10 files changed, 14 insertions, 282 deletions
diff --git a/src/lib/libcrypto/asn1/asn1t.h b/src/lib/libcrypto/asn1/asn1t.h
index 1d96df8148..3d6874d874 100644
--- a/src/lib/libcrypto/asn1/asn1t.h
+++ b/src/lib/libcrypto/asn1/asn1t.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1t.h,v 1.10 2015/02/10 08:05:16 jsing Exp $ */
+/* $OpenBSD: asn1t.h,v 1.11 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -549,10 +549,6 @@ const char *sname;		/* Structure name */
 * The 'funcs' field is used for application
 * specific functions. 
 *
- * For COMPAT types the funcs field gives a
- * set of functions that handle this type, this
- * supports the old d2i, i2d convention.
- *
 * The EXTERN type uses a new style d2i/i2d.
 * The new style should be used where possible
 * because it avoids things like the d2i IMPLICIT
@@ -577,8 +573,6 @@ const char *sname;		/* Structure name */
 #define ASN1_ITYPE_CHOICE               0x2
-#define ASN1_ITYPE_COMPAT               0x3
 #define ASN1_ITYPE_EXTERN               0x4
 #define ASN1_ITYPE_MSTRING              0x5
@@ -621,13 +615,6 @@ typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *puty
 typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
 typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
-typedef struct ASN1_COMPAT_FUNCS_st {
-        ASN1_new_func *asn1_new;
-        ASN1_free_func *asn1_free;
-        ASN1_d2i_func *asn1_d2i;
-        ASN1_i2d_func *asn1_i2d;
-} ASN1_COMPAT_FUNCS;
 typedef struct ASN1_EXTERN_FUNCS_st {
        void *app_data;
        ASN1_ex_new_func *asn1_ex_new;
@@ -733,28 +720,6 @@ typedef struct ASN1_STREAM_ARG_st {
                                ASN1_ITEM_start(itname) \
                                        ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
                                ASN1_ITEM_end(itname)
-/* Macro to implement an ASN1_ITEM in terms of old style funcs */
-#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
-#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
-        static const ASN1_COMPAT_FUNCS sname##_ff = { \
-                (ASN1_new_func *)sname##_new, \
-                (ASN1_free_func *)sname##_free, \
-                (ASN1_d2i_func *)d2i_##sname, \
-                (ASN1_i2d_func *)i2d_##sname, \
-        }; \
-        ASN1_ITEM_start(sname) \
-                ASN1_ITYPE_COMPAT, \
-                tag, \
-                NULL, \
-                0, \
-                &sname##_ff, \
-                0, \
-                #sname \
-        ASN1_ITEM_end(sname)
 #define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
        ASN1_ITEM_start(sname) \
                ASN1_ITYPE_EXTERN, \
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c
index f633d03e9c..791a10a9c0 100644
--- a/src/lib/libcrypto/asn1/tasn_dec.c
+++ b/src/lib/libcrypto/asn1/tasn_dec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_dec.c,v 1.24 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: tasn_dec.c,v 1.25 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -155,19 +155,17 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
    const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
 {
        const ASN1_TEMPLATE *tt, *errtt = NULL;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_EXTERN_FUNCS *ef;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb;
        const unsigned char *p = NULL, *q;
-        unsigned char *wp = NULL;       /* BIG FAT WARNING!  BREAKS CONST WHERE USED */
+        unsigned char oclass;
-        unsigned char imphack = 0, oclass;
        char seq_eoc, seq_nolen, cst, isopt;
        long tmplen;
        int i;
        int otag;
        int ret = 0;
-        ASN1_VALUE **pchptr, *ptmpval;
+        ASN1_VALUE **pchptr;
        if (!pval)
                return 0;
@@ -236,70 +234,6 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
                return ef->asn1_ex_d2i(pval, in, len,
                    it, tag, aclass, opt, ctx);
-        case ASN1_ITYPE_COMPAT:
-                /* we must resort to old style evil hackery */
-                cf = it->funcs;
-                /* If OPTIONAL see if it is there */
-                if (opt) {
-                        int exptag;
-                        p = *in;
-                        if (tag == -1)
-                                exptag = it->utype;
-                        else
-                                exptag = tag;
-                        /* Don't care about anything other than presence
-                         * of expected tag */
-                        ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
-                            &p, len, exptag, aclass, 1, ctx);
-                        if (!ret) {
-                                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-                                    ERR_R_NESTED_ASN1_ERROR);
-                                goto err;
-                        }
-                        if (ret == -1)
-                                return -1;
-                }
-                /* This is the old style evil hack IMPLICIT handling:
-                 * since the underlying code is expecting a tag and
-                 * class other than the one present we change the
-                 * buffer temporarily then change it back afterwards.
