The branch master has been updated
via 0fe9123687096b6ec7c3c4337095c6e4a94e9867 (commit)
via 9f5466b9b86607bb62239873e6be2de1fe9f71fb (commit)
via bf9d5e483db0683178f43ef74a4ae6577482db83 (commit)
via a026fbf977ccac5c59597c9b2e1e1c288d0b1b69 (commit)
via 35da893f86a40d3711ed785bd8777c18238aee45 (commit)
from 61884b8140893cb75c62f7303df67291ada360fe (commit)
- Log -----------------------------------------------------------------
commit 0fe9123687096b6ec7c3c4337095c6e4a94e9867
Author: FdaSilvaYY <fdasilv...@gmail.com>
Date: Fri Aug 19 19:44:10 2016 +0200
Constify a bit X509_NAME_get_entry
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Richard Levitte <levi...@openssl.org>
commit 9f5466b9b86607bb62239873e6be2de1fe9f71fb
Author: FdaSilvaYY <fdasilv...@gmail.com>
Date: Thu Jul 7 23:45:55 2016 +0200
Constify some X509_NAME, ASN1 printing code
ASN1_buf_print, asn1_print_*, X509_NAME_oneline, X509_NAME_print
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Richard Levitte <levi...@openssl.org>
commit bf9d5e483db0683178f43ef74a4ae6577482db83
Author: FdaSilvaYY <fdasilv...@gmail.com>
Date: Fri Aug 12 00:40:49 2016 +0200
Constify some input parameters.
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Richard Levitte <levi...@openssl.org>
commit a026fbf977ccac5c59597c9b2e1e1c288d0b1b69
Author: FdaSilvaYY <fdasilv...@gmail.com>
Date: Sat Aug 6 17:54:32 2016 +0200
Constify some inputs buffers
remove useless cast to call ASN1_STRING_set
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Richard Levitte <levi...@openssl.org>
commit 35da893f86a40d3711ed785bd8777c18238aee45
Author: FdaSilvaYY <fdasilv...@gmail.com>
Date: Tue Aug 2 20:19:00 2016 +0200
Constify ASN1_PCTX_*
... add a static keyword.
Reviewed-by: Matt Caswell <m...@openssl.org>
Reviewed-by: Richard Levitte <levi...@openssl.org>
-----------------------------------------------------------------------
Summary of changes:
crypto/asn1/a_gentm.c | 3 +--
crypto/asn1/a_strex.c | 18 +++++++++---------
crypto/asn1/a_utctm.c | 3 +--
crypto/asn1/tasn_prn.c | 18 +++++++++---------
crypto/ocsp/ocsp_ext.c | 4 ++--
crypto/x509/x509_obj.c | 4 ++--
crypto/x509/x509name.c | 16 ++++++++++------
crypto/x509/x_name.c | 4 ++--
crypto/x509/x_x509a.c | 4 ++--
crypto/x509v3/v3_enum.c | 4 +++-
crypto/x509v3/v3_ncons.c | 3 ++-
crypto/x509v3/v3_skey.c | 5 +++--
crypto/x509v3/v3_utl.c | 19 +++++++++----------
doc/crypto/ASN1_STRING_print_ex.pod | 6 +++---
doc/crypto/X509_NAME_ENTRY_get_object.pod | 4 ++--
doc/crypto/X509_NAME_add_entry_by_txt.pod | 2 +-
doc/crypto/X509_NAME_get_index_by_NID.pod | 2 +-
doc/crypto/X509_NAME_print_ex.pod | 8 ++++----
include/openssl/asn1.h | 14 +++++++-------
include/openssl/ocsp.h | 4 ++--
include/openssl/x509.h | 22 +++++++++++-----------
include/openssl/x509v3.h | 14 +++++++-------
22 files changed, 93 insertions(+), 88 deletions(-)
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index 8d43ee5..c02c8d9 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -148,8 +148,7 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME
*s, const char *str)
t.data = (unsigned char *)str;
if (ASN1_GENERALIZEDTIME_check(&t)) {
if (s != NULL) {
- if (!ASN1_STRING_set((ASN1_STRING *)s,
- (unsigned char *)str, t.length))
+ if (!ASN1_STRING_set((ASN1_STRING *)s, str, t.length))
return 0;
s->type = V_ASN1_GENERALIZEDTIME;
}
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 7bcc6cd..9839f5c 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -238,7 +238,7 @@ static int do_hex_dump(char_io *io_ch, void *arg, unsigned
char *buf,
*/
static int do_dump(unsigned long lflags, char_io *io_ch, void *arg,
- ASN1_STRING *str)
+ const ASN1_STRING *str)
{
/*
* Placing the ASN1_STRING in a temp ASN1_TYPE allows the DER encoding to
@@ -296,7 +296,7 @@ static const signed char tag2nbyte[] = {
*/
static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags,
- ASN1_STRING *str)
+ const ASN1_STRING *str)
{
int outlen, len;
int type;
@@ -388,14 +388,14 @@ static int do_indent(char_io *io_ch, void *arg, int
indent)
#define FN_WIDTH_LN 25
#define FN_WIDTH_SN 10
-static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
+static int do_name_ex(char_io *io_ch, void *arg, const X509_NAME *n,
int indent, unsigned long flags)
{
int i, prev = -1, orflags, cnt;
int fn_opt, fn_nid;
ASN1_OBJECT *fn;
- ASN1_STRING *val;
- X509_NAME_ENTRY *ent;
+ const ASN1_STRING *val;
+ const X509_NAME_ENTRY *ent;
char objtmp[80];
const char *objbuf;
int outlen, len;
@@ -526,7 +526,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME
*n,
/* Wrappers round the main functions */
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
+int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
unsigned long flags)
{
if (flags == XN_FLAG_COMPAT)
@@ -535,7 +535,7 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
}
#ifndef OPENSSL_NO_STDIO
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
+int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent,
unsigned long flags)
{
if (flags == XN_FLAG_COMPAT) {
@@ -552,13 +552,13 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int
indent,
}
#endif
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
+int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags)
{
return do_print_ex(send_bio_chars, out, flags, str);
}
#ifndef OPENSSL_NO_STDIO
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
+int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long
flags)
{
return do_print_ex(send_fp_chars, fp, flags, str);
}
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index eadc31a..7916e30 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -119,8 +119,7 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char
*str)
t.data = (unsigned char *)str;
if (ASN1_UTCTIME_check(&t)) {
if (s != NULL) {
- if (!ASN1_STRING_set((ASN1_STRING *)s,
- (unsigned char *)str, t.length))
+ if (!ASN1_STRING_set((ASN1_STRING *)s, str, t.length))
return 0;
s->type = V_ASN1_UTCTIME;
}
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
index c79ecb5..f53e905 100644
--- a/crypto/asn1/tasn_prn.c
+++ b/crypto/asn1/tasn_prn.c
@@ -49,7 +49,7 @@ void ASN1_PCTX_free(ASN1_PCTX *p)
OPENSSL_free(p);
}
-unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p)
+unsigned long ASN1_PCTX_get_flags(const ASN1_PCTX *p)
{
return p->flags;
}
@@ -59,7 +59,7 @@ void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
p->flags = flags;
}
-unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
+unsigned long ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p)
{
return p->nm_flags;
}
@@ -69,7 +69,7 @@ void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
p->nm_flags = flags;
}
-unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
+unsigned long ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p)
{
return p->cert_flags;
}
@@ -79,7 +79,7 @@ void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long
flags)
p->cert_flags = flags;
}
-unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
+unsigned long ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p)
{
return p->oid_flags;
}
@@ -89,7 +89,7 @@ void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long
flags)
p->oid_flags = flags;
}
-unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
+unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p)
{
return p->str_flags;
}
@@ -106,7 +106,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld,
int indent,
const char *fname, const char *sname,
int nohdr, const ASN1_PCTX *pctx);
-int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+static int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
@@ -261,7 +261,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld,
int indent,
return 1;
}
-int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
+static int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
{
int i, flags;
@@ -389,7 +389,7 @@ static int asn1_print_boolean(BIO *out, int boolval)
}
-static int asn1_print_integer(BIO *out, ASN1_INTEGER *str)
+static int asn1_print_integer(BIO *out, const ASN1_INTEGER *str)
{
char *s;
int ret = 1;
@@ -415,7 +415,7 @@ static int asn1_print_oid(BIO *out, const ASN1_OBJECT *oid)
return 1;
}
-static int asn1_print_obstring(BIO *out, ASN1_STRING *str, int indent)
+static int asn1_print_obstring(BIO *out, const ASN1_STRING *str, int indent)
{
if (str->type == V_ASN1_BIT_STRING) {
if (BIO_printf(out, " (%ld unused bits)\n", str->flags & 0x7) <= 0)
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c
index e60a8d3..72d2179 100644
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -357,7 +357,7 @@ int OCSP_copy_nonce(OCSP_BASICRESP *resp, OCSP_REQUEST *req)
return OCSP_BASICRESP_add_ext(resp, req_ext, -1);
}
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
+X509_EXTENSION *OCSP_crlID_new(const char *url, long *n, char *tim)
{
X509_EXTENSION *x = NULL;
OCSP_CRLID *cid = NULL;
@@ -430,7 +430,7 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char *tim)
* two--NID_ad_ocsp, NID_id_ad_caIssuers--and GeneralName value. This method
* forces NID_ad_ocsp and uniformResourceLocator [6] IA5String.
