projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Use X509_get0_pubkey where appropriate
[openssl.git] / crypto / ocsp / ocsp_vfy.c
diff --git a/crypto/ocsp/ocsp_vfy.c b/crypto/ocsp/ocsp_vfy.c
index 629ebf0e29732c769e5816cabc52375da3e4ad5b..87b5144b3907f4901d0de8261cfdcc65e2f1f8d9 100644 (file)
--- a/crypto/ocsp/ocsp_vfy.c
+++ b/crypto/ocsp/ocsp_vfy.c
@@ -97,11 +97,9 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
         flags |= OCSP_NOVERIFY;
     if (!(flags & OCSP_NOSIGS)) {
         EVP_PKEY *skey;
-        skey = X509_get_pubkey(signer);
-        if (skey) {
+        skey = X509_get0_pubkey(signer);
+        if (skey)
             ret = OCSP_BASICRESP_verify(bs, skey, 0);
-            EVP_PKEY_free(skey);
-        }
         if (!skey || ret <= 0) {
             OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, OCSP_R_SIGNATURE_FAILURE);
             goto end;
@@ -397,9 +395,8 @@ int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs,
         flags |= OCSP_NOVERIFY;
     if (!(flags & OCSP_NOSIGS)) {
         EVP_PKEY *skey;
-        skey = X509_get_pubkey(signer);
+        skey = X509_get0_pubkey(signer);
         ret = OCSP_REQUEST_verify(req, skey);
-        EVP_PKEY_free(skey);
         if (ret <= 0) {
             OCSPerr(OCSP_F_OCSP_REQUEST_VERIFY, OCSP_R_SIGNATURE_FAILURE);
             return 0;
Unnamed repository; edit this file 'description' to name the repository.