From e4646a8963fa6bc6f475afe7a9b9a46b151cfd1a Mon Sep 17 00:00:00 2001 From: Kurt Roeckx Date: Sun, 7 Feb 2016 20:44:27 +0100 Subject: [PATCH] Constify security callbacks Reviewed-by: Viktor Dukhovni MR: #1595 --- apps/s_cb.c | 4 ++-- include/openssl/ssl.h | 10 +++++----- ssl/ssl_cert.c | 8 ++++---- ssl/ssl_lib.c | 10 +++++----- ssl/ssl_locl.h | 6 +++--- 5 files changed, 19 insertions(+), 19 deletions(-) diff --git a/apps/s_cb.c b/apps/s_cb.c index 3e9d0f63a9..047f2cec8b 100644 --- a/apps/s_cb.c +++ b/apps/s_cb.c @@ -1285,7 +1285,7 @@ int ssl_load_stores(SSL_CTX *ctx, typedef struct { BIO *out; int verbose; - int (*old_cb) (SSL *s, SSL_CTX *ctx, int op, int bits, int nid, + int (*old_cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); } security_debug_ex; @@ -1314,7 +1314,7 @@ static STRINT_PAIR callback_types[] = { {NULL} }; -static int security_callback_debug(SSL *s, SSL_CTX *ctx, +static int security_callback_debug(const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex) { diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index adfad4c369..ca83c6009b 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h @@ -1990,10 +1990,10 @@ int SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path); void SSL_set_security_level(SSL *s, int level); __owur int SSL_get_security_level(const SSL *s); void SSL_set_security_callback(SSL *s, - int (*cb) (SSL *s, SSL_CTX *ctx, int op, + int (*cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)); -int (*SSL_get_security_callback(const SSL *s)) (SSL *s, SSL_CTX *ctx, int op, +int (*SSL_get_security_callback(const SSL *s)) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); void SSL_set0_security_ex_data(SSL *s, void *ex); @@ -2002,11 +2002,11 @@ __owur void *SSL_get0_security_ex_data(const SSL *s); void SSL_CTX_set_security_level(SSL_CTX *ctx, int level); __owur int SSL_CTX_get_security_level(const SSL_CTX *ctx); void SSL_CTX_set_security_callback(SSL_CTX *ctx, - int (*cb) (SSL *s, SSL_CTX *ctx, int op, + int (*cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)); -int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (SSL *s, - SSL_CTX *ctx, +int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (const SSL *s, + const SSL_CTX *ctx, int op, int bits, int nid, void *other, diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index 8915531d42..e17cffc814 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -132,7 +132,7 @@ #include "internal/threads.h" #include "ssl_locl.h" -static int ssl_security_default_callback(SSL *s, SSL_CTX *ctx, int op, +static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); @@ -1062,7 +1062,7 @@ int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref) return 1; } -static int ssl_security_default_callback(SSL *s, SSL_CTX *ctx, int op, +static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex) { @@ -1144,12 +1144,12 @@ static int ssl_security_default_callback(SSL *s, SSL_CTX *ctx, int op, return 1; } -int ssl_security(SSL *s, int op, int bits, int nid, void *other) +int ssl_security(const SSL *s, int op, int bits, int nid, void *other) { return s->cert->sec_cb(s, NULL, op, bits, nid, other, s->cert->sec_ex); } -int ssl_ctx_security(SSL_CTX *ctx, int op, int bits, int nid, void *other) +int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid, void *other) { return ctx->cert->sec_cb(NULL, ctx, op, bits, nid, other, ctx->cert->sec_ex); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 2fa323a41d..94d0a220e5 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3786,14 +3786,14 @@ int SSL_get_security_level(const SSL *s) } void SSL_set_security_callback(SSL *s, - int (*cb) (SSL *s, SSL_CTX *ctx, int op, + int (*cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)) { s->cert->sec_cb = cb; } -int (*SSL_get_security_callback(const SSL *s)) (SSL *s, SSL_CTX *ctx, int op, +int (*SSL_get_security_callback(const SSL *s)) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex) { return s->cert->sec_cb; @@ -3820,15 +3820,15 @@ int SSL_CTX_get_security_level(const SSL_CTX *ctx) } void SSL_CTX_set_security_callback(SSL_CTX *ctx, - int (*cb) (SSL *s, SSL_CTX *ctx, int op, + int (*cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex)) { ctx->cert->sec_cb = cb; } -int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (SSL *s, - SSL_CTX *ctx, +int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (const SSL *s, + const SSL_CTX *ctx, int op, int bits, int nid, void *other, diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index b9beca536b..7e8f6a5850 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -1636,7 +1636,7 @@ typedef struct cert_st { custom_ext_methods cli_ext; custom_ext_methods srv_ext; /* Security callback */ - int (*sec_cb) (SSL *s, SSL_CTX *ctx, int op, int bits, int nid, + int (*sec_cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); /* Security level */ int sec_level; @@ -1912,8 +1912,8 @@ __owur int ssl_add_cert_chain(SSL *s, CERT_PKEY *cpk, unsigned long *l); __owur int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags); __owur int ssl_cert_set_cert_store(CERT *c, X509_STORE *store, int chain, int ref); -__owur int ssl_security(SSL *s, int op, int bits, int nid, void *other); -__owur int ssl_ctx_security(SSL_CTX *ctx, int op, int bits, int nid, void *other); +__owur int ssl_security(const SSL *s, int op, int bits, int nid, void *other); +__owur int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid, void *other); int ssl_undefined_function(SSL *s); __owur int ssl_undefined_void_function(void); -- 2.25.1