From: tb Date: Sat, 31 Aug 2024 09:26:18 +0000 (+0000) Subject: Unexport some conf layers unused outside of libcrypto X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=70ecd160e71be038a7518acf12b9f3120bd3e5ca;p=openbsd Unexport some conf layers unused outside of libcrypto imodules are called imodules because they contain Information about modules that have been Initialized. Which one of these two I it is is anyone's best guess. Why anything outside of libcrypto would ever possibly care will also remain a mystery. Remove the old way of adding a conf module, user data, stop allowing to set a method (it's opaque now, remember?) and drop a couple bits more from the public api interface. ok beck jsing --- diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index 3385b631e74..20abe2588f2 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -594,27 +594,12 @@ CONF_get1_default_config_file CONF_get_number CONF_get_section CONF_get_string -CONF_imodule_get_flags -CONF_imodule_get_module -CONF_imodule_get_name -CONF_imodule_get_usr_data -CONF_imodule_get_value -CONF_imodule_set_flags -CONF_imodule_set_usr_data CONF_load -CONF_load_bio -CONF_load_fp -CONF_module_add -CONF_module_get_usr_data -CONF_module_set_usr_data CONF_modules_finish CONF_modules_free CONF_modules_load CONF_modules_load_file CONF_modules_unload -CONF_parse_list -CONF_set_default_method -CONF_set_nconf CRL_DIST_POINTS_free CRL_DIST_POINTS_it CRL_DIST_POINTS_new @@ -1510,7 +1495,6 @@ NCONF_get_section NCONF_get_string NCONF_load NCONF_load_bio -NCONF_load_fp NCONF_new NETSCAPE_SPKAC_free NETSCAPE_SPKAC_it diff --git a/lib/libcrypto/asn1/asn1_gen.c b/lib/libcrypto/asn1/asn1_gen.c index c7eafd72677..4b8d7051abf 100644 --- a/lib/libcrypto/asn1/asn1_gen.c +++ b/lib/libcrypto/asn1/asn1_gen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn1_gen.c,v 1.22 2024/05/17 02:57:26 tb Exp $ */ +/* $OpenBSD: asn1_gen.c,v 1.23 2024/08/31 09:26:18 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2002. */ @@ -63,6 +63,7 @@ #include #include "asn1_local.h" +#include "conf_local.h" #define ASN1_GEN_FLAG 0x10000 #define ASN1_GEN_FLAG_IMP (ASN1_GEN_FLAG|1) diff --git a/lib/libcrypto/asn1/asn_moid.c b/lib/libcrypto/asn1/asn_moid.c index 68749804632..e3c7d09446c 100644 --- a/lib/libcrypto/asn1/asn_moid.c +++ b/lib/libcrypto/asn1/asn_moid.c @@ -1,4 +1,4 @@ -/* $OpenBSD: asn_moid.c,v 1.17 2024/03/02 09:02:04 tb Exp $ */ +/* $OpenBSD: asn_moid.c,v 1.18 2024/08/31 09:26:18 tb Exp $ */ /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -66,6 +66,7 @@ #include #include "asn1_local.h" +#include "conf_local.h" /* Simple ASN1 OID module: add all objects in a given section */ diff --git a/lib/libcrypto/conf/conf.h b/lib/libcrypto/conf/conf.h index 5129a259b32..feccaafb05d 100644 --- a/lib/libcrypto/conf/conf.h +++ b/lib/libcrypto/conf/conf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.h,v 1.18 2024/08/31 09:21:44 tb Exp $ */ +/* $OpenBSD: conf.h,v 1.19 2024/08/31 09:26:18 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -138,7 +138,6 @@ void NCONF_free(CONF *conf); void NCONF_free_data(CONF *conf); int NCONF_load(CONF *conf, const char *file, long *eline); -int NCONF_load_fp(CONF *conf, FILE *fp, long *eline); int NCONF_load_bio(CONF *conf, BIO *bp, long *eline); STACK_OF(CONF_VALUE) *NCONF_get_section(const CONF *conf, const char *section); char *NCONF_get_string(const CONF *conf, const char *group, const char *name); @@ -156,24 +155,9 @@ int CONF_modules_load_file(const char *filename, const char *appname, void CONF_modules_unload(int all); void CONF_modules_finish(void); void CONF_modules_free(void); -int CONF_module_add(const char *name, conf_init_func *ifunc, - conf_finish_func *ffunc); - -const char *CONF_imodule_get_name(const CONF_IMODULE *md); -const char *CONF_imodule_get_value(const CONF_IMODULE *md); -void *CONF_imodule_get_usr_data(const CONF_IMODULE *md); -void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data); -CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md); -unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md); -void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags); -void *CONF_module_get_usr_data(CONF_MODULE *pmod); -void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data); char *CONF_get1_default_config_file(void); -int CONF_parse_list(const char *list, int sep, int nospc, - int (*list_cb)(const char *elem, int len, void *usr), void *arg); - void OPENSSL_load_builtin_modules(void); void ERR_load_CONF_strings(void); diff --git a/lib/libcrypto/conf/conf_lib.c b/lib/libcrypto/conf/conf_lib.c index fca7486de37..abeea5588f6 100644 --- a/lib/libcrypto/conf/conf_lib.c +++ b/lib/libcrypto/conf/conf_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_lib.c,v 1.19 2024/08/31 09:21:44 tb Exp $ */ +/* $OpenBSD: conf_lib.c,v 1.20 2024/08/31 09:26:18 tb Exp $ */ /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL * project 2000. */ @@ -77,7 +77,6 @@ CONF_set_nconf(CONF *conf, LHASH_OF(CONF_VALUE) *hash) default_CONF_method->init(conf); conf->data = hash; } -LCRYPTO_ALIAS(CONF_set_nconf); /* The following section contains the "CONF classic" functions, rewritten in terms of the new CONF interface. */ @@ -88,7 +87,6 @@ CONF_set_default_method(CONF_METHOD *meth) default_CONF_method = meth; return 1; } -LCRYPTO_ALIAS(CONF_set_default_method); LHASH_OF(CONF_VALUE) * CONF_load(LHASH_OF(CONF_VALUE) *conf, const char *file, long *eline) @@ -123,7 +121,6 @@ CONF_load_fp(LHASH_OF(CONF_VALUE) *conf, FILE *fp, long *eline) BIO_free(btmp); return ltmp; } -LCRYPTO_ALIAS(CONF_load_fp); LHASH_OF(CONF_VALUE) * CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp, long *eline) @@ -138,7 +135,6 @@ CONF_load_bio(LHASH_OF(CONF_VALUE) *conf, BIO *bp, long *eline) return ctmp.data; return NULL; } -LCRYPTO_ALIAS(CONF_load_bio); STACK_OF(CONF_VALUE) * CONF_get_section(LHASH_OF(CONF_VALUE) *conf, const char *section) @@ -254,22 +250,6 @@ NCONF_load(CONF *conf, const char *file, long *eline) } LCRYPTO_ALIAS(NCONF_load); -int -NCONF_load_fp(CONF *conf, FILE *fp, long *eline) -{ - BIO *btmp; - int ret; - - if (!(btmp = BIO_new_fp(fp, BIO_NOCLOSE))) { - CONFerror(ERR_R_BUF_LIB); - return 0; - } - ret = NCONF_load_bio(conf, btmp, eline); - BIO_free(btmp); - return ret; -} -LCRYPTO_ALIAS(NCONF_load_fp); - int NCONF_load_bio(CONF *conf, BIO *bp, long *eline) { diff --git a/lib/libcrypto/conf/conf_local.h b/lib/libcrypto/conf/conf_local.h index dec0d3c0c16..cf5941ed509 100644 --- a/lib/libcrypto/conf/conf_local.h +++ b/lib/libcrypto/conf/conf_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_local.h,v 1.1 2024/08/31 09:21:44 tb Exp $ */ +/* $OpenBSD: conf_local.h,v 1.2 2024/08/31 09:26:18 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -74,6 +74,22 @@ struct conf_method_st { int (*load)(CONF *conf, const char *name, long *eline); }; +int CONF_module_add(const char *name, conf_init_func *ifunc, + conf_finish_func *ffunc); + +const char *CONF_imodule_get_name(const CONF_IMODULE *md); +const char *CONF_imodule_get_value(const CONF_IMODULE *md); +void *CONF_imodule_get_usr_data(const CONF_IMODULE *md); +void CONF_imodule_set_usr_data(CONF_IMODULE *md, void *usr_data); +CONF_MODULE *CONF_imodule_get_module(const CONF_IMODULE *md); +unsigned long CONF_imodule_get_flags(const CONF_IMODULE *md); +void CONF_imodule_set_flags(CONF_IMODULE *md, unsigned long flags); +void *CONF_module_get_usr_data(CONF_MODULE *pmod); +void CONF_module_set_usr_data(CONF_MODULE *pmod, void *usr_data); + +int CONF_parse_list(const char *list, int sep, int nospc, + int (*list_cb)(const char *elem, int len, void *usr), void *arg); + __END_HIDDEN_DECLS #endif /* HEADER_CONF_LOCAL_H */ diff --git a/lib/libcrypto/conf/conf_mod.c b/lib/libcrypto/conf/conf_mod.c index 4bde9eb3765..3477bc71b18 100644 --- a/lib/libcrypto/conf/conf_mod.c +++ b/lib/libcrypto/conf/conf_mod.