Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1661?usp=email
to review the following change.
Change subject: Remove instances of constVariable/constVariablePointer cppcheck
warnings
......................................................................
Remove instances of constVariable/constVariablePointer cppcheck warnings
Of varied usefulness, but easier to just address all of
them.
Change-Id: I2b71dae37ebe63c26a66761f877b25d326ed140f
Signed-off-by: Frank Lichtenheld <[email protected]>
---
M dev-tools/cppcheck-suppression
M sample/sample-plugins/defer/multi-auth.c
M sample/sample-plugins/log/log.c
M sample/sample-plugins/log/log_v3.c
M sample/sample-plugins/simple/simple.c
M src/openvpn/argv.c
M src/openvpn/auth_token.c
M src/openvpn/base64.c
M src/openvpn/buffer.c
M src/openvpn/buffer.h
M src/openvpn/comp-lz4.c
M src/openvpn/crypto.c
M src/openvpn/crypto_epoch.c
M src/openvpn/dco.c
M src/openvpn/dco_linux.c
M src/openvpn/dns.c
M src/openvpn/forward.c
M src/openvpn/init.c
M src/openvpn/list.c
M src/openvpn/manage.c
M src/openvpn/misc.c
M src/openvpn/mss.c
M src/openvpn/mtcp.c
M src/openvpn/mudp.c
M src/openvpn/multi.c
M src/openvpn/networking_sitnl.c
M src/openvpn/options.c
M src/openvpn/options_parse.c
M src/openvpn/options_util.c
M src/openvpn/pool.c
M src/openvpn/proxy.c
M src/openvpn/push.c
M src/openvpn/route.c
M src/openvpn/socket.c
M src/openvpn/ssl.c
M src/openvpn/ssl_verify.c
M src/openvpnmsica/msica_arg.c
M src/openvpnmsica/openvpnmsica.c
M src/plugins/auth-pam/auth-pam.c
M src/tapctl/main.c
M tests/unit_tests/openvpn/test_buffer.c
M tests/unit_tests/openvpn/test_crypto.c
M tests/unit_tests/openvpn/test_misc.c
M tests/unit_tests/openvpn/test_pkt.c
M tests/unit_tests/openvpn/test_ssl.c
M tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
46 files changed, 126 insertions(+), 128 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/61/1661/1
diff --git a/dev-tools/cppcheck-suppression b/dev-tools/cppcheck-suppression
index 1f31edb..8a74e84 100644
--- a/dev-tools/cppcheck-suppression
+++ b/dev-tools/cppcheck-suppression
@@ -3,8 +3,6 @@
constParameter
constParameterCallback
constParameterPointer
-constVariable
-constVariablePointer
variableScope
# We have a lot of library includes, not all of them are really required,
# so ignore them
@@ -33,12 +31,11 @@
knownConditionTrueFalse:src/openvpn/forward.c
knownConditionTrueFalse:src/openvpn/init.c
knownConditionTrueFalse:src/openvpn/multi_io.c:163
-# FP: cppcheck thinks that management_query_user_pass is always true,
-# but no idea why
+# FP: cppcheck thinks that management_query_user_pass is always true
knownConditionTrueFalse:src/openvpn/misc.c:97
# FP: cert_uri_supported is a wrapper around defines, so it's
# always constant but differs depending on OpenSSL version
-knownConditionTrueFalse:src/openvpn/ssl_openssl.c:1258
+knownConditionTrueFalse:src/openvpn/ssl_openssl.c:1332
# FP: cppcheck doesn't understand that the function changes szErrMessage
knownConditionTrueFalse:src/tapctl/main.c:704
knownConditionTrueFalse:src/openvpnmsica/dllmain.c:164
diff --git a/sample/sample-plugins/defer/multi-auth.c
b/sample/sample-plugins/defer/multi-auth.c
index f6bbf44..33fbe61 100644
--- a/sample/sample-plugins/defer/multi-auth.c
+++ b/sample/sample-plugins/defer/multi-auth.c
@@ -399,7 +399,7 @@
OPENVPN_EXPORT void *
openvpn_plugin_client_constructor_v1(openvpn_plugin_handle_t handle)
{
- struct plugin_context *context = (struct plugin_context *)handle;
+ const struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_constructor_v1");
return calloc(1, sizeof(struct plugin_per_client_context));
}
@@ -407,7 +407,7 @@
OPENVPN_EXPORT void
openvpn_plugin_client_destructor_v1(openvpn_plugin_handle_t handle, void
*per_client_context)
{
- struct plugin_context *context = (struct plugin_context *)handle;
+ const struct plugin_context *context = (struct plugin_context *)handle;
plog(context, PLOG_NOTE, "FUNC: openvpn_plugin_client_destructor_v1");
free(per_client_context);
}
diff --git a/sample/sample-plugins/log/log.c b/sample/sample-plugins/log/log.c
index 330e3e0..76350ee 100644
--- a/sample/sample-plugins/log/log.c
+++ b/sample/sample-plugins/log/log.c
@@ -173,7 +173,7 @@
openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const
char *argv[],
const char *envp[])
{
- struct plugin_context *context = (struct plugin_context *)handle;
+ const struct plugin_context *context = (struct plugin_context *)handle;
show(type, argv, envp);
diff --git a/sample/sample-plugins/log/log_v3.c
b/sample/sample-plugins/log/log_v3.c
index deae590..fae7bc4 100644
--- a/sample/sample-plugins/log/log_v3.c
+++ b/sample/sample-plugins/log/log_v3.c
@@ -245,7 +245,7 @@
openvpn_plugin_func_v3(const int version, struct openvpn_plugin_args_func_in
const *args,
struct openvpn_plugin_args_func_return *retptr)
{
- struct plugin_context *context = (struct plugin_context *)args->handle;
+ const struct plugin_context *context = (struct plugin_context
*)args->handle;
printf("\nopenvpn_plugin_func_v3() :::::>> ");
show(args->type, args->argv, args->envp);
diff --git a/sample/sample-plugins/simple/simple.c
b/sample/sample-plugins/simple/simple.c
index 687a633..3182be0 100644
--- a/sample/sample-plugins/simple/simple.c
+++ b/sample/sample-plugins/simple/simple.c
@@ -104,7 +104,7 @@
openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const
char *argv[],
const char *envp[])
{
- struct plugin_context *context = (struct plugin_context *)handle;
+ const struct plugin_context *context = (struct plugin_context *)handle;
/* get username/password from envp string array */
const char *username = get_env("username", envp);
diff --git a/src/openvpn/argv.c b/src/openvpn/argv.c
index 6a5d92e..028671d 100644
--- a/src/openvpn/argv.c
+++ b/src/openvpn/argv.c
@@ -359,7 +359,7 @@
*
*/
size_t argc = argres->argc;
- char *f = argv_prep_format(format, delim, &argc, &argres->gc);
+ const char *f = argv_prep_format(format, delim, &argc, &argres->gc);
if (f == NULL)
{
goto out;
diff --git a/src/openvpn/auth_token.c b/src/openvpn/auth_token.c
index d8ca125..0cfcd2d 100644
--- a/src/openvpn/auth_token.c
+++ b/src/openvpn/auth_token.c
@@ -217,7 +217,7 @@
* a new token with the empty username since we do not want to loose
* the information that the username cannot be trusted
*/
- struct key_state *ks = &multi->session[TM_ACTIVE].key[KS_PRIMARY];
+ const struct key_state *ks = &multi->session[TM_ACTIVE].key[KS_PRIMARY];
