Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/TLS/OpenSSL/OpenSSLContext.cpp')
-rw-r--r--Swiften/TLS/OpenSSL/OpenSSLContext.cpp9
1 files changed, 7 insertions, 2 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index 5c80976..32d6470 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -567,7 +567,7 @@ void OpenSSLContext::sendPendingDataToApplication() {
}
}
-bool OpenSSLContext::setCertificateChain(std::vector<std::unique_ptr<Certificate>>&& certificateChain) {
+bool OpenSSLContext::setCertificateChain(const std::vector<std::shared_ptr<Certificate>>& certificateChain) {
if (certificateChain.size() == 0) {
SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
return false;
@@ -583,17 +583,22 @@ bool OpenSSLContext::setCertificateChain(std::vector<std::unique_ptr<Certificate
return false;
}
+ // Increment reference count on certificate so that it does not get freed when the SSL context is destroyed
+ openSSLCert->incrementReferenceCount();
+
if (certificateChain.size() > 1) {
for (auto certificate = certificateChain.begin() + 1; certificate != certificateChain.end(); ++certificate) {
auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificate->get());
if (!openSSLCert) {
return false;
}
+
if (SSL_CTX_add_extra_chain_cert(context_.get(), openSSLCert->getInternalX509().get()) != 1) {
SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
return false;
}
- certificate->release();
+
+ openSSLCert->incrementReferenceCount();
}
}