From: David Benjamin <davidben@google.com>
Date: Thu, 5 Oct 2023 16:50:55 +0000 (-0400)
Subject: openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR
X-Git-Tag: curl-8_4_0~28
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9eb774304e814cefb3eb6f44e1fb5469b994ab52;p=thirdparty%2Fcurl.git

openssl: use X509_ALGOR_get0 instead of reaching into X509_ALGOR

While the struct is still public in OpenSSL, there is a (somewhat
inconvenient) accessor. Use it to remain compatible if it becomes opaque
in the future.

Closes #12038
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index fcb7222399..9f9c8d136a 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -466,7 +466,9 @@ CURLcode Curl_ossl_certchain(struct Curl_easy *data, SSL *ssl)
 
       X509_get0_signature(&psig, &sigalg, x);
       if(sigalg) {
-        i2a_ASN1_OBJECT(mem, sigalg->algorithm);
+        const ASN1_OBJECT *sigalgoid = NULL;
+        X509_ALGOR_get0(&sigalgoid, NULL, NULL, sigalg);
+        i2a_ASN1_OBJECT(mem, sigalgoid);
         push_certinfo("Signature Algorithm", i);
       }