Remove SXNET

Unused and no authorative information was found online in 2016
author: tb <> 2023-04-25 18:48:32 +0000
committer: tb <> 2023-04-25 18:48:32 +0000
commit: fbf2ba949e9a8593bfac40125b23645ec041759f (patch)
tree: 45ac67a10ac935d385254aab211068743021c681 /src/lib/libcrypto/x509
parent: 7494df9154a35ac74e94b0a7e92dd8f9079e8889 (diff)
download: openbsd-fbf2ba949e9a8593bfac40125b23645ec041759f.tar.gz
openbsd-fbf2ba949e9a8593bfac40125b23645ec041759f.tar.bz2
openbsd-fbf2ba949e9a8593bfac40125b23645ec041759f.zip
2 files changed, 1 insertions, 438 deletions
diff --git a/src/lib/libcrypto/x509/x509_sxnet.c b/src/lib/libcrypto/x509/x509_sxnet.c
deleted file mode 100644
index 77c792d227..0000000000
--- a/src/lib/libcrypto/x509/x509_sxnet.c
+++ /dev/null
@@ -1,397 +0,0 @@
-/* $OpenBSD: x509_sxnet.c,v 1.3 2023/02/16 08:38:17 tb Exp $ */
-/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
- * project 1999.
- */
-/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in
- *    the documentation and/or other materials provided with the
- *    distribution.
- *
- * 3. All advertising materials mentioning features or use of this
- *    software must display the following acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
- *
- * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
- *    endorse or promote products derived from this software without
- *    prior written permission. For written permission, please contact
- *    licensing@OpenSSL.org.
- *
- * 5. Products derived from this software may not be called "OpenSSL"
- *    nor may "OpenSSL" appear in their names without prior written
- *    permission of the OpenSSL Project.
- *
- * 6. Redistributions of any form whatsoever must retain the following
- *    acknowledgment:
- *    "This product includes software developed by the OpenSSL Project
- *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
- *
- * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
- * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- * ====================================================================
- *
- * This product includes cryptographic software written by Eric Young
- * (eay@cryptsoft.com).  This product includes software written by Tim
- * Hudson (tjh@cryptsoft.com).
- *
- */
-#include <stdio.h>
-#include <string.h>
-#include <openssl/asn1.h>
-#include <openssl/asn1t.h>
-#include <openssl/conf.h>
-#include <openssl/err.h>
-#include <openssl/x509v3.h>
-/* Support for Thawte strong extranet extension */
-#define SXNET_TEST
-static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
-    int indent);
-#ifdef SXNET_TEST
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval);
-#endif
-const X509V3_EXT_METHOD v3_sxnet = {
-        .ext_nid = NID_sxnet,
-        .ext_flags = X509V3_EXT_MULTILINE,
-        .it = &SXNET_it,
-        .ext_new = NULL,
-        .ext_free = NULL,
-        .d2i = NULL,
-        .i2d = NULL,
-        .i2s = NULL,
-        .s2i = NULL,
-        .i2v = NULL,
-#ifdef SXNET_TEST
-        .v2i = (X509V3_EXT_V2I)sxnet_v2i,
-#else
-        .v2i = NULL,
-#endif
-        .i2r = (X509V3_EXT_I2R)sxnet_i2r,
-        .r2i = NULL,
-        .usr_data = NULL,
-};
-static const ASN1_TEMPLATE SXNETID_seq_tt[] = {
-        {
-                .flags = 0,
-                .tag = 0,
-                .offset = offsetof(SXNETID, zone),
-                .field_name = "zone",
