Stop reaching into structs that will become opaque in ca.c

"just commit it" beck

diff --git a/usr.bin/openssl/ca.c b/usr.bin/openssl/ca.c
index 2adc701..8922486 100644 (file)
--- a/usr.bin/openssl/ca.c
+++ b/usr.bin/openssl/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.50 2021/10/22 09:44:30 tb Exp $ */
+/* $OpenBSD: ca.c,v 1.51 2021/10/23 12:00:18 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1784,7 +1784,7 @@ do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 
                if (ca_config.msie_hack) {
                        /* assume all type should be strings */
-                       nid = OBJ_obj2nid(ne->object);
+                       nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(ne));
                        if (nid == NID_undef)
                                goto err;
 
@@ -2328,7 +2328,6 @@ certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
        X509_REQ *req = NULL;
        CONF_VALUE *cv = NULL;
        NETSCAPE_SPKI *spki = NULL;
-       X509_REQ_INFO *ri;
        char *type, *buf;
        EVP_PKEY *pktmp = NULL;
        X509_NAME *n = NULL;
@@ -2370,8 +2369,7 @@ certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
        /*
         * Build up the subject name set.
         */
-       ri = req->req_info;
-       n = ri->subject;
+       n = X509_REQ_get_subject_name(req);
 
        for (i = 0;; i++) {
                if (sk_CONF_VALUE_num(sk) <= i)