On Fri, Jun 12, 2026 at 05:40:27PM +0200, Theo Buehler wrote:
> We check this for extensions we know about in cert_parse_extensions().
> I think we should keep doing it there since we need to keep track of the
> extensions we encountered anyway.
> 
> While cert_parse_extensions() rejects certs with critical extensions we
> don't know about, we allow duplicates non-critical ones mainly because
> that's annoying to keep track of. LibreSSL's libcrypto checks for this
> and rejects the cert when caching the extensions, OpenSSL 4 adds an
> EXFLAG_DUPLICATE flag and accepts the cert, OpenSSL 3 ignores
> duplicates. In short: we get to do it ourselves.
> 
> This check is basically lifted from libcrypto's x509_purp.c with a few
> extra contortions due to const sprinkling and making things opaque. The
> warning is the same as the one already present in cert_parse_extensions().
> 
> I do not NULL check X509_EXTENSION_get_object() because the extension
> parsed, so an OID is present.

OK job@