-                .item = &ASN1_INTEGER_it,
-        },
-        {
-                .flags = 0,
-                .tag = 0,
-                .offset = offsetof(SXNETID, user),
-                .field_name = "user",
-                .item = &ASN1_OCTET_STRING_it,
-        },
-};
-const ASN1_ITEM SXNETID_it = {
-        .itype = ASN1_ITYPE_SEQUENCE,
-        .utype = V_ASN1_SEQUENCE,
-        .templates = SXNETID_seq_tt,
-        .tcount = sizeof(SXNETID_seq_tt) / sizeof(ASN1_TEMPLATE),
-        .funcs = NULL,
-        .size = sizeof(SXNETID),
-        .sname = "SXNETID",
-};
-SXNETID *
-d2i_SXNETID(SXNETID **a, const unsigned char **in, long len)
-{
-        return (SXNETID *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-            &SXNETID_it);
-}
-LCRYPTO_ALIAS(d2i_SXNETID);
-int
-i2d_SXNETID(SXNETID *a, unsigned char **out)
-{
-        return ASN1_item_i2d((ASN1_VALUE *)a, out, &SXNETID_it);
-}
-LCRYPTO_ALIAS(i2d_SXNETID);
-SXNETID *
-SXNETID_new(void)
-{
-        return (SXNETID *)ASN1_item_new(&SXNETID_it);
-}
-LCRYPTO_ALIAS(SXNETID_new);
-void
-SXNETID_free(SXNETID *a)
-{
-        ASN1_item_free((ASN1_VALUE *)a, &SXNETID_it);
-}
-LCRYPTO_ALIAS(SXNETID_free);
-static const ASN1_TEMPLATE SXNET_seq_tt[] = {
-        {
-                .flags = 0,
-                .tag = 0,
-                .offset = offsetof(SXNET, version),
-                .field_name = "version",
-                .item = &ASN1_INTEGER_it,
-        },
-        {
-                .flags = ASN1_TFLG_SEQUENCE_OF,
-                .tag = 0,
-                .offset = offsetof(SXNET, ids),
-                .field_name = "ids",
-                .item = &SXNETID_it,
-        },
-};
-const ASN1_ITEM SXNET_it = {
-        .itype = ASN1_ITYPE_SEQUENCE,
-        .utype = V_ASN1_SEQUENCE,
-        .templates = SXNET_seq_tt,
-        .tcount = sizeof(SXNET_seq_tt) / sizeof(ASN1_TEMPLATE),
-        .funcs = NULL,
-        .size = sizeof(SXNET),
-        .sname = "SXNET",
-};
-SXNET *
-d2i_SXNET(SXNET **a, const unsigned char **in, long len)
-{
-        return (SXNET *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-            &SXNET_it);
-}
-LCRYPTO_ALIAS(d2i_SXNET);
-int
-i2d_SXNET(SXNET *a, unsigned char **out)
-{
-        return ASN1_item_i2d((ASN1_VALUE *)a, out, &SXNET_it);
-}
-LCRYPTO_ALIAS(i2d_SXNET);
-SXNET *
-SXNET_new(void)
-{
-        return (SXNET *)ASN1_item_new(&SXNET_it);
-}
-LCRYPTO_ALIAS(SXNET_new);
-void
-SXNET_free(SXNET *a)
-{
-        ASN1_item_free((ASN1_VALUE *)a, &SXNET_it);
-}
-LCRYPTO_ALIAS(SXNET_free);
-static int
-sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent)
-{
-        long v;
-        char *tmp;
-        SXNETID *id;
-        int i;
-        v = ASN1_INTEGER_get(sx->version);
-        BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v);
-        for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-                id = sk_SXNETID_value(sx->ids, i);
-                tmp = i2s_ASN1_INTEGER(NULL, id->zone);
-                BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
-                free(tmp);
-                ASN1_STRING_print(out, id->user);
-        }
-        return 1;
-}
-#ifdef SXNET_TEST
-/* NBB: this is used for testing only. It should *not* be used for anything
- * else because it will just take static IDs from the configuration file and
- * they should really be separate values for each user.
- */
-static SXNET *
-sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-    STACK_OF(CONF_VALUE) *nval)
-{
-        CONF_VALUE *cnf;
-        SXNET *sx = NULL;
-        int i;
-        for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-                cnf = sk_CONF_VALUE_value(nval, i);
-                if (!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
-                        return NULL;
-        }
-        return sx;
-}
-#endif
-/* Strong Extranet utility functions */
-/* Add an id given the zone as an ASCII number */
-int
-SXNET_add_id_asc(SXNET **psx, const char *zone, const char *user, int userlen)
-{
-        ASN1_INTEGER *izone = NULL;
-        if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-                X509V3error(X509V3_R_ERROR_CONVERTING_ZONE);
-                return 0;
-        }
-        return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-}
-LCRYPTO_ALIAS(SXNET_add_id_asc);
-/* Add an id given the zone as an unsigned long */
-int
-SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, const char *user,
-    int userlen)
-{
-        ASN1_INTEGER *izone = NULL;
-        if (!(izone = ASN1_INTEGER_new()) ||
-            !ASN1_INTEGER_set(izone, lzone)) {
-                X509V3error(ERR_R_MALLOC_FAILURE);
-                ASN1_INTEGER_free(izone);
-                return 0;
-        }
-        return SXNET_add_id_INTEGER(psx, izone, user, userlen);
-}
-LCRYPTO_ALIAS(SXNET_add_id_ulong);
-/* Add an id given the zone as an ASN1_INTEGER.
- * Note this version uses the passed integer and doesn't make a copy so don't
- * free it up afterwards.
- */
-int
-SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, const char *user,
-    int userlen)
-{
-        SXNET *sx = NULL;
-        SXNETID *id = NULL;
-        if (!psx || !zone || !user) {
-                X509V3error(X509V3_R_INVALID_NULL_ARGUMENT);
-                return 0;
-        }
-        if (userlen == -1)
-                userlen = strlen(user);
-        if (userlen > 64) {
-                X509V3error(X509V3_R_USER_TOO_LONG);
-                return 0;
-        }
-        if (!*psx) {
-                if (!(sx = SXNET_new()))
-                        goto err;
-                if (!ASN1_INTEGER_set(sx->version, 0))
-                        goto err;
-                *psx = sx;
-        } else
-                sx = *psx;
-        if (SXNET_get_id_INTEGER(sx, zone)) {
-                X509V3error(X509V3_R_DUPLICATE_ZONE_ID);
-                return 0;
-        }
-        if (!(id = SXNETID_new()))
-                goto err;
-        if (userlen == -1)
-                userlen = strlen(user);
-        if (!ASN1_STRING_set(id->user, user, userlen))
-                goto err;
-        if (!sk_SXNETID_push(sx->ids, id))
-                goto err;
-        id->zone = zone;
-        return 1;
-err:
-        X509V3error(ERR_R_MALLOC_FAILURE);
-        SXNETID_free(id);
-        SXNET_free(sx);
-        *psx = NULL;
-        return 0;
-}
-LCRYPTO_ALIAS(SXNET_add_id_INTEGER);
-ASN1_OCTET_STRING *
-SXNET_get_id_asc(SXNET *sx, const char *zone)
-{
-        ASN1_INTEGER *izone = NULL;
-        ASN1_OCTET_STRING *oct;
-        if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
-                X509V3error(X509V3_R_ERROR_CONVERTING_ZONE);
-                return NULL;
-        }
-        oct = SXNET_get_id_INTEGER(sx, izone);
-        ASN1_INTEGER_free(izone);
-        return oct;
-}
-LCRYPTO_ALIAS(SXNET_get_id_asc);
-ASN1_OCTET_STRING *
-SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
-{
-        ASN1_INTEGER *izone = NULL;
-        ASN1_OCTET_STRING *oct;
-        if (!(izone = ASN1_INTEGER_new()) ||
-            !ASN1_INTEGER_set(izone, lzone)) {
-                X509V3error(ERR_R_MALLOC_FAILURE);
-                ASN1_INTEGER_free(izone);
-                return NULL;
-        }
-        oct = SXNET_get_id_INTEGER(sx, izone);
-        ASN1_INTEGER_free(izone);
-        return oct;
-}
-LCRYPTO_ALIAS(SXNET_get_id_ulong);
-ASN1_OCTET_STRING *
-SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone)
-{
-        SXNETID *id;
-        int i;
-        for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
