Google Git
Sign in
boringssl / boringssl / 6d70353ca8bc55b54f19af00fb7d9b074208ff1c^! / .
commit6d70353ca8bc55b54f19af00fb7d9b074208ff1c[log] [tgz]
authorDavid Benjamin <davidben@google.com>Sat Aug 29 18:00:11 2020 -0400
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Thu Sep 17 19:14:27 2020 +0000
tree1aec8ae387c4edbc0907e260b550aa44ac61e17b
parent6247347edd347b5a5c14b2a50a9c77659e77c24d [diff]
Const-correct X509V3_CONF_METHOD.

This is needed to fix all the config APIs to take const char *. I've
split it out as it's the only incompatible half of the change.

Update-Note: External definitions of X509V3_CONF_METHOD will need fix
the types of their functions. There should not be any of these (probably
hide this struct), but if there are, this aligns with upstream OpenSSL.

Change-Id: I6e760cfbca5d3f408215b8f3744acd1fd7f31391
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42727
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index e98d0fc..b3deb7f 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c

@@ -428,13 +428,17 @@
         ctx->db_meth->free_section(ctx->db, section);
 }
 
-static char *nconf_get_string(void *db, char *section, char *value)
+static char *nconf_get_string(void *db, const char *section, const char *value)
 {
-    /* TODO(fork): this should return a const value. */
+    /* TODO(fork): This returns a non-const pointer because |X509V3_CONF_METHOD|
+     * allows |get_string| to return caller-owned pointers, provided they're
+     * freed by |free_string|. |nconf_method| leaves |free_string| NULL, and
+     * there are no other implementations of |X509V3_CONF_METHOD|, so this can
+     * be simplified if we make it private. */
     return (char *)NCONF_get_string(db, section, value);
 }
 
-static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, char *section)
+static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, const char *section)
 {
     return NCONF_get_section(db, section);
 }

diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index 2b2b4d9..0fd44bc 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h

@@ -126,8 +126,8 @@
 };
 
 typedef struct X509V3_CONF_METHOD_st {
-char * (*get_string)(void *db, char *section, char *value);
-STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section);
+char * (*get_string)(void *db, const char *section, const char *value);
+STACK_OF(CONF_VALUE) * (*get_section)(void *db, const char *section);
 void (*free_string)(void *db, char * string);
 void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section);
 } X509V3_CONF_METHOD;