Fix safestack issues in asn1.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12781)

.gitignore

@@ -22,9 +22,10 @@
 # Auto generated headers
 /crypto/buildinf.h
 /include/crypto/*_conf.h
+/include/openssl/asn1.h
 /include/openssl/configuration.h
-/include/openssl/opensslv.h
 /include/openssl/fipskey.h
+/include/openssl/opensslv.h
 /include/openssl/safestack.h
 /include/openssl/ssl.h
 /include/openssl/x509.h

apps/asn1pars.c

@@ -18,8 +18,6 @@
 #include <openssl/pem.h>
 #include <openssl/asn1t.h>
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
     OPT_INFORM, OPT_IN, OPT_OUT, OPT_INDENT, OPT_NOOUT,

apps/cmp_mock_srv.c

@@ -16,7 +16,6 @@
 #include <openssl/cmperr.h>
 
 DEFINE_STACK_OF(OSSL_CMP_ITAV)
-DEFINE_STACK_OF(ASN1_UTF8STRING)
  
 /* the context for the CMP mock server */
 typedef struct

apps/x509.c

@@ -28,8 +28,6 @@
 # include <openssl/dsa.h>
 #endif
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 #undef POSTFIX
 #define POSTFIX ".srl"
 #define DEF_DAYS        30

build.info

@@ -13,8 +13,10 @@ DEPEND[libssl]=libcrypto
 
 # Empty DEPEND "indices" means the dependencies are expected to be built
 # unconditionally before anything else.
-DEPEND[]=include/openssl/configuration.h include/openssl/opensslv.h \
+DEPEND[]=include/openssl/asn1.h \
+         include/openssl/configuration.h \
          include/openssl/fipskey.h \
+         include/openssl/opensslv.h \
          include/openssl/safestack.h \
          include/openssl/ssl.h \
          include/openssl/x509.h \
@@ -22,9 +24,10 @@ DEPEND[]=include/openssl/configuration.h include/openssl/opensslv.h \
          include/crypto/bn_conf.h include/crypto/dso_conf.h \
          doc/man7/openssl_user_macros.pod
 
+GENERATE[include/openssl/asn1.h]=include/openssl/asn1.h.in
 GENERATE[include/openssl/configuration.h]=include/openssl/configuration.h.in
-GENERATE[include/openssl/opensslv.h]=include/openssl/opensslv.h.in
 GENERATE[include/openssl/fipskey.h]=include/openssl/fipskey.h.in
+GENERATE[include/openssl/opensslv.h]=include/openssl/opensslv.h.in
 GENERATE[include/openssl/safestack.h]=include/openssl/safestack.h.in
 GENERATE[include/openssl/ssl.h]=include/openssl/ssl.h.in
 GENERATE[include/openssl/x509.h]=include/openssl/x509.h.in

crypto/asn1/a_strnid.c

@@ -12,8 +12,6 @@
 #include <openssl/asn1.h>
 #include <openssl/objects.h>
 
-DEFINE_STACK_OF(ASN1_STRING_TABLE)
-
 static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
 static void st_free(ASN1_STRING_TABLE *tbl);
 static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,

crypto/asn1/asn1_gen.c

@@ -23,7 +23,6 @@
 
 #define ASN1_GEN_STR(str,val)   {str, sizeof(str) - 1, val}
 
-DEFINE_STACK_OF(ASN1_TYPE)
 DEFINE_STACK_OF(CONF_VALUE)
 
 #define ASN1_FLAG_EXP_MAX       20

crypto/asn1/asn1_lib.c

@@ -13,8 +13,6 @@
 #include <openssl/asn1.h>
 #include "asn1_local.h"
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
-
 static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
                            long max);
 static void asn1_put_length(unsigned char **pp, int length);

crypto/asn1/asn_mime.c

@@ -20,7 +20,6 @@
 #include "asn1_local.h"
 
 DEFINE_STACK_OF(BIO)
-DEFINE_STACK_OF(X509_ALGOR)
 
 /*
  * Generalised MIME like utilities for streaming ASN1. Although many have a

crypto/asn1/d2i_pr.c

@@ -21,7 +21,6 @@
 #include "crypto/asn1.h"
 #include "crypto/evp.h"
 
