root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

libssl: Make some global mutable structures constant 

x

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23450)
This commit is contained in:
Hugo Landau 2024-02-01 07:45:15 +00:00
parent 99fb31c167
commit 89dd87e1e8
10 changed files with 25 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
ssl/d1_srtp.c
View File

@ -20,7 +20,7 @@
#ifndef OPENSSL_NO_SRTP #ifndef OPENSSL_NO_SRTP
static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = { static const SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
{ {
"SRTP_AES128_CM_SHA1_80", "SRTP_AES128_CM_SHA1_80",
SRTP_AES128_CM_SHA1_80, SRTP_AES128_CM_SHA1_80,
@ -73,9 +73,9 @@ static SRTP_PROTECTION_PROFILE srtp_known_profiles[] = {
}; };
static int find_profile_by_name(char *profile_name, static int find_profile_by_name(char *profile_name,
SRTP_PROTECTION_PROFILE **pptr, size_t len) const SRTP_PROTECTION_PROFILE **pptr, size_t len)
{ {
SRTP_PROTECTION_PROFILE *p; const SRTP_PROTECTION_PROFILE *p;
p = srtp_known_profiles; p = srtp_known_profiles;
while (p->name) { while (p->name) {
@ -98,7 +98,7 @@ static int ssl_ctx_make_profiles(const char *profiles_string,
char *col; char *col;
char *ptr = (char *)profiles_string; char *ptr = (char *)profiles_string;
SRTP_PROTECTION_PROFILE *p; const SRTP_PROTECTION_PROFILE *p;
if ((profiles = sk_SRTP_PROTECTION_PROFILE_new_null()) == NULL) { if ((profiles = sk_SRTP_PROTECTION_PROFILE_new_null()) == NULL) {
ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
@ -110,12 +110,14 @@ static int ssl_ctx_make_profiles(const char *profiles_string,
if (!find_profile_by_name(ptr, &p, col ? (size_t)(col - ptr) if (!find_profile_by_name(ptr, &p, col ? (size_t)(col - ptr)
: strlen(ptr))) { : strlen(ptr))) {
if (sk_SRTP_PROTECTION_PROFILE_find(profiles, p) >= 0) { if (sk_SRTP_PROTECTION_PROFILE_find(profiles,
(SRTP_PROTECTION_PROFILE *)p) >= 0) {
ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST); ERR_raise(ERR_LIB_SSL, SSL_R_BAD_SRTP_PROTECTION_PROFILE_LIST);
goto err; goto err;
} }
if (!sk_SRTP_PROTECTION_PROFILE_push(profiles, p)) { if (!sk_SRTP_PROTECTION_PROFILE_push(profiles,
(SRTP_PROTECTION_PROFILE *)p)) {
ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES); ERR_raise(ERR_LIB_SSL, SSL_R_SRTP_COULD_NOT_ALLOCATE_PROFILES);
goto err; goto err;
} }

14
ssl/record/methods/recmethod_local.h
View File

@ -367,7 +367,7 @@ struct ossl_record_layer_st
size_t max_pipelines; size_t max_pipelines;
/* Function pointers for version specific functions */ /* Function pointers for version specific functions */
struct record_functions_st *funcs; const struct record_functions_st *funcs;
}; };
typedef struct dtls_rlayer_record_data_st { typedef struct dtls_rlayer_record_data_st {
@ -377,12 +377,12 @@ typedef struct dtls_rlayer_record_data_st {
TLS_RL_RECORD rrec; TLS_RL_RECORD rrec;
} DTLS_RLAYER_RECORD_DATA; } DTLS_RLAYER_RECORD_DATA;
extern struct record_functions_st ssl_3_0_funcs; extern const struct record_functions_st ssl_3_0_funcs;
extern struct record_functions_st tls_1_funcs; extern const struct record_functions_st tls_1_funcs;
extern struct record_functions_st tls_1_3_funcs; extern const struct record_functions_st tls_1_3_funcs;
extern struct record_functions_st tls_any_funcs; extern const struct record_functions_st tls_any_funcs;
extern struct record_functions_st dtls_1_funcs; extern const struct record_functions_st dtls_1_funcs;
extern struct record_functions_st dtls_any_funcs; extern const struct record_functions_st dtls_any_funcs;
void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason, void ossl_rlayer_fatal(OSSL_RECORD_LAYER *rl, int al, int reason,
const char *fmt, ...); const char *fmt, ...);

2
ssl/record/methods/ssl3_meth.c
View File

@ -311,7 +311,7 @@ static int ssl3_mac(OSSL_RECORD_LAYER *rl, TLS_RL_RECORD *rec, unsigned char *md
return 1; return 1;
} }
struct record_functions_st ssl_3_0_funcs = { const struct record_functions_st ssl_3_0_funcs = {
ssl3_set_crypto_state, ssl3_set_crypto_state,
ssl3_cipher, ssl3_cipher,
ssl3_mac, ssl3_mac,

