commit 5a82702daf7b9f9aac9a7121dc05a4ada4da0625
author David Benjamin <davidben@google.com> Wed Nov 22 01:36:12 2023 -0500
committer Boringssl LUCI CQ <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com> Fri Dec 01 01:49:43 2023 +0000
tree 07381ab3479950332187a7365bd04dc00784f15d
parent 15c811b8f5743476d0fc8e9f9d92f3f1658513f7

Const-correct X509_LOOKUP_METHOD

This avoids putting the method tables in writable memory.

Update-Note: Making X509_LOOKUP_file and X509_LOOKUP_hash_dir return
const pointers is not quite source-compatible, but code search suggests
nothing cares. If we have to, we can cast const away in those functions,
but let's try the more type-safe option first.

Change-Id: I562890f9db989c9991bc69b1c2e8174cd04d03a4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/64249
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Bob Beck <bbe@google.com>

crypto/x509/by_dir.c

diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
index 54e48b2..64cec53 100644
--- a/crypto/x509/by_dir.c
+++ b/crypto/x509/by_dir.c
@@ -92,14 +92,16 @@
 static int add_cert_dir(BY_DIR *ctx, const char *dir, int type);
 static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
                                X509_OBJECT *ret);
-static X509_LOOKUP_METHOD x509_dir_lookup = {
+static const X509_LOOKUP_METHOD x509_dir_lookup = {
     new_dir,              // new
     free_dir,             // free
     dir_ctrl,             // ctrl
     get_cert_by_subject,  // get_by_subject
 };
 
-X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) { return &x509_dir_lookup; }
+const X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) {
+  return &x509_dir_lookup;
+}
 
 static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
                     char **retp) {

crypto/x509/by_file.c

diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
index 7bcf465..799e16d 100644
--- a/crypto/x509/by_file.c
+++ b/crypto/x509/by_file.c
@@ -65,14 +65,14 @@
 
 static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
                         char **ret);
-static X509_LOOKUP_METHOD x509_file_lookup = {
+static const X509_LOOKUP_METHOD x509_file_lookup = {
     NULL,          // new
     NULL,          // free
     by_file_ctrl,  // ctrl
     NULL,          // get_by_subject
 };
 
-X509_LOOKUP_METHOD *X509_LOOKUP_file(void) { return &x509_file_lookup; }
+const X509_LOOKUP_METHOD *X509_LOOKUP_file(void) { return &x509_file_lookup; }
 
 static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
                         char **ret) {

crypto/x509/internal.h

diff --git a/crypto/x509/internal.h b/crypto/x509/internal.h
index 25b6e5f..b67e558 100644
--- a/crypto/x509/internal.h
+++ b/crypto/x509/internal.h
@@ -345,7 +345,7 @@
 
 // This is the functions plus an instance of the local variables.
 struct x509_lookup_st {
-  X509_LOOKUP_METHOD *method;  // the functions
+  const X509_LOOKUP_METHOD *method;  // the functions
   void *method_data;           // method data
 
   X509_STORE *store_ctx;  // who owns us

crypto/x509/x509_lu.c

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index f9ed1c9..94f5565 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -73,12 +73,12 @@
                                                X509_OBJECT *x);
 static int X509_OBJECT_up_ref_count(X509_OBJECT *a);
 
-static X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method,
+static X509_LOOKUP *X509_LOOKUP_new(const X509_LOOKUP_METHOD *method,
                                     X509_STORE *store);
 static int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
                                   X509_OBJECT *ret);
 
-static X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method,
+static X509_LOOKUP *X509_LOOKUP_new(const X509_LOOKUP_METHOD *method,
                                     X509_STORE *store) {
   X509_LOOKUP *ret = OPENSSL_zalloc(sizeof(X509_LOOKUP));
   if (ret == NULL) {
@@ -191,7 +191,7 @@
   OPENSSL_free(vfy);
 }
 
-X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) {
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, const X509_LOOKUP_METHOD *m) {
   STACK_OF(X509_LOOKUP) *sk = v->get_cert_methods;
   for (size_t i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
     X509_LOOKUP *lu = sk_X509_LOOKUP_value(sk, i);

include/openssl/x509.h

diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 5a45a04..449f932 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -3240,10 +3240,10 @@
 OPENSSL_EXPORT X509 *X509_STORE_CTX_get0_cert(X509_STORE_CTX *ctx);
 
 OPENSSL_EXPORT X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v,
-                                                  X509_LOOKUP_METHOD *m);
+                                                  const X509_LOOKUP_METHOD *m);
 
-OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
-OPENSSL_EXPORT X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+OPENSSL_EXPORT const X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+OPENSSL_EXPORT const X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
 
 OPENSSL_EXPORT int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
 OPENSSL_EXPORT int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);