Make conf_method_st and conf_st deprecated

So they can be made opaque in a future release. Fixes #15101 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15466)
2025-02-17 14:32:04 +08:00 · 2021-05-25 12:57:06 -04:00 · 2021-05-25 12:57:06 -04:00 · ff234c6804
commit ff234c6804
parent 147ed5f9de
9 changed files with 58 additions and 23 deletions
--- a/CHANGES.md
+++ b/CHANGES.md
@ -44,6 +44,11 @@ breaking changes, and mappings for the large list of deprecated functions.

   *Rich Salz*

+ * The public definitions of conf_method_st and conf_st have been
+   deprecated. They will be made opaque in a future release.
+
+   * Rich Salz *
+
 * Client-initiated renegotiation is disabled by default. To allow it, use
   the -client_renegotiation option, the SSL_OP_ALLOW_CLIENT_RENEGOTIATION
   flag, or the "ClientRenegotiation" config parameter as appropriate.
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@ -15,6 +15,7 @@
 #include <string.h>
 #include <openssl/conf.h>
 #include <openssl/conf_api.h>
+#include "conf_local.h"

 static void value_free_hash(const CONF_VALUE *a, LHASH_OF(CONF_VALUE) *conf);
 static void value_free_stack_doall(CONF_VALUE *a);
--- a/crypto/conf/conf_def.c
+++ b/crypto/conf/conf_def.c
@ -21,6 +21,7 @@
 #include <openssl/lhash.h>
 #include <openssl/conf.h>
 #include <openssl/conf_api.h>
+#include "conf_local.h"
 #include "conf_def.h"
 #include <openssl/buffer.h>
 #include <openssl/err.h>
--- a/crypto/conf/conf_lib.c
+++ b/crypto/conf/conf_lib.c
@ -16,6 +16,7 @@
 #include <openssl/err.h>
 #include <openssl/conf.h>
 #include <openssl/conf_api.h>
+#include "conf_local.h"
 #include <openssl/lhash.h>

 static CONF_METHOD *default_CONF_method = NULL;
--- a/crypto/conf/conf_local.h
+++ b/crypto/conf/conf_local.h
@ -7,4 +7,5 @@
 * https://www.openssl.org/source/license.html
 */

+#include <openssl/conftypes.h>
 void ossl_config_add_ssl_module(void);
--- a/crypto/conf/conf_mod.c
+++ b/crypto/conf/conf_mod.c
@ -21,6 +21,7 @@
 #include <openssl/x509.h>
 #include <openssl/trace.h>
 #include <openssl/engine.h>
+#include "conf_local.h"

 DEFINE_STACK_OF(CONF_MODULE)
 DEFINE_STACK_OF(CONF_IMODULE)
--- a/crypto/conf/conf_sap.c
+++ b/crypto/conf/conf_sap.c
@ -11,6 +11,7 @@
 #include <openssl/crypto.h>
 #include "internal/cryptlib.h"
 #include "internal/conf.h"
+#include "conf_local.h"
 #include <openssl/x509.h>
 #include <openssl/asn1.h>
 #include <openssl/engine.h>
--- a/include/openssl/conf.h.in
+++ b/include/openssl/conf.h.in
@ -48,21 +48,11 @@ struct conf_st;
 struct conf_method_st;
 typedef struct conf_method_st CONF_METHOD;

-struct conf_method_st {
-    const char *name;
-    CONF *(*create) (CONF_METHOD *meth);
-    int (*init) (CONF *conf);
-    int (*destroy) (CONF *conf);
-    int (*destroy_data) (CONF *conf);
-    int (*load_bio) (CONF *conf, BIO *bp, long *eline);
-    int (*dump) (const CONF *conf, BIO *bp);
-    int (*is_number) (const CONF *conf, char c);
-    int (*to_int) (const CONF *conf, char c);
-    int (*load) (CONF *conf, const char *name, long *eline);
-};
+# ifndef OPENSSL_NO_DEPRECATED_3_0
+#  include <openssl/conftypes.h>
+# endif

 /* Module definitions */
-
 typedef struct conf_imodule_st CONF_IMODULE;
 typedef struct conf_module_st CONF_MODULE;

@ -115,16 +105,6 @@ OSSL_DEPRECATEDIN_1_1_0 void OPENSSL_config(const char *config_name);
 * that wasn't the case, the above functions would have been replaced
 */

-struct conf_st {
-    CONF_METHOD *meth;
-    void *meth_data;
-    LHASH_OF(CONF_VALUE) *data;
-    int flag_dollarid;
-    int flag_abspath;
-    char *includedir;
-    OSSL_LIB_CTX *libctx;
-};
-
 CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth);
 CONF *NCONF_new(CONF_METHOD *meth);
 CONF_METHOD *NCONF_default(void);
--- a/include/openssl/conftypes.h
+++ b/include/openssl/conftypes.h
@ -0,0 +1,44 @@
+/*
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef  OPENSSL_CONFTYPES_H
+# define OPENSSL_CONFTYPES_H
+# pragma once
+
+#ifndef  OPENSSL_CONF_H
+# include <openssl/conf.h>
+#endif
+
+/*
+ * The contents of this file are deprecated and will be made opaque
+ */
+struct conf_method_st {
+    const char *name;
+    CONF *(*create) (CONF_METHOD *meth);
+    int (*init) (CONF *conf);
+    int (*destroy) (CONF *conf);
+    int (*destroy_data) (CONF *conf);
+    int (*load_bio) (CONF *conf, BIO *bp, long *eline);
+    int (*dump) (const CONF *conf, BIO *bp);
+    int (*is_number) (const CONF *conf, char c);
+    int (*to_int) (const CONF *conf, char c);
+    int (*load) (CONF *conf, const char *name, long *eline);
+};
+
+struct conf_st {
+    CONF_METHOD *meth;
+    void *meth_data;
+    LHASH_OF(CONF_VALUE) *data;
+    int flag_dollarid;
+    int flag_abspath;
+    char *includedir;
+    OSSL_LIB_CTX *libctx;
+};
+
+#endif