Remove NETSCAPE_CERT_SEQUENCE

diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile
index d6175df..8febfcd 100644 (file)
--- a/lib/libcrypto/Makefile
+++ b/lib/libcrypto/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.113 2023/04/25 18:48:32 tb Exp $
+# $OpenBSD: Makefile,v 1.114 2023/04/25 18:57:57 tb Exp $
 
 LIB=   crypto
 LIBREBUILD=y
@@ -114,7 +114,6 @@ SRCS+= asn_mime.c
 SRCS+= asn_moid.c
 SRCS+= bio_asn1.c
 SRCS+= bio_ndef.c
-#SRCS+= nsseq.c
 SRCS+= p5_pbe.c
 SRCS+= p5_pbev2.c
 SRCS+= p8_pkey.c

diff --git a/lib/libcrypto/asn1/nsseq.c b/lib/libcrypto/asn1/nsseq.c
deleted file mode 100644 (file)
index 8b39278..0000000
--- a/lib/libcrypto/asn1/nsseq.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* $OpenBSD: nsseq.c,v 1.10 2015/02/11 04:00:39 jsing Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <openssl/asn1t.h>
-#include <openssl/x509.h>
-#include <openssl/objects.h>
-
-static int
-nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-       if (operation == ASN1_OP_NEW_POST) {
-               NETSCAPE_CERT_SEQUENCE *nsseq;
-               nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
-               nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
-       }
-       return 1;
-}
-
-/* Netscape certificate sequence structure */
-
-static const ASN1_AUX NETSCAPE_CERT_SEQUENCE_aux = {
-       .asn1_cb = nsseq_cb,
-};
-static const ASN1_TEMPLATE NETSCAPE_CERT_SEQUENCE_seq_tt[] = {
-       {
-               .offset = offsetof(NETSCAPE_CERT_SEQUENCE, type),
-               .field_name = "type",
-               .item = &ASN1_OBJECT_it,
-       },
-       {
-               .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
-               .offset = offsetof(NETSCAPE_CERT_SEQUENCE, certs),
-               .field_name = "certs",
-               .item = &X509_it,
-       },
-};
-
-const ASN1_ITEM NETSCAPE_CERT_SEQUENCE_it = {
-       .itype = ASN1_ITYPE_SEQUENCE,
-       .utype = V_ASN1_SEQUENCE,
-       .templates = NETSCAPE_CERT_SEQUENCE_seq_tt,
-       .tcount = sizeof(NETSCAPE_CERT_SEQUENCE_seq_tt) / sizeof(ASN1_TEMPLATE),
-       .funcs = &NETSCAPE_CERT_SEQUENCE_aux,
-       .size = sizeof(NETSCAPE_CERT_SEQUENCE),
-       .sname = "NETSCAPE_CERT_SEQUENCE",
-};
-
-
-NETSCAPE_CERT_SEQUENCE *
-d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, const unsigned char **in, long len)
-{
-       return (NETSCAPE_CERT_SEQUENCE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-           &NETSCAPE_CERT_SEQUENCE_it);
-}
-
-int
-i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **out)
-{
-       return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_CERT_SEQUENCE_it);
-}
-
-NETSCAPE_CERT_SEQUENCE *
-NETSCAPE_CERT_SEQUENCE_new(void)
-{
-       return (NETSCAPE_CERT_SEQUENCE *)ASN1_item_new(&NETSCAPE_CERT_SEQUENCE_it);
-}
-
-void
-NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a)
-{
-       ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_CERT_SEQUENCE_it);
-}

