aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Taskfile.yaml7
-rw-r--r--vendor/openssl/include/openssl/cmp.h.in27
-rw-r--r--vendor/openssl/include/openssl/cmperr.h4
-rw-r--r--vendor/openssl/include/openssl/comp.h.in76
-rw-r--r--vendor/openssl/include/openssl/crypto.h.in9
-rw-r--r--vendor/openssl/include/openssl/e_os2.h4
-rw-r--r--vendor/openssl/include/openssl/indicator.h31
-rw-r--r--vendor/openssl/include/openssl/pem.h1
-rw-r--r--vendor/openssl/include/openssl/sslerr.h1
-rw-r--r--vendor/openssl/include/openssl/tls1.h6
-rw-r--r--vendor/openssl/include/openssl/x509.h.in28
-rw-r--r--vendor/openssl/include/openssl/x509_acert.h.in36
-rw-r--r--vendor/openssl/include/openssl/x509v3.h.in22
13 files changed, 169 insertions, 83 deletions
diff --git a/Taskfile.yaml b/Taskfile.yaml
index 9c123ec..053cef2 100644
--- a/Taskfile.yaml
+++ b/Taskfile.yaml
@@ -176,6 +176,7 @@ tasks:
- task: dev-update-monocypher
- task: dev-update-mbedtls-headers
- task: dev-update-openssl-headers
+ - task: dev-set-secp256-headers
dev-update-monocypher:
vars:
@@ -204,13 +205,13 @@ tasks:
- git clone --branch {{ .MBEDTLS_GIT_BRANCH }} {{ .MBEDTLS_GIT_URL }} '{{ .TMP_DIR }}'
- - for: [ 'include/mbedtls', 'include/psa' ]
+ - for: [ 'include/mbedtls' ]
cmd: powershell cp -Recurse -Force '{{ .TMP_DIR }}/{{ .ITEM }}' '{{.MBEDTLS_DIR}}/include'
dev-update-openssl-headers:
vars:
- OPENSSL_GIT_URL: 'git://git.openssl.org/openssl.git'
- OPENSSL_GIT_BRANCH: 'master'
+ OPENSSL_GIT_URL: 'https://github.com/openssl/openssl'
+ OPENSSL_GIT_BRANCH: 'openssl-3.3.1'
OPENSSL_DIR: 'vendor/openssl'
TMP_DIR: '.update/openssl'
cmds:
diff --git a/vendor/openssl/include/openssl/cmp.h.in b/vendor/openssl/include/openssl/cmp.h.in
index c46b9ab..ad9eb34 100644
--- a/vendor/openssl/include/openssl/cmp.h.in
+++ b/vendor/openssl/include/openssl/cmp.h.in
@@ -228,12 +228,6 @@ DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV)
{-
generate_stack_macros("OSSL_CMP_ITAV");
-}
-
-typedef struct ossl_cmp_crlstatus_st OSSL_CMP_CRLSTATUS;
-{-
- generate_stack_macros("OSSL_CMP_CRLSTATUS");
--}
-
typedef struct ossl_cmp_revrepcontent_st OSSL_CMP_REVREPCONTENT;
typedef struct ossl_cmp_pkisi_st OSSL_CMP_PKISI;
DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
@@ -263,7 +257,7 @@ void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type,
ASN1_TYPE *value);
ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav);
ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav);
-int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **sk_p,
+int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
OSSL_CMP_ITAV *itav);
void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav);
@@ -284,22 +278,6 @@ int OSSL_CMP_ITAV_get0_rootCaKeyUpdate(const OSSL_CMP_ITAV *itav,
X509 **newWithOld,
X509 **oldWithNew);
-OSSL_CMP_CRLSTATUS *OSSL_CMP_CRLSTATUS_create(const X509_CRL *crl,
- const X509 *cert, int only_DN);
-OSSL_CMP_CRLSTATUS *OSSL_CMP_CRLSTATUS_new1(const DIST_POINT_NAME *dpn,
