From 60f03123a4643b375e7e15b8d8dd32beeba4deac Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 26 May 2023 13:44:05 +0000
Subject: Move verified_chain from SSL to SSL_HANDSHAKE

This is a better version of the fix for the missing pointer invalidation
but a bit larger, so errata got the minimal fix.

tested by jcs
ok jsing
---
 src/lib/libssl/ssl_cert.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'src/lib/libssl/ssl_cert.c')

diff --git a/src/lib/libssl/ssl_cert.c b/src/lib/libssl/ssl_cert.c
index 4fe805212b..8a333b4278 100644
--- a/src/lib/libssl/ssl_cert.c
+++ b/src/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.105 2022/11/26 16:08:55 tb Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.106 2023/05/26 13:44:05 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -440,11 +440,11 @@ ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *certs)
 		ret = X509_verify_cert(ctx);
 
 	s->verify_result = X509_STORE_CTX_get_error(ctx);
-	sk_X509_pop_free(s->verified_chain, X509_free);
-	s->verified_chain = NULL;
+	sk_X509_pop_free(s->s3->hs.verified_chain, X509_free);
+	s->s3->hs.verified_chain = NULL;
 	if (X509_STORE_CTX_get0_chain(ctx) != NULL) {
-		s->verified_chain = X509_STORE_CTX_get1_chain(ctx);
-		if (s->verified_chain == NULL) {
+		s->s3->hs.verified_chain = X509_STORE_CTX_get1_chain(ctx);
+		if (s->s3->hs.verified_chain == NULL) {
 			SSLerrorx(ERR_R_MALLOC_FAILURE);
 			ret = 0;
 		}
-- 
cgit v1.2.3-55-g6feb