This change will cause builds (by default) to not use different STACK

structures and functions for each stack type. The previous behaviour
can be enabled by configuring with the "-DDEBUG_SAFESTACK" option.
This will also cause "make update" (mkdef.pl in particular) to
update the libeay.num and ssleay.num symbol tables with the number of
extra functions DEBUG_SAFESTACK creates.

The way this change works is to accompany each DECLARE_STACK_OF()
macro with a set of "#define"d versions of the sk_##type##_***
functions that ensures all the existing "type-safe" stack calls are
precompiled into the underlying stack calls. The presence or abscence
of the DEBUG_SAFESTACK symbol controls whether this block of
"#define"s or the DECLARE_STACK_OF() macro is taking effect. The
block of "#define"s is in turn generated and maintained by a perl
script (util/mkstack.pl) that encompasses the block with delimiting
C comments. This works in a similar way to the auto-generated error
codes and, like the other such maintenance utilities, is invoked
by the "make update" target.

A long (but mundane) commit will follow this with the results of
"make update" - this will include all the "#define" blocks for
each DECLARE_STACK_OF() statement, along with stripped down
libeay.num and ssleay.num files.

diff --git a/CHANGES b/CHANGES
index 4eb839823b5e76bfd8d5161d6e84f38c8d508a72..9cee7298e0a27d18349ca0de227a7c6719091769 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,14 @@
 
  Changes between 0.9.5a and 0.9.6  [xx XXX 2000]
 
+  *) The type-safe stack code has been rejigged. It is now only compiled
+     in when OpenSSL is configured with the DEBUG_SAFESTACK option and
+     by default all type-specific stack functions are "#define"d back to
+     standard stack functions. This results in more streamlined output
+     but retains the type-safety checking possibilities of the original
+     approach.
+     [Geoff Thorpe]
+
   *) The STACK code has been cleaned up, and certain type declarations
      that didn't make a lot of sense have been brought in line. This has
      also involved a cleanup of sorts in safestack.h to more correctly

diff --git a/Configure b/Configure
index 447e3d70b33071ee1fe2779aaf9eb96ae7153dd9..a4b9d3bd60475ceab326ca2e211bc0a4bac6b8f5 100755 (executable)
--- a/Configure
+++ b/Configure
@@ -33,7 +33,10 @@ my $usage="Usage: Configure [no-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-
 # 386           generate 80386 code
 # no-<cipher>   build without specified algorithm (rsa, idea, rc5, ...)
 # -<xxx> +<xxx> compiler options are passed through 
-# 
+#
+# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
+#              provided to stack calls. Generates unique stack functions for
+#              each possible stack type.
 # DES_PTR      use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
 # DES_RISC1    use different DES_ENCRYPT macro that helps reduce register
 #              dependancies but needs to more registers, good for RISC CPU's

diff --git a/Makefile.org b/Makefile.org
index cf98fb515e4b94e52ef4a56cf04bdc4e344f1779..dceea44b5031a56b8c9a2747465170f97a1a6682 100644 (file)
--- a/Makefile.org
+++ b/Makefile.org
@@ -299,6 +299,9 @@ tags:
 errors:
        perl util/mkerr.pl -recurse -write
 
+stacks:
+       perl util/mkstack.pl -recurse
+
 util/libeay.num::
        perl util/mkdef.pl crypto update
 
@@ -312,7 +315,7 @@ TABLE: Configure
        (echo 'Output of `Configure TABLE'"':"; \
        perl Configure TABLE) > TABLE
 
-update: depend errors util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE
+update: depend errors stacks util/libeay.num util/ssleay.num crypto/objects/obj_dat.h TABLE
 
 tar:
        @$(TAR) $(TARFLAGS) -cvf - \

diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h
index 6a093201dccac0046dd56e7958b10acb13b3ae3d..228b4f8184d414876c5430fcb0803f79cdf48ee8 100644 (file)
--- a/crypto/stack/safestack.h
+++ b/crypto/stack/safestack.h
@@ -57,6 +57,8 @@
 
 #include <openssl/stack.h>
 
+#ifdef DEBUG_SAFESTACK
+
 #define STACK_OF(type) struct stack_st_##type
 #define PREDECLARE_STACK_OF(type) STACK_OF(type);
 
@@ -133,4 +135,13 @@ type *sk_##type##_pop(STACK_OF(type) *sk) \
 void sk_##type##_sort(STACK_OF(type) *sk) \
     { sk_sort((STACK *)sk); }
 
+#else
+
+#define STACK_OF(type) STACK
+#define PREDECLARE_STACK_OF(type) /* nada */
+#define DECLARE_STACK_OF(type)    /* nada */
+#define IMPLEMENT_STACK_OF(type)  /* nada */
+
+#endif
+
 #endif /* ndef HEADER_SAFESTACK_H */

diff --git a/util/mkdef.pl b/util/mkdef.pl
index 9f5fba91467831f6739a1b9e56c0e61b008fe887..1a51f677bd878ecabfb4cae2e7e837ad9136a0ec 100755 (executable)
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -18,7 +18,7 @@ my $rsaref = 0;
 my $W32=1;
 my $NT=0;
 # Set this to make typesafe STACK definitions appear in DEF
-my $safe_stack_def = 1;
+my $safe_stack_def = 0;
 
 my $options="";
 open(IN,"<Makefile.ssl") || die "unable to open Makefile.ssl!\n";
@@ -49,6 +49,7 @@ foreach (@ARGV, split(/ /, $options))
        $do_update=1 if $_ eq "update";
        $do_ctest=1 if $_ eq "ctest";
        $rsaref=1 if $_ eq "rsaref";
+       $safe_stack_def=1 if $_ eq "-DDEBUG_SAFESTACK";
 
