Mark remaining policy tree public API for removal

ok jsing
author: tb <> 2023-04-16 08:21:13 +0000
committer: tb <> 2023-04-16 08:21:13 +0000
commit: 5155e77c7b0c5d2688974520972a5bae814d3d03 (patch)
tree: 73765a5c7a2d6d28d4d962b2f4c75a4cb18d4396 /src/lib
parent: 7561b8bd9ef9ff52d48b21fe76fbb88d4ad77374 (diff)
download: openbsd-5155e77c7b0c5d2688974520972a5bae814d3d03.tar.gz
openbsd-5155e77c7b0c5d2688974520972a5bae814d3d03.tar.bz2
openbsd-5155e77c7b0c5d2688974520972a5bae814d3d03.zip
2 files changed, 19 insertions, 3 deletions
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index 9e3c263a06..f5b103a0e7 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.58 2023/03/10 16:44:07 tb Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.59 2023/04/16 08:21:12 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -416,8 +416,12 @@ X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx);
 #define X509_STORE_set_verify_func(ctx, func) \
    X509_STORE_set_verify((ctx), (func))
+/* Remove in next bump. */
+#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
 X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
 int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
+#endif
 int X509_STORE_CTX_get_num_untrusted(X509_STORE_CTX *ctx);
 X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
@@ -468,13 +472,21 @@ int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
 const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
 void X509_VERIFY_PARAM_table_cleanup(void);
+/* Move to x509_local.h in next bump - needed by x509_vfy.c. */
+#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
 int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
                        STACK_OF(X509) *certs,
                        STACK_OF(ASN1_OBJECT) *policy_oids,
                        unsigned int flags);
 void X509_policy_tree_free(X509_POLICY_TREE *tree);
+#endif
+/*
+ * Move these to pcy_int.h in next bump - X509_policy_tree_get0_user_policies()
+ * is actually used, the rest can be deleted.
+ */
+#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
 int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
 X509_POLICY_LEVEL *
        X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i);
@@ -496,8 +508,9 @@ STACK_OF(POLICYQUALINFO) *
 const X509_POLICY_NODE *
        X509_policy_node_get0_parent(const X509_POLICY_NODE *node);
+#endif
 #ifdef  __cplusplus
 }
 #endif
 #endif
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h
index f4c12223ae..9a08845191 100644
--- a/src/lib/libcrypto/x509/x509v3.h
+++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.18 2023/04/16 08:11:38 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.19 2023/04/16 08:21:13 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -844,8 +844,11 @@ int a2i_ipadd(unsigned char *ipout, const char *ipasc);
 int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
                                                unsigned long chtype);
+/* Move to pcy_int.h. */
+#if !defined(LIBRESSL_NEXT_API) || defined(LIBRESSL_INTERNAL)
 void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
 DECLARE_STACK_OF(X509_POLICY_NODE)
+#endif
 #ifndef OPENSSL_NO_RFC3779
 typedef struct ASRange_st {
author	tb <>	2023-04-16 08:21:13 +0000
committer	tb <>	2023-04-16 08:21:13 +0000
commit	5155e77c7b0c5d2688974520972a5bae814d3d03 (patch)
tree	73765a5c7a2d6d28d4d962b2f4c75a4cb18d4396 /src/lib
parent	7561b8bd9ef9ff52d48b21fe76fbb88d4ad77374 (diff)
download	openbsd-5155e77c7b0c5d2688974520972a5bae814d3d03.tar.gz openbsd-5155e77c7b0c5d2688974520972a5bae814d3d03.tar.bz2 openbsd-5155e77c7b0c5d2688974520972a5bae814d3d03.zip