From 9eb774304e814cefb3eb6f44e1fb5469b994ab52 Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Thu, 5 Oct 2023 12:50:55 -0400
Subject: [PATCH] openssl: use X509_ALGOR_get0 instead of reaching into
 X509_ALGOR

While the struct is still public in OpenSSL, there is a (somewhat
inconvenient) accessor. Use it to remain compatible if it becomes opaque
in the future.

Closes #12038
---
 lib/vtls/openssl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index fcb7222399..9f9c8d136a 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -466,7 +466,9 @@ CURLcode Curl_ossl_certchain(struct Curl_easy *data, SSL *ssl)
 
       X509_get0_signature(&psig, &sigalg, x);
       if(sigalg) {
-        i2a_ASN1_OBJECT(mem, sigalg->algorithm);
+        const ASN1_OBJECT *sigalgoid = NULL;
+        X509_ALGOR_get0(&sigalgoid, NULL, NULL, sigalg);
+        i2a_ASN1_OBJECT(mem, sigalgoid);
         push_certinfo("Signature Algorithm", i);
       }
 
-- 
2.47.2