diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-01-08 17:43:13 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-01-20 15:59:22 +0100 |
commit | 05458fdb73dcca30edace5ad727a15d6d919e215 (patch) | |
tree | 481b7b5ba0e6b184d76b0ca208d96e45eb41a129 /apps/lib | |
parent | b9fbacaa7bdce2083186211b3cdf8511ad4cb91d (diff) |
apps/x509.c: Make -x509toreq respect -clrext, -sigopt, and -extfile options
Also prevent copying SKID and AKID extension, which make no sense in CSRs
and extend the use -ext to select with extensions are copied.
Further simplifiy the overall structure of the code.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13711)
Diffstat (limited to 'apps/lib')
-rw-r--r-- | apps/lib/apps.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 6a8ee415f9..30d026bdef 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -989,10 +989,7 @@ int copy_extensions(X509 *x, X509_REQ *req, int copy_type) continue; /* Delete all extensions of same type */ do { - X509_EXTENSION *tmpext = X509_get_ext(x, idx); - - X509_delete_ext(x, idx); - X509_EXTENSION_free(tmpext); + X509_EXTENSION_free(X509_delete_ext(x, idx)); idx = X509_get_ext_by_OBJ(x, obj, -1); } while (idx != -1); } |