From 1d2f824e57591d47f461d3ef7afa58b19d2091e7 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 31 Aug 2024 10:46:40 +0000
Subject: Make X509at_* API internal

The only consumer, yara, has been adjusted. It will be some more work
to remove this idiocy internally, but at least we will no longer have
to care about external consumers.

ok beck jsing
---
 src/lib/libcrypto/Symbols.list          | 10 ----------
 src/lib/libcrypto/hidden/openssl/x509.h | 12 +-----------
 src/lib/libcrypto/x509/x509.h           | 22 +---------------------
 src/lib/libcrypto/x509/x509_att.c       | 33 +--------------------------------
 src/lib/libcrypto/x509/x509_local.h     | 17 ++++++++++++++++-
 5 files changed, 19 insertions(+), 75 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/Symbols.list b/src/lib/libcrypto/Symbols.list
index 5a7bcf01a3..44540e3cfb 100644
--- a/src/lib/libcrypto/Symbols.list
+++ b/src/lib/libcrypto/Symbols.list
@@ -2785,16 +2785,6 @@ X509_up_ref
 X509_verify
 X509_verify_cert
 X509_verify_cert_error_string
-X509at_add1_attr
-X509at_add1_attr_by_NID
-X509at_add1_attr_by_OBJ
-X509at_add1_attr_by_txt
-X509at_delete_attr
-X509at_get0_data_by_OBJ
-X509at_get_attr
-X509at_get_attr_by_NID
-X509at_get_attr_by_OBJ
-X509at_get_attr_count
 X509v3_add_ext
 X509v3_addr_add_inherit
 X509v3_addr_add_prefix
diff --git a/src/lib/libcrypto/hidden/openssl/x509.h b/src/lib/libcrypto/hidden/openssl/x509.h
index e25250d469..ac990a631d 100644
--- a/src/lib/libcrypto/hidden/openssl/x509.h
+++ b/src/lib/libcrypto/hidden/openssl/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.13 2024/08/31 10:25:38 tb Exp $ */
+/* $OpenBSD: x509.h,v 1.14 2024/08/31 10:46:40 tb Exp $ */
 /*
  * Copyright (c) 2022 Bob Beck <beck@openbsd.org>
  *
@@ -241,16 +241,6 @@ LCRYPTO_USED(X509_EXTENSION_set_data);
 LCRYPTO_USED(X509_EXTENSION_get_object);
 LCRYPTO_USED(X509_EXTENSION_get_data);
 LCRYPTO_USED(X509_EXTENSION_get_critical);
-LCRYPTO_UNUSED(X509at_get_attr_count);
-LCRYPTO_USED(X509at_get_attr_by_NID);
-LCRYPTO_USED(X509at_get_attr_by_OBJ);
-LCRYPTO_UNUSED(X509at_get_attr);
-LCRYPTO_UNUSED(X509at_delete_attr);
-LCRYPTO_USED(X509at_add1_attr);
-LCRYPTO_USED(X509at_add1_attr_by_OBJ);
-LCRYPTO_USED(X509at_add1_attr_by_NID);
-LCRYPTO_USED(X509at_add1_attr_by_txt);
-LCRYPTO_USED(X509at_get0_data_by_OBJ);
 LCRYPTO_USED(X509_ATTRIBUTE_create_by_NID);
 LCRYPTO_USED(X509_ATTRIBUTE_create_by_OBJ);
 LCRYPTO_USED(X509_ATTRIBUTE_create_by_txt);
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index ad3bb0f0f2..81c2111d02 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509.h,v 1.117 2024/08/31 10:25:38 tb Exp $ */
+/* $OpenBSD: x509.h,v 1.118 2024/08/31 10:46:40 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -906,26 +906,6 @@ ASN1_OBJECT *	X509_EXTENSION_get_object(X509_EXTENSION *ex);
 ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
 int		X509_EXTENSION_get_critical(const X509_EXTENSION *ex);
 
