TLS/SSL and crypto library
リビジョン | e74e562f1c518839cc9b63aafd4af6644e01d9ca (tree) |
---|---|
日時 | 2020-09-13 19:11:20 |
作者 | Matt Caswell <matt@open...> |
コミッター | Matt Caswell |
Fix safestack issues in conf.h
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)
@@ -27,6 +27,7 @@ | ||
27 | 27 | /include/openssl/bio.h |
28 | 28 | /include/openssl/cmp.h |
29 | 29 | /include/openssl/cms.h |
30 | +/include/openssl/conf.h | |
30 | 31 | /include/openssl/configuration.h |
31 | 32 | /include/openssl/crmf.h |
32 | 33 | /include/openssl/ct.h |
@@ -34,8 +34,6 @@ | ||
34 | 34 | #include "apps.h" |
35 | 35 | #include "progs.h" |
36 | 36 | |
37 | -DEFINE_STACK_OF(CONF_VALUE) | |
38 | - | |
39 | 37 | #ifndef W_OK |
40 | 38 | # define F_OK 0 |
41 | 39 | # define W_OK 2 |
@@ -62,7 +62,6 @@ static int WIN32_rename(const char *from, const char *to); | ||
62 | 62 | #define PASS_SOURCE_SIZE_MAX 4 |
63 | 63 | |
64 | 64 | DEFINE_STACK_OF(CONF) |
65 | -DEFINE_STACK_OF(CONF_VALUE) | |
66 | 65 | |
67 | 66 | typedef struct { |
68 | 67 | const char *name; |
@@ -33,8 +33,6 @@ | ||
33 | 33 | #include <openssl/bn.h> |
34 | 34 | #include <openssl/x509v3.h> |
35 | 35 | |
36 | -DEFINE_STACK_OF(CONF_VALUE) | |
37 | - | |
38 | 36 | #if defined(__TANDEM) |
39 | 37 | # if defined(OPENSSL_TANDEM_FLOSS) |
40 | 38 | # include <floss.h(floss_fork)> |
@@ -35,8 +35,6 @@ | ||
35 | 35 | # include <openssl/dsa.h> |
36 | 36 | #endif |
37 | 37 | |
38 | -DEFINE_STACK_OF(CONF_VALUE) | |
39 | - | |
40 | 38 | #define BITS "default_bits" |
41 | 39 | #define KEYFILE "default_keyfile" |
42 | 40 | #define PROMPT "prompt" |
@@ -18,6 +18,7 @@ DEPEND[]=include/openssl/asn1.h \ | ||
18 | 18 | include/openssl/bio.h \ |
19 | 19 | include/openssl/cmp.h \ |
20 | 20 | include/openssl/cms.h \ |
21 | + include/openssl/conf.h \ | |
21 | 22 | include/openssl/configuration.h \ |
22 | 23 | include/openssl/crmf.h \ |
23 | 24 | include/openssl/ct.h \ |
@@ -40,6 +41,7 @@ GENERATE[include/openssl/asn1t.h]=include/openssl/asn1t.h.in | ||
40 | 41 | GENERATE[include/openssl/bio.h]=include/openssl/bio.h.in |
41 | 42 | GENERATE[include/openssl/cmp.h]=include/openssl/cmp.h.in |
42 | 43 | GENERATE[include/openssl/cms.h]=include/openssl/cms.h.in |
44 | +GENERATE[include/openssl/conf.h]=include/openssl/conf.h.in | |
43 | 45 | GENERATE[include/openssl/configuration.h]=include/openssl/configuration.h.in |
44 | 46 | GENERATE[include/openssl/crmf.h]=include/openssl/crmf.h.in |
45 | 47 | GENERATE[include/openssl/ct.h]=include/openssl/ct.h.in |
@@ -23,8 +23,6 @@ | ||
23 | 23 | |
24 | 24 | #define ASN1_GEN_STR(str,val) {str, sizeof(str) - 1, val} |
25 | 25 | |
26 | -DEFINE_STACK_OF(CONF_VALUE) | |
27 | - | |
28 | 26 | #define ASN1_FLAG_EXP_MAX 20 |
29 | 27 | /* Maximum number of nested sequences */ |
30 | 28 | #define ASN1_GEN_SEQ_MAX_DEPTH 50 |
@@ -16,8 +16,6 @@ | ||
16 | 16 | #include "crypto/asn1.h" |
17 | 17 | #include "crypto/objects.h" |
