diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2021-10-23 13:12:56 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2021-10-23 13:12:56 +0000 |
| commit | 51a840ba242fbb6bba560337fccd836016de4301 (patch) | |
| tree | 87cf0ce75a57ee876027f9d11364a25380f79696 | |
| parent | 6a1515a7eda3e07d11f9f979a8d3cfaa5ea20cc3 (diff) | |
Use X509_STORE_CTX_get0_chain() instead of grabbing the chain directly
out of the X509_STORE_CTX.
ok jsing
| -rw-r--r-- | lib/libssl/ssl_both.c | 4 | ||||
| -rw-r--r-- | lib/libssl/tls13_server.c | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/lib/libssl/ssl_both.c b/lib/libssl/ssl_both.c index 637f34582fe..fe7173e8a42 100644 --- a/lib/libssl/ssl_both.c +++ b/lib/libssl/ssl_both.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_both.c,v 1.36 2021/10/23 08:34:36 jsing Exp $ */ +/* $OpenBSD: ssl_both.c,v 1.37 2021/10/23 13:12:55 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -368,7 +368,7 @@ ssl3_output_cert_chain(SSL *s, CBB *cbb, CERT_PKEY *cpk) X509_V_FLAG_LEGACY_VERIFY); X509_verify_cert(xs_ctx); ERR_clear_error(); - chain = xs_ctx->chain; + chain = X509_STORE_CTX_get0_chain(xs_ctx); } for (i = 0; i < sk_X509_num(chain); i++) { diff --git a/lib/libssl/tls13_server.c b/lib/libssl/tls13_server.c index d2c7abbf7c5..9c0369fc912 100644 --- a/lib/libssl/tls13_server.c +++ b/lib/libssl/tls13_server.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tls13_server.c,v 1.84 2021/07/01 17:53:39 jsing Exp $ */ +/* $OpenBSD: tls13_server.c,v 1.85 2021/10/23 13:12:55 tb Exp $ */ /* * Copyright (c) 2019, 2020 Joel Sing <jsing@openbsd.org> * Copyright (c) 2020 Bob Beck <beck@openbsd.org> @@ -649,7 +649,7 @@ tls13_server_certificate_send(struct tls13_ctx *ctx, CBB *cbb) X509_V_FLAG_LEGACY_VERIFY); X509_verify_cert(xsc); ERR_clear_error(); - chain = xsc->chain; + chain = X509_STORE_CTX_get0_chain(xsc); } if (!CBB_add_u8_length_prefixed(cbb, &cert_request_context)) |