diff options
author | Ben Laurie <ben@openssl.org> | 2008-06-04 11:01:43 +0000 |
---|---|---|
committer | Ben Laurie <ben@openssl.org> | 2008-06-04 11:01:43 +0000 |
commit | 5ce278a77bd7d23bcf965cfa37afb7b937c1a17d (patch) | |
tree | a69f3fe7e5a7e222cdd1e9314e671ffbcf79fc27 | |
parent | 37cf49a3df4b0094c5d335008705518e93b2dad2 (diff) |
More type-checking.
58 files changed, 1518 insertions, 884 deletions
@@ -4,6 +4,14 @@ Changes between 0.9.8g and 0.9.9 [xx XXX xxxx] + *) Removed effectively defunct crypto/store from the build. + [Ben Laurie] + + *) Revamp of STACK to provide stronger type-checking. Still to come: + TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE, + ASN1_STRING, CONF_VALUE. + [Ben Laurie] + *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer RAM on SSL connections. This option can save about 34k per idle SSL. [Nick Mathewson] diff --git a/Makefile.org b/Makefile.org index e5317ca4d8..d3dc117eec 100644 --- a/Makefile.org +++ b/Makefile.org @@ -119,7 +119,7 @@ SDIRS= \ bn ec rsa dsa ecdsa dh ecdh dso engine \ buffer bio stack lhash rand err \ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \ - store cms pqueue ts + cms pqueue ts # keep in mind that the above list is adjusted by ./Configure # according to no-xxx arguments... diff --git a/apps/Makefile b/apps/Makefile index 1ef5c14f88..1718538c26 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -362,10 +362,10 @@ dsaparam.o: ../include/openssl/pem.h ../include/openssl/pem2.h dsaparam.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h dsaparam.o: ../include/openssl/rsa.h ../include/openssl/safestack.h dsaparam.o: ../include/openssl/sha.h ../include/openssl/stack.h -dsaparam.o: ../include/openssl/store.h ../include/openssl/symhacks.h -dsaparam.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -dsaparam.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -dsaparam.o: ../include/openssl/x509v3.h apps.h dsaparam.c +dsaparam.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +dsaparam.o: ../include/openssl/ui.h ../include/openssl/x509.h +dsaparam.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +dsaparam.o: dsaparam.c ec.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h ec.o: ../include/openssl/buffer.h ../include/openssl/conf.h ec.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -470,10 +470,10 @@ gendh.o: ../include/openssl/pem.h ../include/openssl/pem2.h gendh.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h gendh.o: ../include/openssl/rsa.h ../include/openssl/safestack.h gendh.o: ../include/openssl/sha.h ../include/openssl/stack.h -gendh.o: ../include/openssl/store.h ../include/openssl/symhacks.h -gendh.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -gendh.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -gendh.o: ../include/openssl/x509v3.h apps.h gendh.c +gendh.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +gendh.o: ../include/openssl/ui.h ../include/openssl/x509.h +gendh.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +gendh.o: gendh.c gendsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h gendsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h gendsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -522,10 +522,10 @@ genrsa.o: ../include/openssl/pem.h ../include/openssl/pem2.h genrsa.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h genrsa.o: ../include/openssl/rsa.h ../include/openssl/safestack.h genrsa.o: ../include/openssl/sha.h ../include/openssl/stack.h -genrsa.o: ../include/openssl/store.h ../include/openssl/symhacks.h -genrsa.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -genrsa.