1 files changed, 40 insertions, 0 deletions

diff --git a/main/libtls-standalone/openssl-1.1.0-x509-object.patch b/main/libtls-standalone/openssl-1.1.0-x509-object.patch
new file mode 100644
index 0000000000..e90903252f
--- /dev/null
+++ b/main/libtls-standalone/openssl-1.1.0-x509-object.patch
@@ -0,0 +1,40 @@
+--- libressl-2.7.4.orig/tls/tls_ocsp.c
++++ libressl-2.7.4/tls/tls_ocsp.c
+@@ -127,8 +127,8 @@
+ {
+ 	X509_NAME *issuer_name;
+ 	X509 *issuer;
+-	X509_STORE_CTX storectx;
+-	X509_OBJECT tmpobj;
++	X509_STORE_CTX *storectx;
++	X509_OBJECT *tmpobj;
+ 	OCSP_CERTID *cid = NULL;
+ 	X509_STORE *store;
+ 
+@@ -143,14 +143,20 @@
+ 
+ 	if ((store = SSL_CTX_get_cert_store(ssl_ctx)) == NULL)
+ 		return NULL;
+-	if (X509_STORE_CTX_init(&storectx, store, main_cert, extra_certs) != 1)
++	if ((storectx = X509_STORE_CTX_new()) == NULL)
+ 		return NULL;
+-	if (X509_STORE_get_by_subject(&storectx, X509_LU_X509, issuer_name,
+-		&tmpobj) == 1) {
+-		cid = OCSP_cert_to_id(NULL, main_cert, tmpobj.data.x509);
+-		X509_OBJECT_free_contents(&tmpobj);
++	if (X509_STORE_CTX_init(storectx, store, main_cert, extra_certs) != 1)
++		goto err;
++	if ((tmpobj = X509_OBJECT_new()) == NULL)
++		goto err;
++	if (X509_STORE_get_by_subject(storectx, X509_LU_X509, issuer_name,
++		tmpobj) == 1) {
++		cid = OCSP_cert_to_id(NULL, main_cert, X509_OBJECT_get0_X509(tmpobj));
++		X509_OBJECT_free(tmpobj);
+ 	}
+-	X509_STORE_CTX_cleanup(&storectx);
++
++ err:
++	X509_STORE_CTX_cleanup(storectx);
+ 	return cid;
+ }
+