update openssl to 3.3.1

author: vnugent <public@vaughnnugent.com> 2024-08-06 19:42:25 -0400
committer: vnugent <public@vaughnnugent.com> 2024-08-06 19:42:25 -0400
commit: 7989a2660997b909e0b99fc1dfb3bcfbb0528df3 (patch)
tree: c5091cd853e3daf3fdd4499cde69045dcd847984 /vendor/openssl
parent: e949ae5aa1fd25d4d11fe31e30b7d82ae7778dc2 (diff)
12 files changed, 165 insertions, 80 deletions
diff --git a/vendor/openssl/include/openssl/cmp.h.in b/vendor/openssl/include/openssl/cmp.h.in
index c46b9ab..ad9eb34 100644
--- a/vendor/openssl/include/openssl/cmp.h.in
+++ b/vendor/openssl/include/openssl/cmp.h.in
@@ -228,12 +228,6 @@ DECLARE_ASN1_DUP_FUNCTION(OSSL_CMP_ITAV)
 {-
     generate_stack_macros("OSSL_CMP_ITAV");
 -}
-
-typedef struct ossl_cmp_crlstatus_st OSSL_CMP_CRLSTATUS;
-{-
-    generate_stack_macros("OSSL_CMP_CRLSTATUS");
--}
-
 typedef struct ossl_cmp_revrepcontent_st OSSL_CMP_REVREPCONTENT;
 typedef struct ossl_cmp_pkisi_st OSSL_CMP_PKISI;
 DECLARE_ASN1_FUNCTIONS(OSSL_CMP_PKISI)
@@ -263,7 +257,7 @@ void OSSL_CMP_ITAV_set0(OSSL_CMP_ITAV *itav, ASN1_OBJECT *type,
                         ASN1_TYPE *value);
 ASN1_OBJECT *OSSL_CMP_ITAV_get0_type(const OSSL_CMP_ITAV *itav);
 ASN1_TYPE *OSSL_CMP_ITAV_get0_value(const OSSL_CMP_ITAV *itav);
-int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **sk_p,
+int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
                                    OSSL_CMP_ITAV *itav);
 void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav);
 
@@ -284,22 +278,6 @@ int OSSL_CMP_ITAV_get0_rootCaKeyUpdate(const OSSL_CMP_ITAV *itav,
                                        X509 **newWithOld,
                                        X509 **oldWithNew);
 
-OSSL_CMP_CRLSTATUS *OSSL_CMP_CRLSTATUS_create(const X509_CRL *crl,
-                                              const X509 *cert, int only_DN);
-OSSL_CMP_CRLSTATUS *OSSL_CMP_CRLSTATUS_new1(const DIST_POINT_NAME *dpn,
-                                            const GENERAL_NAMES *issuer,
-                                            const ASN1_TIME *thisUpdate);
-int OSSL_CMP_CRLSTATUS_get0(const OSSL_CMP_CRLSTATUS *crlstatus,
-                            DIST_POINT_NAME **dpn, GENERAL_NAMES **issuer,
-                            ASN1_TIME **thisUpdate);
-void OSSL_CMP_CRLSTATUS_free(OSSL_CMP_CRLSTATUS *crlstatus);
-OSSL_CMP_ITAV
-*OSSL_CMP_ITAV_new0_crlStatusList(STACK_OF(OSSL_CMP_CRLSTATUS) *crlStatusList);
-int OSSL_CMP_ITAV_get0_crlStatusList(const OSSL_CMP_ITAV *itav,
-                                     STACK_OF(OSSL_CMP_CRLSTATUS) **out);
-OSSL_CMP_ITAV *OSSL_CMP_ITAV_new_crls(const X509_CRL *crls);
-int OSSL_CMP_ITAV_get0_crls(const OSSL_CMP_ITAV *it, STACK_OF(X509_CRL) **out);
-
 void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg);
 
 /* from cmp_ctx.c */
@@ -543,9 +521,6 @@ int OSSL_CMP_get1_caCerts(OSSL_CMP_CTX *ctx, STACK_OF(X509) **out);
 int OSSL_CMP_get1_rootCaKeyUpdate(OSSL_CMP_CTX *ctx,
                                   const X509 *oldWithOld, X509 **newWithNew,
                                   X509 **newWithOld, X509 **oldWithNew);
-int OSSL_CMP_get1_crlUpdate(OSSL_CMP_CTX *ctx, const X509 *crlcert,
-                            const X509_CRL *last_crl,
-                            X509_CRL **crl);
 