        if    (/^no-rc2$/)      { $no_rc2=1; }
        elsif (/^no-rc4$/)      { $no_rc4=1; }
@@ -363,6 +364,7 @@ sub do_defs
                foreach (split /;/, $def) {
                        s/^[\n\s]*//g;
                        s/[\n\s]*$//g;
+                       next if(/#define/);
                        next if(/typedef\W/);
                        next if(/EVP_bf/ and $no_bf);
                        next if(/EVP_cast/ and $no_cast);

diff --git a/util/mkstack.pl b/util/mkstack.pl
new file mode 100755 (executable)
index 0000000..30f1722
--- /dev/null
+++ b/util/mkstack.pl
@@ -0,0 +1,112 @@
+#!/usr/local/bin/perl -w
+#
+# This is a utility that searches out "DECLARE_STACK_OF()"
+# declarations in header files, and updates/creates/replaces
+# the corresponding macro declarations that follow it. The
+# reason is that with "DEBUG_SAFESTACK" defined, each type
+# will generate 19 functions, all type-safe variants of the
+# base "sk_***" functions for the general STACK type. Without
+# DEBUG_SAFESTACK defined, we need to macro define all the
+# "type'd sk_##type##_***" functions as mapping directly to
+# the standard sk_*** equivalents. As it's not generally
+# possible to have macros that generate macros, we need to
+# control this from the "outside", here in this script.
+#
+# Geoff Thorpe, June, 2000 (with massive Perl-hacking
+#                           help from Steve Robb)
+
+my $type_thing;
+my $recurse = 0;
+my @files = @ARGV;
+
+while (@ARGV) {
+       my $arg = $ARGV[0];
+       if($arg eq "-recurse") {
+               $recurse = 1;
+               shift @ARGV;
+       } else {
+               last;
+       }
+}
+
+if($recurse) {
+       @source = (<crypto/*.[ch]>, <crypto/*/*.[ch]>, <rsaref/*.[ch]>, <ssl/*.[ch]>);
+} else {
+       @source = @ARGV;
+}
+
+foreach $file (@source) {
+       # After "Configure" has been run, we need to make sure we don't
+       # overwrite symbollic links with new header files!
+       next if -l $file;
+
+       # Open the .c/.h file for reading
+       open(IN, "< $file") || die "Can't open $file for reading: $!";
+       open(OUT, "> $file.tmp") || die "Can't open $file.tmp for writing: $!";
+
+       select(OUT);
+       process_the_file();
+
+       close(OUT);
+       close(IN);
+
+       unlink($file);
+       rename("$file.tmp", $file);
+}
+
+sub process_the_file {
+
+       my $inside_block = 0;
+       my $output_defines = 0;
+
+       while(<IN>) {
+               if (/^DECLARE_STACK_OF\(([^)]+)\)/) {
+                       $type_thing = $1;
+                       $output_defines = 1;
+               }
+               if (m|^/\* This block of defines is updated by a perl script, please do not touch! \*/|) {
+                       $inside_block = 1;
+               }
+               if (m|^/\* End of perl script block, you may now edit :-\) \*/|) {
+                       $inside_block = 0;
+               } elsif ($inside_block == 0) {
+                       print;
+               }
+               if($output_defines == 1) {
+                       print <<EOF;
+/* This block of defines is updated by a perl script, please do not touch! */
+#ifndef DEBUG_SAFESTACK
+       #define sk_${type_thing}_new(a) sk_new((int (*) \\
+               (const char * const *, const char * const *))(a))
+       #define sk_${type_thing}_new_null() sk_new_null()
+       #define sk_${type_thing}_free(a) sk_free(a)
+       #define sk_${type_thing}_num(a) sk_num(a)
+       #define sk_${type_thing}_value(a,b) ((${type_thing} *) \\
+               sk_value((a),(b)))
+       #define sk_${type_thing}_set(a,b,c) ((${type_thing} *) \\
+               sk_set((a),(b),(char *)(c)))
+       #define sk_${type_thing}_zero(a) sk_zero(a)
+       #define sk_${type_thing}_push(a,b) sk_push((a),(char *)(b))
+       #define sk_${type_thing}_unshift(a,b) sk_unshift((a),(b))
+       #define sk_${type_thing}_find(a,b) sk_find((a), (char *)(b))
+       #define sk_${type_thing}_delete(a,b) ((${type_thing} *) \\
+               sk_delete((a),(b)))
+       #define sk_${type_thing}_delete_ptr(a,b) ((${type_thing} *) \\
+               sk_delete_ptr((a),(char *)(b)))
+       #define sk_${type_thing}_insert(a,b,c) sk_insert((a),(char *)(b),(c))
+       #define sk_${type_thing}_set_cmp_func(a,b) ((int (*) \\
+               (const ${type_thing} * const *,const ${type_thing} * const *)) \\
+               sk_set_cmp_func((a),(int (*) \\
+               (const char * const *, const char * const *))(b)))
+       #define sk_${type_thing}_dup(a) sk_dup(a)
+       #define sk_${type_thing}_pop_free(a,b) sk_pop_free((a),(void (*)(void *))(b))
+       #define sk_${type_thing}_shift(a) ((${type_thing} *)sk_shift(a))
+       #define sk_${type_thing}_pop(a) ((${type_thing} *)sk_pop(a))
+       #define sk_${type_thing}_sort(a) sk_sort(a)
+#endif /* !DEBUG_SAFESTACK */
+/* End of perl script block, you may now edit :-) */
+EOF
+                       $output_defines = 0;
+               }
+       }
+}