diff options
| author | Ruslan Makhmatkhanov <rm@FreeBSD.org> | 2013-06-17 11:42:41 +0000 |
|---|---|---|
| committer | Ruslan Makhmatkhanov <rm@FreeBSD.org> | 2013-06-17 11:42:41 +0000 |
| commit | 58e60f6909d832bb6100e9a168f002a14d4214ef (patch) | |
| tree | 3676c05fa6760a824faa9ecb99d28794fb4563c8 /devel/ice/files/patch-cpp-src-IceGrid-InternalRegistryI.cpp | |
| parent | Update dialog4ports to 0.1.5 (diff) | |
- update to 3.5.0
- add license (GPLv2)
- switch to bdb 5
- mark broken on 10.x for the time being (as it was discussed on ports@ ML)
- remove patches, applied upstream
This version of Ice brings many new features, e.g.
- New encoding version
- Metrics facility
- Optional data members and parameters
- Compact encoding for classes and exceptions
- Compact type IDs
- Preserved slices
- Custom enumerator values
- C++11 lambda functions
- Remote Update of Server Properties
- IPv6 now enabled by default
- Python 3 support
- Use Berkley DB 5
See http://doc.zeroc.com/display/Ice/Release+Notes for details.
PR: 179233
Submitted by: Michael Gmelin <freebsd@grem.de> (maintainer)
Tested by: Jaret Bartsch <jaretbartsch@yahoo.ca>
Notes
Notes:
svn path=/head/; revision=321096
Diffstat (limited to '')
| -rw-r--r-- | devel/ice/files/patch-cpp-src-IceGrid-InternalRegistryI.cpp | 136 |
1 files changed, 0 insertions, 136 deletions
diff --git a/devel/ice/files/patch-cpp-src-IceGrid-InternalRegistryI.cpp b/devel/ice/files/patch-cpp-src-IceGrid-InternalRegistryI.cpp deleted file mode 100644 index 2d402e2f2feb..000000000000 --- a/devel/ice/files/patch-cpp-src-IceGrid-InternalRegistryI.cpp +++ /dev/null @@ -1,136 +0,0 @@ ---- cpp.orig/src/IceGrid/InternalRegistryI.cpp 2011-06-15 21:43:59.000000000 +0200 -+++ cpp/src/IceGrid/InternalRegistryI.cpp 2012-03-04 19:55:44.000000000 +0100 -@@ -19,6 +19,8 @@ - #include <IceGrid/ReplicaSessionI.h> - #include <IceGrid/ReplicaSessionManager.h> - #include <IceGrid/FileCache.h> -+#include <IceSSL/IceSSL.h> -+#include <IceSSL/RFC2253.h> - - using namespace std; - using namespace IceGrid; -@@ -38,6 +40,8 @@ - Ice::PropertiesPtr properties = database->getCommunicator()->getProperties(); - _nodeSessionTimeout = properties->getPropertyAsIntWithDefault("IceGrid.Registry.NodeSessionTimeout", 30); - _replicaSessionTimeout = properties->getPropertyAsIntWithDefault("IceGrid.Registry.ReplicaSessionTimeout", 30); -+ _requireNodeCertCN = properties->getPropertyAsIntWithDefault("IceGrid.Registry.RequireNodeCertCN", 0); -+ _requireReplicaCertCN = properties->getPropertyAsIntWithDefault("IceGrid.Registry.RequireReplicaCertCN", 0); - } - - InternalRegistryI::~InternalRegistryI() -@@ -50,7 +54,56 @@ - const LoadInfo& load, - const Ice::Current& current) - { -- const Ice::LoggerPtr logger = _database->getTraceLevels()->logger; -+ const TraceLevelsPtr traceLevels = _database->getTraceLevels(); -+ const Ice::LoggerPtr logger = traceLevels->logger; -+ if(!info || !node) -+ { -+ return 0; -+ } -+ -+ if(_requireNodeCertCN) -+ { -+ try -+ { -+ IceSSL::ConnectionInfoPtr sslConnInfo = IceSSL::ConnectionInfoPtr::dynamicCast(current.con->getInfo()); -+ if(sslConnInfo) -+ { -+ if (sslConnInfo->certs.empty() || -+ !IceSSL::Certificate::decode(sslConnInfo->certs[0])->getSubjectDN().match("CN=" + info->name)) -+ { -+ if(traceLevels->node > 0) -+ { -+ Ice::Trace out(logger, traceLevels->nodeCat); -+ out << "certificate CN doesn't match node name `" << info->name << "'"; -+ } -+ throw PermissionDeniedException("certificate CN doesn't match node name `" + info->name + "'"); -+ } -+ } -+ else -+ { -+ if(traceLevels->node > 0) -+ { -+ Ice::Trace out(logger, traceLevels->nodeCat); -+ out << "node certificate for `" << info->name << "' is required to connect to this registry"; -+ } -+ throw PermissionDeniedException("node certificate is required to connect to this registry"); -+ } -+ } -+ catch(const PermissionDeniedException& ex) -+ { -+ throw ex; -+ } -+ catch(const IceUtil::Exception&) -+ { -+ if(traceLevels->node > 0) -+ { -+ Ice::Trace out(logger, traceLevels->nodeCat); -+ out << "unexpected exception while verifying certificate for node `" << info->name << "'"; -+ } -+ throw PermissionDeniedException("unable to verify certificate for node `" + info->name + "'"); -+ } -+ } -+ - try - { - NodeSessionIPtr session = new NodeSessionI(_database, node, info, _nodeSessionTimeout, load); -@@ -68,7 +121,56 @@ - const InternalRegistryPrx& prx, - const Ice::Current& current) - { -- const Ice::LoggerPtr logger = _database->getTraceLevels()->logger; -+ const TraceLevelsPtr traceLevels = _database->getTraceLevels(); -+ const Ice::LoggerPtr logger = traceLevels->logger; -+ if(!info || !prx) -+ { -+ return 0; -+ } -+ -+ if(_requireReplicaCertCN) -+ { -+ try -+ { -+ IceSSL::ConnectionInfoPtr sslConnInfo = IceSSL::ConnectionInfoPtr::dynamicCast(current.con->getInfo()); -+ if(sslConnInfo) -+ { -+ if (sslConnInfo->certs.empty() || -+ !IceSSL::Certificate::decode(sslConnInfo->certs[0])->getSubjectDN().match("CN=" + info->name)) -+ { -+ if(traceLevels->replica > 0) -+ { -+ Ice::Trace out(logger, traceLevels->replicaCat); -+ out << "certificate CN doesn't match replica name `" << info->name << "'"; -+ } -+ throw PermissionDeniedException("certificate CN doesn't match replica name `" + info->name + "'"); -+ } -+ } -+ else -+ { -+ if(traceLevels->replica > 0) -+ { -+ Ice::Trace out(logger, traceLevels->replicaCat); -+ out << "replica certificate for `" << info->name << "' is required to connect to this registry"; -+ } -+ throw PermissionDeniedException("replica certificate is required to connect to this registry"); -+ } -+ } -+ catch(const PermissionDeniedException& ex) -+ { -+ throw ex; -+ } -+ catch(const IceUtil::Exception&) -+ { -+ if(traceLevels->replica > 0) -+ { -+ Ice::Trace out(logger, traceLevels->replicaCat); -+ out << "unexpected exception while verifying certificate for replica `" << info->name << "'"; -+ } -+ throw PermissionDeniedException("unable to verify certificate for replica `" + info->name + "'"); -+ } -+ } -+ - try - { - ReplicaSessionIPtr s = new ReplicaSessionI(_database, _wellKnownObjects, info, prx, _replicaSessionTimeout); |