ext/openssl: use X509_STORE_CTX_get0_store() instead of store_ctx->ctx

3 files changed, 8 insertions, 3 deletions

diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb
index 0da59a59d4..b94aab099b 100644
--- a/ext/openssl/extconf.rb
+++ b/ext/openssl/extconf.rb
@@ -96,6 +96,7 @@ have_macro("EVP_CTRL_GCM_GET_TAG", ['openssl/evp.h']) && $defs.push("-DHAVE_AUTH
 # added in 1.0.2
 have_func("CRYPTO_memcmp")
 have_func("X509_REVOKED_dup")
+have_func("X509_STORE_CTX_get0_store")
 have_func("SSL_CTX_set_alpn_select_cb")
 have_func("SSL_get_server_tmp_key", ["openssl/ssl.h"])
 
diff --git a/ext/openssl/openssl_missing.h b/ext/openssl/openssl_missing.h
index 6f6fe245b8..84bc93bafd 100644
--- a/ext/openssl/openssl_missing.h
+++ b/ext/openssl/openssl_missing.h
@@ -56,6 +56,10 @@ int CRYPTO_memcmp(const volatile void * volatile in_a, const volatile void * vol
 	(d2i_of_void *)d2i_X509_REVOKED, (char *)(rev))
 #endif
 
+#if !defined(HAVE_X509_STORE_CTX_GET0_STORE)
+#  define X509_STORE_CTX_get0_store(x) ((x)->ctx)
+#endif
+
 /*** added in 1.1.0 ***/
 #if !defined(HAVE_BN_GENCB_NEW)
 #  define BN_GENCB_new() ((BN_GENCB *)OPENSSL_malloc(sizeof(BN_GENCB)))
diff --git a/ext/openssl/ossl.c b/ext/openssl/ossl.c
index 23a7e49b6d..59173de6ec 100644
--- a/ext/openssl/ossl.c
+++ b/ext/openssl/ossl.c
@@ -215,9 +215,9 @@ ossl_verify_cb(int ok, X509_STORE_CTX *ctx)
     int state = 0;
 
     proc = (VALUE)X509_STORE_CTX_get_ex_data(ctx, ossl_verify_cb_idx);
-    if ((void*)proc == 0)
-	proc = (VALUE)X509_STORE_get_ex_data(ctx->ctx, ossl_verify_cb_idx);
-    if ((void*)proc == 0)
+    if (!proc)
+	proc = (VALUE)X509_STORE_get_ex_data(X509_STORE_CTX_get0_store(ctx), ossl_verify_cb_idx);
+    if (!proc)
 	return ok;
     if (!NIL_P(proc)) {
 	ret = Qfalse;