From 36eb614eeac569371ae66ec52f7ed59719eef491 Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 28 Aug 2024 08:59:03 +0000 Subject: [PATCH] Get rid of last use of db_meth Nothing touches db_meth in ports. Thus only way a db_meth can be set is now as a side effect X509V3_set_conf() in which case the db is an NCONF database and the db_meth will be a thin wrapper of NCONF_get_section(). Make that explicit in the implementation, remove the guts of the unused X509V3_get_string() and X509V3_string_free(), turn X509V3_section_free() into a noop and replace several checks for ctx->db, ctx->db->meth, ... with a simple ctx->db != NULL check. ok beck jsing --- lib/libcrypto/hidden/openssl/x509v3.h | 6 ++-- lib/libcrypto/x509/x509_conf.c | 49 ++++++--------------------- 2 files changed, 14 insertions(+), 41 deletions(-) diff --git a/lib/libcrypto/hidden/openssl/x509v3.h b/lib/libcrypto/hidden/openssl/x509v3.h index f0db675e48d..d0d4e97ec9e 100644 --- a/lib/libcrypto/hidden/openssl/x509v3.h +++ b/lib/libcrypto/hidden/openssl/x509v3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509v3.h,v 1.11 2024/08/28 08:43:55 tb Exp $ */ +/* $OpenBSD: x509v3.h,v 1.12 2024/08/28 08:59:03 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck * @@ -147,9 +147,9 @@ LCRYPTO_USED(X509V3_get_value_bool); LCRYPTO_USED(X509V3_get_value_int); LCRYPTO_USED(X509V3_set_nconf); LCRYPTO_UNUSED(X509V3_set_conf_lhash); -LCRYPTO_USED(X509V3_get_string); +LCRYPTO_UNUSED(X509V3_get_string); LCRYPTO_USED(X509V3_get_section); -LCRYPTO_USED(X509V3_string_free); +LCRYPTO_UNUSED(X509V3_string_free); LCRYPTO_USED(X509V3_section_free); LCRYPTO_USED(X509V3_set_ctx); LCRYPTO_USED(X509V3_add_value); diff --git a/lib/libcrypto/x509/x509_conf.c b/lib/libcrypto/x509/x509_conf.c index d2f5afb0651..25f0ad0b263 100644 --- a/lib/libcrypto/x509/x509_conf.c +++ b/lib/libcrypto/x509/x509_conf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_conf.c,v 1.21 2024/08/28 08:50:41 tb Exp $ */ +/* $OpenBSD: x509_conf.c,v 1.22 2024/08/28 08:59:03 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -150,7 +150,7 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int nid, int crit, const char *value) } else if (method->s2i) { ext_struct = method->s2i(method, ctx, value); } else if (method->r2i) { - if (!ctx->db || !ctx->db_meth) { + if (ctx->db == NULL) { X509V3error(X509V3_R_NO_CONFIG_DATABASE); return NULL; } @@ -403,71 +403,44 @@ X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section, } LCRYPTO_ALIAS(X509V3_EXT_REQ_add_nconf); +/* XXX - remove in next bump. */ char * X509V3_get_string(X509V3_CTX *ctx, const char *name, const char *section) { - if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { - X509V3error(X509V3_R_OPERATION_NOT_DEFINED); - return NULL; - } - return ctx->db_meth->get_string(ctx->db, name, section); + X509V3error(ERR_R_DISABLED); + return NULL; } LCRYPTO_ALIAS(X509V3_get_string); STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, const char *section) { - if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { + if (ctx->db == NULL) { X509V3error(X509V3_R_OPERATION_NOT_DEFINED); return NULL; } - return ctx->db_meth->get_section(ctx->db, section); + return NCONF_get_section(ctx->db, section); } LCRYPTO_ALIAS(X509V3_get_section); +/* XXX - remove in next bump. */ void X509V3_string_free(X509V3_CTX *ctx, char *str) { - if (!str) - return; - if (ctx->db_meth->free_string) - ctx->db_meth->free_string(ctx->db, str); + return; } LCRYPTO_ALIAS(X509V3_string_free); void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section) { - if (!section) - return; - if (ctx->db_meth->free_section) - ctx->db_meth->free_section(ctx->db, section); + return; } LCRYPTO_ALIAS(X509V3_section_free); -static char * -nconf_get_string(void *db, const char *section, const char *value) -{ - return NCONF_get_string(db, section, value); -} - -static STACK_OF(CONF_VALUE) * -nconf_get_section(void *db, const char *section) -{ - return NCONF_get_section(db, section); -} - -static X509V3_CONF_METHOD nconf_method = { - nconf_get_string, - nconf_get_section, - NULL, - NULL -}; - void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf) { - ctx->db_meth = &nconf_method; ctx->db = conf; } LCRYPTO_ALIAS(X509V3_set_nconf); @@ -507,7 +480,7 @@ X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, int nid, LCRYPTO_ALIAS(X509V3_EXT_conf_nid); /* - * XXX -remove everything below in the next bump. + * XXX - remove everything below in the next bump. */ void -- 2.20.1