- const GENERAL_NAMES *issuer,
- const ASN1_TIME *thisUpdate);
-int OSSL_CMP_CRLSTATUS_get0(const OSSL_CMP_CRLSTATUS *crlstatus,
- DIST_POINT_NAME **dpn, GENERAL_NAMES **issuer,
- ASN1_TIME **thisUpdate);
-void OSSL_CMP_CRLSTATUS_free(OSSL_CMP_CRLSTATUS *crlstatus);
-OSSL_CMP_ITAV
-*OSSL_CMP_ITAV_new0_crlStatusList(STACK_OF(OSSL_CMP_CRLSTATUS) *crlStatusList);
-int OSSL_CMP_ITAV_get0_crlStatusList(const OSSL_CMP_ITAV *itav,
- STACK_OF(OSSL_CMP_CRLSTATUS) **out);
-OSSL_CMP_ITAV *OSSL_CMP_ITAV_new_crls(const X509_CRL *crls);
-int OSSL_CMP_ITAV_get0_crls(const OSSL_CMP_ITAV *it, STACK_OF(X509_CRL) **out);
-
void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg);
/* from cmp_ctx.c */
@@ -543,9 +521,6 @@ int OSSL_CMP_get1_caCerts(OSSL_CMP_CTX *ctx, STACK_OF(X509) **out);
int OSSL_CMP_get1_rootCaKeyUpdate(OSSL_CMP_CTX *ctx,
const X509 *oldWithOld, X509 **newWithNew,
X509 **newWithOld, X509 **oldWithNew);
-int OSSL_CMP_get1_crlUpdate(OSSL_CMP_CTX *ctx, const X509 *crlcert,
- const X509_CRL *last_crl,
- X509_CRL **crl);
# ifdef __cplusplus
}
diff --git a/vendor/openssl/include/openssl/cmperr.h b/vendor/openssl/include/openssl/cmperr.h
index 700ffbe..0d876e5 100644
--- a/vendor/openssl/include/openssl/cmperr.h
+++ b/vendor/openssl/include/openssl/cmperr.h
@@ -60,9 +60,7 @@
# define CMP_R_FAILED_EXTRACTING_PUBKEY 141
# define CMP_R_FAILURE_OBTAINING_RANDOM 110
# define CMP_R_FAIL_INFO_OUT_OF_RANGE 129
-# define CMP_R_GENERATE_CRLSTATUS 198
# define CMP_R_GETTING_GENP 192
-# define CMP_R_GET_ITAV 199
# define CMP_R_INVALID_ARGS 100
# define CMP_R_INVALID_GENP 193
# define CMP_R_INVALID_OPTION 174
@@ -102,7 +100,6 @@
# define CMP_R_TRANSFER_ERROR 159
# define CMP_R_UNCLEAN_CTX 191
# define CMP_R_UNEXPECTED_CERTPROFILE 196
-# define CMP_R_UNEXPECTED_CRLSTATUSLIST 201
# define CMP_R_UNEXPECTED_PKIBODY 133
# define CMP_R_UNEXPECTED_PKISTATUS 185
# define CMP_R_UNEXPECTED_POLLREQ 105
@@ -110,7 +107,6 @@
# define CMP_R_UNEXPECTED_SENDER 106
# define CMP_R_UNKNOWN_ALGORITHM_ID 134
# define CMP_R_UNKNOWN_CERT_TYPE 135
-# define CMP_R_UNKNOWN_CRL_ISSUER 200
# define CMP_R_UNKNOWN_PKISTATUS 186
# define CMP_R_UNSUPPORTED_ALGORITHM 136
# define CMP_R_UNSUPPORTED_KEY_TYPE 137
diff --git a/vendor/openssl/include/openssl/comp.h.in b/vendor/openssl/include/openssl/comp.h.in
new file mode 100644
index 0000000..bd1efdc
--- /dev/null
+++ b/vendor/openssl/include/openssl/comp.h.in
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+{-
+use OpenSSL::stackhash qw(generate_stack_macros);
+-}
+
+#ifndef OPENSSL_COMP_H
+# define OPENSSL_COMP_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+# define HEADER_COMP_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# include <openssl/crypto.h>
+# include <openssl/comperr.h>
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+
+
+# ifndef OPENSSL_NO_COMP
+
+COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
