summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--apps/ca.c65
-rw-r--r--apps/req.c21
-rw-r--r--crypto/conf/conf.c22
-rw-r--r--crypto/conf/conf.h5
-rw-r--r--crypto/x509v3/v3_akey.c16
-rw-r--r--crypto/x509v3/v3_alt.c16
-rw-r--r--crypto/x509v3/v3_bcons.c14
-rw-r--r--crypto/x509v3/v3_bitst.c23
-rw-r--r--crypto/x509v3/v3_conf.c25
-rw-r--r--crypto/x509v3/v3_cpols.c46
-rw-r--r--crypto/x509v3/v3_crld.c16
-rw-r--r--crypto/x509v3/v3_extku.c16
-rw-r--r--crypto/x509v3/v3_prn.c14
-rw-r--r--crypto/x509v3/v3_utl.c23
-rw-r--r--crypto/x509v3/x509v3.h40
15 files changed, 196 insertions, 166 deletions
diff --git a/apps/ca.c b/apps/ca.c
index 1f2423977f..6a86438b13 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -182,23 +182,23 @@ static int index_name_cmp(char **a,char **b);
static BIGNUM *load_serial(char *serialfile);
static int save_serial(char *serialfile, BIGNUM *serial);
static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
- const EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,
- char *startdate,int days,int batch,char *ext_sect,
- LHASH *conf,int verbose);
+ const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,TXT_DB *db,
+ BIGNUM *serial, char *startdate,int days,int batch,
+ char *ext_sect, LHASH *conf,int verbose);
static int certify_cert(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
- const EVP_MD *dgst,STACK *policy,TXT_DB *db,
- BIGNUM *serial,char *startdate,int days,int batch,
- char *ext_sect, LHASH *conf,int verbose);
+ const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
+ TXT_DB *db, BIGNUM *serial,char *startdate,int days,
+ int batch, char *ext_sect, LHASH *conf,int verbose);
static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
- const EVP_MD *dgst,STACK *policy,TXT_DB *db,
- BIGNUM *serial,char *startdate,int days,
+ const EVP_MD *dgst,STACK_OF(CONF_VALUE) *policy,
+ TXT_DB *db, BIGNUM *serial,char *startdate,int days,
char *ext_sect,LHASH *conf,int verbose);
static int fix_data(int nid, int *type);
static void write_new_certificate(BIO *bp, X509 *x, int output_der);
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
- STACK *policy, TXT_DB *db, BIGNUM *serial, char *startdate,
- int days, int batch, int verbose, X509_REQ *req, char *ext_sect,
- LHASH *conf);
+ STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial,
+ char *startdate, int days, int batch, int verbose, X509_REQ *req,
+ char *ext_sect, LHASH *conf);
static int do_revoke(X509 *x509, TXT_DB *db);
static int check_time_format(char *str);
static LHASH *conf;
@@ -252,7 +252,7 @@ int MAIN(int argc, char **argv)
int i,j;
long l;
const EVP_MD *dgst=NULL;
- STACK *attribs=NULL;
+ STACK_OF(CONF_VALUE) *attribs=NULL;
STACK *cert_sk=NULL;
BIO *hex=NULL;
#undef BSIZE
@@ -1324,9 +1324,9 @@ err:
}
static int certify(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK *policy, TXT_DB *db, BIGNUM *serial,
- char *startdate, int days, int batch, char *ext_sect, LHASH *lconf,
- int verbose)
+ const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
+ BIGNUM *serial, char *startdate, int days, int batch,
+ char *ext_sect, LHASH *lconf, int verbose)
{
X509_REQ *req=NULL;
BIO *in=NULL;
@@ -1383,10 +1383,9 @@ err:
}
static int certify_cert(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK *policy, TXT_DB *db, BIGNUM *serial,
- char *startdate, int days, int batch, char *ext_sect, LHASH *lconf,
- int verbose)
-
+ const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
+ BIGNUM *serial, char *startdate, int days, int batch,
+ char *ext_sect, LHASH *lconf, int verbose)
{
X509 *req=NULL;
X509_REQ *rreq=NULL;
@@ -1447,8 +1446,9 @@ err:
}
static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
