Various fixes so Win32 compile may work. Convert GeneralNames to use safe stack.

f5fedc04 · Dr. Stephen Henson · e4aac1cb · f5fedc04 · f5fedc04 · f5fedc04
12 changed file
--- a/crypto/stack/safestack.h
+++ b/crypto/stack/safestack.h
@@ -78,7 +78,8 @@ void sk_##type##_delete_ptr(STACK_OF(type) *sk,type *v); \
 void sk_##type##_set_cmp_func(STACK_OF(type) *sk,int (*cmp)(type **,type **)); \
 STACK_OF(type) *sk_##type##_dup(STACK_OF(type) *sk); \
 void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)); \
-type *sk_##type##_shift(STACK_OF(type) *sk);
+type *sk_##type##_shift(STACK_OF(type) *sk); \
+type *sk_##type##_pop(STACK_OF(type) *sk);

 #define IMPLEMENT_STACK_OF(type) \
 STACK_OF(type) *sk_##type##_new(int (*cmp)(type **,type **)) \
@@ -110,6 +111,8 @@ STACK_OF(type) *sk_##type##_dup(STACK_OF(type) *sk) \
 void sk_##type##_pop_free(STACK_OF(type) *sk,void (*func)(type *)) \
    { sk_pop_free((STACK *)sk,func); } \
 type *sk_##type##_shift(STACK_OF(type) *sk) \
-    { return (type *)sk_shift((STACK *)sk); }
+    { return (type *)sk_shift((STACK *)sk); } \
+type *sk_##type##_pop(STACK_OF(type) *sk) \
+    { return (type *)sk_pop((STACK *)sk); }

 #endif /* ndef HEADER_SAFESTACK_H */
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -847,10 +847,6 @@ int		X509_EXTENSION_set_data(X509_EXTENSION *ex,
 ASN1_OBJECT *	X509_EXTENSION_get_object(X509_EXTENSION *ex);
 ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
 int		X509_EXTENSION_get_critical(X509_EXTENSION *ex);
-ASN1_OCTET_STRING *X509v3_pack_string(ASN1_OCTET_STRING **ex,int type,
-			unsigned char *bytes, int len);
-ASN1_STRING *	X509v3_unpack_string(ASN1_STRING **ex,int type,
-			ASN1_OCTET_STRING *os);

 int		X509_verify_cert(X509_STORE_CTX *ctx);

@@ -1179,8 +1175,6 @@ int		X509_EXTENSION_set_data();
 ASN1_OBJECT *	X509_EXTENSION_get_object();
 ASN1_OCTET_STRING *X509_EXTENSION_get_data();
 int		X509_EXTENSION_get_critical();
-ASN1_OCTET_STRING *X509v3_pack_string();
-ASN1_STRING *	X509v3_unpack_string();

 int		X509_verify_cert();
 char *          X509_verify_cert_error_string();

--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -635,3 +635,4 @@ void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
 IMPLEMENT_STACK_OF(X509)
 IMPLEMENT_ASN1_SET_OF(X509)
 IMPLEMENT_STACK_OF(X509_NAME)
+IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -141,7 +141,7 @@ void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
 {
 	if (a == NULL) return;
 	ASN1_OCTET_STRING_free(a->keyid);
-	sk_pop_free(a->issuer, GENERAL_NAME_free);
+	sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free);
 	ASN1_INTEGER_free (a->serial);
 	Free ((char *)a);
 }
@@ -182,7 +182,7 @@ int i;
 CONF_VALUE *cnf;
 ASN1_OCTET_STRING *ikeyid = NULL;
 X509_NAME *isname = NULL;
-STACK * gens = NULL;
+STACK_OF(GENERAL_NAME) * gens = NULL;
 GENERAL_NAME *gen = NULL;
 ASN1_INTEGER *serial = NULL;
 X509_EXTENSION *ext;
@@ -216,7 +216,7 @@ cert = ctx->issuer_cert;
 if(keyid) {
 	i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);
 	if((i >= 0)  && (ext = X509_get_ext(cert, i)))
-			ikeyid = (ASN1_OCTET_STRING *) X509V3_EXT_d2i(ext);
+						 ikeyid = X509V3_EXT_d2i(ext);
 	if(keyid==2 && !ikeyid) {
 		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);
 		return NULL;
@@ -235,8 +235,8 @@ if((issuer && !ikeyid) || (issuer == 2)) {
 if(!(akeyid = AUTHORITY_KEYID_new())) goto err;

