From b7b56f16640800d3e2bd645fdc125400ad0216f0 Mon Sep 17 00:00:00 2001 From: tb Date: Wed, 8 May 2024 07:55:10 +0000 Subject: [PATCH] Defang X509_REQ_{s,g}et_extension_nids() These fiddle with unprotected global state, so aren't thread safe and of course there was no good reason to have this API in the first place. Nothing uses it, so it becomes a noop and will be removed in the next major bump. ok jsing --- lib/libcrypto/x509/x509_req.c | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/lib/libcrypto/x509/x509_req.c b/lib/libcrypto/x509/x509_req.c index 7ed106241aa..60e1a074b80 100644 --- a/lib/libcrypto/x509/x509_req.c +++ b/lib/libcrypto/x509/x509_req.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_req.c,v 1.33 2023/04/25 09:46:36 job Exp $ */ +/* $OpenBSD: x509_req.c,v 1.34 2024/05/08 07:55:10 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -194,20 +194,6 @@ X509_REQ_extension_nid(int req_nid) } LCRYPTO_ALIAS(X509_REQ_extension_nid); -int * -X509_REQ_get_extension_nids(void) -{ - return ext_nids; -} -LCRYPTO_ALIAS(X509_REQ_get_extension_nids); - -void -X509_REQ_set_extension_nids(int *nids) -{ - ext_nids = nids; -} -LCRYPTO_ALIAS(X509_REQ_set_extension_nids); - STACK_OF(X509_EXTENSION) * X509_REQ_get_extensions(X509_REQ *req) { @@ -354,3 +340,22 @@ i2d_re_X509_REQ_tbs(X509_REQ *req, unsigned char **pp) return i2d_X509_REQ_INFO(req->req_info, pp); } LCRYPTO_ALIAS(i2d_re_X509_REQ_tbs); + +/* + * XXX - remove the API below in the next major bump + */ + +int * +X509_REQ_get_extension_nids(void) +{ + X509error(ERR_R_DISABLED); + return NULL; +} +LCRYPTO_ALIAS(X509_REQ_get_extension_nids); + +void +X509_REQ_set_extension_nids(int *nids) +{ + X509error(ERR_R_DISABLED); +} +LCRYPTO_ALIAS(X509_REQ_set_extension_nids); -- 2.20.1