- STACK *policy, TXT_DB *db, BIGNUM *serial, char *startdate, int days,
- int batch, int verbose, X509_REQ *req, char *ext_sect, LHASH *lconf)
+ STACK_OF(CONF_VALUE) *policy, TXT_DB *db, BIGNUM *serial,
+ char *startdate, int days, int batch, int verbose, X509_REQ *req,
+ char *ext_sect, LHASH *lconf)
{
X509_NAME *name=NULL,*CAname=NULL,*subject=NULL;
ASN1_UTCTIME *tm,*tmptm;
@@ -1562,9 +1562,9 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, const EVP_MD *dgst,
if (CAname == NULL) goto err;
str=str2=NULL;
- for (i=0; i<sk_num(policy); i++)
+ for (i=0; i<sk_CONF_VALUE_num(policy); i++)
{
- cv=(CONF_VALUE *)sk_value(policy,i); /* get the object id */
+ cv=sk_CONF_VALUE_value(policy,i); /* get the object id */
if ((j=OBJ_txt2nid(cv->name)) == NID_undef)
{
BIO_printf(bio_err,"%s:unknown object type in 'policy' configuration\n",cv->name);
@@ -1904,10 +1904,11 @@ static void write_new_certificate(BIO *bp, X509 *x, int output_der)
}
static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
- const EVP_MD *dgst, STACK *policy, TXT_DB *db, BIGNUM *serial,
- char *startdate, int days, char *ext_sect, LHASH *lconf, int verbose)
+ const EVP_MD *dgst, STACK_OF(CONF_VALUE) *policy, TXT_DB *db,
+ BIGNUM *serial, char *startdate, int days, char *ext_sect,
+ LHASH *lconf, int verbose)
{
- STACK *sk=NULL;
+ STACK_OF(CONF_VALUE) *sk=NULL;
LHASH *parms=NULL;
X509_REQ *req=NULL;
CONF_VALUE *cv=NULL;
@@ -1936,7 +1937,7 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
}
sk=CONF_get_section(parms, "default");
- if (sk_num(sk) == 0)
+ if (sk_CONF_VALUE_num(sk) == 0)
{
BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
CONF_free(parms);
@@ -1965,9 +1966,9 @@ static int certify_spkac(X509 **xret, char *infile, EVP_PKEY *pkey, X509 *x509,
for (i = 0; ; i++)
{
- if ((int)sk_num(sk) <= i) break;
+ if (sk_CONF_VALUE_num(sk) <= i) break;
- cv=(CONF_VALUE *)sk_value(sk,i);
+ cv=sk_CONF_VALUE_value(sk,i);
type=cv->name;
buf=cv->value;
@@ -2089,7 +2090,7 @@ static int check_time_format(char *str)
static int add_oid_section(LHASH *hconf)
{
char *p;
- STACK *sktmp;
+ STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *cnf;
int i;
if(!(p=CONF_get_string(hconf,NULL,"oid_section"))) return 1;
@@ -2097,8 +2098,8 @@ static int add_oid_section(LHASH *hconf)
BIO_printf(bio_err, "problem loading oid section %s\n", p);
return 0;
}
- for(i = 0; i < sk_num(sktmp); i++) {
- cnf = (CONF_VALUE *)sk_value(sktmp, i);
+ for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+ cnf = sk_CONF_VALUE_value(sktmp, i);
if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
BIO_printf(bio_err, "problem creating object %s=%s\n",
cnf->name, cnf->value);
diff --git a/apps/req.c b/apps/req.c
index fd23f578d7..86c29e0863 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -823,7 +823,7 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, int attribs)
char buf[100];
int nid,min,max;
char *type,*def,*tmp,*value,*tmp_attr;
- STACK *sk,*attr=NULL;
+ STACK_OF(CONF_VALUE) *sk, *attr=NULL;
CONF_VALUE *v;
tmp=CONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME);
@@ -866,15 +866,15 @@ static int make_REQ(X509_REQ *req, EVP_PKEY *pkey, int attribs)
/* setup version number */
if (!ASN1_INTEGER_set(ri->version,0L)) goto err; /* version 1 */
- if (sk_num(sk))
+ if (sk_CONF_VALUE_num(sk))
{
i= -1;
start: for (;;)
{
i++;
- if ((int)sk_num(sk) <= i) break;
+ if (sk_CONF_VALUE_num(sk) <= i) break;
- v=(CONF_VALUE *)sk_value(sk,i);
+ v=sk_CONF_VALUE_value(sk,i);
p=q=NULL;
type=v->name;
if(!check_end(type,"_min") || !check_end(type,"_max") ||
@@ -918,7 +918,7 @@ start: for (;;)
if (attribs)
{
- if ((attr != NULL) && (sk_num(attr) > 0))
+ if ((attr != NULL) && (sk_CONF_VALUE_num(attr) > 0))
{
BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n");
BIO_printf(bio_err,"to be sent with your certificate request\n");
@@ -928,10 +928,11 @@ start: for (;;)
start2: for (;;)
{
i++;
- if ((attr == NULL) || ((int)sk_num(attr) <= i))
+ if ((attr == NULL) ||
+ (sk_CONF_VALUE_num(attr) <= i))
break;
- v=(CONF_VALUE *)sk_value(attr,i);
+ v=sk_CONF_VALUE_value(attr,i);
type=v->name;
if ((nid=OBJ_txt2nid(type)) == NID_undef)
goto start2;
@@ -1176,7 +1177,7 @@ static int check_end(char *str, char *end)
static int add_oid_section(LHASH *conf)
{
char *p;
- STACK *sktmp;
+ STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *cnf;
int i;
if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1;
@@ -1184,8 +1185,8 @@ static int add_oid_section(LHASH *conf)
BIO_printf(bio_err, "problem loading oid section %s\n", p);
return 0;
}
- for(i = 0; i < sk_num(sktmp); i++) {
- cnf = (CONF_VALUE *)sk_value(sktmp, i);
+ for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+ cnf = sk_CONF_VALUE_value(sktmp, i);
if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
BIO_printf(bio_err, "problem creating object %s=%s\n",
cnf->name, cnf->value);
diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c
index 3a055fac3c..f98451e77d 100644
--- a/crypto/conf/conf.c
+++ b/crypto/conf/conf.c
@@ -134,7 +134,7 @@ LHASH *CONF_load_bio(LHASH *h, BIO *in, long *line)
CONF_VALUE *v=NULL,*vv,*tv;
CONF_VALUE *sv=NULL;
char *section=NULL,*buf;
- STACK *section_sk=NULL,*ts;
+ STACK_OF(CONF_VALUE) *section_sk=NULL,*ts;
char *start,*psection,*pname;
if ((buff=BUF_MEM_new()) == NULL)
@@ -169,7 +169,7 @@ LHASH *CONF_load_bio(LHASH *h, BIO *in, long *line)
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- section_sk=(STACK *)sv->value;
+ section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
bufnum=0;
for (;;)
@@ -261,7 +261,7 @@ again:
CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- section_sk=(STACK *)sv->value;
+ section_sk=(STACK_OF(CONF_VALUE) *)sv->value;
continue;
}
else
@@ -295,7 +295,7 @@ again:
p++;
*p='\0';
- if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL)
+ if (!(v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))))
{
CONFerr(CONF_F_CONF_LOAD_BIO,
ERR_R_MALLOC_FAILURE);
@@ -321,10 +321,10 @@ again:
if (tv == NULL)
{
CONFerr(CONF_F_CONF_LOAD_BIO,
- CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+ CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
goto err;
}
- ts=(STACK *)tv->value;
+ ts=(STACK_OF(CONF_VALUE) *)tv->value;
}
else
{
@@ -332,7 +332,7 @@ again:
ts=section_sk;
}
v->section=tv->section;
- if (!sk_push(ts,(char *)v))
+ if (!sk_CONF_VALUE_push(ts,v))
{
CONFerr(CONF_F_CONF_LOAD_BIO,
ERR_R_MALLOC_FAILURE);
@@ -341,7 +341,7 @@ again:
vv=(CONF_VALUE *)lh_insert(ret,(char *)v);
if (vv != NULL)
{
- sk_delete_ptr(ts,(char *)vv);
+ sk_CONF_VALUE_delete_ptr(ts,vv);
Free(vv->name);
Free(vv->value);
Free(vv);
@@ -411,13 +411,13 @@ static CONF_VALUE *get_section(LHASH *conf, char *section)
return(v);
}
-STACK *CONF_get_section(LHASH *conf, char *section)
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf, char *section)
{
CONF_VALUE *v;
v=get_section(conf,section);
if (v != NULL)
- return((STACK *)v->value);
+ return((STACK_OF(CONF_VALUE) *)v->value);
else
return(NULL);
}
@@ -728,3 +728,5 @@ err:
}
return(v);
}
+
+IMPLEMENT_STACK_OF(CONF_VALUE)
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
index feb65f2a7d..e7c5150097 100644
--- a/crypto/conf/conf.h
+++ b/crypto/conf/conf.h
@@ -66,6 +66,7 @@ extern "C" {
#include <openssl/bio.h>
#include <openssl/lhash.h>
#include <openssl/stack.h>
+#include <openssl/safestack.h>
typedef struct
{
@@ -74,16 +75,18 @@ typedef struct
char *value;
} CONF_VALUE;