*/
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls)
+X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, const char **urls)
{
X509_EXTENSION *x = NULL;
ASN1_IA5STRING *ia5 = NULL;
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
index 76fb047..55dc778 100644
--- a/crypto/x509/x509_obj.c
+++ b/crypto/x509/x509_obj.c
@@ -22,9 +22,9 @@
#define NAME_ONELINE_MAX (1024 * 1024)
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
+char *X509_NAME_oneline(const X509_NAME *a, char *buf, int len)
{
- X509_NAME_ENTRY *ne;
+ const X509_NAME_ENTRY *ne;
int i;
int n, lold, l, l1, l2, num, j, type;
const char *s;
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
index fa84bff..919d8c1 100644
--- a/crypto/x509/x509name.c
+++ b/crypto/x509/x509name.c
@@ -30,7 +30,7 @@ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const
ASN1_OBJECT *obj, char *buf
int len)
{
int i;
- ASN1_STRING *data;
+ const ASN1_STRING *data;
i = X509_NAME_get_index_by_OBJ(name, obj, -1);
if (i < 0)
@@ -82,7 +82,7 @@ int X509_NAME_get_index_by_OBJ(X509_NAME *name, const
ASN1_OBJECT *obj, int last
return (-1);
}
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
+X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc)
{
if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
|| loc < 0)
@@ -176,7 +176,7 @@ int X509_NAME_add_entry_by_txt(X509_NAME *name, const char
*field, int type,
* if set is -1, append to previous set, 0 'a new one', and 1, prepend to the
* guy we are about to stomp on.
*/
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
+int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc,
int set)
{
X509_NAME_ENTRY *new_name = NULL;
@@ -214,7 +214,11 @@ int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY
*ne, int loc,
inc = (set == 0) ? 1 : 0;
}
- if ((new_name = X509_NAME_ENTRY_dup(ne)) == NULL)
+ /*
+ * X509_NAME_ENTRY_dup is ASN1 generated code, that can't be easily
+ * const'ified; harmless cast as dup() don't modify its input.
+ */
+ if ((new_name = X509_NAME_ENTRY_dup((X509_NAME_ENTRY *)ne)) == NULL)
goto err;
new_name->set = set;
if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) {
@@ -334,14 +338,14 @@ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int
type,
return (1);
}
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne)
{
if (ne == NULL)
return (NULL);
return (ne->object);
}
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
+ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne)
{
if (ne == NULL)
return (NULL);
diff --git a/crypto/x509/x_name.c b/crypto/x509/x_name.c
index a7ae31e..44307f7 100644
--- a/crypto/x509/x_name.c
+++ b/crypto/x509/x_name.c
@@ -290,7 +290,7 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
int indent,
const char *fname, const ASN1_PCTX *pctx)
{
- if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
+ if (X509_NAME_print_ex(out, (const X509_NAME *)*pval,
indent, pctx->nm_flags) <= 0)
return 0;
return 2;
@@ -494,7 +494,7 @@ int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
return (*xn != NULL);
}
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
+int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase)
{
char *s, *c, *b;
int l, i;
diff --git a/crypto/x509/x_x509a.c b/crypto/x509/x_x509a.c
index 4c8f48e..8c9ad71 100644
--- a/crypto/x509/x_x509a.c
+++ b/crypto/x509/x_x509a.c
@@ -47,7 +47,7 @@ static X509_CERT_AUX *aux_get(X509 *x)
return x->aux;
}
-int X509_alias_set1(X509 *x, unsigned char *name, int len)
+int X509_alias_set1(X509 *x, const unsigned char *name, int len)
{
X509_CERT_AUX *aux;
if (!name) {
@@ -64,7 +64,7 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len)
return ASN1_STRING_set(aux->alias, name, len);
}
-int X509_keyid_set1(X509 *x, unsigned char *id, int len)
+int X509_keyid_set1(X509 *x, const unsigned char *id, int len)
{
X509_CERT_AUX *aux;
if (!id) {
diff --git a/crypto/x509v3/v3_enum.c b/crypto/x509v3/v3_enum.c
index 03daef9..f39cb5a 100644
--- a/crypto/x509v3/v3_enum.c
+++ b/crypto/x509v3/v3_enum.c
@@ -38,10 +38,12 @@ const X509V3_EXT_METHOD v3_crl_reason = {
crl_reasons
};
-char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *e)
+char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method,
+ const ASN1_ENUMERATED *e)
{
ENUMERATED_NAMES *enam;
long strval;
+
strval = ASN1_ENUMERATED_get(e);
for (enam = method->usr_data; enam->lname; enam++) {
if (strval == enam->bitnum)
diff --git a/crypto/x509v3/v3_ncons.c b/crypto/x509v3/v3_ncons.c
index fe3a907..9b3bb12 100644
--- a/crypto/x509v3/v3_ncons.c
+++ b/crypto/x509v3/v3_ncons.c
@@ -199,7 +199,8 @@ int NAME_CONSTRAINTS_check(X509 *x, NAME_CONSTRAINTS *nc)
/* Process any email address attributes in subject name */
