Rename IceSSL namespace to Ice::SSL

cpp/config/Make.xcodesdk.rules

@@ -67,6 +67,14 @@ $$(eval $$(call install-data-files,$$(wildcard include/IceUtil/*.h),include,\
         $(install_sdkdir)/$3.sdk/usr/include,$5_install))
 endif
 
+ifneq ($$(and $(filter Ice,$2),$(filter-out $(sdk_includedirs),$3-Ice/SSL)),)
+sdk_includedirs += $3-Ice/SSL
+$$(eval $$(call install-data-files,$$(wildcard include/Ice/SSL/*.h),include,\
+        $(top_srcdir)/sdk/$3.sdk/usr/include,$5))
+$$(eval $$(call install-data-files,$$(wildcard include/Ice/SSL/*.h),include,\
+        $(install_sdkdir)/$3.sdk/usr/include,$5_install))
+endif
+
 $5_clean::
 	$(Q)$(RM) -r $(top_srcdir)/sdk/$3.sdk/usr/include/$2
 

cpp/include/Ice/Communicator.h

@@ -15,7 +15,7 @@
 #include "Plugin.h"
 #include "Properties.h"
 #include "Proxy.h"
-#include "ServerAuthenticationOptions.h"
+#include "SSL/ServerAuthenticationOptions.h"
 
 #ifdef ICE_SWIFT
 #    include <dispatch/dispatch.h>

cpp/include/Ice/Ice.h

@@ -19,8 +19,6 @@
 
 // We don't need to see the following headers when building the generated code.
 
-#    include "Certificate.h"
-#    include "ClientAuthenticationOptions.h"
 #    include "Communicator.h"
 #    include "Connection.h"
 #    include "IconvStringConverter.h"
@@ -36,10 +34,12 @@
 #    include "Properties.h"
 #    include "ProxyFunctions.h"
 #    include "RegisterPlugins.h"
-#    include "SSLConnectionInfo.h"
-#    include "SSLEndpointInfo.h"
+#    include "SSL/Certificate.h"
+#    include "SSL/ClientAuthenticationOptions.h"
+#    include "SSL/ConnectionInfo.h"
+#    include "SSL/EndpointInfo.h"
+#    include "SSL/ServerAuthenticationOptions.h"
 #    include "ServantLocator.h"
-#    include "ServerAuthenticationOptions.h"
 #    include "SlicedData.h"
 #    include "StringConverter.h"
 #    include "UUID.h"

cpp/include/Ice/Initialize.h

@@ -6,7 +6,6 @@
 #define ICE_INITIALIZE_H
 
 #include "BatchRequest.h"
-#include "ClientAuthenticationOptions.h"
 #include "CommunicatorF.h"
 #include "Connection.h"
 #include "Ice/BuiltinSequences.h"
@@ -16,6 +15,7 @@
 #include "Logger.h"
 #include "Plugin.h"
 #include "PropertiesF.h"
+#include "SSL/ClientAuthenticationOptions.h"
 #include "ValueFactory.h"
 
 namespace Ice

cpp/include/Ice/Certificate.h → cpp/include/Ice/SSL/Certificate.h

@@ -2,21 +2,20 @@
 // Copyright (c) ZeroC, Inc. All rights reserved.
 //
 
-#ifndef ICE_CERTIFICATE_H
-#define ICE_CERTIFICATE_H
+#ifndef ICE_SSL_CERTIFICATE_H
+#define ICE_SSL_CERTIFICATE_H
 
-#include "Config.h"
-#include "Exception.h"
-#include "Plugin.h"
-#include "SSLConnectionInfoF.h"
+#include "../Config.h"
+#include "../Exception.h"
+#include "ConnectionInfoF.h"
 
 #include <chrono>
 #include <cstdint>
 #include <functional>
 #include <list>
 #include <vector>
 
-namespace IceSSL
+namespace Ice::SSL
 {
     /**
      * The key usage "digitalSignature" bit is set

cpp/include/Ice/ClientAuthenticationOptions.h → cpp/include/Ice/SSL/ClientAuthenticationOptions.h

