ConnectionManager: use peer certificate from TLS in closeConnectionsWith
Change-Id: I55ea604cc2542fb0d38b465cfa6a090450fe9322
diff --git a/src/connectionmanager.cpp b/src/connectionmanager.cpp
index 67623b2..751b798 100644
--- a/src/connectionmanager.cpp
+++ b/src/connectionmanager.cpp
@@ -1713,11 +1713,16 @@
std::lock_guard<std::mutex> lk(pimpl_->infosMtx_);
for (auto iter = pimpl_->infos_.begin(); iter != pimpl_->infos_.end();) {
auto const& [key, value] = *iter;
+ std::unique_lock<std::mutex> lkv {value->mutex_};
auto deviceId = key.first;
- auto cert = pimpl_->certStore().getCertificate(deviceId.toString());
+ auto tls = value->tls_ ? value->tls_.get() : (value->socket_ ? value->socket_->endpoint() : nullptr);
+ auto cert = tls ? tls->peerCertificate() : nullptr;
+ if (not cert)
+ cert = pimpl_->certStore().getCertificate(deviceId.toString());
if (cert && cert->issuer && peerUri == cert->issuer->getId().toString()) {
connInfos.emplace_back(value);
peersDevices.emplace(deviceId);
+ lkv.unlock();
iter = pimpl_->infos_.erase(iter);
} else {
iter++;