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -genrsa.o: ../include/openssl/x509v3.h apps.h genrsa.c +genrsa.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +genrsa.o: ../include/openssl/ui.h ../include/openssl/x509.h +genrsa.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +genrsa.o: genrsa.c nseq.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h nseq.o: ../include/openssl/buffer.h ../include/openssl/conf.h nseq.o: ../include/openssl/crypto.h ../include/openssl/e_os2.h @@ -741,10 +741,9 @@ req.o: ../include/openssl/pem.h ../include/openssl/pem2.h req.o: ../include/openssl/pkcs7.h ../include/openssl/rand.h req.o: ../include/openssl/rsa.h ../include/openssl/safestack.h req.o: ../include/openssl/sha.h ../include/openssl/stack.h -req.o: ../include/openssl/store.h ../include/openssl/symhacks.h -req.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -req.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -req.o: ../include/openssl/x509v3.h apps.h req.c +req.o: ../include/openssl/symhacks.h ../include/openssl/txt_db.h +req.o: ../include/openssl/ui.h ../include/openssl/x509.h +req.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h req.c rsa.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h rsa.o: ../include/openssl/bn.h ../include/openssl/buffer.h rsa.o: ../include/openssl/conf.h ../include/openssl/crypto.h @@ -839,11 +838,11 @@ s_server.o: ../include/openssl/rand.h ../include/openssl/rsa.h s_server.o: ../include/openssl/safestack.h ../include/openssl/sha.h s_server.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h s_server.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h -s_server.o: ../include/openssl/stack.h ../include/openssl/store.h -s_server.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h -s_server.o: ../include/openssl/txt_db.h ../include/openssl/ui.h -s_server.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h -s_server.o: ../include/openssl/x509v3.h apps.h s_apps.h s_server.c timeouts.h +s_server.o: ../include/openssl/stack.h ../include/openssl/symhacks.h +s_server.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h +s_server.o: ../include/openssl/ui.h ../include/openssl/x509.h +s_server.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h +s_server.o: s_apps.h s_server.c timeouts.h s_socket.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h s_socket.o: ../include/openssl/buffer.h ../include/openssl/comp.h s_socket.o: ../include/openssl/conf.h ../include/openssl/crypto.h diff --git a/apps/asn1pars.c b/apps/asn1pars.c index b1a7c8e5db..a6a484507c 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -96,7 +96,7 @@ int MAIN(int argc, char **argv) unsigned char *tmpbuf; const unsigned char *ctmpbuf; BUF_MEM *buf=NULL; - STACK *osk=NULL; + STACK_OF(STRING) *osk=NULL; ASN1_TYPE *at=NULL; informat=FORMAT_PEM; @@ -113,7 +113,7 @@ int MAIN(int argc, char **argv) prog=argv[0]; argc--; argv++; - if ((osk=sk_new_null()) == NULL) + if ((osk=sk_STRING_new_null()) == NULL) { BIO_printf(bio_err,"Memory allocation failure\n"); goto end; @@ -169,7 +169,7 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-strparse") == 0) { if (--argc < 1) goto bad; - sk_push(osk,*(++argv)); + sk_STRING_push(osk,*(++argv)); } else if (strcmp(*argv,"-genstr") == 0) { @@ -302,18 +302,18 @@ bad: /* If any structs to parse go through in sequence */ - if (sk_num(osk)) + if (sk_STRING_num(osk)) { tmpbuf=(unsigned char *)str; tmplen=num; - for (i=0; i<sk_num(osk); i++) + for (i=0; i<sk_STRING_num(osk); i++) { ASN1_TYPE *atmp; int typ; - j=atoi(sk_value(osk,i)); + j=atoi(sk_STRING_value(osk,i)); if (j == 0) { - BIO_printf(bio_err,"'%s' is an invalid number\n",sk_value(osk,i)); + BIO_printf(bio_err,"'%s' is