Remove getSelfCert and getPeerCert apis

Summary:
Remove getSelfCert and getPeerCert APIs from
AsyncTransport.

This removes an explicit dependency on the X509 type
from openssl

Reviewed By: yfeldblum

Differential Revision: D14970297

fbshipit-source-id: b727789d3a37a57d4728709ab66a575d40176172

folly/io/async/AsyncSSLSocket.cpp

@@ -948,11 +948,6 @@ const AsyncTransportCertificate* AsyncSSLSocket::getSelfCertificate() const {
   return selfCertData_.get();
 }
 
-// TODO: deprecate/remove in favor of getSelfCertificate.
-const X509* AsyncSSLSocket::getSelfCert() const {
-  return (ssl_ != nullptr) ? SSL_get_certificate(ssl_.get()) : nullptr;
-}
-
 bool AsyncSSLSocket::willBlock(
     int ret,
     int* sslErrorOut,

folly/io/async/AsyncSSLSocket.h

@@ -560,11 +560,6 @@ class AsyncSSLSocket : public virtual AsyncSocket {
    */
   int getSSLCertSize() const;
 
-  /**
-   * Get the certificate used for this SSL connection. May be null
-   */
-  const X509* getSelfCert() const override;
-
   void attachEventBase(EventBase* eventBase) override {
     AsyncSocket::attachEventBase(eventBase);
     handshakeTimeout_.attachEventBase(eventBase);
@@ -734,17 +729,6 @@ class AsyncSSLSocket : public virtual AsyncSocket {
   const AsyncTransportCertificate* getPeerCertificate() const override;
   const AsyncTransportCertificate* getSelfCertificate() const override;
 
-  /**
-   * Returns the peer certificate, or nullptr if no peer certificate received.
-   */
-  ssl::X509UniquePtr getPeerCert() const override {
-    auto peerCert = getPeerCertificate();
-    if (!peerCert) {
-      return nullptr;
-    }
-    return peerCert->getX509();
-  }
-
   /**
    * Force AsyncSSLSocket object to cache local and peer socket addresses.
    * If called with "true" before connect() this function forces full local

folly/io/async/AsyncTransport.h

@@ -378,20 +378,6 @@ class AsyncTransport : public DelayedDestruction, public AsyncSocketBase {
     return addr;
   }
 
-  /**
-   * Get the certificate used to authenticate the peer.
-   */
-  virtual ssl::X509UniquePtr getPeerCert() const {
-    return nullptr;
-  }
-
-  /**
-   * The local certificate used for this connection. May be null
-   */
-  virtual const X509* getSelfCert() const {
-    return nullptr;
-  }
-
   /**
    * Get the peer certificate information if any
    */

folly/io/async/DecoratedAsyncTransportWrapper.h

@@ -120,10 +120,6 @@ class DecoratedAsyncTransportWrapper : public folly::AsyncTransportWrapper {
     return transport_->getPeerAddress(address);
   }
 
-  folly::ssl::X509UniquePtr getPeerCert() const override {
-    return transport_->getPeerCert();
-  }
-
   size_t getRawBytesReceived() const override {
     return transport_->getRawBytesReceived();
   }

folly/io/async/test/AsyncSSLSocketTest.cpp

@@ -853,15 +853,20 @@ TEST(AsyncSSLSocketTest, GetClientCertificate) {
   auto srvSocket = std::move(server).moveSocket();
 
   // Client cert retrieved from server side.
-  folly::ssl::X509UniquePtr serverPeerCert = srvSocket->getPeerCert();
+  auto serverPeerCert = srvSocket->getPeerCertificate();
   CHECK(serverPeerCert);
 
   // Client cert retrieved from client side.
-  const X509* clientSelfCert = cliSocket->getSelfCert();
+  auto clientSelfCert = cliSocket->getSelfCertificate();
   CHECK(clientSelfCert);
 
+  auto serverX509 = serverPeerCert->getX509();
+  auto clientX509 = clientSelfCert->getX509();
+  CHECK(serverX509);
+  CHECK(clientX509);
+
   // The two certs should be the same.
-  EXPECT_EQ(0, X509_cmp(clientSelfCert, serverPeerCert.get()));
+  EXPECT_EQ(0, X509_cmp(clientX509.get(), serverX509.get()));
 }
 
 TEST(AsyncSSLSocketTest, SSLParseClientHelloOnePacket) {