 if(isname) {
-	if(!(gens = sk_new(NULL)) || !(gen = GENERAL_NAME_new())
-		|| !sk_push(gens, (char *)gen)) {
+	if(!(gens = sk_GENERAL_NAME_new(NULL)) || !(gen = GENERAL_NAME_new())
+		|| !sk_GENERAL_NAME_push(gens, gen)) {
 		X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE);
 		goto err;
 	}

--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -62,10 +62,10 @@
 #include "x509v3.h"

 #ifndef NOPROTO
-static STACK *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
-static STACK *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
-static int copy_email(X509V3_CTX *ctx, STACK *gens);
-static int copy_issuer(X509V3_CTX *ctx, STACK *gens);
+static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
+static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
+static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
+static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
 #else
 static STACK *v2i_issuer_alt();
 static STACK *v2i_subject_alt();
@@ -95,19 +95,20 @@ NULL, NULL, NULL},
 EXT_END
 };

-STACK *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, STACK *gens, STACK *ret)
+STACK *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+				 STACK_OF(GENERAL_NAME) *gens, STACK *ret)
 {
 	int i;
 	GENERAL_NAME *gen;
-	for(i = 0; i < sk_num(gens); i++) {
-		gen = (GENERAL_NAME *)sk_value(gens, i);
+	for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) {
+		gen = sk_GENERAL_NAME_value(gens, i);
 		ret = i2v_GENERAL_NAME(method, gen, ret);
 	}
 	return ret;
 }

 STACK *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen,
-	     STACK *ret)
+								 STACK *ret)
 {
 	char oline[256];
 	unsigned char *p;
@@ -161,13 +162,13 @@ STACK *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen,
 	return ret;
 }

-static STACK *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-	     STACK *nval)
+static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
+						 X509V3_CTX *ctx, STACK *nval)
 {
-	STACK *gens = NULL;
+	STACK_OF(GENERAL_NAME) *gens = NULL;
 	CONF_VALUE *cnf;
 	int i;
-	if(!(gens = sk_new(NULL))) {
+	if(!(gens = sk_GENERAL_NAME_new(NULL))) {
 		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
@@ -180,21 +181,21 @@ static STACK *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 			GENERAL_NAME *gen;
 			if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
 								 goto err; 
-			sk_push(gens, (char *)gen);
+			sk_GENERAL_NAME_push(gens, gen);
 		}
 	}
 	return gens;
 	err:
-	sk_pop_free(gens, GENERAL_NAME_free);
+	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
 	return NULL;
 }

 /* Append subject altname of issuer to issuer alt name of subject */

-static int copy_issuer(X509V3_CTX *ctx, STACK *gens)
+static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
 {
-	STACK *ialt;
-	char *gen;
+	STACK_OF(GENERAL_NAME) *ialt;
+	GENERAL_NAME *gen;
 	X509_EXTENSION *ext;
 	int i;
 	if(ctx && (ctx->flags == CTX_TEST)) return 1;
@@ -205,19 +206,19 @@ static int copy_issuer(X509V3_CTX *ctx, STACK *gens)
        i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1);
 	if(i < 0) return 1;
        if(!(ext = X509_get_ext(ctx->issuer_cert, i)) ||
-                        !(ialt = (STACK *) X509V3_EXT_d2i(ext)) ) {
+                        !(ialt = X509V3_EXT_d2i(ext)) ) {
 		X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_ISSUER_DECODE_ERROR);
 		goto err;
 	}

