58 lines
2.3 KiB
Diff
58 lines
2.3 KiB
Diff
|
diff -up xmlsec1-1.2.12/src/openssl/x509vfy.c.ossl10 xmlsec1-1.2.12/src/openssl/x509vfy.c
|
||
|
--- xmlsec1-1.2.12/src/openssl/x509vfy.c.ossl10 2009-06-25 22:53:18.000000000 +0200
|
||
|
+++ xmlsec1-1.2.12/src/openssl/x509vfy.c 2009-08-26 16:40:04.000000000 +0200
|
||
|
@@ -173,7 +173,7 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDa
|
||
|
XMLSEC_STACK_OF_X509_CRL* crls, xmlSecKeyInfoCtx* keyInfoCtx) {
|
||
|
xmlSecOpenSSLX509StoreCtxPtr ctx;
|
||
|
STACK_OF(X509)* certs2 = NULL;
|
||
|
- STACK_OF(X509_CRLS)* crls2 = NULL;
|
||
|
+ STACK_OF(X509_CRL)* crls2 = NULL;
|
||
|
X509* res = NULL;
|
||
|
X509* cert;
|
||
|
X509 *err_cert = NULL;
|
||
|
@@ -802,8 +802,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509)
|
||
|
return(NULL);
|
||
|
}
|
||
|
|
||
|
- for(i = 0; i < certs->num; ++i) {
|
||
|
- cert = ((X509**)(certs->data))[i];
|
||
|
+ for(i = 0; i < sk_X509_num(certs); ++i) {
|
||
|
+ cert = sk_X509_value(certs, i);
|
||
|
subj = X509_get_subject_name(cert);
|
||
|
if(xmlSecOpenSSLX509NamesCompare(nm, subj) == 0) {
|
||
|
X509_NAME_free(nm);
|
||
|
@@ -863,8 +863,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509)
|
||
|
BN_free(bn);
|
||
|
|
||
|
|
||
|
- for(i = 0; i < certs->num; ++i) {
|
||
|
- cert = ((X509**)(certs->data))[i];
|
||
|
+ for(i = 0; i < sk_X509_num(certs); ++i) {
|
||
|
+ cert = sk_X509_value(certs, i);
|
||
|
if(ASN1_INTEGER_cmp(X509_get_serialNumber(cert), serial) != 0) {
|
||
|
continue;
|
||
|
}
|
||
|
@@ -895,8 +895,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509)
|
||
|
xmlSecErrorsSafeString(ski));
|
||
|
return(NULL);
|
||
|
}
|
||
|
- for(i = 0; i < certs->num; ++i) {
|
||
|
- cert = ((X509**)(certs->data))[i];
|
||
|
+ for(i = 0; i < sk_X509_num(certs); ++i) {
|
||
|
+ cert = sk_X509_value(certs, i);
|
||
|
index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
|
||
|
if((index >= 0) && (ext = X509_get_ext(cert, index))) {
|
||
|
keyId = X509V3_EXT_d2i(ext);
|
||
|
@@ -982,9 +982,9 @@ xmlSecOpenSSLX509VerifyCertAgainstCrls(S
|
||
|
/*
|
||
|
* Check if the current certificate is revoked by this CRL
|
||
|
*/
|
||
|
- n = sk_num(X509_CRL_get_REVOKED(crl));
|
||
|
+ n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl));
|
||
|
for (i = 0; i < n; i++) {
|
||
|
- revoked = (X509_REVOKED *)sk_value(X509_CRL_get_REVOKED(crl), i);
|
||
|
+ revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i);
|
||
|
if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(cert)) == 0) {
|
||
|
xmlSecError(XMLSEC_ERRORS_HERE,
|
||
|
NULL,
|