summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/hidden/openssl/x509v3.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Make some more x509 conf stuff internaltb2024-08-311-12/+1
| | | | | | | This internalizes a particularly scary layer of conf used for X.509 extensions. Again unused public API... ok beck jsing
* Retire X509V3_set_conf_lhash()tb2024-08-311-2/+1
| | | | | | | | Thankfully sthen removed the out-of-support PHP versions 7.4 and 8.0, which were the last users of this API, which in turn permitted much of this conf rampage. Now the stub can join its guts in the attic. ok beck jsing
* Retire X509V3_EXT_{,CRL_,REQ_}add_conf()tb2024-08-311-4/+1
| | | | | | | | Fortunately all projects who want to configure their extensions using a dangerous string DSL/API figured out the fact that one was supposed to be using the nconf version of these (the hint is the 'n', as in new). ok beck jsing
* Get rid of last use of db_methtb2024-08-281-3/+3
| | | | | | | | | | | | Nothing touches db_meth in ports. Thus only way a db_meth can be set is now as a side effect X509V3_set_conf() in which case the db is an NCONF database and the db_meth will be a thin wrapper of NCONF_get_section(). Make that explicit in the implementation, remove the guts of the unused X509V3_get_string() and X509V3_string_free(), turn X509V3_section_free() into a noop and replace several checks for ctx->db, ctx->db->meth, ... with a simple ctx->db != NULL check. ok beck jsing
* Turn X509V3_set_conf_lhash() into a nooptb2024-08-281-2/+2
| | | | | | Another legacy turd that was only used by PHP 7.4 and 8.0. ok beck jsing
* Disable X509V3_EXT{,_CRL,_REQ}_add_conf()tb2024-08-281-4/+4
| | | | | | | These legacy interfaces were only used by PHP 7.4 and 8.0 and they will be removed in an upcoming bump. ok beck jsing
* Guard variable declarations to unbreak non-namespaced builds.beck2024-07-081-2/+3
| | | | ok tb@
* Hide global _it variables in x509v3.hbeck2024-07-081-1/+35
| | | | ok tb@
* Remove unused parts of the purpose APItb2024-03-021-6/+1
| | | | | | | | | Most of this is the ability to add custom purposes. Also the astounding X509_STORE_CTX_purpose_inherit(). The names are used by PHP, and M2Crypto exposes X509_check_purpose(), so these remain public. Some weird, most likely invalid, uses also remain in rust-openssl. ok jsing
* Remove X509V3_EXT extensibility APItb2024-03-021-5/+1
| | | | | | | | | | You used to be able to define your own X.509 extension handlers. Great. Even greater: the verifier would ignore any custom extensions. So this was only ever useful for serialization and deserialization. In other words, almost entirely pointless. The API was also unused except for a hack in kore-acme, which was fixed recently. ok jsing
* upstream hidden file #include_next workaround for MS C compilersbcook2023-07-051-1/+5
| | | | ok beck@, tb@
* Remove proxy cert api remmnantstb2023-04-301-9/+1
|
* Take X509_POLICY_NODE_print() behind the barntb2023-04-261-2/+1
| | | | | | | | This used to be public API but is now only used for debug code that has certainly never been used since it was released to the public. It drags that debug nonsense with it. ok beck
* Remove SXNETtb2023-04-251-15/+1
| | | | Unused and no authorative information was found online in 2016
* Hide public symbols in libcrypto/x509 .c filesbeck2022-11-141-0/+284
ok tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 15:09:57 +0000