Massive constification.
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
index 46e14d8..8c3cbde 100644
--- a/ssl/s2_clnt.c
+++ b/ssl/s2_clnt.c
@@ -536,8 +536,8 @@
unsigned char *p,*d;
int clear,enc,karg,i;
SSL_SESSION *sess;
- EVP_CIPHER *c;
- EVP_MD *md;
+ const EVP_CIPHER *c;
+ const EVP_MD *md;
buf=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
index 63ebf28..af12dc4 100644
--- a/ssl/s2_enc.c
+++ b/ssl/s2_enc.c
@@ -65,8 +65,8 @@
{
/* Max number of bytes needed */
EVP_CIPHER_CTX *rs,*ws;
- EVP_CIPHER *c;
- EVP_MD *md;
+ const EVP_CIPHER *c;
+ const EVP_MD *md;
int num;
if (!ssl_cipher_get_evp(s->session,&c,&md,NULL))
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
index e758131..7241ea2 100644
--- a/ssl/s2_lib.c
+++ b/ssl/s2_lib.c
@@ -67,7 +67,7 @@
static long ssl2_default_timeout();
#endif
-char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
+const char *ssl2_version_str="SSLv2" OPENSSL_VERSION_PTEXT;
#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
index 96d9a1b..e1b13cc 100644
--- a/ssl/s2_pkt.c
+++ b/ssl/s2_pkt.c
@@ -567,7 +567,7 @@
/* lets try to actually write the data */
s->s2->wpend_tot=olen;
- s->s2->wpend_buf=(char *)buf;
+ s->s2->wpend_buf=buf;
s->s2->wpend_ret=len;
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
index 930a47d..c058b52 100644
--- a/ssl/s2_srvr.c
+++ b/ssl/s2_srvr.c
@@ -340,8 +340,8 @@
int export,i,n,keya,ek;
unsigned char *p;
SSL_CIPHER *cp;
- EVP_CIPHER *c;
- EVP_MD *md;
+ const EVP_CIPHER *c;
+ const EVP_MD *md;
p=(unsigned char *)s->init_buf->data;
if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index d79d927..d1341af 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -135,9 +135,9 @@
unsigned char exp_iv[EVP_MAX_KEY_LENGTH];
unsigned char *ms,*key,*iv,*er1,*er2;
EVP_CIPHER_CTX *dd;
- EVP_CIPHER *c;
+ const EVP_CIPHER *c;
COMP_METHOD *comp;
- EVP_MD *m;
+ const EVP_MD *m;
MD5_CTX md;
int exp,n,i,j,k,cl;
@@ -282,8 +282,8 @@
SSL *s;
{
unsigned char *p;
- EVP_CIPHER *c;
- EVP_MD *hash;
+ const EVP_CIPHER *c;
+ const EVP_MD *hash;
int num;
SSL_COMP *comp;
@@ -340,7 +340,7 @@
EVP_CIPHER_CTX *ds;
unsigned long l;
int bs,i;
- EVP_CIPHER *enc;
+ const EVP_CIPHER *enc;
if (send)
{
@@ -411,7 +411,7 @@
void ssl3_finish_mac(s,buf,len)
SSL *s;
-unsigned char *buf;
+const unsigned char *buf;
int len;
{
EVP_DigestUpdate(&(s->s3->finish_dgst1),buf,len);
@@ -486,7 +486,7 @@
SSL3_RECORD *rec;
unsigned char *mac_sec,*seq;
EVP_MD_CTX md_ctx;
- EVP_MD *hash;
+ const EVP_MD *hash;
unsigned char *p,rec_char;
unsigned int md_size;
int npad,i;
@@ -541,10 +541,10 @@
unsigned char *p;
int len;
{
- static unsigned char *salt[3]={
- (unsigned char *)"A",
- (unsigned char *)"BB",
- (unsigned char *)"CCC",
+ static const unsigned char *salt[3]={
+ (const unsigned char *)"A",
+ (const unsigned char *)"BB",
+ (const unsigned char *)"CCC",
};
unsigned char buf[EVP_MAX_MD_SIZE];
EVP_MD_CTX ctx;
@@ -554,7 +554,7 @@
for (i=0; i<3; i++)
{
EVP_DigestInit(&ctx,s->ctx->sha1);
