Const-correct a few X509_PURPOSE and X509_TRUST functions
These bits need more work (and possibly some removal) as they're very,
very far from thread-safe, but rust-openssl relies on them being
const-correct when targetting OpenSSL 1.1.x.
Change-Id: I60531c7e90dbdbcb79c09fc440bd7c6b474172df
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60607
Auto-Submit: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c
index 13e5eca..71cf71d 100644
--- a/crypto/x509/x509_trs.c
+++ b/crypto/x509/x509_trs.c
@@ -168,7 +168,7 @@
}
int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int),
- char *name, int arg1, void *arg2) {
+ const char *name, int arg1, void *arg2) {
int idx;
X509_TRUST *trtmp;
char *name_dup;
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 34ce33e..1f5a88c 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -177,10 +177,9 @@
return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT);
}
-int X509_PURPOSE_get_by_sname(char *sname) {
- int i;
+int X509_PURPOSE_get_by_sname(const char *sname) {
X509_PURPOSE *xptmp;
- for (i = 0; i < X509_PURPOSE_get_count(); i++) {
+ for (int i = 0; i < X509_PURPOSE_get_count(); i++) {
xptmp = X509_PURPOSE_get0(i);
if (!strcmp(xptmp->sname, sname)) {
return i;
@@ -209,8 +208,7 @@
int X509_PURPOSE_add(int id, int trust, int flags,
int (*ck)(const X509_PURPOSE *, const X509 *, int),
- char *name, char *sname, void *arg) {
- int idx;
+ const char *name, const char *sname, void *arg) {
X509_PURPOSE *ptmp;
char *name_dup, *sname_dup;
@@ -219,7 +217,7 @@
// This will always be set for application modified trust entries
flags |= X509_PURPOSE_DYNAMIC_NAME;
// Get existing entry if any
- idx = X509_PURPOSE_get_by_id(id);
+ int idx = X509_PURPOSE_get_by_id(id);
// Need a new entry
if (idx == -1) {
if (!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index b2ac3db..c41b3a5 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -2529,7 +2529,7 @@
OPENSSL_EXPORT int X509_TRUST_get_by_id(int id);
OPENSSL_EXPORT int X509_TRUST_add(int id, int flags,
int (*ck)(X509_TRUST *, X509 *, int),
- char *name, int arg1, void *arg2);
+ const char *name, int arg1, void *arg2);
OPENSSL_EXPORT void X509_TRUST_cleanup(void);
OPENSSL_EXPORT int X509_TRUST_get_flags(const X509_TRUST *xp);
OPENSSL_EXPORT char *X509_TRUST_get0_name(const X509_TRUST *xp);
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index f5ea413..2a2e02c 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -906,12 +906,13 @@
OPENSSL_EXPORT int X509_PURPOSE_get_count(void);
OPENSSL_EXPORT X509_PURPOSE *X509_PURPOSE_get0(int idx);
-OPENSSL_EXPORT int X509_PURPOSE_get_by_sname(char *sname);
+OPENSSL_EXPORT int X509_PURPOSE_get_by_sname(const char *sname);
OPENSSL_EXPORT int X509_PURPOSE_get_by_id(int id);
OPENSSL_EXPORT int X509_PURPOSE_add(int id, int trust, int flags,
int (*ck)(const X509_PURPOSE *,
const X509 *, int),
- char *name, char *sname, void *arg);
+ const char *name, const char *sname,
+ void *arg);
OPENSSL_EXPORT char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp);
OPENSSL_EXPORT char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp);
OPENSSL_EXPORT int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);