if (ks->auth_token_state_flags & AUTH_TOKEN_VALID_EMPTYUSER)
{
hmac_ctx_update(ctx, (const uint8_t *)"", 0);
diff --git a/src/openvpn/base64.c b/src/openvpn/base64.c
index 7af8976..5752844 100644
--- a/src/openvpn/base64.c
+++ b/src/openvpn/base64.c
@@ -161,7 +161,7 @@
{
const char *p;
unsigned char *q;
- unsigned char *e = NULL;
+ const unsigned char *e = NULL;
q = data;
if (size >= 0)
diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c
index eec91a6..46c1d12 100644
--- a/src/openvpn/buffer.c
+++ b/src/openvpn/buffer.c
@@ -531,7 +531,7 @@
void
buf_null_terminate(struct buffer *buf)
{
- char *last = (char *)BLAST(buf);
+ const char *last = (char *)BLAST(buf);
if (last && *last == '\0') /* already terminated? */
{
return;
@@ -554,7 +554,7 @@
{
while (true)
{
- char *last = (char *)BLAST(buf);
+ const char *last = (char *)BLAST(buf);
if (!last)
{
break;
diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h
index b4e65ef..6a751ad 100644
--- a/src/openvpn/buffer.h
+++ b/src/openvpn/buffer.h
@@ -712,7 +712,7 @@
static inline bool
buf_copy_n(struct buffer *dest, struct buffer *src, int n)
{
- uint8_t *cp = buf_read_alloc(src, n);
+ const uint8_t *cp = buf_read_alloc(src, n);
if (!cp)
{
return false;
@@ -764,7 +764,7 @@
static inline bool
buf_read(struct buffer *src, void *dest, int size)
{
- uint8_t *cp = buf_read_alloc(src, size);
+ const uint8_t *cp = buf_read_alloc(src, size);
if (!cp)
{
return false;
diff --git a/src/openvpn/comp-lz4.c b/src/openvpn/comp-lz4.c
index 45f138c..48797b0 100644
--- a/src/openvpn/comp-lz4.c
+++ b/src/openvpn/comp-lz4.c
@@ -164,7 +164,7 @@
ASSERT(buf_init(&work, frame->buf.headroom));
/* do unframing/swap (assumes buf->len > 0) */
- uint8_t *head = BPTR(buf);
+ const uint8_t *head = BPTR(buf);
c = *head;
/* Not compressed */
diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c
index df9b905..a9a33c0 100644
--- a/src/openvpn/crypto.c
+++ b/src/openvpn/crypto.c
@@ -1210,7 +1210,7 @@
/* init implicit IV */
{
- cipher_ctx_t *cipher = co->key_ctx_bi.encrypt.cipher;
+ const cipher_ctx_t *cipher = co->key_ctx_bi.encrypt.cipher;
if (cipher_ctx_mode_aead(cipher))
{
ASSERT(cipher_ctx_iv_length(cipher) <= OPENVPN_MAX_IV_LENGTH);
@@ -1919,7 +1919,7 @@
const char *seed = "tls1-prf-test";
const char *secret = "tls1-prf-test-secret";
uint8_t out[8];
- uint8_t expected_out[] = { 'q', 'D', 0xfe, '%', '@', 's', 'u', 0x95 };
+ const uint8_t expected_out[] = { 'q', 'D', 0xfe, '%', '@', 's', 'u', 0x95
};
int ret = ssl_tls1_PRF((uint8_t *)seed, strlen(seed), (uint8_t *)secret,
strlen(secret), out, sizeof(out));
diff --git a/src/openvpn/crypto_epoch.c b/src/openvpn/crypto_epoch.c
index 54225bf..3812435 100644
--- a/src/openvpn/crypto_epoch.c
+++ b/src/openvpn/crypto_epoch.c
@@ -213,7 +213,7 @@
*
* The last generated key might have been moved to the decrypt key already.
*/
- struct key_ctx *highest_future_key =
+ const struct key_ctx *highest_future_key =
&co->epoch_data_keys_future[co->epoch_data_keys_future_count - 1];
ASSERT(co->epoch_key_recv.epoch == 1 || highest_future_key->epoch ==
co->epoch_key_recv.epoch
diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c
index f5b7081..17acf8e 100644
--- a/src/openvpn/dco.c
+++ b/src/openvpn/dco.c
@@ -109,7 +109,7 @@
for (int i = 0; i < KEY_SCAN_SIZE; ++i)
{
struct key_state *ks = get_key_scan(multi, i);
- struct key_ctx_bi *key = &ks->crypto_options.key_ctx_bi;
+ const struct key_ctx_bi *key = &ks->crypto_options.key_ctx_bi;
if (ks == primary)
{
@@ -560,7 +560,7 @@
struct sockaddr_storage *local)
{
#if ENABLE_IP_PKTINFO
- struct context *c = &mi->context;
+ const struct context *c = &mi->context;
if (!proto_is_udp(c->c2.link_sockets[0]->info.proto)
|| !(c->options.sockflags & SF_USE_IP_PKTINFO))
@@ -608,7 +608,7 @@
int
dco_multi_add_new_peer(struct multi_context *m, struct multi_instance *mi)
{
- struct context *c = &mi->context;
+ const struct context *c = &mi->context;
int peer_id = c->c2.tls_multi->peer_id;
struct sockaddr *remoteaddr, *localaddr = NULL;
@@ -685,7 +685,7 @@
}
#endif
- struct context *c = &mi->context;
+ const struct context *c = &mi->context;
if (addrtype == MR_ADDR_IPV6)
{
#if defined(_WIN32)
@@ -733,7 +733,7 @@
}
ASSERT(TUNNEL_TYPE(mi->context.c1.tuntap) == DEV_TYPE_TUN);
- struct context *c = &mi->context;
+ const struct context *c = &mi->context;
if (mi->context.c2.push_ifconfig_defined)
{
diff --git a/src/openvpn/dco_linux.c b/src/openvpn/dco_linux.c
index 40746bd..3732dd7 100644
--- a/src/openvpn/dco_linux.c
+++ b/src/openvpn/dco_linux.c
@@ -697,7 +697,7 @@
{
dco_context_t *dco = arg;
struct nlattr *tb[CTRL_ATTR_MAX + 1];
- struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
+ const struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
genlmsg_attrlen(gnlh, 0), NULL);
@@ -706,7 +706,7 @@
return NL_SKIP;
}
- struct nlattr *mcgrp;
+ const struct nlattr *mcgrp;
int rem_mcgrp;
nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], rem_mcgrp)
{
diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c
index 954ed52..1e49195 100644
--- a/src/openvpn/dns.c
+++ b/src/openvpn/dns.c
@@ -132,7 +132,7 @@
}
else
{
- struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)ai->ai_addr;
+ const struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)ai->ai_addr;
server->addr[server->addr_count].in.a6 = sin6->sin6_addr;
}
@@ -156,7 +156,7 @@
/* Append all domains to the end of the list */
while (*domains)
{
- char *domain = *domains++;
+ const char *domain = *domains++;
if (!validate_domain(domain))
{
return false;
@@ -699,7 +699,7 @@
run_up_down_command(bool up, struct options *o, const struct tuntap *tt,
struct dns_updown_runner_info *updown_runner)
{
- struct dns_options *dns = &o->dns_options;
+ const struct dns_options *dns = &o->dns_options;
if (!dns->updown || (o->up_script && !dns_updown_user_set(dns) &&
!dns_updown_forced(dns)))
{
return;
diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 53eab4d..a4747ed 100644
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -1215,7 +1215,7 @@
{
if (float_sa->sa_family == AF_INET)
{
- struct sockaddr_in *float4 = (struct sockaddr_in *)float_sa;
+ const struct sockaddr_in *float4 = (struct sockaddr_in *)float_sa;
/* DCO treats IPv4-mapped IPv6 addresses as pure IPv4. However, on a
* dual-stack socket, we need to preserve the mapping otherwise openvpn
* will not be able to find the peer by its transport address.
