Add type-safe STACKs and SETs.
diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl
index 8f18f7f..0a499ff 100644
--- a/ssl/Makefile.ssl
+++ b/ssl/Makefile.ssl
@@ -108,8 +108,9 @@
bio_ssl.o: ../include/mdc2.h ../include/objects.h ../include/opensslv.h
bio_ssl.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
bio_ssl.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-bio_ssl.o: ../include/sha.h ../include/stack.h ../include/x509.h
-bio_ssl.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h
+bio_ssl.o: ../include/safestack.h ../include/sha.h ../include/stack.h
+bio_ssl.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
+bio_ssl.o: tls1.h
s23_clnt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s23_clnt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s23_clnt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -119,8 +120,9 @@
s23_clnt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s23_clnt.o: ../include/rand.h ../include/rc2.h ../include/rc4.h
s23_clnt.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-s23_clnt.o: ../include/sha.h ../include/stack.h ../include/x509.h
-s23_clnt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s23_clnt.o: ../include/safestack.h ../include/sha.h ../include/stack.h
+s23_clnt.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
+s23_clnt.o: ssl_locl.h tls1.h
s23_lib.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s23_lib.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s23_lib.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -129,9 +131,9 @@
s23_lib.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s23_lib.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s23_lib.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s23_lib.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s23_lib.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s23_lib.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s23_lib.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s23_lib.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s23_lib.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s23_meth.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s23_meth.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s23_meth.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -140,9 +142,9 @@
s23_meth.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s23_meth.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s23_meth.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s23_meth.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s23_meth.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s23_meth.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s23_meth.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s23_meth.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s23_meth.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s23_pkt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s23_pkt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s23_pkt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -151,9 +153,9 @@
s23_pkt.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s23_pkt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s23_pkt.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s23_pkt.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s23_pkt.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s23_pkt.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s23_pkt.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s23_pkt.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s23_pkt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s23_srvr.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s23_srvr.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s23_srvr.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -163,8 +165,9 @@
s23_srvr.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s23_srvr.o: ../include/rand.h ../include/rc2.h ../include/rc4.h
s23_srvr.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-s23_srvr.o: ../include/sha.h ../include/stack.h ../include/x509.h
-s23_srvr.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s23_srvr.o: ../include/safestack.h ../include/sha.h ../include/stack.h
+s23_srvr.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
+s23_srvr.o: ssl_locl.h tls1.h
s2_clnt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s2_clnt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s2_clnt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -173,9 +176,9 @@
s2_clnt.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s2_clnt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s2_clnt.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s2_clnt.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s2_clnt.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s2_clnt.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s2_clnt.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s2_clnt.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s2_clnt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s2_enc.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s2_enc.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s2_enc.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -184,9 +187,9 @@
s2_enc.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s2_enc.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s2_enc.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s2_enc.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s2_enc.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s2_enc.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s2_enc.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s2_enc.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s2_enc.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s2_lib.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s2_lib.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s2_lib.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -195,9 +198,9 @@
s2_lib.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s2_lib.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s2_lib.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s2_lib.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s2_lib.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s2_lib.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s2_lib.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s2_lib.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s2_lib.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s2_meth.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s2_meth.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s2_meth.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -206,9 +209,9 @@
s2_meth.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s2_meth.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s2_meth.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s2_meth.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s2_meth.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s2_meth.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s2_meth.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s2_meth.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s2_meth.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s2_pkt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s2_pkt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s2_pkt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -217,9 +220,9 @@