+const COMP_METHOD *COMP_CTX_get_method(const COMP_CTX *ctx);
+int COMP_CTX_get_type(const COMP_CTX* comp);
+int COMP_get_type(const COMP_METHOD *meth);
+const char *COMP_get_name(const COMP_METHOD *meth);
+void COMP_CTX_free(COMP_CTX *ctx);
+
+int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
+ unsigned char *in, int ilen);
+
+COMP_METHOD *COMP_zlib(void);
+COMP_METHOD *COMP_zlib_oneshot(void);
+COMP_METHOD *COMP_brotli(void);
+COMP_METHOD *COMP_brotli_oneshot(void);
+COMP_METHOD *COMP_zstd(void);
+COMP_METHOD *COMP_zstd_oneshot(void);
+
+# ifndef OPENSSL_NO_DEPRECATED_1_1_0
+# define COMP_zlib_cleanup() while(0) continue
+# endif
+
+# ifdef OPENSSL_BIO_H
+const BIO_METHOD *BIO_f_zlib(void);
+const BIO_METHOD *BIO_f_brotli(void);
+const BIO_METHOD *BIO_f_zstd(void);
+# endif
+
+# endif
+
+typedef struct ssl_comp_st SSL_COMP;
+
+{-
+ generate_stack_macros("SSL_COMP");
+-}
+
+
+# ifdef __cplusplus
+}
+# endif
+#endif
diff --git a/vendor/openssl/include/openssl/crypto.h.in b/vendor/openssl/include/openssl/crypto.h.in
index 034f150..b2d691b 100644
--- a/vendor/openssl/include/openssl/crypto.h.in
+++ b/vendor/openssl/include/openssl/crypto.h.in
@@ -90,7 +90,6 @@ int CRYPTO_atomic_or(uint64_t *val, uint64_t op, uint64_t *ret,
CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_load(uint64_t *val, uint64_t *ret, CRYPTO_RWLOCK *lock);
int CRYPTO_atomic_load_int(int *val, int *ret, CRYPTO_RWLOCK *lock);
-int CRYPTO_atomic_store(uint64_t *dst, uint64_t val, CRYPTO_RWLOCK *lock);
/* No longer needed, so this is a no-op */
#define OPENSSL_malloc_init() while(0) continue
@@ -99,9 +98,6 @@ int CRYPTO_atomic_store(uint64_t *dst, uint64_t val, CRYPTO_RWLOCK *lock);
CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_zalloc(num) \
CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
-# define OPENSSL_aligned_alloc(num, alignment, freeptr) \
- CRYPTO_aligned_alloc(num, alignment, freeptr, \
- OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_realloc(addr, num) \
CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
# define OPENSSL_clear_realloc(addr, old_num, num) \
@@ -325,9 +321,6 @@ void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
OSSL_CRYPTO_ALLOC void *CRYPTO_malloc(size_t num, const char *file, int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_zalloc(size_t num, const char *file, int line);
-OSSL_CRYPTO_ALLOC void *CRYPTO_aligned_alloc(size_t num, size_t align,
- void **freeptr, const char *file,
- int line);
OSSL_CRYPTO_ALLOC void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line);
OSSL_CRYPTO_ALLOC char *CRYPTO_strdup(const char *str, const char *file, int line);
OSSL_CRYPTO_ALLOC char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line);
@@ -536,8 +529,6 @@ int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file);
void OSSL_LIB_CTX_free(OSSL_LIB_CTX *);
OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void);
OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx);
