[openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Matt Caswell
matt at openssl.org
Tue Nov 7 10:50:34 UTC 2017
The branch OpenSSL_1_1_0-stable has been updated
via fb969d09b0a9a1ae4ad27fbc1372aa31ade30667 (commit)
from 470a601705673102b9d33359408bef6334f07078 (commit)
- Log -----------------------------------------------------------------
commit fb969d09b0a9a1ae4ad27fbc1372aa31ade30667
Author: Matt Caswell <matt at openssl.org>
Date: Tue Oct 31 15:55:22 2017 +0000
Remove 4 broken macros from ocsp.h
There were 4 macros in ocsp.h that have not worked since 1.1.0 because
they attempt to access the internals of an opaque structure.
For OCSP_REQUEST_sign() applications should use OCSP_request_sign() instead.
For OCSP_BASICRESP_sign() applications should use OCSP_basic_sign() instead.
For OCSP_REQUEST_verify() applications should use OCSP_request_verify()
instead.
For OCSP_BASICRESP_verify() applications should use OCSP_basic_verify()
instead.
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
Reviewed-by: Rich Salz <rsalz at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4635)
(cherry picked from commit 9f5671c7e9f30dfa53b1a2b553f234c2761ceb66)
-----------------------------------------------------------------------
Summary of changes:
crypto/ocsp/ocsp_lcl.h | 16 ++++++++++++++++
include/openssl/ocsp.h | 16 ----------------
2 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/crypto/ocsp/ocsp_lcl.h b/crypto/ocsp/ocsp_lcl.h
index f93a268..d1cf158 100644
--- a/crypto/ocsp/ocsp_lcl.h
+++ b/crypto/ocsp/ocsp_lcl.h
@@ -214,3 +214,19 @@ struct ocsp_service_locator_st {
X509_NAME *issuer;
STACK_OF(ACCESS_DESCRIPTION) *locator;
};
+
+# define OCSP_REQUEST_sign(o,pkey,md) \
+ ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
+ &(o)->optionalSignature->signatureAlgorithm,NULL,\
+ (o)->optionalSignature->signature,&(o)->tbsRequest,pkey,md)
+
+# define OCSP_BASICRESP_sign(o,pkey,md,d) \
+ ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),&(o)->signatureAlgorithm,\
+ NULL,(o)->signature,&(o)->tbsResponseData,pkey,md)
+
+# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
+ &(a)->optionalSignature->signatureAlgorithm,\
+ (a)->optionalSignature->signature,&(a)->tbsRequest,r)
+
+# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
+ &(a)->signatureAlgorithm,(a)->signature,&(a)->tbsResponseData,r)
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index 08debc5..f2281c0 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -137,22 +137,6 @@ typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
# define i2d_OCSP_REQUEST_bio(bp,o) ASN1_i2d_bio_of(OCSP_REQUEST,i2d_OCSP_REQUEST,bp,o)
-# define OCSP_REQUEST_sign(o,pkey,md) \
- ASN1_item_sign(ASN1_ITEM_rptr(OCSP_REQINFO),\
- &o->optionalSignature->signatureAlgorithm,NULL,\
- o->optionalSignature->signature,&o->tbsRequest,pkey,md)
-
-# define OCSP_BASICRESP_sign(o,pkey,md,d) \
- ASN1_item_sign(ASN1_ITEM_rptr(OCSP_RESPDATA),&o->signatureAlgorithm,NULL,\
- o->signature,&o->tbsResponseData,pkey,md)
-
-# define OCSP_REQUEST_verify(a,r) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_REQINFO),\
- &a->optionalSignature->signatureAlgorithm,\
- a->optionalSignature->signature,&a->tbsRequest,r)
-
-# define OCSP_BASICRESP_verify(a,r,d) ASN1_item_verify(ASN1_ITEM_rptr(OCSP_RESPDATA),\
- &a->signatureAlgorithm,a->signature,&a->tbsResponseData,r)
-
# define ASN1_BIT_STRING_digest(data,type,md,len) \
ASN1_item_digest(ASN1_ITEM_rptr(ASN1_BIT_STRING),type,data,md,len)
More information about the openssl-commits
mailing list