ssl: return non-const RPK handle `EVP_PKEY` is already immutable, it makes better sense to return as a non-const pointer. Signed-off-by: Xiangfei Ding <xfding@google.com> Change-Id: Ic76f004e8e9190dd15be470d819a7c2d6a6a6964 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/97027 Reviewed-by: David Benjamin <davidben@google.com> Reviewed-by: Lily Chen <chlily@google.com> Presubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Rudolf Polzer <rpolzer@google.com>
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h index 77bf24b..c70ba07 100644 --- a/include/openssl/ssl.h +++ b/include/openssl/ssl.h
@@ -2004,8 +2004,7 @@ // SSL_SESSION_get0_peer_rpk returns the peer raw public key stored in // `session`, or NULL if the peer did not send a raw public key. -OPENSSL_EXPORT const EVP_PKEY *SSL_SESSION_get0_peer_rpk( - const SSL_SESSION *session); +OPENSSL_EXPORT EVP_PKEY *SSL_SESSION_get0_peer_rpk(const SSL_SESSION *session); // SSL_SESSION_get0_signed_cert_timestamp_list sets `*out` and `*out_len` to // point to `*out_len` bytes of SCT information stored in `session`. This is
diff --git a/ssl/ssl_session.cc b/ssl/ssl_session.cc index 960fdcc..0db1798 100644 --- a/ssl/ssl_session.cc +++ b/ssl/ssl_session.cc
@@ -715,7 +715,8 @@ } } -static bool add_session_locked(SSLContext *ctx, UniquePtr<SSL_SESSION> session) { +static bool add_session_locked(SSLContext *ctx, + UniquePtr<SSL_SESSION> session) { SSL_SESSION *new_session = session.get(); SSL_SESSION *old_session; if (!lh_SSL_SESSION_insert(ctx->sessions, &old_session, new_session)) { @@ -892,7 +893,7 @@ return session->certs.get(); } -const EVP_PKEY *SSL_SESSION_get0_peer_rpk(const SSL_SESSION *session) { +EVP_PKEY *SSL_SESSION_get0_peer_rpk(const SSL_SESSION *session) { return session->peer_raw_public_key.get(); }