1 files changed, 1 insertions, 149 deletions
diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h
index a88223cd9b..b45626a885 100644
--- a/src/lib/libcrypto/x509v3/x509v3.h
+++ b/src/lib/libcrypto/x509v3/x509v3.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509v3.h,v 1.15 2014/07/10 22:45:58 jsing Exp $ */
+/* $OpenBSD: x509v3.h,v 1.16 2015/02/10 13:28:17 jsing Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -710,154 +710,6 @@ int X509V3_NAME_from_section(X509_NAME *nm, STACK_OF(CONF_VALUE)*dn_sk,
 void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent);
 DECLARE_STACK_OF(X509_POLICY_NODE)
-#ifndef OPENSSL_NO_RFC3779
-typedef struct ASRange_st {
-  ASN1_INTEGER *min, *max;
-} ASRange;
-#define ASIdOrRange_id          0
-#define ASIdOrRange_range       1
-typedef struct ASIdOrRange_st {
-  int type;
-  union {
-    ASN1_INTEGER *id;
-    ASRange      *range;
-  } u;
-} ASIdOrRange;
-typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
-DECLARE_STACK_OF(ASIdOrRange)
-#define ASIdentifierChoice_inherit              0
-#define ASIdentifierChoice_asIdsOrRanges        1
-typedef struct ASIdentifierChoice_st {
-  int type;
-  union {
-    ASN1_NULL    *inherit;
-    ASIdOrRanges *asIdsOrRanges;
-  } u;
-} ASIdentifierChoice;
-typedef struct ASIdentifiers_st {
-  ASIdentifierChoice *asnum, *rdi;
-} ASIdentifiers;
-DECLARE_ASN1_FUNCTIONS(ASRange)
-DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
-DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
-DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
-typedef struct IPAddressRange_st {
-  ASN1_BIT_STRING       *min, *max;
-} IPAddressRange;
-#define IPAddressOrRange_addressPrefix  0
-#define IPAddressOrRange_addressRange   1
-typedef struct IPAddressOrRange_st {
-  int type;
-  union {
-    ASN1_BIT_STRING     *addressPrefix;
-    IPAddressRange      *addressRange;
-  } u;
-} IPAddressOrRange;
-typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
-DECLARE_STACK_OF(IPAddressOrRange)
-#define IPAddressChoice_inherit                 0
-#define IPAddressChoice_addressesOrRanges       1
-typedef struct IPAddressChoice_st {
-  int type;
-  union {
-    ASN1_NULL           *inherit;
-    IPAddressOrRanges   *addressesOrRanges;
-  } u;
-} IPAddressChoice;
-typedef struct IPAddressFamily_st {
-  ASN1_OCTET_STRING     *addressFamily;
-  IPAddressChoice       *ipAddressChoice;
-} IPAddressFamily;
-typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
-DECLARE_STACK_OF(IPAddressFamily)
-DECLARE_ASN1_FUNCTIONS(IPAddressRange)
-DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
-DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
-DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
-/*
- * API tag for elements of the ASIdentifer SEQUENCE.
- */
-#define V3_ASID_ASNUM   0
-#define V3_ASID_RDI     1
-/*
- * AFI values, assigned by IANA.  It'd be nice to make the AFI
- * handling code totally generic, but there are too many little things
- * that would need to be defined for other address families for it to
- * be worth the trouble.
- */
-#define IANA_AFI_IPV4   1
-#define IANA_AFI_IPV6   2
-/*
- * Utilities to construct and extract values from RFC3779 extensions,
- * since some of the encodings (particularly for IP address prefixes
- * and ranges) are a bit tedious to work with directly.
- */
-int v3_asid_add_inherit(ASIdentifiers *asid, int which);
-int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
-                            ASN1_INTEGER *min, ASN1_INTEGER *max);
-int v3_addr_add_inherit(IPAddrBlocks *addr,
-                        const unsigned afi, const unsigned *safi);
-int v3_addr_add_prefix(IPAddrBlocks *addr,
-                       const unsigned afi, const unsigned *safi,
-                       unsigned char *a, const int prefixlen);
-int v3_addr_add_range(IPAddrBlocks *addr,
-                      const unsigned afi, const unsigned *safi,
-                      unsigned char *min, unsigned char *max);
-unsigned v3_addr_get_afi(const IPAddressFamily *f);
-int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
-                      unsigned char *min, unsigned char *max,
-                      const int length);
-/*
- * Canonical forms.
