aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl/tls_server.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/tls_server.cpp')
-rw-r--r--src/ssl/tls_server.cpp25
1 files changed, 13 insertions, 12 deletions
diff --git a/src/ssl/tls_server.cpp b/src/ssl/tls_server.cpp
index 33210dccb..3d72d9dca 100644
--- a/src/ssl/tls_server.cpp
+++ b/src/ssl/tls_server.cpp
@@ -85,14 +85,16 @@ void server_check_state(Handshake_Type new_msg, Handshake_State* state)
/**
* TLS Server Constructor
*/
-TLS_Server::TLS_Server(RandomNumberGenerator& r,
- Socket& sock, const X509_Certificate& cert,
- const Private_Key& key, const TLS_Policy* pol) :
- rng(r), peer(sock),
- writer(sock), policy(pol ? pol : new TLS_Policy)
+TLS_Server::TLS_Server(const TLS_Policy& pol,
+ RandomNumberGenerator& r,
+ Socket& sock,
+ const X509_Certificate& cert,
+ const Private_Key& key) :
+ policy(pol),
+ rng(r),
+ peer(sock),
+ writer(sock)
{
- peer_id = sock.peer_id();
-
state = 0;
cert_chain.push_back(cert);
@@ -125,7 +127,6 @@ TLS_Server::~TLS_Server()
{
close();
delete private_key;
- delete policy;
delete state;
}
@@ -353,7 +354,7 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
client_requested_hostname = state->client_hello->hostname();
state->version = choose_version(state->client_hello->version(),
- policy->min_version());
+ policy.min_version());
writer.set_version(state->version);
reader.set_version(state->version);
@@ -378,11 +379,11 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
if(state->suite.kex_type() == TLS_ALGO_KEYEXCH_RSA)
{
state->kex_priv = new RSA_PrivateKey(rng,
- policy->rsa_export_keysize());
+ policy.rsa_export_keysize());
}
else if(state->suite.kex_type() == TLS_ALGO_KEYEXCH_DH)
{
- state->kex_priv = new DH_PrivateKey(rng, policy->dh_group());
+ state->kex_priv = new DH_PrivateKey(rng, policy.dh_group());
}
else
throw Internal_Error("TLS_Server: Unknown ciphersuite kex type");
@@ -395,7 +396,7 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
state->hash);
}
- if(policy->require_client_auth())
+ if(policy.require_client_auth())
{
state->do_client_auth = true;
throw Internal_Error("Client auth not implemented");