPE_PEM); - if (err) - { - break; - } - ++count; - } - if (err == 0) + + // The private key may be stored in an encrypted file. + ERR_clear_error(); + if (!SSL_CTX_use_PrivateKey_file(_ctx, resolved.c_str(), SSL_FILETYPE_PEM)) { - string msg = "IceSSL: unable to load private key from file " + file; + ostringstream os; + os << "IceSSL: unable to load private key from file " << file; if (passwordError()) { - msg += ":\ninvalid password"; + os << ":\ninvalid password"; } else { string errStr = sslErrors(); if (!errStr.empty()) { - msg += ":\n" + errStr; + os << ":\n" << errStr; } } - throw PluginInitializationException(__FILE__, __LINE__, msg); + throw PluginInitializationException(__FILE__, __LINE__, os.str()); } } keyLoaded = true; @@ -634,56 +431,6 @@ OpenSSL::SSLEngine::initialize() "IceSSL: unable to validate private key(s):\n" + sslErrors()); } - // - // Diffie Hellman configuration. - // - { -#ifndef OPENSSL_NO_DH - _dhParams = make_shared(); - SSL_CTX_set_options(_ctx, SSL_OP_SINGLE_DH_USE); - SSL_CTX_set_tmp_dh_callback(_ctx, IceSSL_opensslDHCallback); -#endif - // - // Properties have the following form: - // - // ...DH.=file - // - const string dhPrefix = propPrefix + "DH."; - PropertyDict d = properties->getPropertiesForPrefix(dhPrefix); - if (!d.empty()) - { -#ifdef OPENSSL_NO_DH - getLogger()->warning("IceSSL: OpenSSL is not configured for Diffie Hellman"); -#else - for (PropertyDict::iterator p = d.begin(); p != d.end(); ++p) - { - string s = p->first.substr(dhPrefix.size()); - int keyLength = atoi(s.c_str()); - if (keyLength > 0) - { - string file = p->second; - string resolved; - if (!checkPath(file, defaultDir, false, resolved)) - { - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: DH parameter file not found:\n" + file); - } - file = resolved; - if (!_dhParams->add(keyLength, file)) - { - throw PluginInitializationException( - __FILE__, - __LINE__, - "IceSSL: unable to read DH parameter file " + file); - } - } - } -#endif - } - } - int revocationCheck = getRevocationCheck(); if (revocationCheck > 0) { @@ -856,14 +603,6 @@ OpenSSL::SSLEngine::createTransceiver( return make_shared(instance, delegate, hostOrAdapterName, incoming); } -#ifndef OPENSSL_NO_DH -DH* -OpenSSL::SSLEngine::dhParams(int keyLength) -{ - return _dhParams->get(keyLength); -} -#endif - SSL_METHOD* OpenSSL::SSLEngine::getMethod() { diff --git a/cpp/src/IceSSL/OpenSSLEngine.h b/cpp/src/IceSSL/OpenSSLEngine.h index 282f7bdc14b..7a733d1ecdc 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.h +++ b/cpp/src/IceSSL/OpenSSLEngine.h @@ -26,24 +26,16 @@ namespace IceSSL IceInternal::TransceiverPtr createTransceiver(const IceSSL::InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) final; - -#ifndef OPENSSL_NO_DH - DH* dhParams(int); -#endif - SSL_CTX* context() const; void context(SSL_CTX*); std::string sslErrors() const; + std::string password() const { return _password; } private: - void cleanup(); SSL_METHOD* getMethod(); SSL_CTX* _ctx; - -#ifndef OPENSSL_NO_DH - IceSSL::OpenSSL::DHParamsPtr _dhParams; -#endif + std::string _password; }; } // OpenSSL namespace end diff --git a/cpp/src/IceSSL/PluginI.cpp b/cpp/src/IceSSL/PluginI.cpp index 59d3fee4f00..813278f3973 100644 --- a/cpp/src/IceSSL/PluginI.cpp +++ b/cpp/src/IceSSL/PluginI.cpp @@ -49,32 +49,6 @@ PluginI::destroy() _engine = 0; } -void -PluginI::setCertificateVerifier(std::function&)> verifier) -{ - if (verifier) - { - _engine->setCertificateVerifier(make_shared(std::move(verifier))); - } - else - { - _engine->setCertificateVerifier(nullptr); - } -} - -void -PluginI::setPasswordPrompt(std::function prompt) -{ - if (prompt) - { - _engine->setPasswordPrompt(make_shared(std::move(prompt))); - } - else - { - _engine->setPasswordPrompt(nullptr); - } -} - extern "C" { ICESSL_API Ice::Plugin* createIceSSL(const CommunicatorPtr&, const string&, const StringSeq&); diff --git a/cpp/src/IceSSL/PluginI.h b/cpp/src/IceSSL/PluginI.h index c13c5d12748..7696d1b1dde 100644 --- a/cpp/src/IceSSL/PluginI.h +++ b/cpp/src/IceSSL/PluginI.h @@ -40,12 +40,6 @@ namespace IceSSL virtual void initialize(); virtual void destroy(); - // - // From IceSSL::Plugin. - // - virtual void setCertificateVerifier(std::function); - virtual void setPasswordPrompt(std::function); - virtual CertificatePtr load(const std::string&) const = 0; virtual CertificatePtr decode(const std::string&) const = 0; diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp index a6d797563cd..fea17f26e69 100644 --- a/cpp/src/IceSSL/SChannelEngine.cpp +++ b/cpp/src/IceSSL/SChannelEngine.cpp @@ -580,16 +580,9 @@ SChannel::SSLEngine::initialize() const_cast(_strongCrypto) = properties->getPropertyAsIntWithDefault(prefix + "SchannelStrongCrypto", 0) > 0; - // - // Check for a default directory. We look in this directory for - // files mentioned in the configuration. - // + // Check for a default directory. We look in this directory for files mentioned in the configuration. const string defaultDir = properties->getProperty(prefix + "DefaultDir"); - const int passwordRetryMax = properties->getPropertyAsIntWithDefault(prefix + "PasswordRetryMax", 3); - PasswordPromptPtr passwordPrompt = getPasswordPrompt(); - setPassword(properties->getProperty(prefix + "Password")); - string ciphers = properties->getProperty(prefix + "Ciphers"); if (!ciphers.empty()) { @@ -629,10 +622,6 @@ SChannel::SSLEngine::initialize() // Create trusted CA store with contents of CertAuthFile // string caFile = properties->getProperty(prefix + "CAs"); - if (caFile.empty()) - { - caFile = properties->getProperty(prefix + "CertAuthFile"); - } if (!caFile.empty() || properties->getPropertyAsInt("IceSSL.UsePlatformCAs") <= 0) { _rootStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 0, 0); @@ -749,23 +738,17 @@ SChannel::SSLEngine::initialize() pfxBlob.cbData = static_cast(buffer.size()); pfxBlob.pbData = reinterpret_cast(&buffer[0]); - HCERTSTORE store = 0; PCCERT_CONTEXT cert = 0; - int err = 0; - int count = 0; DWORD importFlags = (certStoreLocation == "LocalMachine") ? CRYPT_MACHINE_KEYSET : CRYPT_USER_KEYSET; - do - { - string s = password(false); - store = PFXImportCertStore(&pfxBlob, Ice::stringToWstring(s).c_str(), importFlags); - err = store ? 0 : GetLastError(); - } while (err == ERROR_INVALID_PASSWORD && passwordPrompt && ++count < passwordRetryMax); + HCERTSTORE store = PFXImportCertStore( + &pfxBlob, + Ice::stringToWstring(properties->getProperty(prefix + "Password")).c_str(), + importFlags); + int err = store ? 0 : GetLastError(); if (store) { - // // Try to find a certificate chain. - // CERT_CHAIN_FIND_BY_ISSUER_PARA para; memset(¶, 0, sizeof(CERT_CHAIN_FIND_BY_ISSUER_PARA)); para.cbSize = sizeof(CERT_CHAIN_FIND_BY_ISSUER_PARA); @@ -787,9 +770,7 @@ SChannel::SSLEngine::initialize() CertFreeCertificateChain(chain); } - // // Check if we can find a certificate if we couldn't find a chain. - // if (!cert) { cert = CertFindCertificateInStore(store, X509_ASN_ENCODING, 0, CERT_FIND_ANY, 0, cert); @@ -815,9 +796,7 @@ SChannel::SSLEngine::initialize() "IceSSL: error decoding certificate:\n" + lastErrorToString()); } - // // Try to load certificate & key as PEM files. - // if (keyFiles.empty()) { throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: no key file specified"); @@ -841,9 +820,7 @@ SChannel::SSLEngine::initialize() outBuffer.resize(buffer.size()); DWORD outLength = static_cast(buffer.size()); - // // Convert the PEM encoded buffer to DER binary format. - // if (!CryptStringToBinary( &buffer[0], static_cast(buffer.size()), @@ -864,9 +841,7 @@ SChannel::SSLEngine::initialize() HCRYPTKEY hKey = 0; try { - // // First try to decode as a PKCS#8 key, if that fails try PKCS#1. - // DWORD decodedLength = 0; if (CryptDecodeObjectEx( X509_ASN_ENCODING, @@ -878,9 +853,7 @@ SChannel::SSLEngine::initialize() &keyInfo, &decodedLength)) { - // - // Check that we are using a RSA Key - // + // Check that we are using a RSA Key. if (strcmp(keyInfo->Algorithm.pszObjId, szOID_RSA_RSA)) { throw PluginInitializationException( @@ -889,9 +862,7 @@ SChannel::SSLEngine::initialize() string("IceSSL: error unknow key algorithm: `") + keyInfo->Algorithm.pszObjId + "'"); } - // - // Decode the private key BLOB - // + // Decode the private key BLOB. if (!CryptDecodeObjectEx( X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, @@ -912,9 +883,7 @@ SChannel::SSLEngine::initialize() } else { - // - // Decode the private key BLOB - // + // Decode the private key BLOB. if (!CryptDecodeObjectEx( X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, @@ -932,9 +901,7 @@ SChannel::SSLEngine::initialize() } } - // - // Create a new RSA key set to store our key - // + // Create a new RSA key set to store our key. const wstring keySetName = Ice::stringToWstring(generateUUID()); HCRYPTPROV cryptProv = 0; @@ -959,9 +926,7 @@ SChannel::SSLEngine::initialize() lastErrorToString()); } - // - // Import the private key - // + // Import the private key. if (!CryptImportKey(cryptProv, key, outLength, 0, 0, &hKey)) { throw PluginInitializationException( @@ -975,9 +940,7 @@ SChannel::SSLEngine::initialize() CryptDestroyKey(hKey); hKey = 0; - // - // Create a new memory store to place the certificate - // + // Create a new memory store to place the certificate. store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, 0, 0); if (!store) { @@ -991,9 +954,7 @@ SChannel::SSLEngine::initialize() addCertificatesToStore(cFile, store, &cert); - // - // Associate key & certificate - // + // Associate key & certificate. CRYPT_KEY_PROV_INFO keyProvInfo; memset(&keyProvInfo, 0, sizeof(keyProvInfo)); keyProvInfo.pwszContainerName = const_cast(keySetName.c_str()); @@ -1152,20 +1113,13 @@ SChannel::SSLEngine::newCredentialsHandle(bool incoming) if (incoming) { - // - // Don't set SCH_SEND_ROOT_CERT as it seems to cause problems with - // Java certificate validation and SChannel doesn't seems to send - // the root certificate either way. - // + // Don't set SCH_SEND_ROOT_CERT as it seems to cause problems with Java certificate validation and SChannel + // doesn't seems to send the root certificate either way. cred.dwFlags = SCH_CRED_NO_SYSTEM_MAPPER; - // - // There's no way to prevent SChannel from sending "CA names" to the - // client. Recent Windows versions don't CA names but older ones do - // send all the trusted root CA names. We provide the root store to - // ensure that for these older Windows versions, we also include the - // CA names of our trusted roots. - // + // There's no way to prevent SChannel from sending "CA names" to the client. Recent Windows versions don't CA + // names but older ones do send all the trusted root CA names. We provide the root store to ensure that for + // these older Windows versions, we also include the CA names of our trusted roots. cred.hRootStore = _rootStore; } else @@ -1242,10 +1196,8 @@ SChannel::SSLEngine::destroy() for (vector::const_iterator i = _importedCerts.begin(); i != _importedCerts.end(); ++i) { - // - // Retrieve the certificate CERT_KEY_PROV_INFO_PROP_ID property, we use the CRYPT_KEY_PROV_INFO - // data to remove the key set associated with the certificate. - // + // Retrieve the certificate CERT_KEY_PROV_INFO_PROP_ID property, we use the CRYPT_KEY_PROV_INFO data to remove + // the key set associated with the certificate. DWORD length = 0; if (!CertGetCertificateContextProperty(*i, CERT_KEY_PROV_INFO_PROP_ID, 0, &length)) { diff --git a/cpp/src/IceSSL/SChannelPluginI.cpp b/cpp/src/IceSSL/SChannelPluginI.cpp index f88fa1ab193..7db4db183a9 100644 --- a/cpp/src/IceSSL/SChannelPluginI.cpp +++ b/cpp/src/IceSSL/SChannelPluginI.cpp @@ -21,11 +21,8 @@ namespace virtual IceSSL::CertificatePtr decode(const std::string&) const; }; -} // anonymous namespace end +} -// -// Plugin implementation. -// PluginI::PluginI(const Ice::CommunicatorPtr& com) : IceSSL::PluginI(com, make_shared(com)) { } diff --git a/cpp/src/IceSSL/SChannelTransceiverI.cpp b/cpp/src/IceSSL/SChannelTransceiverI.cpp index 578ee37baa2..c587cffd611 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.cpp +++ b/cpp/src/IceSSL/SChannelTransceiverI.cpp @@ -45,6 +45,9 @@ namespace case SP_PROT_TLS1_2_CLIENT: case SP_PROT_TLS1_2_SERVER: return "TLS 1.2"; + case SP_PROT_TLS1_3_CLIENT: + case SP_PROT_TLS1_3_SERVER: + return "TLS 1.3"; default: return "Unknown"; } diff --git a/cpp/src/IceSSL/SSLEngine.cpp b/cpp/src/IceSSL/SSLEngine.cpp index 010d50717b1..e5697a2778f 100644 --- a/cpp/src/IceSSL/SSLEngine.cpp +++ b/cpp/src/IceSSL/SSLEngine.cpp @@ -31,53 +31,6 @@ IceSSL::SSLEngine::SSLEngine(const Ice::CommunicatorPtr& communicator) { } -IceSSL::CertificateVerifierPtr -IceSSL::SSLEngine::getCertificateVerifier() const -{ - return _verifier; -} - -void -IceSSL::SSLEngine::setCertificateVerifier(const IceSSL::CertificateVerifierPtr& verifier) -{ - _verifier = verifier; -} - -IceSSL::PasswordPromptPtr -IceSSL::SSLEngine::getPasswordPrompt() const -{ - return _prompt; -} - -void -IceSSL::SSLEngine::setPasswordPrompt(const IceSSL::PasswordPromptPtr& prompt) -{ - _prompt = prompt; -} - -string -IceSSL::SSLEngine::password(bool /*encrypting*/) -{ - if (_prompt) - { - try - { - return _prompt->getPassword(); - } - catch (...) - { - // - // Don't allow exceptions to cross an OpenSSL boundary. - // - return string(); - } - } - else - { - return _password; - } -} - bool IceSSL::SSLEngine::initialized() const { @@ -85,46 +38,20 @@ IceSSL::SSLEngine::initialized() const return _initialized; } -string -IceSSL::SSLEngine::getPassword() const -{ - return _password; -} - -void -IceSSL::SSLEngine::setPassword(const std::string& password) -{ - _password = password; -} - void IceSSL::SSLEngine::initialize() { const string propPrefix = "IceSSL."; const PropertiesPtr properties = communicator()->getProperties(); - // - // CheckCertName determines whether we compare the name in a peer's - // certificate against its hostname. - // + // CheckCertName determines whether we compare the name in a peer's certificate against its hostname. _checkCertName = properties->getPropertyAsIntWithDefault(propPrefix + "CheckCertName", 0) > 0; - // - // CheckCertName > 1 enables SNI, the SNI extension applies to client connections, - // indicating the hostname to the server (must be DNS hostname, not an IP address). - // + // CheckCertName > 1 enables SNI, the SNI extension applies to client connections, indicating the hostname to the + // server (must be DNS hostname, not an IP address). _serverNameIndication = properties->getPropertyAsIntWithDefault(propPrefix + "CheckCertName", 0) > 1; - // - // VerifyDepthMax establishes the maximum length of a peer's certificate - // chain, including the peer's certificate. A value of 0 means there is - // no maximum. - // - _verifyDepthMax = properties->getPropertyAsIntWithDefault(propPrefix + "VerifyDepthMax", 3); - - // // VerifyPeer determines whether certificate validation failures abort a connection. - // _verifyPeer = properties->getPropertyAsIntWithDefault(propPrefix + "VerifyPeer", 2); if (_verifyPeer < 0 || _verifyPeer > 2) @@ -146,18 +73,13 @@ IceSSL::SSLEngine::initialize() void IceSSL::SSLEngine::verifyPeerCertName(const string& address, const ConnectionInfoPtr& info) { - // - // For an outgoing connection, we compare the proxy address (if any) against - // fields in the server's certificate (if any). - // + // For an outgoing connection, we compare the proxy address (if any) against fields in the server's certificate + // (if any). if (_checkCertName && !info->certs.empty() && !address.empty()) { const CertificatePtr cert = info->certs[0]; - // - // Extract the IP addresses and the DNS names from the subject - // alternative names. - // + // Extract the IP addresses and the DNS names from the subject alternative names. vector> subjectAltNames = cert->getSubjectAlternativeNames(); vector ipAddresses; vector dnsNames; @@ -177,19 +99,15 @@ IceSSL::SSLEngine::verifyPeerCertName(const string& address, const ConnectionInf string addrLower = IceUtilInternal::toLower(address); bool isIpAddress = IceInternal::isIpAddress(address); - // - // If address is an IP address, compare it to the subject alternative names IP adddress - // + // If address is an IP address, compare it to the subject alternative names IP address if (isIpAddress) { certNameOK = find(ipAddresses.begin(), ipAddresses.end(), addrLower) != ipAddresses.end(); } else { - // - // If subjectAlt is empty compare it ot the subject CN, othewise - // compare it to the to the subject alt name dnsNames - // + // If subjectAlt is empty compare it ot the subject CN, otherwise compare it to the to the subject alt + // name dnsNames. if (dnsNames.empty()) { DistinguishedName d = cert->getSubjectDN(); @@ -198,9 +116,7 @@ IceSSL::SSLEngine::verifyPeerCertName(const string& address, const ConnectionInf string::size_type pos = dn.find(cn); if (pos != string::npos) { - // // Ensure we match the entire common name. - // certNameOK = (pos + cn.size() == dn.size()) || (dn[pos + cn.size()] == ','); } } @@ -233,21 +149,6 @@ IceSSL::SSLEngine::verifyPeerCertName(const string& address, const ConnectionInf void IceSSL::SSLEngine::verifyPeer(const string& /*address*/, const ConnectionInfoPtr& info, const string& desc) { - const CertificateVerifierPtr verifier = getCertificateVerifier(); - if (_verifyDepthMax > 0 && static_cast(info->certs.size()) > _verifyDepthMax) - { - ostringstream ostr; - ostr << (info->incoming ? "incoming" : "outgoing") << " connection rejected:\n" - << "length of peer's certificate chain (" << info->certs.size() << ") exceeds maximum of " - << _verifyDepthMax; - string msg = ostr.str(); - if (_securityTraceLevel >= 1) - { - _logger->trace(_securityTraceCategory, msg + "\n" + desc); - } - throw SecurityException(__FILE__, __LINE__, msg); - } - if (!_trustManager->verify(info, desc)) { string msg = string(info->incoming ? "incoming" : "outgoing") + " connection rejected by trust manager"; @@ -257,16 +158,6 @@ IceSSL::SSLEngine::verifyPeer(const string& /*address*/, const ConnectionInfoPtr } throw SecurityException(__FILE__, __LINE__, msg); } - - if (verifier && !verifier->verify(info)) - { - string msg = string(info->incoming ? "incoming" : "outgoing") + " connection rejected by certificate verifier"; - if (_securityTraceLevel >= 1) - { - _logger->trace(_securityTraceCategory, msg + "\n" + desc); - } - throw SecurityException(__FILE__, __LINE__, msg); - } } bool diff --git a/cpp/src/IceSSL/SSLEngine.h b/cpp/src/IceSSL/SSLEngine.h index 84521883c21..5e3cc2f138f 100644 --- a/cpp/src/IceSSL/SSLEngine.h +++ b/cpp/src/IceSSL/SSLEngine.h @@ -27,40 +27,22 @@ namespace IceSSL Ice::CommunicatorPtr communicator() const { return _communicator; } Ice::LoggerPtr getLogger() const { return _logger; }; - void setCertificateVerifier(const CertificateVerifierPtr&); - void setPasswordPrompt(const PasswordPromptPtr&); - std::string password(bool); - - // // Setup the engine. - // virtual void initialize() = 0; virtual bool initialized() const; - // // Destroy the engine. - // virtual void destroy() = 0; - // - // Create a transceiver using the engine specific implementation - // + // Create a transceiver using the engine specific implementation. virtual IceInternal::TransceiverPtr createTransceiver(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) = 0; - // - // Verify peer certificate - // + // Verify peer certificate. virtual void verifyPeer(const std::string&, const ConnectionInfoPtr&, const std::string&); void verifyPeerCertName(const std::string&, const ConnectionInfoPtr&); - CertificateVerifierPtr getCertificateVerifier() const; - PasswordPromptPtr getPasswordPrompt() const; - - std::string getPassword() const; - void setPassword(const std::string& password); - bool getCheckCertName() const; bool getServerNameIndication() const; int getVerifyPeer() const; @@ -79,8 +61,6 @@ namespace IceSSL const TrustManagerPtr _trustManager; std::string _password; - CertificateVerifierPtr _verifier; - PasswordPromptPtr _prompt; bool _checkCertName; bool _serverNameIndication; diff --git a/cpp/src/IceSSL/SecureTransportEngine.cpp b/cpp/src/IceSSL/SecureTransportEngine.cpp index b525fd7fd11..e82fcf6050a 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.cpp +++ b/cpp/src/IceSSL/SecureTransportEngine.cpp @@ -333,9 +333,9 @@ namespace } // - // Retrive the name of a cipher, SSLCipherSuite inlude duplicated values for TLS/SSL + // Retrieve the name of a cipher, SSLCipherSuite includes duplicated values for TLS/SSL // protocol ciphers, for example SSL_RSA_WITH_RC4_128_MD5/TLS_RSA_WITH_RC4_128_MD5 - // are represeted by the same SSLCipherSuite value, the names return by this method + // are represented by the same SSLCipherSuite value, the names return by this method // doesn't include a protocol prefix. // string CiphersHelper::cipherName(SSLCipherSuite cipher) @@ -776,10 +776,6 @@ IceSSL::SecureTransport::SSLEngine::initialize() try { string caFile = properties->getProperty("IceSSL.CAs"); - if (caFile.empty()) - { - caFile = properties->getProperty("IceSSL.CertAuthFile"); - } if (!caFile.empty()) { string resolved; @@ -804,8 +800,6 @@ IceSSL::SecureTransport::SSLEngine::initialize() } const string password = properties->getProperty("IceSSL.Password"); - const int passwordRetryMax = properties->getPropertyAsIntWithDefault("IceSSL.PasswordRetryMax", 3); - PasswordPromptPtr passwordPrompt = getPasswordPrompt(); string certFile = properties->getProperty("IceSSL.CertFile"); string findCert = properties->getProperty("IceSSL.FindCert"); @@ -895,23 +889,6 @@ IceSSL::SecureTransport::SSLEngine::initialize() _chain.reset(findCertificateChain(keychain, keychainPassword, findCert)); } - // - // DiffieHellmanParams in DER format. - // -#if defined(ICE_USE_SECURE_TRANSPORT_MACOS) - string dhFile = properties->getProperty("IceSSL.DHParams"); - if (!dhFile.empty()) - { - string resolved; - if (!checkPath(dhFile, defaultDir, false, resolved)) - { - throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: DH params file not found:\n" + dhFile); - } - - readFile(resolved, _dhParams); - } -#endif - // // Establish the cipher list. // @@ -1002,19 +979,6 @@ IceSSL::SecureTransport::SSLEngine::newContext(bool incoming) break; } } - -#if defined(ICE_USE_SECURE_TRANSPORT_MACOS) - if (!_dhParams.empty()) - { - if ((err = SSLSetDiffieHellmanParams(ssl, &_dhParams[0], _dhParams.size()))) - { - throw SecurityException( - __FILE__, - __LINE__, - "IceSSL: unable to create the trust object:\n" + sslErrorToString(err)); - } - } -#endif } if (_chain && (err = SSLSetCertificate(ssl, _chain.get()))) diff --git a/cpp/src/IceSSL/TrustManager.cpp b/cpp/src/IceSSL/TrustManager.cpp index ebe99d8ab54..88c734b9f42 100644 --- a/cpp/src/IceSSL/TrustManager.cpp +++ b/cpp/src/IceSSL/TrustManager.cpp @@ -114,17 +114,13 @@ TrustManager::verify(const ConnectionInfoPtr& info, const std::string& desc) } } - // // If there is nothing to match against, then we accept the cert. - // if (reject.empty() && accept.empty()) { return true; } - // // If there is no certificate then we match false. - // if (info->certs.size() != 0) { DistinguishedName subject = info->certs[0]->getSubjectDN(); @@ -145,9 +141,7 @@ TrustManager::verify(const ConnectionInfoPtr& info, const std::string& desc) trace << desc; } - // // Fail if we match anything in the reject set. - // for (list>::const_iterator p = reject.begin(); p != reject.end(); ++p) { if (_traceLevel > 1) @@ -169,9 +163,7 @@ TrustManager::verify(const ConnectionInfoPtr& info, const std::string& desc) } } - // // Succeed if we match anything in the accept set. - // for (list>::const_iterator p = accept.begin(); p != accept.end(); ++p) { if (_traceLevel > 1) @@ -193,9 +185,7 @@ TrustManager::verify(const ConnectionInfoPtr& info, const std::string& desc) } } - // // At this point we accept the connection if there are no explicit accept rules. - // return accept.empty(); } diff --git a/cpp/src/IceSSL/Util.cpp b/cpp/src/IceSSL/Util.cpp index 68f4e4913d2..9982087f4e1 100644 --- a/cpp/src/IceSSL/Util.cpp +++ b/cpp/src/IceSSL/Util.cpp @@ -45,42 +45,19 @@ IceSSL::fromCFString(CFStringRef v) #endif -IceSSL::CertificateVerifier::CertificateVerifier(std::function v) - : _verify(std::move(v)) -{ -} - -bool -IceSSL::CertificateVerifier::verify(const ConnectionInfoPtr& info) -{ - return _verify(info); -} - -IceSSL::PasswordPrompt::PasswordPrompt(std::function p) : _prompt(std::move(p)) {} - -std::string -IceSSL::PasswordPrompt::getPassword() -{ - return _prompt(); -} - bool IceSSL::parseBytes(const string& arg, vector& buffer) { string v = IceUtilInternal::toUpper(arg); - // // Check for any invalid characters. - // size_t pos = v.find_first_not_of(" :0123456789ABCDEF"); if (pos != string::npos) { return false; } - // // Remove any separator characters. - // ostringstream s; for (string::const_iterator i = v.begin(); i != v.end(); ++i) { @@ -92,9 +69,7 @@ IceSSL::parseBytes(const string& arg, vector& buffer) } v = s.str(); - // // Convert the bytes. - // for (size_t i = 0, length = v.size(); i + 2 <= length;) { buffer.push_back(static_cast(strtol(v.substr(i, 2).c_str(), 0, 16))); diff --git a/cpp/src/IceSSL/Util.h b/cpp/src/IceSSL/Util.h index 7e8d2891958..3b4b5bd4133 100644 --- a/cpp/src/IceSSL/Util.h +++ b/cpp/src/IceSSL/Util.h @@ -34,35 +34,8 @@ namespace IceSSL } #endif - // - // Adapts the C++11 functions to C++98-like callbacks - // - class ICESSL_API CertificateVerifier - { - public: - CertificateVerifier(std::function); - bool verify(const ConnectionInfoPtr&); - - private: - std::function _verify; - }; - using CertificateVerifierPtr = std::shared_ptr; - - class ICESSL_API PasswordPrompt - { - public: - PasswordPrompt(std::function); - std::string getPassword(); - - private: - std::function _prompt; - }; - using PasswordPromptPtr = std::shared_ptr; - - // // Constants for X509 certificate alt names (AltNameOther, AltNameORAddress, AltNameEDIPartyName and // AltNameObjectIdentifier) are not supported. - // // const int AltNameOther = 0; const int AltNameEmail = 1; @@ -74,15 +47,10 @@ namespace IceSSL const int AltNAmeIP = 7; // const AltNameObjectIdentifier = 8; - // // Read a file into memory buffer. - // ICESSL_API void readFile(const std::string&, std::vector&); - // - // Determine if a file or directory exists, with an optional default - // directory. - // + // Determine if a file or directory exists, with an optional default directory. ICESSL_API bool checkPath(const std::string&, const std::string&, bool, std::string&); ICESSL_API bool parseBytes(const std::string&, std::vector&); diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index 7ccd8e0fc53..1b0e6e5c180 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -269,108 +269,6 @@ class ImportCerts }; #endif -class PasswordPromptI final -{ -public: - PasswordPromptI(const string& password) : _password(password), _count(0) {} - - virtual string getPassword() - { - ++_count; - return _password; - } - - int count() const { return _count; } - -private: - string _password; - int _count; -}; -using PasswordPromptIPtr = std::shared_ptr; - -class CertificateVerifierI final -{ -public: - CertificateVerifierI() { reset(); } - - virtual bool verify(const IceSSL::ConnectionInfoPtr& info) - { - if (info->certs.size() > 0) - { -#if !defined(__APPLE__) || TARGET_OS_IPHONE == 0 - // - // Subject alternative name - // - { - vector> altNames = info->certs[0]->getSubjectAlternativeNames(); - vector ipAddresses; - vector dnsNames; - for (vector>::const_iterator p = altNames.begin(); p != altNames.end(); ++p) - { - if (p->first == 7) - { - ipAddresses.push_back(p->second); - } - else if (p->first == 2) - { - dnsNames.push_back(p->second); - } - } - - test(find(dnsNames.begin(), dnsNames.end(), "server") != dnsNames.end()); - test(find(ipAddresses.begin(), ipAddresses.end(), "127.0.0.1") != ipAddresses.end()); - } - - // - // Issuer alternative name - // - { - vector> altNames = info->certs[0]->getIssuerAlternativeNames(); - vector ipAddresses; - vector emailAddresses; - for (vector>::const_iterator p = altNames.begin(); p != altNames.end(); ++p) - { - if (p->first == 7) - { - ipAddresses.push_back(p->second); - } - else if (p->first == 1) - { - emailAddresses.push_back(p->second); - } - } - - test(find(ipAddresses.begin(), ipAddresses.end(), "127.0.0.1") != ipAddresses.end()); - test(find(emailAddresses.begin(), emailAddresses.end(), "issuer@zeroc.com") != emailAddresses.end()); - } -#endif - } - - _hadCert = info->certs.size() != 0; - _invoked = true; - return _returnValue; - } - - void reset() - { - _returnValue = true; - _invoked = false; - _hadCert = false; - } - - void returnValue(bool b) { _returnValue = b; } - - bool invoked() const { return _invoked; } - - bool hadCert() const { return _hadCert; } - -private: - bool _returnValue; - bool _invoked; - bool _hadCert; -}; -using CertificateVerifierIPtr = std::shared_ptr; - int keychainN = 0; static PropertiesPtr @@ -1461,182 +1359,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) } comm->destroy(); - // - // Try certificate with one intermediate and VerifyDepthMax=2 - // - initData.properties = createClientProps(defaultProps, p12, "", "cacert1"); - initData.properties->setProperty("IceSSL.VerifyPeer", "1"); - initData.properties->setProperty("IceSSL.VerifyDepthMax", "2"); - comm = initialize(initData); - - fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - - { - d = createServerProps(defaultProps, p12, "s_rsa_cai1", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact->createServer(d); - try - { - server->ice_getConnection()->getInfo(); - import.cleanup(); - test(false); - } - catch (const Ice::SecurityException&) - { - // Chain length too long - } - catch (const Ice::LocalException& ex) - { - cerr << ex << endl; - import.cleanup(); - test(false); - } - fact->destroyServer(server); - } - comm->destroy(); - - // - // Try with VerifyDepthMax set to 3 (the default) - // - initData.properties = createClientProps(defaultProps, p12, "", "cacert1"); - initData.properties->setProperty("IceSSL.VerifyPeer", "1"); - // initData.properties->setProperty("IceSSL.VerifyDepthMax", "3"); - comm = initialize(initData); - - fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - { - d = createServerProps(defaultProps, p12, "s_rsa_cai1", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact->createServer(d); - try - { - info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(info->certs.size() == 3); - test(info->verified); - test(getTrustError(info) == IceSSL::TrustError::NoError); - } - catch (const Ice::LocalException& ex) - { - cerr << ex << endl; - import.cleanup(); - test(false); - } - fact->destroyServer(server); - } - - { - d = createServerProps(defaultProps, p12, "s_rsa_cai2", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact->createServer(d); - try - { - server->ice_getConnection()->getInfo(); - import.cleanup(); - test(false); - } - catch (const Ice::SecurityException&) - { - // Chain length too long - } - fact->destroyServer(server); - } - comm->destroy(); - - // - // Increase VerifyDepthMax to 4 - // - initData.properties = createClientProps(defaultProps, p12, "", "cacert1"); - initData.properties->setProperty("IceSSL.VerifyPeer", "1"); - initData.properties->setProperty("IceSSL.VerifyDepthMax", "4"); - comm = initialize(initData); - - fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - - { - d = createServerProps(defaultProps, p12, "s_rsa_cai2", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact->createServer(d); - try - { - info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(info->certs.size() == 4); - test(info->verified); - test(getTrustError(info) == IceSSL::TrustError::NoError); - } - catch (const Ice::LocalException& ex) - { - cerr << ex << endl; - import.cleanup(); - test(false); - } - fact->destroyServer(server); - } - - comm->destroy(); - - // - // Increase VerifyDepthMax to 4 - // - initData.properties = createClientProps(defaultProps, p12, "c_rsa_cai2", "cacert1"); - initData.properties->setProperty("IceSSL.VerifyPeer", "1"); - initData.properties->setProperty("IceSSL.VerifyDepthMax", "4"); - comm = initialize(initData); - - fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - - { - d = createServerProps(defaultProps, p12, "s_rsa_cai2", "cacert1"); - d["IceSSL.VerifyPeer"] = "2"; - server = fact->createServer(d); - try - { - server->ice_getConnection(); - import.cleanup(); - test(false); - } - catch (const Ice::ProtocolException&) - { - // Expected - } - catch (const Ice::ConnectionLostException&) - { - // Expected - } - catch (const Ice::LocalException& ex) - { - cerr << ex << endl; - import.cleanup(); - test(false); - } - fact->destroyServer(server); - } - - { - d = createServerProps(defaultProps, p12, "s_rsa_cai2", "cacert1"); - d["IceSSL.VerifyPeer"] = "2"; - d["IceSSL.VerifyDepthMax"] = "4"; - server = fact->createServer(d); - try - { - server->ice_getConnection(); - } - catch (const Ice::LocalException& ex) - { - cerr << ex << endl; - import.cleanup(); - test(false); - } - fact->destroyServer(server); - } - - comm->destroy(); - import.cleanup(); + cout << "ok" << endl; } - cout << "ok" << endl; #if defined(ICE_USE_OPENSSL) || defined(ICE_USE_SCHANNEL) cout << "testing certificate extensions... " << flush; @@ -1729,12 +1453,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) # endif initData.properties->setProperty("IceSSL.VerifyPeer", "0"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = dynamic_pointer_cast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); - CertificateVerifierIPtr verifier = make_shared(); - - plugin->setCertificateVerifier([verifier](const shared_ptr& infoP) - { return verifier->verify(infoP); }); optional fact = Test::ServerFactoryPrx(comm, factoryRef); test(fact); @@ -1762,15 +1480,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) cerr << ex << endl; test(false); } - test(verifier->invoked()); - test(!verifier->hadCert()); - // - // Have the verifier return false. Close the connection explicitly - // to force a new connection to be established. - // - verifier->reset(); - verifier->returnValue(false); + // Have the verifier return false. Close the connection explicitly to force a new connection to be established. server->ice_getConnection()->close(Ice::ConnectionClose::GracefullyWithWait); try { @@ -1786,27 +1497,18 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) cerr << ex << endl; test(false); } - test(verifier->invoked()); - test(!verifier->hadCert()); fact->destroyServer(server); comm->destroy(); #endif } { - // // Verify that a server certificate is present. - // InitializationData initData; initData.properties = createClientProps(defaultProps, p12, "c_rsa_ca1", "cacert1"); initData.properties->setProperty("IceSSL.VerifyPeer", "0"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = dynamic_pointer_cast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); - CertificateVerifierIPtr verifier = make_shared(); - plugin->setCertificateVerifier([verifier](const shared_ptr& infoP) - { return verifier->verify(infoP); }); optional fact = Test::ServerFactoryPrx(comm, factoryRef); test(fact); Test::Properties d = createServerProps(defaultProps, p12, "s_rsa_ca1", "cacert1"); @@ -1821,8 +1523,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) cerr << ex << endl; test(false); } - test(verifier->invoked()); - test(verifier->hadCert()); fact->destroyServer(server); comm->destroy(); } @@ -2001,84 +1701,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) cout << "ok" << endl; #endif - // - // SChannel doesn't support PEM Password protected certificates certificates - // -#if defined(ICE_USE_SCHANNEL) || defined(ICE_USE_SECURE_TRANSPORT) - if (p12) - { -#endif - cout << "testing password prompt... " << flush; - { - // - // Use the correct password. - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12, "c_rsa_pass_ca1", "cacert1"); - initData.properties->setProperty("IceSSL.Password", ""); // Clear the password - - initData.properties->setProperty("Ice.InitPlugins", "0"); - CommunicatorPtr comm = initialize(initData); - PluginManagerPtr pm = comm->getPluginManager(); - IceSSL::PluginPtr plugin = dynamic_pointer_cast(pm->getPlugin("IceSSL")); - test(plugin); - PasswordPromptIPtr prompt = make_shared("client"); - - plugin->setPasswordPrompt([prompt] { return prompt->getPassword(); }); - pm->initializePlugins(); - test(prompt->count() == 1); - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - Test::Properties d = createServerProps(defaultProps, p12, "s_rsa_ca1", "cacert1"); - optional server = fact->createServer(d); - try - { - server->ice_ping(); - } - catch (const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - fact->destroyServer(server); - comm->destroy(); - - // - // Use an incorrect password and check that retries are attempted. - // - initData.properties = createClientProps(defaultProps, p12, "c_rsa_pass_ca1", "cacert1"); - initData.properties->setProperty("IceSSL.Password", ""); // Clear password - initData.properties->setProperty("IceSSL.PasswordRetryMax", "4"); - initData.properties->setProperty("Ice.InitPlugins", "0"); - comm = initialize(initData); - pm = comm->getPluginManager(); - plugin = dynamic_pointer_cast(pm->getPlugin("IceSSL")); - test(plugin); - prompt = make_shared("invalid"); - - plugin->setPasswordPrompt([prompt] { return prompt->getPassword(); }); - try - { - pm->initializePlugins(); - test(false); - } - catch (const PluginInitializationException&) - { - // Expected. - } - catch (const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - test(prompt->count() == 4); - comm->destroy(); - } - cout << "ok" << endl; - -#if defined(ICE_USE_SCHANNEL) || defined(ICE_USE_SECURE_TRANSPORT) - } -#endif // TODO disabled for now /* cout << "testing ciphers... " << flush; @@ -3286,7 +2908,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) "SUBJECTKEYID:'EB 4A 7A 79 09 65 0F 45 40 E8 8C E6 A8 27 74 34 AB EA AF 48'", "SERIAL:01", "SERIAL:01 LABEL:Server", - 0}; + 0 + }; const char* failFindCertProperties[] = { "nolabel", @@ -3300,7 +2923,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) "SUBJECTKEYID:'a6 42 aa 17 04 41 86 56 67 e4 04 64 59 34 30 c7 4c 6b ef ff'", "SERIAL:04", "SERIAL:04 LABEL:Client", - 0}; + 0 + }; const char* certificates[] = {"/s_rsa_ca1.p12", "/c_rsa_ca1.p12", 0}; ImportCerts import(defaultDir, certificates); @@ -3677,7 +3301,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) InitializationData initData; initData.properties = createClientProps(defaultProps, false); initData.properties->setProperty("IceSSL.DefaultDir", ""); - initData.properties->setProperty("IceSSL.VerifyDepthMax", "5"); initData.properties->setProperty("Ice.Override.Timeout", "5000"); // 5s timeout CommunicatorPtr comm = initialize(initData); Ice::ObjectPrx p(comm, "Glacier2/router:wss -p 443 -h zeroc.com -r /demo-proxy/chat/glacier2"); @@ -3719,7 +3342,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) InitializationData initData; initData.properties = createClientProps(defaultProps, false); initData.properties->setProperty("IceSSL.DefaultDir", ""); - initData.properties->setProperty("IceSSL.VerifyDepthMax", "5"); initData.properties->setProperty("Ice.Override.Timeout", "5000"); // 5s timeout initData.properties->setProperty("IceSSL.UsePlatformCAs", "1"); CommunicatorPtr comm = initialize(initData); diff --git a/csharp/src/Ice/IceSSL/AcceptorI.cs b/csharp/src/Ice/IceSSL/AcceptorI.cs index 44ba11b5884..05b881794b8 100644 --- a/csharp/src/Ice/IceSSL/AcceptorI.cs +++ b/csharp/src/Ice/IceSSL/AcceptorI.cs @@ -55,9 +55,9 @@ internal AcceptorI( } } - private EndpointI _endpoint; + private readonly string _adapterName; private readonly IceInternal.Acceptor _delegate; + private EndpointI _endpoint; private readonly Instance _instance; - private readonly string _adapterName; private readonly SslServerAuthenticationOptions _serverAuthenticationOptions; } diff --git a/csharp/src/Ice/IceSSL/ConnectorI.cs b/csharp/src/Ice/IceSSL/ConnectorI.cs index d0fff7a676a..e9e89867c8d 100644 --- a/csharp/src/Ice/IceSSL/ConnectorI.cs +++ b/csharp/src/Ice/IceSSL/ConnectorI.cs @@ -14,14 +14,6 @@ public IceInternal.Transceiver connect() => public short type() => _delegate.type(); - // Only for use by EndpointI. - internal ConnectorI(Instance instance, IceInternal.Connector del, string host) - { - _instance = instance; - _delegate = del; - _host = host; - } - public override bool Equals(object obj) { if (obj is not ConnectorI) @@ -38,9 +30,17 @@ public override bool Equals(object obj) return _delegate.Equals(p._delegate); } + public override int GetHashCode() => _delegate.GetHashCode(); + public override string ToString() => _delegate.ToString(); - public override int GetHashCode() => _delegate.GetHashCode(); + // Only for use by EndpointI. + internal ConnectorI(Instance instance, IceInternal.Connector del, string host) + { + _instance = instance; + _delegate = del; + _host = host; + } private readonly IceInternal.Connector _delegate; private readonly string _host; diff --git a/csharp/src/Ice/IceSSL/Instance.cs b/csharp/src/Ice/IceSSL/Instance.cs index fcfbe29e808..795e71a5043 100644 --- a/csharp/src/Ice/IceSSL/Instance.cs +++ b/csharp/src/Ice/IceSSL/Instance.cs @@ -16,12 +16,8 @@ internal Instance(SSLEngine engine, short type, string protocol) : internal string securityTraceCategory() => _engine.securityTraceCategory(); - internal bool initialized() => _engine.initialized(); - internal X509Certificate2Collection certs() => _engine.certs(); - internal int checkCRL() => _engine.checkCRL(); - internal void traceStream(SslStream stream, string connInfo) => _engine.traceStream(stream, connInfo); internal void verifyPeer(ConnectionInfo info, string description) => diff --git a/csharp/src/Ice/IceSSL/SSLEngine.cs b/csharp/src/Ice/IceSSL/SSLEngine.cs index 6e5907f8237..1eb76c2256e 100644 --- a/csharp/src/Ice/IceSSL/SSLEngine.cs +++ b/csharp/src/Ice/IceSSL/SSLEngine.cs @@ -1,5 +1,6 @@ // Copyright (c) ZeroC, Inc. +using IceInternal; using System.Diagnostics; using System.Net.Security; using System.Security; @@ -17,23 +18,22 @@ internal SSLEngine(Ice.Communicator communicator) _logger = communicator.getLogger(); _securityTraceLevel = _communicator.getProperties().getPropertyAsIntWithDefault("IceSSL.Trace.Security", 0); _securityTraceCategory = "Security"; - _initialized = false; _trustManager = new TrustManager(_communicator); } internal void initialize() { - if (_initialized) - { - return; - } - const string prefix = "IceSSL."; Ice.Properties properties = communicator().getProperties(); // Check for a default directory. We look in this directory for files mentioned in the configuration. _defaultDir = properties.getProperty(prefix + "DefaultDir"); + _verifyPeer = properties.getPropertyAsIntWithDefault("IceSSL.VerifyPeer", 2); + + // CheckCRL determines whether the certificate revocation list is checked, and how strictly. + _checkCRL = properties.getPropertyAsIntWithDefault(prefix + "CheckCRL", 0); + string certStoreLocation = properties.getPropertyWithDefault(prefix + "CertStoreLocation", "CurrentUser"); StoreLocation storeLocation; if (certStoreLocation == "CurrentUser") @@ -55,13 +55,6 @@ internal void initialize() // CheckCertName determines whether we compare the name in a peer's certificate against its hostname. _checkCertName = properties.getPropertyAsIntWithDefault(prefix + "CheckCertName", 0) > 0; - // VerifyDepthMax establishes the maximum length of a peer's certificate chain, including the peer's - // certificate. A value of 0 means there is no maximum. - _verifyDepthMax = properties.getPropertyAsIntWithDefault(prefix + "VerifyDepthMax", 3); - - // CheckCRL determines whether the certificate revocation list is checked, and how strictly. - _checkCRL = properties.getPropertyAsIntWithDefault(prefix + "CheckCRL", 0); - Debug.Assert(_certs == null); // If IceSSL.CertFile is defined, load a certificate from a file and add it to the collection. _certs = []; @@ -76,12 +69,6 @@ internal void initialize() throw new Ice.InitializationException($"IceSSL: certificate file not found: {certFile}"); } - SecureString password = null; - if (passwordStr.Length > 0) - { - password = createSecureString(passwordStr); - } - try { X509Certificate2 cert; @@ -95,8 +82,9 @@ internal void initialize() importFlags = X509KeyStorageFlags.UserKeySet; } - if (password != null) + if (passwordStr.Length > 0) { + using SecureString password = createSecureString(passwordStr); cert = new X509Certificate2(certFile, password, importFlags); } else @@ -128,61 +116,22 @@ internal void initialize() { _caCerts = []; } + if (certAuthFile.Length > 0) { if (!checkPath(ref certAuthFile)) { throw new Ice.InitializationException($"IceSSL: CA certificate file not found: {certAuthFile}"); } - try { - using FileStream fs = File.OpenRead(certAuthFile); - byte[] data = new byte[fs.Length]; - fs.Read(data, 0, data.Length); - - string strbuf = ""; - try - { - strbuf = Encoding.UTF8.GetString(data); - } - catch (Exception) - { - // Ignore - } - - if (strbuf.Length == data.Length) + if (Path.GetExtension(certAuthFile).Equals(".pem", StringComparison.OrdinalIgnoreCase)) { - int size, startpos, endpos = 0; - bool first = true; - while (true) - { - startpos = strbuf.IndexOf("-----BEGIN CERTIFICATE-----", endpos); - if (startpos != -1) - { - endpos = strbuf.IndexOf("-----END CERTIFICATE-----", startpos); - size = endpos - startpos + "-----END CERTIFICATE-----".Length; - } - else if (first) - { - startpos = 0; - endpos = strbuf.Length; - size = strbuf.Length; - } - else - { - break; - } - - byte[] cert = new byte[size]; - Buffer.BlockCopy(data, startpos, cert, 0, size); - _caCerts.Import(cert); - first = false; - } + _caCerts.ImportFromPemFile(certAuthFile); } else { - _caCerts.Import(data); + _caCerts.Import(certAuthFile); } } catch (Exception ex) @@ -192,7 +141,6 @@ internal void initialize() ex); } } - _initialized = true; } internal bool useMachineContext() => _useMachineContext; @@ -207,12 +155,8 @@ internal void initialize() internal string securityTraceCategory() => _securityTraceCategory; - internal bool initialized() => _initialized; - internal X509Certificate2Collection certs() => _certs; - internal int checkCRL() => _checkCRL; - internal void traceStream(SslStream stream, string connInfo) { var s = new StringBuilder(); @@ -235,29 +179,119 @@ internal void traceStream(SslStream stream, string connInfo) internal void verifyPeer(ConnectionInfo info, string description) { - if (_verifyDepthMax > 0 && info.certs != null && info.certs.Length > _verifyDepthMax) + if (!_trustManager.verify(info, description)) { - string msg = (info.incoming ? "incoming" : "outgoing") + " connection rejected:\n" + - "length of peer's certificate chain (" + info.certs.Length + ") exceeds maximum of " + - _verifyDepthMax + "\n" + description; + string msg = (info.incoming ? "incoming" : "outgoing") + " connection rejected by trust manager\n" + + description; if (_securityTraceLevel >= 1) { _logger.trace(_securityTraceCategory, msg); } - throw new Ice.SecurityException(msg); + + throw new Ice.SecurityException($"IceSSL: {msg}"); } + } - if (!_trustManager.verify(info, description)) + internal SslClientAuthenticationOptions createClientAuthenticationOptions( + RemoteCertificateValidationCallback remoteCertificateValidationCallback, + string host) + { + var authenticationOptions = new SslClientAuthenticationOptions { - string msg = (info.incoming ? "incoming" : "outgoing") + " connection rejected by trust manager\n" + - description; - if (_securityTraceLevel >= 1) + ClientCertificates = _certs, + LocalCertificateSelectionCallback = (sender, targetHost, certs, remoteCertificate, acceptableIssuers) => { - _logger.trace(_securityTraceCategory, msg); + if (certs == null || certs.Count == 0) + { + return null; + } + else if (certs.Count == 1) + { + return certs[0]; + } + + // Use the first certificate that match the acceptable issuers. + if (acceptableIssuers != null && acceptableIssuers.Length > 0) + { + foreach (X509Certificate certificate in certs) + { + if (Array.IndexOf(acceptableIssuers, certificate.Issuer) != -1) + { + return certificate; + } + } + } + return certs[0]; + }, + RemoteCertificateValidationCallback = remoteCertificateValidationCallback, + TargetHost = host, + }; + + authenticationOptions.CertificateChainPolicy = new X509ChainPolicy(); + if (_caCerts is null) + { + authenticationOptions.CertificateChainPolicy.TrustMode = X509ChainTrustMode.System; + } + else + { + authenticationOptions.CertificateChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust; + foreach (X509Certificate certificate in _caCerts) + { + authenticationOptions.CertificateChainPolicy.CustomTrustStore.Add(certificate); } + } - throw new Ice.SecurityException($"IceSSL: {msg}"); + if (!_checkCertName) + { + authenticationOptions.CertificateChainPolicy.VerificationFlags |= X509VerificationFlags.IgnoreInvalidName; + } + if (_checkCRL == 1) + { + authenticationOptions.CertificateChainPolicy.VerificationFlags |= X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown; + } + authenticationOptions.CertificateChainPolicy.RevocationMode = + _checkCRL == 0 ? X509RevocationMode.NoCheck : X509RevocationMode.Online; + return authenticationOptions; + } + + internal SslServerAuthenticationOptions createServerAuthenticationOptions( + RemoteCertificateValidationCallback remoteCertificateValidationCallback) + { + // Get the certificate collection and select the first one. + X509Certificate2 cert = null; + if (_certs.Count > 0) + { + cert = _certs[0]; + } + + var authenticationOptions = new SslServerAuthenticationOptions + { + ServerCertificate = cert, + ClientCertificateRequired = _verifyPeer > 0, + RemoteCertificateValidationCallback = remoteCertificateValidationCallback, + CertificateRevocationCheckMode = X509RevocationMode.NoCheck + }; + + authenticationOptions.CertificateChainPolicy = new X509ChainPolicy(); + if (_caCerts is null) + { + authenticationOptions.CertificateChainPolicy.TrustMode = X509ChainTrustMode.System; + } + else + { + authenticationOptions.CertificateChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust; + foreach (X509Certificate certificate in _caCerts) + { + authenticationOptions.CertificateChainPolicy.CustomTrustStore.Add(certificate); + } + } + authenticationOptions.CertificateChainPolicy.RevocationMode = + _checkCRL == 0 ? X509RevocationMode.NoCheck : X509RevocationMode.Online; + if (_checkCRL == 1) + { + authenticationOptions.CertificateChainPolicy.VerificationFlags |= X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown; } + return authenticationOptions; } private static bool isAbsolutePath(string path) @@ -265,7 +299,7 @@ private static bool isAbsolutePath(string path) // Skip whitespace path = path.Trim(); - if (IceInternal.AssemblyUtil.isWindows) + if (AssemblyUtil.isWindows) { // We need at least 3 non-whitespace characters to have an absolute path if (path.Length < 3) @@ -491,10 +525,9 @@ private static SecureString createSecureString(string s) private readonly Ice.Logger _logger; private readonly int _securityTraceLevel; private readonly string _securityTraceCategory; - private bool _initialized; private string _defaultDir; private bool _checkCertName; - private int _verifyDepthMax; + private int _verifyPeer; private int _checkCRL; private X509Certificate2Collection _certs; private bool _useMachineContext; diff --git a/csharp/src/Ice/IceSSL/TransceiverI.cs b/csharp/src/Ice/IceSSL/TransceiverI.cs index 25271ca1733..60a04d01baa 100644 --- a/csharp/src/Ice/IceSSL/TransceiverI.cs +++ b/csharp/src/Ice/IceSSL/TransceiverI.cs @@ -36,18 +36,9 @@ public int initialize(IceInternal.Buffer readBuffer, IceInternal.Buffer writeBuf { try { - if ((_incoming && _serverAuthenticationOptions is null) || - (!_incoming && _instance.initializationData().clientAuthenticationOptions is null)) - { - _sslStream = new SslStream(new NetworkStream(_delegate.fd(), false), - false, - new RemoteCertificateValidationCallback(validationCallback), - new LocalCertificateSelectionCallback(selectCertificate)); - } - else - { - _sslStream = new SslStream(new NetworkStream(_delegate.fd(), false), false); - } + _sslStream = new SslStream( + new NetworkStream(_delegate.fd(), ownsSocket: false), + leaveInnerStreamOpen: false); } catch (IOException ex) { @@ -314,7 +305,14 @@ public Ice.ConnectionInfo getInfo() info.incoming = _incoming; info.adapterName = _adapterName; info.cipher = _cipher; - info.certs = _certs; + if (_sslStream is SslStream sslStream && sslStream.RemoteCertificate is X509Certificate2 remoteCertificate) + { + info.certs = [remoteCertificate]; + } + else + { + info.certs = []; + } info.verified = _verified; return info; } @@ -327,9 +325,7 @@ public Ice.ConnectionInfo getInfo() public string toDetailedString() => _delegate.toDetailedString(); - // // Only for use by ConnectorI, AcceptorI. - // internal TransceiverI( Instance instance, IceInternal.Transceiver del, @@ -360,103 +356,43 @@ private bool startAuthenticate(IceInternal.AsyncCallback callback, object state) { try { - if (!_incoming) + if (_incoming) { - // Client authentication. - if (_instance.initializationData().clientAuthenticationOptions - is SslClientAuthenticationOptions clientAuthenticationOptions) - { - _writeResult = _sslStream.AuthenticateAsClientAsync(clientAuthenticationOptions); - _writeResult.ContinueWith( - task => - { - try - { - // If authentication fails, AuthenticateAsClientAsync throws AuthenticationException, - // and the task won't complete successfully. - _verified = task.IsCompletedSuccessfully; - if (_verified) - { - _cipher = _sslStream.CipherAlgorithm.ToString(); - if (_sslStream.RemoteCertificate is X509Certificate2 remoteCertificate) - { - _certs = [remoteCertificate]; - } - } - } - finally - { - callback(state); - } - }, - TaskScheduler.Default); - } - else - { - - _writeResult = _sslStream.AuthenticateAsClientAsync( - _host, - _instance.certs(), - _instance.checkCRL() > 0); - _writeResult.ContinueWith(task => callback(state), TaskScheduler.Default); - } + _writeResult = _sslStream.AuthenticateAsServerAsync( + _serverAuthenticationOptions ?? + _instance.engine().createServerAuthenticationOptions(validationCallback)); } else { - // Server authentication. - if (_serverAuthenticationOptions is not null) + _writeResult = _sslStream.AuthenticateAsClientAsync( + _instance.initializationData().clientAuthenticationOptions ?? + _instance.engine().createClientAuthenticationOptions(validationCallback, _host)); + } + _writeResult.ContinueWith( + task => { - _writeResult = _sslStream.AuthenticateAsServerAsync(_serverAuthenticationOptions); - _writeResult.ContinueWith( - task => + try + { + // If authentication fails, AuthenticateAsServerAsync throws AuthenticationException, + // and the task won't complete successfully. + _verified = task.IsCompletedSuccessfully; + if (_verified) { - try - { - // If authentication fails, AuthenticateAsServerAsync throws AuthenticationException, - // and the task won't complete successfully. - _verified = task.IsCompletedSuccessfully; - if (_verified) - { - _cipher = _sslStream.CipherAlgorithm.ToString(); - if (_sslStream.RemoteCertificate is X509Certificate2 remoteCertificate) - { - _certs = [remoteCertificate]; - } - } - } - finally - { - callback(state); - } - }, - TaskScheduler.Default); - } - else - { - // Get the certificate collection and select the first one. - X509Certificate2Collection certs = _instance.certs(); - X509Certificate2 cert = null; - if (certs.Count > 0) + _cipher = _sslStream.CipherAlgorithm.ToString(); + } + } + finally { - cert = certs[0]; + callback(state); } - - _writeResult = _sslStream.AuthenticateAsServerAsync( - cert, - _verifyPeer > 0, - _instance.checkCRL() > 0); - _writeResult.ContinueWith(task => callback(state), TaskScheduler.Default); - } - } + }, + TaskScheduler.Default); } catch (IOException ex) { if (IceInternal.Network.connectionLost(ex)) { - // - // This situation occurs when connectToSelf is called; the "remote" end - // closes the socket immediately. - // + // This situation occurs when connectToSelf is called; the "remote" end closes the socket immediately. throw new Ice.ConnectionLostException(); } throw new Ice.SocketException(ex); @@ -479,7 +415,6 @@ private bool startAuthenticate(IceInternal.AsyncCallback callback, object state) private void finishAuthenticate() { Debug.Assert(_writeResult != null); - try { try @@ -512,278 +447,39 @@ private void finishAuthenticate() } } - private X509Certificate selectCertificate( - object sender, - string targetHost, - X509CertificateCollection certs, - X509Certificate remoteCertificate, - string[] acceptableIssuers) - { - if (certs == null || certs.Count == 0) - { - return null; - } - else if (certs.Count == 1) - { - return certs[0]; - } - - // Use the first certificate that match the acceptable issuers. - if (acceptableIssuers != null && acceptableIssuers.Length > 0) - { - foreach (X509Certificate certificate in certs) - { - if (Array.IndexOf(acceptableIssuers, certificate.Issuer) != -1) - { - return certificate; - } - } - } - return certs[0]; - } - private bool validationCallback( object sender, X509Certificate certificate, - X509Chain chainEngine, + X509Chain chain, SslPolicyErrors policyErrors) { - using var chain = new X509Chain(_instance.engine().useMachineContext()); - try - { - if (_instance.checkCRL() == 0) - { - chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; - } - - X509Certificate2Collection caCerts = _instance.engine().caCerts(); - if (caCerts != null) - { - // We need to set this flag to be able to use a certificate authority from the extra store. - chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority; - foreach (X509Certificate2 cert in caCerts) - { - chain.ChainPolicy.ExtraStore.Add(cert); - } - } + int errors = (int)policyErrors; + int traceLevel = _instance.securityTraceLevel(); + string traceCategory = _instance.securityTraceCategory(); + Ice.Logger logger = _instance.logger(); + string message = ""; - string message = ""; - int errors = (int)policyErrors; - if (certificate != null) - { - chain.Build(new X509Certificate2(certificate)); - if (chain.ChainStatus != null && chain.ChainStatus.Length > 0) - { - errors |= (int)SslPolicyErrors.RemoteCertificateChainErrors; - } - else if (_instance.engine().caCerts() != null) - { - X509ChainElement e = chain.ChainElements[^1]; - if (!chain.ChainPolicy.ExtraStore.Contains(e.Certificate)) - { - if (_verifyPeer > 0) - { - message += "\nuntrusted root certificate"; - } - else - { - message += "\nuntrusted root certificate (ignored)"; - _verified = false; - } - errors |= (int)SslPolicyErrors.RemoteCertificateChainErrors; - } - else - { - _verified = true; - return true; - } - } - else - { - _verified = true; - return true; - } - } - - if ((errors & (int)SslPolicyErrors.RemoteCertificateNotAvailable) > 0) - { - // The RemoteCertificateNotAvailable case does not appear to be possible for an outgoing connection. - // Since .NET requires an authenticated connection, the remote peer closes the socket if it does not - // have a certificate to provide. - if (_incoming) - { - if (_verifyPeer > 1) - { - if (_instance.securityTraceLevel() >= 1) - { - _instance.logger().trace( - _instance.securityTraceCategory(), - "SSL certificate validation failed - client certificate not provided"); - } - return false; - } - errors ^= (int)SslPolicyErrors.RemoteCertificateNotAvailable; - message += "\nremote certificate not provided (ignored)"; - } - } - - bool certificateNameMismatch = (errors & (int)SslPolicyErrors.RemoteCertificateNameMismatch) > 0; - if (certificateNameMismatch) - { - if (_instance.engine().getCheckCertName() && !string.IsNullOrEmpty(_host)) - { - if (_instance.securityTraceLevel() >= 1) - { - string msg = "SSL certificate validation failed - Hostname mismatch"; - if (_verifyPeer == 0) - { - msg += " (ignored)"; - } - _instance.logger().trace(_instance.securityTraceCategory(), msg); - } - - if (_verifyPeer > 0) - { - return false; - } - else - { - errors ^= (int)SslPolicyErrors.RemoteCertificateNameMismatch; - } - } - else - { - errors ^= (int)SslPolicyErrors.RemoteCertificateNameMismatch; - certificateNameMismatch = false; - } - } - - if ((errors & (int)SslPolicyErrors.RemoteCertificateChainErrors) > 0 && - chain.ChainStatus != null && chain.ChainStatus.Length > 0) - { - int errorCount = 0; - foreach (X509ChainStatus status in chain.ChainStatus) - { - if (status.Status == X509ChainStatusFlags.UntrustedRoot && _instance.engine().caCerts() != null) - { - // Untrusted root is OK when using our custom chain engine if the CA certificate is present in - // the chain policy extra store. - X509ChainElement e = chain.ChainElements[^1]; - if (!chain.ChainPolicy.ExtraStore.Contains(e.Certificate)) - { - if (_verifyPeer > 0) - { - message += "\nuntrusted root certificate"; - ++errorCount; - } - else - { - message += "\nuntrusted root certificate (ignored)"; - } - } - else - { - _verified = !certificateNameMismatch; - } - } - else if (status.Status == X509ChainStatusFlags.Revoked) - { - if (_instance.checkCRL() > 0) - { - message += "\ncertificate revoked"; - ++errorCount; - } - else - { - message += "\ncertificate revoked (ignored)"; - } - } - else if (status.Status == X509ChainStatusFlags.RevocationStatusUnknown) - { - // If a certificate's revocation status cannot be determined, the strictest policy is to reject - // the connection. - if (_instance.checkCRL() > 1) - { - message += "\ncertificate revocation status unknown"; - ++errorCount; - } - else - { - message += "\ncertificate revocation status unknown (ignored)"; - } - } - else if (status.Status == X509ChainStatusFlags.PartialChain) - { - if (_verifyPeer > 0) - { - message += "\npartial certificate chain"; - ++errorCount; - } - else - { - message += "\npartial certificate chain (ignored)"; - } - } - else if (status.Status != X509ChainStatusFlags.NoError) - { - message += "\ncertificate chain error: " + status.Status.ToString(); - ++errorCount; - } - } - - if (errorCount == 0) - { - errors ^= (int)SslPolicyErrors.RemoteCertificateChainErrors; - } - } - - if (errors > 0) - { - if (_instance.securityTraceLevel() >= 1) - { - if (message.Length > 0) - { - _instance.logger().trace( - _instance.securityTraceCategory(), - $"SSL certificate validation failed:{message}"); - } - else - { - _instance.logger().trace( - _instance.securityTraceCategory(), - "SSL certificate validation failed"); - } - } - return false; - } - else if (message.Length > 0 && _instance.securityTraceLevel() >= 1) - { - _instance.logger().trace( - _instance.securityTraceCategory(), - $"SSL certificate validation status:{message}"); - } - return true; + if (_incoming && (errors & (int)SslPolicyErrors.RemoteCertificateNotAvailable) > 0 && _verifyPeer <= 1) + { + // The client certificate is optional when IceSSL.VerifyPeer = 1, and not required when IceSSL.VerifyPeer = 0 + errors ^= (int)SslPolicyErrors.RemoteCertificateNotAvailable; } - finally + + foreach (X509ChainStatus status in chain?.ChainStatus ?? []) { - if (chain.ChainElements != null && chain.ChainElements.Count > 0) - { - _certs = new X509Certificate2[chain.ChainElements.Count]; - for (int i = 0; i < chain.ChainElements.Count; ++i) - { - _certs[i] = chain.ChainElements[i].Certificate; - } - } + message += $"\n{status.StatusInformation}"; + } - try - { - chain.Dispose(); - } - catch (Exception) - { - } + if (errors != 0 && traceLevel >= 1) + { + logger.trace( + traceCategory, + message.Length > 0 ? + $"SSL certificate validation failed:{message}" : "SSL certificate validation failed"); } + return errors == 0; } + private int getSendPacketSize(int length) => _maxSendPacketSize > 0 ? Math.Min(length, _maxSendPacketSize) : length; @@ -804,7 +500,6 @@ public int getRecvPacketSize(int length) => private int _maxSendPacketSize; private int _maxRecvPacketSize; private string _cipher; - private X509Certificate2[] _certs; private bool _verified; private readonly SslServerAuthenticationOptions _serverAuthenticationOptions; } diff --git a/csharp/src/Ice/PropertyNames.cs b/csharp/src/Ice/PropertyNames.cs index e4f028566c1..802ec9c26a1 100644 --- a/csharp/src/Ice/PropertyNames.cs +++ b/csharp/src/Ice/PropertyNames.cs @@ -1,7 +1,7 @@ // // Copyright (c) ZeroC, Inc. All rights reserved. // -// Generated by makeprops.py from file ./config/PropertyNames.xml, Thu Apr 4 16:59:06 2024 +// Generated by makeprops.py from file .\config\PropertyNames.xml, Tue Apr 9 14:47:18 2024 // IMPORTANT: Do not edit this file -- any edits made here will be lost! @@ -1023,23 +1023,15 @@ public sealed class PropertyNames { new Property(@"^IceSSL\.Alias$", false, null), new Property(@"^IceSSL\.CAs$", false, null), - new Property(@"^IceSSL\.CertAuthDir$", true, @"IceSSL.CAs"), - new Property(@"^IceSSL\.CertAuthFile$", true, @"IceSSL.CAs"), new Property(@"^IceSSL\.CertStore$", false, null), new Property(@"^IceSSL\.CertStoreLocation$", false, null), new Property(@"^IceSSL\.CertFile$", false, null), - new Property(@"^IceSSL\.CertVerifier$", false, null), new Property(@"^IceSSL\.CheckCertName$", false, null), new Property(@"^IceSSL\.CheckCRL$", false, null), new Property(@"^IceSSL\.Ciphers$", false, null), new Property(@"^IceSSL\.CertificateRevocationListFiles$", false, null), new Property(@"^IceSSL\.DefaultDir$", false, null), - new Property(@"^IceSSL\.DH\.[^\s]+$", false, null), - new Property(@"^IceSSL\.DHParams$", false, null), - new Property(@"^IceSSL\.EntropyDaemon$", false, null), new Property(@"^IceSSL\.FindCert$", false, null), - new Property(@"^IceSSL\.FindCert\.[^\s]+$", true, null), - new Property(@"^IceSSL\.InitOpenSSL$", false, null), new Property(@"^IceSSL\.KeyFile$", false, null), new Property(@"^IceSSL\.Keychain$", false, null), new Property(@"^IceSSL\.KeychainPassword$", false, null), @@ -1047,9 +1039,6 @@ public sealed class PropertyNames new Property(@"^IceSSL\.KeystorePassword$", false, null), new Property(@"^IceSSL\.KeystoreType$", false, null), new Property(@"^IceSSL\.Password$", false, null), - new Property(@"^IceSSL\.PasswordCallback$", false, null), - new Property(@"^IceSSL\.PasswordRetryMax$", false, null), - new Property(@"^IceSSL\.Random$", false, null), new Property(@"^IceSSL\.RevocationCheck$", false, null), new Property(@"^IceSSL\.RevocationCheckCacheOnly$", false, null), new Property(@"^IceSSL\.SchannelStrongCrypto$", false, null), @@ -1062,7 +1051,6 @@ public sealed class PropertyNames new Property(@"^IceSSL\.TruststorePassword$", false, null), new Property(@"^IceSSL\.TruststoreType$", false, null), new Property(@"^IceSSL\.UsePlatformCAs$", false, null), - new Property(@"^IceSSL\.VerifyDepthMax$", false, null), new Property(@"^IceSSL\.VerifyPeer$", false, null), }; diff --git a/csharp/test/IceSSL/configuration/AllTests.cs b/csharp/test/IceSSL/configuration/AllTests.cs index 9bfe1129476..cf51604f23a 100644 --- a/csharp/test/IceSSL/configuration/AllTests.cs +++ b/csharp/test/IceSSL/configuration/AllTests.cs @@ -186,7 +186,11 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test try { server.noCert(); - test(!