From df8fef64eb7d2f12cb9bf598ab93ecd8da04677f Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 22 Dec 2023 09:40:14 +0000
Subject: Remove cleanup() and get_crl() from X509_STORE_CTX

ok jsing
---
 src/lib/libcrypto/x509/x509_local.h |  4 +---
 src/lib/libcrypto/x509/x509_vfy.c   | 14 ++------------
 2 files changed, 3 insertions(+), 15 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index 080dbaf099..81efb690df 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: x509_local.h,v 1.12 2023/12/22 07:35:09 tb Exp $ */
+/*	$OpenBSD: x509_local.h,v 1.13 2023/12/22 09:40:14 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2013.
  */
@@ -337,13 +337,11 @@ struct x509_store_ctx_st {
 	int (*get_issuer)(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);	/* get issuers cert from ctx */
 	int (*check_issued)(X509_STORE_CTX *ctx, X509 *x, X509 *issuer); /* check issued */
 	int (*check_revocation)(X509_STORE_CTX *ctx); /* Check revocation status of chain */
-	int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
 	int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
 	int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
 	int (*check_policy)(X509_STORE_CTX *ctx);
 	STACK_OF(X509) * (*lookup_certs)(X509_STORE_CTX *ctx, X509_NAME *nm);
 	STACK_OF(X509_CRL) * (*lookup_crls)(X509_STORE_CTX *ctx, X509_NAME *nm);
-	int (*cleanup)(X509_STORE_CTX *ctx);
 
 	/* The following is built up */
 	int valid;		/* if 0, rebuild chain */
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 2f86722c82..93fa2c2800 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_vfy.c,v 1.128 2023/12/22 07:35:09 tb Exp $ */
+/* $OpenBSD: x509_vfy.c,v 1.129 2023/12/22 09:40:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -976,13 +976,7 @@ check_cert(X509_STORE_CTX *ctx, STACK_OF(X509) *chain, int depth)
 	while (ctx->current_reasons != CRLDP_ALL_REASONS) {
 		last_reasons = ctx->current_reasons;
 		/* Try to retrieve relevant CRL */
-		if (ctx->get_crl)
-			ok = ctx->get_crl(ctx, &crl, x);
-		else
-			ok = get_crl_delta(ctx, &crl, &dcrl, x);
-		/* If error looking up CRL, nothing we can do except
-		 * notify callback
-		 */
+		ok = get_crl_delta(ctx, &crl, &dcrl, x);
 		if (!ok) {
 			ctx->error = X509_V_ERR_UNABLE_TO_GET_CRL;
 			ok = ctx->verify_cb(0, ctx);
@@ -2341,13 +2335,11 @@ X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *leaf,
 	ctx->get_issuer = X509_STORE_CTX_get1_issuer;
 	ctx->check_issued = check_issued;
 	ctx->check_revocation = check_revocation;
-	ctx->get_crl = NULL;				/* XXX - remove */
 	ctx->check_crl = check_crl;
 	ctx->cert_crl = cert_crl;
 	ctx->check_policy = check_policy;
 	ctx->lookup_certs = X509_STORE_CTX_get1_certs;
 	ctx->lookup_crls = X509_STORE_CTX_get1_crls;
-	ctx->cleanup = NULL;				/* XXX - remove */
 
 	ctx->param = X509_VERIFY_PARAM_new();
 	if (!ctx->param) {
@@ -2403,8 +2395,6 @@ LCRYPTO_ALIAS(X509_STORE_CTX_set0_trusted_stack);
 void
 X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
 {
-	if (ctx->cleanup)
-		ctx->cleanup(ctx);
 	if (ctx->param != NULL) {
 		if (ctx->parent == NULL)
 			X509_VERIFY_PARAM_free(ctx->param);
-- 
cgit v1.2.3-55-g6feb