4 files changed, 11 insertions, 10 deletions
diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp b/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp
index c94702c..5eb626b 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.cpp
@@ -20,8 +20,8 @@ Certificate* OpenSSLCertificateFactory::createCertificateFromDER(const ByteArray
     return new OpenSSLCertificate(der);
 }
 
-std::vector<Certificate::ref> OpenSSLCertificateFactory::createCertificateChain(const ByteArray& data) {
-    std::vector<Certificate::ref> certificateChain;
+std::vector<std::unique_ptr<Certificate>> OpenSSLCertificateFactory::createCertificateChain(const ByteArray& data) {
+    std::vector<std::unique_ptr<Certificate>> certificateChain;
 
     if (data.size() > std::numeric_limits<int>::max()) {
         return certificateChain;
@@ -35,11 +35,11 @@ std::vector<Certificate::ref> OpenSSLCertificateFactory::createCertificateChain(
     auto x509certFromPEM = PEM_read_bio_X509(bio.get(), &openSSLCert, nullptr, nullptr);
     if (x509certFromPEM && openSSLCert) {
         std::shared_ptr<X509> x509Cert(openSSLCert, X509_free);
-        certificateChain.push_back(std::make_shared<OpenSSLCertificate>(x509Cert));
+        certificateChain.emplace_back(std::make_unique<OpenSSLCertificate>(x509Cert));
         openSSLCert = nullptr;
         while ((x509certFromPEM = PEM_read_bio_X509(bio.get(), &openSSLCert, nullptr, nullptr)) != nullptr) {
             std::shared_ptr<X509> x509Cert(openSSLCert, X509_free);
-            certificateChain.push_back(std::make_shared<OpenSSLCertificate>(x509Cert));
+            certificateChain.emplace_back(std::make_unique<OpenSSLCertificate>(x509Cert));
             openSSLCert = nullptr;
         }
     }
diff --git a/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.h b/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.h
index af45a33..48e9b2c 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.h
+++ b/Swiften/TLS/OpenSSL/OpenSSLCertificateFactory.h
@@ -16,6 +16,6 @@ namespace Swift {
             virtual ~OpenSSLCertificateFactory() override final;
 
             virtual Certificate* createCertificateFromDER(const ByteArray& der) override final;
-            virtual std::vector<Certificate::ref> createCertificateChain(const ByteArray& data) override final;
+            virtual std::vector<std::unique_ptr<Certificate>> createCertificateChain(const ByteArray& data) override final;
     };
 }
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
index 968ef8f..e9889bc 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.cpp
@@ -338,14 +338,14 @@ void OpenSSLContext::sendPendingDataToApplication() {
     }
 }
 
-bool OpenSSLContext::setCertificateChain(const std::vector<Certificate::ref>& certificateChain) {
+bool OpenSSLContext::setCertificateChain(std::vector<std::unique_ptr<Certificate>>&& certificateChain) {
     if (certificateChain.size() == 0) {
         SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
         return false;
     }
 
     // load endpoint certificate
-    auto openSSLCert = std::dynamic_pointer_cast<OpenSSLCertificate>(certificateChain[0]);
+    auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificateChain[0].get());
     if (!openSSLCert) {
         return false;
     }
@@ -355,8 +355,8 @@ bool OpenSSLContext::setCertificateChain(const std::vector<Certificate::ref>& ce
     }
 
     if (certificateChain.size() > 1) {
-        for (auto certificate : range(certificateChain.begin() + 1, certificateChain.end())) {
-            auto openSSLCert = std::dynamic_pointer_cast<OpenSSLCertificate>(certificate);
+        for (auto certificate = certificateChain.begin() + 1; certificate != certificateChain.end(); ++certificate) {
+            auto openSSLCert = dynamic_cast<OpenSSLCertificate*>(certificate->get());
             if (!openSSLCert) {
                 return false;
             }
@@ -364,6 +364,7 @@ bool OpenSSLContext::setCertificateChain(const std::vector<Certificate::ref>& ce
                 SWIFT_LOG(warning) << "Trying to load empty certificate chain." << std::endl;
                 return false;
             }
+            certificate->release();
         }
     }
 
diff --git a/Swiften/TLS/OpenSSL/OpenSSLContext.h b/Swiften/TLS/OpenSSL/OpenSSLContext.h
index cfa852a..c18a6f4 100644
--- a/Swiften/TLS/OpenSSL/OpenSSLContext.h
+++ b/Swiften/TLS/OpenSSL/OpenSSLContext.h
@@ -45,7 +45,7 @@ namespace Swift {
             void connect() override final;
             void connect(const std::string& requestHostname) override final;
 
-            bool setCertificateChain(const std::vector<Certificate::ref>& certificateChain) override final;
+            bool setCertificateChain(std::vector<std::unique_ptr<Certificate>>&& certificateChain) override final;
             bool setPrivateKey(const PrivateKey::ref& privateKey) override final;
             bool setClientCertificate(CertificateWithKey::ref cert) override final;
             void setAbortTLSHandshake(bool abort) override final;