+DECLARE_STACK_OF(CONF_VALUE)
LHASH *CONF_load(LHASH *conf,const char *file,long *eline);
LHASH *CONF_load_fp(LHASH *conf, FILE *fp,long *eline);
LHASH *CONF_load_bio(LHASH *conf, BIO *bp,long *eline);
-STACK *CONF_get_section(LHASH *conf,char *section);
+STACK_OF(CONF_VALUE) *CONF_get_section(LHASH *conf,char *section);
char *CONF_get_string(LHASH *conf,char *group,char *name);
long CONF_get_number(LHASH *conf,char *group,char *name);
void CONF_free(LHASH *conf);
void ERR_load_CONF_strings(void );
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index 72b023281f..8b1deca8d8 100644
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -63,8 +63,10 @@
#include <openssl/asn1_mac.h>
#include <openssl/x509v3.h>
-static STACK *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, STACK *extlist);
-static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *values);
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
+ AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist);
+static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
X509V3_EXT_METHOD v3_akey_id = {
NID_authority_key_identifier, X509V3_EXT_MULTILINE,
@@ -133,8 +135,8 @@ void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
Free ((char *)a);
}
-static STACK *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
- AUTHORITY_KEYID *akeyid, STACK *extlist)
+static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
+ AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
{
char *tmp;
if(akeyid->keyid) {
@@ -162,7 +164,7 @@ static STACK *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
*/
static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK *values)
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
{
char keyid=0, issuer=0;
int i;
@@ -175,8 +177,8 @@ ASN1_INTEGER *serial = NULL;
X509_EXTENSION *ext;
X509 *cert;
AUTHORITY_KEYID *akeyid;
-for(i = 0; i < sk_num(values); i++) {
- cnf = (CONF_VALUE *)sk_value(values, i);
+for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
+ cnf = sk_CONF_VALUE_value(values, i);
if(!strcmp(cnf->name, "keyid")) {
keyid = 1;
if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2;
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index f0f64d76a3..741d120e97 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -87,8 +87,8 @@ NULL, NULL, NULL},
EXT_END
};
-STACK *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- STACK_OF(GENERAL_NAME) *gens, STACK *ret)
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+ STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret)
{
int i;
GENERAL_NAME *gen;
@@ -96,12 +96,12 @@ STACK *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
gen = sk_GENERAL_NAME_value(gens, i);
ret = i2v_GENERAL_NAME(method, gen, ret);
}
- if(!ret) return sk_new_null();
+ if(!ret) return sk_CONF_VALUE_new_null();
return ret;
}
-STACK *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen,
- STACK *ret)
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
+ GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret)
{
char oline[256];
unsigned char *p;
@@ -299,7 +299,7 @@ static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
}
STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK *nval)
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
GENERAL_NAME *gen;
STACK_OF(GENERAL_NAME) *gens = NULL;
@@ -309,8 +309,8 @@ STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
return NULL;
}
- for(i = 0; i < sk_num(nval); i++) {
- cnf = (CONF_VALUE *)sk_value(nval, i);
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ cnf = sk_CONF_VALUE_value(nval, i);
if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err;
sk_GENERAL_NAME_push(gens, gen);
}
diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c