@@ -1238,7 +1238,7 @@
}
else
{
- struct sockaddr_in6 *float6 = (struct sockaddr_in6 *)float_sa;
+ const struct sockaddr_in6 *float6 = (struct sockaddr_in6 *)float_sa;
memcpy(&out_osaddr->addr.in6, float6, sizeof(struct sockaddr_in6));
}
}
@@ -1369,7 +1369,7 @@
}
struct openvpn_sockaddr *link_addr = &c->c2.to_link_addr->dest;
- struct link_socket_info *lsi = get_link_socket_info(c);
+ const struct link_socket_info *lsi = get_link_socket_info(c);
int ip_hdr_offset = 0;
int tun_ip_ver = get_tun_ip_ver(TUNNEL_TYPE(c->c1.tuntap), buf,
&ip_hdr_offset);
@@ -2241,7 +2241,7 @@
if (e->arg >= MULTI_N)
{
- struct event_arg *ev_arg = (struct event_arg *)e->arg;
+ const struct event_arg *ev_arg = (struct event_arg
*)e->arg;
if (ev_arg->type != EVENT_ARG_LINK_SOCKET)
{
c->c2.event_set_status = ES_ERROR;
diff --git a/src/openvpn/init.c b/src/openvpn/init.c
index caaa769..af652ac 100644
--- a/src/openvpn/init.c
+++ b/src/openvpn/init.c
@@ -319,8 +319,8 @@
management_callback_remote_entry_count(void *arg)
{
ASSERT(arg);
- struct context *c = (struct context *)arg;
- struct connection_list *l = c->options.connection_list;
+ const struct context *c = (struct context *)arg;
+ const struct connection_list *l = c->options.connection_list;
return l->len;
}
@@ -342,7 +342,7 @@
if (index < l->len)
{
- struct connection_entry *ce = l->array[index];
+ const struct connection_entry *ce = l->array[index];
const char *proto = proto2ascii(ce->proto, ce->af, false);
const char *status = (ce->flags & CE_DISABLED) ? "disabled" :
"enabled";
@@ -525,7 +525,7 @@
{
struct connection_list *l = c->options.connection_list;
bool ce_defined;
- struct connection_entry *ce;
+ const struct connection_entry *ce;
int n_cycles = 0;
do
@@ -1582,9 +1582,9 @@
if (management)
{
in_addr_t *tun_local = NULL;
- struct in6_addr *tun_local6 = NULL;
+ const struct in6_addr *tun_local6 = NULL;
struct openvpn_sockaddr local, remote;
- struct link_socket_actual *actual;
+ const struct link_socket_actual *actual;
socklen_t sa_len = sizeof(local);
const char *detail = "SUCCESS";
if (flags & ISC_ERRORS)
diff --git a/src/openvpn/list.c b/src/openvpn/list.c
index f0e9908..2e1cf05 100644
--- a/src/openvpn/list.c
+++ b/src/openvpn/list.c
@@ -165,7 +165,7 @@
hash_remove_by_value(struct hash *hash, void *value)
{
struct hash_iterator hi;
- struct hash_element *he;
+ const struct hash_element *he;
hash_iterator_init(hash, &hi);
while ((he = hash_iterator_next(&hi)))
diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c
index c082f51..604bbcd 100644
--- a/src/openvpn/manage.c
+++ b/src/openvpn/manage.c
@@ -3820,7 +3820,7 @@
{
int ok;
char *result = NULL;
- struct buffer *buf;
+ const struct buffer *buf;
ok = management_query_multiline(man, b64_data, prompt, cmd, state, input);
if (ok && buffer_list_defined(*input))
@@ -3849,7 +3849,7 @@
{
int ok;
char *result = NULL;
- struct buffer *buf;
+ const struct buffer *buf;
ok = management_query_multiline(man, b64_data, prompt, cmd, state, input);
if (ok && buffer_list_defined(*input))
diff --git a/src/openvpn/misc.c b/src/openvpn/misc.c
index 10bfc35..6563b83 100644
--- a/src/openvpn/misc.c
+++ b/src/openvpn/misc.c
@@ -131,7 +131,7 @@
struct auth_challenge_info *ac;
const int len = strlen(auth_challenge);
char *work = (char *)gc_malloc(len + 1, false, gc);
- char *cp;
+ const char *cp;
struct buffer b;
buf_set_read(&b, (const uint8_t *)auth_challenge, len);
diff --git a/src/openvpn/mss.c b/src/openvpn/mss.c
index 14112b4..36bbb43 100644
--- a/src/openvpn/mss.c
+++ b/src/openvpn/mss.c
@@ -65,7 +65,7 @@
struct buffer newbuf = *buf;
if (buf_advance(&newbuf, hlen))
{
- struct openvpn_tcphdr *tc = (struct openvpn_tcphdr *)BPTR(&newbuf);
+ const struct openvpn_tcphdr *tc = (struct openvpn_tcphdr
*)BPTR(&newbuf);
if (tc->flags & OPENVPN_TCPH_SYN_MASK)
{
mss_fixup_dowork(&newbuf, maxmss);
@@ -122,7 +122,7 @@
newbuf = *buf;
if (buf_advance(&newbuf, 40) && BLENZ(&newbuf) >= sizeof(struct
openvpn_tcphdr))
{
- struct openvpn_tcphdr *tc = (struct openvpn_tcphdr *)BPTR(&newbuf);
+ const struct openvpn_tcphdr *tc = (struct openvpn_tcphdr
*)BPTR(&newbuf);
if (tc->flags & OPENVPN_TCPH_SYN_MASK)
{
mss_fixup_dowork(&newbuf, maxmss - 20);
diff --git a/src/openvpn/mtcp.c b/src/openvpn/mtcp.c
index 7651b4d..df94a70 100644
--- a/src/openvpn/mtcp.c
+++ b/src/openvpn/mtcp.c
@@ -130,7 +130,7 @@
void
multi_tcp_dereference_instance(struct multi_io *multi_io, struct
multi_instance *mi)
{
- struct link_socket *sock = mi->context.c2.link_sockets[0];
+ const struct link_socket *sock = mi->context.c2.link_sockets[0];
if (sock && mi->socket_set_called)
{
event_del(multi_io->es, socket_event_handle(sock));
diff --git a/src/openvpn/mudp.c b/src/openvpn/mudp.c
index 432c79a..50d72d5 100644
--- a/src/openvpn/mudp.c
+++ b/src/openvpn/mudp.c
@@ -74,7 +74,7 @@
verdict = tls_pre_decrypt_lite(tas, state, &m->top.c2.from,
&m->top.c2.buf);
hmac_ctx_t *hmac = m->top.c2.session_id_hmac;
