From: Alessandro Ghedini <alessandro@ghedini.me>
Date: Fri, 20 Mar 2015 12:24:08 +0000 (+0100)
Subject: openssl: try to avoid accessing OCSP structs when possible
X-Git-Tag: curl-7_42_0~123
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8854f8d45a5cef688377c29e49e8d8b2bd668ee4;p=thirdparty%2Fcurl.git

openssl: try to avoid accessing OCSP structs when possible
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index f0c97f0446..3f93e220b0 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1390,17 +1390,15 @@ static CURLcode verifystatus(struct connectdata *conn,
     goto end;
   }
 
-  for(i = 0; i < sk_OCSP_SINGLERESP_num(br->tbsResponseData->responses); i++) {
+  for(i = 0; i < OCSP_resp_count(br); i++) {
     int cert_status, crl_reason;
     OCSP_SINGLERESP *single = NULL;
 
     ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
 
-    if(!sk_OCSP_SINGLERESP_value(br->tbsResponseData->responses, i))
+    if(!(single = OCSP_resp_get0(br, i)))
       continue;
 
-    single = sk_OCSP_SINGLERESP_value(br->tbsResponseData->responses, i);
-
     cert_status = OCSP_single_get0_status(single, &crl_reason, &rev,
                                           &thisupd, &nextupd);