6 files changed, 34 insertions, 101 deletions
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c
index cc9da46439..4b27a4ddbe 100644
--- a/src/lib/libcrypto/asn1/t_req.c
+++ b/src/lib/libcrypto/asn1/t_req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: t_req.c,v 1.21 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: t_req.c,v 1.22 2022/05/09 19:19:33 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -176,7 +176,6 @@ X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
                                ASN1_TYPE *at;
                                X509_ATTRIBUTE *a;
                                ASN1_BIT_STRING *bs = NULL;
-                                ASN1_TYPE *t;
                                int j, type = 0, count = 1, ii = 0;
                                a = sk_X509_ATTRIBUTE_value(sk, i);
@@ -186,20 +185,12 @@ X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
                                if (BIO_printf(bp, "%12s", "") <= 0)
                                        goto err;
                                if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) {
-                                        if (a->single) {
+                                        ii = 0;
-                                                t = a->value.single;
+                                        count = sk_ASN1_TYPE_num(a->set);
-                                                type = t->type;
-                                                bs = t->value.bit_string;
-                                        } else {
-                                                ii = 0;
-                                                count = sk_ASN1_TYPE_num(
-                                                    a->value.set);
 get_next:
-                                                at = sk_ASN1_TYPE_value(
+                                        at = sk_ASN1_TYPE_value(a->set, ii);
-                                                    a->value.set, ii);
+                                        type = at->type;
-                                                type = at->type;
+                                        bs = at->value.asn1_string;
-                                                bs = at->value.asn1_string;
-                                        }
                                }
                                for (j = 25 - j; j > 0; j--)
                                        if (BIO_write(bp, " ", 1) != 1)
diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c
index 47b5afd95d..e8822a33a5 100644
--- a/src/lib/libcrypto/asn1/x_attrib.c
+++ b/src/lib/libcrypto/asn1/x_attrib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x_attrib.c,v 1.16 2021/12/25 13:17:48 jsing Exp $ */
+/* $OpenBSD: x_attrib.c,v 1.17 2022/05/09 19:19:33 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -64,48 +64,14 @@
 #include "x509_lcl.h"
-/* X509_ATTRIBUTE: this has the following form:
+/*
- *
+ * XXX - remove X509_ATTRIBUTE_SET_it with next major bump.
- * typedef struct x509_attributes_st
- *      {
- *      ASN1_OBJECT *object;
- *      int single;
- *      union   {
- *              char            *ptr;
- *              STACK_OF(ASN1_TYPE) *set;
- *              ASN1_TYPE       *single;
- *              } value;
- *      } X509_ATTRIBUTE;
- *
- * this needs some extra thought because the CHOICE type is
- * merged with the main structure and because the value can
- * be anything at all we *must* try the SET OF first because
- * the ASN1_ANY type will swallow anything including the whole
- * SET OF structure.
 */
-static const ASN1_TEMPLATE X509_ATTRIBUTE_SET_ch_tt[] = {
-        {
-                .flags = ASN1_TFLG_SET_OF,
-                .tag = 0,
-                .offset = offsetof(X509_ATTRIBUTE, value.set),
-                .field_name = "value.set",
-                .item = &ASN1_ANY_it,
-        },
-        {
-                .flags = 0,
-                .tag = 0,
-                .offset = offsetof(X509_ATTRIBUTE, value.single),
-                .field_name = "value.single",
-                .item = &ASN1_ANY_it,
-        },
-};
 const ASN1_ITEM X509_ATTRIBUTE_SET_it = {
        .itype = ASN1_ITYPE_CHOICE,
-        .utype = offsetof(X509_ATTRIBUTE, single),
+        .utype = 0,
-        .templates = X509_ATTRIBUTE_SET_ch_tt,
+        .templates = NULL,
-        .tcount = sizeof(X509_ATTRIBUTE_SET_ch_tt) / sizeof(ASN1_TEMPLATE),
+        .tcount = 0,
        .funcs = NULL,
        .size = sizeof(X509_ATTRIBUTE),
        .sname = "X509_ATTRIBUTE",
@@ -119,13 +85,12 @@ static const ASN1_TEMPLATE X509_ATTRIBUTE_seq_tt[] = {
                .field_name = "object",
                .item = &ASN1_OBJECT_it,
        },
-        /* CHOICE type merged with parent */
        {
-                .flags = 0 | ASN1_TFLG_COMBINE,
+                .flags = ASN1_TFLG_SET_OF,
                .tag = 0,
-                .offset = 0,
+                .offset = offsetof(X509_ATTRIBUTE, set),
-                .field_name = NULL,
+                .field_name = "set",
-                .item = &X509_ATTRIBUTE_SET_it,
+                .item = &ASN1_ANY_it,
        },
 };
@@ -183,12 +148,9 @@ X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
        if ((ret = X509_ATTRIBUTE_new()) == NULL)
                return (NULL);
        ret->object = oid;
-        ret->single = 0;
-        if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
-                goto err;
        if ((val = ASN1_TYPE_new()) == NULL)
                goto err;
-        if (!sk_ASN1_TYPE_push(ret->value.set, val))
+        if (!sk_ASN1_TYPE_push(ret->set, val))
                goto err;
        ASN1_TYPE_set(val, atrtype, value);
diff --git a/src/lib/libcrypto/pkcs12/p12_attr.c b/src/lib/libcrypto/pkcs12/p12_attr.c
index dc38b7c897..a35a148b11 100644
--- a/src/lib/libcrypto/pkcs12/p12_attr.c
+++ b/src/lib/libcrypto/pkcs12/p12_attr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: p12_attr.c,v 1.14 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: p12_attr.c,v 1.15 2022/05/09 19:19:33 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -129,12 +129,8 @@ PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
                return NULL;
        for (i = 0; i < sk_X509_ATTRIBUTE_num(attrs); i++) {
                attrib = sk_X509_ATTRIBUTE_value(attrs, i);
-                if (OBJ_obj2nid(attrib->object) == attr_nid) {
+                if (OBJ_obj2nid(attrib->object) == attr_nid)
-                        if (sk_ASN1_TYPE_num(attrib->value.set))
+                        return sk_ASN1_TYPE_value(attrib->set, 0);
-                                return sk_ASN1_TYPE_value(attrib->value.set, 0);
-                        else
-                                return NULL;
-                }
        }
        return NULL;
 }
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
index c9d64bcf34..b314069610 100644
--- a/src/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pk7_doit.c,v 1.46 2021/12/12 21:30:14 tb Exp $ */
+/* $OpenBSD: pk7_doit.c,v 1.47 2022/05/09 19:19:33 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1129,12 +1129,8 @@ get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
                return (NULL);
        for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
                xa = sk_X509_ATTRIBUTE_value(sk, i);
-                if (OBJ_cmp(xa->object, o) == 0) {
+                if (OBJ_cmp(xa->object, o) == 0)
-                        if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
+                        return (sk_ASN1_TYPE_value(xa->set, 0));
-                                return (sk_ASN1_TYPE_value(xa->value.set, 0));
-                        else
-                                return (NULL);
-                }
        }
        return (NULL);
 }
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c
index 38aa063143..8d369df900 100644
--- a/src/lib/libcrypto/x509/x509_att.c
+++ b/src/lib/libcrypto/x509/x509_att.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_att.c,v 1.18 2021/11/01 20:53:08 tb Exp $ */
+/* $OpenBSD: x509_att.c,v 1.19 2022/05/09 19:19:33 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -324,10 +324,8 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data,
                        goto err;
                atype = attrtype;
        }
-        if (!(attr->value.set = sk_ASN1_TYPE_new_null()))
+        /*
-                goto err;
+         * This is a bit naughty because the attribute should really have
-        attr->single = 0;
-        /* This is a bit naughty because the attribute should really have
         * at least one value but some types use and zero length SET and
         * require this.
