Implement STACK_OF(ANS1_OBJECT) for extended key usage extension, change the

documentation to reflect the STACK_OF(CONF_VALUE) change to the CONF lib and
use ANSI typedefs for X509V3_EXT_I2D and X509V3_EXT_FREE.

crypto/asn1/a_object.c

@@ -368,3 +368,5 @@ ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
 	return(OBJ_dup(&o));
 	}
 
+IMPLEMENT_STACK_OF(ASN1_OBJECT)
+IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)

crypto/asn1/asn1.h

@@ -497,6 +497,9 @@ int		i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
 ASN1_OBJECT *	d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
 			long length);
 
+DECLARE_STACK_OF(ASN1_OBJECT)
+DECLARE_ASN1_SET_OF(ASN1_OBJECT)
+
 ASN1_STRING *	ASN1_STRING_new(void );
 void		ASN1_STRING_free(ASN1_STRING *a);
 ASN1_STRING *	ASN1_STRING_dup(ASN1_STRING *a);

crypto/x509v3/v3_akey.c

@@ -71,9 +71,9 @@ static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
 X509V3_EXT_METHOD v3_akey_id = {
 NID_authority_key_identifier, X509V3_EXT_MULTILINE,
 (X509V3_EXT_NEW)AUTHORITY_KEYID_new,
-AUTHORITY_KEYID_free,
+(X509V3_EXT_FREE)AUTHORITY_KEYID_free,
 (X509V3_EXT_D2I)d2i_AUTHORITY_KEYID,
-i2d_AUTHORITY_KEYID,
+(X509V3_EXT_I2D)i2d_AUTHORITY_KEYID,
 NULL, NULL,
 (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,
 (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,

crypto/x509v3/v3_alt.c

@@ -61,25 +61,25 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
+static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
 static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
 X509V3_EXT_METHOD v3_alt[] = {
 { NID_subject_alt_name, 0,
 (X509V3_EXT_NEW)GENERAL_NAMES_new,
-GENERAL_NAMES_free,
+(X509V3_EXT_FREE)GENERAL_NAMES_free,
 (X509V3_EXT_D2I)d2i_GENERAL_NAMES,
-i2d_GENERAL_NAMES,
+(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
 NULL, NULL,
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_subject_alt,
 NULL, NULL, NULL},
 { NID_issuer_alt_name, 0,
 (X509V3_EXT_NEW)GENERAL_NAMES_new,
-GENERAL_NAMES_free,
+(X509V3_EXT_FREE)GENERAL_NAMES_free,
 (X509V3_EXT_D2I)d2i_GENERAL_NAMES,
-i2d_GENERAL_NAMES,
+(X509V3_EXT_I2D)i2d_GENERAL_NAMES,
 NULL, NULL,
 (X509V3_EXT_I2V)i2v_GENERAL_NAMES,
 (X509V3_EXT_V2I)v2i_issuer_alt,
@@ -156,7 +156,7 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method,
 }
 
 static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
-						 X509V3_CTX *ctx, STACK *nval)
+				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
 	STACK_OF(GENERAL_NAME) *gens = NULL;
 	CONF_VALUE *cnf;
@@ -165,8 +165,8 @@ static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
 		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
-	for(i = 0; i < sk_num(nval); i++) {
-		cnf = (CONF_VALUE *)sk_value(nval, i);
+	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+		cnf = sk_CONF_VALUE_value(nval, i);
 		if(!name_cmp(cnf->name, "issuer") && cnf->value &&
 						!strcmp(cnf->value, "copy")) {
 			if(!copy_issuer(ctx, gens)) goto err;
@@ -221,7 +221,7 @@ static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
 }
 
 static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
-						 X509V3_CTX *ctx, STACK *nval)
+				 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
 	STACK_OF(GENERAL_NAME) *gens = NULL;
 	CONF_VALUE *cnf;
@@ -230,8 +230,8 @@ static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
 		X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE);
 		return NULL;
 	}
-	for(i = 0; i < sk_num(nval); i++) {
-		cnf = (CONF_VALUE *)sk_value(nval, i);
+	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+		cnf = sk_CONF_VALUE_value(nval, i);
 		if(!name_cmp(cnf->name, "email") && cnf->value &&
 						!strcmp(cnf->value, "copy")) {
 			if(!copy_email(ctx, gens)) goto err;

