Using checks of the existence of HEADER_{foo}_H in other header files
was a really bad idea. For example, the following:
#include <x509.h>
#include <bio.h>
#include <asn1.h>
would make sure that things like ASN1_UTCTIME_print() wasn't defined
unless you moved the inclusion of bio.h to above the inclusion of
x509.h. The reason is that x509.h includes asn1.h, and the
declaration of ASN1_UTCTIME_print() depended on the definition of
HEADER_BIO_H. That's what I call an obscure bug.
Instead, this change makes sure that whatever header files are needed
for the correct process of one header file are included automagically,
and that the definitions of, for example, BIO-related things are
dependent on the absence of the NO_{foo} macros. This is also
consistent with the way parts of OpenSSL can be excluded at will.
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 50a0cfb..791636c 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -60,6 +60,9 @@
#define HEADER_ASN1_H
#include <time.h>
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/bn.h>
#include <openssl/stack.h>
#include <openssl/safestack.h>
@@ -695,7 +698,7 @@
int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
BIT_STRING_BITNAME *tbl, int indent);
#endif
@@ -823,7 +826,7 @@
char *(*func)(), void (*free_func)(),
int ex_tag, int ex_class);
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
@@ -878,7 +881,7 @@
int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
index 19bd570..a15fc1c 100644
--- a/crypto/dh/dh.h
+++ b/crypto/dh/dh.h
@@ -63,6 +63,9 @@
#error DH is disabled.
#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/bn.h>
#include <openssl/crypto.h>
@@ -169,7 +172,7 @@
#ifndef NO_FP_API
int DHparams_print_fp(FILE *fp, DH *x);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int DHparams_print(BIO *bp, DH *x);
#else
int DHparams_print(char *bp, DH *x);
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index ca301c5..3ebcc4a 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -69,6 +69,9 @@
#error DSA is disabled.
#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/bn.h>
#include <openssl/crypto.h>
#ifndef NO_DH
@@ -188,7 +191,7 @@
int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
int i2d_DSAparams(DSA *a,unsigned char **pp);
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int DSAparams_print(BIO *bp, DSA *x);
int DSA_print(BIO *bp, DSA *x, int off);
#endif
diff --git a/crypto/err/err.h b/crypto/err/err.h
index 519a9c5..2c3d39c 100644
--- a/crypto/err/err.h
+++ b/crypto/err/err.h
@@ -64,6 +64,13 @@
#include <stdlib.h>
#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
+#ifndef NO_LHASH
+#include <openssl/lhash.h>
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -241,7 +248,7 @@
#ifndef NO_FP_API
void ERR_print_errors_fp(FILE *fp);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
void ERR_print_errors(BIO *bp);
void ERR_add_error_data(int num, ...);
#endif
@@ -253,7 +260,7 @@
void ERR_remove_state(unsigned long pid); /* if zero we look it up */
ERR_STATE *ERR_get_state(void);
-#ifdef HEADER_LHASH_H
+#ifndef NO_LHASH
LHASH *ERR_get_string_table(void);
LHASH *ERR_get_err_state_table(void); /* even less thread-safe than
* ERR_get_string_table :-) */
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
index 56a7e08..f3b2b74 100644
--- a/crypto/evp/evp.h
+++ b/crypto/evp/evp.h
@@ -67,6 +67,9 @@
# undef OPENSSL_ALGORITHM_DEFINES
#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#ifndef NO_MD2
#include <openssl/md2.h>
#endif
@@ -593,7 +596,7 @@
int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
BIO_METHOD *BIO_f_md(void);
BIO_METHOD *BIO_f_base64(void);
BIO_METHOD *BIO_f_cipher(void);
diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c
index 80b931c..ee06000 100644
--- a/crypto/lhash/lh_stats.c
+++ b/crypto/lhash/lh_stats.c
@@ -63,9 +63,12 @@
* and things should work as expected */
#include "cryptlib.h"