         */
@@ -343,7 +341,7 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data,
                        goto err;
        } else
                ASN1_TYPE_set(ttmp, atype, stmp);
-        if (!sk_ASN1_TYPE_push(attr->value.set, ttmp))
+        if (!sk_ASN1_TYPE_push(attr->set, ttmp))
                goto err;
        return 1;
@@ -357,11 +355,10 @@ err:
 int
 X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr)
 {
-        if (!attr->single)
+        if (attr == NULL)
-                return sk_ASN1_TYPE_num(attr->value.set);
+                return 0;
-        if (attr->value.single)
-                return 1;
+        return sk_ASN1_TYPE_num(attr->set);
-        return 0;
 }
 ASN1_OBJECT *
@@ -392,10 +389,6 @@ X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
 {
        if (attr == NULL)
                return (NULL);
-        if (idx >= X509_ATTRIBUTE_count(attr))
-                return NULL;
+        return sk_ASN1_TYPE_value(attr->set, idx);
-        if (!attr->single)
-                return sk_ASN1_TYPE_value(attr->value.set, idx);
-        else
-                return attr->value.single;
 }
diff --git a/src/lib/libcrypto/x509/x509_lcl.h b/src/lib/libcrypto/x509/x509_lcl.h
index e7eb733f7d..5beef8a94d 100644
--- a/src/lib/libcrypto/x509/x509_lcl.h
+++ b/src/lib/libcrypto/x509/x509_lcl.h
@@ -109,12 +109,7 @@ struct X509_extension_st {
 struct x509_attributes_st {
        ASN1_OBJECT *object;
-        int single; /* 0 for a set, 1 for a single item (which is wrong) */
+        STACK_OF(ASN1_TYPE) *set;
-        union {
-                char            *ptr;
-/* 0 */         STACK_OF(ASN1_TYPE) *set;
-/* 1 */         ASN1_TYPE       *single;
-        } value;
 } /* X509_ATTRIBUTE */;
 struct X509_req_info_st {

diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c index cc9da46439..4b27a4ddbe 100644 --- a/src/lib/libcrypto/asn1/t_req.c +++ b/src/lib/libcrypto/asn1/t_req.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: t_req.c,v 1.21 2021/12/25 13:17:48 jsing Exp $ */	1	/* $OpenBSD: t_req.c,v 1.22 2022/05/09 19:19:33 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -176,7 +176,6 @@ X509_REQ_print_ex(BIO bp, X509_REQ x, unsigned long nmflags,
176	ASN1_TYPE *at;	176	ASN1_TYPE *at;
177	X509_ATTRIBUTE *a;	177	X509_ATTRIBUTE *a;
178	ASN1_BIT_STRING *bs = NULL;	178	ASN1_BIT_STRING *bs = NULL;
179	ASN1_TYPE *t;
180	int j, type = 0, count = 1, ii = 0;	179	int j, type = 0, count = 1, ii = 0;
181		180
182	a = sk_X509_ATTRIBUTE_value(sk, i);	181	a = sk_X509_ATTRIBUTE_value(sk, i);
@@ -186,20 +185,12 @@ X509_REQ_print_ex(BIO bp, X509_REQ x, unsigned long nmflags,
186	if (BIO_printf(bp, "%12s", "") <= 0)	185	if (BIO_printf(bp, "%12s", "") <= 0)
187	goto err;	186	goto err;
188	if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) {	187	if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) {
189	if (a->single) {	188	ii = 0;
190	t = a->value.single;	189	count = sk_ASN1_TYPE_num(a->set);
191	type = t->type;
192	bs = t->value.bit_string;
193	} else {
194	ii = 0;
195	count = sk_ASN1_TYPE_num(
196	a->value.set);
197	get_next:	190	get_next:
198	at = sk_ASN1_TYPE_value(	191	at = sk_ASN1_TYPE_value(a->set, ii);
199	a->value.set, ii);	192	type = at->type;
200	type = at->type;	193	bs = at->value.asn1_string;
201	bs = at->value.asn1_string;
202	}
203	}	194	}
204	for (j = 25 - j; j > 0; j--)	195	for (j = 25 - j; j > 0; j--)
205	if (BIO_write(bp, " ", 1) != 1)	196	if (BIO_write(bp, " ", 1) != 1)


diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c index 47b5afd95d..e8822a33a5 100644 --- a/src/lib/libcrypto/asn1/x_attrib.c +++ b/src/lib/libcrypto/asn1/x_attrib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x_attrib.c,v 1.16 2021/12/25 13:17:48 jsing Exp $ */	1	/* $OpenBSD: x_attrib.c,v 1.17 2022/05/09 19:19:33 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -64,48 +64,14 @@
64		64
65	#include "x509_lcl.h"	65	#include "x509_lcl.h"
66		66
67	/* X509_ATTRIBUTE: this has the following form:	67	/*
68	*	68	* XXX - remove X509_ATTRIBUTE_SET_it with next major bump.
69	* typedef struct x509_attributes_st
70	* {
71	* ASN1_OBJECT *object;
72	* int single;
73	* union {
74	* char *ptr;
75	* STACK_OF(ASN1_TYPE) *set;
76	* ASN1_TYPE *single;
77	* } value;
78	* } X509_ATTRIBUTE;
79	*
80	* this needs some extra thought because the CHOICE type is
81	* merged with the main structure and because the value can
82	* be anything at all we must try the SET OF first because
83	* the ASN1_ANY type will swallow anything including the whole
84	* SET OF structure.
