(sk_GENERAL_NAME_num((ctx)->subjectAltNames) > 0 \
|| OSSL_CMP_CTX_reqExtensions_have_SAN(ctx) == 1)
-static X509_NAME *determine_subj(OSSL_CMP_CTX *ctx, X509 *refcert,
- int bodytype)
+static const X509_NAME *determine_subj(OSSL_CMP_CTX *ctx, X509 *refcert,
+ int bodytype)
{
if (ctx->subjectName != NULL)
return ctx->subjectName;
/* refcert defaults to current client cert */
EVP_PKEY *rkey = OSSL_CMP_CTX_get0_newPkey(ctx, 0);
STACK_OF(GENERAL_NAME) *default_sans = NULL;
- X509_NAME *subject = determine_subj(ctx, refcert, bodytype);
+ const X509_NAME *subject = determine_subj(ctx, refcert, bodytype);
int crit = ctx->setSubjectAltNameCritical || subject == NULL;
/* RFC5280: subjectAltName MUST be critical if subject is null */
X509_EXTENSIONS *exts = NULL;