Fix declarations and constification for inline stack.
authorDr. Stephen Henson <steve@openssl.org>
Wed, 23 Dec 2015 00:47:28 +0000 (00:47 +0000)
committerDr. Stephen Henson <steve@openssl.org>
Thu, 7 Jan 2016 18:00:51 +0000 (18:00 +0000)
Reviewed-by: Richard Levitte <levitte@openssl.org>
21 files changed:
apps/ciphers.c
crypto/asn1/ameth_lib.c
crypto/cms/cms_env.c
crypto/cms/cms_lcl.h
crypto/cms/cms_lib.c
crypto/evp/evp_pbe.c
crypto/evp/pmeth_lib.c
crypto/x509v3/pcy_int.h
crypto/x509v3/pcy_node.c
crypto/x509v3/pcy_tree.c
include/openssl/cms.h
include/openssl/ssl.h
include/openssl/x509v3.h
ssl/s3_lib.c
ssl/ssl_lib.c
ssl/ssl_locl.h
ssl/ssl_sess.c
ssl/statem/statem_clnt.c
ssl/statem/statem_srvr.c
ssl/t1_lib.c
test/ssltest.c

index d5a7631..086ad43 100644 (file)
@@ -200,7 +200,7 @@ int ciphers_main(int argc, char **argv)
 
     if (!verbose) {
         for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-            SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
+            const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
             p = SSL_CIPHER_get_name(c);
             if (p == NULL)
                 break;
@@ -212,7 +212,7 @@ int ciphers_main(int argc, char **argv)
     } else {
 
         for (i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
-            SSL_CIPHER *c;
+            const SSL_CIPHER *c;
 
             c = sk_SSL_CIPHER_value(sk, i);
 
index 85115bc..cca4a79 100644 (file)
@@ -92,7 +92,7 @@ static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
 };
 
 typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
-DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
+DECLARE_CONST_STACK_OF(EVP_PKEY_ASN1_METHOD)
 static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
 
 #ifdef TEST
index a9a9d84..0b76548 100644 (file)
@@ -65,8 +65,6 @@
 
 /* CMS EnvelopedData Utilities */
 
-DECLARE_STACK_OF(CMS_RecipientInfo)
-
 CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms)
 {
     if (OBJ_obj2nid(cms->contentType) != NID_pkcs7_enveloped) {
index 3d41d4f..abc2a27 100644 (file)
@@ -109,6 +109,8 @@ struct CMS_ContentInfo_st {
     } d;
 };
 
+DECLARE_STACK_OF(CMS_CertificateChoices)
+
 struct CMS_SignedData_st {
     long version;
     STACK_OF(X509_ALGOR) *digestAlgorithms;
index fdc69f6..f6de4ef 100644 (file)
@@ -64,9 +64,6 @@
 IMPLEMENT_ASN1_FUNCTIONS(CMS_ContentInfo)
 IMPLEMENT_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
 
-DECLARE_STACK_OF(CMS_CertificateChoices)
-DECLARE_STACK_OF(CMS_RevocationInfoChoice)
-
 const ASN1_OBJECT *CMS_get0_type(CMS_ContentInfo *cms)
 {
     return cms->contentType;
index 563634e..dc908f8 100644 (file)
@@ -66,9 +66,6 @@
 
 /* Password based encryption (PBE) functions */
 
-DECLARE_STACK_OF(EVP_PBE_CTL)
-static STACK_OF(EVP_PBE_CTL) *pbe_algs;
-
 /* Setup a cipher context from a PBE algorithm */
 
 typedef struct {
@@ -79,6 +76,9 @@ typedef struct {
     EVP_PBE_KEYGEN *keygen;
 } EVP_PBE_CTL;
 
+DECLARE_STACK_OF(EVP_PBE_CTL)
+static STACK_OF(EVP_PBE_CTL) *pbe_algs;
+
 static const EVP_PBE_CTL builtin_pbe[] = {
     {EVP_PBE_TYPE_OUTER, NID_pbeWithMD2AndDES_CBC,
      NID_des_cbc, NID_md2, PKCS5_PBE_keyivgen},
index a80fc33..e880cfa 100644 (file)
@@ -69,7 +69,7 @@
 
 typedef int sk_cmp_fn_type(const char *const *a, const char *const *b);
 
-DECLARE_STACK_OF(EVP_PKEY_METHOD)
+DECLARE_CONST_STACK_OF(EVP_PKEY_METHOD)
 static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
 
 static const EVP_PKEY_METHOD *standard_methods[] = {
index b5075f9..cbc94c0 100644 (file)
@@ -207,7 +207,7 @@ X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk,
                                const ASN1_OBJECT *id);
 
