1 files changed, 7 insertions, 2 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index 5c80976..32d6470 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -567,7 +567,7 @@ void OpenSSLContext::sendPendingDataToApplication() {
    }
 }
-bool OpenSSLContext::setCertificateChain(std::vector<std::unique_ptr<Certificate>>&& certificateChain) {
+bool OpenSSLContext::setCertificateChain(const std::vector<std::shared_ptr<Certificate>>& certificateChain) {
    if (certificateChain.size() == 0) {
        SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
        return false;
@@ -583,17 +583,22 @@ bool OpenSSLContext::setCertificateChain(std::vector<std::unique_ptr<Certificate
        return false;
    }
+    // Increment reference count on certificate so that it does not get freed when the SSL context is destroyed
+    openSSLCert->incrementReferenceCount();
    if (certificateChain.size() > 1) {
        for (auto certificate = certificateChain.begin() + 1; certificate != certificateChain.end(); ++certificate) {
            auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificate->get());
            if (!openSSLCert) {
                return false;
            }
            if (SSL_CTX_add_extra_chain_cert(context_.get(), openSSLCert->getInternalX509().get()) != 1) {
                SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
                return false;
            }
-            certificate->release();
+            openSSLCert->incrementReferenceCount();
        }
    }

diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp index 5c80976..32d6470 100644 --- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp +++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -567,7 +567,7 @@ void OpenSSLContext::sendPendingDataToApplication() {
567	}	567	}
568	}	568	}
569		569
570	bool OpenSSLContext::setCertificateChain(std::vector<std::unique_ptr<Certificate>>&& certificateChain) {	570	bool OpenSSLContext::setCertificateChain(const std::vector<std::shared_ptr<Certificate>>& certificateChain) {
571	if (certificateChain.size() == 0) {	571	if (certificateChain.size() == 0) {
572	SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;	572	SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
573	return false;	573	return false;
@@ -583,17 +583,22 @@ bool OpenSSLContext::setCertificateChain(std::vector<std::unique_ptr<Certificate
583	return false;	583	return false;
584	}	584	}
585		585
		586	// Increment reference count on certificate so that it does not get freed when the SSL context is destroyed
		587	openSSLCert->incrementReferenceCount();
		588
586	if (certificateChain.size() > 1) {	589	if (certificateChain.size() > 1) {
587	for (auto certificate = certificateChain.begin() + 1; certificate != certificateChain.end(); ++certificate) {	590	for (auto certificate = certificateChain.begin() + 1; certificate != certificateChain.end(); ++certificate) {
588	auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificate->get());	591	auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificate->get());
589	if (!openSSLCert) {	592	if (!openSSLCert) {
590	return false;	593	return false;
591	}	594	}
		595
592	if (SSL_CTX_add_extra_chain_cert(context_.get(), openSSLCert->getInternalX509().get()) != 1) {	596	if (SSL_CTX_add_extra_chain_cert(context_.get(), openSSLCert->getInternalX509().get()) != 1) {
593	SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;	597	SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
594	return false;	598	return false;
595	}	599	}
596	certificate->release();	600
		601	openSSLCert->incrementReferenceCount();
597	}	602	}
598	}	603	}
599		604