Delete all the old X509V3 pack and unpack stuff and various structures and

files associated with them. This stuff is all obsoleted by the new X509V3 code.

Delete all the old X509V3 pack and unpack stuff and various structures and
files associated with them. This stuff is all obsoleted by the new X509V3 code.
0490a86d · Dr. Stephen Henson · baf748ba · 0490a86d · 0490a86d · baf748ba
11 changed file
--- a/CHANGES
+++ b/CHANGES
@@ -5,6 +5,10 @@

 Changes between 0.9.2b and 0.9.3

+  *) Delete various functions and files that belonged to the (now obsolete)
+     old X509V3 handling code.
+     [Steve Henson]
+
  *) New Configure option "rsaref".
     [Ulf Möller]


--- a/crypto/x509/Makefile.ssl
+++ b/crypto/x509/Makefile.ssl
@@ -25,17 +25,15 @@ LIB=$(TOP)/libcrypto.a
 LIBSRC=	x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
 	x509_obj.c x509_req.c x509_vfy.c \
 	x509_set.c x509rset.c $(ERRC).c \
-	x509name.c x509_v3.c x509_ext.c x509pack.c \
+	x509name.c x509_v3.c x509_ext.c \
 	x509type.c x509_lu.c x_all.c x509_txt.c \
-	by_file.c by_dir.c \
-	v3_net.c v3_x509.c
+	by_file.c by_dir.c 
 LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
 	x509_obj.o x509_req.o x509_vfy.o \
 	x509_set.o x509rset.o $(ERRC).o \
-	x509name.o x509_v3.o x509_ext.o x509pack.o \
+	x509name.o x509_v3.o x509_ext.o \
 	x509type.o x509_lu.o x_all.o x509_txt.o \
-	by_file.o by_dir.o \
-	v3_net.o v3_x509.o
+	by_file.o by_dir.o

 SRC= $(LIBSRC)

@@ -117,26 +115,6 @@ by_file.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
 by_file.o: ../../include/ripemd.h ../../include/rsa.h ../../include/safestack.h
 by_file.o: ../../include/sha.h ../../include/stack.h ../cryptlib.h ../crypto.h
 by_file.o: ../opensslv.h x509.h x509_vfy.h
-v3_net.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
-v3_net.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
-v3_net.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
-v3_net.o: ../../include/e_os.h ../../include/err.h ../../include/evp.h
-v3_net.o: ../../include/idea.h ../../include/md2.h ../../include/md5.h
-v3_net.o: ../../include/mdc2.h ../../include/objects.h ../../include/pkcs7.h
-v3_net.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
-v3_net.o: ../../include/ripemd.h ../../include/rsa.h ../../include/safestack.h
-v3_net.o: ../../include/sha.h ../../include/stack.h ../cryptlib.h ../crypto.h
-v3_net.o: ../opensslv.h x509.h x509_vfy.h
-v3_x509.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
-v3_x509.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
-v3_x509.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
-v3_x509.o: ../../include/e_os.h ../../include/err.h ../../include/evp.h
-v3_x509.o: ../../include/idea.h ../../include/md2.h ../../include/md5.h
-v3_x509.o: ../../include/mdc2.h ../../include/objects.h ../../include/pkcs7.h
-v3_x509.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
-v3_x509.o: ../../include/ripemd.h ../../include/rsa.h ../../include/safestack.h
-v3_x509.o: ../../include/sha.h ../../include/stack.h ../cryptlib.h ../crypto.h
-v3_x509.o: ../opensslv.h x509.h x509_vfy.h
 x509_cmp.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
 x509_cmp.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
 x509_cmp.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
@@ -277,16 +255,6 @@ x509name.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
 x509name.o: ../../include/ripemd.h ../../include/rsa.h
 x509name.o: ../../include/safestack.h ../../include/sha.h ../../include/stack.h
 x509name.o: ../cryptlib.h ../crypto.h ../opensslv.h x509.h x509_vfy.h
-x509pack.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
-x509pack.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
-x509pack.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h
-x509pack.o: ../../include/e_os.h ../../include/err.h ../../include/evp.h
-x509pack.o: ../../include/idea.h ../../include/md2.h ../../include/md5.h
-x509pack.o: ../../include/mdc2.h ../../include/objects.h ../../include/pkcs7.h
-x509pack.o: ../../include/rc2.h ../../include/rc4.h ../../include/rc5.h
-x509pack.o: ../../include/ripemd.h ../../include/rsa.h
-x509pack.o: ../../include/safestack.h ../../include/sha.h ../../include/stack.h
-x509pack.o: ../cryptlib.h ../crypto.h ../opensslv.h x509.h x509_vfy.h
 x509rset.o: ../../include/asn1.h ../../include/bio.h ../../include/blowfish.h
 x509rset.o: ../../include/bn.h ../../include/buffer.h ../../include/cast.h
 x509rset.o: ../../include/des.h ../../include/dh.h ../../include/dsa.h

