From ee8ba0b26c101262521a0bc10233cdd5a136d126 Mon Sep 17 00:00:00 2001 From: Ben Laurie Date: Sun, 30 May 1999 15:25:47 +0000 Subject: [PATCH] Another safe stack. --- apps/ca.c | 8 ++++---- crypto/asn1/t_crl.c | 9 +++++---- crypto/asn1/x_crl.c | 34 +++++++++++++++++++++------------- crypto/stack/safestack.h | 7 +++++-- crypto/stack/stack.c | 20 ++++++++++++++------ crypto/stack/stack.h | 1 + crypto/x509/x509.h | 5 ++++- 7 files changed, 54 insertions(+), 30 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index 65209eeee3..e7ec2d97c1 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1073,15 +1073,15 @@ bad: if (!a2i_ASN1_INTEGER(hex,r->serialNumber, buf[0],BSIZE)) goto err; - sk_push(ci->revoked,(char *)r); + sk_X509_REVOKED_push(ci->revoked,r); } } /* sort the data so it will be written in serial * number order */ - sk_find(ci->revoked,NULL); - for (i=0; irevoked); i++) + sk_X509_REVOKED_sort(ci->revoked); + for (i=0; irevoked); i++) { - r=(X509_REVOKED *)sk_value(ci->revoked,i); + r=sk_X509_REVOKED_value(ci->revoked,i); r->sequence=i; } diff --git a/crypto/asn1/t_crl.c b/crypto/asn1/t_crl.c index 4470f0652f..c2e447ce6f 100644 --- a/crypto/asn1/t_crl.c +++ b/crypto/asn1/t_crl.c @@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x) { char buf[256]; unsigned char *s; - STACK *rev; + STACK_OF(X509_REVOKED) *rev; X509_REVOKED *r; long l; int i, j, n; @@ -117,11 +117,12 @@ int X509_CRL_print(BIO *out, X509_CRL *x) rev = X509_CRL_get_REVOKED(x); - if(sk_num(rev)) BIO_printf(out, "Revoked Certificates:\n"); + if(sk_X509_REVOKED_num(rev)) + BIO_printf(out, "Revoked Certificates:\n"); else BIO_printf(out, "No Revoked Certificates.\n"); - for(i = 0; i < sk_num(rev); i++) { - r = (X509_REVOKED *) sk_value(rev, i); + for(i = 0; i < sk_X509_REVOKED_num(rev); i++) { + r = sk_X509_REVOKED_value(rev, i); BIO_printf(out," Serial Number: "); i2a_ASN1_INTEGER(out,r->serialNumber); BIO_printf(out,"\n Revocation Date: ",""); diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c index 6d87edd6a7..683e1eef18 100644 --- a/crypto/asn1/x_crl.c +++ b/crypto/asn1/x_crl.c @@ -100,11 +100,13 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp) { int v1=0; long l=0; + int (*old_cmp)(X509_REVOKED **,X509_REVOKED **); M_ASN1_I2D_vars(a); + + old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp); + sk_X509_REVOKED_sort(a->revoked); + sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp); - if (sk_num(a->revoked) != 0) - qsort((char *)a->revoked->data,sk_num(a->revoked), - sizeof(X509_REVOKED *),(int (*)(const void *,const void *))X509_REVOKED_seq_cmp); if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0)) { M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); @@ -114,7 +116,8 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp) M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_TIME); if (a->nextUpdate != NULL) { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); } - M_ASN1_I2D_len_SEQUENCE_opt(a->revoked,i2d_X509_REVOKED); + M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked, + i2d_X509_REVOKED); M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, i2d_X509_EXTENSION,0, V_ASN1_SEQUENCE,v1); @@ -130,7 +133,8 @@ int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp) M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME); if (a->nextUpdate != NULL) { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); } - M_ASN1_I2D_put_SEQUENCE_opt(a->revoked,i2d_X509_REVOKED); + M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked, + i2d_X509_REVOKED); M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, i2d_X509_EXTENSION,0, V_ASN1_SEQUENCE,v1); @@ -172,16 +176,17 @@ X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, unsigned char **pp, V_ASN1_GENERALIZEDTIME); if (ret->revoked != NULL) { - while (sk_num(ret->revoked)) - X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked)); + while (sk_X509_REVOKED_num(ret->revoked)) + X509_REVOKED_free(sk_X509_REVOKED_pop(ret->revoked)); } - M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED,X509_REVOKED_free); + M_ASN1_D2I_get_seq_opt_type(X509_REVOKED,ret->revoked,d2i_X509_REVOKED, + X509_REVOKED_free); if (ret->revoked != NULL) { - for (i=0; irevoked); i++) + for (i=0; irevoked); i++) { - ((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i; + sk_X509_REVOKED_value(ret->revoked,i)->sequence=i; } } @@ -258,9 +263,9 @@ X509_CRL_INFO *X509_CRL_INFO_new(void) M_ASN1_New(ret->issuer,X509_NAME_new); M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new); ret->nextUpdate=NULL; - M_ASN1_New(ret->revoked,sk_new_null); + M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null); M_ASN1_New(ret->extensions,sk_X509_EXTENSION_new_null); - ret->revoked->comp=(int (*)())X509_REVOKED_cmp; + sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp); return(ret); M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW); } @@ -297,7 +302,7 @@ void X509_CRL_INFO_free(X509_CRL_INFO *a) ASN1_UTCTIME_free(a->lastUpdate); if (a->nextUpdate) ASN1_UTCTIME_free(a->nextUpdate); - sk_pop_free(a->revoked,X509_REVOKED_free); + sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free); sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); Free(a); } @@ -338,3 +343,6 @@ static int X509_REVOKED_seq_cmp(X509_REVOKED **a, X509_REVOKED **b) { return((*a)->sequence-(*b)->sequence); } + +IMPLEMENT_STACK_OF(X509_REVOKED) +IMPLEMENT_ASN1_SET_OF(X509_REVOKED) diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h index d0823c0d0a..38934981e3 100644 --- a/crypto/stack/safestack.h +++ b/crypto/stack/safestack.h @@ -82,7 +82,8 @@ int (*sk_##type##_set_cmp_func(STACK_OF(type) *sk, \ STACK_OF(type) *sk_##type##_dup(STACK_OF(type) *sk); \ void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)); \ type *sk_##type##_shift(STACK_OF(type) *sk); \ -type *sk_##type##_pop(STACK_OF(type) *sk); +type *sk_##type##_pop(STACK_OF(type) *sk); \ +void sk_##type##_sort(STACK_OF(type) *sk); #define IMPLEMENT_STACK_OF(type) \ STACK_OF(type) *sk_##type##_new(int (*cmp)(type **,type **)) \ @@ -121,6 +122,8 @@ void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)) \ type *sk_##type##_shift(STACK_OF(type) *sk) \ { return (type *)sk_shift((STACK *)sk); } \ type *sk_##type##_pop(STACK_OF(type) *sk) \ - { return (type *)sk_pop((STACK *)sk); } + { return (type *)sk_pop((STACK *)sk); } \ +void sk_##type##_sort(STACK_OF(type) *sk) \ + { sk_sort((STACK *)sk); } #endif /* ndef HEADER_SAFESTACK_H */ diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c index f1165b340c..8b96713884 100644 --- a/crypto/stack/stack.c +++ b/crypto/stack/stack.c @@ -217,13 +217,9 @@ int sk_find(STACK *st, char *data) return(i); return(-1); } - comp_func=(int (*)())st->comp; - if (!st->sorted) - { - qsort((char *)st->data,st->num,sizeof(char *),FP_ICC comp_func); - st->sorted=1; - } + sk_sort(st); if (data == NULL) return(-1); + comp_func=(int (*)())st->comp; r=(char **)bsearch(&data,(char *)st->data, st->num,sizeof(char *),FP_ICC comp_func); if (r == NULL) return(-1); @@ -301,3 +297,15 @@ char *sk_set(STACK *st, int i, char *value) if(st == NULL) return NULL; return (st->data[i] = value); } + +void sk_sort(STACK *st) + { + if (!st->sorted) + { + int (*comp_func)(); + + comp_func=(int (*)())st->comp; + qsort(st->data,st->num,sizeof(char *),FP_ICC comp_func); + st->sorted=1; + } + } diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h index ec629d0fd2..0f825cc0c4 100644 --- a/crypto/stack/stack.h +++ b/crypto/stack/stack.h @@ -98,6 +98,7 @@ char *sk_pop(STACK *st); void sk_zero(STACK *st); int (*sk_set_cmp_func(STACK *sk, int (*c)()))(); STACK *sk_dup(STACK *st); +void sk_sort(STACK *st); #ifdef __cplusplus } diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index de574791f7..30de3950f5 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -249,6 +249,9 @@ typedef struct X509_revoked_st int sequence; /* load sequence */ } X509_REVOKED; +DECLARE_STACK_OF(X509_REVOKED) +DECLARE_ASN1_SET_OF(X509_REVOKED) + typedef struct X509_crl_info_st { ASN1_INTEGER *version; @@ -256,7 +259,7 @@ typedef struct X509_crl_info_st X509_NAME *issuer; ASN1_UTCTIME *lastUpdate; ASN1_UTCTIME *nextUpdate; - STACK /* X509_REVOKED */ *revoked; + STACK_OF(X509_REVOKED) *revoked; STACK_OF(X509_EXTENSION) /* [0] */ *extensions; } X509_CRL_INFO; -- 2.25.1