85	*/	69	*/
86
87	static const ASN1_TEMPLATE X509_ATTRIBUTE_SET_ch_tt[] = {
88	{
89	.flags = ASN1_TFLG_SET_OF,
90	.tag = 0,
91	.offset = offsetof(X509_ATTRIBUTE, value.set),
92	.field_name = "value.set",
93	.item = &ASN1_ANY_it,
94	},
95	{
96	.flags = 0,
97	.tag = 0,
98	.offset = offsetof(X509_ATTRIBUTE, value.single),
99	.field_name = "value.single",
100	.item = &ASN1_ANY_it,
101	},
102	};
103
104	const ASN1_ITEM X509_ATTRIBUTE_SET_it = {	70	const ASN1_ITEM X509_ATTRIBUTE_SET_it = {
105	.itype = ASN1_ITYPE_CHOICE,	71	.itype = ASN1_ITYPE_CHOICE,
106	.utype = offsetof(X509_ATTRIBUTE, single),	72	.utype = 0,
107	.templates = X509_ATTRIBUTE_SET_ch_tt,	73	.templates = NULL,
108	.tcount = sizeof(X509_ATTRIBUTE_SET_ch_tt) / sizeof(ASN1_TEMPLATE),	74	.tcount = 0,
109	.funcs = NULL,	75	.funcs = NULL,
110	.size = sizeof(X509_ATTRIBUTE),	76	.size = sizeof(X509_ATTRIBUTE),
111	.sname = "X509_ATTRIBUTE",	77	.sname = "X509_ATTRIBUTE",
@@ -119,13 +85,12 @@ static const ASN1_TEMPLATE X509_ATTRIBUTE_seq_tt[] = {
119	.field_name = "object",	85	.field_name = "object",
120	.item = &ASN1_OBJECT_it,	86	.item = &ASN1_OBJECT_it,
121	},	87	},
122	/* CHOICE type merged with parent */
123	{	88	{
124	.flags = 0 \| ASN1_TFLG_COMBINE,	89	.flags = ASN1_TFLG_SET_OF,
125	.tag = 0,	90	.tag = 0,
126	.offset = 0,	91	.offset = offsetof(X509_ATTRIBUTE, set),
127	.field_name = NULL,	92	.field_name = "set",
128	.item = &X509_ATTRIBUTE_SET_it,	93	.item = &ASN1_ANY_it,
129	},	94	},
130	};	95	};
131		96
@@ -183,12 +148,9 @@ X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
183	if ((ret = X509_ATTRIBUTE_new()) == NULL)	148	if ((ret = X509_ATTRIBUTE_new()) == NULL)
184	return (NULL);	149	return (NULL);
185	ret->object = oid;	150	ret->object = oid;
186	ret->single = 0;
187	if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
188	goto err;
189	if ((val = ASN1_TYPE_new()) == NULL)	151	if ((val = ASN1_TYPE_new()) == NULL)
190	goto err;	152	goto err;
191	if (!sk_ASN1_TYPE_push(ret->value.set, val))	153	if (!sk_ASN1_TYPE_push(ret->set, val))
192	goto err;	154	goto err;
193		155
194	ASN1_TYPE_set(val, atrtype, value);	156	ASN1_TYPE_set(val, atrtype, value);


diff --git a/src/lib/libcrypto/pkcs12/p12_attr.c b/src/lib/libcrypto/pkcs12/p12_attr.c index dc38b7c897..a35a148b11 100644 --- a/src/lib/libcrypto/pkcs12/p12_attr.c +++ b/src/lib/libcrypto/pkcs12/p12_attr.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: p12_attr.c,v 1.14 2021/11/01 20:53:08 tb Exp $ */	1	/* $OpenBSD: p12_attr.c,v 1.15 2022/05/09 19:19:33 jsing Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -129,12 +129,8 @@ PKCS12_get_attr_gen(const STACK_OF(X509_ATTRIBUTE) *attrs, int attr_nid)
129	return NULL;	129	return NULL;
130	for (i = 0; i < sk_X509_ATTRIBUTE_num(attrs); i++) {	130	for (i = 0; i < sk_X509_ATTRIBUTE_num(attrs); i++) {
131	attrib = sk_X509_ATTRIBUTE_value(attrs, i);	131	attrib = sk_X509_ATTRIBUTE_value(attrs, i);
132	if (OBJ_obj2nid(attrib->object) == attr_nid) {	132	if (OBJ_obj2nid(attrib->object) == attr_nid)
133	if (sk_ASN1_TYPE_num(attrib->value.set))	133	return sk_ASN1_TYPE_value(attrib->set, 0);
134	return sk_ASN1_TYPE_value(attrib->value.set, 0);
135	else
136	return NULL;
137	}
138	}	134	}
139	return NULL;	135	return NULL;
140	}	136	}


diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c index c9d64bcf34..b314069610 100644 --- a/src/lib/libcrypto/pkcs7/pk7_doit.c +++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: pk7_doit.c,v 1.46 2021/12/12 21:30:14 tb Exp $ */	1	/* $OpenBSD: pk7_doit.c,v 1.47 2022/05/09 19:19:33 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1129,12 +1129,8 @@ get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
