Fix safestack issues in x509_vfy.h

author Matt Caswell <matt@openssl.org>

Thu, 3 Sep 2020 14:37:45 +0000 (15:37 +0100)

committer Matt Caswell <matt@openssl.org>

Sun, 13 Sep 2020 10:10:41 +0000 (11:10 +0100)
author Matt Caswell <matt@openssl.org>
Thu, 3 Sep 2020 14:37:45 +0000 (15:37 +0100)
committer Matt Caswell <matt@openssl.org>
Sun, 13 Sep 2020 10:10:41 +0000 (11:10 +0100)
diff --git a/.gitignore b/.gitignore

index 4a29456053c280b695354b17bde923d05cc06704..f228f23604536b40af5dfe96be42173f1d7e226c 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -35,6 +35,7 @@
  /include/openssl/ssl.h
  /include/openssl/x509.h
  /include/openssl/x509v3.h
+/include/openssl/x509_vfy.h
  
  # Auto generated doc files
  doc/man1/openssl-*.pod
diff --git a/build.info b/build.info

index 722d886911321474304c58d11910b0efc8e4c8e2..669ccf4c3a2718c55947d01b9e49f66627bc3868 100644 (file)
--- a/build.info
+++ b/build.info
@@ -26,6 +26,7 @@ DEPEND[]=include/openssl/asn1.h \
           include/openssl/ssl.h \
           include/openssl/x509.h \
           include/openssl/x509v3.h \
+         include/openssl/x509_vfy.h \
           include/crypto/bn_conf.h include/crypto/dso_conf.h \
           doc/man7/openssl_user_macros.pod
  
@@ -42,6 +43,7 @@ GENERATE[include/openssl/srp.h]=include/openssl/srp.h.in
  GENERATE[include/openssl/ssl.h]=include/openssl/ssl.h.in
  GENERATE[include/openssl/x509.h]=include/openssl/x509.h.in
  GENERATE[include/openssl/x509v3.h]=include/openssl/x509v3.h.in
+GENERATE[include/openssl/x509_vfy.h]=include/openssl/x509_vfy.h.in
  GENERATE[include/crypto/bn_conf.h]=include/crypto/bn_conf.h.in
  GENERATE[include/crypto/dso_conf.h]=include/crypto/dso_conf.h.in
  GENERATE[doc/man7/openssl_user_macros.pod]=doc/man7/openssl_user_macros.pod.in
diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c

index bdd876a89f215e051012061b32ab062299fcca98..12afe57028dc66d012f277c8c065c220aebbff36 100644 (file)
--- a/crypto/cmp/cmp_util.c
+++ b/crypto/cmp/cmp_util.c
@@ -16,8 +16,6 @@
  #include <openssl/err.h> /* should be implied by cmperr.h */
  #include <openssl/x509v3.h>
  
-DEFINE_STACK_OF(X509_OBJECT)
-
  /*
   * use trace API for CMP-specific logging, prefixed by "CMP " and severity
   */
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c

index ff6e4cf03c7e0aca41566e800650e6bec9c4ccf0..da04daf9020aef1dd5a6b06ebe0f317a4f04682d 100644 (file)
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -22,8 +22,6 @@
  #include "crypto/x509.h"
  #include "x509_local.h"
  
-DEFINE_STACK_OF(X509_OBJECT)
-
  struct lookup_dir_hashes_st {
      unsigned long hash;
      int suffix;
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c

index 77488b6e050f49ff6f784cb28b26ec6b4f7b4f27..de81fad5139dec9fe32410de04422c30ce2e9911 100644 (file)
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -15,9 +15,6 @@
  #include <openssl/x509v3.h>
  #include "x509_local.h"
  
-DEFINE_STACK_OF(X509_LOOKUP)
-DEFINE_STACK_OF(X509_OBJECT)
-
  X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
  {
      X509_LOOKUP *ret = OPENSSL_zalloc(sizeof(*ret));
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c

index 17c07909115e5ae676f642bc654ca2c985c896fc..a429d5a5ae2f4f7cf19a23dd9e81801a8cdcd36e 100644 (file)
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -18,8 +18,6 @@
  
  #include "x509_local.h"
  
-DEFINE_STACK_OF(X509_VERIFY_PARAM)
-
  /* X509_VERIFY_PARAM functions */
  
  #define SET_HOST 0
diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h.in

similarity index 99%

rename from include/openssl/x509_vfy.h

rename to include/openssl/x509_vfy.h.in

index d43a442fc7a75b4a065618015af69b8946fb5416..8a565f71a38d49083bab9d86df36ca55c9ce09f1 100644 (file)
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h.in
@@ -1,4 +1,6 @@
  /*
+ * {- join("\n * ", @autowarntext) -}
+ *
   * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
   *
   * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -7,6 +9,10 @@
   * https://www.openssl.org/source/license.html
   */
  
+{-
+use OpenSSL::stackhash qw(generate_stack_macros);
+-}
+
  #ifndef OPENSSL_X509_VFY_H
  # define OPENSSL_X509_VFY_H
  # pragma once
@@ -60,9 +66,11 @@ typedef enum {
  #define X509_LU_FAIL    0
  #endif
  
-DEFINE_OR_DECLARE_STACK_OF(X509_LOOKUP)
-DEFINE_OR_DECLARE_STACK_OF(X509_OBJECT)
-DEFINE_OR_DECLARE_STACK_OF(X509_VERIFY_PARAM)
+{-
+    generate_stack_macros("X509_LOOKUP")
+    .generate_stack_macros("X509_OBJECT")
+    .generate_stack_macros("X509_VERIFY_PARAM");
+-}
  
  int X509_STORE_set_depth(X509_STORE *store, int depth);
author	Matt Caswell <matt@openssl.org>
	Thu, 3 Sep 2020 14:37:45 +0000 (15:37 +0100)
committer	Matt Caswell <matt@openssl.org>
	Sun, 13 Sep 2020 10:10:41 +0000 (11:10 +0100)
.gitignore		patch \| blob \| history
build.info		patch \| blob \| history
crypto/cmp/cmp_util.c		patch \| blob \| history
crypto/x509/by_dir.c		patch \| blob \| history
crypto/x509/x509_lu.c		patch \| blob \| history
crypto/x509/x509_vpm.c		patch \| blob \| history
include/openssl/x509_vfy.h.in	[moved from include/openssl/x509_vfy.h with 99% similarity]	patch \| blob \| history