1 files changed, 42 insertions, 105 deletions
diff --git a/src/lib/libcrypto/x509/x509_lib.c b/src/lib/libcrypto/x509/x509_lib.c
index 93f8dc207b..c78b600677 100644
--- a/src/lib/libcrypto/x509/x509_lib.c
+++ b/src/lib/libcrypto/x509/x509_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_lib.c,v 1.14 2023/04/25 10:56:58 tb Exp $ */
+/* $OpenBSD: x509_lib.c,v 1.15 2024/01/25 12:20:17 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -65,8 +65,6 @@
 #include "x509_local.h"
-static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
 extern const X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
 extern const X509V3_EXT_METHOD v3_pkey_usage_period, v3_info, v3_sinfo;
 extern const X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
@@ -142,62 +140,17 @@ static const X509V3_EXT_METHOD *standard_exts[] = {
 #define STANDARD_EXTENSION_COUNT (sizeof(standard_exts) / sizeof(standard_exts[0]))
-static int
-ext_cmp(const X509V3_EXT_METHOD * const *a, const X509V3_EXT_METHOD * const *b)
-{
-        return ((*a)->ext_nid - (*b)->ext_nid);
-}
-int
-X509V3_EXT_add(X509V3_EXT_METHOD *ext)
-{
-        if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
-                X509V3error(ERR_R_MALLOC_FAILURE);
-                return 0;
-        }
-        if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
-                X509V3error(ERR_R_MALLOC_FAILURE);
-                return 0;
-        }
-        return 1;
-}
-LCRYPTO_ALIAS(X509V3_EXT_add);
-static int
-ext_cmp_BSEARCH_CMP_FN(const void *a_, const void *b_)
-{
-        const X509V3_EXT_METHOD * const *a = a_;
-        const X509V3_EXT_METHOD * const *b = b_;
-        return ext_cmp(a, b);
-}
-static const X509V3_EXT_METHOD **
-OBJ_bsearch_ext(const X509V3_EXT_METHOD **key,
-    const X509V3_EXT_METHOD *const *base, int num)
-{
-        return (const X509V3_EXT_METHOD **)OBJ_bsearch_(key, base, num,
-            sizeof(const X509V3_EXT_METHOD *), ext_cmp_BSEARCH_CMP_FN);
-}
 const X509V3_EXT_METHOD *
 X509V3_EXT_get_nid(int nid)
 {
-        X509V3_EXT_METHOD tmp;
+        size_t i;
-        const X509V3_EXT_METHOD *t = &tmp, * const *ret;
-        int idx;
-        if (nid < 0)
+        for (i = 0; i < STANDARD_EXTENSION_COUNT; i++) {
-                return NULL;
+                if (standard_exts[i]->ext_nid == nid)
-        tmp.ext_nid = nid;
+                        return standard_exts[i];
-        ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);
+        }
-        if (ret)
-                return *ret;
+        return NULL;
-        if (!ext_list)
-                return NULL;
-        idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
-        if (idx == -1)
-                return NULL;
-        return sk_X509V3_EXT_METHOD_value(ext_list, idx);
 }
 LCRYPTO_ALIAS(X509V3_EXT_get_nid);
@@ -213,56 +166,6 @@ X509V3_EXT_get(X509_EXTENSION *ext)
 LCRYPTO_ALIAS(X509V3_EXT_get);
 int
-X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
-{
-        for (; extlist->ext_nid!=-1; extlist++)
-                if (!X509V3_EXT_add(extlist))
-                        return 0;
-        return 1;
-}
-LCRYPTO_ALIAS(X509V3_EXT_add_list);
-int
-X509V3_EXT_add_alias(int nid_to, int nid_from)
-{
-        const X509V3_EXT_METHOD *ext;
-        X509V3_EXT_METHOD *tmpext;
-        if (!(ext = X509V3_EXT_get_nid(nid_from))) {
-                X509V3error(X509V3_R_EXTENSION_NOT_FOUND);
-                return 0;
-        }
-        if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
-                X509V3error(ERR_R_MALLOC_FAILURE);
-                return 0;
-        }
-        *tmpext = *ext;
-        tmpext->ext_nid = nid_to;
-        tmpext->ext_flags |= X509V3_EXT_DYNAMIC;
-        if (!X509V3_EXT_add(tmpext)) {
-                free(tmpext);
-                return 0;
-        }
-        return 1;
-}
-LCRYPTO_ALIAS(X509V3_EXT_add_alias);
-static void
-ext_list_free(X509V3_EXT_METHOD *ext)
-{
-        if (ext->ext_flags & X509V3_EXT_DYNAMIC)
-                free(ext);
-}
-void
-X509V3_EXT_cleanup(void)
-{
-        sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
-        ext_list = NULL;
-}
-LCRYPTO_ALIAS(X509V3_EXT_cleanup);
-int
 X509V3_add_standard_extensions(void)
 {
        return 1;
@@ -434,3 +337,37 @@ err:
        return 0;
 }
 LCRYPTO_ALIAS(X509V3_add1_i2d);
+/*
+ * XXX - remove all the functions below in the next major bump.
