diff -up bro-1.5.1/src/ssl-analyzer.pac.openssl bro-1.5.1/src/ssl-analyzer.pac
--- bro-1.5.1/src/ssl-analyzer.pac.openssl 2008-10-13 00:01:26.000000000 +0200
+++ bro-1.5.1/src/ssl-analyzer.pac 2010-09-08 13:36:04.179260819 +0200
@@ -382,7 +382,7 @@ refine analyzer SSLAnalyzer += {
STACK_OF(X509)* untrusted_certs = 0;
if ( certificates->size() > 1 )
{
- untrusted_certs = sk_new_null();
+ untrusted_certs = sk_X509_new_null();
if ( ! untrusted_certs )
{
// X509_V_ERR_OUT_OF_MEM;
@@ -405,7 +405,7 @@ refine analyzer SSLAnalyzer += {
return false;
}
- sk_push(untrusted_certs, (char*) pTemp);
+ sk_X509_push(untrusted_certs, pTemp);
}
}
@@ -417,7 +417,7 @@ refine analyzer SSLAnalyzer += {
certificate_error(csc.error);
X509_STORE_CTX_cleanup(&csc);
- sk_pop_free(untrusted_certs, free_X509);
+ sk_X509_pop_free(untrusted_certs, X509_free);
}
X509_free(pCert);
diff -up bro-1.5.1/src/X509.cc.openssl bro-1.5.1/src/X509.cc
--- bro-1.5.1/src/X509.cc.openssl 2009-06-29 23:43:50.000000000 +0200
+++ bro-1.5.1/src/X509.cc 2010-09-08 13:36:04.180250612 +0200
@@ -192,7 +192,7 @@ int X509_Cert::verifyChain(Contents_SSL*
// but in chain format).
// Init the stack.
- STACK_OF(X509)* untrustedCerts = sk_new_null();
+ STACK_OF(X509)* untrustedCerts = sk_X509_new_null();
if ( ! untrustedCerts )
{
// Internal error allocating stack of untrusted certs.
@@ -233,7 +233,7 @@ int X509_Cert::verifyChain(Contents_SSL*
else
// The remaining certificates (if any) are put into
// the list of untrusted certificates
- sk_push(untrustedCerts, (char*) pTemp);
+ sk_X509_push(untrustedCerts, pTemp);
tempLength += certLength + 3;
}
@@ -259,7 +259,7 @@ int X509_Cert::verifyChain(Contents_SSL*
// Free the stack, incuding. contents.
// FIXME: could this break Bro's memory tracking?
- sk_pop_free(untrustedCerts, free);
+ sk_X509_pop_free(untrustedCerts, X509_free);
return ret;
}