Fix safestack issues in conf.h

Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
2020-09-03 16:14:28 +01:00 · 2020-09-03 16:14:28 +01:00 · e74e562f1c
parent dd73147420
commit e74e562f1c
43 changed files with 12 additions and 77 deletions
--- a/.gitignore
+++ b/.gitignore
@ -27,6 +27,7 @@
 /include/openssl/bio.h
 /include/openssl/cmp.h
 /include/openssl/cms.h
+/include/openssl/conf.h
 /include/openssl/configuration.h
 /include/openssl/crmf.h
 /include/openssl/ct.h
--- a/apps/ca.c
+++ b/apps/ca.c
@ -34,8 +34,6 @@
 #include "apps.h"
 #include "progs.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 #ifndef W_OK
 # define F_OK 0
 # define W_OK 2
--- a/apps/lib/apps.c
+++ b/apps/lib/apps.c
@ -62,7 +62,6 @@ static int WIN32_rename(const char *from, const char *to);
 #define PASS_SOURCE_SIZE_MAX 4

 DEFINE_STACK_OF(CONF)
-DEFINE_STACK_OF(CONF_VALUE)

 typedef struct {
    const char *name;
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@ -33,8 +33,6 @@
 #include <openssl/bn.h>
 #include <openssl/x509v3.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 #if defined(__TANDEM)
 # if defined(OPENSSL_TANDEM_FLOSS)
 #  include <floss.h(floss_fork)>
--- a/apps/req.c
+++ b/apps/req.c
@ -35,8 +35,6 @@
 # include <openssl/dsa.h>
 #endif

-DEFINE_STACK_OF(CONF_VALUE)
-
 #define BITS            "default_bits"
 #define KEYFILE         "default_keyfile"
 #define PROMPT          "prompt"
--- a/build.info
+++ b/build.info
@ -18,6 +18,7 @@ DEPEND[]=include/openssl/asn1.h \
         include/openssl/bio.h \
         include/openssl/cmp.h \
         include/openssl/cms.h \
+         include/openssl/conf.h \
         include/openssl/configuration.h \
         include/openssl/crmf.h \
         include/openssl/ct.h \
@ -40,6 +41,7 @@ GENERATE[include/openssl/asn1t.h]=include/openssl/asn1t.h.in
 GENERATE[include/openssl/bio.h]=include/openssl/bio.h.in
 GENERATE[include/openssl/cmp.h]=include/openssl/cmp.h.in
 GENERATE[include/openssl/cms.h]=include/openssl/cms.h.in
+GENERATE[include/openssl/conf.h]=include/openssl/conf.h.in
 GENERATE[include/openssl/configuration.h]=include/openssl/configuration.h.in
 GENERATE[include/openssl/crmf.h]=include/openssl/crmf.h.in
 GENERATE[include/openssl/ct.h]=include/openssl/ct.h.in
--- a/crypto/asn1/asn1_gen.c
+++ b/crypto/asn1/asn1_gen.c
@ -23,8 +23,6 @@

 #define ASN1_GEN_STR(str,val)   {str, sizeof(str) - 1, val}

-DEFINE_STACK_OF(CONF_VALUE)
-
 #define ASN1_FLAG_EXP_MAX       20
 /* Maximum number of nested sequences */
 #define ASN1_GEN_SEQ_MAX_DEPTH  50
--- a/crypto/asn1/asn_moid.c
+++ b/crypto/asn1/asn_moid.c
@ -16,8 +16,6 @@
 #include "crypto/asn1.h"
 #include "crypto/objects.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 /* Simple ASN1 OID module: add all objects in a given section */

 static int do_create(const char *value, const char *name);
--- a/crypto/asn1/asn_mstbl.c
+++ b/crypto/asn1/asn_mstbl.c
@ -13,7 +13,6 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>

-DEFINE_STACK_OF(CONF_VALUE)
 /* Multi string module: add table entries from a given section */

 static int do_tcreate(const char *value, const char *name);
--- a/crypto/cmp/cmp_http.c
+++ b/crypto/cmp/cmp_http.c
@ -28,8 +28,6 @@
 #include <openssl/cmp.h>
 #include <openssl/err.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 /*
 * Send the PKIMessage req and on success return the response, else NULL.
 * Any previous error queue entries will likely be removed by ERR_clear_error().
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@ -16,8 +16,6 @@
 #include <openssl/conf.h>
 #include <openssl/conf_api.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 static void value_free_hash(const CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf);
 static void value_free_stack_doall(CONF_VALUE *a);

--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@ -21,7 +21,6 @@
 #include <openssl/trace.h>
 #include <openssl/engine.h>

-DEFINE_STACK_OF(CONF_VALUE)
 DEFINE_STACK_OF(CONF_MODULE)
 DEFINE_STACK_OF(CONF_IMODULE)

