Remove the nseq command

4 files changed, 5 insertions, 211 deletions

diff --git a/src/usr.bin/openssl/Makefile b/src/usr.bin/openssl/Makefile
index 664a520003..47199c10e1 100644
--- a/src/usr.bin/openssl/Makefile
+++ b/src/usr.bin/openssl/Makefile
@@ -1,4 +1,4 @@
-#       $OpenBSD: Makefile,v 1.11 2019/11/04 15:25:54 jsing Exp $
+#       $OpenBSD: Makefile,v 1.12 2023/04/25 16:11:02 tb Exp $
 
 .include <bsd.own.mk>
 
@@ -22,7 +22,7 @@ CFLAGS+= -DLIBRESSL_INTERNAL
 
 SRCS=   apps.c apps_posix.c asn1pars.c ca.c certhash.c ciphers.c cms.c crl.c \
         crl2p7.c dgst.c dh.c dhparam.c dsa.c dsaparam.c ec.c ecparam.c enc.c \
-        errstr.c gendh.c gendsa.c genpkey.c genrsa.c nseq.c ocsp.c \
+        errstr.c gendh.c gendsa.c genpkey.c genrsa.c ocsp.c \
         openssl.c passwd.c pkcs12.c pkcs7.c pkcs8.c pkey.c pkeyparam.c \
         pkeyutl.c prime.c rand.c req.c rsa.c rsautl.c s_cb.c s_client.c \
         s_server.c s_socket.c s_time.c sess_id.c smime.c speed.c spkac.c ts.c \
diff --git a/src/usr.bin/openssl/nseq.c b/src/usr.bin/openssl/nseq.c
deleted file mode 100644
index fb0dda5dca..0000000000
--- a/src/usr.bin/openssl/nseq.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/* $OpenBSD: nseq.c,v 1.11 2023/03/06 14:32:06 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-
-#include <stdio.h>
-#include <string.h>
-
-#include "apps.h"
-
-#include <openssl/err.h>
-#include <openssl/pem.h>
-
-static struct {
-        char *infile;
-        char *outfile;
-        int toseq;
-} cfg;
-
-static const struct option nseq_options[] = {
-        {
-                .name = "in",
-                .argname = "file",
-                .desc = "Input file to read from (default stdin)",
-                .type = OPTION_ARG,
-                .opt.arg = &cfg.infile,
-        },
-        {
-                .name = "out",
-                .argname = "file",
-                .desc = "Output file to write to (default stdout)",
-                .type = OPTION_ARG,
-                .opt.arg = &cfg.outfile,
-        },
-        {
-                .name = "toseq",
-                .desc = "Convert certificates to Netscape certificate sequence",
-                .type = OPTION_FLAG,
-                .opt.flag = &cfg.toseq,
-        },
-        { NULL },
-};
-
-static void
-nseq_usage()
-{
-        fprintf(stderr, "usage: nseq [-in file] [-out file] [-toseq]\n");
-        options_usage(nseq_options);
-}
-
-int
-nseq_main(int argc, char **argv)
-{
-        BIO *in = NULL, *out = NULL;
-        X509 *x509 = NULL;
-        NETSCAPE_CERT_SEQUENCE *seq = NULL;
-        int i, ret = 1;
-
-        if (pledge("stdio cpath wpath rpath", NULL) == -1) {
-                perror("pledge");
-                exit(1);
-        }
-
-        memset(&cfg, 0, sizeof(cfg));
-
-        if (options_parse(argc, argv, nseq_options, NULL, NULL) != 0) {
-                nseq_usage();
-                return (1);
-        }
-
-        if (cfg.infile) {
-                if (!(in = BIO_new_file(cfg.infile, "r"))) {
-                        BIO_printf(bio_err,
-                            "Can't open input file %s\n", cfg.infile);
-                        goto end;
-                }
-        } else
-                in = BIO_new_fp(stdin, BIO_NOCLOSE);
-
-        if (cfg.outfile) {
-                if (!(out = BIO_new_file(cfg.outfile, "w"))) {
-                        BIO_printf(bio_err,
-                            "Can't open output file %s\n", cfg.outfile);
-                        goto end;
-                }
-        } else {
-                out = BIO_new_fp(stdout, BIO_NOCLOSE);
-        }
-        if (cfg.toseq) {
