From: Amos Jeffries <squid3@treenet.co.nz>
Date: Sat, 3 Dec 2016 08:05:09 +0000 (+1300)
Subject: Remove use of SSL* raw-pointer from Ssl::CertValidationRequest
X-Git-Tag: M-staged-PR71~284^2~33
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0b168d25b1b9a036933bc610582ec04097a56d9b;p=thirdparty%2Fsquid.git

Remove use of SSL* raw-pointer from Ssl::CertValidationRequest
---

diff --git a/src/ssl/cert_validate_message.cc b/src/ssl/cert_validate_message.cc
index 8e2d6acc1b..459526f2f4 100644
--- a/src/ssl/cert_validate_message.cc
+++ b/src/ssl/cert_validate_message.cc
@@ -21,16 +21,16 @@ Ssl::CertValidationMsg::composeRequest(CertValidationRequest const &vcert)
 {
     body.clear();
     body += Ssl::CertValidationMsg::param_host + "=" + vcert.domainName;
-    STACK_OF(X509) *peerCerts = static_cast<STACK_OF(X509) *>(SSL_get_ex_data(vcert.ssl, ssl_ex_index_ssl_cert_chain));
+    STACK_OF(X509) *peerCerts = static_cast<STACK_OF(X509) *>(SSL_get_ex_data(vcert.ssl.get(), ssl_ex_index_ssl_cert_chain));
 
-    if (const char *sslVersion = SSL_get_version(vcert.ssl))
+    if (const char *sslVersion = SSL_get_version(vcert.ssl.get()))
         body += "\n" +  Ssl::CertValidationMsg::param_proto_version + "=" + sslVersion;
 
-    if (const char *cipherName = SSL_CIPHER_get_name(SSL_get_current_cipher(vcert.ssl)))
+    if (const char *cipherName = SSL_CIPHER_get_name(SSL_get_current_cipher(vcert.ssl.get())))
         body += "\n" +  Ssl::CertValidationMsg::param_cipher + "=" + cipherName;
 
     if (!peerCerts)
-        peerCerts = SSL_get_peer_cert_chain(vcert.ssl);
+        peerCerts = SSL_get_peer_cert_chain(vcert.ssl.get());
 
     if (peerCerts) {
         Ssl::BIO_Pointer bio(BIO_new(BIO_s_mem()));
diff --git a/src/ssl/cert_validate_message.h b/src/ssl/cert_validate_message.h
index 299395cdbb..16f468420b 100644
--- a/src/ssl/cert_validate_message.h
+++ b/src/ssl/cert_validate_message.h
@@ -26,10 +26,9 @@ namespace Ssl
 class CertValidationRequest
 {
 public:
-    SSL *ssl;
-    Security::CertErrors *errors; ///< The list of errors detected
+    Security::SessionPointer ssl;
+    Security::CertErrors *errors = nullptr; ///< The list of errors detected
     std::string domainName; ///< The server name
-    CertValidationRequest() : ssl(NULL), errors(NULL) {}
 };
 
 /**
diff --git a/src/ssl/helper.cc b/src/ssl/helper.cc
index e9e6366ecc..1e1093e841 100644
--- a/src/ssl/helper.cc
+++ b/src/ssl/helper.cc
@@ -236,7 +236,7 @@ void Ssl::CertValidationHelper::sslSubmit(Ssl::CertValidationRequest const &requ
     crtdvdData->query = message.compose();
     crtdvdData->query += '\n';
     crtdvdData->callback = callback;
-    crtdvdData->ssl.resetAndLock(request.ssl);
+    crtdvdData->ssl = request.ssl;
     Ssl::CertValidationResponse::Pointer const*validationResponse;
 
     if (CertValidationHelper::HelperCache &&