BoringSSL: Use accessor functions for X509 key usage flags

author Jouni Malinen <j@w1.fi>

Fri, 15 Apr 2022 09:58:03 +0000 (12:58 +0300)

committer Jouni Malinen <j@w1.fi>

Fri, 15 Apr 2022 10:00:26 +0000 (13:00 +0300)
author Jouni Malinen <j@w1.fi>
Fri, 15 Apr 2022 09:58:03 +0000 (12:58 +0300)
committer Jouni Malinen <j@w1.fi>
Fri, 15 Apr 2022 10:00:26 +0000 (13:00 +0300)
diff --git a/src/crypto/tls_openssl_ocsp.c b/src/crypto/tls_openssl_ocsp.c

index 12e975c39a1b4df78c74d6ce66faf7d41c5740fd..2e0334b64299a653a58091d245e52b97455dbc77 100644 (file)
--- a/src/crypto/tls_openssl_ocsp.c
+++ b/src/crypto/tls_openssl_ocsp.c
@@ -663,8 +663,8 @@ enum ocsp_result check_ocsp_resp(SSL_CTX *ssl_ctx, SSL *ssl, X509 *cert,
  
         if (!signer_trusted) {
                 X509_check_purpose(signer, -1, 0);
-               if ((signer->ex_flags & EXFLAG_XKUSAGE) &&
-                   (signer->ex_xkusage & XKU_OCSP_SIGN)) {
+               if ((X509_get_extension_flags(signer) & EXFLAG_XKUSAGE) &&
+                   (X509_get_extended_key_usage(signer) & XKU_OCSP_SIGN)) {
                         wpa_printf(MSG_DEBUG,
                                    "OpenSSL: OCSP signer certificate delegation OK");
                 } else {
author	Jouni Malinen <j@w1.fi>
	Fri, 15 Apr 2022 09:58:03 +0000 (12:58 +0300)
committer	Jouni Malinen <j@w1.fi>
	Fri, 15 Apr 2022 10:00:26 +0000 (13:00 +0300)