index 7e7c0e3ace..5af27025c7 100644
--- a/crypto/x509v3/v3_bcons.c
+++ b/crypto/x509v3/v3_bcons.c
@@ -64,8 +64,8 @@
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static STACK *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK *extlist);
-static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *values);
+static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist);
+static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
X509V3_EXT_METHOD v3_bcons = {
NID_basic_constraints, 0,
@@ -126,8 +126,8 @@ void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a)
Free ((char *)a);
}
-static STACK *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
- BASIC_CONSTRAINTS *bcons, STACK *extlist)
+static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
+ BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist)
{
X509V3_add_value_bool("CA", bcons->ca, &extlist);
X509V3_add_value_int("pathlen", bcons->pathlen, &extlist);
@@ -135,7 +135,7 @@ static STACK *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
}
static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK *values)
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values)
{
BASIC_CONSTRAINTS *bcons=NULL;
CONF_VALUE *val;
@@ -144,8 +144,8 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
return NULL;
}
- for(i = 0; i < sk_num(values); i++) {
- val = (CONF_VALUE *)sk_value(values, i);
+ for(i = 0; i < sk_CONF_VALUE_num(values); i++) {
+ val = sk_CONF_VALUE_value(values, i);
if(!strcmp(val->name, "CA")) {
if(!X509V3_get_value_bool(val, &bcons->ca)) goto err;
} else if(!strcmp(val->name, "pathlen")) {
diff --git a/crypto/x509v3/v3_bitst.c b/crypto/x509v3/v3_bitst.c
index 641f877c13..9828ba15b3 100644
--- a/crypto/x509v3/v3_bitst.c
+++ b/crypto/x509v3/v3_bitst.c
@@ -62,8 +62,11 @@
#include <openssl/x509v3.h>
static ASN1_BIT_STRING *asn1_bit_string_new(void);
-static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
-static STACK *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bits, STACK *extlist);
+static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ ASN1_BIT_STRING *bits,
+ STACK_OF(CONF_VALUE) *extlist);
static BIT_STRING_BITNAME ns_cert_type_table[] = {
{0, "SSL Client", "client"},
{1, "SSL Server", "server"},
@@ -99,8 +102,8 @@ static ASN1_BIT_STRING *asn1_bit_string_new(void)
return ASN1_BIT_STRING_new();
}
-static STACK *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- ASN1_BIT_STRING *bits, STACK *ret)
+static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret)
{
BIT_STRING_BITNAME *bnam;
for(bnam =method->usr_data; bnam->lname; bnam++) {
@@ -111,7 +114,7 @@ static STACK *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
}
static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK *nval)
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
CONF_VALUE *val;
ASN1_BIT_STRING *bs;
@@ -121,10 +124,9 @@ static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE);
return NULL;
}
- for(i = 0; i < sk_num(nval); i++) {
- val = (CONF_VALUE *)sk_value(nval, i);
- for(bnam = method->usr_data; bnam->lname;
- bnam++) {
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ val = sk_CONF_VALUE_value(nval, i);
+ for(bnam = method->usr_data; bnam->lname; bnam++) {
if(!strcmp(bnam->sname, val->name) ||
!strcmp(bnam->lname, val->name) ) {
ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1);
@@ -132,7 +134,8 @@ static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
}
}
if(!bnam->lname) {
- X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
+ X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
+ X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
X509V3_conf_err(val);
ASN1_BIT_STRING_free(bs);