--- a/crypto/x509/v3_net.c
+++ b/crypto/x509/v3_net.c
-/* crypto/x509/v3_net.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "stack.h"
-#include "cryptlib.h"
-#include "asn1.h"
-#include "objects.h"
-#include "x509.h"
-
-#define NETSCAPE_X509_EXT_NUM	8
-
-static X509_EXTENSION_METHOD netscape_x509_ext[NETSCAPE_X509_EXT_NUM]={
-{NID_netscape_ca_policy_url,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_ssl_server_name,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_revocation_url,	V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_base_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_cert_type,V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
-{NID_netscape_ca_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_renewal_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-{NID_netscape_comment,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
-	};
-
-int X509v3_add_netscape_extensions()
-	{
-	int i;
-
-	for (i=0; i<NETSCAPE_X509_EXT_NUM; i++)
-		if (!X509v3_add_extension(&(netscape_x509_ext[i])))
-			return(0);
-	return(1);
-	}
--- a/crypto/x509/v3_x509.c
+++ b/crypto/x509/v3_x509.c
-/* crypto/x509/v3_x509.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include <ctype.h>
-#include "stack.h"
-#include "cryptlib.h"
-#include "bio.h"
-#include "asn1.h"
-#include "objects.h"
-#include "x509.h"
-
-#if 0
-static int i2a_key_usage(BIO *bp, X509 *x);
-static int a2i_key_usage(X509 *x, char *str, int len);
-#endif
-
-int X509v3_get_key_usage(X509 *x);
-int X509v3_set_key_usage(X509 *x,unsigned int use);
-int i2a_X509v3_key_usage(BIO *bp, unsigned int use);
-unsigned int a2i_X509v3_key_usage(char *p);
-
-#define STD_X509_EXT_NUM	9
-
-#if 0
-static X509_OBJECTS std_x509_ext[STD_X509_EXT_NUM]={
-{NID_subject_key_identifier,	NULL,NULL},
-{NID_key_usage,			a2i_key_usage,i2a_key_usage}, /**/
-{NID_private_key_usage_period,	NULL,NULL},
-{NID_subject_alt_name,		NULL,NULL},
-{NID_issuer_alt_name,		NULL,NULL},
-{NID_basic_constraints,		NULL,NULL},
-{NID_crl_number,		NULL,NULL},
-{NID_certificate_policies,	NULL,NULL},
-{NID_authority_key_identifier,  NULL,NULL},
-	};
-#endif
-
-int X509v3_add_standard_extensions()
-	{
-
-#if 0
-	for (i=0; i<STD_X509_EXT_NUM; i++)
-		if (!X509v3_add_extension(&(std_x509_ext[i])))
-			return(0);
-#endif
-	return(1);
-	}
-
-int X509v3_get_key_usage(x)
-X509 *x;
-	{
-	X509_EXTENSION *ext;
-	ASN1_STRING *st;
-	char *p;
-	int i;
-
-	i=X509_get_ext_by_NID(x,NID_key_usage,-1);
-	if (i < 0) return(X509v3_KU_UNDEF);
-	ext=X509_get_ext(x,i);
-	st=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,
-		X509_EXTENSION_get_data(X509_get_ext(x,i)));
-
-	p=(char *)ASN1_STRING_data(st);
-	if (ASN1_STRING_length(st) == 1)
-		i=p[0];
-	else if (ASN1_STRING_length(st) == 2)
-		i=p[0]|(p[1]<<8);
-	else
-		i=0;
-	return(i);
-	}
-
-static struct
-	{
-	char *name;
-	unsigned int value;
-	} key_usage_data[] ={
-	{"digitalSignature",	X509v3_KU_DIGITAL_SIGNATURE},
-	{"nonRepudiation",	X509v3_KU_NON_REPUDIATION},
