Remove cleanup() and get_crl() from X509_STORE_CTX

ok jsing

2 files changed, 3 insertions, 15 deletions

diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index 080dbaf099..81efb690df 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
-/*      $OpenBSD: x509_local.h,v 1.12 2023/12/22 07:35:09 tb Exp $ */
+/*      $OpenBSD: x509_local.h,v 1.13 2023/12/22 09:40:14 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2013.
  */
@@ -337,13 +337,11 @@ struct x509_store_ctx_st {
         int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); /* get issuers cert from ctx */
         int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
         int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-        int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
         int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
         int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
         int (*check_policy)(X509_STORE_CTX *ctx);
         STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
         STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
-        int (*cleanup)(X509_STORE_CTX *ctx);
 
         /* The following is built up */
         int valid;              /* if 0, rebuild chain */
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 2f86722c82..93fa2c2800 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.128 2023/12/22 07:35:09 tb Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.129 2023/12/22 09:40:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -976,13 +976,7 @@ check_cert(X509_STORE_CTX *ctx, STACK_OF(X509) *chain, int depth)
         while (ctx->current_reasons != CRLDP_ALL_REASONS) {
                 last_reasons = ctx->current_reasons;
                 /* Try to retrieve relevant CRL */
-                if (ctx->get_crl)
-                        ok = ctx->get_crl(ctx, &crl, x);
-                else
-                        ok = get_crl_delta(ctx, &crl, &dcrl, x);
-                /* If error looking up CRL, nothing we can do except
-                 * notify callback
-                 */
+                ok = get_crl_delta(ctx, &crl, &dcrl, x);
                 if (!ok) {
                         ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
                         ok = ctx->verify_cb(0, ctx);
@@ -2341,13 +2335,11 @@ X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *leaf,
         ctx->get_issuer = X509_STORE_CTX_get1_issuer;
         ctx->check_issued = check_issued;
         ctx->check_revocation = check_revocation;
-        ctx->get_crl = NULL;                            /* XXX - remove */
         ctx->check_crl = check_crl;
         ctx->cert_crl = cert_crl;
         ctx->check_policy = check_policy;
         ctx->lookup_certs = X509_STORE_CTX_get1_certs;
         ctx->lookup_crls = X509_STORE_CTX_get1_crls;
-        ctx->cleanup = NULL;                            /* XXX - remove */
 
         ctx->param = X509_VERIFY_PARAM_new();
         if (!ctx->param) {
@@ -2403,8 +2395,6 @@ LCRYPTO_ALIAS(X509_STORE_CTX_set0_trusted_stack);
 void
 X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
 {
-        if (ctx->cleanup)
-                ctx->cleanup(ctx);
         if (ctx->param != NULL) {
                 if (ctx->parent == NULL)
                         X509_VERIFY_PARAM_free(ctx->param);