-                id = sk_SXNETID_value(sx->ids, i);
-                if (!ASN1_INTEGER_cmp(id->zone, zone))
-                        return id->user;
-        }
-        return NULL;
-}
-LCRYPTO_ALIAS(SXNET_get_id_INTEGER);
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h
index 8738b302cb..d7a0ef0165 100644
--- a/src/lib/libcrypto/x509/x509v3.h
+++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.22 2023/04/25 18:28:05 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.23 2023/04/25 18:48:32 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -262,22 +262,6 @@ struct AUTHORITY_KEYID_st {
        ASN1_INTEGER *serial;
 };
-/* Strong extranet structures */
-#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
-typedef struct SXNET_ID_st {
-        ASN1_INTEGER *zone;
-        ASN1_OCTET_STRING *user;
-} SXNETID;
-DECLARE_STACK_OF(SXNETID)
-typedef struct SXNET_st {
-        ASN1_INTEGER *version;
-        STACK_OF(SXNETID) *ids;
-} SXNET;
-#endif
 typedef struct NOTICEREF_st {
        ASN1_STRING *organization;
        STACK_OF(ASN1_INTEGER) *noticenos;
@@ -517,30 +501,6 @@ BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, const unsigned c
 int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **out);
 extern const ASN1_ITEM BASIC_CONSTRAINTS_it;
-#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
-SXNET *SXNET_new(void);
-void SXNET_free(SXNET *a);
-SXNET *d2i_SXNET(SXNET **a, const unsigned char **in, long len);
-int i2d_SXNET(SXNET *a, unsigned char **out);
-extern const ASN1_ITEM SXNET_it;
-SXNETID *SXNETID_new(void);
-void SXNETID_free(SXNETID *a);
-SXNETID *d2i_SXNETID(SXNETID **a, const unsigned char **in, long len);
-int i2d_SXNETID(SXNETID *a, unsigned char **out);
-extern const ASN1_ITEM SXNETID_it;
-int SXNET_add_id_asc(SXNET **psx, const char *zone, const char *user,
-    int userlen);
-int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, const char *user,
-    int userlen);
-int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, const char *user,
-    int userlen);
-ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, const char *zone);
-ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
-ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
-#endif
 AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
 void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);
 AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, const unsigned char **in, long len);
author	tb <>	2023-04-25 18:48:32 +0000
committer	tb <>	2023-04-25 18:48:32 +0000
commit	fbf2ba949e9a8593bfac40125b23645ec041759f (patch)
tree	45ac67a10ac935d385254aab211068743021c681 /src/lib/libcrypto/x509
parent	7494df9154a35ac74e94b0a7e92dd8f9079e8889 (diff)
download	openbsd-fbf2ba949e9a8593bfac40125b23645ec041759f.tar.gz openbsd-fbf2ba949e9a8593bfac40125b23645ec041759f.tar.bz2 openbsd-fbf2ba949e9a8593bfac40125b23645ec041759f.zip

diff --git a/src/lib/libcrypto/x509/x509_sxnet.c b/src/lib/libcrypto/x509/x509_sxnet.c deleted file mode 100644 index 77c792d227..0000000000 --- a/src/lib/libcrypto/x509/x509_sxnet.c +++ /dev/null
@@ -1,397 +0,0 @@
1	/* $OpenBSD: x509_sxnet.c,v 1.3 2023/02/16 08:38:17 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.
4	*/
5	/* ====================================================================
6	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7	*
8	* Redistribution and use in source and binary forms, with or without
9	* modification, are permitted provided that the following conditions
10	* are met:
11	*
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	*
15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in
17	* the documentation and/or other materials provided with the
18	* distribution.
19	*
20	* 3. All advertising materials mentioning features or use of this
21	* software must display the following acknowledgment:
22	* "This product includes software developed by the OpenSSL Project
23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24	*
25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26	* endorse or promote products derived from this software without
27	* prior written permission. For written permission, please contact
28	* licensing@OpenSSL.org.
