diff options
| author | tb <> | 2021-12-24 13:58:15 +0000 |
|---|---|---|
| committer | tb <> | 2021-12-24 13:58:15 +0000 |
| commit | 0eb65947ecf5d357f540f9900a1affa3fd9e5ca8 (patch) | |
| tree | 50befe9fb0a094543a20a885be96083471b56c2a /src | |
| parent | 424d5de6055515eb3315450fd86f752066a71c41 (diff) | |
| download | openbsd-0eb65947ecf5d357f540f9900a1affa3fd9e5ca8.tar.gz openbsd-0eb65947ecf5d357f540f9900a1affa3fd9e5ca8.tar.bz2 openbsd-0eb65947ecf5d357f540f9900a1affa3fd9e5ca8.zip | |
Undo commenting of OPENSSL_NO_RFC3779
The define implies that we have the RFC 3779 API and corresponding
symbols publicly exposed. We don't do that since there are still
concerns about its suitability and security. oss-fuzz has code
depending on this define and this broke its build as tracked down
by jsing. This commit gets us oss-fuzz builds back while keeping
job happy since the extension pretty printing will continue to work.
ok jsing
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/opensslfeatures.h | 4 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509v3.h | 8 |
2 files changed, 7 insertions, 5 deletions
diff --git a/src/lib/libcrypto/opensslfeatures.h b/src/lib/libcrypto/opensslfeatures.h index b6b1904003..fa23bcc715 100644 --- a/src/lib/libcrypto/opensslfeatures.h +++ b/src/lib/libcrypto/opensslfeatures.h | |||
| @@ -86,7 +86,9 @@ | |||
| 86 | /* #define OPENSSL_NO_RC4 */ | 86 | /* #define OPENSSL_NO_RC4 */ |
| 87 | #define OPENSSL_NO_RC5 | 87 | #define OPENSSL_NO_RC5 |
| 88 | /* #define OPENSSL_NO_RDRAND */ | 88 | /* #define OPENSSL_NO_RDRAND */ |
| 89 | /* #define OPENSSL_NO_RFC3779 */ | 89 | #ifndef LIBRESSL_CRYPTO_INTERNAL |
| 90 | #define OPENSSL_NO_RFC3779 /* XXX until we expose it */ | ||
| 91 | #endif | ||
| 90 | /* #define OPENSSL_NO_RMD160 */ | 92 | /* #define OPENSSL_NO_RMD160 */ |
| 91 | /* #define OPENSSL_NO_RSA */ | 93 | /* #define OPENSSL_NO_RSA */ |
| 92 | /* #define OPENSSL_NO_SCRYPT */ | 94 | /* #define OPENSSL_NO_SCRYPT */ |
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h index 0a6d439310..cd53debd97 100644 --- a/src/lib/libcrypto/x509/x509v3.h +++ b/src/lib/libcrypto/x509/x509v3.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509v3.h,v 1.11 2021/12/24 02:41:35 tb Exp $ */ | 1 | /* $OpenBSD: x509v3.h,v 1.12 2021/12/24 13:58:15 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -847,7 +847,7 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk, | |||
| 847 | void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); | 847 | void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent); |
| 848 | DECLARE_STACK_OF(X509_POLICY_NODE) | 848 | DECLARE_STACK_OF(X509_POLICY_NODE) |
| 849 | 849 | ||
| 850 | #if defined(LIBRESSL_INTERNAL) | 850 | #if defined(LIBRESSL_CRYPTO_INTERNAL) |
| 851 | #ifndef OPENSSL_NO_RFC3779 | 851 | #ifndef OPENSSL_NO_RFC3779 |
| 852 | typedef struct ASRange_st { | 852 | typedef struct ASRange_st { |
| 853 | ASN1_INTEGER *min; | 853 | ASN1_INTEGER *min; |
| @@ -1036,8 +1036,8 @@ int X509v3_asid_validate_resource_set(STACK_OF(X509) *chain, ASIdentifiers *ext, | |||
| 1036 | int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain, IPAddrBlocks *ext, | 1036 | int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain, IPAddrBlocks *ext, |
| 1037 | int allow_inheritance); | 1037 | int allow_inheritance); |
| 1038 | 1038 | ||
| 1039 | #endif /* OPENSSL_NO_RFC3779 */ | 1039 | #endif /* !OPENSSL_NO_RFC3779 */ |
| 1040 | #endif | 1040 | #endif /* LIBRESSL_CRYPTO_INTERNAL */ |
| 1041 | 1041 | ||
| 1042 | /* BEGIN ERROR CODES */ | 1042 | /* BEGIN ERROR CODES */ |
| 1043 | /* The following lines are auto generated by the script mkerr.pl. Any changes | 1043 | /* The following lines are auto generated by the script mkerr.pl. Any changes |