an invalid number\n",sk_STRING_value(osk,i)); continue; } tmpbuf+=j; @@ -378,7 +378,7 @@ end: ERR_print_errors(bio_err); if (buf != NULL) BUF_MEM_free(buf); if (at != NULL) ASN1_TYPE_free(at); - if (osk != NULL) sk_free(osk); + if (osk != NULL) sk_STRING_free(osk); OBJ_cleanup(); apps_shutdown(); OPENSSL_EXIT(ret); @@ -306,7 +306,8 @@ int MAIN(int argc, char **argv) ASN1_TIME *tmptm; ASN1_INTEGER *tmpser; char *f; - const char *p, **pp; + const char *p; + char * const *pp; int i,j; const EVP_MD *dgst=NULL; STACK_OF(CONF_VALUE) *attribs=NULL; @@ -555,8 +556,10 @@ bad: if (badops) { - for (pp=ca_usage; (*pp != NULL); pp++) - BIO_printf(bio_err,"%s",*pp); + const char **pp2; + + for (pp2=ca_usage; (*pp2 != NULL); pp2++) + BIO_printf(bio_err,"%s",*pp2); goto err; } @@ -876,9 +879,9 @@ bad: if (db == NULL) goto err; /* Lets check some fields */ - for (i=0; i<sk_num(db->db->data); i++) + for (i=0; i<sk_PSTRING_num(db->db->data); i++) { - pp=(const char **)sk_value(db->db->data,i); + pp=sk_PSTRING_value(db->db->data,i); if ((pp[DB_type][0] != DB_TYPE_REV) && (pp[DB_rev_date][0] != '\0')) { @@ -931,7 +934,7 @@ bad: #endif TXT_DB_write(out,db->db); BIO_printf(bio_err,"%d entries loaded from the database\n", - db->db->data->num); + sk_PSTRING_num(db->db->data)); BIO_printf(bio_err,"generating index\n"); } @@ -1401,9 +1404,9 @@ bad: ASN1_TIME_free(tmptm); - for (i=0; i<sk_num(db->db->data); i++) + for (i=0; i<sk_PSTRING_num(db->db->data); i++) { - pp=(const char **)sk_value(db->db->data,i); + pp=sk_PSTRING_value(db->db->data,i); if (pp[DB_type][0] == DB_TYPE_REV) { if ((r=X509_REVOKED_new()) == NULL) goto err; @@ -2630,9 +2633,9 @@ static int do_updatedb (CA_DB *db) else a_y2k = 0; - for (i = 0; i < sk_num(db->db->data); i++) + for (i = 0; i < sk_PSTRING_num(db->db->data); i++) { - rrow = (char **) sk_value(db->db->data, i); + rrow = sk_PSTRING_value(db->db->data, i); if (rrow[DB_type][0] == 'V') { diff --git a/apps/cms.c b/apps/cms.c index 42bdb69eb2..868de4e918 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -71,8 +71,9 @@ static int save_certs(char *signerfile, STACK_OF(X509) *signers); static int cms_cb(int ok, X509_STORE_CTX *ctx); static void receipt_request_print(BIO *out, CMS_ContentInfo *cms); -static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst, - STACK *rr_from); +static CMS_ReceiptRequest *make_receipt_request(STACK_OF(STRING) *rr_to, + int rr_allorfirst, + STACK_OF(STRING) *rr_from); #define SMIME_OP 0x10 #define SMIME_IP 0x20 @@ -105,7 +106,7 @@ int MAIN(int argc, char **argv) const char *inmode = "r", *outmode = "w"; char *infile = NULL, *outfile = NULL, *rctfile = NULL; char *signerfile = NULL, *recipfile = NULL; - STACK *sksigners = NULL, *skkeys = NULL; + STACK_OF(STRING) *sksigners = NULL, *skkeys = NULL; char *certfile = NULL, *keyfile = NULL, *contfile=NULL; char *certsoutfile = NULL; const EVP_CIPHER *cipher = NULL; @@ -118,7 +119,7 @@ int MAIN(int argc, char **argv) int badarg = 0; int flags = CMS_DETACHED, noout = 0, print = 0; int rr_print = 0, rr_allorfirst = -1; - STACK *rr_to = NULL, *rr_from = NULL; + STACK_OF(STRING) *rr_to = NULL, *rr_from = NULL; CMS_ReceiptRequest *rr = NULL; char *to = NULL, *from = NULL, *subject = NULL; char *CAfile = NULL, *CApath = NULL; @@ -275,8 +276,8 @@ int MAIN(int argc, char **argv) goto argerr; args++; if (!rr_from) - rr_from = sk_new_null(); - sk_push(rr_from, *args); + rr_from = sk_STRING_new_null(); + sk_STRING_push(rr_from, *args); } else if (!strcmp(*args,"-receipt_request_to")) { @@ -284,8 +285,8 @@ int MAIN(int argc, char **argv) goto argerr; args++; if (!rr_to) - rr_to = sk_new_null(); - sk_push(rr_to, *args); + rr_to = sk_STRING_new_null(); + sk_STRING_push(rr_to, *args); } else if (!strcmp (*args, "-print")) { @@ -381,13 +382,13 @@ int MAIN(int argc, char **argv) if (signerfile) { if (!sksigners) - sksigners = sk_new_null(); - sk_push(sksigners, signerfile); + sksigners = sk_STRING_new_null(); + sk_STRING_push(sksigners, signerfile); if (!keyfile) keyfile = signerfile; if (!skkeys) - skkeys = sk_new_null(); - sk_push(skkeys, keyfile); + skkeys = sk_STRING_new_null(); + sk_STRING_push(skkeys, keyfile); keyfile = NULL; } signerfile = *++args; @@ -429,12 +430,12 @@ int MAIN(int argc, char **argv) goto argerr; } if (!sksigners) - sksigners = sk_new_null(); - sk_push(sksigners, signerfile); + sksigners = sk_STRING_new_null(); + sk_STRING_push(sksigners, signerfile); signerfile = NULL; if (!skkeys) - skkeys = sk_new_null(); - sk_push(skkeys, keyfile); + skkeys = sk_STRING_new_null(); + sk_STRING_push(skkeys, keyfile); } keyfile = *++args; } @@ -533,13 +534,13 @@ int MAIN(int argc, char **argv) if (signerfile) { if (!sksigners) - sksigners = sk_new_null(); - sk_push(sksigners, signerfile); + sksigners = sk_STRING_new_null(); + sk_STRING_push(sksigners, signerfile); if (!skkeys) - skkeys = sk_new_null(); + skkeys = sk_STRING_new_null(); if (!keyfile) keyfile = signerfile; - sk_push(skkeys, keyfile); + sk_STRING_push(skkeys, keyfile); } if (!sksigners) { @@ -974,11 +975,11 @@ int MAIN(int argc, char **argv) } else flags |= CMS_REUSE_DIGEST; - for (i = 0; i < sk_num(sksigners); i++) + for (i = 0; i < sk_STRING_num(sksigners); i++) { CMS_SignerInfo *si; - signerfile = sk_value(sksigners, i); - keyfile = sk_value(skkeys, i); + signerfile = sk_STRING_value(sksigners, i); + keyfile = sk_STRING_value(skkeys, i); signer = load_cert(bio_err, signerfile,FORMAT_PEM, NULL, e, "signer certificate"); if (!signer) @@ -1152,9 +1153,9 @@ end: if (vpm) X509_VERIFY_PARAM_free(vpm); if (sksigners) - sk_free(sksigners); + sk_STRING_free(sksigners); if (skkeys) - sk_free(skkeys); + sk_STRING_free(skkeys); if (secret_key) OPENSSL_free(secret_key); if (secret_keyid) @@ -1164,9 +1165,9 @@ end: if (rr) CMS_ReceiptRequest_free(rr); if (rr_to) - sk_free(rr_to); + sk_STRING_free(rr_to); if (rr_from) - sk_free(rr_from); + sk_STRING_free(rr_from); X509_STORE_free(store); X509_free(cert); X509_free(recip); @@ -1286,7 +1287,7 @@ static void receipt_request_print(BIO *out, CMS_ContentInfo *cms) } } -static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns) +static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(STRING) *ns) { int i; STACK_OF(GENERAL_NAMES) *ret; @@ -1295,9 +1296,9 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns) ret = sk_GENERAL_NAMES_new_null(); if (!ret) goto err; - for (i = 0; i < sk_num(ns); i++) + for (i = 0; i < sk_STRING_num(ns); i++) { - char *str = sk_value(ns, i); + char *str = sk_STRING_value(ns, i); gen = a2i_GENERAL_NAME(NULL, NULL, NULL, GEN_EMAIL, str, 0); if (!gen) goto err; @@ -1325,8 +1326,9 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK *ns) } -static CMS_ReceiptRequest *make_receipt_request(STACK *rr_to, int rr_allorfirst, - STACK *rr_from) +static CMS_ReceiptRequest *make_receipt_request(STACK_OF(STRING) *rr_to, + int rr_allorfirst, + STACK_OF(STRING) *rr_from) { STACK_OF(GENERAL_NAMES) *rct_to, *rct_from; CMS_ReceiptRequest *rr; diff --git a/apps/crl2p7.c b/apps/crl2p7.c index 15138acb47..194971d5d9 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -92,7 +92,7 @@ int MAIN(int argc, char **argv) PKCS7 *p7 = NULL; PKCS7_SIGNED *p7s = NULL; X509_CRL *crl=NULL; - STACK *certflst=NULL; + STACK_OF(STRING) *certflst=NULL; STACK_OF(X509_CRL) *crl_stack=NULL; STACK_OF(X509) *cert_stack=NULL; int