From 24c4ea958ecae0b194cc3eb812a81766cdb421f6 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Thu, 3 Sep 2020 14:10:41 +0100
Subject: [PATCH] Fix stacks of OPENSSL_STRING, OPENSSL_CSTRING and
 OPENSSL_BLOCK

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
---
 .gitignore                                     |  1 +
 apps/asn1pars.c                                |  1 -
 apps/ca.c                                      |  1 -
 apps/cms.c                                     |  1 -
 apps/crl2p7.c                                  |  2 --
 apps/dgst.c                                    |  2 --
 apps/engine.c                                  |  3 ---
 apps/fipsinstall.c                             |  2 --
 apps/kdf.c                                     |  2 --
 apps/lib/apps.c                                |  1 -
 apps/lib/names.c                               |  2 --
 apps/lib/s_cb.c                                |  2 --
 apps/list.c                                    |  2 --
 apps/mac.c                                     |  2 --
 apps/ocsp.c                                    |  1 -
 apps/pkcs12.c                                  |  1 -
 apps/pkeyutl.c                                 |  2 --
 apps/provider.c                                |  2 --
 apps/rehash.c                                  |  2 --
 apps/req.c                                     |  1 -
 apps/s_client.c                                |  1 -
 apps/s_server.c                                |  2 --
 apps/smime.c                                   |  2 --
 apps/verify.c                                  |  2 --
 apps/x509.c                                    |  1 -
 build.info                                     |  2 ++
 crypto/encode_decode/decoder_pkey.c            |  2 --
 crypto/encode_decode/encoder_pkey.c            |  2 --
 crypto/engine/eng_dyn.c                        |  2 --
 crypto/x509/by_store.c                         |  2 --
 crypto/x509/v3_utl.c                           |  1 -
 crypto/x509/x509_vfy.c                         |  2 --
 crypto/x509/x509_vpm.c                         |  1 -
 .../openssl/{safestack.h => safestack.h.in}    | 18 +++++++++++++++---
 test/confdump.c                                |  1 -
 test/evp_libctx_test.c                         |  2 --
 test/evp_test.c                                |  2 --
 test/ssltest_old.c                             |  2 --
 util/perl/OpenSSL/stackhash.pm                 | 17 ++++++++++++++++-
 39 files changed, 34 insertions(+), 63 deletions(-)
 rename include/openssl/{safestack.h => safestack.h.in} (96%)

diff --git a/.gitignore b/.gitignore
index 72ad111f9e..0ab5c08557 100644
--- a/.gitignore
+++ b/.gitignore
@@ -25,6 +25,7 @@
 /include/openssl/configuration.h
 /include/openssl/opensslv.h
 /include/openssl/fipskey.h
+/include/openssl/safestack.h
 /include/openssl/ssl.h
 /include/openssl/x509.h
 /include/openssl/x509v3.h
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index 9f21f0c730..9acc3c0080 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -19,7 +19,6 @@
 #include <openssl/asn1t.h>
 
 DEFINE_STACK_OF(ASN1_OBJECT)
-DEFINE_STACK_OF_STRING()
 
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
diff --git a/apps/ca.c b/apps/ca.c
index cb1c90991c..9ddd464534 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -35,7 +35,6 @@
 #include "progs.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
-DEFINE_STACK_OF_STRING()
 
 #ifndef W_OK
 # define F_OK 0
diff --git a/apps/cms.c b/apps/cms.c
index 350f9ed75b..2706e5af86 100644
--- a/apps/cms.c
+++ b/apps/cms.c
@@ -24,7 +24,6 @@
 # include <openssl/cms.h>
 
 DEFINE_STACK_OF(CMS_SignerInfo)
-DEFINE_STACK_OF_STRING()
 
 static int save_certs(char *signerfile, STACK_OF(X509) *signers);
 static int cms_cb(int ok, X509_STORE_CTX *ctx);
diff --git a/apps/crl2p7.c b/apps/crl2p7.c
index 545fe0a53b..9137f87239 100644
--- a/apps/crl2p7.c
+++ b/apps/crl2p7.c
@@ -19,8 +19,6 @@
 #include <openssl/pem.h>
 #include <openssl/objects.h>
 
-DEFINE_STACK_OF_STRING()
-
 static int add_certs_from_file(STACK_OF(X509) *stack, char *certfile);
 
 typedef enum OPTION_choice {
diff --git a/apps/dgst.c b/apps/dgst.c
index 0654d4c8b9..0bbde71d4b 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -21,8 +21,6 @@
 #include <openssl/hmac.h>
 #include <ctype.h>
 
-DEFINE_STACK_OF_STRING()
-
 #undef BUFSIZE
 #define BUFSIZE 1024*8
 
diff --git a/apps/engine.c b/apps/engine.c
index d51586d855..393008d5ce 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -22,9 +22,6 @@
 #include <openssl/ssl.h>
 #include <openssl/store.h>
 
-DEFINE_STACK_OF_STRING()
-DEFINE_STACK_OF_CSTRING()
-
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
     OPT_C, OPT_T, OPT_TT, OPT_PRE, OPT_POST,
diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c
index 2df7d0f024..832f560b5a 100644
--- a/apps/fipsinstall.c
+++ b/apps/fipsinstall.c
@@ -19,8 +19,6 @@
 #include "apps.h"
 #include "progs.h"
 
-DEFINE_STACK_OF_STRING()
-
 #define BUFSIZE 4096
 
 /* Configuration file values */
diff --git a/apps/kdf.c b/apps/kdf.c
index 8d11807f5f..ba14cfdc76 100644
--- a/apps/kdf.c
+++ b/apps/kdf.c
@@ -17,8 +17,6 @@
 #include <openssl/kdf.h>
 #include <openssl/params.h>
 
-DEFINE_STACK_OF_STRING()
-
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
     OPT_KDFOPT, OPT_BIN, OPT_KEYLEN, OPT_OUT,
diff --git a/apps/lib/apps.c b/apps/lib/apps.c
index d69ded2a5c..9bc976317d 100644
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@@ -63,7 +63,6 @@ static int WIN32_rename(const char *from, const char *to);
 
 DEFINE_STACK_OF(CONF)
 DEFINE_STACK_OF(CONF_VALUE)
-DEFINE_STACK_OF_STRING()
 
 typedef struct {
     const char *name;
diff --git a/apps/lib/names.c b/apps/lib/names.c
index 42b9e9065c..5e2e7e147c 100644
--- a/apps/lib/names.c
+++ b/apps/lib/names.c
@@ -12,8 +12,6 @@
 #include <openssl/safestack.h>
 #include "names.h"
 
-DEFINE_STACK_OF_CSTRING()
-
 #ifdef _WIN32
 # define strcasecmp _stricmp
 #endif
diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c
index b53d4cbd40..ec52cef158 100644
--- a/apps/lib/s_cb.c
+++ b/apps/lib/s_cb.c
@@ -26,8 +26,6 @@
 
 #define COOKIE_SECRET_LENGTH    16
 
-DEFINE_STACK_OF_STRING()
-
 VERIFY_CB_ARGS verify_args = { -1, 0, X509_V_OK, 0 };
 
 #ifndef OPENSSL_NO_SOCK
diff --git a/apps/list.c b/apps/list.c
index c891bf7213..fd018991e1 100644
--- a/apps/list.c
+++ b/apps/list.c
@@ -25,8 +25,6 @@
 #include "opt.h"
 #include "names.h"
 
-DEFINE_STACK_OF_CSTRING()
-
 static int verbose = 0;
 
 static void legacy_cipher_fn(const EVP_CIPHER *c,
diff --git a/apps/mac.c b/apps/mac.c
index 30f0daabcc..e751dcf0b1 100644
--- a/apps/mac.c
+++ b/apps/mac.c
@@ -16,8 +16,6 @@
 #include <openssl/evp.h>
 #include <openssl/params.h>
 
-DEFINE_STACK_OF_STRING()
-
 #undef BUFSIZE
 #define BUFSIZE 1024*8
 
diff --git a/apps/ocsp.c b/apps/ocsp.c
index ad699629f6..6943267bde 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -35,7 +35,6 @@
 
 DEFINE_STACK_OF(OCSP_CERTID)
 DEFINE_STACK_OF(CONF_VALUE)
-DEFINE_STACK_OF_STRING()
 
 #if defined(__TANDEM)
 # if defined(OPENSSL_TANDEM_FLOSS)
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index fddfdbca36..dd08b96ff8 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -22,7 +22,6 @@
 
 DEFINE_STACK_OF(PKCS7)
 DEFINE_STACK_OF(PKCS12_SAFEBAG)
-DEFINE_STACK_OF_STRING()
 
