diff options
author | Jack Lloyd <[email protected]> | 2019-06-29 08:39:28 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2019-06-29 08:44:00 -0400 |
commit | 3e29f7ac7137967a4e268138ebdc7c26547fcfab (patch) | |
tree | 987ca16daca6963efa39bbfe061c8b9214f0f7f1 | |
parent | 4b98864a3d87726dd0ced20d8e20cd3288697fd8 (diff) |
Make the TLS OCSP callback not const.
As the impl may need to do side-effecting things in order to get the
most recent response.
-rw-r--r-- | src/bogo_shim/bogo_shim.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/tls_callbacks.h | 5 |
2 files changed, 5 insertions, 2 deletions
diff --git a/src/bogo_shim/bogo_shim.cpp b/src/bogo_shim/bogo_shim.cpp index ec4af181e..d6ea52025 100644 --- a/src/bogo_shim/bogo_shim.cpp +++ b/src/bogo_shim/bogo_shim.cpp @@ -1260,7 +1260,7 @@ class Shim_Callbacks final : public Botan::TLS::Callbacks } std::vector<uint8_t> tls_provide_cert_status(const std::vector<Botan::X509_Certificate>&, - const Botan::TLS::Certificate_Status_Request&) const override + const Botan::TLS::Certificate_Status_Request&) override { if(m_args.flag_set("use-ocsp-callback") && m_args.flag_set("fail-ocsp-callback")) throw std::runtime_error("Simulating failure from OCSP response callback"); diff --git a/src/lib/tls/tls_callbacks.h b/src/lib/tls/tls_callbacks.h index c9ba070c0..995c02e2d 100644 --- a/src/lib/tls/tls_callbacks.h +++ b/src/lib/tls/tls_callbacks.h @@ -137,6 +137,9 @@ class BOTAN_PUBLIC_API(2,0) Callbacks /** * Called by default `tls_verify_cert_chain` to get the timeout to use for OCSP * requests. Return 0 to disable online OCSP checks. + * + * This function should not be "const" since the implementation might need + * to perform some side effecting operation to compute the result. */ virtual std::chrono::milliseconds tls_verify_cert_chain_ocsp_timeout() const { @@ -154,7 +157,7 @@ class BOTAN_PUBLIC_API(2,0) Callbacks * suppress the Certificate_Status message. */ virtual std::vector<uint8_t> tls_provide_cert_status(const std::vector<X509_Certificate>& chain, - const Certificate_Status_Request& csr) const + const Certificate_Status_Request& csr) { BOTAN_UNUSED(chain); BOTAN_UNUSED(csr); |