From f756fb430eb8f5f70696f174460eb90740b318f7 Mon Sep 17 00:00:00 2001
From: Justin Blanchard <uncombedcoconut@gmail.com>
Date: Mon, 18 Aug 2014 11:01:15 -0400
Subject: RT1815: More const'ness improvements

Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
---
 ssl/d1_both.c  | 2 +-
 ssl/s3_enc.c   | 4 ++--
 ssl/ssl_ciph.c | 2 +-
 ssl/t1_lib.c   | 4 ++--
 4 files changed, 6 insertions(+), 6 deletions(-)

(limited to 'ssl')

diff --git a/ssl/d1_both.c b/ssl/d1_both.c
index fb524dafa0..33d0ae3ce4 100644
--- a/ssl/d1_both.c
+++ b/ssl/d1_both.c
@@ -156,7 +156,7 @@ static unsigned char bitmask_start_values[] = {0xff, 0xfe, 0xfc, 0xf8, 0xf0, 0xe
 static unsigned char bitmask_end_values[]   = {0xff, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f};
 
 /* XDTLS:  figure out the right values */
-static unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28};
+static const unsigned int g_probable_mtu[] = {1500 - 28, 512 - 28, 256 - 28};
 
 static unsigned int dtls1_guess_mtu(unsigned int curr_mtu);
 static void dtls1_fix_message_header(SSL *s, unsigned long frag_off, 
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 6c103a042f..92683e2531 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -140,7 +140,7 @@
 #include <openssl/evp.h>
 #include <openssl/md5.h>
 
-static unsigned char ssl3_pad_1[48]={
+static const unsigned char ssl3_pad_1[48]={
 	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
 	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
 	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
@@ -148,7 +148,7 @@ static unsigned char ssl3_pad_1[48]={
 	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
 	0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36 };
 
-static unsigned char ssl3_pad_2[48]={
+static const unsigned char ssl3_pad_2[48]={
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
 	0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
index 1c3dc3317d..3c005f7e1a 100644
--- a/ssl/ssl_ciph.c
+++ b/ssl/ssl_ciph.c
@@ -203,7 +203,7 @@ static int ssl_mac_secret_size[SSL_MD_NUM_IDX]={
 	0,0,0,0,0,0
 	};
 
-static int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={
+static const int ssl_handshake_digest_flag[SSL_MD_NUM_IDX]={
 	SSL_HANDSHAKE_MAC_MD5,SSL_HANDSHAKE_MAC_SHA,
 	SSL_HANDSHAKE_MAC_GOST94, 0, SSL_HANDSHAKE_MAC_SHA256,
 	SSL_HANDSHAKE_MAC_SHA384
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index ac00a2ac4c..0430eefe72 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -232,7 +232,7 @@ typedef struct
 #define TLS_CURVE_CHAR2		0x1
 #define TLS_CURVE_PRIME		0x0
 
-static tls_curve_info nid_list[] =
+static const tls_curve_info nid_list[] =
 	{
 		{NID_sect163k1, 80, TLS_CURVE_CHAR2},/* sect163k1 (1) */
 		{NID_sect163r1, 80, TLS_CURVE_CHAR2},/* sect163r1 (2) */
@@ -428,7 +428,7 @@ static void tls1_get_curvelist(SSL *s, int sess,
 /* See if curve is allowed by security callback */
 static int tls_curve_allowed(SSL *s, const unsigned char *curve, int op)
 	{
-	tls_curve_info *cinfo;
+	const tls_curve_info *cinfo;
 	if (curve[0])
 		return 1;
 	if ((curve[1] < 1) || ((size_t)curve[1] >
-- 
cgit v1.2.3