Use X509_REQ_get0_pubkey

        ok = 0;

        goto end;

    }

    if ((pktmp = X509_REQ_get_pubkey(req)) == NULL) {

    if ((pktmp = X509_REQ_get0_pubkey(req)) == NULL) {

        BIO_printf(bio_err, "error unpacking public key\n");

        goto end;

    }

    i = X509_REQ_verify(req, pktmp);

    EVP_PKEY_free(pktmp);

    pktmp = NULL;

    if (i < 0) {

        ok = 0;

        BIO_printf(bio_err, "Signature verification problems....\n");

    pktmp = X509_REQ_get_pubkey(req);

    i = X509_set_pubkey(ret, pktmp);

    EVP_PKEY_free(pktmp);

    if (!i)

        goto end;

    if (!nmflag_set)

        nmflag = XN_FLAG_ONELINE;

    /* TODO: simplify this as pkey is still always NULL here */ 

    private = newreq && (pkey == NULL) ? 1 : 0;

    if (!app_passwd(passargin, passargout, &passin, &passout)) {

            if (!X509_set_subject_name

                (x509ss, X509_REQ_get_subject_name(req)))

                goto end;

            tmppkey = X509_REQ_get_pubkey(req);

            tmppkey = X509_REQ_get0_pubkey(req);

            if (!tmppkey || !X509_set_pubkey(x509ss, tmppkey))

                goto end;

            EVP_PKEY_free(tmppkey);

            /* Set up V3 context struct */

    }

    if (verify && !x509) {

        int tmp = 0;

        EVP_PKEY *pubkey = pkey;

        if (pkey == NULL) {

            pkey = X509_REQ_get_pubkey(req);

            tmp = 1;

            if (pkey == NULL)

        if (pubkey == NULL) {

            pubkey = X509_REQ_get0_pubkey(req);

            if (pubkey == NULL)

                goto end;

        }

        i = X509_REQ_verify(req, pkey);

        if (tmp) {

            EVP_PKEY_free(pkey);

            pkey = NULL;

        }

        i = X509_REQ_verify(req, pubkey);

        if (i < 0) {

            goto end;

            goto end;

        }

        if ((pkey = X509_REQ_get_pubkey(req)) == NULL) {

        if ((pkey = X509_REQ_get0_pubkey(req)) == NULL) {

            BIO_printf(bio_err, "error unpacking public key\n");

            goto end;

        }

        i = X509_REQ_verify(req, pkey);

        EVP_PKEY_free(pkey);

        if (i < 0) {

            BIO_printf(bio_err, "Signature verification error\n");

            ERR_print_errors(bio_err);

        if (fkey)

            X509_set_pubkey(x, fkey);

        else {

            pkey = X509_REQ_get_pubkey(req);

            pkey = X509_REQ_get0_pubkey(req);

            X509_set_pubkey(x, pkey);

            EVP_PKEY_free(pkey);

        }

    } else

        x = load_cert(infile, informat, "Certificate");

        NULL)

        goto err;

    pubkey = X509_REQ_get_pubkey(r);

    if (pubkey == NULL)

    pubkey = X509_REQ_get0_pubkey(r);

    if (pubkey == NULL || !X509_set_pubkey(ret, pubkey))

        goto err;

    if (!X509_set_pubkey(ret, pubkey))

        goto err_pkey;

    EVP_PKEY_free(pubkey);

    if (!X509_sign(ret, pkey, EVP_md5()))

        goto err;

    return ret;

 err_pkey:

    EVP_PKEY_free(pubkey);

 err:

    X509_free(ret);

    return NULL;