@@ -5,8 +5,8 @@
 #ifndef ICE_SSL_CLIENT_AUTHENTICATION_OPTIONS_H
 #define ICE_SSL_CLIENT_AUTHENTICATION_OPTIONS_H
 
-#include "SSLConfig.h"
-#include "SSLConnectionInfo.h"
+#include "Config.h"
+#include "ConnectionInfo.h"
 
 #include <functional>
 
@@ -132,7 +132,7 @@ namespace Ice::SSL
          *   ...
          *   .clientAuthenticationOptions = ClientAuthenticationOptions{
          *     .serverCertificateValidationCallback =
-         *       [](SecTrustRef trust, const IceSSL::ConnectionInfoPtr& info)
+         *       [](SecTrustRef trust, const ConnectionInfoPtr& info)
          *       {
          *          ...
          *          return SecTrustEvaluateWithError(trust, nullptr);
@@ -144,7 +144,7 @@ namespace Ice::SSL
          * @param context A CtxtHandle representing the security context associated with the current connection. This
          * context contains security data relevant for validation, such as the client's certificate chain and cipher
          * suite.
-         * @param info The IceSSL::ConnectionInfoPtr object that provides additional connection-related data which might
+         * @param info The ConnectionInfoPtr object that provides additional connection-related data which might
          * be relevant for contextual certificate validation.
          * @return true if the certificate chain is valid and the connection should proceed; false if the certificate
          * chain is invalid and the connection should be aborted.
@@ -153,8 +153,7 @@ namespace Ice::SSL
          * [See
          * SecTrustEvaluateWithError](https://developer.apple.com/documentation/security/2980705-sectrustevaluatewitherror?language=objc)
          */
-        std::function<bool(CtxtHandle context, const IceSSL::ConnectionInfoPtr& info)>
-            serverCertificateValidationCallback;
+        std::function<bool(CtxtHandle context, const ConnectionInfoPtr& info)> serverCertificateValidationCallback;
     };
     // Alias for portable code
     using ClientAuthenticationOptions = SchannelClientAuthenticationOptions;
@@ -280,7 +279,7 @@ namespace Ice::SSL
          *   ...
          *   .clientAuthenticationOptions = ClientAuthenticationOptions{
          *     .serverCertificateValidationCallback =
-         *       [](SecTrustRef trust, const IceSSL::ConnectionInfoPtr& info)
+         *       [](SecTrustRef trust, const ConnectionInfoPtr& info)
          *       {
          *          ...
          *          return SecTrustEvaluateWithError(trust, nullptr);
@@ -290,7 +289,7 @@ namespace Ice::SSL
          * ```
          *
          * @param trust The trust object that contains the server's certificate chain.
-         * @param info The IceSSL::ConnectionInfoPtr object that provides additional connection-related data which might
+         * @param info The ConnectionInfoPtr object that provides additional connection-related data which might
          * be relevant for contextual certificate validation.
          * @return true if the certificate chain is valid and the connection should proceed; false if the certificate
          * chain is invalid and the connection should be aborted.
@@ -299,8 +298,7 @@ namespace Ice::SSL
          * [See
          * SecTrustEvaluateWithError](https://developer.apple.com/documentation/security/2980705-sectrustevaluatewitherror?language=objc)
          */
-        std::function<bool(SecTrustRef trust, const IceSSL::ConnectionInfoPtr& info)>
-            serverCertificateValidationCallback;
+        std::function<bool(SecTrustRef trust, const ConnectionInfoPtr& info)> serverCertificateValidationCallback;
     };
     // Alias for portable code
     using ClientAuthenticationOptions = SecureTransportClientAuthenticationOptions;
@@ -327,14 +325,14 @@ namespace Ice::SSL
          * @param host The target host name.
          * @return A pointer to a SSL_CTX objet representing the SSL configuration for the new outgoing connection.
          *
-         * Example of setting clientSslContextSelectionCallback:
+         * Example of setting clientSSLContextSelectionCallback:
          * ```cpp
          * SSL_CTX* _sslContext = SSL_CTX_new(TLS_method());
          * ...
          * auto initData = Ice::InitializationData {
          *   ...
          *   .clientAuthenticationOptions = ClientAuthenticationOptions {
-         *     .clientSslContextSelectionCallback = [this](const std::string&) {
+         *     .clientSSLContextSelectionCallback = [this](const std::string&) {
          *       // Ensure the SSL context remains valid for the lifetime of the connection.
          *       SSL_CTX_up_ref(_sslContext);
          *       return _sslContext;
@@ -350,7 +348,7 @@ namespace Ice::SSL
          * @see Detailed OpenSSL documentation on SSL_CTX management:
          * https://www.openssl.org/docs/manmaster/man3/SSL_CTX_new.html
          */
-        std::function<SSL_CTX*(const std::string& host)> clientSslContextSelectionCallback;
+        std::function<SSL_CTX*(const std::string& host)> clientSSLContextSelectionCallback;
 