-                seq = NETSCAPE_CERT_SEQUENCE_new();
-                seq->certs = sk_X509_new_null();
-                while ((x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
-                        sk_X509_push(seq->certs, x509);
-
-                if (!sk_X509_num(seq->certs)) {
-                        BIO_printf(bio_err, "Error reading certs file %s\n", cfg.infile);
-                        ERR_print_errors(bio_err);
-                        goto end;
-                }
-                PEM_write_bio_NETSCAPE_CERT_SEQUENCE(out, seq);
-                ret = 0;
-                goto end;
-        }
-        if (!(seq = PEM_read_bio_NETSCAPE_CERT_SEQUENCE(in, NULL, NULL, NULL))) {
-                BIO_printf(bio_err, "Error reading sequence file %s\n", cfg.infile);
-                ERR_print_errors(bio_err);
-                goto end;
-        }
-        for (i = 0; i < sk_X509_num(seq->certs); i++) {
-                x509 = sk_X509_value(seq->certs, i);
-                dump_cert_text(out, x509);
-                PEM_write_bio_X509(out, x509);
-        }
-        ret = 0;
- end:
-        BIO_free(in);
-        BIO_free_all(out);
-        NETSCAPE_CERT_SEQUENCE_free(seq);
-
-        return (ret);
-}
diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1
index a7c3bf5ee6..c430e49f0f 100644
--- a/src/usr.bin/openssl/openssl.1
+++ b/src/usr.bin/openssl/openssl.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.1,v 1.142 2023/04/22 20:51:26 tb Exp $
+.\" $OpenBSD: openssl.1,v 1.143 2023/04/25 16:11:02 tb Exp $
 .\" ====================================================================
 .\" Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 .\"
@@ -110,7 +110,7 @@
 .\" copied and put under another distribution licence
 .\" [including the GNU Public Licence.]
 .\"
-.Dd $Mdocdate: April 22 2023 $
+.Dd $Mdocdate: April 25 2023 $
 .Dt OPENSSL 1
 .Os
 .Sh NAME
@@ -2542,37 +2542,6 @@ The size of the private key to generate in bits.
 This must be the last option specified.
 The default is 2048.
 .El
-.Tg nseq
-.Sh NSEQ
-.Nm openssl nseq
-.Op Fl in Ar file
-.Op Fl out Ar file
-.Op Fl toseq
-.Pp
-The
-.Nm nseq
-command takes a file containing a Netscape certificate sequence
-(an alternative to the standard PKCS#7 format)
-and prints out the certificates contained in it,
-or takes a file of certificates
-and converts it into a Netscape certificate sequence.
-.Pp
-The options are as follows:
-.Bl -tag -width Ds
-.It Fl in Ar file
-The input file to read from,
-or standard input if not specified.
-.It Fl out Ar file
-The output file to write to,
-or standard output if not specified.
-.It Fl toseq
-Normally, a Netscape certificate sequence will be input and the output
-is the certificates contained in it.
-With the
-.Fl toseq
-option the situation is reversed:
-a Netscape certificate sequence is created from a file of certificates.
-.El
 .Tg ocsp
 .Sh OCSP
 .Bl -hang -width "openssl ocsp"
diff --git a/src/usr.bin/openssl/openssl.c b/src/usr.bin/openssl/openssl.c
index 1b1cea6098..51940fdf64 100644
--- a/src/usr.bin/openssl/openssl.c
+++ b/src/usr.bin/openssl/openssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: openssl.c,v 1.32 2022/11/11 18:24:32 joshua Exp $ */
+/* $OpenBSD: openssl.c,v 1.33 2023/04/25 16:11:02 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -161,7 +161,6 @@ FUNCTION functions[] = {
         { FUNC_TYPE_GENERAL, "enc", enc_main },
         { FUNC_TYPE_GENERAL, "errstr", errstr_main },
         { FUNC_TYPE_GENERAL, "genpkey", genpkey_main },
-        { FUNC_TYPE_GENERAL, "nseq", nseq_main },
 #ifndef OPENSSL_NO_OCSP
         { FUNC_TYPE_GENERAL, "ocsp", ocsp_main },
 #endif