From: tb <tb@openbsd.org>
Date: Thu, 21 Oct 2021 14:31:21 +0000 (+0000)
Subject: Switch from X509_VERIFY_PARAM_set_flags() to X509_STORE_set_flags().
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=cbc8ac2bdf1c04bdf3e5505cdb7ff2b321098cfb;p=openbsd

Switch from X509_VERIFY_PARAM_set_flags() to X509_STORE_set_flags().
This reduces the number of reacharounds into libcrypto internals.

ok jsing
---

diff --git a/lib/libtls/tls.c b/lib/libtls/tls.c
index 650610a5159..608f0a3acd0 100644
--- a/lib/libtls/tls.c
+++ b/lib/libtls/tls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls.c,v 1.91 2021/10/21 08:31:51 tb Exp $ */
+/* $OpenBSD: tls.c,v 1.92 2021/10/21 14:31:21 tb Exp $ */
 /*
  * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
  *
@@ -631,7 +631,7 @@ tls_configure_ssl_verify(struct tls *ctx, SSL_CTX *ssl_ctx, int verify)
 			}
 			xi->crl = NULL;
 		}
-		X509_VERIFY_PARAM_set_flags(store->param,
+		X509_STORE_set_flags(store,
 		    X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
 	}