Ensure libssl uses the new library context aware CT code

Ensure that when we create a CTLOG_STORE we use the new library context aware function. Also ensure that when we create a CT_POLICY_EVAL_CTX we associate it with the library context. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11483)
author: Matt Caswell <matt@openssl.org> 2020-04-03 17:26:28 +0200
committer: Matt Caswell <matt@openssl.org> 2020-04-09 15:51:48 +0200
commit: 1a37ee9402eaf262bea58309d162304b0347367b (patch)
tree: be2b99b5fce4daaef5d32bca21babda300dbf674 /ssl/ssl_lib.c
parent: Make the CT code library context aware (diff)
download: openssl-1a37ee9402eaf262bea58309d162304b0347367b.tar.xz
openssl-1a37ee9402eaf262bea58309d162304b0347367b.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index a08ddb138b..09f0afdb22 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -3141,7 +3141,7 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
     if (ret->cert_store == NULL)
         goto err;
 #ifndef OPENSSL_NO_CT
-    ret->ctlog_store = CTLOG_STORE_new();
+    ret->ctlog_store = CTLOG_STORE_new_with_libctx(libctx, propq);
     if (ret->ctlog_store == NULL)
         goto err;
 #endif
@@ -5145,7 +5145,7 @@ int ssl_validate_ct(SSL *s)
         }
     }
 
-    ctx = CT_POLICY_EVAL_CTX_new();
+    ctx = CT_POLICY_EVAL_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
     if (ctx == NULL) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_VALIDATE_CT,
                  ERR_R_MALLOC_FAILURE);
author	Matt Caswell <matt@openssl.org>	2020-04-03 17:26:28 +0200
committer	Matt Caswell <matt@openssl.org>	2020-04-09 15:51:48 +0200
commit	1a37ee9402eaf262bea58309d162304b0347367b (patch)
tree	be2b99b5fce4daaef5d32bca21babda300dbf674 /ssl/ssl_lib.c
parent	Make the CT code library context aware (diff)
download	openssl-1a37ee9402eaf262bea58309d162304b0347367b.tar.xz openssl-1a37ee9402eaf262bea58309d162304b0347367b.zip