-DEFINE_STACK_OF(ASN1_TYPE)
 EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
                             long length, OPENSSL_CTX *libctx, const char *propq)
 {

crypto/cmp/cmp_client.c

@@ -21,7 +21,6 @@
 
 #include "openssl/cmp_util.h"
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 DEFINE_STACK_OF(OSSL_CMP_CERTRESPONSE)
 DEFINE_STACK_OF(OSSL_CMP_PKISI)
 DEFINE_STACK_OF(OSSL_CRMF_CERTID)

crypto/cmp/cmp_ctx.c

@@ -21,7 +21,6 @@
 #include <openssl/crmf.h>
 #include <openssl/err.h>
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 DEFINE_STACK_OF(OSSL_CMP_ITAV)
 
 /*

crypto/cmp/cmp_hdr.c

@@ -20,7 +20,6 @@
 #include <openssl/cmp.h>
 #include <openssl/err.h>
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 DEFINE_STACK_OF(OSSL_CMP_ITAV)
 
 int ossl_cmp_hdr_set_pvno(OSSL_CMP_PKIHEADER *hdr, int pvno)

crypto/cmp/cmp_msg.c

@@ -27,7 +27,6 @@ DEFINE_STACK_OF(OSSL_CMP_PKISI)
 DEFINE_STACK_OF(OSSL_CRMF_MSG)
 DEFINE_STACK_OF(OSSL_CMP_CERTRESPONSE)
 DEFINE_STACK_OF(OSSL_CRMF_CERTID)
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 
 OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg)
 {

crypto/cmp/cmp_status.c

@@ -26,8 +26,6 @@
 #include <openssl/x509.h>
 #include <openssl/asn1err.h> /* for ASN1_R_TOO_SMALL and ASN1_R_TOO_LARGE */
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
-
 /* CMP functions related to PKIStatus */
 
 int ossl_cmp_pkisi_get_status(const OSSL_CMP_PKISI *si)

crypto/cmp/cmp_util.c

@@ -17,7 +17,6 @@
 #include <openssl/x509v3.h>
 
 DEFINE_STACK_OF(X509_OBJECT)
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 
 /*
  * use trace API for CMP-specific logging, prefixed by "CMP " and severity

crypto/cms/cms_sd.c

@@ -24,7 +24,6 @@
 
 DEFINE_STACK_OF(CMS_RevocationInfoChoice)
 DEFINE_STACK_OF(CMS_SignerInfo)
-DEFINE_STACK_OF(X509_ALGOR)
 
 /* CMS SignedData Utilities */
 

crypto/ocsp/ocsp_ext.c

@@ -16,8 +16,6 @@
 #include <openssl/rand.h>
 #include <openssl/x509v3.h>
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 /* Standard wrapper functions for extensions */
 
 /* OCSP request extensions */

crypto/pkcs7/pk7_attr.c

@@ -17,8 +17,6 @@
 #include <openssl/x509.h>
 #include <openssl/err.h>
 
-DEFINE_STACK_OF(X509_ALGOR)
-
 int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
                               STACK_OF(X509_ALGOR) *cap)
 {

crypto/pkcs7/pk7_doit.c

@@ -16,7 +16,6 @@
 #include <openssl/err.h>
 #include "pk7_local.h"
 
-DEFINE_STACK_OF(X509_ALGOR)
 DEFINE_STACK_OF(PKCS7_RECIP_INFO)
 DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
 

crypto/pkcs7/pk7_lib.c

@@ -16,7 +16,6 @@
 #include "crypto/x509.h" /* for sk_X509_add1_cert() */
 #include "pk7_local.h"
 
-DEFINE_STACK_OF(X509_ALGOR)
 DEFINE_STACK_OF(PKCS7_RECIP_INFO)
 DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
 

crypto/pkcs7/pk7_smime.c

@@ -17,7 +17,6 @@
 
 #define BUFFERSIZE 4096
 
-DEFINE_STACK_OF(X509_ALGOR)
 DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
 
 static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);

crypto/ts/ts_rsp_print.c

@@ -15,7 +15,6 @@
 #include <openssl/ts.h>
 #include "ts_local.h"
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 DEFINE_STACK_OF(CONF_VALUE)
 
 struct status_map_st {

crypto/ts/ts_rsp_sign.c

@@ -17,8 +17,6 @@
 #include "ts_local.h"
 #include "crypto/ess.h"
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
-DEFINE_STACK_OF(ASN1_OBJECT)
 DEFINE_STACK_OF_CONST(EVP_MD)
 