-int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x);
-int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
-			  int lastpos);
-int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
-    const ASN1_OBJECT *obj, int lastpos);
-X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc);
-X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
-					 X509_ATTRIBUTE *attr);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
-			const ASN1_OBJECT *obj, int type,
-			const unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
-			int nid, int type,
-			const unsigned char *bytes, int len);
-STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
-			const char *attrname, int type,
-			const unsigned char *bytes, int len);
-void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
-    const ASN1_OBJECT *obj, int lastpos, int type);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
 	     int atrtype, const void *data, int len);
 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c
index 21b47ce96f..4931cbbc17 100644
--- a/src/lib/libcrypto/x509/x509_att.c
+++ b/src/lib/libcrypto/x509/x509_att.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_att.c,v 1.24 2024/07/26 13:33:39 tb Exp $ */
+/* $OpenBSD: x509_att.c,v 1.25 2024/08/31 10:46:40 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -68,14 +68,6 @@
 
 #include "x509_local.h"
 
-int
-X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
-{
-	X509error(ERR_R_DISABLED);
-	return 0;
-}
-LCRYPTO_ALIAS(X509at_get_attr_count);
-
 int
 X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, int lastpos)
 {
@@ -86,7 +78,6 @@ X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, int lastpos)
 		return (-2);
 	return (X509at_get_attr_by_OBJ(x, obj, lastpos));
 }
-LCRYPTO_ALIAS(X509at_get_attr_by_NID);
 
 int
 X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
@@ -108,23 +99,6 @@ X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
 	}
 	return (-1);
 }
-LCRYPTO_ALIAS(X509at_get_attr_by_OBJ);
-
-X509_ATTRIBUTE *
-X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-	X509error(ERR_R_DISABLED);
-	return NULL;
-}
-LCRYPTO_ALIAS(X509at_get_attr);
-
-X509_ATTRIBUTE *
-X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
-{
-	X509error(ERR_R_DISABLED);
-	return NULL;
-}
-LCRYPTO_ALIAS(X509at_delete_attr);
 
 STACK_OF(X509_ATTRIBUTE) *
 X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x, X509_ATTRIBUTE *attr)
@@ -160,7 +134,6 @@ err2:
 		sk_X509_ATTRIBUTE_free(sk);
 	return (NULL);
 }
-LCRYPTO_ALIAS(X509at_add1_attr);
 
 STACK_OF(X509_ATTRIBUTE) *
 X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj,
@@ -176,7 +149,6 @@ X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x, const ASN1_OBJECT *obj,
 	X509_ATTRIBUTE_free(attr);
 	return ret;
 }
-LCRYPTO_ALIAS(X509at_add1_attr_by_OBJ);
 
 STACK_OF(X509_ATTRIBUTE) *
 X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type,
@@ -192,7 +164,6 @@ X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x, int nid, int type,
 	X509_ATTRIBUTE_free(attr);
 	return ret;
 }
-LCRYPTO_ALIAS(X509at_add1_attr_by_NID);
 
 STACK_OF(X509_ATTRIBUTE) *
 X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname,
@@ -208,7 +179,6 @@ X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, const char *attrname,
 	X509_ATTRIBUTE_free(attr);
 	return ret;
 }
-LCRYPTO_ALIAS(X509at_add1_attr_by_txt);
 
 void *
 X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, const ASN1_OBJECT *obj,
@@ -227,7 +197,6 @@ X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, const ASN1_OBJECT *obj,
 		return NULL;
 	return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
 }
-LCRYPTO_ALIAS(X509at_get0_data_by_OBJ);
 
 X509_ATTRIBUTE *
 X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype,
diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index b3a51ec2e7..bb64729b3c 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: x509_local.h,v 1.31 2024/08/31 10:19:17 tb Exp $ */
+/*	$OpenBSD: x509_local.h,v 1.32 2024/08/31 10:46:40 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2013.
  */
@@ -424,6 +424,21 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
 int X509_PURPOSE_get_by_id(int id);
 int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);
 
+int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
+    int lastpos);
+int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
+    const ASN1_OBJECT *obj, int lastpos);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
+    X509_ATTRIBUTE *attr);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE) **x,
+    const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
+    int nid, int type, const unsigned char *bytes, int len);
+STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
+    const char *attrname, int type, const unsigned char *bytes, int len);
+void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
+    const ASN1_OBJECT *obj, int lastpos, int type);
+
 int X509V3_add_value(const char *name, const char *value,
     STACK_OF(CONF_VALUE) **extlist);
 int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-- 
cgit v1.2.3-55-g6feb