From ac758cd1b3203fd7563a6cfc766073ceb869bb0a Mon Sep 17 00:00:00 2001 From: tb Date: Sat, 2 Mar 2024 10:52:24 +0000 Subject: [PATCH] Make X509_CERT_AUX internal Another struct/API that should never have leaked out of the library. ok jsing --- lib/libcrypto/Symbols.list | 6 ------ lib/libcrypto/x509/x509.h | 10 +--------- lib/libcrypto/x509/x509_local.h | 13 ++++++++++--- 3 files changed, 11 insertions(+), 18 deletions(-) diff --git a/lib/libcrypto/Symbols.list b/lib/libcrypto/Symbols.list index 56b6392487b..ea67b1faa0e 100644 --- a/lib/libcrypto/Symbols.list +++ b/lib/libcrypto/Symbols.list @@ -2550,10 +2550,6 @@ X509_ATTRIBUTE_it X509_ATTRIBUTE_new X509_ATTRIBUTE_set1_data X509_ATTRIBUTE_set1_object -X509_CERT_AUX_free -X509_CERT_AUX_it -X509_CERT_AUX_new -X509_CERT_AUX_print X509_CINF_free X509_CINF_it X509_CINF_new @@ -3210,7 +3206,6 @@ d2i_X509_ALGOR d2i_X509_ALGORS d2i_X509_ATTRIBUTE d2i_X509_AUX -d2i_X509_CERT_AUX d2i_X509_CINF d2i_X509_CRL d2i_X509_CRL_INFO @@ -3407,7 +3402,6 @@ i2d_X509_ALGOR i2d_X509_ALGORS i2d_X509_ATTRIBUTE i2d_X509_AUX -i2d_X509_CERT_AUX i2d_X509_CINF i2d_X509_CRL i2d_X509_CRL_INFO diff --git a/lib/libcrypto/x509/x509.h b/lib/libcrypto/x509/x509.h index c89e8fc7579..98a0bcb2012 100644 --- a/lib/libcrypto/x509/x509.h +++ b/lib/libcrypto/x509/x509.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509.h,v 1.109 2024/03/02 10:50:26 tb Exp $ */ +/* $OpenBSD: x509.h,v 1.110 2024/03/02 10:52:24 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -149,8 +149,6 @@ typedef struct X509_req_info_st X509_REQ_INFO; typedef struct X509_req_st X509_REQ; -typedef struct x509_cert_aux_st X509_CERT_AUX; - typedef struct x509_cinf_st X509_CINF; DECLARE_STACK_OF(X509) @@ -626,11 +624,6 @@ void X509_free(X509 *a); X509 *d2i_X509(X509 **a, const unsigned char **in, long len); int i2d_X509(X509 *a, unsigned char **out); extern const ASN1_ITEM X509_it; -X509_CERT_AUX *X509_CERT_AUX_new(void); -void X509_CERT_AUX_free(X509_CERT_AUX *a); -X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len); -int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out); -extern const ASN1_ITEM X509_CERT_AUX_it; int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); @@ -828,7 +821,6 @@ int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, int X509_print_ex(BIO *bp,X509 *x, unsigned long nmflag, unsigned long cflag); int X509_print(BIO *bp,X509 *x); int X509_ocspid_print(BIO *bp,X509 *x); -int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); int X509_CRL_print(BIO *bp,X509_CRL *x); int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflag, unsigned long cflag); int X509_REQ_print(BIO *bp,X509_REQ *req); diff --git a/lib/libcrypto/x509/x509_local.h b/lib/libcrypto/x509/x509_local.h index 342aa226fb4..83b57403d0f 100644 --- a/lib/libcrypto/x509/x509_local.h +++ b/lib/libcrypto/x509/x509_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_local.h,v 1.21 2024/03/02 10:40:05 tb Exp $ */ +/* $OpenBSD: x509_local.h,v 1.22 2024/03/02 10:52:24 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2013. */ @@ -135,13 +135,20 @@ struct X509_req_st { * useful in certificate stores and databases. When used this is tagged onto * the end of the certificate itself. */ -struct x509_cert_aux_st { +typedef struct x509_cert_aux_st { STACK_OF(ASN1_OBJECT) *trust; /* trusted uses */ STACK_OF(ASN1_OBJECT) *reject; /* rejected uses */ ASN1_UTF8STRING *alias; /* "friendly name" */ ASN1_OCTET_STRING *keyid; /* key id of private key */ STACK_OF(X509_ALGOR) *other; /* other unspecified info */ -} /* X509_CERT_AUX */; +} X509_CERT_AUX; + +X509_CERT_AUX *X509_CERT_AUX_new(void); +void X509_CERT_AUX_free(X509_CERT_AUX *a); +X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len); +int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out); +extern const ASN1_ITEM X509_CERT_AUX_it; +int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent); struct x509_cinf_st { ASN1_INTEGER *version; /* [ 0 ] default of v1 */ -- 2.20.1