--- a/crypto/conf/conf_ssl.c
+++ b/crypto/conf/conf_ssl.c
@ -14,8 +14,6 @@
 #include "internal/sslconf.h"
 #include "conf_local.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 /*
 * SSL library configuration module placeholder. We load it here but defer
 * all decisions about its contents to libssl.
--- a/crypto/engine/eng_cnf.c
+++ b/crypto/engine/eng_cnf.c
@ -14,8 +14,6 @@
 #include <openssl/conf.h>
 #include <openssl/trace.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 /* ENGINE config module */

 static const char *skip_dot(const char *name)
--- a/crypto/evp/evp_cnf.c
+++ b/crypto/evp/evp_cnf.c
@ -16,8 +16,6 @@
 #include <openssl/trace.h>
 #include "crypto/evp.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 /* Algorithm configuration module. */

 static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@ -25,8 +25,6 @@

 #include "http_local.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 #define HTTP_PREFIX "HTTP/"
 #define HTTP_VERSION_PATT "1." /* allow 1.x */
 #define HTTP_VERSION_STR_LEN 3
--- a/crypto/provider_conf.c
+++ b/crypto/provider_conf.c
@ -15,7 +15,6 @@
 #include "internal/provider.h"

 DEFINE_STACK_OF(OSSL_PROVIDER)
-DEFINE_STACK_OF(CONF_VALUE)

 /* PROVIDER config module */

--- a/crypto/ts/ts_conf.c
+++ b/crypto/ts/ts_conf.c
@ -18,8 +18,6 @@
 #include <openssl/engine.h>
 #include <openssl/ts.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 /* Macro definitions for the configuration file. */
 #define BASE_SECTION                    "tsa"
 #define ENV_DEFAULT_TSA                 "default_tsa"
--- a/crypto/ts/ts_rsp_print.c
+++ b/crypto/ts/ts_rsp_print.c
@ -15,8 +15,6 @@
 #include <openssl/ts.h>
 #include "ts_local.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 struct status_map_st {
    int bit;
    const char *text;
--- a/crypto/x509/v3_addr.c
+++ b/crypto/x509/v3_addr.c
@ -26,8 +26,6 @@

 #ifndef OPENSSL_NO_RFC3779

-DEFINE_STACK_OF(CONF_VALUE)
-
 /*
 * OpenSSL ASN.1 template translation of RFC 3779 2.2.3.
 */
--- a/crypto/x509/v3_akey.c
+++ b/crypto/x509/v3_akey.c
@ -15,8 +15,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
                                                 AUTHORITY_KEYID *akeyid,
                                                 STACK_OF(CONF_VALUE)
--- a/crypto/x509/v3_alt.c
+++ b/crypto/x509/v3_alt.c
@ -14,8 +14,6 @@
 #include <openssl/bio.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
                                      X509V3_CTX *ctx,
                                      STACK_OF(CONF_VALUE) *nval);
--- a/crypto/x509/v3_asid.c
+++ b/crypto/x509/v3_asid.c
@ -56,8 +56,6 @@ IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange)
 IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice)
 IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers)

-DEFINE_STACK_OF(CONF_VALUE)
-
 /*
 * i2r method for an ASIdentifierChoice.
 */
--- a/crypto/x509/v3_bcons.c
+++ b/crypto/x509/v3_bcons.c
@ -16,8 +16,6 @@
 #include "ext_dat.h"
 #include "x509_local.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
                                                   BASIC_CONSTRAINTS *bcons,
                                                   STACK_OF(CONF_VALUE)
--- a/crypto/x509/v3_bitst.c
+++ b/crypto/x509/v3_bitst.c
@ -13,8 +13,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static BIT_STRING_BITNAME ns_cert_type_table[] = {
    {0, "SSL Client", "client"},
    {1, "SSL Server", "server"},
--- a/crypto/x509/v3_conf.c
+++ b/crypto/x509/v3_conf.c
@ -17,8 +17,6 @@
 #include "crypto/x509.h"
 #include <openssl/x509v3.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 static int v3_check_critical(const char **value);
 static int v3_check_generic(const char **value);
 static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid,
--- a/crypto/x509/v3_cpols.c
+++ b/crypto/x509/v3_cpols.c
@ -18,8 +18,6 @@
 #include "pcy_local.h"
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 /* Certificate policies extension support: this one is a bit complex... */