 #define NOKEYS          0x1
 #define NOCERTS         0x2
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c
index 9bfef87311..5f53867790 100644
--- a/apps/pkeyutl.c
+++ b/apps/pkeyutl.c
@@ -15,8 +15,6 @@
 #include <openssl/evp.h>
 #include <sys/stat.h>
 
-DEFINE_STACK_OF_STRING()
-
 #define KEY_NONE        0
 #define KEY_PRIVKEY     1
 #define KEY_PUBKEY      2
diff --git a/apps/provider.c b/apps/provider.c
index 748b95023e..f1374a365c 100644
--- a/apps/provider.c
+++ b/apps/provider.c
@@ -24,8 +24,6 @@
 # include <string.h> /* memset */
 #endif
 
-DEFINE_STACK_OF_CSTRING()
-
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
     OPT_V = 100, OPT_VV, OPT_VVV
diff --git a/apps/rehash.c b/apps/rehash.c
index efa0b65497..3cbd65c860 100644
--- a/apps/rehash.c
+++ b/apps/rehash.c
@@ -42,8 +42,6 @@
 # include <openssl/pem.h>
 # include <openssl/x509.h>
 
-DEFINE_STACK_OF_STRING()
-
 # ifndef PATH_MAX
 #  define PATH_MAX 4096
 # endif
diff --git a/apps/req.c b/apps/req.c
index 2cc9ebf43d..5f3c7b5fc8 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -36,7 +36,6 @@
 #endif
 
 DEFINE_STACK_OF(CONF_VALUE)
-DEFINE_STACK_OF_STRING()
 
 #define BITS            "default_bits"
 #define KEYFILE         "default_keyfile"
diff --git a/apps/s_client.c b/apps/s_client.c
index 32aa6fafcb..ecd737ef69 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -60,7 +60,6 @@ typedef unsigned int u_int;
 #endif
 
 DEFINE_STACK_OF(SCT)
-DEFINE_STACK_OF_STRING()
 
 #undef BUFSIZZ
 #define BUFSIZZ 1024*8
diff --git a/apps/s_server.c b/apps/s_server.c
index c970080d83..dde0ee60c0 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -60,8 +60,6 @@ typedef unsigned int u_int;
 #endif
 #include "internal/sockets.h"
 
-DEFINE_STACK_OF_STRING()
-
 static int not_resumable_sess_cb(SSL *s, int is_forward_secure);
 static int sv_body(int s, int stype, int prot, unsigned char *context);
 static int www_body(int s, int stype, int prot, unsigned char *context);
diff --git a/apps/smime.c b/apps/smime.c
index ed3d63af6c..9113038db7 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -19,8 +19,6 @@
 #include <openssl/x509_vfy.h>
 #include <openssl/x509v3.h>
 
-DEFINE_STACK_OF_STRING()
-
 static int save_certs(char *signerfile, STACK_OF(X509) *signers);
 static int smime_cb(int ok, X509_STORE_CTX *ctx);
 
diff --git a/apps/verify.c b/apps/verify.c
index c43a4e69a4..3d4e7d4060 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -18,8 +18,6 @@
 #include <openssl/x509v3.h>
 #include <openssl/pem.h>
 
-DEFINE_STACK_OF_STRING()
-
 static int cb(int ok, X509_STORE_CTX *ctx);
 static int check(X509_STORE *ctx, const char *file,
                  STACK_OF(X509) *uchain, STACK_OF(X509) *tchain,
diff --git a/apps/x509.c b/apps/x509.c
index 4b2200c35b..a8f515a90b 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -29,7 +29,6 @@
 #endif
 
 DEFINE_STACK_OF(ASN1_OBJECT)
-DEFINE_STACK_OF_STRING()
 