-	for(i = 0; i < sk_num(ialt); i++) {
-		gen = sk_value(ialt, i);
-		if(!sk_push(gens, gen)) {
+	for(i = 0; i < sk_GENERAL_NAME_num(ialt); i++) {
+		gen = sk_GENERAL_NAME_value(ialt, i);
+		if(!sk_GENERAL_NAME_push(gens, gen)) {
 			X509V3err(X509V3_F_COPY_ISSUER,ERR_R_MALLOC_FAILURE);
 			goto err;
 		}
 	}
-	sk_free(ialt);
+	sk_GENERAL_NAME_free(ialt);

 	return 1;
 		
@@ -226,13 +227,13 @@ static int copy_issuer(X509V3_CTX *ctx, STACK *gens)
 	
 }

-static STACK *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-	     STACK *nval)
+static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
+						 X509V3_CTX *ctx, STACK *nval)
 {
-	STACK *gens = NULL;
+	STACK_OF(GENERAL_NAME) *gens = NULL;
 	CONF_VALUE *cnf;
 	int i;
-	if(!(gens = sk_new(NULL))) {
+	if(!(gens = sk_GENERAL_NAME_new(NULL))) {
 		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
@@ -245,12 +246,12 @@ static STACK *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 			GENERAL_NAME *gen;
 			if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf)))
 								 goto err; 
-			sk_push(gens, (char *)gen);
+			sk_GENERAL_NAME_push(gens, gen);
 		}
 	}
 	return gens;
 	err:
-	sk_pop_free(gens, GENERAL_NAME_free);
+	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
 	return NULL;
 }

@@ -258,7 +259,7 @@ static STACK *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
 * GENERAL_NAMES
 */

-static int copy_email(X509V3_CTX *ctx, STACK *gens)
+static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
 {
 	X509_NAME *nm;
 	ASN1_IA5STRING *email = NULL;
@@ -287,7 +288,7 @@ static int copy_email(X509V3_CTX *ctx, STACK *gens)
 		gen->d.ia5 = email;
 		email = NULL;
 		gen->type = GEN_EMAIL;
-		if(!sk_push(gens, (char *)gen)) {
+		if(!sk_GENERAL_NAME_push(gens, gen)) {
 			X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE);
 			goto err;
 		}
@@ -304,30 +305,30 @@ static int copy_email(X509V3_CTX *ctx, STACK *gens)
 	
 }

-STACK *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-	     STACK *nval)
+STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+						 X509V3_CTX *ctx, STACK *nval)
 {
 	GENERAL_NAME *gen;
-	STACK *gens = NULL;
+	STACK_OF(GENERAL_NAME) *gens = NULL;
 	CONF_VALUE *cnf;
 	int i;
-	if(!(gens = sk_new(NULL))) {
+	if(!(gens = sk_GENERAL_NAME_new(NULL))) {
 		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
 	for(i = 0; i < sk_num(nval); i++) {
 		cnf = (CONF_VALUE *)sk_value(nval, i);
 		if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; 
-		sk_push(gens, (char *)gen);
+		sk_GENERAL_NAME_push(gens, gen);
 	}
 	return gens;
 	err:
-	sk_pop_free(gens, GENERAL_NAME_free);
+	sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
 	return NULL;
 }

 GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-	     CONF_VALUE *cnf)
+							 CONF_VALUE *cnf)
 {
 char is_string = 0;
 int type;

--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -71,11 +71,15 @@ static int v3_check_critical(char **value);
 static int v3_check_generic(char **value);
 static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value);
 static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type);
+static char *conf_lhash_get_string(void *db, char *section, char *value);
+static STACK *conf_lhash_get_section(void *db, char *section);
 #else
 static int v3_check_critical();
 static int v3_check_generic();
 static X509_EXTENSION *do_ext_conf();
 static X509V3_EXTENSION *v3_generic_extension();
+static char *conf_lhash_get_string();
+static STACK *conf_lhash_get_section();
 #endif

