diff options
| author | Rich Salz <rsalz@akamai.com> | 2019-12-19 17:30:24 -0500 |
|---|---|---|
| committer | Tomas Mraz <tmraz@fedoraproject.org> | 2020-04-24 16:42:46 +0200 |
| commit | 852c2ed260860b6b85c84f9fe96fb4d23d49c9f2 (patch) | |
| tree | d8104686e0a02217c13f51e5d10d7434fa13e3dc /ssl | |
| parent | 4692e98bdbaebb6f078e89a75c54395839e68b24 (diff) | |
In OpenSSL builds, declare STACK for datatypes ...
... and only *define* them in the source files that need them.
Use DEFINE_OR_DECLARE which is set appropriately for internal builds
and not non-deprecated builds.
Deprecate stack-of-block
Better documentation
Move some ASN1 struct typedefs to types.h
Update ParseC to handle this. Most of all, ParseC needed to be more
consistent. The handlers are "recursive", in so far that they are called
again and again until they terminate, which depends entirely on what the
"massager" returns. There's a comment at the beginning of ParseC that
explains how that works. {Richard Levtte}
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10669)
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/d1_srtp.c | 2 | ||||
| -rw-r--r-- | ssl/s3_lib.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_cert.c | 3 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 3 | ||||
| -rw-r--r-- | ssl/ssl_conf.c | 2 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 8 | ||||
| -rw-r--r-- | ssl/ssl_rsa.c | 2 | ||||
| -rw-r--r-- | ssl/ssl_sess.c | 2 | ||||
| -rw-r--r-- | ssl/statem/extensions.c | 2 | ||||
| -rw-r--r-- | ssl/statem/extensions_clnt.c | 4 | ||||
| -rw-r--r-- | ssl/statem/extensions_srvr.c | 4 | ||||
| -rw-r--r-- | ssl/statem/statem_clnt.c | 4 | ||||
| -rw-r--r-- | ssl/statem/statem_lib.c | 4 | ||||
| -rw-r--r-- | ssl/statem/statem_srvr.c | 4 | ||||
| -rw-r--r-- | ssl/t1_lib.c | 4 |
15 files changed, 52 insertions, 0 deletions
diff --git a/ssl/d1_srtp.c b/ssl/d1_srtp.c index 6498f84de6..c46bc2e641 100644 --- a/ssl/d1_srtp.c +++ b/ssl/d1_srtp.c @@ -19,6 +19,8 @@ #ifndef OPENSSL_NO_SRTP +DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) + static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = { { "SRTP_AES128_CM_SHA1_80", diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index fde68943a9..2b49e7e51a 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -20,6 +20,10 @@ #include <openssl/x509v3.h> #include "internal/cryptlib.h" +DEFINE_STACK_OF(X509_NAME) +DEFINE_STACK_OF(X509) +DEFINE_STACK_OF_CONST(SSL_CIPHER) + #define TLS13_NUM_CIPHERS OSSL_NELEM(tls13_ciphers) #define SSL3_NUM_CIPHERS OSSL_NELEM(ssl3_ciphers) #define SSL3_NUM_SCSVS OSSL_NELEM(ssl3_scsvs) diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index b2ef4759d6..51bfa439f0 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -25,6 +25,9 @@ #include "ssl_cert_table.h" #include "internal/thread_once.h" +DEFINE_STACK_OF(X509) +DEFINE_STACK_OF(X509_NAME) + static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index 066c38a7cc..9ee1fc7fa9 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -22,6 +22,9 @@ #include "internal/thread_once.h" #include "internal/cryptlib.h" +DEFINE_STACK_OF(SSL_COMP) +DEFINE_STACK_OF_CONST(SSL_CIPHER) + /* NB: make sure indices in these tables match values above */ typedef struct { diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index cccda866eb..9408acc89e 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -14,6 +14,8 @@ #include <openssl/dh.h> #include "internal/nelem.h" +DEFINE_STACK_OF(X509_NAME) + /* * structure holding name tables. This is used for permitted elements in lists * such as TLSv1. diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index edfd69cd90..63cbb3d904 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -26,6 +26,14 @@ #include "internal/refcount.h" #include "internal/ktls.h" +DEFINE_STACK_OF(X509) +DEFINE_STACK_OF(X509_NAME) +DEFINE_STACK_OF_CONST(SSL_CIPHER) +DEFINE_STACK_OF(X509_EXTENSION) +DEFINE_STACK_OF(OCSP_RESPID) +DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) +DEFINE_STACK_OF(SCT) + static int ssl_undefined_function_1(SSL *ssl, SSL3_RECORD *r, size_t s, int t) { (void)r; diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index e0b4887061..7a699747d3 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -17,6 +17,8 @@ #include <openssl/x509v3.h> #include <openssl/pem.h> +DEFINE_STACK_OF(X509) + static int ssl_set_cert(CERT *c, X509 *x509); static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey); diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 5fc09d5d68..2062879406 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -16,6 +16,8 @@ #include "ssl_local.h" #include "statem/statem_local.h" +DEFINE_STACK_OF(X509) + static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s); static void SSL_SESSION_list_add(SSL_CTX *ctx, SSL_SESSION *s); static int remove_session_lock(SSL_CTX *ctx, SSL_SESSION *c, int lck); diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index 6bd16091d7..3c023486da 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -14,6 +14,8 @@ #include "statem_local.h" #include "internal/cryptlib.h" +DEFINE_STACK_OF(X509_NAME) + static int final_renegotiate(SSL *s, unsigned int context, int sent); static int init_server_name(SSL *s, unsigned int context); static int final_server_name(SSL *s, unsigned int context, int sent); diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index b8fcd8caa5..764c52322d 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -12,6 +12,10 @@ #include "internal/cryptlib.h" #include "statem_local.h" +DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) +DEFINE_STACK_OF_CONST(SSL_CIPHER) +DEFINE_STACK_OF(OCSP_RESPID) + EXT_RETURN tls_construct_ctos_renegotiate(SSL *s, WPACKET *pkt, unsigned int context, X509 *x, size_t chainidx) diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 9a11bc8656..e33b671a05 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -12,6 +12,10 @@ #include "statem_local.h" #include "internal/cryptlib.h" +DEFINE_STACK_OF(SRTP_PROTECTION_PROFILE) +DEFINE_STACK_OF(OCSP_RESPID) +DEFINE_STACK_OF(X509_EXTENSION) + #define COOKIE_STATE_FORMAT_VERSION 0 /* diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index eb4d416b6b..4e43117ca2 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -25,6 +25,10 @@ #include <openssl/trace.h> #include <internal/cryptlib.h> +DEFINE_STACK_OF(X509) +DEFINE_STACK_OF(SSL_COMP) +DEFINE_STACK_OF_CONST(SSL_CIPHER) + static MSG_PROCESS_RETURN tls_process_as_hello_retry_request(SSL *s, PACKET *pkt); static MSG_PROCESS_RETURN tls_process_encrypted_extensions(SSL *s, PACKET *pkt); diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 1df15c39db..262fe355f3 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -21,6 +21,10 @@ #include <openssl/x509.h> #include <openssl/trace.h> +DEFINE_STACK_OF(X509) +DEFINE_STACK_OF(X509_NAME) +DEFINE_STACK_OF_CONST(SSL_CIPHER) + /* * Map error codes to TLS/SSL alart types. */ diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 83dbf67a7e..c463f22ce2 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -26,6 +26,10 @@ #include <openssl/core_names.h> #include <openssl/asn1t.h> +DEFINE_STACK_OF(X509) +DEFINE_STACK_OF(SSL_COMP) +DEFINE_STACK_OF_CONST(SSL_CIPHER) + #define TICKET_NONCE_SIZE 8 typedef struct { diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index dc9cd6f1eb..7a5041b634 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -26,6 +26,10 @@ #include "ssl_local.h" #include <openssl/ct.h> +DEFINE_STACK_OF_CONST(SSL_CIPHER) +DEFINE_STACK_OF(X509) +DEFINE_STACK_OF(X509_NAME) + static const SIGALG_LOOKUP *find_sig_alg(SSL *s, X509 *x, EVP_PKEY *pkey); static int tls12_sigalg_allowed(const SSL *s, int op, const SIGALG_LOOKUP *lu); |