2
ssl/record/methods/tls13_meth.c
View File

@ -303,7 +303,7 @@ static int tls13_add_record_padding(OSSL_RECORD_LAYER *rl,
return 1; return 1;
} }
struct record_functions_st tls_1_3_funcs = { const struct record_functions_st tls_1_3_funcs = {
tls13_set_crypto_state, tls13_set_crypto_state,
tls13_cipher, tls13_cipher,
NULL, NULL,

4
ssl/record/methods/tls1_meth.c
View File

@ -651,7 +651,7 @@ int tls1_initialise_write_packets(OSSL_RECORD_LAYER *rl,
} }
/* TLSv1.0, TLSv1.1 and TLSv1.2 all use the same funcs */ /* TLSv1.0, TLSv1.1 and TLSv1.2 all use the same funcs */
struct record_functions_st tls_1_funcs = { const struct record_functions_st tls_1_funcs = {
tls1_set_crypto_state, tls1_set_crypto_state,
tls1_cipher, tls1_cipher,
tls1_mac, tls1_mac,
@ -672,7 +672,7 @@ struct record_functions_st tls_1_funcs = {
NULL NULL
}; };
struct record_functions_st dtls_1_funcs = { const struct record_functions_st dtls_1_funcs = {
tls1_set_crypto_state, tls1_set_crypto_state,
tls1_cipher, tls1_cipher,
tls1_mac, tls1_mac,

4
ssl/record/methods/tlsany_meth.c
View File

@ -145,7 +145,7 @@ static int tls_any_prepare_for_encryption(OSSL_RECORD_LAYER *rl,
return 1; return 1;
} }
struct record_functions_st tls_any_funcs = { const struct record_functions_st tls_any_funcs = {
tls_any_set_crypto_state, tls_any_set_crypto_state,
tls_any_cipher, tls_any_cipher,
NULL, NULL,
@ -175,7 +175,7 @@ static int dtls_any_set_protocol_version(OSSL_RECORD_LAYER *rl, int vers)
return 1; return 1;
} }
struct record_functions_st dtls_any_funcs = { const struct record_functions_st dtls_any_funcs = {
tls_any_set_crypto_state, tls_any_set_crypto_state,
tls_any_cipher, tls_any_cipher,
NULL, NULL,

2
ssl/s3_enc.c
View File

@ -375,7 +375,7 @@ int ssl3_generate_master_secret(SSL_CONNECTION *s, unsigned char *out,
unsigned char *p, unsigned char *p,
size_t len, size_t *secret_size) size_t len, size_t *secret_size)
{ {
static const unsigned char *salt[3] = { static const unsigned char *const salt[3] = {
#ifndef CHARSET_EBCDIC #ifndef CHARSET_EBCDIC
(const unsigned char *)"A", (const unsigned char *)"A",
(const unsigned char *)"BB", (const unsigned char *)"BB",

2
ssl/ssl_ciph.c
View File

@ -1708,7 +1708,7 @@ char *SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
const char *ver; const char *ver;
const char *kx, *au, *enc, *mac; const char *kx, *au, *enc, *mac;
uint32_t alg_mkey, alg_auth, alg_enc, alg_mac; uint32_t alg_mkey, alg_auth, alg_enc, alg_mac;
static const char *format = "%-30s %-7s Kx=%-8s Au=%-5s Enc=%-22s Mac=%-4s\n"; static const char *const format = "%-30s %-7s Kx=%-8s Au=%-5s Enc=%-22s Mac=%-4s\n";
if (buf == NULL) { if (buf == NULL) {
len = 128; len = 128;

2
ssl/ssl_lib.c
View File

@ -62,7 +62,7 @@ static int ssl_undefined_function_8(SSL_CONNECTION *sc)
return ssl_undefined_function(SSL_CONNECTION_GET_SSL(sc)); return ssl_undefined_function(SSL_CONNECTION_GET_SSL(sc));
} }
SSL3_ENC_METHOD ssl3_undef_enc_method = { const SSL3_ENC_METHOD ssl3_undef_enc_method = {
ssl_undefined_function_8, ssl_undefined_function_8,
ssl_undefined_function_3, ssl_undefined_function_3,
ssl_undefined_function_4, ssl_undefined_function_4,

2
ssl/ssl_local.h
View File

@ -2233,7 +2233,7 @@ typedef enum downgrade_en {
extern const unsigned char tls11downgrade[8]; extern const unsigned char tls11downgrade[8];
extern const unsigned char tls12downgrade[8]; extern const unsigned char tls12downgrade[8];
extern SSL3_ENC_METHOD ssl3_undef_enc_method; extern const SSL3_ENC_METHOD ssl3_undef_enc_method;
__owur const SSL_METHOD *sslv3_method(void); __owur const SSL_METHOD *sslv3_method(void);
__owur const SSL_METHOD *sslv3_server_method(void); __owur const SSL_METHOD *sslv3_server_method(void);