((IceSSL.ConnectionInfo)server.ice_getConnection().getInfo()).verified); + test(false); + } + catch (Ice.SecurityException) + { + // Expected. } catch (Ice.LocalException ex) { @@ -267,13 +271,10 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test comm.destroy(); - // // Test IceSSL.VerifyPeer=1. Client has a certificate. // - // Provide "cacert1" to the client to verify the server - // certificate (without this the client connection wouln't be - // able to provide the certificate chain). - // + // Provide "cacert1" to the client to verify the server certificate (without this the client connection + // wouldn't be able to provide the certificate chain). initData = createClientProps(defaultProperties, "c_rsa_ca1", "cacert1"); comm = Ice.Util.initialize(ref args, initData); fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); @@ -292,10 +293,9 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test X509Certificate2 caCert = new X509Certificate2(defaultDir + "/cacert1.pem"); IceSSL.ConnectionInfo info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.certs.Length == 2); + test(info.certs.Length == 1); test(info.verified); - test(caCert.Equals(info.certs[1])); test(serverCert.Equals(info.certs[0])); } catch (Exception ex) @@ -490,9 +490,7 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test } catch (Ice.LocalException ex) { - // // macOS catalina or greater does not check the certificate common name - // if (!IceInternal.AssemblyUtil.isMacOS) { Console.WriteLine(ex.ToString()); @@ -610,13 +608,9 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test // Test using 127.0.0.1 as target host // + // Disabled for compatibility with older Windows versions. // - // Disabled for compatibility with older Windows - // versions. - // - /* // // Target host matches the certificate IP altName - // { initData = createClientProps(defaultProperties, "c_rsa_ca1", "cacert1"); initData.properties.setProperty("IceSSL.CheckCertName", "1"); @@ -631,7 +625,7 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test { server.ice_ping(); } - catch(Ice.LocalException) + catch (Ice.LocalException) { test(false); } @@ -656,17 +650,16 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test server.ice_ping(); test(false); } - catch(Ice.SecurityException) + catch (Ice.SecurityException) { // Expected } fact.destroyServer(server); comm.destroy(); - }*/ - // - // Target host is an IP addres that matches the CN and the certificate doesn't + } + + // Target host is an IP address that matches the CN and the certificate doesn't // include an IP altName. - // { initData = createClientProps(defaultProperties, "c_rsa_ca1", "cacert1"); initData.properties.setProperty("IceSSL.CheckCertName", "1"); @@ -683,9 +676,7 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test } catch (Ice.SecurityException ex) { - // // macOS catalina or greater does not check the certificate common name - // if (!IceInternal.AssemblyUtil.isMacOS) { Console.WriteLine(ex.ToString()); @@ -695,62 +686,6 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test fact.destroyServer(server); comm.destroy(); } - - // - // Target host does not match the certificate DNS altName, connection should succeed - // because IceSSL.VerifyPeer is set to 0. - // - { - initData = createClientProps(defaultProperties, "c_rsa_ca1", "cacert1"); - initData.properties.setProperty("IceSSL.CheckCertName", "1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "0"); - comm = Ice.Util.initialize(ref args, initData); - - fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(props, "s_rsa_ca1_cn2", "cacert1"); - server = fact.createServer(d); - try - { - server.ice_ping(); - IceSSL.ConnectionInfo info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(!info.verified); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - } - - // - // Target host does not match the certificate DNS altName, connection should succeed - // because IceSSL.CheckCertName is set to 0. - // - { - initData = createClientProps(defaultProperties, "c_rsa_ca1", "cacert1"); - initData.properties.setProperty("IceSSL.CheckCertName", "0"); - comm = Ice.Util.initialize(ref args, initData); - - fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - d = createServerProps(props, "s_rsa_ca1_cn2", "cacert1"); - d["IceSSL.CheckCertName"] = "1"; - server = fact.createServer(d); - try - { - server.ice_ping(); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - } } } Console.Out.WriteLine("ok"); @@ -855,321 +790,10 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test } Console.Out.WriteLine("ok"); - Console.Out.Write("testing certificate chains... "); - Console.Out.Flush(); - { - X509Store certStore = new X509Store("My", StoreLocation.CurrentUser); - certStore.Open(OpenFlags.ReadWrite); - X509Certificate2Collection certs = new X509Certificate2Collection(); - var storageFlags = X509KeyStorageFlags.DefaultKeySet; - if (IceInternal.AssemblyUtil.isMacOS) - { - // - // On macOS, we need to mark the key exportable because the addition of the key to the - // cert store requires to move the key from on keychain to another (which requires the - // Exportable flag... see https://github.com/dotnet/corefx/issues/25631) - // - storageFlags |= X509KeyStorageFlags.Exportable; - } - certs.Import(defaultDir + "/s_rsa_cai2.p12", "password", storageFlags); - foreach (X509Certificate2 cert in certs) - { - certStore.Add(cert); - } - try - { - IceSSL.ConnectionInfo info; - - initData = createClientProps(defaultProperties, "", ""); - initData.properties.setProperty("IceSSL.VerifyPeer", "0"); - Ice.Communicator comm = Ice.Util.initialize(initData); - - Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - // - // The client can't verify the server certificate but it should - // still provide it. "s_rsa_ca1" doesn't include the root so the - // cert size should be 1. - // - d = createServerProps(defaultProperties, "s_rsa_ca1", ""); - d["IceSSL.VerifyPeer"] = "0"; - Test.ServerPrx server = fact.createServer(d); - try - { - info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.certs.Length == 1); - test(!info.verified); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - - // - // Setting the CA for the server shouldn't change anything, it - // shouldn't modify the cert chain sent to the client. - // - d = createServerProps(defaultProperties, "s_rsa_ca1", "cacert1"); - d["IceSSL.VerifyPeer"] = "0"; - server = fact.createServer(d); - try - { - info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.certs.Length == 1); - test(!info.verified); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - - // - // The client can't verify the server certificate but should - // still provide it. "s_rsa_wroot_ca1" includes the root so - // the cert size should be 2. - // - d = createServerProps(defaultProperties, "s_rsa_wroot_ca1", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact.createServer(d); - try - { - info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.certs.Length == 1); // Like the SChannel transport, .NET never sends the root. - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - comm.destroy(); - - // - // Now the client verifies the server certificate - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - comm = Ice.Util.initialize(initData); - - fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_ca1", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact.createServer(d); - try - { - info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.certs.Length == 2); - test(info.verified); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - } - - // - // Try certificate with one intermediate and VerifyDepthMax=2 - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "2"); - comm = Ice.Util.initialize(initData); - - fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai1", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact.createServer(d); - try - { - server.ice_getConnection().getInfo(); - test(false); - } - catch (Ice.SecurityException) - { - // Chain length too long - } - catch (Ice.ConnectionLostException) - { - // Expected - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - } - comm.destroy(); - - if (IceInternal.AssemblyUtil.isWindows) - { - // - // The certificate chain on Linux doesn't include the intermeidate - // certificates see ICE-8576 - // - - // - // Set VerifyDepthMax to 3 (the default) - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - //initData.properties.setProperty("IceSSL.VerifyDepthMax", "3"); - comm = Ice.Util.initialize(initData); - - fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai1", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact.createServer(d); - try - { - info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.certs.Length == 3); - test(info.verified); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - } - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact.createServer(d); - try - { - server.ice_getConnection().getInfo(); - test(false); - } - catch (Ice.SecurityException) - { - // Chain length too long - } - fact.destroyServer(server); - } - comm.destroy(); - - // - // Increase VerifyDepthMax to 4 - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "4"); - comm = Ice.Util.initialize(initData); - - fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", ""); - d["IceSSL.VerifyPeer"] = "0"; - server = fact.createServer(d); - try - { - info = (IceSSL.ConnectionInfo)server.ice_getConnection().getInfo(); - test(info.certs.Length == 4); - test(info.verified); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - } - - comm.destroy(); - - // - // Increase VerifyDepthMax to 4 - // - initData = createClientProps(defaultProperties, "c_rsa_cai2", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "4"); - comm = Ice.Util.initialize(initData); - - fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", "cacert1"); - d["IceSSL.VerifyPeer"] = "2"; - server = fact.createServer(d); - try - { - server.ice_getConnection(); - test(false); - } - catch (Ice.ProtocolException) - { - // Expected - } - catch (Ice.ConnectionLostException) - { - // Expected - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - } - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", "cacert1"); - d["IceSSL.VerifyPeer"] = "2"; - d["IceSSL.VerifyDepthMax"] = "4"; - server = fact.createServer(d); - try - { - server.ice_getConnection(); - } - catch (Ice.LocalException ex) - { - Console.WriteLine(ex.ToString()); - test(false); - } - fact.destroyServer(server); - } - - comm.destroy(); - } - } - finally - { - foreach (X509Certificate2 cert in certs) - { - certStore.Remove(cert); - } - } - } - Console.Out.WriteLine("ok"); - Console.Out.Write("testing expired certificates... "); Console.Out.Flush(); { - // // This should fail because the server's certificate is expired. - // initData = createClientProps(defaultProperties, "c_rsa_ca1", "cacert1"); Ice.Communicator comm = Ice.Util.initialize(ref args, initData); Test.ServerFactoryPrx fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); @@ -1194,9 +818,7 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test fact.destroyServer(server); comm.destroy(); - // // This should fail because the client's certificate is expired. - // initData.properties.setProperty("IceSSL.CertFile", "c_rsa_ca1_exp.p12"); comm = Ice.Util.initialize(ref args, initData); fact = Test.ServerFactoryPrxHelper.checkedCast(comm.stringToProxy(factoryRef)); @@ -1225,10 +847,7 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test if (IceInternal.AssemblyUtil.isWindows && isAdministrator) { - // - // LocalMachine certificate store is not supported on non - // Windows platforms. - // + // LocalMachine certificate store is not supported on non Windows platforms. Console.Out.Write("testing multiple CA certificates... "); Console.Out.Flush(); { @@ -2146,7 +1765,6 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test initData = createClientProps(defaultProperties); initData.properties.setProperty("IceSSL.DefaultDir", ""); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "5"); initData.properties.setProperty("Ice.Override.Timeout", "5000"); // 5s timeout Ice.Communicator comm = Ice.Util.initialize(initData); Ice.ObjectPrx p = comm.stringToProxy("dummy:wss -p 443 -h zeroc.com -r /demo-proxy/chat/glacier2"); diff --git a/csharp/test/IceSSL/configuration/TestI.cs b/csharp/test/IceSSL/configuration/TestI.cs index f7b9ff6f15e..733d4c56b4c 100644 --- a/csharp/test/IceSSL/configuration/TestI.cs +++ b/csharp/test/IceSSL/configuration/TestI.cs @@ -16,7 +16,7 @@ public override void try { IceSSL.ConnectionInfo info = (IceSSL.ConnectionInfo)current.con.getInfo(); - test(info.certs == null); + test(info.certs.Length == 0); } catch (Ice.LocalException) { @@ -31,7 +31,7 @@ public override void { IceSSL.ConnectionInfo info = (IceSSL.ConnectionInfo)current.con.getInfo(); test(info.verified); - test(info.certs.Length == 2 && + test(info.certs.Length == 1 && info.certs[0].Subject.Equals(subjectDN) && info.certs[0].Issuer.Equals(issuerDN)); } diff --git a/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java b/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java index bd9ae313b61..38b2518bd5e 100644 --- a/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java +++ b/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java @@ -1,1290 +1,1270 @@ // // Copyright (c) ZeroC, Inc. All rights reserved. // -// Generated by makeprops.py from file ./config/PropertyNames.xml, Thu Apr 4 16:59:06 2024 +// Generated by makeprops.py from file .\config\PropertyNames.xml, Tue Apr 9 14:47:18 2024 // IMPORTANT: Do not edit this file -- any edits made here will be lost! package com.zeroc.IceInternal; -public final class PropertyNames { - public static final Property IceProps[] = { - new Property("Ice\\.AcceptClassCycles", false, null), - new Property("Ice\\.ACM\\.Client", true, null), - new Property("Ice\\.ACM\\.Server", true, null), - new Property("Ice\\.ACM\\.Timeout", false, null), - new Property("Ice\\.ACM\\.Heartbeat", false, null), - new Property("Ice\\.ACM\\.Close", false, null), - new Property("Ice\\.ACM", false, null), - new Property("Ice\\.ACM\\.Client\\.Timeout", false, null), - new Property("Ice\\.ACM\\.Client\\.Heartbeat", false, null), - new Property("Ice\\.ACM\\.Client\\.Close", false, null), - new Property("Ice\\.ACM\\.Client", false, null), - new Property("Ice\\.ACM\\.Server\\.Timeout", false, null), - new Property("Ice\\.ACM\\.Server\\.Heartbeat", false, null), - new Property("Ice\\.ACM\\.Server\\.Close", false, null), - new Property("Ice\\.ACM\\.Server", false, null), - new Property("Ice\\.Admin\\.ACM\\.Timeout", false, null), - new Property("Ice\\.Admin\\.ACM\\.Heartbeat", false, null), - new Property("Ice\\.Admin\\.ACM\\.Close", false, null), - new Property("Ice\\.Admin\\.ACM", false, null), - new Property("Ice\\.Admin\\.AdapterId", false, null), - new Property("Ice\\.Admin\\.Endpoints", false, null), - new Property("Ice\\.Admin\\.Locator\\.EndpointSelection", false, null), - new Property("Ice\\.Admin\\.Locator\\.ConnectionCached", false, null), - new Property("Ice\\.Admin\\.Locator\\.PreferSecure", false, null), - new Property("Ice\\.Admin\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Admin\\.Locator\\.InvocationTimeout", false, null), - new Property("Ice\\.Admin\\.Locator\\.Locator", false, null), - new Property("Ice\\.Admin\\.Locator\\.Router", false, null), - new Property("Ice\\.Admin\\.Locator\\.CollocationOptimized", false, null), - new Property("Ice\\.Admin\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Admin\\.Locator", false, null), - new Property("Ice\\.Admin\\.PublishedEndpoints", false, null), - new Property("Ice\\.Admin\\.ReplicaGroupId", false, null), - new Property("Ice\\.Admin\\.Router\\.EndpointSelection", false, null), - new Property("Ice\\.Admin\\.Router\\.ConnectionCached", false, null), - new Property("Ice\\.Admin\\.Router\\.PreferSecure", false, null), - new Property("Ice\\.Admin\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Admin\\.Router\\.InvocationTimeout", false, null), - new Property("Ice\\.Admin\\.Router\\.Locator", false, null), - new Property("Ice\\.Admin\\.Router\\.Router", false, null), - new Property("Ice\\.Admin\\.Router\\.CollocationOptimized", false, null), - new Property("Ice\\.Admin\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Admin\\.Router", false, null), - new Property("Ice\\.Admin\\.ProxyOptions", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.Size", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.SizeMax", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.SizeWarn", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.StackSize", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.Serialize", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.ThreadPriority", false, null), - new Property("Ice\\.Admin\\.MessageSizeMax", false, null), - new Property("Ice\\.Admin\\.DelayCreation", false, null), - new Property("Ice\\.Admin\\.Enabled", false, null), - new Property("Ice\\.Admin\\.Facets", false, null), - new Property("Ice\\.Admin\\.InstanceName", false, null), - new Property("Ice\\.Admin\\.Logger\\.KeepLogs", false, null), - new Property("Ice\\.Admin\\.Logger\\.KeepTraces", false, null), - new Property("Ice\\.Admin\\.Logger\\.Properties", false, null), - new Property("Ice\\.Admin\\.ServerId", false, null), - new Property("Ice\\.BackgroundLocatorCacheUpdates", false, null), - new Property("Ice\\.BatchAutoFlush", true, null), - new Property("Ice\\.BatchAutoFlushSize", false, null), - new Property("Ice\\.ChangeUser", false, null), - new Property("Ice\\.ClassGraphDepthMax", false, null), - new Property("Ice\\.ClientAccessPolicyProtocol", false, null), - new Property("Ice\\.Compression\\.Level", false, null), - new Property("Ice\\.Config", false, null), - new Property("Ice\\.ConsoleListener", false, null), - new Property("Ice\\.Default\\.CollocationOptimized", false, null), - new Property("Ice\\.Default\\.EncodingVersion", false, null), - new Property("Ice\\.Default\\.EndpointSelection", false, null), - new Property("Ice\\.Default\\.Host", false, null), - new Property("Ice\\.Default\\.Locator\\.EndpointSelection", false, null), - new Property("Ice\\.Default\\.Locator\\.ConnectionCached", false, null), - new Property("Ice\\.Default\\.Locator\\.PreferSecure", false, null), - new Property("Ice\\.Default\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Default\\.Locator\\.InvocationTimeout", false, null), - new Property("Ice\\.Default\\.Locator\\.Locator", false, null), - new Property("Ice\\.Default\\.Locator\\.Router", false, null), - new Property("Ice\\.Default\\.Locator\\.CollocationOptimized", false, null), - new Property("Ice\\.Default\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Default\\.Locator", false, null), - new Property("Ice\\.Default\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Default\\.InvocationTimeout", false, null), - new Property("Ice\\.Default\\.Package", false, null), - new Property("Ice\\.Default\\.PreferSecure", false, null), - new Property("Ice\\.Default\\.Protocol", false, null), - new Property("Ice\\.Default\\.Router\\.EndpointSelection", false, null), - new Property("Ice\\.Default\\.Router\\.ConnectionCached", false, null), - new Property("Ice\\.Default\\.Router\\.PreferSecure", false, null), - new Property("Ice\\.Default\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Default\\.Router\\.InvocationTimeout", false, null), - new Property("Ice\\.Default\\.Router\\.Locator", false, null), - new Property("Ice\\.Default\\.Router\\.Router", false, null), - new Property("Ice\\.Default\\.Router\\.CollocationOptimized", false, null), - new Property("Ice\\.Default\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Default\\.Router", false, null), - new Property("Ice\\.Default\\.SlicedFormat", false, null), - new Property("Ice\\.Default\\.SourceAddress", false, null), - new Property("Ice\\.Default\\.Timeout", false, null), - new Property("Ice\\.EventLog\\.Source", false, null), - new Property("Ice\\.FactoryAssemblies", false, null), - new Property("Ice\\.HTTPProxyHost", false, null), - new Property("Ice\\.HTTPProxyPort", false, null), - new Property("Ice\\.ImplicitContext", false, null), - new Property("Ice\\.InitPlugins", false, null), - new Property("Ice\\.IPv4", false, null), - new Property("Ice\\.IPv6", false, null), - new Property("Ice\\.LogFile", false, null), - new Property("Ice\\.LogFile\\.SizeMax", false, null), - new Property("Ice\\.LogStdErr\\.Convert", false, null), - new Property("Ice\\.MessageSizeMax", false, null), - new Property("Ice\\.Nohup", false, null), - new Property("Ice\\.Override\\.CloseTimeout", false, null), - new Property("Ice\\.Override\\.Compress", false, null), - new Property("Ice\\.Override\\.ConnectTimeout", false, null), - new Property("Ice\\.Override\\.Timeout", false, null), - new Property("Ice\\.Override\\.Secure", false, null), - new Property("Ice\\.Package\\.[^\\s]+", false, null), - new Property("Ice\\.Plugin\\.[^\\s]+", false, null), - new Property("Ice\\.PluginLoadOrder", false, null), - new Property("Ice\\.PreferIPv6Address", false, null), - new Property("Ice\\.PreloadAssemblies", false, null), - new Property("Ice\\.PrintAdapterReady", false, null), - new Property("Ice\\.PrintProcessId", false, null), - new Property("Ice\\.PrintStackTraces", false, null), - new Property("Ice\\.ProgramName", false, null), - new Property("Ice\\.RetryIntervals", false, null), - new Property("Ice\\.ServerIdleTime", false, null), - new Property("Ice\\.SOCKSProxyHost", false, null), - new Property("Ice\\.SOCKSProxyPort", false, null), - new Property("Ice\\.StdErr", false, null), - new Property("Ice\\.StdOut", false, null), - new Property("Ice\\.SyslogFacility", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.Size", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.SizeMax", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.SizeWarn", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.StackSize", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.Serialize", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.ThreadIdleTime", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.ThreadPriority", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.Size", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.SizeMax", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.SizeWarn", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.StackSize", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.Serialize", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.ThreadIdleTime", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.ThreadPriority", false, null), - new Property("Ice\\.ThreadPriority", false, null), - new Property("Ice\\.ToStringMode", false, null), - new Property("Ice\\.Trace\\.Admin\\.Properties", false, null), - new Property("Ice\\.Trace\\.Admin\\.Logger", false, null), - new Property("Ice\\.Trace\\.Locator", false, null), - new Property("Ice\\.Trace\\.Network", false, null), - new Property("Ice\\.Trace\\.Protocol", false, null), - new Property("Ice\\.Trace\\.Retry", false, null), - new Property("Ice\\.Trace\\.Slicing", false, null), - new Property("Ice\\.Trace\\.ThreadPool", false, null), - new Property("Ice\\.UDP\\.RcvSize", false, null), - new Property("Ice\\.UDP\\.SndSize", false, null), - new Property("Ice\\.TCP\\.Backlog", false, null), - new Property("Ice\\.TCP\\.RcvSize", false, null), - new Property("Ice\\.TCP\\.SndSize", false, null), - new Property("Ice\\.UseApplicationClassLoader", false, null), - new Property("Ice\\.UseOSLog", false, null), - new Property("Ice\\.UseSyslog", false, null), - new Property("Ice\\.UseSystemdJournal", false, null), - new Property("Ice\\.Warn\\.AMICallback", false, null), - new Property("Ice\\.Warn\\.Connections", false, null), - new Property("Ice\\.Warn\\.Datagrams", false, null), - new Property("Ice\\.Warn\\.Dispatch", false, null), - new Property("Ice\\.Warn\\.Endpoints", false, null), - new Property("Ice\\.Warn\\.UnknownProperties", false, null), - new Property("Ice\\.Warn\\.UnusedProperties", false, null), - new Property("Ice\\.CacheMessageBuffers", false, null), - new Property("Ice\\.ThreadInterruptSafe", false, null), - null - }; +public final class PropertyNames +{ + public static final Property IceProps[] = + { + new Property("Ice\\.AcceptClassCycles", false, null), + new Property("Ice\\.ACM\\.Client", true, null), + new Property("Ice\\.ACM\\.Server", true, null), + new Property("Ice\\.ACM\\.Timeout", false, null), + new Property("Ice\\.ACM\\.Heartbeat", false, null), + new Property("Ice\\.ACM\\.Close", false, null), + new Property("Ice\\.ACM", false, null), + new Property("Ice\\.ACM\\.Client\\.Timeout", false, null), + new Property("Ice\\.ACM\\.Client\\.Heartbeat", false, null), + new Property("Ice\\.ACM\\.Client\\.Close", false, null), + new Property("Ice\\.ACM\\.Client", false, null), + new Property("Ice\\.ACM\\.Server\\.Timeout", false, null), + new Property("Ice\\.ACM\\.Server\\.Heartbeat", false, null), + new Property("Ice\\.ACM\\.Server\\.Close", false, null), + new Property("Ice\\.ACM\\.Server", false, null), + new Property("Ice\\.Admin\\.ACM\\.Timeout", false, null), + new Property("Ice\\.Admin\\.ACM\\.Heartbeat", false, null), + new Property("Ice\\.Admin\\.ACM\\.Close", false, null), + new Property("Ice\\.Admin\\.ACM", false, null), + new Property("Ice\\.Admin\\.AdapterId", false, null), + new Property("Ice\\.Admin\\.Endpoints", false, null), + new Property("Ice\\.Admin\\.Locator\\.EndpointSelection", false, null), + new Property("Ice\\.Admin\\.Locator\\.ConnectionCached", false, null), + new Property("Ice\\.Admin\\.Locator\\.PreferSecure", false, null), + new Property("Ice\\.Admin\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Admin\\.Locator\\.InvocationTimeout", false, null), + new Property("Ice\\.Admin\\.Locator\\.Locator", false, null), + new Property("Ice\\.Admin\\.Locator\\.Router", false, null), + new Property("Ice\\.Admin\\.Locator\\.CollocationOptimized", false, null), + new Property("Ice\\.Admin\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Admin\\.Locator", false, null), + new Property("Ice\\.Admin\\.PublishedEndpoints", false, null), + new Property("Ice\\.Admin\\.ReplicaGroupId", false, null), + new Property("Ice\\.Admin\\.Router\\.EndpointSelection", false, null), + new Property("Ice\\.Admin\\.Router\\.ConnectionCached", false, null), + new Property("Ice\\.Admin\\.Router\\.PreferSecure", false, null), + new Property("Ice\\.Admin\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Admin\\.Router\\.InvocationTimeout", false, null), + new Property("Ice\\.Admin\\.Router\\.Locator", false, null), + new Property("Ice\\.Admin\\.Router\\.Router", false, null), + new Property("Ice\\.Admin\\.Router\\.CollocationOptimized", false, null), + new Property("Ice\\.Admin\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Admin\\.Router", false, null), + new Property("Ice\\.Admin\\.ProxyOptions", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.Size", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.SizeMax", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.SizeWarn", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.StackSize", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.Serialize", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.ThreadPriority", false, null), + new Property("Ice\\.Admin\\.MessageSizeMax", false, null), + new Property("Ice\\.Admin\\.DelayCreation", false, null), + new Property("Ice\\.Admin\\.Enabled", false, null), + new Property("Ice\\.Admin\\.Facets", false, null), + new Property("Ice\\.Admin\\.InstanceName", false, null), + new Property("Ice\\.Admin\\.Logger\\.KeepLogs", false, null), + new Property("Ice\\.Admin\\.Logger\\.KeepTraces", false, null), + new Property("Ice\\.Admin\\.Logger\\.Properties", false, null), + new Property("Ice\\.Admin\\.ServerId", false, null), + new Property("Ice\\.BackgroundLocatorCacheUpdates", false, null), + new Property("Ice\\.BatchAutoFlush", true, null), + new Property("Ice\\.BatchAutoFlushSize", false, null), + new Property("Ice\\.ChangeUser", false, null), + new Property("Ice\\.ClassGraphDepthMax", false, null), + new Property("Ice\\.ClientAccessPolicyProtocol", false, null), + new Property("Ice\\.Compression\\.Level", false, null), + new Property("Ice\\.Config", false, null), + new Property("Ice\\.ConsoleListener", false, null), + new Property("Ice\\.Default\\.CollocationOptimized", false, null), + new Property("Ice\\.Default\\.EncodingVersion", false, null), + new Property("Ice\\.Default\\.EndpointSelection", false, null), + new Property("Ice\\.Default\\.Host", false, null), + new Property("Ice\\.Default\\.Locator\\.EndpointSelection", false, null), + new Property("Ice\\.Default\\.Locator\\.ConnectionCached", false, null), + new Property("Ice\\.Default\\.Locator\\.PreferSecure", false, null), + new Property("Ice\\.Default\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Default\\.Locator\\.InvocationTimeout", false, null), + new Property("Ice\\.Default\\.Locator\\.Locator", false, null), + new Property("Ice\\.Default\\.Locator\\.Router", false, null), + new Property("Ice\\.Default\\.Locator\\.CollocationOptimized", false, null), + new Property("Ice\\.Default\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Default\\.Locator", false, null), + new Property("Ice\\.Default\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Default\\.InvocationTimeout", false, null), + new Property("Ice\\.Default\\.Package", false, null), + new Property("Ice\\.Default\\.PreferSecure", false, null), + new Property("Ice\\.Default\\.Protocol", false, null), + new Property("Ice\\.Default\\.Router\\.EndpointSelection", false, null), + new Property("Ice\\.Default\\.Router\\.ConnectionCached", false, null), + new Property("Ice\\.Default\\.Router\\.PreferSecure", false, null), + new Property("Ice\\.Default\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Default\\.Router\\.InvocationTimeout", false, null), + new Property("Ice\\.Default\\.Router\\.Locator", false, null), + new Property("Ice\\.Default\\.Router\\.Router", false, null), + new Property("Ice\\.Default\\.Router\\.CollocationOptimized", false, null), + new Property("Ice\\.Default\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Default\\.Router", false, null), + new Property("Ice\\.Default\\.SlicedFormat", false, null), + new Property("Ice\\.Default\\.SourceAddress", false, null), + new Property("Ice\\.Default\\.Timeout", false, null), + new Property("Ice\\.EventLog\\.Source", false, null), + new Property("Ice\\.FactoryAssemblies", false, null), + new Property("Ice\\.HTTPProxyHost", false, null), + new Property("Ice\\.HTTPProxyPort", false, null), + new Property("Ice\\.ImplicitContext", false, null), + new Property("Ice\\.InitPlugins", false, null), + new Property("Ice\\.IPv4", false, null), + new Property("Ice\\.IPv6", false, null), + new Property("Ice\\.LogFile", false, null), + new Property("Ice\\.LogFile\\.SizeMax", false, null), + new Property("Ice\\.LogStdErr\\.Convert", false, null), + new Property("Ice\\.MessageSizeMax", false, null), + new Property("Ice\\.Nohup", false, null), + new Property("Ice\\.Override\\.CloseTimeout", false, null), + new Property("Ice\\.Override\\.Compress", false, null), + new Property("Ice\\.Override\\.ConnectTimeout", false, null), + new Property("Ice\\.Override\\.Timeout", false, null), + new Property("Ice\\.Override\\.Secure", false, null), + new Property("Ice\\.Package\\.[^\\s]+", false, null), + new Property("Ice\\.Plugin\\.[^\\s]+", false, null), + new Property("Ice\\.PluginLoadOrder", false, null), + new Property("Ice\\.PreferIPv6Address", false, null), + new Property("Ice\\.PreloadAssemblies", false, null), + new Property("Ice\\.PrintAdapterReady", false, null), + new Property("Ice\\.PrintProcessId", false, null), + new Property("Ice\\.PrintStackTraces", false, null), + new Property("Ice\\.ProgramName", false, null), + new Property("Ice\\.RetryIntervals", false, null), + new Property("Ice\\.ServerIdleTime", false, null), + new Property("Ice\\.SOCKSProxyHost", false, null), + new Property("Ice\\.SOCKSProxyPort", false, null), + new Property("Ice\\.StdErr", false, null), + new Property("Ice\\.StdOut", false, null), + new Property("Ice\\.SyslogFacility", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.Size", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.SizeMax", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.SizeWarn", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.StackSize", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.Serialize", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.ThreadIdleTime", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.ThreadPriority", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.Size", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.SizeMax", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.SizeWarn", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.StackSize", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.Serialize", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.ThreadIdleTime", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.ThreadPriority", false, null), + new Property("Ice\\.ThreadPriority", false, null), + new Property("Ice\\.ToStringMode", false, null), + new Property("Ice\\.Trace\\.Admin\\.Properties", false, null), + new Property("Ice\\.Trace\\.Admin\\.Logger", false, null), + new Property("Ice\\.Trace\\.Locator", false, null), + new Property("Ice\\.Trace\\.Network", false, null), + new Property("Ice\\.Trace\\.Protocol", false, null), + new Property("Ice\\.Trace\\.Retry", false, null), + new Property("Ice\\.Trace\\.Slicing", false, null), + new Property("Ice\\.Trace\\.ThreadPool", false, null), + new Property("Ice\\.UDP\\.RcvSize", false, null), + new Property("Ice\\.UDP\\.SndSize", false, null), + new Property("Ice\\.TCP\\.Backlog", false, null), + new Property("Ice\\.TCP\\.RcvSize", false, null), + new Property("Ice\\.TCP\\.SndSize", false, null), + new Property("Ice\\.UseApplicationClassLoader", false, null), + new Property("Ice\\.UseOSLog", false, null), + new Property("Ice\\.UseSyslog", false, null), + new Property("Ice\\.UseSystemdJournal", false, null), + new Property("Ice\\.Warn\\.AMICallback", false, null), + new Property("Ice\\.Warn\\.Connections", false, null), + new Property("Ice\\.Warn\\.Datagrams", false, null), + new Property("Ice\\.Warn\\.Dispatch", false, null), + new Property("Ice\\.Warn\\.Endpoints", false, null), + new Property("Ice\\.Warn\\.UnknownProperties", false, null), + new Property("Ice\\.Warn\\.UnusedProperties", false, null), + new Property("Ice\\.CacheMessageBuffers", false, null), + new Property("Ice\\.ThreadInterruptSafe", false, null), + null + }; - public static final Property IceMXProps[] = { - new Property("IceMX\\.Metrics\\.[^\\s]+\\.GroupBy", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.Map", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.RetainDetached", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.Accept", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.Reject", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+", false, null), - null - }; + public static final Property IceMXProps[] = + { + new Property("IceMX\\.Metrics\\.[^\\s]+\\.GroupBy", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.Map", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.RetainDetached", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.Accept", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.Reject", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+", false, null), + null + }; - public static final Property IceDiscoveryProps[] = { - new Property("IceDiscovery\\.Multicast\\.ACM\\.Timeout", false, null), - new Property("IceDiscovery\\.Multicast\\.ACM\\.Heartbeat", false, null), - new Property("IceDiscovery\\.Multicast\\.ACM\\.Close", false, null), - new Property("IceDiscovery\\.Multicast\\.ACM", false, null), - new Property("IceDiscovery\\.Multicast\\.AdapterId", false, null), - new Property("IceDiscovery\\.Multicast\\.Endpoints", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator", false, null), - new Property("IceDiscovery\\.Multicast\\.PublishedEndpoints", false, null), - new Property("IceDiscovery\\.Multicast\\.ReplicaGroupId", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.Locator", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.Router", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Multicast\\.Router", false, null), - new Property("IceDiscovery\\.Multicast\\.ProxyOptions", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Size", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeMax", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.StackSize", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Serialize", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceDiscovery\\.Multicast\\.MessageSizeMax", false, null), - new Property("IceDiscovery\\.Reply\\.ACM\\.Timeout", false, null), - new Property("IceDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), - new Property("IceDiscovery\\.Reply\\.ACM\\.Close", false, null), - new Property("IceDiscovery\\.Reply\\.ACM", false, null), - new Property("IceDiscovery\\.Reply\\.AdapterId", false, null), - new Property("IceDiscovery\\.Reply\\.Endpoints", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Reply\\.Locator", false, null), - new Property("IceDiscovery\\.Reply\\.PublishedEndpoints", false, null), - new Property("IceDiscovery\\.Reply\\.ReplicaGroupId", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.Locator", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.Router", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Reply\\.Router", false, null), - new Property("IceDiscovery\\.Reply\\.ProxyOptions", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceDiscovery\\.Reply\\.MessageSizeMax", false, null), - new Property("IceDiscovery\\.Locator\\.ACM\\.Timeout", false, null), - new Property("IceDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), - new Property("IceDiscovery\\.Locator\\.ACM\\.Close", false, null), - new Property("IceDiscovery\\.Locator\\.ACM", false, null), - new Property("IceDiscovery\\.Locator\\.AdapterId", false, null), - new Property("IceDiscovery\\.Locator\\.Endpoints", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Locator\\.PublishedEndpoints", false, null), - new Property("IceDiscovery\\.Locator\\.ReplicaGroupId", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.Locator", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.Router", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Locator\\.ProxyOptions", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceDiscovery\\.Locator\\.MessageSizeMax", false, null), - new Property("IceDiscovery\\.Lookup", false, null), - new Property("IceDiscovery\\.Timeout", false, null), - new Property("IceDiscovery\\.RetryCount", false, null), - new Property("IceDiscovery\\.LatencyMultiplier", false, null), - new Property("IceDiscovery\\.Address", false, null), - new Property("IceDiscovery\\.Port", false, null), - new Property("IceDiscovery\\.Interface", false, null), - new Property("IceDiscovery\\.DomainId", false, null), - null - }; + public static final Property IceDiscoveryProps[] = + { + new Property("IceDiscovery\\.Multicast\\.ACM\\.Timeout", false, null), + new Property("IceDiscovery\\.Multicast\\.ACM\\.Heartbeat", false, null), + new Property("IceDiscovery\\.Multicast\\.ACM\\.Close", false, null), + new Property("IceDiscovery\\.Multicast\\.ACM", false, null), + new Property("IceDiscovery\\.Multicast\\.AdapterId", false, null), + new Property("IceDiscovery\\.Multicast\\.Endpoints", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator", false, null), + new Property("IceDiscovery\\.Multicast\\.PublishedEndpoints", false, null), + new Property("IceDiscovery\\.Multicast\\.ReplicaGroupId", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.Locator", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.Router", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Multicast\\.Router", false, null), + new Property("IceDiscovery\\.Multicast\\.ProxyOptions", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Size", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeMax", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.StackSize", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Serialize", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceDiscovery\\.Multicast\\.MessageSizeMax", false, null), + new Property("IceDiscovery\\.Reply\\.ACM\\.Timeout", false, null), + new Property("IceDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), + new Property("IceDiscovery\\.Reply\\.ACM\\.Close", false, null), + new Property("IceDiscovery\\.Reply\\.ACM", false, null), + new Property("IceDiscovery\\.Reply\\.AdapterId", false, null), + new Property("IceDiscovery\\.Reply\\.Endpoints", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Reply\\.Locator", false, null), + new Property("IceDiscovery\\.Reply\\.PublishedEndpoints", false, null), + new Property("IceDiscovery\\.Reply\\.ReplicaGroupId", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.Locator", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.Router", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Reply\\.Router", false, null), + new Property("IceDiscovery\\.Reply\\.ProxyOptions", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceDiscovery\\.Reply\\.MessageSizeMax", false, null), + new Property("IceDiscovery\\.Locator\\.ACM\\.Timeout", false, null), + new Property("IceDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), + new Property("IceDiscovery\\.Locator\\.ACM\\.Close", false, null), + new Property("IceDiscovery\\.Locator\\.ACM", false, null), + new Property("IceDiscovery\\.Locator\\.AdapterId", false, null), + new Property("IceDiscovery\\.Locator\\.Endpoints", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Locator\\.PublishedEndpoints", false, null), + new Property("IceDiscovery\\.Locator\\.ReplicaGroupId", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.Locator", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.Router", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Locator\\.ProxyOptions", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceDiscovery\\.Locator\\.MessageSizeMax", false, null), + new Property("IceDiscovery\\.Lookup", false, null), + new Property("IceDiscovery\\.Timeout", false, null), + new Property("IceDiscovery\\.RetryCount", false, null), + new Property("IceDiscovery\\.LatencyMultiplier", false, null), + new Property("IceDiscovery\\.Address", false, null), + new Property("IceDiscovery\\.Port", false, null), + new Property("IceDiscovery\\.Interface", false, null), + new Property("IceDiscovery\\.DomainId", false, null), + null + }; - public static final Property IceLocatorDiscoveryProps[] = { - new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Timeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Close", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ACM", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.AdapterId", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Endpoints", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.PublishedEndpoints", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ReplicaGroupId", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ProxyOptions", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.MessageSizeMax", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Timeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Close", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.AdapterId", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Endpoints", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.PublishedEndpoints", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ReplicaGroupId", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ProxyOptions", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.MessageSizeMax", false, null), - new Property("IceLocatorDiscovery\\.Lookup", false, null), - new Property("IceLocatorDiscovery\\.Timeout", false, null), - new Property("IceLocatorDiscovery\\.RetryCount", false, null), - new Property("IceLocatorDiscovery\\.RetryDelay", false, null), - new Property("IceLocatorDiscovery\\.Address", false, null), - new Property("IceLocatorDiscovery\\.Port", false, null), - new Property("IceLocatorDiscovery\\.Interface", false, null), - new Property("IceLocatorDiscovery\\.InstanceName", false, null), - new Property("IceLocatorDiscovery\\.Trace\\.Lookup", false, null), - null - }; + public static final Property IceLocatorDiscoveryProps[] = + { + new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Timeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Close", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ACM", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.AdapterId", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Endpoints", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.PublishedEndpoints", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ReplicaGroupId", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ProxyOptions", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.MessageSizeMax", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Timeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Close", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.AdapterId", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Endpoints", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.PublishedEndpoints", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ReplicaGroupId", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ProxyOptions", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.MessageSizeMax", false, null), + new Property("IceLocatorDiscovery\\.Lookup", false, null), + new Property("IceLocatorDiscovery\\.Timeout", false, null), + new Property("IceLocatorDiscovery\\.RetryCount", false, null), + new Property("IceLocatorDiscovery\\.RetryDelay", false, null), + new Property("IceLocatorDiscovery\\.Address", false, null), + new Property("IceLocatorDiscovery\\.Port", false, null), + new Property("IceLocatorDiscovery\\.Interface", false, null), + new Property("IceLocatorDiscovery\\.InstanceName", false, null), + new Property("IceLocatorDiscovery\\.Trace\\.Lookup", false, null), + null + }; - public static final Property IceBoxProps[] = { - new Property("IceBox\\.InheritProperties", false, null), - new Property("IceBox\\.InstanceName", true, null), - new Property("IceBox\\.LoadOrder", false, null), - new Property("IceBox\\.PrintServicesReady", false, null), - new Property("IceBox\\.Service\\.[^\\s]+", false, null), - new Property("IceBox\\.ServiceManager\\.AdapterId", true, null), - new Property("IceBox\\.ServiceManager\\.Endpoints", true, null), - new Property("IceBox\\.ServiceManager\\.Locator", true, null), - new Property("IceBox\\.ServiceManager\\.PublishedEndpoints", true, null), - new Property("IceBox\\.ServiceManager\\.ReplicaGroupId", true, null), - new Property("IceBox\\.ServiceManager\\.Router", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.Size", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeMax", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeWarn", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.StackSize", true, null), - new Property("IceBox\\.Trace\\.ServiceObserver", false, null), - new Property("IceBox\\.UseSharedCommunicator\\.[^\\s]+", false, null), - null - }; + public static final Property IceBoxProps[] = + { + new Property("IceBox\\.InheritProperties", false, null), + new Property("IceBox\\.InstanceName", true, null), + new Property("IceBox\\.LoadOrder", false, null), + new Property("IceBox\\.PrintServicesReady", false, null), + new Property("IceBox\\.Service\\.[^\\s]+", false, null), + new Property("IceBox\\.ServiceManager\\.AdapterId", true, null), + new Property("IceBox\\.ServiceManager\\.Endpoints", true, null), + new Property("IceBox\\.ServiceManager\\.Locator", true, null), + new Property("IceBox\\.ServiceManager\\.PublishedEndpoints", true, null), + new Property("IceBox\\.ServiceManager\\.ReplicaGroupId", true, null), + new Property("IceBox\\.ServiceManager\\.Router", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.Size", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeMax", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeWarn", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.StackSize", true, null), + new Property("IceBox\\.Trace\\.ServiceObserver", false, null), + new Property("IceBox\\.UseSharedCommunicator\\.[^\\s]+", false, null), + null + }; - public static final Property IceBoxAdminProps[] = { - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.EndpointSelection", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.ConnectionCached", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.PreferSecure", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.LocatorCacheTimeout", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.InvocationTimeout", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Locator", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Router", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.CollocationOptimized", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Context\\.[^\\s]+", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy", false, null), - null - }; + public static final Property IceBoxAdminProps[] = + { + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.EndpointSelection", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.ConnectionCached", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.PreferSecure", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.LocatorCacheTimeout", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.InvocationTimeout", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Locator", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Router", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.CollocationOptimized", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Context\\.[^\\s]+", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy", false, null), + null + }; - public static final Property IceBridgeProps[] = { - new Property("IceBridge\\.Source\\.ACM\\.Timeout", false, null), - new Property("IceBridge\\.Source\\.ACM\\.Heartbeat", false, null), - new Property("IceBridge\\.Source\\.ACM\\.Close", false, null), - new Property("IceBridge\\.Source\\.ACM", false, null), - new Property("IceBridge\\.Source\\.AdapterId", false, null), - new Property("IceBridge\\.Source\\.Endpoints", false, null), - new Property("IceBridge\\.Source\\.Locator\\.EndpointSelection", false, null), - new Property("IceBridge\\.Source\\.Locator\\.ConnectionCached", false, null), - new Property("IceBridge\\.Source\\.Locator\\.PreferSecure", false, null), - new Property("IceBridge\\.Source\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceBridge\\.Source\\.Locator\\.InvocationTimeout", false, null), - new Property("IceBridge\\.Source\\.Locator\\.Locator", false, null), - new Property("IceBridge\\.Source\\.Locator\\.Router", false, null), - new Property("IceBridge\\.Source\\.Locator\\.CollocationOptimized", false, null), - new Property("IceBridge\\.Source\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceBridge\\.Source\\.Locator", false, null), - new Property("IceBridge\\.Source\\.PublishedEndpoints", false, null), - new Property("IceBridge\\.Source\\.ReplicaGroupId", false, null), - new Property("IceBridge\\.Source\\.Router\\.EndpointSelection", false, null), - new Property("IceBridge\\.Source\\.Router\\.ConnectionCached", false, null), - new Property("IceBridge\\.Source\\.Router\\.PreferSecure", false, null), - new Property("IceBridge\\.Source\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceBridge\\.Source\\.Router\\.InvocationTimeout", false, null), - new Property("IceBridge\\.Source\\.Router\\.Locator", false, null), - new Property("IceBridge\\.Source\\.Router\\.Router", false, null), - new Property("IceBridge\\.Source\\.Router\\.CollocationOptimized", false, null), - new Property("IceBridge\\.Source\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceBridge\\.Source\\.Router", false, null), - new Property("IceBridge\\.Source\\.ProxyOptions", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.Size", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.SizeMax", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.StackSize", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.Serialize", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceBridge\\.Source\\.MessageSizeMax", false, null), - new Property("IceBridge\\.Target\\.Endpoints", false, null), - new Property("IceBridge\\.InstanceName", false, null), - null - }; + public static final Property IceBridgeProps[] = + { + new Property("IceBridge\\.Source\\.ACM\\.Timeout", false, null), + new Property("IceBridge\\.Source\\.ACM\\.Heartbeat", false, null), + new Property("IceBridge\\.Source\\.ACM\\.Close", false, null), + new Property("IceBridge\\.Source\\.ACM", false, null), + new Property("IceBridge\\.Source\\.AdapterId", false, null), + new Property("IceBridge\\.Source\\.Endpoints", false, null), + new Property("IceBridge\\.Source\\.Locator\\.EndpointSelection", false, null), + new Property("IceBridge\\.Source\\.Locator\\.ConnectionCached", false, null), + new Property("IceBridge\\.Source\\.Locator\\.PreferSecure", false, null), + new Property("IceBridge\\.Source\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceBridge\\.Source\\.Locator\\.InvocationTimeout", false, null), + new Property("IceBridge\\.Source\\.Locator\\.Locator", false, null), + new Property("IceBridge\\.Source\\.Locator\\.Router", false, null), + new Property("IceBridge\\.Source\\.Locator\\.CollocationOptimized", false, null), + new Property("IceBridge\\.Source\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceBridge\\.Source\\.Locator", false, null), + new Property("IceBridge\\.Source\\.PublishedEndpoints", false, null), + new Property("IceBridge\\.Source\\.ReplicaGroupId", false, null), + new Property("IceBridge\\.Source\\.Router\\.EndpointSelection", false, null), + new Property("IceBridge\\.Source\\.Router\\.ConnectionCached", false, null), + new Property("IceBridge\\.Source\\.Router\\.PreferSecure", false, null), + new Property("IceBridge\\.Source\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceBridge\\.Source\\.Router\\.InvocationTimeout", false, null), + new Property("IceBridge\\.Source\\.Router\\.Locator", false, null), + new Property("IceBridge\\.Source\\.Router\\.Router", false, null), + new Property("IceBridge\\.Source\\.Router\\.CollocationOptimized", false, null), + new Property("IceBridge\\.Source\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceBridge\\.Source\\.Router", false, null), + new Property("IceBridge\\.Source\\.ProxyOptions", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.Size", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.SizeMax", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.StackSize", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.Serialize", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceBridge\\.Source\\.MessageSizeMax", false, null), + new Property("IceBridge\\.Target\\.Endpoints", false, null), + new Property("IceBridge\\.InstanceName", false, null), + null + }; - public static final Property IceGridAdminProps[] = { - new Property("IceGridAdmin\\.AuthenticateUsingSSL", false, null), - new Property("IceGridAdmin\\.MetricsConfig", false, null), - new Property("IceGridAdmin\\.Username", false, null), - new Property("IceGridAdmin\\.Password", false, null), - new Property("IceGridAdmin\\.Replica", false, null), - new Property("IceGridAdmin\\.Host", false, null), - new Property("IceGridAdmin\\.Port", false, null), - new Property("IceGridAdmin\\.InstanceName", false, null), - new Property("IceGridAdmin\\.Server\\.ACM\\.Timeout", false, null), - new Property("IceGridAdmin\\.Server\\.ACM\\.Heartbeat", false, null), - new Property("IceGridAdmin\\.Server\\.ACM\\.Close", false, null), - new Property("IceGridAdmin\\.Server\\.ACM", false, null), - new Property("IceGridAdmin\\.Server\\.AdapterId", false, null), - new Property("IceGridAdmin\\.Server\\.Endpoints", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.Router", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Server\\.Locator", false, null), - new Property("IceGridAdmin\\.Server\\.PublishedEndpoints", false, null), - new Property("IceGridAdmin\\.Server\\.ReplicaGroupId", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.Locator", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.Router", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Server\\.Router", false, null), - new Property("IceGridAdmin\\.Server\\.ProxyOptions", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Size", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.StackSize", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Serialize", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGridAdmin\\.Server\\.MessageSizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Address", false, null), - new Property("IceGridAdmin\\.Discovery\\.Interface", false, null), - new Property("IceGridAdmin\\.Discovery\\.Lookup", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Timeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Heartbeat", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Close", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.AdapterId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Endpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.PublishedEndpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ReplicaGroupId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ProxyOptions", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Size", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.StackSize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Serialize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.MessageSizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Timeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Heartbeat", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Close", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.AdapterId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Endpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Router", false, null), - new Property( - "IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.PublishedEndpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ReplicaGroupId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ProxyOptions", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Size", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.StackSize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Serialize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.MessageSizeMax", false, null), - new Property("IceGridAdmin\\.Trace\\.Observers", false, null), - new Property("IceGridAdmin\\.Trace\\.SaveToRegistry", false, null), - null - }; + public static final Property IceGridAdminProps[] = + { + new Property("IceGridAdmin\\.AuthenticateUsingSSL", false, null), + new Property("IceGridAdmin\\.MetricsConfig", false, null), + new Property("IceGridAdmin\\.Username", false, null), + new Property("IceGridAdmin\\.Password", false, null), + new Property("IceGridAdmin\\.Replica", false, null), + new Property("IceGridAdmin\\.Host", false, null), + new Property("IceGridAdmin\\.Port", false, null), + new Property("IceGridAdmin\\.InstanceName", false, null), + new Property("IceGridAdmin\\.Server\\.ACM\\.Timeout", false, null), + new Property("IceGridAdmin\\.Server\\.ACM\\.Heartbeat", false, null), + new Property("IceGridAdmin\\.Server\\.ACM\\.Close", false, null), + new Property("IceGridAdmin\\.Server\\.ACM", false, null), + new Property("IceGridAdmin\\.Server\\.AdapterId", false, null), + new Property("IceGridAdmin\\.Server\\.Endpoints", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.Router", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Server\\.Locator", false, null), + new Property("IceGridAdmin\\.Server\\.PublishedEndpoints", false, null), + new Property("IceGridAdmin\\.Server\\.ReplicaGroupId", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.Locator", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.Router", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Server\\.Router", false, null), + new Property("IceGridAdmin\\.Server\\.ProxyOptions", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Size", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.StackSize", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Serialize", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGridAdmin\\.Server\\.MessageSizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Address", false, null), + new Property("IceGridAdmin\\.Discovery\\.Interface", false, null), + new Property("IceGridAdmin\\.Discovery\\.Lookup", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Timeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Heartbeat", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Close", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.AdapterId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Endpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.PublishedEndpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ReplicaGroupId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ProxyOptions", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Size", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.StackSize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Serialize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.MessageSizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Timeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Heartbeat", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Close", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.AdapterId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Endpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.PublishedEndpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ReplicaGroupId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ProxyOptions", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Size", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.StackSize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Serialize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.MessageSizeMax", false, null), + new Property("IceGridAdmin\\.Trace\\.Observers", false, null), + new Property("IceGridAdmin\\.Trace\\.SaveToRegistry", false, null), + null + }; - public static final Property IceGridProps[] = { - new Property("IceGrid\\.AdminRouter\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.AdminRouter\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.AdminRouter\\.ACM\\.Close", false, null), - new Property("IceGrid\\.AdminRouter\\.ACM", false, null), - new Property("IceGrid\\.AdminRouter\\.AdapterId", false, null), - new Property("IceGrid\\.AdminRouter\\.Endpoints", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.Router", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator", false, null), - new Property("IceGrid\\.AdminRouter\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.AdminRouter\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.Locator", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.Router", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.AdminRouter\\.Router", false, null), - new Property("IceGrid\\.AdminRouter\\.ProxyOptions", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.AdminRouter\\.MessageSizeMax", false, null), - new Property("IceGrid\\.InstanceName", false, null), - new Property("IceGrid\\.Node\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Node\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Node\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Node\\.ACM", false, null), - new Property("IceGrid\\.Node\\.AdapterId", false, null), - new Property("IceGrid\\.Node\\.Endpoints", false, null), - new Property("IceGrid\\.Node\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Node\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Node\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Node\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Node\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Node\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Node\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Node\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Node\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Node\\.Locator", false, null), - new Property("IceGrid\\.Node\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Node\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Node\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Node\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Node\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Node\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Node\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Node\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Node\\.Router\\.Router", false, null), - new Property("IceGrid\\.Node\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Node\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Node\\.Router", false, null), - new Property("IceGrid\\.Node\\.ProxyOptions", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Node\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Node\\.AllowRunningServersAsRoot", false, null), - new Property("IceGrid\\.Node\\.AllowEndpointsOverride", false, null), - new Property("IceGrid\\.Node\\.CollocateRegistry", false, null), - new Property("IceGrid\\.Node\\.Data", false, null), - new Property("IceGrid\\.Node\\.DisableOnFailure", false, null), - new Property("IceGrid\\.Node\\.Name", false, null), - new Property("IceGrid\\.Node\\.Output", false, null), - new Property("IceGrid\\.Node\\.ProcessorSocketCount", false, null), - new Property("IceGrid\\.Node\\.PrintServersReady", false, null), - new Property("IceGrid\\.Node\\.PropertiesOverride", false, null), - new Property("IceGrid\\.Node\\.RedirectErrToOut", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Activator", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Adapter", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Admin", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Patch", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Replica", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Server", false, null), - new Property("IceGrid\\.Node\\.UserAccounts", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.EndpointSelection", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.ConnectionCached", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.PreferSecure", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.Locator", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.Router", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper", false, null), - new Property("IceGrid\\.Node\\.WaitTime", false, null), - new Property("IceGrid\\.Registry\\.AdminCryptPasswords", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.PreferSecure", false, null), - new Property( - "IceGrid\\.Registry\\.AdminPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Router", false, null), - new Property( - "IceGrid\\.Registry\\.AdminPermissionsVerifier\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionFilters", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Endpoints", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.EndpointSelection", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.PreferSecure", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.LocatorCacheTimeout", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Router", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.CollocationOptimized", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ReplicaGroupId", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.EndpointSelection", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.PreferSecure", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.LocatorCacheTimeout", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Router", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.CollocationOptimized", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Serialize", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.MessageSizeMax", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.EndpointSelection", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.PreferSecure", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Router", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.CollocationOptimized", false, null), - new Property( - "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Client\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Client\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Client\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.CryptPasswords", false, null), - new Property("IceGrid\\.Registry\\.DefaultTemplates", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Enabled", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Address", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Port", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Interface", false, null), - new Property("IceGrid\\.Registry\\.DynamicRegistration", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.LMDB\\.MapSize", false, null), - new Property("IceGrid\\.Registry\\.LMDB\\.Path", false, null), - new Property("IceGrid\\.Registry\\.NodeSessionTimeout", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Router", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.ReplicaName", false, null), - new Property("IceGrid\\.Registry\\.ReplicaSessionTimeout", false, null), - new Property("IceGrid\\.Registry\\.RequireNodeCertCN", false, null), - new Property("IceGrid\\.Registry\\.RequireReplicaCertCN", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Server\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Server\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Server\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.SessionFilters", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.PreferSecure", false, null), - new Property( - "IceGrid\\.Registry\\.SessionManager\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Router", false, null), - new Property( - "IceGrid\\.Registry\\.SessionManager\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Router", false, null), - new Property( - "IceGrid\\.Registry\\.SessionManager\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.SessionTimeout", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Router", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Admin", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Application", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Adapter", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Discovery", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Node", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Object", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Patch", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Replica", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Server", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Session", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Subscriber", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Topic", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.TopicManager", false, null), - new Property("IceGrid\\.Registry\\.UserAccounts", false, null), - null - }; + public static final Property IceGridProps[] = + { + new Property("IceGrid\\.AdminRouter\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.AdminRouter\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.AdminRouter\\.ACM\\.Close", false, null), + new Property("IceGrid\\.AdminRouter\\.ACM", false, null), + new Property("IceGrid\\.AdminRouter\\.AdapterId", false, null), + new Property("IceGrid\\.AdminRouter\\.Endpoints", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.Router", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator", false, null), + new Property("IceGrid\\.AdminRouter\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.AdminRouter\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.Locator", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.Router", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.AdminRouter\\.Router", false, null), + new Property("IceGrid\\.AdminRouter\\.ProxyOptions", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.AdminRouter\\.MessageSizeMax", false, null), + new Property("IceGrid\\.InstanceName", false, null), + new Property("IceGrid\\.Node\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Node\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Node\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Node\\.ACM", false, null), + new Property("IceGrid\\.Node\\.AdapterId", false, null), + new Property("IceGrid\\.Node\\.Endpoints", false, null), + new Property("IceGrid\\.Node\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Node\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Node\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Node\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Node\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Node\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Node\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Node\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Node\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Node\\.Locator", false, null), + new Property("IceGrid\\.Node\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Node\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Node\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Node\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Node\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Node\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Node\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Node\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Node\\.Router\\.Router", false, null), + new Property("IceGrid\\.Node\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Node\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Node\\.Router", false, null), + new Property("IceGrid\\.Node\\.ProxyOptions", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Node\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Node\\.AllowRunningServersAsRoot", false, null), + new Property("IceGrid\\.Node\\.AllowEndpointsOverride", false, null), + new Property("IceGrid\\.Node\\.CollocateRegistry", false, null), + new Property("IceGrid\\.Node\\.Data", false, null), + new Property("IceGrid\\.Node\\.DisableOnFailure", false, null), + new Property("IceGrid\\.Node\\.Name", false, null), + new Property("IceGrid\\.Node\\.Output", false, null), + new Property("IceGrid\\.Node\\.ProcessorSocketCount", false, null), + new Property("IceGrid\\.Node\\.PrintServersReady", false, null), + new Property("IceGrid\\.Node\\.PropertiesOverride", false, null), + new Property("IceGrid\\.Node\\.RedirectErrToOut", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Activator", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Adapter", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Admin", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Patch", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Replica", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Server", false, null), + new Property("IceGrid\\.Node\\.UserAccounts", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.EndpointSelection", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.ConnectionCached", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.PreferSecure", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.Locator", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.Router", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper", false, null), + new Property("IceGrid\\.Node\\.WaitTime", false, null), + new Property("IceGrid\\.Registry\\.AdminCryptPasswords", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Router", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionFilters", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Router", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Client\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Client\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Client\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.CryptPasswords", false, null), + new Property("IceGrid\\.Registry\\.DefaultTemplates", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Enabled", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Address", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Port", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Interface", false, null), + new Property("IceGrid\\.Registry\\.DynamicRegistration", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.LMDB\\.MapSize", false, null), + new Property("IceGrid\\.Registry\\.LMDB\\.Path", false, null), + new Property("IceGrid\\.Registry\\.NodeSessionTimeout", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Router", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.ReplicaName", false, null), + new Property("IceGrid\\.Registry\\.ReplicaSessionTimeout", false, null), + new Property("IceGrid\\.Registry\\.RequireNodeCertCN", false, null), + new Property("IceGrid\\.Registry\\.RequireReplicaCertCN", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Server\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Server\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Server\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.SessionFilters", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.SessionTimeout", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Router", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Admin", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Application", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Adapter", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Discovery", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Node", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Object", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Patch", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Replica", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Server", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Session", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Subscriber", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Topic", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.TopicManager", false, null), + new Property("IceGrid\\.Registry\\.UserAccounts", false, null), + null + }; - public static final Property IceSSLProps[] = { - new Property("IceSSL\\.Alias", false, null), - new Property("IceSSL\\.CAs", false, null), - new Property("IceSSL\\.CertAuthDir", true, "IceSSL.CAs"), - new Property("IceSSL\\.CertAuthFile", true, "IceSSL.CAs"), - new Property("IceSSL\\.CertStore", false, null), - new Property("IceSSL\\.CertStoreLocation", false, null), - new Property("IceSSL\\.CertFile", false, null), - new Property("IceSSL\\.CertVerifier", false, null), - new Property("IceSSL\\.CheckCertName", false, null), - new Property("IceSSL\\.CheckCRL", false, null), - new Property("IceSSL\\.Ciphers", false, null), - new Property("IceSSL\\.CertificateRevocationListFiles", false, null), - new Property("IceSSL\\.DefaultDir", false, null), - new Property("IceSSL\\.DH\\.