From 860b75f2cb852014cf04e7af26318f0ceb319f6f Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 2 Mar 2024 10:48:17 +0000 Subject: [PATCH] Remove unused public X509_TRUST API Another thing that should never have leaked out of the library. It will become internal entirely, where the code can be simplified greatly. ok jsing --- lib/libcrypto/Symbols.list | 10 ---- lib/libcrypto/Symbols.namespace | 10 ---- lib/libcrypto/hidden/openssl/x509.h | 12 +---- lib/libcrypto/x509/x509.h | 13 +---- lib/libcrypto/x509/x509_trs.c | 81 +---------------------------- 5 files changed, 3 insertions(+), 123 deletions(-) diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index 01b8cae19a2..56b6392487b 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -2835,16 +2835,6 @@ X509_STORE_set_trust X509_STORE_set_verify X509_STORE_set_verify_cb X509_STORE_up_ref -X509_TRUST_add -X509_TRUST_cleanup -X509_TRUST_get0 -X509_TRUST_get0_name -X509_TRUST_get_by_id -X509_TRUST_get_count -X509_TRUST_get_flags -X509_TRUST_get_trust -X509_TRUST_set -X509_TRUST_set_default X509_VAL_free X509_VAL_it X509_VAL_new diff --git a/lib/libcrypto/Symbols.namespace b/lib/libcrypto/Symbols.namespace index 261d03ffb25..d9590797dc6 100644 --- a/lib/libcrypto/Symbols.namespace +++ b/lib/libcrypto/Symbols.namespace @@ -301,8 +301,6 @@ _libre_X509_get_default_private_dir _libre_X509_to_X509_REQ _libre_X509_REQ_to_X509 _libre_X509_get_pubkey_parameters -_libre_X509_TRUST_set_default -_libre_X509_TRUST_set _libre_X509_NAME_oneline _libre_X509_get0_extensions _libre_X509_get0_tbs_sigalg @@ -465,14 +463,6 @@ _libre_X509_verify_cert _libre_X509_find_by_issuer_and_serial _libre_X509_find_by_subject _libre_X509_check_trust -_libre_X509_TRUST_get_count -_libre_X509_TRUST_get0 -_libre_X509_TRUST_get_by_id -_libre_X509_TRUST_add -_libre_X509_TRUST_cleanup -_libre_X509_TRUST_get_flags -_libre_X509_TRUST_get0_name -_libre_X509_TRUST_get_trust _libre_X509_up_ref _libre_X509_chain_up_ref _libre_ERR_load_X509_strings diff --git a/lib/libcrypto/hidden/openssl/x509.h b/lib/libcrypto/hidden/openssl/x509.h index 13bd5b533b1..35a4a67e083 100644 --- a/lib/libcrypto/hidden/openssl/x509.h +++ b/lib/libcrypto/hidden/openssl/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.3 2023/07/05 21:14:54 bcook Exp $ */ +/* $OpenBSD: x509.h,v 1.4 2024/03/02 10:48:17 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck * @@ -104,8 +104,6 @@ LCRYPTO_USED(X509_get_default_private_dir); LCRYPTO_USED(X509_to_X509_REQ); LCRYPTO_USED(X509_REQ_to_X509); LCRYPTO_USED(X509_get_pubkey_parameters); -LCRYPTO_USED(X509_TRUST_set_default); -LCRYPTO_USED(X509_TRUST_set); LCRYPTO_USED(X509_NAME_oneline); LCRYPTO_USED(X509_get0_extensions); LCRYPTO_USED(X509_get0_tbs_sigalg); @@ -268,14 +266,6 @@ LCRYPTO_USED(X509_verify_cert); LCRYPTO_USED(X509_find_by_issuer_and_serial); LCRYPTO_USED(X509_find_by_subject); LCRYPTO_USED(X509_check_trust); -LCRYPTO_USED(X509_TRUST_get_count); -LCRYPTO_USED(X509_TRUST_get0); -LCRYPTO_USED(X509_TRUST_get_by_id); -LCRYPTO_USED(X509_TRUST_add); -LCRYPTO_USED(X509_TRUST_cleanup); -LCRYPTO_USED(X509_TRUST_get_flags); -LCRYPTO_USED(X509_TRUST_get0_name); -LCRYPTO_USED(X509_TRUST_get_trust); LCRYPTO_USED(X509_up_ref); LCRYPTO_USED(X509_chain_up_ref); LCRYPTO_USED(ERR_load_X509_strings); diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h