s2_pkt.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s2_pkt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s2_pkt.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s2_pkt.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s2_pkt.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s2_pkt.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s2_pkt.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s2_pkt.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s2_pkt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s2_srvr.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s2_srvr.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s2_srvr.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -228,9 +231,9 @@
s2_srvr.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s2_srvr.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s2_srvr.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s2_srvr.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s2_srvr.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s2_srvr.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s2_srvr.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s2_srvr.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s2_srvr.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s3_both.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s3_both.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s3_both.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -239,9 +242,9 @@
s3_both.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s3_both.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s3_both.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s3_both.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s3_both.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s3_both.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s3_both.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s3_both.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s3_both.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s3_clnt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s3_clnt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s3_clnt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -250,9 +253,9 @@
s3_clnt.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s3_clnt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s3_clnt.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s3_clnt.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s3_clnt.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s3_clnt.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s3_clnt.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s3_clnt.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s3_clnt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s3_enc.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s3_enc.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s3_enc.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -261,9 +264,9 @@
s3_enc.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s3_enc.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s3_enc.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s3_enc.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s3_enc.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s3_enc.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s3_enc.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s3_enc.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s3_enc.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s3_lib.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s3_lib.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s3_lib.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -272,9 +275,9 @@
s3_lib.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s3_lib.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s3_lib.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s3_lib.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s3_lib.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s3_lib.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s3_lib.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s3_lib.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s3_lib.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s3_meth.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s3_meth.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s3_meth.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -283,9 +286,9 @@
s3_meth.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s3_meth.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s3_meth.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s3_meth.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s3_meth.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s3_meth.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s3_meth.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s3_meth.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s3_meth.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s3_pkt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s3_pkt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s3_pkt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -294,9 +297,9 @@
s3_pkt.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s3_pkt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s3_pkt.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s3_pkt.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s3_pkt.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s3_pkt.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s3_pkt.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s3_pkt.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s3_pkt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
s3_srvr.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
s3_srvr.o: ../include/bn.h ../include/buffer.h ../include/cast.h
s3_srvr.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -305,9 +308,9 @@
s3_srvr.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
s3_srvr.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
s3_srvr.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-s3_srvr.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-s3_srvr.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-s3_srvr.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+s3_srvr.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+s3_srvr.o: ../include/sha.h ../include/stack.h ../include/x509.h
+s3_srvr.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
ssl_algs.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_algs.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_algs.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -316,9 +319,9 @@
ssl_algs.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
ssl_algs.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
ssl_algs.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-ssl_algs.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-ssl_algs.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-ssl_algs.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+ssl_algs.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+ssl_algs.o: ../include/sha.h ../include/stack.h ../include/x509.h
+ssl_algs.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
ssl_asn1.o: ../include/asn1.h ../include/asn1_mac.h ../include/bio.h
ssl_asn1.o: ../include/blowfish.h ../include/bn.h ../include/buffer.h