 /* LHASH *conf:  Config file    */
@@ -299,14 +303,14 @@ void X509V3_string_free(X509V3_CTX *ctx, char *str)
 {
 	if(!str) return;
 	if(ctx->db_meth->free_string)
-			return ctx->db_meth->free_string(ctx->db, str);
+			ctx->db_meth->free_string(ctx->db, str);
 }

 void X509V3_section_free(X509V3_CTX *ctx, STACK *section)
 {
 	if(!section) return;
 	if(ctx->db_meth->free_section)
-			return ctx->db_meth->free_section(ctx->db, section);
+			ctx->db_meth->free_section(ctx->db, section);
 }

 static char *conf_lhash_get_string(void *db, char *section, char *value)

--- a/crypto/x509v3/v3_genn.c
+++ b/crypto/x509v3/v3_genn.c
@@ -118,7 +118,7 @@ int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp)
 	return ret;
 }

-GENERAL_NAME *GENERAL_NAME_new(void)
+GENERAL_NAME *GENERAL_NAME_new()
 {
 	GENERAL_NAME *ret=NULL;
 	ASN1_CTX c;
@@ -130,7 +130,7 @@ GENERAL_NAME *GENERAL_NAME_new(void)
 }

 GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp,
-	     long length)
+								 long length)
 {
 	unsigned char _tmp;
 	M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new);
@@ -214,24 +214,29 @@ void GENERAL_NAME_free(GENERAL_NAME *a)
 * an explicit functions.
 */

-STACK *GENERAL_NAMES_new(void)
+STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
 {
-	return sk_new(NULL);
+	return sk_GENERAL_NAME_new(NULL);
 }

-void GENERAL_NAMES_free(STACK *a)
+void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a)
 {
-	sk_pop_free(a, GENERAL_NAME_free);
+	sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free);
 }

-STACK *d2i_GENERAL_NAMES(STACK **a, unsigned char **pp, long length)
+STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a,
+					 unsigned char **pp, long length)
 {
-return d2i_ASN1_SET(a, pp, length, (char *(*)())d2i_GENERAL_NAME,
+return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME,
 			 GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
 }

-int i2d_GENERAL_NAMES(STACK *a, unsigned char **pp)
+int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp)
 {
-return i2d_ASN1_SET(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
+return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
 						 V_ASN1_UNIVERSAL, IS_SEQUENCE);
 }
+
+IMPLEMENT_STACK_OF(GENERAL_NAME)
+IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
+
--- a/crypto/x509v3/v3_lib.c
+++ b/crypto/x509v3/v3_lib.c
@@ -164,7 +164,7 @@ int X509V3_add_standard_extensions(void)

 /* Return an extension internal structure */

-char *X509V3_EXT_d2i(X509_EXTENSION *ext)
+void *X509V3_EXT_d2i(X509_EXTENSION *ext)
 {
 	X509V3_EXT_METHOD *method;
 	unsigned char *p;

--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -148,11 +148,6 @@ int ca;
 ASN1_INTEGER *pathlen;
 } BASIC_CONSTRAINTS;

-typedef struct AUTHORITY_KEYID_st {
-ASN1_OCTET_STRING *keyid;
-STACK *issuer;
-ASN1_INTEGER *serial;
-} AUTHORITY_KEYID;

 typedef struct PKEY_USAGE_PERIOD_st {
 ASN1_GENERALIZEDTIME *notBefore;
@@ -182,6 +177,15 @@ union {
 } d;
 } GENERAL_NAME;

+DECLARE_STACK_OF(GENERAL_NAME)
+DECLARE_ASN1_SET_OF(GENERAL_NAME)
+
+typedef struct AUTHORITY_KEYID_st {
+ASN1_OCTET_STRING *keyid;
+STACK_OF(GENERAL_NAME) *issuer;
+ASN1_INTEGER *serial;
+} AUTHORITY_KEYID;
+
 /* Strong extranet structures */

 typedef struct SXNET_ID_st {
@@ -298,12 +302,12 @@ PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **
 PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void);
 void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a);

