From 37fcdfd27a858299321585974b7c60ba93f01fb8 Mon Sep 17 00:00:00 2001 From: Theo Buehler Date: Thu, 21 Mar 2024 22:16:06 +1000 Subject: [PATCH] Remove unused flags argument from trust handlers AWS-LC: - X509_TRUST is in include/openssl/x509.h; the check_trust function pointer was changed there. Change-Id: Ie16e9ab0897305089672720efa4530d43074f692 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67387 Auto-Submit: Theo Buehler Reviewed-by: Bob Beck Reviewed-by: David Benjamin Commit-Queue: Bob Beck (cherry picked from commit 4ac76f07a401b9b11d6ff305049721cfe3f6a777) --- crypto/x509/x509_trs.c | 24 ++++++++++++------------ include/openssl/x509.h | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index deb8930119..530daf2145 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c @@ -66,10 +66,10 @@ #include "internal.h" -static int trust_1oidany(const X509_TRUST *trust, X509 *x, int flags); -static int trust_compat(const X509_TRUST *trust, X509 *x, int flags); +static int trust_1oidany(const X509_TRUST *trust, X509 *x); +static int trust_compat(const X509_TRUST *trust, X509 *x); -static int obj_trust(int id, X509 *x, int flags); +static int obj_trust(int id, X509 *x); static const X509_TRUST trstandard[] = { {X509_TRUST_COMPAT, 0, trust_compat, (char *)"compatible", 0, NULL}, @@ -90,18 +90,18 @@ int X509_check_trust(X509 *x, int id, int flags) { } // We get this as a default value if (id == 0) { - int rv = obj_trust(NID_anyExtendedKeyUsage, x, 0); + int rv = obj_trust(NID_anyExtendedKeyUsage, x); if (rv != X509_TRUST_UNTRUSTED) { return rv; } - return trust_compat(NULL, x, 0); + return trust_compat(NULL, x); } int idx = X509_TRUST_get_by_id(id); if (idx == -1) { - return obj_trust(id, x, flags); + return obj_trust(id, x); } const X509_TRUST *pt = X509_TRUST_get0(idx); - return pt->check_trust(pt, x, flags); + return pt->check_trust(pt, x); } int X509_TRUST_get_count(void) { return OPENSSL_ARRAY_SIZE(trstandard); } @@ -139,16 +139,16 @@ char *X509_TRUST_get0_name(const X509_TRUST *xp) { return xp->name; } int X509_TRUST_get_trust(const X509_TRUST *xp) { return xp->trust; } -static int trust_1oidany(const X509_TRUST *trust, X509 *x, int flags) { +static int trust_1oidany(const X509_TRUST *trust, X509 *x) { if (x->aux && (x->aux->trust || x->aux->reject)) { - return obj_trust(trust->arg1, x, flags); + return obj_trust(trust->arg1, x); } // we don't have any trust settings: for compatibility we return trusted // if it is self signed - return trust_compat(trust, x, flags); + return trust_compat(trust, x); } -static int trust_compat(const X509_TRUST *trust, X509 *x, int flags) { +static int trust_compat(const X509_TRUST *trust, X509 *x) { if (!x509v3_cache_extensions(x)) { return X509_TRUST_UNTRUSTED; } @@ -159,7 +159,7 @@ static int trust_compat(const X509_TRUST *trust, X509 *x, int flags) { } } -static int obj_trust(int id, X509 *x, int flags) { +static int obj_trust(int id, X509 *x) { ASN1_OBJECT *obj; size_t i; X509_CERT_AUX *ax; diff --git a/include/openssl/x509.h b/include/openssl/x509.h index d757d8493c..688be12e8e 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -5070,7 +5070,7 @@ DECLARE_STACK_OF(DIST_POINT) struct x509_trust_st { int trust; int flags; -int (*check_trust)(const X509_TRUST *, X509 *, int); +int (*check_trust)(const X509_TRUST *, X509 *); char *name; int arg1; void *arg2;