 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
-                                 const X509_POLICY_DATA *data,
+                                 X509_POLICY_DATA *data,
                                  X509_POLICY_NODE *parent,
                                  X509_POLICY_TREE *tree);
 void policy_node_free(X509_POLICY_NODE *node);
index 81b4c78..a71f9b8 100644 (file)
@@ -109,7 +109,7 @@ X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level,
 }
 
 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level,
-                                 const X509_POLICY_DATA *data,
+                                 X509_POLICY_DATA *data,
                                  X509_POLICY_NODE *parent,
                                  X509_POLICY_TREE *tree)
 {
index 04d7bfc..a460333 100644 (file)
@@ -292,7 +292,7 @@ static int tree_init(X509_POLICY_TREE **ptree, STACK_OF(X509) *certs,
 }
 
 static int tree_link_matching_nodes(X509_POLICY_LEVEL *curr,
-                                    const X509_POLICY_DATA *data)
+                                    X509_POLICY_DATA *data)
 {
     X509_POLICY_LEVEL *last = curr - 1;
     X509_POLICY_NODE *node;
index c424b76..9cbfaf5 100644 (file)
@@ -56,6 +56,7 @@
 # define HEADER_CMS_H
 
 # include <openssl/x509.h>
+# include <openssl/x509v3.h>
 
 # ifdef OPENSSL_NO_CMS
 #  error CMS is disabled.
@@ -76,8 +77,9 @@ typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
 typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
 
 DECLARE_STACK_OF(CMS_SignerInfo)
-DECLARE_STACK_OF(GENERAL_NAMES)
 DECLARE_STACK_OF(CMS_RecipientEncryptedKey)
+DECLARE_STACK_OF(CMS_RecipientInfo)
+DECLARE_STACK_OF(CMS_RevocationInfoChoice)
 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
 DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
 DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
index e634294..b2e9209 100644 (file)
@@ -325,7 +325,7 @@ typedef struct ssl_session_st SSL_SESSION;
 typedef struct tls_sigalgs_st TLS_SIGALGS;
 typedef struct ssl_conf_ctx_st SSL_CONF_CTX;
 
-DECLARE_STACK_OF(SSL_CIPHER)
+DECLARE_CONST_STACK_OF(SSL_CIPHER)
 
 DECLARE_STACK_OF(danetls_record)
 
@@ -343,7 +343,7 @@ typedef int (*tls_session_ticket_ext_cb_fn) (SSL *s,
 typedef int (*tls_session_secret_cb_fn) (SSL *s, void *secret,
                                          int *secret_len,
                                          STACK_OF(SSL_CIPHER) *peer_ciphers,
-                                         SSL_CIPHER **cipher, void *arg);
+                                         const SSL_CIPHER **cipher, void *arg);
 
 /* Typedefs for handling custom extensions */
 
index 7932acb..76d3c1f 100644 (file)
@@ -206,8 +206,6 @@ typedef struct GENERAL_NAME_st {
     } d;
 } GENERAL_NAME;
 
-typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
-
 typedef struct ACCESS_DESCRIPTION_st {
     ASN1_OBJECT *method;
     GENERAL_NAME *location;
@@ -220,6 +218,8 @@ typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
 typedef STACK_OF(ASN1_INTEGER) TLS_FEATURE;
 
 DECLARE_STACK_OF(GENERAL_NAME)
+typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+DECLARE_STACK_OF(GENERAL_NAMES)
 
 DECLARE_STACK_OF(ACCESS_DESCRIPTION)
 
index d307ec0..de8dae2 100644 (file)
@@ -4105,10 +4105,10 @@ int ssl3_put_cipher_by_char(const SSL_CIPHER *c, unsigned char *p)
     return (2);
 }
 
-SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
+const SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
                                STACK_OF(SSL_CIPHER) *srvr)
 {
-    SSL_CIPHER *c, *ret = NULL;
+    const SSL_CIPHER *c, *ret = NULL;
     STACK_OF(SSL_CIPHER) *prio, *allow;
     int i, ii, ok;
     unsigned long alg_k, alg_a, mask_k, mask_a;
@@ -4201,7 +4201,7 @@ SSL_CIPHER *ssl3_choose_cipher(SSL *s, STACK_OF(SSL_CIPHER) *clnt,
         if (ii >= 0) {
             /* Check security callback permits this cipher */
             if (!ssl_security(s, SSL_SECOP_CIPHER_SHARED,
-                              c->strength_bits, 0, c))
+                              c->strength_bits, 0, (void *)c))
                 continue;
 #if !defined(OPENSSL_NO_EC)
             if ((alg_k & SSL_kECDHE) && (alg_a & SSL_aECDSA)
index f0f1264..edb368d 100644 (file)
@@ -1883,7 +1883,7 @@ STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL *s)
 /** The old interface to get the same thing as SSL_get_ciphers() */
 const char *SSL_get_cipher_list(const SSL *s, int n)
 {
-    SSL_CIPHER *c;
+    const SSL_CIPHER *c;
     STACK_OF(SSL_CIPHER) *sk;
 
