CVSROOT: /cvs
Module name: src
Changes by: clau...@cvs.openbsd.org 2021/02/18 09:23:17
Modified files:
usr.sbin/rpki-client: cert.c extern.h parser.c x509.c
Log message:
Use X509_get_ext_d2i() also for x509_get_aki() and x509_get_ski().
Now x509_get_extensions() is no longer required to loop over all
extensions and the code becomes a lot simpler.
While there cleanup x509_get_crl(), as explained by tb@ X509_get_ext_d2i()
allocates memory so one needs to free the pointer at the end.
For x509_crl_get_aki() use X509_CRL_get_ext_d2i() and more or less
copy the rest over from x509_get_aki().
Warn if extensions are missing or present when not expected and also
check the the extensions are marked non-critical as required.
OK job@ tb@
