OpenSSL started adding const to functions all over the place. Make all

our libssl functions match theirs wrt const, except for BIO_f_ssl(3)
which will be fixed in a later step.

this went through a i386 bulk by sthen
ok jsing

7 files changed, 30 insertions, 38 deletions

diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 143dd8a003f..f996af188f9 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.155 2018/04/11 17:47:36 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.156 2018/04/25 07:10:39 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -727,10 +727,10 @@ void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx,
 void (*SSL_CTX_sess_get_remove_cb(SSL_CTX *ctx))(struct ssl_ctx_st *ctx,
     SSL_SESSION *sess);
 void SSL_CTX_sess_set_get_cb(SSL_CTX *ctx,
-    SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl, unsigned char *data,
-    int len, int *copy));
+    SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
+    const unsigned char *data, int len, int *copy));
 SSL_SESSION *(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(struct ssl_st *ssl,
-    unsigned char *Data, int len, int *copy);
+    const unsigned char *Data, int len, int *copy);
 void SSL_CTX_set_info_callback(SSL_CTX *ctx, void (*cb)(const SSL *ssl,
     int type, int val));
 void (*SSL_CTX_get_info_callback(SSL_CTX *ctx))(const SSL *ssl, int type,
@@ -746,7 +746,7 @@ void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
     int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie,
     unsigned int *cookie_len));
 void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
-    int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
+    int (*app_verify_cookie_cb)(SSL *ssl, const unsigned char *cookie,
     unsigned int cookie_len));
 void SSL_CTX_set_next_protos_advertised_cb(SSL_CTX *s, int (*cb)(SSL *ssl,
     const unsigned char **out, unsigned int *outlen, void *arg), void *arg);
@@ -1247,7 +1247,7 @@ const SSL_CIPHER *SSL_get_current_cipher(const SSL *s);
 const SSL_CIPHER *SSL_CIPHER_get_by_id(unsigned int id);
 const SSL_CIPHER *SSL_CIPHER_get_by_value(uint16_t value);
 int	SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
-char *	SSL_CIPHER_get_version(const SSL_CIPHER *c);
+const char *	SSL_CIPHER_get_version(const SSL_CIPHER *c);
 const char *	SSL_CIPHER_get_name(const SSL_CIPHER *c);
 unsigned long 	SSL_CIPHER_get_id(const SSL_CIPHER *c);
 uint16_t SSL_CIPHER_get_value(const SSL_CIPHER *c);
@@ -1279,7 +1279,7 @@ void	SSL_set_verify(SSL *s, int mode,
 	    int (*callback)(int ok, X509_STORE_CTX *ctx));
 void	SSL_set_verify_depth(SSL *s, int depth);
 int	SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
-int	SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+int	SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len);
 int	SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
 int	SSL_use_PrivateKey_ASN1(int pk, SSL *ssl, const unsigned char *d, long len);
 int	SSL_use_certificate(SSL *ssl, X509 *x);
@@ -1457,12 +1457,12 @@ long SSL_get_default_timeout(const SSL *s);
 int SSL_library_init(void );
 
 char *SSL_CIPHER_description(const SSL_CIPHER *, char *buf, int size);
-STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
+STACK_OF(X509_NAME) *SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk);
 
 SSL *SSL_dup(SSL *ssl);
 
 X509 *SSL_get_certificate(const SSL *ssl);
-/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
+/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
 
 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);
diff --git a/lib/libssl/ssl_cert.c b/lib/libssl/ssl_cert.c
index a244353b885..a01f484578d 100644
--- a/lib/libssl/ssl_cert.c
+++ b/lib/libssl/ssl_cert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_cert.c,v 1.66 2017/08/12 02:55:22 jsing Exp $ */
+/* $OpenBSD: ssl_cert.c,v 1.67 2018/04/25 07:10:39 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -454,7 +454,7 @@ set_client_CA_list(STACK_OF(X509_NAME) **ca_list,
 }
 
 STACK_OF(X509_NAME) *
-SSL_dup_CA_list(STACK_OF(X509_NAME) *sk)
+SSL_dup_CA_list(const STACK_OF(X509_NAME) *sk)
 {
 	int i;
 	STACK_OF(X509_NAME) *ret;
diff --git a/lib/libssl/ssl_ciph.c b/lib/libssl/ssl_ciph.c
index 271d77f38b4..cd0e9b0ad63 100644
--- a/lib/libssl/ssl_ciph.c
+++ b/lib/libssl/ssl_ciph.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_ciph.c,v 1.98 2018/03/17 14:40:45 jsing Exp $ */
+/* $OpenBSD: ssl_ciph.c,v 1.99 2018/04/25 07:10:39 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1674,7 +1674,7 @@ SSL_CIPHER_description(const SSL_CIPHER *cipher, char *buf, int len)
 	return (ret);
 }
 
-char *
+const char *
 SSL_CIPHER_get_version(const SSL_CIPHER *c)
 {
 	if (c == NULL)
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 5cae53041df..4f1eb5bf0af 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.184 2018/04/14 07:09:21 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.185 2018/04/25 07:10:39 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2654,7 +2654,7 @@ SSL_get_certificate(const SSL *s)
 
