diff options
author | tb <> | 2023-05-26 13:44:05 +0000 |
---|---|---|
committer | tb <> | 2023-05-26 13:44:05 +0000 |
commit | 60f03123a4643b375e7e15b8d8dd32beeba4deac (patch) | |
tree | daccb0dca5b73ba21fde8f92a694ce06f7aeebf4 /src/lib/libssl/ssl_local.h | |
parent | d9e5f520e02c69e7bb007ce9e7466dbf19dad201 (diff) | |
download | openbsd-60f03123a4643b375e7e15b8d8dd32beeba4deac.tar.gz openbsd-60f03123a4643b375e7e15b8d8dd32beeba4deac.tar.bz2 openbsd-60f03123a4643b375e7e15b8d8dd32beeba4deac.zip |
Move verified_chain from SSL to SSL_HANDSHAKE
This is a better version of the fix for the missing pointer invalidation
but a bit larger, so errata got the minimal fix.
tested by jcs
ok jsing
Diffstat (limited to 'src/lib/libssl/ssl_local.h')
-rw-r--r-- | src/lib/libssl/ssl_local.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h index 876a5e4657..cb38e5f91c 100644 --- a/src/lib/libssl/ssl_local.h +++ b/src/lib/libssl/ssl_local.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssl_local.h,v 1.5 2023/04/25 07:48:15 tb Exp $ */ | 1 | /* $OpenBSD: ssl_local.h,v 1.6 2023/05/26 13:44:05 tb Exp $ */ |
2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
3 | * All rights reserved. | 3 | * All rights reserved. |
4 | * | 4 | * |
@@ -651,6 +651,9 @@ typedef struct ssl_handshake_st { | |||
651 | STACK_OF(X509) *peer_certs; | 651 | STACK_OF(X509) *peer_certs; |
652 | STACK_OF(X509) *peer_certs_no_leaf; | 652 | STACK_OF(X509) *peer_certs_no_leaf; |
653 | 653 | ||
654 | /* Certificate chain resulting from X.509 verification. */ | ||
655 | STACK_OF(X509) *verified_chain; | ||
656 | |||
654 | SSL_HANDSHAKE_TLS12 tls12; | 657 | SSL_HANDSHAKE_TLS12 tls12; |
655 | SSL_HANDSHAKE_TLS13 tls13; | 658 | SSL_HANDSHAKE_TLS13 tls13; |
656 | } SSL_HANDSHAKE; | 659 | } SSL_HANDSHAKE; |
@@ -1130,7 +1133,6 @@ struct ssl_st { | |||
1130 | int empty_record_count; | 1133 | int empty_record_count; |
1131 | 1134 | ||
1132 | size_t num_tickets; /* Unused, for OpenSSL compatibility */ | 1135 | size_t num_tickets; /* Unused, for OpenSSL compatibility */ |
1133 | STACK_OF(X509) *verified_chain; | ||
1134 | }; | 1136 | }; |
1135 | 1137 | ||
1136 | typedef struct ssl3_record_internal_st { | 1138 | typedef struct ssl3_record_internal_st { |