Use X509_REQ_get0_pubkey

[openssl.git] / crypto / x509 / x509_r2x.c

diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
index 5d576e91e577a41911832deb0ae3504af8a360ee..d082636de411a504ae347952ad50dc9b3b88b7dd 100644 (file)
--- a/crypto/x509/x509_r2x.c
+++ b/crypto/x509/x509_r2x.c
@@ -1,4 +1,3 @@
-/* crypto/x509/x509_r2x.c */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -71,16 +70,17 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
     X509 *ret = NULL;
     X509_CINF *xi = NULL;
     X509_NAME *xn;
+    EVP_PKEY *pubkey = NULL;
 
     if ((ret = X509_new()) == NULL) {
         X509err(X509_F_X509_REQ_TO_X509, ERR_R_MALLOC_FAILURE);
-        goto err;
+        return NULL;
     }
 
     /* duplicate the request */
-    xi = ret->cert_info;
+    xi = &ret->cert_info;
 
-    if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) {
+    if (sk_X509_ATTRIBUTE_num(r->req_info.attributes) != 0) {
         if ((xi->version = ASN1_INTEGER_new()) == NULL)
             goto err;
         if (!ASN1_INTEGER_set(xi->version, 2))
@@ -90,9 +90,9 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
     }
 
     xn = X509_REQ_get_subject_name(r);
-    if (X509_set_subject_name(ret, X509_NAME_dup(xn)) == 0)
+    if (X509_set_subject_name(ret, xn) == 0)
         goto err;
-    if (X509_set_issuer_name(ret, X509_NAME_dup(xn)) == 0)
+    if (X509_set_issuer_name(ret, xn) == 0)
         goto err;
 
     if (X509_gmtime_adj(xi->validity.notBefore, 0) == NULL)
@@ -101,7 +101,9 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
         NULL)
         goto err;
 
-    X509_set_pubkey(ret, X509_REQ_get_pubkey(r));
+    pubkey = X509_REQ_get0_pubkey(r);
+    if (pubkey == NULL || !X509_set_pubkey(ret, pubkey))
+        goto err;
 
     if (!X509_sign(ret, pkey, EVP_md5()))
         goto err;