Remove unused function pointers from X509_STORE

The struct underlying the X509_STORE type is opaque ars and nothing uses the accessors that OpenSSL added blindly for these. Therefore we didn't add them in the first place. So this rips out several dozens of lines of dead code. ok beck joshua jsing
author: tb <> 2023-12-22 07:35:09 +0000
committer: tb <> 2023-12-22 07:35:09 +0000
commit: 17ae02713d46f2cc80a527a75d3032364311de6f (patch)
tree: 5cc8ec62b45fe24fb2de89d4e9df88dcfa88571a /src/lib
parent: 34d8cdfef0cdd7085a42bc158cd2b62057e4b0f7 (diff)
download: openbsd-17ae02713d46f2cc80a527a75d3032364311de6f.tar.gz
openbsd-17ae02713d46f2cc80a527a75d3032364311de6f.tar.bz2
openbsd-17ae02713d46f2cc80a527a75d3032364311de6f.zip
2 files changed, 11 insertions, 55 deletions
diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index 63082d1b19..080dbaf099 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: x509_local.h,v 1.11 2023/11/01 20:37:42 tb Exp $ */
+/*      $OpenBSD: x509_local.h,v 1.12 2023/12/22 07:35:09 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2013.
 */
@@ -299,15 +299,7 @@ struct x509_store_st {
        /* Callbacks for various operations */
        int (*verify)(X509_STORE_CTX *ctx);     /* called to verify a certificate */
        int (*verify_cb)(int ok,X509_STORE_CTX *ctx);   /* error callback */
-        int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
        int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
-        int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-        int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
-        int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
-        int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
-        STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
-        STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
-        int (*cleanup)(X509_STORE_CTX *ctx);
        CRYPTO_EX_DATA ex_data;
        int references;
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 2d4061cfdf..2f86722c82 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.127 2023/11/27 00:51:12 tb Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.128 2023/12/22 07:35:09 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -2338,52 +2338,16 @@ X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *leaf,
        else
                ctx->verify_cb = null_callback;
-        if (store && store->get_issuer)
+        ctx->get_issuer = X509_STORE_CTX_get1_issuer;
-                ctx->get_issuer = store->get_issuer;
+        ctx->check_issued = check_issued;
-        else
+        ctx->check_revocation = check_revocation;
-                ctx->get_issuer = X509_STORE_CTX_get1_issuer;
+        ctx->get_crl = NULL;                            /* XXX - remove */
+        ctx->check_crl = check_crl;
-        if (store && store->check_issued)
+        ctx->cert_crl = cert_crl;
-                ctx->check_issued = store->check_issued;
-        else
-                ctx->check_issued = check_issued;
-        if (store && store->check_revocation)
-                ctx->check_revocation = store->check_revocation;
-        else
-                ctx->check_revocation = check_revocation;
-        if (store && store->get_crl)
-                ctx->get_crl = store->get_crl;
-        else
-                ctx->get_crl = NULL;
-        if (store && store->check_crl)
-                ctx->check_crl = store->check_crl;
-        else
-                ctx->check_crl = check_crl;
-        if (store && store->cert_crl)
-                ctx->cert_crl = store->cert_crl;
-        else
-                ctx->cert_crl = cert_crl;
        ctx->check_policy = check_policy;
+        ctx->lookup_certs = X509_STORE_CTX_get1_certs;
-        if (store && store->lookup_certs)
+        ctx->lookup_crls = X509_STORE_CTX_get1_crls;
-                ctx->lookup_certs = store->lookup_certs;
+        ctx->cleanup = NULL;                            /* XXX - remove */
-        else
-                ctx->lookup_certs = X509_STORE_CTX_get1_certs;
-        if (store && store->lookup_crls)
-                ctx->lookup_crls = store->lookup_crls;
-        else
-                ctx->lookup_crls = X509_STORE_CTX_get1_crls;
-        if (store && store->cleanup)
-                ctx->cleanup = store->cleanup;
-        else
-                ctx->cleanup = NULL;
        ctx->param = X509_VERIFY_PARAM_new();
        if (!ctx->param) {
author	tb <>	2023-12-22 07:35:09 +0000
committer	tb <>	2023-12-22 07:35:09 +0000
commit	17ae02713d46f2cc80a527a75d3032364311de6f (patch)
tree	5cc8ec62b45fe24fb2de89d4e9df88dcfa88571a /src/lib
parent	34d8cdfef0cdd7085a42bc158cd2b62057e4b0f7 (diff)
download	openbsd-17ae02713d46f2cc80a527a75d3032364311de6f.tar.gz openbsd-17ae02713d46f2cc80a527a75d3032364311de6f.tar.bz2 openbsd-17ae02713d46f2cc80a527a75d3032364311de6f.zip

diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h index 63082d1b19..080dbaf099 100644 --- a/src/lib/libcrypto/x509/x509_local.h +++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_local.h,v 1.11 2023/11/01 20:37:42 tb Exp $ */	1	/* $OpenBSD: x509_local.h,v 1.12 2023/12/22 07:35:09 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2013.	3	* project 2013.
4	*/	4	*/
@@ -299,15 +299,7 @@ struct x509_store_st {
299	/* Callbacks for various operations */	299	/* Callbacks for various operations */
300	int (verify)(X509_STORE_CTX ctx); /* called to verify a certificate */	300	int (verify)(X509_STORE_CTX ctx); /* called to verify a certificate */
301	int (verify_cb)(int ok,X509_STORE_CTX ctx); /* error callback */	301	int (verify_cb)(int ok,X509_STORE_CTX ctx); /* error callback */
302	int (get_issuer)(X509 issuer, X509_STORE_CTX ctx, X509 x); / get issuers cert from ctx */
303	int (check_issued)(X509_STORE_CTX ctx, X509 x, X509 issuer); /* check issued */	302	int (check_issued)(X509_STORE_CTX ctx, X509 x, X509 issuer); /* check issued */
304	int (check_revocation)(X509_STORE_CTX ctx); /* Check revocation status of chain */
305	int (get_crl)(X509_STORE_CTX ctx, X509_CRL *crl, X509 x); /* retrieve CRL */
306	int (check_crl)(X509_STORE_CTX ctx, X509_CRL crl); / Check CRL validity */
307	int (cert_crl)(X509_STORE_CTX ctx, X509_CRL crl, X509 x); /* Check certificate against CRL */
308	STACK_OF(X509) * (lookup_certs)(X509_STORE_CTX ctx, X509_NAME *nm);
309	STACK_OF(X509_CRL) * (lookup_crls)(X509_STORE_CTX ctx, X509_NAME *nm);
310	int (cleanup)(X509_STORE_CTX ctx);
311		303
312	CRYPTO_EX_DATA ex_data;	304	CRYPTO_EX_DATA ex_data;
313	int references;	305	int references;


diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c index 2d4061cfdf..2f86722c82 100644 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_vfy.c,v 1.127 2023/11/27 00:51:12 tb Exp $ */	1	/* $OpenBSD: x509_vfy.c,v 1.128 2023/12/22 07:35:09 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -2338,52 +2338,16 @@ X509_STORE_CTX_init(X509_STORE_CTX ctx, X509_STORE store, X509 *leaf,
2338	else	2338	else
2339	ctx->verify_cb = null_callback;	2339	ctx->verify_cb = null_callback;
2340		2340
2341	if (store && store->get_issuer)	2341	ctx->get_issuer = X509_STORE_CTX_get1_issuer;
2342	ctx->get_issuer = store->get_issuer;	2342	ctx->check_issued = check_issued;
2343	else	2343	ctx->check_revocation = check_revocation;
2344	ctx->get_issuer = X509_STORE_CTX_get1_issuer;	2344	ctx->get_crl = NULL; /* XXX - remove */
2345		2345	ctx->check_crl = check_crl;
2346	if (store && store->check_issued)	2346	ctx->cert_crl = cert_crl;
2347	ctx->check_issued = store->check_issued;
2348	else
2349	ctx->check_issued = check_issued;
2350
2351	if (store && store->check_revocation)
2352	ctx->check_revocation = store->check_revocation;
2353	else
2354	ctx->check_revocation = check_revocation;
2355
2356	if (store && store->get_crl)
2357	ctx->get_crl = store->get_crl;
2358	else
2359	ctx->get_crl = NULL;
2360
2361	if (store && store->check_crl)
2362	ctx->check_crl = store->check_crl;
2363	else
2364	ctx->check_crl = check_crl;
2365
2366	if (store && store->cert_crl)
2367	ctx->cert_crl = store->cert_crl;
2368	else
2369	ctx->cert_crl = cert_crl;
2370
2371	ctx->check_policy = check_policy;	2347	ctx->check_policy = check_policy;
2372		2348	ctx->lookup_certs = X509_STORE_CTX_get1_certs;
2373	if (store && store->lookup_certs)	2349	ctx->lookup_crls = X509_STORE_CTX_get1_crls;
2374	ctx->lookup_certs = store->lookup_certs;	2350	ctx->cleanup = NULL; /* XXX - remove */
2375	else
2376	ctx->lookup_certs = X509_STORE_CTX_get1_certs;
2377
2378	if (store && store->lookup_crls)
2379	ctx->lookup_crls = store->lookup_crls;
2380	else
2381	ctx->lookup_crls = X509_STORE_CTX_get1_crls;
2382
2383	if (store && store->cleanup)
2384	ctx->cleanup = store->cleanup;
2385	else
2386	ctx->cleanup = NULL;
2387		2351
2388	ctx->param = X509_VERIFY_PARAM_new();	2352	ctx->param = X509_VERIFY_PARAM_new();
2389	if (!ctx->param) {	2353	if (!ctx->param) {