Retire X509V3_EXT_{,CRL_,REQ_}add_conf()

Fortunately all projects who want to configure their extensions using
a dangerous string DSL/API figured out the fact that one was supposed to
be using the nconf version of these (the hint is the 'n', as in new).

ok beck jsing

4 files changed, 3 insertions, 42 deletions

diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 31e9480c0d..c5187d65ee 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -2352,11 +2352,8 @@ WHIRLPOOL_Init
 WHIRLPOOL_Update
 X25519
 X25519_keypair
-X509V3_EXT_CRL_add_conf
 X509V3_EXT_CRL_add_nconf
-X509V3_EXT_REQ_add_conf
 X509V3_EXT_REQ_add_nconf
-X509V3_EXT_add_conf
 X509V3_EXT_add_nconf
 X509V3_EXT_add_nconf_sk
 X509V3_EXT_conf
diff --git a/src/lib/libcrypto/hidden/openssl/x509v3.h b/src/lib/libcrypto/hidden/openssl/x509v3.h
index d0d4e97ec9..5912726791 100644
--- a/src/lib/libcrypto/hidden/openssl/x509v3.h
+++ b/src/lib/libcrypto/hidden/openssl/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.12 2024/08/28 08:59:03 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.13 2024/08/31 09:56:50 tb Exp $ */
 /*
  * Copyright (c) 2022 Bob Beck <beck@openbsd.org>
  *
@@ -139,9 +139,6 @@ LCRYPTO_USED(X509V3_EXT_REQ_add_nconf);
 LCRYPTO_USED(X509V3_EXT_CRL_add_nconf);
 LCRYPTO_USED(X509V3_EXT_conf_nid);
 LCRYPTO_USED(X509V3_EXT_conf);
-LCRYPTO_UNUSED(X509V3_EXT_add_conf);
-LCRYPTO_UNUSED(X509V3_EXT_REQ_add_conf);
-LCRYPTO_UNUSED(X509V3_EXT_CRL_add_conf);
 LCRYPTO_USED(X509V3_add_value_bool_nf);
 LCRYPTO_USED(X509V3_get_value_bool);
 LCRYPTO_USED(X509V3_get_value_int);
diff --git a/src/lib/libcrypto/x509/x509_conf.c b/src/lib/libcrypto/x509/x509_conf.c
index 27f89072c8..dee9bf65e0 100644
--- a/src/lib/libcrypto/x509/x509_conf.c
+++ b/src/lib/libcrypto/x509/x509_conf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_conf.c,v 1.23 2024/08/31 09:21:44 tb Exp $ */
+/* $OpenBSD: x509_conf.c,v 1.24 2024/08/31 09:56:50 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -489,30 +489,3 @@ X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)
 {
 }
 LCRYPTO_ALIAS(X509V3_set_conf_lhash);
-
-int
-X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509 *cert)
-{
-        X509V3error(ERR_R_DISABLED);
-        return 0;
-}
-LCRYPTO_ALIAS(X509V3_EXT_add_conf);
-
-int
-X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_CRL *crl)
-{
-        X509V3error(ERR_R_DISABLED);
-        return 0;
-}
-LCRYPTO_ALIAS(X509V3_EXT_CRL_add_conf);
-
-int
-X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_REQ *req)
-{
-        X509V3error(ERR_R_DISABLED);
-        return 0;
-}
-LCRYPTO_ALIAS(X509V3_EXT_REQ_add_conf);
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h
index b38e175954..6470f059ee 100644
--- a/src/lib/libcrypto/x509/x509v3.h
+++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.30 2024/08/28 08:22:57 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.31 2024/08/31 09:56:50 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -647,12 +647,6 @@ X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
     int ext_nid, const char *value);
 X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
     const char *name, const char *value);
-int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_CRL *crl);
 
 int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
                              STACK_OF(CONF_VALUE) **extlist);