 static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol,
--- a/crypto/x509/v3_crld.c
+++ b/crypto/x509/v3_crld.c
@ -18,8 +18,6 @@
 #include "ext_dat.h"
 #include "x509_local.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static void *v2i_crld(const X509V3_EXT_METHOD *method,
                      X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out,
--- a/crypto/x509/v3_extku.c
+++ b/crypto/x509/v3_extku.c
@ -14,8 +14,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,
                                    X509V3_CTX *ctx,
                                    STACK_OF(CONF_VALUE) *nval);
--- a/crypto/x509/v3_info.c
+++ b/crypto/x509/v3_info.c
@ -15,8 +15,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD
                                                       *method, AUTHORITY_INFO_ACCESS
                                                       *ainfo, STACK_OF(CONF_VALUE)
--- a/crypto/x509/v3_ist.c
+++ b/crypto/x509/v3_ist.c
@ -15,8 +15,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 /*
 * Issuer Sign Tool (1.2.643.100.112) The name of the tool used to signs the subject (ASN1_SEQUENCE)
 * This extention is required to obtain the status of a qualified certificate at Russian Federation.
--- a/crypto/x509/v3_ncons.c
+++ b/crypto/x509/v3_ncons.c
@ -20,8 +20,6 @@
 #include "crypto/punycode.h"
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method,
                                  X509V3_CTX *ctx,
                                  STACK_OF(CONF_VALUE) *nval);
--- a/crypto/x509/v3_pci.c
+++ b/crypto/x509/v3_pci.c
@ -49,8 +49,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext,
                   BIO *out, int indent);
 static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method,
--- a/crypto/x509/v3_pcons.c
+++ b/crypto/x509/v3_pcons.c
@ -15,8 +15,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
                                                    *method, void *bcons, STACK_OF(CONF_VALUE)
                                                    *extlist);
--- a/crypto/x509/v3_pmaps.c
+++ b/crypto/x509/v3_pmaps.c
@ -14,8 +14,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method,
                                 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD
--- a/crypto/x509/v3_prn.c
+++ b/crypto/x509/v3_prn.c
@ -14,8 +14,6 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 /* Extension printing routines */

 static int unknown_ext_print(BIO *out, const unsigned char *ext, int extlen,
--- a/crypto/x509/v3_sxnet.c
+++ b/crypto/x509/v3_sxnet.c
@ -15,8 +15,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 /* Support for Thawte strong extranet extension */

 #define SXNET_TEST
--- a/crypto/x509/v3_tlsf.c
+++ b/crypto/x509/v3_tlsf.c
@ -16,8 +16,6 @@
 #include "ext_dat.h"
 #include "x509_local.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static STACK_OF(CONF_VALUE) *i2v_TLS_FEATURE(const X509V3_EXT_METHOD *method,
                                             TLS_FEATURE *tls_feature,
                                             STACK_OF(CONF_VALUE) *ext_list);
--- a/crypto/x509/v3_utl.c
+++ b/crypto/x509/v3_utl.c
@ -21,8 +21,6 @@
 #include "ext_dat.h"
 #include "x509_local.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static char *strip_spaces(char *name);
 static int sk_strcmp(const char *const *a, const char *const *b);
 static STACK_OF(OPENSSL_STRING) *get_email(const X509_NAME *name,
--- a/include/openssl/conf.h.in
+++ b/include/openssl/conf.h.in
@ -1,4 +1,6 @@
 /*
+ * {- join("\n * ", @autowarntext) -}
+ *
 * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
@ -7,6 +9,10 @@
 * https://www.openssl.org/source/license.html
 */

+{-
+use OpenSSL::stackhash qw(generate_stack_macros);
+-}
+
 #ifndef  OPENSSL_CONF_H
 # define OPENSSL_CONF_H
 # pragma once
@ -33,7 +39,9 @@ typedef struct {
    char *value;
 } CONF_VALUE;

-DEFINE_OR_DECLARE_STACK_OF(CONF_VALUE)
+{-
+    generate_stack_macros("CONF_VALUE");
+-}

 DEFINE_LHASH_OF(CONF_VALUE);

--- a/test/confdump.c
+++ b/test/confdump.c
@ -14,8 +14,6 @@
 #include <openssl/safestack.h>
 #include <openssl/err.h>

-DEFINE_STACK_OF(CONF_VALUE)
-
 static STACK_OF(OPENSSL_CSTRING) *section_names = NULL;

 static void collect_section_name(CONF_VALUE *v)
--- a/test/http_test.c
+++ b/test/http_test.c
@ -15,8 +15,6 @@

 #include "testutil.h"

-DEFINE_STACK_OF(CONF_VALUE)
-
 static const ASN1_ITEM *x509_it = NULL;
 static X509 *x509 = NULL;
 #define SERVER "mock.server"
--- a/test/ssl_test_ctx.c
+++ b/test/ssl_test_ctx.c
@ -20,8 +20,6 @@
 # define strcasecmp _stricmp
 #endif

-DEFINE_STACK_OF(CONF_VALUE)
-
 static const int default_app_data_size = 256;
 /* Default set to be as small as possible to exercise fragmentation. */
 static const int default_max_fragment_size = 512;