29	*
30	* 5. Products derived from this software may not be called "OpenSSL"
31	* nor may "OpenSSL" appear in their names without prior written
32	* permission of the OpenSSL Project.
33	*
34	* 6. Redistributions of any form whatsoever must retain the following
35	* acknowledgment:
36	* "This product includes software developed by the OpenSSL Project
37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38	*
39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50	* OF THE POSSIBILITY OF SUCH DAMAGE.
51	* ====================================================================
52	*
53	* This product includes cryptographic software written by Eric Young
54	* (eay@cryptsoft.com). This product includes software written by Tim
55	* Hudson (tjh@cryptsoft.com).
56	*
57	*/
58
59	#include <stdio.h>
60	#include <string.h>
61
62	#include <openssl/asn1.h>
63	#include <openssl/asn1t.h>
64	#include <openssl/conf.h>
65	#include <openssl/err.h>
66	#include <openssl/x509v3.h>
67
68	/* Support for Thawte strong extranet extension */
69
70	#define SXNET_TEST
71
72	static int sxnet_i2r(X509V3_EXT_METHOD method, SXNET sx, BIO *out,
73	int indent);
74	#ifdef SXNET_TEST
75	static SXNET * sxnet_v2i(X509V3_EXT_METHOD method, X509V3_CTX ctx,
76	STACK_OF(CONF_VALUE) *nval);
77	#endif
78
79	const X509V3_EXT_METHOD v3_sxnet = {
80	.ext_nid = NID_sxnet,
81	.ext_flags = X509V3_EXT_MULTILINE,
82	.it = &SXNET_it,
83	.ext_new = NULL,
84	.ext_free = NULL,
85	.d2i = NULL,
86	.i2d = NULL,
87	.i2s = NULL,
88	.s2i = NULL,
89	.i2v = NULL,
90	#ifdef SXNET_TEST
91	.v2i = (X509V3_EXT_V2I)sxnet_v2i,
92	#else
93	.v2i = NULL,
94	#endif
95	.i2r = (X509V3_EXT_I2R)sxnet_i2r,
96	.r2i = NULL,
97	.usr_data = NULL,
98	};
99
100	static const ASN1_TEMPLATE SXNETID_seq_tt[] = {
101	{
102	.flags = 0,
103	.tag = 0,
104	.offset = offsetof(SXNETID, zone),
105	.field_name = "zone",
106	.item = &ASN1_INTEGER_it,
107	},
108	{
109	.flags = 0,
110	.tag = 0,
111	.offset = offsetof(SXNETID, user),
112	.field_name = "user",
113	.item = &ASN1_OCTET_STRING_it,
114	},
115	};
116
117	const ASN1_ITEM SXNETID_it = {
118	.itype = ASN1_ITYPE_SEQUENCE,
119	.utype = V_ASN1_SEQUENCE,
120	.templates = SXNETID_seq_tt,
121	.tcount = sizeof(SXNETID_seq_tt) / sizeof(ASN1_TEMPLATE),
122	.funcs = NULL,
123	.size = sizeof(SXNETID),
124	.sname = "SXNETID",
125	};
126
127
128	SXNETID *
129	d2i_SXNETID(SXNETID a, const unsigned char in, long len)
130	{
131	return (SXNETID )ASN1_item_d2i((ASN1_VALUE *)a, in, len,
132	&SXNETID_it);
133	}
134	LCRYPTO_ALIAS(d2i_SXNETID);
135
136	int
137	i2d_SXNETID(SXNETID a, unsigned char *out)
138	{
139	return ASN1_item_i2d((ASN1_VALUE *)a, out, &SXNETID_it);
140	}
141	LCRYPTO_ALIAS(i2d_SXNETID);
142
143	SXNETID *
144	SXNETID_new(void)
145	{
146	return (SXNETID *)ASN1_item_new(&SXNETID_it);
147	}
148	LCRYPTO_ALIAS(SXNETID_new);
149
150	void
151	SXNETID_free(SXNETID *a)
152	{
153	ASN1_item_free((ASN1_VALUE *)a, &SXNETID_it);
154	}
155	LCRYPTO_ALIAS(SXNETID_free);
156
157	static const ASN1_TEMPLATE SXNET_seq_tt[] = {
158	{
159	.flags = 0,
160	.tag = 0,
161	.offset = offsetof(SXNET, version),
162	.field_name = "version",
163	.item = &ASN1_INTEGER_it,
164	},
165	{
166	.flags = ASN1_TFLG_SEQUENCE_OF,