 #undef POSTFIX
 #define POSTFIX ".srl"
diff --git a/build.info b/build.info
index bec55770ae..9dc37a1b7e 100644
--- a/build.info
+++ b/build.info
@@ -15,6 +15,7 @@ DEPEND[libssl]=libcrypto
 # unconditionally before anything else.
 DEPEND[]=include/openssl/configuration.h include/openssl/opensslv.h \
          include/openssl/fipskey.h \
+         include/openssl/safestack.h \
          include/openssl/ssl.h \
          include/openssl/x509.h \
          include/openssl/x509v3.h \
@@ -24,6 +25,7 @@ DEPEND[]=include/openssl/configuration.h include/openssl/opensslv.h \
 GENERATE[include/openssl/configuration.h]=include/openssl/configuration.h.in
 GENERATE[include/openssl/opensslv.h]=include/openssl/opensslv.h.in
 GENERATE[include/openssl/fipskey.h]=include/openssl/fipskey.h.in
+GENERATE[include/openssl/safestack.h]=include/openssl/safestack.h.in
 GENERATE[include/openssl/ssl.h]=include/openssl/ssl.h.in
 GENERATE[include/openssl/x509.h]=include/openssl/x509.h.in
 GENERATE[include/openssl/x509v3.h]=include/openssl/x509v3.h.in
diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c
index 64ea4e2c3f..dfc7cccab1 100644
--- a/crypto/encode_decode/decoder_pkey.c
+++ b/crypto/encode_decode/decoder_pkey.c
@@ -187,8 +187,6 @@ static void decoder_clean_EVP_PKEY_construct_arg(void *construct_data)
     }
 }
 
-DEFINE_STACK_OF_CSTRING()
-
 struct collected_data_st {
     struct decoder_EVP_PKEY_data_st *process_data;
     STACK_OF(OPENSSL_CSTRING) *names;
diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c
index 76b8386e0c..7c63a76adb 100644
--- a/crypto/encode_decode/encoder_pkey.c
+++ b/crypto/encode_decode/encoder_pkey.c
@@ -18,8 +18,6 @@
 #include "crypto/evp.h"
 #include "encoder_local.h"
 
-DEFINE_STACK_OF_CSTRING()
-
 int OSSL_ENCODER_CTX_set_cipher(OSSL_ENCODER_CTX *ctx,
                                 const char *cipher_name,
                                 const char *propquery)
diff --git a/crypto/engine/eng_dyn.c b/crypto/engine/eng_dyn.c
index 73d7b14ae6..01935578c2 100644
--- a/crypto/engine/eng_dyn.c
+++ b/crypto/engine/eng_dyn.c
@@ -20,8 +20,6 @@
  * prototypes.
  */
 
-DEFINE_STACK_OF_STRING()
-
 /* Our ENGINE handlers */
 static int dynamic_init(ENGINE *e);
 static int dynamic_finish(ENGINE *e);
diff --git a/crypto/x509/by_store.c b/crypto/x509/by_store.c
index debb76150d..7822da8cd5 100644
--- a/crypto/x509/by_store.c
+++ b/crypto/x509/by_store.c
@@ -12,8 +12,6 @@
 #include "crypto/x509.h"
 #include "x509_local.h"
 
-DEFINE_STACK_OF_STRING()
-
 /* Generic object loader, given expected type and criterion */
 static int cache_objects(X509_LOOKUP *lctx, const char *uri,
                          const OSSL_STORE_SEARCH *criterion,
diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c
index 7e813af3e9..8acdfd3296 100644
--- a/crypto/x509/v3_utl.c
+++ b/crypto/x509/v3_utl.c
@@ -22,7 +22,6 @@
 #include "x509_local.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
-DEFINE_STACK_OF_STRING()
 
 static char *strip_spaces(char *name);
 static int sk_strcmp(const char *const *a, const char *const *b);
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index ce31975f8b..d4a085ddb0 100644
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -25,8 +25,6 @@
 #include "crypto/x509.h"
 #include "x509_local.h"
 
-DEFINE_STACK_OF_STRING()
-
 /* CRL score values */
 
 /* No unhandled critical extensions */
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index f87dfd0726..8fe09fd61a 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -20,7 +20,6 @@
 
 DEFINE_STACK_OF(ASN1_OBJECT)
 DEFINE_STACK_OF(X509_VERIFY_PARAM)
-DEFINE_STACK_OF_STRING()
 
 /* X509_VERIFY_PARAM functions */
 
diff --git a/include/openssl/safestack.h b/include/openssl/safestack.h.in
similarity index 96%
rename from include/openssl/safestack.h
rename to include/openssl/safestack.h.in
index c94ce78cf9..943aa5861e 100644
--- a/include/openssl/safestack.h
+++ b/include/openssl/safestack.h.in
@@ -1,4 +1,6 @@
 /*
+ * {- join("\n * ", @autowarntext) -}
+ *
  * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -7,6 +9,12 @@
  * https://www.openssl.org/source/license.html
  */
 