1129	return (NULL);	1129	return (NULL);
1130	for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {	1130	for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
1131	xa = sk_X509_ATTRIBUTE_value(sk, i);	1131	xa = sk_X509_ATTRIBUTE_value(sk, i);
1132	if (OBJ_cmp(xa->object, o) == 0) {	1132	if (OBJ_cmp(xa->object, o) == 0)
1133	if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))	1133	return (sk_ASN1_TYPE_value(xa->set, 0));
1134	return (sk_ASN1_TYPE_value(xa->value.set, 0));
1135	else
1136	return (NULL);
1137	}
1138	}	1134	}
1139	return (NULL);	1135	return (NULL);
1140	}	1136	}


diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c index 38aa063143..8d369df900 100644 --- a/src/lib/libcrypto/x509/x509_att.c +++ b/src/lib/libcrypto/x509/x509_att.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_att.c,v 1.18 2021/11/01 20:53:08 tb Exp $ */	1	/* $OpenBSD: x509_att.c,v 1.19 2022/05/09 19:19:33 jsing Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -324,10 +324,8 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE attr, int attrtype, const void data,
324	goto err;	324	goto err;
325	atype = attrtype;	325	atype = attrtype;
326	}	326	}
327	if (!(attr->value.set = sk_ASN1_TYPE_new_null()))	327	/*
328	goto err;	328	* This is a bit naughty because the attribute should really have
329	attr->single = 0;
330	/* This is a bit naughty because the attribute should really have
331	* at least one value but some types use and zero length SET and	329	* at least one value but some types use and zero length SET and
332	* require this.	330	* require this.
333	*/	331	*/
@@ -343,7 +341,7 @@ X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE attr, int attrtype, const void data,
343	goto err;	341	goto err;
344	} else	342	} else
345	ASN1_TYPE_set(ttmp, atype, stmp);	343	ASN1_TYPE_set(ttmp, atype, stmp);
346	if (!sk_ASN1_TYPE_push(attr->value.set, ttmp))	344	if (!sk_ASN1_TYPE_push(attr->set, ttmp))
347	goto err;	345	goto err;
348	return 1;	346	return 1;
349		347
@@ -357,11 +355,10 @@ err:
357	int	355	int
358	X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr)	356	X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr)
359	{	357	{
360	if (!attr->single)	358	if (attr == NULL)
361	return sk_ASN1_TYPE_num(attr->value.set);	359	return 0;
362	if (attr->value.single)	360
363	return 1;	361	return sk_ASN1_TYPE_num(attr->set);
364	return 0;
365	}	362	}
366		363
367	ASN1_OBJECT *	364	ASN1_OBJECT *
@@ -392,10 +389,6 @@ X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
392	{	389	{
393	if (attr == NULL)	390	if (attr == NULL)
394	return (NULL);	391	return (NULL);
395	if (idx >= X509_ATTRIBUTE_count(attr))	392
396	return NULL;	393	return sk_ASN1_TYPE_value(attr->set, idx);
397	if (!attr->single)
398	return sk_ASN1_TYPE_value(attr->value.set, idx);
399	else
400	return attr->value.single;
401	}	394	}


diff --git a/src/lib/libcrypto/x509/x509_lcl.h b/src/lib/libcrypto/x509/x509_lcl.h index e7eb733f7d..5beef8a94d 100644 --- a/src/lib/libcrypto/x509/x509_lcl.h +++ b/src/lib/libcrypto/x509/x509_lcl.h
@@ -109,12 +109,7 @@ struct X509_extension_st {
109		109
110	struct x509_attributes_st {	110	struct x509_attributes_st {
111	ASN1_OBJECT *object;	111	ASN1_OBJECT *object;
112	int single; /* 0 for a set, 1 for a single item (which is wrong) */	112	STACK_OF(ASN1_TYPE) *set;
113	union {
114	char *ptr;
115	/* 0 / STACK_OF(ASN1_TYPE) set;
116	/* 1 / ASN1_TYPE single;
117	} value;
118	} /* X509_ATTRIBUTE */;	113	} /* X509_ATTRIBUTE */;
119		114
120	struct X509_req_info_st {	115	struct X509_req_info_st {