/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
#include "ssl_cert_table.h"
#include "internal/thread_once.h"
+DEFINE_STACK_OF(X509)
+DEFINE_STACK_OF(X509_NAME)
+
static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
int op, int bits, int nid, void *other,
void *ex);
else
verify_store = s->ctx->cert_store;
- ctx = X509_STORE_CTX_new();
+ ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
if (ctx == NULL) {
SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE);
return 0;
untrusted = cpk->chain;
}
- xs_ctx = X509_STORE_CTX_new();
+ if (s == NULL)
+ xs_ctx = X509_STORE_CTX_new_with_libctx(ctx->libctx, ctx->propq);
+ else
+ xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
if (xs_ctx == NULL) {
SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE);
goto err;