[^\\s]+", false, null), - new Property("IceSSL\\.DHParams", false, null), - new Property("IceSSL\\.EntropyDaemon", false, null), - new Property("IceSSL\\.FindCert", false, null), - new Property("IceSSL\\.FindCert\\.[^\\s]+", true, null), - new Property("IceSSL\\.InitOpenSSL", false, null), - new Property("IceSSL\\.KeyFile", false, null), - new Property("IceSSL\\.Keychain", false, null), - new Property("IceSSL\\.KeychainPassword", false, null), - new Property("IceSSL\\.Keystore", false, null), - new Property("IceSSL\\.KeystorePassword", false, null), - new Property("IceSSL\\.KeystoreType", false, null), - new Property("IceSSL\\.Password", false, null), - new Property("IceSSL\\.PasswordCallback", false, null), - new Property("IceSSL\\.PasswordRetryMax", false, null), - new Property("IceSSL\\.Random", false, null), - new Property("IceSSL\\.RevocationCheck", false, null), - new Property("IceSSL\\.RevocationCheckCacheOnly", false, null), - new Property("IceSSL\\.SchannelStrongCrypto", false, null), - new Property("IceSSL\\.Trace\\.Security", false, null), - new Property("IceSSL\\.TrustOnly", false, null), - new Property("IceSSL\\.TrustOnly\\.Client", false, null), - new Property("IceSSL\\.TrustOnly\\.Server", false, null), - new Property("IceSSL\\.TrustOnly\\.Server\\.[^\\s]+", false, null), - new Property("IceSSL\\.Truststore", false, null), - new Property("IceSSL\\.TruststorePassword", false, null), - new Property("IceSSL\\.TruststoreType", false, null), - new Property("IceSSL\\.UsePlatformCAs", false, null), - new Property("IceSSL\\.VerifyDepthMax", false, null), - new Property("IceSSL\\.VerifyPeer", false, null), - null - }; + public static final Property IceSSLProps[] = + { + new Property("IceSSL\\.Alias", false, null), + new Property("IceSSL\\.CAs", false, null), + new Property("IceSSL\\.CertStore", false, null), + new Property("IceSSL\\.CertStoreLocation", false, null), + new Property("IceSSL\\.CertFile", false, null), + new Property("IceSSL\\.CheckCertName", false, null), + new Property("IceSSL\\.CheckCRL", false, null), + new Property("IceSSL\\.Ciphers", false, null), + new Property("IceSSL\\.CertificateRevocationListFiles", false, null), + new Property("IceSSL\\.DefaultDir", false, null), + new Property("IceSSL\\.FindCert", false, null), + new Property("IceSSL\\.KeyFile", false, null), + new Property("IceSSL\\.Keychain", false, null), + new Property("IceSSL\\.KeychainPassword", false, null), + new Property("IceSSL\\.Keystore", false, null), + new Property("IceSSL\\.KeystorePassword", false, null), + new Property("IceSSL\\.KeystoreType", false, null), + new Property("IceSSL\\.Password", false, null), + new Property("IceSSL\\.RevocationCheck", false, null), + new Property("IceSSL\\.RevocationCheckCacheOnly", false, null), + new Property("IceSSL\\.SchannelStrongCrypto", false, null), + new Property("IceSSL\\.Trace\\.Security", false, null), + new Property("IceSSL\\.TrustOnly", false, null), + new Property("IceSSL\\.TrustOnly\\.Client", false, null), + new Property("IceSSL\\.TrustOnly\\.Server", false, null), + new Property("IceSSL\\.TrustOnly\\.Server\\.[^\\s]+", false, null), + new Property("IceSSL\\.Truststore", false, null), + new Property("IceSSL\\.TruststorePassword", false, null), + new Property("IceSSL\\.TruststoreType", false, null), + new Property("IceSSL\\.UsePlatformCAs", false, null), + new Property("IceSSL\\.VerifyPeer", false, null), + null + }; - public static final Property IceStormAdminProps[] = { - new Property("IceStormAdmin\\.TopicManager\\.[^\\s]+", false, null), - new Property("IceStormAdmin\\.Host", false, null), - new Property("IceStormAdmin\\.Port", false, null), - null - }; + public static final Property IceStormAdminProps[] = + { + new Property("IceStormAdmin\\.TopicManager\\.[^\\s]+", false, null), + new Property("IceStormAdmin\\.Host", false, null), + new Property("IceStormAdmin\\.Port", false, null), + null + }; - public static final Property IceBTProps[] = { - new Property("IceBT\\.RcvSize", false, null), new Property("IceBT\\.SndSize", false, null), null - }; + public static final Property IceBTProps[] = + { + new Property("IceBT\\.RcvSize", false, null), + new Property("IceBT\\.SndSize", false, null), + null + }; - public static final Property Glacier2Props[] = { - new Property("Glacier2\\.AddConnectionContext", false, null), - new Property("Glacier2\\.Client\\.ACM\\.Timeout", false, null), - new Property("Glacier2\\.Client\\.ACM\\.Heartbeat", false, null), - new Property("Glacier2\\.Client\\.ACM\\.Close", false, null), - new Property("Glacier2\\.Client\\.ACM", false, null), - new Property("Glacier2\\.Client\\.AdapterId", false, null), - new Property("Glacier2\\.Client\\.Endpoints", false, null), - new Property("Glacier2\\.Client\\.Locator\\.EndpointSelection", false, null), - new Property("Glacier2\\.Client\\.Locator\\.ConnectionCached", false, null), - new Property("Glacier2\\.Client\\.Locator\\.PreferSecure", false, null), - new Property("Glacier2\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Client\\.Locator\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Client\\.Locator\\.Locator", false, null), - new Property("Glacier2\\.Client\\.Locator\\.Router", false, null), - new Property("Glacier2\\.Client\\.Locator\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Client\\.Locator", false, null), - new Property("Glacier2\\.Client\\.PublishedEndpoints", false, null), - new Property("Glacier2\\.Client\\.ReplicaGroupId", false, null), - new Property("Glacier2\\.Client\\.Router\\.EndpointSelection", false, null), - new Property("Glacier2\\.Client\\.Router\\.ConnectionCached", false, null), - new Property("Glacier2\\.Client\\.Router\\.PreferSecure", false, null), - new Property("Glacier2\\.Client\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Client\\.Router\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Client\\.Router\\.Locator", false, null), - new Property("Glacier2\\.Client\\.Router\\.Router", false, null), - new Property("Glacier2\\.Client\\.Router\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Client\\.Router", false, null), - new Property("Glacier2\\.Client\\.ProxyOptions", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.Size", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.SizeMax", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.SizeWarn", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.StackSize", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.Serialize", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadPriority", false, null), - new Property("Glacier2\\.Client\\.MessageSizeMax", false, null), - new Property("Glacier2\\.Client\\.Buffered", false, null), - new Property("Glacier2\\.Client\\.ForwardContext", false, null), - new Property("Glacier2\\.Client\\.SleepTime", false, null), - new Property("Glacier2\\.Client\\.Trace\\.Override", false, null), - new Property("Glacier2\\.Client\\.Trace\\.Reject", false, null), - new Property("Glacier2\\.Client\\.Trace\\.Request", false, null), - new Property("Glacier2\\.CryptPasswords", false, null), - new Property("Glacier2\\.Filter\\.Address\\.Reject", false, null), - new Property("Glacier2\\.Filter\\.Address\\.Accept", false, null), - new Property("Glacier2\\.Filter\\.ProxySizeMax", false, null), - new Property("Glacier2\\.Filter\\.Category\\.Accept", false, null), - new Property("Glacier2\\.Filter\\.Category\\.AcceptUser", false, null), - new Property("Glacier2\\.Filter\\.AdapterId\\.Accept", false, null), - new Property("Glacier2\\.Filter\\.Identity\\.Accept", false, null), - new Property("Glacier2\\.InstanceName", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.EndpointSelection", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.ConnectionCached", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.PreferSecure", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.InvocationTimeout", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.Locator", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.Router", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.CollocationOptimized", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.PermissionsVerifier", false, null), - new Property("Glacier2\\.ReturnClientProxy", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.PreferSecure", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.Locator", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.Router", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier", false, null), - new Property("Glacier2\\.RoutingTable\\.MaxSize", false, null), - new Property("Glacier2\\.Server\\.ACM\\.Timeout", false, null), - new Property("Glacier2\\.Server\\.ACM\\.Heartbeat", false, null), - new Property("Glacier2\\.Server\\.ACM\\.Close", false, null), - new Property("Glacier2\\.Server\\.ACM", false, null), - new Property("Glacier2\\.Server\\.AdapterId", false, null), - new Property("Glacier2\\.Server\\.Endpoints", false, null), - new Property("Glacier2\\.Server\\.Locator\\.EndpointSelection", false, null), - new Property("Glacier2\\.Server\\.Locator\\.ConnectionCached", false, null), - new Property("Glacier2\\.Server\\.Locator\\.PreferSecure", false, null), - new Property("Glacier2\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Server\\.Locator\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Server\\.Locator\\.Locator", false, null), - new Property("Glacier2\\.Server\\.Locator\\.Router", false, null), - new Property("Glacier2\\.Server\\.Locator\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Server\\.Locator", false, null), - new Property("Glacier2\\.Server\\.PublishedEndpoints", false, null), - new Property("Glacier2\\.Server\\.ReplicaGroupId", false, null), - new Property("Glacier2\\.Server\\.Router\\.EndpointSelection", false, null), - new Property("Glacier2\\.Server\\.Router\\.ConnectionCached", false, null), - new Property("Glacier2\\.Server\\.Router\\.PreferSecure", false, null), - new Property("Glacier2\\.Server\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Server\\.Router\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Server\\.Router\\.Locator", false, null), - new Property("Glacier2\\.Server\\.Router\\.Router", false, null), - new Property("Glacier2\\.Server\\.Router\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Server\\.Router", false, null), - new Property("Glacier2\\.Server\\.ProxyOptions", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.Size", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.SizeMax", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.SizeWarn", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.StackSize", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.Serialize", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadPriority", false, null), - new Property("Glacier2\\.Server\\.MessageSizeMax", false, null), - new Property("Glacier2\\.Server\\.Buffered", false, null), - new Property("Glacier2\\.Server\\.ForwardContext", false, null), - new Property("Glacier2\\.Server\\.SleepTime", false, null), - new Property("Glacier2\\.Server\\.Trace\\.Override", false, null), - new Property("Glacier2\\.Server\\.Trace\\.Request", false, null), - new Property("Glacier2\\.SessionManager\\.EndpointSelection", false, null), - new Property("Glacier2\\.SessionManager\\.ConnectionCached", false, null), - new Property("Glacier2\\.SessionManager\\.PreferSecure", false, null), - new Property("Glacier2\\.SessionManager\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.SessionManager\\.InvocationTimeout", false, null), - new Property("Glacier2\\.SessionManager\\.Locator", false, null), - new Property("Glacier2\\.SessionManager\\.Router", false, null), - new Property("Glacier2\\.SessionManager\\.CollocationOptimized", false, null), - new Property("Glacier2\\.SessionManager\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.SessionManager", false, null), - new Property("Glacier2\\.SSLSessionManager\\.EndpointSelection", false, null), - new Property("Glacier2\\.SSLSessionManager\\.ConnectionCached", false, null), - new Property("Glacier2\\.SSLSessionManager\\.PreferSecure", false, null), - new Property("Glacier2\\.SSLSessionManager\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.SSLSessionManager\\.InvocationTimeout", false, null), - new Property("Glacier2\\.SSLSessionManager\\.Locator", false, null), - new Property("Glacier2\\.SSLSessionManager\\.Router", false, null), - new Property("Glacier2\\.SSLSessionManager\\.CollocationOptimized", false, null), - new Property("Glacier2\\.SSLSessionManager\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.SSLSessionManager", false, null), - new Property("Glacier2\\.Trace\\.RoutingTable", false, null), - new Property("Glacier2\\.Trace\\.Session", false, null), - null - }; + public static final Property Glacier2Props[] = + { + new Property("Glacier2\\.AddConnectionContext", false, null), + new Property("Glacier2\\.Client\\.ACM\\.Timeout", false, null), + new Property("Glacier2\\.Client\\.ACM\\.Heartbeat", false, null), + new Property("Glacier2\\.Client\\.ACM\\.Close", false, null), + new Property("Glacier2\\.Client\\.ACM", false, null), + new Property("Glacier2\\.Client\\.AdapterId", false, null), + new Property("Glacier2\\.Client\\.Endpoints", false, null), + new Property("Glacier2\\.Client\\.Locator\\.EndpointSelection", false, null), + new Property("Glacier2\\.Client\\.Locator\\.ConnectionCached", false, null), + new Property("Glacier2\\.Client\\.Locator\\.PreferSecure", false, null), + new Property("Glacier2\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Client\\.Locator\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Client\\.Locator\\.Locator", false, null), + new Property("Glacier2\\.Client\\.Locator\\.Router", false, null), + new Property("Glacier2\\.Client\\.Locator\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Client\\.Locator", false, null), + new Property("Glacier2\\.Client\\.PublishedEndpoints", false, null), + new Property("Glacier2\\.Client\\.ReplicaGroupId", false, null), + new Property("Glacier2\\.Client\\.Router\\.EndpointSelection", false, null), + new Property("Glacier2\\.Client\\.Router\\.ConnectionCached", false, null), + new Property("Glacier2\\.Client\\.Router\\.PreferSecure", false, null), + new Property("Glacier2\\.Client\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Client\\.Router\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Client\\.Router\\.Locator", false, null), + new Property("Glacier2\\.Client\\.Router\\.Router", false, null), + new Property("Glacier2\\.Client\\.Router\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Client\\.Router", false, null), + new Property("Glacier2\\.Client\\.ProxyOptions", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.Size", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.SizeMax", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.SizeWarn", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.StackSize", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.Serialize", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadPriority", false, null), + new Property("Glacier2\\.Client\\.MessageSizeMax", false, null), + new Property("Glacier2\\.Client\\.Buffered", false, null), + new Property("Glacier2\\.Client\\.ForwardContext", false, null), + new Property("Glacier2\\.Client\\.SleepTime", false, null), + new Property("Glacier2\\.Client\\.Trace\\.Override", false, null), + new Property("Glacier2\\.Client\\.Trace\\.Reject", false, null), + new Property("Glacier2\\.Client\\.Trace\\.Request", false, null), + new Property("Glacier2\\.CryptPasswords", false, null), + new Property("Glacier2\\.Filter\\.Address\\.Reject", false, null), + new Property("Glacier2\\.Filter\\.Address\\.Accept", false, null), + new Property("Glacier2\\.Filter\\.ProxySizeMax", false, null), + new Property("Glacier2\\.Filter\\.Category\\.Accept", false, null), + new Property("Glacier2\\.Filter\\.Category\\.AcceptUser", false, null), + new Property("Glacier2\\.Filter\\.AdapterId\\.Accept", false, null), + new Property("Glacier2\\.Filter\\.Identity\\.Accept", false, null), + new Property("Glacier2\\.InstanceName", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.EndpointSelection", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.ConnectionCached", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.PreferSecure", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.InvocationTimeout", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.Locator", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.Router", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.CollocationOptimized", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.PermissionsVerifier", false, null), + new Property("Glacier2\\.ReturnClientProxy", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.PreferSecure", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.Locator", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.Router", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier", false, null), + new Property("Glacier2\\.RoutingTable\\.MaxSize", false, null), + new Property("Glacier2\\.Server\\.ACM\\.Timeout", false, null), + new Property("Glacier2\\.Server\\.ACM\\.Heartbeat", false, null), + new Property("Glacier2\\.Server\\.ACM\\.Close", false, null), + new Property("Glacier2\\.Server\\.ACM", false, null), + new Property("Glacier2\\.Server\\.AdapterId", false, null), + new Property("Glacier2\\.Server\\.Endpoints", false, null), + new Property("Glacier2\\.Server\\.Locator\\.EndpointSelection", false, null), + new Property("Glacier2\\.Server\\.Locator\\.ConnectionCached", false, null), + new Property("Glacier2\\.Server\\.Locator\\.PreferSecure", false, null), + new Property("Glacier2\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Server\\.Locator\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Server\\.Locator\\.Locator", false, null), + new Property("Glacier2\\.Server\\.Locator\\.Router", false, null), + new Property("Glacier2\\.Server\\.Locator\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Server\\.Locator", false, null), + new Property("Glacier2\\.Server\\.PublishedEndpoints", false, null), + new Property("Glacier2\\.Server\\.ReplicaGroupId", false, null), + new Property("Glacier2\\.Server\\.Router\\.EndpointSelection", false, null), + new Property("Glacier2\\.Server\\.Router\\.ConnectionCached", false, null), + new Property("Glacier2\\.Server\\.Router\\.PreferSecure", false, null), + new Property("Glacier2\\.Server\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Server\\.Router\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Server\\.Router\\.Locator", false, null), + new Property("Glacier2\\.Server\\.Router\\.Router", false, null), + new Property("Glacier2\\.Server\\.Router\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Server\\.Router", false, null), + new Property("Glacier2\\.Server\\.ProxyOptions", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.Size", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.SizeMax", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.SizeWarn", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.StackSize", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.Serialize", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadPriority", false, null), + new Property("Glacier2\\.Server\\.MessageSizeMax", false, null), + new Property("Glacier2\\.Server\\.Buffered", false, null), + new Property("Glacier2\\.Server\\.ForwardContext", false, null), + new Property("Glacier2\\.Server\\.SleepTime", false, null), + new Property("Glacier2\\.Server\\.Trace\\.Override", false, null), + new Property("Glacier2\\.Server\\.Trace\\.Request", false, null), + new Property("Glacier2\\.SessionManager\\.EndpointSelection", false, null), + new Property("Glacier2\\.SessionManager\\.ConnectionCached", false, null), + new Property("Glacier2\\.SessionManager\\.PreferSecure", false, null), + new Property("Glacier2\\.SessionManager\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.SessionManager\\.InvocationTimeout", false, null), + new Property("Glacier2\\.SessionManager\\.Locator", false, null), + new Property("Glacier2\\.SessionManager\\.Router", false, null), + new Property("Glacier2\\.SessionManager\\.CollocationOptimized", false, null), + new Property("Glacier2\\.SessionManager\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.SessionManager", false, null), + new Property("Glacier2\\.SSLSessionManager\\.EndpointSelection", false, null), + new Property("Glacier2\\.SSLSessionManager\\.ConnectionCached", false, null), + new Property("Glacier2\\.SSLSessionManager\\.PreferSecure", false, null), + new Property("Glacier2\\.SSLSessionManager\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.SSLSessionManager\\.InvocationTimeout", false, null), + new Property("Glacier2\\.SSLSessionManager\\.Locator", false, null), + new Property("Glacier2\\.SSLSessionManager\\.Router", false, null), + new Property("Glacier2\\.SSLSessionManager\\.CollocationOptimized", false, null), + new Property("Glacier2\\.SSLSessionManager\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.SSLSessionManager", false, null), + new Property("Glacier2\\.Trace\\.RoutingTable", false, null), + new Property("Glacier2\\.Trace\\.Session", false, null), + null + }; - public static final Property Glacier2CryptPermissionsVerifierProps[] = { - new Property("Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.PermissionsVerifier", false, null), - new Property( - "Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.AdminPermissionsVerifier", false, null), - null - }; + public static final Property Glacier2CryptPermissionsVerifierProps[] = + { + new Property("Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.PermissionsVerifier", false, null), + new Property("Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.AdminPermissionsVerifier", false, null), + null + }; - public static final Property[] validProps[] = { - IceProps, - IceMXProps, - IceDiscoveryProps, - IceLocatorDiscoveryProps, - IceBoxProps, - IceBoxAdminProps, - IceBridgeProps, - IceGridAdminProps, - IceGridProps, - IceSSLProps, - IceStormAdminProps, - IceBTProps, - Glacier2Props, - Glacier2CryptPermissionsVerifierProps, - null - }; + public static final Property[] validProps[] = + { + IceProps, + IceMXProps, + IceDiscoveryProps, + IceLocatorDiscoveryProps, + IceBoxProps, + IceBoxAdminProps, + IceBridgeProps, + IceGridAdminProps, + IceGridProps, + IceSSLProps, + IceStormAdminProps, + IceBTProps, + Glacier2Props, + Glacier2CryptPermissionsVerifierProps, + null + }; - public static final String clPropNames[] = { - "Ice", - "IceMX", - "IceDiscovery", - "IceLocatorDiscovery", - "IceBox", - "IceBoxAdmin", - "IceBridge", - "IceGridAdmin", - "IceGrid", - "IceSSL", - "IceStormAdmin", - "IceBT", - "Glacier2", - "Glacier2CryptPermissionsVerifier", - null - }; + public static final String clPropNames[] = + { + "Ice", + "IceMX", + "IceDiscovery", + "IceLocatorDiscovery", + "IceBox", + "IceBoxAdmin", + "IceBridge", + "IceGridAdmin", + "IceGrid", + "IceSSL", + "IceStormAdmin", + "IceBT", + "Glacier2", + "Glacier2CryptPermissionsVerifier", + null + }; } diff --git a/js/src/Ice/PropertyNames.js b/js/src/Ice/PropertyNames.js index a6cb555d519..4f696287274 100644 --- a/js/src/Ice/PropertyNames.js +++ b/js/src/Ice/PropertyNames.js @@ -1,7 +1,7 @@ // // Copyright (c) ZeroC, Inc. All rights reserved. // -// Generated by makeprops.py from file ./config/PropertyNames.xml, Thu Apr 4 16:59:06 2024 +// Generated by makeprops.py from file .\config\PropertyNames.xml, Tue Apr 9 14:47:18 2024 // IMPORTANT: Do not edit this file -- any edits made here will be lost! From 75c25ee8238d4862a7fb61d2654e0d34c247a7ba Mon Sep 17 00:00:00 2001 From: Jose Date: Tue, 9 Apr 2024 17:05:36 +0200 Subject: [PATCH 02/28] OpenSSL fixes --- cpp/src/IceSSL/OpenSSLEngine.cpp | 6 - cpp/test/IceSSL/configuration/AllTests.cpp | 158 --------------------- 2 files changed, 164 deletions(-) diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index b2cc1436430..8da4c23e555 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -37,12 +37,6 @@ using namespace std; using namespace Ice; using namespace IceSSL; -namespace -{ - mutex staticMutex; - int instanceCount = 0; - bool initOpenSSL = false; -} extern "C" { int IceSSL_opensslPasswordCallback(char* buf, int size, int /*flag*/, void* userData) diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index 1b0e6e5c180..fee608e5b8a 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -463,71 +463,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) IceSSL::ConnectionInfoPtr info; - cout << "testing manual initialization... " << flush; - { - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12); - initData.properties->setProperty("Ice.InitPlugins", "0"); - CommunicatorPtr comm = initialize(initData); - ObjectPrx p(comm, "dummy:ssl -p 9999"); - try - { - p->ice_ping(); - test(false); - } - catch (const PluginInitializationException&) - { - // Expected. - } - catch (const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - comm->destroy(); - } - -// -// Anonymous cipher are not supported with SChannel -// -#if !defined(ICE_USE_SCHANNEL) - { - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12); - initData.properties->setProperty("Ice.InitPlugins", "0"); -# ifdef ICE_USE_OPENSSL - initData.properties->setProperty("IceSSL.Ciphers", anonCiphers); -# else - initData.properties->setProperty("IceSSL.Ciphers", "DH_anon_WITH_AES_256_CBC_SHA"); -# endif - initData.properties->setProperty("IceSSL.VerifyPeer", "0"); - CommunicatorPtr comm = initialize(initData); - PluginManagerPtr pm = comm->getPluginManager(); - pm->initializePlugins(); - Test::ServerFactoryPrx fact(comm, factoryRef); - Test::Properties d = createServerProps(defaultProps, p12); -# ifdef ICE_USE_OPENSSL - d["IceSSL.Ciphers"] = anonCiphers; -# else - d["IceSSL.Ciphers"] = "DH_anon_WITH_AES_256_CBC_SHA"; -# endif - d["IceSSL.VerifyPeer"] = "0"; - optional server = fact->createServer(d); - try - { - server->ice_ping(); - } - catch (const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - fact->destroyServer(server); - comm->destroy(); - } -#endif - cout << "ok" << endl; - cout << "testing certificate verification... " << flush; { Test::Properties d; @@ -1435,99 +1370,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) cout << "ok" << endl; #endif - cout << "testing custom certificate verifier... " << flush; - { -// -// Anonymous ciphers are not supported with SChannel. -// -#if !defined(ICE_USE_SCHANNEL) - // - // ADH is allowed but will not have a certificate. - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12); -# ifdef ICE_USE_OPENSSL - initData.properties->setProperty("IceSSL.Ciphers", anonCiphers); -# else - initData.properties->setProperty("IceSSL.Ciphers", "(DH_anon*)"); -# endif - initData.properties->setProperty("IceSSL.VerifyPeer", "0"); - CommunicatorPtr comm = initialize(initData); - - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - Test::Properties d = createServerProps(defaultProps, p12); -# ifdef ICE_USE_OPENSSL - // - // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers - // - string cipherSub = "ADH-"; - d["IceSSL.Ciphers"] = anonCiphers; -# else - string cipherSub = "DH_anon"; - d["IceSSL.Ciphers"] = "(DH_anon*)"; -# endif - d["IceSSL.VerifyPeer"] = "0"; - optional server = fact->createServer(d); - try - { - server->checkCipher(cipherSub); - info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(info->cipher.compare(0, cipherSub.size(), cipherSub) == 0); - } - catch (const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - - // Have the verifier return false. Close the connection explicitly to force a new connection to be established. - server->ice_getConnection()->close(Ice::ConnectionClose::GracefullyWithWait); - try - { - server->ice_ping(); - test(false); - } - catch (const SecurityException&) - { - // Expected. - } - catch (const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - - fact->destroyServer(server); - comm->destroy(); -#endif - } - { - // Verify that a server certificate is present. - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12, "c_rsa_ca1", "cacert1"); - initData.properties->setProperty("IceSSL.VerifyPeer", "0"); - CommunicatorPtr comm = initialize(initData); - - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - Test::Properties d = createServerProps(defaultProps, p12, "s_rsa_ca1", "cacert1"); - d["IceSSL.VerifyPeer"] = "2"; - optional server = fact->createServer(d); - try - { - server->ice_ping(); - } - catch (const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - fact->destroyServer(server); - comm->destroy(); - } - cout << "ok" << endl; - cout << "testing expired certificates... " << flush; { // From 490eb199ab540e08ceaa665f4f31bf38dc297ed8 Mon Sep 17 00:00:00 2001 From: Jose Date: Tue, 9 Apr 2024 18:09:45 +0200 Subject: [PATCH 03/28] SecureTransport fixes --- cpp/src/IceSSL/SSLEngine.h | 1 - cpp/src/IceSSL/SecureTransportEngine.cpp | 9 +-- cpp/src/IceSSL/SecureTransportUtil.cpp | 80 +++++------------------- cpp/src/IceSSL/SecureTransportUtil.h | 4 +- 4 files changed, 16 insertions(+), 78 deletions(-) diff --git a/cpp/src/IceSSL/SSLEngine.h b/cpp/src/IceSSL/SSLEngine.h index 5e3cc2f138f..8fb1008c2fa 100644 --- a/cpp/src/IceSSL/SSLEngine.h +++ b/cpp/src/IceSSL/SSLEngine.h @@ -64,7 +64,6 @@ namespace IceSSL bool _checkCertName; bool _serverNameIndication; - int _verifyDepthMax; int _verifyPeer; int _securityTraceLevel; std::string _securityTraceCategory; diff --git a/cpp/src/IceSSL/SecureTransportEngine.cpp b/cpp/src/IceSSL/SecureTransportEngine.cpp index e82fcf6050a..2db645365fd 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.cpp +++ b/cpp/src/IceSSL/SecureTransportEngine.cpp @@ -861,14 +861,7 @@ IceSSL::SecureTransport::SSLEngine::initialize() try { - _chain.reset(loadCertificateChain( - file, - keyFile, - keychain, - keychainPassword, - password, - passwordPrompt, - passwordRetryMax)); + _chain.reset(loadCertificateChain(file, keyFile, keychain, keychainPassword, password)); break; } catch (const CertificateReadException& ce) diff --git a/cpp/src/IceSSL/SecureTransportUtil.cpp b/cpp/src/IceSSL/SecureTransportUtil.cpp index 2d462a7730b..71f760b4abf 100644 --- a/cpp/src/IceSSL/SecureTransportUtil.cpp +++ b/cpp/src/IceSSL/SecureTransportUtil.cpp @@ -132,13 +132,8 @@ namespace // Load keychain items (Certificates or Private Keys) from a file. On return items param contain // the list of items, the caller must release it. // - CFArrayRef loadKeychainItems( - const string& file, - SecExternalItemType type, - SecKeychainRef keychain, - const string& passphrase, - const PasswordPromptPtr& prompt, - int retryMax) + CFArrayRef + loadKeychainItems(const string& file, SecExternalItemType type, SecKeychainRef keychain, const string& passphrase) { UniqueRef data(readCertFile(file)); @@ -159,38 +154,6 @@ namespace UniqueRef path(toCFString(file)); OSStatus err = SecItemImport(data.get(), path.get(), &format, &importType, 0, ¶ms, keychain, &items.get()); - // - // If passphrase failure and no password was configured, we obtain - // the password from the given prompt or configure the import to - // prompt the user with an alert dialog. - // - UniqueRef alertPromptHolder; - if (passphrase.empty() && - (err == errSecPassphraseRequired || err == errSecInvalidData || err == errSecPkcs12VerifyFailure)) - { - if (!prompt) - { - params.flags |= kSecKeySecurePassphrase; - ostringstream os; - os << "Enter the password for\n" << file; - alertPromptHolder.reset(toCFString(os.str())); - params.alertPrompt = alertPromptHolder.get(); - } - - int count = 0; - while ((err == errSecPassphraseRequired || err == errSecInvalidData || err == errSecPkcs12VerifyFailure) && - count < retryMax) - { - if (prompt) - { - passphraseHolder.reset(toCFString(prompt->getPassword())); - params.passphrase = passphraseHolder.get(); - } - err = SecItemImport(data.get(), path.get(), &format, &importType, 0, ¶ms, keychain, &items.get()); - ++count; - } - } - if (err != noErr) { ostringstream os; @@ -310,13 +273,8 @@ namespace // // Imports a certificate private key and optionally add it to a keychain. // - SecIdentityRef loadPrivateKey( - const string& file, - SecCertificateRef cert, - SecKeychainRef keychain, - const string& password, - const PasswordPromptPtr& prompt, - int retryMax) + SecIdentityRef + loadPrivateKey(const string& file, SecCertificateRef cert, SecKeychainRef keychain, const string& password) { // // Check if we already imported the certificate @@ -380,8 +338,7 @@ namespace // If the certificate isn't already in the keychain, load the // private key into the keychain and add the certificate. // - UniqueRef items( - loadKeychainItems(file, kSecItemTypePrivateKey, keychain, password, prompt, retryMax)); + UniqueRef items(loadKeychainItems(file, kSecItemTypePrivateKey, keychain, password)); CFIndex count = CFArrayGetCount(items.get()); UniqueRef key; for (CFIndex i = 0; i < count; ++i) @@ -564,9 +521,7 @@ IceSSL::SecureTransport::loadCertificateChain( const std::string& keychainPath, const string& keychainPassword, #endif - const string& password, - const PasswordPromptPtr& prompt, - int retryMax) + const string& password) { UniqueRef chain; #if defined(ICE_USE_SECURE_TRANSPORT_IOS) @@ -575,16 +530,9 @@ IceSSL::SecureTransport::loadCertificateChain( UniqueRef settings( CFDictionaryCreateMutable(0, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks)); UniqueRef items; - OSStatus err; - int count = 0; - do - { - items.reset(); - UniqueRef pass(toCFString(password.empty() && prompt ? prompt->getPassword() : password)); - CFDictionarySetValue(settings.get(), kSecImportExportPassphrase, pass.get()); - err = SecPKCS12Import(cert.get(), settings.get(), &items.get()); - ++count; - } while (password.empty() && prompt && err == errSecAuthFailed && count < retryMax); + UniqueRef pass(toCFString(password)); + CFDictionarySetValue(settings.get(), kSecImportExportPassphrase, pass.get()); + OSStatus err = SecPKCS12Import(cert.get(), settings.get(), &items.get()); if (err != noErr) { @@ -616,7 +564,7 @@ IceSSL::SecureTransport::loadCertificateChain( UniqueRef keychain(openKeychain(keychainPath, keychainPassword)); if (keyFile.empty()) { - chain.reset(loadKeychainItems(file, kSecItemTypeUnknown, keychain.get(), password, prompt, retryMax)); + chain.reset(loadKeychainItems(file, kSecItemTypeUnknown, keychain.get(), password)); } else { @@ -624,7 +572,7 @@ IceSSL::SecureTransport::loadCertificateChain( // Load the certificate, don't load into the keychain as it // might already have been imported. // - UniqueRef items(loadKeychainItems(file, kSecItemTypeCertificate, 0, password, prompt, retryMax)); + UniqueRef items(loadKeychainItems(file, kSecItemTypeCertificate, 0, password)); SecCertificateRef cert = static_cast(const_cast(CFArrayGetValueAtIndex(items.get(), 0))); if (SecCertificateGetTypeID() != CFGetTypeID(cert)) @@ -639,7 +587,7 @@ IceSSL::SecureTransport::loadCertificateChain( // add the certificate/key to the keychain if they aren't // already present in the keychain. // - UniqueRef identity(loadPrivateKey(keyFile, cert, keychain.get(), password, prompt, retryMax)); + UniqueRef identity(loadPrivateKey(keyFile, cert, keychain.get(), password)); chain.reset(CFArrayCreateMutableCopy(kCFAllocatorDefault, 0, items.get())); CFArraySetValueAtIndex(const_cast(chain.get()), 0, identity.get()); } @@ -656,7 +604,7 @@ IceSSL::SecureTransport::loadCertificate(const string& file) assert(CFArrayGetCount(certs.get()) > 0); cert.retain((SecCertificateRef)CFArrayGetValueAtIndex(certs.get(), 0)); #else - UniqueRef items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "", 0, 0)); + UniqueRef items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "")); cert.retain((SecCertificateRef)CFArrayGetValueAtIndex(items.get(), 0)); #endif return cert.release(); @@ -668,7 +616,7 @@ IceSSL::SecureTransport::loadCACertificates(const string& file) #if defined(ICE_USE_SECURE_TRANSPORT_IOS) return loadCerts(file); #else - UniqueRef items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "", 0, 0)); + UniqueRef items(loadKeychainItems(file, kSecItemTypeCertificate, 0, "")); UniqueRef certificateAuthorities(CFArrayCreateMutable(kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks)); CFIndex count = CFArrayGetCount(items.get()); for (CFIndex i = 0; i < count; ++i) diff --git a/cpp/src/IceSSL/SecureTransportUtil.h b/cpp/src/IceSSL/SecureTransportUtil.h index da282a7ba92..f09b0c0b535 100644 --- a/cpp/src/IceSSL/SecureTransportUtil.h +++ b/cpp/src/IceSSL/SecureTransportUtil.h @@ -32,9 +32,7 @@ namespace IceSSL const std::string&, const std::string&, const std::string&, - const std::string&, - const PasswordPromptPtr&, - int); + const std::string&); SecCertificateRef loadCertificate(const std::string&); CFArrayRef loadCACertificates(const std::string&); From 636f612d9c6f8340e79633835f58b9c718d6a93e Mon Sep 17 00:00:00 2001 From: Jose Date: Tue, 9 Apr 2024 21:47:57 +0200 Subject: [PATCH 04/28] clang format fixes --- cpp/src/Ice/PropertyNames.cpp | 120 ++++++++++++++-------------------- cpp/src/Ice/PropertyNames.h | 82 ++++++++++------------- 2 files changed, 81 insertions(+), 121 deletions(-) diff --git a/cpp/src/Ice/PropertyNames.cpp b/cpp/src/Ice/PropertyNames.cpp index d229c9e4d3c..74334db8ef0 100644 --- a/cpp/src/Ice/PropertyNames.cpp +++ b/cpp/src/Ice/PropertyNames.cpp @@ -7,8 +7,7 @@ #include "PropertyNames.h" -const IceInternal::Property IcePropsData[] = -{ +const IceInternal::Property IcePropsData[] = { IceInternal::Property("Ice.AcceptClassCycles", false, 0), IceInternal::Property("Ice.ACM.Client", true, 0), IceInternal::Property("Ice.ACM.Server", true, 0), @@ -189,11 +188,9 @@ const IceInternal::Property IcePropsData[] = }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceProps(IcePropsData, - sizeof(IcePropsData)/sizeof(IcePropsData[0])); + IceInternal::PropertyNames::IceProps(IcePropsData, sizeof(IcePropsData) / sizeof(IcePropsData[0])); -const IceInternal::Property IceMXPropsData[] = -{ +const IceInternal::Property IceMXPropsData[] = { IceInternal::Property("IceMX.Metrics.*.GroupBy", false, 0), IceInternal::Property("IceMX.Metrics.*.Map", false, 0), IceInternal::Property("IceMX.Metrics.*.RetainDetached", false, 0), @@ -203,11 +200,9 @@ const IceInternal::Property IceMXPropsData[] = }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceMXProps(IceMXPropsData, - sizeof(IceMXPropsData)/sizeof(IceMXPropsData[0])); + IceInternal::PropertyNames::IceMXProps(IceMXPropsData, sizeof(IceMXPropsData) / sizeof(IceMXPropsData[0])); -const IceInternal::Property IceDiscoveryPropsData[] = -{ +const IceInternal::Property IceDiscoveryPropsData[] = { IceInternal::Property("IceDiscovery.Multicast.ACM.Timeout", false, 0), IceInternal::Property("IceDiscovery.Multicast.ACM.Heartbeat", false, 0), IceInternal::Property("IceDiscovery.Multicast.ACM.Close", false, 0), @@ -329,12 +324,11 @@ const IceInternal::Property IceDiscoveryPropsData[] = IceInternal::Property("IceDiscovery.DomainId", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::IceDiscoveryProps(IceDiscoveryPropsData, - sizeof(IceDiscoveryPropsData)/sizeof(IceDiscoveryPropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::IceDiscoveryProps( + IceDiscoveryPropsData, + sizeof(IceDiscoveryPropsData) / sizeof(IceDiscoveryPropsData[0])); -const IceInternal::Property IceLocatorDiscoveryPropsData[] = -{ +const IceInternal::Property IceLocatorDiscoveryPropsData[] = { IceInternal::Property("IceLocatorDiscovery.Reply.ACM.Timeout", false, 0), IceInternal::Property("IceLocatorDiscovery.Reply.ACM.Heartbeat", false, 0), IceInternal::Property("IceLocatorDiscovery.Reply.ACM.Close", false, 0), @@ -420,12 +414,11 @@ const IceInternal::Property IceLocatorDiscoveryPropsData[] = IceInternal::Property("IceLocatorDiscovery.Trace.Lookup", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::IceLocatorDiscoveryProps(IceLocatorDiscoveryPropsData, - sizeof(IceLocatorDiscoveryPropsData)/sizeof(IceLocatorDiscoveryPropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::IceLocatorDiscoveryProps( + IceLocatorDiscoveryPropsData, + sizeof(IceLocatorDiscoveryPropsData) / sizeof(IceLocatorDiscoveryPropsData[0])); -const IceInternal::Property IceBoxPropsData[] = -{ +const IceInternal::Property IceBoxPropsData[] = { IceInternal::Property("IceBox.InheritProperties", false, 0), IceInternal::Property("IceBox.InstanceName", true, 0), IceInternal::Property("IceBox.LoadOrder", false, 0), @@ -446,11 +439,9 @@ const IceInternal::Property IceBoxPropsData[] = }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceBoxProps(IceBoxPropsData, - sizeof(IceBoxPropsData)/sizeof(IceBoxPropsData[0])); + IceInternal::PropertyNames::IceBoxProps(IceBoxPropsData, sizeof(IceBoxPropsData) / sizeof(IceBoxPropsData[0])); -const IceInternal::Property IceBoxAdminPropsData[] = -{ +const IceInternal::Property IceBoxAdminPropsData[] = { IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy.EndpointSelection", false, 0), IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy.ConnectionCached", false, 0), IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy.PreferSecure", false, 0), @@ -463,12 +454,11 @@ const IceInternal::Property IceBoxAdminPropsData[] = IceInternal::Property("IceBoxAdmin.ServiceManager.Proxy", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::IceBoxAdminProps(IceBoxAdminPropsData, - sizeof(IceBoxAdminPropsData)/sizeof(IceBoxAdminPropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::IceBoxAdminProps( + IceBoxAdminPropsData, + sizeof(IceBoxAdminPropsData) / sizeof(IceBoxAdminPropsData[0])); -const IceInternal::Property IceBridgePropsData[] = -{ +const IceInternal::Property IceBridgePropsData[] = { IceInternal::Property("IceBridge.Source.ACM.Timeout", false, 0), IceInternal::Property("IceBridge.Source.ACM.Heartbeat", false, 0), IceInternal::Property("IceBridge.Source.ACM.Close", false, 0), @@ -510,12 +500,11 @@ const IceInternal::Property IceBridgePropsData[] = IceInternal::Property("IceBridge.InstanceName", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::IceBridgeProps(IceBridgePropsData, - sizeof(IceBridgePropsData)/sizeof(IceBridgePropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::IceBridgeProps( + IceBridgePropsData, + sizeof(IceBridgePropsData) / sizeof(IceBridgePropsData[0])); -const IceInternal::Property IceGridAdminPropsData[] = -{ +const IceInternal::Property IceGridAdminPropsData[] = { IceInternal::Property("IceGridAdmin.AuthenticateUsingSSL", false, 0), IceInternal::Property("IceGridAdmin.MetricsConfig", false, 0), IceInternal::Property("IceGridAdmin.Username", false, 0), @@ -642,12 +631,11 @@ const IceInternal::Property IceGridAdminPropsData[] = IceInternal::Property("IceGridAdmin.Trace.SaveToRegistry", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::IceGridAdminProps(IceGridAdminPropsData, - sizeof(IceGridAdminPropsData)/sizeof(IceGridAdminPropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::IceGridAdminProps( + IceGridAdminPropsData, + sizeof(IceGridAdminPropsData) / sizeof(IceGridAdminPropsData[0])); -const IceInternal::Property IceGridPropsData[] = -{ +const IceInternal::Property IceGridPropsData[] = { IceInternal::Property("IceGrid.AdminRouter.ACM.Timeout", false, 0), IceInternal::Property("IceGrid.AdminRouter.ACM.Heartbeat", false, 0), IceInternal::Property("IceGrid.AdminRouter.ACM.Close", false, 0), @@ -1050,11 +1038,9 @@ const IceInternal::Property IceGridPropsData[] = }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceGridProps(IceGridPropsData, - sizeof(IceGridPropsData)/sizeof(IceGridPropsData[0])); + IceInternal::PropertyNames::IceGridProps(IceGridPropsData, sizeof(IceGridPropsData) / sizeof(IceGridPropsData[0])); -const IceInternal::Property IceSSLPropsData[] = -{ +const IceInternal::Property IceSSLPropsData[] = { IceInternal::Property("IceSSL.Alias", false, 0), IceInternal::Property("IceSSL.CAs", false, 0), IceInternal::Property("IceSSL.CertStore", false, 0), @@ -1089,32 +1075,27 @@ const IceInternal::Property IceSSLPropsData[] = }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceSSLProps(IceSSLPropsData, - sizeof(IceSSLPropsData)/sizeof(IceSSLPropsData[0])); + IceInternal::PropertyNames::IceSSLProps(IceSSLPropsData, sizeof(IceSSLPropsData) / sizeof(IceSSLPropsData[0])); -const IceInternal::Property IceStormAdminPropsData[] = -{ +const IceInternal::Property IceStormAdminPropsData[] = { IceInternal::Property("IceStormAdmin.TopicManager.*", false, 0), IceInternal::Property("IceStormAdmin.Host", false, 0), IceInternal::Property("IceStormAdmin.Port", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::IceStormAdminProps(IceStormAdminPropsData, - sizeof(IceStormAdminPropsData)/sizeof(IceStormAdminPropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::IceStormAdminProps( + IceStormAdminPropsData, + sizeof(IceStormAdminPropsData) / sizeof(IceStormAdminPropsData[0])); -const IceInternal::Property IceBTPropsData[] = -{ +const IceInternal::Property IceBTPropsData[] = { IceInternal::Property("IceBT.RcvSize", false, 0), IceInternal::Property("IceBT.SndSize", false, 0), }; const IceInternal::PropertyArray - IceInternal::PropertyNames::IceBTProps(IceBTPropsData, - sizeof(IceBTPropsData)/sizeof(IceBTPropsData[0])); + IceInternal::PropertyNames::IceBTProps(IceBTPropsData, sizeof(IceBTPropsData) / sizeof(IceBTPropsData[0])); -const IceInternal::Property Glacier2PropsData[] = -{ +const IceInternal::Property Glacier2PropsData[] = { IceInternal::Property("Glacier2.AddConnectionContext", false, 0), IceInternal::Property("Glacier2.Client.ACM.Timeout", false, 0), IceInternal::Property("Glacier2.Client.ACM.Heartbeat", false, 0), @@ -1256,22 +1237,20 @@ const IceInternal::Property Glacier2PropsData[] = IceInternal::Property("Glacier2.Trace.Session", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::Glacier2Props(Glacier2PropsData, - sizeof(Glacier2PropsData)/sizeof(Glacier2PropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::Glacier2Props( + Glacier2PropsData, + sizeof(Glacier2PropsData) / sizeof(Glacier2PropsData[0])); -const IceInternal::Property Glacier2CryptPermissionsVerifierPropsData[] = -{ +const IceInternal::Property Glacier2CryptPermissionsVerifierPropsData[] = { IceInternal::Property("Glacier2CryptPermissionsVerifier.*.PermissionsVerifier", false, 0), IceInternal::Property("Glacier2CryptPermissionsVerifier.*.AdminPermissionsVerifier", false, 0), }; -const IceInternal::PropertyArray - IceInternal::PropertyNames::Glacier2CryptPermissionsVerifierProps(Glacier2CryptPermissionsVerifierPropsData, - sizeof(Glacier2CryptPermissionsVerifierPropsData)/sizeof(Glacier2CryptPermissionsVerifierPropsData[0])); +const IceInternal::PropertyArray IceInternal::PropertyNames::Glacier2CryptPermissionsVerifierProps( + Glacier2CryptPermissionsVerifierPropsData, + sizeof(Glacier2CryptPermissionsVerifierPropsData) / sizeof(Glacier2CryptPermissionsVerifierPropsData[0])); -const IceInternal::PropertyArray IceInternal::PropertyNames::validProps[] = -{ +const IceInternal::PropertyArray IceInternal::PropertyNames::validProps[] = { IceProps, IceMXProps, IceDiscoveryProps, @@ -1286,11 +1265,9 @@ const IceInternal::PropertyArray IceInternal::PropertyNames::validProps[] = IceBTProps, Glacier2Props, Glacier2CryptPermissionsVerifierProps, - IceInternal::PropertyArray(0,0) -}; + IceInternal::PropertyArray(0, 0)}; -const char* IceInternal::PropertyNames::clPropNames[] = -{ +const char* IceInternal::PropertyNames::clPropNames[] = { "Ice", "IceMX", "IceDiscovery", @@ -1305,5 +1282,4 @@ const char* IceInternal::PropertyNames::clPropNames[] = "IceBT", "Glacier2", "Glacier2CryptPermissionsVerifier", - 0 -}; + 0}; diff --git a/cpp/src/Ice/PropertyNames.h b/cpp/src/Ice/PropertyNames.h index 51ac6790298..77f68206fdb 100644 --- a/cpp/src/Ice/PropertyNames.h +++ b/cpp/src/Ice/PropertyNames.h @@ -13,62 +13,46 @@ namespace IceInternal { -struct Property -{ - const char* pattern; - bool deprecated; - const char* deprecatedBy; - - Property(const char* n, bool d, const char* b) : - pattern(n), - deprecated(d), - deprecatedBy(b) - { - } - - Property() : - pattern(0), - deprecated(false), - deprecatedBy(0) + struct Property { - } + const char* pattern; + bool deprecated; + const char* deprecatedBy; -}; + Property(const char* n, bool d, const char* b) : pattern(n), deprecated(d), deprecatedBy(b) {} -struct PropertyArray -{ - const Property* properties; - const int length; + Property() : pattern(0), deprecated(false), deprecatedBy(0) {} + }; - PropertyArray(const Property* p, size_t len) : - properties(p), - length(static_cast(len)) + struct PropertyArray { - } -}; - -class PropertyNames -{ -public: + const Property* properties; + const int length; - static const PropertyArray IceProps; - static const PropertyArray IceMXProps; - static const PropertyArray IceDiscoveryProps; - static const PropertyArray IceLocatorDiscoveryProps; - static const PropertyArray IceBoxProps; - static const PropertyArray IceBoxAdminProps; - static const PropertyArray IceBridgeProps; - static const PropertyArray IceGridAdminProps; - static const PropertyArray IceGridProps; - static const PropertyArray IceSSLProps; - static const PropertyArray IceStormAdminProps; - static const PropertyArray IceBTProps; - static const PropertyArray Glacier2Props; - static const PropertyArray Glacier2CryptPermissionsVerifierProps; + PropertyArray(const Property* p, size_t len) : properties(p), length(static_cast(len)) {} + }; - static const PropertyArray validProps[]; - static const char * clPropNames[]; -}; + class PropertyNames + { + public: + static const PropertyArray IceProps; + static const PropertyArray IceMXProps; + static const PropertyArray IceDiscoveryProps; + static const PropertyArray IceLocatorDiscoveryProps; + static const PropertyArray IceBoxProps; + static const PropertyArray IceBoxAdminProps; + static const PropertyArray IceBridgeProps; + static const PropertyArray IceGridAdminProps; + static const PropertyArray IceGridProps; + static const PropertyArray IceSSLProps; + static const PropertyArray IceStormAdminProps; + static const PropertyArray IceBTProps; + static const PropertyArray Glacier2Props; + static const PropertyArray Glacier2CryptPermissionsVerifierProps; + + static const PropertyArray validProps[]; + static const char* clPropNames[]; + }; } From 076fc019d25cc66aad3c47533cb5748d31e2d0bc Mon Sep 17 00:00:00 2001 From: Jose Date: Wed, 10 Apr 2024 11:44:23 +0200 Subject: [PATCH 05/28] Cleanup / Fixes --- csharp/test/IceSSL/configuration/AllTests.cs | 1 - .../com/zeroc/IceInternal/PropertyNames.java | 2498 +++++++++-------- .../main/java/com/zeroc/IceSSL/SSLEngine.java | 28 - .../test/IceSSL/configuration/AllTests.java | 179 -- swift/src/Ice/CommunicatorI.swift | 18 - swift/src/IceImpl/Communicator.h | 2 - swift/src/IceImpl/Communicator.mm | 19 - .../test/IceSSL/configuration/AllTests.swift | 358 +-- 8 files changed, 1260 insertions(+), 1843 deletions(-) diff --git a/csharp/test/IceSSL/configuration/AllTests.cs b/csharp/test/IceSSL/configuration/AllTests.cs index cf51604f23a..4e6650af646 100644 --- a/csharp/test/IceSSL/configuration/AllTests.cs +++ b/csharp/test/IceSSL/configuration/AllTests.cs @@ -1805,7 +1805,6 @@ public static Test.ServerFactoryPrx allTests(Test.TestHelper helper, string test retryCount = 0; initData = createClientProps(defaultProperties); initData.properties.setProperty("IceSSL.DefaultDir", ""); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "5"); initData.properties.setProperty("Ice.Override.Timeout", "5000"); // 5s timeout initData.properties.setProperty("IceSSL.UsePlatformCAs", "1"); comm = Ice.Util.initialize(initData); diff --git a/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java b/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java index 38b2518bd5e..33b4e86eadf 100644 --- a/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java +++ b/java/src/Ice/src/main/java/com/zeroc/IceInternal/PropertyNames.java @@ -7,1264 +7,1272 @@ package com.zeroc.IceInternal; -public final class PropertyNames -{ - public static final Property IceProps[] = - { - new Property("Ice\\.AcceptClassCycles", false, null), - new Property("Ice\\.ACM\\.Client", true, null), - new Property("Ice\\.ACM\\.Server", true, null), - new Property("Ice\\.ACM\\.Timeout", false, null), - new Property("Ice\\.ACM\\.Heartbeat", false, null), - new Property("Ice\\.ACM\\.Close", false, null), - new Property("Ice\\.ACM", false, null), - new Property("Ice\\.ACM\\.Client\\.Timeout", false, null), - new Property("Ice\\.ACM\\.Client\\.Heartbeat", false, null), - new Property("Ice\\.ACM\\.Client\\.Close", false, null), - new Property("Ice\\.ACM\\.Client", false, null), - new Property("Ice\\.ACM\\.Server\\.Timeout", false, null), - new Property("Ice\\.ACM\\.Server\\.Heartbeat", false, null), - new Property("Ice\\.ACM\\.Server\\.Close", false, null), - new Property("Ice\\.ACM\\.Server", false, null), - new Property("Ice\\.Admin\\.ACM\\.Timeout", false, null), - new Property("Ice\\.Admin\\.ACM\\.Heartbeat", false, null), - new Property("Ice\\.Admin\\.ACM\\.Close", false, null), - new Property("Ice\\.Admin\\.ACM", false, null), - new Property("Ice\\.Admin\\.AdapterId", false, null), - new Property("Ice\\.Admin\\.Endpoints", false, null), - new Property("Ice\\.Admin\\.Locator\\.EndpointSelection", false, null), - new Property("Ice\\.Admin\\.Locator\\.ConnectionCached", false, null), - new Property("Ice\\.Admin\\.Locator\\.PreferSecure", false, null), - new Property("Ice\\.Admin\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Admin\\.Locator\\.InvocationTimeout", false, null), - new Property("Ice\\.Admin\\.Locator\\.Locator", false, null), - new Property("Ice\\.Admin\\.Locator\\.Router", false, null), - new Property("Ice\\.Admin\\.Locator\\.CollocationOptimized", false, null), - new Property("Ice\\.Admin\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Admin\\.Locator", false, null), - new Property("Ice\\.Admin\\.PublishedEndpoints", false, null), - new Property("Ice\\.Admin\\.ReplicaGroupId", false, null), - new Property("Ice\\.Admin\\.Router\\.EndpointSelection", false, null), - new Property("Ice\\.Admin\\.Router\\.ConnectionCached", false, null), - new Property("Ice\\.Admin\\.Router\\.PreferSecure", false, null), - new Property("Ice\\.Admin\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Admin\\.Router\\.InvocationTimeout", false, null), - new Property("Ice\\.Admin\\.Router\\.Locator", false, null), - new Property("Ice\\.Admin\\.Router\\.Router", false, null), - new Property("Ice\\.Admin\\.Router\\.CollocationOptimized", false, null), - new Property("Ice\\.Admin\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Admin\\.Router", false, null), - new Property("Ice\\.Admin\\.ProxyOptions", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.Size", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.SizeMax", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.SizeWarn", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.StackSize", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.Serialize", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("Ice\\.Admin\\.ThreadPool\\.ThreadPriority", false, null), - new Property("Ice\\.Admin\\.MessageSizeMax", false, null), - new Property("Ice\\.Admin\\.DelayCreation", false, null), - new Property("Ice\\.Admin\\.Enabled", false, null), - new Property("Ice\\.Admin\\.Facets", false, null), - new Property("Ice\\.Admin\\.InstanceName", false, null), - new Property("Ice\\.Admin\\.Logger\\.KeepLogs", false, null), - new Property("Ice\\.Admin\\.Logger\\.KeepTraces", false, null), - new Property("Ice\\.Admin\\.Logger\\.Properties", false, null), - new Property("Ice\\.Admin\\.ServerId", false, null), - new Property("Ice\\.BackgroundLocatorCacheUpdates", false, null), - new Property("Ice\\.BatchAutoFlush", true, null), - new Property("Ice\\.BatchAutoFlushSize", false, null), - new Property("Ice\\.ChangeUser", false, null), - new Property("Ice\\.ClassGraphDepthMax", false, null), - new Property("Ice\\.ClientAccessPolicyProtocol", false, null), - new Property("Ice\\.Compression\\.Level", false, null), - new Property("Ice\\.Config", false, null), - new Property("Ice\\.ConsoleListener", false, null), - new Property("Ice\\.Default\\.CollocationOptimized", false, null), - new Property("Ice\\.Default\\.EncodingVersion", false, null), - new Property("Ice\\.Default\\.EndpointSelection", false, null), - new Property("Ice\\.Default\\.Host", false, null), - new Property("Ice\\.Default\\.Locator\\.EndpointSelection", false, null), - new Property("Ice\\.Default\\.Locator\\.ConnectionCached", false, null), - new Property("Ice\\.Default\\.Locator\\.PreferSecure", false, null), - new Property("Ice\\.Default\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Default\\.Locator\\.InvocationTimeout", false, null), - new Property("Ice\\.Default\\.Locator\\.Locator", false, null), - new Property("Ice\\.Default\\.Locator\\.Router", false, null), - new Property("Ice\\.Default\\.Locator\\.CollocationOptimized", false, null), - new Property("Ice\\.Default\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Default\\.Locator", false, null), - new Property("Ice\\.Default\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Default\\.InvocationTimeout", false, null), - new Property("Ice\\.Default\\.Package", false, null), - new Property("Ice\\.Default\\.PreferSecure", false, null), - new Property("Ice\\.Default\\.Protocol", false, null), - new Property("Ice\\.Default\\.Router\\.EndpointSelection", false, null), - new Property("Ice\\.Default\\.Router\\.ConnectionCached", false, null), - new Property("Ice\\.Default\\.Router\\.PreferSecure", false, null), - new Property("Ice\\.Default\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Ice\\.Default\\.Router\\.InvocationTimeout", false, null), - new Property("Ice\\.Default\\.Router\\.Locator", false, null), - new Property("Ice\\.Default\\.Router\\.Router", false, null), - new Property("Ice\\.Default\\.Router\\.CollocationOptimized", false, null), - new Property("Ice\\.Default\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Ice\\.Default\\.Router", false, null), - new Property("Ice\\.Default\\.SlicedFormat", false, null), - new Property("Ice\\.Default\\.SourceAddress", false, null), - new Property("Ice\\.Default\\.Timeout", false, null), - new Property("Ice\\.EventLog\\.Source", false, null), - new Property("Ice\\.FactoryAssemblies", false, null), - new Property("Ice\\.HTTPProxyHost", false, null), - new Property("Ice\\.HTTPProxyPort", false, null), - new Property("Ice\\.ImplicitContext", false, null), - new Property("Ice\\.InitPlugins", false, null), - new Property("Ice\\.IPv4", false, null), - new Property("Ice\\.IPv6", false, null), - new Property("Ice\\.LogFile", false, null), - new Property("Ice\\.LogFile\\.SizeMax", false, null), - new Property("Ice\\.LogStdErr\\.Convert", false, null), - new Property("Ice\\.MessageSizeMax", false, null), - new Property("Ice\\.Nohup", false, null), - new Property("Ice\\.Override\\.CloseTimeout", false, null), - new Property("Ice\\.Override\\.Compress", false, null), - new Property("Ice\\.Override\\.ConnectTimeout", false, null), - new Property("Ice\\.Override\\.Timeout", false, null), - new Property("Ice\\.Override\\.Secure", false, null), - new Property("Ice\\.Package\\.[^\\s]+", false, null), - new Property("Ice\\.Plugin\\.[^\\s]+", false, null), - new Property("Ice\\.PluginLoadOrder", false, null), - new Property("Ice\\.PreferIPv6Address", false, null), - new Property("Ice\\.PreloadAssemblies", false, null), - new Property("Ice\\.PrintAdapterReady", false, null), - new Property("Ice\\.PrintProcessId", false, null), - new Property("Ice\\.PrintStackTraces", false, null), - new Property("Ice\\.ProgramName", false, null), - new Property("Ice\\.RetryIntervals", false, null), - new Property("Ice\\.ServerIdleTime", false, null), - new Property("Ice\\.SOCKSProxyHost", false, null), - new Property("Ice\\.SOCKSProxyPort", false, null), - new Property("Ice\\.StdErr", false, null), - new Property("Ice\\.StdOut", false, null), - new Property("Ice\\.SyslogFacility", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.Size", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.SizeMax", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.SizeWarn", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.StackSize", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.Serialize", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.ThreadIdleTime", false, null), - new Property("Ice\\.ThreadPool\\.Client\\.ThreadPriority", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.Size", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.SizeMax", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.SizeWarn", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.StackSize", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.Serialize", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.ThreadIdleTime", false, null), - new Property("Ice\\.ThreadPool\\.Server\\.ThreadPriority", false, null), - new Property("Ice\\.ThreadPriority", false, null), - new Property("Ice\\.ToStringMode", false, null), - new Property("Ice\\.Trace\\.Admin\\.Properties", false, null), - new Property("Ice\\.Trace\\.Admin\\.Logger", false, null), - new Property("Ice\\.Trace\\.Locator", false, null), - new Property("Ice\\.Trace\\.Network", false, null), - new Property("Ice\\.Trace\\.Protocol", false, null), - new Property("Ice\\.Trace\\.Retry", false, null), - new Property("Ice\\.Trace\\.Slicing", false, null), - new Property("Ice\\.Trace\\.ThreadPool", false, null), - new Property("Ice\\.UDP\\.RcvSize", false, null), - new Property("Ice\\.UDP\\.SndSize", false, null), - new Property("Ice\\.TCP\\.Backlog", false, null), - new Property("Ice\\.TCP\\.RcvSize", false, null), - new Property("Ice\\.TCP\\.SndSize", false, null), - new Property("Ice\\.UseApplicationClassLoader", false, null), - new Property("Ice\\.UseOSLog", false, null), - new Property("Ice\\.UseSyslog", false, null), - new Property("Ice\\.UseSystemdJournal", false, null), - new Property("Ice\\.Warn\\.AMICallback", false, null), - new Property("Ice\\.Warn\\.Connections", false, null), - new Property("Ice\\.Warn\\.Datagrams", false, null), - new Property("Ice\\.Warn\\.Dispatch", false, null), - new Property("Ice\\.Warn\\.Endpoints", false, null), - new Property("Ice\\.Warn\\.UnknownProperties", false, null), - new Property("Ice\\.Warn\\.UnusedProperties", false, null), - new Property("Ice\\.CacheMessageBuffers", false, null), - new Property("Ice\\.ThreadInterruptSafe", false, null), - null - }; +public final class PropertyNames { + public static final Property IceProps[] = { + new Property("Ice\\.AcceptClassCycles", false, null), + new Property("Ice\\.ACM\\.Client", true, null), + new Property("Ice\\.ACM\\.Server", true, null), + new Property("Ice\\.ACM\\.Timeout", false, null), + new Property("Ice\\.ACM\\.Heartbeat", false, null), + new Property("Ice\\.ACM\\.Close", false, null), + new Property("Ice\\.ACM", false, null), + new Property("Ice\\.ACM\\.Client\\.Timeout", false, null), + new Property("Ice\\.ACM\\.Client\\.Heartbeat", false, null), + new Property("Ice\\.ACM\\.Client\\.Close", false, null), + new Property("Ice\\.ACM\\.Client", false, null), + new Property("Ice\\.ACM\\.Server\\.Timeout", false, null), + new Property("Ice\\.ACM\\.Server\\.Heartbeat", false, null), + new Property("Ice\\.ACM\\.Server\\.Close", false, null), + new Property("Ice\\.ACM\\.Server", false, null), + new Property("Ice\\.Admin\\.ACM\\.Timeout", false, null), + new Property("Ice\\.Admin\\.ACM\\.Heartbeat", false, null), + new Property("Ice\\.Admin\\.ACM\\.Close", false, null), + new Property("Ice\\.Admin\\.ACM", false, null), + new Property("Ice\\.Admin\\.AdapterId", false, null), + new Property("Ice\\.Admin\\.Endpoints", false, null), + new Property("Ice\\.Admin\\.Locator\\.EndpointSelection", false, null), + new Property("Ice\\.Admin\\.Locator\\.ConnectionCached", false, null), + new Property("Ice\\.Admin\\.Locator\\.PreferSecure", false, null), + new Property("Ice\\.Admin\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Admin\\.Locator\\.InvocationTimeout", false, null), + new Property("Ice\\.Admin\\.Locator\\.Locator", false, null), + new Property("Ice\\.Admin\\.Locator\\.Router", false, null), + new Property("Ice\\.Admin\\.Locator\\.CollocationOptimized", false, null), + new Property("Ice\\.Admin\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Admin\\.Locator", false, null), + new Property("Ice\\.Admin\\.PublishedEndpoints", false, null), + new Property("Ice\\.Admin\\.ReplicaGroupId", false, null), + new Property("Ice\\.Admin\\.Router\\.EndpointSelection", false, null), + new Property("Ice\\.Admin\\.Router\\.ConnectionCached", false, null), + new Property("Ice\\.Admin\\.Router\\.PreferSecure", false, null), + new Property("Ice\\.Admin\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Admin\\.Router\\.InvocationTimeout", false, null), + new Property("Ice\\.Admin\\.Router\\.Locator", false, null), + new Property("Ice\\.Admin\\.Router\\.Router", false, null), + new Property("Ice\\.Admin\\.Router\\.CollocationOptimized", false, null), + new Property("Ice\\.Admin\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Admin\\.Router", false, null), + new Property("Ice\\.Admin\\.ProxyOptions", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.Size", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.SizeMax", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.SizeWarn", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.StackSize", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.Serialize", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("Ice\\.Admin\\.ThreadPool\\.ThreadPriority", false, null), + new Property("Ice\\.Admin\\.MessageSizeMax", false, null), + new Property("Ice\\.Admin\\.DelayCreation", false, null), + new Property("Ice\\.Admin\\.Enabled", false, null), + new Property("Ice\\.Admin\\.Facets", false, null), + new Property("Ice\\.Admin\\.InstanceName", false, null), + new Property("Ice\\.Admin\\.Logger\\.KeepLogs", false, null), + new Property("Ice\\.Admin\\.Logger\\.KeepTraces", false, null), + new Property("Ice\\.Admin\\.Logger\\.Properties", false, null), + new Property("Ice\\.Admin\\.ServerId", false, null), + new Property("Ice\\.BackgroundLocatorCacheUpdates", false, null), + new Property("Ice\\.BatchAutoFlush", true, null), + new Property("Ice\\.BatchAutoFlushSize", false, null), + new Property("Ice\\.ChangeUser", false, null), + new Property("Ice\\.ClassGraphDepthMax", false, null), + new Property("Ice\\.ClientAccessPolicyProtocol", false, null), + new Property("Ice\\.Compression\\.Level", false, null), + new Property("Ice\\.Config", false, null), + new Property("Ice\\.ConsoleListener", false, null), + new Property("Ice\\.Default\\.CollocationOptimized", false, null), + new Property("Ice\\.Default\\.EncodingVersion", false, null), + new Property("Ice\\.Default\\.EndpointSelection", false, null), + new Property("Ice\\.Default\\.Host", false, null), + new Property("Ice\\.Default\\.Locator\\.EndpointSelection", false, null), + new Property("Ice\\.Default\\.Locator\\.ConnectionCached", false, null), + new Property("Ice\\.Default\\.Locator\\.PreferSecure", false, null), + new Property("Ice\\.Default\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Default\\.Locator\\.InvocationTimeout", false, null), + new Property("Ice\\.Default\\.Locator\\.Locator", false, null), + new Property("Ice\\.Default\\.Locator\\.Router", false, null), + new Property("Ice\\.Default\\.Locator\\.CollocationOptimized", false, null), + new Property("Ice\\.Default\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Default\\.Locator", false, null), + new Property("Ice\\.Default\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Default\\.InvocationTimeout", false, null), + new Property("Ice\\.Default\\.Package", false, null), + new Property("Ice\\.Default\\.PreferSecure", false, null), + new Property("Ice\\.Default\\.Protocol", false, null), + new Property("Ice\\.Default\\.Router\\.EndpointSelection", false, null), + new Property("Ice\\.Default\\.Router\\.ConnectionCached", false, null), + new Property("Ice\\.Default\\.Router\\.PreferSecure", false, null), + new Property("Ice\\.Default\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Ice\\.Default\\.Router\\.InvocationTimeout", false, null), + new Property("Ice\\.Default\\.Router\\.Locator", false, null), + new Property("Ice\\.Default\\.Router\\.Router", false, null), + new Property("Ice\\.Default\\.Router\\.CollocationOptimized", false, null), + new Property("Ice\\.Default\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Ice\\.Default\\.Router", false, null), + new Property("Ice\\.Default\\.SlicedFormat", false, null), + new Property("Ice\\.Default\\.SourceAddress", false, null), + new Property("Ice\\.Default\\.Timeout", false, null), + new Property("Ice\\.EventLog\\.Source", false, null), + new Property("Ice\\.FactoryAssemblies", false, null), + new Property("Ice\\.HTTPProxyHost", false, null), + new Property("Ice\\.HTTPProxyPort", false, null), + new Property("Ice\\.ImplicitContext", false, null), + new Property("Ice\\.InitPlugins", false, null), + new Property("Ice\\.IPv4", false, null), + new Property("Ice\\.IPv6", false, null), + new Property("Ice\\.LogFile", false, null), + new Property("Ice\\.LogFile\\.SizeMax", false, null), + new Property("Ice\\.LogStdErr\\.Convert", false, null), + new Property("Ice\\.MessageSizeMax", false, null), + new Property("Ice\\.Nohup", false, null), + new Property("Ice\\.Override\\.CloseTimeout", false, null), + new Property("Ice\\.Override\\.Compress", false, null), + new Property("Ice\\.Override\\.ConnectTimeout", false, null), + new Property("Ice\\.Override\\.Timeout", false, null), + new Property("Ice\\.Override\\.Secure", false, null), + new Property("Ice\\.Package\\.