BUILD/MINOR: ssl: Fix compilation with OpenSSL 1.0.2 The X509_STORE_CTX_get0_cert did not exist yet on OpenSSL 1.0.2 and neither did X509_STORE_CTX_get0_chain, which was not actually needed since its get1 equivalent already existed.

commit: f95c29546ca7a1ab0c64b6d0709bb54197806df8 [log] [tgz]
author: Remi Tricot-Le Breton <rlebreton@haproxy.com> Fri Aug 20 09:51:23 2021 +0200
committer: William Lallemand <wlallemand@haproxy.org> Fri Aug 20 10:05:58 2021 +0200
tree: 5ad97827bc70e4b448c403929360a7a4f3f45a21
parent: 46b7dff8f08cb6c5c3004d8874d6c5bc689a4c51 [diff] [blame]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index bc82783..83003d9 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -1592,14 +1592,12 @@
 		 * chain, we might never call this verify callback on the client
 		 * certificate's depth (which is 0) so we try to store the
 		 * reference right now. */
-		if (X509_STORE_CTX_get0_chain(x_store) != NULL) {
-			certs = X509_STORE_CTX_get1_chain(x_store);
-			if (certs) {
-				client_crt = sk_X509_value(certs, 0);
-				if (client_crt) {
-					X509_up_ref(client_crt);
-					SSL_set_ex_data(ssl, ssl_client_crt_ref_index, client_crt);
-				}
+		certs = X509_STORE_CTX_get1_chain(x_store);
+		if (certs) {
+			client_crt = sk_X509_value(certs, 0);
+			if (client_crt) {
+				X509_up_ref(client_crt);
+				SSL_set_ex_data(ssl, ssl_client_crt_ref_index, client_crt);
 			}
 			sk_X509_pop_free(certs, X509_free);
 		}
commit	f95c29546ca7a1ab0c64b6d0709bb54197806df8	[log] [tgz]
author	Remi Tricot-Le Breton <rlebreton@haproxy.com>	Fri Aug 20 09:51:23 2021 +0200
committer	William Lallemand <wlallemand@haproxy.org>	Fri Aug 20 10:05:58 2021 +0200
tree	5ad97827bc70e4b448c403929360a7a4f3f45a21
parent	46b7dff8f08cb6c5c3004d8874d6c5bc689a4c51 [diff] [blame]