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/lhash.h>
-#ifndef HEADER_BIO_H
+#ifdef NO_BIO
void lh_stats(LHASH *lh, FILE *out)
{
diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h
index 868d535..b8ff021 100644
--- a/crypto/lhash/lhash.h
+++ b/crypto/lhash/lhash.h
@@ -67,6 +67,10 @@
#include <stdio.h>
#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -132,7 +136,7 @@
void lh_node_usage_stats(LHASH *lh, FILE *out);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
void lh_stats_bio(LHASH *lh, BIO *out);
void lh_node_stats_bio(LHASH *lh, BIO *out);
void lh_node_usage_stats_bio(LHASH *lh, BIO *out);
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
index 38b9801..46aafa6 100644
--- a/crypto/pem/pem.h
+++ b/crypto/pem/pem.h
@@ -59,6 +59,12 @@
#ifndef HEADER_PEM_H
#define HEADER_PEM_H
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
+#ifndef NO_STACK
+#include <openssl/stack.h>
+#endif
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/pem2.h>
@@ -165,7 +171,7 @@
int num_recipient;
PEM_USER **recipient;
-#ifdef HEADER_STACK_H
+#ifndef NO_STACK
STACK *x509_chain; /* certificate chain */
#else
char *x509_chain; /* certificate chain */
@@ -289,7 +295,7 @@
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
#define DECLARE_PEM_read_bio(name, type) \
type *PEM_read_bio_##name(BIO *bp, type **x, pem_password_cb *cb, void *u);
@@ -477,7 +483,7 @@
int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
pem_password_cb *callback,void *u);
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int PEM_read_bio(BIO *bp, char **name, char **header,
unsigned char **data,long *len);
int PEM_write_bio(BIO *bp,const char *name,char *hdr,unsigned char *data,
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index 74033cf..69b7648 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -59,6 +59,9 @@
#ifndef HEADER_RSA_H
#define HEADER_RSA_H
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/bn.h>
#include <openssl/crypto.h>
@@ -209,7 +212,7 @@
int RSA_print_fp(FILE *fp, RSA *r,int offset);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int RSA_print(BIO *bp, RSA *r,int offset);
#endif
diff --git a/crypto/txt_db/txt_db.h b/crypto/txt_db/txt_db.h
index 22a54f0..342533d 100644
--- a/crypto/txt_db/txt_db.h
+++ b/crypto/txt_db/txt_db.h
@@ -59,6 +59,9 @@
#ifndef HEADER_TXT_DB_H
#define HEADER_TXT_DB_H
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/stack.h>
#include <openssl/lhash.h>
@@ -85,7 +88,7 @@
char **arg_row;
} TXT_DB;
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
TXT_DB *TXT_DB_read(BIO *in, int num);
long TXT_DB_write(BIO *out, TXT_DB *db);
#else
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 1dae31a..87f192f 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -64,6 +64,15 @@
#define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic
#endif
+#ifndef NO_BUFFER
+#include <openssl/buffer.h>
+#endif
+#ifndef NO_EVP
+#include <openssl/evp.h>
+#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
#include <openssl/stack.h>
#include <openssl/asn1.h>
#include <openssl/safestack.h>
@@ -242,7 +251,7 @@
{
STACK_OF(X509_NAME_ENTRY) *entries;
int modified; /* true if 'bytes' needs to be built */
-#ifdef HEADER_BUFFER_H
+#ifndef NO_BUFFER
BUF_MEM *bytes;
#else
char *bytes;
@@ -663,7 +672,7 @@
int references;
} X509_PKEY;
-#ifdef HEADER_ENVELOPE_H
+#ifndef NO_EVP
typedef struct X509_info_st
{
X509 *x509;
@@ -950,7 +959,7 @@
const char *X509_verify_cert_error_string(long n);
#ifndef SSLEAY_MACROS
-#ifdef HEADER_ENVELOPE_H
+#ifndef NO_EVP
int X509_verify(X509 *a, EVP_PKEY *r);
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
@@ -1010,7 +1019,7 @@
EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
X509 *d2i_X509_bio(BIO *bp,X509 **x509);
int i2d_X509_bio(BIO *bp,X509 *x509);
X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
@@ -1216,7 +1225,7 @@
NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length);
