From 7ba73de5bad4e9854b7bc986be7422f1442cf0f0 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Thu, 6 Mar 2025 07:17:45 +0000
Subject: Garbage collect X509V3_section_free()

Historically, X509V3_section_free() could be customized by the conf db
method to release memory allocated by X509V3_get_section(). This is no
longer supported, so it is always a noop and can be removed.

ok jsing
---
 src/lib/libcrypto/asn1/asn1_gen.c   | 7 ++-----
 src/lib/libcrypto/x509/x509_alt.c   | 3 +--
 src/lib/libcrypto/x509/x509_conf.c  | 8 +-------
 src/lib/libcrypto/x509/x509_cpols.c | 4 +---
 src/lib/libcrypto/x509/x509_crld.c  | 8 ++------
 src/lib/libcrypto/x509/x509_local.h | 3 +--
 6 files changed, 8 insertions(+), 25 deletions(-)

(limited to 'src')

diff --git a/src/lib/libcrypto/asn1/asn1_gen.c b/src/lib/libcrypto/asn1/asn1_gen.c
index 0b4cfe00a9..f74cf9ae74 100644
--- a/src/lib/libcrypto/asn1/asn1_gen.c
+++ b/src/lib/libcrypto/asn1/asn1_gen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: asn1_gen.c,v 1.24 2024/08/31 10:03:03 tb Exp $ */
+/* $OpenBSD: asn1_gen.c,v 1.25 2025/03/06 07:17:45 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2002.
  */
@@ -486,10 +486,7 @@ asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
 
  bad:
 	free(der);
-	if (sk)
-		sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
-	if (sect)
-		X509V3_section_free(cnf, sect);
+	sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
 
 	return ret;
 }
diff --git a/src/lib/libcrypto/x509/x509_alt.c b/src/lib/libcrypto/x509/x509_alt.c
index 8981e4c4fb..e19a49ca86 100644
--- a/src/lib/libcrypto/x509/x509_alt.c
+++ b/src/lib/libcrypto/x509/x509_alt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_alt.c,v 1.17 2024/07/13 15:08:58 tb Exp $ */
+/* $OpenBSD: x509_alt.c,v 1.18 2025/03/06 07:17:45 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project.
  */
@@ -794,7 +794,6 @@ do_dirname(GENERAL_NAME *gen, const char *value, X509V3_CTX *ctx)
 	if (!ret)
 		X509_NAME_free(nm);
 	gen->d.dirn = nm;
-	X509V3_section_free(ctx, sk);
 
 	return ret;
 }
diff --git a/src/lib/libcrypto/x509/x509_conf.c b/src/lib/libcrypto/x509/x509_conf.c
index 51f92d43e4..1047540a88 100644
--- a/src/lib/libcrypto/x509/x509_conf.c
+++ b/src/lib/libcrypto/x509/x509_conf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_conf.c,v 1.27 2024/08/31 10:04:50 tb Exp $ */
+/* $OpenBSD: x509_conf.c,v 1.28 2025/03/06 07:17:45 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -414,12 +414,6 @@ X509V3_get_section(X509V3_CTX *ctx, const char *section)
 	return NCONF_get_section(ctx->db, section);
 }
 
-void
-X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
-{
-	return;
-}
-
 void
 X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf)
 {
diff --git a/src/lib/libcrypto/x509/x509_cpols.c b/src/lib/libcrypto/x509/x509_cpols.c
index 7a701ea659..a8aa9a3eb6 100644
--- a/src/lib/libcrypto/x509/x509_cpols.c
+++ b/src/lib/libcrypto/x509/x509_cpols.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_cpols.c,v 1.13 2024/07/13 15:08:58 tb Exp $ */
+/* $OpenBSD: x509_cpols.c,v 1.14 2025/03/06 07:17:45 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -468,7 +468,6 @@ r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value)
 				goto err;
 			}
 			pol = policy_section(ctx, polsect, ia5org);
-			X509V3_section_free(ctx, polsect);
 			if (!pol)
 				goto err;
 		} else {
@@ -551,7 +550,6 @@ policy_section(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *polstrs, int ia5org)
 				goto err;
 			}
 			qual = notice_section(ctx, unot, ia5org);
-			X509V3_section_free(ctx, unot);
 			if (qual == NULL)
 				goto err;
 
diff --git a/src/lib/libcrypto/x509/x509_crld.c b/src/lib/libcrypto/x509/x509_crld.c
index e9252a247a..1510576e83 100644
--- a/src/lib/libcrypto/x509/x509_crld.c
+++ b/src/lib/libcrypto/x509/x509_crld.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x509_crld.c,v 1.7 2024/07/13 15:08:58 tb Exp $ */
+/* $OpenBSD: x509_crld.c,v 1.8 2025/03/06 07:17:45 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 1999.
  */
@@ -133,9 +133,7 @@ gnames_from_sectname(X509V3_CTX *ctx, char *sect)
 		return NULL;
 	}
 	gens = v2i_GENERAL_NAMES(NULL, ctx, gnsect);
-	if (*sect == '@')
-		X509V3_section_free(ctx, gnsect);
-	else
+	if (*sect != '@')
 		sk_CONF_VALUE_pop_free(gnsect, X509V3_conf_free);
 	return gens;
 }
@@ -164,7 +162,6 @@ set_dist_point_name(DIST_POINT_NAME **pdp, X509V3_CTX *ctx, CONF_VALUE *cnf)
 			return -1;
 		}
 		ret = X509V3_NAME_from_section(nm, dnsect, MBSTRING_ASC);
-		X509V3_section_free(ctx, dnsect);
 		rnm = nm->entries;
 		nm->entries = NULL;
 		X509_NAME_free(nm);
@@ -337,7 +334,6 @@ v2i_crld(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 			if (!dpsect)
 				goto err;
 			point = crldp_from_section(ctx, dpsect);
-			X509V3_section_free(ctx, dpsect);
 			if (!point)
 				goto err;
 			if (!sk_DIST_POINT_push(crld, point)) {
diff --git a/src/lib/libcrypto/x509/x509_local.h b/src/lib/libcrypto/x509/x509_local.h
index 09092f7fdc..f055bb3446 100644
--- a/src/lib/libcrypto/x509/x509_local.h
+++ b/src/lib/libcrypto/x509/x509_local.h
@@ -1,4 +1,4 @@
-/*	$OpenBSD: x509_local.h,v 1.36 2025/02/21 05:44:28 tb Exp $ */
+/*	$OpenBSD: x509_local.h,v 1.37 2025/03/06 07:17:45 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2013.
  */
@@ -454,7 +454,6 @@ int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool);
 int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint);
 
 STACK_OF(CONF_VALUE) *X509V3_get_section(X509V3_CTX *ctx, const char *section);
-void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
 
 const X509V3_EXT_METHOD *x509v3_ext_method_authority_key_identifier(void);
 const X509V3_EXT_METHOD *x509v3_ext_method_basic_constraints(void);
-- 
cgit v1.2.3-55-g6feb