Introduce UnbufferedAsioTlsStream#GetPeerCertificate()

2025-07-26 23:24:09 +02:00 · 2019-02-25 17:22:00 +01:00 · 2019-02-25 17:22:00 +01:00 · f2d9d91e83
commit f2d9d91e83
parent d1e87bdc45
4 changed files with 8 additions and 2 deletions
--- a/lib/base/tlsstream.cpp
+++ b/lib/base/tlsstream.cpp
@ -465,6 +465,11 @@ String UnbufferedAsioTlsStream::GetVerifyError() const
 	return m_VerifyError;
 }
 std::shared_ptr<X509> UnbufferedAsioTlsStream::GetPeerCertificate()
 {
 	return std::shared_ptr<X509>(SSL_get_peer_certificate(native_handle()), X509_free);
 }
 void UnbufferedAsioTlsStream::BeforeHandshake(handshake_type type)
 {
 	namespace ssl = boost::asio::ssl;
--- a/lib/base/tlsstream.hpp
+++ b/lib/base/tlsstream.hpp
@ -119,6 +119,7 @@ public:
 	bool IsVerifyOK() const;
 	String GetVerifyError() const;
 	std::shared_ptr<X509> GetPeerCertificate();
 	template<class... Args>
 	inline
--- a/lib/remote/apilistener.cpp
+++ b/lib/remote/apilistener.cpp
@ -523,7 +523,7 @@ void ApiListener::NewClientHandlerInternal(boost::asio::yield_context yc, const
 		}
 	});
-	std::shared_ptr<X509> cert (SSL_get_peer_certificate(sslConn.native_handle()), X509_free);
+	std::shared_ptr<X509> cert (sslConn.GetPeerCertificate());
 	bool verify_ok = false;
 	String identity;
 	Endpoint::Ptr endpoint;
--- a/lib/remote/jsonrpcconnection-pki.cpp
+++ b/lib/remote/jsonrpcconnection-pki.cpp
@ -34,7 +34,7 @@ Value RequestCertificateHandler(const MessageOrigin::Ptr& origin, const Dictiona
 	/* Use the presented client certificate if not provided. */
 	if (certText.IsEmpty()) {
 		auto stream (origin->FromClient->GetStream());
-		cert = std::shared_ptr<X509>(SSL_get_peer_certificate(stream->next_layer().native_handle()), X509_free);
+		cert = stream->next_layer().GetPeerCertificate();
 	} else {
 		cert = StringToCertificate(certText);
 	}