Rename X.509 members in |SSL_SESSION| and |CERT|.
This change renames |peer| to |x509_peer| and |cert_chain| to
|x509_chain| in |SSL_SESSION|. It also renames |x509| to |x509_leaf| and
|chain| to |x509_chain| in |CERT|. (All with an eye to maybe making
them lazily initialised in the future).
This a) catches anyone who might be accessing these members directly and
b) makes space for |CRYPTO_BUFFER|-based values to take the unprefixed
names.
Change-Id: I10573304fb7d6f1ea03f9e645f7fc0acdaf71ac2
Reviewed-on: https://boringssl-review.googlesource.com/12162
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 1b0633e..cc63d6f 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -3675,13 +3675,13 @@
uint8_t sid_ctx[SSL_MAX_SID_CTX_LENGTH];
char *psk_identity;
- /* peer is the peer's certificate. */
- X509 *peer;
+ /* x509_peer is the peer's certificate. */
+ X509 *x509_peer;
- /* cert_chain is the certificate chain sent by the peer. NOTE: for historical
+ /* x509_chain is the certificate chain sent by the peer. NOTE: for historical
* reasons, when a client (so the peer is a server), the chain includes
* |peer|, but when a server it does not. */
- STACK_OF(X509) *cert_chain;
+ STACK_OF(X509) *x509_chain;
/* verify_result is the result of certificate verification in the case of
* non-fatal certificate errors. */