-                 * This doesn't and never did work for tags > 30.
-                 *
-                 * Yes this is *horrible* but it is only needed for
-                 * old style d2i which will hopefully not be around
-                 * for much longer.
-                 * FIXME: should copy the buffer then modify it so
-                 * the input buffer can be const: we should *always*
-                 * copy because the old style d2i might modify the
-                 * buffer.
-                 */
-                if (tag != -1) {
-                        wp = *(unsigned char **)in;
-                        imphack = *wp;
-                        if (p == NULL) {
-                                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-                                    ERR_R_NESTED_ASN1_ERROR);
-                                goto err;
-                        }
-                        *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) |
-                            it->utype);
-                }
-                ptmpval = cf->asn1_d2i(pval, in, len);
-                if (tag != -1)
-                        *wp = imphack;
-                if (ptmpval)
-                        return 1;
-                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-                goto err;
        case ASN1_ITYPE_CHOICE:
                if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
                        goto auxerr;
diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c
index 67d774a9c1..c59033e54d 100644
--- a/src/lib/libcrypto/asn1/tasn_enc.c
+++ b/src/lib/libcrypto/asn1/tasn_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_enc.c,v 1.15 2015/02/14 15:21:49 miod Exp $ */
+/* $OpenBSD: tasn_enc.c,v 1.16 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -131,9 +131,7 @@ ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
    int tag, int aclass)
 {
        const ASN1_TEMPLATE *tt = NULL;
-        unsigned char *p = NULL;
        int i, seqcontlen, seqlen, ndef = 1;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_EXTERN_FUNCS *ef;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb = 0;
@@ -178,19 +176,6 @@ ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
                ef = it->funcs;
                return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
-        case ASN1_ITYPE_COMPAT:
-                /* old style hackery... */
-                cf = it->funcs;
-                if (out)
-                        p = *out;
-                i = cf->asn1_i2d(*pval, out);
-                /* Fixup for IMPLICIT tag: note this messes up for tags > 30,
-                 * but so did the old code. Tags > 30 are very rare anyway.
-                 */
-                if (out && (tag != -1))
-                        *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
-                return i;
        case ASN1_ITYPE_NDEF_SEQUENCE:
                /* Use indefinite length constructed if requested */
                if (aclass & ASN1_TFLG_NDEF)
diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c
index 36b668a7f9..30d68786b1 100644
--- a/src/lib/libcrypto/asn1/tasn_fre.c
+++ b/src/lib/libcrypto/asn1/tasn_fre.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_fre.c,v 1.13 2015/02/14 13:32:46 jsing Exp $ */
+/* $OpenBSD: tasn_fre.c,v 1.14 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -84,7 +84,6 @@ asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
 {
        const ASN1_TEMPLATE *tt = NULL, *seqtt;
        const ASN1_EXTERN_FUNCS *ef;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb = NULL;
        int i;
@@ -128,12 +127,6 @@ asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
                }
                break;
-        case ASN1_ITYPE_COMPAT:
-                cf = it->funcs;
-                if (cf && cf->asn1_free)
-                        cf->asn1_free(*pval);
-                break;
        case ASN1_ITYPE_EXTERN:
                ef = it->funcs;
                if (ef && ef->asn1_ex_free)
diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c
index 86b2b3facd..132df07637 100644
--- a/src/lib/libcrypto/asn1/tasn_new.c
+++ b/src/lib/libcrypto/asn1/tasn_new.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_new.c,v 1.13 2015/02/14 15:15:27 miod Exp $ */
+/* $OpenBSD: tasn_new.c,v 1.14 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -91,7 +91,6 @@ static int
 asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
 {
        const ASN1_TEMPLATE *tt = NULL;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_EXTERN_FUNCS *ef;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb = NULL;
@@ -118,15 +117,6 @@ asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
                }
                break;
-        case ASN1_ITYPE_COMPAT:
-                cf = it->funcs;
-                if (cf && cf->asn1_new) {
-                        *pval = cf->asn1_new();
-                        if (!*pval)
-                                goto memerr;
-                }
-                break;
        case ASN1_ITYPE_PRIMITIVE:
                if (it->templates) {
                        if (!ASN1_template_new(pval, it->templates))
@@ -243,7 +233,6 @@ asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
                asn1_primitive_clear(pval, it);
                break;
-        case ASN1_ITYPE_COMPAT:
        case ASN1_ITYPE_CHOICE:
        case ASN1_ITYPE_SEQUENCE:
        case ASN1_ITYPE_NDEF_SEQUENCE:
diff --git a/src/lib/libssl/src/crypto/asn1/asn1t.h b/src/lib/libssl/src/crypto/asn1/asn1t.h
index 1d96df8148..3d6874d874 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1t.h
+++ b/src/lib/libssl/src/crypto/asn1/asn1t.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1t.h,v 1.10 2015/02/10 08:05:16 jsing Exp $ */
+/* $OpenBSD: asn1t.h,v 1.11 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -549,10 +549,6 @@ const char *sname;		/* Structure name */
 * The 'funcs' field is used for application
 * specific functions. 
