Remove NEW_TOKEN public api

@sashan and I were discussing the usefulness of the public facing api
for NEW_TOKEN support, and he has concerns over its usefulness and our
being stuck with it if we need to make changes later.  Given that it is
a convience api for using multiple CTX-es to share a cache, its fine if
we remove it for now, as that seems like a less common use case.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26517)

doc/build.info

@@ -2259,10 +2259,6 @@ DEPEND[html/man3/SSL_CTX_get0_param.html]=man3/SSL_CTX_get0_param.pod
 GENERATE[html/man3/SSL_CTX_get0_param.html]=man3/SSL_CTX_get0_param.pod
 DEPEND[man/man3/SSL_CTX_get0_param.3]=man3/SSL_CTX_get0_param.pod
 GENERATE[man/man3/SSL_CTX_get0_param.3]=man3/SSL_CTX_get0_param.pod
-DEPEND[html/man3/SSL_CTX_get0_token_store.html]=man3/SSL_CTX_get0_token_store.pod
-GENERATE[html/man3/SSL_CTX_get0_token_store.html]=man3/SSL_CTX_get0_token_store.pod
-DEPEND[man/man3/SSL_CTX_get0_token_store.3]=man3/SSL_CTX_get0_token_store.pod
-GENERATE[man/man3/SSL_CTX_get0_token_store.3]=man3/SSL_CTX_get0_token_store.pod
 DEPEND[html/man3/SSL_CTX_get_verify_mode.html]=man3/SSL_CTX_get_verify_mode.pod
 GENERATE[html/man3/SSL_CTX_get_verify_mode.html]=man3/SSL_CTX_get_verify_mode.pod
 DEPEND[man/man3/SSL_CTX_get_verify_mode.3]=man3/SSL_CTX_get_verify_mode.pod
@@ -3614,7 +3610,6 @@ html/man3/SSL_CTX_dane_enable.html \
 html/man3/SSL_CTX_flush_sessions.html \
 html/man3/SSL_CTX_free.html \
 html/man3/SSL_CTX_get0_param.html \
-html/man3/SSL_CTX_get0_token_store.html \
 html/man3/SSL_CTX_get_verify_mode.html \
 html/man3/SSL_CTX_has_client_custom_ext.html \
 html/man3/SSL_CTX_load_verify_locations.html \
@@ -4287,7 +4282,6 @@ man/man3/SSL_CTX_dane_enable.3 \
 man/man3/SSL_CTX_flush_sessions.3 \
 man/man3/SSL_CTX_free.3 \
 man/man3/SSL_CTX_get0_param.3 \
-man/man3/SSL_CTX_get0_token_store.3 \
 man/man3/SSL_CTX_get_verify_mode.3 \
 man/man3/SSL_CTX_has_client_custom_ext.3 \
 man/man3/SSL_CTX_load_verify_locations.3 \

doc/man3/SSL_CTX_get0_token_store.pod

@@ -1,103 +0,0 @@
-=pod
-
-=head1 NAME
-
-SSL_CTX_get0_token_store, SSL_CTX_set1_token_store
-- QUIC NEW_TOKEN store manipulation 
-
-=head1 SYNOPSIS
-
- SSL_TOKEN_STORE *SSL_CTX_get0_token_store(SSL_CTX *ctx);
- int SSL_CTX_set1_token_store(SSL_CTX *ctx, SSL_TOKEN_STORE *hdl);
-
-=head1 DESCRIPTION
-The QUIC protocol supports the exchange of opaque tokens which a client can use
-to reduce the time for a server to validate a client address.  These tokens are
-stored on receipt from a server, and automatically reused in the establishment
-of a new future connection to the same server.  A token store is automatically
-created on the creation of an B<SSL_CTX> and freed on its release.  The
-functions above can be used to fetch and set the token store between independent
-B<SSL_CTX> objects to share those tokens between B<SSL> connections allocated from
-disparate B<SSL_CTX> objects.
-
-SSL_CTX_get0_token_store() returns an opaque handle to the token store for use
-in a subsequent call to SSL_CTX_set1_token_store() on another B<SSL_CTX> object.
-
-SSL_CTX_set1_token_store() assigns a token store fetched fom SSL_CTX_get0_token_store
-to a second B<SSL_CTX> object.
-
-=head1 NOTES
-
-Token stores are internally reference counted.  Note that a call to SSL_CTX_get0_token_store
-does not increment the internal reference count.  As such, no freeing of the object
-is needed.
-
-When SSL_CTX_set1_token_store() is called, the passed store has its reference count
-incremented.  It will be decremented when that B<SSL_CTX> is freed via a call to
-SSL_CTX_free().
-
-These functions are only applicable to QUIC B<SSL_CTX> objects.  Using them on
-non-QUIC objects will result in error returns.
-
-=head1 RETURN VALUES
-
-SSL_CTX_get0_token_store() returns an opaque handle to a token store, or NULL in
-the event that an error occured, or if the B<SSL_CTX> object has no store.
-
-SSL_CTX_set1_token_store returns 1 on success or 0 on error.
-
-=head1 EXAMPLES
-
-The following code snippet shows how to share a token store between separate 
-B<SSL_CTX> objects
-
-    SSL_CTX *ctx1, *ctx2;
-    SSL_TOKEN_CACHE *tc;
-
-    /*
-     * token stores are generally only used for quic client contexts
-     */
-    ctx1 = SSL_CTX_new(libctx, NULL, OSSL_QUIC_client_method());
-    ctx2 = SSL_CTX_new(libctx, NULL, OSSL_QUIC_client_method());
-
-    if (ctx1 == NULL || ctx2 == NULL)
-        goto err;
-    /*
-     * Fetch the token store for ctx1
-     * Note: no reference is taken on the store
-     */
-    tc = SSL_CTX_get0_token_store(ctx1);
-    if (tc == NULL)
-        goto err;
-
-    /*
-     * Assign the token store from ctx1 to ctx2
-     * ctx2 take a reference on the passed store
-     * and begins using it
-     * At this point any NEW_TOKEN frames received
-     * by SSL objects allocated from either CTX are
-     * visible and usable by SSL objects allocated
-     * from the other CTX
-     */
-    if (!SSL_CTX_set1_token_store(ctx2, tc))
-        goto err;
-
-
-=head1 SEE ALSO
-
-L<ssl(7)>
-
-=head1 HISTORY
-
-The NEW_TOKEN store manipulation functions were added in OpenSSL 3.5.0.
-
-=head1 COPYRIGHT
-
-Copyright 2025 The OpenSSL Project Authors. All Rights Reserved.
-
-Licensed under the Apache License 2.0 (the "License").  You may not use
-this file except in compliance with the License.  You can obtain a copy
-in the file LICENSE in the source distribution or at
-L<https://www.openssl.org/source/license.html>.
-
-=cut

