openssl: Remove -{,un}compress from cms "app"

We haven't supported compiling against zlib in a very long time. These are the only two calls to CMS_{,un}compress(3) in the ecosystem. I am going to remove these two API stubs in the next major bump. ok jsing kenjiro
author: tb <> 2025-12-20 07:02:37 +0000
committer: tb <> 2025-12-20 07:02:37 +0000
commit: c21eea145d12f7ab9b0fa83debe4931b485d1279 (patch)
tree: 19ca424acab2f7cd1a4dcbc03903e3afc3d6742d /src
parent: 2681c4505dbb93940f461387b894b73e6ffedaff (diff)
download: openbsd-c21eea145d12f7ab9b0fa83debe4931b485d1279.tar.gz
openbsd-c21eea145d12f7ab9b0fa83debe4931b485d1279.tar.bz2
openbsd-c21eea145d12f7ab9b0fa83debe4931b485d1279.zip
2 files changed, 10 insertions, 40 deletions
diff --git a/src/usr.bin/openssl/cms.c b/src/usr.bin/openssl/cms.c
index 880ab1449b..7430f4c935 100644
--- a/src/usr.bin/openssl/cms.c
+++ b/src/usr.bin/openssl/cms.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cms.c,v 1.39 2025/11/27 08:27:31 tb Exp $ */
+/* $OpenBSD: cms.c,v 1.40 2025/12/20 07:02:37 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
@@ -89,12 +89,10 @@ static int cms_set_pkey_param(EVP_PKEY_CTX *pctx,
 #define SMIME_DATA_CREATE       (8 | SMIME_OP)
 #define SMIME_DIGEST_VERIFY     (9 | SMIME_IP)
 #define SMIME_DIGEST_CREATE     (10 | SMIME_OP)
-#define SMIME_UNCOMPRESS        (11 | SMIME_IP)
+#define SMIME_ENCRYPTED_DECRYPT (11 | SMIME_IP)
-#define SMIME_COMPRESS          (12 | SMIME_OP)
+#define SMIME_ENCRYPTED_ENCRYPT (12 | SMIME_OP)
-#define SMIME_ENCRYPTED_DECRYPT (13 | SMIME_IP)
+#define SMIME_SIGN_RECEIPT      (13 | SMIME_IP | SMIME_OP)
-#define SMIME_ENCRYPTED_ENCRYPT (14 | SMIME_OP)
+#define SMIME_VERIFY_RECEIPT    (14 | SMIME_IP)
-#define SMIME_SIGN_RECEIPT      (15 | SMIME_IP | SMIME_OP)
-#define SMIME_VERIFY_RECEIPT    (16 | SMIME_IP)
 int verify_err = 0;
@@ -602,13 +600,6 @@ static const struct option cms_options[] = {
                .value = SMIME_CMSOUT,
        },
        {
-                .name = "compress",
-                .desc = "Create CMS CompressedData type",
-                .type = OPTION_VALUE,
-                .opt.value = &cfg.operation,
-                .value = SMIME_COMPRESS,
-        },
-        {
                .name = "content",
                .argname = "file",
                .desc = "Supply or override content for detached signature",
@@ -998,13 +989,6 @@ static const struct option cms_options[] = {
                .opt.arg = &cfg.to,
        },
        {
-                .name = "uncompress",
-                .desc = "Uncompress CMS CompressedData type",
-                .type = OPTION_VALUE,
-                .opt.value = &cfg.operation,
-                .value = SMIME_UNCOMPRESS,
-        },
-        {
                .name = "verify",
                .desc = "Verify signed message",
                .type = OPTION_VALUE,
@@ -1138,7 +1122,7 @@ cms_usage(void)
            "    -camellia192 | -camellia256 | -des | -des3 |\n"
            "    -rc2-40 | -rc2-64 | -rc2-128] [-CAfile file]\n"
            "    [-CApath directory] [-CRLfile file] [-binary]\n"
-            "    [-certfile file] [-certsout file] [-cmsout] [-compress]\n"
+            "    [-certfile file] [-certsout file] [-cmsout]\n"
            "    [-content file] [-crlfeol] [-data_create] [-data_out]\n"
            "    [-debug_decrypt] [-decrypt] [-digest_create] [-digest_verify]\n"
            "    [-econtent_type type] [-encrypt] [-EncryptedData_decrypt]\n"
@@ -1156,7 +1140,7 @@ cms_usage(void)
            "    [-receipt_request_to addr] [-recip file] [-resign]\n"
            "    [-secretkey key] [-secretkeyid id] [-sign] [-sign_receipt]\n"