167	.tag = 0,
168	.offset = offsetof(SXNET, ids),
169	.field_name = "ids",
170	.item = &SXNETID_it,
171	},
172	};
173
174	const ASN1_ITEM SXNET_it = {
175	.itype = ASN1_ITYPE_SEQUENCE,
176	.utype = V_ASN1_SEQUENCE,
177	.templates = SXNET_seq_tt,
178	.tcount = sizeof(SXNET_seq_tt) / sizeof(ASN1_TEMPLATE),
179	.funcs = NULL,
180	.size = sizeof(SXNET),
181	.sname = "SXNET",
182	};
183
184
185	SXNET *
186	d2i_SXNET(SXNET a, const unsigned char in, long len)
187	{
188	return (SXNET )ASN1_item_d2i((ASN1_VALUE *)a, in, len,
189	&SXNET_it);
190	}
191	LCRYPTO_ALIAS(d2i_SXNET);
192
193	int
194	i2d_SXNET(SXNET a, unsigned char *out)
195	{
196	return ASN1_item_i2d((ASN1_VALUE *)a, out, &SXNET_it);
197	}
198	LCRYPTO_ALIAS(i2d_SXNET);
199
200	SXNET *
201	SXNET_new(void)
202	{
203	return (SXNET *)ASN1_item_new(&SXNET_it);
204	}
205	LCRYPTO_ALIAS(SXNET_new);
206
207	void
208	SXNET_free(SXNET *a)
209	{
210	ASN1_item_free((ASN1_VALUE *)a, &SXNET_it);
211	}
212	LCRYPTO_ALIAS(SXNET_free);
213
214	static int
215	sxnet_i2r(X509V3_EXT_METHOD method, SXNET sx, BIO *out, int indent)
216	{
217	long v;
218	char *tmp;
219	SXNETID *id;
220	int i;
221
222	v = ASN1_INTEGER_get(sx->version);
223	BIO_printf(out, "%*sVersion: %ld (0x%lX)", indent, "", v + 1, v);
224	for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
225	id = sk_SXNETID_value(sx->ids, i);
226	tmp = i2s_ASN1_INTEGER(NULL, id->zone);
227	BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
228	free(tmp);
229	ASN1_STRING_print(out, id->user);
230	}
231	return 1;
232	}
233
234	#ifdef SXNET_TEST
235
236	/* NBB: this is used for testing only. It should not be used for anything
237	* else because it will just take static IDs from the configuration file and
238	* they should really be separate values for each user.
239	*/
240
241	static SXNET *
242	sxnet_v2i(X509V3_EXT_METHOD method, X509V3_CTX ctx,
243	STACK_OF(CONF_VALUE) *nval)
244	{
245	CONF_VALUE *cnf;
246	SXNET *sx = NULL;
247	int i;
248
249	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
250	cnf = sk_CONF_VALUE_value(nval, i);
251	if (!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
252	return NULL;
253	}
254	return sx;
255	}
256
257	#endif
258
259	/* Strong Extranet utility functions */
260
261	/* Add an id given the zone as an ASCII number */
262
263	int
264	SXNET_add_id_asc(SXNET *psx, const char zone, const char *user, int userlen)
265	{
266	ASN1_INTEGER *izone = NULL;
267
268	if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
269	X509V3error(X509V3_R_ERROR_CONVERTING_ZONE);
270	return 0;
271	}
272	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
273	}
274	LCRYPTO_ALIAS(SXNET_add_id_asc);
275
276	/* Add an id given the zone as an unsigned long */
277
278	int
279	SXNET_add_id_ulong(SXNET *psx, unsigned long lzone, const char user,
280	int userlen)
281	{
282	ASN1_INTEGER *izone = NULL;
283
284	if (!(izone = ASN1_INTEGER_new()) \|\|
285	!ASN1_INTEGER_set(izone, lzone)) {
286	X509V3error(ERR_R_MALLOC_FAILURE);
287	ASN1_INTEGER_free(izone);
288	return 0;
289	}
290	return SXNET_add_id_INTEGER(psx, izone, user, userlen);
291	}
292	LCRYPTO_ALIAS(SXNET_add_id_ulong);
293
294	/* Add an id given the zone as an ASN1_INTEGER.