return NULL;
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index aca8ff1f08..f19bb3ad84 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -71,7 +71,7 @@ static int v3_check_generic(char **value);
static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value);
static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type);
static char *conf_lhash_get_string(void *db, char *section, char *value);
-static STACK *conf_lhash_get_section(void *db, char *section);
+static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section);
static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid,
int crit, void *ext_struc);
/* LHASH *conf: Config file */
@@ -115,7 +115,7 @@ static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
{
X509V3_EXT_METHOD *method;
X509_EXTENSION *ext;
- STACK *nval;
+ STACK_OF(CONF_VALUE) *nval;
void *ext_struc;
if(ext_nid == NID_undef) {
X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME);
@@ -135,7 +135,8 @@ static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid,
return NULL;
}
ext_struc = method->v2i(method, ctx, nval);
- if(*value != '@') sk_pop_free(nval, X509V3_conf_free);
+ if(*value != '@') sk_CONF_VALUE_pop_free(nval,
+ X509V3_conf_free);
if(!ext_struc) return NULL;
} else if(method->s2i) {
if(!(ext_struc = method->s2i(method, ctx, value))) return NULL;
@@ -267,12 +268,12 @@ int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
X509 *cert)
{
X509_EXTENSION *ext;
- STACK *nval;
+ STACK_OF(CONF_VALUE) *nval;
CONF_VALUE *val;
int i;
if(!(nval = CONF_get_section(conf, section))) return 0;
- for(i = 0; i < sk_num(nval); i++) {
- val = (CONF_VALUE *)sk_value(nval, i);
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ val = sk_CONF_VALUE_value(nval, i);
if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
return 0;
if(cert) X509_add_ext(cert, ext, -1);
@@ -287,12 +288,12 @@ int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section,
X509_CRL *crl)
{
X509_EXTENSION *ext;
- STACK *nval;
+ STACK_OF(CONF_VALUE) *nval;
CONF_VALUE *val;
int i;
if(!(nval = CONF_get_section(conf, section))) return 0;
- for(i = 0; i < sk_num(nval); i++) {
- val = (CONF_VALUE *)sk_value(nval, i);
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+ val = sk_CONF_VALUE_value(nval, i);
if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value)))
return 0;
if(crl) X509_CRL_add_ext(crl, ext, -1);
@@ -310,7 +311,7 @@ char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section)
return NULL;
}
-STACK * X509V3_get_section(X509V3_CTX *ctx, char *section)
+STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section)
{
if(ctx->db_meth->get_section)
return ctx->db_meth->get_section(ctx->db, section);
@@ -324,7 +325,7 @@ void X509V3_string_free(X509V3_CTX *ctx, char *str)
ctx->db_meth->free_string(ctx->db, str);
}
-void X509V3_section_free(X509V3_CTX *ctx, STACK *section)
+void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section)
{
if(!section) return;
if(ctx->db_meth->free_section)
@@ -336,7 +337,7 @@ static char *conf_lhash_get_string(void *db, char *section, char *value)
return CONF_get_string(db, section, value);
}
-static STACK *conf_lhash_get_section(void *db, char *section)
+static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section)
{
return CONF_get_section(db, section);
}
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 94d4cdbec7..26a5df12e3 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -69,9 +69,11 @@ static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO
static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value);
static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent);
static void print_notice(BIO *out, USERNOTICE *notice, int indent);