 #  ifdef  __cplusplus
 }
diff --git a/vendor/openssl/include/openssl/cmperr.h b/vendor/openssl/include/openssl/cmperr.h
index 700ffbe..0d876e5 100644
--- a/vendor/openssl/include/openssl/cmperr.h
+++ b/vendor/openssl/include/openssl/cmperr.h
@@ -60,9 +60,7 @@
 #  define CMP_R_FAILED_EXTRACTING_PUBKEY                   141
 #  define CMP_R_FAILURE_OBTAINING_RANDOM                   110
 #  define CMP_R_FAIL_INFO_OUT_OF_RANGE                     129
-#  define CMP_R_GENERATE_CRLSTATUS                         198
 #  define CMP_R_GETTING_GENP                               192
-#  define CMP_R_GET_ITAV                                   199
 #  define CMP_R_INVALID_ARGS                               100
 #  define CMP_R_INVALID_GENP                               193
 #  define CMP_R_INVALID_OPTION                             174
@@ -102,7 +100,6 @@
 #  define CMP_R_TRANSFER_ERROR                             159
 #  define CMP_R_UNCLEAN_CTX                                191
 #  define CMP_R_UNEXPECTED_CERTPROFILE                     196
-#  define CMP_R_UNEXPECTED_CRLSTATUSLIST                   201
 #  define CMP_R_UNEXPECTED_PKIBODY                         133
 #  define CMP_R_UNEXPECTED_PKISTATUS                       185
 #  define CMP_R_UNEXPECTED_POLLREQ                         105
@@ -110,7 +107,6 @@
 #  define CMP_R_UNEXPECTED_SENDER                          106
 #  define CMP_R_UNKNOWN_ALGORITHM_ID                       134
 #  define CMP_R_UNKNOWN_CERT_TYPE                          135
-#  define CMP_R_UNKNOWN_CRL_ISSUER                         200
 #  define CMP_R_UNKNOWN_PKISTATUS                          186
 #  define CMP_R_UNSUPPORTED_ALGORITHM                      136
 #  define CMP_R_UNSUPPORTED_KEY_TYPE                       137
diff --git a/vendor/openssl/include/openssl/comp.h.in b/vendor/openssl/include/openssl/comp.h.in
new file mode 100644
index 0000000..bd1efdc
--- /dev/null
+++ b/vendor/openssl/include/openssl/comp.h.in
@@ -0,0 +1,76 @@
+/*
+ * Copyright 2015-2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+{-
+use OpenSSL::stackhash qw(generate_stack_macros);
+-}
+
+#ifndef OPENSSL_COMP_H
+# define OPENSSL_COMP_H
+# pragma once
+
+# include <openssl/macros.h>
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+#  define HEADER_COMP_H
+# endif
+
+# include <openssl/opensslconf.h>
+
+# include <openssl/crypto.h>
+# include <openssl/comperr.h>
+# ifdef  __cplusplus
+extern "C" {
+# endif
+
+
+
+# ifndef OPENSSL_NO_COMP
+
+COMP_CTX *COMP_CTX_new(COMP_METHOD *meth);
+const COMP_METHOD *COMP_CTX_get_method(const COMP_CTX *ctx);
+int COMP_CTX_get_type(const COMP_CTX* comp);
+int COMP_get_type(const COMP_METHOD *meth);
+const char *COMP_get_name(const COMP_METHOD *meth);
+void COMP_CTX_free(COMP_CTX *ctx);
+
+int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
+                        unsigned char *in, int ilen);
+int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
+                      unsigned char *in, int ilen);
+
+COMP_METHOD *COMP_zlib(void);
+COMP_METHOD *COMP_zlib_oneshot(void);
+COMP_METHOD *COMP_brotli(void);
+COMP_METHOD *COMP_brotli_oneshot(void);
+COMP_METHOD *COMP_zstd(void);
+COMP_METHOD *COMP_zstd_oneshot(void);
+
+#  ifndef OPENSSL_NO_DEPRECATED_1_1_0
+#   define COMP_zlib_cleanup() while(0) continue
+#  endif
+
+#  ifdef OPENSSL_BIO_H
+const BIO_METHOD *BIO_f_zlib(void);
+const BIO_METHOD *BIO_f_brotli(void);
+const BIO_METHOD *BIO_f_zstd(void);
+#  endif
+
+# endif
+
+typedef struct ssl_comp_st SSL_COMP;
+
+{-
+    generate_stack_macros("SSL_COMP");
+-}
+
+
+# ifdef  __cplusplus
+}
+# endif
+#endif
diff --git a/vendor/openssl/include/openssl/crypto.h.in b/vendor/openssl/include/openssl/crypto.h.in
index 034f150..b2d691b 100644
--- a/vendor/openssl/include/openssl/crypto.h.in
+++ b/vendor/openssl/include/openssl/crypto.h.in
@@ -90,7 +90,6 @@ int CRYPTO_atomic_or(uint64_t *val, uint64_t op, uint64_t *ret,
                      CRYPTO_RWLOCK *lock);
 int CRYPTO_atomic_load(uint64_t *val, uint64_t *ret, CRYPTO_RWLOCK *lock);
 int CRYPTO_atomic_load_int(int *val, int *ret, CRYPTO_RWLOCK *lock);
-int CRYPTO_atomic_store(uint64_t *dst, uint64_t val, CRYPTO_RWLOCK *lock);
 