295	* Note this version uses the passed integer and doesn't make a copy so don't
296	* free it up afterwards.
297	*/
298
299	int
300	SXNET_add_id_INTEGER(SXNET *psx, ASN1_INTEGER zone, const char *user,
301	int userlen)
302	{
303	SXNET *sx = NULL;
304	SXNETID *id = NULL;
305
306	if (!psx \|\| !zone \|\| !user) {
307	X509V3error(X509V3_R_INVALID_NULL_ARGUMENT);
308	return 0;
309	}
310	if (userlen == -1)
311	userlen = strlen(user);
312	if (userlen > 64) {
313	X509V3error(X509V3_R_USER_TOO_LONG);
314	return 0;
315	}
316	if (!*psx) {
317	if (!(sx = SXNET_new()))
318	goto err;
319	if (!ASN1_INTEGER_set(sx->version, 0))
320	goto err;
321	*psx = sx;
322	} else
323	sx = *psx;
324	if (SXNET_get_id_INTEGER(sx, zone)) {
325	X509V3error(X509V3_R_DUPLICATE_ZONE_ID);
326	return 0;
327	}
328
329	if (!(id = SXNETID_new()))
330	goto err;
331	if (userlen == -1)
332	userlen = strlen(user);
333
334	if (!ASN1_STRING_set(id->user, user, userlen))
335	goto err;
336	if (!sk_SXNETID_push(sx->ids, id))
337	goto err;
338	id->zone = zone;
339	return 1;
340
341	err:
342	X509V3error(ERR_R_MALLOC_FAILURE);
343	SXNETID_free(id);
344	SXNET_free(sx);
345	*psx = NULL;
346	return 0;
347	}
348	LCRYPTO_ALIAS(SXNET_add_id_INTEGER);
349
350	ASN1_OCTET_STRING *
351	SXNET_get_id_asc(SXNET sx, const char zone)
352	{
353	ASN1_INTEGER *izone = NULL;
354	ASN1_OCTET_STRING *oct;
355
356	if (!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
357	X509V3error(X509V3_R_ERROR_CONVERTING_ZONE);
358	return NULL;
359	}
360	oct = SXNET_get_id_INTEGER(sx, izone);
361	ASN1_INTEGER_free(izone);
362	return oct;
363	}
364	LCRYPTO_ALIAS(SXNET_get_id_asc);
365
366	ASN1_OCTET_STRING *
367	SXNET_get_id_ulong(SXNET *sx, unsigned long lzone)
368	{
369	ASN1_INTEGER *izone = NULL;
370	ASN1_OCTET_STRING *oct;
371
372	if (!(izone = ASN1_INTEGER_new()) \|\|
373	!ASN1_INTEGER_set(izone, lzone)) {
374	X509V3error(ERR_R_MALLOC_FAILURE);
375	ASN1_INTEGER_free(izone);
376	return NULL;
377	}
378	oct = SXNET_get_id_INTEGER(sx, izone);
379	ASN1_INTEGER_free(izone);
380	return oct;
381	}
382	LCRYPTO_ALIAS(SXNET_get_id_ulong);
383
384	ASN1_OCTET_STRING *
385	SXNET_get_id_INTEGER(SXNET sx, ASN1_INTEGER zone)
386	{
387	SXNETID *id;
388	int i;
389
390	for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
391	id = sk_SXNETID_value(sx->ids, i);
392	if (!ASN1_INTEGER_cmp(id->zone, zone))
393	return id->user;
394	}
395	return NULL;
396	}
397	LCRYPTO_ALIAS(SXNET_get_id_INTEGER);


diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h index 8738b302cb..d7a0ef0165 100644 --- a/src/lib/libcrypto/x509/x509v3.h +++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509v3.h,v 1.22 2023/04/25 18:28:05 tb Exp $ */	1	/* $OpenBSD: x509v3.h,v 1.23 2023/04/25 18:48:32 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -262,22 +262,6 @@ struct AUTHORITY_KEYID_st {