ssl_asn1.o: ../include/cast.h ../include/comp.h ../include/crypto.h
@@ -328,8 +331,9 @@
ssl_asn1.o: ../include/mdc2.h ../include/objects.h ../include/opensslv.h
ssl_asn1.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
ssl_asn1.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-ssl_asn1.o: ../include/sha.h ../include/stack.h ../include/x509.h
-ssl_asn1.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+ssl_asn1.o: ../include/safestack.h ../include/sha.h ../include/stack.h
+ssl_asn1.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
+ssl_asn1.o: ssl_locl.h tls1.h
ssl_cert.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_cert.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_cert.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -339,9 +343,9 @@
ssl_cert.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
ssl_cert.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h
ssl_cert.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-ssl_cert.o: ../include/rsa.h ../include/sha.h ../include/stack.h
-ssl_cert.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
-ssl_cert.o: ssl_locl.h tls1.h
+ssl_cert.o: ../include/rsa.h ../include/safestack.h ../include/sha.h
+ssl_cert.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
+ssl_cert.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
ssl_ciph.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_ciph.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_ciph.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -350,9 +354,9 @@
ssl_ciph.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
ssl_ciph.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
ssl_ciph.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-ssl_ciph.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-ssl_ciph.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-ssl_ciph.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+ssl_ciph.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+ssl_ciph.o: ../include/sha.h ../include/stack.h ../include/x509.h
+ssl_ciph.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
ssl_err.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_err.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_err.o: ../include/crypto.h ../include/des.h ../include/dh.h
@@ -361,8 +365,9 @@
ssl_err.o: ../include/mdc2.h ../include/objects.h ../include/opensslv.h
ssl_err.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h
ssl_err.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-ssl_err.o: ../include/sha.h ../include/stack.h ../include/x509.h
-ssl_err.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h tls1.h
+ssl_err.o: ../include/safestack.h ../include/sha.h ../include/stack.h
+ssl_err.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
+ssl_err.o: tls1.h
ssl_err2.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_err2.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_err2.o: ../include/crypto.h ../include/des.h ../include/dh.h
@@ -371,9 +376,9 @@
ssl_err2.o: ../include/md5.h ../include/mdc2.h ../include/objects.h
ssl_err2.o: ../include/opensslv.h ../include/pkcs7.h ../include/rc2.h
ssl_err2.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-ssl_err2.o: ../include/rsa.h ../include/sha.h ../include/stack.h
-ssl_err2.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
-ssl_err2.o: tls1.h
+ssl_err2.o: ../include/rsa.h ../include/safestack.h ../include/sha.h
+ssl_err2.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
+ssl_err2.o: ssl2.h ssl23.h ssl3.h tls1.h
ssl_lib.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_lib.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_lib.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -382,9 +387,9 @@
ssl_lib.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
ssl_lib.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
ssl_lib.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-ssl_lib.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-ssl_lib.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-ssl_lib.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+ssl_lib.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+ssl_lib.o: ../include/sha.h ../include/stack.h ../include/x509.h
+ssl_lib.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
ssl_rsa.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_rsa.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_rsa.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -394,9 +399,9 @@
ssl_rsa.o: ../include/objects.h ../include/opensslv.h ../include/pem.h
ssl_rsa.o: ../include/pem2.h ../include/pkcs7.h ../include/rc2.h
ssl_rsa.o: ../include/rc4.h ../include/rc5.h ../include/ripemd.h
-ssl_rsa.o: ../include/rsa.h ../include/sha.h ../include/stack.h
-ssl_rsa.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
-ssl_rsa.o: ssl_locl.h tls1.h
+ssl_rsa.o: ../include/rsa.h ../include/safestack.h ../include/sha.h
+ssl_rsa.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
+ssl_rsa.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
ssl_sess.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_sess.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_sess.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -406,8 +411,9 @@
ssl_sess.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
ssl_sess.o: ../include/rand.h ../include/rc2.h ../include/rc4.h
ssl_sess.o: ../include/rc5.h ../include/ripemd.h ../include/rsa.h
-ssl_sess.o: ../include/sha.h ../include/stack.h ../include/x509.h
-ssl_sess.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+ssl_sess.o: ../include/safestack.h ../include/sha.h ../include/stack.h
+ssl_sess.o: ../include/x509.h ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h
+ssl_sess.o: ssl_locl.h tls1.h
ssl_stat.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_stat.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_stat.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -416,9 +422,9 @@
ssl_stat.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
ssl_stat.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
ssl_stat.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-ssl_stat.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-ssl_stat.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-ssl_stat.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+ssl_stat.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+ssl_stat.o: ../include/sha.h ../include/stack.h ../include/x509.h
+ssl_stat.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
ssl_txt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
ssl_txt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
ssl_txt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -427,9 +433,9 @@
ssl_txt.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
ssl_txt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
ssl_txt.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-ssl_txt.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-ssl_txt.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-ssl_txt.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+ssl_txt.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+ssl_txt.o: ../include/sha.h ../include/stack.h ../include/x509.h
+ssl_txt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
t1_clnt.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
t1_clnt.o: ../include/bn.h ../include/buffer.h ../include/cast.h