for (i = -1;;) {
- X509_NAME_ENTRY *ne;
+ const X509_NAME_ENTRY *ne;
+
i = X509_NAME_get_index_by_NID(nm, NID_pkcs9_emailAddress, i);
if (i == -1)
break;
diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c
index 4838b9b..39597dc 100644
--- a/crypto/x509v3/v3_skey.c
+++ b/crypto/x509v3/v3_skey.c
@@ -24,13 +24,14 @@ const X509V3_EXT_METHOD v3_skey_id = {
NULL
};
-char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *oct)
+char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
+ const ASN1_OCTET_STRING *oct)
{
return OPENSSL_buf2hexstr(oct->data, oct->length);
}
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str)
+ X509V3_CTX *ctx, const char *str)
{
ASN1_OCTET_STRING *oct;
long length;
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 7b18b01..05edd85 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -94,7 +94,7 @@ int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
return 1;
}
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a)
+char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, const ASN1_ENUMERATED *a)
{
BIGNUM *bntmp = NULL;
char *strtmp = NULL;
@@ -175,7 +175,7 @@ ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method,
const char *value)
return aint;
}
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+int X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint,
STACK_OF(CONF_VALUE) **extlist)
{
char *strtmp;
@@ -190,9 +190,9 @@ int X509V3_add_value_int(const char *name, ASN1_INTEGER
*aint,
return ret;
}
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
+int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool)
{
- char *btmp;
+ const char *btmp;
if ((btmp = value->value) == NULL)
goto err;
@@ -221,7 +221,7 @@ int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool)
return 0;
}
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint)
+int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint)
{
ASN1_INTEGER *itmp;
@@ -734,7 +734,7 @@ static int equal_wildcard(const unsigned char *pattern,
size_t pattern_len,
* to UTF8.
*/
-static int do_check_string(ASN1_STRING *a, int cmp_type, equal_fn equal,
+static int do_check_string(const ASN1_STRING *a, int cmp_type, equal_fn equal,
unsigned int flags, const char *b, size_t blen,
char **peername)
{
@@ -840,10 +840,9 @@ static int do_x509_check(X509 *x, const char *chk, size_t
chklen,
i = -1;
name = X509_get_subject_name(x);
while ((i = X509_NAME_get_index_by_NID(name, cnid, i)) >= 0) {
- X509_NAME_ENTRY *ne;
- ASN1_STRING *str;
- ne = X509_NAME_get_entry(name, i);
- str = X509_NAME_ENTRY_get_data(ne);
+ const X509_NAME_ENTRY *ne = X509_NAME_get_entry(name, i);
+ const ASN1_STRING *str = X509_NAME_ENTRY_get_data(ne);
+
/* Positive on success, negative on error! */
if ((rv = do_check_string(str, -1, equal, flags,
chk, chklen, peername)) != 0)
diff --git a/doc/crypto/ASN1_STRING_print_ex.pod
b/doc/crypto/ASN1_STRING_print_ex.pod
index 1d5b4fc..d2bf538 100644
--- a/doc/crypto/ASN1_STRING_print_ex.pod
+++ b/doc/crypto/ASN1_STRING_print_ex.pod
@@ -8,9 +8,9 @@ ASN1_STRING_print_ex, ASN1_STRING_print_ex_fp,
ASN1_STRING_print - ASN1_STRING o
#include <openssl/asn1.h>
- int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
- int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
- int ASN1_STRING_print(BIO *out, ASN1_STRING *str);
+ int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long
flags);
+ int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long
flags);
+ int ASN1_STRING_print(BIO *out, const ASN1_STRING *str);
=head1 DESCRIPTION
diff --git a/doc/crypto/X509_NAME_ENTRY_get_object.pod
b/doc/crypto/X509_NAME_ENTRY_get_object.pod
index 2b71505..72e0f7b 100644
--- a/doc/crypto/X509_NAME_ENTRY_get_object.pod
+++ b/doc/crypto/X509_NAME_ENTRY_get_object.pod
@@ -11,8 +11,8 @@ X509_NAME_ENTRY_create_by_OBJ - X509_NAME_ENTRY utility
functions
#include <openssl/x509.h>
- ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
- ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+ ASN1_OBJECT * X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ ASN1_STRING * X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, const unsigned
char *bytes, int len);
diff --git a/doc/crypto/X509_NAME_add_entry_by_txt.pod
b/doc/crypto/X509_NAME_add_entry_by_txt.pod
index acb46d5..27e5baf 100644
--- a/doc/crypto/X509_NAME_add_entry_by_txt.pod
+++ b/doc/crypto/X509_NAME_add_entry_by_txt.pod
@@ -15,7 +15,7 @@ X509_NAME_add_entry, X509_NAME_delete_entry - X509_NAME
modification functions
int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type, const
unsigned char *bytes, int len, int loc, int set);
- int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, int
