Remove unused public X509_TRUST API

Another thing that should never have leaked out of the library. It
will become internal entirely, where the code can be simplified greatly.

ok jsing

diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list
index 01b8cae..56b6392 100644 (file)
--- a/lib/libcrypto/Symbols.list
+++ b/lib/libcrypto/Symbols.list
@@ -2835,16 +2835,6 @@ X509_STORE_set_trust
 X509_STORE_set_verify
 X509_STORE_set_verify_cb
 X509_STORE_up_ref
-X509_TRUST_add
-X509_TRUST_cleanup
-X509_TRUST_get0
-X509_TRUST_get0_name
-X509_TRUST_get_by_id
-X509_TRUST_get_count
-X509_TRUST_get_flags
-X509_TRUST_get_trust
-X509_TRUST_set
-X509_TRUST_set_default
 X509_VAL_free
 X509_VAL_it
 X509_VAL_new

diff --git a/lib/libcrypto/Symbols.namespace b/lib/libcrypto/Symbols.namespace
index 261d03f..d959079 100644 (file)
--- a/lib/libcrypto/Symbols.namespace
+++ b/lib/libcrypto/Symbols.namespace
@@ -301,8 +301,6 @@ _libre_X509_get_default_private_dir
 _libre_X509_to_X509_REQ
 _libre_X509_REQ_to_X509
 _libre_X509_get_pubkey_parameters
-_libre_X509_TRUST_set_default
-_libre_X509_TRUST_set
 _libre_X509_NAME_oneline
 _libre_X509_get0_extensions
 _libre_X509_get0_tbs_sigalg
@@ -465,14 +463,6 @@ _libre_X509_verify_cert
 _libre_X509_find_by_issuer_and_serial
 _libre_X509_find_by_subject
 _libre_X509_check_trust
-_libre_X509_TRUST_get_count
-_libre_X509_TRUST_get0
-_libre_X509_TRUST_get_by_id
-_libre_X509_TRUST_add
-_libre_X509_TRUST_cleanup
-_libre_X509_TRUST_get_flags
-_libre_X509_TRUST_get0_name
-_libre_X509_TRUST_get_trust
 _libre_X509_up_ref
 _libre_X509_chain_up_ref
 _libre_ERR_load_X509_strings

diff --git a/lib/libcrypto/hidden/openssl/x509.h b/lib/libcrypto/hidden/openssl/x509.h
index 13bd5b5..35a4a67 100644 (file)
--- a/lib/libcrypto/hidden/openssl/x509.h
+++ b/lib/libcrypto/hidden/openssl/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.3 2023/07/05 21:14:54 bcook Exp $ */
+/* $OpenBSD: x509.h,v 1.4 2024/03/02 10:48:17 tb Exp $ */
 /*
  * Copyright (c) 2022 Bob Beck <beck@openbsd.org>
  *
@@ -104,8 +104,6 @@ LCRYPTO_USED(X509_get_default_private_dir);
 LCRYPTO_USED(X509_to_X509_REQ);
 LCRYPTO_USED(X509_REQ_to_X509);
 LCRYPTO_USED(X509_get_pubkey_parameters);
-LCRYPTO_USED(X509_TRUST_set_default);
-LCRYPTO_USED(X509_TRUST_set);
 LCRYPTO_USED(X509_NAME_oneline);
 LCRYPTO_USED(X509_get0_extensions);
 LCRYPTO_USED(X509_get0_tbs_sigalg);
@@ -268,14 +266,6 @@ LCRYPTO_USED(X509_verify_cert);
 LCRYPTO_USED(X509_find_by_issuer_and_serial);
 LCRYPTO_USED(X509_find_by_subject);
 LCRYPTO_USED(X509_check_trust);
-LCRYPTO_USED(X509_TRUST_get_count);
-LCRYPTO_USED(X509_TRUST_get0);
-LCRYPTO_USED(X509_TRUST_get_by_id);
-LCRYPTO_USED(X509_TRUST_add);
-LCRYPTO_USED(X509_TRUST_cleanup);
-LCRYPTO_USED(X509_TRUST_get_flags);
-LCRYPTO_USED(X509_TRUST_get0_name);
-LCRYPTO_USED(X509_TRUST_get_trust);
 LCRYPTO_USED(X509_up_ref);
 LCRYPTO_USED(X509_chain_up_ref);
 LCRYPTO_USED(ERR_load_X509_strings);

diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h
index c84ff6b..70d931c 100644 (file)
--- a/lib/libcrypto/x509/x509.h
+++ b/lib/libcrypto/x509/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.106 2024/03/02 10:33:51 tb Exp $ */
+/* $OpenBSD: x509.h,v 1.107 2024/03/02 10:48:17 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -662,8 +662,6 @@ int X509_alias_set1(X509 *x, const unsigned char *name, int len);
 int X509_keyid_set1(X509 *x, const unsigned char *id, int len);
 unsigned char *X509_alias_get0(X509 *x, int *len);
 unsigned char *X509_keyid_get0(X509 *x, int *len);
-int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
-int X509_TRUST_set(int *t, int trust);
 int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj);
 int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj);
 void X509_trust_clear(X509 *x);
@@ -1041,15 +1039,6 @@ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk,
     int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub);
 
 int X509_check_trust(X509 *x, int id, int flags);
-int X509_TRUST_get_count(void);
-X509_TRUST * X509_TRUST_get0(int idx);
-int X509_TRUST_get_by_id(int id);
-int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
-    const char *name, int arg1, void *arg2);
-void X509_TRUST_cleanup(void);
-int X509_TRUST_get_flags(const X509_TRUST *xp);
-char *X509_TRUST_get0_name(const X509_TRUST *xp);
-int X509_TRUST_get_trust(const X509_TRUST *xp);
 
 int X509_up_ref(X509 *x);
 STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain);

diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c
index a6fc4d6..774ce58 100644 (file)
--- a/lib/libcrypto/x509/x509_trs.c
+++ b/lib/libcrypto/x509/x509_trs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_trs.c,v 1.40 2024/01/13 19:57:38 tb Exp $ */
+/* $OpenBSD: x509_trs.c,v 1.41 2024/03/02 10:48:17 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -219,82 +219,3 @@ X509_check_trust(X509 *x, int trust_id, int flags)
        return trust->check_trust((X509_TRUST *)trust, x, flags);
 }
 LCRYPTO_ALIAS(X509_check_trust);
-
-/*
- * Remove all the functions below in the next bump.
- */
-
-int
-(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int)
-{
-       X509error(ERR_R_DISABLED);
-       return NULL;
-}
-LCRYPTO_ALIAS(X509_TRUST_set_default);
-
-int
-X509_TRUST_get_count(void)
-{
-       return X509_TRUST_COUNT;
-}
-LCRYPTO_ALIAS(X509_TRUST_get_count);
-
-X509_TRUST *
-X509_TRUST_get0(int idx)
-{
-       X509error(ERR_R_DISABLED);
-       return NULL;
-}
-LCRYPTO_ALIAS(X509_TRUST_get0);
-
-int
-X509_TRUST_get_by_id(int id)
-{
-       X509error(ERR_R_DISABLED);
-       return -1;
-}
-LCRYPTO_ALIAS(X509_TRUST_get_by_id);
-
-int
-X509_TRUST_set(int *t, int trust)
-{
-       X509error(ERR_R_DISABLED);
-       return 0;
-}
-LCRYPTO_ALIAS(X509_TRUST_set);
-
-int
-X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
-    const char *name, int arg1, void *arg2)
-{
-       X509error(ERR_R_DISABLED);
-       return 0;
-}
-LCRYPTO_ALIAS(X509_TRUST_add);
-
-void
-X509_TRUST_cleanup(void)
-{
-}
-LCRYPTO_ALIAS(X509_TRUST_cleanup);
-
-int
-X509_TRUST_get_flags(const X509_TRUST *xp)
-{
-       return xp->flags;
-}
-LCRYPTO_ALIAS(X509_TRUST_get_flags);
-
-char *
-X509_TRUST_get0_name(const X509_TRUST *xp)
-{
-       return xp->name;
-}
-LCRYPTO_ALIAS(X509_TRUST_get0_name);
-
-int
-X509_TRUST_get_trust(const X509_TRUST *xp)
-{
-       return xp->trust;
-}
-LCRYPTO_ALIAS(X509_TRUST_get_trust);