From: Matt Caswell Date: Thu, 3 Sep 2020 14:37:45 +0000 (+0100) Subject: Fix safestack issues in x509_vfy.h X-Git-Tag: openssl-3.0.0-alpha7~260 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c5a5581127c75fe9e9d56d42dd6bd95eb679729f;p=thirdparty%2Fopenssl.git Fix safestack issues in x509_vfy.h Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12781) --- diff --git a/.gitignore b/.gitignore index 4a29456053c..f228f236045 100644 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,7 @@ /include/openssl/ssl.h /include/openssl/x509.h /include/openssl/x509v3.h +/include/openssl/x509_vfy.h # Auto generated doc files doc/man1/openssl-*.pod diff --git a/build.info b/build.info index 722d8869113..669ccf4c3a2 100644 --- a/build.info +++ b/build.info @@ -26,6 +26,7 @@ DEPEND[]=include/openssl/asn1.h \ include/openssl/ssl.h \ include/openssl/x509.h \ include/openssl/x509v3.h \ + include/openssl/x509_vfy.h \ include/crypto/bn_conf.h include/crypto/dso_conf.h \ doc/man7/openssl_user_macros.pod @@ -42,6 +43,7 @@ GENERATE[include/openssl/srp.h]=include/openssl/srp.h.in GENERATE[include/openssl/ssl.h]=include/openssl/ssl.h.in GENERATE[include/openssl/x509.h]=include/openssl/x509.h.in GENERATE[include/openssl/x509v3.h]=include/openssl/x509v3.h.in +GENERATE[include/openssl/x509_vfy.h]=include/openssl/x509_vfy.h.in GENERATE[include/crypto/bn_conf.h]=include/crypto/bn_conf.h.in GENERATE[include/crypto/dso_conf.h]=include/crypto/dso_conf.h.in GENERATE[doc/man7/openssl_user_macros.pod]=doc/man7/openssl_user_macros.pod.in diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c index bdd876a89f2..12afe57028d 100644 --- a/crypto/cmp/cmp_util.c +++ b/crypto/cmp/cmp_util.c @@ -16,8 +16,6 @@ #include /* should be implied by cmperr.h */ #include -DEFINE_STACK_OF(X509_OBJECT) - /* * use trace API for CMP-specific logging, prefixed by "CMP " and severity */ diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index ff6e4cf03c7..da04daf9020 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -22,8 +22,6 @@ #include "crypto/x509.h" #include "x509_local.h" -DEFINE_STACK_OF(X509_OBJECT) - struct lookup_dir_hashes_st { unsigned long hash; int suffix; diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 77488b6e050..de81fad5139 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -15,9 +15,6 @@ #include #include "x509_local.h" -DEFINE_STACK_OF(X509_LOOKUP) -DEFINE_STACK_OF(X509_OBJECT) - X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) { X509_LOOKUP *ret = OPENSSL_zalloc(sizeof(*ret)); diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c index 17c07909115..a429d5a5ae2 100644 --- a/crypto/x509/x509_vpm.c +++ b/crypto/x509/x509_vpm.c @@ -18,8 +18,6 @@ #include "x509_local.h" -DEFINE_STACK_OF(X509_VERIFY_PARAM) - /* X509_VERIFY_PARAM functions */ #define SET_HOST 0 diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h.in similarity index 99% rename from include/openssl/x509_vfy.h rename to include/openssl/x509_vfy.h.in index d43a442fc7a..8a565f71a38 100644 --- a/include/openssl/x509_vfy.h +++ b/include/openssl/x509_vfy.h.in @@ -1,4 +1,6 @@ /* + * {- join("\n * ", @autowarntext) -} + * * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use @@ -7,6 +9,10 @@ * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::stackhash qw(generate_stack_macros); +-} + #ifndef OPENSSL_X509_VFY_H # define OPENSSL_X509_VFY_H # pragma once @@ -60,9 +66,11 @@ typedef enum { #define X509_LU_FAIL 0 #endif -DEFINE_OR_DECLARE_STACK_OF(X509_LOOKUP) -DEFINE_OR_DECLARE_STACK_OF(X509_OBJECT) -DEFINE_OR_DECLARE_STACK_OF(X509_VERIFY_PARAM) +{- + generate_stack_macros("X509_LOOKUP") + .generate_stack_macros("X509_OBJECT") + .generate_stack_macros("X509_VERIFY_PARAM"); +-} int X509_STORE_set_depth(X509_STORE *store, int depth);