-static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK *polstrs, int ia5org);
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK *unot, int ia5org);
-static STACK *nref_nos(STACK *nos);
+static POLICYINFO *policy_section(X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *polstrs, int ia5org);
+static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *unot, int ia5org);
+static STACK *nref_nos(STACK_OF(CONF_VALUE) *nos);
X509V3_EXT_METHOD v3_cpols = {
NID_certificate_policies, 0,
@@ -94,14 +96,14 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
char *pstr;
POLICYINFO *pol;
ASN1_OBJECT *pobj;
- STACK *vals;
+ STACK_OF(CONF_VALUE) *vals;
CONF_VALUE *cnf;
int i, ia5org;
pols = sk_POLICYINFO_new_null();
vals = X509V3_parse_list(value);
ia5org = 0;
- for(i = 0; i < sk_num(vals); i++) {
- cnf = (CONF_VALUE *)sk_value(vals, i);
+ for(i = 0; i < sk_CONF_VALUE_num(vals); i++) {
+ cnf = sk_CONF_VALUE_value(vals, i);
if(cnf->value || !cnf->name ) {
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER);
X509V3_conf_err(cnf);
@@ -112,7 +114,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
ia5org = 1;
continue;
} else if(*pstr == '@') {
- STACK *polsect;
+ STACK_OF(CONF_VALUE) *polsect;
polsect = X509V3_get_section(ctx, pstr + 1);
if(!polsect) {
X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION);
@@ -134,22 +136,23 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
}
sk_POLICYINFO_push(pols, pol);
}
- sk_pop_free(vals, X509V3_conf_free);
+ sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
return pols;
err:
sk_POLICYINFO_pop_free(pols, POLICYINFO_free);
return NULL;
}
-static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK *polstrs, int ia5org)
+static POLICYINFO *policy_section(X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *polstrs, int ia5org)
{
int i;
CONF_VALUE *cnf;
POLICYINFO *pol;
POLICYQUALINFO *qual;
if(!(pol = POLICYINFO_new())) goto merr;
- for(i = 0; i < sk_num(polstrs); i++) {
- cnf = (CONF_VALUE *)sk_value(polstrs, i);
+ for(i = 0; i < sk_CONF_VALUE_num(polstrs); i++) {
+ cnf = sk_CONF_VALUE_value(polstrs, i);
if(!strcmp(cnf->name, "policyIdentifier")) {
ASN1_OBJECT *pobj;
if(!(pobj = OBJ_txt2obj(cnf->value, 0))) {
@@ -170,7 +173,7 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK *polstrs, int ia5org)
if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value,
strlen(cnf->value))) goto merr;
} else if(!name_cmp(cnf->name, "userNotice")) {
- STACK *unot;
+ STACK_OF(CONF_VALUE) *unot;
if(*cnf->value != '@') {
X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_EXPECTED_A_SECTION_NAME);
X509V3_conf_err(cnf);
@@ -212,7 +215,8 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, STACK *polstrs, int ia5org)
}
-static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK *unot, int ia5org)
+static POLICYQUALINFO *notice_section(X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *unot, int ia5org)
{
int i;
CONF_VALUE *cnf;
@@ -222,8 +226,8 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK *unot, int ia5org)
qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice);
if(!(not = USERNOTICE_new())) goto merr;
qual->d.usernotice = not;
- for(i = 0; i < sk_num(unot); i++) {
- cnf = (CONF_VALUE *)sk_value(unot, i);
+ for(i = 0; i < sk_CONF_VALUE_num(unot); i++) {
+ cnf = sk_CONF_VALUE_value(unot, i);
if(!strcmp(cnf->name, "explicitText")) {
not->exptext = ASN1_VISIBLESTRING_new();
if(!ASN1_STRING_set(not->exptext, cnf->value,
@@ -240,19 +244,19 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK *unot, int ia5org)
strlen(cnf->value))) goto merr;
} else if(!strcmp(cnf->name, "noticeNumbers")) {
NOTICEREF *nref;
- STACK *nos;
+ STACK_OF(CONF_VALUE) *nos;
