From 40ab66bcd37cc7bf4d13129c4726cffe0f5016de Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 2 Mar 2024 10:41:46 +0000 Subject: [PATCH] Make X509_PURPOSE opaque Code using details of X509_PURPOSE does so by using API. So we can make this struct opaque. ok jsing --- lib/libcrypto/x509/x509_purp.c | 12 +++++++++++- lib/libcrypto/x509/x509v3.h | 12 ++---------- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/lib/libcrypto/x509/x509_purp.c b/lib/libcrypto/x509/x509_purp.c index 9d4ec3220ce..d887d4c355a 100644 --- a/lib/libcrypto/x509/x509_purp.c +++ b/lib/libcrypto/x509/x509_purp.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_purp.c,v 1.37 2024/03/02 10:40:05 tb Exp $ */ +/* $OpenBSD: x509_purp.c,v 1.38 2024/03/02 10:41:46 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -68,6 +68,16 @@ #include "x509_internal.h" #include "x509_local.h" +struct x509_purpose_st { + int purpose; + int trust; /* Default trust ID */ + int flags; + int (*check_purpose)(const struct x509_purpose_st *, const X509 *, int); + char *name; + char *sname; + void *usr_data; +} /* X509_PURPOSE */; + #define V1_ROOT (EXFLAG_V1|EXFLAG_SS) #define ku_reject(x, usage) \ (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage))) diff --git a/lib/libcrypto/x509/x509v3.h b/lib/libcrypto/x509/x509v3.h index 118a449e822..6b7dc80bf3f 100644 --- a/lib/libcrypto/x509/x509v3.h +++ b/lib/libcrypto/x509/x509v3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509v3.h,v 1.27 2024/03/02 10:40:05 tb Exp $ */ +/* $OpenBSD: x509v3.h,v 1.28 2024/03/02 10:41:46 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -422,15 +422,7 @@ struct ISSUING_DIST_POINT_st { #define X509_PURPOSE_DYNAMIC 0x1 #define X509_PURPOSE_DYNAMIC_NAME 0x2 -typedef struct x509_purpose_st { - int purpose; - int trust; /* Default trust ID */ - int flags; - int (*check_purpose)(const struct x509_purpose_st *, const X509 *, int); - char *name; - char *sname; - void *usr_data; -} X509_PURPOSE; +typedef struct x509_purpose_st X509_PURPOSE; #define X509_PURPOSE_SSL_CLIENT 1 #define X509_PURPOSE_SSL_SERVER 2 -- 2.20.1