- struct openvpn_sockaddr *from = &m->top.c2.from.dest;
+ const struct openvpn_sockaddr *from = &m->top.c2.from.dest;
int handwindow = m->top.options.handshake_window;
if (verdict == VERDICT_VALID_RESET_V3 || verdict == VERDICT_VALID_RESET_V2)
@@ -201,7 +201,7 @@
struct hash_element *he;
const uint32_t hv = hash_value(hash, &real);
struct hash_bucket *bucket = hash_bucket(hash, hv);
- uint8_t *ptr = BPTR(&m->top.c2.buf);
+ const uint8_t *ptr = BPTR(&m->top.c2.buf);
uint8_t op = ptr[0] >> P_OPCODE_SHIFT;
bool v2 = (op == P_DATA_V2) && (m->top.c2.buf.len >= (1 + 3));
bool peer_id_disabled = false;
diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c
index 06e3758..6c833c0 100644
--- a/src/openvpn/multi.c
+++ b/src/openvpn/multi.c
@@ -86,7 +86,7 @@
struct gc_arena gc = gc_new();
struct env_set *es;
bool ret = true;
- struct plugin_list *plugins;
+ const struct plugin_list *plugins;
/* get environmental variable source */
if (mi && mi->context.c2.es)
@@ -1794,7 +1794,7 @@
* Push the first cipher from --data-ciphers to the client that
* the client announces to be supporting.
*/
- char *push_cipher =
+ const char *push_cipher =
ncp_get_best_cipher(o->ncp_ciphers, peer_info,
tls_multi->remote_ciphername, &o->gc);
if (push_cipher)
{
@@ -1925,7 +1925,7 @@
static enum client_connect_return
ccs_test_deferred_ret_file(struct multi_instance *mi)
{
- struct client_connect_defer_state *ccs = &(mi->client_connect_defer_state);
+ const struct client_connect_defer_state *ccs =
&(mi->client_connect_defer_state);
FILE *fp = fopen(ccs->deferred_ret_file, "r");
if (!fp)
{
@@ -2166,7 +2166,7 @@
{
ASSERT(mi);
ASSERT(option_types_found);
- struct client_connect_defer_state *ccs = &(mi->client_connect_defer_state);
+ const struct client_connect_defer_state *ccs =
&(mi->client_connect_defer_state);
enum client_connect_return ret = CC_RET_SKIPPED;
ret = ccs_test_deferred_ret_file(mi);
@@ -2568,7 +2568,7 @@
override_locked_username(struct multi_instance *mi)
{
struct tls_multi *multi = mi->context.c2.tls_multi;
- struct options *options = &mi->context.options;
+ const struct options *options = &mi->context.options;
struct tls_session *session = &multi->session[TM_ACTIVE];
if (!multi->locked_username)
@@ -3104,7 +3104,7 @@
struct multi_instance *ex_mi = (struct multi_instance *)he->value;
struct tls_multi *m1 = mi->context.c2.tls_multi;
- struct tls_multi *m2 = ex_mi->context.c2.tls_multi;
+ const struct tls_multi *m2 = ex_mi->context.c2.tls_multi;
/* do not float if target address is taken by client with another cert
*/
if (!cert_hash_compare(m1->locked_cert_hash_set,
m2->locked_cert_hash_set))
@@ -3864,7 +3864,7 @@
static int
management_callback_n_clients(void *arg)
{
- struct multi_context *m = (struct multi_context *)arg;
+ const struct multi_context *m = (struct multi_context *)arg;
return m->n_clients;
}
diff --git a/src/openvpn/networking_sitnl.c b/src/openvpn/networking_sitnl.c
index b3f8e2b..e6e72d0 100644
--- a/src/openvpn/networking_sitnl.c
+++ b/src/openvpn/networking_sitnl.c
@@ -462,7 +462,7 @@
struct rtattr *rta = RTM_RTA(r);
size_t len = n->nlmsg_len - NLMSG_LENGTH(sizeof(*r));
unsigned int table, ifindex = 0;
- void *gw = NULL;
+ const void *gw = NULL;
/* filter-out non-zero dst prefixes */
if (res->default_only && r->rtm_dst_len != 0)
@@ -1179,7 +1179,7 @@
net_route_v4_add(openvpn_net_ctx_t *ctx, const in_addr_t *dst, int prefixlen,
const in_addr_t *gw,
const char *iface, uint32_t table, int metric)
{
- in_addr_t *dst_ptr = NULL, *gw_ptr = NULL;
+ const in_addr_t *dst_ptr = NULL, *gw_ptr = NULL;
in_addr_t dst_be = 0, gw_be = 0;
char dst_str[INET_ADDRSTRLEN];
char gw_str[INET_ADDRSTRLEN];
@@ -1326,7 +1326,7 @@
#if defined(ENABLE_DCO)
if (arg && (strcmp(type, OVPN_FAMILY_NAME) == 0))
{
- dco_context_t *dco = arg;
+ const dco_context_t *dco = arg;
struct rtattr *data = SITNL_NEST(&req.n, sizeof(req), IFLA_INFO_DATA);
/* the netlink format is uint8_t for this and using something
diff --git a/src/openvpn/options.c b/src/openvpn/options.c
index 53fb060..fd0d3fc 100644
--- a/src/openvpn/options.c
+++ b/src/openvpn/options.c
@@ -1877,7 +1877,7 @@
SHOW_INT(verify_hash_algo);
SHOW_INT(verify_hash_depth);
struct gc_arena gc = gc_new();
- struct verify_hash_list *hl = o->verify_hash;
+ const struct verify_hash_list *hl = o->verify_hash;
int digest_len =
(o->verify_hash_algo == MD_SHA1) ? SHA_DIGEST_LENGTH :
SHA256_DIGEST_LENGTH;
while (hl)
@@ -2333,7 +2333,7 @@
for (int i = 0; i < ce->local_list->len; i++)
{
- struct local_entry *le = ce->local_list->array[i];
+ const struct local_entry *le = ce->local_list->array[i];
if (proto_is_net(le->proto) && string_defined_equal(le->local,
ce->remote)
&& string_defined_equal(le->port, ce->remote_port))
@@ -3988,7 +3988,7 @@
{
char *fullpath =
string_alloc(file, NULL); /* POSIX dirname() implementation may
modify its arguments */
- char *dirpath = dirname(fullpath);
+ const char *dirpath = dirname(fullpath);
if (platform_access(dirpath, mode | X_OK) != 0)