set);
+ int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc,
int set);
X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
diff --git a/doc/crypto/X509_NAME_get_index_by_NID.pod
b/doc/crypto/X509_NAME_get_index_by_NID.pod
index 9b36739..042da24 100644
--- a/doc/crypto/X509_NAME_get_index_by_NID.pod
+++ b/doc/crypto/X509_NAME_get_index_by_NID.pod
@@ -14,7 +14,7 @@ X509_NAME lookup and enumeration functions
int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int
lastpos);
int X509_NAME_entry_count(const X509_NAME *name);
- X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+ X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len);
int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char
*buf, int len);
diff --git a/doc/crypto/X509_NAME_print_ex.pod
b/doc/crypto/X509_NAME_print_ex.pod
index e0c21a4..eba6276 100644
--- a/doc/crypto/X509_NAME_print_ex.pod
+++ b/doc/crypto/X509_NAME_print_ex.pod
@@ -9,10 +9,10 @@ X509_NAME_oneline - X509_NAME printing routines
#include <openssl/x509.h>
- int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long
flags);
- int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long
flags);
- char * X509_NAME_oneline(X509_NAME *a, char *buf, int size);
- int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+ int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, unsigned
long flags);
+ int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, unsigned
long flags);
+ char * X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
+ int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
=head1 DESCRIPTION
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index 0315091..7cf6116 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -721,7 +721,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
CHECKED_PTR_OF(const type, x)))
int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
-int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
+int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long
flags);
# endif
int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in);
@@ -752,7 +752,7 @@ int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
-int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
+int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long
flags);
int ASN1_buf_print(BIO *bp, const unsigned char *buf, size_t buflen, int off);
int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
unsigned char *buf, int off);
@@ -836,15 +836,15 @@ int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int
indent,
const ASN1_ITEM *it, const ASN1_PCTX *pctx);
ASN1_PCTX *ASN1_PCTX_new(void);
void ASN1_PCTX_free(ASN1_PCTX *p);
-unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_nm_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_cert_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_oid_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
-unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
+unsigned long ASN1_PCTX_get_str_flags(const ASN1_PCTX *p);
void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
ASN1_SCTX *ASN1_SCTX_new(int (*scan_cb) (ASN1_SCTX *ctx));
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index 44f7195..119e591 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -260,13 +260,13 @@ int OCSP_basic_sign(OCSP_BASICRESP *brsp,
X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
STACK_OF(X509) *certs, unsigned long flags);
-X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim);
+X509_EXTENSION *OCSP_crlID_new(const char *url, long *n, char *tim);
X509_EXTENSION *OCSP_accept_responses_new(char **oids);
X509_EXTENSION *OCSP_archive_cutoff_new(char *tim);
-X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls);
+X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, const char **urls);
int OCSP_REQUEST_get_ext_count(OCSP_REQUEST *x);
int OCSP_REQUEST_get_ext_by_NID(OCSP_REQUEST *x, int nid, int lastpos);
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 1db8c93..c8996f3 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -554,8 +554,8 @@ void X509_get0_signature(const ASN1_BIT_STRING **psig,
int X509_get_signature_nid(const X509 *x);
int X509_trusted(const X509 *x);
-int X509_alias_set1(X509 *x, unsigned char *name, int len);
-int X509_keyid_set1(X509 *x, unsigned char *id, int len);
+int X509_alias_set1(X509 *x, const unsigned char *name, int len);
+int X509_keyid_set1(X509 *x, const unsigned char *id, int len);
unsigned char *X509_alias_get0(X509 *x, int *len);
unsigned char *X509_keyid_get0(X509 *x, int *len);
int (*X509_TRUST_set_default(int (*trust) (int, X509 *, int))) (int, X509 *,
