From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 3 Mar 2010 19:56:34 +0000 (+0000)
Subject: PR: 2183
X-Git-Tag: OpenSSL-fips-2_0-rc1~1227
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=ebaa2cf5b20d9048f47c4687b2130f8d6751a964

PR: 2183

PR#1999 broke fork detection by assuming HAVE_FORK was set for all platforms.
Include original HAVE_FORK detection logic while allowing it to be
overridden on specific platforms with -DHAVE_FORK=1 or -DHAVE_FORK=0
---

diff --git a/apps/speed.c b/apps/speed.c
index e4389f8a5a..1882239ce3 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -184,12 +184,18 @@
 #include <openssl/ecdh.h>
 #endif
 
-#if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
-# define NO_FORK 1
-#elif HAVE_FORK
-# undef NO_FORK
+#ifndef HAVE_FORK
+# if defined(OPENSSL_SYS_VMS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MACINTOSH_CLASSIC) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_NETWARE)
+#  define HAVE_FORK 0
+# else
+#  define HAVE_FORK 1
+# endif
+#endif
+
+#if HAVE_FORK
+#undef NO_FORK
 #else
-# define NO_FORK 1
+#define NO_FORK
 #endif
 
 #undef BUFSIZE
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 6730f9a6ee..24b21d4ea2 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -317,6 +317,19 @@ static unsigned char *generic_asn1(char *value, X509V3_CTX *ctx, long *ext_len)
 	return ext_der;
 	}
 
+static void delete_ext(STACK_OF(X509_EXTENSION) *sk, X509_EXTENSION *dext)
+	{
+	int idx;
+	ASN1_OBJECT *obj;
+	obj = X509_EXTENSION_get_object(dext);
+	while ((idx = X509_EXTENSION_get_by_OBJ(sk, obj, -1)) >= 0)
+		{
+		X509_EXTENSION *tmpext= X509_get_ext(sk, idx);
+		X509_del_ext(sk, idx);
+		X509_EXTENSION_free(tmpext);
+		}
+	}
+
 /* This is the main function: add a bunch of extensions based on a config file
  * section to an extension STACK.
  */
@@ -335,6 +348,8 @@ int X509V3_EXT_add_nconf_sk(CONF *conf, X509V3_CTX *ctx, char *section,
 		val = sk_CONF_VALUE_value(nval, i);
 		if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
 								return 0;
+		if (ctx->flags == X509V3_CTX_FLAG_REPLACE)	
+			delete_ext(*sk, ext);
 		if (sk) X509v3_add_ext(sk, ext, -1);
 		X509_EXTENSION_free(ext);
 		}