summaryrefslogtreecommitdiff
path: root/lib/libcrypto/asn1
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libcrypto/asn1')
-rw-r--r--lib/libcrypto/asn1/x_x509.c29
1 files changed, 2 insertions, 27 deletions
diff --git a/lib/libcrypto/asn1/x_x509.c b/lib/libcrypto/asn1/x_x509.c
index 87b714877f9..df66153c455 100644
--- a/lib/libcrypto/asn1/x_x509.c
+++ b/lib/libcrypto/asn1/x_x509.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: x_x509.c,v 1.32 2023/04/23 21:31:16 job Exp $ */
+/* $OpenBSD: x_x509.c,v 1.33 2023/04/24 08:09:29 job Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -61,7 +61,6 @@
#include <openssl/opensslconf.h>
#include <openssl/asn1t.h>
-#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
@@ -195,34 +194,10 @@ x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
break;
- case ASN1_OP_D2I_POST: {
- const ASN1_BIT_STRING *issuerUID = NULL, *subjectUID = NULL;
- long version;
-
- version = X509_get_version(ret);
- /* accept 0 despite DER requiring omission of default values */
- if (version < 0 || version > 2) {
- X509error(X509_R_INVALID_VERSION);
- return 0;
- }
-
- /* RFC 5280 section 4.1.2.8, these fields require v2 or v3 */
- X509_get0_uids(ret, &issuerUID, &subjectUID);
- if ((issuerUID != NULL || subjectUID != NULL) && version == 0) {
- X509error(X509_R_INVALID_VERSION);
- return 0;
- }
-
- /* RFC 5280 section 4.1.2.9, extensions require v3. */
- if (X509_get_ext_count(ret) != 0 && version != 2) {
- X509error(X509_R_INVALID_VERSION);
- return 0;
- }
-
+ case ASN1_OP_D2I_POST:
free(ret->name);
ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
break;
- }
case ASN1_OP_FREE_POST:
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);