Make X509_REQ and X509_REQ_INFO opaque. We can unexport the X509_REQ_INFO type entirely. (NB: OpenSSL hasn't done this, but has unexported so much of X509_REQ_INFO that it is impossible to use what remains anyway.) Update-Note: Callers that reach into X509_REQ and X509_REQ_INFO must use accessors instead. Change-Id: I1eea5207b9195c8051d5e467acd63ad5f0caf89d Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47564 Reviewed-by: Adam Langley <agl@google.com>

commit: aaecb82c6b805849a12c43f097959b265c0d977b [log] [tgz]
author: David Benjamin <davidben@google.com> Fri May 14 12:15:18 2021 -0400
committer: Adam Langley <agl@google.com> Tue May 18 16:30:41 2021 +0000
tree: a07020b6423e07014075724c42190fe0c402e68a
parent: ddecaabdc8c950d1417ed69785ac17c3400bae4c [diff] [blame]
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
index a29e038..65347f9 100644
--- a/crypto/x509/x_all.c
+++ b/crypto/x509/x_all.c

@@ -66,6 +66,9 @@
 #include <openssl/rsa.h>
 #include <openssl/stack.h>
 
+#include "internal.h"
+
+
 int X509_verify(X509 *x509, EVP_PKEY *pkey)
 {
     if (X509_ALGOR_cmp(x509->sig_alg, x509->cert_info->signature)) {
commit	aaecb82c6b805849a12c43f097959b265c0d977b	[log] [tgz]
author	David Benjamin <davidben@google.com>	Fri May 14 12:15:18 2021 -0400
committer	Adam Langley <agl@google.com>	Tue May 18 16:30:41 2021 +0000
tree	a07020b6423e07014075724c42190fe0c402e68a
parent	ddecaabdc8c950d1417ed69785ac17c3400bae4c [diff] [blame]