Skip to content
Snippets Groups Projects
Commit dbe9efec authored by Adrien Béraud's avatar Adrien Béraud
Browse files

peer_connection: cleanup

Change-Id: I1f1896164c468bbfe931b65508112b955a31675f
parent fd08346f
No related branches found
No related tags found
No related merge requests found
...@@ -383,9 +383,8 @@ public: ...@@ -383,9 +383,8 @@ public:
Impl(AbstractSocketEndpoint& ep, const dht::crypto::Certificate& peer_cert) Impl(AbstractSocketEndpoint& ep, const dht::crypto::Certificate& peer_cert)
: tr {ep}, peerCertificate {peer_cert} {} : tr {ep}, peerCertificate {peer_cert} {}
Impl(AbstractSocketEndpoint &ep, Impl(AbstractSocketEndpoint &ep, std::function<bool(const dht::crypto::Certificate &)>&& cert_check)
std::function<bool(const dht::crypto::Certificate &)> &&cert_check) : tr{ep}, peerCertificateCheckFunc{std::move(cert_check)}, peerCertificate {null_cert} {}
: tr{ep}, peerCertificateCheckFunc{std::make_unique<std::function<bool(const dht::crypto::Certificate &)>>(std::move(cert_check))}, peerCertificate {null_cert} {}
// TLS callbacks // TLS callbacks
int verifyCertificate(gnutls_session_t); int verifyCertificate(gnutls_session_t);
...@@ -397,7 +396,7 @@ public: ...@@ -397,7 +396,7 @@ public:
AbstractSocketEndpoint& tr; AbstractSocketEndpoint& tr;
const dht::crypto::Certificate& peerCertificate; const dht::crypto::Certificate& peerCertificate;
dht::crypto::Certificate null_cert; dht::crypto::Certificate null_cert;
std::unique_ptr<std::function<bool(const dht::crypto::Certificate &)>> peerCertificateCheckFunc; std::function<bool(const dht::crypto::Certificate &)> peerCertificateCheckFunc;
}; };
// Declaration at namespace scope is necessary (until C++17) // Declaration at namespace scope is necessary (until C++17)
...@@ -410,7 +409,7 @@ TlsSocketEndpoint::Impl::verifyCertificate(gnutls_session_t session) ...@@ -410,7 +409,7 @@ TlsSocketEndpoint::Impl::verifyCertificate(gnutls_session_t session)
auto verified = init_crt(session, crt); auto verified = init_crt(session, crt);
if (verified != GNUTLS_E_SUCCESS) return verified; if (verified != GNUTLS_E_SUCCESS) return verified;
if (peerCertificateCheckFunc) { if (peerCertificateCheckFunc) {
if (!(*peerCertificateCheckFunc)(crt)) { if (!peerCertificateCheckFunc(crt)) {
JAMI_ERR() << "[TLS-SOCKET] Unexpected peer certificate"; JAMI_ERR() << "[TLS-SOCKET] Unexpected peer certificate";
return GNUTLS_E_CERTIFICATE_ERROR; return GNUTLS_E_CERTIFICATE_ERROR;
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment