From d4b9d4efe55dbdce0f489f6c2617761f8ef29068 Mon Sep 17 00:00:00 2001
From: tb <>
Date: Mon, 14 Apr 2025 08:39:27 +0000
Subject: Remove openssl ca -msie_hack

The nineties called and wanted their garbage back.

ok jsing
---
 src/usr.bin/openssl/ca.c | 33 ++-------------------------------
 1 file changed, 2 insertions(+), 31 deletions(-)

(limited to 'src')

diff --git a/src/usr.bin/openssl/ca.c b/src/usr.bin/openssl/ca.c
index d69844620d..b644b746b9 100644
--- a/src/usr.bin/openssl/ca.c
+++ b/src/usr.bin/openssl/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.61 2025/02/25 09:49:33 tb Exp $ */
+/* $OpenBSD: ca.c,v 1.62 2025/04/14 08:39:27 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -104,7 +104,6 @@
 #define ENV_POLICY      	"policy"
 #define ENV_EXTENSIONS      	"x509_extensions"
 #define ENV_CRLEXT      	"crl_extensions"
-#define ENV_MSIE_HACK		"msie_hack"
 #define ENV_NAMEOPT		"name_opt"
 #define ENV_CERTOPT		"cert_opt"
 #define ENV_EXTCOPY		"copy_extensions"
@@ -181,7 +180,6 @@ static struct {
 	int keyform;
 	char *md;
 	int multirdn;
-	int msie_hack;
 	int notext;
 	char *outdir;
 	char *outfile;
@@ -450,11 +448,6 @@ static const struct option ca_options[] = {
 		.type = OPTION_ARG,
 		.opt.arg = &cfg.md,
 	},
-	{
-		.name = "msie_hack",
-		.type = OPTION_FLAG,
-		.opt.flag = &cfg.msie_hack,
-	},
 	{
 		.name = "multivalue-rdn",
 		.desc = "Enable support for multivalued RDNs",
@@ -827,11 +820,6 @@ ca_main(int argc, char **argv)
 		ERR_clear_error();
 	if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
 		cfg.preserve = 1;
-	f = NCONF_get_string(conf, BASE_SECTION, ENV_MSIE_HACK);
-	if (f == NULL)
-		ERR_clear_error();
-	if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
-		cfg.msie_hack = 1;
 
 	f = NCONF_get_string(conf, cfg.section, ENV_NAMEOPT);
 
@@ -1681,7 +1669,7 @@ do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 	X509_NAME_ENTRY *ne;
 	X509_NAME_ENTRY *tne, *push;
 	EVP_PKEY *pktmp;
-	int ok = -1, i, j, last, nid;
+	int ok = -1, i, j, last;
 	const char *p;
 	CONF_VALUE *cv;
 	OPENSSL_STRING row[DB_NUMBER];
@@ -1723,23 +1711,6 @@ do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
 		if (obj == NULL)
 			goto err;
 
-		if (cfg.msie_hack) {
-			/* assume all type should be strings */
-			nid = OBJ_obj2nid(X509_NAME_ENTRY_get_object(ne));
-			if (nid == NID_undef)
-				goto err;
-
-			if (str->type == V_ASN1_UNIVERSALSTRING)
-				ASN1_UNIVERSALSTRING_to_string(str);
-
-			if ((str->type == V_ASN1_IA5STRING) &&
-			    (nid != NID_pkcs9_emailAddress))
-				str->type = V_ASN1_T61STRING;
-
-			if ((nid == NID_pkcs9_emailAddress) &&
-			    (str->type == V_ASN1_PRINTABLESTRING))
-				str->type = V_ASN1_IA5STRING;
-		}
 		/* If no EMAIL is wanted in the subject */
 		if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) && (!email_dn))
 			continue;
-- 
cgit v1.2.3-55-g6feb