+{-
+use OpenSSL::stackhash qw(generate_stack_string_macros
+                          generate_stack_const_string_macros
+                          generate_stack_block_macros);
+-}
+
 #ifndef OPENSSL_SAFESTACK_H
 # define OPENSSL_SAFESTACK_H
 # pragma once
@@ -184,8 +192,10 @@ typedef const char *OPENSSL_CSTRING;
  * chars. So, we have to implement STRING specially for STACK_OF. This is
  * dealt with in the autogenerated macros below.
  */
-DEFINE_OR_DECLARE_STACK_OF_STRING()
-DEFINE_OR_DECLARE_STACK_OF_CSTRING()
+{-
+    generate_stack_string_macros()
+    .generate_stack_const_string_macros();
+-}
 
 #if !defined(OPENSSL_NO_DEPRECATED_3_0)
 /*
@@ -193,7 +203,9 @@ DEFINE_OR_DECLARE_STACK_OF_CSTRING()
  * These should also be distinguished from "normal" stacks.
  */
 typedef void *OPENSSL_BLOCK;
-DEFINE_SPECIAL_STACK_OF(OPENSSL_BLOCK, void)
+{-
+    generate_stack_block_macros();
+-}
 #endif
 
 /*
diff --git a/test/confdump.c b/test/confdump.c
index 3750d2cc8c..2a72f5b454 100644
--- a/test/confdump.c
+++ b/test/confdump.c
@@ -15,7 +15,6 @@
 #include <openssl/err.h>
 
 DEFINE_STACK_OF(CONF_VALUE)
-DEFINE_STACK_OF_CSTRING()
 
 static STACK_OF(OPENSSL_CSTRING) *section_names = NULL;
 
diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c
index 3b20dad74b..823cdec8e0 100644
--- a/test/evp_libctx_test.c
+++ b/test/evp_libctx_test.c
@@ -31,8 +31,6 @@
 #include "crypto/bn_dh.h"   /* _bignum_ffdhe2048_p */
 #include "../e_os.h"        /* strcasecmp */
 
-DEFINE_STACK_OF_CSTRING()
-
 static OPENSSL_CTX *libctx = NULL;
 static OSSL_PROVIDER *nullprov = NULL;
 static OSSL_PROVIDER *libprov = NULL;
diff --git a/test/evp_test.c b/test/evp_test.c
index 52e1dd2e51..0b58d1f97e 100644
--- a/test/evp_test.c
+++ b/test/evp_test.c
@@ -27,8 +27,6 @@
 #include "testutil.h"
 #include "evp_test.h"
 
-DEFINE_STACK_OF_STRING()
-
 #define AAD_NUM 4
 
 typedef struct evp_test_method_st EVP_TEST_METHOD;
diff --git a/test/ssltest_old.c b/test/ssltest_old.c
index 88aef5e896..d1733912bc 100644
--- a/test/ssltest_old.c
+++ b/test/ssltest_old.c
@@ -81,8 +81,6 @@
 # include <unistd.h>
 #endif
 
-DEFINE_STACK_OF_STRING()
-
 static SSL_CTX *s_ctx = NULL;
 static SSL_CTX *s_ctx2 = NULL;
 
diff --git a/util/perl/OpenSSL/stackhash.pm b/util/perl/OpenSSL/stackhash.pm
index d8ca76aa91..21d852eae0 100644
--- a/util/perl/OpenSSL/stackhash.pm
+++ b/util/perl/OpenSSL/stackhash.pm
@@ -13,7 +13,10 @@ use warnings;
 
 require Exporter;
 our @ISA = qw(Exporter);
-our @EXPORT_OK = qw(generate_stack_macros generate_const_stack_macros);
+our @EXPORT_OK = qw(generate_stack_macros generate_const_stack_macros
+                    generate_stack_string_macros
+                    generate_stack_const_string_macros
+                    generate_stack_block_macros);
 
 sub generate_stack_macros_int {
     my $nametype = shift;
@@ -89,4 +92,16 @@ sub generate_const_stack_macros {
 
     return generate_stack_macros_int($type, "const $type", $type);
 }
+
+sub generate_stack_string_macros {
+    return generate_stack_macros_int("OPENSSL_STRING", "char", "char");
+}
+
+sub generate_stack_const_string_macros {
+    return generate_stack_macros_int("OPENSSL_CSTRING", "const char", "char");
+}
+
+sub generate_stack_block_macros {
+    return generate_stack_macros_int("OPENSSL_BLOCK", "void", "void");
+}
 1;
-- 
2.39.2