crypto/x509v3/v3_bcons.c

@@ -70,9 +70,9 @@ static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V
 X509V3_EXT_METHOD v3_bcons = {
 NID_basic_constraints, 0,
 (X509V3_EXT_NEW)BASIC_CONSTRAINTS_new,
-BASIC_CONSTRAINTS_free,
+(X509V3_EXT_FREE)BASIC_CONSTRAINTS_free,
 (X509V3_EXT_D2I)d2i_BASIC_CONSTRAINTS,
-i2d_BASIC_CONSTRAINTS,
+(X509V3_EXT_I2D)i2d_BASIC_CONSTRAINTS,
 NULL, NULL,
 (X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS,
 (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS,

crypto/x509v3/v3_cpols.c

@@ -78,9 +78,9 @@ static STACK *nref_nos(STACK_OF(CONF_VALUE) *nos);
 X509V3_EXT_METHOD v3_cpols = {
 NID_certificate_policies, 0,
 (X509V3_EXT_NEW)CERTIFICATEPOLICIES_new,
-CERTIFICATEPOLICIES_free,
+(X509V3_EXT_FREE)CERTIFICATEPOLICIES_free,
 (X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES,
-i2d_CERTIFICATEPOLICIES,
+(X509V3_EXT_I2D)i2d_CERTIFICATEPOLICIES,
 NULL, NULL,
 NULL, NULL,
 (X509V3_EXT_I2R)i2r_certpol,

crypto/x509v3/v3_crld.c

@@ -71,9 +71,9 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method,
 X509V3_EXT_METHOD v3_crld = {
 NID_crl_distribution_points, X509V3_EXT_MULTILINE,
 (X509V3_EXT_NEW)CRL_DIST_POINTS_new,
-CRL_DIST_POINTS_free,
+(X509V3_EXT_FREE)CRL_DIST_POINTS_free,
 (X509V3_EXT_D2I)d2i_CRL_DIST_POINTS,
-i2d_CRL_DIST_POINTS,
+(X509V3_EXT_I2D)i2d_CRL_DIST_POINTS,
 NULL, NULL,
 (X509V3_EXT_I2V)i2v_crld,
 (X509V3_EXT_V2I)v2i_crld,

crypto/x509v3/v3_enum.c

@@ -76,12 +76,13 @@ static ENUMERATED_NAMES crl_reasons[] = {
 
 X509V3_EXT_METHOD v3_crl_reason = { 
 NID_crl_reason, 0,
-(X509V3_EXT_NEW)asn1_enumerated_new, ASN1_STRING_free,
+(X509V3_EXT_NEW)asn1_enumerated_new,
+(X509V3_EXT_FREE)ASN1_STRING_free,
 (X509V3_EXT_D2I)d2i_ASN1_ENUMERATED,
-i2d_ASN1_ENUMERATED,
+(X509V3_EXT_I2D)i2d_ASN1_ENUMERATED,
 (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
 (X509V3_EXT_S2I)NULL,
-NULL, NULL, NULL, NULL, (char *)crl_reasons};
+NULL, NULL, NULL, NULL, crl_reasons};
 
 
 static ASN1_ENUMERATED *asn1_enumerated_new(void)

crypto/x509v3/v3_extku.c

@@ -63,16 +63,16 @@
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
 
-static STACK *v2i_ext_ku(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-						STACK_OF(CONF_VALUE) *nval);
+static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
 static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
-				STACK *eku, STACK_OF(CONF_VALUE) *extlist);
+		STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist);
 X509V3_EXT_METHOD v3_ext_ku = {
 NID_ext_key_usage, 0,
 (X509V3_EXT_NEW)ext_ku_new,
-ext_ku_free,
+(X509V3_EXT_FREE)ext_ku_free,
 (X509V3_EXT_D2I)d2i_ext_ku,
-i2d_ext_ku,
+(X509V3_EXT_I2D)i2d_ext_ku,
 NULL, NULL,
 (X509V3_EXT_I2V)i2v_ext_ku,
 (X509V3_EXT_V2I)v2i_ext_ku,
@@ -80,55 +80,56 @@ NULL,NULL,
 NULL
 };
 
-STACK *ext_ku_new(void)
+STACK_OF(ASN1_OBJECT) *ext_ku_new(void)
 {
-	return sk_new_null();
+	return sk_ASN1_OBJECT_new_null();
 }
 
-void ext_ku_free(STACK *eku)
+void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)
 {
-	sk_pop_free(eku, ASN1_OBJECT_free);
+	sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
 	return;
 }
 
