$OpenBSD: patch-smime_c,v 1.2 2010/10/03 21:40:42 jasper Exp $

* Fix for OpenSSL 1.0.0. (STACK has gone.)
* Use proper sk_TYPE_num, sk_TYPE_value for each TYPE.
From NetBSD patch-ae.

--- smime.c.orig	Tue Jun  3 03:58:57 2008
+++ smime.c	Sun Oct  3 22:49:16 2010
@@ -108,7 +108,7 @@ smime_decrypt(struct state *state)
 	struct header *hdr;
 	char buf[BUFSIZ];
 #ifndef OPENSSL_BUG_FIXED
-	STACK *sk;
+	STACK_OF(PKCS7_RECIP_INFO) *sk;
 	PKCS7_RECIP_INFO *ri;
 #endif
 
@@ -174,10 +174,10 @@ smime_decrypt(struct state *state)
 		sk = NULL;
 		break;
 	case NID_pkcs7_signedAndEnveloped:
-		sk = (STACK *)p7->d.signed_and_enveloped->recipientinfo;
+		sk = p7->d.signed_and_enveloped->recipientinfo;
 		break;
 	case NID_pkcs7_enveloped:
-		sk = (STACK *)p7->d.enveloped->recipientinfo;
+		sk = p7->d.enveloped->recipientinfo;
 		break;
 	default:
 		sk = NULL;
@@ -185,7 +185,7 @@ smime_decrypt(struct state *state)
 	}
 	if (sk) {
 		for (;;) {
-			if (sk_num(sk) == 0) {
+			if (sk_PKCS7_RECIP_INFO_num(sk) == 0) {
 				strlcpy(state->status,
 				    "Cannot find recipient info for me\n",
 				    sizeof(state->status));
@@ -194,11 +194,11 @@ smime_decrypt(struct state *state)
 				PKCS7_free(p7);
 				return -1;
 			}
-			ri=(PKCS7_RECIP_INFO *)sk_value(sk,0);
+			ri=sk_PKCS7_RECIP_INFO_value(sk,0);
 			if (X509_name_cmp(ri->issuer_and_serial->issuer, X509_get_issuer_name(x509)) == 0
 			&&  ASN1_INTEGER_cmp(ri->issuer_and_serial->serial, X509_get_serialNumber(x509)) == 0)
 				break;
-			sk_shift(sk);
+			sk_PKCS7_RECIP_INFO_shift(sk);
 			PKCS7_RECIP_INFO_free(ri);
 		}
 	}
@@ -401,7 +401,7 @@ smime_verify(struct state *state)
 	cbuf_t *cb, cbuf, sproto, from;
 	int i, ret;
 	PKCS7 *p7;
-	STACK *sk;
+	STACK_OF(PKCS7_SIGNER_INFO) *sk;
 	char *p, *ep;
 	BIO *detached, *p7bio;
 	PKCS7_SIGNER_INFO *si;
@@ -496,11 +496,11 @@ BIO_read_filename(detached, "/tmp/smime.txt");
 	    getenv("SSL_CERT_DIR"));
 	ERR_clear_error();
 
-	sk = (STACK *)PKCS7_get_signer_info(p7);
+	sk = PKCS7_get_signer_info(p7);
 	strlcpy(state->status, "S/MIME verify OK", sizeof(state->status));
 	ret = 1;
-	for (i = 0; i < sk_num(sk); i++) {
-		si = (PKCS7_SIGNER_INFO *)sk_value(sk, i);
+	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sk); i++) {
+		si = sk_PKCS7_SIGNER_INFO_value(sk, i);
 		if (PKCS7_dataVerify(cert_store, &cert_ctx, p7bio, p7, si) <= 0) {
 			ret = -1;
 			snprintf(state->status, sizeof(state->status),
@@ -560,7 +560,7 @@ smime_sign(struct state *state)
 {
 	int i;
 	PKCS7 *p7;
-	STACK *sk;
+	STACK_OF(X509) *sk;
 	char *p;
 	BIO *in, *p7bio;
 	PKCS7_SIGNER_INFO *si;
@@ -675,9 +675,9 @@ smime_sign(struct state *state)
 		PKCS7_free(p7);
 		return 0;
 	}
-	sk = (STACK *)X509_STORE_CTX_get_chain(&cert_ctx);
-	for (i = 0; i < sk_num(sk); i++) {
-		x = (X509 *)sk_value(sk, i);
+	sk = X509_STORE_CTX_get_chain(&cert_ctx);
+	for (i = 0; i < sk_X509_num(sk); i++) {
+		x = sk_X509_value(sk, i);
 		PKCS7_add_certificate(p7, x);
 	}
 
@@ -975,7 +975,7 @@ smime_encrypt(struct state *state)
 	BIO_ctrl(p7bio, BIO_C_GET_CIPHER_CTX, 1, (char *)&ctx);
 	if (EVP_CIPHER_CTX_nid(ctx) == NID_rc2_cbc) {
 		const EVP_CIPHER *cipher;
-		STACK *rsk;
+		STACK_OF(PKCS7_RECIP_INFO) *rsk;
 		PKCS7_RECIP_INFO *ri;
 		u_char key[EVP_MAX_KEY_LENGTH];
 		u_char iv[EVP_MAX_IV_LENGTH];
@@ -983,7 +983,7 @@ smime_encrypt(struct state *state)
 		int keylen, ivlen, buflen, len;
 		u_char *buf, *q;
 
-		rsk = (STACK *)p7->d.enveloped->recipientinfo;
+		rsk = p7->d.enveloped->recipientinfo;
 		cipher = EVP_rc2_40_cbc();	/* XXX */
 		keylen = EVP_CIPHER_key_length(cipher);
 		ivlen = EVP_CIPHER_iv_length(cipher);
@@ -992,8 +992,8 @@ smime_encrypt(struct state *state)
 		EVP_CipherInit(ctx, cipher, key, iv, 1);
 		buf = NULL;
 		buflen = 0;
-		for (i = 0; i < sk_num(rsk); i++) {
-			ri = (PKCS7_RECIP_INFO *)sk_value(rsk, i);
+		for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
+			ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
 			pkey = X509_get_pubkey(ri->cert);
 			len = EVP_PKEY_size(pkey);
 			if (buflen < len) {