t1_clnt.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -438,9 +444,9 @@
t1_clnt.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
t1_clnt.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
t1_clnt.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-t1_clnt.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-t1_clnt.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-t1_clnt.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+t1_clnt.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+t1_clnt.o: ../include/sha.h ../include/stack.h ../include/x509.h
+t1_clnt.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
t1_enc.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
t1_enc.o: ../include/bn.h ../include/buffer.h ../include/cast.h
t1_enc.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -449,9 +455,9 @@
t1_enc.o: ../include/lhash.h ../include/md2.h ../include/md5.h
t1_enc.o: ../include/mdc2.h ../include/objects.h ../include/opensslv.h
t1_enc.o: ../include/pkcs7.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-t1_enc.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-t1_enc.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-t1_enc.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+t1_enc.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+t1_enc.o: ../include/sha.h ../include/stack.h ../include/x509.h
+t1_enc.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
t1_lib.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
t1_lib.o: ../include/bn.h ../include/buffer.h ../include/cast.h
t1_lib.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -460,9 +466,9 @@
t1_lib.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
t1_lib.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
t1_lib.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-t1_lib.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-t1_lib.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-t1_lib.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+t1_lib.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+t1_lib.o: ../include/sha.h ../include/stack.h ../include/x509.h
+t1_lib.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
t1_meth.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
t1_meth.o: ../include/bn.h ../include/buffer.h ../include/cast.h
t1_meth.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -471,9 +477,9 @@
t1_meth.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
t1_meth.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
t1_meth.o: ../include/rc2.h ../include/rc4.h ../include/rc5.h
-t1_meth.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-t1_meth.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-t1_meth.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+t1_meth.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+t1_meth.o: ../include/sha.h ../include/stack.h ../include/x509.h
+t1_meth.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
t1_srvr.o: ../include/asn1.h ../include/bio.h ../include/blowfish.h
t1_srvr.o: ../include/bn.h ../include/buffer.h ../include/cast.h
t1_srvr.o: ../include/comp.h ../include/crypto.h ../include/des.h
@@ -482,6 +488,6 @@
t1_srvr.o: ../include/md2.h ../include/md5.h ../include/mdc2.h
t1_srvr.o: ../include/objects.h ../include/opensslv.h ../include/pkcs7.h
t1_srvr.o: ../include/rand.h ../include/rc2.h ../include/rc4.h ../include/rc5.h
-t1_srvr.o: ../include/ripemd.h ../include/rsa.h ../include/sha.h
-t1_srvr.o: ../include/stack.h ../include/x509.h ../include/x509_vfy.h ssl.h
-t1_srvr.o: ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
+t1_srvr.o: ../include/ripemd.h ../include/rsa.h ../include/safestack.h
+t1_srvr.o: ../include/sha.h ../include/stack.h ../include/x509.h
+t1_srvr.o: ../include/x509_vfy.h ssl.h ssl2.h ssl23.h ssl3.h ssl_locl.h tls1.h
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
index bf5e112..fa13216 100644
--- a/ssl/s23_srvr.c
+++ b/ssl/s23_srvr.c
@@ -256,7 +256,7 @@
if (s->options & SSL_OP_NON_EXPORT_FIRST)
{
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *c;
int ne2,ne3;
@@ -287,9 +287,9 @@
if (sk != NULL)
{
ne2=ne3=0;
- for (j=0; j<sk_num(sk); j++)
+ for (j=0; j<sk_SSL_CIPHER_num(sk); j++)
{
- c=(SSL_CIPHER *)sk_value(sk,j);
+ c=sk_SSL_CIPHER_value(sk,j);
if (!SSL_C_IS_EXPORT(c))
{
if ((c->id>>24L) == 2L)
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index d5457b0..46e14d8 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -302,7 +302,7 @@
unsigned char *buf;
unsigned char *p;
int i,j;
- STACK *sk=NULL,*cl;
+ STACK_OF(SSL_CIPHER) *sk=NULL,*cl;
buf=(unsigned char *)s->init_buf->data;
p=buf;
@@ -411,7 +411,7 @@
/* load the ciphers */
sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl,
- &s->session->ciphers);
+ &s->session->ciphers);
p+=s->s2->tmp.csl;
if (sk == NULL)
{
@@ -420,7 +420,7 @@
return(-1);
}
- sk_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
+ sk_SSL_CIPHER_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
/* get the array of ciphers we will accept */
cl=ssl_get_ciphers_by_id(s);
@@ -430,19 +430,20 @@
* will check against the list we origionally sent and
* for performance reasons we should not bother to match
* the two lists up just to check. */
- for (i=0; i<sk_num(cl); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(cl); i++)
{
- if (sk_find(sk,sk_value(cl,i)) >= 0)
+ if (sk_SSL_CIPHER_find(sk,
+ sk_SSL_CIPHER_value(cl,i)) >= 0)
break;
}
- if (i >= sk_num(cl))
+ if (i >= sk_SSL_CIPHER_num(cl))
{
ssl2_return_error(s,SSL2_PE_NO_CIPHER);
SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH);
return(-1);
}
- s->session->cipher=(SSL_CIPHER *)sk_value(cl,i);
+ s->session->cipher=sk_SSL_CIPHER_value(cl,i);
}
if ((s->session != NULL) && (s->session->peer != NULL))
@@ -894,7 +895,7 @@
int len;
unsigned char *data;
{
- STACK *sk=NULL;
+ STACK_OF(X509) *sk=NULL;
EVP_PKEY *pkey=NULL;
CERT *c=NULL;
int i;
@@ -908,8 +909,7 @@
goto err;
}
- if (((sk=sk_new_null()) == NULL) ||
- (!sk_push(sk,(char *)x509)))
+ if ((sk=sk_X509_new_null()) == NULL || !sk_X509_push(sk,x509))
{
SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto err;
@@ -957,7 +957,7 @@
goto err;
ret=1;
err:
- sk_free(sk);
+ sk_X509_free(sk);
X509_free(x509);
EVP_PKEY_free(pkey);
return(ret);
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index 73c19af..930a47d 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -465,8 +465,8 @@
{
int i,n;
unsigned char *p;
- STACK *cs; /* a stack of SSL_CIPHERS */
- STACK *cl; /* the ones we want to use */
+ STACK_OF(SSL_CIPHER) *cs; /* a stack of SSL_CIPHERS */
+ STACK_OF(SSL_CIPHER) *cl; /* the ones we want to use */
int z;
/* This is a bit of a hack to check for the correct packet
@@ -574,11 +574,11 @@
cl=ssl_get_ciphers_by_id(s);
- for (z=0; z<sk_num(cs); z++)
+ for (z=0; z<sk_SSL_CIPHER_num(cs); z++)
{
- if (sk_find(cl,sk_value(cs,z)) < 0)
+ if (sk_SSL_CIPHER_find(cl,sk_SSL_CIPHER_value(cs,z)) < 0)
{
- sk_delete(cs,z);
+ sk_SSL_CIPHER_delete(cs,z);
z--;
}
}
@@ -608,7 +608,7 @@
{
unsigned char *p,*d;
int n,hit;
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
p=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
@@ -787,7 +787,7 @@
unsigned char *ccd;
int i,j,ctype,ret= -1;
X509 *x509=NULL;
- STACK *sk=NULL;
+ STACK_OF(X509) *sk=NULL;
ccd=s->s2->tmp.ccl;
if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A)
@@ -876,7 +876,7 @@
goto msg_end;
}
- if (((sk=sk_new_null()) == NULL) || (!sk_push(sk,(char *)x509)))