-STACK *GENERAL_NAMES_new(void);
-void GENERAL_NAMES_free(STACK *a);
-STACK *d2i_GENERAL_NAMES(STACK **a, unsigned char **pp, long length);
-int i2d_GENERAL_NAMES(STACK *a, unsigned char **pp);
-STACK *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, STACK *gen, STACK *extlist);
-STACK *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
+STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void);
+void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a);
+STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length);
+int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp);
+STACK *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, STACK_OF(GENERAL_NAME) *gen, STACK *extlist);
+STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);

 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
@@ -373,7 +377,7 @@ X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext);
 X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid);
 int X509V3_add_standard_extensions(void);
 STACK *X509V3_parse_list(char *line);
-char *X509V3_EXT_d2i(X509_EXTENSION *ext);
+void *X509V3_EXT_d2i(X509_EXTENSION *ext);

 char *hex_to_string(unsigned char *buffer, long len);
 unsigned char *string_to_hex(char *str, long *len);
@@ -495,7 +499,7 @@ X509V3_EXT_METHOD *X509V3_EXT_get();
 X509V3_EXT_METHOD *X509V3_EXT_get_nid();
 int X509V3_add_standard_extensions();
 STACK *X509V3_parse_list();
-char *X509V3_EXT_d2i();
+void *X509V3_EXT_d2i();

 char *hex_to_string();
 unsigned char *string_to_hex();

--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1311,3 +1311,174 @@ DSA_do_verify							1336
 d2i_DSA_SIG								1337
 i2d_DSA_SIG								1338

