From 724636ac58485859bba62e8ae67587fd5091e6df Mon Sep 17 00:00:00 2001 From: tb <> Date: Mon, 23 Dec 2024 09:57:23 +0000 Subject: Move _X509_CHECK_FLAG_DOT_SUBDOMAINS to x509_utl.c Unclear why this ever had to be made public since it's only used in a single file. Anyway, nothing uses this, so remove it. This went through a full bulk pointed out by/ok schwarze --- src/lib/libcrypto/x509/x509_utl.c | 9 ++++++++- src/lib/libcrypto/x509/x509v3.h | 9 +-------- 2 files changed, 9 insertions(+), 9 deletions(-) (limited to 'src') diff --git a/src/lib/libcrypto/x509/x509_utl.c b/src/lib/libcrypto/x509/x509_utl.c index 64dc1068b7..0acd8f1d41 100644 --- a/src/lib/libcrypto/x509/x509_utl.c +++ b/src/lib/libcrypto/x509/x509_utl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_utl.c,v 1.23 2024/12/23 09:05:27 schwarze Exp $ */ +/* $OpenBSD: x509_utl.c,v 1.24 2024/12/23 09:57:23 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project. */ @@ -71,6 +71,13 @@ #include "bytestring.h" +/* + * Match reference identifiers starting with "." to any sub-domain. + * This is a non-public flag, turned on implicitly when the subject + * reference identity is a DNS name. + */ +#define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000 + static char *bn_to_string(const BIGNUM *bn); static char *strip_spaces(char *name); static int sk_strcmp(const char * const *a, const char * const *b); diff --git a/src/lib/libcrypto/x509/x509v3.h b/src/lib/libcrypto/x509/x509v3.h index fda1e4af59..fa31279280 100644 --- a/src/lib/libcrypto/x509/x509v3.h +++ b/src/lib/libcrypto/x509/x509v3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509v3.h,v 1.39 2024/12/23 09:55:19 tb Exp $ */ +/* $OpenBSD: x509v3.h,v 1.40 2024/12/23 09:57:23 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -690,13 +690,6 @@ STACK_OF(OPENSSL_STRING) *X509_get1_ocsp(X509 *x); /* Disable checking the CN for a hostname, to support modern validation */ #define X509_CHECK_FLAG_NEVER_CHECK_SUBJECT 0x20 -/* - * Match reference identifiers starting with "." to any sub-domain. - * This is a non-public flag, turned on implicitly when the subject - * reference identity is a DNS name. - */ -#define _X509_CHECK_FLAG_DOT_SUBDOMAINS 0x8000 - int X509_check_host(X509 *x, const char *chk, size_t chklen, unsigned int flags, char **peername); int X509_check_email(X509 *x, const char *chk, size_t chklen, -- cgit v1.2.3-55-g6feb