- */
-int v3_asid_is_canonical(ASIdentifiers *asid);
-int v3_addr_is_canonical(IPAddrBlocks *addr);
-int v3_asid_canonize(ASIdentifiers *asid);
-int v3_addr_canonize(IPAddrBlocks *addr);
-/*
- * Tests for inheritance and containment.
- */
-int v3_asid_inherits(ASIdentifiers *asid);
-int v3_addr_inherits(IPAddrBlocks *addr);
-int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b);
-int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b);
-/*
- * Check whether RFC 3779 extensions nest properly in chains.
- */
-int v3_asid_validate_path(X509_STORE_CTX *);
-int v3_addr_validate_path(X509_STORE_CTX *);
-int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
-                                  ASIdentifiers *ext,
-                                  int allow_inheritance);
-int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
-                                  IPAddrBlocks *ext,
-                                  int allow_inheritance);
-#endif /* OPENSSL_NO_RFC3779 */
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes

diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h index a88223cd9b..b45626a885 100644 --- a/src/lib/libcrypto/x509v3/x509v3.h +++ b/src/lib/libcrypto/x509v3/x509v3.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509v3.h,v 1.15 2014/07/10 22:45:58 jsing Exp $ */	1	/* $OpenBSD: x509v3.h,v 1.16 2015/02/10 13:28:17 jsing Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -710,154 +710,6 @@ int X509V3_NAME_from_section(X509_NAME nm, STACK_OF(CONF_VALUE)dn_sk,
710	void X509_POLICY_NODE_print(BIO out, X509_POLICY_NODE node, int indent);	710	void X509_POLICY_NODE_print(BIO out, X509_POLICY_NODE node, int indent);
711	DECLARE_STACK_OF(X509_POLICY_NODE)	711	DECLARE_STACK_OF(X509_POLICY_NODE)
712		712
713	#ifndef OPENSSL_NO_RFC3779
714
715	typedef struct ASRange_st {
716	ASN1_INTEGER min, max;
717	} ASRange;
718
719	#define ASIdOrRange_id 0
720	#define ASIdOrRange_range 1
721
722	typedef struct ASIdOrRange_st {
723	int type;
724	union {
725	ASN1_INTEGER *id;
726	ASRange *range;
727	} u;
728	} ASIdOrRange;
729
730	typedef STACK_OF(ASIdOrRange) ASIdOrRanges;
731	DECLARE_STACK_OF(ASIdOrRange)
732
733	#define ASIdentifierChoice_inherit 0
734	#define ASIdentifierChoice_asIdsOrRanges 1
735
736	typedef struct ASIdentifierChoice_st {
737	int type;
738	union {
739	ASN1_NULL *inherit;
740	ASIdOrRanges *asIdsOrRanges;
741	} u;
742	} ASIdentifierChoice;
743
744	typedef struct ASIdentifiers_st {
745	ASIdentifierChoice asnum, rdi;
746	} ASIdentifiers;
747
748	DECLARE_ASN1_FUNCTIONS(ASRange)
749	DECLARE_ASN1_FUNCTIONS(ASIdOrRange)
750	DECLARE_ASN1_FUNCTIONS(ASIdentifierChoice)
751	DECLARE_ASN1_FUNCTIONS(ASIdentifiers)
752
753
754	typedef struct IPAddressRange_st {
755	ASN1_BIT_STRING min, max;
756	} IPAddressRange;
757
758	#define IPAddressOrRange_addressPrefix 0
759	#define IPAddressOrRange_addressRange 1
760
761	typedef struct IPAddressOrRange_st {
762	int type;
763	union {
764	ASN1_BIT_STRING *addressPrefix;
765	IPAddressRange *addressRange;
766	} u;
767	} IPAddressOrRange;
768
769	typedef STACK_OF(IPAddressOrRange) IPAddressOrRanges;
770	DECLARE_STACK_OF(IPAddressOrRange)
771
772	#define IPAddressChoice_inherit 0
773	#define IPAddressChoice_addressesOrRanges 1
774
775	typedef struct IPAddressChoice_st {
776	int type;
777	union {
778	ASN1_NULL *inherit;
779	IPAddressOrRanges *addressesOrRanges;
780	} u;
781	} IPAddressChoice;
782
783	typedef struct IPAddressFamily_st {
784	ASN1_OCTET_STRING *addressFamily;
785	IPAddressChoice *ipAddressChoice;
786	} IPAddressFamily;
787
788	typedef STACK_OF(IPAddressFamily) IPAddrBlocks;
789	DECLARE_STACK_OF(IPAddressFamily)
790
791	DECLARE_ASN1_FUNCTIONS(IPAddressRange)
792	DECLARE_ASN1_FUNCTIONS(IPAddressOrRange)
793	DECLARE_ASN1_FUNCTIONS(IPAddressChoice)
794	DECLARE_ASN1_FUNCTIONS(IPAddressFamily)
795
796	/*
797	* API tag for elements of the ASIdentifer SEQUENCE.