- EVP_DigestUpdate(&ctx,salt[i],strlen((char *)salt[i]));
+ EVP_DigestUpdate(&ctx,salt[i],strlen((const char *)salt[i]));
EVP_DigestUpdate(&ctx,p,len);
EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]),
SSL3_RANDOM_SIZE);
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index ab0d012..444e554 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -60,7 +60,7 @@
#include "objects.h"
#include "ssl_locl.h"
-char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
+const char *ssl3_version_str="SSLv3" OPENSSL_VERSION_PTEXT;
#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
@@ -1039,7 +1039,7 @@
if (s->s3->delay_buf_pop_ret == 0)
{
ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
- (char *)buf,len);
+ buf,len);
if (ret <= 0) return(ret);
s->s3->delay_buf_pop_ret=ret;
@@ -1060,7 +1060,7 @@
else
{
ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
- (char *)buf,len);
+ buf,len);
if (ret <= 0) return(ret);
}
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
index f5350bf..6b1addc 100644
--- a/ssl/s3_pkt.c
+++ b/ssl/s3_pkt.c
@@ -94,8 +94,9 @@
*/
#ifndef NOPROTO
-static int do_ssl3_write(SSL *s, int type, char *buf, unsigned int len);
-static int ssl3_write_pending(SSL *s, int type, char *buf, unsigned int len);
+static int do_ssl3_write(SSL *s, int type, const char *buf, unsigned int len);
+static int ssl3_write_pending(SSL *s, int type, const char *buf,
+ unsigned int len);
static int ssl3_get_record(SSL *s);
static int do_compress(SSL *ssl);
static int do_uncompress(SSL *ssl);
@@ -477,7 +478,7 @@
int ssl3_write_bytes(s,type,buf,len)
SSL *s;
int type;
-char *buf;
+const char *buf;
int len;
{
unsigned int tot,n,nw;
@@ -514,7 +515,7 @@
}
if (type == SSL3_RT_HANDSHAKE)
- ssl3_finish_mac(s,(unsigned char *)&(buf[tot]),i);
+ ssl3_finish_mac(s,&(buf[tot]),i);
if (i == (int)n) return(tot+i);
@@ -526,7 +527,7 @@
static int do_ssl3_write(s,type,buf,len)
SSL *s;
int type;
-char *buf;
+const char *buf;
unsigned int len;
{
unsigned char *p,*plen;
@@ -644,7 +645,7 @@
static int ssl3_write_pending(s,type,buf,len)
SSL *s;
int type;
-char *buf;
+const char *buf;
unsigned int len;
{
int i;
@@ -975,7 +976,7 @@
}
if (type == SSL3_RT_HANDSHAKE)
- ssl3_finish_mac(s,(unsigned char *)buf,n);
+ ssl3_finish_mac(s,buf,n);
return(n);
f_err:
ssl3_send_alert(s,SSL3_AL_FATAL,al);
diff --git a/ssl/ssl.h b/ssl/ssl.h
index bea99a7..4329d29 100644
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -162,7 +162,7 @@
typedef struct ssl_cipher_st
{
int valid;
- char *name; /* text name */
+ const char *name; /* text name */
unsigned long id; /* id, 4 bytes, first is version */
unsigned long algorithms; /* what ciphers are used */
unsigned long algorithm2; /* Extra flags */
@@ -416,9 +416,9 @@
CRYPTO_EX_DATA ex_data;
- EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
- EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
- EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
+ const EVP_MD *rsa_md5;/* For SSLv2 - name is 'ssl2-md5' */