diff --git a/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 b/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
index b097bbb..ab703dd 100644 (file)
--- a/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
+++ b/lib/libcrypto/man/PEM_read_bio_PrivateKey.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: PEM_read_bio_PrivateKey.3,v 1.20 2021/07/24 14:33:14 schwarze Exp $
+.\" $OpenBSD: PEM_read_bio_PrivateKey.3,v 1.21 2023/04/25 18:57:57 tb Exp $
 .\" full merge up to:
 .\" OpenSSL man3/PEM_read_bio_PrivateKey.pod 18bad535 Apr 9 15:13:55 2019 +0100
 .\" OpenSSL man3/PEM_read_CMS.pod 83cf7abf May 29 13:07:08 2018 +0100
@@ -51,7 +51,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 24 2021 $
+.Dd $Mdocdate: April 25 2023 $
 .Dt PEM_READ_BIO_PRIVATEKEY 3
 .Os
 .Sh NAME
@@ -137,10 +137,6 @@
 .Nm PEM_read_PKCS7 ,
 .Nm PEM_write_bio_PKCS7 ,
 .Nm PEM_write_PKCS7 ,
-.Nm PEM_read_bio_NETSCAPE_CERT_SEQUENCE ,
-.Nm PEM_read_NETSCAPE_CERT_SEQUENCE ,
-.Nm PEM_write_bio_NETSCAPE_CERT_SEQUENCE ,
-.Nm PEM_write_NETSCAPE_CERT_SEQUENCE ,
 .Nm PEM_read_CMS ,
 .Nm PEM_read_bio_CMS ,
 .Nm PEM_write_CMS ,
@@ -694,30 +690,6 @@
 .Fa "FILE *fp"
 .Fa "PKCS7 *x"
 .Fc
-.Ft NETSCAPE_CERT_SEQUENCE *
-.Fo PEM_read_bio_NETSCAPE_CERT_SEQUENCE
-.Fa "BIO *bp"
-.Fa "NETSCAPE_CERT_SEQUENCE **x"
-.Fa "pem_password_cb *cb"
-.Fa "void *u"
-.Fc
-.Ft NETSCAPE_CERT_SEQUENCE *
-.Fo PEM_read_NETSCAPE_CERT_SEQUENCE
-.Fa "FILE *fp"
-.Fa "NETSCAPE_CERT_SEQUENCE **x"
-.Fa "pem_password_cb *cb"
-.Fa "void *u"
-.Fc
-.Ft int
-.Fo PEM_write_bio_NETSCAPE_CERT_SEQUENCE
-.Fa "BIO *bp"
-.Fa "NETSCAPE_CERT_SEQUENCE *x"
-.Fc
-.Ft int
-.Fo PEM_write_NETSCAPE_CERT_SEQUENCE
-.Fa "FILE *fp"
-.Fa "NETSCAPE_CERT_SEQUENCE *x"
-.Fc
 .In openssl/cms.h
 .Ft CMS_ContentInfo *
 .Fo PEM_read_CMS
@@ -961,12 +933,6 @@ using a
 structure.
 .Pp
 The
-.Sy NETSCAPE_CERT_SEQUENCE
-functions process a Netscape Certificate Sequence using a
-.Vt NETSCAPE_CERT_SEQUENCE
-structure.
-.Pp
-The
 .Sy CMS
 functions process a
 .Vt CMS_ContentInfo
@@ -1291,13 +1257,6 @@ All these functions have been available since
 .Fn PEM_read_PKCS8_PRIV_KEY_INFO ,
 .Fn PEM_write_bio_PKCS8_PRIV_KEY_INFO ,
 .Fn PEM_write_PKCS8_PRIV_KEY_INFO ,
-.Fn PEM_read_bio_NETSCAPE_CERT_SEQUENCE ,
-.Fn PEM_read_NETSCAPE_CERT_SEQUENCE ,
-.Fn PEM_write_bio_NETSCAPE_CERT_SEQUENCE ,
-and
-.Fn PEM_write_NETSCAPE_CERT_SEQUENCE
-first appeared in OpenSSL 0.9.4 and have been available since
-.Ox 2.6 .
 .Pp
 .Fn PEM_write_bio_PKCS8PrivateKey_nid ,
 .Fn PEM_write_PKCS8PrivateKey_nid ,

diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h
index bed87d8..c2a9dfe 100644 (file)
--- a/lib/libcrypto/x509/x509.h
+++ b/lib/libcrypto/x509/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.99 2023/04/24 22:24:39 tb Exp $ */
+/* $OpenBSD: x509.h,v 1.100 2023/04/25 18:57:57 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -334,14 +334,6 @@ typedef struct Netscape_spki_st {
        ASN1_BIT_STRING *signature;
 } NETSCAPE_SPKI;
 
-#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
-/* Netscape certificate sequence structure */
-typedef struct Netscape_certificate_sequence {
-       ASN1_OBJECT *type;
-       STACK_OF(X509) *certs;
-} NETSCAPE_CERT_SEQUENCE;
-#endif
-
 /* Password based encryption structure */
 
 typedef struct PBEPARAM_st {
@@ -739,14 +731,6 @@ NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, const unsigned char **in,
 int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **out);
 extern const ASN1_ITEM NETSCAPE_SPKAC_it;
 
-#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
-NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void);
-void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
-NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, const unsigned char **in, long len);
-int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **out);
-extern const ASN1_ITEM NETSCAPE_CERT_SEQUENCE_it;
-#endif
-
 #ifndef OPENSSL_NO_EVP
 X509_INFO *    X509_INFO_new(void);
 void           X509_INFO_free(X509_INFO *a);