1 files changed, 68 insertions, 100 deletions

diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index dfc060f899..ecfd4cf9ed 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -56,6 +56,12 @@
  * [including the GNU Public Licence.]
  */
 
+#ifndef HEADER_X509_H
+#include <openssl/x509.h>
+/* openssl/x509.h ends up #include-ing this file at about the only
+ * appropriate moment. */
+#endif
+
 #ifndef HEADER_X509_VFY_H
 #define HEADER_X509_VFY_H
 
@@ -63,8 +69,8 @@
 extern "C" {
 #endif
 
-#include "bio.h"
-#include "crypto.h"
+#include <openssl/bio.h>
+#include <openssl/crypto.h>
 
 /* Outer object */
 typedef struct x509_hash_dir_st
@@ -119,21 +125,33 @@ typedef struct x509_object_st
                 } data;
         } X509_OBJECT;
 
+typedef struct x509_lookup_st X509_LOOKUP;
+
+DECLARE_STACK_OF(X509_LOOKUP)
+
 /* This is a static that defines the function interface */
 typedef struct x509_lookup_method_st
         {
-        char *name;
-        int (*new_item)();
-        void (*free)();
-        int (*init)(/* meth, char ** */);
-        int (*shutdown)( /* meth, char ** */);
-        int (*ctrl)( /* meth, char **, int cmd, char *argp, int argi */);
-        int (*get_by_subject)(/* meth, char **, XNAME *, X509 **ret */);
-        int (*get_by_issuer_serial)();
-        int (*get_by_fingerprint)();
-        int (*get_by_alias)();
+        const char *name;
+        int (*new_item)(X509_LOOKUP *ctx);
+        void (*free)(X509_LOOKUP *ctx);
+        int (*init)(X509_LOOKUP *ctx);
+        int (*shutdown)(X509_LOOKUP *ctx);
+        int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl,
+                        char **ret);
+        int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name,
+                              X509_OBJECT *ret);
+        int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name,
+                                    ASN1_INTEGER *serial,X509_OBJECT *ret);
+        int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type,
+                                  unsigned char *bytes,int len,
+                                  X509_OBJECT *ret);
+        int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len,
+                            X509_OBJECT *ret);
         } X509_LOOKUP_METHOD;
 
+typedef struct x509_store_state_st X509_STORE_CTX;
+
 /* This is used to hold everything.  It is used for all certificate
  * validation.  Once we have a certificate chain, the 'verify'
  * function is then called to actually check the cert chain. */
@@ -148,13 +166,13 @@ typedef struct x509_store_st
 #endif
 
         /* These are external lookup methods */
-        STACK *get_cert_methods;/* X509_LOOKUP */
-        int (*verify)();        /* called to verify a certificate */
-        int (*verify_cb)();     /* error callback */
+        STACK_OF(X509_LOOKUP) *get_cert_methods;
+        int (*verify)(X509_STORE_CTX *ctx);     /* called to verify a certificate */
+        int (*verify_cb)(int ok,X509_STORE_CTX *ctx);   /* error callback */
 
         CRYPTO_EX_DATA ex_data;
         int references;
-        int depth;              /* how deep to look */
+        int depth;              /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */
         }  X509_STORE;
 
 #define X509_STORE_set_depth(ctx,d)       ((ctx)->depth=(d))
@@ -163,7 +181,7 @@ typedef struct x509_store_st
 #define X509_STORE_set_verify_func(ctx,func)    ((ctx)->verify=(func))
 
 /* This is the functions plus an instance of the local variables. */
-typedef struct x509_lookup_st
+struct x509_lookup_st
         {
         int init;                       /* have we been started */
         int skip;                       /* don't use us. */
@@ -171,25 +189,25 @@ typedef struct x509_lookup_st
         char *method_data;              /* method data */
 
         X509_STORE *store_ctx;  /* who owns us */
-        } X509_LOOKUP;
+        };
 
 /* This is a temporary used when processing cert chains.  Since the
  * gathering of the cert chain can take some time (and have to be
  * 'retried', this needs to be kept and passed around. */
-typedef struct x509_store_state_st
+struct x509_store_state_st      /* X509_STORE_CTX */
         {
         X509_STORE *ctx;
         int current_method;     /* used when looking up certs */
 
         /* The following are set by the caller */
         X509 *cert;             /* The cert to check */
-        STACK *untrusted;       /* chain of X509s - untrusted - passed in */
+        STACK_OF(X509) *untrusted;      /* chain of X509s - untrusted - passed in */
 
         /* The following is built up */
         int depth;              /* how far to go looking up certs */
         int valid;              /* if 0, rebuild chain */
         int last_untrusted;     /* index of last untrusted cert */
-        STACK *chain;           /* chain of X509s - built up and trusted */
+        STACK_OF(X509) *chain;          /* chain of X509s - built up and trusted */
 
         /* When something goes wrong, this is why */
         int error_depth;
@@ -197,7 +215,9 @@ typedef struct x509_store_state_st
         X509 *current_cert;
 
         CRYPTO_EX_DATA ex_data;
-        } X509_STORE_CTX;
+        };
+
+#define X509_STORE_CTX_set_depth(ctx,d)       ((ctx)->depth=(d))
 
 #define X509_STORE_CTX_set_app_data(ctx,data) \
         X509_STORE_CTX_set_ex_data(ctx,0,data)
@@ -207,11 +227,9 @@ typedef struct x509_store_state_st
 #define X509_L_FILE_LOAD        1
 #define X509_L_ADD_DIR          2
 
-X509_LOOKUP_METHOD *X509_LOOKUP_file();
 #define X509_LOOKUP_load_file(x,name,type) \
                 X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
 
-X509_LOOKUP_METHOD *X509_LOOKUP_dir();
 #define X509_LOOKUP_add_dir(x,name,type) \
                 X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
 
@@ -243,9 +261,23 @@ X509_LOOKUP_METHOD *X509_LOOKUP_dir();
 /* The application is not happy */
 #define         X509_V_ERR_APPLICATION_VERIFICATION             50
 
-#ifndef NOPROTO
+                  /* These functions are being redefined in another directory,
+                     and clash when the linker is case-insensitive, so let's
+                     hide them a little, by giving them an extra 'o' at the
+                     beginning of the name... */
+#ifdef VMS
+#undef X509v3_cleanup_extensions
+#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
+#undef X509v3_add_extension
+#define X509v3_add_extension oX509v3_add_extension
+#undef X509v3_add_netscape_extensions
+#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
+#undef X509v3_add_standard_extensions
+#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
+#endif
+
 #ifdef HEADER_LHASH_H
-X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name);
+X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h,int type,X509_NAME *name);
 #endif
 void X509_OBJECT_up_ref_count(X509_OBJECT *a);
 void X509_OBJECT_free_contents(X509_OBJECT *a);
@@ -253,7 +285,7 @@ X509_STORE *X509_STORE_new(void );
 void X509_STORE_free(X509_STORE *v);
 
 void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
-        X509 *x509, STACK *chain);
+                         X509 *x509, STACK_OF(X509) *chain);
 void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
 
 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
@@ -267,17 +299,14 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
 int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
         X509_OBJECT *ret);
 
-int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret);
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
+        long argl, char **ret);
 
 #ifndef NO_STDIO
-int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type);
-int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type);
+int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
+int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
 #endif
 
-void X509v3_cleanup_extensions(void );
-int X509v3_add_extension(X509_EXTENSION_METHOD *x);
-int X509v3_add_netscape_extensions(void );
-int X509v3_add_standard_extensions(void );
 
 X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
 void X509_LOOKUP_free(X509_LOOKUP *ctx);
@@ -294,82 +323,21 @@ int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
 
 #ifndef NO_STDIO
 int     X509_STORE_load_locations (X509_STORE *ctx,
-                char *file, char *dir);
+                const char *file, const char *dir);
 int     X509_STORE_set_default_paths(X509_STORE *ctx);
 #endif
 
 int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
         int (*dup_func)(), void (*free_func)());
-int     X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,char *data);
-char *  X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
+int     X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data);
+void *  X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
 int     X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
 void    X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
 int     X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
 X509 *  X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
-STACK * X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
 void    X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
-void    X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK /* X509 */ *sk);
-
-#else
-
-#ifdef HEADER_LHASH_H
-X509_OBJECT *X509_OBJECT_retrive_by_subject();
-#endif
-void X509_OBJECT_up_ref_count();
-void X509_OBJECT_free_contents();
-X509_STORE *X509_STORE_new();
-void X509_STORE_free();
-
-void X509_STORE_CTX_init();
-void X509_STORE_CTX_cleanup();
-
-X509_LOOKUP *X509_STORE_add_lookup();
-
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir();
-X509_LOOKUP_METHOD *X509_LOOKUP_file();
-
-int X509_STORE_add_cert();
-int X509_STORE_add_crl();
-
-int X509_STORE_get_by_subject();
-
-int X509_LOOKUP_ctrl();
-
-#ifndef NO_STDIO
-int X509_load_cert_file();
-int X509_load_crl_file();
-#endif
-
-void X509v3_cleanup_extensions();
-int X509v3_add_extension();
-int X509v3_add_netscape_extensions();
-int X509v3_add_standard_extensions();
-
-X509_LOOKUP *X509_LOOKUP_new();
-void X509_LOOKUP_free();
-int X509_LOOKUP_init();
-int X509_LOOKUP_by_subject();
-int X509_LOOKUP_by_issuer_serial();
-int X509_LOOKUP_by_fingerprint();
-int X509_LOOKUP_by_alias();
-int X509_LOOKUP_shutdown();
-
-#ifndef NO_STDIO
-int     X509_STORE_load_locations ();
-int     X509_STORE_set_default_paths();
-#endif
-
-int     X509_STORE_CTX_set_ex_data();
-char *  X509_STORE_CTX_get_ex_data();
-int     X509_STORE_CTX_get_error();
-void    X509_STORE_CTX_set_error();
-int     X509_STORE_CTX_get_error_depth();
-X509 *  X509_STORE_CTX_get_current_cert();
-STACK * X509_STORE_CTX_get_chain();
-void    X509_STORE_CTX_set_cert();
-void    X509_STORE_CTX_set_chain();
-
-#endif
+void    X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
 
 #ifdef  __cplusplus
 }