 static ASN1_INTEGER *def_serial_cb(struct TS_resp_ctx *, void *);

crypto/ts/ts_rsp_verify.c

@@ -18,7 +18,6 @@
 DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
 DEFINE_STACK_OF(ESS_CERT_ID)
 DEFINE_STACK_OF(ESS_CERT_ID_V2)
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 
 static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted,
                           X509 *signer, STACK_OF(X509) **chain);

crypto/x509/pcy_data.c

@@ -13,8 +13,6 @@
 
 #include "pcy_local.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 /* Policy Node routines */
 
 void policy_data_free(X509_POLICY_DATA *data)

crypto/x509/pcy_map.c

@@ -14,8 +14,6 @@
 
 #include "pcy_local.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 /*
  * Set policy mapping entries in cache. Note: this modifies the passed
  * POLICY_MAPPINGS structure

crypto/x509/pcy_node.c

@@ -14,8 +14,6 @@
 
 #include "pcy_local.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 static int node_cmp(const X509_POLICY_NODE *const *a,
                     const X509_POLICY_NODE *const *b)
 {

crypto/x509/pcy_tree.c

@@ -14,8 +14,6 @@
 
 #include "pcy_local.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 static void expected_print(BIO *channel,
                            X509_POLICY_LEVEL *lev, X509_POLICY_NODE *node,
                            int indent)

crypto/x509/t_x509.c

@@ -17,8 +17,6 @@
 #include "crypto/asn1.h"
 #include "crypto/x509.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 #ifndef OPENSSL_NO_STDIO
 int X509_print_fp(FILE *fp, X509 *x)
 {

crypto/x509/v3_admis.c

@@ -20,8 +20,6 @@
 #include "v3_admis.h"
 #include "ext_dat.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 ASN1_SEQUENCE(NAMING_AUTHORITY) = {
     ASN1_OPT(NAMING_AUTHORITY, namingAuthorityId, ASN1_OBJECT),
     ASN1_OPT(NAMING_AUTHORITY, namingAuthorityUrl, ASN1_IA5STRING),

crypto/x509/v3_cpols.c

@@ -19,7 +19,6 @@
 #include "ext_dat.h"
 
 DEFINE_STACK_OF(CONF_VALUE)
-DEFINE_STACK_OF(ASN1_INTEGER)
 
 /* Certificate policies extension support: this one is a bit complex... */
 

crypto/x509/v3_extku.c

@@ -14,7 +14,6 @@
 #include <openssl/x509v3.h>
 #include "ext_dat.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
 DEFINE_STACK_OF(CONF_VALUE)
 
 static void *v2i_EXTENDED_KEY_USAGE(const X509V3_EXT_METHOD *method,

crypto/x509/v3_purp.c

@@ -16,8 +16,6 @@
 #include "internal/tsan_assist.h"
 #include "x509_local.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 static int check_ssl_ca(const X509 *x);
 static int check_purpose_ssl_client(const X509_PURPOSE *xp, const X509 *x,
                                     int ca);

crypto/x509/v3_tlsf.c

@@ -16,7 +16,6 @@
 #include "ext_dat.h"
 #include "x509_local.h"
 
-DEFINE_STACK_OF(ASN1_INTEGER)
 DEFINE_STACK_OF(CONF_VALUE)
 
 static STACK_OF(CONF_VALUE) *i2v_TLS_FEATURE(const X509V3_EXT_METHOD *method,

crypto/x509/x509_att.c

@@ -17,8 +17,6 @@
 #include <openssl/x509v3.h>
 #include "x509_local.h"
 
-DEFINE_STACK_OF(ASN1_TYPE)
-
 int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
 {
     return sk_X509_ATTRIBUTE_num(x);

crypto/x509/x509_trs.c

@@ -12,8 +12,6 @@
 #include <openssl/x509v3.h>
 #include "crypto/x509.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 static int tr_cmp(const X509_TRUST *const *a, const X509_TRUST *const *b);
 static void trtable_free(X509_TRUST *p);
 

crypto/x509/x509_vpm.c

@@ -18,7 +18,6 @@
 
 #include "x509_local.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
 DEFINE_STACK_OF(X509_VERIFY_PARAM)
 