798	*/
799	#define V3_ASID_ASNUM 0
800	#define V3_ASID_RDI 1
801
802	/*
803	* AFI values, assigned by IANA. It'd be nice to make the AFI
804	* handling code totally generic, but there are too many little things
805	* that would need to be defined for other address families for it to
806	* be worth the trouble.
807	*/
808	#define IANA_AFI_IPV4 1
809	#define IANA_AFI_IPV6 2
810
811	/*
812	* Utilities to construct and extract values from RFC3779 extensions,
813	* since some of the encodings (particularly for IP address prefixes
814	* and ranges) are a bit tedious to work with directly.
815	*/
816	int v3_asid_add_inherit(ASIdentifiers *asid, int which);
817	int v3_asid_add_id_or_range(ASIdentifiers *asid, int which,
818	ASN1_INTEGER min, ASN1_INTEGER max);
819	int v3_addr_add_inherit(IPAddrBlocks *addr,
820	const unsigned afi, const unsigned *safi);
821	int v3_addr_add_prefix(IPAddrBlocks *addr,
822	const unsigned afi, const unsigned *safi,
823	unsigned char *a, const int prefixlen);
824	int v3_addr_add_range(IPAddrBlocks *addr,
825	const unsigned afi, const unsigned *safi,
826	unsigned char min, unsigned char max);
827	unsigned v3_addr_get_afi(const IPAddressFamily *f);
828	int v3_addr_get_range(IPAddressOrRange *aor, const unsigned afi,
829	unsigned char min, unsigned char max,
830	const int length);
831
832	/*
833	* Canonical forms.
834	*/
835	int v3_asid_is_canonical(ASIdentifiers *asid);
836	int v3_addr_is_canonical(IPAddrBlocks *addr);
837	int v3_asid_canonize(ASIdentifiers *asid);
838	int v3_addr_canonize(IPAddrBlocks *addr);
839
840	/*
841	* Tests for inheritance and containment.
842	*/
843	int v3_asid_inherits(ASIdentifiers *asid);
844	int v3_addr_inherits(IPAddrBlocks *addr);
845	int v3_asid_subset(ASIdentifiers a, ASIdentifiers b);
846	int v3_addr_subset(IPAddrBlocks a, IPAddrBlocks b);
847
848	/*
849	* Check whether RFC 3779 extensions nest properly in chains.
850	*/
851	int v3_asid_validate_path(X509_STORE_CTX *);
852	int v3_addr_validate_path(X509_STORE_CTX *);
853	int v3_asid_validate_resource_set(STACK_OF(X509) *chain,
854	ASIdentifiers *ext,
855	int allow_inheritance);
856	int v3_addr_validate_resource_set(STACK_OF(X509) *chain,
857	IPAddrBlocks *ext,
858	int allow_inheritance);
859
860	#endif /* OPENSSL_NO_RFC3779 */
861		713
862	/* BEGIN ERROR CODES */	714	/* BEGIN ERROR CODES */
863	/* The following lines are auto generated by the script mkerr.pl. Any changes	715	/* The following lines are auto generated by the script mkerr.pl. Any changes