CVSROOT: /cvs Module name: src Changes by: t...@cvs.openbsd.org 2024/05/08 02:20:08
Modified files: lib/libcrypto/x509: x509_req.c Log message: Simplify X509_REQ_get_extensions() Now that we know the two OIDs we need to look for when checking for the extension list attribute in a certification request, we can simplify this quite a bit. There is one change of behavior. Attribute value sets are not supposed to be empty and it makes no sense to return an empty stack of extensions in that case, return NULL instead, matching BoringSSL. This removes last use of ext_nids and ext_nid_list[], so these two bits of unprotected global mutable state can now join the party in the attic. ok jsing