upstream: use EVP_PKEY_get0_EC_KEY() instead of direct access of

author djm@openbsd.org <djm@openbsd.org>

Sun, 20 Jan 2019 23:03:26 +0000 (23:03 +0000)

committer Damien Miller <djm@mindrot.org>

Sun, 20 Jan 2019 23:54:37 +0000 (10:54 +1100)
author djm@openbsd.org <djm@openbsd.org>
Sun, 20 Jan 2019 23:03:26 +0000 (23:03 +0000)
committer Damien Miller <djm@mindrot.org>
Sun, 20 Jan 2019 23:54:37 +0000 (10:54 +1100)
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c

index 0c8629a373a0e802c634ed069ae83f05e08cea4d..bcbf727e6f3fe3f8f2052b75fdeb4529ee36dfd6 100644 (file)
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-pkcs11.c,v 1.30 2019/01/20 23:01:59 djm Exp $ */
+/* $OpenBSD: ssh-pkcs11.c,v 1.31 2019/01/20 23:03:26 djm Exp $ */
  /*
   * Copyright (c) 2010 Markus Friedl.  All rights reserved.
   * Copyright (c) 2014 Pedro Martelletto. All rights reserved.
@@ -877,12 +877,11 @@ pkcs11_fetch_x509_pubkey(struct pkcs11_provider *p, CK_ULONG slotidx,
                 key->flags |= SSHKEY_FLAG_EXT;
                 rsa = NULL;     /* now owned by key */
         } else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) {
-               /* XXX XXX fix accessor */
-               if (evp->pkey.ec == NULL) {
+               if (EVP_PKEY_get0_EC_KEY(evp) == NULL) {
                         error("invalid x509; no ec key");
                         goto fail;
                 }
-               if ((ec = EC_KEY_dup(evp->pkey.ec)) == NULL) {
+               if ((ec = EC_KEY_dup(EVP_PKEY_get0_EC_KEY(evp))) == NULL) {
                         error("EC_KEY_dup failed");
                         goto fail;
                 }
author	djm@openbsd.org <djm@openbsd.org>
	Sun, 20 Jan 2019 23:03:26 +0000 (23:03 +0000)
committer	Damien Miller <djm@mindrot.org>
	Sun, 20 Jan 2019 23:54:37 +0000 (10:54 +1100)