18 | 18 | |
19 | -DEFINE_STACK_OF(CONF_VALUE) | |
20 | - | |
21 | 19 | /* Simple ASN1 OID module: add all objects in a given section */ |
22 | 20 | |
23 | 21 | static int do_create(const char *value, const char *name); |
@@ -13,7 +13,6 @@ | ||
13 | 13 | #include <openssl/conf.h> |
14 | 14 | #include <openssl/x509v3.h> |
15 | 15 | |
16 | -DEFINE_STACK_OF(CONF_VALUE) | |
17 | 16 | /* Multi string module: add table entries from a given section */ |
18 | 17 | |
19 | 18 | static int do_tcreate(const char *value, const char *name); |
@@ -28,8 +28,6 @@ | ||
28 | 28 | #include <openssl/cmp.h> |
29 | 29 | #include <openssl/err.h> |
30 | 30 | |
31 | -DEFINE_STACK_OF(CONF_VALUE) | |
32 | - | |
33 | 31 | /* |
34 | 32 | * Send the PKIMessage req and on success return the response, else NULL. |
35 | 33 | * Any previous error queue entries will likely be removed by ERR_clear_error(). |
@@ -16,8 +16,6 @@ | ||
16 | 16 | #include <openssl/conf.h> |
17 | 17 | #include <openssl/conf_api.h> |
18 | 18 | |
19 | -DEFINE_STACK_OF(CONF_VALUE) | |
20 | - | |
21 | 19 | static void value_free_hash(const CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf); |
22 | 20 | static void value_free_stack_doall(CONF_VALUE *a); |
23 | 21 |
@@ -21,7 +21,6 @@ | ||
21 | 21 | #include <openssl/trace.h> |
22 | 22 | #include <openssl/engine.h> |
23 | 23 | |
24 | -DEFINE_STACK_OF(CONF_VALUE) | |
25 | 24 | DEFINE_STACK_OF(CONF_MODULE) |
26 | 25 | DEFINE_STACK_OF(CONF_IMODULE) |
27 | 26 |
@@ -14,8 +14,6 @@ | ||
14 | 14 | #include "internal/sslconf.h" |
15 | 15 | #include "conf_local.h" |
16 | 16 | |
17 | -DEFINE_STACK_OF(CONF_VALUE) | |
18 | - | |
19 | 17 | /* |
20 | 18 | * SSL library configuration module placeholder. We load it here but defer |
21 | 19 | * all decisions about its contents to libssl. |
@@ -14,8 +14,6 @@ | ||
14 | 14 | #include <openssl/conf.h> |
15 | 15 | #include <openssl/trace.h> |
16 | 16 | |
17 | -DEFINE_STACK_OF(CONF_VALUE) | |
18 | - | |
19 | 17 | /* ENGINE config module */ |
20 | 18 | |
21 | 19 | static const char *skip_dot(const char *name) |
@@ -16,8 +16,6 @@ | ||
16 | 16 | #include <openssl/trace.h> |
17 | 17 | #include "crypto/evp.h" |
18 | 18 | |
19 | -DEFINE_STACK_OF(CONF_VALUE) | |
20 | - | |
21 | 19 | /* Algorithm configuration module. */ |
22 | 20 | |
23 | 21 | static int alg_module_init(CONF_IMODULE *md, const CONF *cnf) |
@@ -25,8 +25,6 @@ | ||
25 | 25 | |
26 | 26 | #include "http_local.h" |
27 | 27 | |
28 | -DEFINE_STACK_OF(CONF_VALUE) | |
29 | - | |
30 | 28 | #define HTTP_PREFIX "HTTP/" |
31 | 29 | #define HTTP_VERSION_PATT "1." /* allow 1.x */ |
32 | 30 | #define HTTP_VERSION_STR_LEN 3 |
@@ -15,7 +15,6 @@ | ||
15 | 15 | #include "internal/provider.h" |
16 | 16 | |
17 | 17 | DEFINE_STACK_OF(OSSL_PROVIDER) |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | 18 | |
20 | 19 | /* PROVIDER config module */ |
21 | 20 |
@@ -18,8 +18,6 @@ | ||
18 | 18 | #include <openssl/engine.h> |
