1 files changed, 10 insertions, 10 deletions
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c
index 72238761c8..1cec0760f2 100644
--- a/src/lib/libcrypto/x509/x509_trs.c
+++ b/src/lib/libcrypto/x509/x509_trs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_trs.c,v 1.49 2024/03/25 00:46:57 tb Exp $ */
+/* $OpenBSD: x509_trs.c,v 1.50 2024/03/25 01:00:02 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 1999.
 */
@@ -70,7 +70,7 @@
 typedef struct x509_trust_st {
        int trust;
-        int (*check_trust)(struct x509_trust_st *, X509 *);
+        int (*check_trust)(int, X509 *);
        int nid;
 } X509_TRUST;
@@ -102,7 +102,7 @@ obj_trust(int id, X509 *x)
 }
 static int
-trust_compat(X509_TRUST *trust, X509 *x)
+trust_compat(int nid, X509 *x)
 {
        /* Extensions already cached in X509_check_trust(). */
        if (x->ex_flags & EXFLAG_SS)
@@ -112,21 +112,21 @@ trust_compat(X509_TRUST *trust, X509 *x)
 }
 static int
-trust_1oidany(X509_TRUST *trust, X509 *x)
+trust_1oidany(int nid, X509 *x)
 {
        if (x->aux && (x->aux->trust || x->aux->reject))
-                return obj_trust(trust->nid, x);
+                return obj_trust(nid, x);
        /* we don't have any trust settings: for compatibility
         * we return trusted if it is self signed
         */
-        return trust_compat(trust, x);
+        return trust_compat(NID_undef, x);
 }
 static int
-trust_1oid(X509_TRUST *trust, X509 *x)
+trust_1oid(int nid, X509 *x)
 {
        if (x->aux)
-                return obj_trust(trust->nid, x);
+                return obj_trust(nid, x);
        return X509_TRUST_UNTRUSTED;
 }
@@ -208,7 +208,7 @@ X509_check_trust(X509 *x, int trust_id, int flags)
                rv = obj_trust(NID_anyExtendedKeyUsage, x);
                if (rv != X509_TRUST_UNTRUSTED)
                        return rv;
-                return trust_compat(NULL, x);
+                return trust_compat(NID_undef, x);
        }
        if (trust_id < X509_TRUST_MIN || trust_id > X509_TRUST_MAX)
@@ -217,6 +217,6 @@ X509_check_trust(X509 *x, int trust_id, int flags)
        idx = trust_id - X509_TRUST_MIN;
        trust = &trstandard[idx];
-        return trust->check_trust((X509_TRUST *)trust, x);
+        return trust->check_trust(trust->nid, x);
 }
 LCRYPTO_ALIAS(X509_check_trust);

diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c index 72238761c8..1cec0760f2 100644 --- a/src/lib/libcrypto/x509/x509_trs.c +++ b/src/lib/libcrypto/x509/x509_trs.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: x509_trs.c,v 1.49 2024/03/25 00:46:57 tb Exp $ */	1	/* $OpenBSD: x509_trs.c,v 1.50 2024/03/25 01:00:02 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 1999.	3	* project 1999.
4	*/	4	*/
@@ -70,7 +70,7 @@
70		70
71	typedef struct x509_trust_st {	71	typedef struct x509_trust_st {
72	int trust;	72	int trust;
73	int (check_trust)(struct x509_trust_st , X509 *);	73	int (check_trust)(int, X509 );
74	int nid;	74	int nid;
75	} X509_TRUST;	75	} X509_TRUST;
76		76
@@ -102,7 +102,7 @@ obj_trust(int id, X509 *x)
102	}	102	}
103		103
104	static int	104	static int
105	trust_compat(X509_TRUST trust, X509 x)	105	trust_compat(int nid, X509 *x)
106	{	106	{
107	/* Extensions already cached in X509_check_trust(). */	107	/* Extensions already cached in X509_check_trust(). */
108	if (x->ex_flags & EXFLAG_SS)	108	if (x->ex_flags & EXFLAG_SS)
@@ -112,21 +112,21 @@ trust_compat(X509_TRUST trust, X509 x)
112	}	112	}
113		113
114	static int	114	static int
115	trust_1oidany(X509_TRUST trust, X509 x)	115	trust_1oidany(int nid, X509 *x)
116	{	116	{
117	if (x->aux && (x->aux->trust \|\| x->aux->reject))	117	if (x->aux && (x->aux->trust \|\| x->aux->reject))
118	return obj_trust(trust->nid, x);	118	return obj_trust(nid, x);
119	/* we don't have any trust settings: for compatibility	119	/* we don't have any trust settings: for compatibility
120	* we return trusted if it is self signed	120	* we return trusted if it is self signed
121	*/	121	*/
122	return trust_compat(trust, x);	122	return trust_compat(NID_undef, x);
123	}	123	}
124		124
125	static int	125	static int
126	trust_1oid(X509_TRUST trust, X509 x)	126	trust_1oid(int nid, X509 *x)
127	{	127	{
128	if (x->aux)	128	if (x->aux)
129	return obj_trust(trust->nid, x);	129	return obj_trust(nid, x);
130	return X509_TRUST_UNTRUSTED;	130	return X509_TRUST_UNTRUSTED;
131	}	131	}
132		132
@@ -208,7 +208,7 @@ X509_check_trust(X509 *x, int trust_id, int flags)
208	rv = obj_trust(NID_anyExtendedKeyUsage, x);	208	rv = obj_trust(NID_anyExtendedKeyUsage, x);
209	if (rv != X509_TRUST_UNTRUSTED)	209	if (rv != X509_TRUST_UNTRUSTED)
210	return rv;	210	return rv;
211	return trust_compat(NULL, x);	211	return trust_compat(NID_undef, x);
212	}	212	}
213		213
214	if (trust_id < X509_TRUST_MIN \|\| trust_id > X509_TRUST_MAX)	214	if (trust_id < X509_TRUST_MIN \|\| trust_id > X509_TRUST_MAX)
@@ -217,6 +217,6 @@ X509_check_trust(X509 *x, int trust_id, int flags)
217	idx = trust_id - X509_TRUST_MIN;	217	idx = trust_id - X509_TRUST_MIN;
218	trust = &trstandard[idx];	218	trust = &trstandard[idx];
219		219
220	return trust->check_trust((X509_TRUST *)trust, x);	220	return trust->check_trust(trust->nid, x);
221	}	221	}
222	LCRYPTO_ALIAS(X509_check_trust);	222	LCRYPTO_ALIAS(X509_check_trust);