1 files changed, 5 insertions, 5 deletions

diff --git a/crypto/openssh/krl.h b/crypto/openssh/krl.h
index ca6d3f2843fd..eb244767b107 100644
--- a/crypto/openssh/krl.h
+++ b/crypto/openssh/krl.h
@@ -14,7 +14,7 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-/* $OpenBSD: krl.h,v 1.8 2020/04/03 02:26:56 djm Exp $ */
+/* $OpenBSD: krl.h,v 1.10 2023/07/17 04:01:10 djm Exp $ */
 
 #ifndef _KRL_H
 #define _KRL_H
@@ -30,12 +30,14 @@
 #define KRL_SECTION_FINGERPRINT_SHA1	3
 #define KRL_SECTION_SIGNATURE		4
 #define KRL_SECTION_FINGERPRINT_SHA256	5
+#define KRL_SECTION_EXTENSION		255
 
 /* KRL_SECTION_CERTIFICATES subsection types */
 #define KRL_SECTION_CERT_SERIAL_LIST	0x20
 #define KRL_SECTION_CERT_SERIAL_RANGE	0x21
 #define KRL_SECTION_CERT_SERIAL_BITMAP	0x22
 #define KRL_SECTION_CERT_KEY_ID		0x23
+#define KRL_SECTION_CERT_EXTENSION	0x39
 
 struct sshkey;
 struct sshbuf;
@@ -55,10 +57,8 @@ int ssh_krl_revoke_key_explicit(struct ssh_krl *krl, const struct sshkey *key);
 int ssh_krl_revoke_key_sha1(struct ssh_krl *krl, const u_char *p, size_t len);
 int ssh_krl_revoke_key_sha256(struct ssh_krl *krl, const u_char *p, size_t len);
 int ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key);
-int ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf,
-    struct sshkey **sign_keys, u_int nsign_keys);
-int ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp,
-    const struct sshkey **sign_ca_keys, size_t nsign_ca_keys);
+int ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf);
+int ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp);
 int ssh_krl_check_key(struct ssh_krl *krl, const struct sshkey *key);
 int ssh_krl_file_contains_key(const char *path, const struct sshkey *key);
 int krl_dump(struct ssh_krl *krl, FILE *f);