-int OSSL_LIB_CTX_get_conf_diagnostics(OSSL_LIB_CTX *ctx);
-void OSSL_LIB_CTX_set_conf_diagnostics(OSSL_LIB_CTX *ctx, int value);
void OSSL_sleep(uint64_t millis);
diff --git a/vendor/openssl/include/openssl/e_os2.h b/vendor/openssl/include/openssl/e_os2.h
index a4aea0b..f1e1795 100644
--- a/vendor/openssl/include/openssl/e_os2.h
+++ b/vendor/openssl/include/openssl/e_os2.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -200,7 +200,6 @@ extern "C" {
# endif
# ifndef ossl_ssize_t
-# include <sys/types.h>
# define ossl_ssize_t ssize_t
# if defined(SSIZE_MAX)
# define OSSL_SSIZE_MAX SSIZE_MAX
@@ -229,6 +228,7 @@ typedef INT32 int32_t;
typedef UINT32 uint32_t;
typedef INT64 int64_t;
typedef UINT64 uint64_t;
+typedef UINTN uintptr_t;
# elif (defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L) || \
defined(__osf__) || defined(__sgi) || defined(__hpux) || \
defined(OPENSSL_SYS_VMS) || defined (__OpenBSD__)
diff --git a/vendor/openssl/include/openssl/indicator.h b/vendor/openssl/include/openssl/indicator.h
new file mode 100644
index 0000000..3ea0122
--- /dev/null
+++ b/vendor/openssl/include/openssl/indicator.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_INDICATOR_H
+# define OPENSSL_INDICATOR_H
+# pragma once
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+#include <openssl/params.h>
+
+typedef int (OSSL_INDICATOR_CALLBACK)(const char *type, const char *desc,
+ const OSSL_PARAM params[]);
+
+void OSSL_INDICATOR_set_callback(OSSL_LIB_CTX *libctx,
+ OSSL_INDICATOR_CALLBACK *cb);
+void OSSL_INDICATOR_get_callback(OSSL_LIB_CTX *libctx,
+ OSSL_INDICATOR_CALLBACK **cb);
+
+# ifdef __cplusplus
+}
+# endif
+#endif /* OPENSSL_INDICATOR_H */
diff --git a/vendor/openssl/include/openssl/pem.h b/vendor/openssl/include/openssl/pem.h
index 6ea1a49..0446c77 100644
--- a/vendor/openssl/include/openssl/pem.h
+++ b/vendor/openssl/include/openssl/pem.h
@@ -58,7 +58,6 @@ extern "C" {
# define PEM_STRING_PARAMETERS "PARAMETERS"
# define PEM_STRING_CMS "CMS"
# define PEM_STRING_SM2PARAMETERS "SM2 PARAMETERS"
-# define PEM_STRING_ACERT "ATTRIBUTE CERTIFICATE"
# define PEM_TYPE_ENCRYPTED 10
# define PEM_TYPE_MIC_ONLY 20
diff --git a/vendor/openssl/include/openssl/sslerr.h b/vendor/openssl/include/openssl/sslerr.h
index 8222b25..ec35df6 100644
--- a/vendor/openssl/include/openssl/sslerr.h
+++ b/vendor/openssl/include/openssl/sslerr.h
@@ -117,7 +117,6 @@
# define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST 354
# define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 150
# define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 151
-# define SSL_R_ERROR_IN_SYSTEM_DEFAULT_CONFIG 419
# define SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN 204
# define SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE 194
# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
diff --git a/vendor/openssl/include/openssl/tls1.h b/vendor/openssl/include/openssl/tls1.h
index 8ff39e3..7e3d1a7 100644
--- a/vendor/openssl/include/openssl/tls1.h
+++ b/vendor/openssl/include/openssl/tls1.h
@@ -622,10 +622,6 @@ int SSL_CTX_set_tlsext_ticket_key_evp_cb
# define TLS1_3_CK_AES_128_CCM_SHA256 0x03001304
# define TLS1_3_CK_AES_128_CCM_8_SHA256 0x03001305
-/* Integrity-only ciphersuites from RFC 9150 */
-# define TLS1_3_CK_SHA256_SHA256 0x0300C0B4
-# define TLS1_3_CK_SHA384_SHA384 0x0300C0B5
-
/* Aria ciphersuites from RFC6209 */
# define TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256 0x0300C050
# define TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384 0x0300C051
@@ -703,8 +699,6 @@ int SSL_CTX_set_tlsext_ticket_key_evp_cb
# define TLS1_3_RFC_AES_128_GCM_SHA256 "TLS_AES_128_GCM_SHA256"
# define TLS1_3_RFC_AES_256_GCM_SHA384 "TLS_AES_256_GCM_SHA384"
# define TLS1_3_RFC_CHACHA20_POLY1305_SHA256 "TLS_CHACHA20_POLY1305_SHA256"
-# define TLS1_3_RFC_SHA256_SHA256 "TLS_SHA256_SHA256"
-# define TLS1_3_RFC_SHA384_SHA384 "TLS_SHA384_SHA384"
# define TLS1_3_RFC_AES_128_CCM_SHA256 "TLS_AES_128_CCM_SHA256"
# define TLS1_3_RFC_AES_128_CCM_8_SHA256 "TLS_AES_128_CCM_8_SHA256"
# define TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
diff --git a/vendor/openssl/include/openssl/x509.h.in b/vendor/openssl/include/openssl/x509.h.in
index 7d7ffa2..7210391 100644
--- a/vendor/openssl/include/openssl/x509.h.in
+++ b/vendor/openssl/include/openssl/x509.h.in
@@ -67,24 +67,16 @@ extern "C" {
# define X509_FILETYPE_ASN1 2
# define X509_FILETYPE_DEFAULT 3
-/*-
- * <https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3>:
- * The KeyUsage BITSTRING is treated as a little-endian integer, hence bit `0`
- * is 0x80, while bit `7` is 0x01 (the LSB of the integer value), bit `8` is
- * then the MSB of the second octet, or 0x8000.
- */
-# define X509v3_KU_DIGITAL_SIGNATURE 0x0080 /* (0) */
-# define X509v3_KU_NON_REPUDIATION 0x0040 /* (1) */
-# define X509v3_KU_KEY_ENCIPHERMENT 0x0020 /* (2) */
-# define X509v3_KU_DATA_ENCIPHERMENT 0x0010 /* (3) */
-# define X509v3_KU_KEY_AGREEMENT 0x0008 /* (4) */
-# define X509v3_KU_KEY_CERT_SIGN 0x0004 /* (5) */
-# define X509v3_KU_CRL_SIGN 0x0002 /* (6) */
-# define X509v3_KU_ENCIPHER_ONLY 0x0001 /* (7) */
-# define X509v3_KU_DECIPHER_ONLY 0x8000 /* (8) */
-# ifndef OPENSSL_NO_DEPRECATED_3_4
-# define X509v3_KU_UNDEF 0xffff /* vestigial, not used */
-# endif
+# define X509v3_KU_DIGITAL_SIGNATURE 0x0080
+# define X509v3_KU_NON_REPUDIATION 0x0040
+# define X509v3_KU_KEY_ENCIPHERMENT 0x0020
+# define X509v3_KU_DATA_ENCIPHERMENT 0x0010
+# define X509v3_KU_KEY_AGREEMENT 0x0008
+# define X509v3_KU_KEY_CERT_SIGN 0x0004
+# define X509v3_KU_CRL_SIGN 0x0002
+# define X509v3_KU_ENCIPHER_ONLY 0x0001
+# define X509v3_KU_DECIPHER_ONLY 0x8000
+# define X509v3_KU_UNDEF 0xffff
struct X509_algor_st {
ASN1_OBJECT *algorithm;
diff --git a/vendor/openssl/include/openssl/x509_acert.h.in b/vendor/openssl/include/openssl/x509_acert.h.in
