return ext_der;
}
+static void delete_ext(STACK_OF(X509_EXTENSION) *sk, X509_EXTENSION *dext)
+ {
+ int idx;
+ ASN1_OBJECT *obj;
+ obj = X509_EXTENSION_get_object(dext);
+ while ((idx = X509v3_get_ext_by_OBJ(sk, obj, -1)) >= 0)
+ {
+ X509_EXTENSION *tmpext = X509v3_get_ext(sk, idx);
+ X509v3_delete_ext(sk, idx);
+ X509_EXTENSION_free(tmpext);
+ }
+ }
+
/* This is the main function: add a bunch of extensions based on a config file
* section to an extension STACK.
*/
val = sk_CONF_VALUE_value(nval, i);
if (!(ext = X509V3_EXT_nconf(conf, ctx, val->name, val->value)))
return 0;
+ if (ctx->flags == X509V3_CTX_REPLACE)
+ delete_ext(*sk, ext);
if (sk) X509v3_add_ext(sk, ext, -1);
X509_EXTENSION_free(ext);
}