index c84ff6b6b38..70d931c5780 100644 --- a/lib/libcrypto/x509/x509.h +++ b/lib/libcrypto/x509/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.106 2024/03/02 10:33:51 tb Exp $ */ +/* $OpenBSD: x509.h,v 1.107 2024/03/02 10:48:17 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -662,8 +662,6 @@ int X509_alias_set1(X509 *x, const unsigned char *name, int len); int X509_keyid_set1(X509 *x, const unsigned char *id, int len); unsigned char *X509_alias_get0(X509 *x, int *len); unsigned char *X509_keyid_get0(X509 *x, int *len); -int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); -int X509_TRUST_set(int *t, int trust); int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj); int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj); void X509_trust_clear(X509 *x); @@ -1041,15 +1039,6 @@ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub); int X509_check_trust(X509 *x, int id, int flags); -int X509_TRUST_get_count(void); -X509_TRUST * X509_TRUST_get0(int idx); -int X509_TRUST_get_by_id(int id); -int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - const char *name, int arg1, void *arg2); -void X509_TRUST_cleanup(void); -int X509_TRUST_get_flags(const X509_TRUST *xp); -char *X509_TRUST_get0_name(const X509_TRUST *xp); -int X509_TRUST_get_trust(const X509_TRUST *xp); int X509_up_ref(X509 *x); STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain); diff --git a/lib/libcrypto/x509/x509_trs.c b/lib/libcrypto/x509/x509_trs.c index a6fc4d61c54..774ce584b83 100644 --- a/lib/libcrypto/x509/x509_trs.c +++ b/lib/libcrypto/x509/x509_trs.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_trs.c,v 1.40 2024/01/13 19:57:38 tb Exp $ */ +/* $OpenBSD: x509_trs.c,v 1.41 2024/03/02 10:48:17 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -219,82 +219,3 @@ X509_check_trust(X509 *x, int trust_id, int flags) return trust->check_trust((X509_TRUST *)trust, x, flags); } LCRYPTO_ALIAS(X509_check_trust); - -/* - * Remove all the functions below in the next bump. - */ - -int -(*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int) -{ - X509error(ERR_R_DISABLED); - return NULL; -} -LCRYPTO_ALIAS(X509_TRUST_set_default); - -int -X509_TRUST_get_count(void) -{ - return X509_TRUST_COUNT; -} -LCRYPTO_ALIAS(X509_TRUST_get_count); - -X509_TRUST * -X509_TRUST_get0(int idx) -{ - X509error(ERR_R_DISABLED); - return NULL; -} -LCRYPTO_ALIAS(X509_TRUST_get0); - -int -X509_TRUST_get_by_id(int id) -{ - X509error(ERR_R_DISABLED); - return -1; -} -LCRYPTO_ALIAS(X509_TRUST_get_by_id); - -int -X509_TRUST_set(int *t, int trust) -{ - X509error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509_TRUST_set); - -int -X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - const char *name, int arg1, void *arg2) -{ - X509error(ERR_R_DISABLED); - return 0; -} -LCRYPTO_ALIAS(X509_TRUST_add); - -void -X509_TRUST_cleanup(void) -{ -} -LCRYPTO_ALIAS(X509_TRUST_cleanup); - -int -X509_TRUST_get_flags(const X509_TRUST *xp) -{ - return xp->flags; -} -LCRYPTO_ALIAS(X509_TRUST_get_flags); - -char * -X509_TRUST_get0_name(const X509_TRUST *xp) -{ - return xp->name; -} -LCRYPTO_ALIAS(X509_TRUST_get0_name); - -int -X509_TRUST_get_trust(const X509_TRUST *xp) -{ - return xp->trust; -} -LCRYPTO_ALIAS(X509_TRUST_get_trust); -- 2.20.1