+i2d_ASN1_VISIBLESTRING                  1339
+d2i_ASN1_VISIBLESTRING                  1340
+i2d_ASN1_UTF8STRING                     1341
+d2i_ASN1_UTF8STRING                     1342
+i2d_DIRECTORYSTRING                     1343
+d2i_DIRECTORYSTRING                     1344
+i2d_DISPLAYTEXT                         1345
+d2i_DISPLAYTEXT                         1346
+sk_X509_NAME_new                        1347
+sk_X509_NAME_new_null                   1348
+sk_X509_NAME_free                       1349
+sk_X509_NAME_num                        1350
+sk_X509_NAME_value                      1351
+sk_X509_NAME_set                        1352
+sk_X509_NAME_zero                       1353
+sk_X509_NAME_push                       1354
+sk_X509_NAME_pop                        1355
+sk_X509_NAME_find                       1356
+sk_X509_NAME_delete                     1357
+sk_X509_NAME_delete_ptr                 1358
+sk_X509_NAME_set_cmp_func               1359
+sk_X509_NAME_dup                        1360
+sk_X509_NAME_pop_free                   1361
+sk_X509_NAME_shift                      1362
+sk_X509_new                             1363
+sk_X509_new_null                        1364
+sk_X509_free                            1365
+sk_X509_num                             1366
+sk_X509_value                           1367
+sk_X509_set                             1368
+sk_X509_zero                            1369
+sk_X509_push                            1370
+sk_X509_pop                             1371
+sk_X509_find                            1372
+sk_X509_delete                          1373
+sk_X509_delete_ptr                      1374
+sk_X509_set_cmp_func                    1375
+sk_X509_dup                             1376
+sk_X509_pop_free                        1377
+sk_X509_shift                           1378
+d2i_ASN1_SET_OF_X509                    1379
+i2d_ASN1_SET_OF_X509                    1380
+sk_X509_ATTRIBUTE_new                   1381
+sk_X509_ATTRIBUTE_new_null              1382
+sk_X509_ATTRIBUTE_free                  1383
+sk_X509_ATTRIBUTE_num                   1384
+sk_X509_ATTRIBUTE_value                 1385
+sk_X509_ATTRIBUTE_set                   1386
+sk_X509_ATTRIBUTE_zero                  1387
+sk_X509_ATTRIBUTE_push                  1388
+sk_X509_ATTRIBUTE_pop                   1389
+sk_X509_ATTRIBUTE_find                  1390
+sk_X509_ATTRIBUTE_delete                1391
+sk_X509_ATTRIBUTE_delete_ptr            1392
+sk_X509_ATTRIBUTE_set_cmp_func          1393
+sk_X509_ATTRIBUTE_dup                   1394
+sk_X509_ATTRIBUTE_pop_free              1395
+sk_X509_ATTRIBUTE_shift                 1396
+i2d_PBKDF2PARAM                         1397
+PBKDF2PARAM_new                         1398
+d2i_PBKDF2PARAM                         1399
+PBKDF2PARAM_free                        1400
+i2d_PBE2PARAM                           1401
+PBE2PARAM_new                           1402
+d2i_PBE2PARAM                           1403
+PBE2PARAM_free                          1404
+sk_GENERAL_NAME_new                     1405
+sk_GENERAL_NAME_new_null                1406
+sk_GENERAL_NAME_free                    1407
+sk_GENERAL_NAME_num                     1408
+sk_GENERAL_NAME_value                   1409
+sk_GENERAL_NAME_set                     1410
+sk_GENERAL_NAME_zero                    1411
+sk_GENERAL_NAME_push                    1412
+sk_GENERAL_NAME_pop                     1413
+sk_GENERAL_NAME_find                    1414
+sk_GENERAL_NAME_delete                  1415
+sk_GENERAL_NAME_delete_ptr              1416
+sk_GENERAL_NAME_set_cmp_func            1417
+sk_GENERAL_NAME_dup                     1418
+sk_GENERAL_NAME_pop_free                1419
+sk_GENERAL_NAME_shift                   1420
+d2i_ASN1_SET_OF_GENERAL_NAME            1421
+i2d_ASN1_SET_OF_GENERAL_NAME            1422
+sk_SXNETID_new                          1423
+sk_SXNETID_new_null                     1424
+sk_SXNETID_free                         1425
+sk_SXNETID_num                          1426
+sk_SXNETID_value                        1427
+sk_SXNETID_set                          1428
+sk_SXNETID_zero                         1429
+sk_SXNETID_push                         1430
+sk_SXNETID_pop                          1431
+sk_SXNETID_find                         1432
+sk_SXNETID_delete                       1433
+sk_SXNETID_delete_ptr                   1434
+sk_SXNETID_set_cmp_func                 1435
+sk_SXNETID_dup                          1436
+sk_SXNETID_pop_free                     1437
+sk_SXNETID_shift                        1438
+d2i_ASN1_SET_OF_SXNETID                 1439
+i2d_ASN1_SET_OF_SXNETID                 1440
+sk_POLICYQUALINFO_new                   1441
+sk_POLICYQUALINFO_new_null              1442
+sk_POLICYQUALINFO_free                  1443
+sk_POLICYQUALINFO_num                   1444
+sk_POLICYQUALINFO_value                 1445
+sk_POLICYQUALINFO_set                   1446
+sk_POLICYQUALINFO_zero                  1447
+sk_POLICYQUALINFO_push                  1448
+sk_POLICYQUALINFO_pop                   1449
+sk_POLICYQUALINFO_find                  1450
+sk_POLICYQUALINFO_delete                1451
+sk_POLICYQUALINFO_delete_ptr            1452
+sk_POLICYQUALINFO_set_cmp_func          1453
+sk_POLICYQUALINFO_dup                   1454
+sk_POLICYQUALINFO_pop_free              1455
+sk_POLICYQUALINFO_shift                 1456
+d2i_ASN1_SET_OF_POLICYQUALINFO          1457
+i2d_ASN1_SET_OF_POLICYQUALINFO          1458
+sk_POLICYINFO_new                       1459
+sk_POLICYINFO_new_null                  1460
+sk_POLICYINFO_free                      1461
+sk_POLICYINFO_num                       1462
+sk_POLICYINFO_value                     1463
+sk_POLICYINFO_set                       1464
+sk_POLICYINFO_zero                      1465
+sk_POLICYINFO_push                      1466
+sk_POLICYINFO_pop                       1467
+sk_POLICYINFO_find                      1468
+sk_POLICYINFO_delete                    1469
+sk_POLICYINFO_delete_ptr                1470
+sk_POLICYINFO_set_cmp_func              1471
+sk_POLICYINFO_dup                       1472
+sk_POLICYINFO_pop_free                  1473
+sk_POLICYINFO_shift                     1474
+d2i_ASN1_SET_OF_POLICYINFO              1475
+i2d_ASN1_SET_OF_POLICYINFO              1476
+SXNET_add_id_asc                        1477
+SXNET_add_id_ulong                      1478
+SXNET_add_id_INTEGER                    1479
+SXNET_get_id_asc                        1480
+SXNET_get_id_ulong                      1481
+SXNET_get_id_INTEGER                    1482
+X509V3_set_conf_lhash                   1483
+i2d_CERTIFICATEPOLICIES                 1484
+CERTIFICATEPOLICIES_new                 1485
+CERTIFICATEPOLICIES_free                1486
+d2i_CERTIFICATEPOLICIES                 1487
+i2d_POLICYINFO                          1488
+POLICYINFO_new                          1489
+d2i_POLICYINFO                          1490
+POLICYINFO_free                         1491
+i2d_POLICYQUALINFO                      1492
+POLICYQUALINFO_new                      1493
+d2i_POLICYQUALINFO                      1494
+POLICYQUALINFO_free                     1495
+i2d_USERNOTICE                          1496
+USERNOTICE_new                          1497
+d2i_USERNOTICE                          1498
+USERNOTICE_free                         1499
+i2d_NOTICEREF                           1500
+NOTICEREF_new                           1501
+d2i_NOTICEREF                           1502
+NOTICEREF_free                          1503
+X509V3_get_string                       1504
+X509V3_get_section                      1505
+X509V3_string_free                      1506
+X509V3_section_free                     1507
+X509V3_set_ctx                          1508
+s2i_ASN1_INTEGER                        1509
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -192,7 +192,7 @@ sub do_defs
 				push(@ret,"sk_${1}_set");
 				push(@ret,"sk_${1}_zero");
 				push(@ret,"sk_${1}_push");
-			#	push(@ret,"sk_${1}_pop");
+				push(@ret,"sk_${1}_pop");
 				push(@ret,"sk_${1}_find");
 				push(@ret,"sk_${1}_delete");
 				push(@ret,"sk_${1}_delete_ptr");

