Tag a number of globals as const.
Change-Id: I6f334911f153395a2e5e26adfd08912a1d8c558b
Reviewed-on: https://boringssl-review.googlesource.com/2847
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/crypto/asn1/bio_asn1.c b/crypto/asn1/bio_asn1.c
index 38787a8..faea304 100644
--- a/crypto/asn1/bio_asn1.c
+++ b/crypto/asn1/bio_asn1.c
@@ -124,7 +124,7 @@
asn1_bio_state_t ex_state,
asn1_bio_state_t other_state);
-static BIO_METHOD methods_asn1=
+static const BIO_METHOD methods_asn1=
{
BIO_TYPE_ASN1,
"asn1",
@@ -138,7 +138,7 @@
asn1_bio_callback_ctrl,
};
-BIO_METHOD *BIO_f_asn1(void)
+const BIO_METHOD *BIO_f_asn1(void)
{
return(&methods_asn1);
}
diff --git a/crypto/asn1/charmap.pl b/crypto/asn1/charmap.pl
index cc800cc..71bc7b8 100644
--- a/crypto/asn1/charmap.pl
+++ b/crypto/asn1/charmap.pl
@@ -123,7 +123,7 @@
* Mask of various character properties
*/
-static unsigned char char_type[] = {
+static const unsigned char char_type[] = {
EOF
for($i = 0; $i < 128; $i++) {
diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c
index 7985235..f8c62fd 100644
--- a/crypto/asn1/x_bignum.c
+++ b/crypto/asn1/x_bignum.c
@@ -74,7 +74,7 @@
static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
-static ASN1_PRIMITIVE_FUNCS bignum_pf = {
+static const ASN1_PRIMITIVE_FUNCS bignum_pf = {
NULL, 0,
bn_new,
bn_free,
diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
index cb0dad1..a3f80ab 100644
--- a/crypto/asn1/x_long.c
+++ b/crypto/asn1/x_long.c
@@ -74,7 +74,7 @@
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
-static ASN1_PRIMITIVE_FUNCS long_pf = {
+static const ASN1_PRIMITIVE_FUNCS long_pf = {
NULL, 0,
long_new,
long_free,
diff --git a/crypto/bio/buffer.c b/crypto/bio/buffer.c
index 144afd2..415a471 100644
--- a/crypto/bio/buffer.c
+++ b/crypto/bio/buffer.c
@@ -480,7 +480,7 @@
return buffer_write(b, str, strlen(str));
}
-static BIO_METHOD methods_buffer = {
+static const BIO_METHOD methods_buffer = {
BIO_TYPE_BUFFER, "buffer", buffer_write, buffer_read,
buffer_puts, buffer_gets, buffer_ctrl, buffer_new,
buffer_free, buffer_callback_ctrl,
diff --git a/crypto/conf/conf_def.h b/crypto/conf/conf_def.h
index 2fc035b..b1e6ba6 100644
--- a/crypto/conf/conf_def.h
+++ b/crypto/conf/conf_def.h
@@ -91,7 +91,7 @@
#define IS_DQUOTE(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_DQUOTE)
#define IS_HIGHBIT(c,a) (KEYTYPES(c)[(a)&0xff]&CONF_HIGHBIT)
-static unsigned short CONF_type_default[256]={
+static const unsigned short CONF_type_default[256]={
0x0008,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
0x0000,0x0010,0x0010,0x0000,0x0000,0x0010,0x0000,0x0000,
0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,0x0000,
diff --git a/crypto/err/err.c b/crypto/err/err.c
index 4e63e21..8b8094f 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -688,7 +688,7 @@
* allocated on the heap. */
static ERR_STRING_DATA kStaticErrors[ERR_NUM_LIBS * 2 + NUM_SYS_ERRNOS];
-static ERR_STRING_DATA kGlobalErrors[] = {
+static const ERR_STRING_DATA kGlobalErrors[] = {
{ERR_R_MALLOC_FAILURE, "malloc failure"},
{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED, "function should not be called"},
{ERR_R_PASSED_NULL_PARAMETER, "passed a null parameter"},
diff --git a/crypto/evp/evp_ctx.c b/crypto/evp/evp_ctx.c
index 6616038..e1c2886 100644
--- a/crypto/evp/evp_ctx.c
+++ b/crypto/evp/evp_ctx.c
@@ -69,7 +69,7 @@
extern const EVP_PKEY_METHOD hmac_pkey_meth;
extern const EVP_PKEY_METHOD ec_pkey_meth;
-static const EVP_PKEY_METHOD *evp_methods[] = {
+static const EVP_PKEY_METHOD *const evp_methods[] = {
&rsa_pkey_meth,
&hmac_pkey_meth,
&ec_pkey_meth,
diff --git a/crypto/x509/t_x509.c b/crypto/x509/t_x509.c
index 3a28e33..75034b7 100644
--- a/crypto/x509/t_x509.c
+++ b/crypto/x509/t_x509.c
@@ -365,7 +365,7 @@
return(0);
}
-static const char *mon[12]=
+static const char *const mon[12]=
{
"Jan","Feb","Mar","Apr","May","Jun",
"Jul","Aug","Sep","Oct","Nov","Dec"
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index 64f2c37..daaedb6 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -155,9 +155,9 @@
* used and there may be more: so the list is configurable.