[^\\s]+", false, null), + new Property("Ice\\.Plugin\\.[^\\s]+", false, null), + new Property("Ice\\.PluginLoadOrder", false, null), + new Property("Ice\\.PreferIPv6Address", false, null), + new Property("Ice\\.PreloadAssemblies", false, null), + new Property("Ice\\.PrintAdapterReady", false, null), + new Property("Ice\\.PrintProcessId", false, null), + new Property("Ice\\.PrintStackTraces", false, null), + new Property("Ice\\.ProgramName", false, null), + new Property("Ice\\.RetryIntervals", false, null), + new Property("Ice\\.ServerIdleTime", false, null), + new Property("Ice\\.SOCKSProxyHost", false, null), + new Property("Ice\\.SOCKSProxyPort", false, null), + new Property("Ice\\.StdErr", false, null), + new Property("Ice\\.StdOut", false, null), + new Property("Ice\\.SyslogFacility", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.Size", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.SizeMax", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.SizeWarn", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.StackSize", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.Serialize", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.ThreadIdleTime", false, null), + new Property("Ice\\.ThreadPool\\.Client\\.ThreadPriority", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.Size", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.SizeMax", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.SizeWarn", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.StackSize", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.Serialize", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.ThreadIdleTime", false, null), + new Property("Ice\\.ThreadPool\\.Server\\.ThreadPriority", false, null), + new Property("Ice\\.ThreadPriority", false, null), + new Property("Ice\\.ToStringMode", false, null), + new Property("Ice\\.Trace\\.Admin\\.Properties", false, null), + new Property("Ice\\.Trace\\.Admin\\.Logger", false, null), + new Property("Ice\\.Trace\\.Locator", false, null), + new Property("Ice\\.Trace\\.Network", false, null), + new Property("Ice\\.Trace\\.Protocol", false, null), + new Property("Ice\\.Trace\\.Retry", false, null), + new Property("Ice\\.Trace\\.Slicing", false, null), + new Property("Ice\\.Trace\\.ThreadPool", false, null), + new Property("Ice\\.UDP\\.RcvSize", false, null), + new Property("Ice\\.UDP\\.SndSize", false, null), + new Property("Ice\\.TCP\\.Backlog", false, null), + new Property("Ice\\.TCP\\.RcvSize", false, null), + new Property("Ice\\.TCP\\.SndSize", false, null), + new Property("Ice\\.UseApplicationClassLoader", false, null), + new Property("Ice\\.UseOSLog", false, null), + new Property("Ice\\.UseSyslog", false, null), + new Property("Ice\\.UseSystemdJournal", false, null), + new Property("Ice\\.Warn\\.AMICallback", false, null), + new Property("Ice\\.Warn\\.Connections", false, null), + new Property("Ice\\.Warn\\.Datagrams", false, null), + new Property("Ice\\.Warn\\.Dispatch", false, null), + new Property("Ice\\.Warn\\.Endpoints", false, null), + new Property("Ice\\.Warn\\.UnknownProperties", false, null), + new Property("Ice\\.Warn\\.UnusedProperties", false, null), + new Property("Ice\\.CacheMessageBuffers", false, null), + new Property("Ice\\.ThreadInterruptSafe", false, null), + null + }; - public static final Property IceMXProps[] = - { - new Property("IceMX\\.Metrics\\.[^\\s]+\\.GroupBy", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.Map", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.RetainDetached", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.Accept", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+\\.Reject", false, null), - new Property("IceMX\\.Metrics\\.[^\\s]+", false, null), - null - }; + public static final Property IceMXProps[] = { + new Property("IceMX\\.Metrics\\.[^\\s]+\\.GroupBy", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.Map", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.RetainDetached", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.Accept", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+\\.Reject", false, null), + new Property("IceMX\\.Metrics\\.[^\\s]+", false, null), + null + }; - public static final Property IceDiscoveryProps[] = - { - new Property("IceDiscovery\\.Multicast\\.ACM\\.Timeout", false, null), - new Property("IceDiscovery\\.Multicast\\.ACM\\.Heartbeat", false, null), - new Property("IceDiscovery\\.Multicast\\.ACM\\.Close", false, null), - new Property("IceDiscovery\\.Multicast\\.ACM", false, null), - new Property("IceDiscovery\\.Multicast\\.AdapterId", false, null), - new Property("IceDiscovery\\.Multicast\\.Endpoints", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Multicast\\.Locator", false, null), - new Property("IceDiscovery\\.Multicast\\.PublishedEndpoints", false, null), - new Property("IceDiscovery\\.Multicast\\.ReplicaGroupId", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.Locator", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.Router", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Multicast\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Multicast\\.Router", false, null), - new Property("IceDiscovery\\.Multicast\\.ProxyOptions", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Size", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeMax", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.StackSize", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Serialize", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceDiscovery\\.Multicast\\.MessageSizeMax", false, null), - new Property("IceDiscovery\\.Reply\\.ACM\\.Timeout", false, null), - new Property("IceDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), - new Property("IceDiscovery\\.Reply\\.ACM\\.Close", false, null), - new Property("IceDiscovery\\.Reply\\.ACM", false, null), - new Property("IceDiscovery\\.Reply\\.AdapterId", false, null), - new Property("IceDiscovery\\.Reply\\.Endpoints", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Reply\\.Locator", false, null), - new Property("IceDiscovery\\.Reply\\.PublishedEndpoints", false, null), - new Property("IceDiscovery\\.Reply\\.ReplicaGroupId", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.Locator", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.Router", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Reply\\.Router", false, null), - new Property("IceDiscovery\\.Reply\\.ProxyOptions", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceDiscovery\\.Reply\\.MessageSizeMax", false, null), - new Property("IceDiscovery\\.Locator\\.ACM\\.Timeout", false, null), - new Property("IceDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), - new Property("IceDiscovery\\.Locator\\.ACM\\.Close", false, null), - new Property("IceDiscovery\\.Locator\\.ACM", false, null), - new Property("IceDiscovery\\.Locator\\.AdapterId", false, null), - new Property("IceDiscovery\\.Locator\\.Endpoints", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Locator\\.Locator", false, null), - new Property("IceDiscovery\\.Locator\\.PublishedEndpoints", false, null), - new Property("IceDiscovery\\.Locator\\.ReplicaGroupId", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.Locator", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.Router", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), - new Property("IceDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceDiscovery\\.Locator\\.Router", false, null), - new Property("IceDiscovery\\.Locator\\.ProxyOptions", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceDiscovery\\.Locator\\.MessageSizeMax", false, null), - new Property("IceDiscovery\\.Lookup", false, null), - new Property("IceDiscovery\\.Timeout", false, null), - new Property("IceDiscovery\\.RetryCount", false, null), - new Property("IceDiscovery\\.LatencyMultiplier", false, null), - new Property("IceDiscovery\\.Address", false, null), - new Property("IceDiscovery\\.Port", false, null), - new Property("IceDiscovery\\.Interface", false, null), - new Property("IceDiscovery\\.DomainId", false, null), - null - }; + public static final Property IceDiscoveryProps[] = { + new Property("IceDiscovery\\.Multicast\\.ACM\\.Timeout", false, null), + new Property("IceDiscovery\\.Multicast\\.ACM\\.Heartbeat", false, null), + new Property("IceDiscovery\\.Multicast\\.ACM\\.Close", false, null), + new Property("IceDiscovery\\.Multicast\\.ACM", false, null), + new Property("IceDiscovery\\.Multicast\\.AdapterId", false, null), + new Property("IceDiscovery\\.Multicast\\.Endpoints", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Multicast\\.Locator", false, null), + new Property("IceDiscovery\\.Multicast\\.PublishedEndpoints", false, null), + new Property("IceDiscovery\\.Multicast\\.ReplicaGroupId", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.Locator", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.Router", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Multicast\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Multicast\\.Router", false, null), + new Property("IceDiscovery\\.Multicast\\.ProxyOptions", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Size", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeMax", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.StackSize", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.Serialize", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceDiscovery\\.Multicast\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceDiscovery\\.Multicast\\.MessageSizeMax", false, null), + new Property("IceDiscovery\\.Reply\\.ACM\\.Timeout", false, null), + new Property("IceDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), + new Property("IceDiscovery\\.Reply\\.ACM\\.Close", false, null), + new Property("IceDiscovery\\.Reply\\.ACM", false, null), + new Property("IceDiscovery\\.Reply\\.AdapterId", false, null), + new Property("IceDiscovery\\.Reply\\.Endpoints", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Reply\\.Locator", false, null), + new Property("IceDiscovery\\.Reply\\.PublishedEndpoints", false, null), + new Property("IceDiscovery\\.Reply\\.ReplicaGroupId", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.Locator", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.Router", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Reply\\.Router", false, null), + new Property("IceDiscovery\\.Reply\\.ProxyOptions", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceDiscovery\\.Reply\\.MessageSizeMax", false, null), + new Property("IceDiscovery\\.Locator\\.ACM\\.Timeout", false, null), + new Property("IceDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), + new Property("IceDiscovery\\.Locator\\.ACM\\.Close", false, null), + new Property("IceDiscovery\\.Locator\\.ACM", false, null), + new Property("IceDiscovery\\.Locator\\.AdapterId", false, null), + new Property("IceDiscovery\\.Locator\\.Endpoints", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Locator\\.Locator", false, null), + new Property("IceDiscovery\\.Locator\\.PublishedEndpoints", false, null), + new Property("IceDiscovery\\.Locator\\.ReplicaGroupId", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.Locator", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.Router", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), + new Property("IceDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceDiscovery\\.Locator\\.Router", false, null), + new Property("IceDiscovery\\.Locator\\.ProxyOptions", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceDiscovery\\.Locator\\.MessageSizeMax", false, null), + new Property("IceDiscovery\\.Lookup", false, null), + new Property("IceDiscovery\\.Timeout", false, null), + new Property("IceDiscovery\\.RetryCount", false, null), + new Property("IceDiscovery\\.LatencyMultiplier", false, null), + new Property("IceDiscovery\\.Address", false, null), + new Property("IceDiscovery\\.Port", false, null), + new Property("IceDiscovery\\.Interface", false, null), + new Property("IceDiscovery\\.DomainId", false, null), + null + }; - public static final Property IceLocatorDiscoveryProps[] = - { - new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Timeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Close", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ACM", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.AdapterId", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Endpoints", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.PublishedEndpoints", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ReplicaGroupId", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ProxyOptions", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceLocatorDiscovery\\.Reply\\.MessageSizeMax", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Timeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Close", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ACM", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.AdapterId", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Endpoints", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.PublishedEndpoints", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ReplicaGroupId", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Locator", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.Router", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ProxyOptions", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceLocatorDiscovery\\.Locator\\.MessageSizeMax", false, null), - new Property("IceLocatorDiscovery\\.Lookup", false, null), - new Property("IceLocatorDiscovery\\.Timeout", false, null), - new Property("IceLocatorDiscovery\\.RetryCount", false, null), - new Property("IceLocatorDiscovery\\.RetryDelay", false, null), - new Property("IceLocatorDiscovery\\.Address", false, null), - new Property("IceLocatorDiscovery\\.Port", false, null), - new Property("IceLocatorDiscovery\\.Interface", false, null), - new Property("IceLocatorDiscovery\\.InstanceName", false, null), - new Property("IceLocatorDiscovery\\.Trace\\.Lookup", false, null), - null - }; + public static final Property IceLocatorDiscoveryProps[] = { + new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Timeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Heartbeat", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ACM\\.Close", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ACM", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.AdapterId", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Endpoints", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.PublishedEndpoints", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ReplicaGroupId", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ProxyOptions", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Size", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.StackSize", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.Serialize", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceLocatorDiscovery\\.Reply\\.MessageSizeMax", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Timeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Heartbeat", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM\\.Close", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ACM", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.AdapterId", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Endpoints", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.PublishedEndpoints", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ReplicaGroupId", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.EndpointSelection", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.ConnectionCached", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.PreferSecure", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.InvocationTimeout", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Locator", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.CollocationOptimized", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.Router", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ProxyOptions", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Size", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.StackSize", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.Serialize", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceLocatorDiscovery\\.Locator\\.MessageSizeMax", false, null), + new Property("IceLocatorDiscovery\\.Lookup", false, null), + new Property("IceLocatorDiscovery\\.Timeout", false, null), + new Property("IceLocatorDiscovery\\.RetryCount", false, null), + new Property("IceLocatorDiscovery\\.RetryDelay", false, null), + new Property("IceLocatorDiscovery\\.Address", false, null), + new Property("IceLocatorDiscovery\\.Port", false, null), + new Property("IceLocatorDiscovery\\.Interface", false, null), + new Property("IceLocatorDiscovery\\.InstanceName", false, null), + new Property("IceLocatorDiscovery\\.Trace\\.Lookup", false, null), + null + }; - public static final Property IceBoxProps[] = - { - new Property("IceBox\\.InheritProperties", false, null), - new Property("IceBox\\.InstanceName", true, null), - new Property("IceBox\\.LoadOrder", false, null), - new Property("IceBox\\.PrintServicesReady", false, null), - new Property("IceBox\\.Service\\.[^\\s]+", false, null), - new Property("IceBox\\.ServiceManager\\.AdapterId", true, null), - new Property("IceBox\\.ServiceManager\\.Endpoints", true, null), - new Property("IceBox\\.ServiceManager\\.Locator", true, null), - new Property("IceBox\\.ServiceManager\\.PublishedEndpoints", true, null), - new Property("IceBox\\.ServiceManager\\.ReplicaGroupId", true, null), - new Property("IceBox\\.ServiceManager\\.Router", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.Size", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeMax", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeWarn", true, null), - new Property("IceBox\\.ServiceManager\\.ThreadPool\\.StackSize", true, null), - new Property("IceBox\\.Trace\\.ServiceObserver", false, null), - new Property("IceBox\\.UseSharedCommunicator\\.[^\\s]+", false, null), - null - }; + public static final Property IceBoxProps[] = { + new Property("IceBox\\.InheritProperties", false, null), + new Property("IceBox\\.InstanceName", true, null), + new Property("IceBox\\.LoadOrder", false, null), + new Property("IceBox\\.PrintServicesReady", false, null), + new Property("IceBox\\.Service\\.[^\\s]+", false, null), + new Property("IceBox\\.ServiceManager\\.AdapterId", true, null), + new Property("IceBox\\.ServiceManager\\.Endpoints", true, null), + new Property("IceBox\\.ServiceManager\\.Locator", true, null), + new Property("IceBox\\.ServiceManager\\.PublishedEndpoints", true, null), + new Property("IceBox\\.ServiceManager\\.ReplicaGroupId", true, null), + new Property("IceBox\\.ServiceManager\\.Router", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.Size", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeMax", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.SizeWarn", true, null), + new Property("IceBox\\.ServiceManager\\.ThreadPool\\.StackSize", true, null), + new Property("IceBox\\.Trace\\.ServiceObserver", false, null), + new Property("IceBox\\.UseSharedCommunicator\\.[^\\s]+", false, null), + null + }; - public static final Property IceBoxAdminProps[] = - { - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.EndpointSelection", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.ConnectionCached", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.PreferSecure", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.LocatorCacheTimeout", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.InvocationTimeout", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Locator", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Router", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.CollocationOptimized", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Context\\.[^\\s]+", false, null), - new Property("IceBoxAdmin\\.ServiceManager\\.Proxy", false, null), - null - }; + public static final Property IceBoxAdminProps[] = { + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.EndpointSelection", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.ConnectionCached", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.PreferSecure", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.LocatorCacheTimeout", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.InvocationTimeout", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Locator", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Router", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.CollocationOptimized", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy\\.Context\\.[^\\s]+", false, null), + new Property("IceBoxAdmin\\.ServiceManager\\.Proxy", false, null), + null + }; - public static final Property IceBridgeProps[] = - { - new Property("IceBridge\\.Source\\.ACM\\.Timeout", false, null), - new Property("IceBridge\\.Source\\.ACM\\.Heartbeat", false, null), - new Property("IceBridge\\.Source\\.ACM\\.Close", false, null), - new Property("IceBridge\\.Source\\.ACM", false, null), - new Property("IceBridge\\.Source\\.AdapterId", false, null), - new Property("IceBridge\\.Source\\.Endpoints", false, null), - new Property("IceBridge\\.Source\\.Locator\\.EndpointSelection", false, null), - new Property("IceBridge\\.Source\\.Locator\\.ConnectionCached", false, null), - new Property("IceBridge\\.Source\\.Locator\\.PreferSecure", false, null), - new Property("IceBridge\\.Source\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceBridge\\.Source\\.Locator\\.InvocationTimeout", false, null), - new Property("IceBridge\\.Source\\.Locator\\.Locator", false, null), - new Property("IceBridge\\.Source\\.Locator\\.Router", false, null), - new Property("IceBridge\\.Source\\.Locator\\.CollocationOptimized", false, null), - new Property("IceBridge\\.Source\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceBridge\\.Source\\.Locator", false, null), - new Property("IceBridge\\.Source\\.PublishedEndpoints", false, null), - new Property("IceBridge\\.Source\\.ReplicaGroupId", false, null), - new Property("IceBridge\\.Source\\.Router\\.EndpointSelection", false, null), - new Property("IceBridge\\.Source\\.Router\\.ConnectionCached", false, null), - new Property("IceBridge\\.Source\\.Router\\.PreferSecure", false, null), - new Property("IceBridge\\.Source\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceBridge\\.Source\\.Router\\.InvocationTimeout", false, null), - new Property("IceBridge\\.Source\\.Router\\.Locator", false, null), - new Property("IceBridge\\.Source\\.Router\\.Router", false, null), - new Property("IceBridge\\.Source\\.Router\\.CollocationOptimized", false, null), - new Property("IceBridge\\.Source\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceBridge\\.Source\\.Router", false, null), - new Property("IceBridge\\.Source\\.ProxyOptions", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.Size", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.SizeMax", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.StackSize", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.Serialize", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceBridge\\.Source\\.MessageSizeMax", false, null), - new Property("IceBridge\\.Target\\.Endpoints", false, null), - new Property("IceBridge\\.InstanceName", false, null), - null - }; + public static final Property IceBridgeProps[] = { + new Property("IceBridge\\.Source\\.ACM\\.Timeout", false, null), + new Property("IceBridge\\.Source\\.ACM\\.Heartbeat", false, null), + new Property("IceBridge\\.Source\\.ACM\\.Close", false, null), + new Property("IceBridge\\.Source\\.ACM", false, null), + new Property("IceBridge\\.Source\\.AdapterId", false, null), + new Property("IceBridge\\.Source\\.Endpoints", false, null), + new Property("IceBridge\\.Source\\.Locator\\.EndpointSelection", false, null), + new Property("IceBridge\\.Source\\.Locator\\.ConnectionCached", false, null), + new Property("IceBridge\\.Source\\.Locator\\.PreferSecure", false, null), + new Property("IceBridge\\.Source\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceBridge\\.Source\\.Locator\\.InvocationTimeout", false, null), + new Property("IceBridge\\.Source\\.Locator\\.Locator", false, null), + new Property("IceBridge\\.Source\\.Locator\\.Router", false, null), + new Property("IceBridge\\.Source\\.Locator\\.CollocationOptimized", false, null), + new Property("IceBridge\\.Source\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceBridge\\.Source\\.Locator", false, null), + new Property("IceBridge\\.Source\\.PublishedEndpoints", false, null), + new Property("IceBridge\\.Source\\.ReplicaGroupId", false, null), + new Property("IceBridge\\.Source\\.Router\\.EndpointSelection", false, null), + new Property("IceBridge\\.Source\\.Router\\.ConnectionCached", false, null), + new Property("IceBridge\\.Source\\.Router\\.PreferSecure", false, null), + new Property("IceBridge\\.Source\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceBridge\\.Source\\.Router\\.InvocationTimeout", false, null), + new Property("IceBridge\\.Source\\.Router\\.Locator", false, null), + new Property("IceBridge\\.Source\\.Router\\.Router", false, null), + new Property("IceBridge\\.Source\\.Router\\.CollocationOptimized", false, null), + new Property("IceBridge\\.Source\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceBridge\\.Source\\.Router", false, null), + new Property("IceBridge\\.Source\\.ProxyOptions", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.Size", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.SizeMax", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.StackSize", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.Serialize", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceBridge\\.Source\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceBridge\\.Source\\.MessageSizeMax", false, null), + new Property("IceBridge\\.Target\\.Endpoints", false, null), + new Property("IceBridge\\.InstanceName", false, null), + null + }; - public static final Property IceGridAdminProps[] = - { - new Property("IceGridAdmin\\.AuthenticateUsingSSL", false, null), - new Property("IceGridAdmin\\.MetricsConfig", false, null), - new Property("IceGridAdmin\\.Username", false, null), - new Property("IceGridAdmin\\.Password", false, null), - new Property("IceGridAdmin\\.Replica", false, null), - new Property("IceGridAdmin\\.Host", false, null), - new Property("IceGridAdmin\\.Port", false, null), - new Property("IceGridAdmin\\.InstanceName", false, null), - new Property("IceGridAdmin\\.Server\\.ACM\\.Timeout", false, null), - new Property("IceGridAdmin\\.Server\\.ACM\\.Heartbeat", false, null), - new Property("IceGridAdmin\\.Server\\.ACM\\.Close", false, null), - new Property("IceGridAdmin\\.Server\\.ACM", false, null), - new Property("IceGridAdmin\\.Server\\.AdapterId", false, null), - new Property("IceGridAdmin\\.Server\\.Endpoints", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.Router", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Server\\.Locator", false, null), - new Property("IceGridAdmin\\.Server\\.PublishedEndpoints", false, null), - new Property("IceGridAdmin\\.Server\\.ReplicaGroupId", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.Locator", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.Router", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Server\\.Router", false, null), - new Property("IceGridAdmin\\.Server\\.ProxyOptions", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Size", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.StackSize", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Serialize", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGridAdmin\\.Server\\.MessageSizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Address", false, null), - new Property("IceGridAdmin\\.Discovery\\.Interface", false, null), - new Property("IceGridAdmin\\.Discovery\\.Lookup", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Timeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Heartbeat", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Close", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.AdapterId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Endpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.PublishedEndpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ReplicaGroupId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ProxyOptions", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Size", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.StackSize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Serialize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGridAdmin\\.Discovery\\.Reply\\.MessageSizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Timeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Heartbeat", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Close", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.AdapterId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Endpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.PublishedEndpoints", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ReplicaGroupId", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.EndpointSelection", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.ConnectionCached", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.PreferSecure", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.InvocationTimeout", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Locator", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.CollocationOptimized", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ProxyOptions", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Size", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.StackSize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Serialize", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGridAdmin\\.Discovery\\.Locator\\.MessageSizeMax", false, null), - new Property("IceGridAdmin\\.Trace\\.Observers", false, null), - new Property("IceGridAdmin\\.Trace\\.SaveToRegistry", false, null), - null - }; + public static final Property IceGridAdminProps[] = { + new Property("IceGridAdmin\\.AuthenticateUsingSSL", false, null), + new Property("IceGridAdmin\\.MetricsConfig", false, null), + new Property("IceGridAdmin\\.Username", false, null), + new Property("IceGridAdmin\\.Password", false, null), + new Property("IceGridAdmin\\.Replica", false, null), + new Property("IceGridAdmin\\.Host", false, null), + new Property("IceGridAdmin\\.Port", false, null), + new Property("IceGridAdmin\\.InstanceName", false, null), + new Property("IceGridAdmin\\.Server\\.ACM\\.Timeout", false, null), + new Property("IceGridAdmin\\.Server\\.ACM\\.Heartbeat", false, null), + new Property("IceGridAdmin\\.Server\\.ACM\\.Close", false, null), + new Property("IceGridAdmin\\.Server\\.ACM", false, null), + new Property("IceGridAdmin\\.Server\\.AdapterId", false, null), + new Property("IceGridAdmin\\.Server\\.Endpoints", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.Router", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Server\\.Locator", false, null), + new Property("IceGridAdmin\\.Server\\.PublishedEndpoints", false, null), + new Property("IceGridAdmin\\.Server\\.ReplicaGroupId", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.Locator", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.Router", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Server\\.Router", false, null), + new Property("IceGridAdmin\\.Server\\.ProxyOptions", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Size", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.StackSize", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.Serialize", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGridAdmin\\.Server\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGridAdmin\\.Server\\.MessageSizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Address", false, null), + new Property("IceGridAdmin\\.Discovery\\.Interface", false, null), + new Property("IceGridAdmin\\.Discovery\\.Lookup", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Timeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Heartbeat", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM\\.Close", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ACM", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.AdapterId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Endpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.PublishedEndpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ReplicaGroupId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ProxyOptions", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Size", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.StackSize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.Serialize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGridAdmin\\.Discovery\\.Reply\\.MessageSizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Timeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Heartbeat", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM\\.Close", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ACM", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.AdapterId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Endpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Router", false, null), + new Property( + "IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.PublishedEndpoints", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ReplicaGroupId", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.EndpointSelection", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.ConnectionCached", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.PreferSecure", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.InvocationTimeout", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Locator", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.CollocationOptimized", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.Router", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ProxyOptions", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Size", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.StackSize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.Serialize", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGridAdmin\\.Discovery\\.Locator\\.MessageSizeMax", false, null), + new Property("IceGridAdmin\\.Trace\\.Observers", false, null), + new Property("IceGridAdmin\\.Trace\\.SaveToRegistry", false, null), + null + }; - public static final Property IceGridProps[] = - { - new Property("IceGrid\\.AdminRouter\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.AdminRouter\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.AdminRouter\\.ACM\\.Close", false, null), - new Property("IceGrid\\.AdminRouter\\.ACM", false, null), - new Property("IceGrid\\.AdminRouter\\.AdapterId", false, null), - new Property("IceGrid\\.AdminRouter\\.Endpoints", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.Router", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.AdminRouter\\.Locator", false, null), - new Property("IceGrid\\.AdminRouter\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.AdminRouter\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.Locator", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.Router", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.AdminRouter\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.AdminRouter\\.Router", false, null), - new Property("IceGrid\\.AdminRouter\\.ProxyOptions", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.AdminRouter\\.MessageSizeMax", false, null), - new Property("IceGrid\\.InstanceName", false, null), - new Property("IceGrid\\.Node\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Node\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Node\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Node\\.ACM", false, null), - new Property("IceGrid\\.Node\\.AdapterId", false, null), - new Property("IceGrid\\.Node\\.Endpoints", false, null), - new Property("IceGrid\\.Node\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Node\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Node\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Node\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Node\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Node\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Node\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Node\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Node\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Node\\.Locator", false, null), - new Property("IceGrid\\.Node\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Node\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Node\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Node\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Node\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Node\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Node\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Node\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Node\\.Router\\.Router", false, null), - new Property("IceGrid\\.Node\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Node\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Node\\.Router", false, null), - new Property("IceGrid\\.Node\\.ProxyOptions", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Node\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Node\\.AllowRunningServersAsRoot", false, null), - new Property("IceGrid\\.Node\\.AllowEndpointsOverride", false, null), - new Property("IceGrid\\.Node\\.CollocateRegistry", false, null), - new Property("IceGrid\\.Node\\.Data", false, null), - new Property("IceGrid\\.Node\\.DisableOnFailure", false, null), - new Property("IceGrid\\.Node\\.Name", false, null), - new Property("IceGrid\\.Node\\.Output", false, null), - new Property("IceGrid\\.Node\\.ProcessorSocketCount", false, null), - new Property("IceGrid\\.Node\\.PrintServersReady", false, null), - new Property("IceGrid\\.Node\\.PropertiesOverride", false, null), - new Property("IceGrid\\.Node\\.RedirectErrToOut", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Activator", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Adapter", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Admin", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Patch", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Replica", false, null), - new Property("IceGrid\\.Node\\.Trace\\.Server", false, null), - new Property("IceGrid\\.Node\\.UserAccounts", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.EndpointSelection", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.ConnectionCached", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.PreferSecure", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.Locator", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.Router", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Node\\.UserAccountMapper", false, null), - new Property("IceGrid\\.Node\\.WaitTime", false, null), - new Property("IceGrid\\.Registry\\.AdminCryptPasswords", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Router", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionFilters", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.AdminSessionManager\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Router", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Client\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Client\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Client\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Client\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.CryptPasswords", false, null), - new Property("IceGrid\\.Registry\\.DefaultTemplates", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Enabled", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Address", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Port", false, null), - new Property("IceGrid\\.Registry\\.Discovery\\.Interface", false, null), - new Property("IceGrid\\.Registry\\.DynamicRegistration", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Internal\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.LMDB\\.MapSize", false, null), - new Property("IceGrid\\.Registry\\.LMDB\\.Path", false, null), - new Property("IceGrid\\.Registry\\.NodeSessionTimeout", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Router", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.PermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.ReplicaName", false, null), - new Property("IceGrid\\.Registry\\.ReplicaSessionTimeout", false, null), - new Property("IceGrid\\.Registry\\.RequireNodeCertCN", false, null), - new Property("IceGrid\\.Registry\\.RequireReplicaCertCN", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.Server\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Server\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.Server\\.Router", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.Server\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.SessionFilters", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Timeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Heartbeat", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Close", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ACM", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.AdapterId", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Endpoints", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Router", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.PublishedEndpoints", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ReplicaGroupId", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Router", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.Router", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ProxyOptions", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Size", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeMax", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeWarn", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.StackSize", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Serialize", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadPriority", false, null), - new Property("IceGrid\\.Registry\\.SessionManager\\.MessageSizeMax", false, null), - new Property("IceGrid\\.Registry\\.SessionTimeout", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.PreferSecure", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Router", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Admin", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Application", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Adapter", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Discovery", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Locator", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Node", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Object", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Patch", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Replica", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Server", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Session", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Subscriber", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.Topic", false, null), - new Property("IceGrid\\.Registry\\.Trace\\.TopicManager", false, null), - new Property("IceGrid\\.Registry\\.UserAccounts", false, null), - null - }; + public static final Property IceGridProps[] = { + new Property("IceGrid\\.AdminRouter\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.AdminRouter\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.AdminRouter\\.ACM\\.Close", false, null), + new Property("IceGrid\\.AdminRouter\\.ACM", false, null), + new Property("IceGrid\\.AdminRouter\\.AdapterId", false, null), + new Property("IceGrid\\.AdminRouter\\.Endpoints", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.Router", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.AdminRouter\\.Locator", false, null), + new Property("IceGrid\\.AdminRouter\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.AdminRouter\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.Locator", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.Router", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.AdminRouter\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.AdminRouter\\.Router", false, null), + new Property("IceGrid\\.AdminRouter\\.ProxyOptions", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.AdminRouter\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.AdminRouter\\.MessageSizeMax", false, null), + new Property("IceGrid\\.InstanceName", false, null), + new Property("IceGrid\\.Node\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Node\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Node\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Node\\.ACM", false, null), + new Property("IceGrid\\.Node\\.AdapterId", false, null), + new Property("IceGrid\\.Node\\.Endpoints", false, null), + new Property("IceGrid\\.Node\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Node\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Node\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Node\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Node\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Node\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Node\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Node\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Node\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Node\\.Locator", false, null), + new Property("IceGrid\\.Node\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Node\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Node\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Node\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Node\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Node\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Node\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Node\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Node\\.Router\\.Router", false, null), + new Property("IceGrid\\.Node\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Node\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Node\\.Router", false, null), + new Property("IceGrid\\.Node\\.ProxyOptions", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Node\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Node\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Node\\.AllowRunningServersAsRoot", false, null), + new Property("IceGrid\\.Node\\.AllowEndpointsOverride", false, null), + new Property("IceGrid\\.Node\\.CollocateRegistry", false, null), + new Property("IceGrid\\.Node\\.Data", false, null), + new Property("IceGrid\\.Node\\.DisableOnFailure", false, null), + new Property("IceGrid\\.Node\\.Name", false, null), + new Property("IceGrid\\.Node\\.Output", false, null), + new Property("IceGrid\\.Node\\.ProcessorSocketCount", false, null), + new Property("IceGrid\\.Node\\.PrintServersReady", false, null), + new Property("IceGrid\\.Node\\.PropertiesOverride", false, null), + new Property("IceGrid\\.Node\\.RedirectErrToOut", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Activator", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Adapter", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Admin", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Patch", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Replica", false, null), + new Property("IceGrid\\.Node\\.Trace\\.Server", false, null), + new Property("IceGrid\\.Node\\.UserAccounts", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.EndpointSelection", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.ConnectionCached", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.PreferSecure", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.Locator", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.Router", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Node\\.UserAccountMapper", false, null), + new Property("IceGrid\\.Node\\.WaitTime", false, null), + new Property("IceGrid\\.Registry\\.AdminCryptPasswords", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.PreferSecure", false, null), + new Property( + "IceGrid\\.Registry\\.AdminPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Router", false, null), + new Property( + "IceGrid\\.Registry\\.AdminPermissionsVerifier\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminPermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionFilters", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Endpoints", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.EndpointSelection", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.PreferSecure", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.LocatorCacheTimeout", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Router", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.CollocationOptimized", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ReplicaGroupId", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.EndpointSelection", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.PreferSecure", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.LocatorCacheTimeout", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Router", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.CollocationOptimized", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.Router", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.Serialize", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSessionManager\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.AdminSessionManager\\.MessageSizeMax", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.EndpointSelection", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.PreferSecure", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Router", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.CollocationOptimized", false, null), + new Property( + "IceGrid\\.Registry\\.AdminSSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.AdminSSLPermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Client\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Client\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Client\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Client\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Client\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.CryptPasswords", false, null), + new Property("IceGrid\\.Registry\\.DefaultTemplates", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Enabled", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Address", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Port", false, null), + new Property("IceGrid\\.Registry\\.Discovery\\.Interface", false, null), + new Property("IceGrid\\.Registry\\.DynamicRegistration", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Internal\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.LMDB\\.MapSize", false, null), + new Property("IceGrid\\.Registry\\.LMDB\\.Path", false, null), + new Property("IceGrid\\.Registry\\.NodeSessionTimeout", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Router", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.PermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.ReplicaName", false, null), + new Property("IceGrid\\.Registry\\.ReplicaSessionTimeout", false, null), + new Property("IceGrid\\.Registry\\.RequireNodeCertCN", false, null), + new Property("IceGrid\\.Registry\\.RequireReplicaCertCN", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.Server\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Server\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.Server\\.Router", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.Server\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.Server\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.SessionFilters", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Timeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Heartbeat", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM\\.Close", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ACM", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.AdapterId", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Endpoints", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.PreferSecure", false, null), + new Property( + "IceGrid\\.Registry\\.SessionManager\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Router", false, null), + new Property( + "IceGrid\\.Registry\\.SessionManager\\.Locator\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.PublishedEndpoints", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ReplicaGroupId", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Router", false, null), + new Property( + "IceGrid\\.Registry\\.SessionManager\\.Router\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.Router", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ProxyOptions", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Size", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeMax", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.SizeWarn", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.StackSize", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.Serialize", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.ThreadPool\\.ThreadPriority", false, null), + new Property("IceGrid\\.Registry\\.SessionManager\\.MessageSizeMax", false, null), + new Property("IceGrid\\.Registry\\.SessionTimeout", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.PreferSecure", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Router", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("IceGrid\\.Registry\\.SSLPermissionsVerifier", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Admin", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Application", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Adapter", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Discovery", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Locator", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Node", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Object", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Patch", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Replica", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Server", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Session", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Subscriber", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.Topic", false, null), + new Property("IceGrid\\.Registry\\.Trace\\.TopicManager", false, null), + new Property("IceGrid\\.Registry\\.UserAccounts", false, null), + null + }; - public static final Property IceSSLProps[] = - { - new Property("IceSSL\\.Alias", false, null), - new Property("IceSSL\\.CAs", false, null), - new Property("IceSSL\\.CertStore", false, null), - new Property("IceSSL\\.CertStoreLocation", false, null), - new Property("IceSSL\\.CertFile", false, null), - new Property("IceSSL\\.CheckCertName", false, null), - new Property("IceSSL\\.CheckCRL", false, null), - new Property("IceSSL\\.Ciphers", false, null), - new Property("IceSSL\\.CertificateRevocationListFiles", false, null), - new Property("IceSSL\\.DefaultDir", false, null), - new Property("IceSSL\\.FindCert", false, null), - new Property("IceSSL\\.KeyFile", false, null), - new Property("IceSSL\\.Keychain", false, null), - new Property("IceSSL\\.KeychainPassword", false, null), - new Property("IceSSL\\.Keystore", false, null), - new Property("IceSSL\\.KeystorePassword", false, null), - new Property("IceSSL\\.KeystoreType", false, null), - new Property("IceSSL\\.Password", false, null), - new Property("IceSSL\\.RevocationCheck", false, null), - new Property("IceSSL\\.RevocationCheckCacheOnly", false, null), - new Property("IceSSL\\.SchannelStrongCrypto", false, null), - new Property("IceSSL\\.Trace\\.Security", false, null), - new Property("IceSSL\\.TrustOnly", false, null), - new Property("IceSSL\\.TrustOnly\\.Client", false, null), - new Property("IceSSL\\.TrustOnly\\.Server", false, null), - new Property("IceSSL\\.TrustOnly\\.Server\\.[^\\s]+", false, null), - new Property("IceSSL\\.Truststore", false, null), - new Property("IceSSL\\.TruststorePassword", false, null), - new Property("IceSSL\\.TruststoreType", false, null), - new Property("IceSSL\\.UsePlatformCAs", false, null), - new Property("IceSSL\\.VerifyPeer", false, null), - null - }; + public static final Property IceSSLProps[] = { + new Property("IceSSL\\.Alias", false, null), + new Property("IceSSL\\.CAs", false, null), + new Property("IceSSL\\.CertStore", false, null), + new Property("IceSSL\\.CertStoreLocation", false, null), + new Property("IceSSL\\.CertFile", false, null), + new Property("IceSSL\\.CheckCertName", false, null), + new Property("IceSSL\\.CheckCRL", false, null), + new Property("IceSSL\\.Ciphers", false, null), + new Property("IceSSL\\.CertificateRevocationListFiles", false, null), + new Property("IceSSL\\.DefaultDir", false, null), + new Property("IceSSL\\.FindCert", false, null), + new Property("IceSSL\\.KeyFile", false, null), + new Property("IceSSL\\.Keychain", false, null), + new Property("IceSSL\\.KeychainPassword", false, null), + new Property("IceSSL\\.Keystore", false, null), + new Property("IceSSL\\.KeystorePassword", false, null), + new Property("IceSSL\\.KeystoreType", false, null), + new Property("IceSSL\\.Password", false, null), + new Property("IceSSL\\.RevocationCheck", false, null), + new Property("IceSSL\\.RevocationCheckCacheOnly", false, null), + new Property("IceSSL\\.SchannelStrongCrypto", false, null), + new Property("IceSSL\\.Trace\\.Security", false, null), + new Property("IceSSL\\.TrustOnly", false, null), + new Property("IceSSL\\.TrustOnly\\.Client", false, null), + new Property("IceSSL\\.TrustOnly\\.Server", false, null), + new Property("IceSSL\\.TrustOnly\\.Server\\.[^\\s]+", false, null), + new Property("IceSSL\\.Truststore", false, null), + new Property("IceSSL\\.TruststorePassword", false, null), + new Property("IceSSL\\.TruststoreType", false, null), + new Property("IceSSL\\.UsePlatformCAs", false, null), + new Property("IceSSL\\.VerifyPeer", false, null), + null + }; - public static final Property IceStormAdminProps[] = - { - new Property("IceStormAdmin\\.TopicManager\\.[^\\s]+", false, null), - new Property("IceStormAdmin\\.Host", false, null), - new Property("IceStormAdmin\\.Port", false, null), - null - }; + public static final Property IceStormAdminProps[] = { + new Property("IceStormAdmin\\.TopicManager\\.[^\\s]+", false, null), + new Property("IceStormAdmin\\.Host", false, null), + new Property("IceStormAdmin\\.Port", false, null), + null + }; - public static final Property IceBTProps[] = - { - new Property("IceBT\\.RcvSize", false, null), - new Property("IceBT\\.SndSize", false, null), - null - }; + public static final Property IceBTProps[] = { + new Property("IceBT\\.RcvSize", false, null), new Property("IceBT\\.SndSize", false, null), null + }; - public static final Property Glacier2Props[] = - { - new Property("Glacier2\\.AddConnectionContext", false, null), - new Property("Glacier2\\.Client\\.ACM\\.Timeout", false, null), - new Property("Glacier2\\.Client\\.ACM\\.Heartbeat", false, null), - new Property("Glacier2\\.Client\\.ACM\\.Close", false, null), - new Property("Glacier2\\.Client\\.ACM", false, null), - new Property("Glacier2\\.Client\\.AdapterId", false, null), - new Property("Glacier2\\.Client\\.Endpoints", false, null), - new Property("Glacier2\\.Client\\.Locator\\.EndpointSelection", false, null), - new Property("Glacier2\\.Client\\.Locator\\.ConnectionCached", false, null), - new Property("Glacier2\\.Client\\.Locator\\.PreferSecure", false, null), - new Property("Glacier2\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Client\\.Locator\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Client\\.Locator\\.Locator", false, null), - new Property("Glacier2\\.Client\\.Locator\\.Router", false, null), - new Property("Glacier2\\.Client\\.Locator\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Client\\.Locator", false, null), - new Property("Glacier2\\.Client\\.PublishedEndpoints", false, null), - new Property("Glacier2\\.Client\\.ReplicaGroupId", false, null), - new Property("Glacier2\\.Client\\.Router\\.EndpointSelection", false, null), - new Property("Glacier2\\.Client\\.Router\\.ConnectionCached", false, null), - new Property("Glacier2\\.Client\\.Router\\.PreferSecure", false, null), - new Property("Glacier2\\.Client\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Client\\.Router\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Client\\.Router\\.Locator", false, null), - new Property("Glacier2\\.Client\\.Router\\.Router", false, null), - new Property("Glacier2\\.Client\\.Router\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Client\\.Router", false, null), - new Property("Glacier2\\.Client\\.ProxyOptions", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.Size", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.SizeMax", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.SizeWarn", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.StackSize", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.Serialize", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadPriority", false, null), - new Property("Glacier2\\.Client\\.MessageSizeMax", false, null), - new Property("Glacier2\\.Client\\.Buffered", false, null), - new Property("Glacier2\\.Client\\.ForwardContext", false, null), - new Property("Glacier2\\.Client\\.SleepTime", false, null), - new Property("Glacier2\\.Client\\.Trace\\.Override", false, null), - new Property("Glacier2\\.Client\\.Trace\\.Reject", false, null), - new Property("Glacier2\\.Client\\.Trace\\.Request", false, null), - new Property("Glacier2\\.CryptPasswords", false, null), - new Property("Glacier2\\.Filter\\.Address\\.Reject", false, null), - new Property("Glacier2\\.Filter\\.Address\\.Accept", false, null), - new Property("Glacier2\\.Filter\\.ProxySizeMax", false, null), - new Property("Glacier2\\.Filter\\.Category\\.Accept", false, null), - new Property("Glacier2\\.Filter\\.Category\\.AcceptUser", false, null), - new Property("Glacier2\\.Filter\\.AdapterId\\.Accept", false, null), - new Property("Glacier2\\.Filter\\.Identity\\.Accept", false, null), - new Property("Glacier2\\.InstanceName", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.EndpointSelection", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.ConnectionCached", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.PreferSecure", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.InvocationTimeout", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.Locator", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.Router", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.CollocationOptimized", false, null), - new Property("Glacier2\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.PermissionsVerifier", false, null), - new Property("Glacier2\\.ReturnClientProxy", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.PreferSecure", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.Locator", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.Router", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.SSLPermissionsVerifier", false, null), - new Property("Glacier2\\.RoutingTable\\.MaxSize", false, null), - new Property("Glacier2\\.Server\\.ACM\\.Timeout", false, null), - new Property("Glacier2\\.Server\\.ACM\\.Heartbeat", false, null), - new Property("Glacier2\\.Server\\.ACM\\.Close", false, null), - new Property("Glacier2\\.Server\\.ACM", false, null), - new Property("Glacier2\\.Server\\.AdapterId", false, null), - new Property("Glacier2\\.Server\\.Endpoints", false, null), - new Property("Glacier2\\.Server\\.Locator\\.EndpointSelection", false, null), - new Property("Glacier2\\.Server\\.Locator\\.ConnectionCached", false, null), - new Property("Glacier2\\.Server\\.Locator\\.PreferSecure", false, null), - new Property("Glacier2\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Server\\.Locator\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Server\\.Locator\\.Locator", false, null), - new Property("Glacier2\\.Server\\.Locator\\.Router", false, null), - new Property("Glacier2\\.Server\\.Locator\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Server\\.Locator", false, null), - new Property("Glacier2\\.Server\\.PublishedEndpoints", false, null), - new Property("Glacier2\\.Server\\.ReplicaGroupId", false, null), - new Property("Glacier2\\.Server\\.Router\\.EndpointSelection", false, null), - new Property("Glacier2\\.Server\\.Router\\.ConnectionCached", false, null), - new Property("Glacier2\\.Server\\.Router\\.PreferSecure", false, null), - new Property("Glacier2\\.Server\\.Router\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.Server\\.Router\\.InvocationTimeout", false, null), - new Property("Glacier2\\.Server\\.Router\\.Locator", false, null), - new Property("Glacier2\\.Server\\.Router\\.Router", false, null), - new Property("Glacier2\\.Server\\.Router\\.CollocationOptimized", false, null), - new Property("Glacier2\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.Server\\.Router", false, null), - new Property("Glacier2\\.Server\\.ProxyOptions", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.Size", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.SizeMax", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.SizeWarn", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.StackSize", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.Serialize", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), - new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadPriority", false, null), - new Property("Glacier2\\.Server\\.MessageSizeMax", false, null), - new Property("Glacier2\\.Server\\.Buffered", false, null), - new Property("Glacier2\\.Server\\.ForwardContext", false, null), - new Property("Glacier2\\.Server\\.SleepTime", false, null), - new Property("Glacier2\\.Server\\.Trace\\.Override", false, null), - new Property("Glacier2\\.Server\\.Trace\\.Request", false, null), - new Property("Glacier2\\.SessionManager\\.EndpointSelection", false, null), - new Property("Glacier2\\.SessionManager\\.ConnectionCached", false, null), - new Property("Glacier2\\.SessionManager\\.PreferSecure", false, null), - new Property("Glacier2\\.SessionManager\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.SessionManager\\.InvocationTimeout", false, null), - new Property("Glacier2\\.SessionManager\\.Locator", false, null), - new Property("Glacier2\\.SessionManager\\.Router", false, null), - new Property("Glacier2\\.SessionManager\\.CollocationOptimized", false, null), - new Property("Glacier2\\.SessionManager\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.SessionManager", false, null), - new Property("Glacier2\\.SSLSessionManager\\.EndpointSelection", false, null), - new Property("Glacier2\\.SSLSessionManager\\.ConnectionCached", false, null), - new Property("Glacier2\\.SSLSessionManager\\.PreferSecure", false, null), - new Property("Glacier2\\.SSLSessionManager\\.LocatorCacheTimeout", false, null), - new Property("Glacier2\\.SSLSessionManager\\.InvocationTimeout", false, null), - new Property("Glacier2\\.SSLSessionManager\\.Locator", false, null), - new Property("Glacier2\\.SSLSessionManager\\.Router", false, null), - new Property("Glacier2\\.SSLSessionManager\\.CollocationOptimized", false, null), - new Property("Glacier2\\.SSLSessionManager\\.Context\\.