Avoid call to deprecated X509_STORE_get0_objects

X509_STORE_get0_objects is not thread-safe and also constrains
X509_STORE's internals in undesirable ways. See
openssl/openssl#23224

TEST=ci

Change-Id: I0d501d92208e4af9de944b38c07cbcb66acaec66
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/407840
Auto-Submit: David Benjamin <[email protected]>
Commit-Queue: Brian Quinlan <[email protected]>
Reviewed-by: Brian Quinlan <[email protected]>

Author: davidben

runtime/bin/security_context_macos.cc

@@ -146,7 +146,8 @@ static ssl_verify_result_t CertificateVerificationCallback(SSL* ssl,
       CFArrayCreateMutable(nullptr, 0, nullptr));
   ASSERT(store != nullptr);
 
-  for (const X509_OBJECT* obj : X509_STORE_get0_objects(store)) {
+  bssl::UniquePtr<STACK_OF(X509_OBJECT)> objs(X509_STORE_get1_objects(store));
+  for (const X509_OBJECT* obj : objs.get()) {
     X509* ca = X509_OBJECT_get0_X509(obj);
     ScopedSecCertificateRef cert(CreateSecCertificateFromX509(ca));
     if (cert == nullptr) {