19 | 19 | #include <openssl/ts.h> |
20 | 20 | |
21 | -DEFINE_STACK_OF(CONF_VALUE) | |
22 | - | |
23 | 21 | /* Macro definitions for the configuration file. */ |
24 | 22 | #define BASE_SECTION "tsa" |
25 | 23 | #define ENV_DEFAULT_TSA "default_tsa" |
@@ -15,8 +15,6 @@ | ||
15 | 15 | #include <openssl/ts.h> |
16 | 16 | #include "ts_local.h" |
17 | 17 | |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | - | |
20 | 18 | struct status_map_st { |
21 | 19 | int bit; |
22 | 20 | const char *text; |
@@ -26,8 +26,6 @@ | ||
26 | 26 | |
27 | 27 | #ifndef OPENSSL_NO_RFC3779 |
28 | 28 | |
29 | -DEFINE_STACK_OF(CONF_VALUE) | |
30 | - | |
31 | 29 | /* |
32 | 30 | * OpenSSL ASN.1 template translation of RFC 3779 2.2.3. |
33 | 31 | */ |
@@ -15,8 +15,6 @@ | ||
15 | 15 | #include <openssl/x509v3.h> |
16 | 16 | #include "ext_dat.h" |
17 | 17 | |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | - | |
20 | 18 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, |
21 | 19 | AUTHORITY_KEYID *akeyid, |
22 | 20 | STACK_OF(CONF_VALUE) |
@@ -14,8 +14,6 @@ | ||
14 | 14 | #include <openssl/bio.h> |
15 | 15 | #include "ext_dat.h" |
16 | 16 | |
17 | -DEFINE_STACK_OF(CONF_VALUE) | |
18 | - | |
19 | 17 | static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, |
20 | 18 | X509V3_CTX *ctx, |
21 | 19 | STACK_OF(CONF_VALUE) *nval); |
@@ -56,8 +56,6 @@ IMPLEMENT_ASN1_FUNCTIONS(ASIdOrRange) | ||
56 | 56 | IMPLEMENT_ASN1_FUNCTIONS(ASIdentifierChoice) |
57 | 57 | IMPLEMENT_ASN1_FUNCTIONS(ASIdentifiers) |
58 | 58 | |
59 | -DEFINE_STACK_OF(CONF_VALUE) | |
60 | - | |
61 | 59 | /* |
62 | 60 | * i2r method for an ASIdentifierChoice. |
63 | 61 | */ |
@@ -16,8 +16,6 @@ | ||
16 | 16 | #include "ext_dat.h" |
17 | 17 | #include "x509_local.h" |
18 | 18 | |
19 | -DEFINE_STACK_OF(CONF_VALUE) | |
20 | - | |
21 | 19 | static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, |
22 | 20 | BASIC_CONSTRAINTS *bcons, |
23 | 21 | STACK_OF(CONF_VALUE) |
@@ -13,8 +13,6 @@ | ||
13 | 13 | #include <openssl/x509v3.h> |
14 | 14 | #include "ext_dat.h" |
15 | 15 | |
16 | -DEFINE_STACK_OF(CONF_VALUE) | |
17 | - | |
18 | 16 | static BIT_STRING_BITNAME ns_cert_type_table[] = { |
19 | 17 | {0, "SSL Client", "client"}, |
20 | 18 | {1, "SSL Server", "server"}, |
@@ -17,8 +17,6 @@ | ||
17 | 17 | #include "crypto/x509.h" |
18 | 18 | #include <openssl/x509v3.h> |
19 | 19 | |
20 | -DEFINE_STACK_OF(CONF_VALUE) | |
21 | - | |
22 | 20 | static int v3_check_critical(const char **value); |
23 | 21 | static int v3_check_generic(const char **value); |
24 | 22 | static X509_EXTENSION *do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, |
@@ -18,8 +18,6 @@ | ||
18 | 18 | #include "pcy_local.h" |
19 | 19 | #include "ext_dat.h" |
20 | 20 | |
21 | -DEFINE_STACK_OF(CONF_VALUE) | |
22 | - | |
23 | 21 | /* Certificate policies extension support: this one is a bit complex... */ |
24 | 22 | |