+ if (((sk=sk_X509_new_null()) == NULL) || (!sk_X509_push(sk,x509)))
{
SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto msg_end;
@@ -933,7 +933,7 @@
ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
}
end:
- sk_free(sk);
+ sk_X509_free(sk);
X509_free(x509);
return(ret);
}
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
index 0dad891..c3d660f 100644
--- a/ssl/s3_both.c
+++ b/ssl/s3_both.c
@@ -245,9 +245,9 @@
/* Thawte special :-) */
if (s->ctx->extra_certs != NULL)
- for (i=0; i<sk_num(s->ctx->extra_certs); i++)
+ for (i=0; i<sk_X509_num(s->ctx->extra_certs); i++)
{
- x=(X509 *)sk_value(s->ctx->extra_certs,i);
+ x=sk_X509_value(s->ctx->extra_certs,i);
n=i2d_X509(x,NULL);
if (!BUF_MEM_grow(buf,(int)(n+l+3)))
{
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index 5cc0ff4..24d4f14 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -531,11 +531,11 @@
if (s->ctx->comp_methods == NULL)
j=0;
else
- j=sk_num(s->ctx->comp_methods);
+ j=sk_SSL_COMP_num(s->ctx->comp_methods);
*(p++)=1+j;
for (i=0; i<j; i++)
{
- comp=(SSL_COMP *)sk_value(s->ctx->comp_methods,i);
+ comp=sk_SSL_COMP_value(s->ctx->comp_methods,i);
*(p++)=comp->id;
}
*(p++)=0; /* Add the NULL method */
@@ -560,7 +560,7 @@
static int ssl3_get_server_hello(s)
SSL *s;
{
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *c;
unsigned char *p,*d;
int i,al,ok;
@@ -645,7 +645,7 @@
p+=ssl_put_cipher_by_char(s,NULL,NULL);
sk=ssl_get_ciphers_by_id(s);
- i=sk_find(sk,(char *)c);
+ i=sk_SSL_CIPHER_find(sk,c);
if (i < 0)
{
/* we did not say we would use this cipher */
@@ -707,7 +707,7 @@
unsigned long n,nc,llen,l;
X509 *x=NULL;
unsigned char *p,*d,*q;
- STACK *sk=NULL;
+ STACK_OF(X509) *sk=NULL;
CERT *c;
EVP_PKEY *pkey=NULL;
@@ -738,7 +738,7 @@
}
d=p=(unsigned char *)s->init_buf->data;
- if ((sk=sk_new_null()) == NULL)
+ if ((sk=sk_X509_new_null()) == NULL)
{
SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto err;
@@ -775,7 +775,7 @@
SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
goto f_err;
}
- if (!sk_push(sk,(char *)x))
+ if (!sk_X509_push(sk,x))
{
SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto err;
@@ -800,7 +800,7 @@
s->session->cert=c;
c->cert_chain=sk;
- x=(X509 *)sk_value(sk,0);
+ x=sk_X509_value(sk,0);
sk=NULL;
pkey=X509_get_pubkey(x);
@@ -845,7 +845,7 @@
err:
EVP_PKEY_free(pkey);
X509_free(x);
- sk_pop_free(sk,X509_free);
+ sk_X509_pop_free(sk,X509_free);
return(ret);
}
@@ -1151,7 +1151,7 @@
unsigned int llen,ctype_num,i;
X509_NAME *xn=NULL;
unsigned char *p,*d,*q;
- STACK *ca_sk=NULL;
+ STACK_OF(X509_NAME) *ca_sk=NULL;
n=ssl3_get_message(s,
SSL3_ST_CR_CERT_REQ_A,
@@ -1195,7 +1195,7 @@
d=p=(unsigned char *)s->init_buf->data;
- if ((ca_sk=sk_new(ca_dn_cmp)) == NULL)
+ if ((ca_sk=sk_X509_NAME_new(ca_dn_cmp)) == NULL)
{
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
goto err;
@@ -1260,7 +1260,7 @@
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
goto err;
}
- if (!sk_push(ca_sk,(char *)xn))
+ if (!sk_X509_NAME_push(ca_sk,xn))
{
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
goto err;
@@ -1280,13 +1280,13 @@
s->s3->tmp.cert_req=1;
s->s3->tmp.ctype_num=ctype_num;
if (s->s3->tmp.ca_names != NULL)
- sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
s->s3->tmp.ca_names=ca_sk;
ca_sk=NULL;
ret=1;
err:
- if (ca_sk != NULL) sk_pop_free(ca_sk,X509_NAME_free);
+ if (ca_sk != NULL) sk_X509_NAME_pop_free(ca_sk,X509_NAME_free);
return(ret);
}
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index 0fba6ce..d7bb6cd 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -502,7 +502,7 @@
DH_free(s->s3->tmp.dh);
#endif
if (s->s3->tmp.ca_names != NULL)
- sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
memset(s->s3,0,sizeof(SSL3_CTX));
Free(s->s3);
s->s3=NULL;
@@ -515,7 +515,7 @@
ssl3_cleanup_key_block(s);
if (s->s3->tmp.ca_names != NULL)
- sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+ sk_X509_NAME_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
if (s->s3->rrec.comp != NULL)
{
@@ -750,10 +750,10 @@
case SSL_CTRL_EXTRA_CHAIN_CERT:
if (ctx->extra_certs == NULL)
{
- if ((ctx->extra_certs=sk_new_null()) == NULL)
+ if ((ctx->extra_certs=sk_X509_new_null()) == NULL)
return(0);
}
- sk_push(ctx->extra_certs,(char *)parg);
+ sk_X509_push(ctx->extra_certs,(X509 *)parg);
break;
default:
@@ -832,7 +832,8 @@
SSL_CIPHER *ssl3_choose_cipher(s,have,pref)
SSL *s;
-STACK *have,*pref;
+STACK_OF(SSL_CIPHER) *have;
+STACK_OF(SSL_CIPHER) *pref;
{
SSL_CIPHER *c,*ret=NULL;
int i,j,ok;
@@ -845,7 +846,7 @@
else
cert=s->ctx->default_cert;
- sk_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
+ sk_SSL_CIPHER_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
#ifdef CIPHER_DEBUG
printf("Have:\n");
@@ -856,9 +857,9 @@
}
#endif
- for (i=0; i<sk_num(have); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(have); i++)
{
- c=(SSL_CIPHER *)sk_value(have,i);
+ c=sk_SSL_CIPHER_value(have,i);
ssl_set_cert_masks(cert,s->ctx->default_cert,c);
mask=cert->mask;
@@ -884,10 +885,10 @@
if (!ok) continue;
- j=sk_find(pref,(char *)c);
+ j=sk_SSL_CIPHER_find(pref,c);
if (j >= 0)
{
- ret=(SSL_CIPHER *)sk_value(pref,j);
+ ret=sk_SSL_CIPHER_value(pref,j);
break;
}
}
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index 21b93c1..3969657 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -555,7 +555,7 @@
unsigned char *p,*d,*q;
SSL_CIPHER *c;
SSL_COMP *comp=NULL;
- STACK *ciphers=NULL;
+ STACK_OF(SSL_CIPHER) *ciphers=NULL;
/* We do this so that we will respond with our native type.
* If we are TLSv1 and we get SSLv3, we will respond with TLSv1,
@@ -643,9 +643,9 @@
#ifdef CIPHER_DEBUG
printf("client sent %d ciphers\n",sk_num(ciphers));
#endif
- for (i=0; i<sk_num(ciphers); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(ciphers); i++)
{
- c=(SSL_CIPHER *)sk_value(ciphers,i);
+ c=sk_SSL_CIPHER_value(ciphers,i);
#ifdef CIPHER_DEBUG
printf("client [%2d of %2d]:%s\n",
i,sk_num(ciphers),SSL_CIPHER_get_name(c));
@@ -658,11 +658,11 @@
}
if (j == 0)
{
- if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1))
+ if ((s->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_SSL_CIPHER_num(ciphers) == 1))
{
/* Very bad for multi-threading.... */
- s->session->cipher=
- (SSL_CIPHER *)sk_value(ciphers,0);
+ s->session->cipher=sk_SSL_CIPHER_value(ciphers,
+ 0);
}
else
{
@@ -700,10 +700,10 @@
{ /* See if we have a match */
int m,nn,o,v,done=0;
- nn=sk_num(s->ctx->comp_methods);
+ nn=sk_SSL_COMP_num(s->ctx->comp_methods);
for (m=0; m<nn; m++)
{
- comp=(SSL_COMP *)sk_value(s->ctx->comp_methods,m);
+ comp=sk_SSL_COMP_value(s->ctx->comp_methods,m);
v=comp->id;
for (o=0; o<i; o++)
{
@@ -741,7 +741,7 @@
{
s->session->compress_meth=(comp == NULL)?0:comp->id;
if (s->session->ciphers != NULL)
- sk_free(s->session->ciphers);
+ sk_SSL_CIPHER_free(s->session->ciphers);
s->session->ciphers=ciphers;
if (ciphers == NULL)
{
@@ -751,7 +751,7 @@
}
ciphers=NULL;
c=ssl3_choose_cipher(s,s->session->ciphers,
- ssl_get_ciphers_by_id(s));
+ ssl_get_ciphers_by_id(s));
if (c == NULL)
{
@@ -765,16 +765,16 @@
{
/* Session-id reuse */
#ifdef REUSE_CIPHER_BUG
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *nc=NULL;
SSL_CIPHER *ec=NULL;
if (s->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
{
sk=s->session->ciphers;
- for (i=0; i<sk_num(sk); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- c=(SSL_CIPHER *)sk_value(sk,i);
+ c=sk_SSL_CIPHER_value(sk,i);
if (c->algorithms & SSL_eNULL)
nc=c;
if (SSL_C_IS_EXPORT(c))