 /* Fix this function so that it takes an optional type parameter */
 EVP_PKEY *
-SSL_get_privatekey(SSL *s)
+SSL_get_privatekey(const SSL *s)
 {
 	if (s->cert != NULL)
 		return (s->cert->key->privatekey);
diff --git a/lib/libssl/ssl_locl.h b/lib/libssl/ssl_locl.h
index 1677377c642..696ffc44b90 100644
--- a/lib/libssl/ssl_locl.h
+++ b/lib/libssl/ssl_locl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_locl.h,v 1.204 2018/04/07 17:02:34 jsing Exp $ */
+/* $OpenBSD: ssl_locl.h,v 1.205 2018/04/25 07:10:39 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -460,7 +460,7 @@ typedef struct ssl_ctx_internal_st {
 	int (*new_session_cb)(struct ssl_st *ssl, SSL_SESSION *sess);
 	void (*remove_session_cb)(struct ssl_ctx_st *ctx, SSL_SESSION *sess);
 	SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
-	    unsigned char *data, int len, int *copy);
+	    const unsigned char *data, int len, int *copy);
 
 	/* if defined, these override the X509_verify_cert() calls */
 	int (*app_verify_callback)(X509_STORE_CTX *, void *);
@@ -474,7 +474,7 @@ typedef struct ssl_ctx_internal_st {
 	    unsigned int *cookie_len);
 
 	/* verify cookie callback */
-	int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie,
+	int (*app_verify_cookie_cb)(SSL *ssl, const unsigned char *cookie,
 	    unsigned int cookie_len);
 
 	void (*info_callback)(const SSL *ssl,int type,int val); /* used if SSL's info_callback is NULL */
diff --git a/lib/libssl/ssl_rsa.c b/lib/libssl/ssl_rsa.c
index e99ce1e3ae2..631aaa5077d 100644
--- a/lib/libssl/ssl_rsa.c
+++ b/lib/libssl/ssl_rsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_rsa.c,v 1.28 2017/02/07 02:08:38 beck Exp $ */
+/* $OpenBSD: ssl_rsa.c,v 1.29 2018/04/25 07:10:39 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -133,7 +133,7 @@ SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
 	X509 *x;
 	int ret;
 
-	x = d2i_X509(NULL, &d,(long)len);
+	x = d2i_X509(NULL, &d, (long)len);
 	if (x == NULL) {
 		SSLerror(ssl, ERR_R_ASN1_LIB);
 		return (0);
@@ -254,14 +254,12 @@ end:
 }
 
 int
-SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len)
+SSL_use_RSAPrivateKey_ASN1(SSL *ssl, const unsigned char *d, long len)
 {
 	int ret;
-	const unsigned char *p;
 	RSA *rsa;
 
-	p = d;
-	if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
+	if ((rsa = d2i_RSAPrivateKey(NULL, &d, (long)len)) == NULL) {
 		SSLerror(ssl, ERR_R_ASN1_LIB);
 		return (0);
 	}
@@ -332,11 +330,9 @@ int
 SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len)
 {
 	int ret;
-	const unsigned char *p;
 	EVP_PKEY *pkey;
 
-	p = d;
-	if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
+	if ((pkey = d2i_PrivateKey(type, NULL, &d, (long)len)) == NULL) {
 		SSLerror(ssl, ERR_R_ASN1_LIB);
 		return (0);
 	}
@@ -465,7 +461,7 @@ SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d)
 	X509 *x;
 	int ret;
 
-	x = d2i_X509(NULL, &d,(long)len);
+	x = d2i_X509(NULL, &d, (long)len);
 	if (x == NULL) {
 		SSLerrorx(ERR_R_ASN1_LIB);
 		return (0);
@@ -547,11 +543,9 @@ int
 SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
 {
 	int ret;
-	const unsigned char *p;
 	RSA *rsa;
 
-	p = d;
-	if ((rsa = d2i_RSAPrivateKey(NULL, &p,(long)len)) == NULL) {
+	if ((rsa = d2i_RSAPrivateKey(NULL, &d, (long)len)) == NULL) {
 		SSLerrorx(ERR_R_ASN1_LIB);
 		return (0);
 	}
@@ -620,11 +614,9 @@ SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, const unsigned char *d,
     long len)
 {
 	int ret;
-	const unsigned char *p;
 	EVP_PKEY *pkey;
 
-	p = d;
-	if ((pkey = d2i_PrivateKey(type, NULL, &p,(long)len)) == NULL) {
+	if ((pkey = d2i_PrivateKey(type, NULL, &d, (long)len)) == NULL) {
 		SSLerrorx(ERR_R_ASN1_LIB);
 		return (0);
 	}
diff --git a/lib/libssl/ssl_sess.c b/lib/libssl/ssl_sess.c
index b3ee7ef4302..8ebeb273feb 100644
--- a/lib/libssl/ssl_sess.c
+++ b/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.79 2018/03/20 15:28:12 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.80 2018/04/25 07:10:39 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1092,13 +1092,13 @@ void
 
 void
 SSL_CTX_sess_set_get_cb(SSL_CTX *ctx, SSL_SESSION *(*cb)(struct ssl_st *ssl,
-    unsigned char *data, int len, int *copy))
+    const unsigned char *data, int len, int *copy))
 {
 	ctx->internal->get_session_cb = cb;
 }
 
 SSL_SESSION *
-(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, unsigned char *data,
+(*SSL_CTX_sess_get_get_cb(SSL_CTX *ctx))(SSL *ssl, const unsigned char *data,
     int len, int *copy)
 {
 	return ctx->internal->get_session_cb;
@@ -1158,7 +1158,7 @@ SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx,
 
 void
 SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx,
-    int (*cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len))
+    int (*cb)(SSL *ssl, const unsigned char *cookie, unsigned int cookie_len))
 {
 	ctx->internal->app_verify_cookie_cb = cb;
 }