@@ -587,7 +587,7 @@ DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
X509_INFO *X509_INFO_new(void);
void X509_INFO_free(X509_INFO *a);
-char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
+char *X509_NAME_oneline(const X509_NAME *a, char *buf, int size);
int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1,
ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey);
@@ -762,12 +762,12 @@ int X509_print_ex_fp(FILE *bp, X509 *x, unsigned long
nmflag,
int X509_print_fp(FILE *bp, X509 *x);
int X509_CRL_print_fp(FILE *bp, X509_CRL *x);
int X509_REQ_print_fp(FILE *bp, X509_REQ *req);
-int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent,
+int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent,
unsigned long flags);
# endif
-int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
-int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent,
+int X509_NAME_print(BIO *bp, const X509_NAME *name, int obase);
+int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent,
unsigned long flags);
int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflag,
unsigned long cflag);
@@ -784,15 +784,15 @@ int X509_NAME_get_text_by_OBJ(X509_NAME *name, const
ASN1_OBJECT *obj,
char *buf, int len);
/*
- * NOTE: you should be passing -1, not 0 as lastpos. The functions that use
+ * NOTE: you should be passing -1, not 0 as lastpos. The functions that use
* lastpos, search after that position on.
*/
int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos);
int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
int lastpos);
-X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc);
X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
-int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne,
+int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne,
int loc, int set);
int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int
type,
const unsigned char *bytes, int len, int loc,
@@ -818,8 +818,8 @@ X509_NAME_ENTRY
*X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj);
int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
const unsigned char *bytes, int len);
-ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
-ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne);
+ASN1_STRING * X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne);
int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne);
int X509_NAME_get0_der(X509_NAME *nm, const unsigned char **pder,
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index c6960f2..f21ce7c 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -501,9 +501,9 @@ int GENERAL_NAME_get0_otherName(GENERAL_NAME *gen,
ASN1_OBJECT **poid, ASN1_TYPE **pvalue);
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- ASN1_OCTET_STRING *ia5);
+ const ASN1_OCTET_STRING *ia5);
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
- X509V3_CTX *ctx, char *str);
+ X509V3_CTX *ctx, const char *str);
DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
int i2a_ACCESS_DESCRIPTION(BIO *bp, const ACCESS_DESCRIPTION *a);
@@ -583,8 +583,8 @@ int X509V3_EXT_CRL_add_conf(LHASH_OF(CONF_VALUE) *conf,
X509V3_CTX *ctx,
int X509V3_add_value_bool_nf(const char *name, int asn1_bool,
STACK_OF(CONF_VALUE) **extlist);
-int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool);
-int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint);
+int X509V3_get_value_bool(const CONF_VALUE *value, int *asn1_bool);
+int X509V3_get_value_int(const CONF_VALUE *value, ASN1_INTEGER **aint);
void X509V3_set_nconf(X509V3_CTX *ctx, CONF *conf);
void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH_OF(CONF_VALUE) *lhash);
# endif
@@ -602,13 +602,13 @@ int X509V3_add_value_uchar(const char *name, const
unsigned char *value,
STACK_OF(CONF_VALUE) **extlist);
int X509V3_add_value_bool(const char *name, int asn1_bool,
STACK_OF(CONF_VALUE) **extlist);
-int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint,
+int X509V3_add_value_int(const char *name, const ASN1_INTEGER *aint,
STACK_OF(CONF_VALUE) **extlist);
char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const ASN1_INTEGER *aint);
ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, const char *value);
-char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint);
+char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, const ASN1_ENUMERATED
*aint);
char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth,
- ASN1_ENUMERATED *aint);
+ const ASN1_ENUMERATED *aint);
int X509V3_EXT_add(X509V3_EXT_METHOD *ext);
int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist);
int X509V3_EXT_add_alias(int nid_to, int nid_from);
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
