diff options
| author | Geoff Thorpe <geoff@openssl.org> | 2000-06-01 02:36:58 +0000 |
|---|---|---|
| committer | Geoff Thorpe <geoff@openssl.org> | 2000-06-01 02:36:58 +0000 |
| commit | ccd86b68ef7f9a5cfaaed4089bce29fdc5fe4219 (patch) | |
| tree | a17b8dc9415fd53a48aad7152f08b2ede5a45d34 /ssl | |
| parent | 7bb7043580900b8f06cb418b46004b755ff0fc96 (diff) | |
The previous commit to crypto/stack/*.[ch] pulled the type-safety strings
yet tighter, and also put some heat on the rest of the library by
insisting (correctly) that compare callbacks used in stacks are prototyped
with "const" parameters. This has led to a depth-first explosion of
compiler warnings in the code where 1 constification has led to 3 or 4
more. Fortunately these have all been resolved to completion and the code
seems cleaner as a result - in particular many of the _cmp() functions
should have been prototyped with "const"s, and now are. There was one
little problem however;
X509_cmp() should by rights compare "const X509 *" pointers, and it is now
declared as such. However, it's internal workings can involve
recalculating hash values and extensions if they have not already been
setup. Someone with a more intricate understanding of the flow control of
X509 might be able to tighten this up, but for now - this seemed the
obvious place to stop the "depth-first" constification of the code by
using an evil cast (they have migrated all the way here from safestack.h).
Fortunately, this is the only place in the code where this was required
to complete these type-safety changes, and it's reasonably clear and
commented, and seemed the least unacceptable of the options. Trying to
take the constification further ends up exploding out considerably, and
indeed leads directly into generalised ASN functions which are not likely
to cooperate well with this.
Diffstat (limited to 'ssl')
| -rw-r--r-- | ssl/s3_clnt.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_cert.c | 4 | ||||
| -rw-r--r-- | ssl/ssl_ciph.c | 3 | ||||
| -rw-r--r-- | ssl/ssl_lib.c | 5 | ||||
| -rw-r--r-- | ssl/ssl_locl.h | 5 |
5 files changed, 12 insertions, 9 deletions
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 6a09d6aa8a..1977707947 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -69,7 +69,7 @@ static SSL_METHOD *ssl3_get_client_method(int ver); static int ssl3_client_hello(SSL *s); static int ssl3_get_server_hello(SSL *s); static int ssl3_get_certificate_request(SSL *s); -static int ca_dn_cmp(X509_NAME **a,X509_NAME **b); +static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); static int ssl3_get_server_done(SSL *s); static int ssl3_send_client_verify(SSL *s); static int ssl3_send_client_certificate(SSL *s); @@ -1275,7 +1275,7 @@ err: return(ret); } -static int ca_dn_cmp(X509_NAME **a, X509_NAME **b) +static int ca_dn_cmp(const X509_NAME * const *a, const X509_NAME * const *b) { return(X509_NAME_cmp(*a,*b)); } diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index e134e6f3e0..fc8b8a7a53 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -568,7 +568,7 @@ int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x) return(add_client_CA(&(ctx->client_CA),x)); } -static int xname_cmp(X509_NAME **a,X509_NAME **b) +static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) { return(X509_NAME_cmp(*a,*b)); } @@ -649,7 +649,7 @@ int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, X509 *x=NULL; X509_NAME *xn=NULL; int ret=1; - int (*oldcmp)(X509_NAME **a, X509_NAME **b); + int (*oldcmp)(const X509_NAME * const *a, const X509_NAME * const *b); oldcmp=sk_X509_NAME_set_cmp_func(stack,xname_cmp); diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index a5b2b97056..817b6b31f4 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -1037,7 +1037,8 @@ SSL_COMP *ssl3_comp_find(STACK_OF(SSL_COMP) *sk, int n) return(NULL); } -static int sk_comp_cmp(SSL_COMP **a,SSL_COMP **b) +static int sk_comp_cmp(const SSL_COMP * const *a, + const SSL_COMP * const *b) { return((*a)->id-(*b)->id); } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index c515c41b4e..f4eb35b15e 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -874,7 +874,7 @@ long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)()) } } -int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b) +int ssl_cipher_id_cmp(const SSL_CIPHER *a, const SSL_CIPHER *b) { long l; @@ -885,7 +885,8 @@ int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b) return((l > 0)?1:-1); } -int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp) +int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, + const SSL_CIPHER * const *bp) { long l; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index 9a52bab254..d70fff4627 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -423,8 +423,9 @@ void ssl_sess_cert_free(SESS_CERT *sc); int ssl_set_peer_cert_type(SESS_CERT *c, int type); int ssl_get_new_session(SSL *s, int session); int ssl_get_prev_session(SSL *s, unsigned char *session,int len); -int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b); -int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp); +int ssl_cipher_id_cmp(const SSL_CIPHER *a,const SSL_CIPHER *b); +int ssl_cipher_ptr_id_cmp(const SSL_CIPHER * const *ap, + const SSL_CIPHER * const *bp); STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num, STACK_OF(SSL_CIPHER) **skp); int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p); |