void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
-#ifdef HEADER_ENVELOPE_H
+#ifndef NO_EVP
X509_INFO * X509_INFO_new(void);
void X509_INFO_free(X509_INFO *a);
char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
@@ -1296,7 +1305,7 @@
int X509_REQ_print_fp(FILE *bp,X509_REQ *req);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
int X509_print(BIO *bp,X509 *x);
int X509_CERT_AUX_print(BIO *bp,X509_CERT_AUX *x, int indent);
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
index 313b867..f842e4a 100644
--- a/crypto/x509/x509_vfy.h
+++ b/crypto/x509/x509_vfy.h
@@ -65,6 +65,9 @@
#ifndef HEADER_X509_VFY_H
#define HEADER_X509_VFY_H
+#ifndef NO_LHASH
+#include <openssl/lhash.h>
+#endif
#include <openssl/bio.h>
#include <openssl/crypto.h>
@@ -190,7 +193,7 @@
{
/* The following is a cache of trusted certs */
int cache; /* if true, stash any hits */
-#ifdef HEADER_LHASH_H
+#ifndef NO_LHASH
LHASH *certs; /* cached certs; */
#else
char *certs;
@@ -315,7 +318,7 @@
#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
#endif
-#ifdef HEADER_LHASH_H
+#ifndef NO_LHASH
X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h,int type,X509_NAME *name);
#endif
void X509_OBJECT_up_ref_count(X509_OBJECT *a);
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 16fe694..7c60bb7 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -59,6 +59,15 @@
#ifndef HEADER_SSL_H
#define HEADER_SSL_H
+#ifndef NO_COMP
+#include <openssl/comp.h>
+#endif
+#ifndef NO_BIO
+#include <openssl/bio.h>
+#endif
+#ifndef NO_X509
+#include <openssl/x509.h>
+#endif
#include <openssl/safestack.h>
#ifdef __cplusplus
@@ -385,7 +394,7 @@
{
int id;
char *name;
-#ifdef HEADER_COMP_H
+#ifndef NO_COMP
COMP_METHOD *method;
#else
char *method;
@@ -603,7 +612,7 @@
* same. This is so data can be read and written to different
* handlers */
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
BIO *rbio; /* used by SSL_read */
BIO *wbio; /* used by SSL_write */
BIO *bbio; /* used during session-id reuse to concatinate
@@ -667,7 +676,7 @@
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
const EVP_MD *read_hash; /* used for mac generation */
-#ifdef HEADER_COMP_H
+#ifndef NO_COMP
COMP_CTX *expand; /* uncompress */
#else
char *expand;
@@ -675,7 +684,7 @@
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
const EVP_MD *write_hash; /* used for mac generation */
-#ifdef HEADER_COMP_H
+#ifndef NO_COMP
COMP_CTX *compress; /* compression */
#else
char *compress;
@@ -961,7 +970,7 @@
#define SSL_add_dir_cert_subjects_to_stack SSL_add_dir_cert_sub_to_stack
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
BIO_METHOD *BIO_f_ssl(void);
BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
BIO *BIO_new_ssl_connect(SSL_CTX *ctx);
@@ -998,7 +1007,7 @@
int SSL_set_rfd(SSL *s, int fd);
int SSL_set_wfd(SSL *s, int fd);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
BIO * SSL_get_rbio(SSL *s);
BIO * SSL_get_wbio(SSL *s);
@@ -1053,7 +1062,7 @@
#ifndef NO_FP_API
int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
#endif
-#ifdef HEADER_BIO_H
+#ifndef NO_BIO
int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
#endif
void SSL_SESSION_free(SSL_SESSION *ses);
@@ -1249,7 +1258,7 @@
int keylength));
#endif
-#ifdef HEADER_COMP_H
+#ifndef NO_COMP
int SSL_COMP_add_compression_method(int id,COMP_METHOD *cm);
#else
int SSL_COMP_add_compression_method(int id,char *cm);
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index f616763..7ee1fea 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -59,6 +59,9 @@
#ifndef HEADER_SSL3_H
#define HEADER_SSL3_H
+#ifndef NO_COMP
+#include <openssl/comp.h>
+#endif
#include <openssl/buffer.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
@@ -310,7 +313,7 @@
const EVP_CIPHER *new_sym_enc;
const EVP_MD *new_hash;
-#ifdef HEADER_COMP_H
+#ifndef NO_COMP
const SSL_COMP *new_compression;
#else
char *new_compression;