@@ -810,7 +810,7 @@
ssl3_send_alert(s,SSL3_AL_FATAL,al);
}
err:
- if (ciphers != NULL) sk_free(ciphers);
+ if (ciphers != NULL) sk_SSL_CIPHER_free(ciphers);
return(ret);
}
@@ -1136,7 +1136,7 @@
{
unsigned char *p,*d;
int i,j,nl,off,n;
- STACK *sk=NULL;
+ STACK_OF(X509_NAME) *sk=NULL;
X509_NAME *name;
BUF_MEM *buf;
@@ -1161,9 +1161,9 @@
nl=0;
if (sk != NULL)
{
- for (i=0; i<sk_num(sk); i++)
+ for (i=0; i<sk_X509_NAME_num(sk); i++)
{
- name=(X509_NAME *)sk_value(sk,i);
+ name=sk_X509_NAME_value(sk,i);
j=i2d_X509_NAME(name,NULL);
if (!BUF_MEM_grow(buf,4+n+j+2))
{
@@ -1562,7 +1562,7 @@
X509 *x=NULL;
unsigned long l,nc,llen,n;
unsigned char *p,*d,*q;
- STACK *sk=NULL;
+ STACK_OF(X509) *sk=NULL;
n=ssl3_get_message(s,
SSL3_ST_SR_CERT_A,
@@ -1605,7 +1605,7 @@
}
d=p=(unsigned char *)s->init_buf->data;
- if ((sk=sk_new_null()) == NULL)
+ if ((sk=sk_X509_new_null()) == NULL)
{
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto err;
@@ -1641,7 +1641,7 @@
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
goto f_err;
}
- if (!sk_push(sk,(char *)x))
+ if (!sk_X509_push(sk,x))
{
SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
goto err;
@@ -1650,7 +1650,7 @@
nc+=l+3;
}
- if (sk_num(sk) <= 0)
+ if (sk_X509_num(sk) <= 0)
{
/* TLS does not mind 0 certs returned */
if (s->version == SSL3_VERSION)
@@ -1682,7 +1682,7 @@
/* This should not be needed */
if (s->session->peer != NULL)
X509_free(s->session->peer);
- s->session->peer=(X509 *)sk_shift(sk);
+ s->session->peer=sk_X509_shift(sk);
s->session->cert->cert_chain=sk;
sk=NULL;
@@ -1694,7 +1694,7 @@
}
err:
if (x != NULL) X509_free(x);
- if (sk != NULL) sk_pop_free(sk,X509_free);
+ if (sk != NULL) sk_X509_pop_free(sk,X509_free);
return(ret);
}
diff --git a/ssl/ssl.h b/ssl/ssl.h
index 06ca4aa..4bb1a2e 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -63,6 +63,8 @@
extern "C" {
#endif
+#include "safestack.h"
+
/* SSLeay version number for ASN.1 encoding of the session information */
/* Version 0 - initial version
* Version 1 - added the optional peer certificate
@@ -167,6 +169,8 @@
unsigned long mask; /* used for matching */
} SSL_CIPHER;
+DECLARE_STACK_OF(SSL_CIPHER)
+
typedef struct ssl_st SSL;
typedef struct ssl_ctx_st SSL_CTX;
@@ -254,7 +258,7 @@
* needs to be used to load
* the 'cipher' structure */
- STACK /* SSL_CIPHER */ *ciphers; /* shared ciphers? */
+ STACK_OF(SSL_CIPHER) *ciphers; /* shared ciphers? */
CRYPTO_EX_DATA ex_data; /* application specific data */
@@ -314,14 +318,16 @@
#endif
} SSL_COMP;
+DECLARE_STACK_OF(SSL_COMP)
+
struct ssl_ctx_st
{
SSL_METHOD *method;
unsigned long options;
- STACK /* SSL_CIPHER */ *cipher_list;
+ STACK_OF(SSL_CIPHER) *cipher_list;
/* same as above but sorted for lookup */
- STACK /* SSL_CIPHER */ *cipher_list_by_id;
+ STACK_OF(SSL_CIPHER) *cipher_list_by_id;
struct x509_store_st /* X509_STORE */ *cert_store;
struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */
@@ -404,7 +410,7 @@
/**/ int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);
/* what we put in client requests */
- STACK *client_CA;
+ STACK_OF(X509_NAME) *client_CA;
/**/ int quiet_shutdown;
@@ -414,8 +420,8 @@
EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
- STACK *extra_certs;
- STACK *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
+ STACK_OF(X509) *extra_certs;
+ STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
};
#define SSL_SESS_CACHE_OFF 0x0000
@@ -533,8 +539,8 @@
int hit; /* reusing a previous session */
/* crypto */
- STACK /* SSL_CIPHER */ *cipher_list;
- STACK /* SSL_CIPHER */ *cipher_list_by_id;
+ STACK_OF(SSL_CIPHER) *cipher_list;
+ STACK_OF(SSL_CIPHER) *cipher_list_by_id;
/* These are the ones being used, the ones is SSL_SESSION are
* the ones to be 'copied' into these ones */
@@ -588,7 +594,7 @@
CRYPTO_EX_DATA ex_data;
/* for server side, keep the list of CA_dn we can use */
- STACK /* X509_NAME */ *client_CA;
+ STACK_OF(X509_NAME) *client_CA;
int references;
unsigned long options;
@@ -868,7 +874,7 @@
int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
-STACK * SSL_load_client_CA_file(char *file);
+STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
int SSL_add_file_cert_subjects_to_stack(STACK *stackCAs,
const char *file);
int SSL_add_dir_cert_subjects_to_stack(STACK *stackCAs,
@@ -907,7 +913,7 @@
X509 * SSL_get_peer_certificate(SSL *s);
#endif
-STACK * SSL_get_peer_cert_chain(SSL *s);
+STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s);
int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))(int,X509_STORE_CTX *);
@@ -961,7 +967,7 @@
SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */
SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */
-STACK *SSL_get_ciphers(SSL *s);
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s);
int SSL_do_handshake(SSL *s);
int SSL_renegotiate(SSL *s);
@@ -974,10 +980,10 @@
char *SSL_alert_desc_string_long(int value);
char *SSL_alert_desc_string(int value);
-void SSL_set_client_CA_list(SSL *s, STACK *list);
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
-STACK *SSL_get_client_CA_list(SSL *s);
-STACK *SSL_CTX_get_client_CA_list(SSL_CTX *s);
+void SSL_set_client_CA_list(SSL *s, STACK_OF(X509_NAME) *list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *list);
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s);
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *s);
int SSL_add_client_CA(SSL *ssl,X509 *x);
int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index cf8238c..d334c90 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -331,7 +331,7 @@
int cert_req;
int ctype_num;
char ctype[SSL3_CT_NUMBER];
- STACK *ca_names;
+ STACK_OF(X509_NAME) *ca_names;
int use_rsa_tmp;
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
index f50de34..52812e9 100644
--- a/ssl/ssl_cert.c
+++ b/ssl/ssl_cert.c
@@ -143,7 +143,7 @@
#endif
}
if (c->cert_chain != NULL)
- sk_pop_free(c->cert_chain,X509_free);
+ sk_X509_pop_free(c->cert_chain,X509_free);
Free(c);
}
@@ -174,16 +174,16 @@
return(1);
}
-int ssl_verify_cert_chain(SSL *s,STACK *sk)
+int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk)
{
X509 *x;
int i;
X509_STORE_CTX ctx;
- if ((sk == NULL) || (sk_num(sk) == 0))
+ if ((sk == NULL) || (sk_X509_num(sk) == 0))
return(0);
- x=(X509 *)sk_value(sk,0);
+ x=sk_X509_value(sk,0);
X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk);
X509_STORE_CTX_set_ex_data(&ctx,SSL_get_ex_data_X509_STORE_CTX_idx(),
(char *)s);
@@ -207,10 +207,11 @@
return(i);
}
-static void set_client_CA_list(STACK **ca_list,STACK *list)
+static void set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
+ STACK_OF(X509_NAME) *list)
{
if (*ca_list != NULL)
- sk_pop_free(*ca_list,X509_NAME_free);
+ sk_X509_NAME_pop_free(*ca_list,X509_NAME_free);
*ca_list=list;
}
@@ -234,22 +235,22 @@
return(ret);
}
-void SSL_set_client_CA_list(SSL *s,STACK *list)
+void SSL_set_client_CA_list(SSL *s,STACK_OF(X509_NAME) *list)
{
set_client_CA_list(&(s->client_CA),list);
}
-void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK *list)
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx,STACK_OF(X509_NAME) *list)
{
set_client_CA_list(&(ctx->client_CA),list);
}
-STACK *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
+STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(SSL_CTX *ctx)
{
return(ctx->client_CA);
}
-STACK *SSL_get_client_CA_list(SSL *s)
+STACK_OF(X509_NAME) *SSL_get_client_CA_list(SSL *s)
{
if (s->type == SSL_ST_CONNECT)
{ /* we are in the client */
