- if (cert_in_store(ctx->current_cert, ctx))
---
-2.1.4
-
-Author: Ben Hutchings <ben@decadent.org.uk>
-Date: Sun, 26 Jun 2016 22:04:29 +0200
-Description: Update OpenSSL API usage to support OpenSSL 1.1
- Most structure definitions in OpenSSL are now opaque and we must call
- the appropriate accessor functions to get information from them.
- Not all the accessors are available in older versions, so define the
- missing accessors as macros.
- .
- The X509_retrieve_match() function is no longer usable, as we cannot
- initialise an X509_OBJECT ourselves. Instead, iterate over the
- certificate store and use X509_OBJECT_get_type and X509_cmp to
- compare certificates.
-
---- a/src/sbverify.c
-+++ b/src/sbverify.c
+- serial = x509->cert_info->serialNumber;
+-
+ key->id_len = ASN1_STRING_length(serial);
+ key->id = talloc_memdup(key, ASN1_STRING_data(serial), key->id_len);
+
+ key->description = talloc_array(key, char, description_len);
+- X509_NAME_oneline(x509->cert_info->subject,
++ X509_NAME_oneline(X509_get_subject_name(x509),
+ key->description, description_len);
+
+ rc = 0;
+diff -urNp -x '*.orig' sbsigntool-0.6.org/src/sbverify.c sbsigntool-0.6/src/sbverify.c
+--- sbsigntool-0.6.org/src/sbverify.c 2012-10-11 14:32:32.000000000 +0200
++++ sbsigntool-0.6/src/sbverify.c 2021-10-03 23:16:05.621000201 +0200