+ */
+int
+X509V3_EXT_add(X509V3_EXT_METHOD *ext)
+{
+        X509V3error(ERR_R_DISABLED);
+        return 0;
+}
+LCRYPTO_ALIAS(X509V3_EXT_add);
+int
+X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
+{
+        X509V3error(ERR_R_DISABLED);
+        return 0;
+}
+LCRYPTO_ALIAS(X509V3_EXT_add_list);
+int
+X509V3_EXT_add_alias(int nid_to, int nid_from)
+{
+        X509V3error(ERR_R_DISABLED);
+        return 0;
+}
+LCRYPTO_ALIAS(X509V3_EXT_add_alias);
+void
+X509V3_EXT_cleanup(void)
+{
+}
+LCRYPTO_ALIAS(X509V3_EXT_cleanup);

diff --git a/src/lib/libcrypto/x509/x509_lib.c b/src/lib/libcrypto/x509/x509_lib.c index 93f8dc207b..c78b600677 100644 --- a/src/lib/libcrypto/x509/x509_lib.c +++ b/src/lib/libcrypto/x509/x509_lib.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_lib.c,v 1.14 2023/04/25 10:56:58 tb Exp $ */	1	/* $OpenBSD: x509_lib.c,v 1.15 2024/01/25 12:20:17 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -65,8 +65,6 @@
65		65
66	#include "x509_local.h"	66	#include "x509_local.h"
67		67
68	static STACK_OF(X509V3_EXT_METHOD) *ext_list = NULL;
69
70	extern const X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;	68	extern const X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku;
71	extern const X509V3_EXT_METHOD v3_pkey_usage_period, v3_info, v3_sinfo;	69	extern const X509V3_EXT_METHOD v3_pkey_usage_period, v3_info, v3_sinfo;
72	extern const X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;	70	extern const X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id;
@@ -142,62 +140,17 @@ static const X509V3_EXT_METHOD *standard_exts[] = {
142		140
143	#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts) / sizeof(standard_exts[0]))	141	#define STANDARD_EXTENSION_COUNT (sizeof(standard_exts) / sizeof(standard_exts[0]))
144		142
145	static int
146	ext_cmp(const X509V3_EXT_METHOD * const a, const X509V3_EXT_METHOD const *b)
147	{
148	return ((a)->ext_nid - (b)->ext_nid);
149	}
150
151	int
152	X509V3_EXT_add(X509V3_EXT_METHOD *ext)
153	{
154	if (!ext_list && !(ext_list = sk_X509V3_EXT_METHOD_new(ext_cmp))) {
155	X509V3error(ERR_R_MALLOC_FAILURE);
156	return 0;
157	}
158	if (!sk_X509V3_EXT_METHOD_push(ext_list, ext)) {
159	X509V3error(ERR_R_MALLOC_FAILURE);
160	return 0;
161	}
162	return 1;
163	}
164	LCRYPTO_ALIAS(X509V3_EXT_add);
165
166	static int
167	ext_cmp_BSEARCH_CMP_FN(const void a_, const void b_)
168	{
169	const X509V3_EXT_METHOD * const *a = a_;
170	const X509V3_EXT_METHOD * const *b = b_;
171	return ext_cmp(a, b);
172	}
173
174	static const X509V3_EXT_METHOD **
175	OBJ_bsearch_ext(const X509V3_EXT_METHOD **key,
176	const X509V3_EXT_METHOD const base, int num)
177	{
178	return (const X509V3_EXT_METHOD **)OBJ_bsearch_(key, base, num,
179	sizeof(const X509V3_EXT_METHOD *), ext_cmp_BSEARCH_CMP_FN);
180	}
181
182	const X509V3_EXT_METHOD *	143	const X509V3_EXT_METHOD *
183	X509V3_EXT_get_nid(int nid)	144	X509V3_EXT_get_nid(int nid)
184	{	145	{
185	X509V3_EXT_METHOD tmp;	146	size_t i;
