mirror of
https://github.com/OpenVPN/openvpn3.git
synced 2024-09-20 12:12:15 +02:00
SSLAPI: auth_cert() can now be const
auth_cert() can now be const because OpenSSL rebuild_authcert() is never called unless authcert has already been allocated, making authcert.reset(new AuthCert()); redundant. Once the above statement is removed, rebuild_authcert() becomes const. Signed-off-by: James Yonan <james@openvpn.net>
This commit is contained in:
parent
a672e91631
commit
3b34449d0e
@ -722,7 +722,7 @@ namespace openvpn {
|
||||
return false; // fixme -- not implemented
|
||||
}
|
||||
|
||||
virtual const AuthCert::Ptr& auth_cert() override
|
||||
virtual const AuthCert::Ptr& auth_cert() const override
|
||||
{
|
||||
return authcert;
|
||||
}
|
||||
|
@ -643,7 +643,7 @@ namespace openvpn {
|
||||
return !SSL_session_reused(ssl);
|
||||
}
|
||||
|
||||
virtual const AuthCert::Ptr& auth_cert()
|
||||
virtual const AuthCert::Ptr& auth_cert() const
|
||||
{
|
||||
// Reused sessions don't call the cert verify callbacks,
|
||||
// so we must use an alternative method to build authcert.
|
||||
@ -778,9 +778,8 @@ namespace openvpn {
|
||||
SSL_set_ex_data(ssl, context_data_index, (void *)ctx);
|
||||
}
|
||||
|
||||
void rebuild_authcert()
|
||||
void rebuild_authcert() const
|
||||
{
|
||||
authcert.reset(new AuthCert());
|
||||
::X509 *cert = SSL_get_peer_certificate(ssl);
|
||||
if (cert)
|
||||
{
|
||||
|
@ -71,7 +71,7 @@ namespace openvpn {
|
||||
virtual BufferPtr read_ciphertext() = 0;
|
||||
virtual std::string ssl_handshake_details() const = 0;
|
||||
virtual bool did_full_handshake() = 0;
|
||||
virtual const AuthCert::Ptr& auth_cert() = 0;
|
||||
virtual const AuthCert::Ptr& auth_cert() const = 0;
|
||||
virtual void mark_no_cache() = 0; // prevent caching of client-side session (only meaningful when client_session_tickets is enabled)
|
||||
uint32_t get_tls_warnings() const
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user