DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

BoringSSL: Use accessor functions for X509 key usage flags

Browse source 
BoringSSL commit dddb60eb9700110835ff6e2b429de40a17006429 ("Make most of
crypto/x509 opaque.") broke the direct access to these variables, so use
the accessor functions instead.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2022-04-15 12:58:03 +03:00
parent 80be88a089
commit feed2f9e75
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/crypto/tls_openssl_ocsp.c
View file

@ -663,8 +663,8 @@ enum ocsp_result check_ocsp_resp(SSL_CTX *ssl_ctx, SSL *ssl, X509 *cert,
if (!signer_trusted) {
X509_check_purpose(signer, -1, 0);
if ((signer->ex_flags & EXFLAG_XKUSAGE) &&
(signer->ex_xkusage & XKU_OCSP_SIGN)) {
if ((X509_get_extension_flags(signer) & EXFLAG_XKUSAGE) &&
(X509_get_extended_key_usage(signer) & XKU_OCSP_SIGN)) {
wpa_printf(MSG_DEBUG,
"OpenSSL: OCSP signer certificate delegation OK");
} else {