@@ -268,18 +269,18 @@
}
}
-static int add_client_CA(STACK **sk,X509 *x)
+static int add_client_CA(STACK_OF(X509_NAME) **sk,X509 *x)
{
X509_NAME *name;
if (x == NULL) return(0);
- if ((*sk == NULL) && ((*sk=sk_new_null()) == NULL))
+ if ((*sk == NULL) && ((*sk=sk_X509_NAME_new_null()) == NULL))
return(0);
if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
return(0);
- if (!sk_push(*sk,(char *)name))
+ if (!sk_X509_NAME_push(*sk,name))
{
X509_NAME_free(name);
return(0);
@@ -311,15 +312,15 @@
* \param file the file containing one or more certs.
* \return a ::STACK containing the certs.
*/
-STACK *SSL_load_client_CA_file(char *file)
+STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
{
BIO *in;
X509 *x=NULL;
X509_NAME *xn=NULL;
- STACK *ret,*sk;
+ STACK_OF(X509_NAME) *ret,*sk;
- ret=sk_new(NULL);
- sk=sk_new(name_cmp);
+ ret=sk_X509_NAME_new(NULL);
+ sk=sk_X509_NAME_new(name_cmp);
in=BIO_new(BIO_s_file_internal());
@@ -340,22 +341,22 @@
/* check for duplicates */
xn=X509_NAME_dup(xn);
if (xn == NULL) goto err;
- if (sk_find(sk,(char *)xn) >= 0)
+ if (sk_X509_NAME_find(sk,xn) >= 0)
X509_NAME_free(xn);
else
{
- sk_push(sk,(char *)xn);
- sk_push(ret,(char *)xn);
+ sk_X509_NAME_push(sk,xn);
+ sk_X509_NAME_push(ret,xn);
}
}
if (0)
{
err:
- if (ret != NULL) sk_pop_free(ret,X509_NAME_free);
+ if (ret != NULL) sk_X509_NAME_pop_free(ret,X509_NAME_free);
ret=NULL;
}
- if (sk != NULL) sk_free(sk);
+ if (sk != NULL) sk_X509_NAME_free(sk);
if (in != NULL) BIO_free(in);
if (x != NULL) X509_free(x);
return(ret);
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index e3f61ea..55c3fd0 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -74,7 +74,7 @@
NULL,NULL,NULL,NULL,NULL,NULL,
};
-static STACK /* SSL_COMP */ *ssl_comp_methods=NULL;
+static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
#define SSL_MD_MD5_IDX 0
#define SSL_MD_SHA1_IDX 1
@@ -211,9 +211,9 @@
{
ctmp.id=s->compress_meth;
- i=sk_find(ssl_comp_methods,(char *)&ctmp);
+ i=sk_SSL_COMP_find(ssl_comp_methods,&ctmp);
if (i >= 0)
- *comp=(SSL_COMP *)sk_value(ssl_comp_methods,i);
+ *comp=sk_SSL_COMP_value(ssl_comp_methods,i);
else
*comp=NULL;
}
@@ -298,14 +298,15 @@
*tail=curr;
}
-STACK *ssl_create_cipher_list(ssl_method,cipher_list,cipher_list_by_id,str)
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(ssl_method,cipher_list,
+ cipher_list_by_id,str)
SSL_METHOD *ssl_method;
-STACK **cipher_list,**cipher_list_by_id;
+STACK_OF(SSL_CIPHER) **cipher_list,**cipher_list_by_id;
char *str;
{
SSL_CIPHER *c;
char *l;
- STACK *ret=NULL,*ok=NULL;
+ STACK_OF(SSL_CIPHER) *ret=NULL,*ok=NULL;
#define CL_BUF 40
char buf[CL_BUF];
char *tmp_str=NULL;
@@ -340,7 +341,7 @@
num=ssl_method->num_ciphers();
- if ((ret=(STACK *)sk_new(NULL)) == NULL) goto err;
+ if ((ret=sk_SSL_CIPHER_new(NULL)) == NULL) goto err;
if ((ca_list=(STACK *)sk_new(cmp_by_name)) == NULL) goto err;
mask =SSL_kFZA;
@@ -573,7 +574,7 @@
{
if (curr->active)
{
- sk_push(ret,(char *)curr->cipher);
+ sk_SSL_CIPHER_push(ret,curr->cipher);
#ifdef CIPHER_DEBUG
printf("<%s>\n",curr->cipher->name);
#endif
@@ -583,15 +584,15 @@
if (cipher_list != NULL)
{
if (*cipher_list != NULL)
- sk_free(*cipher_list);
+ sk_SSL_CIPHER_free(*cipher_list);
*cipher_list=ret;
}
if (cipher_list_by_id != NULL)
{
if (*cipher_list_by_id != NULL)
- sk_free(*cipher_list_by_id);
- *cipher_list_by_id=sk_dup(ret);
+ sk_SSL_CIPHER_free(*cipher_list_by_id);
+ *cipher_list_by_id=sk_SSL_CIPHER_dup(ret);
}
if ( (cipher_list_by_id == NULL) ||
@@ -599,14 +600,14 @@
(cipher_list == NULL) ||
(*cipher_list == NULL))
goto err;
- sk_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
+ sk_SSL_CIPHER_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
ok=ret;
ret=NULL;
err:
if (tmp_str) Free(tmp_str);
if (ops != NULL) Free(ops);
- if (ret != NULL) sk_free(ret);
+ if (ret != NULL) sk_SSL_CIPHER_free(ret);
if (ca_list != NULL) sk_free(ca_list);
if (list != NULL) Free(list);
return(ok);
@@ -794,17 +795,17 @@
}
SSL_COMP *ssl3_comp_find(sk,n)
-STACK *sk;
+STACK_OF(SSL_COMP) *sk;
int n;
{
SSL_COMP *ctmp;
int i,nn;
if ((n == 0) || (sk == NULL)) return(NULL);
- nn=sk_num(sk);
+ nn=sk_SSL_COMP_num(sk);
for (i=0; i<nn; i++)
{
- ctmp=(SSL_COMP *)sk_value(sk,i);
+ ctmp=sk_SSL_COMP_value(sk,i);
if (ctmp->id == n)
return(ctmp);
}
@@ -817,7 +818,7 @@
return((*a)->id-(*b)->id);
}
-STACK *SSL_COMP_get_compression_methods()
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods()
{
return(ssl_comp_methods);
}
@@ -827,16 +828,16 @@
COMP_METHOD *cm;
{
SSL_COMP *comp;
- STACK *sk;
+ STACK_OF(SSL_COMP) *sk;
comp=(SSL_COMP *)Malloc(sizeof(SSL_COMP));
comp->id=id;
comp->method=cm;
if (ssl_comp_methods == NULL)
- sk=ssl_comp_methods=sk_new(sk_comp_cmp);
+ sk=ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);
else
sk=ssl_comp_methods;
- if ((sk == NULL) || !sk_push(sk,(char *)comp))
+ if ((sk == NULL) || !sk_SSL_COMP_push(sk,comp))
{
SSLerr(SSL_F_SSL_COMP_ADD_COMPRESSION_METHOD,ERR_R_MALLOC_FAILURE);
return(0);
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 3b6c364..566d112 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -145,13 +145,13 @@
/** Used to change an SSL_CTXs default SSL method type */
int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth)
{
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
ctx->method=meth;
sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
&(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
- if ((sk == NULL) || (sk_num(sk) <= 0))
+ if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= 0))
{
SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
return(0);
@@ -270,8 +270,8 @@
if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
/* add extra stuff */
- if (s->cipher_list != NULL) sk_free(s->cipher_list);
- if (s->cipher_list_by_id != NULL) sk_free(s->cipher_list_by_id);
+ if (s->cipher_list != NULL) sk_SSL_CIPHER_free(s->cipher_list);
+ if (s->cipher_list_by_id != NULL) sk_SSL_CIPHER_free(s->cipher_list_by_id);
/* Make the next call work :-) */
if (s->session != NULL)
@@ -288,7 +288,7 @@
if (s->ctx) SSL_CTX_free(s->ctx);
if (s->client_CA != NULL)
- sk_pop_free(s->client_CA,X509_NAME_free);
+ sk_X509_NAME_pop_free(s->client_CA,X509_NAME_free);
if (s->method != NULL) s->method->ssl_free(s);
@@ -460,9 +460,9 @@
return(r);
}
-STACK *SSL_get_peer_cert_chain(SSL *s)
+STACK_OF(X509) *SSL_get_peer_cert_chain(SSL *s)
{
- STACK *r;
+ STACK_OF(X509) *r;
if ((s == NULL) || (s->session == NULL) || (s->session->cert == NULL))
r=NULL;
@@ -705,7 +705,7 @@
/** return a STACK of the ciphers available for the SSL and in order of
* preference */
-STACK *SSL_get_ciphers(SSL *s)
+STACK_OF(SSL_CIPHER) *SSL_get_ciphers(SSL *s)
{
if ((s != NULL) && (s->cipher_list != NULL))
{
@@ -721,7 +721,7 @@
/** return a STACK of the ciphers available for the SSL and in order of
* algorithm id */
-STACK *ssl_get_ciphers_by_id(SSL *s)
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
{
if ((s != NULL) && (s->cipher_list_by_id != NULL))
{
@@ -739,13 +739,13 @@
char *SSL_get_cipher_list(SSL *s,int n)
{
SSL_CIPHER *c;
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
if (s == NULL) return(NULL);
sk=SSL_get_ciphers(s);
- if ((sk == NULL) || (sk_num(sk) <= n))
+ if ((sk == NULL) || (sk_SSL_CIPHER_num(sk) <= n))
return(NULL);
- c=(SSL_CIPHER *)sk_value(sk,n);
+ c=sk_SSL_CIPHER_value(sk,n);
if (c == NULL) return(NULL);
return(c->name);
}
@@ -753,7 +753,7 @@
/** specify the ciphers to be used by defaut by the SSL_CTX */