include/openssl/ssl.h.in

@@ -2295,6 +2295,7 @@ int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets);
 size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx);
 
 /* QUIC support */
+typedef struct ssl_token_store_st SSL_TOKEN_STORE;
 int SSL_handle_events(SSL *s);
 __owur int SSL_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite);
 __owur int SSL_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc);
@@ -2307,10 +2308,6 @@ __owur int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr);
 __owur SSL *SSL_get0_connection(SSL *s);
 __owur int SSL_is_connection(SSL *s);
 
-typedef struct ssl_token_store_st SSL_TOKEN_STORE;
-__owur SSL_TOKEN_STORE *SSL_CTX_get0_token_store(SSL_CTX *ctx);
-__owur int SSL_CTX_set1_token_store(SSL_CTX *ctx, SSL_TOKEN_STORE *hdl);
-
 __owur int SSL_is_listener(SSL *ssl);
 __owur SSL *SSL_get0_listener(SSL *s);
 #define SSL_LISTENER_FLAG_NO_ACCEPT     (1UL << 0)

ssl/quic/quic_impl.c

@@ -4720,26 +4720,6 @@ void ossl_quic_free_token_store(SSL_TOKEN_STORE *hdl)
     return;
 }
 
-SSL_TOKEN_STORE *ossl_quic_get0_token_store(SSL_CTX *ctx)
-{
-    return ctx->tokencache;
-}
-
-int ossl_quic_set1_token_store(SSL_CTX *ctx, SSL_TOKEN_STORE *hdl)
-{
-    SSL_TOKEN_STORE *new = hdl;
-    SSL_TOKEN_STORE *old = ctx->tokencache;
-    int ref;
-
-    if (!CRYPTO_UP_REF(&new->references, &ref))
-        return 0;
-
-    ctx->tokencache = new;
-
-    ossl_quic_free_token_store(old);
-    return 1;
-}
-
 /**
  * @brief build a new QUIC_TOKEN
  *

ssl/ssl_lib.c

@@ -7987,24 +7987,6 @@ SSL *SSL_new_from_listener(SSL *ssl, uint64_t flags)
 #endif
 }
 
-SSL_TOKEN_STORE *SSL_CTX_get0_token_store(SSL_CTX *ctx)
-{
-#ifndef OPENSSL_NO_QUIC
-    return ossl_quic_get0_token_store(ctx);
-#else
-    return NULL;
-#endif
-}
-
-int SSL_CTX_set1_token_store(SSL_CTX *ctx, SSL_TOKEN_STORE *hdl)
-{
-#ifndef OPENSSL_NO_QUIC
-    return ossl_quic_set1_token_store(ctx, hdl);
-#else
-    return 0;
-#endif
-}
-
 SSL *SSL_accept_connection(SSL *ssl, uint64_t flags)
 {
 #ifndef OPENSSL_NO_QUIC

util/libssl.num

@@ -605,5 +605,3 @@ SSL_CTX_set_domain_flags                ?	3_5_0	EXIST::FUNCTION:
 SSL_CTX_get_domain_flags                ?	3_5_0	EXIST::FUNCTION:
 SSL_get_domain_flags                    ?	3_5_0	EXIST::FUNCTION:
 SSL_CTX_set_new_pending_conn_cb         ?	3_5_0	EXIST::FUNCTION:
-SSL_CTX_get0_token_store                ?	3_5_0	EXIST::FUNCTION:
-SSL_CTX_set1_token_store                ?	3_5_0	EXIST::FUNCTION: