From 330f150ebfa46d1dffd71c3f75a1a342fdb3d71a Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 22 Dec 2023 09:40:14 +0000 Subject: [PATCH] Remove cleanup() and get_crl() from X509_STORE_CTX ok jsing --- lib/libcrypto/x509/x509_local.h | 4 +--- lib/libcrypto/x509/x509_vfy.c | 14 ++------------ 2 files changed, 3 insertions(+), 15 deletions(-) diff --git a/lib/libcrypto/x509/x509_local.h b/lib/libcrypto/x509/x509_local.h index 080dbaf0991..81efb690dfd 100644 --- a/lib/libcrypto/x509/x509_local.h +++ b/lib/libcrypto/x509/x509_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_local.h,v 1.12 2023/12/22 07:35:09 tb Exp $ */ +/* $OpenBSD: x509_local.h,v 1.13 2023/12/22 09:40:14 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2013. */ @@ -337,13 +337,11 @@ struct x509_store_ctx_st { int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */ int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */ int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */ - int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ int (*check_policy)(X509_STORE_CTX *ctx); STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm); STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm); - int (*cleanup)(X509_STORE_CTX *ctx); /* The following is built up */ int valid; /* if 0, rebuild chain */ diff --git a/lib/libcrypto/x509/x509_vfy.c b/lib/libcrypto/x509/x509_vfy.c index 2f86722c82f..93fa2c28008 100644 --- a/lib/libcrypto/x509/x509_vfy.c +++ b/lib/libcrypto/x509/x509_vfy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_vfy.c,v 1.128 2023/12/22 07:35:09 tb Exp $ */ +/* $OpenBSD: x509_vfy.c,v 1.129 2023/12/22 09:40:14 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -976,13 +976,7 @@ check_cert(X509_STORE_CTX *ctx, STACK_OF(X509) *chain, int depth) while (ctx->current_reasons != CRLDP_ALL_REASONS) { last_reasons = ctx->current_reasons; /* Try to retrieve relevant CRL */ - if (ctx->get_crl) - ok = ctx->get_crl(ctx, &crl, x); - else - ok = get_crl_delta(ctx, &crl, &dcrl, x); - /* If error looking up CRL, nothing we can do except - * notify callback - */ + ok = get_crl_delta(ctx, &crl, &dcrl, x); if (!ok) { ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL; ok = ctx->verify_cb(0, ctx); @@ -2341,13 +2335,11 @@ X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *leaf, ctx->get_issuer = X509_STORE_CTX_get1_issuer; ctx->check_issued = check_issued; ctx->check_revocation = check_revocation; - ctx->get_crl = NULL; /* XXX - remove */ ctx->check_crl = check_crl; ctx->cert_crl = cert_crl; ctx->check_policy = check_policy; ctx->lookup_certs = X509_STORE_CTX_get1_certs; ctx->lookup_crls = X509_STORE_CTX_get1_crls; - ctx->cleanup = NULL; /* XXX - remove */ ctx->param = X509_VERIFY_PARAM_new(); if (!ctx->param) { @@ -2403,8 +2395,6 @@ LCRYPTO_ALIAS(X509_STORE_CTX_set0_trusted_stack); void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) { - if (ctx->cleanup) - ctx->cleanup(ctx); if (ctx->param != NULL) { if (ctx->parent == NULL) X509_VERIFY_PARAM_free(ctx->param); -- 2.20.1