     if (s == NULL)
@@ -1941,7 +1941,7 @@ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int len)
 {
     char *p;
     STACK_OF(SSL_CIPHER) *sk;
-    SSL_CIPHER *c;
+    const SSL_CIPHER *c;
     int i;
 
     if ((s->session == NULL) || (s->session->ciphers == NULL) || (len < 2))
index fee7fa6..6734c4d 100644 (file)
@@ -1910,8 +1910,9 @@ __owur int ssl3_final_finish_mac(SSL *s, const char *sender, int slen,
 void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
 void ssl3_free_digest_list(SSL *s);
 __owur unsigned long ssl3_output_cert_chain(SSL *s, CERT_PKEY *cpk);
-__owur SSL_CIPHER *ssl3_choose_cipher(SSL *ssl, STACK_OF(SSL_CIPHER) *clnt,
-                               STACK_OF(SSL_CIPHER) *srvr);
+__owur const SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,
+                                            STACK_OF(SSL_CIPHER) *clnt,
+                                            STACK_OF(SSL_CIPHER) *srvr);
 __owur int ssl3_digest_cached_records(SSL *s, int keep);
 __owur int ssl3_new(SSL *s);
 void ssl3_free(SSL *s);
index baf846d..80895b6 100644 (file)
@@ -989,7 +989,7 @@ int SSL_set_session_secret_cb(SSL *s,
                                                             int *secret_len,
                                                             STACK_OF(SSL_CIPHER)
                                                             *peer_ciphers,
-                                                            SSL_CIPHER
+                                                            const SSL_CIPHER
                                                             **cipher,
                                                             void *arg),
                               void *arg)
index cfbfa5f..5925923 100644 (file)
@@ -1090,7 +1090,7 @@ MSG_PROCESS_RETURN tls_process_server_hello(SSL *s, PACKET *pkt)
      */
     if (s->version >= TLS1_VERSION && s->tls_session_secret_cb &&
         s->session->tlsext_tick) {
-        SSL_CIPHER *pref_cipher = NULL;
+        const SSL_CIPHER *pref_cipher = NULL;
         s->session->master_key_length = sizeof(s->session->master_key);
         if (s->tls_session_secret_cb(s, s->session->master_key,
                                      &s->session->master_key_length,
@@ -2865,7 +2865,7 @@ int ssl_cipher_list_to_bytes(SSL *s, STACK_OF(SSL_CIPHER) *sk,
                              unsigned char *p)
 {
     int i, j = 0;
-    SSL_CIPHER *c;
+    const SSL_CIPHER *c;
     unsigned char *q;
     int empty_reneg_info_scsv = !s->renegotiate;
     /* Set disabled masks for this session */
index 604b365..de20bcf 100644 (file)
@@ -965,7 +965,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
     int i, al = SSL_AD_INTERNAL_ERROR;
     unsigned int j, complen = 0;
     unsigned long id;
-    SSL_CIPHER *c;
+    const SSL_CIPHER *c;
 #ifndef OPENSSL_NO_COMP
     SSL_COMP *comp = NULL;
 #endif
@@ -1295,7 +1295,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
     }
 
     if (!s->hit && s->version >= TLS1_VERSION && s->tls_session_secret_cb) {
-        SSL_CIPHER *pref_cipher = NULL;
+        const SSL_CIPHER *pref_cipher = NULL;
 
         s->session->master_key_length = sizeof(s->session->master_key);
         if (s->tls_session_secret_cb(s, s->session->master_key,
@@ -1446,7 +1446,7 @@ MSG_PROCESS_RETURN tls_process_client_hello(SSL *s, PACKET *pkt)
 WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
 {
     int al = SSL_AD_HANDSHAKE_FAILURE;
-    SSL_CIPHER *cipher;
+    const SSL_CIPHER *cipher;
 
     if (wst == WORK_MORE_A) {
         if (!s->hit) {
index 980f2f5..908f8e9 100644 (file)
@@ -1127,7 +1127,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
         STACK_OF(SSL_CIPHER) *cipher_stack = SSL_get_ciphers(s);
 
         for (i = 0; i < sk_SSL_CIPHER_num(cipher_stack); i++) {
-            SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
+            const SSL_CIPHER *c = sk_SSL_CIPHER_value(cipher_stack, i);
 
             alg_k = c->algorithm_mkey;
             alg_a = c->algorithm_auth;
index 58e0f82..44d0019 100644 (file)
@@ -1049,7 +1049,7 @@ int main(int argc, char *argv[])
 
     SSL_CONF_CTX *s_cctx = NULL, *c_cctx = NULL;
     STACK_OF(OPENSSL_STRING) *conf_args = NULL;
-    const char *arg = NULL, *argn = NULL;
+    char *arg = NULL, *argn = NULL;
 
     verbose = 0;
     debug = 0;