186	const X509V3_EXT_METHOD t = &tmp, const *ret;
187	int idx;
188		147
189	if (nid < 0)	148	for (i = 0; i < STANDARD_EXTENSION_COUNT; i++) {
190	return NULL;	149	if (standard_exts[i]->ext_nid == nid)
191	tmp.ext_nid = nid;	150	return standard_exts[i];
192	ret = OBJ_bsearch_ext(&t, standard_exts, STANDARD_EXTENSION_COUNT);	151	}
193	if (ret)	152
194	return *ret;	153	return NULL;
195	if (!ext_list)
196	return NULL;
197	idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
198	if (idx == -1)
199	return NULL;
200	return sk_X509V3_EXT_METHOD_value(ext_list, idx);
201	}	154	}
202	LCRYPTO_ALIAS(X509V3_EXT_get_nid);	155	LCRYPTO_ALIAS(X509V3_EXT_get_nid);
203		156
@@ -213,56 +166,6 @@ X509V3_EXT_get(X509_EXTENSION *ext)
213	LCRYPTO_ALIAS(X509V3_EXT_get);	166	LCRYPTO_ALIAS(X509V3_EXT_get);
214		167
215	int	168	int
216	X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
217	{
218	for (; extlist->ext_nid!=-1; extlist++)
219	if (!X509V3_EXT_add(extlist))
220	return 0;
221	return 1;
222	}
223	LCRYPTO_ALIAS(X509V3_EXT_add_list);
224
225	int
226	X509V3_EXT_add_alias(int nid_to, int nid_from)
227	{
228	const X509V3_EXT_METHOD *ext;
229	X509V3_EXT_METHOD *tmpext;
230
231	if (!(ext = X509V3_EXT_get_nid(nid_from))) {
232	X509V3error(X509V3_R_EXTENSION_NOT_FOUND);
233	return 0;
234	}
235	if (!(tmpext = malloc(sizeof(X509V3_EXT_METHOD)))) {
236	X509V3error(ERR_R_MALLOC_FAILURE);
237	return 0;
238	}
239	tmpext = ext;
240	tmpext->ext_nid = nid_to;
241	tmpext->ext_flags \|= X509V3_EXT_DYNAMIC;
242	if (!X509V3_EXT_add(tmpext)) {
243	free(tmpext);
244	return 0;
245	}
246	return 1;
247	}
248	LCRYPTO_ALIAS(X509V3_EXT_add_alias);
249
250	static void
251	ext_list_free(X509V3_EXT_METHOD *ext)
252	{
253	if (ext->ext_flags & X509V3_EXT_DYNAMIC)
254	free(ext);
255	}
256
257	void
258	X509V3_EXT_cleanup(void)
259	{
260	sk_X509V3_EXT_METHOD_pop_free(ext_list, ext_list_free);
261	ext_list = NULL;
262	}
263	LCRYPTO_ALIAS(X509V3_EXT_cleanup);
264
265	int
266	X509V3_add_standard_extensions(void)	169	X509V3_add_standard_extensions(void)
267	{	170	{
268	return 1;	171	return 1;
@@ -434,3 +337,37 @@ err:
434	return 0;	337	return 0;
435	}	338	}
436	LCRYPTO_ALIAS(X509V3_add1_i2d);	339	LCRYPTO_ALIAS(X509V3_add1_i2d);
		340
		341	/*
		342	* XXX - remove all the functions below in the next major bump.
		343	*/
		344
		345	int
		346	X509V3_EXT_add(X509V3_EXT_METHOD *ext)
		347	{
		348	X509V3error(ERR_R_DISABLED);
		349	return 0;
		350	}
		351	LCRYPTO_ALIAS(X509V3_EXT_add);
		352
		353	int
		354	X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist)
		355	{
		356	X509V3error(ERR_R_DISABLED);
		357	return 0;
		358	}
		359	LCRYPTO_ALIAS(X509V3_EXT_add_list);
		360
		361	int
		362	X509V3_EXT_add_alias(int nid_to, int nid_from)
		363	{
		364	X509V3error(ERR_R_DISABLED);
		365	return 0;
		366	}
		367	LCRYPTO_ALIAS(X509V3_EXT_add_alias);
		368
		369	void
		370	X509V3_EXT_cleanup(void)
		371	{
		372	}
		373	LCRYPTO_ALIAS(X509V3_EXT_cleanup);