diff --git a/tdnet/td/net/SslStream.cpp b/tdnet/td/net/SslStream.cpp index 872bd6225..2881a9381 100644 --- a/tdnet/td/net/SslStream.cpp +++ b/tdnet/td/net/SslStream.cpp @@ -135,13 +135,13 @@ using SslHandle = std::unique_ptr; class SslStreamImpl { public: - Status init(CSlice host, CSlice cert_file, SslCtx::VerifyPeer verify_peer, bool check_ip_address_as_host) { - SslCtx::init_openssl(); + Status init(CSlice host, SslCtx ssl_ctx, bool check_ip_address_as_host) { + if (!ssl_ctx) { + return Status::Error("Invalid SSL context provided"); + } clear_openssl_errors("Before SslFd::init"); - TRY_RESULT(ssl_ctx, SslCtx::create(cert_file, verify_peer)); - auto ssl_handle = SslHandle(SSL_new(static_cast(ssl_ctx.get_openssl_ctx()))); if (!ssl_handle) { return create_openssl_error(-13, "Failed to create an SSL handle"); @@ -356,10 +356,9 @@ SslStream::SslStream(SslStream &&) noexcept = default; SslStream &SslStream::operator=(SslStream &&) noexcept = default; SslStream::~SslStream() = default; -Result SslStream::create(CSlice host, CSlice cert_file, SslCtx::VerifyPeer verify_peer, - bool use_ip_address_as_host) { +Result SslStream::create(CSlice host, SslCtx ssl_ctx, bool use_ip_address_as_host) { auto impl = make_unique(); - TRY_STATUS(impl->init(host, cert_file, verify_peer, use_ip_address_as_host)); + TRY_STATUS(impl->init(host, ssl_ctx, use_ip_address_as_host)); return SslStream(std::move(impl)); } SslStream::SslStream(unique_ptr impl) : impl_(std::move(impl)) { @@ -392,8 +391,7 @@ SslStream::SslStream(SslStream &&) noexcept = default; SslStream &SslStream::operator=(SslStream &&) noexcept = default; SslStream::~SslStream() = default; -Result SslStream::create(CSlice host, CSlice cert_file, SslCtx::VerifyPeer verify_peer, - bool check_ip_address_as_host) { +Result SslStream::create(CSlice host, SslCtx ssl_ctx, bool check_ip_address_as_host) { return Status::Error("Not supported in Emscripten"); } diff --git a/tdnet/td/net/SslStream.h b/tdnet/td/net/SslStream.h index 069fa25d2..286eb80be 100644 --- a/tdnet/td/net/SslStream.h +++ b/tdnet/td/net/SslStream.h @@ -25,9 +25,7 @@ class SslStream { SslStream &operator=(SslStream &&) noexcept; ~SslStream(); - static Result create(CSlice host, CSlice cert_file = CSlice(), - SslCtx::VerifyPeer verify_peer = SslCtx::VerifyPeer::On, - bool use_ip_address_as_host = false); + static Result create(CSlice host, SslCtx ssl_ctx, bool use_ip_address_as_host = false); ByteFlowInterface &read_byte_flow(); ByteFlowInterface &write_byte_flow(); diff --git a/tdnet/td/net/Wget.cpp b/tdnet/td/net/Wget.cpp index 208c3cb94..f6a6c72eb 100644 --- a/tdnet/td/net/Wget.cpp +++ b/tdnet/td/net/Wget.cpp @@ -84,7 +84,8 @@ Status Wget::try_init() { std::numeric_limits::max(), 0, 0, ActorOwn(actor_id(this))); } else { - TRY_RESULT(ssl_stream, SslStream::create(url.host_, CSlice() /* certificate */, verify_peer_)); + TRY_RESULT(ssl_ctx, SslCtx::create(CSlice() /* certificate */, verify_peer_)); + TRY_RESULT(ssl_stream, SslStream::create(url.host_, std::move(ssl_ctx))); connection_ = create_actor( "Connect", BufferedFd(std::move(fd)), std::move(ssl_stream), std::numeric_limits::max(), 0, 0, ActorOwn(actor_id(this)));