Merge remote-tracking branch 'upstream/master'
diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py
index d0026bd..a80d10b 100644
--- a/OpenSSL/crypto.py
+++ b/OpenSSL/crypto.py
@@ -697,6 +697,21 @@
_raise_current_error()
+ def get_extensions(self):
+ """
+ Get extensions to the request.
+
+ :return: A list of X509Extension objects.
+ """
+ exts = []
+ _exts = _lib.X509_REQ_get_extensions(self._req)
+ for i in range(0, _lib.sk_X509_EXTENSION_num(_exts)):
+ ext = X509Extension.__new__(X509Extension)
+ ext._extension = _lib.sk_X509_EXTENSION_value(_exts, i)
+ exts.append(ext)
+ return exts
+
+
def sign(self, pkey, digest):
"""
Sign the certificate request using the supplied key and digest
diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py
index 4e42f70..39c8603 100644
--- a/OpenSSL/test/test_crypto.py
+++ b/OpenSSL/test/test_crypto.py
@@ -1108,7 +1108,11 @@
request = X509Req()
request.add_extensions([
X509Extension(b('basicConstraints'), True, b('CA:false'))])
- # XXX Add get_extensions so the rest of this unit test can be written.
+ exts = request.get_extensions()
+ self.assertEquals(len(exts), 1)
+ self.assertEquals(exts[0].get_short_name(), 'basicConstraints')
+ self.assertEquals(exts[0].get_critical(), 1)
+ self.assertEquals(exts[0].get_data(), 0)
def test_add_extensions_wrong_args(self):