         /**
          * A callback that is invoked before initiating a new SSL handshake. This callback provides an opportunity to
@@ -387,7 +385,7 @@ namespace Ice::SSL
          * @param verified A boolean indicating whether the preliminary certificate verification done by OpenSSL's
          * built-in mechanisms succeeded or failed. True if the preliminary checks passed, false otherwise.
          * @param ctx A pointer to an X509_STORE_CTX object, which contains the certificate chain to be verified.
-         * @param info The IceSSL::ConnectionInfoPtr object that provides additional connection-related data
+         * @param info The ConnectionInfoPtr object that provides additional connection-related data
          * which might be relevant for contextual certificate validation.
          * @return true if the certificate chain is valid and the connection should proceed; false if the certificate
          * chain is invalid and the connection should be aborted.
@@ -399,7 +397,7 @@ namespace Ice::SSL
          *   ...
          *   .clientAuthenticationOptions = ClientAuthenticationOptions {
          *     .serverCertificateValidationCallback =
-         *     [this](bool verified, X509_STORE_CTX* ctx, const IceSSL::ConnectionInfoPtr& info) {
+         *     [this](bool verified, X509_STORE_CTX* ctx, const ConnectionInfoPtr& info) {
          *       ...
          *       return verified;
          *     }
@@ -413,7 +411,7 @@ namespace Ice::SSL
          * @see More about X509_STORE_CTX management:
          * https://www.openssl.org/docs/manmaster/man3/X509_STORE_CTX_new.html
          */
-        std::function<bool(bool verified, X509_STORE_CTX* ctx, const IceSSL::ConnectionInfoPtr& info)>
+        std::function<bool(bool verified, X509_STORE_CTX* ctx, const ConnectionInfoPtr& info)>
             serverCertificateValidationCallback;
     };
     // Alias for portable code

cpp/include/Ice/SSLConnectionInfo.h → cpp/include/Ice/SSL/ConnectionInfo.h

@@ -6,8 +6,8 @@
 #define ICE_SSL_CONNECTION_INFO_H
 
 #include "Certificate.h"
+#include "ConnectionInfoF.h"
 #include "Ice/Connection.h"
-#include "SSLConnectionInfoF.h"
 
 #if defined(__clang__)
 #    pragma clang diagnostic push
@@ -17,7 +17,7 @@
 #    pragma GCC diagnostic ignored "-Wshadow"
 #endif
 
-namespace IceSSL
+namespace Ice::SSL
 {
     /**
      * Provides access to the connection details of an SSL connection.