-int i2d_ext_ku(STACK *a, unsigned char **pp)
+int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp)
 {
-	return i2d_ASN1_SET(a, pp, i2d_ASN1_OBJECT, V_ASN1_SEQUENCE,
-						 V_ASN1_UNIVERSAL, IS_SEQUENCE);
+	return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
+				V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
 }
 
-STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length)
+STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
+					unsigned char **pp, long length)
 {
-	return d2i_ASN1_SET(a, pp, length, (char *(*)())(d2i_ASN1_OBJECT),
+	return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
 			 ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
 }
 
 
 
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, STACK *eku,
-	     STACK_OF(CONF_VALUE) *ext_list)
+static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
+		STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list)
 {
 int i;
 ASN1_OBJECT *obj;
 char obj_tmp[80];
-for(i = 0; i < sk_num(eku); i++) {
-	obj = (ASN1_OBJECT *)sk_value(eku, i);
+for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
+	obj = sk_ASN1_OBJECT_value(eku, i);
 	i2t_ASN1_OBJECT(obj_tmp, 80, obj);
 	X509V3_add_value(NULL, obj_tmp, &ext_list);
 }
 return ext_list;
 }
 
-static STACK *v2i_ext_ku(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-						STACK_OF(CONF_VALUE) *nval)
+static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+				X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-STACK *extku;
+STACK_OF(ASN1_OBJECT) *extku;
 char *extval;
 ASN1_OBJECT *objtmp;
 CONF_VALUE *val;
 int i;
 
-if(!(extku = sk_new(NULL))) {
+if(!(extku = sk_ASN1_OBJECT_new(NULL))) {
 	X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
 	return NULL;
 }
@@ -138,12 +139,12 @@ for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
 	if(val->value) extval = val->value;
 	else extval = val->name;
 	if(!(objtmp = OBJ_txt2obj(extval, 0))) {
-		sk_pop_free(extku, ASN1_OBJECT_free);
+		sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
 		X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
 		X509V3_conf_err(val);
 		return NULL;
 	}
-	sk_push(extku, (char *)objtmp);
+	sk_ASN1_OBJECT_push(extku, objtmp);
 }
 return extku;
 }

crypto/x509v3/v3_int.c

@@ -64,9 +64,10 @@ static ASN1_INTEGER *asn1_integer_new(void);
 
 X509V3_EXT_METHOD v3_crl_num = { 
 NID_crl_number, 0,
-(X509V3_EXT_NEW)asn1_integer_new, ASN1_STRING_free,
+(X509V3_EXT_NEW)asn1_integer_new,
+(X509V3_EXT_FREE)ASN1_STRING_free,
 (X509V3_EXT_D2I)d2i_ASN1_INTEGER,
-i2d_ASN1_INTEGER,
+(X509V3_EXT_I2D)i2d_ASN1_INTEGER,
 (X509V3_EXT_I2S)i2s_ASN1_INTEGER,
 (X509V3_EXT_S2I)NULL,
 NULL, NULL, NULL, NULL, NULL};

crypto/x509v3/v3_pku.c

@@ -64,14 +64,14 @@
 
 static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
 /*
-static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *values);
+static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);
 */
 X509V3_EXT_METHOD v3_pkey_usage_period = {
 NID_private_key_usage_period, 0,
 (X509V3_EXT_NEW)PKEY_USAGE_PERIOD_new,
-PKEY_USAGE_PERIOD_free,
+(X509V3_EXT_FREE)PKEY_USAGE_PERIOD_free,
 (X509V3_EXT_D2I)d2i_PKEY_USAGE_PERIOD,
-i2d_PKEY_USAGE_PERIOD,
+(X509V3_EXT_I2D)i2d_PKEY_USAGE_PERIOD,
 NULL, NULL, NULL, NULL,
 (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL,
 NULL
@@ -144,7 +144,7 @@ static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
 static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values)
 X509V3_EXT_METHOD *method;
 X509V3_CTX *ctx;
-STACK *values;
+STACK_OF(CONF_VALUE) *values;
 {
 return NULL;
 }

