CERT *ssl_cert_new(void)
{
- CERT *ret = OPENSSL_malloc(sizeof(*ret));
+ CERT *ret = OPENSSL_zalloc(sizeof(*ret));
if (ret == NULL) {
SSLerr(SSL_F_SSL_CERT_NEW, ERR_R_MALLOC_FAILURE);
return (NULL);
}
- memset(ret, 0, sizeof(*ret));
ret->key = &(ret->pkeys[SSL_PKEY_RSA_ENC]);
ret->references = 1;
CERT *ssl_cert_dup(CERT *cert)
{
- CERT *ret = OPENSSL_malloc(sizeof(*ret));
+ CERT *ret = OPENSSL_zalloc(sizeof(*ret));
int i;
if (ret == NULL) {
return (NULL);
}
- memset(ret, 0, sizeof(*ret));
-
ret->key = &ret->pkeys[cert->key - cert->pkeys];
#ifndef OPENSSL_NO_RSA
if (sk_X509_num(chain) > 0) {
/* See if last cert is self signed */
x = sk_X509_value(chain, sk_X509_num(chain) - 1);
- X509_check_purpose(x, -1, 0);
- if (x->ex_flags & EXFLAG_SS) {
+ if (X509_get_extension_flags(x) & EXFLAG_SS) {
x = sk_X509_pop(chain);
X509_free(x);
}