cpp/include/Ice/SSLConnectionInfoF.h → cpp/include/Ice/SSL/ConnectionInfoF.h

@@ -7,7 +7,7 @@
 
 #include <memory>
 
-namespace IceSSL
+namespace Ice::SSL
 {
     class ConnectionInfo;
     using ConnectionInfoPtr = std::shared_ptr<ConnectionInfo>;

cpp/include/Ice/SSLEndpointInfo.h → cpp/include/Ice/SSL/EndpointInfo.h

@@ -5,7 +5,7 @@
 #ifndef ICE_SSL_ENDPOINT_INFO_H
 #define ICE_SSL_ENDPOINT_INFO_H
 
-#include "Endpoint.h"
+#include "../Endpoint.h"
 
 #if defined(__clang__)
 #    pragma clang diagnostic push
@@ -15,7 +15,7 @@
 #    pragma GCC diagnostic ignored "-Wshadow"
 #endif
 
-namespace IceSSL
+namespace Ice::SSL
 {
     /**
      * Provides access to an SSL endpoint information.

cpp/include/Ice/OpenSSL.h → cpp/include/Ice/SSL/OpenSSL.h

@@ -2,23 +2,23 @@
 // Copyright (c) ZeroC, Inc. All rights reserved.
 //
 
-#ifndef ICE_OPENSSL_H
-#define ICE_OPENSSL_H
+#ifndef ICE_SSL_OPENSSL_H
+#define ICE_SSL_OPENSSL_H
 
 #include "Certificate.h"
 
 #include <openssl/pem.h>
 #include <openssl/x509v3.h>
 
-namespace IceSSL::OpenSSL
+namespace Ice::SSL::OpenSSL
 {
     class Certificate;
     using CertificatePtr = std::shared_ptr<Certificate>;
 
     /**
      * Encapsulates an OpenSSL X.509 certificate.
      */
-    class ICE_API Certificate : public virtual IceSSL::Certificate
+    class ICE_API Certificate : public virtual Ice::SSL::Certificate
     {
     public:
         /**

cpp/include/Ice/SChannel.h → cpp/include/Ice/SSL/Schannel.h

@@ -2,29 +2,22 @@
 // Copyright (c) ZeroC, Inc. All rights reserved.
 //
 
-#ifndef ICE_SCHANNEL_H
-#define ICE_SCHANNEL_H
+#ifndef ICE_SSL_SCHANNEL_H
+#define ICE_SSL_SCHANNEL_H
 
 #ifdef _WIN32
 #    include "Certificate.h"
-// We need to include windows.h before wincrypt.h.
-// clang-format off
-#    ifndef NOMINMAX
-#        define NOMINMAX
-#    endif
-#    include <windows.h>
-#    include <wincrypt.h>
-// clang-format on
+#    include "Config.h"
 
-namespace IceSSL::SChannel
+namespace Ice::SSL::Schannel
 {
     class Certificate;
     using CertificatePtr = std::shared_ptr<Certificate>;
 
     /**
      * This convenience class is a wrapper around a native certificate.
      */
-    class ICE_API Certificate : public virtual IceSSL::Certificate
+    class ICE_API Certificate : public virtual Ice::SSL::Certificate
     {
     public:
         /**

cpp/include/Ice/SecureTransport.h → cpp/include/Ice/SSL/SecureTransport.h

@@ -2,23 +2,23 @@
 // Copyright (c) ZeroC, Inc. All rights reserved.
 //
 
-#ifndef ICE_SECURE_TRANSPORT_H
-#define ICE_SECURE_TRANSPORT_H
+#ifndef ICE_SSL_SECURE_TRANSPORT_H
+#define ICE_SSL_SECURE_TRANSPORT_H
 
 #ifdef __APPLE__
 
 #    include "Certificate.h"
-#    include <Security/Security.h>
+#    include "Config.h"
 
-namespace IceSSL::SecureTransport
+namespace Ice::SSL::SecureTransport
 {
     class Certificate;
     using CertificatePtr = std::shared_ptr<Certificate>;
 
     /**
      * This convenience class is a wrapper around a native certificate.
      */
-    class ICE_API Certificate : public virtual IceSSL::Certificate
+    class ICE_API Certificate : public virtual Ice::SSL::Certificate
     {
     public:
         /**