const-correct a few SSL_SESSION functions.
Change-Id: I64d1e29d1e414add4ae522fd9603c550d426a557
Reviewed-on: https://boringssl-review.googlesource.com/5881
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 76bb5fe..da394b8 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1073,12 +1073,12 @@
* |*out_data| to that buffer and |*out_len| to its length. The caller takes
* ownership of the buffer and must call |OPENSSL_free| when done. It returns
* one on success and zero on error. */
-OPENSSL_EXPORT int SSL_SESSION_to_bytes(SSL_SESSION *in, uint8_t **out_data,
- size_t *out_len);
+OPENSSL_EXPORT int SSL_SESSION_to_bytes(const SSL_SESSION *in,
+ uint8_t **out_data, size_t *out_len);
/* SSL_SESSION_to_bytes_for_ticket serializes |in|, but excludes the session
* identification information, namely the session ID and ticket. */
-OPENSSL_EXPORT int SSL_SESSION_to_bytes_for_ticket(SSL_SESSION *in,
+OPENSSL_EXPORT int SSL_SESSION_to_bytes_for_ticket(const SSL_SESSION *in,
uint8_t **out_data,
size_t *out_len);
@@ -1107,11 +1107,14 @@
* strength of the asymmetric operation that provides confidentiality to
* |session|. Its interpretation depends on the operation used. See the
* documentation for this value in the |SSL_SESSION| structure. */
-OPENSSL_EXPORT uint32_t SSL_SESSION_get_key_exchange_info(SSL_SESSION *session);
+OPENSSL_EXPORT uint32_t SSL_SESSION_get_key_exchange_info(
+ const SSL_SESSION *session);
/* SSL_SESSION_get0_peer return's the peer leaf certificate stored in
- * |session|. */
-OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(SSL_SESSION *session);
+ * |session|.
+ *
+ * TODO(davidben): This should return a const X509 *. */
+OPENSSL_EXPORT X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session);
/* SSL_SESSION_set_time sets |session|'s creation time to |time| and returns
* |time|. This function may be useful in writing tests but otherwise should not
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
index 2fd7f12..10016a2 100644
--- a/ssl/ssl_asn1.c
+++ b/ssl/ssl_asn1.c
@@ -177,7 +177,7 @@
return 1;
}
-static int SSL_SESSION_to_bytes_full(SSL_SESSION *in, uint8_t **out_data,
+static int SSL_SESSION_to_bytes_full(const SSL_SESSION *in, uint8_t **out_data,
size_t *out_len, int for_ticket) {
CBB cbb, session, child, child2;
@@ -364,11 +364,12 @@
return 0;
}
-int SSL_SESSION_to_bytes(SSL_SESSION *in, uint8_t **out_data, size_t *out_len) {
+int SSL_SESSION_to_bytes(const SSL_SESSION *in, uint8_t **out_data,
+ size_t *out_len) {
return SSL_SESSION_to_bytes_full(in, out_data, out_len, 0);
}
-int SSL_SESSION_to_bytes_for_ticket(SSL_SESSION *in, uint8_t **out_data,
+int SSL_SESSION_to_bytes_for_ticket(const SSL_SESSION *in, uint8_t **out_data,
size_t *out_len) {
return SSL_SESSION_to_bytes_full(in, out_data, out_len, 1);
}
diff --git a/ssl/ssl_session.c b/ssl/ssl_session.c
index d452618..f4d8b34 100644
--- a/ssl/ssl_session.c
+++ b/ssl/ssl_session.c
@@ -218,11 +218,13 @@
return session->time;
}
-uint32_t SSL_SESSION_get_key_exchange_info(SSL_SESSION *session) {
+uint32_t SSL_SESSION_get_key_exchange_info(const SSL_SESSION *session) {
return session->key_exchange_info;
}
-X509 *SSL_SESSION_get0_peer(SSL_SESSION *session) { return session->peer; }
+X509 *SSL_SESSION_get0_peer(const SSL_SESSION *session) {
+ return session->peer;
+}
long SSL_SESSION_set_time(SSL_SESSION *session, long time) {
if (session == NULL) {