*/
-static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef};
+static const int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef};
-static int *ext_nids = ext_nid_list;
+static const int *ext_nids = ext_nid_list;
int X509_REQ_extension_nid(int req_nid)
{
@@ -169,12 +169,12 @@
}
}
-int *X509_REQ_get_extension_nids(void)
+const int *X509_REQ_get_extension_nids(void)
{
return ext_nids;
}
-void X509_REQ_set_extension_nids(int *nids)
+void X509_REQ_set_extension_nids(const int *nids)
{
ext_nids = nids;
}
@@ -183,7 +183,8 @@
{
X509_ATTRIBUTE *attr;
ASN1_TYPE *ext = NULL;
- int idx, *pnid;
+ int idx;
+ const int *pnid;
const unsigned char *p;
if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
diff --git a/crypto/x509/x509_vpm.c b/crypto/x509/x509_vpm.c
index 4699d05..442e070 100644
--- a/crypto/x509/x509_vpm.c
+++ b/crypto/x509/x509_vpm.c
@@ -438,7 +438,7 @@
return param->name;
}
-static X509_VERIFY_PARAM_ID _empty_id = {NULL, 0, 0U, NULL, 0, NULL, 0};
+static const X509_VERIFY_PARAM_ID _empty_id = {NULL, 0, 0U, NULL, 0, NULL, 0};
#define vpm_empty_id (X509_VERIFY_PARAM_ID *)&_empty_id
diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c
index 8e64f76..bb23b57 100644
--- a/crypto/x509/x_crl.c
+++ b/crypto/x509/x_crl.c
@@ -97,7 +97,7 @@
static int def_crl_lookup(X509_CRL *crl,
X509_REVOKED **ret, ASN1_INTEGER *serial, X509_NAME *issuer);
-static X509_CRL_METHOD int_crl_meth =
+static const X509_CRL_METHOD int_crl_meth =
{
0,
0,0,
diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h
index e7d0052..8b2c123 100644
--- a/crypto/x509v3/ext_dat.h
+++ b/crypto/x509v3/ext_dat.h
@@ -74,7 +74,7 @@
/* TODO(fork): OCSP support */
#define OPENSSL_NO_OCSP
-static const X509V3_EXT_METHOD *standard_exts[] = {
+static const X509V3_EXT_METHOD *const standard_exts[] = {
&v3_nscert,
&v3_ns_ia5_list[0],
&v3_ns_ia5_list[1],
diff --git a/crypto/x509v3/tabtest.c b/crypto/x509v3/tabtest.c
index f783938..26ecc6c 100644
--- a/crypto/x509v3/tabtest.c
+++ b/crypto/x509v3/tabtest.c
@@ -70,7 +70,7 @@
int main(void)
{
int i, prev = -1, bad = 0;
- const X509V3_EXT_METHOD **tmp;
+ const X509V3_EXT_METHOD *const *tmp;
CRYPTO_library_init();
i = sizeof(standard_exts) / sizeof(X509V3_EXT_METHOD *);
if(i != STANDARD_EXTENSION_COUNT)
diff --git a/crypto/x509v3/v3_bitst.c b/crypto/x509v3/v3_bitst.c
index dd389f0..a4c3186 100644
--- a/crypto/x509v3/v3_bitst.c
+++ b/crypto/x509v3/v3_bitst.c
@@ -62,7 +62,7 @@
#include <openssl/x509v3.h>
-static BIT_STRING_BITNAME ns_cert_type_table[] = {
+static const BIT_STRING_BITNAME ns_cert_type_table[] = {
{0, "SSL Client", "client"},
{1, "SSL Server", "server"},
{2, "S/MIME", "email"},
@@ -74,7 +74,7 @@
{-1, NULL, NULL}
};
-static BIT_STRING_BITNAME key_usage_type_table[] = {
+static const BIT_STRING_BITNAME key_usage_type_table[] = {
{0, "Digital Signature", "digitalSignature"},
{1, "Non Repudiation", "nonRepudiation"},
{2, "Key Encipherment", "keyEncipherment"},
@@ -95,7 +95,7 @@
STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret)
{
- BIT_STRING_BITNAME *bnam;
+ const BIT_STRING_BITNAME *bnam;
for(bnam =method->usr_data; bnam->lname; bnam++) {
if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
X509V3_add_value(bnam->lname, NULL, &ret);
@@ -109,7 +109,7 @@
CONF_VALUE *val;
ASN1_BIT_STRING *bs;
size_t i;
- BIT_STRING_BITNAME *bnam;
+ const BIT_STRING_BITNAME *bnam;
if(!(bs = M_ASN1_BIT_STRING_new())) {
OPENSSL_PUT_ERROR(X509V3, v2i_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
return NULL;
diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c
index 9ee4809..48654cb 100644
--- a/crypto/x509v3/v3_conf.c
+++ b/crypto/x509v3/v3_conf.c
@@ -430,7 +430,7 @@
