4 files changed, 14 insertions, 14 deletions

diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index d8d55b2ee1..c276874e69 100644
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -68,7 +68,7 @@ ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
         ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
         ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
         ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
-        ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
+        ASN1_EMBED(X509_CINF, validity, X509_VAL),
         ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
         ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
         ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index abf75cdb7a..5d576e91e5 100644
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -95,9 +95,9 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
     if (X509_set_issuer_name(ret, X509_NAME_dup(xn)) == 0)
         goto err;
 
-    if (X509_gmtime_adj(xi->validity->notBefore, 0) == NULL)
+    if (X509_gmtime_adj(xi->validity.notBefore, 0) == NULL)
         goto err;
-    if (X509_gmtime_adj(xi->validity->notAfter, (long)60 * 60 * 24 * days) ==
+    if (X509_gmtime_adj(xi->validity.notAfter, (long)60 * 60 * 24 * days) ==
         NULL)
         goto err;
 
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
index cfff563ef4..0b0d4f5ab8 100644
--- a/crypto/x509/x509_set.c
+++ b/crypto/x509/x509_set.c
@@ -114,14 +114,14 @@ int X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
 {
     ASN1_TIME *in;
 
-    if ((x == NULL) || (x->cert_info->validity == NULL))
+    if (x == NULL)
         return (0);
-    in = x->cert_info->validity->notBefore;
+    in = x->cert_info->validity.notBefore;
     if (in != tm) {
         in = ASN1_STRING_dup(tm);
         if (in != NULL) {
-            ASN1_TIME_free(x->cert_info->validity->notBefore);
-            x->cert_info->validity->notBefore = in;
+            ASN1_TIME_free(x->cert_info->validity.notBefore);
+            x->cert_info->validity.notBefore = in;
         }
     }
     return (in != NULL);
@@ -131,14 +131,14 @@ int X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
 {
     ASN1_TIME *in;
 
-    if ((x == NULL) || (x->cert_info->validity == NULL))
+    if (x == NULL)
         return (0);
-    in = x->cert_info->validity->notAfter;
+    in = x->cert_info->validity.notAfter;
     if (in != tm) {
         in = ASN1_STRING_dup(tm);
         if (in != NULL) {
-            ASN1_TIME_free(x->cert_info->validity->notAfter);
-            x->cert_info->validity->notAfter = in;
+            ASN1_TIME_free(x->cert_info->validity.notAfter);
+            x->cert_info->validity.notAfter = in;
         }
     }
     return (in != NULL);
@@ -163,12 +163,12 @@ long X509_get_version(X509 *x)
 
 ASN1_TIME * X509_get_notBefore(X509 *x)
 {
-    return x->cert_info->validity->notBefore;
+    return x->cert_info->validity.notBefore;
 }
 
 ASN1_TIME *X509_get_notAfter(X509 *x)
 {
-    return x->cert_info->validity->notAfter;
+    return x->cert_info->validity.notAfter;
 }
 
 int X509_get_signature_type(const X509 *x)
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 751150daec..d0933b0cb0 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -169,7 +169,7 @@ typedef struct x509_cinf_st {
     ASN1_INTEGER *serialNumber;
     X509_ALGOR *signature;
     X509_NAME *issuer;
-    X509_VAL *validity;
+    X509_VAL validity;
     X509_NAME *subject;
     X509_PUBKEY *key;
     ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */