Move allow_proxy_certs declaration to start of function.

[openssl.git] / crypto / x509 / x509_v3.c

diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
index 5721f78510f4dc61533cf08a8f4db5e5e17dc43c..67b1796a92134d4eb0427d2be9085045cb2ef271 100644 (file)
--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -63,6 +63,7 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
+#include <openssl/x509v3.h>
 
 int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
        {
@@ -114,8 +115,8 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
        for ( ; lastpos < n; lastpos++)
                {
                ex=sk_X509_EXTENSION_value(sk,lastpos);
-               if (    (ex->critical && crit) ||
-                       (!ex->critical && !crit))
+               if (    ((ex->critical > 0) && crit) ||
+                       ((ex->critical <= 0) && !crit))
                        return(lastpos);
                }
        return(-1);
@@ -233,7 +234,7 @@ int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
 int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
        {
        if (ex == NULL) return(0);
-       ex->critical=(crit)?0xFF:0;
+       ex->critical=(crit)?0xFF:-1;
        return(1);
        }
 
@@ -262,5 +263,6 @@ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
 int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
        {
        if (ex == NULL) return(0);
-       return(ex->critical);
+       if(ex->critical > 0) return 1;
+       return 0;
        }