From c7d885c544b6d23f4453f9e97c6acc93f069e0ab Mon Sep 17 00:00:00 2001
From: tb <tb@openbsd.org>
Date: Sat, 23 Oct 2021 11:53:24 +0000
Subject: [PATCH] Prepare to provide X509_get_extension_flags()

ok beck jsing
---
 lib/libcrypto/x509/x509_purp.c | 12 +++++++++++-
 lib/libcrypto/x509/x509v3.h    |  3 ++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/lib/libcrypto/x509/x509_purp.c b/lib/libcrypto/x509/x509_purp.c
index 43236b2cd33..94e9852fc6d 100644
--- a/lib/libcrypto/x509/x509_purp.c
+++ b/lib/libcrypto/x509/x509_purp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_purp.c,v 1.9 2021/10/22 18:37:15 tb Exp $ */
+/* $OpenBSD: x509_purp.c,v 1.10 2021/10/23 11:53:24 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2001.
  */
@@ -943,6 +943,16 @@ X509_check_akid(X509 *issuer, AUTHORITY_KEYID *akid)
 	return X509_V_OK;
 }
 
+uint32_t
+X509_get_extension_flags(X509 *x)
+{
+	/* Call for side-effect of computing hash and caching extensions */
+	if (X509_check_purpose(x, -1, -1) != 1)
+		return 0;
+
+	return x->ex_flags;
+}
+
 uint32_t
 X509_get_key_usage(X509 *x)
 {
diff --git a/lib/libcrypto/x509/x509v3.h b/lib/libcrypto/x509/x509v3.h
index 84229a18907..b9fe1ca4b04 100644
--- a/lib/libcrypto/x509/x509v3.h
+++ b/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.7 2021/10/22 18:37:15 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.8 2021/10/23 11:53:24 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -800,6 +800,7 @@ int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
 void X509_PURPOSE_cleanup(void);
 int X509_PURPOSE_get_id(const X509_PURPOSE *);
 #if defined(LIBRESSL_NEW_API)
+uint32_t X509_get_extension_flags(X509 *x);
 uint32_t X509_get_key_usage(X509 *x);
 uint32_t X509_get_extended_key_usage(X509 *x);
 #endif
-- 
2.20.1