Use s->session->peer instead of calling SSL_get_peer_certificate(s)

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 40c4171dec95fcb5317aa4371af069d4acdb0492..5dfb0fdbc718a5fb82928a3bb3dddf066d6739af 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3931,7 +3931,7 @@ err:
 static int ct_extract_x509v3_extension_scts(SSL *s)
 {
     int scts_extracted = 0;
-    X509 *cert = SSL_get_peer_certificate(s);
+    X509 *cert = s->session != NULL ? s->session->peer : NULL;
 
     if (cert != NULL) {
         STACK_OF(SCT) *scts =
@@ -4028,10 +4028,10 @@ ct_validation_cb SSL_CTX_get_ct_validation_callback(const SSL_CTX *ctx)
     return ctx->ct_validation_callback;
 }
 
-int SSL_validate_ct(SSL *s)
+int ssl_validate_ct(SSL *s)
 {
     int ret = 0;
-    X509 *cert = SSL_get_peer_certificate(s);
+    X509 *cert = s->session != NULL ? s->session->peer : NULL;
     X509 *issuer = NULL;
     CT_POLICY_EVAL_CTX *ctx = NULL;
     const STACK_OF(SCT) *scts;