New function X509_get0_pubkey

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
author: Dr. Stephen Henson <steve@openssl.org> 2015-12-14 13:13:32 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2015-12-14 23:06:14 +0000
commit: c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7 (patch)
tree: 5d4bfc88099fab5f8178b3cdfee4e8f4db2ad68d /apps/ca.c
parent: 2872dbe1c46eceb20c38bc55a5fe2a4c4c52fe9d (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/apps/ca.c b/apps/ca.c
index 535526ce30..6404e48507 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1402,12 +1402,11 @@ static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
 
     BIO_printf(bio_err, "Check that the request matches the signature\n");
 
-    if ((pktmp = X509_get_pubkey(req)) == NULL) {
+    if ((pktmp = X509_get0_pubkey(req)) == NULL) {
         BIO_printf(bio_err, "error unpacking public key\n");
         goto end;
     }
     i = X509_verify(req, pktmp);
-    EVP_PKEY_free(pktmp);
     if (i < 0) {
         ok = 0;
         BIO_printf(bio_err, "Signature verification problems....\n");
@@ -1890,11 +1889,10 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
         }
     }
 
-    pktmp = X509_get_pubkey(ret);
+    pktmp = X509_get0_pubkey(ret);
     if (EVP_PKEY_missing_parameters(pktmp) &&
         !EVP_PKEY_missing_parameters(pkey))
         EVP_PKEY_copy_parameters(pktmp, pkey);
-    EVP_PKEY_free(pktmp);
 
     if (!do_X509_sign(ret, pkey, dgst, sigopts))
         goto end;
author	Dr. Stephen Henson <steve@openssl.org>	2015-12-14 13:13:32 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2015-12-14 23:06:14 +0000
commit	c01ff880d47392b82cce2f93ac4a9bb8c68f8cc7 (patch)
tree	5d4bfc88099fab5f8178b3cdfee4e8f4db2ad68d /apps/ca.c
parent	2872dbe1c46eceb20c38bc55a5fe2a4c4c52fe9d (diff)