return NCONF_get_section(db, section);
}
-static X509V3_CONF_METHOD nconf_method = {
+static const X509V3_CONF_METHOD nconf_method = {
nconf_get_string,
nconf_get_section,
NULL,
@@ -485,7 +485,7 @@
return CONF_get_section(db, section);
}
-static X509V3_CONF_METHOD conf_lhash_method = {
+static const X509V3_CONF_METHOD conf_lhash_method = {
conf_lhash_get_string,
conf_lhash_get_section,
NULL,
diff --git a/crypto/x509v3/v3_enum.c b/crypto/x509v3/v3_enum.c
index d6a1b8b..0fe6bb6 100644
--- a/crypto/x509v3/v3_enum.c
+++ b/crypto/x509v3/v3_enum.c
@@ -61,7 +61,7 @@
#include <openssl/x509v3.h>
-static ENUMERATED_NAMES crl_reasons[] = {
+static const ENUMERATED_NAMES crl_reasons[] = {
{CRL_REASON_UNSPECIFIED, "Unspecified", "unspecified"},
{CRL_REASON_KEY_COMPROMISE, "Key Compromise", "keyCompromise"},
{CRL_REASON_CA_COMPROMISE, "CA Compromise", "CACompromise"},
@@ -82,13 +82,13 @@
(X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE,
0,
0,0,0,0,
-crl_reasons};
+(void *)crl_reasons};
char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method,
ASN1_ENUMERATED *e)
{
- ENUMERATED_NAMES *enam;
+ const ENUMERATED_NAMES *enam;
long strval;
strval = ASN1_ENUMERATED_get(e);
for(enam = method->usr_data; enam->lname; enam++) {
diff --git a/include/openssl/asn1.h b/include/openssl/asn1.h
index a9864bc..941b156 100644
--- a/include/openssl/asn1.h
+++ b/include/openssl/asn1.h
@@ -1052,7 +1052,7 @@
OPENSSL_EXPORT unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
OPENSSL_EXPORT void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
-OPENSSL_EXPORT BIO_METHOD *BIO_f_asn1(void);
+OPENSSL_EXPORT const BIO_METHOD *BIO_f_asn1(void);
OPENSSL_EXPORT BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
diff --git a/include/openssl/x509.h b/include/openssl/x509.h
index 475f747..1ee63a1 100644
--- a/include/openssl/x509.h
+++ b/include/openssl/x509.h
@@ -871,8 +871,8 @@
OPENSSL_EXPORT int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
OPENSSL_EXPORT EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
OPENSSL_EXPORT int X509_REQ_extension_nid(int nid);
-OPENSSL_EXPORT int * X509_REQ_get_extension_nids(void);
-OPENSSL_EXPORT void X509_REQ_set_extension_nids(int *nids);
+OPENSSL_EXPORT const int * X509_REQ_get_extension_nids(void);
+OPENSSL_EXPORT void X509_REQ_set_extension_nids(const int *nids);
OPENSSL_EXPORT STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req);
OPENSSL_EXPORT int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
int nid);
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h
index 9aa91d6..c891022 100644
--- a/include/openssl/x509v3.h
+++ b/include/openssl/x509v3.h
@@ -130,7 +130,7 @@
X509 *subject_cert;
X509_REQ *subject_req;
X509_CRL *crl;
-X509V3_CONF_METHOD *db_meth;
+const X509V3_CONF_METHOD *db_meth;
void *db;
/* Maybe more here */
};
@@ -389,7 +389,7 @@
(X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \
(X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \
NULL, NULL, \
- table}
+ (void *)table}
#define EXT_IA5STRING(nid) { nid, 0, ASN1_ITEM_ref(ASN1_IA5STRING), \
0,0,0,0, \
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 367b0f4..28d3051 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -146,7 +146,7 @@
/* The address of this is a magic value, a pointer to which is returned by
* SSL_magic_pending_session_ptr(). It allows a session callback to indicate
* that it needs to asynchronously fetch session information. */
-static char g_pending_session_magic;
+static const char g_pending_session_magic;
static void SSL_SESSION_list_remove(SSL_CTX *ctx, SSL_SESSION *s);
static void SSL_SESSION_list_add(SSL_CTX *ctx,SSL_SESSION *s);