Further simplify X509_REQ_get_extensions()

Instead of inlining a poor version of ASN1_TYPE_unpack_sequence() with
missing error checks, just call the real thing. It's safer and simpler.

ok jsing

1 files changed, 4 insertions, 6 deletions

diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
index 34e052341d..4e30b04d25 100644
--- a/src/lib/libcrypto/x509/x509_req.c
+++ b/src/lib/libcrypto/x509/x509_req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_req.c,v 1.36 2024/05/08 08:20:08 tb Exp $ */
+/* $OpenBSD: x509_req.c,v 1.37 2024/05/09 14:00:52 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -70,6 +70,7 @@
 #include <openssl/pem.h>
 #include <openssl/x509.h>
 
+#include "asn1_local.h"
 #include "evp_local.h"
 #include "x509_local.h"
 
@@ -183,7 +184,6 @@ X509_REQ_get_extensions(X509_REQ *req)
         X509_ATTRIBUTE *attr;
         ASN1_TYPE *ext = NULL;
         int idx;
-        const unsigned char *p;
 
         if (req == NULL || req->req_info == NULL)
                 return NULL;
@@ -197,10 +197,8 @@ X509_REQ_get_extensions(X509_REQ *req)
                 return NULL;
         if ((ext = X509_ATTRIBUTE_get0_type(attr, 0)) == NULL)
                 return NULL;
-        if (ext->type != V_ASN1_SEQUENCE)
-                return NULL;
-        p = ext->value.sequence->data;
-        return d2i_X509_EXTENSIONS(NULL, &p, ext->value.sequence->length);
+
+        return ASN1_TYPE_unpack_sequence(&X509_EXTENSIONS_it, ext);
 }
 LCRYPTO_ALIAS(X509_REQ_get_extensions);