Eliminate ScopedOpenSSL in favour of scoped_ptr<> specializations.

net/socket/ssl_client_socket_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // OpenSSL binding for SSLClientSocket. The class layout and general principle
 // of operation is derived from SSLClientSocketNSS.
 
 #include "net/socket/ssl_client_socket_openssl.h"
 
 #include <openssl/err.h>
 #include <openssl/opensslv.h>
 #include <openssl/ssl.h>
 
 #include "base/bind.h"
 #include "base/callback_helpers.h"
 #include "base/memory/singleton.h"
 #include "base/metrics/histogram.h"
 #include "base/synchronization/lock.h"
 #include "crypto/ec_private_key.h"
 #include "crypto/openssl_util.h"
+#include "crypto/scoped_openssl_types.h"
 #include "net/base/net_errors.h"
 #include "net/cert/cert_verifier.h"
 #include "net/cert/single_request_cert_verifier.h"
 #include "net/cert/x509_certificate_net_log_param.h"
 #include "net/socket/openssl_ssl_util.h"
 #include "net/socket/ssl_error_params.h"
 #include "net/socket/ssl_session_cache_openssl.h"
 #include "net/ssl/openssl_client_key_store.h"
 #include "net/ssl/ssl_cert_request_info.h"
 #include "net/ssl/ssl_connection_status_flags.h"
@@ skipping 132 matching lines @@
                                      const unsigned char* in,
                                      unsigned int inlen, void* arg) {
     SSLClientSocketOpenSSL* socket = GetInstance()->GetClientSocketFromSSL(ssl);
     return socket->SelectNextProtoCallback(out, outlen, in, inlen);
   }
 
   // This is the index used with SSL_get_ex_data to retrieve the owner
   // SSLClientSocketOpenSSL object from an SSL instance.
   int ssl_socket_data_index_;
 
-  crypto::ScopedOpenSSL<SSL_CTX, SSL_CTX_free> ssl_ctx_;
+  scoped_ptr<SSL_CTX, crypto::OpenSSLDestroyer<SSL_CTX, SSL_CTX_free> >
+      ssl_ctx_;
   // |session_cache_| must be destroyed before |ssl_ctx_|.
   SSLSessionCacheOpenSSL session_cache_;
 };
 
 // PeerCertificateChain is a helper object which extracts the certificate
 // chain, as given by the server, from an OpenSSL socket and performs the needed
 // resource management. The first element of the chain is the leaf certificate
 // and the other elements are in the order given by the server.
 class SSLClientSocketOpenSSL::PeerCertificateChain {
  public:
@@ skipping 22 matching lines @@
     return sk_X509_value(openssl_chain_.get(), index);
   }
 
   bool IsValid() { return os_chain_.get() && openssl_chain_.get(); }
 
  private:
   static void FreeX509Stack(STACK_OF(X509)* cert_chain) {
     sk_X509_pop_free(cert_chain, X509_free);
   }
 
-  friend class crypto::ScopedOpenSSL<STACK_OF(X509), FreeX509Stack>;
+  typedef scoped_ptr<STACK_OF(X509),
+                     crypto::OpenSSLDestroyer<STACK_OF(X509), FreeX509Stack> >
+      ScopedX509Stack;
+  friend struct crypto::OpenSSLDestroyer<STACK_OF(X509), FreeX509Stack>;

[wtc, 2014/07/02 20:13:13]

This friend declaration seems wrong. To match the original code, it is
ScopedX509Stack that should be declared a friend.

[Ryan Sleevi, 2014/07/02 20:16:30]

It's correct. OpenSSLDestroyer is what actually calls FreeX509Stack.
ScopedX509Stack just calls the Destroyer.

 
-  crypto::ScopedOpenSSL<STACK_OF(X509), FreeX509Stack> openssl_chain_;
+  ScopedX509Stack openssl_chain_;
 
   scoped_refptr<X509Certificate> os_chain_;
 };
 
 SSLClientSocketOpenSSL::PeerCertificateChain&
 SSLClientSocketOpenSSL::PeerCertificateChain::operator=(
     const PeerCertificateChain& other) {
   if (this == &other)
     return *this;
 
@@ skipping 1218 matching lines @@
   DVLOG(2) << "next protocol: '" << npn_proto_ << "' status: " << npn_status_;
   return SSL_TLSEXT_ERR_OK;
 }
 
 scoped_refptr<X509Certificate>
 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const {
   return server_cert_;
 }
 
 }  // namespace net