Retire X509V3_EXT_{,CRL_,REQ_}add_conf()

Fortunately all projects who want to configure their extensions using a dangerous string DSL/API figured out the fact that one was supposed to be using the nconf version of these (the hint is the 'n', as in new). ok beck jsing
author: tb <> 2024-08-31 09:56:50 +0000
committer: tb <> 2024-08-31 09:56:50 +0000
commit: c92ddde3194a70c609ab5dd8987a10b6cf10c12f (patch)
tree: 88a649b66a44d0f9c4b6bd862981be47f4ac18c5 /src
parent: dd1c0533fa84d7ee8bbf2e4d256d3225e2057fe0 (diff)
download: openbsd-c92ddde3194a70c609ab5dd8987a10b6cf10c12f.tar.gz
openbsd-c92ddde3194a70c609ab5dd8987a10b6cf10c12f.tar.bz2
openbsd-c92ddde3194a70c609ab5dd8987a10b6cf10c12f.zip
4 files changed, 3 insertions, 42 deletions
diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 31e9480c0d..c5187d65ee 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -2352,11 +2352,8 @@ WHIRLPOOL_Init
 WHIRLPOOL_Update
 X25519
 X25519_keypair
-X509V3_EXT_CRL_add_conf
 X509V3_EXT_CRL_add_nconf
-X509V3_EXT_REQ_add_conf
 X509V3_EXT_REQ_add_nconf
-X509V3_EXT_add_conf
 X509V3_EXT_add_nconf
 X509V3_EXT_add_nconf_sk
 X509V3_EXT_conf
diff --git a/src/lib/libcrypto/hidden/openssl/x509v3.h b/src/lib/libcrypto/hidden/openssl/x509v3.h
index d0d4e97ec9..5912726791 100644
--- a/src/lib/libcrypto/hidden/openssl/x509v3.h
+++ b/src/lib/libcrypto/hidden/openssl/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.12 2024/08/28 08:59:03 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.13 2024/08/31 09:56:50 tb Exp $ */
 /*
 * Copyright (c) 2022 Bob Beck <beck@openbsd.org>
 *
@@ -139,9 +139,6 @@ LCRYPTO_USED(X509V3_EXT_REQ_add_nconf);
 LCRYPTO_USED(X509V3_EXT_CRL_add_nconf);
 LCRYPTO_USED(X509V3_EXT_conf_nid);
 LCRYPTO_USED(X509V3_EXT_conf);
-LCRYPTO_UNUSED(X509V3_EXT_add_conf);
-LCRYPTO_UNUSED(X509V3_EXT_REQ_add_conf);
-LCRYPTO_UNUSED(X509V3_EXT_CRL_add_conf);
 LCRYPTO_USED(X509V3_add_value_bool_nf);
 LCRYPTO_USED(X509V3_get_value_bool);
 LCRYPTO_USED(X509V3_get_value_int);
diff --git a/src/lib/libcrypto/x509/x509_conf.c b/src/lib/libcrypto/x509/x509_conf.c
index 27f89072c8..dee9bf65e0 100644
--- a/src/lib/libcrypto/x509/x509_conf.c
+++ b/src/lib/libcrypto/x509/x509_conf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_conf.c,v 1.23 2024/08/31 09:21:44 tb Exp $ */
+/* $OpenBSD: x509_conf.c,v 1.24 2024/08/31 09:56:50 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -489,30 +489,3 @@ X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash)
 {
 }
 LCRYPTO_ALIAS(X509V3_set_conf_lhash);
-int
-X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509 *cert)
-{
-        X509V3error(ERR_R_DISABLED);
-        return 0;
-}
-LCRYPTO_ALIAS(X509V3_EXT_add_conf);
-int
-X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_CRL *crl)
-{
-        X509V3error(ERR_R_DISABLED);
-        return 0;
-}
-LCRYPTO_ALIAS(X509V3_EXT_CRL_add_conf);
-int
-X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_REQ *req)
-{
-        X509V3error(ERR_R_DISABLED);
-        return 0;
-}
-LCRYPTO_ALIAS(X509V3_EXT_REQ_add_conf);
diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h
index b38e175954..6470f059ee 100644
--- a/src/lib/libcrypto/x509/x509v3.h
+++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.30 2024/08/28 08:22:57 tb Exp $ */
+/* $OpenBSD: x509v3.h,v 1.31 2024/08/31 09:56:50 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -647,12 +647,6 @@ X509_EXTENSION *X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
    int ext_nid, const char *value);
 X509_EXTENSION *X509V3_EXT_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
    const char *name, const char *value);
-int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509 *cert);
-int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_REQ *req);
-int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx,
-    const char *section, X509_CRL *crl);
 int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
                             STACK_OF(CONF_VALUE) **extlist);
author	tb <>	2024-08-31 09:56:50 +0000
committer	tb <>	2024-08-31 09:56:50 +0000
commit	c92ddde3194a70c609ab5dd8987a10b6cf10c12f (patch)
tree	88a649b66a44d0f9c4b6bd862981be47f4ac18c5 /src
parent	dd1c0533fa84d7ee8bbf2e4d256d3225e2057fe0 (diff)
download	openbsd-c92ddde3194a70c609ab5dd8987a10b6cf10c12f.tar.gz openbsd-c92ddde3194a70c609ab5dd8987a10b6cf10c12f.tar.bz2 openbsd-c92ddde3194a70c609ab5dd8987a10b6cf10c12f.zip

diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list index 31e9480c0d..c5187d65ee 100644 --- a/src/lib/libcrypto/Symbols.list +++ b/src/lib/libcrypto/Symbols.list
@@ -2352,11 +2352,8 @@ WHIRLPOOL_Init
2352	WHIRLPOOL_Update	2352	WHIRLPOOL_Update
2353	X25519	2353	X25519
2354	X25519_keypair	2354	X25519_keypair
2355	X509V3_EXT_CRL_add_conf
2356	X509V3_EXT_CRL_add_nconf	2355	X509V3_EXT_CRL_add_nconf
2357	X509V3_EXT_REQ_add_conf
2358	X509V3_EXT_REQ_add_nconf	2356	X509V3_EXT_REQ_add_nconf
2359	X509V3_EXT_add_conf
2360	X509V3_EXT_add_nconf	2357	X509V3_EXT_add_nconf
2361	X509V3_EXT_add_nconf_sk	2358	X509V3_EXT_add_nconf_sk
2362	X509V3_EXT_conf	2359	X509V3_EXT_conf


diff --git a/src/lib/libcrypto/hidden/openssl/x509v3.h b/src/lib/libcrypto/hidden/openssl/x509v3.h index d0d4e97ec9..5912726791 100644 --- a/src/lib/libcrypto/hidden/openssl/x509v3.h +++ b/src/lib/libcrypto/hidden/openssl/x509v3.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509v3.h,v 1.12 2024/08/28 08:59:03 tb Exp $ */	1	/* $OpenBSD: x509v3.h,v 1.13 2024/08/31 09:56:50 tb Exp $ */
2	/*	2	/*
3	* Copyright (c) 2022 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2022 Bob Beck <beck@openbsd.org>
4	*	4	*
@@ -139,9 +139,6 @@ LCRYPTO_USED(X509V3_EXT_REQ_add_nconf);
139	LCRYPTO_USED(X509V3_EXT_CRL_add_nconf);	139	LCRYPTO_USED(X509V3_EXT_CRL_add_nconf);
140	LCRYPTO_USED(X509V3_EXT_conf_nid);	140	LCRYPTO_USED(X509V3_EXT_conf_nid);
141	LCRYPTO_USED(X509V3_EXT_conf);	141	LCRYPTO_USED(X509V3_EXT_conf);
142	LCRYPTO_UNUSED(X509V3_EXT_add_conf);
143	LCRYPTO_UNUSED(X509V3_EXT_REQ_add_conf);
144	LCRYPTO_UNUSED(X509V3_EXT_CRL_add_conf);
145	LCRYPTO_USED(X509V3_add_value_bool_nf);	142	LCRYPTO_USED(X509V3_add_value_bool_nf);
146	LCRYPTO_USED(X509V3_get_value_bool);	143	LCRYPTO_USED(X509V3_get_value_bool);
147	LCRYPTO_USED(X509V3_get_value_int);	144	LCRYPTO_USED(X509V3_get_value_int);


diff --git a/src/lib/libcrypto/x509/x509_conf.c b/src/lib/libcrypto/x509/x509_conf.c index 27f89072c8..dee9bf65e0 100644 --- a/src/lib/libcrypto/x509/x509_conf.c +++ b/src/lib/libcrypto/x509/x509_conf.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_conf.c,v 1.23 2024/08/31 09:21:44 tb Exp $ */	1	/* $OpenBSD: x509_conf.c,v 1.24 2024/08/31 09:56:50 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -489,30 +489,3 @@ X509V3_set_conf_lhash(X509V3_CTX ctx, LHASH_OF(CONF_VALUE) lhash)
489	{	489	{
490	}	490	}
491	LCRYPTO_ALIAS(X509V3_set_conf_lhash);	491	LCRYPTO_ALIAS(X509V3_set_conf_lhash);
492
493	int
494	X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX ctx,
495	const char section, X509 cert)
496	{
497	X509V3error(ERR_R_DISABLED);
498	return 0;
499	}
500	LCRYPTO_ALIAS(X509V3_EXT_add_conf);
501
502	int
503	X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX ctx,
504	const char section, X509_CRL crl)
505	{
506	X509V3error(ERR_R_DISABLED);
507	return 0;
508	}
509	LCRYPTO_ALIAS(X509V3_EXT_CRL_add_conf);
510
511	int
512	X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX ctx,
513	const char section, X509_REQ req)
514	{
515	X509V3error(ERR_R_DISABLED);
516	return 0;
517	}
518	LCRYPTO_ALIAS(X509V3_EXT_REQ_add_conf);


diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h index b38e175954..6470f059ee 100644 --- a/src/lib/libcrypto/x509/x509v3.h +++ b/src/lib/libcrypto/x509/x509v3.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509v3.h,v 1.30 2024/08/28 08:22:57 tb Exp $ */	1	/* $OpenBSD: x509v3.h,v 1.31 2024/08/31 09:56:50 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -647,12 +647,6 @@ X509_EXTENSION X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) conf, X509V3_CTX *ctx,
647	int ext_nid, const char *value);	647	int ext_nid, const char *value);
648	X509_EXTENSION X509V3_EXT_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX *ctx,	648	X509_EXTENSION X509V3_EXT_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX *ctx,
649	const char name, const char value);	649	const char name, const char value);
650	int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX ctx,
651	const char section, X509 cert);
652	int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX ctx,
653	const char section, X509_REQ req);
654	int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) conf, X509V3_CTX ctx,
655	const char section, X509_CRL crl);
656		650
657	int X509V3_add_value_bool_nf(const char *name, int asn1_bool,	651	int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
658	STACK_OF(CONF_VALUE) **extlist);	652	STACK_OF(CONF_VALUE) **extlist);