{
@@ -4219,7 +4219,7 @@
ASSERT(options->connection_list);
for (int i = 0; i < options->connection_list->len; ++i)
{
- struct connection_entry *ce = options->connection_list->array[i];
+ const struct connection_entry *ce = options->connection_list->array[i];
errs |= check_file_access_inline(ce->tls_auth_file_inline, CHKACC_FILE
| CHKACC_PRIVATE,
ce->tls_auth_file, R_OK,
"--tls-auth");
@@ -9091,7 +9091,7 @@
#ifdef ENABLE_PKCS11
else if (streq(p[0], "show-pkcs11-ids") && !p[3])
{
- char *provider = p[1];
+ const char *provider = p[1];
bool cert_private = (p[2] == NULL ? false : (atoi_warn(p[2], msglevel)
!= 0));
#ifdef DEFAULT_PKCS11_MODULE
diff --git a/src/openvpn/options_parse.c b/src/openvpn/options_parse.c
index a8c4aee..88ab4d2 100644
--- a/src/openvpn/options_parse.c
+++ b/src/openvpn/options_parse.c
@@ -268,7 +268,7 @@
while (in_src_get(is, line, sizeof(line)))
{
(*num_lines)++;
- char *line_ptr = line;
+ const char *line_ptr = line;
/* Remove leading spaces */
while (isspace(*line_ptr))
{
diff --git a/src/openvpn/options_util.c b/src/openvpn/options_util.c
index 47fe0bc..dc4d3ea 100644
--- a/src/openvpn/options_util.c
+++ b/src/openvpn/options_util.c
@@ -272,7 +272,7 @@
return true;
}
- struct pull_filter *f;
+ const struct pull_filter *f;
for (f = o->pull_filter_list->head; f; f = f->next)
{
diff --git a/src/openvpn/pool.c b/src/openvpn/pool.c
index 15004c0..97f59f3 100644
--- a/src/openvpn/pool.c
+++ b/src/openvpn/pool.c
@@ -63,7 +63,7 @@
for (i = 0; i < pool->size; ++i)
{
- struct ifconfig_pool_entry *ipe = &pool->list[i];
+ const struct ifconfig_pool_entry *ipe = &pool->list[i];
if (!ipe->in_use)
{
/*
diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c
index 9f3ec93..4de7615 100644
--- a/src/openvpn/proxy.c
+++ b/src/openvpn/proxy.c
@@ -703,7 +703,7 @@
#if PROXY_DIGEST_AUTH
else if (p->auth_method == HTTP_AUTH_DIGEST && !processed)
{
- char *pa = p->proxy_authenticate;
+ const char *pa = p->proxy_authenticate;
const int method = p->auth_method;
ASSERT(pa);
diff --git a/src/openvpn/push.c b/src/openvpn/push.c
index ae0f0e2..a030acd 100644
--- a/src/openvpn/push.c
+++ b/src/openvpn/push.c
@@ -271,8 +271,8 @@
}
#ifdef ENABLE_MANAGEMENT
struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE];
- struct man_def_auth_context *mda = session->opt->mda_context;
- struct env_set *es = session->opt->es;
+ const struct man_def_auth_context *mda = session->opt->mda_context;
+ const struct env_set *es = session->opt->es;
unsigned int mda_key_id = get_primary_key(c->c2.tls_multi)->mda_key_id;
management_notify_client_cr_response(mda_key_id, mda, es, m);
@@ -913,7 +913,7 @@
push_options(struct options *o, char **p, msglvl_t msglevel, struct gc_arena
*gc)
{
const char **argv = make_extended_arg_array(p, false, gc);
- char *opt = print_argv(argv, gc, 0);
+ const char *opt = print_argv(argv, gc, 0);
push_option(o, opt, msglevel);
}
@@ -1197,7 +1197,7 @@
/* parse route-ipv6 arguments */
if (get_ipv6_addr(p[1], &network, &netbits, D_ROUTE_DEBUG))
{
- struct iroute_ipv6 *ir;
+ const struct iroute_ipv6 *ir;
/* does this route-ipv6 match an iroute-ipv6? */
for (ir = o->iroutes_ipv6; ir != NULL; ir = ir->next)
diff --git a/src/openvpn/route.c b/src/openvpn/route.c
index 93e856b..da48d8e 100644
--- a/src/openvpn/route.c
+++ b/src/openvpn/route.c
@@ -667,7 +667,7 @@
/* parse the routes from opt to rl */
{
- struct route_option *ro;
+ const struct route_option *ro;
for (ro = opt->routes; ro; ro = ro->next)
{
struct addrinfo *netlist = NULL;
@@ -799,7 +799,7 @@
need_remote_ipv6_route = false;
{
- struct route_ipv6_option *ro6;
+ const struct route_ipv6_option *ro6;
for (ro6 = opt6->routes_ipv6; ro6; ro6 = ro6->next)
{
struct route_ipv6 *r6;
@@ -1187,7 +1187,7 @@
{
if (rl6 && (rl6->iflags & RL_ROUTES_ADDED))
{
- struct route_ipv6 *r6;
+ const struct route_ipv6 *r6;
for (r6 = rl6->routes_ipv6; r6; r6 = r6->next)
{
delete_route_ipv6(r6, tt, es, ctx);
@@ -1226,7 +1226,7 @@
void
print_route_options(const struct route_option_list *rol, msglvl_t msglevel)
{
- struct route_option *ro;
+ const struct route_option *ro;
if (rol->flags & RG_ENABLE)
{
msg(msglevel, " [redirect_default_gateway local=%d]", (rol->flags &
RG_LOCAL) != 0);
@@ -1335,7 +1335,7 @@
setenv_routes(struct env_set *es, const struct route_list *rl)
{
int i = 1;
- struct route_ipv4 *r;
+ const struct route_ipv4 *r;
for (r = rl->routes; r; r = r->next)
{
setenv_route(es, r, i++);
@@ -1372,7 +1372,7 @@
setenv_routes_ipv6(struct env_set *es, const struct route_ipv6_list *rl6)
{
int i = 1;
- struct route_ipv6 *r6;
+ const struct route_ipv6 *r6;
for (r6 = rl6->routes_ipv6; r6; r6 = r6->next)
{
setenv_route_ipv6(es, r6, i++);
@@ -3110,7 +3110,8 @@
/* scan adapter list */
if (rgi->flags & RGI_ADDR_DEFINED)
{
- struct ifreq *ifr, *ifend;
+ struct ifreq *ifr;
+ const struct ifreq *ifend;
in_addr_t addr, netmask;
struct ifreq ifreq;
struct ifconf ifc;
diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index da6f870..6cc0209 100644
