From eeb8928a263b277fbf49fd72b4abacb8bf615511 Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Thu, 29 Oct 2015 14:16:15 +0000
Subject: [PATCH] CryptoPkg/BaseCryptLib: Use i2d_X509_NAME() instead of
 abusing X509_NAME

In OpenSSL 1.1, the X509_NAME becomes an opaque structure and we will no
longer get away with accessing its members directly. Use i2d_X509_NAME()
instead.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Tested-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Qin Long <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18699 6f19259b-4bc3-4df7-8a09-765794883524
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index fba356f8e7..5d6be6fce9 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -245,6 +245,7 @@ X509GetSubjectName (
   BOOLEAN    Status;
   X509       *X509Cert;
   X509_NAME  *X509Name;
+  UINTN      X509NameSize;
 
   //
   // Check input parameters.
@@ -274,13 +275,14 @@ X509GetSubjectName (
     goto _Exit;
   }
 
-  if (*SubjectSize < (UINTN) X509Name->bytes->length) {
-    *SubjectSize = (UINTN) X509Name->bytes->length;
+  X509NameSize = i2d_X509_NAME(X509Name, NULL);
+  if (*SubjectSize < X509NameSize) {
+    *SubjectSize = X509NameSize;
     goto _Exit;
   }
-  *SubjectSize = (UINTN) X509Name->bytes->length;
+  *SubjectSize = X509NameSize;
   if (CertSubject != NULL) {
-    CopyMem (CertSubject, (UINT8 *) X509Name->bytes->data, *SubjectSize);
+    i2d_X509_NAME(X509Name, &CertSubject);
     Status = TRUE;
   }