crypto/x509v3/v3_skey.c

@@ -65,9 +65,10 @@ static ASN1_OCTET_STRING *octet_string_new(void);
 static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
 X509V3_EXT_METHOD v3_skey_id = { 
 NID_subject_key_identifier, 0,
-(X509V3_EXT_NEW)octet_string_new, ASN1_STRING_free,
+(X509V3_EXT_NEW)octet_string_new,
+(X509V3_EXT_FREE)ASN1_STRING_free,
 (X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING,
-i2d_ASN1_OCTET_STRING,
+(X509V3_EXT_I2D)i2d_ASN1_OCTET_STRING,
 (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
 (X509V3_EXT_S2I)s2i_skey_id,
 NULL, NULL, NULL, NULL, NULL};

crypto/x509v3/v3_sxnet.c

@@ -69,14 +69,15 @@
 
 static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
 #ifdef SXNET_TEST
-static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
+static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+						STACK_OF(CONF_VALUE) *nval);
 #endif
 X509V3_EXT_METHOD v3_sxnet = {
 NID_sxnet, X509V3_EXT_MULTILINE,
 (X509V3_EXT_NEW)SXNET_new,
-SXNET_free,
+(X509V3_EXT_FREE)SXNET_free,
 (X509V3_EXT_D2I)d2i_SXNET,
-i2d_SXNET,
+(X509V3_EXT_I2D)i2d_SXNET,
 NULL, NULL,
 NULL, 
 #ifdef SXNET_TEST
@@ -206,13 +207,13 @@ static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
 
 
 static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
-	     STACK *nval)
+	     STACK_OF(CONF_VALUE) *nval)
 {
 	CONF_VALUE *cnf;
 	SXNET *sx = NULL;
 	int i;
-	for(i = 0; i < sk_num(nval); i++) {
-		cnf = (CONF_VALUE *)sk_value(nval, i);
+	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+		cnf = sk_CONF_VALUE_value(nval, i);
 		if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
 								 return NULL;
 	}

crypto/x509v3/v3_utl.c

@@ -96,7 +96,7 @@ int X509V3_add_value_uchar(const char *name, const unsigned char *value,
     return X509V3_add_value(name,(const char *)value,extlist);
     }
 
-/* Free function for STACK of CONF_VALUE */
+/* Free function for STACK_OF(CONF_VALUE) */
 
 void X509V3_conf_free(CONF_VALUE *conf)
 {

crypto/x509v3/x509v3.h

@@ -72,10 +72,10 @@ struct v3_ext_ctx;
 
 /* Useful typedefs */
 
-typedef void * (*X509V3_EXT_NEW)();
-typedef void (*X509V3_EXT_FREE)();
-typedef char * (*X509V3_EXT_D2I)();
-typedef int (*X509V3_EXT_I2D)();
+typedef void * (*X509V3_EXT_NEW)(void);
+typedef void (*X509V3_EXT_FREE)(void *);
+typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long);
+typedef int (*X509V3_EXT_I2D)(void *, unsigned char **);
 typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist);
 typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values);
 typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext);
@@ -255,9 +255,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
 #define X509V3_set_ctx_nodb(ctx) ctx->db = NULL;
 
 #define EXT_BITSTRING(nid, table) { nid, 0, \
-			(X509V3_EXT_NEW)asn1_bit_string_new, ASN1_STRING_free, \
+			(X509V3_EXT_NEW)asn1_bit_string_new, \
+			(X509V3_EXT_FREE)ASN1_STRING_free, \
 			(X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \
-			i2d_ASN1_BIT_STRING, \
+			(X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \
 			NULL, NULL, \
 			(X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
 			(X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
@@ -265,9 +266,10 @@ DECLARE_ASN1_SET_OF(POLICYINFO)
 			(char *)table}
 
 #define EXT_IA5STRING(nid) { nid, 0, \
-			(X509V3_EXT_NEW)ia5string_new, ASN1_STRING_free, \
+			(X509V3_EXT_NEW)ia5string_new, \
+			(X509V3_EXT_FREE)ASN1_STRING_free, \
 			(X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \
-			i2d_ASN1_IA5STRING, \
+			(X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \
 			(X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \
 			(X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \
 			NULL, NULL, NULL, NULL, \
@@ -329,10 +331,11 @@ STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
 
-int i2d_ext_ku(STACK *a, unsigned char **pp);
-STACK *d2i_ext_ku(STACK **a, unsigned char **pp, long length);
-void ext_ku_free(STACK *a);
-STACK *ext_ku_new(void);
+int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp);
+STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
+					unsigned char **pp, long length);
+void ext_ku_free(STACK_OF(ASN1_OBJECT) *a);
+STACK_OF(ASN1_OBJECT) *ext_ku_new(void);
 
 int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
 STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);

doc/openssl.txt

@@ -581,11 +581,11 @@ void X509V3_string_free(X509V3_CTX *ctx, char *str);
 
 This function frees up the string returned by the above function.
 