-	{"keyEncipherment",	X509v3_KU_KEY_ENCIPHERMENT},
-	{"dataEncipherment",	X509v3_KU_DATA_ENCIPHERMENT},
-	{"keyAgreement",	X509v3_KU_KEY_AGREEMENT},
-	{"keyCertSign",		X509v3_KU_KEY_CERT_SIGN},
-	{"cRLSign",		X509v3_KU_CRL_SIGN},
-	{"encipherOnly",	X509v3_KU_ENCIPHER_ONLY},
-	{"decipherOnly",	X509v3_KU_DECIPHER_ONLY},
-	{NULL,0},
-	};
-
-#if 0
-static int a2i_key_usage(x,str,len)
-X509 *x;
-char *str;
-int len;
-	{
-	return(X509v3_set_key_usage(x,a2i_X509v3_key_usage(str)));
-	}
-
-static int i2a_key_usage(bp,x)
-BIO *bp;
-X509 *x;
-	{
-	return(i2a_X509v3_key_usage(bp,X509v3_get_key_usage(x)));
-	}
-#endif
-
-int i2a_X509v3_key_usage(bp,use)
-BIO *bp;
-unsigned int use;
-	{
-	int i=0,first=1;
-
-	for (;;)
-		{
-		if (use | key_usage_data[i].value)
-			{
-			BIO_printf(bp,"%s%s",((first)?"":" "),
-				key_usage_data[i].name);
-			first=0;
-			}
-		break;
-		}
-	return(1);
-	}
-
-unsigned int a2i_X509v3_key_usage(p)
-char *p;
-	{
-	unsigned int ret=0;
-	char *q,*s;
-	int i,n;
-
-	q=p;
-	for (;;)
-		{
-		while ((*q != '\0') && isalnum(*q))
-			q++;
-		if (*q == '\0') break;
-		s=q++;
-		while (isalnum(*q))
-			q++;
-		n=q-s;
-		i=0;
-		for (;;)
-			{
-			if (strncmp(key_usage_data[i].name,s,n) == 0)
-				{
-				ret|=key_usage_data[i].value;
-				break;
-				}
-			i++;
-			if (key_usage_data[i].name == NULL)
-				return(X509v3_KU_UNDEF);
-			}
-		}
-	return(ret);
-	}
-
-int X509v3_set_key_usage(x,use)
-X509 *x;
-unsigned int use;
-	{
-	ASN1_OCTET_STRING *os;
-	X509_EXTENSION *ext;
-	int i;
-	unsigned char data[4];
-
-	i=X509_get_ext_by_NID(x,NID_key_usage,-1);
-	if (i < 0)
-		{
-		i=X509_get_ext_count(x)+1;
-		if ((ext=X509_EXTENSION_new()) == NULL) return(0);
-		if (!X509_add_ext(x,ext,i))
-			{
-			X509_EXTENSION_free(ext);
-			return(0);
-			}
-		}
-	else
-		ext=X509_get_ext(x,i);
-
-	/* fill in 'ext' */
-	os=X509_EXTENSION_get_data(ext);
-
-	i=0;
-	if (use > 0)
-		{
-		i=1;
-		data[0]=use&0xff;
-		}
-	if (use > 0xff)
-		{
-		i=2;
-		data[1]=(use>>8)&0xff;
-		}
-	return((X509v3_pack_string(&os,V_ASN1_BIT_STRING,data,i) == NULL)?0:1);
-	}
-
--- a/crypto/x509/x509.err
+++ b/crypto/x509/x509.err
@@ -6,9 +6,6 @@
 #define X509_F_DIR_CTRL					 102
 #define X509_F_GET_CERT_BY_SUBJECT			 103
 #define X509_F_X509V3_ADD_EXT				 104
-#define X509_F_X509V3_ADD_EXTENSION			 105
-#define X509_F_X509V3_PACK_STRING			 106
-#define X509_F_X509V3_UNPACK_STRING			 107
 #define X509_F_X509_CHECK_PRIVATE_KEY			 128
 #define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
@@ -47,6 +44,5 @@
 #define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
 #define X509_R_UNKNOWN_KEY_TYPE				 117
 #define X509_R_UNKNOWN_NID				 109
-#define X509_R_UNKNOWN_STRING_TYPE			 110
 #define X509_R_UNSUPPORTED_ALGORITHM			 111
 #define X509_R_WRONG_LOOKUP_TYPE			 112
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -171,24 +171,6 @@ typedef struct X509_extension_st
 	void (*ex_free)();		/* clear argp stuff */
 	} X509_EXTENSION;