[^\\s]+", false, null), - new Property("Glacier2\\.SSLSessionManager", false, null), - new Property("Glacier2\\.Trace\\.RoutingTable", false, null), - new Property("Glacier2\\.Trace\\.Session", false, null), - null - }; + public static final Property Glacier2Props[] = { + new Property("Glacier2\\.AddConnectionContext", false, null), + new Property("Glacier2\\.Client\\.ACM\\.Timeout", false, null), + new Property("Glacier2\\.Client\\.ACM\\.Heartbeat", false, null), + new Property("Glacier2\\.Client\\.ACM\\.Close", false, null), + new Property("Glacier2\\.Client\\.ACM", false, null), + new Property("Glacier2\\.Client\\.AdapterId", false, null), + new Property("Glacier2\\.Client\\.Endpoints", false, null), + new Property("Glacier2\\.Client\\.Locator\\.EndpointSelection", false, null), + new Property("Glacier2\\.Client\\.Locator\\.ConnectionCached", false, null), + new Property("Glacier2\\.Client\\.Locator\\.PreferSecure", false, null), + new Property("Glacier2\\.Client\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Client\\.Locator\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Client\\.Locator\\.Locator", false, null), + new Property("Glacier2\\.Client\\.Locator\\.Router", false, null), + new Property("Glacier2\\.Client\\.Locator\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Client\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Client\\.Locator", false, null), + new Property("Glacier2\\.Client\\.PublishedEndpoints", false, null), + new Property("Glacier2\\.Client\\.ReplicaGroupId", false, null), + new Property("Glacier2\\.Client\\.Router\\.EndpointSelection", false, null), + new Property("Glacier2\\.Client\\.Router\\.ConnectionCached", false, null), + new Property("Glacier2\\.Client\\.Router\\.PreferSecure", false, null), + new Property("Glacier2\\.Client\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Client\\.Router\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Client\\.Router\\.Locator", false, null), + new Property("Glacier2\\.Client\\.Router\\.Router", false, null), + new Property("Glacier2\\.Client\\.Router\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Client\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Client\\.Router", false, null), + new Property("Glacier2\\.Client\\.ProxyOptions", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.Size", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.SizeMax", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.SizeWarn", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.StackSize", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.Serialize", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("Glacier2\\.Client\\.ThreadPool\\.ThreadPriority", false, null), + new Property("Glacier2\\.Client\\.MessageSizeMax", false, null), + new Property("Glacier2\\.Client\\.Buffered", false, null), + new Property("Glacier2\\.Client\\.ForwardContext", false, null), + new Property("Glacier2\\.Client\\.SleepTime", false, null), + new Property("Glacier2\\.Client\\.Trace\\.Override", false, null), + new Property("Glacier2\\.Client\\.Trace\\.Reject", false, null), + new Property("Glacier2\\.Client\\.Trace\\.Request", false, null), + new Property("Glacier2\\.CryptPasswords", false, null), + new Property("Glacier2\\.Filter\\.Address\\.Reject", false, null), + new Property("Glacier2\\.Filter\\.Address\\.Accept", false, null), + new Property("Glacier2\\.Filter\\.ProxySizeMax", false, null), + new Property("Glacier2\\.Filter\\.Category\\.Accept", false, null), + new Property("Glacier2\\.Filter\\.Category\\.AcceptUser", false, null), + new Property("Glacier2\\.Filter\\.AdapterId\\.Accept", false, null), + new Property("Glacier2\\.Filter\\.Identity\\.Accept", false, null), + new Property("Glacier2\\.InstanceName", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.EndpointSelection", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.ConnectionCached", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.PreferSecure", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.InvocationTimeout", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.Locator", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.Router", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.CollocationOptimized", false, null), + new Property("Glacier2\\.PermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.PermissionsVerifier", false, null), + new Property("Glacier2\\.ReturnClientProxy", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.EndpointSelection", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.ConnectionCached", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.PreferSecure", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.InvocationTimeout", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.Locator", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.Router", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.CollocationOptimized", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.SSLPermissionsVerifier", false, null), + new Property("Glacier2\\.RoutingTable\\.MaxSize", false, null), + new Property("Glacier2\\.Server\\.ACM\\.Timeout", false, null), + new Property("Glacier2\\.Server\\.ACM\\.Heartbeat", false, null), + new Property("Glacier2\\.Server\\.ACM\\.Close", false, null), + new Property("Glacier2\\.Server\\.ACM", false, null), + new Property("Glacier2\\.Server\\.AdapterId", false, null), + new Property("Glacier2\\.Server\\.Endpoints", false, null), + new Property("Glacier2\\.Server\\.Locator\\.EndpointSelection", false, null), + new Property("Glacier2\\.Server\\.Locator\\.ConnectionCached", false, null), + new Property("Glacier2\\.Server\\.Locator\\.PreferSecure", false, null), + new Property("Glacier2\\.Server\\.Locator\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Server\\.Locator\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Server\\.Locator\\.Locator", false, null), + new Property("Glacier2\\.Server\\.Locator\\.Router", false, null), + new Property("Glacier2\\.Server\\.Locator\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Server\\.Locator\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Server\\.Locator", false, null), + new Property("Glacier2\\.Server\\.PublishedEndpoints", false, null), + new Property("Glacier2\\.Server\\.ReplicaGroupId", false, null), + new Property("Glacier2\\.Server\\.Router\\.EndpointSelection", false, null), + new Property("Glacier2\\.Server\\.Router\\.ConnectionCached", false, null), + new Property("Glacier2\\.Server\\.Router\\.PreferSecure", false, null), + new Property("Glacier2\\.Server\\.Router\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.Server\\.Router\\.InvocationTimeout", false, null), + new Property("Glacier2\\.Server\\.Router\\.Locator", false, null), + new Property("Glacier2\\.Server\\.Router\\.Router", false, null), + new Property("Glacier2\\.Server\\.Router\\.CollocationOptimized", false, null), + new Property("Glacier2\\.Server\\.Router\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.Server\\.Router", false, null), + new Property("Glacier2\\.Server\\.ProxyOptions", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.Size", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.SizeMax", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.SizeWarn", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.StackSize", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.Serialize", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadIdleTime", false, null), + new Property("Glacier2\\.Server\\.ThreadPool\\.ThreadPriority", false, null), + new Property("Glacier2\\.Server\\.MessageSizeMax", false, null), + new Property("Glacier2\\.Server\\.Buffered", false, null), + new Property("Glacier2\\.Server\\.ForwardContext", false, null), + new Property("Glacier2\\.Server\\.SleepTime", false, null), + new Property("Glacier2\\.Server\\.Trace\\.Override", false, null), + new Property("Glacier2\\.Server\\.Trace\\.Request", false, null), + new Property("Glacier2\\.SessionManager\\.EndpointSelection", false, null), + new Property("Glacier2\\.SessionManager\\.ConnectionCached", false, null), + new Property("Glacier2\\.SessionManager\\.PreferSecure", false, null), + new Property("Glacier2\\.SessionManager\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.SessionManager\\.InvocationTimeout", false, null), + new Property("Glacier2\\.SessionManager\\.Locator", false, null), + new Property("Glacier2\\.SessionManager\\.Router", false, null), + new Property("Glacier2\\.SessionManager\\.CollocationOptimized", false, null), + new Property("Glacier2\\.SessionManager\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.SessionManager", false, null), + new Property("Glacier2\\.SSLSessionManager\\.EndpointSelection", false, null), + new Property("Glacier2\\.SSLSessionManager\\.ConnectionCached", false, null), + new Property("Glacier2\\.SSLSessionManager\\.PreferSecure", false, null), + new Property("Glacier2\\.SSLSessionManager\\.LocatorCacheTimeout", false, null), + new Property("Glacier2\\.SSLSessionManager\\.InvocationTimeout", false, null), + new Property("Glacier2\\.SSLSessionManager\\.Locator", false, null), + new Property("Glacier2\\.SSLSessionManager\\.Router", false, null), + new Property("Glacier2\\.SSLSessionManager\\.CollocationOptimized", false, null), + new Property("Glacier2\\.SSLSessionManager\\.Context\\.[^\\s]+", false, null), + new Property("Glacier2\\.SSLSessionManager", false, null), + new Property("Glacier2\\.Trace\\.RoutingTable", false, null), + new Property("Glacier2\\.Trace\\.Session", false, null), + null + }; - public static final Property Glacier2CryptPermissionsVerifierProps[] = - { - new Property("Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.PermissionsVerifier", false, null), - new Property("Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.AdminPermissionsVerifier", false, null), - null - }; + public static final Property Glacier2CryptPermissionsVerifierProps[] = { + new Property("Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.PermissionsVerifier", false, null), + new Property( + "Glacier2CryptPermissionsVerifier\\.[^\\s]+\\.AdminPermissionsVerifier", false, null), + null + }; - public static final Property[] validProps[] = - { - IceProps, - IceMXProps, - IceDiscoveryProps, - IceLocatorDiscoveryProps, - IceBoxProps, - IceBoxAdminProps, - IceBridgeProps, - IceGridAdminProps, - IceGridProps, - IceSSLProps, - IceStormAdminProps, - IceBTProps, - Glacier2Props, - Glacier2CryptPermissionsVerifierProps, - null - }; + public static final Property[] validProps[] = { + IceProps, + IceMXProps, + IceDiscoveryProps, + IceLocatorDiscoveryProps, + IceBoxProps, + IceBoxAdminProps, + IceBridgeProps, + IceGridAdminProps, + IceGridProps, + IceSSLProps, + IceStormAdminProps, + IceBTProps, + Glacier2Props, + Glacier2CryptPermissionsVerifierProps, + null + }; - public static final String clPropNames[] = - { - "Ice", - "IceMX", - "IceDiscovery", - "IceLocatorDiscovery", - "IceBox", - "IceBoxAdmin", - "IceBridge", - "IceGridAdmin", - "IceGrid", - "IceSSL", - "IceStormAdmin", - "IceBT", - "Glacier2", - "Glacier2CryptPermissionsVerifier", - null - }; + public static final String clPropNames[] = { + "Ice", + "IceMX", + "IceDiscovery", + "IceLocatorDiscovery", + "IceBox", + "IceBoxAdmin", + "IceBridge", + "IceGridAdmin", + "IceGrid", + "IceSSL", + "IceStormAdmin", + "IceBT", + "Glacier2", + "Glacier2CryptPermissionsVerifier", + null + }; } diff --git a/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java b/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java index e6479b07afb..ad3eeb36610 100644 --- a/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java +++ b/java/src/Ice/src/main/java/com/zeroc/IceSSL/SSLEngine.java @@ -49,13 +49,6 @@ public void initialize() { // _serverNameIndication = properties.getPropertyAsIntWithDefault(prefix + "CheckCertName", 0) > 1; - // - // VerifyDepthMax establishes the maximum length of a peer's certificate - // chain, including the peer's certificate. A value of 0 means there is - // no maximum. - // - _verifyDepthMax = properties.getPropertyAsIntWithDefault(prefix + "VerifyDepthMax", 3); - // // VerifyPeer determines whether certificate validation failures abort a // connection. @@ -514,26 +507,6 @@ void verifyPeer(String address, ConnectionInfo info, String desc) { } } - // Verify depth max includes the root CA, Java doesn't provide it in the - // certificate chain. - if (_verifyDepthMax > 0 && info.certs != null && info.certs.length >= _verifyDepthMax) { - String msg = - (info.incoming ? "incoming" : "outgoing") - + " connection rejected:\n" - + "length of peer's certificate chain (" - + info.certs.length - + ") exceeds maximum of " - + _verifyDepthMax - + "\n" - + desc; - if (_securityTraceLevel >= 1) { - _logger.trace(_securityTraceCategory, msg); - } - com.zeroc.Ice.SecurityException ex = new com.zeroc.Ice.SecurityException(); - ex.reason = msg; - throw ex; - } - if (!_trustManager.verify(info, desc)) { String msg = (info.incoming ? "incoming" : "outgoing") @@ -665,7 +638,6 @@ private static class CipherExpression { private boolean _noCiphers; private boolean _checkCertName; private boolean _serverNameIndication; - private int _verifyDepthMax; private int _verifyPeer; private TrustManager _trustManager; diff --git a/java/test/src/main/java/test/IceSSL/configuration/AllTests.java b/java/test/src/main/java/test/IceSSL/configuration/AllTests.java index 58e4cb2ed50..ea0eb8928e9 100644 --- a/java/test/src/main/java/test/IceSSL/configuration/AllTests.java +++ b/java/test/src/main/java/test/IceSSL/configuration/AllTests.java @@ -44,7 +44,6 @@ private static InitializationData createClientProps(com.zeroc.Ice.Properties def initData.properties.setProperty("Ice.IPv6", defaultProperties.getProperty("Ice.IPv6")); } initData.properties.setProperty("Ice.RetryIntervals", "-1"); - initData.properties.setProperty("IceSSL.Random", "seed.dat"); return initData; } @@ -69,7 +68,6 @@ private static java.util.Map createServerProps( if (defaultProperties.getProperty("Ice.IPv6").length() > 0) { result.put("Ice.IPv6", defaultProperties.getProperty("Ice.IPv6")); } - result.put("IceSSL.Random", "seed.dat"); return result; } @@ -563,181 +561,6 @@ public static ServerFactoryPrx allTests(test.TestHelper helper, String testDir) InitializationData initData; java.util.Map d; - out.print("testing certificate chains... "); - out.flush(); - { - com.zeroc.IceSSL.ConnectionInfo info; - - // - // Now the client verifies the server certificate - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - com.zeroc.Ice.Communicator comm = Util.initialize(initData); - - ServerFactoryPrx fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - ServerPrx server; - { - d = createServerProps(defaultProperties, "s_rsa_ca1", ""); - d.put("IceSSL.VerifyPeer", "0"); - server = fact.createServer(d); - try { - info = (com.zeroc.IceSSL.ConnectionInfo) server.ice_getConnection().getInfo(); - test(info.certs.length == 1); - test(info.verified); - } catch (com.zeroc.Ice.LocalException ex) { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - } - - comm.destroy(); - - // - // Try certificate with one intermediate and VerifyDepthMax=2 - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "2"); - comm = Util.initialize(initData); - - fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai1", ""); - d.put("IceSSL.VerifyPeer", "0"); - server = fact.createServer(d); - try { - server.ice_getConnection().getInfo(); - test(false); - } catch (com.zeroc.Ice.SecurityException ex) { - // Chain length too long - } catch (com.zeroc.Ice.LocalException ex) { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - } - comm.destroy(); - - // - // Try with VerifyDepthMax to 3 (the default) - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - // initData.properties.setProperty("IceSSL.VerifyDepthMax", "3"); - comm = Util.initialize(initData); - - fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai1", ""); - d.put("IceSSL.VerifyPeer", "0"); - server = fact.createServer(d); - try { - info = (com.zeroc.IceSSL.ConnectionInfo) server.ice_getConnection().getInfo(); - test(info.certs.length == 2); - test(info.verified); - } catch (com.zeroc.Ice.LocalException ex) { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - } - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", ""); - d.put("IceSSL.VerifyPeer", "0"); - server = fact.createServer(d); - try { - server.ice_getConnection().getInfo(); - test(false); - } catch (com.zeroc.Ice.SecurityException ex) { - // Chain length too long - } - fact.destroyServer(server); - } - comm.destroy(); - - // - // Increase VerifyDepthMax to 4 - // - initData = createClientProps(defaultProperties, "", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "4"); - comm = Util.initialize(initData); - - fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", ""); - d.put("IceSSL.VerifyPeer", "0"); - server = fact.createServer(d); - try { - info = (com.zeroc.IceSSL.ConnectionInfo) server.ice_getConnection().getInfo(); - test(info.certs.length == 3); - test(info.verified); - } catch (com.zeroc.Ice.LocalException ex) { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - } - - comm.destroy(); - - // - // Increase VerifyDepthMax to 4 - // - initData = createClientProps(defaultProperties, "c_rsa_cai2", "cacert1"); - initData.properties.setProperty("IceSSL.VerifyPeer", "1"); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "4"); - comm = Util.initialize(initData); - - fact = ServerFactoryPrx.checkedCast(comm.stringToProxy(factoryRef)); - test(fact != null); - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", "cacert1"); - d.put("IceSSL.VerifyPeer", "2"); - server = fact.createServer(d); - try { - server.ice_getConnection(); - test(false); - } catch (com.zeroc.Ice.ProtocolException ex) { - // Expected - } catch (com.zeroc.Ice.ConnectionLostException ex) { - // Expected - } catch (com.zeroc.Ice.LocalException ex) { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - } - - { - d = createServerProps(defaultProperties, "s_rsa_cai2", "cacert1"); - d.put("IceSSL.VerifyPeer", "2"); - d.put("IceSSL.VerifyDepthMax", "4"); - server = fact.createServer(d); - try { - server.ice_getConnection(); - } catch (com.zeroc.Ice.LocalException ex) { - ex.printStackTrace(); - test(false); - } - fact.destroyServer(server); - } - - comm.destroy(); - } - out.println("ok"); - out.print("testing expired certificates... "); out.flush(); { @@ -1476,7 +1299,6 @@ public static ServerFactoryPrx allTests(test.TestHelper helper, String testDir) int retryCount = 0; initData = createClientProps(defaultProperties); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "5"); initData.properties.setProperty("Ice.Override.Timeout", "5000"); // 5s timeout com.zeroc.Ice.Communicator comm = Util.initialize(initData); com.zeroc.Ice.ObjectPrx p = @@ -1513,7 +1335,6 @@ public static ServerFactoryPrx allTests(test.TestHelper helper, String testDir) retryCount = 0; initData = createClientProps(defaultProperties); - initData.properties.setProperty("IceSSL.VerifyDepthMax", "5"); initData.properties.setProperty("Ice.Override.Timeout", "5000"); // 5s timeout initData.properties.setProperty("IceSSL.UsePlatformCAs", "1"); comm = Util.initialize(initData); diff --git a/swift/src/Ice/CommunicatorI.swift b/swift/src/Ice/CommunicatorI.swift index f0f20d499c4..31aa5202035 100644 --- a/swift/src/Ice/CommunicatorI.swift +++ b/swift/src/Ice/CommunicatorI.swift @@ -282,24 +282,6 @@ extension Communicator { } } - /// Establish the password prompt object. This must be done before - /// the IceSSL plug-in is initialized. - /// - /// - parameter prompt: `(() -> String)` - The password prompt. - public func setSslPasswordPrompt(prompt: @escaping (() -> String)) { - (self as! CommunicatorI).handle.setSslPasswordPrompt(prompt) - } - - /// Establish the certificate verifier objet. This must be done before - /// any connection are established. - /// - /// - parameter prompt: `((SSLConnectionInfo) -> Bool)` The certificate verifier. - public func setSslCertificateVerifier(verifier: @escaping ((SSLConnectionInfo) -> Bool)) { - (self as! CommunicatorI).handle.setSslCertificateVerifier { info in - verifier(info as! SSLConnectionInfo) - } - } - /// Initialize the configured plug-ins. The communicator automatically initializes /// the plug-ins by default, but an application may need to interact directly with /// a plug-in prior to initialization. In this case, the application must set diff --git a/swift/src/IceImpl/Communicator.h b/swift/src/IceImpl/Communicator.h index d8b89461d84..8e43ae63edc 100644 --- a/swift/src/IceImpl/Communicator.h +++ b/swift/src/IceImpl/Communicator.h @@ -63,8 +63,6 @@ ICEIMPL_API @interface ICECommunicator : ICELocalObject - (void)getDefaultEncoding:(uint8_t*)major minor:(uint8_t*)minor NS_SWIFT_NAME(getDefaultEncoding(major:minor:)); - (uint8_t)getDefaultFormat; -- (void)setSslCertificateVerifier:(nullable bool (^)(id))verifier; -- (void)setSslPasswordPrompt:(nullable NSString* (^)())prompt; - (BOOL)initializePlugins:(NSError**)error; @end diff --git a/swift/src/IceImpl/Communicator.mm b/swift/src/IceImpl/Communicator.mm index ad0c85d55eb..e463f675ba1 100644 --- a/swift/src/IceImpl/Communicator.mm +++ b/swift/src/IceImpl/Communicator.mm @@ -447,25 +447,6 @@ - (void)getDefaultEncoding:(std::uint8_t*)major minor:(std::uint8_t*)minor return [factory createUnsupported:self handle:[ICEUnsupportedAdminFacet getHandle:servant]]; } -- (void)setSslCertificateVerifier:(nullable bool (^)(id))verifier -{ - auto pluginManager = self.communicator->getPluginManager(); - auto plugin = std::dynamic_pointer_cast(pluginManager->getPlugin("IceSSL")); - assert(plugin); - - plugin->setCertificateVerifier( - [verifier](const std::shared_ptr& info) -> bool - { return verifier(createConnectionInfo(info)); }); -} - -- (void)setSslPasswordPrompt:(nullable NSString* (^)())prompt; -{ - auto pluginManager = self.communicator->getPluginManager(); - auto plugin = std::dynamic_pointer_cast(pluginManager->getPlugin("IceSSL")); - assert(plugin); - plugin->setPasswordPrompt([prompt] { return fromNSString(prompt()); }); -} - - (BOOL)initializePlugins:(NSError**)error { try diff --git a/swift/test/IceSSL/configuration/AllTests.swift b/swift/test/IceSSL/configuration/AllTests.swift index d31881c506f..d73b76ce345 100644 --- a/swift/test/IceSSL/configuration/AllTests.swift +++ b/swift/test/IceSSL/configuration/AllTests.swift @@ -440,295 +440,14 @@ public func allTests(_ helper: TestHelper, _ defaultDir: String) throws -> SSLSe } output.writeLine("ok") - output.write("testing certificate chains... ") - var properties = createClientProps(defaultProperties: defaultProperties, cert: "", ca: "") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "0") - var comm = try helper.initialize(properties) - var fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - // - // The client can't verify the server certificate but it should - // still provide it. "s_rsa_ca1" doesn't include the root so the - // cert size should be 1. - // - var d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "") - d["IceSSL.VerifyPeer"] = "0" - var server = try fact.createServer(d)! - var info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.certs.count == 1) - try test(!info.verified) - try fact.destroyServer(server) - - // - // Setting the CA for the server shouldn't change anything, it - // shouldn't modify the cert chain sent to the client. - // - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "cacert1") - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.certs.count == 1) - try test(!info.verified) - try fact.destroyServer(server) - - // - // The client can't verify the server certificate but should - // still provide it. "s_rsa_wroot_ca1" includes the root so - // the cert size should be 2. - // - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_wroot_ca1", ca: "") - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.certs.count == 2) - try test(!info.verified) - try fact.destroyServer(server) - - comm.destroy() - - // - // Now the client verifies the server certificate - // - properties = createClientProps(defaultProperties: defaultProperties, cert: "", ca: "cacert1") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "1") - comm = try helper.initialize(properties) - - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "") - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.certs.count == 2) - try test(info.verified) - try fact.destroyServer(server) - comm.destroy() - - // - // Try certificate with one intermediate and VerifyDepthMax=2 - // - properties = createClientProps(defaultProperties: defaultProperties, cert: "", ca: "cacert1") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "1") - properties.setProperty(key: "IceSSL.VerifyDepthMax", value: "2") - comm = try helper.initialize(properties) - - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_cai1", ca: "") - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - do { - _ = try server.ice_getConnection()!.getInfo() - try test(false) - } catch is Ice.SecurityException { - // Chain length too long - } - try fact.destroyServer(server) - comm.destroy() - - // - // Try with VerifyDepthMax set to 3 (the default) - // - properties = createClientProps(defaultProperties: defaultProperties, cert: "", ca: "cacert1") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "1") - // initData.properties->setProperty("IceSSL.VerifyDepthMax", "3"); - comm = try helper.initialize(properties) - - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_cai1", ca: "") - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.certs.count == 3) - try test(info.verified) - try fact.destroyServer(server) - - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_cai2", ca: "") - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - do { - _ = try server.ice_getConnection()!.getInfo() - try test(false) - } catch is Ice.SecurityException { - // Chain length too long - } - try fact.destroyServer(server) - comm.destroy() - - // - // Increase VerifyDepthMax to 4 - // - properties = createClientProps(defaultProperties: defaultProperties, cert: "", ca: "cacert1") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "1") - properties.setProperty(key: "IceSSL.VerifyDepthMax", value: "4") - comm = try helper.initialize(properties) - - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_cai2", ca: "") - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.certs.count == 4) - try test(info.verified) - try fact.destroyServer(server) - - comm.destroy() - - // - // Increase VerifyDepthMax to 4 - // - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_cai2", ca: "cacert1") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "1") - properties.setProperty(key: "IceSSL.VerifyDepthMax", value: "4") - comm = try helper.initialize(properties) - - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_cai2", ca: "cacert1") - d["IceSSL.VerifyPeer"] = "2" - server = try fact.createServer(d)! - do { - _ = try server.ice_getConnection() - } catch is Ice.ProtocolException { - // Expected - } catch is Ice.ConnectionLostException { - // Expected - } - try fact.destroyServer(server) - - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_cai2", ca: "cacert1") - d["IceSSL.VerifyPeer"] = "2" - d["IceSSL.VerifyDepthMax"] = "4" - server = try fact.createServer(d)! - _ = try server.ice_getConnection() - try fact.destroyServer(server) - - comm.destroy() - - output.writeLine("ok") - - output.write("testing custom certificate verifier... ") - - // - // ADH is allowed but will not have a certificate. - // - properties = createClientProps(defaultProperties) - properties.setProperty(key: "IceSSL.Ciphers", value: "(DH_anon*)") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "0") - comm = try helper.initialize(properties) - - var invoked = false - var certs: [SecCertificate] = [] - - comm.setSslCertificateVerifier { info in - certs = info.certs - invoked = true - return true - } - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties) - - var cipherSub = "DH_anon" - d["IceSSL.Ciphers"] = "(DH_anon*)" - d["IceSSL.VerifyPeer"] = "0" - - server = try fact.createServer(d)! - try server.checkCipher(cipherSub) - info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.cipher.starts(with: cipherSub)) - try test(invoked) - try test(certs.isEmpty) - - // - // Have the verifier return false. Close the connection explicitly - // to force a new connection to be established. - // - invoked = false - certs = [] - comm.setSslCertificateVerifier { info in - certs = info.certs - invoked = true - return false - } - try server.ice_getConnection()!.close(.GracefullyWithWait) - do { - try server.ice_ping() - try test(false) - } catch is SecurityException { - // Expected. - } - try test(invoked) - try test(certs.isEmpty) - - try fact.destroyServer(server) - comm.destroy() - - // - // Verify that a server certificate is present. - // - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_ca1", ca: "cacert1") - properties.setProperty(key: "IceSSL.VerifyPeer", value: "0") - comm = try helper.initialize(properties) - - invoked = false - certs = [] - comm.setSslCertificateVerifier { info in - certs = info.certs - invoked = true - return true - } - - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "cacert1") - d["IceSSL.VerifyPeer"] = "2" - server = try fact.createServer(d)! - try server.ice_ping() - - try test(invoked) - try test(certs.count > 0) - try fact.destroyServer(server) - comm.destroy() - output.writeLine("ok") - - output.write("testing expired certificates... ") - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_ca1", ca: "cacert1") - comm = try helper.initialize(properties) - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1_exp", ca: "cacert1") - server = try fact.createServer(d)! - do { - try server.ice_ping() - try test(false) - } catch is SecurityException { - // Expected. - } - try fact.destroyServer(server) - comm.destroy() - - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_ca1_exp", ca: "cacert1") - comm = try helper.initialize(properties) - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "cacert1") - server = try fact.createServer(d)! - do { - try server.ice_ping() - try test(false) - } catch is ConnectionLostException { - // Expected. - } - try fact.destroyServer(server) - comm.destroy() - - output.writeLine("ok") - output.write("testing multiple CA certificates... ") - properties = createClientProps( + var properties = createClientProps( defaultProperties: defaultProperties, cert: "c_rsa_ca1", ca: "cacerts") - comm = try helper.initialize(properties) - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca2", ca: "cacerts") + var comm = try helper.initialize(properties) + var fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! + var d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca2", ca: "cacerts") d["IceSSL.VerifyPeer"] = "2" - server = try fact.createServer(d)! + var server = try fact.createServer(d)! _ = try server.ice_ping() try fact.destroyServer(server) comm.destroy() @@ -748,53 +467,6 @@ public func allTests(_ helper: TestHelper, _ defaultDir: String) throws -> SSLSe comm.destroy() output.writeLine("ok") - output.write("testing password prompt... ") - // - // Use the correct password. - // - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_pass_ca1", ca: "cacert1") - properties.setProperty(key: "IceSSL.Password", value: "") // Clear the password - properties.setProperty(key: "Ice.InitPlugins", value: "0") - comm = try helper.initialize(properties) - var count = 0 - comm.setSslPasswordPrompt { - count += 1 - return "client" - } - try comm.initializePlugins() - try test(count == 1) - - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "cacert1") - server = try fact.createServer(d)! - try server.ice_ping() - try fact.destroyServer(server) - comm.destroy() - - // - // Use an incorrect password and check that retries are attempted. - // - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_pass_ca1", ca: "cacert1") - properties.setProperty(key: "IceSSL.Password", value: "") // Clear password - properties.setProperty(key: "IceSSL.PasswordRetryMax", value: "4") - properties.setProperty(key: "Ice.InitPlugins", value: "0") - comm = try helper.initialize(properties) - count = 0 - comm.setSslPasswordPrompt { - count += 1 - return "invalid" - } - do { - try comm.initializePlugins() - } catch is PluginInitializationException { - // Expected. - } - try test(count == 4) - comm.destroy() - output.writeLine("ok") - output.write("testing ciphers... ") properties = createClientProps( @@ -816,14 +488,14 @@ public func allTests(_ helper: TestHelper, _ defaultDir: String) throws -> SSLSe comm = try helper.initialize(properties) fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "cacert1") - cipherSub = "DH_anon" + let cipherSub = "DH_anon" d["IceSSL.Ciphers"] = "(RSA_*) (DH_anon*)" d["IceSSL.VerifyPeer"] = "1" server = try fact.createServer(d)! do { try server.checkCipher(cipherSub) - info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo + let info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo try test(info.cipher.starts(with: cipherSub)) } catch is LocalException { // @@ -846,22 +518,6 @@ public func allTests(_ helper: TestHelper, _ defaultDir: String) throws -> SSLSe } catch is Ice.PluginInitializationException { // Expected when disabled all cipher suites. } - - // - // Test IceSSL.DHParams - // - properties = createClientProps(defaultProperties) - properties.setProperty(key: "IceSSL.Ciphers", value: "(DH_anon*)") - comm = try helper.initialize(properties) - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties) - d["IceSSL.Ciphers"] = "(DH_anon*)" - d["IceSSL.DHParams"] = "dh_params1024.der" - d["IceSSL.VerifyPeer"] = "0" - server = try fact.createServer(d)! - try server.checkCipher("DH_anon") - try fact.destroyServer(server) - comm.destroy() output.writeLine("ok") output.write("testing IceSSL.TrustOnly... ") From b57119f34a2f75987f6f03523810fbc94a5509fa Mon Sep 17 00:00:00 2001 From: Jose Date: Wed, 10 Apr 2024 12:53:22 +0200 Subject: [PATCH 06/28] Minor fixes --- cpp/src/IceSSL/OpenSSLEngine.cpp | 30 +++------------------- cpp/test/IceSSL/configuration/AllTests.cpp | 8 +++--- 2 files changed, 7 insertions(+), 31 deletions(-) diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 8da4c23e555..82273d1f232 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -96,26 +96,6 @@ OpenSSL::SSLEngine::initialize() const string propPrefix = "IceSSL."; PropertiesPtr properties = communicator()->getProperties(); - // - // Protocols selects which protocols to enable, by default we only enable TLS1.0 - // TLS1.1 and TLS1.2 to avoid security issues with SSLv3 - // - vector defaultProtocols; -#if defined(TLS1_VERSION) && !defined(OPENSSL_NO_TLS1_METHOD) - defaultProtocols.push_back("tls1_0"); -#endif - -#if defined(TLS1_1_VERSION) && !defined(OPENSSL_NO_TLS1_1_METHOD) - defaultProtocols.push_back("tls1_1"); -#endif - -#if defined(TLS1_2_VERSION) && !defined(OPENSSL_NO_TLS1_2_METHOD) - defaultProtocols.push_back("tls1_2"); -#endif - -#if defined(TLS1_3_VERSION) && !defined(OPENSSL_NO_TLS1_3_METHOD) - defaultProtocols.push_back("tls1_3"); -#endif // Create an SSL context if the application hasn't supplied one. if (!_ctx) { @@ -150,8 +130,8 @@ OpenSSL::SSLEngine::initialize() { string path = properties->getProperty(propPrefix + "CAs"); string resolved; - const char* file = 0; - const char* dir = 0; + const char* file = nullptr; + const char* dir = nullptr; if (!path.empty()) { if (checkPath(path, defaultDir, false, resolved)) @@ -205,10 +185,8 @@ OpenSSL::SSLEngine::initialize() } } - // - // Establish the certificate chains and private keys. One RSA certificate and - // one DSA certificate are allowed. - // + // Establish the certificate chains and private keys. One RSA certificate and one DSA certificate are + // allowed. string certFile = properties->getProperty(propPrefix + "CertFile"); string keyFile = properties->getProperty(propPrefix + "KeyFile"); bool keyLoaded = false; diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index fee608e5b8a..3d488b95c93 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -195,7 +195,7 @@ class ImportCerts if (IceSSL::checkPath(certificates[i], defaultDir, false, resolved)) { IceInternal::UniqueRef certs( - IceSSL::SecureTransport::loadCertificateChain(resolved, "", "", "", "password", 0, 0)); + IceSSL::SecureTransport::loadCertificateChain(resolved, "", "", "", "password")); SecIdentityRef identity = static_cast(const_cast(CFArrayGetValueAtIndex(certs.get(), 0))); CFRetain(identity); @@ -2750,8 +2750,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) "SUBJECTKEYID:'EB 4A 7A 79 09 65 0F 45 40 E8 8C E6 A8 27 74 34 AB EA AF 48'", "SERIAL:01", "SERIAL:01 LABEL:Server", - 0 - }; + 0}; const char* failFindCertProperties[] = { "nolabel", @@ -2765,8 +2764,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) "SUBJECTKEYID:'a6 42 aa 17 04 41 86 56 67 e4 04 64 59 34 30 c7 4c 6b ef ff'", "SERIAL:04", "SERIAL:04 LABEL:Client", - 0 - }; + 0}; const char* certificates[] = {"/s_rsa_ca1.p12", "/c_rsa_ca1.p12", 0}; ImportCerts import(defaultDir, certificates); From a71ffde3e80cd2e96df2248be4e093e7d57fe795 Mon Sep 17 00:00:00 2001 From: Jose Date: Wed, 10 Apr 2024 15:48:54 +0200 Subject: [PATCH 07/28] Cleanup --- cpp/src/IceSSL/OpenSSLEngine.cpp | 63 ++++++++++--------------------- cpp/src/IceSSL/OpenSSLEngine.h | 2 - cpp/src/IceSSL/SChannelEngine.cpp | 59 +++++++++++++++-------------- 3 files changed, 50 insertions(+), 74 deletions(-) diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 82273d1f232..f5d876938f3 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -99,7 +99,7 @@ OpenSSL::SSLEngine::initialize() // Create an SSL context if the application hasn't supplied one. if (!_ctx) { - _ctx = SSL_CTX_new(getMethod()); + _ctx = SSL_CTX_new(TLS_method()); if (!_ctx) { throw PluginInitializationException( @@ -203,9 +203,8 @@ OpenSSL::SSLEngine::initialize() "IceSSL: invalid value for " + propPrefix + "CertFile:\n" + certFile); } numCerts = files.size(); - for (vector::iterator p = files.begin(); p != files.end(); ++p) + for (const string& file : files) { - string file = *p; string resolved; if (!checkPath(file, defaultDir, false, resolved)) { @@ -214,11 +213,10 @@ OpenSSL::SSLEngine::initialize() __LINE__, "IceSSL: certificate file not found:\n" + file); } - file = resolved; // First we try to load the certificate using PKCS12 format if that fails we fallback to PEM format. vector buffer; - readFile(file, buffer); + readFile(resolved, buffer); int success = 0; const unsigned char* b = @@ -226,28 +224,13 @@ OpenSSL::SSLEngine::initialize() PKCS12* p12 = d2i_PKCS12(0, &b, static_cast(buffer.size())); if (p12) { - EVP_PKEY* key = 0; - X509* cert = 0; - STACK_OF(X509)* chain = 0; + EVP_PKEY* key = nullptr; + X509* cert = nullptr; + STACK_OF(X509)* chain = nullptr; - int count = 0; try { - ERR_clear_error(); - // chain may have a bogus value from a previous call to PKCS12_parse, so we reset it prior - // to each call. - key = 0; - cert = 0; - chain = 0; - if ((success = PKCS12_parse(p12, password().c_str(), &key, &cert, &chain)) == 0) - { - if (passwordError()) - { - count++; - continue; - } - break; - } + success = PKCS12_parse(p12, _password.c_str(), &key, &cert, &chain); if (!cert || !SSL_CTX_use_certificate(_ctx, cert)) { @@ -272,7 +255,7 @@ OpenSSL::SSLEngine::initialize() { // Pop each cert from the stack so we can free the stack later. // The CTX destruction will take care of the certificates - X509* c = 0; + X509* c = nullptr; while ((c = sk_X509_pop(chain)) != 0) { if (!SSL_CTX_add_extra_chain_cert(_ctx, c)) @@ -317,9 +300,8 @@ OpenSSL::SSLEngine::initialize() } else { - // The certificate may be stored in an encrypted file, so handle password retries. - ERR_clear_error(); - success = SSL_CTX_use_certificate_chain_file(_ctx, file.c_str()); + // The certificate may be stored in an encrypted file. + success = SSL_CTX_use_certificate_chain_file(_ctx, resolved.c_str()); } if (!success) @@ -346,6 +328,7 @@ OpenSSL::SSLEngine::initialize() { keyFile = certFile; // Assume the certificate file also contains the private key. } + if (!keyLoaded && !keyFile.empty()) { vector files; @@ -372,7 +355,6 @@ OpenSSL::SSLEngine::initialize() } // The private key may be stored in an encrypted file. - ERR_clear_error(); if (!SSL_CTX_use_PrivateKey_file(_ctx, resolved.c_str(), SSL_FILETYPE_PEM)) { ostringstream os; @@ -430,23 +412,23 @@ OpenSSL::SSLEngine::initialize() throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: add lookup failed"); } - for (vector::const_iterator it = crlFiles.begin(); it != crlFiles.end(); it++) + for (const string& crlFile : crlFiles) { - string file; - if (!checkPath(*it, defaultDir, false, file)) + string resolved; + if (!checkPath(crlFile, defaultDir, false, resolved)) { throw PluginInitializationException( __FILE__, __LINE__, - "IceSSL: CRL file not found `" + *it + "'"); + "IceSSL: CRL file not found `" + crlFile + "'"); } - if (X509_LOOKUP_load_file(lookup, file.c_str(), X509_FILETYPE_PEM) == 0) + if (X509_LOOKUP_load_file(lookup, resolved.c_str(), X509_FILETYPE_PEM) == 0) { throw PluginInitializationException( __FILE__, __LINE__, - "IceSSL: CRL load failure `" + *it + "'"); + "IceSSL: CRL load failure `" + crlFile + "'"); } } @@ -524,7 +506,7 @@ OpenSSL::SSLEngine::initialize() // or the application supplied it. // SSL_CTX_free(_ctx); - _ctx = 0; + _ctx = nullptr; throw; } @@ -561,7 +543,7 @@ OpenSSL::SSLEngine::destroy() if (_ctx) { SSL_CTX_free(_ctx); - _ctx = 0; + _ctx = nullptr; } } @@ -574,10 +556,3 @@ OpenSSL::SSLEngine::createTransceiver( { return make_shared(instance, delegate, hostOrAdapterName, incoming); } - -SSL_METHOD* -OpenSSL::SSLEngine::getMethod() -{ - SSL_METHOD* meth = const_cast(TLS_method()); - return meth; -} diff --git a/cpp/src/IceSSL/OpenSSLEngine.h b/cpp/src/IceSSL/OpenSSLEngine.h index 7a733d1ecdc..44baa5dc30c 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.h +++ b/cpp/src/IceSSL/OpenSSLEngine.h @@ -32,8 +32,6 @@ namespace IceSSL std::string password() const { return _password; } private: - SSL_METHOD* getMethod(); - SSL_CTX* _ctx; std::string _password; }; diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp index fea17f26e69..173f0795605 100644 --- a/cpp/src/IceSSL/SChannelEngine.cpp +++ b/cpp/src/IceSSL/SChannelEngine.cpp @@ -74,18 +74,13 @@ namespace vector findCertificates(const string& location, const string& storeName, const string& value, vector& stores) { - DWORD storeLoc; - if (location == "CurrentUser") - { - storeLoc = CERT_SYSTEM_STORE_CURRENT_USER; - } - else - { - storeLoc = CERT_SYSTEM_STORE_LOCAL_MACHINE; - } + HCERTSTORE store = CertOpenStore( + CERT_STORE_PROV_SYSTEM, + 0, + 0, + location == "CurrentUser" ? CERT_SYSTEM_STORE_CURRENT_USER : CERT_SYSTEM_STORE_LOCAL_MACHINE, + Ice::stringToWstring(storeName).c_str()); - HCERTSTORE store = - CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, storeLoc, Ice::stringToWstring(storeName).c_str()); if (!store) { throw PluginInitializationException( @@ -558,7 +553,7 @@ SChannel::SSLEngine::initialize() { // // BUGFIX: we use a global mutex for the initialization of SChannel to - // avoid crashes ocurring with last SChannel updates see: + // avoid crashes occurring with last SChannel updates see: // https://github.com/zeroc-ice/ice/issues/242 // lock_guard globalLock(globalMutex); @@ -619,7 +614,7 @@ SChannel::SSLEngine::initialize() } // - // Create trusted CA store with contents of CertAuthFile + // Create trusted CA store with contents of IceSSL.CAs // string caFile = properties->getProperty(prefix + "CAs"); if (!caFile.empty() || properties->getPropertyAsInt("IceSSL.UsePlatformCAs") <= 0) @@ -679,19 +674,19 @@ SChannel::SSLEngine::initialize() _chainEngine = (certStoreLocation == "LocalMachine") ? HCCE_LOCAL_MACHINE : HCCE_CURRENT_USER; } - string certFile = properties->getProperty(prefix + "CertFile"); + string certFileValue = properties->getProperty(prefix + "CertFile"); string keyFile = properties->getProperty(prefix + "KeyFile"); string findCert = properties->getProperty("IceSSL.FindCert"); - if (!certFile.empty()) + if (!certFileValue.empty()) { vector certFiles; - if (!splitString(certFile, IceUtilInternal::pathsep, certFiles) || certFiles.size() > 2) + if (!splitString(certFileValue, IceUtilInternal::pathsep, certFiles) || certFiles.size() > 2) { throw PluginInitializationException( __FILE__, __LINE__, - "IceSSL: invalid value for " + prefix + "CertFile:\n" + certFile); + "IceSSL: invalid value for " + prefix + "CertFile:\n" + certFileValue); } vector keyFiles; @@ -714,24 +709,27 @@ SChannel::SSLEngine::initialize() } } - for (size_t i = 0; i < certFiles.size(); ++i) + for (int i = 0; i < certFiles.size(); ++i) { - string cFile = certFiles[i]; + string certFile = certFiles[i]; string resolved; - if (!checkPath(cFile, defaultDir, false, resolved)) + if (!checkPath(certFile, defaultDir, false, resolved)) { throw PluginInitializationException( __FILE__, __LINE__, - "IceSSL: certificate file not found:\n" + cFile); + "IceSSL: certificate file not found:\n" + certFile); } - cFile = resolved; + certFile = resolved; vector buffer; - readFile(cFile, buffer); + readFile(certFile, buffer); if (buffer.empty()) { - throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: certificate file is empty:\n" + cFile); + throw PluginInitializationException( + __FILE__, + __LINE__, + "IceSSL: certificate file is empty:\n" + certFile); } CRYPT_DATA_BLOB pfxBlob; @@ -753,11 +751,16 @@ SChannel::SSLEngine::initialize() memset(¶, 0, sizeof(CERT_CHAIN_FIND_BY_ISSUER_PARA)); para.cbSize = sizeof(CERT_CHAIN_FIND_BY_ISSUER_PARA); - DWORD ff = CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG; // Don't fetch anything from the Internet PCCERT_CHAIN_CONTEXT chain = 0; while (!cert) { - chain = CertFindChainInStore(store, X509_ASN_ENCODING, ff, CERT_CHAIN_FIND_BY_ISSUER, ¶, chain); + chain = CertFindChainInStore( + store, + X509_ASN_ENCODING, + CERT_CHAIN_FIND_BY_ISSUER_CACHE_ONLY_URL_FLAG, // Don't fetch anything from the Internet + CERT_CHAIN_FIND_BY_ISSUER, + ¶, + chain); if (!chain) { break; // No more chains found in the store. @@ -952,7 +955,7 @@ SChannel::SSLEngine::initialize() lastErrorToString()); } - addCertificatesToStore(cFile, store, &cert); + addCertificatesToStore(certFile, store, &cert); // Associate key & certificate. CRYPT_KEY_PROV_INFO keyProvInfo; @@ -966,7 +969,7 @@ SChannel::SSLEngine::initialize() throw PluginInitializationException( __FILE__, __LINE__, - "IceSSL: error seting certificate " + "IceSSL: error setting certificate " "property:\n" + lastErrorToString()); } From 2e0ddc81e6e2c8256e98a489282765946f960620 Mon Sep 17 00:00:00 2001 From: Jose Date: Wed, 10 Apr 2024 15:51:32 +0200 Subject: [PATCH 08/28] Fix clang format --- cpp/src/IceSSL/OpenSSLEngine.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index f5d876938f3..38e7594c9cf 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -412,7 +412,7 @@ OpenSSL::SSLEngine::initialize() throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: add lookup failed"); } - for (const string& crlFile : crlFiles) + for (const string& crlFile : crlFiles) { string resolved; if (!checkPath(crlFile, defaultDir, false, resolved)) From 604c690e014684e170a1f8a5aaec5066c594488f Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 10:58:18 +0200 Subject: [PATCH 09/28] Checkpoint --- cpp/include/IceSSL/Config.h | 31 ---- cpp/include/IceSSL/IceSSL.h | 3 - cpp/include/IceSSL/OpenSSL.h | 79 +-------- cpp/include/IceSSL/Plugin.h | 51 ++---- cpp/include/IceSSL/SChannel.h | 2 +- cpp/msbuild/ice.sln | 29 --- cpp/src/Ice/RegisterPluginsInit.cpp | 2 + cpp/src/Ice/msbuild/ice/ice.vcxproj | 21 ++- cpp/src/Ice/msbuild/ice/ice.vcxproj.filters | 44 ++++- cpp/src/IceSSL/CertificateI.cpp | 2 +- cpp/src/IceSSL/CertificateI.h | 8 +- cpp/src/IceSSL/IceSSL.rc | 33 ---- cpp/src/IceSSL/IceSSLOpenSSL.rc | 33 ---- cpp/src/IceSSL/OpenSSLPluginI.cpp | 28 --- cpp/src/IceSSL/OpenSSLTransceiverI.cpp | 4 +- cpp/src/IceSSL/PluginI.cpp | 46 ----- cpp/src/IceSSL/PluginI.h | 21 +-- cpp/src/IceSSL/RFC2253.h | 10 +- cpp/src/IceSSL/SChannelCertificateI.cpp | 2 +- cpp/src/IceSSL/SChannelEngine.cpp | 2 +- cpp/src/IceSSL/SChannelPluginI.cpp | 45 ----- cpp/src/IceSSL/SChannelTransceiverI.cpp | 4 +- cpp/src/IceSSL/SChannelTransceiverI.h | 4 +- .../{AcceptorI.cpp => SSLAcceptorI.cpp} | 8 +- .../IceSSL/{AcceptorI.h => SSLAcceptorI.h} | 2 +- .../{ConnectorI.cpp => SSLConnectorI.cpp} | 8 +- .../IceSSL/{ConnectorI.h => SSLConnectorI.h} | 2 +- .../{EndpointI.cpp => SSLEndpointI.cpp} | 8 +- .../IceSSL/{EndpointI.h => SSLEndpointI.h} | 2 +- cpp/src/IceSSL/SSLEngine.h | 6 +- cpp/src/IceSSL/SSLEngineF.h | 2 - .../IceSSL/{Instance.cpp => SSLInstance.cpp} | 2 +- cpp/src/IceSSL/{Instance.h => SSLInstance.h} | 4 +- .../IceSSL/{InstanceF.h => SSLInstanceF.h} | 0 cpp/src/IceSSL/{Util.cpp => SSLUtil.cpp} | 2 +- cpp/src/IceSSL/{Util.h => SSLUtil.h} | 6 +- cpp/src/IceSSL/SecureTransportPluginI.cpp | 49 ------ .../IceSSL/SecureTransportTransceiverI.cpp | 2 +- cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj | 157 ----------------- .../msbuild/icessl/icessl.vcxproj.filters | 165 ------------------ cpp/src/IceSSL/msbuild/icessl/packages.config | 4 - .../icesslopenssl/icesslopenssl.vcxproj | 120 ------------- .../icesslopenssl.vcxproj.filters | 96 ---------- .../msbuild/icesslopenssl/packages.config | 4 - 44 files changed, 122 insertions(+), 1031 deletions(-) delete mode 100644 cpp/include/IceSSL/Config.h delete mode 100644 cpp/src/IceSSL/IceSSL.rc delete mode 100644 cpp/src/IceSSL/IceSSLOpenSSL.rc rename cpp/src/IceSSL/{AcceptorI.cpp => SSLAcceptorI.cpp} (94%) rename cpp/src/IceSSL/{AcceptorI.h => SSLAcceptorI.h} (97%) rename cpp/src/IceSSL/{ConnectorI.cpp => SSLConnectorI.cpp} (94%) rename cpp/src/IceSSL/{ConnectorI.h => SSLConnectorI.h} (97%) rename cpp/src/IceSSL/{EndpointI.cpp => SSLEndpointI.cpp} (98%) rename cpp/src/IceSSL/{EndpointI.h => SSLEndpointI.h} (99%) rename cpp/src/IceSSL/{Instance.cpp => SSLInstance.cpp} (94%) rename cpp/src/IceSSL/{Instance.h => SSLInstance.h} (81%) rename cpp/src/IceSSL/{InstanceF.h => SSLInstanceF.h} (100%) rename cpp/src/IceSSL/{Util.cpp => SSLUtil.cpp} (99%) rename cpp/src/IceSSL/{Util.h => SSLUtil.h} (84%) delete mode 100644 cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj delete mode 100644 cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj.filters delete mode 100644 cpp/src/IceSSL/msbuild/icessl/packages.config delete mode 100644 cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj delete mode 100644 cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj.filters delete mode 100644 cpp/src/IceSSL/msbuild/icesslopenssl/packages.config diff --git a/cpp/include/IceSSL/Config.h b/cpp/include/IceSSL/Config.h deleted file mode 100644 index 6999dac5b70..00000000000 --- a/cpp/include/IceSSL/Config.h +++ /dev/null @@ -1,31 +0,0 @@ -// -// Copyright (c) ZeroC, Inc. All rights reserved. -// - -#ifndef ICESSL_CONFIG_H -#define ICESSL_CONFIG_H - -#include "Ice/Config.h" - -#ifndef ICESSL_API -# if defined(ICE_STATIC_LIBS) -# define ICESSL_API /**/ -# elif defined(ICESSL_API_EXPORTS) -# define ICESSL_API ICE_DECLSPEC_EXPORT -# else -# define ICESSL_API ICE_DECLSPEC_IMPORT -# endif -#endif - -// -// Automatically link IceSSL[D].lib with Visual C++ -// -#if !defined(ICE_BUILDING_ICESSL) && defined(ICESSL_API_EXPORTS) -# define ICE_BUILDING_ICESSL -#endif - -#if defined(_MSC_VER) && !defined(ICE_BUILDING_ICESSL) -# pragma comment(lib, ICE_LIBNAME("IceSSL")) -#endif - -#endif diff --git a/cpp/include/IceSSL/IceSSL.h b/cpp/include/IceSSL/IceSSL.h index 0e1f6ce7a8d..20de75e56bb 100644 --- a/cpp/include/IceSSL/IceSSL.h +++ b/cpp/include/IceSSL/IceSSL.h @@ -5,9 +5,6 @@ #ifndef ICESSL_ICESSL_H #define ICESSL_ICESSL_H -#include "Config.h" -#include "Plugin.h" - #if defined(_WIN32) # include "SChannel.h" #elif defined(__APPLE__) diff --git a/cpp/include/IceSSL/OpenSSL.h b/cpp/include/IceSSL/OpenSSL.h index 51f196979a8..a9b9358ef60 100644 --- a/cpp/include/IceSSL/OpenSSL.h +++ b/cpp/include/IceSSL/OpenSSL.h @@ -10,44 +10,6 @@ #include #include -// -// Automatically link IceSSLOpenSSL[D].lib with Visual C++ -// -#if defined(_MSC_VER) -# if !defined(ICE_BUILDING_ICESSL_OPENSSL) && defined(ICESSL_OPENSSL_API_EXPORTS) -# define ICE_BUILDING_ICESSL_OPENSSL -# endif - -# if !defined(ICE_BUILDING_ICESSL_OPENSSL) -# pragma comment(lib, ICE_LIBNAME("IceSSLOpenSSL")) -# endif -#endif - -#ifndef ICESSL_OPENSSL_API -# if defined(ICE_STATIC_LIBS) -# define ICESSL_OPENSSL_API /**/ -# elif defined(ICESSL_OPENSSL_API_EXPORTS) -# define ICESSL_OPENSSL_API ICE_DECLSPEC_EXPORT -# else -# define ICESSL_OPENSSL_API ICE_DECLSPEC_IMPORT -# endif -#endif - -#if defined(_WIN32) && !defined(ICESSL_OPENSSL_API_EXPORTS) - -namespace Ice -{ - /** - * When using static libraries, calling this function ensures the OpenSSL version of the IceSSL plug-in is - * linked with the application. - * @param loadOnInitialize If true, the plug-in is loaded (created) during communicator initialization. - * If false, the plug-in is only loaded during communicator initialization if its corresponding plug-in - * property is set to 1. - */ - ICE_PLUGIN_REGISTER_DECLSPEC_IMPORT void registerIceSSLOpenSSL(bool loadOnInitialize = true); -} -#endif - namespace IceSSL { namespace OpenSSL @@ -59,7 +21,7 @@ namespace IceSSL * Encapsulates an OpenSSL X.509 certificate. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_OPENSSL_API Certificate : public virtual IceSSL::Certificate + class ICE_API Certificate : public virtual IceSSL::Certificate { public: /** @@ -95,45 +57,6 @@ namespace IceSSL */ virtual x509_st* getCert() const = 0; }; - - /** - * Represents the IceSSL plug-in object. - * \headerfile IceSSL/IceSSL.h - */ - class ICESSL_OPENSSL_API Plugin : public virtual IceSSL::Plugin - { - public: - /** - * Obtains the OpenSSL version number. - * @return The version. - */ - virtual std::int64_t getOpenSSLVersion() const = 0; - - /** - * Establishes the OpenSSL context. This must be done before the - * plug-in is initialized, therefore the application must define - * the property Ice.InitPlugins=0, set the context, and finally - * invoke Ice::PluginManager::initializePlugins. - * - * When the application supplies its own OpenSSL context, the - * plug-in ignores configuration properties related to certificates, - * keys, and passwords. - * - * Note that the plug-in assumes ownership of the given context. - * - * @param ctx The OpenSSL context. - */ - virtual void setContext(SSL_CTX* ctx) = 0; - - /** - * Obtains the SSL context. Use caution when modifying this value. - * Changes made to this value have no effect on existing connections. - * @return The OpenSSL context. - */ - virtual SSL_CTX* getContext() = 0; - }; - using PluginPtr = std::shared_ptr; - } // OpenSSL namespace end } // IceSSL namespace end diff --git a/cpp/include/IceSSL/Plugin.h b/cpp/include/IceSSL/Plugin.h index 84b5f3fe39e..c552692ffd2 100644 --- a/cpp/include/IceSSL/Plugin.h +++ b/cpp/include/IceSSL/Plugin.h @@ -5,8 +5,8 @@ #ifndef ICESSL_PLUGIN_H #define ICESSL_PLUGIN_H -#include "Config.h" #include "ConnectionInfoF.h" +#include "Ice/Config.h" #include "Ice/Exception.h" #include "Ice/Plugin.h" @@ -68,9 +68,9 @@ namespace IceSSL UnknownTrustFailure, }; - ICESSL_API TrustError getTrustError(const IceSSL::ConnectionInfoPtr&); - ICESSL_API std::string getTrustErrorDescription(TrustError); - ICESSL_API std::string getHost(const IceSSL::ConnectionInfoPtr&); + ICE_API TrustError getTrustError(const IceSSL::ConnectionInfoPtr&); + ICE_API std::string getTrustErrorDescription(TrustError); + ICE_API std::string getHost(const IceSSL::ConnectionInfoPtr&); /** * The key usage "digitalSignature" bit is set @@ -142,7 +142,7 @@ namespace IceSSL * Thrown if the certificate cannot be read. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API CertificateReadException : public Ice::Exception + class ICE_API CertificateReadException : public Ice::Exception { public: using Ice::Exception::Exception; @@ -162,7 +162,7 @@ namespace IceSSL * Thrown if the certificate cannot be encoded. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API CertificateEncodingException : public Ice::Exception + class ICE_API CertificateEncodingException : public Ice::Exception { public: using Ice::Exception::Exception; @@ -182,7 +182,7 @@ namespace IceSSL * This exception is thrown if a distinguished name cannot be parsed. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API ParseException : public Ice::Exception + class ICE_API ParseException : public Ice::Exception { public: using Ice::Exception::Exception; @@ -211,7 +211,7 @@ namespace IceSSL * into ZeroC\, Inc.). * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API DistinguishedName + class ICE_API DistinguishedName { public: /** @@ -233,12 +233,12 @@ namespace IceSSL /** * Performs an exact match. The order of the RDN components is important. */ - friend ICESSL_API bool operator==(const DistinguishedName&, const DistinguishedName&); + friend ICE_API bool operator==(const DistinguishedName&, const DistinguishedName&); /** * Performs an exact match. The order of the RDN components is important. */ - friend ICESSL_API bool operator<(const DistinguishedName&, const DistinguishedName&); + friend ICE_API bool operator<(const DistinguishedName&, const DistinguishedName&); /** * Performs a partial match with another DistinguishedName. @@ -302,7 +302,7 @@ namespace IceSSL * Represents an X509 Certificate extension. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API X509Extension + class ICE_API X509Extension { public: /** @@ -333,7 +333,7 @@ namespace IceSSL * The interface is inspired by java.security.cert.X509Certificate. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API Certificate : public std::enable_shared_from_this + class ICE_API Certificate : public std::enable_shared_from_this { public: /** @@ -513,33 +513,6 @@ namespace IceSSL */ static CertificatePtr decode(const std::string& str); }; - - /** - * Represents the IceSSL plug-in object. - * \headerfile IceSSL/IceSSL.h - */ - class ICESSL_API Plugin : public Ice::Plugin - { - public: - virtual ~Plugin(); - - /** - * Load the certificate from a file. The certificate must use the - * PEM encoding format. - * @param file The certificate file. - * @throws CertificateReadException if the file cannot be read. - */ - virtual CertificatePtr load(const std::string& file) const = 0; - - /** - * Decode a certificate from a string that uses the PEM encoding - * format. - * @param str A string containing the encoded certificate. - * @throws CertificateEncodingException if an error occurs. - */ - virtual CertificatePtr decode(const std::string& str) const = 0; - }; - using PluginPtr = std::shared_ptr; } #endif diff --git a/cpp/include/IceSSL/SChannel.h b/cpp/include/IceSSL/SChannel.h index cbc7ed2509c..593c4904ebd 100644 --- a/cpp/include/IceSSL/SChannel.h +++ b/cpp/include/IceSSL/SChannel.h @@ -27,7 +27,7 @@ namespace IceSSL * This convenience class is a wrapper around a native certificate. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API Certificate : public virtual IceSSL::Certificate + class ICE_API Certificate : public virtual IceSSL::Certificate { public: /** diff --git a/cpp/msbuild/ice.sln b/cpp/msbuild/ice.sln index 8485d3586be..58b12ecf7b3 100644 --- a/cpp/msbuild/ice.sln +++ b/cpp/msbuild/ice.sln @@ -150,7 +150,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "icegridnode", "..\src\IceGr {142A9562-8DEC-4B1B-9B15-2CAD8304447B} = {142A9562-8DEC-4B1B-9B15-2CAD8304447B} {2940A3C2-A9BA-44AA-AF65-00479C783407} = {2940A3C2-A9BA-44AA-AF65-00479C783407} {4F8DD63C-3359-42F2-A6A8-80F7D55593AC} = {4F8DD63C-3359-42F2-A6A8-80F7D55593AC} - {5923B17D-2873-4245-87A7-FB8F4BE12501} = {5923B17D-2873-4245-87A7-FB8F4BE12501} {90EC26E8-AFFA-4E44-B068-AB5849A96FDD} = {90EC26E8-AFFA-4E44-B068-AB5849A96FDD} {9E13C4B5-5DA9-43C1-9304-AEAC035E854D} = {9E13C4B5-5DA9-43C1-9304-AEAC035E854D} {A28E5839-97F3-4874-BB77-E425787CF2ED} = {A28E5839-97F3-4874-BB77-E425787CF2ED} @@ -162,22 +161,15 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "icegridregistry", "..\src\I {142A9562-8DEC-4B1B-9B15-2CAD8304447B} = {142A9562-8DEC-4B1B-9B15-2CAD8304447B} {2940A3C2-A9BA-44AA-AF65-00479C783407} = {2940A3C2-A9BA-44AA-AF65-00479C783407} {4F8DD63C-3359-42F2-A6A8-80F7D55593AC} = {4F8DD63C-3359-42F2-A6A8-80F7D55593AC} - {5923B17D-2873-4245-87A7-FB8F4BE12501} = {5923B17D-2873-4245-87A7-FB8F4BE12501} {90EC26E8-AFFA-4E44-B068-AB5849A96FDD} = {90EC26E8-AFFA-4E44-B068-AB5849A96FDD} {9E13C4B5-5DA9-43C1-9304-AEAC035E854D} = {9E13C4B5-5DA9-43C1-9304-AEAC035E854D} {A28E5839-97F3-4874-BB77-E425787CF2ED} = {A28E5839-97F3-4874-BB77-E425787CF2ED} EndProjectSection EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "icessl", "..\src\IceSSL\msbuild\icessl\icessl.vcxproj", "{5923B17D-2873-4245-87A7-FB8F4BE12501}" - ProjectSection(ProjectDependencies) = postProject - {3AB9772C-6113-4F1C-90FB-5368E7486C11} = {3AB9772C-6113-4F1C-90FB-5368E7486C11} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "glacier2router", "..\src\Glacier2\msbuild\glacier2router.vcxproj", "{541CF1D6-95FD-4499-AB02-75CCCEE660B0}" ProjectSection(ProjectDependencies) = postProject {2940A3C2-A9BA-44AA-AF65-00479C783407} = {2940A3C2-A9BA-44AA-AF65-00479C783407} {3AB9772C-6113-4F1C-90FB-5368E7486C11} = {3AB9772C-6113-4F1C-90FB-5368E7486C11} - {5923B17D-2873-4245-87A7-FB8F4BE12501} = {5923B17D-2873-4245-87A7-FB8F4BE12501} EndProjectSection EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "icegriddb", "..\src\icegriddb\msbuild\icegriddb.vcxproj", "{369524F4-D374-44F4-BCFD-408934595701}" @@ -194,11 +186,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "icebridge", "..\src\IceBrid EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "slice2rb", "..\src\slice2rb\msbuild\slice2rb.vcxproj", "{A79E9EB0-878C-4EDB-9804-2D262D6008DB}" EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "icesslopenssl", "..\src\IceSSL\msbuild\icesslopenssl\icesslopenssl.vcxproj", "{D0DC2305-37FE-4D03-BE05-AC8912678DC8}" - ProjectSection(ProjectDependencies) = postProject - {5923B17D-2873-4245-87A7-FB8F4BE12501} = {5923B17D-2873-4245-87A7-FB8F4BE12501} - EndProjectSection -EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ice2slice", "..\src\ice2slice\msbuild\ice2slice.vcxproj", "{773EA63E-40AE-45B8-82B4-82B54CF309F8}" EndProject Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "glacier2cryptpermissionsverifier", "..\src\Glacier2CryptPermissionsVerifier\msbuild\glacier2cryptpermissionsverifier\glacier2cryptpermissionsverifier.vcxproj", "{BF2077E4-D837-486B-9356-24FA5F659808}" @@ -430,14 +417,6 @@ Global {64490115-464B-4DC3-B7C6-D0AF1B68B6F9}.Release|Win32.Build.0 = Release|Win32 {64490115-464B-4DC3-B7C6-D0AF1B68B6F9}.Release|x64.ActiveCfg = Release|x64 {64490115-464B-4DC3-B7C6-D0AF1B68B6F9}.Release|x64.Build.0 = Release|x64 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Debug|Win32.ActiveCfg = Debug|Win32 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Debug|Win32.Build.0 = Debug|Win32 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Debug|x64.ActiveCfg = Debug|x64 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Debug|x64.Build.0 = Debug|x64 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Release|Win32.ActiveCfg = Release|Win32 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Release|Win32.Build.0 = Release|Win32 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Release|x64.ActiveCfg = Release|x64 - {5923B17D-2873-4245-87A7-FB8F4BE12501}.Release|x64.Build.0 = Release|x64 {541CF1D6-95FD-4499-AB02-75CCCEE660B0}.Debug|Win32.ActiveCfg = Debug|Win32 {541CF1D6-95FD-4499-AB02-75CCCEE660B0}.Debug|Win32.Build.0 = Debug|Win32 {541CF1D6-95FD-4499-AB02-75CCCEE660B0}.Debug|x64.ActiveCfg = Debug|x64 @@ -470,14 +449,6 @@ Global {A79E9EB0-878C-4EDB-9804-2D262D6008DB}.Release|Win32.Build.0 = Release|Win32 {A79E9EB0-878C-4EDB-9804-2D262D6008DB}.Release|x64.ActiveCfg = Release|x64 {A79E9EB0-878C-4EDB-9804-2D262D6008DB}.Release|x64.Build.0 = Release|x64 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Debug|Win32.ActiveCfg = Debug|Win32 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Debug|Win32.Build.0 = Debug|Win32 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Debug|x64.ActiveCfg = Debug|x64 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Debug|x64.Build.0 = Debug|x64 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Release|Win32.ActiveCfg = Release|Win32 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Release|Win32.Build.0 = Release|Win32 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Release|x64.ActiveCfg = Release|x64 - {D0DC2305-37FE-4D03-BE05-AC8912678DC8}.Release|x64.Build.0 = Release|x64 {773EA63E-40AE-45B8-82B4-82B54CF309F8}.Debug|Win32.ActiveCfg = Debug|Win32 {773EA63E-40AE-45B8-82B4-82B54CF309F8}.Debug|Win32.Build.0 = Debug|Win32 {773EA63E-40AE-45B8-82B4-82B54CF309F8}.Debug|x64.ActiveCfg = Debug|x64 diff --git a/cpp/src/Ice/RegisterPluginsInit.cpp b/cpp/src/Ice/RegisterPluginsInit.cpp index 8af7d2b8903..b966f306061 100644 --- a/cpp/src/Ice/RegisterPluginsInit.cpp +++ b/cpp/src/Ice/RegisterPluginsInit.cpp @@ -12,11 +12,13 @@ extern "C" Ice::Plugin* createIceUDP(const Ice::CommunicatorPtr&, const std::string&, const Ice::StringSeq&); Ice::Plugin* createIceTCP(const Ice::CommunicatorPtr&, const std::string&, const Ice::StringSeq&); Ice::Plugin* createIceWS(const Ice::CommunicatorPtr&, const std::string&, const Ice::StringSeq&); + Ice::Plugin* createIceSSL(const Ice::CommunicatorPtr&, const std::string&, const Ice::StringSeq&); } IceInternal::RegisterPluginsInit::RegisterPluginsInit() { Ice::registerPluginFactory("IceTCP", createIceTCP, true); + Ice::registerPluginFactory("IceSSL", createIceSSL, true); // // Only include the UDP and WS transport plugins with non-static builds or Gem/PyPI/Swift diff --git a/cpp/src/Ice/msbuild/ice/ice.vcxproj b/cpp/src/Ice/msbuild/ice/ice.vcxproj index ce7b34d8360..40f4802f301 100644 --- a/cpp/src/Ice/msbuild/ice/ice.vcxproj +++ b/cpp/src/Ice/msbuild/ice/ice.vcxproj @@ -68,7 +68,7 @@ 4996;%(DisableSpecificWarnings) - advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib + advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib;secur32.lib;crypt32.lib @@ -77,7 +77,7 @@ 4996;%(DisableSpecificWarnings) - advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib + advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib;secur32.lib;crypt32.lib @@ -86,7 +86,7 @@ 4996;%(DisableSpecificWarnings) - advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib + advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib;secur32.lib;crypt32.lib @@ -95,7 +95,7 @@ 4996;%(DisableSpecificWarnings) - advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib + advapi32.lib;ws2_32.lib;Iphlpapi.lib;rpcrt4.lib;DbgHelp.lib;Shlwapi.lib;secur32.lib;crypt32.lib @@ -163,6 +163,19 @@ + + + + + + + + + + + + + diff --git a/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters b/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters index 8e4e312db6a..64c1e47c3f5 100644 --- a/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters +++ b/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters @@ -71,6 +71,9 @@ {efb1387e-a41e-4b1e-958c-88d9bb342a60} + + {9e29ae46-f871-4a8f-aeee-60426e193a89} + @@ -576,6 +579,45 @@ Source Files + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + + + Source Files\IceSSL + @@ -1009,4 +1051,4 @@ Slice Files - \ No newline at end of file + diff --git a/cpp/src/IceSSL/CertificateI.cpp b/cpp/src/IceSSL/CertificateI.cpp index a9069fdf5e0..25a1fa2553c 100644 --- a/cpp/src/IceSSL/CertificateI.cpp +++ b/cpp/src/IceSSL/CertificateI.cpp @@ -11,7 +11,7 @@ #include "IceUtil/StringUtil.h" #include "PluginI.h" #include "RFC2253.h" -#include "Util.h" +#include "SSLUtil.h" using namespace std; using namespace Ice; diff --git a/cpp/src/IceSSL/CertificateI.h b/cpp/src/IceSSL/CertificateI.h index d7cafb5fc15..03d72a66382 100644 --- a/cpp/src/IceSSL/CertificateI.h +++ b/cpp/src/IceSSL/CertificateI.h @@ -15,19 +15,19 @@ namespace IceSSL // // Map a certificate OID to its alias // - struct ICESSL_API CertificateOID + struct ICE_API CertificateOID { const char* name; const char* alias; }; - extern const ICESSL_API CertificateOID certificateOIDS[]; - extern const ICESSL_API int certificateOIDSSize; + extern const ICE_API CertificateOID certificateOIDS[]; + extern const ICE_API int certificateOIDSSize; // // Certificate common implementation // - class ICESSL_API CertificateI : public virtual IceSSL::Certificate + class ICE_API CertificateI : public virtual IceSSL::Certificate { public: virtual bool operator!