From 02199cc39db2669933cefc6319599ba491bb3a85 Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 3 Sep 2020 15:20:03 +0100 Subject: [PATCH] Fix safestack issues in pkcs7.h Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12781) --- .gitignore | 1 + apps/pkcs12.c | 1 - build.info | 2 ++ crypto/pkcs12/p12_crt.c | 1 - crypto/pkcs12/p12_kiss.c | 1 - crypto/pkcs12/p12_npas.c | 1 - crypto/pkcs7/pk7_doit.c | 3 --- crypto/pkcs7/pk7_lib.c | 3 --- crypto/pkcs7/pk7_smime.c | 1 - crypto/ts/ts_rsp_verify.c | 1 - include/openssl/{pkcs7.h => pkcs7.h.in} | 18 +++++++++++++++--- test/pkcs12_helper.c | 1 - 12 files changed, 18 insertions(+), 16 deletions(-) rename include/openssl/{pkcs7.h => pkcs7.h.in} (98%) diff --git a/.gitignore b/.gitignore index 6d6850c104..263a748e3a 100644 --- a/.gitignore +++ b/.gitignore @@ -29,6 +29,7 @@ /include/openssl/fipskey.h /include/openssl/ocsp.h /include/openssl/opensslv.h +/include/openssl/pkcs7.h /include/openssl/safestack.h /include/openssl/ssl.h /include/openssl/x509.h diff --git a/apps/pkcs12.c b/apps/pkcs12.c index dd08b96ff8..fd626d9d05 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -20,7 +20,6 @@ #include #include -DEFINE_STACK_OF(PKCS7) DEFINE_STACK_OF(PKCS12_SAFEBAG) #define NOKEYS 0x1 diff --git a/build.info b/build.info index 406ce29af0..876135a6c7 100644 --- a/build.info +++ b/build.info @@ -20,6 +20,7 @@ DEPEND[]=include/openssl/asn1.h \ include/openssl/fipskey.h \ include/openssl/opensslv.h \ include/openssl/ocsp.h \ + include/openssl/pkcs7.h \ include/openssl/safestack.h \ include/openssl/ssl.h \ include/openssl/x509.h \ @@ -34,6 +35,7 @@ GENERATE[include/openssl/cms.h]=include/openssl/cms.h.in GENERATE[include/openssl/fipskey.h]=include/openssl/fipskey.h.in GENERATE[include/openssl/ocsp.h]=include/openssl/ocsp.h.in GENERATE[include/openssl/opensslv.h]=include/openssl/opensslv.h.in +GENERATE[include/openssl/pkcs7.h]=include/openssl/pkcs7.h.in GENERATE[include/openssl/safestack.h]=include/openssl/safestack.h.in GENERATE[include/openssl/ssl.h]=include/openssl/ssl.h.in GENERATE[include/openssl/x509.h]=include/openssl/x509.h.in diff --git a/crypto/pkcs12/p12_crt.c b/crypto/pkcs12/p12_crt.c index 757b6ae631..d673c8b293 100644 --- a/crypto/pkcs12/p12_crt.c +++ b/crypto/pkcs12/p12_crt.c @@ -12,7 +12,6 @@ #include #include "p12_local.h" -DEFINE_STACK_OF(PKCS7) DEFINE_STACK_OF(PKCS12_SAFEBAG) static int pkcs12_add_bag(STACK_OF(PKCS12_SAFEBAG) **pbags, diff --git a/crypto/pkcs12/p12_kiss.c b/crypto/pkcs12/p12_kiss.c index 433bccdb30..a43091380c 100644 --- a/crypto/pkcs12/p12_kiss.c +++ b/crypto/pkcs12/p12_kiss.c @@ -12,7 +12,6 @@ #include #include "crypto/x509.h" /* for X509_add_cert_new() */ -DEFINE_STACK_OF(PKCS7) DEFINE_STACK_OF(PKCS12_SAFEBAG) /* Simplified PKCS#12 routines */ diff --git a/crypto/pkcs12/p12_npas.c b/crypto/pkcs12/p12_npas.c index a83d745bd5..99e21489ad 100644 --- a/crypto/pkcs12/p12_npas.c +++ b/crypto/pkcs12/p12_npas.c @@ -15,7 +15,6 @@ #include #include "p12_local.h" -DEFINE_STACK_OF(PKCS7) DEFINE_STACK_OF(PKCS12_SAFEBAG) /* PKCS#12 