From 78c04b9ca7421ea0099f0ca4633ada4dff8e1eea Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 21 Oct 2021 14:31:21 +0000
Subject: Switch from X509_VERIFY_PARAM_set_flags() to X509_STORE_set_flags().
 This reduces the number of reacharounds into libcrypto internals.

ok jsing
---
 src/lib/libtls/tls.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/lib/libtls/tls.c b/src/lib/libtls/tls.c
index 650610a515..608f0a3acd 100644
--- a/src/lib/libtls/tls.c
+++ b/src/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.91 2021/10/21 08:31:51 tb Exp $ */
+/* $OpenBSD: tls.c,v 1.92 2021/10/21 14:31:21 tb Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -631,7 +631,7 @@ tls_configure_ssl_verify(struct tls *ctx, SSL_CTX *ssl_ctx, int verify)
 			}
 			xi->crl = NULL;
 		}
-		X509_VERIFY_PARAM_set_flags(store->param,
+		X509_STORE_set_flags(store,
 		    X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
 	}
 
-- 
cgit v1.2.3-55-g6feb