if(!not->noticeref) {
if(!(nref = NOTICEREF_new())) goto merr;
not->noticeref = nref;
} else nref = not->noticeref;
nos = X509V3_parse_list(cnf->value);
- if(!nos || !sk_num(nos)) {
+ if(!nos || !sk_CONF_VALUE_num(nos)) {
X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_NUMBERS);
X509V3_conf_err(cnf);
goto err;
}
nref->noticenos = nref_nos(nos);
- sk_pop_free(nos, X509V3_conf_free);
+ sk_CONF_VALUE_pop_free(nos, X509V3_conf_free);
if(!nref->noticenos) goto err;
} else {
X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION);
@@ -278,15 +282,15 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, STACK *unot, int ia5org)
return NULL;
}
-static STACK *nref_nos(STACK *nos)
+static STACK *nref_nos(STACK_OF(CONF_VALUE) *nos)
{
STACK *nnums;
CONF_VALUE *cnf;
ASN1_INTEGER *aint;
int i;
if(!(nnums = sk_new_null())) goto merr;
- for(i = 0; i < sk_num(nos); i++) {
- cnf = (CONF_VALUE *)sk_value(nos, i);
+ for(i = 0; i < sk_CONF_VALUE_num(nos); i++) {
+ cnf = sk_CONF_VALUE_value(nos, i);
if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) {
X509V3err(X509V3_F_NREF_NOS,X509V3_R_INVALID_NUMBER);
goto err;
diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c
index ece494489f..7551a1dd36 100644
--- a/crypto/x509v3/v3_crld.c
+++ b/crypto/x509v3/v3_crld.c
@@ -63,10 +63,10 @@
#include <openssl/asn1_mac.h>
#include <openssl/x509v3.h>
-static STACK *i2v_crld(X509V3_EXT_METHOD *method, STACK_OF(DIST_POINT) *crld,
- STACK *extlist);
+static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
+ STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist);
static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK *nval);
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
X509V3_EXT_METHOD v3_crld = {
NID_crl_distribution_points, X509V3_EXT_MULTILINE,
@@ -80,8 +80,8 @@ NULL, NULL,
NULL, NULL, NULL
};
-static STACK *i2v_crld(X509V3_EXT_METHOD *method, STACK_OF(DIST_POINT) *crld,
- STACK *exts)
+static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
+ STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts)
{
DIST_POINT *point;
int i;
@@ -102,7 +102,7 @@ static STACK *i2v_crld(X509V3_EXT_METHOD *method, STACK_OF(DIST_POINT) *crld,
}
static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, STACK *nval)
+ X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
STACK_OF(DIST_POINT) *crld = NULL;
STACK_OF(GENERAL_NAME) *gens = NULL;
@@ -110,9 +110,9 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
CONF_VALUE *cnf;
int i;
if(!(crld = sk_DIST_POINT_new(NULL))) goto merr;
- for(i = 0; i < sk_num(nval); i++) {
+ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
DIST_POINT *point;
- cnf = (CONF_VALUE *)sk_value(nval, i);
+ cnf = sk_CONF_VALUE_value(nval, i);
if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err;
if(!(gens = GENERAL_NAMES_new())) goto merr;
if(!sk_GENERAL_NAME_push(gens, gen)) goto merr;
diff --git a/crypto/x509v3/v3_extku.c b/crypto/x509v3/v3_extku.c
index dc3ebd5176..e149cd6871 100644
--- a/crypto/x509v3/v3_extku.c
+++ b/crypto/x509v3/v3_extku.c
@@ -63,8 +63,10 @@
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static STACK *v2i_ext_ku(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
-static STACK *i2v_ext_ku(X509V3_EXT_METHOD *method, STACK *eku, STACK *extlist);
+static STACK *v2i_ext_ku(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+ STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
+ STACK *eku, STACK_OF(CONF_VALUE) *extlist);
X509V3_EXT_METHOD v3_ext_ku = {
NID_ext_key_usage, 0,
(X509V3_EXT_NEW)ext_ku_new,
@@ -103,8 +105,8 @@ STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length)
-static STACK *i2v_ext_ku(X509V3_EXT_METHOD *method, STACK *eku,
- STACK *ext_list)
+stat