 /* No longer needed, so this is a no-op */
 #define OPENSSL_malloc_init() while(0) continue
@@ -99,9 +98,6 @@ int CRYPTO_atomic_store(uint64_t *dst, uint64_t val, CRYPTO_RWLOCK *lock);
         CRYPTO_malloc(num, OPENSSL_FILE, OPENSSL_LINE)
 # define OPENSSL_zalloc(num) \
         CRYPTO_zalloc(num, OPENSSL_FILE, OPENSSL_LINE)
-# define OPENSSL_aligned_alloc(num, alignment, freeptr) \
-        CRYPTO_aligned_alloc(num, alignment, freeptr, \
-                             OPENSSL_FILE, OPENSSL_LINE)
 # define OPENSSL_realloc(addr, num) \
         CRYPTO_realloc(addr, num, OPENSSL_FILE, OPENSSL_LINE)
 # define OPENSSL_clear_realloc(addr, old_num, num) \
@@ -325,9 +321,6 @@ void CRYPTO_get_mem_functions(CRYPTO_malloc_fn *malloc_fn,
 
 OSSL_CRYPTO_ALLOC void *CRYPTO_malloc(size_t num, const char *file, int line);
 OSSL_CRYPTO_ALLOC void *CRYPTO_zalloc(size_t num, const char *file, int line);
-OSSL_CRYPTO_ALLOC void *CRYPTO_aligned_alloc(size_t num, size_t align,
-                                             void **freeptr, const char *file,
-                                             int line);
 OSSL_CRYPTO_ALLOC void *CRYPTO_memdup(const void *str, size_t siz, const char *file, int line);
 OSSL_CRYPTO_ALLOC char *CRYPTO_strdup(const char *str, const char *file, int line);
 OSSL_CRYPTO_ALLOC char *CRYPTO_strndup(const char *str, size_t s, const char *file, int line);
@@ -536,8 +529,6 @@ int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file);
 void OSSL_LIB_CTX_free(OSSL_LIB_CTX *);
 OSSL_LIB_CTX *OSSL_LIB_CTX_get0_global_default(void);
 OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx);
-int OSSL_LIB_CTX_get_conf_diagnostics(OSSL_LIB_CTX *ctx);
-void OSSL_LIB_CTX_set_conf_diagnostics(OSSL_LIB_CTX *ctx, int value);
 
 void OSSL_sleep(uint64_t millis);
 
diff --git a/vendor/openssl/include/openssl/e_os2.h b/vendor/openssl/include/openssl/e_os2.h
index a4aea0b..f1e1795 100644
--- a/vendor/openssl/include/openssl/e_os2.h
+++ b/vendor/openssl/include/openssl/e_os2.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -200,7 +200,6 @@ extern "C" {
 # endif
 