-/* #if 1 */
-typedef struct x509_extension_method_st
-	{
-	int nid;
-	int data_type;
-	int pack_type;
-	void (*ex_clear)();
-	int (*ex_get_bool)();
-	int (*ex_set_bool)();
-	int (*ex_get_str)();
-	int (*ex_set_str)();
-	char *(*ex_get_struct)();
-	int (*ex_set_struct)();
-	int (*a2i)();
-	int (*i2a)();
-	} X509_EXTENSION_METHOD;
-/* #endif */
-
 typedef struct X509_req_info_st
 	{
 	ASN1_INTEGER *version;
@@ -828,11 +810,6 @@ X509_EXTENSION *X509v3_get_ext(STACK *x, int loc);
 X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc);
 STACK *		X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc);

-int		X509v3_data_type_by_OBJ(ASN1_OBJECT *obj);
-int		X509v3_data_type_by_NID(int nid);
-int		X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj);
-int		X509v3_pack_type_by_NID(int nid);
-
 int		X509_get_ext_count(X509 *x);
 int		X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
 int		X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos);
@@ -1168,11 +1145,6 @@ X509_EXTENSION *X509v3_get_ext();
 X509_EXTENSION *X509v3_delete_ext();
 STACK *		X509v3_add_ext();

-int		X509v3_data_type_by_OBJ();
-int		X509v3_data_type_by_NID();
-int		X509v3_pack_type_by_OBJ();
-int		X509v3_pack_type_by_NID();
-
 int		X509_get_ext_count();
 int		X509_get_ext_by_NID();
 int		X509_get_ext_by_OBJ();
@@ -1255,9 +1227,6 @@ void EVP_PBE_cleanup();
 #define X509_F_DIR_CTRL					 102
 #define X509_F_GET_CERT_BY_SUBJECT			 103
 #define X509_F_X509V3_ADD_EXT				 104
-#define X509_F_X509V3_ADD_EXTENSION			 105
-#define X509_F_X509V3_PACK_STRING			 106
-#define X509_F_X509V3_UNPACK_STRING			 107
 #define X509_F_X509_CHECK_PRIVATE_KEY			 128
 #define X509_F_X509_EXTENSION_CREATE_BY_NID		 108
 #define X509_F_X509_EXTENSION_CREATE_BY_OBJ		 109
@@ -1296,7 +1265,6 @@ void EVP_PBE_cleanup();
 #define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY		 108
 #define X509_R_UNKNOWN_KEY_TYPE				 117
 #define X509_R_UNKNOWN_NID				 109
-#define X509_R_UNKNOWN_STRING_TYPE			 110
 #define X509_R_UNSUPPORTED_ALGORITHM			 111
 #define X509_R_WRONG_LOOKUP_TYPE			 112
 

--- a/crypto/x509/x509_err.c
+++ b/crypto/x509/x509_err.c
@@ -68,9 +68,6 @@ static ERR_STRING_DATA X509_str_functs[]=
 {ERR_PACK(0,X509_F_DIR_CTRL,0),	"DIR_CTRL"},
 {ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0),	"GET_CERT_BY_SUBJECT"},
 {ERR_PACK(0,X509_F_X509V3_ADD_EXT,0),	"X509v3_add_ext"},
-{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0),	"X509V3_ADD_EXTENSION"},
-{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0),	"X509v3_pack_string"},
-{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0),	"X509v3_unpack_string"},
 {ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0),	"X509_check_private_key"},
 {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0),	"X509_EXTENSION_create_by_NID"},
 {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0),	"X509_EXTENSION_create_by_OBJ"},
@@ -112,7 +109,6 @@ static ERR_STRING_DATA X509_str_reasons[]=
 {X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY   ,"unable to get certs public key"},
 {X509_R_UNKNOWN_KEY_TYPE                 ,"unknown key type"},
 {X509_R_UNKNOWN_NID                      ,"unknown nid"},
-{X509_R_UNKNOWN_STRING_TYPE              ,"unknown string type"},
 {X509_R_UNSUPPORTED_ALGORITHM            ,"unsupported algorithm"},
 {X509_R_WRONG_LOOKUP_TYPE                ,"wrong lookup type"},
 {0,NULL},

--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -64,16 +64,6 @@
 #include "evp.h"
 #include "x509.h"