=(const IceSSL::Certificate&) const; diff --git a/cpp/src/IceSSL/IceSSL.rc b/cpp/src/IceSSL/IceSSL.rc deleted file mode 100644 index 58cf137ecd8..00000000000 --- a/cpp/src/IceSSL/IceSSL.rc +++ /dev/null @@ -1,33 +0,0 @@ -#include "IceUtil/ResourceConfig.h" - -#define ICE_INTERNALNAME ICE_LIBNAME("icessl") "\0" -#define ICE_ORIGINALFILENAME ICE_LIBNAME("icessl") ".dll\0" - -VS_VERSION_INFO VERSIONINFO -FILEVERSION ICE_VERSION -PRODUCTVERSION ICE_VERSION -FILEFLAGSMASK VS_FFI_FILEFLAGSMASK -FILEOS VOS_NT_WINDOWS32 -FILETYPE VFT_DLL -FILESUBTYPE VFT2_UNKNOWN -FILEFLAGS VER_DEBUG -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904e4" - BEGIN - VALUE "CompanyName", ICE_COMPANY_NAME - VALUE "FileDescription", "IceSSL C++ Plug-in\0" - VALUE "FileVersion", ICE_STRING_VERSION - VALUE "InternalName", ICE_INTERNALNAME - VALUE "LegalCopyright", ICE_COPYRIGHT - VALUE "OriginalFilename", ICE_ORIGINALFILENAME - VALUE "ProductName", ICE_PRODUCT_NAME - VALUE "ProductVersion", ICE_STRING_VERSION - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1252 - END -END diff --git a/cpp/src/IceSSL/IceSSLOpenSSL.rc b/cpp/src/IceSSL/IceSSLOpenSSL.rc deleted file mode 100644 index ba33efa9345..00000000000 --- a/cpp/src/IceSSL/IceSSLOpenSSL.rc +++ /dev/null @@ -1,33 +0,0 @@ -#include "IceUtil/ResourceConfig.h" - -#define ICE_INTERNALNAME ICE_LIBNAME("icesslopenssl") "\0" -#define ICE_ORIGINALFILENAME ICE_LIBNAME("icesslopenssl") ".dll\0" - -VS_VERSION_INFO VERSIONINFO -FILEVERSION ICE_VERSION -PRODUCTVERSION ICE_VERSION -FILEFLAGSMASK VS_FFI_FILEFLAGSMASK -FILEOS VOS_NT_WINDOWS32 -FILETYPE VFT_DLL -FILESUBTYPE VFT2_UNKNOWN -FILEFLAGS VER_DEBUG -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904e4" - BEGIN - VALUE "CompanyName", ICE_COMPANY_NAME - VALUE "FileDescription", "IceSSL OpenSSL C++ Plug-in\0" - VALUE "FileVersion", ICE_STRING_VERSION - VALUE "InternalName", ICE_INTERNALNAME - VALUE "LegalCopyright", ICE_COPYRIGHT - VALUE "OriginalFilename", ICE_ORIGINALFILENAME - VALUE "ProductName", ICE_PRODUCT_NAME - VALUE "ProductVersion", ICE_STRING_VERSION - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1252 - END -END diff --git a/cpp/src/IceSSL/OpenSSLPluginI.cpp b/cpp/src/IceSSL/OpenSSLPluginI.cpp index 5decd9f7036..22b445105eb 100644 --- a/cpp/src/IceSSL/OpenSSLPluginI.cpp +++ b/cpp/src/IceSSL/OpenSSLPluginI.cpp @@ -73,32 +73,6 @@ PluginI::getContext() return engine->context(); } -#ifdef _WIN32 -// -// Plug-in factory function. -// -extern "C" ICESSL_OPENSSL_API Ice::Plugin* -createIceSSLOpenSSL(const Ice::CommunicatorPtr& communicator, const string& /*name*/, const Ice::StringSeq& /*args*/) -{ - return new PluginI(communicator); -} - -namespace Ice -{ - ICESSL_OPENSSL_API void registerIceSSLOpenSSL(bool loadOnInitialize) - { - Ice::registerPluginFactory("IceSSL", createIceSSLOpenSSL, loadOnInitialize); - } -} - -#else - -extern "C" ICESSL_API Ice::Plugin* -createIceSSL(const Ice::CommunicatorPtr& communicator, const string& /*name*/, const Ice::StringSeq& /*args*/) -{ - return new PluginI(communicator); -} - // // The following functions are defined only when OpenSSL is the default // implementation. In Windows the default implementation is always @@ -115,5 +89,3 @@ IceSSL::Certificate::decode(const std::string& encoding) { return IceSSL::OpenSSL::Certificate::decode(encoding); } - -#endif diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp index 9add88ef5c2..fe48cb28f5e 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp @@ -7,10 +7,10 @@ #include "IceSSL/ConnectionInfo.h" #include "IceSSL/OpenSSL.h" -#include "Instance.h" #include "PluginI.h" #include "SSLEngine.h" -#include "Util.h" +#include "SSLInstance.h" +#include "SSLUtil.h" #include "../Ice/Network.h" #include "Ice/Buffer.h" diff --git a/cpp/src/IceSSL/PluginI.cpp b/cpp/src/IceSSL/PluginI.cpp index 813278f3973..dd2dcfb54ce 100644 --- a/cpp/src/IceSSL/PluginI.cpp +++ b/cpp/src/IceSSL/PluginI.cpp @@ -16,52 +16,6 @@ using namespace std; using namespace Ice; using namespace IceSSL; -IceSSL::Plugin::~Plugin() -{ - // Out of line to avoid weak vtable -} - -// -// Plugin implementation. -// -PluginI::PluginI(const Ice::CommunicatorPtr& com, const SSLEnginePtr& engine) : _engine(engine) -{ - // - // Register the endpoint factory. We have to do this now, rather - // than in initialize, because the communicator may need to - // interpret proxies before the plug-in is fully initialized. - // - InstancePtr instance = make_shared(_engine, SSLEndpointType, "ssl"); // SSL based on TCP - IceInternal::getProtocolPluginFacade(com)->addEndpointFactory( - make_shared(instance, TCPEndpointType)); -} - -void -PluginI::initialize() -{ - _engine->initialize(); -} - -void -PluginI::destroy() -{ - _engine->destroy(); - _engine = 0; -} - -extern "C" -{ - ICESSL_API Ice::Plugin* createIceSSL(const CommunicatorPtr&, const string&, const StringSeq&); -} - -namespace Ice -{ - ICESSL_API void registerIceSSL(bool loadOnInitialize) - { - Ice::registerPluginFactory("IceSSL", createIceSSL, loadOnInitialize); - } -} - IceSSL::TrustError IceSSL::getTrustError(const IceSSL::ConnectionInfoPtr& info) { diff --git a/cpp/src/IceSSL/PluginI.h b/cpp/src/IceSSL/PluginI.h index 7696d1b1dde..06484dcdaba 100644 --- a/cpp/src/IceSSL/PluginI.h +++ b/cpp/src/IceSSL/PluginI.h @@ -20,32 +20,15 @@ namespace IceSSL }; using ExtendedConnectionInfoPtr = std::shared_ptr; - // TODO: This class provides new certificate virtual methods that canot be added directly to the certificate class + // TODO: This class provides new certificate virtual methods that cannot be added directly to the certificate class // without breaking binary compatibility. The class can be removed once the relevant methods can be marked as // virtual in the certificate class in the next major release (3.8.x). - class ICESSL_API CertificateExtendedInfo + class ICE_API CertificateExtendedInfo { public: virtual unsigned int getKeyUsage() const = 0; virtual unsigned int getExtendedKeyUsage() const = 0; }; - - class ICESSL_API PluginI : public virtual IceSSL::Plugin - { - public: - PluginI(const Ice::CommunicatorPtr&, const IceSSL::SSLEnginePtr&); - // - // From Ice::Plugin. - // - virtual void initialize(); - virtual void destroy(); - - virtual CertificatePtr load(const std::string&) const = 0; - virtual CertificatePtr decode(const std::string&) const = 0; - - protected: - SSLEnginePtr _engine; - }; } #endif diff --git a/cpp/src/IceSSL/RFC2253.h b/cpp/src/IceSSL/RFC2253.h index 97a14ad5ef4..f2e8458eba2 100644 --- a/cpp/src/IceSSL/RFC2253.h +++ b/cpp/src/IceSSL/RFC2253.h @@ -5,7 +5,7 @@ #ifndef ICESSL_RFC_2253_H #define ICESSL_RFC_2253_H -#include "IceSSL/Config.h" +#include "Ice/Config.h" #include @@ -28,7 +28,7 @@ namespace IceSSL { typedef std::list> RDNSeq; - struct ICESSL_API RDNEntry + struct ICE_API RDNEntry { RDNSeq rdn; bool negate; @@ -41,7 +41,7 @@ namespace IceSSL // The function returns a list of RDNEntry structures. Any failure in // parsing results in a ParseException being thrown. // - ICESSL_API RDNEntrySeq parse(const std::string&); + ICE_API RDNEntrySeq parse(const std::string&); // // RDNs are separated with ',' and ';'. @@ -49,12 +49,12 @@ namespace IceSSL // This function returns a list of RDN pairs. Any failure in parsing // results in a ParseException being thrown. // - ICESSL_API RDNSeq parseStrict(const std::string&); + ICE_API RDNSeq parseStrict(const std::string&); // // Unescape the string. // - ICESSL_API std::string unescape(const std::string&); + ICE_API std::string unescape(const std::string&); } } diff --git a/cpp/src/IceSSL/SChannelCertificateI.cpp b/cpp/src/IceSSL/SChannelCertificateI.cpp index 8b4e7a92797..60a702d89fc 100644 --- a/cpp/src/IceSSL/SChannelCertificateI.cpp +++ b/cpp/src/IceSSL/SChannelCertificateI.cpp @@ -7,7 +7,7 @@ #include "Ice/StringConverter.h" #include "IceSSL/SChannel.h" #include "PluginI.h" -#include "Util.h" +#include "SSLUtil.h" #include diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp index 173f0795605..ef9d63bbe98 100644 --- a/cpp/src/IceSSL/SChannelEngine.cpp +++ b/cpp/src/IceSSL/SChannelEngine.cpp @@ -5,7 +5,7 @@ #include "SChannelEngine.h" #include "IceSSL/Plugin.h" #include "SChannelTransceiverI.h" -#include "Util.h" +#include "SSLUtil.h" #include "Ice/Communicator.h" #include "Ice/LocalException.h" diff --git a/cpp/src/IceSSL/SChannelPluginI.cpp b/cpp/src/IceSSL/SChannelPluginI.cpp index 7db4db183a9..a022cf19e99 100644 --- a/cpp/src/IceSSL/SChannelPluginI.cpp +++ b/cpp/src/IceSSL/SChannelPluginI.cpp @@ -9,51 +9,6 @@ using namespace std; -namespace -{ - class PluginI : public IceSSL::PluginI - { - public: - PluginI(const Ice::CommunicatorPtr&); - - virtual IceSSL::CertificatePtr create(CERT_SIGNED_CONTENT_INFO*) const; - virtual IceSSL::CertificatePtr load(const std::string&) const; - virtual IceSSL::CertificatePtr decode(const std::string&) const; - }; - -} - -PluginI::PluginI(const Ice::CommunicatorPtr& com) : IceSSL::PluginI(com, make_shared(com)) -{ -} - -IceSSL::CertificatePtr -PluginI::create(CERT_SIGNED_CONTENT_INFO* cert) const -{ - return IceSSL::SChannel::Certificate::create(cert); -} - -IceSSL::CertificatePtr -PluginI::load(const std::string& file) const -{ - return IceSSL::SChannel::Certificate::load(file); -} - -IceSSL::CertificatePtr -PluginI::decode(const std::string& encoding) const -{ - return IceSSL::SChannel::Certificate::load(encoding); -} - -// -// Plug-in factory function. -// -extern "C" ICESSL_API Ice::Plugin* -createIceSSL(const Ice::CommunicatorPtr& communicator, const string& /*name*/, const Ice::StringSeq& /*args*/) -{ - return new PluginI(communicator); -} - IceSSL::CertificatePtr IceSSL::Certificate::load(const std::string& file) { diff --git a/cpp/src/IceSSL/SChannelTransceiverI.cpp b/cpp/src/IceSSL/SChannelTransceiverI.cpp index c587cffd611..952f71f522e 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.cpp +++ b/cpp/src/IceSSL/SChannelTransceiverI.cpp @@ -11,10 +11,10 @@ #include "Ice/LocalException.h" #include "Ice/LoggerUtil.h" #include "IceSSL/ConnectionInfo.h" -#include "Instance.h" #include "PluginI.h" #include "SChannelEngine.h" -#include "Util.h" +#include "SSLInstance.h" +#include "SSLUtil.h" using namespace std; using namespace Ice; diff --git a/cpp/src/IceSSL/SChannelTransceiverI.h b/cpp/src/IceSSL/SChannelTransceiverI.h index 97b1a09b5bf..6c8c818d831 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.h +++ b/cpp/src/IceSSL/SChannelTransceiverI.h @@ -12,9 +12,9 @@ # include "../Ice/Transceiver.h" # include "../Ice/WSTransceiver.h" # include "Ice/Buffer.h" -# include "IceSSL/Config.h" +# include "Ice/Config.h" # include "IceSSL/Plugin.h" -# include "InstanceF.h" +# include "SSLInstanceF.h" # include "SChannelEngineF.h" # ifdef SECURITY_WIN32 diff --git a/cpp/src/IceSSL/AcceptorI.cpp b/cpp/src/IceSSL/SSLAcceptorI.cpp similarity index 94% rename from cpp/src/IceSSL/AcceptorI.cpp rename to cpp/src/IceSSL/SSLAcceptorI.cpp index 4f33e2a7bd6..102ee7e3b06 100644 --- a/cpp/src/IceSSL/AcceptorI.cpp +++ b/cpp/src/IceSSL/SSLAcceptorI.cpp @@ -2,12 +2,12 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "AcceptorI.h" -#include "EndpointI.h" -#include "Instance.h" +#include "SSLAcceptorI.h" +#include "SSLEndpointI.h" #include "SSLEngine.h" +#include "SSLInstance.h" -#include "Util.h" +#include "SSLUtil.h" #include "Ice/LocalException.h" diff --git a/cpp/src/IceSSL/AcceptorI.h b/cpp/src/IceSSL/SSLAcceptorI.h similarity index 97% rename from cpp/src/IceSSL/AcceptorI.h rename to cpp/src/IceSSL/SSLAcceptorI.h index 3f88edae4fa..4731ccb4834 100644 --- a/cpp/src/IceSSL/AcceptorI.h +++ b/cpp/src/IceSSL/SSLAcceptorI.h @@ -8,7 +8,7 @@ #include "../Ice/Acceptor.h" #include "../Ice/Network.h" #include "../Ice/TransceiverF.h" -#include "InstanceF.h" +#include "SSLInstanceF.h" #include diff --git a/cpp/src/IceSSL/ConnectorI.cpp b/cpp/src/IceSSL/SSLConnectorI.cpp similarity index 94% rename from cpp/src/IceSSL/ConnectorI.cpp rename to cpp/src/IceSSL/SSLConnectorI.cpp index de8063965e7..379afb1f30a 100644 --- a/cpp/src/IceSSL/ConnectorI.cpp +++ b/cpp/src/IceSSL/SSLConnectorI.cpp @@ -2,17 +2,17 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "ConnectorI.h" -#include "Instance.h" +#include "SSLConnectorI.h" +#include "SSLInstance.h" #include "../Ice/NetworkProxy.h" #include "../Ice/StreamSocket.h" -#include "EndpointI.h" #include "Ice/Communicator.h" #include "Ice/LocalException.h" #include "Ice/LoggerUtil.h" +#include "SSLEndpointI.h" #include "SSLEngine.h" -#include "Util.h" +#include "SSLUtil.h" using namespace std; using namespace Ice; diff --git a/cpp/src/IceSSL/ConnectorI.h b/cpp/src/IceSSL/SSLConnectorI.h similarity index 97% rename from cpp/src/IceSSL/ConnectorI.h rename to cpp/src/IceSSL/SSLConnectorI.h index ad03bbf8069..10310aa210a 100644 --- a/cpp/src/IceSSL/ConnectorI.h +++ b/cpp/src/IceSSL/SSLConnectorI.h @@ -9,7 +9,7 @@ #include "../Ice/Network.h" #include "../Ice/TransceiverF.h" -#include "InstanceF.h" +#include "SSLInstanceF.h" namespace IceSSL { diff --git a/cpp/src/IceSSL/EndpointI.cpp b/cpp/src/IceSSL/SSLEndpointI.cpp similarity index 98% rename from cpp/src/IceSSL/EndpointI.cpp rename to cpp/src/IceSSL/SSLEndpointI.cpp index f25241e5329..6ac826d47c1 100644 --- a/cpp/src/IceSSL/EndpointI.cpp +++ b/cpp/src/IceSSL/SSLEndpointI.cpp @@ -2,17 +2,17 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "EndpointI.h" +#include "SSLEndpointI.h" #include "../Ice/DefaultsAndOverrides.h" #include "../Ice/HashUtil.h" -#include "AcceptorI.h" -#include "ConnectorI.h" #include "Ice/Comparable.h" #include "Ice/InputStream.h" #include "Ice/LocalException.h" #include "Ice/Object.h" #include "Ice/OutputStream.h" -#include "Instance.h" +#include "SSLAcceptorI.h" +#include "SSLConnectorI.h" +#include "SSLInstance.h" using namespace std; using namespace Ice; diff --git a/cpp/src/IceSSL/EndpointI.h b/cpp/src/IceSSL/SSLEndpointI.h similarity index 99% rename from cpp/src/IceSSL/EndpointI.h rename to cpp/src/IceSSL/SSLEndpointI.h index 85ef7160ca5..9ba82fd5f69 100644 --- a/cpp/src/IceSSL/EndpointI.h +++ b/cpp/src/IceSSL/SSLEndpointI.h @@ -10,8 +10,8 @@ #include "../Ice/IPEndpointI.h" #include "../Ice/Network.h" #include "IceSSL/EndpointInfo.h" -#include "InstanceF.h" #include "SSLEngineF.h" +#include "SSLInstanceF.h" namespace IceSSL { diff --git a/cpp/src/IceSSL/SSLEngine.h b/cpp/src/IceSSL/SSLEngine.h index 8fb1008c2fa..9e07f96d7af 100644 --- a/cpp/src/IceSSL/SSLEngine.h +++ b/cpp/src/IceSSL/SSLEngine.h @@ -6,10 +6,10 @@ #define ICESSL_ENGINE_H #include "IceSSL/Plugin.h" -#include "InstanceF.h" #include "SSLEngineF.h" +#include "SSLInstanceF.h" +#include "SSLUtil.h" #include "TrustManagerF.h" -#include "Util.h" #include "../Ice/Network.h" #include "../Ice/TransceiverF.h" @@ -19,7 +19,7 @@ namespace IceSSL { - class ICESSL_API SSLEngine + class ICE_API SSLEngine { public: SSLEngine(const Ice::CommunicatorPtr&); diff --git a/cpp/src/IceSSL/SSLEngineF.h b/cpp/src/IceSSL/SSLEngineF.h index 5884fc0fce9..515a4ed0d92 100644 --- a/cpp/src/IceSSL/SSLEngineF.h +++ b/cpp/src/IceSSL/SSLEngineF.h @@ -5,8 +5,6 @@ #ifndef ICESSL_ENGINE_F_H #define ICESSL_ENGINE_F_H -#include "IceSSL/Plugin.h" - #include namespace IceSSL diff --git a/cpp/src/IceSSL/Instance.cpp b/cpp/src/IceSSL/SSLInstance.cpp similarity index 94% rename from cpp/src/IceSSL/Instance.cpp rename to cpp/src/IceSSL/SSLInstance.cpp index 80333587c37..e09bccdab42 100644 --- a/cpp/src/IceSSL/Instance.cpp +++ b/cpp/src/IceSSL/SSLInstance.cpp @@ -2,7 +2,7 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "Instance.h" +#include "SSLInstance.h" #include "SSLEngine.h" using namespace std; diff --git a/cpp/src/IceSSL/Instance.h b/cpp/src/IceSSL/SSLInstance.h similarity index 81% rename from cpp/src/IceSSL/Instance.h rename to cpp/src/IceSSL/SSLInstance.h index 428f16e9c1f..3de90eb17a2 100644 --- a/cpp/src/IceSSL/Instance.h +++ b/cpp/src/IceSSL/SSLInstance.h @@ -6,12 +6,12 @@ #define ICESSL_INSTANCE_H #include "../Ice/ProtocolInstance.h" -#include "InstanceF.h" #include "SSLEngineF.h" +#include "SSLInstanceF.h" namespace IceSSL { - class ICESSL_API Instance final : public IceInternal::ProtocolInstance + class ICE_API Instance final : public IceInternal::ProtocolInstance { public: Instance(const SSLEnginePtr&, std::int16_t, const std::string&); diff --git a/cpp/src/IceSSL/InstanceF.h b/cpp/src/IceSSL/SSLInstanceF.h similarity index 100% rename from cpp/src/IceSSL/InstanceF.h rename to cpp/src/IceSSL/SSLInstanceF.h diff --git a/cpp/src/IceSSL/Util.cpp b/cpp/src/IceSSL/SSLUtil.cpp similarity index 99% rename from cpp/src/IceSSL/Util.cpp rename to cpp/src/IceSSL/SSLUtil.cpp index 9982087f4e1..bb9a44a50df 100644 --- a/cpp/src/IceSSL/Util.cpp +++ b/cpp/src/IceSSL/SSLUtil.cpp @@ -9,7 +9,7 @@ #include "IceUtil/FileUtil.h" #include "IceUtil/StringUtil.h" -#include "Util.h" +#include "SSLUtil.h" #include "../Ice/Base64.h" #include "../Ice/Network.h" diff --git a/cpp/src/IceSSL/Util.h b/cpp/src/IceSSL/SSLUtil.h similarity index 84% rename from cpp/src/IceSSL/Util.h rename to cpp/src/IceSSL/SSLUtil.h index 3b4b5bd4133..6f2fc9508be 100644 --- a/cpp/src/IceSSL/Util.h +++ b/cpp/src/IceSSL/SSLUtil.h @@ -48,12 +48,12 @@ namespace IceSSL // const AltNameObjectIdentifier = 8; // Read a file into memory buffer. - ICESSL_API void readFile(const std::string&, std::vector&); + ICE_API void readFile(const std::string&, std::vector&); // Determine if a file or directory exists, with an optional default directory. - ICESSL_API bool checkPath(const std::string&, const std::string&, bool, std::string&); + ICE_API bool checkPath(const std::string&, const std::string&, bool, std::string&); - ICESSL_API bool parseBytes(const std::string&, std::vector&); + ICE_API bool parseBytes(const std::string&, std::vector&); } #endif diff --git a/cpp/src/IceSSL/SecureTransportPluginI.cpp b/cpp/src/IceSSL/SecureTransportPluginI.cpp index 0f85ee89cf7..5611e112625 100644 --- a/cpp/src/IceSSL/SecureTransportPluginI.cpp +++ b/cpp/src/IceSSL/SecureTransportPluginI.cpp @@ -11,55 +11,6 @@ using namespace Ice; using namespace std; -namespace -{ - class PluginI : public IceSSL::PluginI - { - public: - PluginI(const Ice::CommunicatorPtr&); - - virtual IceSSL::CertificatePtr create(SecCertificateRef) const; - virtual IceSSL::CertificatePtr load(const std::string&) const; - virtual IceSSL::CertificatePtr decode(const std::string&) const; - }; - -} // anonymous namespace end - -// -// Plugin implementation. -// -PluginI::PluginI(const Ice::CommunicatorPtr& com) - : IceSSL::PluginI(com, make_shared(com)) -{ -} - -IceSSL::CertificatePtr -PluginI::create(SecCertificateRef cert) const -{ - return IceSSL::SecureTransport::Certificate::create(cert); -} - -IceSSL::CertificatePtr -PluginI::load(const std::string& file) const -{ - return IceSSL::SecureTransport::Certificate::load(file); -} - -IceSSL::CertificatePtr -PluginI::decode(const std::string& encoding) const -{ - return IceSSL::SecureTransport::Certificate::load(encoding); -} - -// -// Plug-in factory function. -// -extern "C" ICESSL_API Ice::Plugin* -createIceSSL(const Ice::CommunicatorPtr& communicator, const string& /*name*/, const Ice::StringSeq& /*args*/) -{ - return new PluginI(communicator); -} - IceSSL::CertificatePtr IceSSL::Certificate::load(const std::string& file) { diff --git a/cpp/src/IceSSL/SecureTransportTransceiverI.cpp b/cpp/src/IceSSL/SecureTransportTransceiverI.cpp index 31ed7ef8b91..589fc96e72a 100644 --- a/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +++ b/cpp/src/IceSSL/SecureTransportTransceiverI.cpp @@ -4,8 +4,8 @@ #include "SecureTransportTransceiverI.h" #include "IceSSL/ConnectionInfo.h" -#include "Instance.h" #include "PluginI.h" +#include "SSLInstance.h" #include "SecureTransportEngine.h" #include "SecureTransportUtil.h" diff --git a/cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj b/cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj deleted file mode 100644 index 2e5af8199fc..00000000000 --- a/cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj +++ /dev/null @@ -1,157 +0,0 @@ - - - - - - Debug - Win32 - - - Release - Win32 - - - Debug - x64 - - - Release - x64 - - - - {5923B17D-2873-4245-87A7-FB8F4BE12501} - IceSSL - - - - DynamicLibrary - true - $(DefaultPlatformToolset) - - - DynamicLibrary - false - $(DefaultPlatformToolset) - - - DynamicLibrary - true - $(DefaultPlatformToolset) - - - DynamicLibrary - false - $(DefaultPlatformToolset) - - - - - - - - - - - - - - - - - - - - - - ICESSL_API_EXPORTS;%(PreprocessorDefinitions) - - - advapi32.lib;secur32.lib;crypt32.lib;ws2_32.lib - - - - - ICESSL_API_EXPORTS;%(PreprocessorDefinitions) - - - advapi32.lib;secur32.lib;crypt32.lib;ws2_32.lib - - - - - ICESSL_API_EXPORTS;%(PreprocessorDefinitions) - - - advapi32.lib;secur32.lib;crypt32.lib;ws2_32.lib - - - - - ICESSL_API_EXPORTS;%(PreprocessorDefinitions) - - - advapi32.lib;secur32.lib;crypt32.lib;ws2_32.lib - - - - - $(IceSrcRootDir)\include\generated\$(Platform)\$(Configuration)\IceSSL\ - IceSSL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}. - - - - - \ No newline at end of file diff --git a/cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj.filters b/cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj.filters deleted file mode 100644 index 15dcb3cd0a7..00000000000 --- a/cpp/src/IceSSL/msbuild/icessl/icessl.vcxproj.filters +++ /dev/null @@ -1,165 +0,0 @@ - - - - - {4d9f616e-1934-41a2-8ba4-83b5113d1ee9} - rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms - - - {dc46ba85-888a-44c6-a892-02ca81802a4f} - h;hh;hpp;hxx;hm;inl;inc;xsd - - - {7f20c422-9df1-492a-8b6f-5dd7f3188a7a} - cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx - - - {9007c33c-0c7e-42bb-8400-baae022a4a6d} - ice - - - {e9fe80ae-1aff-4267-84d9-1f75b1b573a6} - - - {0f9d0820-dd66-4cea-a839-576ef894e6da} - - - {85447365-08ad-4445-93c9-5b2d697c26d3} - - - {3970e819-06e0-4ff0-90ae-36e4d3e2599e} - - - {e29283e2-0bcc-4737-ba65-4d7818277667} - - - {37734e94-4269-46ce-a869-b343baada79c} - - - {799ccbb8-b61f-49d0-ab9b-c35577f4fc90} - - - {919084ad-57a8-4656-8e9c-7e297ade0cba} - - - {a9faf6cb-dac5-4226-b78f-e8d540941d95} - - - {5b553fdf-f103-40de-901e-e625bbac9df6} - - - {4a704c57-97d4-44e6-a7fe-54071c38a0d1} - - - {d5c1d6b6-0241-4fb2-8d58-451aee18ef20} - - - - - Resource Files - - - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - - - - \ No newline at end of file diff --git a/cpp/src/IceSSL/msbuild/icessl/packages.config b/cpp/src/IceSSL/msbuild/icessl/packages.config deleted file mode 100644 index fb43e38f42f..00000000000 --- a/cpp/src/IceSSL/msbuild/icessl/packages.config +++ /dev/null @@ -1,4 +0,0 @@ - - - - \ No newline at end of file diff --git a/cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj b/cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj deleted file mode 100644 index 91295881cf6..00000000000 --- a/cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj +++ /dev/null @@ -1,120 +0,0 @@ - - - - - Debug - Win32 - - - Release - Win32 - - - Debug - x64 - - - Release - x64 - - - - {D0DC2305-37FE-4D03-BE05-AC8912678DC8} - - - - DynamicLibrary - true - $(DefaultPlatformToolset) - - - DynamicLibrary - false - $(DefaultPlatformToolset) - - - DynamicLibrary - true - $(DefaultPlatformToolset) - - - DynamicLibrary - false - $(DefaultPlatformToolset) - - - - - - - - - - - - - - - - - - - - - - ICESSL_OPENSSL_API_EXPORTS;%(PreprocessorDefinitions) - - - - - ICESSL_OPENSSL_API_EXPORTS;%(PreprocessorDefinitions) - - - - - ICESSL_OPENSSL_API_EXPORTS;%(PreprocessorDefinitions) - - - - - ICESSL_OPENSSL_API_EXPORTS;%(PreprocessorDefinitions) - - - - - generated - $(IceSrcRootDir)\include\generated\$(Platform)\$(Configuration)\IceSSL\ - IceSSL - - - - - - - - - - - - - - - - - - - - - - - - - - - - - This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}. - - - - \ No newline at end of file diff --git a/cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj.filters b/cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj.filters deleted file mode 100644 index ba897fac5cd..00000000000 --- a/cpp/src/IceSSL/msbuild/icesslopenssl/icesslopenssl.vcxproj.filters +++ /dev/null @@ -1,96 +0,0 @@ - - - - - {0255b63a-660b-4a1c-805f-0abe632c5677} - ice - - - {956d2580-1d49-4b49-a059-988288782db2} - h;hh;hpp;hxx;hm;inl;inc;xsd - - - {e83d242d-b1ea-4c9c-b23c-e89105597587} - cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx - - - {448e5844-aa20-4e5e-8876-57eb2a5cbe2f} - rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms - - - {8fbefc16-ee09-44ab-b2b4-d752bd5377ea} - - - {9ad49193-c783-4a96-a912-221addf43f04} - - - {0feba132-cf9d-4d8f-b4d6-20001d1d8ae6} - - - {c0691be0-ad4d-45b0-9b58-ff51634b7abe} - - - {c9a4873d-7104-447e-a4c6-393349a8ff39} - - - {e34f5387-2c17-4311-b257-1344b9008865} - - - {c662649c-a902-4c7e-8616-ea54f436eb45} - - - {9ff83beb-868b-4a94-9b0e-3afc3bab37d6} - - - {2a739cdd-800d-4fb5-b656-2e647b26bd3f} - - - {bf287f75-264e-406d-a75e-b19d15f4a387} - - - {2d055007-bfcb-4301-8c18-3c394e9d2b71} - - - {d89224e9-0392-47b3-9a1a-f4b0b186ab08} - - - - - Resource Files - - - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - Source Files - - - - - Header Files - - - Header Files - - - Header Files - - - Header Files - - - - - - \ No newline at end of file diff --git a/cpp/src/IceSSL/msbuild/icesslopenssl/packages.config b/cpp/src/IceSSL/msbuild/icesslopenssl/packages.config deleted file mode 100644 index 4eec2753837..00000000000 --- a/cpp/src/IceSSL/msbuild/icesslopenssl/packages.config +++ /dev/null @@ -1,4 +0,0 @@ - - - - \ No newline at end of file From 69712cf248700a95d046e267b48b459be6ffd288 Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 17:22:03 +0200 Subject: [PATCH 10/28] Checkpoint --- config/Make.rules.Darwin | 12 +- cpp/Makefile | 2 +- cpp/config/Make.rules | 4 +- cpp/include/Ice/RegisterPlugins.h | 2 - cpp/include/IceSSL/SecureTransport.h | 2 +- cpp/src/Ice/Communicator.cpp | 3 +- cpp/src/Ice/Instance.cpp | 26 +- cpp/src/Ice/Instance.h | 7 +- cpp/src/Ice/Makefile.mk | 6 + cpp/src/IceSSL/Makefile.mk | 24 -- cpp/src/IceSSL/PluginI.cpp | 4 +- cpp/src/IceSSL/SSLEndpointI.cpp | 24 ++ cpp/src/IceSSL/SecureTransportEngine.cpp | 2 +- cpp/src/IceSSL/SecureTransportTransceiverI.h | 4 +- cpp/src/IceSSL/SecureTransportUtil.h | 2 +- cpp/test/IceSSL/configuration/AllTests.cpp | 264 ------------------- scripts/Util.py | 3 +- 17 files changed, 75 insertions(+), 316 deletions(-) delete mode 100644 cpp/src/IceSSL/Makefile.mk diff --git a/config/Make.rules.Darwin b/config/Make.rules.Darwin index ab6a8b40474..b00978a867f 100644 --- a/config/Make.rules.Darwin +++ b/config/Make.rules.Darwin @@ -91,21 +91,19 @@ unescape-ldflags = $(subst -framework+,-framework$(space),$1) Ice_system_libs := -ldl # Frameworks for macos -IceSSL[macosx]_system_libs := -framework Security -framework CoreFoundation +Ice[macosx]_system_libs := -framework Security -framework CoreFoundation # Frameworks requires for iphoneos -Ice[iphoneos]_system_libs := -framework CFNetwork -framework UIKit -framework Foundation -IceSSL[iphoneos]_system_libs := -framework Security +Ice[iphoneos]_system_libs := -framework CFNetwork -framework UIKit -framework Foundation -framework Security IceIAP[iphoneos]_system_libs := -framework ExternalAccessory # Same frameworks as iphoneos for iphonesimulator Ice[iphonesimulator]_system_libs := $(Ice[iphoneos]_system_libs) -IceSSL[iphonesimulator]_system_libs := $(IceSSL[iphoneos]_system_libs) IceIAP[iphonesimulator]_system_libs := $(IceIAP[iphoneos]_system_libs) icegridadmin[macosx]_system_libs := -ledit -lncurses icestormadmin[macosx]_system_libs := -ledit -lncurses -Glacier2CryptPermissionsVerifier[macosx]_system_libs := $(IceSSL[macosx]_system_libs) -Glacier2CryptPermissionsVerifier[iphoneos]_system_libs := $(IceSSL[iphoneos]_system_libs) -Glacier2CryptPermissionsVerifier[iphonesimulator]_system_libs := $(IceSSL[iphonesimulator]_system_libs) +Glacier2CryptPermissionsVerifier[macosx]_system_libs := $(Ice[macosx]_system_libs) +Glacier2CryptPermissionsVerifier[iphoneos]_system_libs := $(Ice[iphoneos]_system_libs) +Glacier2CryptPermissionsVerifier[iphonesimulator]_system_libs := $(Ice[iphonesimulator]_system_libs) diff --git a/cpp/Makefile b/cpp/Makefile index 7182cc15745..66c1a0619f8 100644 --- a/cpp/Makefile +++ b/cpp/Makefile @@ -13,7 +13,7 @@ include $(lang_srcdir)/config/Make.rules # that other projects might depend on so it's important to parse them first for the # generated headers variable to be defined when we load other projects. # -load_first = Ice IceSSL IceBox Glacier2Lib IceGridLib IceStormLib +load_first = Ice IceBox Glacier2Lib IceGridLib IceStormLib # # Create projects for all the Slice translators from src/slice2* and load source projects. diff --git a/cpp/config/Make.rules b/cpp/config/Make.rules index 1e4d0832840..f61ff51b126 100644 --- a/cpp/config/Make.rules +++ b/cpp/config/Make.rules @@ -25,7 +25,6 @@ $(eval $(call validate-config)) # coreandstub_components = IceUtil \ Ice \ - IceSSL \ IceDiscovery \ IceLocatorDiscovery \ Glacier2 \ @@ -100,10 +99,9 @@ $1_dependencies := $$(or $$($1_dependencies),TestCommon Ice) # Also link with IceSSL and IceBT (Debian/Ubuntu/Yocto) when compiling the project with the static configuration $1[static]_cppflags += $(if $(IceBT_system_libs),-DICE_HAS_BT) -$1[static]_dependencies := IceSSL $(if $(IceBT_system_libs),IceBT) +$1[static]_dependencies := $(if $(IceBT_system_libs),IceBT) # Dependencies and target dirs for Xcode SDK test projects -$1[xcodesdk]_dependencies := IceSSL $1[iphoneos-xcodesdk]_targetdir := test/ios/bundles/Bundles-iphoneos/$(subst /,_,$1) $1[iphonesimulator-xcodesdk]_targetdir := test/ios/bundles/Bundles-iphonesimulator/$(subst /,_,$1) diff --git a/cpp/include/Ice/RegisterPlugins.h b/cpp/include/Ice/RegisterPlugins.h index 5bb872c3cd9..0f4fb84f250 100644 --- a/cpp/include/Ice/RegisterPlugins.h +++ b/cpp/include/Ice/RegisterPlugins.h @@ -55,9 +55,7 @@ namespace Ice * plug-in property is set to 1. */ ICE_PLUGIN_REGISTER_DECLSPEC_IMPORT void registerIceWS(bool loadOnInitialize = true); -#endif -#ifndef ICESSL_API_EXPORTS /** * When using static libraries, calling this function ensures the SSL transport is * linked with the application. diff --git a/cpp/include/IceSSL/SecureTransport.h b/cpp/include/IceSSL/SecureTransport.h index f5bdf347fb9..27ba08d51df 100644 --- a/cpp/include/IceSSL/SecureTransport.h +++ b/cpp/include/IceSSL/SecureTransport.h @@ -21,7 +21,7 @@ namespace IceSSL * This convenience class is a wrapper around a native certificate. * \headerfile IceSSL/IceSSL.h */ - class ICESSL_API Certificate : public virtual IceSSL::Certificate + class ICE_API Certificate : public virtual IceSSL::Certificate { public: /** diff --git a/cpp/src/Ice/Communicator.cpp b/cpp/src/Ice/Communicator.cpp index 10765014396..60f60cd8a71 100644 --- a/cpp/src/Ice/Communicator.cpp +++ b/cpp/src/Ice/Communicator.cpp @@ -294,7 +294,8 @@ Ice::Communicator::create(const InitializationData& initData) Ice::CommunicatorPtr communicator = make_shared(); try { - const_cast(communicator->_instance) = Instance::create(communicator, initData); + const_cast(communicator->_instance) = Instance::create(initData); + communicator->_instance->initialize(communicator); } catch (...) { diff --git a/cpp/src/Ice/Instance.cpp b/cpp/src/Ice/Instance.cpp index 8d63ae9283f..a6a958c687e 100644 --- a/cpp/src/Ice/Instance.cpp +++ b/cpp/src/Ice/Instance.cpp @@ -45,10 +45,20 @@ #include "CheckIdentity.h" #include "Ice/ProxyFunctions.h" +#include "../IceSSL/SSLEngine.h" + #include #include #include +#if defined(_WIN32) +# include "../IceSSL/SChannelTransportEngine.h" +#elif defined(__APPLE__) +# include "../IceSSL/SecureTransportEngine.h" +#else +# include "../IceSSL/OpenSSLTransportEngine.h" +#endif + #ifdef __APPLE__ # include "OSLogLoggerI.h" #endif @@ -873,11 +883,9 @@ namespace } InstancePtr -IceInternal::Instance::create(const Ice::CommunicatorPtr& communicator, const Ice::InitializationData& initData) +IceInternal::Instance::create(const Ice::InitializationData& initData) { - auto instance = shared_ptr(new Instance(initData)); - instance->initialize(communicator); - return instance; + return shared_ptr(new Instance(initData)); } IceInternal::Instance::Instance(const InitializationData& initData) @@ -1263,6 +1271,16 @@ IceInternal::Instance::initialize(const Ice::CommunicatorPtr& communicator) _retryIntervals.push_back(v > 0 ? v : 0); } } + +#if defined(_WIN32) + _sslEngine = make_shared(communicator); +#elif defined(__APPLE__) + _sslEngine = make_shared(communicator); +#else + _sslEngine = make_shared(communicator); +#endif + + _sslEngine->initialize(); } catch (...) { diff --git a/cpp/src/Ice/Instance.h b/cpp/src/Ice/Instance.h index bd0f16b8ed2..75d7ee0a801 100644 --- a/cpp/src/Ice/Instance.h +++ b/cpp/src/Ice/Instance.h @@ -33,6 +33,8 @@ #include "Protocol.h" +#include "../IceSSL/SSLEngineF.h" + #include namespace Ice @@ -72,7 +74,7 @@ namespace IceInternal class Instance : public std::enable_shared_from_this { public: - static InstancePtr create(const Ice::CommunicatorPtr&, const Ice::InitializationData&); + static InstancePtr create(const Ice::InitializationData&); virtual ~Instance(); bool destroyed() const; const Ice::InitializationData& initializationData() const { return _initData; } @@ -125,6 +127,8 @@ namespace IceInternal void setSndBufSizeWarn(std::int16_t type, int size); void setRcvBufSizeWarn(std::int16_t type, int size); + IceSSL::SSLEnginePtr sslEngine() const { return _sslEngine; } + private: Instance(const Ice::InitializationData&); void initialize(const Ice::CommunicatorPtr&); @@ -199,6 +203,7 @@ namespace IceInternal ImplicitContextKind _implicitContextKind; // Only set when _implicitContextKind == Shared. Ice::ImplicitContextPtr _sharedImplicitContext; + IceSSL::SSLEnginePtr _sslEngine; }; class ProcessI : public Ice::Process diff --git a/cpp/src/Ice/Makefile.mk b/cpp/src/Ice/Makefile.mk index e1c6a81eaff..1cb97120d4c 100644 --- a/cpp/src/Ice/Makefile.mk +++ b/cpp/src/Ice/Makefile.mk @@ -11,6 +11,12 @@ Ice_ldflags = $(iconv_ldflags) Ice_sliceflags := --include-dir Ice Ice_libs := bz2 Ice_extra_sources := $(wildcard src/IceUtil/*.cpp) + +ifeq ($(os),Darwin) +Ice_extra_sources += $(filter-out src/IceSSL/OpenSSL%.cpp src/IceSSL/SChannel%.cpp, $(wildcard src/IceSSL/*.cpp)) +else +Ice_extra_sources += $(filter-out src/IceSSL/SecureTransport%.cpp src/IceSSL/SChannel%.cpp, $(wildcard src/IceSSL/*.cpp)) +endif Ice_excludes = src/Ice/DLLMain.cpp ifeq ($(os),Linux) diff --git a/cpp/src/IceSSL/Makefile.mk b/cpp/src/IceSSL/Makefile.mk deleted file mode 100644 index f16f94ff884..00000000000 --- a/cpp/src/IceSSL/Makefile.mk +++ /dev/null @@ -1,24 +0,0 @@ -# -# Copyright (c) ZeroC, Inc. All rights reserved. -# - -$(project)_libraries := IceSSL - -IceSSL_targetdir := $(libdir) -IceSSL_dependencies := Ice -IceSSL_cppflags := -DICESSL_API_EXPORTS - -# -# Exclude sources that are not build with the default -# implementation. -# -IceSSL_excludes += $(wildcard src/IceSSL/SChannel*.cpp) - -ifeq ($(os),Darwin) -IceSSL_excludes += $(wildcard src/IceSSL/OpenSSL*.cpp) -else -IceSSL_cppflags += -DICESSL_OPENSSL_API_EXPORTS -IceSSL_excludes += $(wildcard src/IceSSL/SecureTransport*.cpp) -endif - -projects += $(project) diff --git a/cpp/src/IceSSL/PluginI.cpp b/cpp/src/IceSSL/PluginI.cpp index dd2dcfb54ce..738e5bf4769 100644 --- a/cpp/src/IceSSL/PluginI.cpp +++ b/cpp/src/IceSSL/PluginI.cpp @@ -3,9 +3,9 @@ // #include "PluginI.h" -#include "EndpointI.h" -#include "Instance.h" +#include "SSLEndpointI.h" #include "SSLEngine.h" +#include "SSLInstance.h" #include "../Ice/ProtocolInstance.h" #include "../Ice/ProtocolPluginFacade.h" diff --git a/cpp/src/IceSSL/SSLEndpointI.cpp b/cpp/src/IceSSL/SSLEndpointI.cpp index 6ac826d47c1..ce903552420 100644 --- a/cpp/src/IceSSL/SSLEndpointI.cpp +++ b/cpp/src/IceSSL/SSLEndpointI.cpp @@ -4,6 +4,7 @@ #include "SSLEndpointI.h" #include "../Ice/DefaultsAndOverrides.h" +#include "../Ice/EndpointFactoryManager.h" #include "../Ice/HashUtil.h" #include "Ice/Comparable.h" #include "Ice/InputStream.h" @@ -18,6 +19,29 @@ using namespace std; using namespace Ice; using namespace IceSSL; +extern "C" +{ + Plugin* createIceSSL(const CommunicatorPtr& communicator, const string&, const StringSeq&) + { + IceInternal::InstancePtr instance = IceInternal::getInstance(communicator); + IceSSL::SSLEnginePtr engine = instance->sslEngine(); + IceInternal::EndpointFactoryManagerPtr endpointFactoryManager = instance->endpointFactoryManager(); + IceSSL::InstancePtr sslInstance = make_shared(engine, SSLEndpointType, "ssl"); + + return new IceInternal::EndpointFactoryPlugin( + communicator, + make_shared(sslInstance, TCPEndpointType)); + } +} + +namespace Ice +{ + ICE_API void registerIceSSL(bool loadOnInitialize) + { + Ice::registerPluginFactory("IceSSL", createIceSSL, loadOnInitialize); + } +} + namespace { Ice::IPEndpointInfoPtr getIPEndpointInfo(const Ice::EndpointInfoPtr& info) diff --git a/cpp/src/IceSSL/SecureTransportEngine.cpp b/cpp/src/IceSSL/SecureTransportEngine.cpp index 2db645365fd..4ce057f9802 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.cpp +++ b/cpp/src/IceSSL/SecureTransportEngine.cpp @@ -2,7 +2,7 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "IceSSL/Config.h" +#include "Ice/Config.h" #include "SecureTransportEngine.h" #include "SecureTransportEngineF.h" diff --git a/cpp/src/IceSSL/SecureTransportTransceiverI.h b/cpp/src/IceSSL/SecureTransportTransceiverI.h index dcabbfbbcb8..8f5817f0a20 100644 --- a/cpp/src/IceSSL/SecureTransportTransceiverI.h +++ b/cpp/src/IceSSL/SecureTransportTransceiverI.h @@ -7,9 +7,9 @@ #ifdef __APPLE__ -# include "IceSSL/Config.h" +# include "Ice/Config.h" # include "IceSSL/Plugin.h" -# include "InstanceF.h" +# include "SSLInstanceF.h" # include "SecureTransportEngineF.h" # include "../Ice/Network.h" diff --git a/cpp/src/IceSSL/SecureTransportUtil.h b/cpp/src/IceSSL/SecureTransportUtil.h index f09b0c0b535..38eff33aaea 100644 --- a/cpp/src/IceSSL/SecureTransportUtil.h +++ b/cpp/src/IceSSL/SecureTransportUtil.h @@ -8,7 +8,7 @@ #ifdef __APPLE__ # include "IceSSL/SecureTransport.h" -# include "Util.h" +# include "SSLUtil.h" namespace IceSSL { diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index add46bbc98b..bc7e679085a 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -275,12 +275,6 @@ static PropertiesPtr createClientProps(const Ice::PropertiesPtr& defaultProps, bool p12) { PropertiesPtr result = createProperties(); - // - // Don't set the plugin property, the client registered the plugin with registerIceSSL. - // -#if defined(_WIN32) && defined(ICE_USE_OPENSSL) - result->setProperty("Ice.Plugin.IceSSL", "IceSSLOpenSSL:createIceSSLOpenSSL"); -#endif result->setProperty("IceSSL.DefaultDir", defaultProps->getProperty("IceSSL.DefaultDir")); result->setProperty("Ice.Default.Host", defaultProps->getProperty("Ice.Default.Host")); if (!defaultProps->getProperty("Ice.IPv6").empty()) @@ -307,11 +301,6 @@ static Test::Properties createServerProps(const Ice::PropertiesPtr& defaultProps, bool p12) { Test::Properties result; -#if defined(_WIN32) && defined(ICE_USE_OPENSSL) - result["Ice.Plugin.IceSSL"] = "IceSSLOpenSSL:createIceSSLOpenSSL"; -#else - result["Ice.Plugin.IceSSL"] = "IceSSL:createIceSSL"; -#endif result["IceSSL.DefaultDir"] = defaultProps->getProperty("IceSSL.DefaultDir"); result["Ice.Default.Host"] = defaultProps->getProperty("Ice.Default.Host"); if (!defaultProps->getProperty("Ice.IPv6").empty()) @@ -444,23 +433,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) string sep = ":"; #endif -#ifdef ICE_USE_OPENSSL - int64_t openSSLVersion; - { - // - // Get the IceSSL engine name and version - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12); - CommunicatorPtr comm = initialize(initData); - auto plugin = dynamic_pointer_cast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); - openSSLVersion = plugin->getOpenSSLVersion(); - comm->destroy(); - } - const string anonCiphers = openSSLVersion >= 0x10100000L ? "ADH:@SECLEVEL=0" : "ADH"; -#endif - IceSSL::ConnectionInfoPtr info; cout << "testing certificate verification... " << flush; @@ -1543,242 +1515,6 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) cout << "ok" << endl; #endif - // TODO disabled for now - /* - cout << "testing ciphers... " << flush; - { - // - // With OpenSSL 1.1.1 the initialization will success because TLS 1.3 - // ciphersuites are still enabled. They are not affected by IceSSL.Ciphers - // properties - // - #if !(defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1010100fL) - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12, "c_rsa_ca1", "cacert1"); - initData.properties->setProperty("IceSSL.Ciphers", "UNKNOWN"); - try - { - initialize(initData); - test(false); - } - catch(const Ice::PluginInitializationException&) - { - } - #endif - } - #ifndef ICE_USE_SCHANNEL - { - // - // The server has a certificate but the client doesn't. They should - // negotiate to use ADH since we explicitly enable it. - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12); - # ifdef ICE_USE_OPENSSL - initData.properties->setProperty("IceSSL.Ciphers", anonCiphers); - # if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x1010100fL - // - // With OpenSSL 1.1 disable tls1.3 so that client and server negotiate - // an anon cipher - // - initData.properties->setProperty("IceSSL.Protocols", "tls1_2,tls1_1"); - # endif - # else - initData.properties->setProperty("IceSSL.Ciphers", "(DH_anon*)"); - # endif - CommunicatorPtr comm = initialize(initData); - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - Test::Properties d = createServerProps(defaultProps, p12, "s_rsa_ca1", "cacert1"); - # ifdef ICE_USE_OPENSSL - // - // With OpenSSL 1.1.0 we need to set SECLEVEL=0 to allow ADH ciphers - // - string cipherSub = "ADH-"; - d["IceSSL.Ciphers"] = "RSA:" + anonCiphers; - # else - string cipherSub = "DH_"; - d["IceSSL.Ciphers"] = "(RSA_*) (DH_anon*)"; - # endif - d["IceSSL.VerifyPeer"] = "1"; - optional server = fact->createServer(d); - try - { - server->checkCipher(cipherSub); - info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(info->cipher.compare(0, cipherSub.size(), cipherSub) == 0); - } - catch(const LocalException& ex) - { - # ifndef ICE_USE_SECURE_TRANSPORT - // - // macOS 10.10 bug the handshake fails attempting client auth - // with anon cipher. - // - cerr << ex << endl; - test(false); - # endif - } - fact->destroyServer(server); - comm->destroy(); - } - - { - // - // This should fail because we disabled all anonymous ciphers and the server doesn't - // provide a certificate. - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12); - # ifdef ICE_USE_OPENSSL - initData.properties->setProperty("IceSSL.Ciphers", "ALL:!ADH"); - # else - initData.properties->setProperty("IceSSL.Ciphers", "ALL !(DH_anon*)"); - # endif - CommunicatorPtr comm = initialize(initData); - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - Test::Properties d = createServerProps(defaultProps, p12); - d["IceSSL.VerifyPeer"] = "0"; - optional server = fact->createServer(d); - try - { - server->ice_ping(); - test(false); - } - catch(const ProtocolException&) - { - // Expected - } - catch(const ConnectionLostException&) - { - // Expected - } - catch(const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - fact->destroyServer(server); - comm->destroy(); - } - # ifdef ICE_USE_SECURE_TRANSPORT - { - // - // This should fail because the client disabled all ciphers. - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12, "c_rsa_ca1", "cacert1"); - initData.properties->setProperty("IceSSL.Ciphers", "NONE"); - try - { - CommunicatorPtr comm = initialize(initData); - test(false); - } - catch(const Ice::PluginInitializationException&) - { - //Expected when disabled all cipher suites. - } - catch(const Ice::LocalException& ex) - { - cerr << ex << endl; - test(false); - } - } - - { - // - // Test IceSSL.DHParams - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12); - initData.properties->setProperty("IceSSL.Ciphers", "(DH_anon*)"); - CommunicatorPtr comm = initialize(initData); - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - Test::Properties d = createServerProps(defaultProps, p12); - d["IceSSL.Ciphers"] = "(DH_anon*)"; - d["IceSSL.DHParams"] = "dh_params1024.der"; - d["IceSSL.VerifyPeer"] = "0"; - optional server = fact->createServer(d); - try - { - server->checkCipher("DH_anon"); - } - catch(const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - fact->destroyServer(server); - comm->destroy(); - } - # endif - #else // SChannel ciphers - { - // - // Client and server should negotiate to use 3DES as it is enabled in both. - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12, "c_rsa_ca1", "cacert1"); - initData.properties->setProperty("IceSSL.Ciphers", "3DES"); - - CommunicatorPtr comm = initialize(initData); - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - - Test::Properties d = createServerProps(defaultProps, p12, "s_rsa_ca1", "cacert1"); - d["IceSSL.Ciphers"] = "3DES AES_256"; - - optional server = fact->createServer(d); - try - { - server->checkCipher("3DES"); - info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(info->cipher.compare(0, 4, "3DES") == 0); - } - catch(const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - fact->destroyServer(server); - comm->destroy(); - } - { - // - // Client and server doesn't enable a common cipher negotiate to use 3DES as it is enabled in both. - // - InitializationData initData; - initData.properties = createClientProps(defaultProps, p12, "c_rsa_ca1", "cacert1"); - initData.properties->setProperty("IceSSL.Ciphers", "3DES"); - - CommunicatorPtr comm = initialize(initData); - optional fact = Test::ServerFactoryPrx(comm, factoryRef); - test(fact); - - Test::Properties d = createServerProps(defaultProps, p12, "s_rsa_ca1", "cacert1"); - d["IceSSL.Ciphers"] = "AES_256"; - optional server = fact->createServer(d); - try - { - server->checkCipher("3DES"); - test(false); - } - catch(const Ice::ConnectionLostException&) - { - //expected - } - catch(const LocalException& ex) - { - cerr << ex << endl; - test(false); - } - fact->destroyServer(server); - comm->destroy(); - } - #endif - */ cout << "testing IceSSL.TrustOnly... " << flush; // // iOS support only provides access to the CN of the certificate so we diff --git a/scripts/Util.py b/scripts/Util.py index b551ec6f62c..fdb9ebf83c9 100644 --- a/scripts/Util.py +++ b/scripts/Util.py @@ -1287,7 +1287,7 @@ def getProps(self, process, current): def getSSLProps(self, process, current): sslProps = { - "Ice.Plugin.IceSSL": self.getPluginEntryPoint("IceSSL", process, current), + "Ice.Plugin.IceSSL": "", "IceSSL.Password": "password", "IceSSL.DefaultDir": "" if current.config.buildPlatform == "iphoneos" @@ -3902,7 +3902,6 @@ def getActivityName(self): class CSharpMapping(Mapping): - def getTargetFramework(self, current): return "net8.0" From 7a950b1958a637b7990ef635b821efd63cca1a44 Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 17:46:15 +0200 Subject: [PATCH 11/28] Build fixes --- cpp/msbuild/ice.proj | 35 ----------------------------------- cpp/src/Ice/Instance.cpp | 6 +++--- 2 files changed, 3 insertions(+), 38 deletions(-) diff --git a/cpp/msbuild/ice.proj b/cpp/msbuild/ice.proj index 4701493f725..627b01ffe97 100644 --- a/cpp/msbuild/ice.proj +++ b/cpp/msbuild/ice.proj @@ -31,7 +31,6 @@ - @@ -84,22 +83,6 @@ Configuration=Release;Platform=x64;VisualStudioVersion=$(VisualStudioVersion) - - - - - Configuration=Debug;Platform=Win32 - - - Configuration=Debug;Platform=x64 - - - Configuration=Release;Platform=Win32 - - - Configuration=Release;Platform=x64 - - @@ -115,13 +98,6 @@ Configuration=$(Configuration);Platform=$(Platform);VisualStudioVersion=$(VisualStudioVersion) - - - - - Configuration=$(Configuration);Platform=$(Platform) - - @@ -147,22 +123,11 @@ - - - - diff --git a/cpp/src/Ice/Instance.cpp b/cpp/src/Ice/Instance.cpp index a6a958c687e..ca899f49791 100644 --- a/cpp/src/Ice/Instance.cpp +++ b/cpp/src/Ice/Instance.cpp @@ -52,11 +52,11 @@ #include #if defined(_WIN32) -# include "../IceSSL/SChannelTransportEngine.h" +# include "../IceSSL/SChannelEngine.h" #elif defined(__APPLE__) # include "../IceSSL/SecureTransportEngine.h" #else -# include "../IceSSL/OpenSSLTransportEngine.h" +# include "../IceSSL/OpenSSLEngine.h" #endif #ifdef __APPLE__ @@ -1273,7 +1273,7 @@ IceInternal::Instance::initialize(const Ice::CommunicatorPtr& communicator) } #if defined(_WIN32) - _sslEngine = make_shared(communicator); + _sslEngine = make_shared(communicator); #elif defined(__APPLE__) _sslEngine = make_shared(communicator); #else From c3612cb602114ba59d423f995b1cf5c08a156f95 Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 18:16:50 +0200 Subject: [PATCH 12/28] OpenSSL fixes --- config/Make.rules.Linux | 5 +-- cpp/src/IceSSL/OpenSSLEngine.cpp | 5 +-- cpp/src/IceSSL/OpenSSLEngine.h | 2 +- cpp/src/IceSSL/OpenSSLPluginI.cpp | 64 ---------------------------- cpp/src/IceSSL/OpenSSLTransceiverI.h | 6 +-- 5 files changed, 8 insertions(+), 74 deletions(-) diff --git a/config/Make.rules.Linux b/config/Make.rules.Linux index 02e20de81c6..467451fe34b 100644 --- a/config/Make.rules.Linux +++ b/config/Make.rules.Linux @@ -179,11 +179,10 @@ endif endif IceUtil_system_libs = -lrt $(if $(filter yes,$(libbacktrace)),-lbacktrace) -Ice_system_libs = -ldl -lcrypto $(IceUtil_system_libs) +Ice_system_libs = -ldl -lssl -lcrypto $(IceUtil_system_libs) ifeq ($(shell pkg-config --exists libsystemd 2> /dev/null && echo yes),yes) Ice_system_libs += $(shell pkg-config --libs libsystemd) endif -IceSSL_system_libs = -lssl -lcrypto Glacier2CryptPermissionsVerifier_system_libs = -lcrypt icegridadmin_system_libs = -ledit @@ -196,6 +195,6 @@ icestormadmin_system_libs = -ledit # ifneq ($(filter debian ubuntu yocto poky,$(linux_id)),) ifeq ($(shell pkg-config --exists bluez dbus-1 2> /dev/null && echo yes),yes) -IceBT_system_libs = $(IceSSL_system_libs) $(shell pkg-config --libs dbus-1) +IceBT_system_libs = $(Ice_system_libs) $(shell pkg-config --libs dbus-1) endif endif diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 38e7594c9cf..f67cb5f3287 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -2,14 +2,13 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "IceSSL/Config.h" - #include "OpenSSLEngine.h" #include "OpenSSLEngineF.h" #include "OpenSSLTransceiverI.h" #include "TrustManager.h" -#include "Util.h" +#include "SSLUtil.h" +#include "Ice/Config.h" #include "Ice/Communicator.h" #include "Ice/LocalException.h" #include "Ice/Logger.h" diff --git a/cpp/src/IceSSL/OpenSSLEngine.h b/cpp/src/IceSSL/OpenSSLEngine.h index 44baa5dc30c..c8863dcf46e 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.h +++ b/cpp/src/IceSSL/OpenSSLEngine.h @@ -5,7 +5,7 @@ #ifndef ICESSL_OPENSSL_ENGINE_H #define ICESSL_OPENSSL_ENGINE_H -#include "InstanceF.h" +#include "SSLInstanceF.h" #include "OpenSSLUtil.h" #include "SSLEngine.h" diff --git a/cpp/src/IceSSL/OpenSSLPluginI.cpp b/cpp/src/IceSSL/OpenSSLPluginI.cpp index 22b445105eb..8b8be5aa3b5 100644 --- a/cpp/src/IceSSL/OpenSSLPluginI.cpp +++ b/cpp/src/IceSSL/OpenSSLPluginI.cpp @@ -9,70 +9,6 @@ using namespace std; -namespace -{ - class PluginI : public IceSSL::PluginI, public IceSSL::OpenSSL::Plugin - { - public: - PluginI(const Ice::CommunicatorPtr&); - - virtual int64_t getOpenSSLVersion() const; - virtual IceSSL::CertificatePtr create(x509_st*) const; - virtual IceSSL::CertificatePtr load(const std::string&) const; - virtual IceSSL::CertificatePtr decode(const std::string&) const; - virtual void setContext(SSL_CTX*); - virtual SSL_CTX* getContext(); - }; - -} // anonymous namespace end - -// -// Plugin implementation. -// -PluginI::PluginI(const Ice::CommunicatorPtr& com) : IceSSL::PluginI(com, make_shared(com)) -{ -} - -int64_t -PluginI::getOpenSSLVersion() const -{ - return SSLeay(); -} - -IceSSL::CertificatePtr -PluginI::create(x509_st* cert) const -{ - return IceSSL::OpenSSL::Certificate::create(cert); -} - -IceSSL::CertificatePtr -PluginI::load(const std::string& file) const -{ - return IceSSL::OpenSSL::Certificate::load(file); -} - -IceSSL::CertificatePtr -PluginI::decode(const std::string& encoding) const -{ - return IceSSL::OpenSSL::Certificate::load(encoding); -} - -void -PluginI::setContext(SSL_CTX* context) -{ - IceSSL::OpenSSL::SSLEngine* engine = dynamic_cast(_engine.get()); - assert(engine); - engine->context(context); -} - -SSL_CTX* -PluginI::getContext() -{ - IceSSL::OpenSSL::SSLEngine* engine = dynamic_cast(_engine.get()); - assert(engine); - return engine->context(); -} - // // The following functions are defined only when OpenSSL is the default // implementation. In Windows the default implementation is always diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.h b/cpp/src/IceSSL/OpenSSLTransceiverI.h index 775d0cff876..e2838753cac 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.h +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.h @@ -9,11 +9,11 @@ #include "../Ice/StreamSocket.h" #include "../Ice/Transceiver.h" #include "../Ice/WSTransceiver.h" -#include "IceSSL/Config.h" +#include "Ice/Config.h" #include "IceSSL/Plugin.h" -#include "InstanceF.h" +#include "SSLInstanceF.h" #include "OpenSSLEngineF.h" -#include "Util.h" +#include "SSLUtil.h" #include From e42e4f80706d3edfd01a96eb8c39ee53284a62ee Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 18:20:24 +0200 Subject: [PATCH 13/28] clang-format --- cpp/src/IceSSL/OpenSSLEngine.cpp | 4 ++-- cpp/src/IceSSL/OpenSSLEngine.h | 2 +- cpp/src/IceSSL/OpenSSLTransceiverI.h | 2 +- cpp/src/IceSSL/SChannelTransceiverI.h | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index f67cb5f3287..3b3eec8bad9 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -5,11 +5,11 @@ #include "OpenSSLEngine.h" #include "OpenSSLEngineF.h" #include "OpenSSLTransceiverI.h" -#include "TrustManager.h" #include "SSLUtil.h" +#include "TrustManager.h" -#include "Ice/Config.h" #include "Ice/Communicator.h" +#include "Ice/Config.h" #include "Ice/LocalException.h" #include "Ice/Logger.h" #include "Ice/LoggerUtil.h" diff --git a/cpp/src/IceSSL/OpenSSLEngine.h b/cpp/src/IceSSL/OpenSSLEngine.h index c8863dcf46e..a9c62862e9c 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.h +++ b/cpp/src/IceSSL/OpenSSLEngine.h @@ -5,9 +5,9 @@ #ifndef ICESSL_OPENSSL_ENGINE_H #define ICESSL_OPENSSL_ENGINE_H -#include "SSLInstanceF.h" #include "OpenSSLUtil.h" #include "SSLEngine.h" +#include "SSLInstanceF.h" #include "Ice/BuiltinSequences.h" diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.h b/cpp/src/IceSSL/OpenSSLTransceiverI.h index e2838753cac..5be0be62788 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.h +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.h @@ -11,8 +11,8 @@ #include "../Ice/WSTransceiver.h" #include "Ice/Config.h" #include "IceSSL/Plugin.h" -#include "SSLInstanceF.h" #include "OpenSSLEngineF.h" +#include "SSLInstanceF.h" #include "SSLUtil.h" #include diff --git a/cpp/src/IceSSL/SChannelTransceiverI.h b/cpp/src/IceSSL/SChannelTransceiverI.h index 6c8c818d831..89c6fe2da60 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.h +++ b/cpp/src/IceSSL/SChannelTransceiverI.h @@ -14,8 +14,8 @@ # include "Ice/Buffer.h" # include "Ice/Config.h" # include "IceSSL/Plugin.h" -# include "SSLInstanceF.h" # include "SChannelEngineF.h" +# include "SSLInstanceF.h" # ifdef SECURITY_WIN32 # undef SECURITY_WIN32 From 7d727f54f41e0fa8804679201eae8714fdf04f21 Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 18:45:51 +0200 Subject: [PATCH 14/28] Test fixes --- cpp/test/Ice/proxy/AllTests.cpp | 40 ++-------------------------- matlab/test/Ice/proxy/AllTests.m | 27 +++---------------- php/Makefile | 2 +- php/test/Ice/proxy/Client.php | 33 +++-------------------- python/Makefile | 2 +- python/test/Ice/proxy/AllTests.py | 44 ++++++++----------------------- ruby/Makefile | 2 +- ruby/test/Ice/proxy/AllTests.rb | 18 ++----------- 8 files changed, 25 insertions(+), 143 deletions(-) diff --git a/cpp/test/Ice/proxy/AllTests.cpp b/cpp/test/Ice/proxy/AllTests.cpp index e5dcebc1b85..cbddfe944b6 100644 --- a/cpp/test/Ice/proxy/AllTests.cpp +++ b/cpp/test/Ice/proxy/AllTests.cpp @@ -1231,20 +1231,6 @@ allTests(TestHelper* helper) if (communicator->getProperties()->getPropertyAsInt("Ice.IPv6") == 0 && communicator->getProperties()->getProperty("Ice.Default.Host") == "127.0.0.1") { - // SSL enabled? - bool ssl; - try - { - communicator->stringToProxy("dummy:ssl"); - ssl = true; - } - catch (const Ice::EndpointParseException&) - { - ssl = false; - } - - const bool tcp = communicator->getProperties()->getProperty("Ice.Default.Protocol") == "tcp"; - // Two legal TCP endpoints expressed as opaque endpoints p1 = communicator->stringToProxy("test -e 1.0:opaque -e 1.0 -t 1 -v CTEyNy4wLjAuMeouAAAQJwAAAA==:opaque -e 1.0 " "-t 1 -v CTEyNy4wLjAuMusuAAAQJwAAAA=="); @@ -1258,16 +1244,7 @@ allTests(TestHelper* helper) p1 = communicator->stringToProxy( "test -e 1.0:opaque -e 1.0 -t 2 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -e 1.0 -t 99 -v abch"); pstr = communicator->proxyToString(p1); - if (ssl) - { - test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); - } - else if (tcp) - { - test( - pstr == - "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch"); - } + test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); // // Test that the proxy with an SSL endpoint and a nonsense @@ -1277,20 +1254,7 @@ allTests(TestHelper* helper) // optional p2 = derived->echo(p1); pstr = communicator->proxyToString(p2); - if (ssl) - { - test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); - } - else if (tcp) - { - if (pstr != "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch") - { - cerr << pstr << endl; - } - test( - pstr == - "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch"); - } + test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); } cout << "ok" << endl; diff --git a/matlab/test/Ice/proxy/AllTests.m b/matlab/test/Ice/proxy/AllTests.m index 60ee8820a3b..7c4ed9cf4d2 100644 --- a/matlab/test/Ice/proxy/AllTests.m +++ b/matlab/test/Ice/proxy/AllTests.m @@ -843,12 +843,7 @@ assert(strcmp(communicator.proxyToString(p2), 'test -t -e 1.1:tcp -h 127.0.0.1 -p 12010 -t 10000')); if communicator.getProperties().getPropertyAsInt('Ice.IPv6') == 0 - % Working? - ssl = strcmp(communicator.getProperties().getProperty('Ice.Default.Protocol'), 'ssl'); - tcp = strcmp(communicator.getProperties().getProperty('Ice.Default.Protocol'), 'tcp'); - if tcp - p1.ice_encodingVersion(Ice.EncodingVersion(1, 0)).ice_ping(); - end + p1.ice_encodingVersion(Ice.EncodingVersion(1, 0)).ice_ping(); % Two legal TCP endpoints expressed as opaque endpoints p1 = communicator.stringToProxy('test -e 1.0:opaque -t 1 -e 1.0 -v CTEyNy4wLjAuMeouAAAQJwAAAA==:opaque -t 1 -e 1.0 -v CTEyNy4wLjAuMusuAAAQJwAAAA=='); @@ -861,11 +856,7 @@ % p1 = communicator.stringToProxy('test -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch'); pstr = communicator.proxyToString(p1); - if ssl - assert(strcmp(pstr, 'test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch')); - elseif tcp - assert(strcmp(pstr, 'test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch')); - end + assert(strcmp(pstr, 'test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch')); % % Try to invoke on the SSL endpoint to verify that we get a @@ -876,13 +867,7 @@ p1.ice_encodingVersion(Ice.EncodingVersion(1, 0)).ice_ping(); assert(false); catch ex - if isa(ex, 'Ice.NoEndpointException') - assert(~ssl); - elseif isa(ex, 'Ice.ConnectFailedException') - assert(~tcp); - else - rethrow(ex); - end + assert(isa(ex, 'Ice.ConnectFailedException')); end % @@ -893,11 +878,7 @@ % p2 = derived.echo(p1); pstr = communicator.proxyToString(p2); - if ssl - assert(strcmp(pstr, 'test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch')); - elseif tcp - assert(strcmp(pstr, 'test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch')); - end + assert(strcmp(pstr, 'test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch')); end fprintf('ok\n'); diff --git a/php/Makefile b/php/Makefile index f713846bab1..11c75b0205d 100644 --- a/php/Makefile +++ b/php/Makefile @@ -11,7 +11,7 @@ include $(top_srcdir)/config/Make.rules # Load C++ dependencies # $(eval $(call load-translator-dependencies,$(top_srcdir)/cpp/src/slice2php)) -$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceSSL IceDiscovery IceLocatorDiscovery))) +$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceDiscovery IceLocatorDiscovery))) # # Load php rules after loading C++ dependencies diff --git a/php/test/Ice/proxy/Client.php b/php/test/Ice/proxy/Client.php index 48b9a93ed57..df8a1e7e5c5 100644 --- a/php/test/Ice/proxy/Client.php +++ b/php/test/Ice/proxy/Client.php @@ -645,7 +645,6 @@ function allTests($helper) // Working? if($communicator->getProperties()->getPropertyAsInt("Ice.IPv6") == 0) { - $ssl = $communicator->getProperties()->getProperty("Ice.Default.Protocol") == "ssl"; $tcp = $communicator->getProperties()->getProperty("Ice.Default.Protocol") == "tcp"; // Two legal TCP endpoints expressed as opaque endpoints @@ -659,14 +658,7 @@ function allTests($helper) // $p1 = $communicator->stringToProxy("test -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch"); $pstr = $communicator->proxyToString($p1); - if($ssl) - { - test($pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); - } - elseif($tcp) - { - test($pstr == "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch"); - } + test($pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); // // Try to invoke on the SSL endpoint to verify that we get a @@ -678,20 +670,8 @@ function allTests($helper) $p1->ice_encodingVersion($Ice_Encoding_1_0)->ice_ping(); test(false); } - catch(Exception $ex) + catch(Ice\ConnectionRefusedException $ex) { - if($ex instanceof Ice\NoEndpointException) - { - test(!$ssl); - } - elseif($ex instanceof Ice\ConnectionRefusedException) - { - test(!$tcp); - } - else - { - throw $ex; - } } // @@ -702,14 +682,7 @@ function allTests($helper) // $p2 = $derived->_echo($p1); $pstr = $communicator->proxyToString($p2); - if($ssl) - { - test($pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); - } - elseif($tcp) - { - test($pstr == "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch"); - } + test($pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch"); } echo "ok\n"; diff --git a/python/Makefile b/python/Makefile index 5ba482da820..8f7cbf4dc7c 100644 --- a/python/Makefile +++ b/python/Makefile @@ -10,7 +10,7 @@ include $(top_srcdir)/config/Make.rules # # Load C++ dependencies # -$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceSSL IceLocatorDiscovery IceDiscovery))) +$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceLocatorDiscovery IceDiscovery))) # # Load python rules after loading C++ dependencies diff --git a/python/test/Ice/proxy/AllTests.py b/python/test/Ice/proxy/AllTests.py index f608ae7971c..a7c9fb378a0 100644 --- a/python/test/Ice/proxy/AllTests.py +++ b/python/test/Ice/proxy/AllTests.py @@ -478,7 +478,7 @@ def allTests(helper, communicator, collocated): # Verify that ToStringMode is passed correctly # euroStr = "\u20ac" - ident = Ice.Identity("test", "\x7F{}".format(euroStr)) + ident = Ice.Identity("test", "\x7f{}".format(euroStr)) idStr = Ice.identityToString(ident, Ice.ToStringMode.Unicode) test(idStr == "\\u007f{}/test".format(euroStr)) @@ -1002,10 +1002,6 @@ def allTests(helper, communicator, collocated): ) if communicator.getProperties().getPropertyAsInt("Ice.IPv6") == 0: - # Working? - ssl = communicator.getProperties().getProperty("Ice.Default.Protocol") == "ssl" - tcp = communicator.getProperties().getProperty("Ice.Default.Protocol") == "tcp" - # Two legal TCP endpoints expressed as opaque endpoints p1 = communicator.stringToProxy( "test -e 1.0:opaque -t 1 -e 1.0 -v CTEyNy4wLjAuMeouAAAQJwAAAA==:opaque -t 1 -e 1.0 -v CTEyNy4wLjAuMusuAAAQJwAAAA==" @@ -1024,29 +1020,17 @@ def allTests(helper, communicator, collocated): "test -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch" ) pstr = communicator.proxyToString(p1) - if ssl: - test( - pstr - == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch" - ) - elif tcp: - test( - pstr - == "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch" - ) + test( + pstr + == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch" + ) - # - # Try to invoke on the SSL endpoint to verify that we get a - # NoEndpointException (or ConnectionRefusedException when - # running with SSL). - # + # Try to invoke on the SSL endpoint to verify that we get a ConnectionRefusedException. try: p1.ice_encodingVersion(Ice.Encoding_1_0).ice_ping() test(False) - except Ice.NoEndpointException: - test(not ssl) except Ice.ConnectFailedException: - test(not tcp) + pass # # Test that the proxy with an SSL endpoint and a nonsense @@ -1056,16 +1040,10 @@ def allTests(helper, communicator, collocated): # p2 = derived.echo(p1) pstr = communicator.proxyToString(p2) - if ssl: - test( - pstr - == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch" - ) - elif tcp: - test( - pstr - == "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch" - ) + test( + pstr + == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch" + ) print("ok") diff --git a/ruby/Makefile b/ruby/Makefile index a3e947be0d5..9e62d9e6647 100644 --- a/ruby/Makefile +++ b/ruby/Makefile @@ -10,7 +10,7 @@ include $(top_srcdir)/config/Make.rules # # Load C++ dependencies # -$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceSSL IceLocatorDiscovery IceDiscovery))) +$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceLocatorDiscovery IceDiscovery))) $(eval $(call load-translator-dependencies,$(top_srcdir)/cpp/src/slice2rb)) # diff --git a/ruby/test/Ice/proxy/AllTests.rb b/ruby/test/Ice/proxy/AllTests.rb index c54df1d0e78..40b98684e98 100644 --- a/ruby/test/Ice/proxy/AllTests.rb +++ b/ruby/test/Ice/proxy/AllTests.rb @@ -804,9 +804,6 @@ def allTests(helper, communicator) # Working? if communicator.getProperties().getPropertyAsInt("Ice.IPv6") == 0 - ssl = communicator.getProperties().getProperty("Ice.Default.Protocol") == "ssl" - tcp = communicator.getProperties().getProperty("Ice.Default.Protocol") == "tcp" - # Two legal TCP endpoints expressed as opaque endpoints p1 = communicator.stringToProxy("test -e 1.0:opaque -t 1 -e 1.0 -v CTEyNy4wLjAuMeouAAAQJwAAAA==:opaque -t 1 -e 1.0 -v CTEyNy4wLjAuMusuAAAQJwAAAA==") pstr = communicator.proxyToString(p1) @@ -818,11 +815,7 @@ def allTests(helper, communicator) # p1 = communicator.stringToProxy("test -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch") pstr = communicator.proxyToString(p1) - if ssl - test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch") - elsif tcp - test(pstr == "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch") - end + test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch") # # Try to invoke on the SSL endpoint to verify that we get a @@ -832,10 +825,7 @@ def allTests(helper, communicator) begin p1.ice_encodingVersion(Ice::Encoding_1_0).ice_ping() test(false) - rescue Ice::NoEndpointException - test(!ssl) rescue Ice::ConnectionRefusedException - test(!tcp) end # @@ -846,11 +836,7 @@ def allTests(helper, communicator) # p2 = derived.echo(p1) pstr = communicator.proxyToString(p2) - if ssl - test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch") - elsif tcp - test(pstr == "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch") - end + test(pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch") end puts "ok" From 0d3e7838ff53f5bad04feb026f41ef0d0efd21fa Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 19:12:59 +0200 Subject: [PATCH 15/28] Swift fixes --- swift/src/IceImpl/IceUtil.mm | 1 - swift/test/Ice/proxy/AllTests.swift | 16 +---- .../test/IceSSL/configuration/AllTests.swift | 69 ------------------- 3 files changed, 3 insertions(+), 83 deletions(-) diff --git a/swift/src/IceImpl/IceUtil.mm b/swift/src/IceImpl/IceUtil.mm index 7a8ed088f5f..da736623bb8 100644 --- a/swift/src/IceImpl/IceUtil.mm +++ b/swift/src/IceImpl/IceUtil.mm @@ -23,7 +23,6 @@ // Register plug-ins included in the Ice framework (a single binary file) // See also RegisterPluginsInit.cpp in cpp/src/Ice // - Ice::registerIceSSL(false); Ice::registerIceDiscovery(false); Ice::registerIceLocatorDiscovery(false); #if defined(__APPLE__) && TARGET_OS_IPHONE != 0 diff --git a/swift/test/Ice/proxy/AllTests.swift b/swift/test/Ice/proxy/AllTests.swift index 683c48eb55e..0231c69d5b7 100644 --- a/swift/test/Ice/proxy/AllTests.swift +++ b/swift/test/Ice/proxy/AllTests.swift @@ -869,10 +869,6 @@ public func allTests(_ helper: TestHelper) throws -> MyClassPrx { try test(communicator.proxyToString(p2) == "test -t -e 1.1:tcp -h 127.0.0.1 -p 12010 -t 10000") if communicator.getProperties().getPropertyAsInt("Ice.IPv6") == 0 { - // Working? - let ssl = communicator.getProperties().getProperty("Ice.Default.Protocol") == "ssl" - let tcp = communicator.getProperties().getProperty("Ice.Default.Protocol") == "tcp" - // Two legal TCP endpoints expressed as opaque endpoints p1 = try communicator.stringToProxy( "test -e 1.0:" + "opaque -e 1.0 -t 1 -v CTEyNy4wLjAuMeouAAAQJwAAAA==:" @@ -887,15 +883,9 @@ public func allTests(_ helper: TestHelper) throws -> MyClassPrx { "test -e 1.0:" + "opaque -e 1.0 -t 2 -v CTEyNy4wLjAuMREnAAD/////AA==:" + "opaque -e 1.0 -t 99 -v abch")! pstr = communicator.proxyToString(p1) - if ssl { - try test( - pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch") - } else if tcp { - try test( - pstr - == "test -t -e 1.0:opaque -t 2 -e 1.0 -v CTEyNy4wLjAuMREnAAD/////AA==:opaque -t 99 -e 1.0 -v abch" - ) - } + try test( + pstr == "test -t -e 1.0:ssl -h 127.0.0.1 -p 10001 -t infinite:opaque -t 99 -e 1.0 -v abch" + ) } writer.writeLine("ok") diff --git a/swift/test/IceSSL/configuration/AllTests.swift b/swift/test/IceSSL/configuration/AllTests.swift index d73b76ce345..93c47801854 100644 --- a/swift/test/IceSSL/configuration/AllTests.swift +++ b/swift/test/IceSSL/configuration/AllTests.swift @@ -104,22 +104,6 @@ public func allTests(_ helper: TestHelper, _ defaultDir: String) throws -> SSLSe let os = ProcessInfo().operatingSystemVersion let isCatalinaOrGreater = (os.majorVersion, os.minorVersion) >= (10, 15) - output.write("testing manual initialization... ") - do { - let properties = createClientProps(defaultProperties) - properties.setProperty(key: "Ice.InitPlugins", value: "0") - let comm = try helper.initialize(properties) - let p = try comm.stringToProxy("dummy:ssl -p 9999")! - do { - try p.ice_ping() - try test(false) - } catch is PluginInitializationException { - // Expected. - } - comm.destroy() - } - output.writeLine("ok") - output.write("testing certificate verification... ") do { // @@ -467,59 +451,6 @@ public func allTests(_ helper: TestHelper, _ defaultDir: String) throws -> SSLSe comm.destroy() output.writeLine("ok") - output.write("testing ciphers... ") - - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_ca1", ca: "cacert1") - properties.setProperty(key: "IceSSL.Ciphers", value: "UNKNOWN") - do { - _ = try helper.initialize(properties) - try test(false) - } catch is Ice.PluginInitializationException { - // Expected - } - - // - // The server has a certificate but the client doesn't. They should - // negotiate to use ADH since we explicitly enable it. - // - properties = createClientProps(defaultProperties) - properties.setProperty(key: "IceSSL.Ciphers", value: "(DH_anon*)") - comm = try helper.initialize(properties) - fact = try checkedCast(prx: comm.stringToProxy(factoryRef)!, type: SSLServerFactoryPrx.self)! - d = createServerProps(defaultProperties: defaultProperties, cert: "s_rsa_ca1", ca: "cacert1") - let cipherSub = "DH_anon" - d["IceSSL.Ciphers"] = "(RSA_*) (DH_anon*)" - d["IceSSL.VerifyPeer"] = "1" - server = try fact.createServer(d)! - - do { - try server.checkCipher(cipherSub) - let info = try server.ice_getConnection()!.getInfo() as! SSLConnectionInfo - try test(info.cipher.starts(with: cipherSub)) - } catch is LocalException { - // - // macOS 10.10 bug the handshake fails attempting client auth - // with anon cipher. - // - } - try fact.destroyServer(server) - comm.destroy() - - // - // This should fail because the client disabled all ciphers. - // - properties = createClientProps( - defaultProperties: defaultProperties, cert: "c_rsa_ca1", ca: "cacert1") - properties.setProperty(key: "IceSSL.Ciphers", value: "NONE") - do { - comm = try helper.initialize(properties) - try test(false) - } catch is Ice.PluginInitializationException { - // Expected when disabled all cipher suites. - } - output.writeLine("ok") - output.write("testing IceSSL.TrustOnly... ") // // iOS support only provides access to the CN of the certificate so we From 4187050f365250c8fd1da31da2412e3df97832ff Mon Sep 17 00:00:00 2001 From: Jose Date: Thu, 11 Apr 2024 20:01:48 +0200 Subject: [PATCH 16/28] Build fixes --- cpp/config/Make.rules | 2 +- cpp/config/Make.xcodesdk.rules | 2 +- cpp/include/Ice/RegisterPlugins.h | 1 - cpp/src/Glacier2/Makefile.mk | 2 +- cpp/src/IceGrid/Makefile.mk | 4 ++-- cpp/test/Common/Makefile.mk | 2 +- cpp/test/Glacier2/ssl/Makefile.mk | 2 +- cpp/test/Ice/info/Makefile.mk | 2 +- cpp/test/Ice/services/Makefile.mk | 2 +- cpp/test/IceDiscovery/simple/Makefile.mk | 2 +- cpp/test/IceGrid/session/Makefile.mk | 2 +- cpp/test/IceGrid/simple/Makefile.mk | 2 +- cpp/test/IceSSL/configuration/AllTests.cpp | 8 +------- cpp/test/IceSSL/configuration/Makefile.mk | 4 ++-- .../C++ Test Controller.xcodeproj/project.pbxproj | 4 ---- matlab/Makefile | 3 +-- matlab/src/Makefile.mk | 4 ++-- php/src/Makefile.mk | 2 +- python/modules/IcePy/Makefile.mk | 2 +- ruby/src/IceRuby/Makefile.mk | 2 +- 20 files changed, 21 insertions(+), 33 deletions(-) diff --git a/cpp/config/Make.rules b/cpp/config/Make.rules index f61ff51b126..cf3dbdd77a5 100644 --- a/cpp/config/Make.rules +++ b/cpp/config/Make.rules @@ -97,7 +97,7 @@ define create-cpp-test-project $1_srcext := cpp $1_dependencies := $$(or $$($1_dependencies),TestCommon Ice) -# Also link with IceSSL and IceBT (Debian/Ubuntu/Yocto) when compiling the project with the static configuration +# Also link with IceBT (Debian/Ubuntu/Yocto) when compiling the project with the static configuration $1[static]_cppflags += $(if $(IceBT_system_libs),-DICE_HAS_BT) $1[static]_dependencies := $(if $(IceBT_system_libs),IceBT) diff --git a/cpp/config/Make.xcodesdk.rules b/cpp/config/Make.xcodesdk.rules index 29757e79df0..985329ac828 100644 --- a/cpp/config/Make.xcodesdk.rules +++ b/cpp/config/Make.xcodesdk.rules @@ -15,7 +15,7 @@ xcodesdk_targetdir = $(if $(filter %/build,$5),xcodesdk,$(if $(is-iostest-p xcodesdk_installdir = $(if $(filter %/build,$5),xcodesdk,$(if $(is-iostest-program),,../sdk/$2.sdk/usr/lib)) xcodesdk_targetrule = $(if $(is-iostest-program),iostest,$(if $(filter-out program,$($1_target)),static)) -xcodesdk_components = Ice IceSSL Glacier2 IceStorm IceGrid IceDiscovery IceLocatorDiscovery IceIAP TestCommon +xcodesdk_components = Ice Glacier2 IceStorm IceGrid IceDiscovery IceLocatorDiscovery IceIAP TestCommon xcodesdk_projects = test/Ice/% test/IceSSL/configuration xcodesdk_excludes = $(addprefix test/Ice/,background \ faultTolerance \ diff --git a/cpp/include/Ice/RegisterPlugins.h b/cpp/include/Ice/RegisterPlugins.h index 0f4fb84f250..c3b5d26ca79 100644 --- a/cpp/include/Ice/RegisterPlugins.h +++ b/cpp/include/Ice/RegisterPlugins.h @@ -117,7 +117,6 @@ namespace Ice #if defined(_MSC_VER) && !defined(ICE_BUILDING_SRC) # pragma comment(lib, ICE_LIBNAME("IceDiscovery")) # pragma comment(lib, ICE_LIBNAME("IceLocatorDiscovery")) -# pragma comment(lib, ICE_LIBNAME("IceSSL")) #endif } diff --git a/cpp/src/Glacier2/Makefile.mk b/cpp/src/Glacier2/Makefile.mk index bc073a35671..04bc21c0cbd 100644 --- a/cpp/src/Glacier2/Makefile.mk +++ b/cpp/src/Glacier2/Makefile.mk @@ -5,7 +5,7 @@ $(project)_programs := glacier2router $(project)_sliceflags := --include-dir Glacier2 $(project)_generated_includedir := $(project)/generated/Glacier2 -$(project)_dependencies := Glacier2 IceSSL Ice +$(project)_dependencies := Glacier2 Ice glacier2router_targetdir := $(bindir) diff --git a/cpp/src/IceGrid/Makefile.mk b/cpp/src/IceGrid/Makefile.mk index 011550aea77..5d2e0e8a647 100644 --- a/cpp/src/IceGrid/Makefile.mk +++ b/cpp/src/IceGrid/Makefile.mk @@ -65,12 +65,12 @@ $(project)_targetdir := $(bindir) icegridnode_sources := $(addprefix $(currentdir)/,$(local_node_srcs) $(local_registry_srcs) IceGridNode.cpp) \ $(slicedir)/IceLocatorDiscovery/IceLocatorDiscovery.ice -icegridnode_dependencies := IceBox IceStormService IceStorm IceXML IceSSL IceDB +icegridnode_dependencies := IceBox IceStormService IceStorm IceXML IceDB icegridnode_cppflags := $(if $(lmdb_includedir),-I$(lmdb_includedir)) icegridregistry_sources := $(addprefix $(currentdir)/,$(local_registry_srcs) IceGridRegistry.cpp) \ $(slicedir)/IceLocatorDiscovery/IceLocatorDiscovery.ice -icegridregistry_dependencies := IceBox IceStormService IceStorm IceXML IceSSL IceDB $(local_dependencies) +icegridregistry_dependencies := IceBox IceStormService IceStorm IceXML IceDB $(local_dependencies) icegridregistry_cppflags := $(if $(lmdb_includedir),-I$(lmdb_includedir)) icegridadmin_dependencies := IceBox IceXML IceLocatorDiscovery diff --git a/cpp/test/Common/Makefile.mk b/cpp/test/Common/Makefile.mk index c5694db89ca..63174c63e49 100644 --- a/cpp/test/Common/Makefile.mk +++ b/cpp/test/Common/Makefile.mk @@ -11,7 +11,7 @@ $(project)_caninstall := no # because TestCommon isn't installed with the binary distribution. # TestCommon[shared]_targetdir := $(call mappingdir,$(currentdir),lib) -TestCommon_dependencies := IceSSL Ice +TestCommon_dependencies := Ice TestCommon_cppflags := -DTEST_API_EXPORTS -I$(includedir) -Itest/include projects += $(project) diff --git a/cpp/test/Glacier2/ssl/Makefile.mk b/cpp/test/Glacier2/ssl/Makefile.mk index b777bea87f1..651d334cca1 100644 --- a/cpp/test/Glacier2/ssl/Makefile.mk +++ b/cpp/test/Glacier2/ssl/Makefile.mk @@ -3,6 +3,6 @@ # $(test)_client_dependencies = Glacier2 -$(test)_server_dependencies = Glacier2 IceSSL +$(test)_server_dependencies = Glacier2 tests += $(test) diff --git a/cpp/test/Ice/info/Makefile.mk b/cpp/test/Ice/info/Makefile.mk index b25325f88cc..aada02cd66b 100644 --- a/cpp/test/Ice/info/Makefile.mk +++ b/cpp/test/Ice/info/Makefile.mk @@ -3,6 +3,6 @@ # $(test)_client_sources = Test.ice TestI.cpp Client.cpp AllTests.cpp -$(test)_dependencies = TestCommon IceSSL Ice +$(test)_dependencies = TestCommon Ice tests += $(test) diff --git a/cpp/test/Ice/services/Makefile.mk b/cpp/test/Ice/services/Makefile.mk index 8862c788eee..85c29428e1a 100644 --- a/cpp/test/Ice/services/Makefile.mk +++ b/cpp/test/Ice/services/Makefile.mk @@ -2,6 +2,6 @@ # Copyright (c) ZeroC, Inc. All rights reserved. # -$(test)_dependencies = Glacier2 IceStorm IceGrid TestCommon IceSSL Ice +$(test)_dependencies = Glacier2 IceStorm IceGrid TestCommon Ice tests += $(test) diff --git a/cpp/test/IceDiscovery/simple/Makefile.mk b/cpp/test/IceDiscovery/simple/Makefile.mk index be9267180e2..4479418edd3 100644 --- a/cpp/test/IceDiscovery/simple/Makefile.mk +++ b/cpp/test/IceDiscovery/simple/Makefile.mk @@ -2,6 +2,6 @@ # Copyright (c) ZeroC, Inc. All rights reserved. # -$(test)_dependencies = IceDiscovery TestCommon IceSSL Ice +$(test)_dependencies = IceDiscovery TestCommon Ice tests += $(test) diff --git a/cpp/test/IceGrid/session/Makefile.mk b/cpp/test/IceGrid/session/Makefile.mk index a4c677e2046..c3f7650497a 100644 --- a/cpp/test/IceGrid/session/Makefile.mk +++ b/cpp/test/IceGrid/session/Makefile.mk @@ -6,7 +6,7 @@ $(test)_programs = client server verifier $(test)_client_dependencies = IceGrid Glacier2 -$(test)_server_dependencies = Glacier2 IceSSL +$(test)_server_dependencies = Glacier2 $(test)_verifier_sources = PermissionsVerifier.cpp $(test)_verifier_dependencies = Glacier2 diff --git a/cpp/test/IceGrid/simple/Makefile.mk b/cpp/test/IceGrid/simple/Makefile.mk index db608d9c2ad..bfb5b352efa 100644 --- a/cpp/test/IceGrid/simple/Makefile.mk +++ b/cpp/test/IceGrid/simple/Makefile.mk @@ -2,6 +2,6 @@ # Copyright (c) ZeroC, Inc. All rights reserved. # -$(test)_dependencies = IceLocatorDiscovery IceGrid Glacier2 TestCommon IceSSL Ice +$(test)_dependencies = IceLocatorDiscovery IceGrid Glacier2 TestCommon Ice tests += $(test) diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index bc7e679085a..65df432be69 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -29,17 +29,11 @@ # define ICE_USE_SECURE_TRANSPORT_MACOS 1 # endif #elif defined(_WIN32) -# if !defined(ICE_USE_OPENSSL) -# define ICE_USE_SCHANNEL 1 -# endif +# define ICE_USE_SCHANNEL 1 #else # define ICE_USE_OPENSSL 1 #endif -#if defined(_WIN32) && defined(ICE_USE_OPENSSL) -# include "IceSSL/OpenSSL.h" -#endif - using namespace std; using namespace Ice; diff --git a/cpp/test/IceSSL/configuration/Makefile.mk b/cpp/test/IceSSL/configuration/Makefile.mk index ff0cbf6490b..210c7ebfdef 100644 --- a/cpp/test/IceSSL/configuration/Makefile.mk +++ b/cpp/test/IceSSL/configuration/Makefile.mk @@ -2,7 +2,7 @@ # Copyright (c) ZeroC, Inc. All rights reserved. # -$(test)_dependencies = TestCommon IceSSL Ice +$(test)_dependencies = TestCommon Ice # # Disable var tracking assignments for Linux with this test @@ -11,7 +11,7 @@ ifneq ($(linux_id),) $(test)_cppflags += $(if $(filter yes,$(OPTIMIZE)),-fno-var-tracking-assignments) endif -# Need to load certificates with functions from src/IceSSL/Util.h +# Need to load certificates with functions from src/IceSSL/SSLUtil.h $(test)[iphoneos]_cppflags := -Isrc $(test)[iphonesimulator]_cppflags := -Isrc diff --git a/cpp/test/ios/controller/C++ Test Controller.xcodeproj/project.pbxproj b/cpp/test/ios/controller/C++ Test Controller.xcodeproj/project.pbxproj index 23b1e3175d3..65d99def0a2 100644 --- a/cpp/test/ios/controller/C++ Test Controller.xcodeproj/project.pbxproj +++ b/cpp/test/ios/controller/C++ Test Controller.xcodeproj/project.pbxproj @@ -389,7 +389,6 @@ "-L../../Common/build/$(PLATFORM_NAME)/xcodesdk", "-lTestCommon", "-lIceDiscovery", - "-lIceSSL", "-lIce", "-lbz2", "-liconv", @@ -425,7 +424,6 @@ "-L../../Common/build/$(PLATFORM_NAME)/xcodesdk", "-lTestCommon", "-lIceDiscovery", - "-lIceSSL", "-lIce", "-lbz2", "-liconv", @@ -457,7 +455,6 @@ "-L../../Common/build/$(PLATFORM_NAME)/xcodesdk", "-lTestCommon", "-lIce", - "-lIceSSL", "-lIceDiscovery", "-lbz2", "-liconv", @@ -489,7 +486,6 @@ "-lTestCommon", "-lIce", "-lIceDiscovery", - "-lIceSSL", "-lbz2", "-liconv", ); diff --git a/matlab/Makefile b/matlab/Makefile index 01d21b4a39e..3de5a631f20 100644 --- a/matlab/Makefile +++ b/matlab/Makefile @@ -14,7 +14,7 @@ icetoolbox_file = toolbox/ice-$(version)-R$(matlab_version)-linux.mltbx # Load C++ dependencies # $(eval $(call load-translator-dependencies,$(top_srcdir)/cpp/src/slice2matlab)) -$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceSSL IceLocatorDiscovery IceDiscovery))) +$(eval $(call load-dependencies,$(addprefix $(top_srcdir)/cpp/src/,Ice IceLocatorDiscovery IceDiscovery))) # # Load MATLAB rules after loading C++ dependencies @@ -108,7 +108,6 @@ $(icetoolbox_file):: $(icethunk_target) $(slice2matlab_path) $(lang_srcdir)/lib/ cp -rf $(lang_srcdir)/lib/generated/+* $(lang_srcdir)/toolbox/build cp -rf $(lang_srcdir)/lib/x86_64-linux-gnu/* $(lang_srcdir)/toolbox/build cp -rLf $(cpp_libdir)/libIce.so.38a0 $(lang_srcdir)/toolbox/build - cp -rLf $(cpp_libdir)/libIceSSL.so.38a0 $(lang_srcdir)/toolbox/build cp -rLf $(cpp_libdir)/libIceDiscovery.so.38a0 $(lang_srcdir)/toolbox/build cp -rLf $(cpp_libdir)/libIceLocatorDiscovery.so.38a0 $(lang_srcdir)/toolbox/build # Slice files diff --git a/matlab/src/Makefile.mk b/matlab/src/Makefile.mk index f9337465b52..5a9a428b94f 100644 --- a/matlab/src/Makefile.mk +++ b/matlab/src/Makefile.mk @@ -14,9 +14,9 @@ IceMatlab_cppflags := -I$(project) \ IceMatlab_system_libs := $(matlab_ldflags) \ -L$(top_srcdir)/cpp/lib/x86_64-linux-gnu \ -Wl,-rpath=\$$ORIGIN \ - -lIce -lIceSSL -lIceDiscovery -lIceLocatorDiscovery + -lIce -lIceDiscovery -lIceLocatorDiscovery -IceMatlab_dependencies := IceDiscovery IceLocatorDiscovery IceSSL Ice +IceMatlab_dependencies := IceDiscovery IceLocatorDiscovery Ice projects += $(project) srcs:: $(project) diff --git a/php/src/Makefile.mk b/php/src/Makefile.mk index 7061e2a6f3d..9ad14359324 100644 --- a/php/src/Makefile.mk +++ b/php/src/Makefile.mk @@ -10,7 +10,7 @@ IcePHP_targetdir := lib IcePHP_installdir := $(install_phplibdir) IcePHP_cppflags := -I$(top_srcdir)/cpp/src $(ice_cpp_cppflags) $(php_cppflags) IcePHP_ldflags := $(php_ldflags) -IcePHP_dependencies := IceDiscovery IceLocatorDiscovery IceSSL Ice +IcePHP_dependencies := IceDiscovery IceLocatorDiscovery Ice IcePHP_extra_sources := $(wildcard $(top_srcdir)/cpp/src/Slice/*.cpp) \ $(top_srcdir)/cpp/src/slice2php/PHPUtil.cpp \ diff --git a/python/modules/IcePy/Makefile.mk b/python/modules/IcePy/Makefile.mk index b57c64539c9..c18a09816af 100644 --- a/python/modules/IcePy/Makefile.mk +++ b/python/modules/IcePy/Makefile.mk @@ -9,7 +9,7 @@ IcePy_targetname := IcePy IcePy_targetdir := $(lang_srcdir)/python IcePy_installdir := $(install_pythondir) IcePy_cppflags := $(ice_cpp_cppflags) -I$(top_srcdir)/cpp/src $(python_cppflags) -IcePy_dependencies := IceDiscovery IceLocatorDiscovery IceSSL Ice +IcePy_dependencies := IceDiscovery IceLocatorDiscovery Ice IcePy_libs := mcpp IcePy_extra_sources := $(wildcard $(top_srcdir)/cpp/src/Slice/*.cpp) \ $(top_srcdir)/cpp/src/slice2py/PythonUtil.cpp \ diff --git a/ruby/src/IceRuby/Makefile.mk b/ruby/src/IceRuby/Makefile.mk index b84a3af4dc4..dbc5d3fcf2a 100644 --- a/ruby/src/IceRuby/Makefile.mk +++ b/ruby/src/IceRuby/Makefile.mk @@ -10,7 +10,7 @@ IceRuby_targetdir := $(lang_srcdir)/ruby IceRuby_installdir := $(install_rubylibdir) IceRuby_cppflags := $(ice_cpp_cppflags) -I$(top_srcdir)/cpp/src $(ruby_cppflags) IceRuby_system_libs := $(ruby_ldflags) -IceRuby_dependencies := IceDiscovery IceLocatorDiscovery IceSSL Ice +IceRuby_dependencies := IceDiscovery IceLocatorDiscovery Ice IceRuby_libs := mcpp IceRuby_extra_sources := $(wildcard $(top_srcdir)/cpp/src/Slice/*.cpp) \ $(top_srcdir)/cpp/src/slice2rb/RubyUtil.cpp \ From 5bdeb05becd0ddee4d88c24991b452ad142ffb7a Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 09:57:15 +0200 Subject: [PATCH 17/28] Windows build fixes --- cpp/src/Ice/msbuild/ice/ice.vcxproj | 1 + cpp/src/Ice/msbuild/ice/ice.vcxproj.filters | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cpp/src/Ice/msbuild/ice/ice.vcxproj b/cpp/src/Ice/msbuild/ice/ice.vcxproj index 40f4802f301..c66c5430cf5 100644 --- a/cpp/src/Ice/msbuild/ice/ice.vcxproj +++ b/cpp/src/Ice/msbuild/ice/ice.vcxproj @@ -163,6 +163,7 @@ + diff --git a/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters b/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters index 64c1e47c3f5..f079b618b1e 100644 --- a/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters +++ b/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters @@ -618,6 +618,9 @@ Source Files\IceSSL + + Source Files\IceSSL + @@ -1051,4 +1054,4 @@ Slice Files - + \ No newline at end of file From 7df61a6fd6623b120f3ac5de0ca161168d55ba85 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 13:03:32 +0200 Subject: [PATCH 18/28] Cleanup --- config/Make.rules.Linux | 2 +- .../IceSSL/{Plugin.h => Certificate.h} | 6 +- cpp/include/IceSSL/ConnectionInfo.h | 5 +- cpp/include/IceSSL/IceSSL.h | 19 --- cpp/include/IceSSL/OpenSSL.h | 2 +- cpp/include/IceSSL/SChannel.h | 2 +- cpp/include/IceSSL/SecureTransport.h | 89 +++++----- cpp/src/Glacier2/SessionRouterI.cpp | 7 +- cpp/src/Ice/Communicator.cpp | 3 +- cpp/src/Ice/Instance.cpp | 30 ++-- cpp/src/Ice/Instance.h | 8 +- cpp/src/IceGrid/AdminSessionI.cpp | 4 +- cpp/src/IceGrid/InternalRegistryI.cpp | 3 +- cpp/src/IceGrid/RegistryI.cpp | 17 +- cpp/src/IceGrid/SessionI.cpp | 3 +- cpp/src/IceSSL/CertificateI.cpp | 23 --- cpp/src/IceSSL/CertificateI.h | 11 +- cpp/src/IceSSL/OpenSSLCertificateI.cpp | 16 +- cpp/src/IceSSL/OpenSSLEngine.cpp | 14 +- cpp/src/IceSSL/OpenSSLEngine.h | 52 +++--- cpp/src/IceSSL/OpenSSLEngineF.h | 14 +- cpp/src/IceSSL/OpenSSLPluginI.cpp | 27 --- cpp/src/IceSSL/OpenSSLTransceiverI.cpp | 16 +- cpp/src/IceSSL/OpenSSLTransceiverI.h | 99 ++++++----- cpp/src/IceSSL/OpenSSLUtil.h | 59 +++---- cpp/src/IceSSL/PluginI.cpp | 27 +-- cpp/src/IceSSL/PluginI.h | 34 ---- cpp/src/IceSSL/RFC2253.cpp | 6 +- cpp/src/IceSSL/RFC2253.h | 63 ++++--- cpp/src/IceSSL/SChannelCertificateI.cpp | 18 +- cpp/src/IceSSL/SChannelEngine.cpp | 14 +- cpp/src/IceSSL/SChannelEngine.h | 59 +++---- cpp/src/IceSSL/SChannelEngineF.h | 10 +- cpp/src/IceSSL/SChannelPluginI.cpp | 22 --- cpp/src/IceSSL/SChannelTransceiverI.h | 159 +++++++++--------- cpp/src/IceSSL/SSLEngine.cpp | 35 ++-- cpp/src/IceSSL/SSLEngine.h | 14 +- cpp/src/IceSSL/SSLInstance.cpp | 2 +- cpp/src/IceSSL/SSLUtil.cpp | 9 +- cpp/src/IceSSL/SSLUtil.h | 2 - .../IceSSL/SecureTransportCertificateI.cpp | 24 ++- cpp/src/IceSSL/SecureTransportEngine.cpp | 23 +-- cpp/src/IceSSL/SecureTransportEngine.h | 45 +++-- cpp/src/IceSSL/SecureTransportEngineF.h | 12 +- cpp/src/IceSSL/SecureTransportPluginI.cpp | 24 --- .../IceSSL/SecureTransportTransceiverI.cpp | 8 +- cpp/src/IceSSL/SecureTransportTransceiverI.h | 114 ++++++------- cpp/src/IceSSL/SecureTransportUtil.cpp | 3 - cpp/src/IceSSL/SecureTransportUtil.h | 49 +++--- cpp/src/IceSSL/TrustManager.cpp | 16 +- cpp/src/IceSSL/TrustManager.h | 10 +- cpp/test/Glacier2/ssl/Server.cpp | 2 +- cpp/test/Ice/info/AllTests.cpp | 3 +- cpp/test/Ice/info/TestI.cpp | 2 +- .../IceGrid/session/PermissionsVerifier.cpp | 1 - cpp/test/IceGrid/session/Server.cpp | 2 +- cpp/test/IceSSL/configuration/AllTests.cpp | 75 +++++---- cpp/test/IceSSL/configuration/Client.cpp | 5 - cpp/test/IceSSL/configuration/TestI.cpp | 2 +- 59 files changed, 599 insertions(+), 826 deletions(-) rename cpp/include/IceSSL/{Plugin.h => Certificate.h} (98%) delete mode 100644 cpp/include/IceSSL/IceSSL.h delete mode 100644 cpp/src/IceSSL/OpenSSLPluginI.cpp delete mode 100644 cpp/src/IceSSL/PluginI.h delete mode 100644 cpp/src/IceSSL/SChannelPluginI.cpp delete mode 100644 cpp/src/IceSSL/SecureTransportPluginI.cpp diff --git a/config/Make.rules.Linux b/config/Make.rules.Linux index 467451fe34b..c126c5d9451 100644 --- a/config/Make.rules.Linux +++ b/config/Make.rules.Linux @@ -195,6 +195,6 @@ icestormadmin_system_libs = -ledit # ifneq ($(filter debian ubuntu yocto poky,$(linux_id)),) ifeq ($(shell pkg-config --exists bluez dbus-1 2> /dev/null && echo yes),yes) -IceBT_system_libs = $(Ice_system_libs) $(shell pkg-config --libs dbus-1) +IceBT_system_libs = $(shell pkg-config --libs dbus-1) endif endif diff --git a/cpp/include/IceSSL/Plugin.h b/cpp/include/IceSSL/Certificate.h similarity index 98% rename from cpp/include/IceSSL/Plugin.h rename to cpp/include/IceSSL/Certificate.h index c552692ffd2..f0fb2ad278f 100644 --- a/cpp/include/IceSSL/Plugin.h +++ b/cpp/include/IceSSL/Certificate.h @@ -68,9 +68,7 @@ namespace IceSSL UnknownTrustFailure, }; - ICE_API TrustError getTrustError(const IceSSL::ConnectionInfoPtr&); ICE_API std::string getTrustErrorDescription(TrustError); - ICE_API std::string getHost(const IceSSL::ConnectionInfoPtr&); /** * The key usage "digitalSignature" bit is set @@ -394,7 +392,7 @@ namespace IceSSL * KEY_USAGE_ENCIPHER_ONLY and KEY_USAGE_DECIPHER_ONLY can be used to check what * key usage bits are set. */ - unsigned int getKeyUsage() const; + virtual unsigned int getKeyUsage() const = 0; /** * Returns the value of the extended key usage extension. The flags EXTENDED_KEY_USAGE_ANY_KEY_USAGE, @@ -403,7 +401,7 @@ namespace IceSSL * EXTENDED_KEY_USAGE_TIME_STAMPING and EXTENDED_KEY_USAGE_OCSP_SIGNING can be used to check what * extended key usage bits are set. */ - unsigned int getExtendedKeyUsage() const; + virtual unsigned int getExtendedKeyUsage() const = 0; /** * Obtains the not-after validity time. diff --git a/cpp/include/IceSSL/ConnectionInfo.h b/cpp/include/IceSSL/ConnectionInfo.h index 8b0701ec1e5..43dd2fa7cf4 100644 --- a/cpp/include/IceSSL/ConnectionInfo.h +++ b/cpp/include/IceSSL/ConnectionInfo.h @@ -5,9 +5,9 @@ #ifndef ICESSL_CONNECTION_INFO_H #define ICESSL_CONNECTION_INFO_H +#include "Certificate.h" #include "ConnectionInfoF.h" #include "Ice/Connection.h" -#include "Plugin.h" #if defined(__clang__) # pragma clang diagnostic push @@ -68,6 +68,9 @@ namespace IceSSL * The certificate chain verification status. */ bool verified; + + TrustError errorCode; + std::string host; }; } diff --git a/cpp/include/IceSSL/IceSSL.h b/cpp/include/IceSSL/IceSSL.h deleted file mode 100644 index 20de75e56bb..00000000000 --- a/cpp/include/IceSSL/IceSSL.h +++ /dev/null @@ -1,19 +0,0 @@ -// -// Copyright (c) ZeroC, Inc. All rights reserved. -// - -#ifndef ICESSL_ICESSL_H -#define ICESSL_ICESSL_H - -#if defined(_WIN32) -# include "SChannel.h" -#elif defined(__APPLE__) -# include "SecureTransport.h" -#else -# include "OpenSSL.h" -#endif - -#include "ConnectionInfo.h" -#include "EndpointInfo.h" - -#endif diff --git a/cpp/include/IceSSL/OpenSSL.h b/cpp/include/IceSSL/OpenSSL.h index a9b9358ef60..f9429a07e38 100644 --- a/cpp/include/IceSSL/OpenSSL.h +++ b/cpp/include/IceSSL/OpenSSL.h @@ -5,7 +5,7 @@ #ifndef ICESSL_OPENSSL_H #define ICESSL_OPENSSL_H -#include "Plugin.h" +#include "Certificate.h" #include #include diff --git a/cpp/include/IceSSL/SChannel.h b/cpp/include/IceSSL/SChannel.h index 593c4904ebd..23320c12100 100644 --- a/cpp/include/IceSSL/SChannel.h +++ b/cpp/include/IceSSL/SChannel.h @@ -6,7 +6,7 @@ #define ICESSL_SCHANNEL_H #ifdef _WIN32 -# include "Plugin.h" +# include "Certificate.h" // We need to include windows.h before wincrypt.h. // clang-format off # ifndef NOMINMAX diff --git a/cpp/include/IceSSL/SecureTransport.h b/cpp/include/IceSSL/SecureTransport.h index 27ba08d51df..1950fc1b685 100644 --- a/cpp/include/IceSSL/SecureTransport.h +++ b/cpp/include/IceSSL/SecureTransport.h @@ -7,62 +7,57 @@ #ifdef __APPLE__ -# include "Plugin.h" +# include "Certificate.h" # include -namespace IceSSL +namespace IceSSL::SecureTransport { - namespace SecureTransport - { - class Certificate; - using CertificatePtr = std::shared_ptr; + class Certificate; + using CertificatePtr = std::shared_ptr; + /** + * This convenience class is a wrapper around a native certificate. + * \headerfile IceSSL/IceSSL.h + */ + class ICE_API Certificate : public virtual IceSSL::Certificate + { + public: /** - * This convenience class is a wrapper around a native certificate. - * \headerfile IceSSL/IceSSL.h + * Constructs a certificate using a native certificate. + * The Certificate class assumes ownership of the given native + * certificate. + * @param cert The certificate cert. + * @return The new certificate instance. */ - class ICE_API Certificate : public virtual IceSSL::Certificate - { - public: - /** - * Constructs a certificate using a native certificate. - * The Certificate class assumes ownership of the given native - * certificate. - * @param cert The certificate cert. - * @return The new certificate instance. - */ - static CertificatePtr create(SecCertificateRef cert); - - /** - * Loads the certificate from a file. The certificate must use the - * PEM encoding format. - * @param file The certificate file. - * @return The new certificate instance. - * @throws CertificateReadException if the file cannot be read. - */ - static CertificatePtr load(const std::string& file); + static CertificatePtr create(SecCertificateRef cert); - /** - * Decodes a certificate from a string that uses the PEM encoding format. - * @param str A string containing the encoded certificate. - * @return The new certificate instance. - * @throws CertificateEncodingException if an error occurs. - */ - static CertificatePtr decode(const std::string& str); - - /** - * Obtains the native X509 certificate value wrapped by this object. - * @return A reference to the native certificate. - * The returned reference is only valid for the lifetime of this - * object. You can increment the reference count of the returned - * object with CFRetain. - */ - virtual SecCertificateRef getCert() const = 0; - }; + /** + * Loads the certificate from a file. The certificate must use the + * PEM encoding format. + * @param file The certificate file. + * @return The new certificate instance. + * @throws CertificateReadException if the file cannot be read. + */ + static CertificatePtr load(const std::string& file); - } // SecureTransport namespace end + /** + * Decodes a certificate from a string that uses the PEM encoding format. + * @param str A string containing the encoded certificate. + * @return The new certificate instance. + * @throws CertificateEncodingException if an error occurs. + */ + static CertificatePtr decode(const std::string& str); -} // IceSSL namespace end + /** + * Obtains the native X509 certificate value wrapped by this object. + * @return A reference to the native certificate. + * The returned reference is only valid for the lifetime of this + * object. You can increment the reference count of the returned + * object with CFRetain. + */ + virtual SecCertificateRef getCert() const = 0; + }; +} #endif diff --git a/cpp/src/Glacier2/SessionRouterI.cpp b/cpp/src/Glacier2/SessionRouterI.cpp index 616b03c67d3..ccbfa8535b3 100644 --- a/cpp/src/Glacier2/SessionRouterI.cpp +++ b/cpp/src/Glacier2/SessionRouterI.cpp @@ -6,11 +6,10 @@ #include "SessionRouterI.h" #include "FilterManager.h" #include "Glacier2/PermissionsVerifier.h" -#include "RouterI.h" - #include "Ice/UUID.h" - -#include "IceSSL/IceSSL.h" +#include "IceSSL/Certificate.h" +#include "IceSSL/ConnectionInfo.h" +#include "RouterI.h" using namespace std; using namespace Ice; diff --git a/cpp/src/Ice/Communicator.cpp b/cpp/src/Ice/Communicator.cpp index 60f60cd8a71..10765014396 100644 --- a/cpp/src/Ice/Communicator.cpp +++ b/cpp/src/Ice/Communicator.cpp @@ -294,8 +294,7 @@ Ice::Communicator::create(const InitializationData& initData) Ice::CommunicatorPtr communicator = make_shared(); try { - const_cast(communicator->_instance) = Instance::create(initData); - communicator->_instance->initialize(communicator); + const_cast(communicator->_instance) = Instance::create(communicator, initData); } catch (...) { diff --git a/cpp/src/Ice/Instance.cpp b/cpp/src/Ice/Instance.cpp index ca899f49791..aba71a60288 100644 --- a/cpp/src/Ice/Instance.cpp +++ b/cpp/src/Ice/Instance.cpp @@ -3,6 +3,8 @@ // #include "Instance.h" +#include "../IceSSL/SSLEngine.h" +#include "CheckIdentity.h" #include "ConnectionFactory.h" #include "ConsoleUtil.h" #include "DefaultsAndOverrides.h" @@ -16,7 +18,12 @@ #include "Ice/LoggerUtil.h" #include "Ice/ObserverHelper.h" #include "Ice/Properties.h" +#include "Ice/ProxyFunctions.h" #include "Ice/Router.h" +#include "Ice/UUID.h" +#include "IceUtil/DisableWarnings.h" +#include "IceUtil/FileUtil.h" +#include "IceUtil/StringUtil.h" #include "InstrumentationI.h" #include "LocatorInfo.h" #include "LoggerAdminI.h" @@ -37,16 +44,6 @@ #include "ValueFactoryManagerI.h" #include "WSEndpoint.h" -#include "Ice/UUID.h" -#include "IceUtil/DisableWarnings.h" -#include "IceUtil/FileUtil.h" -#include "IceUtil/StringUtil.h" - -#include "CheckIdentity.h" -#include "Ice/ProxyFunctions.h" - -#include "../IceSSL/SSLEngine.h" - #include #include #include @@ -883,9 +880,11 @@ namespace } InstancePtr -IceInternal::Instance::create(const Ice::InitializationData& initData) +IceInternal::Instance::create(const Ice::CommunicatorPtr& communicator, const Ice::InitializationData& initData) { - return shared_ptr(new Instance(initData)); + auto instance = shared_ptr(new Instance(initData)); + instance->initialize(communicator); + return instance; } IceInternal::Instance::Instance(const InitializationData& initData) @@ -1273,13 +1272,12 @@ IceInternal::Instance::initialize(const Ice::CommunicatorPtr& communicator) } #if defined(_WIN32) - _sslEngine = make_shared(communicator); + _sslEngine = make_shared(shared_from_this()); #elif defined(__APPLE__) - _sslEngine = make_shared(communicator); + _sslEngine = make_shared(shared_from_this()); #else - _sslEngine = make_shared(communicator); + _sslEngine = make_shared(shared_from_this()); #endif - _sslEngine->initialize(); } catch (...) diff --git a/cpp/src/Ice/Instance.h b/cpp/src/Ice/Instance.h index 75d7ee0a801..762fb60891b 100644 --- a/cpp/src/Ice/Instance.h +++ b/cpp/src/Ice/Instance.h @@ -5,6 +5,7 @@ #ifndef ICE_INSTANCE_H #define ICE_INSTANCE_H +#include "../IceSSL/SSLEngineF.h" #include "ACM.h" #include "ConnectionFactoryF.h" #include "DefaultsAndOverridesF.h" @@ -25,16 +26,13 @@ #include "NetworkF.h" #include "NetworkProxyF.h" #include "ObjectAdapterFactoryF.h" +#include "Protocol.h" #include "ReferenceFactoryF.h" #include "RetryQueueF.h" #include "RouterInfoF.h" #include "ThreadPoolF.h" #include "TraceLevelsF.h" -#include "Protocol.h" - -#include "../IceSSL/SSLEngineF.h" - #include namespace Ice @@ -74,7 +72,7 @@ namespace IceInternal class Instance : public std::enable_shared_from_this { public: - static InstancePtr create(const Ice::InitializationData&); + static InstancePtr create(const Ice::CommunicatorPtr&, const Ice::InitializationData&); virtual ~Instance(); bool destroyed() const; const Ice::InitializationData& initializationData() const { return _initData; } diff --git a/cpp/src/IceGrid/AdminSessionI.cpp b/cpp/src/IceGrid/AdminSessionI.cpp index 67586d45285..f8b01ff8adc 100644 --- a/cpp/src/IceGrid/AdminSessionI.cpp +++ b/cpp/src/IceGrid/AdminSessionI.cpp @@ -7,10 +7,8 @@ #include "Database.h" #include "Ice/Ice.h" #include "Ice/UUID.h" +#include "IceSSL/Certificate.h" #include "RegistryI.h" - -#include "IceSSL/Plugin.h" - #include "SynchronizationException.h" using namespace std; diff --git a/cpp/src/IceGrid/InternalRegistryI.cpp b/cpp/src/IceGrid/InternalRegistryI.cpp index e2ae8bb8119..702e851a991 100644 --- a/cpp/src/IceGrid/InternalRegistryI.cpp +++ b/cpp/src/IceGrid/InternalRegistryI.cpp @@ -8,7 +8,8 @@ #include "../IceSSL/RFC2253.h" #include "Database.h" #include "FileCache.h" -#include "IceSSL/IceSSL.h" +#include "IceSSL/Certificate.h" +#include "IceSSL/ConnectionInfo.h" #include "InternalRegistryI.h" #include "NodeSessionI.h" #include "ReapThread.h" diff --git a/cpp/src/IceGrid/RegistryI.cpp b/cpp/src/IceGrid/RegistryI.cpp index 1dbe8d6472c..9cf45c20909 100644 --- a/cpp/src/IceGrid/RegistryI.cpp +++ b/cpp/src/IceGrid/RegistryI.cpp @@ -2,30 +2,29 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // +#include "RegistryI.h" #include "../Ice/Network.h" #include "../Ice/ProtocolPluginFacade.h" // Just to get the hostname -#include "Ice/Ice.h" -#include "Ice/UUID.h" -#include "IceUtil/FileUtil.h" - #include "../IceStorm/Service.h" -#include "Glacier2/NullPermissionsVerifier.h" -#include "Glacier2/PermissionsVerifier.h" -#include "IceSSL/IceSSL.h" - #include "AdminCallbackRouter.h" #include "AdminI.h" #include "AdminSessionI.h" #include "Database.h" #include "FileCache.h" #include "FileUserAccountMapperI.h" +#include "Glacier2/NullPermissionsVerifier.h" +#include "Glacier2/PermissionsVerifier.h" +#include "Ice/Ice.h" +#include "Ice/UUID.h" #include "IceLocatorDiscovery.h" +#include "IceSSL/Certificate.h" +#include "IceSSL/ConnectionInfo.h" +#include "IceUtil/FileUtil.h" #include "InternalRegistryI.h" #include "LocatorI.h" #include "LocatorRegistryI.h" #include "QueryI.h" #include "ReapThread.h" -#include "RegistryI.h" #include "SessionI.h" #include "SessionServantManager.h" #include "TraceLevels.h" diff --git a/cpp/src/IceGrid/SessionI.cpp b/cpp/src/IceGrid/SessionI.cpp index beb15264062..708e12b96dc 100644 --- a/cpp/src/IceGrid/SessionI.cpp +++ b/cpp/src/IceGrid/SessionI.cpp @@ -7,11 +7,10 @@ #include "Ice/Ice.h" #include "Ice/UUID.h" #include "IceGrid/Admin.h" +#include "IceSSL/Certificate.h" #include "LocatorI.h" #include "QueryI.h" -#include "IceSSL/Plugin.h" - using namespace std; using namespace IceGrid; diff --git a/cpp/src/IceSSL/CertificateI.cpp b/cpp/src/IceSSL/CertificateI.cpp index 25a1fa2553c..0171f6c2719 100644 --- a/cpp/src/IceSSL/CertificateI.cpp +++ b/cpp/src/IceSSL/CertificateI.cpp @@ -9,7 +9,6 @@ #include "Ice/StringConverter.h" #include "IceUtil/DisableWarnings.h" #include "IceUtil/StringUtil.h" -#include "PluginI.h" #include "RFC2253.h" #include "SSLUtil.h" @@ -213,25 +212,3 @@ CertificateI::toString() const os << "subject: " << string(getSubjectDN()) << "\n"; return os.str(); } - -unsigned int -Certificate::getKeyUsage() const -{ - const CertificateExtendedInfo* impl = dynamic_cast(this); - if (impl) - { - return impl->getKeyUsage(); - } - return 0; -} - -unsigned int -Certificate::getExtendedKeyUsage() const -{ - const CertificateExtendedInfo* impl = dynamic_cast(this); - if (impl) - { - return impl->getExtendedKeyUsage(); - } - return 0; -} diff --git a/cpp/src/IceSSL/CertificateI.h b/cpp/src/IceSSL/CertificateI.h index 03d72a66382..5495a0c3f53 100644 --- a/cpp/src/IceSSL/CertificateI.h +++ b/cpp/src/IceSSL/CertificateI.h @@ -5,7 +5,7 @@ #ifndef ICESSL_CERTIFICATE_I_H #define ICESSL_CERTIFICATE_I_H -#include "IceSSL/Plugin.h" +#include "IceSSL/Certificate.h" #include #include @@ -40,13 +40,8 @@ namespace IceSSL virtual std::string toString() const; protected: - // - // Implementations that support retrieving X509 extensions must - // reimplement this method to lazzy initialize the extensions - // list. - // - // The default implementation just throw FeatureNotSupportedException - // + // Implementations that support retrieving X509 extensions must reimplement this method to lazzy initialize + // the extensions list. The default implementation just throw FeatureNotSupportedException. virtual void loadX509Extensions() const; mutable std::vector _extensions; }; diff --git a/cpp/src/IceSSL/OpenSSLCertificateI.cpp b/cpp/src/IceSSL/OpenSSLCertificateI.cpp index fc6e4859ab1..0612749697a 100644 --- a/cpp/src/IceSSL/OpenSSLCertificateI.cpp +++ b/cpp/src/IceSSL/OpenSSLCertificateI.cpp @@ -210,9 +210,7 @@ namespace x509_st* _cert; }; - class OpenSSLCertificateI : public IceSSL::OpenSSL::Certificate, - public CertificateI, - public IceSSL::CertificateExtendedInfo + class OpenSSLCertificateI : public IceSSL::OpenSSL::Certificate, public CertificateI { public: OpenSSLCertificateI(x509_st*); @@ -614,3 +612,15 @@ IceSSL::OpenSSL::Certificate::decode(const std::string& encoding) } return make_shared(x); } + +IceSSL::CertificatePtr +IceSSL::Certificate::load(const std::string& file) +{ + return IceSSL::OpenSSL::Certificate::load(file); +} + +IceSSL::CertificatePtr +IceSSL::Certificate::decode(const std::string& encoding) +{ + return IceSSL::OpenSSL::Certificate::decode(encoding); +} diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 3b3eec8bad9..738cc3cb77d 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -3,20 +3,18 @@ // #include "OpenSSLEngine.h" -#include "OpenSSLEngineF.h" -#include "OpenSSLTransceiverI.h" -#include "SSLUtil.h" -#include "TrustManager.h" - #include "Ice/Communicator.h" #include "Ice/Config.h" #include "Ice/LocalException.h" #include "Ice/Logger.h" #include "Ice/LoggerUtil.h" #include "Ice/Properties.h" - #include "IceUtil/FileUtil.h" #include "IceUtil/StringUtil.h" +#include "OpenSSLEngineF.h" +#include "OpenSSLTransceiverI.h" +#include "SSLUtil.h" +#include "TrustManager.h" #include @@ -75,7 +73,7 @@ namespace } } -OpenSSL::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) : IceSSL::SSLEngine(communicator), _ctx(0) {} +OpenSSL::SSLEngine::SSLEngine(const IceInternal::InstancePtr& instance) : IceSSL::SSLEngine(instance), _ctx(0) {} OpenSSL::SSLEngine::~SSLEngine() {} @@ -93,7 +91,7 @@ OpenSSL::SSLEngine::initialize() IceSSL::SSLEngine::initialize(); const string propPrefix = "IceSSL."; - PropertiesPtr properties = communicator()->getProperties(); + PropertiesPtr properties = getProperties(); // Create an SSL context if the application hasn't supplied one. if (!_ctx) diff --git a/cpp/src/IceSSL/OpenSSLEngine.h b/cpp/src/IceSSL/OpenSSLEngine.h index a9c62862e9c..b6e0b96d113 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.h +++ b/cpp/src/IceSSL/OpenSSLEngine.h @@ -5,39 +5,35 @@ #ifndef ICESSL_OPENSSL_ENGINE_H #define ICESSL_OPENSSL_ENGINE_H +#include "../Ice/InstanceF.h" +#include "Ice/BuiltinSequences.h" #include "OpenSSLUtil.h" #include "SSLEngine.h" #include "SSLInstanceF.h" -#include "Ice/BuiltinSequences.h" - -namespace IceSSL +namespace IceSSL::OpenSSL { - namespace OpenSSL + class SSLEngine final : public IceSSL::SSLEngine { - class SSLEngine final : public IceSSL::SSLEngine - { - public: - SSLEngine(const Ice::CommunicatorPtr&); - ~SSLEngine(); - - void initialize() final; - void destroy() final; - IceInternal::TransceiverPtr - createTransceiver(const IceSSL::InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) - final; - SSL_CTX* context() const; - void context(SSL_CTX*); - std::string sslErrors() const; - std::string password() const { return _password; } - - private: - SSL_CTX* _ctx; - std::string _password; - }; - - } // OpenSSL namespace end - -} // IceSSL namespace endif + public: + SSLEngine(const IceInternal::InstancePtr&); + ~SSLEngine(); + + void initialize() final; + void destroy() final; + IceInternal::TransceiverPtr + createTransceiver(const IceSSL::InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) + final; + SSL_CTX* context() const; + void context(SSL_CTX*); + std::string sslErrors() const; + std::string password() const { return _password; } + + private: + SSL_CTX* _ctx; + std::string _password; + }; + +} #endif diff --git a/cpp/src/IceSSL/OpenSSLEngineF.h b/cpp/src/IceSSL/OpenSSLEngineF.h index 029000660d3..269e861550d 100644 --- a/cpp/src/IceSSL/OpenSSLEngineF.h +++ b/cpp/src/IceSSL/OpenSSLEngineF.h @@ -7,15 +7,9 @@ #include -namespace IceSSL +namespace IceSSL::OpenSSL { - namespace OpenSSL - { - class SSLEngine; - using SSLEnginePtr = std::shared_ptr; - - } // OpenSSL namespace end - -} // IceSSL namespace end - + class SSLEngine; + using SSLEnginePtr = std::shared_ptr; +} #endif diff --git a/cpp/src/IceSSL/OpenSSLPluginI.cpp b/cpp/src/IceSSL/OpenSSLPluginI.cpp deleted file mode 100644 index 8b8be5aa3b5..00000000000 --- a/cpp/src/IceSSL/OpenSSLPluginI.cpp +++ /dev/null @@ -1,27 +0,0 @@ -// -// Copyright (c) ZeroC, Inc. All rights reserved. -// - -#include "Ice/Initialize.h" -#include "IceSSL/OpenSSL.h" -#include "OpenSSLEngine.h" -#include "PluginI.h" - -using namespace std; - -// -// The following functions are defined only when OpenSSL is the default -// implementation. In Windows the default implementation is always -// SChannel. -// -IceSSL::CertificatePtr -IceSSL::Certificate::load(const std::string& file) -{ - return IceSSL::OpenSSL::Certificate::load(file); -} - -IceSSL::CertificatePtr -IceSSL::Certificate::decode(const std::string& encoding) -{ - return IceSSL::OpenSSL::Certificate::decode(encoding); -} diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp index fe48cb28f5e..52bb6724443 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp @@ -3,21 +3,19 @@ // #include "OpenSSLTransceiverI.h" -#include "OpenSSLEngine.h" - +#include "../Ice/Network.h" +#include "Ice/Buffer.h" +#include "Ice/Communicator.h" +#include "Ice/LocalException.h" +#include "Ice/LoggerUtil.h" #include "IceSSL/ConnectionInfo.h" #include "IceSSL/OpenSSL.h" +#include "OpenSSLEngine.h" #include "PluginI.h" #include "SSLEngine.h" #include "SSLInstance.h" #include "SSLUtil.h" -#include "../Ice/Network.h" -#include "Ice/Buffer.h" -#include "Ice/Communicator.h" -#include "Ice/LocalException.h" -#include "Ice/LoggerUtil.h" - #include #include #include @@ -876,7 +874,7 @@ OpenSSL::TransceiverI::toDetailedString() const Ice::ConnectionInfoPtr OpenSSL::TransceiverI::getInfo() const { - ExtendedConnectionInfoPtr info = std::make_shared(); + auto info = std::make_shared(); info->underlying = _delegate->getInfo(); info->incoming = _incoming; info->adapterName = _adapterName; diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.h b/cpp/src/IceSSL/OpenSSLTransceiverI.h index 5be0be62788..e990460537f 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.h +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.h @@ -20,67 +20,62 @@ typedef struct ssl_st SSL; typedef struct bio_st BIO; -namespace IceSSL +namespace IceSSL::OpenSSL { - namespace OpenSSL + class TransceiverI final : public IceInternal::Transceiver { - class TransceiverI final : public IceInternal::Transceiver - { - public: - TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); - ~TransceiverI(); - IceInternal::NativeInfoPtr getNativeInfo() final; + public: + TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); + ~TransceiverI(); + IceInternal::NativeInfoPtr getNativeInfo() final; - IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; - IceInternal::SocketOperation closing(bool, std::exception_ptr) final; - void close() final; - IceInternal::SocketOperation write(IceInternal::Buffer&) final; - IceInternal::SocketOperation read(IceInternal::Buffer&) final; + IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; + IceInternal::SocketOperation closing(bool, std::exception_ptr) final; + void close() final; + IceInternal::SocketOperation write(IceInternal::Buffer&) final; + IceInternal::SocketOperation read(IceInternal::Buffer&) final; #ifdef ICE_USE_IOCP - bool startWrite(IceInternal::Buffer&) final; - void finishWrite(IceInternal::Buffer&) final; - void startRead(IceInternal::Buffer&) final; - void finishRead(IceInternal::Buffer&) final; + bool startWrite(IceInternal::Buffer&) final; + void finishWrite(IceInternal::Buffer&) final; + void startRead(IceInternal::Buffer&) final; + void finishRead(IceInternal::Buffer&) final; #endif - std::string protocol() const final; - std::string toString() const final; - std::string toDetailedString() const final; - Ice::ConnectionInfoPtr getInfo() const final; - void checkSendSize(const IceInternal::Buffer&) final; - void setBufferSize(int rcvSize, int sndSize) final; + std::string protocol() const final; + std::string toString() const final; + std::string toDetailedString() const final; + Ice::ConnectionInfoPtr getInfo() const final; + void checkSendSize(const IceInternal::Buffer&) final; + void setBufferSize(int rcvSize, int sndSize) final; - int verifyCallback(int, X509_STORE_CTX*); + int verifyCallback(int, X509_STORE_CTX*); - private: - bool receive(); - bool send(); + private: + bool receive(); + bool send(); - friend class IceSSL::OpenSSL::SSLEngine; + friend class IceSSL::OpenSSL::SSLEngine; - const InstancePtr _instance; - const IceSSL::OpenSSL::SSLEnginePtr _engine; - const std::string _host; - const std::string _adapterName; - const bool _incoming; - const IceInternal::TransceiverPtr _delegate; - bool _connected; - std::string _cipher; - std::vector _certs; - bool _verified; - TrustError _trustError; + const InstancePtr _instance; + const IceSSL::OpenSSL::SSLEnginePtr _engine; + const std::string _host; + const std::string _adapterName; + const bool _incoming; + const IceInternal::TransceiverPtr _delegate; + bool _connected; + std::string _cipher; + std::vector _certs; + bool _verified; + TrustError _trustError; - SSL* _ssl; - BIO* _memBio; - IceInternal::Buffer _writeBuffer; - IceInternal::Buffer _readBuffer; - int _sentBytes; - size_t _maxSendPacketSize; - size_t _maxRecvPacketSize; - }; - using TransceiverIPtr = std::shared_ptr; - - } // OpenSSL namespace end - -} // IceSSL namespace end + SSL* _ssl; + BIO* _memBio; + IceInternal::Buffer _writeBuffer; + IceInternal::Buffer _readBuffer; + int _sentBytes; + size_t _maxSendPacketSize; + size_t _maxRecvPacketSize; + }; + using TransceiverIPtr = std::shared_ptr; +} #endif diff --git a/cpp/src/IceSSL/OpenSSLUtil.h b/cpp/src/IceSSL/OpenSSLUtil.h index 282a44e68fb..a334f405199 100644 --- a/cpp/src/IceSSL/OpenSSLUtil.h +++ b/cpp/src/IceSSL/OpenSSLUtil.h @@ -12,43 +12,38 @@ #include #include -namespace IceSSL +namespace IceSSL::OpenSSL { - namespace OpenSSL - { #ifndef OPENSSL_NO_DH - class DHParams - { - public: - DHParams(); - ~DHParams(); - - bool add(int, const std::string&); - DH* get(int); - - private: - typedef std::pair KeyParamPair; - typedef std::list ParamList; - ParamList _params; - std::mutex _mutex; - - DH* _dh512; - DH* _dh1024; - DH* _dh2048; - DH* _dh4096; - }; - using DHParamsPtr = std::shared_ptr; + class DHParams + { + public: + DHParams(); + ~DHParams(); + + bool add(int, const std::string&); + DH* get(int); + + private: + typedef std::pair KeyParamPair; + typedef std::list ParamList; + ParamList _params; + std::mutex _mutex; + + DH* _dh512; + DH* _dh1024; + DH* _dh2048; + DH* _dh4096; + }; + using DHParamsPtr = std::shared_ptr; #endif - // - // Accumulate the OpenSSL error stack into a string. - // - std::string getSslErrors(bool); - - } // OpenSSL namespace end - -} // IceSSL namespace end + // + // Accumulate the OpenSSL error stack into a string. + // + std::string getSslErrors(bool); +} #endif diff --git a/cpp/src/IceSSL/PluginI.cpp b/cpp/src/IceSSL/PluginI.cpp index 738e5bf4769..89742ba8388 100644 --- a/cpp/src/IceSSL/PluginI.cpp +++ b/cpp/src/IceSSL/PluginI.cpp @@ -2,31 +2,19 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "PluginI.h" -#include "SSLEndpointI.h" -#include "SSLEngine.h" -#include "SSLInstance.h" - #include "../Ice/ProtocolInstance.h" #include "../Ice/ProtocolPluginFacade.h" #include "Ice/LocalException.h" #include "Ice/RegisterPlugins.h" +#include "IceSSL/Certificate.h" +#include "SSLEndpointI.h" +#include "SSLEngine.h" +#include "SSLInstance.h" using namespace std; using namespace Ice; using namespace IceSSL; -IceSSL::TrustError -IceSSL::getTrustError(const IceSSL::ConnectionInfoPtr& info) -{ - auto extendedInfo = dynamic_pointer_cast(info); - if (extendedInfo) - { - return extendedInfo->errorCode; - } - return info->verified ? IceSSL::TrustError::NoError : IceSSL::TrustError::UnknownTrustFailure; -} - std::string IceSSL::getTrustErrorDescription(TrustError error) { @@ -122,10 +110,3 @@ IceSSL::getTrustErrorDescription(TrustError error) assert(false); return "unknown failure"; } - -std::string -IceSSL::getHost(const IceSSL::ConnectionInfoPtr& info) -{ - auto extendedInfo = dynamic_pointer_cast(info); - return extendedInfo ? extendedInfo->host : ""; -} diff --git a/cpp/src/IceSSL/PluginI.h b/cpp/src/IceSSL/PluginI.h deleted file mode 100644 index 06484dcdaba..00000000000 --- a/cpp/src/IceSSL/PluginI.h +++ /dev/null @@ -1,34 +0,0 @@ -// -// Copyright (c) ZeroC, Inc. All rights reserved. -// - -#ifndef ICESSL_PLUGIN_I_H -#define ICESSL_PLUGIN_I_H - -#include "Ice/CommunicatorF.h" -#include "IceSSL/ConnectionInfo.h" -#include "IceSSL/Plugin.h" -#include "SSLEngineF.h" - -namespace IceSSL -{ - class ExtendedConnectionInfo : public ConnectionInfo - { - public: - TrustError errorCode; - std::string host; - }; - using ExtendedConnectionInfoPtr = std::shared_ptr; - - // TODO: This class provides new certificate virtual methods that cannot be added directly to the certificate class - // without breaking binary compatibility. The class can be removed once the relevant methods can be marked as - // virtual in the certificate class in the next major release (3.8.x). - class ICE_API CertificateExtendedInfo - { - public: - virtual unsigned int getKeyUsage() const = 0; - virtual unsigned int getExtendedKeyUsage() const = 0; - }; -} - -#endif diff --git a/cpp/src/IceSSL/RFC2253.cpp b/cpp/src/IceSSL/RFC2253.cpp index bfd234117c8..8f017821761 100644 --- a/cpp/src/IceSSL/RFC2253.cpp +++ b/cpp/src/IceSSL/RFC2253.cpp @@ -2,11 +2,11 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // +#include "RFC2253.h" +#include "IceSSL/Certificate.h" #include "IceUtil/StringUtil.h" -#include "Ice/Object.h" -#include "IceSSL/Plugin.h" -#include "RFC2253.h" +#include using namespace std; using namespace IceSSL; diff --git a/cpp/src/IceSSL/RFC2253.h b/cpp/src/IceSSL/RFC2253.h index f2e8458eba2..8aad4a40b70 100644 --- a/cpp/src/IceSSL/RFC2253.h +++ b/cpp/src/IceSSL/RFC2253.h @@ -22,41 +22,38 @@ // results in the pair ("O","Sue\, Grabit and Runn") and not // ("O","Sue, Grabit and Runn"). // -namespace IceSSL +namespace IceSSL::RFC2253 { - namespace RFC2253 + typedef std::list> RDNSeq; + + struct ICE_API RDNEntry { - typedef std::list> RDNSeq; - - struct ICE_API RDNEntry - { - RDNSeq rdn; - bool negate; - }; - typedef std::list RDNEntrySeq; - - // - // This function separates DNs with the ';' character. A list of RDN - // pairs may optionally be prefixed with '!' to indicate a negation. - // The function returns a list of RDNEntry structures. Any failure in - // parsing results in a ParseException being thrown. - // - ICE_API RDNEntrySeq parse(const std::string&); - - // - // RDNs are separated with ',' and ';'. - // - // This function returns a list of RDN pairs. Any failure in parsing - // results in a ParseException being thrown. - // - ICE_API RDNSeq parseStrict(const std::string&); - - // - // Unescape the string. - // - ICE_API std::string unescape(const std::string&); - - } + RDNSeq rdn; + bool negate; + }; + typedef std::list RDNEntrySeq; + + // + // This function separates DNs with the ';' character. A list of RDN + // pairs may optionally be prefixed with '!' to indicate a negation. + // The function returns a list of RDNEntry structures. Any failure in + // parsing results in a ParseException being thrown. + // + ICE_API RDNEntrySeq parse(const std::string&); + + // + // RDNs are separated with ',' and ';'. + // + // This function returns a list of RDN pairs. Any failure in parsing + // results in a ParseException being thrown. + // + ICE_API RDNSeq parseStrict(const std::string&); + + // + // Unescape the string. + // + ICE_API std::string unescape(const std::string&); + } #endif diff --git a/cpp/src/IceSSL/SChannelCertificateI.cpp b/cpp/src/IceSSL/SChannelCertificateI.cpp index 60a702d89fc..b183cbe6dab 100644 --- a/cpp/src/IceSSL/SChannelCertificateI.cpp +++ b/cpp/src/IceSSL/SChannelCertificateI.cpp @@ -5,8 +5,8 @@ #include "../Ice/StringUtil.h" #include "CertificateI.h" #include "Ice/StringConverter.h" +#include "IceSSL/Certificate.h" #include "IceSSL/SChannel.h" -#include "PluginI.h" #include "SSLUtil.h" #include @@ -48,9 +48,7 @@ namespace CertInfoHolderPtr _certInfo; // Keep a reference on the CERT_INFO struct that holds the extension }; - class SChannelCertificateI : public SChannel::Certificate, - public CertificateI, - public IceSSL::CertificateExtendedInfo + class SChannelCertificateI : public SChannel::Certificate, public CertificateI { public: SChannelCertificateI(CERT_SIGNED_CONTENT_INFO*); @@ -721,3 +719,15 @@ SChannel::Certificate::decode(const std::string& encoding) loadCertificate(&cert, encoding.c_str(), static_cast(encoding.size())); return make_shared(cert); } + +IceSSL::CertificatePtr +IceSSL::Certificate::load(const std::string& file) +{ + return IceSSL::SChannel::Certificate::load(file); +} + +IceSSL::CertificatePtr +IceSSL::Certificate::decode(const std::string& encoding) +{ + return IceSSL::SChannel::Certificate::decode(encoding); +} diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp index fa7a602ef21..9e3eef530b7 100644 --- a/cpp/src/IceSSL/SChannelEngine.cpp +++ b/cpp/src/IceSSL/SChannelEngine.cpp @@ -3,18 +3,16 @@ // #include "SChannelEngine.h" -#include "IceSSL/Plugin.h" -#include "SChannelTransceiverI.h" -#include "SSLUtil.h" - #include "Ice/Communicator.h" #include "Ice/LocalException.h" #include "Ice/Logger.h" #include "Ice/StringConverter.h" - #include "Ice/UUID.h" +#include "IceSSL/Plugin.h" #include "IceUtil/FileUtil.h" #include "IceUtil/StringUtil.h" +#include "SChannelTransceiverI.h" +#include "SSLUtil.h" #include @@ -540,8 +538,8 @@ namespace } } -SChannel::SSLEngine::SSLEngine(const CommunicatorPtr& communicator) - : IceSSL::SSLEngine(communicator), +SChannel::SSLEngine::SSLEngine(const IceInternal::InstancePtr& instance) + : IceSSL::SSLEngine(instance), _rootStore(0), _chainEngine(0), _strongCrypto(false) @@ -571,7 +569,7 @@ SChannel::SSLEngine::initialize() IceSSL::SSLEngine::initialize(); const string prefix = "IceSSL."; - const PropertiesPtr properties = communicator()->getProperties(); + const PropertiesPtr properties = getProperties(); const_cast(_strongCrypto) = properties->getPropertyAsIntWithDefault(prefix + "SchannelStrongCrypto", 0) > 0; diff --git a/cpp/src/IceSSL/SChannelEngine.h b/cpp/src/IceSSL/SChannelEngine.h index 931a69cf7b4..8340fb7328b 100644 --- a/cpp/src/IceSSL/SChannelEngine.h +++ b/cpp/src/IceSSL/SChannelEngine.h @@ -7,6 +7,7 @@ #ifdef _WIN32 +# include "../Ice/InstanceF.h" # include "SChannelEngineF.h" # include "SSLEngine.h" @@ -26,50 +27,46 @@ # include # undef SECURITY_WIN32 -namespace IceSSL +namespace IceSSL::SChannel { - namespace SChannel + class SSLEngine final : public IceSSL::SSLEngine { - class SSLEngine final : public IceSSL::SSLEngine - { - public: - SSLEngine(const Ice::CommunicatorPtr&); + public: + SSLEngine(const IceInternal::InstancePtr&); - // - // Setup the engine. - // - void initialize() final; + // + // Setup the engine. + // + void initialize() final; - IceInternal::TransceiverPtr - createTransceiver(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) final; + IceInternal::TransceiverPtr + createTransceiver(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) final; - // - // Destroy the engine. - // - void destroy() final; + // + // Destroy the engine. + // + void destroy() final; - std::string getCipherName(ALG_ID) const; + std::string getCipherName(ALG_ID) const; - CredHandle newCredentialsHandle(bool); + CredHandle newCredentialsHandle(bool); - HCERTCHAINENGINE chainEngine() const; + HCERTCHAINENGINE chainEngine() const; - private: - void parseCiphers(const std::string&); + private: + void parseCiphers(const std::string&); - std::vector _allCerts; - std::vector _importedCerts; + std::vector _allCerts; + std::vector _importedCerts; - std::vector _stores; - HCERTSTORE _rootStore; + std::vector _stores; + HCERTSTORE _rootStore; - HCERTCHAINENGINE _chainEngine; - std::vector _ciphers; + HCERTCHAINENGINE _chainEngine; + std::vector _ciphers; - const bool _strongCrypto; - }; - - } + const bool _strongCrypto; + }; } #endif diff --git a/cpp/src/IceSSL/SChannelEngineF.h b/cpp/src/IceSSL/SChannelEngineF.h index 15e405a7d1b..713a414f029 100644 --- a/cpp/src/IceSSL/SChannelEngineF.h +++ b/cpp/src/IceSSL/SChannelEngineF.h @@ -11,14 +11,10 @@ # include -namespace IceSSL +namespace IceSSL::SChannel { - namespace SChannel - { - class SSLEngine; - using SSLEnginePtr = std::shared_ptr; - - } + class SSLEngine; + using SSLEnginePtr = std::shared_ptr; } #endif diff --git a/cpp/src/IceSSL/SChannelPluginI.cpp b/cpp/src/IceSSL/SChannelPluginI.cpp deleted file mode 100644 index a022cf19e99..00000000000 --- a/cpp/src/IceSSL/SChannelPluginI.cpp +++ /dev/null @@ -1,22 +0,0 @@ -// -// Copyright (c) ZeroC, Inc. All rights reserved. -// - -#include "PluginI.h" -#include "SChannelEngine.h" - -#include "Ice/Initialize.h" - -using namespace std; - -IceSSL::CertificatePtr -IceSSL::Certificate::load(const std::string& file) -{ - return IceSSL::SChannel::Certificate::load(file); -} - -IceSSL::CertificatePtr -IceSSL::Certificate::decode(const std::string& encoding) -{ - return IceSSL::SChannel::Certificate::decode(encoding); -} diff --git a/cpp/src/IceSSL/SChannelTransceiverI.h b/cpp/src/IceSSL/SChannelTransceiverI.h index 89c6fe2da60..36694c3b5ce 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.h +++ b/cpp/src/IceSSL/SChannelTransceiverI.h @@ -31,95 +31,90 @@ # include # undef SECURITY_WIN32 -namespace IceSSL +namespace IceSSL::SChannel { - namespace SChannel + class TransceiverI final : public IceInternal::Transceiver { - class TransceiverI final : public IceInternal::Transceiver - { - public: - TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); - ~TransceiverI(); - IceInternal::NativeInfoPtr getNativeInfo() final; - - IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; - IceInternal::SocketOperation closing(bool, std::exception_ptr) final; - void close(); - IceInternal::SocketOperation write(IceInternal::Buffer&) final; - IceInternal::SocketOperation read(IceInternal::Buffer&) final; + public: + TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); + ~TransceiverI(); + IceInternal::NativeInfoPtr getNativeInfo() final; + + IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; + IceInternal::SocketOperation closing(bool, std::exception_ptr) final; + void close(); + IceInternal::SocketOperation write(IceInternal::Buffer&) final; + IceInternal::SocketOperation read(IceInternal::Buffer&) final; # ifdef ICE_USE_IOCP - bool startWrite(IceInternal::Buffer&) final; - void finishWrite(IceInternal::Buffer&) final; - void startRead(IceInternal::Buffer&) final; - void finishRead(IceInternal::Buffer&) final; + bool startWrite(IceInternal::Buffer&) final; + void finishWrite(IceInternal::Buffer&) final; + void startRead(IceInternal::Buffer&) final; + void finishRead(IceInternal::Buffer&) final; # endif - std::string protocol() const final; - std::string toString() const final; - std::string toDetailedString() const final; - Ice::ConnectionInfoPtr getInfo() const final; - void checkSendSize(const IceInternal::Buffer&) final; - void setBufferSize(int rcvSize, int sndSize) final; - - private: - IceInternal::SocketOperation sslHandshake(); - - size_t decryptMessage(IceInternal::Buffer&); - size_t encryptMessage(IceInternal::Buffer&); - - bool writeRaw(IceInternal::Buffer&); - bool readRaw(IceInternal::Buffer&); - - enum State - { - StateNotInitialized, - StateHandshakeNotStarted, - StateHandshakeReadContinue, - StateHandshakeWriteContinue, - StateHandshakeWriteNoContinue, - StateHandshakeComplete - }; - - const InstancePtr _instance; - const IceSSL::SChannel::SSLEnginePtr _engine; - const std::string _host; - const std::string _adapterName; - const bool _incoming; - const IceInternal::TransceiverPtr _delegate; - State _state; - DWORD _ctxFlags; - - // - // Buffered encrypted data that has not been written. - // - IceInternal::Buffer _writeBuffer; - size_t _bufferedW; - - // - // Buffered data that has not been decrypted. - // - IceInternal::Buffer _readBuffer; - - // - // Buffered data that was decrypted but not yet processed. - // - IceInternal::Buffer _readUnprocessed; - - CtxtHandle _ssl; - bool _sslInitialized; - CredHandle _credentials; - bool _credentialsInitialized; - SecPkgContext_StreamSizes _sizes; - std::string _cipher; - std::vector _certs; - bool _verified; - TrustError _trustError; - }; - using TransceiverIPtr = std::shared_ptr; + std::string protocol() const final; + std::string toString() const final; + std::string toDetailedString() const final; + Ice::ConnectionInfoPtr getInfo() const final; + void checkSendSize(const IceInternal::Buffer&) final; + void setBufferSize(int rcvSize, int sndSize) final; + + private: + IceInternal::SocketOperation sslHandshake(); - } // SChannel namespace end + size_t decryptMessage(IceInternal::Buffer&); + size_t encryptMessage(IceInternal::Buffer&); -} // IceSSL namespace end + bool writeRaw(IceInternal::Buffer&); + bool readRaw(IceInternal::Buffer&); + + enum State + { + StateNotInitialized, + StateHandshakeNotStarted, + StateHandshakeReadContinue, + StateHandshakeWriteContinue, + StateHandshakeWriteNoContinue, + StateHandshakeComplete + }; + const InstancePtr _instance; + const IceSSL::SChannel::SSLEnginePtr _engine; + const std::string _host; + const std::string _adapterName; + const bool _incoming; + const IceInternal::TransceiverPtr _delegate; + State _state; + DWORD _ctxFlags; + + // + // Buffered encrypted data that has not been written. + // + IceInternal::Buffer _writeBuffer; + size_t _bufferedW; + + // + // Buffered data that has not been decrypted. + // + IceInternal::Buffer _readBuffer; + + // + // Buffered data that was decrypted but not yet processed. + // + IceInternal::Buffer _readUnprocessed; + + CtxtHandle _ssl; + bool _sslInitialized; + CredHandle _credentials; + bool _credentialsInitialized; + SecPkgContext_StreamSizes _sizes; + std::string _cipher; + std::vector _certs; + bool _verified; + TrustError _trustError; + }; + using TransceiverIPtr = std::shared_ptr; + +} #endif #endif diff --git a/cpp/src/IceSSL/SSLEngine.cpp b/cpp/src/IceSSL/SSLEngine.cpp index 5aeb5af4e8c..99436d16e5d 100644 --- a/cpp/src/IceSSL/SSLEngine.cpp +++ b/cpp/src/IceSSL/SSLEngine.cpp @@ -3,16 +3,15 @@ // #include "SSLEngine.h" -#include "IceSSL/ConnectionInfo.h" -#include "TrustManager.h" - -#include "IceUtil/StringUtil.h" - +#include "../Ice/Instance.h" #include "Ice/Communicator.h" #include "Ice/LocalException.h" #include "Ice/Logger.h" #include "Ice/LoggerUtil.h" #include "Ice/Properties.h" +#include "IceSSL/ConnectionInfo.h" +#include "IceUtil/StringUtil.h" +#include "TrustManager.h" #include @@ -21,16 +20,26 @@ using namespace Ice; using namespace IceUtil; using namespace IceSSL; -IceSSL::SSLEngine::SSLEngine(const Ice::CommunicatorPtr& communicator) - : _initialized(false), - _communicator(communicator), - _logger(communicator->getLogger()), - _trustManager(make_shared(communicator)), +IceSSL::SSLEngine::SSLEngine(const IceInternal::InstancePtr& instance) + : _instance(instance), + _trustManager(make_shared(instance)), _revocationCheckCacheOnly(false), _revocationCheck(0) { } +Ice::LoggerPtr +IceSSL::SSLEngine::getLogger() const +{ + return _instance->initializationData().logger; +} + +Ice::PropertiesPtr +IceSSL::SSLEngine::getProperties() const +{ + return _instance->initializationData().properties; +} + bool IceSSL::SSLEngine::initialized() const { @@ -42,7 +51,7 @@ void IceSSL::SSLEngine::initialize() { const string propPrefix = "IceSSL."; - const PropertiesPtr properties = communicator()->getProperties(); + const PropertiesPtr properties = getProperties(); // CheckCertName determines whether we compare the name in a peer's certificate against its hostname. _checkCertName = properties->getPropertyAsIntWithDefault(propPrefix + "CheckCertName", 0) > 0; @@ -138,7 +147,7 @@ IceSSL::SSLEngine::verifyPeerCertName(const string& address, const ConnectionInf string msg = ostr.str(); if (_securityTraceLevel >= 1) { - Trace out(_logger, _securityTraceCategory); + Trace out(getLogger(), _securityTraceCategory); out << msg; } throw SecurityException(__FILE__, __LINE__, msg); @@ -154,7 +163,7 @@ IceSSL::SSLEngine::verifyPeer(const string& /*address*/, const ConnectionInfoPtr string msg = string(info->incoming ? "incoming" : "outgoing") + " connection rejected by trust manager"; if (_securityTraceLevel >= 1) { - _logger->trace(_securityTraceCategory, msg + "\n" + desc); + getLogger()->trace(_securityTraceCategory, msg + "\n" + desc); } throw SecurityException(__FILE__, __LINE__, msg); } diff --git a/cpp/src/IceSSL/SSLEngine.h b/cpp/src/IceSSL/SSLEngine.h index 9e07f96d7af..3944a17cf7e 100644 --- a/cpp/src/IceSSL/SSLEngine.h +++ b/cpp/src/IceSSL/SSLEngine.h @@ -5,12 +5,13 @@ #ifndef ICESSL_ENGINE_H #define ICESSL_ENGINE_H -#include "IceSSL/Plugin.h" +#include "IceSSL/Certificate.h" #include "SSLEngineF.h" #include "SSLInstanceF.h" #include "SSLUtil.h" #include "TrustManagerF.h" +#include "../Ice/InstanceF.h" #include "../Ice/Network.h" #include "../Ice/TransceiverF.h" #include "Ice/CommunicatorF.h" @@ -22,10 +23,12 @@ namespace IceSSL class ICE_API SSLEngine { public: - SSLEngine(const Ice::CommunicatorPtr&); + SSLEngine(const IceInternal::InstancePtr&); - Ice::CommunicatorPtr communicator() const { return _communicator; } - Ice::LoggerPtr getLogger() const { return _logger; }; + Ice::LoggerPtr getLogger() const; + Ice::PropertiesPtr getProperties() const; + + IceInternal::InstancePtr instance() const { return _instance; } // Setup the engine. virtual void initialize() = 0; @@ -56,8 +59,7 @@ namespace IceSSL mutable std::mutex _mutex; private: - const Ice::CommunicatorPtr _communicator; - const Ice::LoggerPtr _logger; + const IceInternal::InstancePtr _instance; const TrustManagerPtr _trustManager; std::string _password; diff --git a/cpp/src/IceSSL/SSLInstance.cpp b/cpp/src/IceSSL/SSLInstance.cpp index e09bccdab42..97c58d0001d 100644 --- a/cpp/src/IceSSL/SSLInstance.cpp +++ b/cpp/src/IceSSL/SSLInstance.cpp @@ -10,7 +10,7 @@ using namespace Ice; using namespace IceSSL; IceSSL::Instance::Instance(const SSLEnginePtr& engine, int16_t type, const string& protocol) - : ProtocolInstance(engine->communicator(), type, protocol, true), + : ProtocolInstance(engine->instance(), type, protocol, true), _engine(engine) { } diff --git a/cpp/src/IceSSL/SSLUtil.cpp b/cpp/src/IceSSL/SSLUtil.cpp index bb9a44a50df..51467aa0da4 100644 --- a/cpp/src/IceSSL/SSLUtil.cpp +++ b/cpp/src/IceSSL/SSLUtil.cpp @@ -7,16 +7,15 @@ # include #endif -#include "IceUtil/FileUtil.h" -#include "IceUtil/StringUtil.h" -#include "SSLUtil.h" - #include "../Ice/Base64.h" #include "../Ice/Network.h" #include "Ice/LocalException.h" -#include "Ice/Object.h" #include "Ice/StringConverter.h" #include "Ice/UniqueRef.h" +#include "IceSSL/Certificate.h" +#include "IceUtil/FileUtil.h" +#include "IceUtil/StringUtil.h" +#include "SSLUtil.h" #include diff --git a/cpp/src/IceSSL/SSLUtil.h b/cpp/src/IceSSL/SSLUtil.h index 6f2fc9508be..664bdbf0ef5 100644 --- a/cpp/src/IceSSL/SSLUtil.h +++ b/cpp/src/IceSSL/SSLUtil.h @@ -5,8 +5,6 @@ #ifndef ICESSL_UTIL_H #define ICESSL_UTIL_H -#include "IceSSL/Plugin.h" - #include #include #include diff --git a/cpp/src/IceSSL/SecureTransportCertificateI.cpp b/cpp/src/IceSSL/SecureTransportCertificateI.cpp index 61edcc88770..aaeed897870 100644 --- a/cpp/src/IceSSL/SecureTransportCertificateI.cpp +++ b/cpp/src/IceSSL/SecureTransportCertificateI.cpp @@ -8,16 +8,14 @@ // #include "IceUtil/DisableWarnings.h" +#include "../Ice/Base64.h" #include "CertificateI.h" +#include "Ice/LocalException.h" +#include "Ice/UniqueRef.h" #include "IceSSL/SecureTransport.h" -#include "PluginI.h" #include "RFC2253.h" #include "SecureTransportUtil.h" -#include "../Ice/Base64.h" -#include "Ice/LocalException.h" -#include "Ice/UniqueRef.h" - #include #include @@ -240,9 +238,7 @@ namespace #endif - class SecureTransportCertificateI final : public IceSSL::SecureTransport::Certificate, - public IceSSL::CertificateI, - public IceSSL::CertificateExtendedInfo + class SecureTransportCertificateI final : public IceSSL::SecureTransport::Certificate, public IceSSL::CertificateI { public: SecureTransportCertificateI(SecCertificateRef); @@ -952,3 +948,15 @@ IceSSL::SecureTransport::Certificate::decode(const std::string& encoding) return make_shared(reinterpret_cast(item.release())); #endif } + +IceSSL::CertificatePtr +IceSSL::Certificate::load(const std::string& file) +{ + return IceSSL::SecureTransport::Certificate::load(file); +} + +IceSSL::CertificatePtr +IceSSL::Certificate::decode(const std::string& encoding) +{ + return IceSSL::SecureTransport::Certificate::decode(encoding); +} diff --git a/cpp/src/IceSSL/SecureTransportEngine.cpp b/cpp/src/IceSSL/SecureTransportEngine.cpp index 4ce057f9802..aade124dc3f 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.cpp +++ b/cpp/src/IceSSL/SecureTransportEngine.cpp @@ -2,25 +2,20 @@ // Copyright (c) ZeroC, Inc. All rights reserved. // -#include "Ice/Config.h" - #include "SecureTransportEngine.h" -#include "SecureTransportEngineF.h" - -#include "IceUtil/FileUtil.h" -#include "IceUtil/StringUtil.h" - -#include "Ice/Communicator.h" +#include "Ice/Config.h" #include "Ice/LocalException.h" #include "Ice/Logger.h" #include "Ice/LoggerUtil.h" #include "Ice/Properties.h" - -#include "IceSSL/Plugin.h" +#include "IceSSL/Certificate.h" +#include "IceUtil/FileUtil.h" +#include "IceUtil/StringUtil.h" #include "SSLEngine.h" +#include "SSLUtil.h" +#include "SecureTransportEngineF.h" #include "SecureTransportTransceiverI.h" #include "SecureTransportUtil.h" -#include "Util.h" #include @@ -740,8 +735,8 @@ namespace map CiphersHelper::ciphers() { return _ciphers; } } -IceSSL::SecureTransport::SSLEngine::SSLEngine(const Ice::CommunicatorPtr& communicator) - : IceSSL::SSLEngine(communicator), +IceSSL::SecureTransport::SSLEngine::SSLEngine(const IceInternal::InstancePtr& instance) + : IceSSL::SSLEngine(instance), _certificateAuthorities(0), _chain(0) { @@ -761,7 +756,7 @@ IceSSL::SecureTransport::SSLEngine::initialize() IceSSL::SSLEngine::initialize(); - const PropertiesPtr properties = communicator()->getProperties(); + const PropertiesPtr properties = getProperties(); // // Check for a default directory. We look in this directory for diff --git a/cpp/src/IceSSL/SecureTransportEngine.h b/cpp/src/IceSSL/SecureTransportEngine.h index 0e24c8f8e6b..190fa6f528c 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.h +++ b/cpp/src/IceSSL/SecureTransportEngine.h @@ -7,46 +7,41 @@ #ifdef __APPLE__ +# include "../Ice/InstanceF.h" # include "Ice/UniqueRef.h" # include "SSLEngine.h" # include # include -namespace IceSSL +namespace IceSSL::SecureTransport { - namespace SecureTransport + class SSLEngine final : public IceSSL::SSLEngine { - class SSLEngine final : public IceSSL::SSLEngine - { - public: - SSLEngine(const Ice::CommunicatorPtr&); + public: + SSLEngine(const IceInternal::InstancePtr&); - void initialize() final; - void destroy() final; - IceInternal::TransceiverPtr - createTransceiver(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) final; + void initialize() final; + void destroy() final; + IceInternal::TransceiverPtr + createTransceiver(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) final; - SSLContextRef newContext(bool); - CFArrayRef getCertificateAuthorities() const; - std::string getCipherName(SSLCipherSuite) const; + SSLContextRef newContext(bool); + CFArrayRef getCertificateAuthorities() const; + std::string getCipherName(SSLCipherSuite) const; - private: - void parseCiphers(const std::string&); + private: + void parseCiphers(const std::string&); - IceInternal::UniqueRef _certificateAuthorities; - IceInternal::UniqueRef _chain; + IceInternal::UniqueRef _certificateAuthorities; + IceInternal::UniqueRef _chain; # if TARGET_OS_IPHONE == 0 - std::vector _dhParams; + std::vector _dhParams; # endif - std::vector _ciphers; - }; - - } // SecureTransport namespace end - -} // IceSSL namespace end - + std::vector _ciphers; + }; +} #endif #endif diff --git a/cpp/src/IceSSL/SecureTransportEngineF.h b/cpp/src/IceSSL/SecureTransportEngineF.h index 99224274e6c..b7c943e9208 100644 --- a/cpp/src/IceSSL/SecureTransportEngineF.h +++ b/cpp/src/IceSSL/SecureTransportEngineF.h @@ -7,18 +7,12 @@ #ifdef __APPLE__ -# include "IceSSL/Plugin.h" - # include -namespace IceSSL +namespace IceSSL::SecureTransport { - namespace SecureTransport - { - class SSLEngine; - using SSLEnginePtr = std::shared_ptr; - - } + class SSLEngine; + using SSLEnginePtr = std::shared_ptr; } #endif diff --git a/cpp/src/IceSSL/SecureTransportPluginI.cpp b/cpp/src/IceSSL/SecureTransportPluginI.cpp deleted file mode 100644 index 5611e112625..00000000000 --- a/cpp/src/IceSSL/SecureTransportPluginI.cpp +++ /dev/null @@ -1,24 +0,0 @@ -// -// Copyright (c) ZeroC, Inc. All rights reserved. -// - -#include "IceSSL/SecureTransport.h" -#include "PluginI.h" -#include "SecureTransportEngine.h" - -#include "Ice/Initialize.h" - -using namespace Ice; -using namespace std; - -IceSSL::CertificatePtr -IceSSL::Certificate::load(const std::string& file) -{ - return IceSSL::SecureTransport::Certificate::load(file); -} - -IceSSL::CertificatePtr -IceSSL::Certificate::decode(const std::string& encoding) -{ - return IceSSL::SecureTransport::Certificate::decode(encoding); -} diff --git a/cpp/src/IceSSL/SecureTransportTransceiverI.cpp b/cpp/src/IceSSL/SecureTransportTransceiverI.cpp index 589fc96e72a..f4e952a0f35 100644 --- a/cpp/src/IceSSL/SecureTransportTransceiverI.cpp +++ b/cpp/src/IceSSL/SecureTransportTransceiverI.cpp @@ -3,15 +3,13 @@ // #include "SecureTransportTransceiverI.h" +#include "Ice/LocalException.h" +#include "Ice/LoggerUtil.h" #include "IceSSL/ConnectionInfo.h" -#include "PluginI.h" #include "SSLInstance.h" #include "SecureTransportEngine.h" #include "SecureTransportUtil.h" -#include "Ice/LocalException.h" -#include "Ice/LoggerUtil.h" - // Disable deprecation warnings from SecureTransport APIs #include "IceUtil/DisableWarnings.h" @@ -613,7 +611,7 @@ IceSSL::SecureTransport::TransceiverI::toDetailedString() const Ice::ConnectionInfoPtr IceSSL::SecureTransport::TransceiverI::getInfo() const { - auto info = make_shared(); + auto info = make_shared(); info->underlying = _delegate->getInfo(); info->incoming = _incoming; info->adapterName = _adapterName; diff --git a/cpp/src/IceSSL/SecureTransportTransceiverI.h b/cpp/src/IceSSL/SecureTransportTransceiverI.h index 8f5817f0a20..47f98dd1f93 100644 --- a/cpp/src/IceSSL/SecureTransportTransceiverI.h +++ b/cpp/src/IceSSL/SecureTransportTransceiverI.h @@ -7,79 +7,73 @@ #ifdef __APPLE__ -# include "Ice/Config.h" -# include "IceSSL/Plugin.h" -# include "SSLInstanceF.h" -# include "SecureTransportEngineF.h" - # include "../Ice/Network.h" # include "../Ice/Transceiver.h" +# include "Ice/Config.h" # include "Ice/UniqueRef.h" +# include "IceSSL/Certificate.h" +# include "SSLInstanceF.h" +# include "SecureTransportEngineF.h" # include # include # include -namespace IceSSL +namespace IceSSL::SecureTransport { - namespace SecureTransport + class TransceiverI final : public IceInternal::Transceiver { - class TransceiverI final : public IceInternal::Transceiver + public: + TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); + ~TransceiverI(); + IceInternal::NativeInfoPtr getNativeInfo() final; + + IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; + IceInternal::SocketOperation closing(bool, std::exception_ptr) final; + void close() final; + IceInternal::SocketOperation write(IceInternal::Buffer&) final; + IceInternal::SocketOperation read(IceInternal::Buffer&) final; + + std::string protocol() const final; + std::string toString() const final; + std::string toDetailedString() const final; + Ice::ConnectionInfoPtr getInfo() const final; + void checkSendSize(const IceInternal::Buffer&) final; + void setBufferSize(int rcvSize, int sndSize) final; + + OSStatus writeRaw(const std::byte*, size_t*) const; + OSStatus readRaw(std::byte*, size_t*) const; + + private: + const InstancePtr _instance; + const SSLEnginePtr _engine; + const std::string _host; + const std::string _adapterName; + const bool _incoming; + const IceInternal::TransceiverPtr _delegate; + + IceInternal::UniqueRef _ssl; + IceInternal::UniqueRef _trust; + bool _connected; + + enum SSLWantFlags { - public: - TransceiverI(const InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool); - ~TransceiverI(); - IceInternal::NativeInfoPtr getNativeInfo() final; - - IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; - IceInternal::SocketOperation closing(bool, std::exception_ptr) final; - void close() final; - IceInternal::SocketOperation write(IceInternal::Buffer&) final; - IceInternal::SocketOperation read(IceInternal::Buffer&) final; - - std::string protocol() const final; - std::string toString() const final; - std::string toDetailedString() const final; - Ice::ConnectionInfoPtr getInfo() const final; - void checkSendSize(const IceInternal::Buffer&) final; - void setBufferSize(int rcvSize, int sndSize) final; - - OSStatus writeRaw(const std::byte*, size_t*) const; - OSStatus readRaw(std::byte*, size_t*) const; - - private: - const InstancePtr _instance; - const SSLEnginePtr _engine; - const std::string _host; - const std::string _adapterName; - const bool _incoming; - const IceInternal::TransceiverPtr _delegate; - - IceInternal::UniqueRef _ssl; - IceInternal::UniqueRef _trust; - bool _connected; - - enum SSLWantFlags - { - SSLWantRead = 0x1, - SSLWantWrite = 0x2 - }; - - mutable std::uint8_t _tflags; - size_t _maxSendPacketSize; - size_t _maxRecvPacketSize; - std::string _cipher; - std::vector _certs; - TrustError _trustError; - bool _verified; - size_t _buffered; + SSLWantRead = 0x1, + SSLWantWrite = 0x2 }; - using TransceiverIPtr = std::shared_ptr; - - } // SecureTransport namespace end - -} // IceSSL namespace end + mutable std::uint8_t _tflags; + size_t _maxSendPacketSize; + size_t _maxRecvPacketSize; + std::string _cipher; + std::vector _certs; + TrustError _trustError; + bool _verified; + size_t _buffered; + }; + using TransceiverIPtr = std::shared_ptr; + +} #endif #endif diff --git a/cpp/src/IceSSL/SecureTransportUtil.cpp b/cpp/src/IceSSL/SecureTransportUtil.cpp index 71f760b4abf..deacbfbe402 100644 --- a/cpp/src/IceSSL/SecureTransportUtil.cpp +++ b/cpp/src/IceSSL/SecureTransportUtil.cpp @@ -3,12 +3,9 @@ // #include "SecureTransportUtil.h" -#include "IceSSL/Plugin.h" - #include "../Ice/Base64.h" #include "Ice/LocalException.h" #include "Ice/UniqueRef.h" - #include "IceUtil/FileUtil.h" #include "IceUtil/StringUtil.h" diff --git a/cpp/src/IceSSL/SecureTransportUtil.h b/cpp/src/IceSSL/SecureTransportUtil.h index 38eff33aaea..4d112c5af55 100644 --- a/cpp/src/IceSSL/SecureTransportUtil.h +++ b/cpp/src/IceSSL/SecureTransportUtil.h @@ -10,38 +10,33 @@ # include "IceSSL/SecureTransport.h" # include "SSLUtil.h" -namespace IceSSL +namespace IceSSL::SecureTransport { - namespace SecureTransport - { - std::string sslErrorToString(CFErrorRef); - std::string sslErrorToString(OSStatus); + std::string sslErrorToString(CFErrorRef); + std::string sslErrorToString(OSStatus); # if defined(ICE_USE_SECURE_TRANSPORT_MACOS) - // - // Retrieve a certificate property - // - CFDictionaryRef getCertificateProperty(SecCertificateRef, CFTypeRef); + // + // Retrieve a certificate property + // + CFDictionaryRef getCertificateProperty(SecCertificateRef, CFTypeRef); # endif - // - // Read certificate from a file. - // - CFArrayRef loadCertificateChain( - const std::string&, - const std::string&, - const std::string&, - const std::string&, - const std::string&); - - SecCertificateRef loadCertificate(const std::string&); - CFArrayRef loadCACertificates(const std::string&); - CFArrayRef findCertificateChain(const std::string&, const std::string&, const std::string&); - - } // SecureTransport namespace end - -} // IceSSL namespace end - + // + // Read certificate from a file. + // + CFArrayRef loadCertificateChain( + const std::string&, + const std::string&, + const std::string&, + const std::string&, + const std::string&); + + SecCertificateRef loadCertificate(const std::string&); + CFArrayRef loadCACertificates(const std::string&); + CFArrayRef findCertificateChain(const std::string&, const std::string&, const std::string&); + +} #endif #endif diff --git a/cpp/src/IceSSL/TrustManager.cpp b/cpp/src/IceSSL/TrustManager.cpp index 88c734b9f42..542c68443e1 100644 --- a/cpp/src/IceSSL/TrustManager.cpp +++ b/cpp/src/IceSSL/TrustManager.cpp @@ -3,22 +3,22 @@ // #include "TrustManager.h" -#include "IceSSL/ConnectionInfo.h" -#include "RFC2253.h" - +#include "../Ice/Instance.h" #include "../Ice/Network.h" #include "Ice/Communicator.h" #include "Ice/LocalException.h" #include "Ice/Logger.h" #include "Ice/LoggerUtil.h" #include "Ice/Properties.h" +#include "IceSSL/ConnectionInfo.h" +#include "RFC2253.h" using namespace std; using namespace IceSSL; -TrustManager::TrustManager(const Ice::CommunicatorPtr& communicator) : _communicator(communicator) +TrustManager::TrustManager(const IceInternal::InstancePtr& instance) : _instance(instance) { - Ice::PropertiesPtr properties = communicator->getProperties(); + Ice::PropertiesPtr properties = _instance->initializationData().properties; _traceLevel = properties->getPropertyAsInt("IceSSL.Trace.Security"); string key; try @@ -126,7 +126,7 @@ TrustManager::verify(const ConnectionInfoPtr& info, const std::string& desc) DistinguishedName subject = info->certs[0]->getSubjectDN(); if (_traceLevel > 0) { - Ice::Trace trace(_communicator->getLogger(), "Security"); + Ice::Trace trace(_instance->initializationData().logger, "Security"); if (info->incoming) { trace << "trust manager evaluating client:\n" @@ -146,7 +146,7 @@ TrustManager::verify(const ConnectionInfoPtr& info, const std::string& desc) { if (_traceLevel > 1) { - Ice::Trace trace(_communicator->getLogger(), "Security"); + Ice::Trace trace(_instance->initializationData().logger, "Security"); trace << "trust manager rejecting PDNs:\n"; for (list::const_iterator r = p->begin(); r != p->end(); ++r) { @@ -168,7 +168,7 @@ TrustManager::verify(const ConnectionInfoPtr& info, const std::string& desc) { if (_traceLevel > 1) { - Ice::Trace trace(_communicator->getLogger(), "Security"); + Ice::Trace trace(_instance->initializationData().logger, "Security"); trace << "trust manager accepting PDNs:\n"; for (list::const_iterator r = p->begin(); r != p->end(); ++r) { diff --git a/cpp/src/IceSSL/TrustManager.h b/cpp/src/IceSSL/TrustManager.h index 32d4f04577c..3efe42c96e1 100644 --- a/cpp/src/IceSSL/TrustManager.h +++ b/cpp/src/IceSSL/TrustManager.h @@ -5,8 +5,9 @@ #ifndef ICESSL_TRUST_MANAGER_H #define ICESSL_TRUST_MANAGER_H -#include "Ice/CommunicatorF.h" -#include "IceSSL/Plugin.h" +#include "../Ice/InstanceF.h" +#include "IceSSL/Certificate.h" +#include "IceSSL/ConnectionInfoF.h" #include "RFC2253.h" #include "TrustManagerF.h" #include @@ -17,7 +18,7 @@ namespace IceSSL class TrustManager { public: - TrustManager(const Ice::CommunicatorPtr&); + TrustManager(const IceInternal::InstancePtr&); bool verify(const ConnectionInfoPtr&, const std::string&); @@ -25,9 +26,8 @@ namespace IceSSL bool match(const std::list&, const DistinguishedName&) const; void parse(const std::string&, std::list&, std::list&) const; - const Ice::CommunicatorPtr _communicator; int _traceLevel; - + IceInternal::InstancePtr _instance; std::list _rejectAll; std::list _rejectClient; std::list _rejectAllServer; diff --git a/cpp/test/Glacier2/ssl/Server.cpp b/cpp/test/Glacier2/ssl/Server.cpp index 021c5a0646d..37a0eaeeba8 100644 --- a/cpp/test/Glacier2/ssl/Server.cpp +++ b/cpp/test/Glacier2/ssl/Server.cpp @@ -5,7 +5,7 @@ #include "Glacier2/PermissionsVerifier.h" #include "Glacier2/Session.h" #include "Ice/Ice.h" -#include "IceSSL/Plugin.h" +#include "IceSSL/Certificate.h" #include "TestHelper.h" using namespace std; diff --git a/cpp/test/Ice/info/AllTests.cpp b/cpp/test/Ice/info/AllTests.cpp index d000d8f0de8..af5c91c00ef 100644 --- a/cpp/test/Ice/info/AllTests.cpp +++ b/cpp/test/Ice/info/AllTests.cpp @@ -3,7 +3,8 @@ // #include "Ice/Ice.h" -#include "IceSSL/IceSSL.h" +#include "IceSSL/ConnectionInfo.h" +#include "IceSSL/EndpointInfo.h" #include "TestHelper.h" #include "TestI.h" diff --git a/cpp/test/Ice/info/TestI.cpp b/cpp/test/Ice/info/TestI.cpp index 9985514821d..fd10d2b05ff 100644 --- a/cpp/test/Ice/info/TestI.cpp +++ b/cpp/test/Ice/info/TestI.cpp @@ -4,7 +4,7 @@ #include "TestI.h" #include "Ice/Ice.h" -#include "IceSSL/IceSSL.h" +#include "IceSSL/ConnectionInfo.h" #include "TestHelper.h" using namespace std; diff --git a/cpp/test/IceGrid/session/PermissionsVerifier.cpp b/cpp/test/IceGrid/session/PermissionsVerifier.cpp index 66d51ea53a0..f3989c46d2d 100644 --- a/cpp/test/IceGrid/session/PermissionsVerifier.cpp +++ b/cpp/test/IceGrid/session/PermissionsVerifier.cpp @@ -4,7 +4,6 @@ #include "Glacier2/PermissionsVerifier.h" #include "Ice/Ice.h" -#include "IceSSL/Plugin.h" #include "TestHelper.h" using namespace std; diff --git a/cpp/test/IceGrid/session/Server.cpp b/cpp/test/IceGrid/session/Server.cpp index 16dbf6271f4..daab89e5cee 100644 --- a/cpp/test/IceGrid/session/Server.cpp +++ b/cpp/test/IceGrid/session/Server.cpp @@ -4,7 +4,7 @@ #include "Glacier2/PermissionsVerifier.h" #include "Ice/Ice.h" -#include "IceSSL/Plugin.h" +#include "IceSSL/Certificate.h" #include "TestHelper.h" using namespace std; diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index 65df432be69..0ffdc97a6b5 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -3,7 +3,8 @@ // #include "Ice/Ice.h" -#include "IceSSL/IceSSL.h" +#include "IceSSL/Certificate.h" +#include "IceSSL/ConnectionInfo.h" #include "Test.h" #include "TestHelper.h" @@ -597,7 +598,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(info->certs.size() == 2); test(info->verified); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); test(Ice::targetEqualTo(caCert, info->certs[1])); test(Ice::targetEqualTo(serverCert, info->certs[0])); @@ -807,8 +808,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(info->verified); - test(getHost(info) == "localhost"); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->host == "localhost"); + test(info->errorCode == IceSSL::TrustError::NoError); fact->destroyServer(server); comm->destroy(); @@ -828,8 +829,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::HostNameMismatch); - test(getHost(info) == "localhost"); + test(info->errorCode == IceSSL::TrustError::HostNameMismatch); + test(info->host == "localhost"); fact->destroyServer(server); comm->destroy(); @@ -852,13 +853,13 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) if (isCatalinaOrGreater || isIOS13OrGreater) { test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::HostNameMismatch); + test(info->errorCode == IceSSL::TrustError::HostNameMismatch); } else { test(info->verified); } - test(getHost(info) == "localhost"); + test(info->host == "localhost"); fact->destroyServer(server); comm->destroy(); @@ -879,8 +880,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::HostNameMismatch); - test(getHost(info) == "localhost"); + test(info->errorCode == IceSSL::TrustError::HostNameMismatch); + test(info->host == "localhost"); fact->destroyServer(server); comm->destroy(); @@ -901,8 +902,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::HostNameMismatch); - test(getHost(info) == "localhost"); + test(info->errorCode == IceSSL::TrustError::HostNameMismatch); + test(info->host == "localhost"); fact->destroyServer(server); comm->destroy(); @@ -927,8 +928,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(info->verified); - test(getTrustError(info) == IceSSL::TrustError::NoError); - test(getHost(info) == "127.0.0.1"); + test(info->errorCode == IceSSL::TrustError::NoError); + test(info->host == "127.0.0.1"); fact->destroyServer(server); comm->destroy(); @@ -948,8 +949,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::HostNameMismatch); - test(getHost(info) == "127.0.0.1"); + test(info->errorCode == IceSSL::TrustError::HostNameMismatch); + test(info->host == "127.0.0.1"); fact->destroyServer(server); comm->destroy(); @@ -974,8 +975,8 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::HostNameMismatch); - test(getHost(info) == "127.0.0.1"); + test(info->errorCode == IceSSL::TrustError::HostNameMismatch); + test(info->host == "127.0.0.1"); fact->destroyServer(server); comm->destroy(); } @@ -1160,7 +1161,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(info->certs.size() == 1); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::PartialChain); + test(info->errorCode == IceSSL::TrustError::PartialChain); } catch (const Ice::LocalException& ex) { @@ -1182,10 +1183,10 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); #ifdef ICE_USE_OPENSSL test(info->certs.size() == 2); // TODO: Fix OpenSSL - test(getTrustError(info) == IceSSL::TrustError::UntrustedRoot); + test(info->errorCode == IceSSL::TrustError::UntrustedRoot); #else test(info->certs.size() == 1); - test(getTrustError(info) == IceSSL::TrustError::PartialChain); + test(info->errorCode == IceSSL::TrustError::PartialChain); #endif test(!info->verified); } @@ -1212,10 +1213,10 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); #if defined(ICE_USE_SCHANNEL) test(info->certs.size() == 1); // SChannel never sends the root certificate - test(getTrustError(info) == IceSSL::TrustError::PartialChain); + test(info->errorCode == IceSSL::TrustError::PartialChain); #else test(info->certs.size() == 2); - test(getTrustError(info) == IceSSL::TrustError::UntrustedRoot); + test(info->errorCode == IceSSL::TrustError::UntrustedRoot); #endif test(!info->verified); } @@ -1248,7 +1249,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(info->certs.size() == 2); test(info->verified); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); } catch (const Ice::LocalException& ex) { @@ -1383,7 +1384,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::InvalidTime); + test(info->errorCode == IceSSL::TrustError::InvalidTime); fact->destroyServer(server); comm->destroy(); @@ -2591,7 +2592,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); test(info->verified); fact->destroyServer(server); comm->destroy(); @@ -2613,7 +2614,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); test(info->verified); fact->destroyServer(server); comm->destroy(); @@ -2634,7 +2635,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) // Revoked certificate is accpeted because IceSSL.RevocationCheck=0 disable revocation checks server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); test(info->verified); fact->destroyServer(server); comm->destroy(); @@ -2656,7 +2657,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::Revoked); + test(info->errorCode == IceSSL::TrustError::Revoked); fact->destroyServer(server); comm->destroy(); @@ -2682,7 +2683,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::Revoked); + test(info->errorCode == IceSSL::TrustError::Revoked); fact->destroyServer(server); comm->destroy(); @@ -2706,7 +2707,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(info->verified); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); fact->destroyServer(server); comm->destroy(); @@ -2737,7 +2738,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); test(info->verified); fact->destroyServer(server); @@ -2775,7 +2776,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); test(info->verified); fact->destroyServer(server); comm->destroy(); @@ -2798,7 +2799,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::Revoked); + test(info->errorCode == IceSSL::TrustError::Revoked); fact->destroyServer(server); comm->destroy(); @@ -2821,7 +2822,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(info->verified); - test(getTrustError(info) == IceSSL::TrustError::NoError); + test(info->errorCode == IceSSL::TrustError::NoError); fact->destroyServer(server); comm->destroy(); # endif @@ -2843,7 +2844,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) server->ice_ping(); info = dynamic_pointer_cast(server->ice_getConnection()->getInfo()); test(!info->verified); - test(getTrustError(info) == IceSSL::TrustError::RevocationStatusUnknown); + test(info->errorCode == IceSSL::TrustError::RevocationStatusUnknown); fact->destroyServer(server); comm->destroy(); @@ -2927,7 +2928,7 @@ allTests(Test::TestHelper* helper, const string& /*testDir*/, bool p12) IceSSL::ConnectionInfoPtr sslInfo = dynamic_pointer_cast(wsinfo->underlying); test(sslInfo->verified); - test(getHost(sslInfo) == "zeroc.com"); + test(sslInfo->host == "zeroc.com"); break; } catch (const Ice::LocalException& ex) diff --git a/cpp/test/IceSSL/configuration/Client.cpp b/cpp/test/IceSSL/configuration/Client.cpp index 1404eced282..2aa8fec06ab 100644 --- a/cpp/test/IceSSL/configuration/Client.cpp +++ b/cpp/test/IceSSL/configuration/Client.cpp @@ -3,14 +3,9 @@ // #include "Ice/Ice.h" -#include "IceSSL/IceSSL.h" #include "Test.h" #include "TestHelper.h" -#if defined(ICE_USE_OPENSSL) -# include "IceSSL/OpenSSL.h" -#endif - #include using namespace std; diff --git a/cpp/test/IceSSL/configuration/TestI.cpp b/cpp/test/IceSSL/configuration/TestI.cpp index 6919e3ecc8d..9e7bf9f066d 100644 --- a/cpp/test/IceSSL/configuration/TestI.cpp +++ b/cpp/test/IceSSL/configuration/TestI.cpp @@ -4,8 +4,8 @@ #include "TestI.h" #include "Ice/Ice.h" +#include "IceSSL/Certificate.h" #include "IceSSL/ConnectionInfo.h" -#include "IceSSL/Plugin.h" #include "TestHelper.h" using namespace std; From f0ed8305200bdb54e8a2815765d253837f32ca04 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 13:30:14 +0200 Subject: [PATCH 19/28] Windows build fixes --- cpp/src/Ice/msbuild/ice/ice.vcxproj | 1 - cpp/src/Ice/msbuild/ice/ice.vcxproj.filters | 3 --- cpp/src/IceSSL/RFC2253.cpp | 2 ++ cpp/src/IceSSL/RFC2253.h | 1 + cpp/src/IceSSL/SChannelEngine.cpp | 1 - cpp/src/IceSSL/SChannelEngine.h | 5 ++++- cpp/src/IceSSL/SChannelTransceiverI.cpp | 7 ++----- cpp/src/IceSSL/SChannelTransceiverI.h | 1 - cpp/src/IceSSL/SSLEngine.h | 9 ++++----- cpp/src/IceSSL/TrustManager.h | 2 +- 10 files changed, 14 insertions(+), 18 deletions(-) diff --git a/cpp/src/Ice/msbuild/ice/ice.vcxproj b/cpp/src/Ice/msbuild/ice/ice.vcxproj index c66c5430cf5..0e97ba2576e 100644 --- a/cpp/src/Ice/msbuild/ice/ice.vcxproj +++ b/cpp/src/Ice/msbuild/ice/ice.vcxproj @@ -172,7 +172,6 @@ - diff --git a/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters b/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters index f079b618b1e..d1802a40d24 100644 --- a/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters +++ b/cpp/src/Ice/msbuild/ice/ice.vcxproj.filters @@ -588,9 +588,6 @@ Source Files\IceSSL - - Source Files\IceSSL - Source Files\IceSSL diff --git a/cpp/src/IceSSL/RFC2253.cpp b/cpp/src/IceSSL/RFC2253.cpp index 8f017821761..57c652d895a 100644 --- a/cpp/src/IceSSL/RFC2253.cpp +++ b/cpp/src/IceSSL/RFC2253.cpp @@ -7,6 +7,8 @@ #include "IceUtil/StringUtil.h" #include +#include +#include using namespace std; using namespace IceSSL; diff --git a/cpp/src/IceSSL/RFC2253.h b/cpp/src/IceSSL/RFC2253.h index 8aad4a40b70..5c9583c6da5 100644 --- a/cpp/src/IceSSL/RFC2253.h +++ b/cpp/src/IceSSL/RFC2253.h @@ -7,6 +7,7 @@ #include "Ice/Config.h" +#include #include // diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp index 9e3eef530b7..0ac80b3f610 100644 --- a/cpp/src/IceSSL/SChannelEngine.cpp +++ b/cpp/src/IceSSL/SChannelEngine.cpp @@ -8,7 +8,6 @@ #include "Ice/Logger.h" #include "Ice/StringConverter.h" #include "Ice/UUID.h" -#include "IceSSL/Plugin.h" #include "IceUtil/FileUtil.h" #include "IceUtil/StringUtil.h" #include "SChannelTransceiverI.h" diff --git a/cpp/src/IceSSL/SChannelEngine.h b/cpp/src/IceSSL/SChannelEngine.h index 8340fb7328b..5ff28a01fa7 100644 --- a/cpp/src/IceSSL/SChannelEngine.h +++ b/cpp/src/IceSSL/SChannelEngine.h @@ -7,10 +7,13 @@ #ifdef _WIN32 -# include "../Ice/InstanceF.h" +# include "Ice/InstanceF.h" # include "SChannelEngineF.h" # include "SSLEngine.h" +# include +# include + // // SECURITY_WIN32 or SECURITY_KERNEL, must be defined before including security.h // indicating who is compiling the code. diff --git a/cpp/src/IceSSL/SChannelTransceiverI.cpp b/cpp/src/IceSSL/SChannelTransceiverI.cpp index 952f71f522e..6b4e3d0e51f 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.cpp +++ b/cpp/src/IceSSL/SChannelTransceiverI.cpp @@ -3,15 +3,12 @@ // #include "SChannelTransceiverI.h" - #include "IceUtil/StringUtil.h" - #include "Ice/Buffer.h" #include "Ice/Communicator.h" #include "Ice/LocalException.h" #include "Ice/LoggerUtil.h" #include "IceSSL/ConnectionInfo.h" -#include "PluginI.h" #include "SChannelEngine.h" #include "SSLInstance.h" #include "SSLUtil.h" @@ -906,7 +903,7 @@ SChannel::TransceiverI::initialize(IceInternal::Buffer& readBuffer, IceInternal: { _trustError = IceSSL::TrustError::HostNameMismatch; _verified = false; - dynamic_pointer_cast(info)->errorCode = IceSSL::TrustError::HostNameMismatch; + info->errorCode = IceSSL::TrustError::HostNameMismatch; info->verified = false; if (_engine->getVerifyPeer() > 0) { @@ -1157,7 +1154,7 @@ SChannel::TransceiverI::toDetailedString() const Ice::ConnectionInfoPtr SChannel::TransceiverI::getInfo() const { - ExtendedConnectionInfoPtr info = std::make_shared(); + auto info = std::make_shared(); info->underlying = _delegate->getInfo(); info->incoming = _incoming; info->adapterName = _adapterName; diff --git a/cpp/src/IceSSL/SChannelTransceiverI.h b/cpp/src/IceSSL/SChannelTransceiverI.h index 36694c3b5ce..7ec61bccc4a 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.h +++ b/cpp/src/IceSSL/SChannelTransceiverI.h @@ -13,7 +13,6 @@ # include "../Ice/WSTransceiver.h" # include "Ice/Buffer.h" # include "Ice/Config.h" -# include "IceSSL/Plugin.h" # include "SChannelEngineF.h" # include "SSLInstanceF.h" diff --git a/cpp/src/IceSSL/SSLEngine.h b/cpp/src/IceSSL/SSLEngine.h index 3944a17cf7e..f83df888b8b 100644 --- a/cpp/src/IceSSL/SSLEngine.h +++ b/cpp/src/IceSSL/SSLEngine.h @@ -5,17 +5,16 @@ #ifndef ICESSL_ENGINE_H #define ICESSL_ENGINE_H +#include "../Ice/Network.h" +#include "../Ice/TransceiverF.h" +#include "Ice/CommunicatorF.h" +#include "Ice/InstanceF.h" #include "IceSSL/Certificate.h" #include "SSLEngineF.h" #include "SSLInstanceF.h" #include "SSLUtil.h" #include "TrustManagerF.h" -#include "../Ice/InstanceF.h" -#include "../Ice/Network.h" -#include "../Ice/TransceiverF.h" -#include "Ice/CommunicatorF.h" - #include namespace IceSSL diff --git a/cpp/src/IceSSL/TrustManager.h b/cpp/src/IceSSL/TrustManager.h index 3efe42c96e1..ec60ce81f96 100644 --- a/cpp/src/IceSSL/TrustManager.h +++ b/cpp/src/IceSSL/TrustManager.h @@ -5,7 +5,7 @@ #ifndef ICESSL_TRUST_MANAGER_H #define ICESSL_TRUST_MANAGER_H -#include "../Ice/InstanceF.h" +#include "Ice/InstanceF.h" #include "IceSSL/Certificate.h" #include "IceSSL/ConnectionInfoF.h" #include "RFC2253.h" From feed97f328e9a44584674cdbb4cd69b193ee7a26 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 13:39:35 +0200 Subject: [PATCH 20/28] OpenSSL build fixes --- cpp/src/IceSSL/OpenSSLCertificateI.cpp | 1 - cpp/src/IceSSL/OpenSSLTransceiverI.cpp | 1 - cpp/src/IceSSL/OpenSSLTransceiverI.h | 2 +- 3 files changed, 1 insertion(+), 3 deletions(-) diff --git a/cpp/src/IceSSL/OpenSSLCertificateI.cpp b/cpp/src/IceSSL/OpenSSLCertificateI.cpp index 0612749697a..12b9bc05607 100644 --- a/cpp/src/IceSSL/OpenSSLCertificateI.cpp +++ b/cpp/src/IceSSL/OpenSSLCertificateI.cpp @@ -5,7 +5,6 @@ #include "CertificateI.h" #include "IceSSL/OpenSSL.h" #include "OpenSSLUtil.h" -#include "PluginI.h" #include "RFC2253.h" #include diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp index 52bb6724443..e0949853aa4 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.cpp +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.cpp @@ -11,7 +11,6 @@ #include "IceSSL/ConnectionInfo.h" #include "IceSSL/OpenSSL.h" #include "OpenSSLEngine.h" -#include "PluginI.h" #include "SSLEngine.h" #include "SSLInstance.h" #include "SSLUtil.h" diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.h b/cpp/src/IceSSL/OpenSSLTransceiverI.h index e990460537f..a4cb481b3a2 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.h +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.h @@ -10,7 +10,7 @@ #include "../Ice/Transceiver.h" #include "../Ice/WSTransceiver.h" #include "Ice/Config.h" -#include "IceSSL/Plugin.h" +#include "IceSSL/Certificate.h" #include "OpenSSLEngineF.h" #include "SSLInstanceF.h" #include "SSLUtil.h" From 2f87ec4aacf577a8364e1152f1c75c262fefc171 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 15:52:42 +0200 Subject: [PATCH 21/28] Checkpoint --- cpp/msbuild/ice.openssl.test.sln | 66 ---------------------- cpp/test/IceSSL/configuration/AllTests.cpp | 3 + 2 files changed, 3 insertions(+), 66 deletions(-) delete mode 100644 cpp/msbuild/ice.openssl.test.sln diff --git a/cpp/msbuild/ice.openssl.test.sln b/cpp/msbuild/ice.openssl.test.sln deleted file mode 100644 index 61437d860c0..00000000000 --- a/cpp/msbuild/ice.openssl.test.sln +++ /dev/null @@ -1,66 +0,0 @@ - -Microsoft Visual Studio Solution File, Format Version 12.00 -# Visual Studio Version 17 -VisualStudioVersion = 17.9.34321.82 -MinimumVisualStudioVersion = 10.0.40219.1 -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Common", "Common", "{2D52604F-E2AD-4586-BBD7-BD13536C702C}" -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testcommon", "..\test\Common\msbuild\testcommon.vcxproj", "{C7223CC8-0AAA-470B-ACB3-12B9DE75525C}" -EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "IceSSL", "IceSSL", "{8DC4FC60-61F2-4D58-8DB1-615460DEF993}" -EndProject -Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "configuration", "configuration", "{2557CF58-4848-4D0A-8D42-E0F7C7158A6B}" -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "clientopenssl", "..\test\IceSSL\configuration\msbuild\clientopenssl\clientopenssl.vcxproj", "{34135D29-7ABF-416E-80A9-4077BD6A126F}" - ProjectSection(ProjectDependencies) = postProject - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C} = {C7223CC8-0AAA-470B-ACB3-12B9DE75525C} - EndProjectSection -EndProject -Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "serveropenssl", "..\test\IceSSL\configuration\msbuild\serveropenssl\serveropenssl.vcxproj", "{1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}" - ProjectSection(ProjectDependencies) = postProject - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C} = {C7223CC8-0AAA-470B-ACB3-12B9DE75525C} - EndProjectSection -EndProject -Global - GlobalSection(SolutionConfigurationPlatforms) = preSolution - Debug|Win32 = Debug|Win32 - Debug|x64 = Debug|x64 - Release|Win32 = Release|Win32 - Release|x64 = Release|x64 - EndGlobalSection - GlobalSection(ProjectConfigurationPlatforms) = postSolution - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Debug|Win32.ActiveCfg = Debug|Win32 - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Debug|Win32.Build.0 = Debug|Win32 - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Debug|x64.ActiveCfg = Debug|x64 - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Debug|x64.Build.0 = Debug|x64 - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Release|Win32.ActiveCfg = Release|Win32 - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Release|Win32.Build.0 = Release|Win32 - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Release|x64.ActiveCfg = Release|x64 - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C}.Release|x64.Build.0 = Release|x64 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Debug|Win32.ActiveCfg = Debug|Win32 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Debug|Win32.Build.0 = Debug|Win32 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Debug|x64.ActiveCfg = Debug|x64 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Debug|x64.Build.0 = Debug|x64 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Release|Win32.ActiveCfg = Release|Win32 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Release|Win32.Build.0 = Release|Win32 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Release|x64.ActiveCfg = Release|x64 - {34135D29-7ABF-416E-80A9-4077BD6A126F}.Release|x64.Build.0 = Release|x64 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Debug|Win32.ActiveCfg = Debug|Win32 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Debug|Win32.Build.0 = Debug|Win32 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Debug|x64.ActiveCfg = Debug|x64 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Debug|x64.Build.0 = Debug|x64 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Release|Win32.ActiveCfg = Release|Win32 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Release|Win32.Build.0 = Release|Win32 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Release|x64.ActiveCfg = Release|x64 - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39}.Release|x64.Build.0 = Release|x64 - EndGlobalSection - GlobalSection(SolutionProperties) = preSolution - HideSolutionNode = FALSE - EndGlobalSection - GlobalSection(NestedProjects) = preSolution - {C7223CC8-0AAA-470B-ACB3-12B9DE75525C} = {2D52604F-E2AD-4586-BBD7-BD13536C702C} - {2557CF58-4848-4D0A-8D42-E0F7C7158A6B} = {8DC4FC60-61F2-4D58-8DB1-615460DEF993} - {34135D29-7ABF-416E-80A9-4077BD6A126F} = {2557CF58-4848-4D0A-8D42-E0F7C7158A6B} - {1A83DE5F-3401-4D5D-B9FE-A930D5B15F39} = {2557CF58-4848-4D0A-8D42-E0F7C7158A6B} - EndGlobalSection -EndGlobal diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index 0ffdc97a6b5..22a9b353f29 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -12,6 +12,7 @@ #include #include #include +#include #include "Ice/UniqueRef.h" @@ -31,6 +32,8 @@ # endif #elif defined(_WIN32) # define ICE_USE_SCHANNEL 1 +# include +# include #else # define ICE_USE_OPENSSL 1 #endif From 7bf939b5d7f5fff4825ab411f6c054fd0117275a Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 16:26:21 +0200 Subject: [PATCH 22/28] Initialize fixes --- cpp/include/IceSSL/Certificate.h | 1 - cpp/src/IceSSL/OpenSSLEngine.cpp | 19 ------------------- cpp/src/IceSSL/OpenSSLEngine.h | 1 - cpp/src/IceSSL/SChannelEngine.cpp | 12 +----------- cpp/src/IceSSL/SSLAcceptorI.cpp | 8 -------- cpp/src/IceSSL/SSLConnectorI.cpp | 8 -------- cpp/src/IceSSL/SSLEngine.cpp | 7 ------- cpp/src/IceSSL/SSLEngine.h | 3 --- cpp/src/IceSSL/SSLInstance.cpp | 6 ------ cpp/src/IceSSL/SSLInstance.h | 2 -- cpp/src/IceSSL/SecureTransportEngine.cpp | 7 ------- 11 files changed, 1 insertion(+), 73 deletions(-) diff --git a/cpp/include/IceSSL/Certificate.h b/cpp/include/IceSSL/Certificate.h index f0fb2ad278f..f4f11dbdd0d 100644 --- a/cpp/include/IceSSL/Certificate.h +++ b/cpp/include/IceSSL/Certificate.h @@ -106,7 +106,6 @@ namespace IceSSL * The key usage "decipherOnly" bit is set */ const unsigned int KEY_USAGE_DECIPHER_ONLY = 1u << 8; - /** * The extended key usage "anyKeyUsage" bit is set */ diff --git a/cpp/src/IceSSL/OpenSSLEngine.cpp b/cpp/src/IceSSL/OpenSSLEngine.cpp index 738cc3cb77d..de530e0e461 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.cpp +++ b/cpp/src/IceSSL/OpenSSLEngine.cpp @@ -81,11 +81,6 @@ void OpenSSL::SSLEngine::initialize() { lock_guard lock(_mutex); - if (_initialized) - { - return; - } - try { IceSSL::SSLEngine::initialize(); @@ -506,20 +501,6 @@ OpenSSL::SSLEngine::initialize() _ctx = nullptr; throw; } - - _initialized = true; -} - -void -OpenSSL::SSLEngine::context(SSL_CTX* context) -{ - if (initialized()) - { - throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: plug-in is already initialized"); - } - - assert(!_ctx); - _ctx = context; } SSL_CTX* diff --git a/cpp/src/IceSSL/OpenSSLEngine.h b/cpp/src/IceSSL/OpenSSLEngine.h index b6e0b96d113..1eee85d5eaa 100644 --- a/cpp/src/IceSSL/OpenSSLEngine.h +++ b/cpp/src/IceSSL/OpenSSLEngine.h @@ -25,7 +25,6 @@ namespace IceSSL::OpenSSL createTransceiver(const IceSSL::InstancePtr&, const IceInternal::TransceiverPtr&, const std::string&, bool) final; SSL_CTX* context() const; - void context(SSL_CTX*); std::string sslErrors() const; std::string password() const { return _password; } diff --git a/cpp/src/IceSSL/SChannelEngine.cpp b/cpp/src/IceSSL/SChannelEngine.cpp index 0ac80b3f610..c7ec0514f6a 100644 --- a/cpp/src/IceSSL/SChannelEngine.cpp +++ b/cpp/src/IceSSL/SChannelEngine.cpp @@ -15,6 +15,7 @@ #include +#include #include // @@ -555,16 +556,6 @@ SChannel::SSLEngine::initialize() // lock_guard globalLock(globalMutex); - // - // We still have to acquire the instance mutex because it is used by the base - // class to access _initialized data member. - // - lock_guard lock(_mutex); - if (_initialized) - { - return; - } - IceSSL::SSLEngine::initialize(); const string prefix = "IceSSL."; @@ -1015,7 +1006,6 @@ SChannel::SSLEngine::initialize() } _allCerts.insert(_allCerts.end(), certs.begin(), certs.end()); } - _initialized = true; } string diff --git a/cpp/src/IceSSL/SSLAcceptorI.cpp b/cpp/src/IceSSL/SSLAcceptorI.cpp index 102ee7e3b06..6cad6a91fa2 100644 --- a/cpp/src/IceSSL/SSLAcceptorI.cpp +++ b/cpp/src/IceSSL/SSLAcceptorI.cpp @@ -59,14 +59,6 @@ IceSSL::AcceptorI::finishAccept() IceInternal::TransceiverPtr IceSSL::AcceptorI::accept() { - // - // The plug-in may not be initialized. - // - if (!_instance->initialized()) - { - throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: plug-in is not initialized"); - } - return _instance->engine()->createTransceiver(_instance, _delegate->accept(), _adapterName, true); } diff --git a/cpp/src/IceSSL/SSLConnectorI.cpp b/cpp/src/IceSSL/SSLConnectorI.cpp index 379afb1f30a..b94fbb485d7 100644 --- a/cpp/src/IceSSL/SSLConnectorI.cpp +++ b/cpp/src/IceSSL/SSLConnectorI.cpp @@ -21,14 +21,6 @@ using namespace IceSSL; IceInternal::TransceiverPtr IceSSL::ConnectorI::connect() { - // - // The plug-in may not be initialized. - // - if (!_instance->initialized()) - { - throw PluginInitializationException(__FILE__, __LINE__, "IceSSL: plug-in is not initialized"); - } - return _instance->engine()->createTransceiver(_instance, _delegate->connect(), _host, false); } diff --git a/cpp/src/IceSSL/SSLEngine.cpp b/cpp/src/IceSSL/SSLEngine.cpp index 99436d16e5d..74cd76f9b00 100644 --- a/cpp/src/IceSSL/SSLEngine.cpp +++ b/cpp/src/IceSSL/SSLEngine.cpp @@ -40,13 +40,6 @@ IceSSL::SSLEngine::getProperties() const return _instance->initializationData().properties; } -bool -IceSSL::SSLEngine::initialized() const -{ - lock_guard lock(_mutex); - return _initialized; -} - void IceSSL::SSLEngine::initialize() { diff --git a/cpp/src/IceSSL/SSLEngine.h b/cpp/src/IceSSL/SSLEngine.h index f83df888b8b..fe93188ba95 100644 --- a/cpp/src/IceSSL/SSLEngine.h +++ b/cpp/src/IceSSL/SSLEngine.h @@ -32,8 +32,6 @@ namespace IceSSL // Setup the engine. virtual void initialize() = 0; - virtual bool initialized() const; - // Destroy the engine. virtual void destroy() = 0; @@ -54,7 +52,6 @@ namespace IceSSL std::string securityTraceCategory() const; protected: - bool _initialized; mutable std::mutex _mutex; private: diff --git a/cpp/src/IceSSL/SSLInstance.cpp b/cpp/src/IceSSL/SSLInstance.cpp index 97c58d0001d..36584ce3895 100644 --- a/cpp/src/IceSSL/SSLInstance.cpp +++ b/cpp/src/IceSSL/SSLInstance.cpp @@ -14,9 +14,3 @@ IceSSL::Instance::Instance(const SSLEnginePtr& engine, int16_t type, const strin _engine(engine) { } - -bool -IceSSL::Instance::initialized() const -{ - return _engine->initialized(); -} diff --git a/cpp/src/IceSSL/SSLInstance.h b/cpp/src/IceSSL/SSLInstance.h index 3de90eb17a2..a85757179cb 100644 --- a/cpp/src/IceSSL/SSLInstance.h +++ b/cpp/src/IceSSL/SSLInstance.h @@ -18,8 +18,6 @@ namespace IceSSL SSLEnginePtr engine() const { return _engine; } - bool initialized() const; - private: const SSLEnginePtr _engine; }; diff --git a/cpp/src/IceSSL/SecureTransportEngine.cpp b/cpp/src/IceSSL/SecureTransportEngine.cpp index aade124dc3f..3743ee82568 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.cpp +++ b/cpp/src/IceSSL/SecureTransportEngine.cpp @@ -748,12 +748,6 @@ IceSSL::SecureTransport::SSLEngine::SSLEngine(const IceInternal::InstancePtr& in void IceSSL::SecureTransport::SSLEngine::initialize() { - lock_guard lock(_mutex); - if (_initialized) - { - return; - } - IceSSL::SSLEngine::initialize(); const PropertiesPtr properties = getProperties(); @@ -910,7 +904,6 @@ IceSSL::SecureTransport::SSLEngine::initialize() } getLogger()->trace(securityTraceCategory(), os.str()); } - _initialized = true; } // From b5b290b825726b48cda090a9e0dcda7cd83806a8 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 16:37:39 +0200 Subject: [PATCH 23/28] clang-format fixes --- cpp/src/IceSSL/RFC2253.cpp | 2 +- cpp/src/IceSSL/RFC2253.h | 2 +- cpp/src/IceSSL/SChannelTransceiverI.cpp | 2 +- cpp/test/IceSSL/configuration/AllTests.cpp | 7 +++++++ 4 files changed, 10 insertions(+), 3 deletions(-) diff --git a/cpp/src/IceSSL/RFC2253.cpp b/cpp/src/IceSSL/RFC2253.cpp index 57c652d895a..88c9021a949 100644 --- a/cpp/src/IceSSL/RFC2253.cpp +++ b/cpp/src/IceSSL/RFC2253.cpp @@ -7,8 +7,8 @@ #include "IceUtil/StringUtil.h" #include -#include #include +#include using namespace std; using namespace IceSSL; diff --git a/cpp/src/IceSSL/RFC2253.h b/cpp/src/IceSSL/RFC2253.h index 5c9583c6da5..4c54729e8f6 100644 --- a/cpp/src/IceSSL/RFC2253.h +++ b/cpp/src/IceSSL/RFC2253.h @@ -7,8 +7,8 @@ #include "Ice/Config.h" -#include #include +#include // // The methods in the IceSSL::RFC2253 namespace implement a parser diff --git a/cpp/src/IceSSL/SChannelTransceiverI.cpp b/cpp/src/IceSSL/SChannelTransceiverI.cpp index 6b4e3d0e51f..2cc1b09f680 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.cpp +++ b/cpp/src/IceSSL/SChannelTransceiverI.cpp @@ -3,12 +3,12 @@ // #include "SChannelTransceiverI.h" -#include "IceUtil/StringUtil.h" #include "Ice/Buffer.h" #include "Ice/Communicator.h" #include "Ice/LocalException.h" #include "Ice/LoggerUtil.h" #include "IceSSL/ConnectionInfo.h" +#include "IceUtil/StringUtil.h" #include "SChannelEngine.h" #include "SSLInstance.h" #include "SSLUtil.h" diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index 22a9b353f29..4ffeed64bda 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -32,8 +32,15 @@ # endif #elif defined(_WIN32) # define ICE_USE_SCHANNEL 1 +// We need to include windows.h before wincrypt.h. +// clang-format off +# ifndef NOMINMAX +# define NOMINMAX +# endif # include # include +// clang-format on + #else # define ICE_USE_OPENSSL 1 #endif From c2a98e47f72f8ca8c57b950159a9a3b649abfaa9 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 18:00:07 +0200 Subject: [PATCH 24/28] macOS build fixes --- cpp/src/IceSSL/SecureTransportEngine.h | 2 +- python/modules/IcePy/EndpointInfo.cpp | 2 +- swift/Rakefile | 4 ++-- swift/src/IceImpl/Config.h | 4 +++- 4 files changed, 7 insertions(+), 5 deletions(-) diff --git a/cpp/src/IceSSL/SecureTransportEngine.h b/cpp/src/IceSSL/SecureTransportEngine.h index 190fa6f528c..8c52f9777d6 100644 --- a/cpp/src/IceSSL/SecureTransportEngine.h +++ b/cpp/src/IceSSL/SecureTransportEngine.h @@ -7,7 +7,7 @@ #ifdef __APPLE__ -# include "../Ice/InstanceF.h" +# include "Ice/InstanceF.h" # include "Ice/UniqueRef.h" # include "SSLEngine.h" diff --git a/python/modules/IcePy/EndpointInfo.cpp b/python/modules/IcePy/EndpointInfo.cpp index 88225fd9213..3dcec083861 100644 --- a/python/modules/IcePy/EndpointInfo.cpp +++ b/python/modules/IcePy/EndpointInfo.cpp @@ -3,7 +3,7 @@ // #include "EndpointInfo.h" -#include "IceSSL/IceSSL.h" +#include "IceSSL/EndpointInfo.h" #include "Util.h" using namespace std; diff --git a/swift/Rakefile b/swift/Rakefile index a726af3445e..b81125490d5 100644 --- a/swift/Rakefile +++ b/swift/Rakefile @@ -143,7 +143,7 @@ def create_platform_targets(project, platform, bindist) unless bindist # - # Ice for C++11 static libraries + # Ice for C++ static libraries # cpp_components = ["Ice", "IceDiscovery", "IceLocatorDiscovery"] cpp_source_dirs = { "Ice" => ["IceUtil", "Ice", "IceSSL"] } @@ -166,7 +166,7 @@ def create_platform_targets(project, platform, bindist) ice_cpp_target = nil cpp_components.each do | component | - target = project.new_target(:static_library, "#{component} C++11 #{platform_name}", platform) + target = project.new_target(:static_library, "#{component} C++ #{platform_name}", platform) cpp_targets << target group = project_group(project, "slice/#{component}") diff --git a/swift/src/IceImpl/Config.h b/swift/src/IceImpl/Config.h index 956917b4998..493414a760a 100644 --- a/swift/src/IceImpl/Config.h +++ b/swift/src/IceImpl/Config.h @@ -11,7 +11,9 @@ #ifdef __cplusplus # include "Ice/Ice.h" -# include "IceSSL/IceSSL.h" +# include "IceSSL/Certificate.h" +# include "IceSSL/ConnectionInfo.h" +# include "IceSSL/EndpointInfo.h" # if TARGET_OS_IPHONE # include "IceIAP/IceIAP.h" From 774a75b5a37a520db15ed8a2f248db504c3fbe76 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 18:34:21 +0200 Subject: [PATCH 25/28] Header fixes --- cpp/include/IceSSL/OpenSSL.h | 83 ++++++++++++++++------------------ cpp/include/IceSSL/SChannel.h | 85 +++++++++++++++++------------------ 2 files changed, 79 insertions(+), 89 deletions(-) diff --git a/cpp/include/IceSSL/OpenSSL.h b/cpp/include/IceSSL/OpenSSL.h index f9429a07e38..bb17eab68c9 100644 --- a/cpp/include/IceSSL/OpenSSL.h +++ b/cpp/include/IceSSL/OpenSSL.h @@ -10,55 +10,50 @@ #include #include -namespace IceSSL +namespace IceSSL::OpenSSL { - namespace OpenSSL + class Certificate; + using CertificatePtr = std::shared_ptr; + + /** + * Encapsulates an OpenSSL X.509 certificate. + * \headerfile IceSSL/IceSSL.h + */ + class ICE_API Certificate : public virtual IceSSL::Certificate { - class Certificate; - using CertificatePtr = std::shared_ptr; - + public: /** - * Encapsulates an OpenSSL X.509 certificate. - * \headerfile IceSSL/IceSSL.h + * Construct a certificate using a native certificate. + * The Certificate class assumes ownership of the given native + * certificate. + * @param cert The native certificate. + * @return A new certificate object. */ - class ICE_API Certificate : public virtual IceSSL::Certificate - { - public: - /** - * Construct a certificate using a native certificate. - * The Certificate class assumes ownership of the given native - * certificate. - * @param cert The native certificate. - * @return A new certificate object. - */ - static CertificatePtr create(x509_st* cert); - - /** - * Load the certificate from a file. The certificate must use the - * PEM encoding format. - * @param file The certificate file. - * @return A new certificate object. - * @throws CertificateReadException if the file cannot be read. - */ - static CertificatePtr load(const std::string& file); - - /** - * Decode a certificate from a string that uses the PEM encoding format. - * @param cert A string containing the PEM-encoded certificate. - * @return A new certificate object. - * @throws CertificateEncodingException if an error occurs. - */ - static CertificatePtr decode(const std::string& cert); + static CertificatePtr create(x509_st* cert); - /** - * Retrieve the native X509 certificate value wrapped by this object. - * @return The native certificate. The returned reference is only valid for the lifetime of this - * object. You can increment it with X509_dup. - */ - virtual x509_st* getCert() const = 0; - }; - } // OpenSSL namespace end + /** + * Load the certificate from a file. The certificate must use the + * PEM encoding format. + * @param file The certificate file. + * @return A new certificate object. + * @throws CertificateReadException if the file cannot be read. + */ + static CertificatePtr load(const std::string& file); -} // IceSSL namespace end + /** + * Decode a certificate from a string that uses the PEM encoding format. + * @param cert A string containing the PEM-encoded certificate. + * @return A new certificate object. + * @throws CertificateEncodingException if an error occurs. + */ + static CertificatePtr decode(const std::string& cert); + /** + * Retrieve the native X509 certificate value wrapped by this object. + * @return The native certificate. The returned reference is only valid for the lifetime of this + * object. You can increment it with X509_dup. + */ + virtual x509_st* getCert() const = 0; + }; +} #endif diff --git a/cpp/include/IceSSL/SChannel.h b/cpp/include/IceSSL/SChannel.h index 23320c12100..a549de3a960 100644 --- a/cpp/include/IceSSL/SChannel.h +++ b/cpp/include/IceSSL/SChannel.h @@ -16,59 +16,54 @@ # include // clang-format on -namespace IceSSL +namespace IceSSL::SChannel { - namespace SChannel - { - class Certificate; - using CertificatePtr = std::shared_ptr; + class Certificate; + using CertificatePtr = std::shared_ptr; + /** + * This convenience class is a wrapper around a native certificate. + * \headerfile IceSSL/IceSSL.h + */ + class ICE_API Certificate : public virtual IceSSL::Certificate + { + public: /** - * This convenience class is a wrapper around a native certificate. - * \headerfile IceSSL/IceSSL.h + * Constructs a certificate using a native certificate. + * The Certificate class assumes ownership of the given native + * certificate. + * @param info The certificate data. + * @return The new certificate instance. */ - class ICE_API Certificate : public virtual IceSSL::Certificate - { - public: - /** - * Constructs a certificate using a native certificate. - * The Certificate class assumes ownership of the given native - * certificate. - * @param info The certificate data. - * @return The new certificate instance. - */ - static CertificatePtr create(CERT_SIGNED_CONTENT_INFO* info); - - /** - * Loads the certificate from a file. The certificate must use the - * PEM encoding format. - * @param file The certificate file. - * @return The new certificate instance. - * @throws CertificateReadException if the file cannot be read. - */ - static CertificatePtr load(const std::string& file); + static CertificatePtr create(CERT_SIGNED_CONTENT_INFO* info); - /** - * Decodes a certificate from a string that uses the PEM encoding format. - * @param str A string containing the encoded certificate. - * @return The new certificate instance. - * @throws CertificateEncodingException if an error occurs. - */ - static CertificatePtr decode(const std::string& str); - - /** - * Obtains the native X509 certificate value wrapped by this object. - * @return A reference to the native certificate. - * The returned reference is only valid for the lifetime of this - * object. The returned reference is a pointer to a struct. - */ - virtual CERT_SIGNED_CONTENT_INFO* getCert() const = 0; - }; + /** + * Loads the certificate from a file. The certificate must use the + * PEM encoding format. + * @param file The certificate file. + * @return The new certificate instance. + * @throws CertificateReadException if the file cannot be read. + */ + static CertificatePtr load(const std::string& file); - } // SChannel namespace end + /** + * Decodes a certificate from a string that uses the PEM encoding format. + * @param str A string containing the encoded certificate. + * @return The new certificate instance. + * @throws CertificateEncodingException if an error occurs. + */ + static CertificatePtr decode(const std::string& str); -} // IceSSL namespace end + /** + * Obtains the native X509 certificate value wrapped by this object. + * @return A reference to the native certificate. + * The returned reference is only valid for the lifetime of this + * object. The returned reference is a pointer to a struct. + */ + virtual CERT_SIGNED_CONTENT_INFO* getCert() const = 0; + }; +} #endif #endif From 360adf4a7f0820d339722ce5dad2390fad212231 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 18:45:44 +0200 Subject: [PATCH 26/28] Remove unused DHParams --- cpp/include/IceSSL/SChannel.h | 1 - cpp/src/IceSSL/OpenSSLUtil.cpp | 171 --------------------------------- cpp/src/IceSSL/OpenSSLUtil.h | 31 ------ 3 files changed, 203 deletions(-) diff --git a/cpp/include/IceSSL/SChannel.h b/cpp/include/IceSSL/SChannel.h index a549de3a960..f6378b589f1 100644 --- a/cpp/include/IceSSL/SChannel.h +++ b/cpp/include/IceSSL/SChannel.h @@ -62,7 +62,6 @@ namespace IceSSL::SChannel */ virtual CERT_SIGNED_CONTENT_INFO* getCert() const = 0; }; - } #endif diff --git a/cpp/src/IceSSL/OpenSSLUtil.cpp b/cpp/src/IceSSL/OpenSSLUtil.cpp index 66e5c752494..979c9de5d34 100644 --- a/cpp/src/IceSSL/OpenSSLUtil.cpp +++ b/cpp/src/IceSSL/OpenSSLUtil.cpp @@ -19,177 +19,6 @@ using namespace std; -namespace -{ -#ifndef OPENSSL_NO_DH - - // - // The following arrays are predefined Diffie Hellman group parameters. - // It is highly recommended that applications provide their own Diffie - // Hellman parameters. - // - - static DH* convertDH(const unsigned char* buf, int len) { return d2i_DHparams(0, &buf, len); } - - unsigned char dh512[] = {0x30, 0x46, 0x02, 0x41, 0x00, 0xa0, 0xf5, 0x3d, 0x77, 0xbd, 0x03, 0x3e, 0xa2, 0x45, 0xa6, - 0xa5, 0xe7, 0x5a, 0xfd, 0xad, 0x05, 0x1e, 0x8b, 0x07, 0x63, 0x2a, 0x6a, 0xe7, 0xab, 0x91, - 0xec, 0xaf, 0x2a, 0x48, 0x96, 0xda, 0xc5, 0x29, 0x47, 0x8e, 0xf7, 0x29, 0x0b, 0x9c, 0x1d, - 0x0e, 0x2d, 0xdb, 0x1e, 0xff, 0x92, 0x09, 0xdf, 0x9f, 0xf7, 0x28, 0xcd, 0xe3, 0x86, 0x06, - 0x78, 0x9d, 0xa6, 0xe2, 0x32, 0x43, 0x2d, 0x8d, 0xeb, 0x02, 0x01, 0x02}; - - unsigned char dh1024[] = { - 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0xc4, 0x74, 0xb0, 0x83, 0x04, 0x83, 0x17, 0x7b, 0x41, 0xb1, 0xff, - 0xe8, 0xd7, 0x3e, 0x0e, 0xa4, 0xd9, 0xdb, 0x44, 0x47, 0xc9, 0xf7, 0xe7, 0x46, 0x75, 0xcd, 0x0d, 0x05, 0x8a, - 0xde, 0x9f, 0x35, 0x67, 0xa3, 0x46, 0x95, 0xa2, 0x54, 0x59, 0xd4, 0x04, 0xeb, 0x5a, 0x30, 0x74, 0xab, 0xc2, - 0x3c, 0x6d, 0xaf, 0x62, 0x70, 0x97, 0xf2, 0x2a, 0xd3, 0xff, 0xe3, 0x93, 0xf1, 0x4c, 0x51, 0x41, 0x48, 0x5b, - 0x9e, 0x72, 0xf9, 0x2c, 0xe2, 0x3c, 0xd8, 0x44, 0x99, 0xec, 0xf6, 0x90, 0x31, 0x9f, 0xe5, 0x15, 0x86, 0xd3, - 0x96, 0x87, 0x96, 0x1e, 0x16, 0xc1, 0x71, 0xd1, 0x31, 0xa0, 0x3a, 0xcb, 0xf0, 0xab, 0xe5, 0x8b, 0x81, 0x93, - 0x98, 0x6d, 0xfc, 0x4e, 0x38, 0x68, 0xf5, 0x2c, 0x90, 0x13, 0x80, 0xa4, 0x23, 0xe1, 0x6b, 0xb9, 0x02, 0x7e, - 0x77, 0x45, 0x24, 0xdf, 0x89, 0x81, 0xb3, 0xae, 0x1b, 0x02, 0x01, 0x02}; - - unsigned char dh2048[] = { - 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0x81, 0x36, 0x57, 0x4d, 0x5b, 0xbe, 0xe6, 0x70, 0x6d, - 0xd7, 0x1f, 0x69, 0x85, 0x29, 0x4a, 0x3c, 0xe2, 0x60, 0x73, 0x61, 0x82, 0x57, 0xd0, 0xd0, 0x13, 0x93, 0xf4, - 0xeb, 0x29, 0x9c, 0xfb, 0x35, 0x55, 0x39, 0x47, 0x8d, 0x26, 0xa7, 0x6b, 0x2c, 0x40, 0xc1, 0xd0, 0x69, 0xf6, - 0xc0, 0x0e, 0x0e, 0x5c, 0x6e, 0xae, 0xab, 0x40, 0x4d, 0xdf, 0x3a, 0xfb, 0x21, 0x47, 0x04, 0xbb, 0x10, 0x40, - 0x51, 0xaf, 0x7d, 0x6a, 0xc7, 0x1d, 0x1f, 0x0d, 0xbd, 0x34, 0xa7, 0x48, 0xff, 0x9e, 0xc2, 0x70, 0x3a, 0x00, - 0x68, 0x0f, 0x61, 0xd8, 0x80, 0xeb, 0x73, 0x4b, 0xe3, 0x02, 0x9b, 0xbb, 0x9c, 0x29, 0x23, 0x44, 0xb2, 0xaa, - 0x73, 0xea, 0x56, 0xee, 0x46, 0xa3, 0x70, 0xe1, 0xd6, 0x8b, 0x6c, 0x5f, 0xe1, 0xce, 0x57, 0x21, 0xe3, 0xd3, - 0x35, 0x3d, 0xa9, 0xe1, 0x89, 0x64, 0x52, 0x02, 0xbb, 0x44, 0x52, 0x04, 0xba, 0x22, 0x70, 0x56, 0x52, 0x6b, - 0x95, 0x85, 0xa8, 0x3e, 0x21, 0x6a, 0xbf, 0x5b, 0x22, 0x1c, 0x6c, 0x49, 0xbb, 0xf5, 0x97, 0x38, 0x33, 0xef, - 0x7e, 0xf8, 0x37, 0x73, 0xd8, 0x4a, 0xd5, 0xfe, 0xfd, 0xb7, 0x12, 0x62, 0xe1, 0xa9, 0xdd, 0x98, 0xc0, 0xa0, - 0x0f, 0xf8, 0x52, 0x7a, 0xfe, 0x50, 0xd5, 0xa6, 0x18, 0xf1, 0x93, 0x90, 0xa4, 0x4d, 0x48, 0x65, 0xac, 0x93, - 0xbf, 0xeb, 0xaa, 0xbf, 0x46, 0xa2, 0x2f, 0xc6, 0xe7, 0xef, 0x0d, 0xec, 0x07, 0x39, 0x71, 0x98, 0xc7, 0xe3, - 0x24, 0xac, 0x81, 0x0f, 0xe2, 0x9a, 0xaf, 0x7e, 0x51, 0x54, 0x15, 0x09, 0xed, 0x47, 0x64, 0xfe, 0x0b, 0xaf, - 0x9a, 0x5f, 0x36, 0xa2, 0x0c, 0x36, 0x2b, 0x59, 0x58, 0x88, 0xa2, 0xf6, 0xa0, 0x5c, 0x4a, 0x9f, 0x58, 0xf2, - 0x51, 0x47, 0x39, 0xdd, 0xc8, 0xd1, 0x77, 0xd3, 0x5f, 0x3f, 0x73, 0x1b, 0xa3, 0x02, 0x01, 0x02}; - - unsigned char dh4096[] = { - 0x30, 0x82, 0x02, 0x08, 0x02, 0x82, 0x02, 0x01, 0x00, 0x9e, 0x50, 0x2b, 0x53, 0x42, 0x4d, 0x05, 0xa8, 0xbf, - 0xd0, 0x22, 0x4d, 0xd3, 0xb1, 0x54, 0x01, 0x0e, 0xab, 0xe6, 0x6e, 0x65, 0xf4, 0xb2, 0x1f, 0x95, 0x6a, 0xc9, - 0xe7, 0xf5, 0x9c, 0x14, 0xe9, 0x43, 0xa3, 0x96, 0x5f, 0x2e, 0x3a, 0x5e, 0x85, 0x4d, 0x2a, 0xaa, 0xe3, 0xf9, - 0x4a, 0x46, 0x14, 0xab, 0xc6, 0x6e, 0x15, 0x6b, 0x63, 0x1d, 0xed, 0x34, 0x73, 0x54, 0xf3, 0xa6, 0x79, 0xcb, - 0xb8, 0x67, 0x9e, 0xf8, 0xb2, 0x9a, 0x27, 0x6e, 0x61, 0x51, 0xaf, 0x37, 0xf4, 0x67, 0xad, 0x14, 0x79, 0x53, - 0x62, 0x0c, 0xf4, 0x26, 0x14, 0x92, 0xf8, 0x30, 0x32, 0xe2, 0x36, 0x85, 0x4e, 0x80, 0x49, 0xc2, 0x95, 0x4f, - 0x92, 0x18, 0x04, 0x8c, 0x20, 0xa3, 0xf0, 0x3a, 0x04, 0xc5, 0x6c, 0xf0, 0xc7, 0xd4, 0xb8, 0xd9, 0xaf, 0xeb, - 0x46, 0xe2, 0x1d, 0xbc, 0xf7, 0xa5, 0x49, 0xf6, 0xa0, 0x33, 0xf9, 0x0d, 0x6a, 0xcc, 0x4d, 0xec, 0xee, 0xc6, - 0xd5, 0xd7, 0xf3, 0x97, 0x05, 0x8c, 0x56, 0x65, 0xfa, 0x73, 0xae, 0x47, 0x02, 0xcd, 0x89, 0xc1, 0xef, 0xe4, - 0x15, 0x61, 0x6e, 0x8e, 0x49, 0xfa, 0x5f, 0xa4, 0x3c, 0x07, 0x06, 0xb8, 0x5f, 0x16, 0xa5, 0x99, 0xa7, 0x0e, - 0xa2, 0xb1, 0x6a, 0xa6, 0x57, 0x96, 0x52, 0xe2, 0x23, 0x4b, 0x06, 0xb5, 0xe1, 0x8c, 0x98, 0x4f, 0x19, 0xb4, - 0x2b, 0x48, 0xdf, 0xb8, 0xb0, 0xcd, 0xa2, 0x13, 0xba, 0xc7, 0xbf, 0x79, 0xf3, 0x5e, 0xe0, 0x49, 0xb8, 0x8e, - 0x28, 0x4b, 0x10, 0xd9, 0x6c, 0x87, 0x84, 0xf8, 0xde, 0x70, 0x47, 0x82, 0x61, 0x0c, 0x1c, 0xb0, 0xf8, 0x55, - 0xde, 0xd4, 0xb8, 0xe8, 0x96, 0xa9, 0x2c, 0x0d, 0xcd, 0x29, 0x19, 0x4e, 0x15, 0x4a, 0xaa, 0xa0, 0x58, 0xfb, - 0xd6, 0x20, 0xbd, 0x24, 0x52, 0x2c, 0x3f, 0x18, 0xab, 0x9d, 0x39, 0x21, 0xf5, 0x4c, 0xa5, 0x47, 0x72, 0x10, - 0xce, 0x7b, 0x27, 0x94, 0x0f, 0x58, 0xe7, 0x3a, 0x2c, 0x8a, 0xf0, 0x8c, 0x1e, 0x56, 0xdc, 0x36, 0xa7, 0x40, - 0x17, 0xab, 0x8e, 0x8c, 0x34, 0xe2, 0x5d, 0xb2, 0xde, 0x95, 0x5e, 0x90, 0x03, 0x1c, 0xc8, 0x12, 0x0a, 0x83, - 0x25, 0x25, 0x8b, 0xdd, 0x49, 0x3a, 0x6b, 0x57, 0x12, 0x54, 0xe1, 0x3c, 0xe8, 0x7e, 0x23, 0x8c, 0x4c, 0x5f, - 0x2d, 0x4c, 0xe8, 0x6e, 0x31, 0x8f, 0x9d, 0xb8, 0x2e, 0x30, 0xf4, 0x7f, 0x8a, 0x1f, 0xc9, 0x1d, 0x12, 0xe0, - 0x86, 0x5d, 0x6c, 0x3d, 0xcf, 0x35, 0x30, 0x2f, 0xcb, 0xac, 0x86, 0xaf, 0x5c, 0x00, 0x72, 0xac, 0x88, 0xe8, - 0x52, 0x9a, 0x0b, 0x93, 0xe7, 0x66, 0xae, 0x6e, 0x49, 0x82, 0x2c, 0x92, 0x18, 0x9c, 0x91, 0x86, 0x4f, 0xc9, - 0x3c, 0x23, 0x2e, 0xff, 0xff, 0xe5, 0xec, 0x1a, 0x8f, 0x9a, 0x54, 0x5b, 0x42, 0xb4, 0x1e, 0x63, 0x63, 0xed, - 0x99, 0x5c, 0x51, 0xe2, 0x02, 0xed, 0x18, 0x81, 0x25, 0xc6, 0xc6, 0xaf, 0x62, 0xf6, 0x09, 0x9b, 0xd4, 0x36, - 0x34, 0x42, 0x0d, 0x11, 0xe9, 0x95, 0x31, 0x0c, 0x71, 0x43, 0xd8, 0x24, 0xf2, 0xe2, 0x1e, 0x17, 0xc1, 0xae, - 0x06, 0x13, 0x1d, 0xde, 0xbf, 0xe6, 0x62, 0x1a, 0xc2, 0x0f, 0x2d, 0xf5, 0x5c, 0xf3, 0x09, 0x62, 0x6f, 0x64, - 0x3b, 0xad, 0x33, 0xce, 0xd3, 0xbd, 0x4c, 0x2c, 0x44, 0x1e, 0x16, 0x06, 0x1e, 0xdb, 0x01, 0xa1, 0xd7, 0x82, - 0x83, 0xa3, 0x39, 0x0b, 0xc7, 0x61, 0x6c, 0xa6, 0x23, 0xfb, 0x40, 0xa0, 0x3b, 0xdf, 0x35, 0xab, 0x4f, 0xed, - 0x04, 0x16, 0x42, 0x6c, 0x8f, 0x5b, 0x9a, 0xcd, 0x07, 0x03, 0xca, 0x35, 0x42, 0x58, 0xef, 0xca, 0xcd, 0x6d, - 0x8b, 0xd9, 0x96, 0x43, 0xa2, 0x13, 0x18, 0xc1, 0x21, 0x50, 0xc2, 0xf5, 0xab, 0x6b, 0xdc, 0xf4, 0x5b, 0x02, - 0x01, 0x02}; -} - -IceSSL::OpenSSL::DHParams::DHParams() : _dh512(0), _dh1024(0), _dh2048(0), _dh4096(0) {} - -IceSSL::OpenSSL::DHParams::~DHParams() -{ - for (ParamList::iterator p = _params.begin(); p != _params.end(); ++p) - { - DH_free(p->second); - } - DH_free(_dh512); - DH_free(_dh1024); - DH_free(_dh2048); - DH_free(_dh4096); -} - -bool -IceSSL::OpenSSL::DHParams::add(int keyLength, const string& file) -{ - BIO* bio = BIO_new(BIO_s_file()); - if (BIO_read_filename(bio, file.c_str()) <= 0) - { - BIO_free(bio); - return false; - } - DH* dh = PEM_read_bio_DHparams(bio, 0, 0, 0); - BIO_free(bio); - if (!dh) - { - return false; - } - ParamList::iterator p = _params.begin(); - while (p != _params.end() && keyLength > p->first) - { - ++p; - } - _params.insert(p, KeyParamPair(keyLength, dh)); - return true; -} - -DH* -IceSSL::OpenSSL::DHParams::get(int keyLength) -{ - // - // First check the set of parameters specified by the user. - // Return the first set whose key length is at least keyLength. - // - for (ParamList::iterator p = _params.begin(); p != _params.end(); ++p) - { - if (p->first >= keyLength) - { - return p->second; - } - } - - // - // No match found. Use one of the predefined parameter sets instead. - // - lock_guard lock(_mutex); - if (keyLength >= 4096) - { - if (!_dh4096) - { - _dh4096 = convertDH(dh4096, (int)sizeof(dh4096)); - } - return _dh4096; - } - else if (keyLength >= 2048) - { - if (!_dh2048) - { - _dh2048 = convertDH(dh2048, (int)sizeof(dh2048)); - } - return _dh2048; - } - else if (keyLength >= 1024) - { - if (!_dh1024) - { - _dh1024 = convertDH(dh1024, (int)sizeof(dh1024)); - } - return _dh1024; - } - else - { - if (!_dh512) - { - _dh512 = convertDH(dh512, (int)sizeof(dh512)); - } - return _dh512; - } -} - -#endif - string IceSSL::OpenSSL::getSslErrors(bool verbose) { diff --git a/cpp/src/IceSSL/OpenSSLUtil.h b/cpp/src/IceSSL/OpenSSLUtil.h index a334f405199..e0f1f73af84 100644 --- a/cpp/src/IceSSL/OpenSSLUtil.h +++ b/cpp/src/IceSSL/OpenSSLUtil.h @@ -7,42 +7,11 @@ #include -#include -#include -#include #include namespace IceSSL::OpenSSL { -#ifndef OPENSSL_NO_DH - - class DHParams - { - public: - DHParams(); - ~DHParams(); - - bool add(int, const std::string&); - DH* get(int); - - private: - typedef std::pair KeyParamPair; - typedef std::list ParamList; - ParamList _params; - std::mutex _mutex; - - DH* _dh512; - DH* _dh1024; - DH* _dh2048; - DH* _dh4096; - }; - using DHParamsPtr = std::shared_ptr; - -#endif - - // // Accumulate the OpenSSL error stack into a string. - // std::string getSslErrors(bool); } From d0199550513922d3d05de905e8e758c2988e06bb Mon Sep 17 00:00:00 2001 From: Joe George Date: Thu, 11 Apr 2024 13:28:02 -0400 Subject: [PATCH 27/28] Ice.ServerIdleTime test fixes (#2041) - Remove the random usage in the tests - Adds a test to exercise Ice.ServerIdleTime - Fix a few selector bugs Closes #2025 --- .github/workflows/ci.yml | 2 +- cpp/src/Ice/Selector.cpp | 16 ++++++++-------- cpp/test/Ice/adapterDeactivation/AllTests.cpp | 17 +++++++++++++++++ cpp/test/Ice/faultTolerance/Server.cpp | 10 +--------- cpp/test/IceGrid/activation/application.xml | 15 +++++---------- cpp/test/IceGrid/replication/application.xml | 3 +-- csharp/test/Ice/adapterDeactivation/AllTests.cs | 17 +++++++++++++++++ csharp/test/Ice/binding/Server.cs | 4 +--- csharp/test/Ice/dispatcher/Server.cs | 1 - csharp/test/Ice/enums/Server.cs | 4 +--- csharp/test/Ice/faultTolerance/Server.cs | 1 - .../test/Ice/adapterDeactivation/AllTests.java | 15 +++++++++++++++ .../java/test/Ice/faultTolerance/Server.java | 1 - python/test/Ice/faultTolerance/Server.py | 7 ------- swift/test/Ice/binding/Server.swift | 3 --- 15 files changed, 67 insertions(+), 49 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f3ccb3c4fa0..c2f20225042 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,7 +35,7 @@ jobs: - os: macos-14 language: cpp name: "xcodesdk" - make_flags: "CONFIGS=xcodesdk PLATFORMS='iphonesimulator'" + make_flags: "CONFIGS=xcodesdk PLATFORMS=iphonesimulator" test_flags: "--config=xcodesdk --platform=iphonesimulator --controller-app" - os: ubuntu-latest diff --git a/cpp/src/Ice/Selector.cpp b/cpp/src/Ice/Selector.cpp index 39d72923695..fa78615c25a 100644 --- a/cpp/src/Ice/Selector.cpp +++ b/cpp/src/Ice/Selector.cpp @@ -639,7 +639,10 @@ Selector::select(int timeout) } else if (timeout > 0) { + // kpoll and select use seconds, epoll and poll use milliseconds +# if !defined(ICE_USE_KQUEUE) && !defined(ICE_USE_SELECT) timeout = timeout * 1000; +# endif } else { @@ -655,14 +658,12 @@ Selector::select(int timeout) assert(!_events.empty()); if (timeout >= 0) { - struct timespec ts; - ts.tv_sec = timeout; - ts.tv_nsec = 0; - _count = kevent(_queueFd, 0, 0, &_events[0], static_cast(_events.size()), &ts); + timespec ts{.tv_sec = timeout, .tv_nsec = 0}; + _count = kevent(_queueFd, nullptr, 0, &_events[0], static_cast(_events.size()), &ts); } else { - _count = kevent(_queueFd, 0, 0, &_events[0], static_cast(_events.size()), 0); + _count = kevent(_queueFd, nullptr, 0, &_events[0], static_cast(_events.size()), nullptr); } # elif defined(ICE_USE_SELECT) fd_set* rFdSet = fdSetCopy(_selectedReadFdSet, _readFdSet); @@ -670,9 +671,7 @@ Selector::select(int timeout) fd_set* eFdSet = fdSetCopy(_selectedErrorFdSet, _errorFdSet); if (timeout >= 0) { - struct timeval tv; - tv.tv_sec = timeout; - tv.tv_usec = 0; + timespec ts{.tv_sec = timeout, .tv_nsec = 0}; _count = ::select(0, rFdSet, wFdSet, eFdSet, &tv); // The first parameter is ignored on Windows } else @@ -1394,6 +1393,7 @@ Selector::select(int timeout) { break; } + throw SelectorTimeoutException(); } else { diff --git a/cpp/test/Ice/adapterDeactivation/AllTests.cpp b/cpp/test/Ice/adapterDeactivation/AllTests.cpp index afc954a19d3..0e6748e8c81 100644 --- a/cpp/test/Ice/adapterDeactivation/AllTests.cpp +++ b/cpp/test/Ice/adapterDeactivation/AllTests.cpp @@ -184,4 +184,21 @@ allTests(Test::TestHelper* helper) { cout << "ok" << endl; } + cout << "testing server idle time..." << flush; + { + InitializationData idleInitData; + idleInitData.properties = communicator->getProperties()->clone(); + idleInitData.properties->setProperty("Ice.ServerIdleTime", "1"); +#ifdef _WIN32 + // With our Windows implementation, the thread pool threads have to be idle first before server idle time is + // checked + idleInitData.properties->setProperty("Ice.ThreadPool.Server.ThreadIdleTime", "1"); +#endif + CommunicatorHolder idleCommunicator(idleInitData); + // The server thread pool is started lazily so we need to create an object adapter and activate it. + ObjectAdapterPtr idleOA = idleCommunicator->createObjectAdapterWithEndpoints("IdleOA", "tcp -h 127.0.0.1"); + idleOA->activate(); + idleCommunicator->waitForShutdown(); + } + cout << "ok" << endl; } diff --git a/cpp/test/Ice/faultTolerance/Server.cpp b/cpp/test/Ice/faultTolerance/Server.cpp index 055d79b1e6d..7e3429dbdde 100644 --- a/cpp/test/Ice/faultTolerance/Server.cpp +++ b/cpp/test/Ice/faultTolerance/Server.cpp @@ -19,15 +19,7 @@ class Server : public Test::TestHelper void Server::run(int argc, char** argv) { - // - // In this test, we need a longer server idle time, otherwise - // our test servers may time out before they are used in the - // test. - // - Ice::PropertiesPtr properties = createTestProperties(argc, argv); - properties->setProperty("Ice.ServerIdleTime", "120"); // Two minutes. - - Ice::CommunicatorHolder communicator = initialize(argc, argv, properties); + Ice::CommunicatorHolder communicator = initialize(argc, argv); int port = 0; for (int i = 1; i < argc; ++i) diff --git a/cpp/test/IceGrid/activation/application.xml b/cpp/test/IceGrid/activation/application.xml index 3365a019ce5..9efdec3ec71 100644 --- a/cpp/test/IceGrid/activation/application.xml +++ b/cpp/test/IceGrid/activation/application.xml @@ -9,10 +9,7 @@ - + @@ -32,8 +29,7 @@ - + @@ -47,8 +43,7 @@ - + @@ -58,8 +53,8 @@ - - + + diff --git a/cpp/test/IceGrid/replication/application.xml b/cpp/test/IceGrid/replication/application.xml index 90d49611212..47145d7784d 100644 --- a/cpp/test/IceGrid/replication/application.xml +++ b/cpp/test/IceGrid/replication/application.xml @@ -12,8 +12,7 @@ - + diff --git a/csharp/test/Ice/adapterDeactivation/AllTests.cs b/csharp/test/Ice/adapterDeactivation/AllTests.cs index 6dc0cbd1efb..e6e70595283 100644 --- a/csharp/test/Ice/adapterDeactivation/AllTests.cs +++ b/csharp/test/Ice/adapterDeactivation/AllTests.cs @@ -197,6 +197,23 @@ public class AllTests : global::Test.AllTests output.WriteLine("ok"); } + output.Write("testing server idle time..."); + output.Flush(); + { + Ice.InitializationData initData = new Ice.InitializationData() + { + properties = communicator.getProperties().ice_clone_(), + }; + initData.properties.setProperty("Ice.ServerIdleTime", "1"); + // The thread pool threads have to be idle first before server idle time is checked. + initData.properties.setProperty("Ice.ThreadPool.Server.ThreadIdleTime", "1"); + using Ice.Communicator idleCommunicator = Ice.Util.initialize(initData); + ObjectAdapter idleOA = idleCommunicator.createObjectAdapterWithEndpoints("IdleAdapter", "tcp -h 127.0.0.1 "); + idleOA.activate(); + idleCommunicator.waitForShutdown(); + } + output.WriteLine("ok"); + return obj; } } diff --git a/csharp/test/Ice/binding/Server.cs b/csharp/test/Ice/binding/Server.cs index f16c4c897d5..cff12687ae8 100644 --- a/csharp/test/Ice/binding/Server.cs +++ b/csharp/test/Ice/binding/Server.cs @@ -10,9 +10,7 @@ public class Server : TestHelper { public override void run(string[] args) { - Ice.Properties properties = createTestProperties(ref args); - properties.setProperty("Ice.ServerIdleTime", "30"); - using (var communicator = initialize(properties)) + using (var communicator = initialize(ref args)) { communicator.getProperties().setProperty("TestAdapter.Endpoints", getTestEndpoint(0)); Ice.ObjectAdapter adapter = communicator.createObjectAdapter("TestAdapter"); diff --git a/csharp/test/Ice/dispatcher/Server.cs b/csharp/test/Ice/dispatcher/Server.cs index 7de3897ad79..dd062cf7c19 100644 --- a/csharp/test/Ice/dispatcher/Server.cs +++ b/csharp/test/Ice/dispatcher/Server.cs @@ -14,7 +14,6 @@ public override void run(string[] args) { Ice.InitializationData initData = new Ice.InitializationData(); initData.properties = createTestProperties(ref args); - initData.properties.setProperty("Ice.ServerIdleTime", "30"); // // Limit the recv buffer size, this test relies on the socket // send() blocking after sending a given amount of data. diff --git a/csharp/test/Ice/enums/Server.cs b/csharp/test/Ice/enums/Server.cs index 178625f1f1d..0cca450ffe6 100644 --- a/csharp/test/Ice/enums/Server.cs +++ b/csharp/test/Ice/enums/Server.cs @@ -10,9 +10,7 @@ public class Server : TestHelper { public override void run(string[] args) { - Ice.Properties properties = createTestProperties(ref args); - properties.setProperty("Ice.ServerIdleTime", "30"); - using (var communicator = initialize(properties)) + using (var communicator = initialize(ref args)) { communicator.getProperties().setProperty("TestAdapter.Endpoints", getTestEndpoint(0)); Ice.ObjectAdapter adapter = communicator.createObjectAdapter("TestAdapter"); diff --git a/csharp/test/Ice/faultTolerance/Server.cs b/csharp/test/Ice/faultTolerance/Server.cs index 9245be5288a..6722b5d92b3 100644 --- a/csharp/test/Ice/faultTolerance/Server.cs +++ b/csharp/test/Ice/faultTolerance/Server.cs @@ -13,7 +13,6 @@ public class Server : Test.TestHelper public override void run(string[] args) { Ice.Properties properties = createTestProperties(ref args); - properties.setProperty("Ice.ServerIdleTime", "120"); int port = 0; for (int i = 0; i < args.Length; i++) { diff --git a/java/test/src/main/java/test/Ice/adapterDeactivation/AllTests.java b/java/test/src/main/java/test/Ice/adapterDeactivation/AllTests.java index e8317b907fa..d4770b5ef5b 100644 --- a/java/test/src/main/java/test/Ice/adapterDeactivation/AllTests.java +++ b/java/test/src/main/java/test/Ice/adapterDeactivation/AllTests.java @@ -200,6 +200,21 @@ public static TestIntfPrx allTests(test.TestHelper helper) { out.flush(); } + out.print("testing server idle time..."); + out.flush(); + { + com.zeroc.Ice.InitializationData initData = new com.zeroc.Ice.InitializationData(); + initData.properties = communicator.getProperties()._clone(); + initData.properties.setProperty("Ice.ServerIdleTime", "1"); + try (com.zeroc.Ice.Communicator idleCommunicator = com.zeroc.Ice.Util.initialize(initData)) { + com.zeroc.Ice.ObjectAdapter adapter = + idleCommunicator.createObjectAdapterWithEndpoints("IdleAdapter", "tcp -h 127.0.0.1"); + adapter.activate(); + idleCommunicator.waitForShutdown(); + } + } + out.println("ok"); + return obj; } } diff --git a/java/test/src/main/java/test/Ice/faultTolerance/Server.java b/java/test/src/main/java/test/Ice/faultTolerance/Server.java index 7a5d3089a3a..e050b45c166 100644 --- a/java/test/src/main/java/test/Ice/faultTolerance/Server.java +++ b/java/test/src/main/java/test/Ice/faultTolerance/Server.java @@ -15,7 +15,6 @@ public void run(String[] args) { java.util.List remainingArgs = new java.util.ArrayList(); com.zeroc.Ice.Properties properties = createTestProperties(args, remainingArgs); properties.setProperty("Ice.Package.Test", "test.Ice.faultTolerance"); - properties.setProperty("Ice.ServerIdleTime", "120"); try (com.zeroc.Ice.Communicator communicator = initialize(properties)) { int port = 0; PrintWriter out = getWriter(); diff --git a/python/test/Ice/faultTolerance/Server.py b/python/test/Ice/faultTolerance/Server.py index 393b109cad7..9dbfb25fef1 100755 --- a/python/test/Ice/faultTolerance/Server.py +++ b/python/test/Ice/faultTolerance/Server.py @@ -29,13 +29,6 @@ def pid(self, current=None): class Server(TestHelper): def run(self, args): properties = self.createTestProperties(args) - # - # In this test, we need a longer server idle time, otherwise - # our test servers may time out before they are used in the - # test. - # - properties.setProperty("Ice.ServerIdleTime", "120") # Two minutes. - port = 0 for arg in args: if arg[0] == "-": diff --git a/swift/test/Ice/binding/Server.swift b/swift/test/Ice/binding/Server.swift index c5ea646436f..7ec120329e8 100644 --- a/swift/test/Ice/binding/Server.swift +++ b/swift/test/Ice/binding/Server.swift @@ -8,9 +8,6 @@ import TestCommon class Server: TestHelperI { override public func run(args: [String]) throws { - let properties = try createTestProperties(args) - properties.setProperty(key: "Ice.ServerIdleTime", value: "30") - let communicator = try initialize(args) defer { communicator.destroy() From fbf42cc0782815fd36cebf11aa000f7b2422e417 Mon Sep 17 00:00:00 2001 From: Jose Date: Fri, 12 Apr 2024 18:58:28 +0200 Subject: [PATCH 28/28] Solve conflicts --- cpp/src/IceSSL/OpenSSLTransceiverI.h | 1 + cpp/src/IceSSL/SChannelTransceiverI.h | 1 + cpp/src/IceSSL/SecureTransportTransceiverI.h | 1 + 3 files changed, 3 insertions(+) diff --git a/cpp/src/IceSSL/OpenSSLTransceiverI.h b/cpp/src/IceSSL/OpenSSLTransceiverI.h index a4cb481b3a2..9a6a97e7370 100644 --- a/cpp/src/IceSSL/OpenSSLTransceiverI.h +++ b/cpp/src/IceSSL/OpenSSLTransceiverI.h @@ -40,6 +40,7 @@ namespace IceSSL::OpenSSL void startRead(IceInternal::Buffer&) final; void finishRead(IceInternal::Buffer&) final; #endif + bool isWaitingToBeRead() const noexcept final; std::string protocol() const final; std::string toString() const final; std::string toDetailedString() const final; diff --git a/cpp/src/IceSSL/SChannelTransceiverI.h b/cpp/src/IceSSL/SChannelTransceiverI.h index 7ec61bccc4a..677ca0ed355 100644 --- a/cpp/src/IceSSL/SChannelTransceiverI.h +++ b/cpp/src/IceSSL/SChannelTransceiverI.h @@ -50,6 +50,7 @@ namespace IceSSL::SChannel void startRead(IceInternal::Buffer&) final; void finishRead(IceInternal::Buffer&) final; # endif + bool isWaitingToBeRead() const noexcept final; std::string protocol() const final; std::string toString() const final; std::string toDetailedString() const final; diff --git a/cpp/src/IceSSL/SecureTransportTransceiverI.h b/cpp/src/IceSSL/SecureTransportTransceiverI.h index 47f98dd1f93..f83fec20c6f 100644 --- a/cpp/src/IceSSL/SecureTransportTransceiverI.h +++ b/cpp/src/IceSSL/SecureTransportTransceiverI.h @@ -34,6 +34,7 @@ namespace IceSSL::SecureTransport IceInternal::SocketOperation write(IceInternal::Buffer&) final; IceInternal::SocketOperation read(IceInternal::Buffer&) final; + bool isWaitingToBeRead() const noexcept final; std::string protocol() const final; std::string toString() const final; std::string toDetailedString() const final;