 # ifndef ossl_ssize_t
-#  include <sys/types.h>
 #  define ossl_ssize_t ssize_t
 #  if defined(SSIZE_MAX)
 #   define OSSL_SSIZE_MAX SSIZE_MAX
@@ -229,6 +228,7 @@ typedef INT32 int32_t;
 typedef UINT32 uint32_t;
 typedef INT64 int64_t;
 typedef UINT64 uint64_t;
+typedef UINTN uintptr_t;
 # elif (defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L) || \
      defined(__osf__) || defined(__sgi) || defined(__hpux) || \
      defined(OPENSSL_SYS_VMS) || defined (__OpenBSD__)
diff --git a/vendor/openssl/include/openssl/indicator.h b/vendor/openssl/include/openssl/indicator.h
new file mode 100644
index 0000000..3ea0122
--- /dev/null
+++ b/vendor/openssl/include/openssl/indicator.h
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef OPENSSL_INDICATOR_H
+# define OPENSSL_INDICATOR_H
+# pragma once
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+#include <openssl/params.h>
+
+typedef int (OSSL_INDICATOR_CALLBACK)(const char *type, const char *desc,
+                                      const OSSL_PARAM params[]);
+
+void OSSL_INDICATOR_set_callback(OSSL_LIB_CTX *libctx,
+                                 OSSL_INDICATOR_CALLBACK *cb);
+void OSSL_INDICATOR_get_callback(OSSL_LIB_CTX *libctx,
+                                 OSSL_INDICATOR_CALLBACK **cb);
+
+# ifdef __cplusplus
+}
+# endif
+#endif /* OPENSSL_INDICATOR_H */
diff --git a/vendor/openssl/include/openssl/pem.h b/vendor/openssl/include/openssl/pem.h
index 6ea1a49..0446c77 100644
--- a/vendor/openssl/include/openssl/pem.h
+++ b/vendor/openssl/include/openssl/pem.h
@@ -58,7 +58,6 @@ extern "C" {
 # define PEM_STRING_PARAMETERS   "PARAMETERS"
 # define PEM_STRING_CMS          "CMS"
 # define PEM_STRING_SM2PARAMETERS "SM2 PARAMETERS"
-# define PEM_STRING_ACERT        "ATTRIBUTE CERTIFICATE"
 
 # define PEM_TYPE_ENCRYPTED      10
 # define PEM_TYPE_MIC_ONLY       20
diff --git a/vendor/openssl/include/openssl/sslerr.h b/vendor/openssl/include/openssl/sslerr.h
index 8222b25..ec35df6 100644
--- a/vendor/openssl/include/openssl/sslerr.h
+++ b/vendor/openssl/include/openssl/sslerr.h
@@ -117,7 +117,6 @@
 # define SSL_R_EMPTY_SRTP_PROTECTION_PROFILE_LIST         354
 # define SSL_R_ENCRYPTED_LENGTH_TOO_LONG                  150
 # define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              151
-# define SSL_R_ERROR_IN_SYSTEM_DEFAULT_CONFIG             419
 # define SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN             204
 # define SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE                  194
 # define SSL_R_EXCESSIVE_MESSAGE_SIZE                     152
diff --git a/vendor/openssl/include/openssl/tls1.h b/vendor/openssl/include/openssl/tls1.h
index 8ff39e3..7e3d1a7 100644
--- a/vendor/openssl/include/openssl/tls1.h
+++ b/vendor/openssl/include/openssl/tls1.h
@@ -622,10 +622,6 @@ int SSL_CTX_set_tlsext_ticket_key_evp_cb
 # define TLS1_3_CK_AES_128_CCM_SHA256                     0x03001304
 # define TLS1_3_CK_AES_128_CCM_8_SHA256                   0x03001305
 