int SSL_CTX_set_cipher_list(SSL_CTX *ctx,char *str)
{
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
&ctx->cipher_list_by_id,str);
@@ -764,7 +764,7 @@
/** specify the ciphers to be used by the SSL */
int SSL_set_cipher_list(SSL *s,char *str)
{
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
&s->cipher_list_by_id,str);
@@ -776,7 +776,7 @@
char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
{
char *p,*cp;
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *c;
int i;
@@ -786,11 +786,11 @@
p=buf;
sk=s->session->ciphers;
- for (i=0; i<sk_num(sk); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
/* Decrement for either the ':' or a '\0' */
len--;
- c=(SSL_CIPHER *)sk_value(sk,i);
+ c=sk_SSL_CIPHER_value(sk,i);
for (cp=c->name; *cp; )
{
if (len-- == 0)
@@ -807,7 +807,7 @@
return(buf);
}
-int ssl_cipher_list_to_bytes(SSL *s,STACK *sk,unsigned char *p)
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p)
{
int i,j=0;
SSL_CIPHER *c;
@@ -816,19 +816,20 @@
if (sk == NULL) return(0);
q=p;
- for (i=0; i<sk_num(sk); i++)
+ for (i=0; i<sk_SSL_CIPHER_num(sk); i++)
{
- c=(SSL_CIPHER *)sk_value(sk,i);
+ c=sk_SSL_CIPHER_value(sk,i);
j=ssl_put_cipher_by_char(s,c,p);
p+=j;
}
return(p-q);
}
-STACK *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,STACK **skp)
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
+ STACK_OF(SSL_CIPHER) **skp)
{
SSL_CIPHER *c;
- STACK *sk;
+ STACK_OF(SSL_CIPHER) *sk;
int i,n;
n=ssl_put_cipher_by_char(s,NULL,NULL);
@@ -838,11 +839,11 @@
return(NULL);
}
if ((skp == NULL) || (*skp == NULL))
- sk=sk_new(NULL); /* change perhaps later */
+ sk=sk_SSL_CIPHER_new(NULL); /* change perhaps later */
else
{
sk= *skp;
- sk_zero(sk);
+ sk_SSL_CIPHER_zero(sk);
}
for (i=0; i<num; i+=n)
@@ -851,7 +852,7 @@
p+=n;
if (c != NULL)
{
- if (!sk_push(sk,(char *)c))
+ if (!sk_SSL_CIPHER_push(sk,c))
{
SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
goto err;
@@ -864,7 +865,7 @@
return(sk);
err:
if ((skp == NULL) || (*skp == NULL))
- sk_free(sk);
+ sk_SSL_CIPHER_free(sk);
return(NULL);
}
@@ -958,7 +959,8 @@
ssl_create_cipher_list(ret->method,
&ret->cipher_list,&ret->cipher_list_by_id,
SSL_DEFAULT_CIPHER_LIST);
- if ((ret->cipher_list == NULL) || (sk_num(ret->cipher_list) <= 0))
+ if (ret->cipher_list == NULL
+ || sk_SSL_CIPHER_num(ret->cipher_list) <= 0)
{
SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
goto err2;
@@ -980,7 +982,7 @@
goto err2;
}
- if ((ret->client_CA=sk_new_null()) == NULL)
+ if ((ret->client_CA=sk_X509_NAME_new_null()) == NULL)
goto err;
CRYPTO_new_ex_data(ssl_ctx_meth,(char *)ret,&ret->ex_data);
@@ -996,6 +998,9 @@
return(NULL);
}
+static void SSL_COMP_free(SSL_COMP *comp)
+ { Free(comp); }
+
void SSL_CTX_free(SSL_CTX *a)
{
int i;
@@ -1024,17 +1029,17 @@
if (a->cert_store != NULL)
X509_STORE_free(a->cert_store);
if (a->cipher_list != NULL)
- sk_free(a->cipher_list);
+ sk_SSL_CIPHER_free(a->cipher_list);
if (a->cipher_list_by_id != NULL)
- sk_free(a->cipher_list_by_id);
+ sk_SSL_CIPHER_free(a->cipher_list_by_id);
if (a->default_cert != NULL)
ssl_cert_free(a->default_cert);
if (a->client_CA != NULL)
- sk_pop_free(a->client_CA,X509_NAME_free);
+ sk_X509_NAME_pop_free(a->client_CA,X509_NAME_free);
if (a->extra_certs != NULL)
- sk_pop_free(a->extra_certs,X509_free);
+ sk_X509_pop_free(a->extra_certs,X509_free);
if (a->comp_methods != NULL)
- sk_pop_free(a->comp_methods,FreeFunc);
+ sk_SSL_COMP_pop_free(a->comp_methods,SSL_COMP_free);
Free((char *)a);
}
@@ -1427,7 +1432,7 @@
SSL *SSL_dup(SSL *s)
{
- STACK *sk;
+ STACK_OF(X509_NAME) *sk;
X509_NAME *xn;
SSL *ret;
int i;
@@ -1471,23 +1476,23 @@
/* dup the cipher_list and cipher_list_by_id stacks */
if (s->cipher_list != NULL)
{
- if ((ret->cipher_list=sk_dup(s->cipher_list)) == NULL)
+ if ((ret->cipher_list=sk_SSL_CIPHER_dup(s->cipher_list)) == NULL)
goto err;
}
if (s->cipher_list_by_id != NULL)
- if ((ret->cipher_list_by_id=sk_dup(s->cipher_list_by_id))
+ if ((ret->cipher_list_by_id=sk_SSL_CIPHER_dup(s->cipher_list_by_id))
== NULL)
goto err;
/* Dup the client_CA list */
if (s->client_CA != NULL)
{
- if ((sk=sk_dup(s->client_CA)) == NULL) goto err;
+ if ((sk=sk_X509_NAME_dup(s->client_CA)) == NULL) goto err;
ret->client_CA=sk;
- for (i=0; i<sk_num(sk); i++)
+ for (i=0; i<sk_X509_NAME_num(sk); i++)
{
- xn=(X509_NAME *)sk_value(sk,i);
- if ((sk_value(sk,i)=(char *)X509_NAME_dup(xn)) == NULL)
+ xn=sk_X509_NAME_value(sk,i);
+ if (sk_X509_NAME_set(sk,i,X509_NAME_dup(xn)) == NULL)
{
X509_NAME_free(xn);
goto err;
@@ -1796,3 +1801,6 @@
#if defined(_WINDLL) && defined(WIN16)
#include "../crypto/bio/bss_file.c"
#endif
+
+IMPLEMENT_STACK_OF(SSL_CIPHER)
+IMPLEMENT_STACK_OF(SSL_COMP)
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index b573457..a29994b 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -283,7 +283,7 @@
DH *(*dh_tmp_cb)(SSL *ssl,int export,int keysize);
CERT_PKEY pkeys[SSL_PKEY_NUM];
- STACK *cert_chain;
+ STACK_OF(X509) *cert_chain;
int references;
} CERT;
@@ -359,20 +359,23 @@
int ssl_get_prev_session(SSL *s, unsigned char *session,int len);
int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b);
int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp);
-STACK *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,STACK **skp);
-int ssl_cipher_list_to_bytes(SSL *s,STACK *sk,unsigned char *p);
-STACK *ssl_create_cipher_list(SSL_METHOD *meth,STACK **pref,
- STACK **sorted,char *str);
+STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
+ STACK_OF(SSL_CIPHER) **skp);
+int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p);
+STACK_OF(SSL_CIPHER) *ssl_create_cipher_list(SSL_METHOD *meth,
+ STACK_OF(SSL_CIPHER) **pref,
+ STACK_OF(SSL_CIPHER) **sorted,
+ char *str);
void ssl_update_cache(SSL *s, int mode);
int ssl_cipher_get_evp(SSL_SESSION *s, EVP_CIPHER **enc, EVP_MD **md,
SSL_COMP **comp);
-int ssl_verify_cert_chain(SSL *s,STACK *sk);
+int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
int ssl_undefined_function(SSL *s);
X509 *ssl_get_server_send_cert(SSL *);
EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
void ssl_set_cert_masks(CERT *c,CERT *default_cert,SSL_CIPHER *cipher);
-STACK *ssl_get_ciphers_by_id(SSL *s);
+STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s);
int ssl_verify_alarm_type(long type);
int ssl2_enc_init(SSL *s, int client);
@@ -432,7 +435,8 @@
int ssl3_enc(SSL *s, int send_data);
int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
-SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK *have,STACK *pref);
+SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK_OF(SSL_CIPHER) *have,
+ STACK_OF(SSL_CIPHER) *pref);
int ssl3_setup_buffers(SSL *s);
int ssl3_new(SSL *s);
void ssl3_free(SSL *s);
@@ -474,8 +478,8 @@
int ssl3_alert_code(int code);
int ssl_ok(SSL *s);
-SSL_COMP *ssl3_comp_find(STACK *sk, int n);
-STACK *SSL_COMP_get_compression_methods(void);
+SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n);
+STACK_OF(SSL_COMP) *SSL_COMP_get_compression_methods(void);
#else
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 341dc63..66bd281 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -399,7 +399,7 @@
memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
if (ss->cert != NULL) ssl_cert_free(ss->cert);
if (ss->peer != NULL) X509_free(ss->peer);
- if (ss->ciphers != NULL) sk_free(ss->ciphers);
+ if (ss->ciphers != NULL) sk_SSL_CIPHER_free(ss->ciphers);
memset(ss,0,sizeof(*ss));
Free(ss);
}
