From c46d931e06126b69de6000e5b24e54d9e8779194 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Wed, 8 May 2024 08:11:50 +0000
Subject: Simplify X509_REQ_extension_nid()

Now that the global ext_nids[] array can no longer be modified by the
application, we can simplify this by returning the two possible NIDs
that we accept in the extension list attribute in PKCS#10 certification
requests.

The year is 2024. This API is entirely unused by the ecosystem. Well not
entirely! One small village of indomitable rare API use still holds out
against the cleansers. You may have guessed it: security/xca.

ok jsing
---
 src/lib/libcrypto/x509/x509_req.c | 14 +++-----------
 1 file changed, 3 insertions(+), 11 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
index 60e1a074b8..1497b1ec16 100644
--- a/src/lib/libcrypto/x509/x509_req.c
+++ b/src/lib/libcrypto/x509/x509_req.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_req.c,v 1.34 2024/05/08 07:55:10 tb Exp $ */
+/* $OpenBSD: x509_req.c,v 1.35 2024/05/08 08:11:50 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -180,17 +180,9 @@ static int ext_nid_list[] = {NID_ext_req, NID_ms_ext_req, NID_undef};
 static int *ext_nids = ext_nid_list;
 
 int
-X509_REQ_extension_nid(int req_nid)
+X509_REQ_extension_nid(int nid)
 {
-	int i, nid;
-
-	for (i = 0; ; i++) {
-		nid = ext_nids[i];
-		if (nid == NID_undef)
-			return 0;
-		else if (req_nid == nid)
-			return 1;
-	}
+	return nid == NID_ext_req || nid == NID_ms_ext_req;
 }
 LCRYPTO_ALIAS(X509_REQ_extension_nid);
 
-- 
cgit v1.2.3-55-g6feb