Deprecate OCSP_xxx API for OSSL_HTTP_xxx

Deprecations made: OCSP_REQ_CTX typedef->OSSL_HTTP_REQ_CTX OCSP_REQ_CTX_new->OSSL_HTTP_REQ_CTX_new OCSP_REQ_CTX_free->OSSL_HTTP_REQ_CTX_free OCSP_REQ_CTX_http-> OSSL_HTTP_REQ_CTX_header OCSP_REQ_CTX_add1_header->OSSL_HTTP_REQ_CTX_add1_header OCSP_REQ_CTX_i2d->OSSL_HTTP_REQ_CTX_i2d OCSP_REQ_CTX_get0_mem_bio->OSSL_HTTP_REQ_CTX_get0_mem_bio OCSP_set_max_response_length->OSSL_HTTP_REQ_CTX_set_max_response_length OCSP_REQ_CTX_nbio_d2i->OSSL_HTTP_REQ_CTX_sendreq_d2i OCSP_REQ_CTX_nbio->OSSL_HTTP_REQ_CTX_nbio Made some editorial changes to man3/OCSP_sendreq.pod; move the NOTES text inline. Some of the original functions had no documentation: OCSP_REQ_CTX_new, OCSP_REQ_CTX_http, OCSP_REQ_CTX_get0_mem_bio, OCSP_REQ_CTX_nbio_d2i, and OCSP_REQ_CTX_nbio. Their new counterparts are now documented in doc/man3/OSSL_HTTP_REQ_CTX.pod Fixes #12234 Co-authored-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13742)
author: Rich Salz <rsalz@akamai.com> 2020-12-26 10:21:41 -0500
committer: Richard Levitte <levitte@openssl.org> 2021-01-19 11:13:15 +0100
commit: 83b6dc8dc739ce7ca82652461bea92c31e634a57 (patch)
tree: e2bf6b2f26ffbd21f17b5638dc4d3eaf20cb8b49 /include
parent: fee0af0863dff8d13b09cd59af0afbd7e4ae2d57 (diff)
3 files changed, 48 insertions, 30 deletions
diff --git a/include/openssl/http.h b/include/openssl/http.h
index 2c9ce9d86e..0bd32e514e 100644
--- a/include/openssl/http.h
+++ b/include/openssl/http.h
@@ -35,6 +35,27 @@ typedef BIO *(*OSSL_HTTP_bio_cb_t)(BIO *bio, void *arg, int connect, int detail)
 # define OPENSSL_HTTP_PROXY "HTTP_PROXY"
 # define OPENSSL_HTTPS_PROXY "HTTPS_PROXY"
 
+OSSL_HTTP_REQ_CTX *OSSL_HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio,
+                                         int method_GET, int maxline,
+                                         unsigned long max_resp_len,
+                                         int timeout,
+                                         const char *expected_content_type,
+                                         int expect_asn1);
+void OSSL_HTTP_REQ_CTX_free(OSSL_HTTP_REQ_CTX *rctx);
+int OSSL_HTTP_REQ_CTX_header(OSSL_HTTP_REQ_CTX *rctx,
+                             const char *server,
+                             const char *port, const char *path);
+int OSSL_HTTP_REQ_CTX_add1_header(OSSL_HTTP_REQ_CTX *rctx,
+                                  const char *name, const char *value);
+int OSSL_HTTP_REQ_CTX_i2d(OSSL_HTTP_REQ_CTX *rctx, const char *content_type,
+                          const ASN1_ITEM *it, ASN1_VALUE *req);
+int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx);
+ASN1_VALUE *OSSL_HTTP_REQ_CTX_sendreq_d2i(OSSL_HTTP_REQ_CTX *rctx,
+                                          const ASN1_ITEM *it);
+BIO *OSSL_HTTP_REQ_CTX_get0_mem_bio(OSSL_HTTP_REQ_CTX *rctx);
+void OSSL_HTTP_REQ_CTX_set_max_response_length(OSSL_HTTP_REQ_CTX *rctx,
+                                               unsigned long len);
+
 BIO *OSSL_HTTP_get(const char *url, const char *proxy, const char *no_proxy,
                    BIO *bio, BIO *rbio,
                    OSSL_HTTP_bio_cb_t bio_update_fn, void *arg,
diff --git a/include/openssl/ocsp.h.in b/include/openssl/ocsp.h.in
index 8422ecf451..c3a0b0e267 100644
--- a/include/openssl/ocsp.h.in
+++ b/include/openssl/ocsp.h.in
@@ -23,7 +23,8 @@ use OpenSSL::stackhash qw(generate_stack_macros);
 # endif
 
 # include <openssl/opensslconf.h>
-# include <openssl/http.h> /* for OSSL_HTTP_parse_url */
+# include <openssl/http.h>
+# include <openssl/asn1.h>
 
 /*
  * These definitions are outside the OPENSSL_NO_OCSP guard because although for
@@ -56,30 +57,6 @@ use OpenSSL::stackhash qw(generate_stack_macros);
 # define OCSP_REVOKED_STATUS_PRIVILEGEWITHDRAWN      9
 # define OCSP_REVOKED_STATUS_AACOMPROMISE            10
 