-#ifndef NOPROTO
-static X509_EXTENSION_METHOD *find_by_nid(int nid);
-static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b);
-#else
-static X509_EXTENSION_METHOD *find_by_nid();
-static int xem_cmp();
-#endif
-
-static STACK *extensions=NULL;
-
 int X509v3_get_ext_count(x)
 STACK *x;
 	{
@@ -302,108 +292,3 @@ X509_EXTENSION *ex;
 	if (ex == NULL) return(0);
 	return(ex->critical);
 	}
-
-int X509v3_data_type_by_OBJ(obj)
-ASN1_OBJECT *obj;
-	{
-	int nid;
-
-	nid=OBJ_obj2nid(obj);
-	if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF);
-	return(X509v3_data_type_by_NID(nid));
-	}
-
-int X509v3_data_type_by_NID(nid)
-int nid;
-	{
-	X509_EXTENSION_METHOD *x;
-
-	x=find_by_nid(nid);
-	if (x == NULL)
-		return(V_ASN1_UNDEF);
-	else
-		return(x->data_type);
-	}
-
-int X509v3_pack_type_by_OBJ(obj)
-ASN1_OBJECT *obj;
-	{
-	int nid;
-
-	nid=OBJ_obj2nid(obj);
-	if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN);
-	return(X509v3_pack_type_by_NID(nid));
-	}
-
-int X509v3_pack_type_by_NID(nid)
-int nid;
-	{
-	X509_EXTENSION_METHOD *x;
-
-	x=find_by_nid(nid);
-	if (x == NULL)
-		return(X509_EXT_PACK_UNKNOWN);
-	else
-		return(x->pack_type);
-	}
-
-static X509_EXTENSION_METHOD *find_by_nid(nid)
-int nid;
-	{
-	X509_EXTENSION_METHOD x;
-	int i;
-
-	x.nid=nid;
-	if (extensions == NULL) return(NULL);
-	i=sk_find(extensions,(char *)&x);
-	if (i < 0)
-		return(NULL);
-	else
-		return((X509_EXTENSION_METHOD *)sk_value(extensions,i));
-	}
-
-static int xem_cmp(a,b)
-X509_EXTENSION_METHOD **a,**b;
-	{
-	return((*a)->nid-(*b)->nid);
-	}
-
-void X509v3_cleanup_extensions()
-	{
-	int i;
-
-	if (extensions != NULL)
-		{
-		for (i=0; i<sk_num(extensions); i++)
-			Free(sk_value(extensions,i));
-		sk_free(extensions);
-		extensions=NULL;
-		}
-	}
-
-int X509v3_add_extension(x)
-X509_EXTENSION_METHOD *x;
-	{
-	X509_EXTENSION_METHOD *newx;
-
-	if (extensions == NULL)
-		{
-		extensions=sk_new(xem_cmp);
-		if (extensions == NULL) goto err;
-		}
-	newx=(X509_EXTENSION_METHOD *)Malloc(sizeof(X509_EXTENSION_METHOD));
-	if (newx == NULL) goto err;
-	newx->nid=x->nid;
-	newx->data_type=x->data_type;
-	newx->pack_type=x->pack_type;
-	if (!sk_push(extensions,(char *)newx))
-		{
-		Free(newx);
-		goto err;
-		}
-	return(1);
-err:
-	X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE);
-	return(0);
-	}
-
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -283,10 +283,6 @@ int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type);
 int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type);
 #endif

-void X509v3_cleanup_extensions(void );
-int X509v3_add_extension(X509_EXTENSION_METHOD *x);
-int X509v3_add_netscape_extensions(void );
-int X509v3_add_standard_extensions(void );

 X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
 void X509_LOOKUP_free(X509_LOOKUP *ctx);
@@ -349,11 +345,6 @@ int X509_load_cert_file();
 int X509_load_crl_file();
 #endif

-void X509v3_cleanup_extensions();
-int X509v3_add_extension();
-int X509v3_add_netscape_extensions();
-int X509v3_add_standard_extensions();
-
 X509_LOOKUP *X509_LOOKUP_new();
 void X509_LOOKUP_free();
 int X509_LOOKUP_init();

