From 6d70353ca8bc55b54f19af00fb7d9b074208ff1c Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Sat, 29 Aug 2020 18:00:11 -0400 Subject: [PATCH] Const-correct X509V3_CONF_METHOD. This is needed to fix all the config APIs to take const char *. I've split it out as it's the only incompatible half of the change. Update-Note: External definitions of X509V3_CONF_METHOD will need fix the types of their functions. There should not be any of these (probably hide this struct), but if there are, this aligns with upstream OpenSSL. Change-Id: I6e760cfbca5d3f408215b8f3744acd1fd7f31391 Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/42727 Commit-Queue: David Benjamin Reviewed-by: Adam Langley --- crypto/x509v3/v3_conf.c | 10 +++++++--- include/openssl/x509v3.h | 4 ++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/crypto/x509v3/v3_conf.c b/crypto/x509v3/v3_conf.c index e98d0fcdc..b3deb7f52 100644 --- a/crypto/x509v3/v3_conf.c +++ b/crypto/x509v3/v3_conf.c @@ -428,13 +428,17 @@ void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section) ctx->db_meth->free_section(ctx->db, section); } -static char *nconf_get_string(void *db, char *section, char *value) +static char *nconf_get_string(void *db, const char *section, const char *value) { - /* TODO(fork): this should return a const value. */ + /* TODO(fork): This returns a non-const pointer because |X509V3_CONF_METHOD| + * allows |get_string| to return caller-owned pointers, provided they're + * freed by |free_string|. |nconf_method| leaves |free_string| NULL, and + * there are no other implementations of |X509V3_CONF_METHOD|, so this can + * be simplified if we make it private. */ return (char *)NCONF_get_string(db, section, value); } -static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, char *section) +static STACK_OF(CONF_VALUE) *nconf_get_section(void *db, const char *section) { return NCONF_get_section(db, section); } diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h index 2b2b4d910..0fd44bcc7 100644 --- a/include/openssl/x509v3.h +++ b/include/openssl/x509v3.h @@ -126,8 +126,8 @@ void *usr_data; /* Any extension specific data */ }; typedef struct X509V3_CONF_METHOD_st { -char * (*get_string)(void *db, char *section, char *value); -STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); +char * (*get_string)(void *db, const char *section, const char *value); +STACK_OF(CONF_VALUE) * (*get_section)(void *db, const char *section); void (*free_string)(void *db, char * string); void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); } X509V3_CONF_METHOD;