Skip to content

Commit

Permalink
crypto: use X509_STORE_CTX_new
Browse files Browse the repository at this point in the history 
In OpenSSL 1.1.0, X509_STORE_CTX is opaque and thus cannot be
stack-allocated. This works in OpenSSL 1.1.0 and 1.0.2. Adapted from PR

PR-URL: #16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
  • Loading branch information
@davidben @rvagg
davidben authored and rvagg committed Nov 11, 2017
1 parent 2f82334 commit 8d254c9
Showing 1 changed file with 5 additions and 12 deletions.
17 changes: 5 additions & 12 deletions src/node_crypto.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -565,19 +565,12 @@ void SecureContext::SetKey(const FunctionCallbackInfo<Value>& args) {


int SSL_CTX_get_issuer(SSL_CTX* ctx, X509* cert, X509** issuer) {
int ret;

X509_STORE* store = SSL_CTX_get_cert_store(ctx);
X509_STORE_CTX store_ctx;

ret = X509_STORE_CTX_init(&store_ctx, store, nullptr, nullptr);
if (!ret)
goto end;

ret = X509_STORE_CTX_get1_issuer(issuer, &store_ctx, cert);
X509_STORE_CTX_cleanup(&store_ctx);

end:
X509_STORE_CTX* store_ctx = X509_STORE_CTX_new();
int ret = store_ctx != nullptr &&
X509_STORE_CTX_init(store_ctx, store, nullptr, nullptr) == 1 &&
X509_STORE_CTX_get1_issuer(issuer, store_ctx, cert) == 1;
X509_STORE_CTX_free(store_ctx);
return ret;
}

Expand Down

0 comments on commit 8d254c9

Please sign in to comment.