Swiftdiff options
| author | Edwin Mons <edwin.mons@isode.com> | 2019-01-18 15:25:58 (GMT) |
|---|---|---|
| committer | Edwin Mons <edwin.mons@isode.com> | 2019-01-18 20:27:03 (GMT) |
| commit | 68dd665d51c925a118cfced4583942b7157b59de (patch) | |
| tree | fc4144d4a3284fdd68c34b8d3bf6c0d107998a6b /Swiften/TLS/TLSContext.h | |
| parent | 9b12c9751cf8fd1658dfd948c4d854b0e1407b0d (diff) | |
| download | swift-68dd665d51c925a118cfced4583942b7157b59de.zip swift-68dd665d51c925a118cfced4583942b7157b59de.tar.bz2 | |
Allow ownership transfer of certificates
OpenSSL TLS contexts assume ownership of any additional certificate
passed into it. The CertificateFactory now returns a vector of
unique_ptrs, and OpenSSLContext will do the needful with releasing
ownership at the right moment.
A unit test has been added that uses a chained certificate in
client/server context. Before the fix, this test would either fail, or
result in a segmentation fault, depending on the mood of OpenSSL.
Test-Information:
Unit tests pass on Debian 9
Ran manual tests with server test code, tested both chained and single
certificates, and no longer observed crashes when accepting a
connection.
Change-Id: I21814969e45c7d77e9a1af14f2c958c4c0311cd0
Diffstat (limited to 'Swiften/TLS/TLSContext.h')
| -rw-r--r-- | Swiften/TLS/TLSContext.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Swiften/TLS/TLSContext.h b/Swiften/TLS/TLSContext.h index 9b0a2eb..003069f 100644 --- a/Swiften/TLS/TLSContext.h +++ b/Swiften/TLS/TLSContext.h @@ -28,7 +28,7 @@ namespace Swift { virtual void connect() = 0; virtual void connect(const std::string& serverName); - virtual bool setCertificateChain(const std::vector<Certificate::ref>& /* certificateChain */); + virtual bool setCertificateChain(std::vector<std::unique_ptr<Certificate>>&& /* certificateChain */); virtual bool setPrivateKey(const PrivateKey::ref& /* privateKey */); virtual bool setClientCertificate(CertificateWithKey::ref cert) = 0; |