2 files changed, 32 insertions, 29 deletions

diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
index cd1c807f50..ee72e67d1a 100644
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_lu.c,v 1.34 2021/10/24 09:27:48 tb Exp $ */
+/* $OpenBSD: x509_lu.c,v 1.35 2021/10/31 16:20:37 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -132,7 +132,7 @@ X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
 }
 
 int
-X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, X509_NAME *name,
     X509_OBJECT *ret)
 {
         if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
@@ -143,8 +143,8 @@ X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
 }
 
 int
-X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-    ASN1_INTEGER *serial, X509_OBJECT *ret)
+X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+    X509_NAME *name, ASN1_INTEGER *serial, X509_OBJECT *ret)
 {
         if ((ctx->method == NULL) ||
             (ctx->method->get_by_issuer_serial == NULL))
@@ -153,7 +153,7 @@ X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
 }
 
 int
-X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
     const unsigned char *bytes, int len, X509_OBJECT *ret)
 {
         if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
@@ -162,8 +162,8 @@ X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
 }
 
 int
-X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, const char *str, int len,
-    X509_OBJECT *ret)
+X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const char *str,
+    int len, X509_OBJECT *ret)
 {
         if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
                 return 0;
@@ -242,7 +242,7 @@ X509_OBJECT_new(void)
                 return NULL;
         }
 
-        ret->type = 0;
+        ret->type = X509_LU_NONE;
 
         return ret;
 }
@@ -322,8 +322,8 @@ X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
 }
 
 int
-X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
-    X509_OBJECT *ret)
+X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
+    X509_NAME *name, X509_OBJECT *ret)
 {
         X509_STORE *ctx = vs->ctx;
         X509_LOOKUP *lu;
@@ -471,7 +471,7 @@ X509_OBJECT_up_ref_count(X509_OBJECT *a)
         return 1;
 }
 
-int
+X509_LOOKUP_TYPE
 X509_OBJECT_get_type(const X509_OBJECT *a)
 {
         return a->type;
@@ -491,8 +491,8 @@ X509_OBJECT_free_contents(X509_OBJECT *a)
 }
 
 static int
-x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name,
-    int *pnmatch)
+x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
+    X509_NAME *name, int *pnmatch)
 {
         X509_OBJECT stmp;
         X509 x509_s;
@@ -535,13 +535,14 @@ x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name,
 }
 
 int
-X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, X509_NAME *name)
+X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
+    X509_NAME *name)
 {
         return x509_object_idx_cnt(h, type, name, NULL);
 }
 
 X509_OBJECT *
-X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
     X509_NAME *name)
 {
         int idx;
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index ee6b9a614b..b78c857cdb 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.h,v 1.40 2021/10/31 16:17:14 tb Exp $ */
+/* $OpenBSD: x509_vfy.h,v 1.41 2021/10/31 16:20:37 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -437,12 +437,13 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 X509_OBJECT *X509_OBJECT_new(void);
 void X509_OBJECT_free(X509_OBJECT *a);
 #endif
-int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
+int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
              X509_NAME *name);
-X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,int type,X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
+    X509_LOOKUP_TYPE type, X509_NAME *name);
 X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h, X509_OBJECT *x);
 int X509_OBJECT_up_ref_count(X509_OBJECT *a);
-int X509_OBJECT_get_type(const X509_OBJECT *a);
+X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a);
 void X509_OBJECT_free_contents(X509_OBJECT *a);
 X509 *X509_OBJECT_get0_X509(const X509_OBJECT *xo);
 X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *xo);
@@ -496,8 +497,9 @@ X509_LOOKUP_METHOD *X509_LOOKUP_mem(void);
 int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
 int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
 
-int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
-        X509_OBJECT *ret);
+int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
+    X509_NAME *name, X509_OBJECT *ret);
+#define X509_STORE_get_by_subject X509_STORE_CTX_get_by_subject
 
 int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
         long argl, char **ret);
@@ -510,14 +512,14 @@ int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
 X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
 void X509_LOOKUP_free(X509_LOOKUP *ctx);
 int X509_LOOKUP_init(X509_LOOKUP *ctx);
-int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
-        X509_OBJECT *ret);
-int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
-        ASN1_INTEGER *serial, X509_OBJECT *ret);
-int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
-        const unsigned char *bytes, int len, X509_OBJECT *ret);
-int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, const char *str,
-        int len, X509_OBJECT *ret);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+    X509_NAME *name, X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+    X509_NAME *name, ASN1_INTEGER *serial, X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+    const unsigned char *bytes, int len, X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+    const char *str, int len, X509_OBJECT *ret);
 int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
 
 int     X509_STORE_load_locations (X509_STORE *ctx,