25 | 23 | static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, |
@@ -18,8 +18,6 @@ | ||
18 | 18 | #include "ext_dat.h" |
19 | 19 | #include "x509_local.h" |
20 | 20 | |
21 | -DEFINE_STACK_OF(CONF_VALUE) | |
22 | - | |
23 | 21 | static void *v2i_crld(const X509V3_EXT_METHOD *method, |
24 | 22 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); |
25 | 23 | static int i2r_crldp(const X509V3_EXT_METHOD *method, void *pcrldp, BIO *out, |
@@ -14,8 +14,6 @@ | ||
14 | 14 | #include <openssl/x509v3.h> |
15 | 15 | #include "ext_dat.h" |
16 | 16 | |
17 | -DEFINE_STACK_OF(CONF_VALUE) | |
18 | - | |
19 | 17 | static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method, |
20 | 18 | X509V3_CTX *ctx, |
21 | 19 | STACK_OF(CONF_VALUE) *nval); |
@@ -15,8 +15,6 @@ | ||
15 | 15 | #include <openssl/x509v3.h> |
16 | 16 | #include "ext_dat.h" |
17 | 17 | |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | - | |
20 | 18 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD |
21 | 19 | *method, AUTHORITY_INFO_ACCESS |
22 | 20 | *ainfo, STACK_OF(CONF_VALUE) |
@@ -15,8 +15,6 @@ | ||
15 | 15 | #include <openssl/x509v3.h> |
16 | 16 | #include "ext_dat.h" |
17 | 17 | |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | - | |
20 | 18 | /* |
21 | 19 | * Issuer Sign Tool (1.2.643.100.112) The name of the tool used to signs the subject (ASN1_SEQUENCE) |
22 | 20 | * This extention is required to obtain the status of a qualified certificate at Russian Federation. |
@@ -20,8 +20,6 @@ | ||
20 | 20 | #include "crypto/punycode.h" |
21 | 21 | #include "ext_dat.h" |
22 | 22 | |
23 | -DEFINE_STACK_OF(CONF_VALUE) | |
24 | - | |
25 | 23 | static void *v2i_NAME_CONSTRAINTS(const X509V3_EXT_METHOD *method, |
26 | 24 | X509V3_CTX *ctx, |
27 | 25 | STACK_OF(CONF_VALUE) *nval); |
@@ -49,8 +49,6 @@ | ||
49 | 49 | #include <openssl/x509v3.h> |
50 | 50 | #include "ext_dat.h" |
51 | 51 | |
52 | -DEFINE_STACK_OF(CONF_VALUE) | |
53 | - | |
54 | 52 | static int i2r_pci(X509V3_EXT_METHOD *method, PROXY_CERT_INFO_EXTENSION *ext, |
55 | 53 | BIO *out, int indent); |
56 | 54 | static PROXY_CERT_INFO_EXTENSION *r2i_pci(X509V3_EXT_METHOD *method, |
@@ -15,8 +15,6 @@ | ||
15 | 15 | #include <openssl/x509v3.h> |
16 | 16 | #include "ext_dat.h" |
17 | 17 | |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | - | |
20 | 18 | static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD |
21 | 19 | *method, void *bcons, STACK_OF(CONF_VALUE) |
22 | 20 | *extlist); |
@@ -14,8 +14,6 @@ | ||
14 | 14 | #include <openssl/x509v3.h> |
15 | 15 | #include "ext_dat.h" |
16 | 16 | |
17 | -DEFINE_STACK_OF(CONF_VALUE) | |
18 | - | |
19 | 17 | static void *v2i_POLICY_MAPPINGS(const X509V3_EXT_METHOD *method, |
20 | 18 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); |
21 | 19 | static STACK_OF(CONF_VALUE) *i2v_POLICY_MAPPINGS(const X509V3_EXT_METHOD |
@@ -14,8 +14,6 @@ | ||
14 | 14 | #include <openssl/conf.h> |
15 | 15 | #include <openssl/x509v3.h> |