262	ASN1_INTEGER *serial;	262	ASN1_INTEGER *serial;
263	};	263	};
264		264
265	/* Strong extranet structures */
266
267	#if !defined(LIBRESSL_NEXT_API) \|\| defined(LIBRESSL_INTERNAL)
268	typedef struct SXNET_ID_st {
269	ASN1_INTEGER *zone;
270	ASN1_OCTET_STRING *user;
271	} SXNETID;
272
273	DECLARE_STACK_OF(SXNETID)
274
275	typedef struct SXNET_st {
276	ASN1_INTEGER *version;
277	STACK_OF(SXNETID) *ids;
278	} SXNET;
279	#endif
280
281	typedef struct NOTICEREF_st {	265	typedef struct NOTICEREF_st {
282	ASN1_STRING *organization;	266	ASN1_STRING *organization;
283	STACK_OF(ASN1_INTEGER) *noticenos;	267	STACK_OF(ASN1_INTEGER) *noticenos;
@@ -517,30 +501,6 @@ BASIC_CONSTRAINTS d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, const unsigned c
517	int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS a, unsigned char *out);	501	int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS a, unsigned char *out);
518	extern const ASN1_ITEM BASIC_CONSTRAINTS_it;	502	extern const ASN1_ITEM BASIC_CONSTRAINTS_it;
519		503
520	#if !defined(LIBRESSL_NEXT_API) \|\| defined(LIBRESSL_INTERNAL)
521	SXNET *SXNET_new(void);
522	void SXNET_free(SXNET *a);
523	SXNET d2i_SXNET(SXNET a, const unsigned char *in, long len);
524	int i2d_SXNET(SXNET a, unsigned char *out);
525	extern const ASN1_ITEM SXNET_it;
526	SXNETID *SXNETID_new(void);
527	void SXNETID_free(SXNETID *a);
528	SXNETID d2i_SXNETID(SXNETID a, const unsigned char *in, long len);
529	int i2d_SXNETID(SXNETID a, unsigned char *out);
530	extern const ASN1_ITEM SXNETID_it;
531
532	int SXNET_add_id_asc(SXNET *psx, const char zone, const char *user,
533	int userlen);
534	int SXNET_add_id_ulong(SXNET *psx, unsigned long lzone, const char user,
535	int userlen);
536	int SXNET_add_id_INTEGER(SXNET *psx, ASN1_INTEGER izone, const char *user,
537	int userlen);
538
539	ASN1_OCTET_STRING SXNET_get_id_asc(SXNET sx, const char *zone);
540	ASN1_OCTET_STRING SXNET_get_id_ulong(SXNET sx, unsigned long lzone);
541	ASN1_OCTET_STRING SXNET_get_id_INTEGER(SXNET sx, ASN1_INTEGER *zone);
542	#endif
543
544	AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);	504	AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
545	void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);	505	void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);
546	AUTHORITY_KEYID d2i_AUTHORITY_KEYID(AUTHORITY_KEYID a, const unsigned char *in, long len);	506	AUTHORITY_KEYID d2i_AUTHORITY_KEYID(AUTHORITY_KEYID a, const unsigned char *in, long len);