summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/stack/stack.c
diff options
context:
space:
mode:
authortb <>2024-01-13 19:57:38 +0000
committertb <>2024-01-13 19:57:38 +0000
commit5f09c37c2f11498c6b4f11437f3dc13f537e6b44 (patch)
treea585997b4310f31a5697f4ff3bac553b8ea7a394 /src/lib/libcrypto/stack/stack.c
parentb8e595b8e404a2ff485f496d6fb45ea8b67f7606 (diff)
downloadopenbsd-5f09c37c2f11498c6b4f11437f3dc13f537e6b44.tar.gz
openbsd-5f09c37c2f11498c6b4f11437f3dc13f537e6b44.tar.bz2
openbsd-5f09c37c2f11498c6b4f11437f3dc13f537e6b44.zip
Prepare for removing most of the X509_TRUST API
X509_check_trust() is of course used by the verifier. Unfortunately M2Crypto exposes it. The only other part of the X509_TRUST API that are still needed are the X509_TRUST_* macros in x509.h, as they are used via *_set_trust and indirectly via the purpose stuff. The rest will be removed. X509_TRUST_add() was defanged recently, in particular it no longer hangs strdup()'ed strings off the global struct. Nothing ever cleaned these up. TRUST_cleanup() attempted to do so, but since it checked the dynamic/dynamic strings flags in the wrong order, that cleanup call ended up doing nothing, so that code was removed at some point. As a consequence, the struct can now be made const. Use a CTASSERT() to ensure size assumptions on X509_TRUST_COUNT, X509_TRUST_MAX, and X509_TRUST_MIN hold true. Remove the global variable underlying X509_TRUST_set_default()'s functionality and move its accessor down to all the other functions that will be deleted. Inline a few things in X509_check_trust(), so we can excise the internals of X509_TRUST_get0(), X509_TRUST_get_by_id(). Since the default trust function can no longer be changed, call obj_trust() directly. ok jsing
Diffstat (limited to 'src/lib/libcrypto/stack/stack.c')
0 files changed, 0 insertions, 0 deletions