* Verify whether we are allowed to use the extension |type| in the current
* |context|. Returns 1 to indicate the extension is allowed or unknown or 0 to
* indicate the extension is not allowed. If returning 1 then |*found| is set to
- * 1 if we found a definition for the extension, and |*idx| is set to its index
+ * the definition for the extension we found.
*/
static int verify_extension(SSL *s, unsigned int context, unsigned int type,
custom_ext_methods *meths, RAW_EXTENSION *rawexlist,
static int init_certificate_authorities(SSL *s, unsigned int context)
{
- sk_X509_NAME_pop_free(s->s3->tmp.ca_names, X509_NAME_free);
- s->s3->tmp.ca_names = NULL;
+ sk_X509_NAME_pop_free(s->s3->tmp.peer_ca_names, X509_NAME_free);
+ s->s3->tmp.peer_ca_names = NULL;
return 1;
}
unsigned int context, X509 *x,
size_t chainidx, int *al)
{
- STACK_OF(X509_NAME) *ca_sk = SSL_get_client_CA_list(s);
+ const STACK_OF(X509_NAME) *ca_sk = SSL_get0_CA_list(s);
if (ca_sk == NULL || sk_X509_NAME_num(ca_sk) == 0)
return 1;