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -393,7 +393,7 @@
for (int j = 0; j < ce->local_list->len; j++)
{
- struct local_entry *le = ce->local_list->array[j];
+ const struct local_entry *le = ce->local_list->array[j];
if (!le->local)
{
@@ -1514,7 +1514,7 @@
/* Socket is always bound on the first matching address,
* For bound sockets with no remote addr this is the element of
* the list */
- struct addrinfo *cur;
+ const struct addrinfo *cur;
for (cur = sock->info.lsa->bind_local; cur; cur = cur->ai_next)
{
if (!ai_family || ai_family == cur->ai_family)
@@ -1930,7 +1930,7 @@
const struct link_socket_actual *from_addr)
{
struct gc_arena gc = gc_new();
- struct addrinfo *ai;
+ const struct addrinfo *ai;
switch (from_addr->dest.addr.sa.sa_family)
{
diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c
index d332359c..7f3b4dc 100644
--- a/src/openvpn/ssl.c
+++ b/src/openvpn/ssl.c
@@ -1478,7 +1478,7 @@
static bool
generate_key_expansion(struct tls_multi *multi, struct key_state *ks, struct
tls_session *session)
{
- struct key_ctx_bi *key = &ks->crypto_options.key_ctx_bi;
+ const struct key_ctx_bi *key = &ks->crypto_options.key_ctx_bi;
bool ret = false;
struct key2 key2;
@@ -1740,7 +1740,7 @@
static void
flush_payload_buffer(struct key_state *ks)
{
- struct buffer *b;
+ const struct buffer *b;
while ((b = buffer_list_peek(ks->paybuf)))
{
@@ -2719,7 +2719,7 @@
/* Outgoing Ciphertext to reliable buffer */
if (ks->state >= S_START)
{
- struct buffer *buf =
reliable_get_buf_output_sequenced(ks->send_reliable);
+ const struct buffer *buf =
reliable_get_buf_output_sequenced(ks->send_reliable);
if (buf)
{
if (!write_outgoing_tls_ciphertext(session, continue_tls_process))
@@ -2788,7 +2788,7 @@
{
int opcode;
- struct buffer *buf = reliable_send(ks->send_reliable, &opcode);
+ const struct buffer *buf = reliable_send(ks->send_reliable, &opcode);
ASSERT(buf);
struct buffer b = *buf;
INCR_SENT;
@@ -3151,7 +3151,7 @@
static void
check_session_buf_not_used(struct buffer *to_link, struct tls_session *session)
{
- uint8_t *dataptr = to_link->data;
+ const uint8_t *dataptr = to_link->data;
if (!dataptr)
{
return;
@@ -3167,7 +3167,7 @@
for (int i = 0; i < KS_SIZE; i++)
{
- struct key_state *ks = &session->key[i];
+ const struct key_state *ks = &session->key[i];
if (ks->state == S_UNDEF)
{
continue;
@@ -3232,7 +3232,7 @@
{
struct tls_session *session = &multi->session[i];
struct key_state *ks = &session->key[KS_PRIMARY];
- struct key_state *ks_lame = &session->key[KS_LAME_DUCK];
+ const struct key_state *ks_lame = &session->key[KS_LAME_DUCK];
/* set initial remote address. This triggers connecting with that
* session. So we only do that if the TM_ACTIVE session is not
@@ -3433,7 +3433,7 @@
for (int i = 0; i < KEY_SCAN_SIZE; ++i)
{
- struct key_state *ks = get_key_scan(multi, i);
+ const struct key_state *ks = get_key_scan(multi, i);
if (ks->key_id != key_id)
{
continue;
@@ -3985,7 +3985,7 @@
void
tls_prepend_opcode_v1(const struct tls_multi *multi, struct buffer *buf)
{
- struct key_state *ks = multi->save_ks;
+ const struct key_state *ks = multi->save_ks;
msg(D_TLS_DEBUG, __func__);
@@ -3999,7 +3999,7 @@
void
tls_prepend_opcode_v2(const struct tls_multi *multi, struct buffer *buf)
{
- struct key_state *ks = multi->save_ks;
+ const struct key_state *ks = multi->save_ks;
uint32_t peer;
msg(D_TLS_DEBUG, __func__);
diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c
index 0804d2d..e5b55a1 100644
--- a/src/openvpn/ssl_verify.c
+++ b/src/openvpn/ssl_verify.c
@@ -409,7 +409,7 @@
const char *subject, const struct x509_track *x509_track)
{
char envname[64];
- char *serial = NULL;
+ const char *serial = NULL;
struct gc_arena gc = gc_new();
/* Save X509 fields in environment */
@@ -699,7 +699,7 @@
goto cleanup;
}
- struct verify_hash_list *current_hash = opt->verify_hash;
+ const struct verify_hash_list *current_hash = opt->verify_hash;
while (current_hash)
{
@@ -1530,7 +1530,7 @@
verify_user_pass_management(struct tls_session *session, const struct
user_pass *up)
{
int retval = KMDA_ERROR;
- struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
+ const struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
/* set username/password in private env space */
setenv_str(session->opt->es, "password", up->password);
diff --git a/src/openvpnmsica/msica_arg.c b/src/openvpnmsica/msica_arg.c
index a334710..d763d93 100644
--- a/src/openvpnmsica/msica_arg.c
+++ b/src/openvpnmsica/msica_arg.c
@@ -92,7 +92,7 @@
{
/* Count required space. */
size_t size = 2 /*x + zero-terminator*/;
- for (struct msica_arg *p = seq->head; p != NULL; p = p->next)
+ for (const struct msica_arg *p = seq->head; p != NULL; p = p->next)
{
size += wcslen(p->val) + 1 /*space delimiter|zero-terminator*/;
}
@@ -119,7 +119,7 @@
/* Join. */
LPWSTR s = str + 1 /*x*/;
- for (struct msica_arg *p = seq->head; p != NULL; p = p->next)