-/* Integrity-only ciphersuites from RFC 9150 */
-# define TLS1_3_CK_SHA256_SHA256                          0x0300C0B4
-# define TLS1_3_CK_SHA384_SHA384                          0x0300C0B5
-
 /* Aria ciphersuites from RFC6209 */
 # define TLS1_CK_RSA_WITH_ARIA_128_GCM_SHA256             0x0300C050
 # define TLS1_CK_RSA_WITH_ARIA_256_GCM_SHA384             0x0300C051
@@ -703,8 +699,6 @@ int SSL_CTX_set_tlsext_ticket_key_evp_cb
 # define TLS1_3_RFC_AES_128_GCM_SHA256                   "TLS_AES_128_GCM_SHA256"
 # define TLS1_3_RFC_AES_256_GCM_SHA384                   "TLS_AES_256_GCM_SHA384"
 # define TLS1_3_RFC_CHACHA20_POLY1305_SHA256             "TLS_CHACHA20_POLY1305_SHA256"
-# define TLS1_3_RFC_SHA256_SHA256                        "TLS_SHA256_SHA256"
-# define TLS1_3_RFC_SHA384_SHA384                        "TLS_SHA384_SHA384"
 # define TLS1_3_RFC_AES_128_CCM_SHA256                   "TLS_AES_128_CCM_SHA256"
 # define TLS1_3_RFC_AES_128_CCM_8_SHA256                 "TLS_AES_128_CCM_8_SHA256"
 # define TLS1_RFC_ECDHE_ECDSA_WITH_NULL_SHA              "TLS_ECDHE_ECDSA_WITH_NULL_SHA"
diff --git a/vendor/openssl/include/openssl/x509.h.in b/vendor/openssl/include/openssl/x509.h.in
index 7d7ffa2..7210391 100644
--- a/vendor/openssl/include/openssl/x509.h.in
+++ b/vendor/openssl/include/openssl/x509.h.in
@@ -67,24 +67,16 @@ extern "C" {
 # define X509_FILETYPE_ASN1      2
 # define X509_FILETYPE_DEFAULT   3
 
-/*-
- * <https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3>:
- * The KeyUsage BITSTRING is treated as a little-endian integer, hence bit `0`
- * is 0x80, while bit `7` is 0x01 (the LSB of the integer value), bit `8` is
- * then the MSB of the second octet, or 0x8000.
- */
-# define X509v3_KU_DIGITAL_SIGNATURE     0x0080     /* (0) */
-# define X509v3_KU_NON_REPUDIATION       0x0040     /* (1) */
-# define X509v3_KU_KEY_ENCIPHERMENT      0x0020     /* (2) */
-# define X509v3_KU_DATA_ENCIPHERMENT     0x0010     /* (3) */
-# define X509v3_KU_KEY_AGREEMENT         0x0008     /* (4) */
-# define X509v3_KU_KEY_CERT_SIGN         0x0004     /* (5) */
-# define X509v3_KU_CRL_SIGN              0x0002     /* (6) */
-# define X509v3_KU_ENCIPHER_ONLY         0x0001     /* (7) */
-# define X509v3_KU_DECIPHER_ONLY         0x8000     /* (8) */
-# ifndef OPENSSL_NO_DEPRECATED_3_4
-#  define X509v3_KU_UNDEF                0xffff     /* vestigial, not used */
-# endif
+# define X509v3_KU_DIGITAL_SIGNATURE     0x0080
+# define X509v3_KU_NON_REPUDIATION       0x0040
+# define X509v3_KU_KEY_ENCIPHERMENT      0x0020
+# define X509v3_KU_DATA_ENCIPHERMENT     0x0010
+# define X509v3_KU_KEY_AGREEMENT         0x0008
+# define X509v3_KU_KEY_CERT_SIGN         0x0004
+# define X509v3_KU_CRL_SIGN              0x0002
+# define X509v3_KU_ENCIPHER_ONLY         0x0001
+# define X509v3_KU_DECIPHER_ONLY         0x8000
+# define X509v3_KU_UNDEF                 0xffff
 
 struct X509_algor_st {
     ASN1_OBJECT *algorithm;
diff --git a/vendor/openssl/include/openssl/x509_acert.h.in b/vendor/openssl/include/openssl/x509_acert.h.in
index 42376a6..70facf8 100644
--- a/vendor/openssl/include/openssl/x509_acert.h.in
+++ b/vendor/openssl/include/openssl/x509_acert.h.in
@@ -153,4 +153,40 @@ int OSSL_IETF_ATTR_SYNTAX_add1_value(OSSL_IETF_ATTR_SYNTAX *a, int type,
 		                             void *data);
 int OSSL_IETF_ATTR_SYNTAX_print(BIO *bp, OSSL_IETF_ATTR_SYNTAX *a, int indent);
 
+struct TARGET_CERT_st {
+    OSSL_ISSUER_SERIAL *targetCertificate;
+    GENERAL_NAME *targetName;
+    OSSL_OBJECT_DIGEST_INFO *certDigestInfo;
+};
+
+typedef struct TARGET_CERT_st OSSL_TARGET_CERT;
+
+# define OSSL_TGT_TARGET_NAME  0
+# define OSSL_TGT_TARGET_GROUP 1
+# define OSSL_TGT_TARGET_CERT  2
+
+typedef struct TARGET_st {
+    int type;
+    union {
+        GENERAL_NAME *targetName;
+        GENERAL_NAME *targetGroup;
+        OSSL_TARGET_CERT *targetCert;
+    } choice;
+} OSSL_TARGET;
+
+typedef STACK_OF(OSSL_TARGET) OSSL_TARGETS;
+typedef STACK_OF(OSSL_TARGETS) OSSL_TARGETING_INFORMATION;
+
+{-
+    generate_stack_macros("OSSL_TARGET");
+-}
+
+{-
+    generate_stack_macros("OSSL_TARGETS");
+-}
+
+DECLARE_ASN1_FUNCTIONS(OSSL_TARGET)
+DECLARE_ASN1_FUNCTIONS(OSSL_TARGETS)
+DECLARE_ASN1_FUNCTIONS(OSSL_TARGETING_INFORMATION)
+
 #endif
diff --git a/vendor/openssl/include/openssl/x509v3.h.in b/vendor/openssl/include/openssl/x509v3.h.in
index a967064..5696803 100644
--- a/vendor/openssl/include/openssl/x509v3.h.in
+++ b/vendor/openssl/include/openssl/x509v3.h.in
@@ -178,8 +178,6 @@ typedef struct ACCESS_DESCRIPTION_st {
     GENERAL_NAME *location;
 } ACCESS_DESCRIPTION;
 
-int GENERAL_NAME_set1_X509_NAME(GENERAL_NAME **tgt, const X509_NAME *src);
-
 {-
     generate_stack_macros("ACCESS_DESCRIPTION")
     .generate_stack_macros("GENERAL_NAME");
@@ -203,7 +201,6 @@ typedef struct DIST_POINT_NAME_st {
 /* If relativename then this contains the full distribution point name */
     X509_NAME *dpname;
 } DIST_POINT_NAME;
-DECLARE_ASN1_DUP_FUNCTION(DIST_POINT_NAME)
 /* All existing reasons */
 # define CRLDP_ALL_REASONS       0x807f
 
@@ -425,16 +422,15 @@ struct ISSUING_DIST_POINT_st {
 # define EXFLAG_SAN_CRITICAL     0x80000
 # define EXFLAG_NO_FINGERPRINT   0x100000
 
-/* https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.3 */
-# define KU_DIGITAL_SIGNATURE    X509v3_KU_DIGITAL_SIGNATURE
-# define KU_NON_REPUDIATION      X509v3_KU_NON_REPUDIATION
-# define KU_KEY_ENCIPHERMENT     X509v3_KU_KEY_ENCIPHERMENT
-# define KU_DATA_ENCIPHERMENT    X509v3_KU_DATA_ENCIPHERMENT
-# define KU_KEY_AGREEMENT        X509v3_KU_KEY_AGREEMENT
-# define KU_KEY_CERT_SIGN        X509v3_KU_KEY_CERT_SIGN
-# define KU_CRL_SIGN             X509v3_KU_CRL_SIGN
-# define KU_ENCIPHER_ONLY        X509v3_KU_ENCIPHER_ONLY
-# define KU_DECIPHER_ONLY        X509v3_KU_DECIPHER_ONLY
+# define KU_DIGITAL_SIGNATURE    0x0080
+# define KU_NON_REPUDIATION      0x0040
+# define KU_KEY_ENCIPHERMENT     0x0020
+# define KU_DATA_ENCIPHERMENT    0x0010
+# define KU_KEY_AGREEMENT        0x0008
+# define KU_KEY_CERT_SIGN        0x0004
+# define KU_CRL_SIGN             0x0002
+# define KU_ENCIPHER_ONLY        0x0001
+# define KU_DECIPHER_ONLY        0x8000
 
 # define NS_SSL_CLIENT           0x80
 # define NS_SSL_SERVER           0x40
author	vnugent <public@vaughnnugent.com>	2024-08-06 19:42:25 -0400
committer	vnugent <public@vaughnnugent.com>	2024-08-06 19:42:25 -0400
commit	7989a2660997b909e0b99fc1dfb3bcfbb0528df3 (patch)
tree	c5091cd853e3daf3fdd4499cde69045dcd847984 /vendor/openssl
parent	e949ae5aa1fd25d4d11fe31e30b7d82ae7778dc2 (diff)