Remove SSL type from pubkey-pinning interface.

src/openssl/pubkey-pinning.c

@@ -361,15 +361,18 @@ _getdns_upstream_from_x509_store(X509_STORE_CTX *store)
 }
 
 getdns_return_t
-_getdns_associate_upstream_with_SSL(SSL *ssl,
+_getdns_associate_upstream_with_connection(_getdns_tls_connection *conn,
-				    getdns_upstream *upstream)
+					   getdns_upstream *upstream)
 {
+	if (!conn || !conn->ssl)
+		return GETDNS_RETURN_INVALID_PARAMETER;
+	
 #if OPENSSL_VERSION_NUMBER < 0x10100000 || defined(HAVE_LIBRESSL)
 	int uidx = _get_ssl_getdns_upstream_idx();
 #else
-	int uidx = _get_ssl_getdns_upstream_idx(SSL_CTX_get_cert_store(SSL_get_SSL_CTX(ssl)));
+	int uidx = _get_ssl_getdns_upstream_idx(SSL_CTX_get_cert_store(SSL_get_SSL_CTX(conn->ssl)));
 #endif
-	if (SSL_set_ex_data(ssl, uidx, upstream))
+	if (SSL_set_ex_data(conn->ssl, uidx, upstream))
 		return GETDNS_RETURN_GOOD;
 	else
 		return GETDNS_RETURN_GENERIC_ERROR;

src/pubkey-pinning.h

@@ -34,6 +34,7 @@
 #ifndef PUBKEY_PINNING_H_
 #define PUBKEY_PINNING_H_
 
+#include "tls.h"
 
 /* create and populate a pinset linked list from a getdns_list pinset */
 getdns_return_t
@@ -57,8 +58,8 @@ _getdns_upstream_from_x509_store(X509_STORE_CTX *store);
 
 
 getdns_return_t
-_getdns_associate_upstream_with_SSL(SSL *ssl,
+_getdns_associate_upstream_with_connection(_getdns_tls_connection *conn,
-				    getdns_upstream *upstream);
+					   getdns_upstream *upstream);
 
 getdns_return_t
 _getdns_verify_pinset_match(const sha256_pin_t *pinset,

src/stub.c

@@ -838,7 +838,7 @@ tls_create_object(getdns_dns_req *dnsreq, int fd, getdns_upstream *upstream)
 		_getdns_tls_connection_set_curves_list(tls, upstream->tls_curves_list);
 #endif
 	/* make sure we'll be able to find the context again when we need it */
-	if (_getdns_associate_upstream_with_SSL(tls->ssl, upstream) != GETDNS_RETURN_GOOD) {
+	if (_getdns_associate_upstream_with_connection(tls, upstream) != GETDNS_RETURN_GOOD) {
 		_getdns_tls_connection_free(tls);
 		return NULL;
 	}