password change routine */ diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 8362d77b7e..bc9bfd8589 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -16,9 +16,6 @@ #include #include "pk7_local.h" -DEFINE_STACK_OF(PKCS7_RECIP_INFO) -DEFINE_STACK_OF(PKCS7_SIGNER_INFO) - static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, void *value); static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid); diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index e169783e52..8f92424ad7 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -16,9 +16,6 @@ #include "crypto/x509.h" /* for sk_X509_add1_cert() */ #include "pk7_local.h" -DEFINE_STACK_OF(PKCS7_RECIP_INFO) -DEFINE_STACK_OF(PKCS7_SIGNER_INFO) - long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) { int nid; diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index de8c0568db..3347544bb8 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -17,7 +17,6 @@ #define BUFFERSIZE 4096 -DEFINE_STACK_OF(PKCS7_SIGNER_INFO) static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si); diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index 0077798c43..cec15bd094 100644 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -15,7 +15,6 @@ #include "ts_local.h" #include "crypto/ess.h" -DEFINE_STACK_OF(PKCS7_SIGNER_INFO) DEFINE_STACK_OF(ESS_CERT_ID) DEFINE_STACK_OF(ESS_CERT_ID_V2) diff --git a/include/openssl/pkcs7.h b/include/openssl/pkcs7.h.in similarity index 98% rename from include/openssl/pkcs7.h rename to include/openssl/pkcs7.h.in index f4b75cca36..93e1f9dbef 100644 --- a/include/openssl/pkcs7.h +++ b/include/openssl/pkcs7.h.in @@ -1,4 +1,6 @@ /* + * {- join("\n * ", @autowarntext) -} + * * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -7,6 +9,10 @@ * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::stackhash qw(generate_stack_macros); +-} + #ifndef OPENSSL_PKCS7_H # define OPENSSL_PKCS7_H # pragma once @@ -58,7 +64,9 @@ typedef struct pkcs7_signer_info_st { EVP_PKEY *pkey; const PKCS7_CTX *ctx; } PKCS7_SIGNER_INFO; -DEFINE_OR_DECLARE_STACK_OF(PKCS7_SIGNER_INFO) +{- + generate_stack_macros("PKCS7_SIGNER_INFO"); +-} typedef struct pkcs7_recip_info_st { ASN1_INTEGER *version; /* version 0 */ @@ -68,7 +76,9 @@ typedef struct pkcs7_recip_info_st { X509 *cert; /* get the pub-key from this */ const PKCS7_CTX *ctx; } PKCS7_RECIP_INFO; -DEFINE_OR_DECLARE_STACK_OF(PKCS7_RECIP_INFO) +{- + generate_stack_macros("PKCS7_RECIP_INFO"); +-} typedef struct pkcs7_signed_st { @@ -157,7 +167,9 @@ typedef struct pkcs7_st { } d; PKCS7_CTX ctx; } PKCS7; -DEFINE_OR_DECLARE_STACK_OF(PKCS7) +{- + generate_stack_macros("PKCS7"); +-} # define PKCS7_OP_SET_DETACHED_SIGNATURE 1 diff --git a/test/pkcs12_helper.c b/test/pkcs12_helper.c index a3490e74e3..d3b7a63917 100644 --- a/test/pkcs12_helper.c +++ b/test/pkcs12_helper.c @@ -21,7 +21,6 @@ #include "testutil.h" #include "pkcs12_helper.h" -DEFINE_STACK_OF(PKCS7) DEFINE_STACK_OF(PKCS12_SAFEBAG) /* Set this to > 0 write test data to file */ -- 2.34.1