Commit edb2b9c3 authored by Joe Orton's avatar Joe Orton
Browse files

* modules/ssl/ssl_engine_kernel.c (ssl_callback_SSLVerify): Use 

X509_STORE_CTX_get_ex_data() and SSL_get_ex_data_X509_STORE_CTX_idx()
to use the correct ex_data index from the context in pathological
cases where SSL_get_ex_data_X509_STORE_CTX_idx() does not return 0.

PR: 32529


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@111241 13f79535-47bb-0310-9956-ffa450edef68
parent 396be679

ssl_engine_kernel.c

+2 −1
Original line number Diff line number Diff line
@@ -1203,7 +1203,8 @@ DH *ssl_callback_TmpDH(SSL *ssl, int export, int keylen) 
int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)

{

    /* Get Apache context back through OpenSSL context */

    SSL *ssl            = (SSL *)X509_STORE_CTX_get_app_data(ctx);

    SSL *ssl = X509_STORE_CTX_get_ex_data(ctx,

                                          SSL_get_ex_data_X509_STORE_CTX_idx());

    conn_rec *conn      = (conn_rec *)SSL_get_app_data(ssl);

    server_rec *s       = conn->base_server;

    request_rec *r      = (request_rec *)SSL_get_app_data2(ssl);