binder: Delete addTrustedPeerCertificate.
For RpcServer and RpcSession, caller should retain
an ownership of the verifier when creating
RpcTransportCtxFactory, so APIs to addTrustedPeerCertificate
are deleted.
The logic to add certificates should be in the implementation
of RpcCertificateVerifier. See follow-up CLs.
Test: binderRpcTest
Bug: 198833574
Change-Id: If0ed87adfeee2ee48582604881ee335b5d689589
diff --git a/libs/binder/RpcSession.cpp b/libs/binder/RpcSession.cpp
index c57b749..8da3fa3 100644
--- a/libs/binder/RpcSession.cpp
+++ b/libs/binder/RpcSession.cpp
@@ -64,23 +64,12 @@
sp<RpcSession> RpcSession::make() {
// Default is without TLS.
- return make(RpcTransportCtxFactoryRaw::make(), std::nullopt, std::nullopt);
+ return make(RpcTransportCtxFactoryRaw::make());
}
-sp<RpcSession> RpcSession::make(std::unique_ptr<RpcTransportCtxFactory> rpcTransportCtxFactory,
- std::optional<CertificateFormat> serverCertificateFormat,
- std::optional<std::string> serverCertificate) {
+sp<RpcSession> RpcSession::make(std::unique_ptr<RpcTransportCtxFactory> rpcTransportCtxFactory) {
auto ctx = rpcTransportCtxFactory->newClientCtx();
if (ctx == nullptr) return nullptr;
- LOG_ALWAYS_FATAL_IF(serverCertificateFormat.has_value() != serverCertificate.has_value());
- if (serverCertificateFormat.has_value() && serverCertificate.has_value()) {
- status_t status =
- ctx->addTrustedPeerCertificate(*serverCertificateFormat, *serverCertificate);
- if (status != OK) {
- ALOGE("Cannot add trusted server certificate: %s", statusToString(status).c_str());
- return nullptr;
- }
- }
return sp<RpcSession>::make(std::move(ctx));
}