--- a/util/ssleay.num
+++ b/util/ssleay.num
@@ -169,3 +169,35 @@ SSL_set_tmp_rsa_callback                186
 SSL_set_tmp_dh_callback                 187
 SSL_add_dir_cert_subjects_to_stack      188
 SSL_set_session_id_context              189
+sk_SSL_CIPHER_new                       190
+sk_SSL_CIPHER_new_null                  191
+sk_SSL_CIPHER_free                      192
+sk_SSL_CIPHER_num                       193
+sk_SSL_CIPHER_value                     194
+sk_SSL_CIPHER_set                       195
+sk_SSL_CIPHER_zero                      196
+sk_SSL_CIPHER_push                      197
+sk_SSL_CIPHER_pop                       198
+sk_SSL_CIPHER_find                      199
+sk_SSL_CIPHER_delete                    200
+sk_SSL_CIPHER_delete_ptr                201
+sk_SSL_CIPHER_set_cmp_func              202
+sk_SSL_CIPHER_dup                       203
+sk_SSL_CIPHER_pop_free                  204
+sk_SSL_CIPHER_shift                     205
+sk_SSL_COMP_new                         206
+sk_SSL_COMP_new_null                    207
+sk_SSL_COMP_free                        208
+sk_SSL_COMP_num                         209
+sk_SSL_COMP_value                       210
+sk_SSL_COMP_set                         211
+sk_SSL_COMP_zero                        212
+sk_SSL_COMP_push                        213
+sk_SSL_COMP_pop                         214
+sk_SSL_COMP_find                        215
+sk_SSL_COMP_delete                      216
+sk_SSL_COMP_delete_ptr                  217
+sk_SSL_COMP_set_cmp_func                218
+sk_SSL_COMP_dup                         219
+sk_SSL_COMP_pop_free                    220
+sk_SSL_COMP_shift                       221