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_mod.c,v 1.38 2024/04/09 13:56:30 beck Exp $ */ +/* $OpenBSD: conf_mod.c,v 1.39 2024/08/31 09:26:18 tb Exp $ */ /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -413,7 +413,6 @@ CONF_module_add(const char *name, conf_init_func *ifunc, conf_finish_func *ffunc { return module_add(name, ifunc, ffunc); } -LCRYPTO_ALIAS(CONF_module_add); void CONF_modules_free(void) @@ -430,63 +429,54 @@ CONF_imodule_get_name(const CONF_IMODULE *imod) { return imod->name; } -LCRYPTO_ALIAS(CONF_imodule_get_name); const char * CONF_imodule_get_value(const CONF_IMODULE *imod) { return imod->value; } -LCRYPTO_ALIAS(CONF_imodule_get_value); void * CONF_imodule_get_usr_data(const CONF_IMODULE *imod) { return imod->usr_data; } -LCRYPTO_ALIAS(CONF_imodule_get_usr_data); void CONF_imodule_set_usr_data(CONF_IMODULE *imod, void *usr_data) { imod->usr_data = usr_data; } -LCRYPTO_ALIAS(CONF_imodule_set_usr_data); CONF_MODULE * CONF_imodule_get_module(const CONF_IMODULE *imod) { return imod->mod; } -LCRYPTO_ALIAS(CONF_imodule_get_module); unsigned long CONF_imodule_get_flags(const CONF_IMODULE *imod) { return imod->flags; } -LCRYPTO_ALIAS(CONF_imodule_get_flags); void CONF_imodule_set_flags(CONF_IMODULE *imod, unsigned long flags) { imod->flags = flags; } -LCRYPTO_ALIAS(CONF_imodule_set_flags); void * CONF_module_get_usr_data(CONF_MODULE *mod) { return mod->usr_data; } -LCRYPTO_ALIAS(CONF_module_get_usr_data); void CONF_module_set_usr_data(CONF_MODULE *mod, void *usr_data) { mod->usr_data = usr_data; } -LCRYPTO_ALIAS(CONF_module_set_usr_data); /* Return default config file name */ @@ -547,4 +537,3 @@ CONF_parse_list(const char *list_, int sep, int nospc, lstart = p + 1; } } -LCRYPTO_ALIAS(CONF_parse_list); diff --git a/lib/libcrypto/ct/ct_log.c b/lib/libcrypto/ct/ct_log.c index eb503a38169..514246ff4f9 100644 --- a/lib/libcrypto/ct/ct_log.c +++ b/lib/libcrypto/ct/ct_log.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ct_log.c,v 1.6 2023/07/08 07:22:58 beck Exp $ */ +/* $OpenBSD: ct_log.c,v 1.7 2024/08/31 09:26:18 tb Exp $ */ /* Author: Adam Eijdenberg . */ /* ==================================================================== * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved. @@ -67,6 +67,8 @@ #include #include +#include "conf_local.h" + #include "cryptlib.h" diff --git a/lib/libcrypto/hidden/openssl/conf.h b/lib/libcrypto/hidden/openssl/conf.h index 9d073303ca8..b4fb6e90457 100644 --- a/lib/libcrypto/hidden/openssl/conf.h +++ b/lib/libcrypto/hidden/openssl/conf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: conf.h,v 1.2 2024/08/31 09:18:00 tb Exp $ */ +/* $OpenBSD: conf.h,v 1.3 2024/08/31 09:26:18 tb Exp $ */ /* * Copyright (c) 2024 Bob Beck * @@ -42,7 +42,6 @@ LCRYPTO_USED(NCONF_WIN32); LCRYPTO_USED(NCONF_free); LCRYPTO_USED(NCONF_free_data); LCRYPTO_USED(NCONF_load); -LCRYPTO_USED(NCONF_load_fp); LCRYPTO_USED(NCONF_load_bio); LCRYPTO_USED(NCONF_get_section); LCRYPTO_USED(NCONF_get_string); @@ -52,18 +51,7 @@ LCRYPTO_USED(CONF_modules_load_file); LCRYPTO_USED(CONF_modules_unload); LCRYPTO_USED(CONF_modules_finish); LCRYPTO_USED(CONF_modules_free); -LCRYPTO_USED(CONF_module_add); -LCRYPTO_USED(CONF_imodule_get_name); -LCRYPTO_USED(CONF_imodule_get_value); -LCRYPTO_USED(CONF_imodule_get_usr_data); -LCRYPTO_USED(CONF_imodule_set_usr_data); -LCRYPTO_USED(CONF_imodule_get_module); -LCRYPTO_USED(CONF_imodule_get_flags); -LCRYPTO_USED(CONF_imodule_set_flags); -LCRYPTO_USED(CONF_module_get_usr_data); -LCRYPTO_USED(CONF_module_set_usr_data); LCRYPTO_USED(CONF_get1_default_config_file); -LCRYPTO_USED(CONF_parse_list); LCRYPTO_USED(OPENSSL_load_builtin_modules); LCRYPTO_USED(ERR_load_CONF_strings); diff --git a/lib/libcrypto/x509/x509_utl.c b/lib/libcrypto/x509/x509_utl.c index 422e89989a6..e0e5a673861 100644 --- a/lib/libcrypto/x509/x509_utl.c +++ b/lib/libcrypto/x509/x509_utl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_utl.c,v 1.19 2024/07/08 06:57:37 jca Exp $ */ +/* $OpenBSD: x509_utl.c,v 1.20 2024/08/31 09:26:18 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -67,6 +67,8 @@ #include #include +#include "conf_local.h" + #include "bytestring.h" static char *bn_to_string(const BIGNUM *bn);