ret=1,nocrl=0; @@ -140,8 +140,8 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-certfile") == 0) { if (--argc < 1) goto bad; - if(!certflst) certflst = sk_new_null(); - sk_push(certflst,*(++argv)); + if(!certflst) certflst = sk_STRING_new_null(); + sk_STRING_push(certflst,*(++argv)); } else { @@ -226,8 +226,8 @@ bad: if ((cert_stack=sk_X509_new_null()) == NULL) goto end; p7s->cert=cert_stack; - if(certflst) for(i = 0; i < sk_num(certflst); i++) { - certfile = sk_value(certflst, i); + if(certflst) for(i = 0; i < sk_STRING_num(certflst); i++) { + certfile = sk_STRING_value(certflst, i); if (add_certs_from_file(cert_stack,certfile) < 0) { BIO_printf(bio_err, "error loading certificates\n"); @@ -236,7 +236,7 @@ bad: } } - sk_free(certflst); + sk_STRING_free(certflst); if (outfile == NULL) { diff --git a/apps/dgst.c b/apps/dgst.c index b22b008c76..96e72c6657 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -107,7 +107,7 @@ int MAIN(int argc, char **argv) #endif char *hmac_key=NULL; char *mac_name=NULL; - STACK *sigopts = NULL, *macopts = NULL; + STACK_OF(STRING) *sigopts = NULL, *macopts = NULL; apps_startup(); @@ -210,8 +210,8 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; if (!sigopts) - sigopts = sk_new_null(); - if (!sigopts || !sk_push(sigopts, *(++argv))) + sigopts = sk_STRING_new_null(); + if (!sigopts || !sk_STRING_push(sigopts, *(++argv))) break; } else if (strcmp(*argv,"-macopt") == 0) @@ -219,8 +219,8 @@ int MAIN(int argc, char **argv) if (--argc < 1) break; if (!macopts) - macopts = sk_new_null(); - if (!macopts || !sk_push(macopts, *(++argv))) + macopts = sk_STRING_new_null(); + if (!macopts || !sk_STRING_push(macopts, *(++argv))) break; } else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL) @@ -372,9 +372,9 @@ int MAIN(int argc, char **argv) if (macopts) { char *macopt; - for (i = 0; i < sk_num(macopts); i++) + for (i = 0; i < sk_STRING_num(macopts); i++) { - macopt = sk_value(macopts, i); + macopt = sk_STRING_value(macopts, i); if (pkey_ctrl_string(mac_ctx, macopt) <= 0) { BIO_printf(bio_err, @@ -431,9 +431,9 @@ int MAIN(int argc, char **argv) if (sigopts) { char *sigopt; - for (i = 0; i < sk_num(sigopts); i++) + for (i = 0; i < sk_STRING_num(sigopts); i++) { - sigopt = sk_value(sigopts, i); + sigopt = sk_STRING_value(sigopts, i); if (pkey_ctrl_string(pctx, sigopt) <= 0) { BIO_printf(bio_err, @@ -538,9 +538,9 @@ end: BIO_free_all(out); EVP_PKEY_free(sigkey); if (sigopts) - sk_free(sigopts); + sk_STRING_free(sigopts); if (macopts) - sk_free(macopts); + sk_STRING_free(macopts); if(sigbuf) OPENSSL_free(sigbuf); if (bmd != NULL) BIO_free(bmd); apps_shutdown(); diff --git a/apps/engine.c b/apps/engine.c index a93ea4de3c..b51244acc8 100644 --- a/apps/engine.c +++ b/apps/engine.c @@ -92,7 +92,7 @@ static const char *engine_usage[]={ NULL }; -static void identity(void *ptr) +static void identity(char *ptr) { return; } @@ -200,7 +200,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent char *desc = NULL; int flags; int xpos = 0; - STACK *cmds = NULL; + STACK_OF(STRING) *cmds = NULL; if(!ENGINE_ctrl(e, ENGINE_CTRL_HAS_CTRL_FUNCTION, 0, NULL, NULL) || ((num = ENGINE_ctrl(e, ENGINE_CTRL_GET_FIRST_CMD_TYPE, 0, NULL, NULL)) <= 0)) @@ -211,7 +211,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent return 1; } - cmds = sk_new_null(); + cmds = sk_STRING_new_null(); if(!cmds) goto err; @@ -284,15 +284,17 @@ static int util_verbose(ENGINE *e, int verbose, BIO *bio_out, const char *indent BIO_printf(bio_out, "\n"); ret = 1; err: - if(cmds) sk_pop_free(cmds, identity); + if(cmds) sk_STRING_pop_f |