diff -up xmlsec1-1.2.12/src/openssl/x509vfy.c.ossl10 xmlsec1-1.2.12/src/openssl/x509vfy.c --- xmlsec1-1.2.12/src/openssl/x509vfy.c.ossl10 2009-06-25 22:53:18.000000000 +0200 +++ xmlsec1-1.2.12/src/openssl/x509vfy.c 2009-08-26 16:40:04.000000000 +0200 @@ -173,7 +173,7 @@ xmlSecOpenSSLX509StoreVerify(xmlSecKeyDa XMLSEC_STACK_OF_X509_CRL* crls, xmlSecKeyInfoCtx* keyInfoCtx) { xmlSecOpenSSLX509StoreCtxPtr ctx; STACK_OF(X509)* certs2 = NULL; - STACK_OF(X509_CRLS)* crls2 = NULL; + STACK_OF(X509_CRL)* crls2 = NULL; X509* res = NULL; X509* cert; X509 *err_cert = NULL; @@ -802,8 +802,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509) return(NULL); } - for(i = 0; i < certs->num; ++i) { - cert = ((X509**)(certs->data))[i]; + for(i = 0; i < sk_X509_num(certs); ++i) { + cert = sk_X509_value(certs, i); subj = X509_get_subject_name(cert); if(xmlSecOpenSSLX509NamesCompare(nm, subj) == 0) { X509_NAME_free(nm); @@ -863,8 +863,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509) BN_free(bn); - for(i = 0; i < certs->num; ++i) { - cert = ((X509**)(certs->data))[i]; + for(i = 0; i < sk_X509_num(certs); ++i) { + cert = sk_X509_value(certs, i); if(ASN1_INTEGER_cmp(X509_get_serialNumber(cert), serial) != 0) { continue; } @@ -895,8 +895,8 @@ xmlSecOpenSSLX509FindCert(STACK_OF(X509) xmlSecErrorsSafeString(ski)); return(NULL); } - for(i = 0; i < certs->num; ++i) { - cert = ((X509**)(certs->data))[i]; + for(i = 0; i < sk_X509_num(certs); ++i) { + cert = sk_X509_value(certs, i); index = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); if((index >= 0) && (ext = X509_get_ext(cert, index))) { keyId = X509V3_EXT_d2i(ext); @@ -982,9 +982,9 @@ xmlSecOpenSSLX509VerifyCertAgainstCrls(S /* * Check if the current certificate is revoked by this CRL */ - n = sk_num(X509_CRL_get_REVOKED(crl)); + n = sk_X509_REVOKED_num(X509_CRL_get_REVOKED(crl)); for (i = 0; i < n; i++) { - revoked = (X509_REVOKED *)sk_value(X509_CRL_get_REVOKED(crl), i); + revoked = sk_X509_REVOKED_value(X509_CRL_get_REVOKED(crl), i); if (ASN1_INTEGER_cmp(revoked->serialNumber, X509_get_serialNumber(cert)) == 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL,