From 5c1c0f42353a74450c3661fb2e5409baf64c174b Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sat, 28 Jan 2023 19:08:09 +0000
Subject: Stop relying on x509_verify.h being public

Use x509_verify.h from the libcrypto sources instead of the public copy.

The x509_verify.h header was installed as a public header since early on
we had ideas of using a public API in libtls, but we eventually decided
against that. It makes no sense to install a public header that hides
everything behind LIBRESSL_INTERNAL. The public API will not be exposed
anytime soon if at all.

ok jsing
---
 src/lib/libcrypto/x509/x509_internal.h | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/x509/x509_internal.h b/src/lib/libcrypto/x509/x509_internal.h
index cb80005075..c4222bcfe5 100644
--- a/src/lib/libcrypto/x509/x509_internal.h
+++ b/src/lib/libcrypto/x509/x509_internal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_internal.h,v 1.24 2023/01/20 22:00:47 job Exp $ */
+/* $OpenBSD: x509_internal.h,v 1.25 2023/01/28 19:08:09 tb Exp $ */
 /*
  * Copyright (c) 2020 Bob Beck <beck@openbsd.org>
  *
@@ -20,10 +20,9 @@
 /* Internal use only, not public API */
 #include <netinet/in.h>
 
-#include <openssl/x509_verify.h>
-
 #include "bytestring.h"
 #include "x509_local.h"
+#include "x509_verify.h"
 
 /* Hard limits on structure size and number of signature checks. */
 #define X509_VERIFY_MAX_CHAINS		8	/* Max validated chains */
-- 
cgit v1.2.3-55-g6feb