summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/libcrypto/hidden/openssl/x509v3.h6
-rw-r--r--src/lib/libcrypto/x509/x509_conf.c49
2 files changed, 14 insertions, 41 deletions
diff --git a/src/lib/libcrypto/hidden/openssl/x509v3.h b/src/lib/libcrypto/hidden/openssl/x509v3.h
index f0db675e48..d0d4e97ec9 100644
--- a/src/lib/libcrypto/hidden/openssl/x509v3.h
+++ b/src/lib/libcrypto/hidden/openssl/x509v3.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509v3.h,v 1.11 2024/08/28 08:43:55 tb Exp $ */ 1/* $OpenBSD: x509v3.h,v 1.12 2024/08/28 08:59:03 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2022 Bob Beck <beck@openbsd.org> 3 * Copyright (c) 2022 Bob Beck <beck@openbsd.org>
4 * 4 *
@@ -147,9 +147,9 @@ LCRYPTO_USED(X509V3_get_value_bool);
147LCRYPTO_USED(X509V3_get_value_int); 147LCRYPTO_USED(X509V3_get_value_int);
148LCRYPTO_USED(X509V3_set_nconf); 148LCRYPTO_USED(X509V3_set_nconf);
149LCRYPTO_UNUSED(X509V3_set_conf_lhash); 149LCRYPTO_UNUSED(X509V3_set_conf_lhash);
150LCRYPTO_USED(X509V3_get_string); 150LCRYPTO_UNUSED(X509V3_get_string);
151LCRYPTO_USED(X509V3_get_section); 151LCRYPTO_USED(X509V3_get_section);
152LCRYPTO_USED(X509V3_string_free); 152LCRYPTO_UNUSED(X509V3_string_free);
153LCRYPTO_USED(X509V3_section_free); 153LCRYPTO_USED(X509V3_section_free);
154LCRYPTO_USED(X509V3_set_ctx); 154LCRYPTO_USED(X509V3_set_ctx);
155LCRYPTO_USED(X509V3_add_value); 155LCRYPTO_USED(X509V3_add_value);
diff --git a/src/lib/libcrypto/x509/x509_conf.c b/src/lib/libcrypto/x509/x509_conf.c
index d2f5afb065..25f0ad0b26 100644
--- a/src/lib/libcrypto/x509/x509_conf.c
+++ b/src/lib/libcrypto/x509/x509_conf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x509_conf.c,v 1.21 2024/08/28 08:50:41 tb Exp $ */ 1/* $OpenBSD: x509_conf.c,v 1.22 2024/08/28 08:59:03 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -150,7 +150,7 @@ do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int nid, int crit, const char *value)
150 } else if (method->s2i) { 150 } else if (method->s2i) {
151 ext_struct = method->s2i(method, ctx, value); 151 ext_struct = method->s2i(method, ctx, value);
152 } else if (method->r2i) { 152 } else if (method->r2i) {
153 if (!ctx->db || !ctx->db_meth) { 153 if (ctx->db == NULL) {
154 X509V3error(X509V3_R_NO_CONFIG_DATABASE); 154 X509V3error(X509V3_R_NO_CONFIG_DATABASE);
155 return NULL; 155 return NULL;
156 } 156 }
@@ -403,71 +403,44 @@ X509V3_EXT_REQ_add_nconf(CONF *conf, X509V3_CTX *ctx, const char *section,
403} 403}
404LCRYPTO_ALIAS(X509V3_EXT_REQ_add_nconf); 404LCRYPTO_ALIAS(X509V3_EXT_REQ_add_nconf);
405 405
406/* XXX - remove in next bump. */
406char * 407char *
407X509V3_get_string(X509V3_CTX *ctx, const char *name, const char *section) 408X509V3_get_string(X509V3_CTX *ctx, const char *name, const char *section)
408{ 409{
409 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_string) { 410 X509V3error(ERR_R_DISABLED);
410 X509V3error(X509V3_R_OPERATION_NOT_DEFINED); 411 return NULL;
411 return NULL;
412 }
413 return ctx->db_meth->get_string(ctx->db, name, section);
414} 412}
415LCRYPTO_ALIAS(X509V3_get_string); 413LCRYPTO_ALIAS(X509V3_get_string);
416 414
417STACK_OF(CONF_VALUE) * 415STACK_OF(CONF_VALUE) *
418X509V3_get_section(X509V3_CTX *ctx, const char *section) 416X509V3_get_section(X509V3_CTX *ctx, const char *section)
419{ 417{
420 if (!ctx->db || !ctx->db_meth || !ctx->db_meth->get_section) { 418 if (ctx->db == NULL) {
421 X509V3error(X509V3_R_OPERATION_NOT_DEFINED); 419 X509V3error(X509V3_R_OPERATION_NOT_DEFINED);
422 return NULL; 420 return NULL;
423 } 421 }
424 return ctx->db_meth->get_section(ctx->db, section); 422 return NCONF_get_section(ctx->db, section);
425} 423}
426LCRYPTO_ALIAS(X509V3_get_section); 424LCRYPTO_ALIAS(X509V3_get_section);
427 425
426/* XXX - remove in next bump. */
428void 427void
429X509V3_string_free(X509V3_CTX *ctx, char *str) 428X509V3_string_free(X509V3_CTX *ctx, char *str)
430{ 429{
431 if (!str) 430 return;
432 return;
433 if (ctx->db_meth->free_string)
434 ctx->db_meth->free_string(ctx->db, str);
435} 431}
436LCRYPTO_ALIAS(X509V3_string_free); 432LCRYPTO_ALIAS(X509V3_string_free);
437 433
438void 434void
439X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section) 435X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
440{ 436{
441 if (!section) 437 return;
442 return;
443 if (ctx->db_meth->free_section)
444 ctx->db_meth->free_section(ctx->db, section);
445} 438}
446LCRYPTO_ALIAS(X509V3_section_free); 439LCRYPTO_ALIAS(X509V3_section_free);
447 440
448static char *
449nconf_get_string(void *db, const char *section, const char *value)
450{
451 return NCONF_get_string(db, section, value);
452}
453
454static STACK_OF(CONF_VALUE) *
455nconf_get_section(void *db, const char *section)
456{
457 return NCONF_get_section(db, section);
458}
459
460static X509V3_CONF_METHOD nconf_method = {
461 nconf_get_string,
462 nconf_get_section,
463 NULL,
464 NULL
465};
466
467void 441void
468X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf) 442X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
469{ 443{
470 ctx->db_meth = &nconf_method;
471 ctx->db = conf; 444 ctx->db = conf;
472} 445}
473LCRYPTO_ALIAS(X509V3_set_nconf); 446LCRYPTO_ALIAS(X509V3_set_nconf);
@@ -507,7 +480,7 @@ X509V3_EXT_conf_nid(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, int nid,
507LCRYPTO_ALIAS(X509V3_EXT_conf_nid); 480LCRYPTO_ALIAS(X509V3_EXT_conf_nid);
508 481
509/* 482/*
510 * XXX -remove everything below in the next bump. 483 * XXX - remove everything below in the next bump.
511 */ 484 */
512 485
513void 486void
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-01 13:40:08 +0000