diff options
| author | Theo Buehler <tb@cvs.openbsd.org> | 2024-08-28 08:33:07 +0000 |
|---|---|---|
| committer | Theo Buehler <tb@cvs.openbsd.org> | 2024-08-28 08:33:07 +0000 |
| commit | b0de45bf45f9d6b66c814bb56b11cafe93456bd9 (patch) | |
| tree | a082e32ce150a8190533eda3da328b134ee92ef2 | |
| parent | fd821dc781da67462e39eebf64feea5b606eff99 (diff) | |
Disable X509V3_EXT{,_CRL,_REQ}_add_conf()
These legacy interfaces were only used by PHP 7.4 and 8.0 and they will
be removed in an upcoming bump.
ok beck jsing
| -rw-r--r-- | lib/libcrypto/hidden/openssl/x509v3.h | 8 | ||||
| -rw-r--r-- | lib/libcrypto/x509/x509_conf.c | 24 |
2 files changed, 11 insertions, 21 deletions
diff --git a/lib/libcrypto/hidden/openssl/x509v3.h b/lib/libcrypto/hidden/openssl/x509v3.h index 1799d4811d0..c2293d8ea05 100644 --- a/lib/libcrypto/hidden/openssl/x509v3.h +++ b/lib/libcrypto/hidden/openssl/x509v3.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x509v3.h,v 1.9 2024/07/08 17:01:54 beck Exp $ */ +/* $OpenBSD: x509v3.h,v 1.10 2024/08/28 08:33:06 tb Exp $ */ /* * Copyright (c) 2022 Bob Beck <beck@openbsd.org> * @@ -139,9 +139,9 @@ LCRYPTO_USED(X509V3_EXT_REQ_add_nconf); LCRYPTO_USED(X509V3_EXT_CRL_add_nconf); LCRYPTO_USED(X509V3_EXT_conf_nid); LCRYPTO_USED(X509V3_EXT_conf); -LCRYPTO_USED(X509V3_EXT_add_conf); -LCRYPTO_USED(X509V3_EXT_REQ_add_conf); -LCRYPTO_USED(X509V3_EXT_CRL_add_conf); +LCRYPTO_UNUSED(X509V3_EXT_add_conf); +LCRYPTO_UNUSED(X509V3_EXT_REQ_add_conf); +LCRYPTO_UNUSED(X509V3_EXT_CRL_add_conf); LCRYPTO_USED(X509V3_add_value_bool_nf); LCRYPTO_USED(X509V3_get_value_bool); LCRYPTO_USED(X509V3_get_value_int); diff --git a/lib/libcrypto/x509/x509_conf.c b/lib/libcrypto/x509/x509_conf.c index b506d3ddfb1..b6e5cd147ac 100644 --- a/lib/libcrypto/x509/x509_conf.c +++ b/lib/libcrypto/x509/x509_conf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: x509_conf.c,v 1.18 2024/06/24 06:32:04 tb Exp $ */ +/* $OpenBSD: x509_conf.c,v 1.19 2024/08/28 08:33:06 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 1999. */ @@ -562,35 +562,25 @@ int X509V3_EXT_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, const char *section, X509 *cert) { - CONF ctmp; - - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_add_nconf(&ctmp, ctx, section, cert); + X509V3error(ERR_R_DISABLED); + return 0; } LCRYPTO_ALIAS(X509V3_EXT_add_conf); -/* Same as above but for a CRL */ - int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, const char *section, X509_CRL *crl) { - CONF ctmp; - - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_CRL_add_nconf(&ctmp, ctx, section, crl); + X509V3error(ERR_R_DISABLED); + return 0; } LCRYPTO_ALIAS(X509V3_EXT_CRL_add_conf); -/* Add extensions to certificate request */ - int X509V3_EXT_REQ_add_conf(LHASH_OF(CONF_VALUE) *conf, X509V3_CTX *ctx, const char *section, X509_REQ *req) { - CONF ctmp; - - CONF_set_nconf(&ctmp, conf); - return X509V3_EXT_REQ_add_nconf(&ctmp, ctx, section, req); + X509V3error(ERR_R_DISABLED); + return 0; } LCRYPTO_ALIAS(X509V3_EXT_REQ_add_conf); |