 *
- * For COMPAT types the funcs field gives a
- * set of functions that handle this type, this
- * supports the old d2i, i2d convention.
- *
 * The EXTERN type uses a new style d2i/i2d.
 * The new style should be used where possible
 * because it avoids things like the d2i IMPLICIT
@@ -577,8 +573,6 @@ const char *sname;		/* Structure name */
 #define ASN1_ITYPE_CHOICE               0x2
-#define ASN1_ITYPE_COMPAT               0x3
 #define ASN1_ITYPE_EXTERN               0x4
 #define ASN1_ITYPE_MSTRING              0x5
@@ -621,13 +615,6 @@ typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *puty
 typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
 typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
-typedef struct ASN1_COMPAT_FUNCS_st {
-        ASN1_new_func *asn1_new;
-        ASN1_free_func *asn1_free;
-        ASN1_d2i_func *asn1_d2i;
-        ASN1_i2d_func *asn1_i2d;
-} ASN1_COMPAT_FUNCS;
 typedef struct ASN1_EXTERN_FUNCS_st {
        void *app_data;
        ASN1_ex_new_func *asn1_ex_new;
@@ -733,28 +720,6 @@ typedef struct ASN1_STREAM_ARG_st {
                                ASN1_ITEM_start(itname) \
                                        ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
                                ASN1_ITEM_end(itname)
-/* Macro to implement an ASN1_ITEM in terms of old style funcs */
-#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
-#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
-        static const ASN1_COMPAT_FUNCS sname##_ff = { \
-                (ASN1_new_func *)sname##_new, \
-                (ASN1_free_func *)sname##_free, \
-                (ASN1_d2i_func *)d2i_##sname, \
-                (ASN1_i2d_func *)i2d_##sname, \
-        }; \
-        ASN1_ITEM_start(sname) \
-                ASN1_ITYPE_COMPAT, \
-                tag, \
-                NULL, \
-                0, \
-                &sname##_ff, \
-                0, \
-                #sname \
-        ASN1_ITEM_end(sname)
 #define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
        ASN1_ITEM_start(sname) \
                ASN1_ITYPE_EXTERN, \
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
index f633d03e9c..791a10a9c0 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_dec.c,v 1.24 2014/06/12 15:49:27 deraadt Exp $ */
+/* $OpenBSD: tasn_dec.c,v 1.25 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -155,19 +155,17 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
    const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
 {
        const ASN1_TEMPLATE *tt, *errtt = NULL;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_EXTERN_FUNCS *ef;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb;
        const unsigned char *p = NULL, *q;
-        unsigned char *wp = NULL;       /* BIG FAT WARNING!  BREAKS CONST WHERE USED */
+        unsigned char oclass;
-        unsigned char imphack = 0, oclass;
        char seq_eoc, seq_nolen, cst, isopt;
        long tmplen;
        int i;
        int otag;
        int ret = 0;
-        ASN1_VALUE **pchptr, *ptmpval;
+        ASN1_VALUE **pchptr;
        if (!pval)
                return 0;
@@ -236,70 +234,6 @@ ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
                return ef->asn1_ex_d2i(pval, in, len,
                    it, tag, aclass, opt, ctx);
-        case ASN1_ITYPE_COMPAT:
-                /* we must resort to old style evil hackery */
-                cf = it->funcs;
-                /* If OPTIONAL see if it is there */
-                if (opt) {
-                        int exptag;
-                        p = *in;
-                        if (tag == -1)
-                                exptag = it->utype;
-                        else
-                                exptag = tag;
-                        /* Don't care about anything other than presence
-                         * of expected tag */
-                        ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
-                            &p, len, exptag, aclass, 1, ctx);
-                        if (!ret) {
-                                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-                                    ERR_R_NESTED_ASN1_ERROR);
-                                goto err;
-                        }
-                        if (ret == -1)
-                                return -1;
-                }
-                /* This is the old style evil hack IMPLICIT handling:
-                 * since the underlying code is expecting a tag and
-                 * class other than the one present we change the
-                 * buffer temporarily then change it back afterwards.