--- a/crypto/x509/x509pack.c
+++ b/crypto/x509/x509pack.c
-/* crypto/x509/x509pack.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- * 
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- * 
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- * 
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from 
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- * 
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * 
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "stack.h"
-#include "cryptlib.h"
-#include "asn1.h"
-#include "objects.h"
-#include "evp.h"
-#include "x509.h"
-
-ASN1_OCTET_STRING *X509v3_pack_string(ex,type,bytes,len)
-ASN1_OCTET_STRING **ex;
-int type;
-unsigned char *bytes;
-int len;
-	{
-	ASN1_OCTET_STRING *os;
-	ASN1_STRING str;
-	unsigned char *p;
-	int i;
-
-	if ((ex == NULL) || (*ex == NULL))
-		os=ASN1_OCTET_STRING_new();
-	else
-		os= *ex;
-
-	if (len < 0) len=strlen((char *)bytes);
-	str.length=len;
-	str.type=type;
-	str.data=bytes;
-
-	/* str now holds the data, we just have to copy it into ->value */
-
-	switch (type)
-		{
-	case V_ASN1_BIT_STRING:
-		i=i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,NULL);
-		if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
-			goto err;
-		p=(unsigned char *)os->data;
-		i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,&p);
-		break;
-	case V_ASN1_OCTET_STRING:
-		i=i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,NULL);
-		if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
-			goto err;
-		p=(unsigned char *)os->data;
-		i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,&p);
-		break;
-	case V_ASN1_IA5STRING:
-	case V_ASN1_PRINTABLESTRING:
-	case V_ASN1_T61STRING:
-		i=i2d_ASN1_bytes(&str,NULL,type,V_ASN1_UNIVERSAL);
-		if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
-			goto err;
-		p=(unsigned char *)os->data;
-		i=i2d_ASN1_bytes(&str,&p,type,V_ASN1_UNIVERSAL);
-		break;
-	default:
-		X509err(X509_F_X509V3_PACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
-		goto err;
-		}
-	os->length=i;
-
-	if ((ex != NULL) && (os != *ex))
-		*ex=os;
-	return(os);
-err:
-	return(NULL);
-	}
-
-ASN1_STRING *X509v3_unpack_string(ex,type,os)
-ASN1_STRING **ex;
-int type;
-ASN1_OCTET_STRING *os;
-	{
-	unsigned char *p;
-	ASN1_STRING *ret=NULL;
-
-	p=os->data;
-	switch (type)
-		{
-	case V_ASN1_BIT_STRING:
-		ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
-			(ASN1_BIT_STRING **)ex,&p,os->length);
-		break;
-	case V_ASN1_OCTET_STRING:
-		ret=(ASN1_STRING *)d2i_ASN1_OCTET_STRING(
-			(ASN1_BIT_STRING **)ex,&p,os->length);
-		break;
-	case V_ASN1_IA5STRING:
-	case V_ASN1_PRINTABLESTRING:
-	case V_ASN1_T61STRING:
-		ret=(ASN1_STRING *)d2i_ASN1_PRINTABLE(ex,&p,os->length);
-		break;
-	default:
-		X509err(X509_F_X509V3_UNPACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
-		}
-	return(ret);
-	}
-
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -127,7 +127,7 @@ typedef struct v3_ext_ctx X509V3_CTX;
 #define X509V3_EXT_CTX_DEP	0x2
 #define X509V3_EXT_MULTILINE	0x4

-typedef struct {
+typedef struct BIT_STRING_BITNAME_st {
 int bitnum;
 char *lname;
 char *sname;
@@ -135,23 +135,23 @@ char *sname;

 typedef BIT_STRING_BITNAME ENUMERATED_NAMES;

-typedef struct {
+typedef struct BASIC_CONSTRAINTS_st {
 int ca;
 ASN1_INTEGER *pathlen;
 } BASIC_CONSTRAINTS;

-typedef struct {
+typedef struct AUTHORITY_KEYID_st {
 ASN1_OCTET_STRING *keyid;
 STACK *issuer;
 ASN1_INTEGER *serial;
 } AUTHORITY_KEYID;

-typedef struct {
+typedef struct PKEY_USAGE_PERIOD_st {
 ASN1_GENERALIZEDTIME *notBefore;
 ASN1_GENERALIZEDTIME *notAfter;
 } PKEY_USAGE_PERIOD;

-typedef struct {
+typedef struct GENERAL_NAME_st {

 #define GEN_OTHERNAME	(0|V_ASN1_CONTEXT_SPECIFIC)
 #define GEN_EMAIL	(1|V_ASN1_CONTEXT_SPECIFIC)
@@ -176,12 +176,12 @@ union {

 /* Strong extranet structures */

-typedef struct {
+typedef struct SXNET_st {
 	ASN1_INTEGER *version;
 	STACK /* SXNETID */ *ids;
 } SXNET;

-typedef struct {
+typedef struct SXNET_ID_st {
 	ASN1_INTEGER *zone;
 	ASN1_OCTET_STRING *user;
 } SXNETID;