diff --git a/cpp/src/Ice/SSL/OpenSSLEngine.h b/cpp/src/Ice/SSL/OpenSSLEngine.h index 7a0a693bd97..6203513cafc 100644 --- a/cpp/src/Ice/SSL/OpenSSLEngine.h +++ b/cpp/src/Ice/SSL/OpenSSLEngine.h @@ -23,10 +23,10 @@ namespace Ice::SSL::OpenSSL void initialize() final; void destroy() final; - std::string sslErrors() const; - std::string password() const { return _password; } - Ice::SSL::ClientAuthenticationOptions createClientAuthenticationOptions(const std::string&) const final; - Ice::SSL::ServerAuthenticationOptions createServerAuthenticationOptions() const final; + [[nodiscard]] std::string sslErrors() const; + [[nodiscard]] std::string password() const { return _password; } + [[nodiscard]] Ice::SSL::ClientAuthenticationOptions createClientAuthenticationOptions(const std::string&) const final; + [[nodiscard]] Ice::SSL::ServerAuthenticationOptions createServerAuthenticationOptions() const final; private: bool validationCallback(bool, X509_STORE_CTX*, const Ice::SSL::ConnectionInfoPtr&) const; diff --git a/cpp/src/Ice/SSL/OpenSSLTransceiverI.h b/cpp/src/Ice/SSL/OpenSSLTransceiverI.h index 6d7265cd59b..c1c70f51c82 100644 --- a/cpp/src/Ice/SSL/OpenSSLTransceiverI.h +++ b/cpp/src/Ice/SSL/OpenSSLTransceiverI.h @@ -37,17 +37,17 @@ namespace Ice::SSL::OpenSSL const Ice::SSL::ClientAuthenticationOptions&); ~TransceiverI(); - IceInternal::NativeInfoPtr getNativeInfo() final; + [[nodiscard]] IceInternal::NativeInfoPtr getNativeInfo() final; - IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; - IceInternal::SocketOperation closing(bool, std::exception_ptr) final; + [[nodiscard]] IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; + [[nodiscard]] IceInternal::SocketOperation closing(bool, std::exception_ptr) final; void close() final; - IceInternal::SocketOperation write(IceInternal::Buffer&) final; - IceInternal::SocketOperation read(IceInternal::Buffer&) final; - std::string protocol() const final; - std::string toString() const final; - std::string toDetailedString() const final; - Ice::ConnectionInfoPtr getInfo(bool incoming, std::string adapterName, std::string connectionId) const final; + [[nodiscard]] IceInternal::SocketOperation write(IceInternal::Buffer&) final; + [[nodiscard]] IceInternal::SocketOperation read(IceInternal::Buffer&) final; + [[nodiscard]] std::string protocol() const final; + [[nodiscard]] std::string toString() const final; + [[nodiscard]] std::string toDetailedString() const final; + [[nodiscard]] Ice::ConnectionInfoPtr getInfo(bool incoming, std::string adapterName, std::string connectionId) const final; void checkSendSize(const IceInternal::Buffer&) final; void setBufferSize(int rcvSize, int sndSize) final; diff --git a/cpp/src/Ice/SSL/SSLEngine.h b/cpp/src/Ice/SSL/SSLEngine.h index 9873ea41a1b..f70bb280464 100644 --- a/cpp/src/Ice/SSL/SSLEngine.h +++ b/cpp/src/Ice/SSL/SSLEngine.h @@ -27,11 +27,11 @@ namespace Ice::SSL SSLEngine(const IceInternal::InstancePtr&); ~SSLEngine(); - Ice::LoggerPtr getLogger() const; - Ice::PropertiesPtr getProperties() const; - Ice::InitializationData getInitializationData() const; + [[nodiscard]] Ice::LoggerPtr getLogger() const; + [[nodiscard]] Ice::PropertiesPtr getProperties() const; + [[nodiscard]] Ice::InitializationData getInitializationData() const; - IceInternal::InstancePtr instance() const { return _instance; } + [[nodiscard]] IceInternal::InstancePtr instance() const { return _instance; } // Setup the engine. virtual void initialize() = 0; @@ -42,15 +42,15 @@ namespace Ice::SSL // Verify peer certificate. virtual void verifyPeer(const ConnectionInfoPtr&) const; - virtual ClientAuthenticationOptions createClientAuthenticationOptions(const std::string&) const = 0; - virtual ServerAuthenticationOptions createServerAuthenticationOptions() const = 0; + [[nodiscard]] virtual ClientAuthenticationOptions createClientAuthenticationOptions(const std::string&) const = 0; + [[nodiscard]] virtual ServerAuthenticationOptions createServerAuthenticationOptions() const = 0; - bool getCheckCertName() const; - int getVerifyPeer() const; - int securityTraceLevel() const; - bool getRevocationCheckCacheOnly() const; - int getRevocationCheck() const; - std::string securityTraceCategory() const; + [[nodiscard]] bool getCheckCertName() const; + [[nodiscard]] int getVerifyPeer() const; + [[nodiscard]] int securityTraceLevel() const; + [[nodiscard]] bool getRevocationCheckCacheOnly() const; + [[nodiscard]] int getRevocationCheck() const; + [[nodiscard]] std::string securityTraceCategory() const; protected: mutable std::mutex _mutex; diff --git a/cpp/src/Ice/SSL/SchannelEngine.h b/cpp/src/Ice/SSL/SchannelEngine.h index 7642590cc4d..a7219e75a7c 100644 --- a/cpp/src/Ice/SSL/SchannelEngine.h +++ b/cpp/src/Ice/SSL/SchannelEngine.h @@ -35,11 +35,12 @@ namespace Ice::SSL::Schannel // void destroy() final; - std::string getCipherName(ALG_ID) const; + [[nodiscard]] std::string getCipherName(ALG_ID) const; - Ice::SSL::ClientAuthenticationOptions createClientAuthenticationOptions(const std::string&) const final; - Ice::SSL::ServerAuthenticationOptions createServerAuthenticationOptions() const final; - static bool + [[nodiscard]] Ice::SSL::ClientAuthenticationOptions + createClientAuthenticationOptions(const std::string&) const final; + [[nodiscard]] Ice::SSL::ServerAuthenticationOptions createServerAuthenticationOptions() const final; + [[nodiscard]] static bool validationCallback(HCERTCHAINENGINE chainEngine, CtxtHandle, bool, const std::string&, bool, int, bool); private: diff --git a/cpp/src/Ice/SSL/SchannelTransceiverI.h b/cpp/src/Ice/SSL/SchannelTransceiverI.h index 1e8621d6cb0..637c442dbaf 100644 --- a/cpp/src/Ice/SSL/SchannelTransceiverI.h +++ b/cpp/src/Ice/SSL/SchannelTransceiverI.h @@ -33,20 +33,21 @@ namespace Ice::SSL::Schannel const std::string&, const Ice::SSL::ClientAuthenticationOptions&); ~TransceiverI(); - IceInternal::NativeInfoPtr getNativeInfo() final; - IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; - IceInternal::SocketOperation closing(bool, std::exception_ptr) final; + [[nodiscard]] IceInternal::NativeInfoPtr getNativeInfo() final; + [[nodiscard]] IceInternal::SocketOperation initialize(IceInternal::Buffer&, IceInternal::Buffer&) final; + [[nodiscard]] IceInternal::SocketOperation closing(bool, std::exception_ptr) final; void close(); - IceInternal::SocketOperation write(IceInternal::Buffer&) final; - IceInternal::SocketOperation read(IceInternal::Buffer&) final; - bool startWrite(IceInternal::Buffer&) final; + [[nodiscard]] IceInternal::SocketOperation write(IceInternal::Buffer&) final; + [[nodiscard]] IceInternal::SocketOperation read(IceInternal::Buffer&) final; + [[nodiscard]] bool startWrite(IceInternal::Buffer&) final; void finishWrite(IceInternal::Buffer&) final; void startRead(IceInternal::Buffer&) final; void finishRead(IceInternal::Buffer&) final; - std::string protocol() const final; - std::string toString() const final; - std::string toDetailedString() const final; - Ice::ConnectionInfoPtr getInfo(bool incoming, std::string adapterName, std::string connectionId) const final; + [[nodiscard]] std::string protocol() const final; + [[nodiscard]] std::string toString() const final; + [[nodiscard]] std::string toDetailedString() const final; + [[nodiscard]] Ice::ConnectionInfoPtr + getInfo(bool incoming, std::string adapterName, std::string connectionId) const final; void checkSendSize(const IceInternal::Buffer&) final; void setBufferSize(int rcvSize, int sndSize) final; diff --git a/cpp/src/Ice/SSL/SecureTransportEngine.cpp b/cpp/src/Ice/SSL/SecureTransportEngine.cpp index 2c61dd093aa..752cd3f7fb6 100644 --- a/cpp/src/Ice/SSL/SecureTransportEngine.cpp +++ b/cpp/src/Ice/SSL/SecureTransportEngine.cpp @@ -562,7 +562,7 @@ SecureTransport::SSLEngine::SSLEngine(const IceInternal::InstancePtr& instance) { } -SecureTransport::SSLEngine::~SSLEngine() {} +SecureTransport::SSLEngine::~SSLEngine() = default; // // Setup the engine. @@ -681,6 +681,7 @@ SecureTransport::SSLEngine::createClientAuthenticationOptions(const string& host } return chain; }, + .sslNewSessionCallback = nullptr, .trustedRootCertificates = _certificateAuthorities.get(), .serverCertificateValidationCallback = [this, host](SecTrustRef trust, const Ice::SSL::ConnectionInfoPtr& info) { return validationCallback(trust, info, host); }}; @@ -706,10 +707,6 @@ SecureTransport::SSLEngine::createServerAuthenticationOptions() const // It is safe to capture 'this' in the callbacks below as SSLEngine is managed by the communicator // and is guaranteed to outlive all connections. return ServerAuthenticationOptions{ - .clientCertificateValidationCallback = [this](SecTrustRef trust, const Ice::SSL::ConnectionInfoPtr& info) - { return validationCallback(trust, info, ""); }, - .clientCertificateRequired = clientCertificateRequired, - .trustedRootCertificates = _certificateAuthorities.get(), .serverCertificateSelectionCallback = [this](const string&) { @@ -719,7 +716,12 @@ SecureTransport::SSLEngine::createServerAuthenticationOptions() const CFRetain(chain); } return chain; - }}; + }, + .sslNewSessionCallback = nullptr, + .clientCertificateRequired = clientCertificateRequired, + .trustedRootCertificates = _certificateAuthorities.get(), + .clientCertificateValidationCallback = [this](SecTrustRef trust, const Ice::SSL::ConnectionInfoPtr& info) + { return validationCallback(trust, info, ""); }}; } SSLContextRef diff --git a/cpp/src/Ice/SSL/SecureTransportEngine.h b/cpp/src/Ice/SSL/SecureTransportEngine.h index 3b5842580a6..fa6322daa15 100644 --- a/cpp/src/Ice/SSL/SecureTransportEngine.h +++ b/cpp/src/Ice/SSL/SecureTransportEngine.h @@ -27,12 +27,12 @@ namespace Ice::SSL::SecureTransport void initialize() final; void destroy() final; - Ice::SSL::ClientAuthenticationOptions createClientAuthenticationOptions(const std::string& host) const final; - Ice::SSL::ServerAuthenticationOptions createServerAuthenticationOptions() const final; - SSLContextRef newContext(bool) const; - bool validationCallback(SecTrustRef trust, const Ice::SSL::ConnectionInfoPtr&, const std::string&) const; + [[nodiscard]] Ice::SSL::ClientAuthenticationOptions createClientAuthenticationOptions(const std::string& host) const final; + [[nodiscard]] Ice::SSL::ServerAuthenticationOptions createServerAuthenticationOptions() const final; + [[nodiscard]] SSLContextRef newContext(bool) const; + [[nodiscard]] bool validationCallback(SecTrustRef trust, const Ice::SSL::ConnectionInfoPtr&, const std::string&) const; - std::string getCipherName(SSLCipherSuite) const; + [[nodiscard]] std::string getCipherName(SSLCipherSuite) const; private: IceInternal::UniqueRef _certificateAuthorities; diff --git a/cpp/src/Ice/SSL/SecureTransportTransceiverI.h b/cpp/src/Ice/SSL/SecureTransportTransceiverI.h index 54e1d79b571..c2b1abc1bab 100644 --- a/cpp/src/Ice/SSL/SecureTransportTransceiverI.h +++ b/cpp/src/Ice/SSL/SecureTransportTransceiverI.h @@ -44,15 +44,15 @@ namespace Ice::SSL::SecureTransport IceInternal::SocketOperation write(IceInternal::Buffer&) final; IceInternal::SocketOperation read(IceInternal::Buffer&) final; - std::string protocol() const final; - std::string toString() const final; - std::string toDetailedString() const final; - Ice::ConnectionInfoPtr getInfo(bool incoming, std::string adapterName, std::string connectionId) const final; + [[nodiscard]] std::string protocol() const final; + [[nodiscard]] std::string toString() const final; + [[nodiscard]] std::string toDetailedString() const final; + [[nodiscard]] Ice::ConnectionInfoPtr getInfo(bool incoming, std::string adapterName, std::string connectionId) const final; void checkSendSize(const IceInternal::Buffer&) final; void setBufferSize(int rcvSize, int sndSize) final; - OSStatus writeRaw(const std::byte*, size_t*) const; - OSStatus readRaw(std::byte*, size_t*) const; + [[nodiscard]] OSStatus writeRaw(const std::byte*, size_t*) const; + [[nodiscard]] OSStatus readRaw(std::byte*, size_t*) const; private: const InstancePtr _instance;