1 files changed, 17 insertions, 18 deletions
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
index 59fc6ca548..0affa3bf30 100644
--- a/src/lib/libcrypto/x509/x509_req.c
+++ b/src/lib/libcrypto/x509/x509_req.c
@@ -118,7 +118,7 @@ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
 * used and there may be more: so the list is configurable.
 */
-static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef};
+static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
 static int *ext_nids = ext_nid_list;
@@ -143,33 +143,32 @@ void X509_REQ_set_extension_nids(int *nids)
 }
 STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
-        {
+{
        X509_ATTRIBUTE *attr;
+        STACK_OF(X509_ATTRIBUTE) *sk;
        ASN1_TYPE *ext = NULL;
-        int idx, *pnid;
+        int i;
        unsigned char *p;
+        if ((req == NULL) || (req->req_info == NULL))
-        if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
                return(NULL);
-        for (pnid = ext_nids; *pnid != NID_undef; pnid++)
+        sk=req->req_info->attributes;
-                {
+        if (!sk) return NULL;
-                idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);
+        for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
-                if (idx == -1)
+                attr = sk_X509_ATTRIBUTE_value(sk, i);
-                        continue;
+                if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
-                attr = X509_REQ_get_attr(req, idx);
+                        if(attr->single) ext = attr->value.single;
-                if(attr->single) ext = attr->value.single;
+                        else if(sk_ASN1_TYPE_num(attr->value.set))
-                else if(sk_ASN1_TYPE_num(attr->value.set))
+                                ext = sk_ASN1_TYPE_value(attr->value.set, 0);
-                        ext = sk_ASN1_TYPE_value(attr->value.set, 0);
+                        break;
-                break;
                }
-        if(!ext || (ext->type != V_ASN1_SEQUENCE))
+        }
-                return NULL;
+        if(!ext || (ext->type != V_ASN1_SEQUENCE)) return NULL;
        p = ext->value.sequence->data;
        return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
                        ext->value.sequence->length,
                        d2i_X509_EXTENSION, X509_EXTENSION_free,
                        V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-        }
+}
 /* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
 * in case we want to create a non standard one.

diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c index 59fc6ca548..0affa3bf30 100644 --- a/src/lib/libcrypto/x509/x509_req.c +++ b/src/lib/libcrypto/x509/x509_req.c
@@ -118,7 +118,7 @@ EVP_PKEY X509_REQ_get_pubkey(X509_REQ req)
118	* used and there may be more: so the list is configurable.	118	* used and there may be more: so the list is configurable.
119	*/	119	*/
120		120
121	static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef};	121	static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
122		122
123	static int *ext_nids = ext_nid_list;	123	static int *ext_nids = ext_nid_list;
124		124
@@ -143,33 +143,32 @@ void X509_REQ_set_extension_nids(int *nids)
143	}	143	}
144		144
145	STACK_OF(X509_EXTENSION) X509_REQ_get_extensions(X509_REQ req)	145	STACK_OF(X509_EXTENSION) X509_REQ_get_extensions(X509_REQ req)
146	{	146	{
147	X509_ATTRIBUTE *attr;	147	X509_ATTRIBUTE *attr;
		148	STACK_OF(X509_ATTRIBUTE) *sk;
148	ASN1_TYPE *ext = NULL;	149	ASN1_TYPE *ext = NULL;
149	int idx, *pnid;	150	int i;
150	unsigned char *p;	151	unsigned char *p;
151		152	if ((req == NULL) \|\| (req->req_info == NULL))
152	if ((req == NULL) \|\| (req->req_info == NULL) \|\| !ext_nids)
153	return(NULL);	153	return(NULL);
154	for (pnid = ext_nids; *pnid != NID_undef; pnid++)	154	sk=req->req_info->attributes;
155	{	155	if (!sk) return NULL;
156	idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);	156	for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
157	if (idx == -1)	157	attr = sk_X509_ATTRIBUTE_value(sk, i);
158	continue;	158	if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
159	attr = X509_REQ_get_attr(req, idx);	159	if(attr->single) ext = attr->value.single;
160	if(attr->single) ext = attr->value.single;	160	else if(sk_ASN1_TYPE_num(attr->value.set))
161	else if(sk_ASN1_TYPE_num(attr->value.set))	161	ext = sk_ASN1_TYPE_value(attr->value.set, 0);
162	ext = sk_ASN1_TYPE_value(attr->value.set, 0);	162	break;
163	break;
164	}	163	}
165	if(!ext \|\| (ext->type != V_ASN1_SEQUENCE))	164	}
166	return NULL;	165	if(!ext \|\| (ext->type != V_ASN1_SEQUENCE)) return NULL;
167	p = ext->value.sequence->data;	166	p = ext->value.sequence->data;
168	return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,	167	return d2i_ASN1_SET_OF_X509_EXTENSION(NULL, &p,
169	ext->value.sequence->length,	168	ext->value.sequence->length,
170	d2i_X509_EXTENSION, X509_EXTENSION_free,	169	d2i_X509_EXTENSION, X509_EXTENSION_free,
171	V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);	170	V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
172	}	171	}
173		172
174	/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs	173	/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
175	* in case we want to create a non standard one.	174	* in case we want to create a non standard one.