-STACK * X509V3_get_section(X509V3_CTX *ctx, char *section);
+STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section);
 
-This function returns a whole section as a STACK of CONF_VALUE structures.
+This function returns a whole section as a STACK_OF(CONF_VALUE) .
 
-void X509V3_section_free( X509V3_CTX *ctx, STACK *section);
+void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section);
 
 This function frees up the STACK returned by the above function.
 
@@ -595,9 +595,9 @@ be set to an X509V3_CTX_METHOD structure. This structure contains the following
 function pointers:
 
 char * (*get_string)(void *db, char *section, char *value);
-STACK * (*get_section)(void *db, char *section);
+STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
 void (*free_string)(void *db, char * string);
-void (*free_section)(void *db, STACK *section);
+void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
 
 these will be called and passed the 'db' element in the X509V3_CTX structure
 to access the database. If a given function is not implemented or not required
@@ -646,24 +646,28 @@ int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
 
 This accepts a decimal integer of arbitrary length and sets an ASN1_INTEGER.
 
-int X509V3_add_value(const char *name, const char *value, STACK **extlist);
+int X509V3_add_value(const char *name, const char *value,
+						STACK_OF(CONF_VALUE) **extlist);
 
 This simply adds a string name and value pair.
 
 int X509V3_add_value_uchar(const char *name, const unsigned char *value,
-                           STACK **extlist);
+                          			STACK_OF(CONF_VALUE) **extlist);
 
 The same as above but for an unsigned character value.
 
-int X509V3_add_value_bool(const char *name, int asn1_bool, STACK **extlist);
+int X509V3_add_value_bool(const char *name, int asn1_bool,
+						STACK_OF(CONF_VALUE) **extlist);
 
 This adds either "TRUE" or "FALSE" depending on the value of 'ans1_bool'
 
-int X509V3_add_value_bool_nf(char *name, int asn1_bool, STACK **extlist);
+int X509V3_add_value_bool_nf(char *name, int asn1_bool,
+						STACK_OF(CONF_VALUE) **extlist);
 
 This is the same as above except it adds nothing if asn1_bool is FALSE.
 
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, STACK **extlist);
+int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+						STACK_OF(CONF_VALUE) **extlist);
 
 This function adds the value of the ASN1_INTEGER in decimal form.
 
@@ -678,8 +682,8 @@ Currently there are three types of supported extensions.
 String extensions are simple strings where the value is placed directly in the
 extensions, and the string returned is printed out.
 
-Multi value extensions are passed a STACK of name and value pairs or return
-such a STACK.
+Multi value extensions are passed a STACK_OF(CONF_VALUE) name and value pairs
+or return a STACK_OF(CONF_VALUE).
 
 Raw extensions are just passed a BIO or a value and it is the extensions
 responsiblity to handle all the necessary printing.
@@ -776,7 +780,7 @@ This function takes the string representation in the ext parameter and returns
 an allocated internal structure: ext_free() will be used on this internal
 structure after use.
 
-i2v and v2i handle a stack of CONF_VALUE structures:
+i2v and v2i handle a STACK_OF(CONF_VALUE):
 
 typedef struct
 {
@@ -787,16 +791,17 @@ typedef struct
 
 Only the name and value members are currently used.
 
-STACK * i2v(struct v3_ext_method *method, void *ext);
+STACK_OF(CONF_VALUE) * i2v(struct v3_ext_method *method, void *ext);
 
 This function is passed the internal structure in the ext parameter and
 returns a STACK of CONF_VALUE structures. The values of name, value,
 section and the structure itself will be freed up with Free after use.
 Several helper functions are available to add values to this STACK.
 
-void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK *values);
+void * v2i(struct v3_ext_method *method, struct v3_ext_ctx *ctx,
+						STACK_OF(CONF_VALUE) *values);
 
-This function takes a STACK of CONF_VALUE structures and should set the
+This function takes a STACK_OF(CONF_VALUE) structures and should set the
 values of the external structure. This typically uses the name element to
 determine which structure element to set and the value element to determine
 what to set it to. Several helper functions are available for this