 /* X509_VERIFY_PARAM functions */

crypto/x509/x_attrib.c

@@ -14,8 +14,6 @@
 #include <openssl/x509.h>
 #include "x509_local.h"
 
-DEFINE_STACK_OF(ASN1_TYPE)
-
 /*-
  * X509_ATTRIBUTE: this has the following form:
  *

crypto/x509/x_x509a.c

@@ -14,8 +14,6 @@
 #include <openssl/x509.h>
 #include "crypto/x509.h"
 
-DEFINE_STACK_OF(ASN1_OBJECT)
-
 /*
  * X509_CERT_AUX routines. These are used to encode additional user
  * modifiable data about a certificate. This data is appended to the X509

include/openssl/asn1.h.in

@@ -1,4 +1,6 @@
 /*
+ * {- join("\n * ", @autowarntext) -}
+ *
  * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
@@ -7,6 +9,10 @@
  * https://www.openssl.org/source/license.html
  */
 
+{-
+use OpenSSL::stackhash qw(generate_stack_macros);
+-}
+
 #ifndef OPENSSL_ASN1_H
 # define OPENSSL_ASN1_H
 # pragma once
@@ -121,7 +127,10 @@ extern "C" {
 # define SMIME_STREAM            0x1000
 
 /* Stacks for types not otherwise defined in this header */
-DEFINE_OR_DECLARE_STACK_OF(X509_ALGOR)
+{-
+    generate_stack_macros("X509_ALGOR");
+-}
+
 
 # define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */
 /*
@@ -196,7 +205,9 @@ struct asn1_string_table_st {
     unsigned long flags;
 };
 
-DEFINE_OR_DECLARE_STACK_OF(ASN1_STRING_TABLE)
+{-
+    generate_stack_macros("ASN1_STRING_TABLE");
+-}
 
 /* size limits: this stuff is taken straight from RFC2459 */
 
@@ -452,7 +463,9 @@ struct asn1_type_st {
     } value;
 };
 
-DEFINE_OR_DECLARE_STACK_OF(ASN1_TYPE)
+{-
+    generate_stack_macros("ASN1_TYPE");
+-}
 
 typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
 
@@ -506,7 +519,9 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b);
 ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t);
 void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t);
 
-DEFINE_OR_DECLARE_STACK_OF(ASN1_OBJECT)
+{-
+    generate_stack_macros("ASN1_OBJECT");
+-}
 
 DECLARE_ASN1_FUNCTIONS(ASN1_OBJECT)
 
@@ -542,7 +557,10 @@ int ASN1_BIT_STRING_num_asc(const char *name, BIT_STRING_BITNAME *tbl);
 int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, const char *name, int value,
                             BIT_STRING_BITNAME *tbl);
 
-DEFINE_OR_DECLARE_STACK_OF(ASN1_INTEGER)
+{-
+    generate_stack_macros("ASN1_INTEGER");
+-}
+
 
 DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
 ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
@@ -577,7 +595,9 @@ int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
 int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
                           int len);
 
-DEFINE_OR_DECLARE_STACK_OF(ASN1_UTF8STRING)
+{-
+    generate_stack_macros("ASN1_UTF8STRING");
+-}
 
 DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
 DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
@@ -588,7 +608,9 @@ DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
 int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
 int UTF8_putc(unsigned char *str, int len, unsigned long value);
 
-DEFINE_OR_DECLARE_STACK_OF(ASN1_GENERALSTRING)
+{-
+    generate_stack_macros("ASN1_GENERALSTRING");
+-}
 
 DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
 

test/cmp_ctx_test.c

@@ -13,7 +13,6 @@
 
 #include <openssl/x509_vfy.h>
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 DEFINE_STACK_OF(OSSL_CMP_ITAV)
 
 typedef struct test_fixture {

test/cmp_hdr_test.c

@@ -12,7 +12,6 @@
 #include "cmp_testlib.h"
 
 DEFINE_STACK_OF(OSSL_CMP_ITAV)
-DEFINE_STACK_OF(ASN1_UTF8STRING)
 
 static unsigned char rand_data[OSSL_CMP_TRANSACTIONID_LENGTH];
 

test/cmp_status_test.c

@@ -11,8 +11,6 @@
 
 #include "cmp_testlib.h"
 
-DEFINE_STACK_OF(ASN1_UTF8STRING)
-
 typedef struct test_fixture {
     const char *test_case_name;
     int pkistatus;