rename certificate parameter to reduce confusion

2025-04-21 22:25:55 +03:00 · 2019-06-06 23:52:33 +08:00 · 2019-06-06 23:52:33 +08:00 · 60e0286cfb
commit 60e0286cfb
parent 628b1115ea
1 changed files with 10 additions and 10 deletions
--- a/httplib.h
+++ b/httplib.h
@ -374,7 +374,7 @@ private:

 class SSLServer : public Server {
 public:
-  SSLServer(const char *cert_path, const char *private_key_path, const char *client_cert_path, const char *trusted_cert_path);
+  SSLServer(const char *cert_path, const char *private_key_path, const char *client_CA_cert_path, const char *trusted_cert_path);

  virtual ~SSLServer();

@ -385,7 +385,7 @@ private:

  SSL_CTX *ctx_;
  std::mutex ctx_mutex_;
-  const char *client_cert_path_;
+  const char *client_CA_cert_path_;
  const char *trusted_cert_path_;
 };

@ -2232,7 +2232,7 @@ read_and_close_socket_ssl(socket_t sock, size_t keep_alive_max_count,
                          // The upcoming 1.1.0 is going to be thread safe.
                          SSL_CTX *ctx, std::mutex &ctx_mutex,
                          U SSL_connect_or_accept, V setup, T callback,
-                          const char* client_cert_path = nullptr,
+                          const char* client_CA_cert_path = nullptr,
                          const char* trusted_cert_path = nullptr) {
  SSL *ssl = nullptr;
  {
@ -2259,14 +2259,14 @@ read_and_close_socket_ssl(socket_t sock, size_t keep_alive_max_count,
    return false;
  }

-  if(client_cert_path){
+  if(client_CA_cert_path){
    STACK_OF(X509_NAME)* list;
    //list of client CAs to request from client
-    list = SSL_load_client_CA_file(client_cert_path);
+    list = SSL_load_client_CA_file(client_CA_cert_path);
    SSL_set_client_CA_list(ssl, list);
    //certificate chain to verify received client certificate against
    //please run c_rehash in the cert folder first
-    SSL_CTX_load_verify_locations(ctx,client_cert_path,trusted_cert_path);
+    SSL_CTX_load_verify_locations(ctx,client_CA_cert_path,trusted_cert_path);
  }

  bool ret = false;
@ -2348,9 +2348,9 @@ inline std::string SSLSocketStream::get_remote_addr() const {
 // SSL HTTP server implementation
 inline SSLServer::SSLServer(const char *cert_path,
                            const char *private_key_path,
-                            const char *client_cert_path = nullptr,
+                            const char *client_CA_cert_path = nullptr,
                            const char *trusted_cert_path = nullptr)
-  : client_cert_path_(client_cert_path),
+  : client_CA_cert_path_(client_CA_cert_path),
    trusted_cert_path_(trusted_cert_path){
  ctx_ = SSL_CTX_new(SSLv23_server_method());

@ -2369,7 +2369,7 @@ inline SSLServer::SSLServer(const char *cert_path,
            1) {
      SSL_CTX_free(ctx_);
      ctx_ = nullptr;
-    } else if(client_cert_path_) {
+    } else if(client_CA_cert_path_) {
      SSL_CTX_set_verify(ctx_,
        SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, //SSL_VERIFY_CLIENT_ONCE,
        nullptr
@ -2391,7 +2391,7 @@ inline bool SSLServer::read_and_close_socket(socket_t sock) {
      [this](Stream &strm, bool last_connection, bool &connection_close) {
        return process_request(strm, last_connection, connection_close);
      },
-      client_cert_path_,
+      client_CA_cert_path_,
      trusted_cert_path_);
 }