X509_STORE{_CTX,} is made opaque

1 files changed, 11 insertions, 9 deletions

diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c
index 900bd81b04..a62e79c184 100644
--- a/ext/openssl/ossl_x509store.c
+++ b/ext/openssl/ossl_x509store.c
@@ -149,8 +149,8 @@ ossl_x509store_initialize(int argc, VALUE *argv, VALUE self)
 
 /* BUG: This method takes any number of arguments but appears to ignore them. */
     GetX509Store(self, store);
-    store->ex_data.sk = NULL;
-    X509_STORE_set_verify_cb_func(store, ossl_verify_cb);
+    /* TODO: what's this?: store->ex_data.sk = NULL; */
+    X509_STORE_set_verify_cb(store, ossl_verify_cb);
     ossl_x509store_set_vfy_cb(self, Qnil);
 
 #if (OPENSSL_VERSION_NUMBER < 0x00907000L)
@@ -400,10 +400,10 @@ static void
 ossl_x509stctx_free(void *ptr)
 {
     X509_STORE_CTX *ctx = ptr;
-    if(ctx->untrusted)
-	sk_X509_pop_free(ctx->untrusted, X509_free);
-    if(ctx->cert)
-	X509_free(ctx->cert);
+    if (X509_STORE_CTX_get0_untrusted(ctx))
+	sk_X509_pop_free(X509_STORE_CTX_get0_untrusted(ctx), X509_free);
+    if (X509_STORE_CTX_get0_cert(ctx))
+	X509_free(X509_STORE_CTX_get0_cert(ctx));
     X509_STORE_CTX_free(ctx);
 }
 
@@ -484,7 +484,7 @@ ossl_x509stctx_get_chain(VALUE self)
     VALUE ary;
 
     GetX509StCtx(self, ctx);
-    if((chain = X509_STORE_CTX_get_chain(ctx)) == NULL){
+    if((chain = X509_STORE_CTX_get0_chain(ctx)) == NULL){
         return Qnil;
     }
     if((num = sk_X509_num(chain)) < 0){
@@ -558,11 +558,13 @@ ossl_x509stctx_get_curr_crl(VALUE self)
 {
 #if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
     X509_STORE_CTX *ctx;
+    X509_CRL *crl;
 
     GetX509StCtx(self, ctx);
-    if(!ctx->current_crl) return Qnil;
+    crl = X509_STORE_CTX_get0_current_crl(ctx);
+    if(!crl) return Qnil;
 
-    return ossl_x509crl_new(ctx->current_crl);
+    return ossl_x509crl_new(crl);
 #else
     return Qnil;
 #endif