| b.liu | e958203 | 2025-04-17 19:18:16 +0800 | [diff] [blame^] | 1 | --- a/src/openssl/tls.c |
| 2 | +++ b/src/openssl/tls.c |
| 3 | @@ -872,7 +872,7 @@ _getdns_tls_x509* _getdns_tls_connection |
| 4 | if (!conn || !conn->ssl) |
| 5 | return NULL; |
| 6 | |
| 7 | - return _getdns_tls_x509_new(mfs, SSL_get_peer_certificate(conn->ssl)); |
| 8 | + return _getdns_tls_x509_new(mfs, SSL_get1_peer_certificate(conn->ssl)); |
| 9 | } |
| 10 | |
| 11 | getdns_return_t _getdns_tls_connection_is_session_reused(_getdns_tls_connection* conn) |
| 12 | @@ -990,7 +990,7 @@ getdns_return_t _getdns_tls_connection_c |
| 13 | #if defined(USE_DANESSL) |
| 14 | { |
| 15 | getdns_return_t res = GETDNS_RETURN_GOOD; |
| 16 | - X509* peer_cert = SSL_get_peer_certificate(conn->ssl); |
| 17 | + X509* peer_cert = SSL_get1_peer_certificate(conn->ssl); |
| 18 | if (peer_cert) { |
| 19 | if (conn->auth_name[0] && |
| 20 | X509_check_host(peer_cert, |