From: Matt Caswell Date: Fri, 3 Apr 2020 15:26:28 +0000 (+0100) Subject: Ensure libssl uses the new library context aware CT code X-Git-Tag: openssl-3.0.0-alpha1~126 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=1a37ee9402eaf262bea58309d162304b0347367b;p=oweals%2Fopenssl.git Ensure libssl uses the new library context aware CT code Ensure that when we create a CTLOG_STORE we use the new library context aware function. Also ensure that when we create a CT_POLICY_EVAL_CTX we associate it with the library context. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/11483) --- diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index a08ddb138b..09f0afdb22 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3141,7 +3141,7 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, if (ret->cert_store == NULL) goto err; #ifndef OPENSSL_NO_CT - ret->ctlog_store = CTLOG_STORE_new(); + ret->ctlog_store = CTLOG_STORE_new_with_libctx(libctx, propq); if (ret->ctlog_store == NULL) goto err; #endif @@ -5145,7 +5145,7 @@ int ssl_validate_ct(SSL *s) } } - ctx = CT_POLICY_EVAL_CTX_new(); + ctx = CT_POLICY_EVAL_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq); if (ctx == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_VALIDATE_CT, ERR_R_MALLOC_FAILURE);