-                 * This doesn't and never did work for tags > 30.
-                 *
-                 * Yes this is *horrible* but it is only needed for
-                 * old style d2i which will hopefully not be around
-                 * for much longer.
-                 * FIXME: should copy the buffer then modify it so
-                 * the input buffer can be const: we should *always*
-                 * copy because the old style d2i might modify the
-                 * buffer.
-                 */
-                if (tag != -1) {
-                        wp = *(unsigned char **)in;
-                        imphack = *wp;
-                        if (p == NULL) {
-                                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
-                                    ERR_R_NESTED_ASN1_ERROR);
-                                goto err;
-                        }
-                        *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED) |
-                            it->utype);
-                }
-                ptmpval = cf->asn1_d2i(pval, in, len);
-                if (tag != -1)
-                        *wp = imphack;
-                if (ptmpval)
-                        return 1;
-                ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
-                goto err;
        case ASN1_ITYPE_CHOICE:
                if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
                        goto auxerr;
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_enc.c b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
index 67d774a9c1..c59033e54d 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_enc.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_enc.c,v 1.15 2015/02/14 15:21:49 miod Exp $ */
+/* $OpenBSD: tasn_enc.c,v 1.16 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -131,9 +131,7 @@ ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
    int tag, int aclass)
 {
        const ASN1_TEMPLATE *tt = NULL;
-        unsigned char *p = NULL;
        int i, seqcontlen, seqlen, ndef = 1;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_EXTERN_FUNCS *ef;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb = 0;
@@ -178,19 +176,6 @@ ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
                ef = it->funcs;
                return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
-        case ASN1_ITYPE_COMPAT:
-                /* old style hackery... */
-                cf = it->funcs;
-                if (out)
-                        p = *out;
-                i = cf->asn1_i2d(*pval, out);
-                /* Fixup for IMPLICIT tag: note this messes up for tags > 30,
-                 * but so did the old code. Tags > 30 are very rare anyway.
-                 */
-                if (out && (tag != -1))
-                        *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
-                return i;
        case ASN1_ITYPE_NDEF_SEQUENCE:
                /* Use indefinite length constructed if requested */
                if (aclass & ASN1_TFLG_NDEF)
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_fre.c b/src/lib/libssl/src/crypto/asn1/tasn_fre.c
index 36b668a7f9..30d68786b1 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_fre.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_fre.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_fre.c,v 1.13 2015/02/14 13:32:46 jsing Exp $ */
+/* $OpenBSD: tasn_fre.c,v 1.14 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -84,7 +84,6 @@ asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
 {
        const ASN1_TEMPLATE *tt = NULL, *seqtt;
        const ASN1_EXTERN_FUNCS *ef;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb = NULL;
        int i;
@@ -128,12 +127,6 @@ asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
                }
                break;
-        case ASN1_ITYPE_COMPAT:
-                cf = it->funcs;
-                if (cf && cf->asn1_free)
-                        cf->asn1_free(*pval);
-                break;
        case ASN1_ITYPE_EXTERN:
                ef = it->funcs;
                if (ef && ef->asn1_ex_free)
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_new.c b/src/lib/libssl/src/crypto/asn1/tasn_new.c
index 86b2b3facd..132df07637 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_new.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_new.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tasn_new.c,v 1.13 2015/02/14 15:15:27 miod Exp $ */
+/* $OpenBSD: tasn_new.c,v 1.14 2015/02/14 15:23:57 miod Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2000.
 */
@@ -91,7 +91,6 @@ static int
 asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
 {
        const ASN1_TEMPLATE *tt = NULL;
-        const ASN1_COMPAT_FUNCS *cf;
        const ASN1_EXTERN_FUNCS *ef;
        const ASN1_AUX *aux = it->funcs;
        ASN1_aux_cb *asn1_cb = NULL;
@@ -118,15 +117,6 @@ asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
                }
                break;
-        case ASN1_ITYPE_COMPAT:
-                cf = it->funcs;
-                if (cf && cf->asn1_new) {
-                        *pval = cf->asn1_new();
-                        if (!*pval)
-                                goto memerr;
-                }
-                break;
        case ASN1_ITYPE_PRIMITIVE:
                if (it->templates) {
                        if (!ASN1_template_new(pval, it->templates))
@@ -243,7 +233,6 @@ asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
                asn1_primitive_clear(pval, it);
                break;
-        case ASN1_ITYPE_COMPAT:
        case ASN1_ITYPE_CHOICE:
        case ASN1_ITYPE_SEQUENCE:
        case ASN1_ITYPE_NDEF_SEQUENCE: