Fix #4764: Second try, use X509_STORE_CTX_set_purpose

author Armin Novak <armin.novak@thincast.com>

Wed, 28 Nov 2018 08:32:28 +0000 (09:32 +0100)

committer Armin Novak <armin.novak@thincast.com>

Wed, 28 Nov 2018 11:08:42 +0000 (12:08 +0100)
author Armin Novak <armin.novak@thincast.com>
Wed, 28 Nov 2018 08:32:28 +0000 (09:32 +0100)
committer Armin Novak <armin.novak@thincast.com>
Wed, 28 Nov 2018 11:08:42 +0000 (12:08 +0100)
diff --git a/libfreerdp/crypto/crypto.c b/libfreerdp/crypto/crypto.c

index f24bfee..708651f 100644 (file)
--- a/libfreerdp/crypto/crypto.c
+++ b/libfreerdp/crypto/crypto.c
@@ -756,7 +756,6 @@ char* crypto_cert_issuer(X509* xcert)
  
  BOOL x509_verify_certificate(CryptoCert cert, char* certificate_store_path)
  {
-       int purpose;
         X509_VERIFY_PARAM* verify_param;
         X509_STORE_CTX* csc;
         BOOL status = FALSE;
@@ -802,13 +801,7 @@ BOOL x509_verify_certificate(CryptoCert cert, char* certificate_store_path)
         if (!X509_STORE_CTX_init(csc, cert_ctx, xcert, cert->px509chain))
                 goto end;
  
-       purpose = X509_PURPOSE_ANY;
-       verify_param = X509_STORE_CTX_get0_param(csc);
-
-       if (!verify_param)
-               goto end;
-
-       X509_VERIFY_PARAM_set_purpose(verify_param, purpose);
+       X509_STORE_CTX_set_purpose(csc, X509_PURPOSE_SSL_SERVER);
  
         if (X509_verify_cert(csc) == 1)
                 status = TRUE;
author	Armin Novak <armin.novak@thincast.com>
	Wed, 28 Nov 2018 08:32:28 +0000 (09:32 +0100)
committer	Armin Novak <armin.novak@thincast.com>
	Wed, 28 Nov 2018 11:08:42 +0000 (12:08 +0100)