apps/x509.c: Make -x509toreq respect -clrext, -sigopt, and -extfile options

Also prevent copying SKID and AKID extension, which make no sense in CSRs and extend the use -ext to select with extensions are copied. Further simplifiy the overall structure of the code. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13711)
author: Dr. David von Oheimb <David.von.Oheimb@siemens.com> 2021-01-08 17:43:13 +0100
committer: Dr. David von Oheimb <dev@ddvo.net> 2021-01-20 15:59:22 +0100
commit: 05458fdb73dcca30edace5ad727a15d6d919e215 (patch)
tree: 481b7b5ba0e6b184d76b0ca208d96e45eb41a129 /apps/lib
parent: b9fbacaa7bdce2083186211b3cdf8511ad4cb91d (diff)
1 files changed, 1 insertions, 4 deletions
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index 6a8ee415f9..30d026bdef 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -989,10 +989,7 @@ int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
                 continue;
             /* Delete all extensions of same type */
             do {
-                X509_EXTENSION *tmpext = X509_get_ext(x, idx);
-
-                X509_delete_ext(x, idx);
-                X509_EXTENSION_free(tmpext);
+                X509_EXTENSION_free(X509_delete_ext(x, idx));
                 idx = X509_get_ext_by_OBJ(x, obj, -1);
             } while (idx != -1);
         }
author	Dr. David von Oheimb <David.von.Oheimb@siemens.com>	2021-01-08 17:43:13 +0100
committer	Dr. David von Oheimb <dev@ddvo.net>	2021-01-20 15:59:22 +0100
commit	05458fdb73dcca30edace5ad727a15d6d919e215 (patch)
tree	481b7b5ba0e6b184d76b0ca208d96e45eb41a129 /apps/lib
parent	b9fbacaa7bdce2083186211b3cdf8511ad4cb91d (diff)