+ for (const struct msica_arg *p = seq->head; p != NULL; p = p->next)
{
/* Convert zero-terminator into space delimiter. */
s[0] = L' ';
diff --git a/src/openvpnmsica/openvpnmsica.c b/src/openvpnmsica/openvpnmsica.c
index d698c04..6a71801 100644
--- a/src/openvpnmsica/openvpnmsica.c
+++ b/src/openvpnmsica/openvpnmsica.c
@@ -196,7 +196,7 @@
/* Count adapters. */
size_t adapter_count = 0;
- for (struct tap_adapter_node *pAdapter = pAdapterList; pAdapter; pAdapter
= pAdapter->pNext)
+ for (const struct tap_adapter_node *pAdapter = pAdapterList; pAdapter;
pAdapter = pAdapter->pNext)
{
adapter_count++;
}
diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c
index 3b7bcc2..948b6af 100644
--- a/src/plugins/auth-pam/auth-pam.c
+++ b/src/plugins/auth-pam/auth-pam.c
@@ -526,7 +526,7 @@
openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const
char *argv[],
const char *envp[])
{
- struct auth_pam_context *context = (struct auth_pam_context *)handle;
+ const struct auth_pam_context *context = (struct auth_pam_context *)handle;
if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY && context->foreground_fd
>= 0)
{
diff --git a/src/tapctl/main.c b/src/tapctl/main.c
index 6a4a240..6697d14 100644
--- a/src/tapctl/main.c
+++ b/src/tapctl/main.c
@@ -317,7 +317,7 @@
return NULL;
}
- struct tap_adapter_node *conflict =
find_adapter_by_name(requested_name, adapter_list);
+ const struct tap_adapter_node *conflict =
find_adapter_by_name(requested_name, adapter_list);
if (conflict)
{
LPOLESTR adapter_id = NULL;
diff --git a/tests/unit_tests/openvpn/test_buffer.c
b/tests/unit_tests/openvpn/test_buffer.c
index 326de40..ce38bbe 100644
--- a/tests/unit_tests/openvpn/test_buffer.c
+++ b/tests/unit_tests/openvpn/test_buffer.c
@@ -88,7 +88,7 @@
int maxoutput = 0;
unsigned int blocksize = 5;
- char *separator = " ";
+ const char *separator = " ";
output = format_hex_ex(input, input_size, maxoutput, blocksize, separator,
&gc);
assert_string_equal(output, "0100ff10ff 00f00f090a");
@@ -174,7 +174,7 @@
/* With a max length of 2, no aggregation should take place */
buffer_list_aggregate_separator(ctx->one_two_three, 2, testsep);
assert_int_equal(ctx->one_two_three->size, 3);
- struct buffer *buf = buffer_list_peek(ctx->one_two_three);
+ const struct buffer *buf = buffer_list_peek(ctx->one_two_three);
assert_buf_equals_str(buf, teststr1);
}
@@ -189,7 +189,7 @@
*/
buffer_list_aggregate_separator(ctx->one_two_three, strlen(expected) + 1,
testsep);
assert_int_equal(ctx->one_two_three->size, 2);
- struct buffer *buf = buffer_list_peek(ctx->one_two_three);
+ const struct buffer *buf = buffer_list_peek(ctx->one_two_three);
assert_buf_equals_str(buf, expected);
}
@@ -201,7 +201,7 @@
/* Aggregate all */
buffer_list_aggregate_separator(ctx->one_two_three, 1 << 16, testsep);
assert_int_equal(ctx->one_two_three->size, 1);
- struct buffer *buf = buffer_list_peek(ctx->one_two_three);
+ const struct buffer *buf = buffer_list_peek(ctx->one_two_three);
assert_buf_equals_str(buf, teststr1 testsep teststr2 testsep teststr3
testsep);
}
@@ -213,7 +213,7 @@
/* Aggregate all */
buffer_list_aggregate_separator(ctx->one_two_three, 1 << 16, testnosep);
assert_int_equal(ctx->one_two_three->size, 1);
- struct buffer *buf = buffer_list_peek(ctx->one_two_three);
+ const struct buffer *buf = buffer_list_peek(ctx->one_two_three);
assert_buf_equals_str(buf, teststr1 teststr2 teststr3);
}
@@ -226,7 +226,7 @@
/* Aggregate all */
buffer_list_aggregate_separator(bl_zerolen, 1 << 16, testnosep);
assert_int_equal(bl_zerolen->size, 1);
- struct buffer *buf = buffer_list_peek(bl_zerolen);
+ const struct buffer *buf = buffer_list_peek(bl_zerolen);
assert_buf_equals_str(buf, "");
}
@@ -239,7 +239,7 @@
/* Aggregate all */
buffer_list_aggregate_separator(bl_emptybuffers, 1 << 16, testnosep);
assert_int_equal(bl_emptybuffers->size, 1);
- struct buffer *buf = buffer_list_peek(bl_emptybuffers);
+ const struct buffer *buf = buffer_list_peek(bl_emptybuffers);
assert_int_equal(BLEN(buf), 0);
}
diff --git a/tests/unit_tests/openvpn/test_crypto.c
b/tests/unit_tests/openvpn/test_crypto.c
index cb4eaa2..8393e1c 100644
--- a/tests/unit_tests/openvpn/test_crypto.c
+++ b/tests/unit_tests/openvpn/test_crypto.c
@@ -479,9 +479,9 @@
crypto_test_hkdf_expand_testa1(void **state)
{
/* RFC 5889 A.1 Test Case 1 */
- uint8_t prk[32] = { 0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf, 0x0d,
0xdc, 0x3f,
- 0x0d, 0xc4, 0x7b, 0xba, 0x63, 0x90, 0xb6, 0xc7, 0x3b,
0xb5, 0x0f,
- 0x9c, 0x31, 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2, 0xb3,
0xe5 };
+ const uint8_t prk[32] = { 0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf,
0x0d, 0xdc, 0x3f,
+ 0x0d, 0xc4, 0x7b, 0xba, 0x63, 0x90, 0xb6, 0xc7,
0x3b, 0xb5, 0x0f,
+ 0x9c, 0x31, 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2,
0xb3, 0xe5 };
uint8_t info[10] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8,
0xf9 };
@@ -500,9 +500,9 @@
crypto_test_hkdf_expand_testa2(void **state)
{