            "    [-signer file] [-stream | -indef | -noindef] [-subject s]\n"
-            "    [-text] [-to addr] [-uncompress] [-verify]\n"
+            "    [-text] [-to addr] [-verify]\n"
            "    [-verify_receipt file] [-verify_retcode] [cert.pem ...]\n\n");
        options_usage(cms_options);
@@ -1482,8 +1466,6 @@ cms_main(int argc, char **argv)
        } else if (cfg.operation == SMIME_DIGEST_CREATE) {
                cms = CMS_digest_create(in, cfg.sign_md,
                    cfg.flags);
-        } else if (cfg.operation == SMIME_COMPRESS) {
-                cms = CMS_compress(in, -1, cfg.flags);
        } else if (cfg.operation == SMIME_ENCRYPT) {
                int i;
                cfg.flags |= CMS_PARTIAL;
@@ -1691,9 +1673,6 @@ cms_main(int argc, char **argv)
        } else if (cfg.operation == SMIME_DATAOUT) {
                if (!CMS_data(cms, out, cfg.flags))
                        goto end;
-        } else if (cfg.operation == SMIME_UNCOMPRESS) {
-                if (!CMS_uncompress(cms, indata, out, cfg.flags))
-                        goto end;
        } else if (cfg.operation == SMIME_DIGEST_VERIFY) {
                if (CMS_digest_verify(cms, indata, out, cfg.flags) > 0)
                        BIO_printf(bio_err, "Verification successful\n");
diff --git a/src/usr.bin/openssl/openssl.1 b/src/usr.bin/openssl/openssl.1
index 40defdc38b..f3e0be15ed 100644
--- a/src/usr.bin/openssl/openssl.1
+++ b/src/usr.bin/openssl/openssl.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: openssl.1,v 1.167 2025/06/07 08:29:20 tb Exp $
+.\" $OpenBSD: openssl.1,v 1.168 2025/12/20 07:02:37 tb Exp $
 .\" ====================================================================
 .\" Copyright (c) 1998-2002 The OpenSSL Project.  All rights reserved.
 .\"
@@ -110,7 +110,7 @@
 .\" copied and put under another distribution licence
 .\" [including the GNU Public Licence.]
 .\"
-.Dd $Mdocdate: June 7 2025 $
+.Dd $Mdocdate: December 20 2025 $
 .Dt OPENSSL 1
 .Os
 .Sh NAME
@@ -931,7 +931,6 @@ but without cipher suite codes.
 .Op Fl certfile Ar file
 .Op Fl certsout Ar file
 .Op Fl cmsout
-.Op Fl compress
 .Op Fl content Ar file
 .Op Fl crlfeol
 .Op Fl data_create
@@ -985,7 +984,6 @@ but without cipher suite codes.
 .Op Fl subject Ar s
 .Op Fl text
 .Op Fl to Ar addr
-.Op Fl uncompress
 .Op Fl verify
 .Op Fl verify_receipt Ar file
 .Op Fl verify_retcode
@@ -996,8 +994,7 @@ but without cipher suite codes.
 The
 .Nm cms
 command handles S/MIME v3.1 mail.
-It can encrypt, decrypt, sign and verify, compress and uncompress S/MIME
+It can encrypt, decrypt, sign and verify S/MIME messages.
-messages.
 .Pp
 The MIME message must be sent without any blank lines between the headers and
 the output.
@@ -1053,12 +1050,6 @@ Output a content from the input CMS Data type.
 Create a CMS DigestedData type.
 .It Fl digest_verify
 Verify a CMS DigestedData type and output the content.
-.It Fl compress
-Create a CMS CompressedData type.
-Must be compiled with zlib support for this option to work.
-.It Fl uncompress
-Uncompress a CMS CompressedData type and output the content.
-Must be compiled with zlib support for this option to work.
 .It Fl EncryptedData_encrypt
 Encrypt a content using supplied symmetric key and algorithm using a
 CMS EncryptedData type.
author	tb <>	2025-12-20 07:02:37 +0000
committer	tb <>	2025-12-20 07:02:37 +0000
commit	c21eea145d12f7ab9b0fa83debe4931b485d1279 (patch)
tree	19ca424acab2f7cd1a4dcbc03903e3afc3d6742d /src
parent	2681c4505dbb93940f461387b894b73e6ffedaff (diff)
download	openbsd-c21eea145d12f7ab9b0fa83debe4931b485d1279.tar.gz openbsd-c21eea145d12f7ab9b0fa83debe4931b485d1279.tar.bz2 openbsd-c21eea145d12f7ab9b0fa83debe4931b485d1279.zip