summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_conf.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Rename X509V3_get_section() to X509V3_get0_section()tb2025-03-061-2/+2
| | | | | | | | This makes it clear for those fluent in OpenSSL API gibberish that nothing needs to be freed here. This is because it returns something hanging off a hash entry owned by cnf. ok jsing
* Garbage collect X509V3_section_free()tb2025-03-061-7/+1
| | | | | | | | Historically, X509V3_section_free() could be customized by the conf db method to release memory allocated by X509V3_get_section(). This is no longer supported, so it is always a noop and can be removed. ok jsing
* Remove X509V3_get_string/X509V3_string_freetb2024-08-311-16/+1
| | | | | | | These have always been unused, but the db_meth abstraction hid that very well. Bye. ok beck jsing
* Make some more x509 conf stuff internaltb2024-08-311-5/+1
| | | | | | | This internalizes a particularly scary layer of conf used for X.509 extensions. Again unused public API... ok beck jsing
* Retire X509V3_set_conf_lhash()tb2024-08-311-11/+1
| | | | | | | | Thankfully sthen removed the out-of-support PHP versions 7.4 and 8.0, which were the last users of this API, which in turn permitted much of this conf rampage. Now the stub can join its guts in the attic. ok beck jsing
* Retire X509V3_EXT_{,CRL_,REQ_}add_conf()tb2024-08-311-28/+1
| | | | | | | | Fortunately all projects who want to configure their extensions using a dangerous string DSL/API figured out the fact that one was supposed to be using the nconf version of these (the hint is the 'n', as in new). ok beck jsing
* Make CONF_METHOD opaquetb2024-08-311-1/+2
| | | | | | | Much of conf is designed in such a way that you really have to reach into its structs. This one piece can be hidden. It might even be removed soon. ok beck jsing
* Get rid of last use of db_methtb2024-08-281-38/+11
| | | | | | | | | | | | Nothing touches db_meth in ports. Thus only way a db_meth can be set is now as a side effect X509V3_set_conf() in which case the db is an NCONF database and the db_meth will be a thin wrapper of NCONF_get_section(). Make that explicit in the implementation, remove the guts of the unused X509V3_get_string() and X509V3_string_free(), turn X509V3_section_free() into a noop and replace several checks for ctx->db, ctx->db->meth, ... with a simple ctx->db != NULL check. ok beck jsing
* Remove a few obvious comments, unwrap a few lines and annotate sometb2024-08-281-26/+9
| | | | functions for removal
* Turn X509V3_set_conf_lhash() into a nooptb2024-08-281-26/+1
| | | | | | Another legacy turd that was only used by PHP 7.4 and 8.0. ok beck jsing
* Disable X509V3_EXT{,_CRL,_REQ}_add_conf()tb2024-08-281-17/+7
| | | | | | | These legacy interfaces were only used by PHP 7.4 and 8.0 and they will be removed in an upcoming bump. ok beck jsing
* x509_conf: rename the merr label into errtb2024-06-241-8/+8
|
* v3_generic_extension() use ASN1_STRING_set0()tb2024-06-181-4/+4
| | | | This aligns it with do_ext_i2d()
* v3_generic_extension() rename the X509_EXTENSIONtb2024-06-181-4/+5
| | | | now that ext is free, we can use it like everywhere else
* Rename 'ext' to 'name' in v3_generic_extension()tb2024-06-181-4/+4
| | | | In this code 'ext' is usually used for an X509_EXTENSION object.
* x509_conf: rename ext_struc into ext_structtb2024-06-181-16/+16
| | | | requested by jsing on review
* x509_conf: rename all ext_nid to nidtb2024-06-181-19/+19
| | | | There are no nid variables in this file, so no need to disambiguate.
* do_ext_i2d(): move empty line to the proper placetb2024-06-181-2/+2
|
* do_ext_i2d(): malloc -> calloctb2024-06-181-2/+2
| | | | requested by jsing on review
* do_ext_i2d(): populate ext_oct with ASN1_STRING_set0()tb2024-06-181-3/+2
| | | | ok jsing
* do_ext_i2d(): avoid leaks and add some missing error checkingtb2024-06-181-4/+10
| | | | | | | | | | If ASN1_OCTET_STRING_new() failed, ext_der would be leaked, fix this. If i2d(foo, NULL) succeeded, the same is not guaranteed for the second with appropriately sized buffer since i2d() may make further allocations internally. So use the proper error check. Also transfer the ownership of ext_der to the octet string to avoid a now possible double free. ok jsing
* Indent labels in x509_conf.ctb2024-06-181-3/+3
|
* do_ext_i2d(): make various NULL checks explicittb2024-06-181-5/+5
| | | | ok jsing
* do_ext_i2d(): unwrap a linetb2024-06-181-3/+2
|
* libressl *_namespace.h: adjust *_ALIAS() to require a semicolontb2023-02-161-20/+20
| | | | | | | | | | LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon. This does not conform to style(9), breaks editors and ctags and (most importantly) my workflow. Fix this by neutering them with asm("") so that -Wpedantic doesn't complain. There's precedent in libc's namespace.h fix suggested by & ok jsing
* Make internal header file names consistenttb2022-11-261-2/+2
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Hide public symbols in libcrypto/x509 .c filesbeck2022-11-141-1/+20
| | | | ok tb@
* Move the now internal X.509-related structs into x509_lcl.h.tb2021-11-011-1/+3
| | | | | | | | Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
* Collapse the x509v3 directory into x509.jsing2020-06-041-0/+570
This avoids the need to grep across directories to find functions and prepares for further rototilling and chainsawing. Discussed with tb@ (who also tested the release build)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 08:09:20 +0000