+ const EVP_MD *md5; /* For SSLv3/TLSv1 'ssl3-md5' */
+ const EVP_MD *sha1; /* For SSLv3/TLSv1 'ssl3->sha1' */
STACK_OF(X509) *extra_certs;
STACK_OF(SSL_COMP) *comp_methods; /* stack of SSL_COMP, SSLv3/TLSv1 */
@@ -546,7 +546,7 @@
* the ones to be 'copied' into these ones */
EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
- EVP_MD *read_hash; /* used for mac generation */
+ const EVP_MD *read_hash; /* used for mac generation */
#ifdef HEADER_COMP_H
COMP_CTX *expand; /* uncompress */
#else
@@ -554,7 +554,7 @@
#endif
EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
- EVP_MD *write_hash; /* used for mac generation */
+ const EVP_MD *write_hash; /* used for mac generation */
#ifdef HEADER_COMP_H
COMP_CTX *compress; /* compression */
#else
@@ -837,10 +837,10 @@
SSL_CIPHER *SSL_get_current_cipher(SSL *s);
int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
char * SSL_CIPHER_get_version(SSL_CIPHER *c);
-char * SSL_CIPHER_get_name(SSL_CIPHER *c);
+const char * SSL_CIPHER_get_name(SSL_CIPHER *c);
int SSL_get_fd(SSL *s);
-char * SSL_get_cipher_list(SSL *s,int n);
+const char * SSL_get_cipher_list(SSL *s,int n);
char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);
int SSL_get_read_ahead(SSL * s);
int SSL_pending(SSL *s);
diff --git a/ssl/ssl2.h b/ssl/ssl2.h
index 95e8231..4d75e93 100644
--- a/ssl/ssl2.h
+++ b/ssl/ssl2.h
@@ -162,7 +162,7 @@
* args were passwd */
unsigned int wnum; /* number of bytes sent so far */
int wpend_tot;
- char *wpend_buf;
+ const char *wpend_buf;
int wpend_off; /* offset to data to write */
int wpend_len; /* number of bytes passwd to write */
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index d334c90..cf34e97 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -286,7 +286,7 @@
int wpend_tot; /* number bytes written */
int wpend_type;
int wpend_ret; /* number of bytes submitted */
- char *wpend_buf;
+ const char *wpend_buf;
/* used during startup, digest all incoming/outgoing packets */
EVP_MD_CTX finish_dgst1;
@@ -338,10 +338,10 @@
int key_block_length;
unsigned char *key_block;
- EVP_CIPHER *new_sym_enc;
- EVP_MD *new_hash;
+ const EVP_CIPHER *new_sym_enc;
+ const EVP_MD *new_hash;
#ifdef HEADER_COMP_H
- SSL_COMP *new_compression;
+ const SSL_COMP *new_compression;
#else
char *new_compression;
#endif
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index f53d688..2b95ee6 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -70,7 +70,7 @@
#define SSL_ENC_NULL_IDX 6
#define SSL_ENC_NUM_IDX 7
-static EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
+static const EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
NULL,NULL,NULL,NULL,NULL,NULL,
};
@@ -79,7 +79,7 @@
#define SSL_MD_MD5_IDX 0
#define SSL_MD_SHA1_IDX 1
#define SSL_MD_NUM_IDX 2
-static EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
+static const EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
NULL,NULL,
};
@@ -187,8 +187,8 @@
int ssl_cipher_get_evp(s,enc,md,comp)
SSL_SESSION *s;
-EVP_CIPHER **enc;
-EVP_MD **md;
+const EVP_CIPHER **enc;
+const EVP_MD **md;
SSL_COMP **comp;
{
int i;
@@ -750,7 +750,7 @@
}
/* return the actual cipher being used */
-char *SSL_CIPHER_get_name(c)
+const char *SSL_CIPHER_get_name(c)
SSL_CIPHER *c;
{
if (c != NULL)
@@ -764,8 +764,8 @@
int *alg_bits;
{
int ret=0,a=0;
- EVP_CIPHER *enc;
- EVP_MD *md;
+ const EVP_CIPHER *enc;
+ const EVP_MD *md;
SSL_SESSION ss;
if (c != NULL)
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 566d112..2fad1c3 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -736,7 +736,7 @@
}
/** The old interface to get the same thing as SSL_get_ciphers() */
-char *SSL_get_cipher_list(SSL *s,int n)
+const char *SSL_get_cipher_list(SSL *s,int n)
{
SSL_CIPHER *c;
STACK_OF(SSL_CIPHER) *sk;
@@ -775,7 +775,8 @@
/* works well for SSLv2, not so good for SSLv3 */
char *SSL_get_shared_ciphers(SSL *s,char *buf,int len)
{
- char *p,*cp;
+ char *p;
+ const char *cp;
STACK_OF(SSL_CIPHER) *sk;
SSL_CIPHER *c;
int i;
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index a29994b..870dcf2 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -367,8 +367,8 @@
STACK_OF(SSL_CIPHER) **sorted,
char *str);
void ssl_update_cache(SSL *s, int mode);
-int ssl_cipher_get_evp(SSL_SESSION *s, EVP_CIPHER **enc, EVP_MD **md,
- SSL_COMP **comp);
+int ssl_cipher_get_evp(SSL_SESSION *s,const EVP_CIPHER **enc,const EVP_MD **md,
+ SSL_COMP **comp);
int ssl_verify_cert_chain(SSL *s,STACK_OF(X509) *sk);
int ssl_undefined_function(SSL *s);
X509 *ssl_get_server_send_cert(SSL *);
@@ -427,11 +427,11 @@
int ssl3_dispatch_alert(SSL *s);
int ssl3_read_bytes(SSL *s, int type, char *buf, int len);
int ssl3_part_read(SSL *s, int i);
-int ssl3_write_bytes(SSL *s, int type, char *buf, int len);
+int ssl3_write_bytes(SSL *s, int type, const char *buf, int len);
int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *ctx1,EVP_MD_CTX *ctx2,
unsigned char *sender, int slen,unsigned char *p);
int ssl3_cert_verify_mac(SSL *s, EVP_MD_CTX *in, unsigned char *p);
-void ssl3_finish_mac(SSL *s, unsigned char *buf, int len);
+void ssl3_finish_mac(SSL *s, const unsigned char *buf, int len);
int ssl3_enc(SSL *s, int send_data);
int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c
index 0f5cbd3..4e783c2 100644
--- a/ssl/t1_enc.c
+++ b/ssl/t1_enc.c
@@ -175,9 +175,9 @@
unsigned char *ms,*key,*iv,*er1,*er2;
int client_write;
EVP_CIPHER_CTX *dd;
- EVP_CIPHER *c;
- SSL_COMP *comp;
- EVP_MD *m;
+ const EVP_CIPHER *c;
+ const SSL_COMP *comp;
+ const EVP_MD *m;
int _exp,n,i,j,k,exp_label_len,cl;
_exp=SSL_C_IS_EXPORT(s->s3->tmp.new_cipher);
@@ -346,8 +346,8 @@
SSL *s;
{
unsigned char *p1,*p2;
- EVP_CIPHER *c;
- EVP_MD *hash;
+ const EVP_CIPHER *c;
+ const EVP_MD *hash;
int num;
SSL_COMP *comp;
@@ -407,7 +407,7 @@
EVP_CIPHER_CTX *ds;
unsigned long l;
int bs,i,ii,j,k,n=0;
- EVP_CIPHER *enc;
+ const EVP_CIPHER *enc;
if (send)
{
@@ -549,7 +549,7 @@
{
SSL3_RECORD *rec;
unsigned char *mac_sec,*seq;
- EVP_MD *hash;
+ const EVP_MD *hash;
unsigned int md_size;
int i;
HMAC_CTX hmac;