index 42376a6..70facf8 100644
--- a/vendor/openssl/include/openssl/x509_acert.h.in
+++ b/vendor/openssl/include/openssl/x509_acert.h.in
@@ -153,4 +153,40 @@ int OSSL_IETF_ATTR_SYNTAX_add1_value(OSSL_IETF_ATTR_SYNTAX *a, int type,
void *data);
int OSSL_IETF_ATTR_SYNTAX_print(BIO *bp, OSSL_IETF_ATTR_SYNTAX *a, int indent);
+struct TARGET_CERT_st {
+ OSSL_ISSUER_SERIAL *targetCertificate;
+ GENERAL_NAME *targetName;
+ OSSL_OBJECT_DIGEST_INFO *certDigestInfo;
+};
+
+typedef struct TARGET_CERT_st OSSL_TARGET_CERT;
+
+# define OSSL_TGT_TARGET_NAME 0
+# define OSSL_TGT_TARGET_GROUP 1
+# define OSSL_TGT_TARGET_CERT 2
+
+typedef struct TARGET_st {
+ int type;
+ union {
+ GENERAL_NAME *targetName;
+ GENERAL_NAME *targetGroup;
+ OSSL_TARGET_CERT *targetCert;
+ } choice;
+} OSSL_TARGET;
+
+typedef STACK_OF(OSSL_TARGET) OSSL_TARGETS;
+typedef STACK_OF(OSSL_TARGETS) OSSL_TARGETING_INFORMATION;
+
+{-
+ generate_stack_macros("OSSL_TARGET");
+-}
+
+{-
+ generate_stack_macros("OSSL_TARGETS");
+-}
+
+DECLARE_ASN1_FUNCTIONS(OSSL_TARGET)
+DECLARE_ASN1_FUNCTIONS(OSSL_TARGETS)
+DECLARE_ASN1_FUNCTIONS(OSSL_TARGETING_INFORMATION)
+
#endif
diff --git a/vendor/openssl/include/openssl/x509v3.h.in b/vendor/openssl/include/openssl/x509v3.h.in
index a967064..5696803 100644
--- a/vendor/openssl/include/openssl/x509v3.h.in
+++ b/vendor/openssl/include/openssl/x509v3.h.in
@@ -178,8 +178,6 @@ typedef struct ACCESS_DESCRIPTION_st {
GENERAL_NAME *location;
} ACCESS_DESCRIPTION;
-int GENERAL_NAME_set1_X509_NAME(GENERAL_NAME **tgt, const X509_NAME *src);
-
{-
generate_stack_macros("ACCESS_DESCRIPTION")
.generate_stack_macros("GENERAL_NAME");
@@ -203,7 +201,6 @@ typedef struct DIST_POINT_NAME_st {
/* If relativename then this contains the full distribution point name */
X509_NAME *dpname;
} DIST_POINT_NAME;
-DECLARE_ASN1_DUP_FUNCTION(DIST_POINT_NAME)
/* All existing reasons */
# define CRLDP_ALL_REASONS 0x807f
@@ -425,16 +422,15 @@ struct ISSUING_DIST_POINT_st {
# define EXFLAG_SAN_CRITICAL 0x80000
# define EXFLAG_NO_FINGERPRINT 0x100000
-/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3 */
-# define KU_DIGITAL_SIGNATURE X509v3_KU_DIGITAL_SIGNATURE
-# define KU_NON_REPUDIATION X509v3_KU_NON_REPUDIATION
-# define KU_KEY_ENCIPHERMENT X509v3_KU_KEY_ENCIPHERMENT
-# define KU_DATA_ENCIPHERMENT X509v3_KU_DATA_ENCIPHERMENT
-# define KU_KEY_AGREEMENT X509v3_KU_KEY_AGREEMENT
-# define KU_KEY_CERT_SIGN X509v3_KU_KEY_CERT_SIGN
-# define KU_CRL_SIGN X509v3_KU_CRL_SIGN
-# define KU_ENCIPHER_ONLY X509v3_KU_ENCIPHER_ONLY
-# define KU_DECIPHER_ONLY X509v3_KU_DECIPHER_ONLY
+# define KU_DIGITAL_SIGNATURE 0x0080
+# define KU_NON_REPUDIATION 0x0040
+# define KU_KEY_ENCIPHERMENT 0x0020
+# define KU_DATA_ENCIPHERMENT 0x0010
+# define KU_KEY_AGREEMENT 0x0008
+# define KU_KEY_CERT_SIGN 0x0004
+# define KU_CRL_SIGN 0x0002
+# define KU_ENCIPHER_ONLY 0x0001
+# define KU_DECIPHER_ONLY 0x8000
# define NS_SSL_CLIENT 0x80
# define NS_SSL_SERVER 0x40