diff options
| author | tb <> | 2024-12-23 09:57:23 +0000 |
|---|---|---|
| committer | tb <> | 2024-12-23 09:57:23 +0000 |
| commit | 724636ac58485859bba62e8ae67587fd5091e6df (patch) | |
| tree | a0222785d8fbb2df3eb6fa25f7731bbd2b052ffc /src | |
| parent | df10429f0a8abbb0125d092993d95e2849d39a79 (diff) | |
| download | openbsd-724636ac58485859bba62e8ae67587fd5091e6df.tar.gz openbsd-724636ac58485859bba62e8ae67587fd5091e6df.tar.bz2 openbsd-724636ac58485859bba62e8ae67587fd5091e6df.zip | |
Move _X509_CHECK_FLAG_DOT_SUBDOMAINS to x509_utl.c
Unclear why this ever had to be made public since it's only used in a
single file. Anyway, nothing uses this, so remove it.
This went through a full bulk
pointed out by/ok schwarze
Diffstat (limited to 'src')
| -rw-r--r-- | src/lib/libcrypto/x509/x509_utl.c | 9 | ||||
| -rw-r--r-- | src/lib/libcrypto/x509/x509v3.h | 9 |
2 files changed, 9 insertions, 9 deletions
diff --git a/src/lib/libcrypto/x509/x509_utl.c b/src/lib/libcrypto/x509/x509_utl.c index 64dc1068b7..0acd8f1d41 100644 --- a/src/lib/libcrypto/x509/x509_utl.c +++ b/src/lib/libcrypto/x509/x509_utl.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509_utl.c,v 1.23 2024/12/23 09:05:27 schwarze Exp $ */ | 1 | /* $OpenBSD: x509_utl.c,v 1.24 2024/12/23 09:57:23 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -71,6 +71,13 @@ | |||
| 71 | 71 | ||
| 72 | #include "bytestring.h" | 72 | #include "bytestring.h" |
| 73 | 73 | ||
| 74 | /* | ||
| 75 | * Match reference identifiers starting with "." to any sub-domain. | ||
| 76 | * This is a non-public flag, turned on implicitly when the subject | ||
| 77 | * reference identity is a DNS name. | ||
| 78 | */ | ||
| 79 | #define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000 | ||
| 80 | |||
| 74 | static char *bn_to_string(const BIGNUM *bn); | 81 | static char *bn_to_string(const BIGNUM *bn); |
| 75 | static char *strip_spaces(char *name); | 82 | static char *strip_spaces(char *name); |
| 76 | static int sk_strcmp(const char * const *a, const char * const *b); | 83 | static int sk_strcmp(const char * const *a, const char * const *b); |
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h index fda1e4af59..fa31279280 100644 --- a/src/lib/libcrypto/x509/x509v3.h +++ b/src/lib/libcrypto/x509/x509v3.h | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: x509v3.h,v 1.39 2024/12/23 09:55:19 tb Exp $ */ | 1 | /* $OpenBSD: x509v3.h,v 1.40 2024/12/23 09:57:23 tb Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 1999. | 3 | * project 1999. |
| 4 | */ | 4 | */ |
| @@ -690,13 +690,6 @@ STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x); | |||
| 690 | /* Disable checking the CN for a hostname, to support modern validation */ | 690 | /* Disable checking the CN for a hostname, to support modern validation */ |
| 691 | #define X509_CHECK_FLAG_NEVER_CHECK_SUBJECT 0x20 | 691 | #define X509_CHECK_FLAG_NEVER_CHECK_SUBJECT 0x20 |
| 692 | 692 | ||
| 693 | /* | ||
| 694 | * Match reference identifiers starting with "." to any sub-domain. | ||
| 695 | * This is a non-public flag, turned on implicitly when the subject | ||
| 696 | * reference identity is a DNS name. | ||
| 697 | */ | ||
| 698 | #define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000 | ||
| 699 | |||
| 700 | int X509_check_host(X509 *x, const char *chk, size_t chklen, | 693 | int X509_check_host(X509 *x, const char *chk, size_t chklen, |
| 701 | unsigned int flags, char **peername); | 694 | unsigned int flags, char **peername); |
| 702 | int X509_check_email(X509 *x, const char *chk, size_t chklen, | 695 | int X509_check_email(X509 *x, const char *chk, size_t chklen, |