1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
$NetBSD: patch-ab,v 1.1 2011/10/01 11:49:20 shattered Exp $
--- openssl.c.orig 2007-08-04 11:38:03.000000000 +0000
+++ openssl.c
@@ -38,7 +38,7 @@
#ifndef lint
#ifdef DOSCCS
-static char sccsid[] = "@(#)openssl.c 1.25 (gritter) 8/4/07";
+static char sccsid[] = "@(#)openssl.c 1.26 (gritter) 5/26/09";
#endif
#endif /* not lint */
@@ -101,12 +101,17 @@ static void sslcatch(int s);
static int ssl_rand_init(void);
static void ssl_init(void);
static int ssl_verify_cb(int success, X509_STORE_CTX *store);
-static SSL_METHOD *ssl_select_method(const char *uhp);
+static const SSL_METHOD *ssl_select_method(const char *uhp);
static void ssl_load_verifications(struct sock *sp);
static void ssl_certificate(struct sock *sp, const char *uhp);
static enum okay ssl_check_host(const char *server, struct sock *sp);
+#ifdef HAVE_STACK_OF
+static int smime_verify(struct message *m, int n, STACK_OF(X509) *chain,
+ X509_STORE *store);
+#else
static int smime_verify(struct message *m, int n, STACK *chain,
X509_STORE *store);
+#endif
static EVP_CIPHER *smime_cipher(const char *name);
static int ssl_password_cb(char *buf, int size, int rwflag, void *userdata);
static FILE *smime_sign_cert(const char *xname, const char *xname2, int warn);
@@ -203,10 +208,10 @@ ssl_verify_cb(int success, X509_STORE_CT
return 1;
}
-static SSL_METHOD *
+static const SSL_METHOD *
ssl_select_method(const char *uhp)
{
- SSL_METHOD *method;
+ const SSL_METHOD *method;
char *cp;
cp = ssl_method_string(uhp);
@@ -308,7 +313,11 @@ ssl_check_host(const char *server, struc
X509 *cert;
X509_NAME *subj;
char data[256];
+#ifdef HAVE_STACK_OF
+ STACK_OF(GENERAL_NAME) *gens;
+#else
/*GENERAL_NAMES*/STACK *gens;
+#endif
GENERAL_NAME *gen;
int i;
@@ -357,7 +366,8 @@ ssl_open(const char *server, struct sock
ssl_init();
ssl_set_vrfy_level(uhp);
- if ((sp->s_ctx = SSL_CTX_new(ssl_select_method(uhp))) == NULL) {
+ if ((sp->s_ctx =
+ SSL_CTX_new((SSL_METHOD *)ssl_select_method(uhp))) == NULL) {
ssl_gen_err(catgets(catd, CATSET, 261, "SSL_CTX_new() failed"));
return STOP;
}
@@ -496,7 +506,11 @@ smime_sign(FILE *ip, struct header *head
}
static int
+#ifdef HAVE_STACK_OF
+smime_verify(struct message *m, int n, STACK_OF(X509) *chain, X509_STORE *store)
+#else
smime_verify(struct message *m, int n, STACK *chain, X509_STORE *store)
+#endif
{
struct message *x;
char *cp, *sender, *to, *cc, *cnttype;
@@ -505,7 +519,12 @@ smime_verify(struct message *m, int n, S
off_t size;
BIO *fb, *pb;
PKCS7 *pkcs7;
+#ifdef HAVE_STACK_OF
+ STACK_OF(X509) *certs;
+ STACK_OF(GENERAL_NAME) *gens;
+#else
STACK *certs, *gens;
+#endif
X509 *cert;
X509_NAME *subj;
char data[LINESIZE];
@@ -614,7 +633,11 @@ cverify(void *vp)
{
int *msgvec = vp, *ip;
int ec = 0;
+#ifdef HAVE_STACK_OF
+ STACK_OF(X509) *chain = NULL;
+#else
STACK *chain = NULL;
+#endif
X509_STORE *store;
char *ca_dir, *ca_file;
@@ -687,7 +710,11 @@ smime_encrypt(FILE *ip, const char *cert
X509 *cert;
PKCS7 *pkcs7;
BIO *bb, *yb;
+#ifdef HAVE_STACK_OF
+ STACK_OF(X509) *certs;
+#else
STACK *certs;
+#endif
EVP_CIPHER *cipher;
certfile = expand((char *)certfile);
@@ -950,9 +977,14 @@ smime_certsave(struct message *m, int n,
off_t size;
BIO *fb, *pb;
PKCS7 *pkcs7;
+#ifdef HAVE_STACK_OF
+ STACK_OF(X509) *certs;
+ STACK_OF(X509) *chain = NULL;
+#else
STACK *certs;
- X509 *cert;
STACK *chain = NULL;
+#endif
+ X509 *cert;
enum okay ok = OKAY;
message_number = n;
|