From 5d149515ebfe090e06d0428c8d4039cab85c55b9 Mon Sep 17 00:00:00 2001 From: Amos Jeffries Date: Fri, 9 Dec 2016 03:36:30 +1300 Subject: [PATCH] Cleanup: remove raw-pointer SSL* from ServerBump class API --- src/ssl/PeekingPeerConnector.cc | 2 +- src/ssl/ServerBump.cc | 10 +++++----- src/ssl/ServerBump.h | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/ssl/PeekingPeerConnector.cc b/src/ssl/PeekingPeerConnector.cc index 53e80218bb..955695733d 100644 --- a/src/ssl/PeekingPeerConnector.cc +++ b/src/ssl/PeekingPeerConnector.cc @@ -201,7 +201,7 @@ Ssl::PeekingPeerConnector::initialize(Security::SessionPointer &serverSession) } if (Ssl::ServerBump *serverBump = csd->serverBump()) { - serverBump->attachServerSSL(serverSession.get()); + serverBump->attachServerSession(serverSession); // store peeked cert to check SQUID_X509_V_ERR_CERT_CHANGE if (X509 *peeked_cert = serverBump->serverCert.get()) { X509_up_ref(peeked_cert); diff --git a/src/ssl/ServerBump.cc b/src/ssl/ServerBump.cc index 5de903eae1..86e954a51c 100644 --- a/src/ssl/ServerBump.cc +++ b/src/ssl/ServerBump.cc @@ -53,21 +53,21 @@ Ssl::ServerBump::~ServerBump() } void -Ssl::ServerBump::attachServerSSL(SSL *ssl) +Ssl::ServerBump::attachServerSession(const Security::SessionPointer &s) { - if (serverSSL.get()) + if (serverSession) return; - serverSSL.resetAndLock(ssl); + serverSession = s; } const Security::CertErrors * Ssl::ServerBump::sslErrors() const { - if (!serverSSL.get()) + if (!serverSession) return NULL; - const Security::CertErrors *errs = static_cast(SSL_get_ex_data(serverSSL.get(), ssl_ex_index_ssl_errors)); + const Security::CertErrors *errs = static_cast(SSL_get_ex_data(serverSession.get(), ssl_ex_index_ssl_errors)); return errs; } diff --git a/src/ssl/ServerBump.h b/src/ssl/ServerBump.h index 638f7727cc..1473a2b889 100644 --- a/src/ssl/ServerBump.h +++ b/src/ssl/ServerBump.h @@ -32,14 +32,14 @@ class ServerBump public: explicit ServerBump(HttpRequest *fakeRequest, StoreEntry *e = NULL, Ssl::BumpMode mode = Ssl::bumpServerFirst); ~ServerBump(); - void attachServerSSL(SSL *); ///< Sets the server SSL object + void attachServerSession(const Security::SessionPointer &); ///< Sets the server TLS session object const Security::CertErrors *sslErrors() const; ///< SSL [certificate validation] errors /// faked, minimal request; required by Client API HttpRequest::Pointer request; StoreEntry *entry; ///< for receiving Squid-generated error messages /// HTTPS server certificate. Maybe it is different than the one - /// it is stored in serverSSL object (error SQUID_X509_V_ERR_CERT_CHANGE) + /// it is stored in serverSession object (error SQUID_X509_V_ERR_CERT_CHANGE) Security::CertPointer serverCert; struct { Ssl::BumpMode step1; ///< The SSL bump mode at step1 @@ -48,9 +48,9 @@ public: } act; ///< bumping actions at various bumping steps Ssl::BumpStep step; ///< The SSL bumping step SBuf clientSni; ///< the SSL client SNI name - Security::SessionPointer serverSSL; ///< The SSL object on server side. private: + Security::SessionPointer serverSession; ///< The TLS session object on server side. store_client *sc; ///< dummy client to prevent entry trimming }; -- 2.47.3