16 | 16 | |
17 | -DEFINE_STACK_OF(CONF_VALUE) | |
18 | - | |
19 | 17 | /* Extension printing routines */ |
20 | 18 | |
21 | 19 | static int unknown_ext_print(BIO *out, const unsigned char *ext, int extlen, |
@@ -15,8 +15,6 @@ | ||
15 | 15 | #include <openssl/x509v3.h> |
16 | 16 | #include "ext_dat.h" |
17 | 17 | |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | - | |
20 | 18 | /* Support for Thawte strong extranet extension */ |
21 | 19 | |
22 | 20 | #define SXNET_TEST |
@@ -16,8 +16,6 @@ | ||
16 | 16 | #include "ext_dat.h" |
17 | 17 | #include "x509_local.h" |
18 | 18 | |
19 | -DEFINE_STACK_OF(CONF_VALUE) | |
20 | - | |
21 | 19 | static STACK_OF(CONF_VALUE) *i2v_TLS_FEATURE(const X509V3_EXT_METHOD *method, |
22 | 20 | TLS_FEATURE *tls_feature, |
23 | 21 | STACK_OF(CONF_VALUE) *ext_list); |
@@ -21,8 +21,6 @@ | ||
21 | 21 | #include "ext_dat.h" |
22 | 22 | #include "x509_local.h" |
23 | 23 | |
24 | -DEFINE_STACK_OF(CONF_VALUE) | |
25 | - | |
26 | 24 | static char *strip_spaces(char *name); |
27 | 25 | static int sk_strcmp(const char *const *a, const char *const *b); |
28 | 26 | static STACK_OF(OPENSSL_STRING) *get_email(const X509_NAME *name, |
@@ -1,4 +1,6 @@ | ||
1 | 1 | /* |
2 | + * {- join("\n * ", @autowarntext) -} | |
3 | + * | |
2 | 4 | * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. |
3 | 5 | * |
4 | 6 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
@@ -7,6 +9,10 @@ | ||
7 | 9 | * https://www.openssl.org/source/license.html |
8 | 10 | */ |
9 | 11 | |
12 | +{- | |
13 | +use OpenSSL::stackhash qw(generate_stack_macros); | |
14 | +-} | |
15 | + | |
10 | 16 | #ifndef OPENSSL_CONF_H |
11 | 17 | # define OPENSSL_CONF_H |
12 | 18 | # pragma once |
@@ -33,7 +39,9 @@ typedef struct { | ||
33 | 39 | char *value; |
34 | 40 | } CONF_VALUE; |
35 | 41 | |
36 | -DEFINE_OR_DECLARE_STACK_OF(CONF_VALUE) | |
42 | +{- | |
43 | + generate_stack_macros("CONF_VALUE"); | |
44 | +-} | |
37 | 45 | |
38 | 46 | DEFINE_LHASH_OF(CONF_VALUE); |
39 | 47 |
@@ -14,8 +14,6 @@ | ||
14 | 14 | #include <openssl/safestack.h> |
15 | 15 | #include <openssl/err.h> |
16 | 16 | |
17 | -DEFINE_STACK_OF(CONF_VALUE) | |
18 | - | |
19 | 17 | static STACK_OF(OPENSSL_CSTRING) *section_names = NULL; |
20 | 18 | |
21 | 19 | static void collect_section_name(CONF_VALUE *v) |
@@ -15,8 +15,6 @@ | ||
15 | 15 | |
16 | 16 | #include "testutil.h" |
17 | 17 | |
18 | -DEFINE_STACK_OF(CONF_VALUE) | |
19 | - | |
20 | 18 | static const ASN1_ITEM *x509_it = NULL; |
21 | 19 | static X509 *x509 = NULL; |
22 | 20 | #define SERVER "mock.server" |
@@ -20,8 +20,6 @@ | ||
20 | 20 | # define strcasecmp _stricmp |
21 | 21 | #endif |
22 | 22 | |
23 | -DEFINE_STACK_OF(CONF_VALUE) | |
24 | - | |
25 | 23 | static const int default_app_data_size = 256; |
26 | 24 | /* Default set to be as small as possible to exercise fragmentation. */ |
27 | 25 | static const int default_max_fragment_size = 512; |