-/*
- * These definitions are outside the OPENSSL_NO_OCSP guard because although for
- * historical reasons they have OCSP_* names, they are used for the HTTP client.
- */
-# include <openssl/asn1.h>
-/* The following functions are used only internally */
-OCSP_REQ_CTX *OCSP_REQ_CTX_new(BIO *wbio, BIO *rbio,
-                               int method_GET, int maxline,
-                               unsigned long max_resp_len, int timeout,
-                               const char *expected_content_type,
-                               int expect_asn1);
-void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx);
-int OCSP_REQ_CTX_http(OCSP_REQ_CTX *rctx,
-                      const char *server, const char *port, const char *path);
-int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx,
-                             const char *name, const char *value);
-int OCSP_REQ_CTX_i2d(OCSP_REQ_CTX *rctx, const char *content_type,
-                     const ASN1_ITEM *it, ASN1_VALUE *req);
-int OCSP_REQ_CTX_nbio(OCSP_REQ_CTX *rctx);
-ASN1_VALUE *OCSP_REQ_CTX_nbio_d2i(OCSP_REQ_CTX *rctx, const ASN1_ITEM *it);
-BIO *OCSP_REQ_CTX_get0_mem_bio(OCSP_REQ_CTX *rctx);
-void OCSP_set_max_response_length(OCSP_REQ_CTX *rctx, unsigned long len);
-/* End of functions used only internally */
-
 
 # ifndef OPENSSL_NO_OCSP
 
@@ -194,13 +171,33 @@ typedef struct ocsp_service_locator_st OCSP_SERVICELOC;
 DECLARE_ASN1_DUP_FUNCTION(OCSP_CERTID)
 
 OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b, const char *path, OCSP_REQUEST *req);
-OCSP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, OCSP_REQUEST *req,
-                               int maxline);
-int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OCSP_REQ_CTX *rctx);
+OSSL_HTTP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path,
+                                    OCSP_REQUEST *req, int maxline);
+int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx);
 
 #  ifndef OPENSSL_NO_DEPRECATED_3_0
+typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX;
 OSSL_DEPRECATEDIN_3_0
-int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, const OCSP_REQUEST *req);
+int OCSP_REQ_CTX_set1_req(OSSL_HTTP_REQ_CTX *rctx, const OCSP_REQUEST *req);
+
+#   define OCSP_REQ_CTX_new(wb, rb, m, ml, mrl, t, ect, ea) \
+        OSSL_HTTP_REQ_CTX_new(wb, rb, m, ml, mrl, t, ect, ea)
+#   define OCSP_REQ_CTX_free(r) \
+        OSSL_HTTP_REQ_CTX_free(r)
+#   define OCSP_REQ_CTX_http(r, s, po, pa) \
+        OSSL_HTTP_REQ_CTX_header(r, s, po, pa)
+#   define OCSP_REQ_CTX_add1_header(r, n, v) \
+        OSSL_HTTP_REQ_CTX_add1_header(r, n, v)
+#   define OCSP_REQ_CTX_i2d(r, c, i, req) \
+        OSSL_HTTP_REQ_CTX_i2d(r, c, i, req)
+#   define OCSP_REQ_CTX_nbio(r) \
+        OSSL_HTTP_REQ_CTX_nbio(r)
+#   define OCSP_REQ_CTX_nbio_d2i(r, i) \
+        OSSL_HTTP_REQ_CTX_sendreq_d2i(r, i)
+#   define OCSP_REQ_CTX_get0_mem_bio(r) \
+        OSSL_HTTP_REQ_CTX_get0_mem_bio(r)
+#   define OCSP_set_max_response_length(r, l) \
+        OSSL_HTTP_REQ_CTX_set_max_response_length(r, l)
 #  endif
 
 OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject,
diff --git a/include/openssl/types.h b/include/openssl/types.h
index d44eb03a7c..cf11b8549d 100644
--- a/include/openssl/types.h
+++ b/include/openssl/types.h
@@ -196,7 +196,7 @@ typedef struct NAME_CONSTRAINTS_st NAME_CONSTRAINTS;
 
 typedef struct crypto_ex_data_st CRYPTO_EX_DATA;
 
-typedef struct ossl_http_req_ctx_st OCSP_REQ_CTX; /* backward compatibility */
+typedef struct ossl_http_req_ctx_st OSSL_HTTP_REQ_CTX;
 typedef struct ocsp_response_st OCSP_RESPONSE;
 typedef struct ocsp_responder_id_st OCSP_RESPID;
author	Rich Salz <rsalz@akamai.com>	2020-12-26 10:21:41 -0500
committer	Richard Levitte <levitte@openssl.org>	2021-01-19 11:13:15 +0100
commit	83b6dc8dc739ce7ca82652461bea92c31e634a57 (patch)
tree	e2bf6b2f26ffbd21f17b5638dc4d3eaf20cb8b49 /include
parent	fee0af0863dff8d13b09cd59af0afbd7e4ae2d57 (diff)