/* RFC 5889 A.2 Test Case 2 */
- uint8_t prk[32] = { 0x06, 0xa6, 0xb8, 0x8c, 0x58, 0x53, 0x36, 0x1a, 0x06,
0x10, 0x4c,
- 0x9c, 0xeb, 0x35, 0xb4, 0x5c, 0xef, 0x76, 0x00, 0x14,
0x90, 0x46,
- 0x71, 0x01, 0x4a, 0x19, 0x3f, 0x40, 0xc1, 0x5f, 0xc2,
0x44 };
+ const uint8_t prk[32] = { 0x06, 0xa6, 0xb8, 0x8c, 0x58, 0x53, 0x36, 0x1a,
0x06, 0x10, 0x4c,
+ 0x9c, 0xeb, 0x35, 0xb4, 0x5c, 0xef, 0x76, 0x00,
0x14, 0x90, 0x46,
+ 0x71, 0x01, 0x4a, 0x19, 0x3f, 0x40, 0xc1, 0x5f,
0xc2, 0x44 };
uint8_t info[80] = { 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, 0xb8,
0xb9, 0xba, 0xbb,
0xbc, 0xbd, 0xbe, 0xbf, 0xc0, 0xc1, 0xc2, 0xc3, 0xc4,
0xc5, 0xc6, 0xc7,
@@ -531,11 +531,11 @@
crypto_test_hkdf_expand_testa3(void **state)
{
/* RFC 5889 A.3 Test Case 3 */
- uint8_t prk[32] = { 0x19, 0xef, 0x24, 0xa3, 0x2c, 0x71, 0x7b, 0x16, 0x7f,
0x33, 0xa9,
- 0x1d, 0x6f, 0x64, 0x8b, 0xdf, 0x96, 0x59, 0x67, 0x76,
0xaf, 0xdb,
- 0x63, 0x77, 0xac, 0x43, 0x4c, 0x1c, 0x29, 0x3c, 0xcb,
0x04 };
+ const uint8_t prk[32] = { 0x19, 0xef, 0x24, 0xa3, 0x2c, 0x71, 0x7b, 0x16,
0x7f, 0x33, 0xa9,
+ 0x1d, 0x6f, 0x64, 0x8b, 0xdf, 0x96, 0x59, 0x67,
0x76, 0xaf, 0xdb,
+ 0x63, 0x77, 0xac, 0x43, 0x4c, 0x1c, 0x29, 0x3c,
0xcb, 0x04 };
- uint8_t info[] = { 0 };
+ const uint8_t info[] = { 0 };
int L = 42;
uint8_t okm[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f, 0x71,
0x5f, 0x80,
@@ -555,9 +555,9 @@
/* tests the HDKF with a label/okm that OpenVPN itself uses in OpenSSL 3
* HDKF unit test*/
- uint8_t prk[32] = { 0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf, 0x0d,
0xdc, 0x3f,
- 0x0d, 0xc4, 0x7b, 0xba, 0x63, 0x90, 0xb6, 0xc7, 0x3b,
0xb5, 0x0f,
- 0x9c, 0x31, 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2, 0xb3,
0xe5 };
+ const uint8_t prk[32] = { 0x07, 0x77, 0x09, 0x36, 0x2c, 0x2e, 0x32, 0xdf,
0x0d, 0xdc, 0x3f,
+ 0x0d, 0xc4, 0x7b, 0xba, 0x63, 0x90, 0xb6, 0xc7,
0x3b, 0xb5, 0x0f,
+ 0x9c, 0x31, 0x22, 0xec, 0x84, 0x4a, 0xd7, 0xc2,
0xb3, 0xe5 };
uint8_t info[18] = { 0x00, 0x1b, 0x0e, 0x6f, 0x76, 0x70, 0x6e, 0x20, 0x75,
0x6e, 0x69, 0x74, 0x20, 0x74, 0x65, 0x73, 0x74, 0x00
};
@@ -677,7 +677,7 @@
static int
crypto_test_epoch_setup(void **state)
{
- uint16_t *num_future_keys = (uint16_t *)*state;
+ const uint16_t *num_future_keys = (uint16_t *)*state;
struct epoch_test_state *data = calloc(1, sizeof(struct epoch_test_state));
data->gc = gc_new();
diff --git a/tests/unit_tests/openvpn/test_misc.c
b/tests/unit_tests/openvpn/test_misc.c
index a9ae33f..4a055e7 100644
--- a/tests/unit_tests/openvpn/test_misc.c
+++ b/tests/unit_tests/openvpn/test_misc.c
@@ -301,7 +301,7 @@
{
for (ptr_type i = 1; i <= 16; ++i)
{
- struct hash_element *item = hash_lookup_by_value(nhash, (void *)i);
+ const struct hash_element *item = hash_lookup_by_value(nhash,
(void *)i);
hash_remove_by_value(nhash, (void *)i);
/* check item got removed if it was present before */
if (item)
diff --git a/tests/unit_tests/openvpn/test_pkt.c
b/tests/unit_tests/openvpn/test_pkt.c
index cad2ce0..df9fed7 100644
--- a/tests/unit_tests/openvpn/test_pkt.c
+++ b/tests/unit_tests/openvpn/test_pkt.c
@@ -567,7 +567,7 @@
ASSERT(md_valid("SHA256"));
hmac_ctx_t *hmac_ctx = hmac_ctx_new();
- uint8_t key[SHA256_DIGEST_LENGTH] = { 1, 2, 3, 0 };
+ const uint8_t key[SHA256_DIGEST_LENGTH] = { 1, 2, 3, 0 };
hmac_ctx_init(hmac_ctx, key, "SHA256");
return hmac_ctx;
diff --git a/tests/unit_tests/openvpn/test_ssl.c
b/tests/unit_tests/openvpn/test_ssl.c
index c40845a..9f5d34a 100644
--- a/tests/unit_tests/openvpn/test_ssl.c
+++ b/tests/unit_tests/openvpn/test_ssl.c
@@ -683,7 +683,7 @@
openvpn_encrypt(&buf, encrypt_workspace, &co);
/* separate buffer in authenticated data and encrypted data */
- uint8_t *ad_start = BPTR(&buf);
+ const uint8_t *ad_start = BPTR(&buf);
buf_advance(&buf, 4);
if (epoch)
diff --git a/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
b/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
index a861bfd..89f0642 100644
--- a/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
+++ b/tests/unit_tests/plugins/auth-pam/test_search_and_replace.c
@@ -12,7 +12,7 @@
static void
pass_any_null_param__returns_null(void **state)
{
- char DUMMY[] = "DUMMY";
+ const char DUMMY[] = "DUMMY";
assert_null(searchandreplace(NULL, DUMMY, DUMMY));
assert_null(searchandreplace(DUMMY, NULL, DUMMY));
@@ -22,8 +22,8 @@
static void
pass_any_empty_string__returns_null(void **state)
{
- char DUMMY[] = "DUMMY";
- char EMPTY[] = "";
+ const char DUMMY[] = "DUMMY";
+ const char EMPTY[] = "";
assert_null(searchandreplace(EMPTY, DUMMY, DUMMY));
assert_null(searchandreplace(DUMMY, EMPTY, DUMMY));
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1661?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings?usp=email
Gerrit-MessageType: newchange
Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: I2b71dae37ebe63c26a66761f877b25d326ed140f
Gerrit-Change-Number: 1661
Gerrit-PatchSet: 1
Gerrit-Owner: flichtenheld <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
