[openssl-commits] [openssl] master update
Matt Caswell
matt at openssl.org
Sat Jun 18 14:36:18 UTC 2016
The branch master has been updated
via 1dcb8ca2a4aa71964105b24fa7c6254a58b7ad35 (commit)
via 6b44f2597e9ab5fc606426e463b491f857696253 (commit)
via d012c1a17934d4f5aac0bc9853efcb3f831b5b23 (commit)
via ac94c8fdb9e8a36e616c80fa8c4aadb455144019 (commit)
via 98370c2dd7dc32cecd7bb7d940383846fa435f25 (commit)
via 7fb4b92c01bdef71543650ef7da6bfcec69f9cde (commit)
from 13c03c8d6da334bb1cde6ce4133e7c75b3b76947 (commit)
- Log -----------------------------------------------------------------
commit 1dcb8ca2a4aa71964105b24fa7c6254a58b7ad35
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jun 15 16:25:21 2016 +0100
Use a STACK_OF(OPENSSL_CSTRING) for const char * stacks
Better than losing the const qualifier.
RT4378
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 6b44f2597e9ab5fc606426e463b491f857696253
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jun 15 16:06:44 2016 +0100
OpenBSD has intypes.h
Update e_os2.h so that inttypes.h is included.
RT4378
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit d012c1a17934d4f5aac0bc9853efcb3f831b5b23
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jun 15 15:59:46 2016 +0100
Replace 4 casts with 1
Changing the type of the |str| variable in asn1pars enables us to remove
4 casts with just 1. This silences an OpenBSD warning along the way.
RT4378
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit ac94c8fdb9e8a36e616c80fa8c4aadb455144019
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jun 15 15:32:38 2016 +0100
Improve const correctness for stacks of EVP_MD
EVP_MDs are always const, so stacks of them should be too. This silences
a warning about type punning on OpenBSD.
RT4378
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 98370c2dd7dc32cecd7bb7d940383846fa435f25
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jun 15 15:17:50 2016 +0100
constify SRP
Add const qualifiers to lots of SRP stuff. This started out as an effort
to silence some "type-punning" warnings on OpenBSD...but the fix was to
have proper const correctness in SRP.
RT4378
Reviewed-by: Richard Levitte <levitte at openssl.org>
commit 7fb4b92c01bdef71543650ef7da6bfcec69f9cde
Author: Matt Caswell <matt at openssl.org>
Date: Wed Jun 15 11:50:09 2016 +0100
Avoid type punning warnings in b_addr.c
RT4378
Reviewed-by: Richard Levitte <levitte at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/asn1pars.c | 13 +++++++------
apps/engine.c | 26 +++++++++++---------------
crypto/bio/b_addr.c | 8 ++++----
crypto/srp/srp_lib.c | 39 ++++++++++++++++++++-------------------
crypto/srp/srp_vfy.c | 15 ++++++++-------
crypto/ts/ts_rsp_sign.c | 6 +++---
include/openssl/e_os2.h | 2 +-
include/openssl/safestack.h | 3 +++
include/openssl/srp.h | 31 ++++++++++++++++---------------
include/openssl/ts.h | 2 +-
10 files changed, 74 insertions(+), 71 deletions(-)
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
index d3b1970..64a2d85 100644
--- a/apps/asn1pars.c
+++ b/apps/asn1pars.c
@@ -61,7 +61,8 @@ int asn1parse_main(int argc, char **argv)
BUF_MEM *buf = NULL;
STACK_OF(OPENSSL_STRING) *osk = NULL;
char *genstr = NULL, *genconf = NULL;
- char *infile = NULL, *str = NULL, *oidfile = NULL, *derfile = NULL;
+ char *infile = NULL, *oidfile = NULL, *derfile = NULL;
+ unsigned char *str = NULL;
char *name = NULL, *header = NULL, *prog;
const unsigned char *ctmpbuf;
int indent = 0, noout = 0, dump = 0, strictpem = 0, informat = FORMAT_PEM;
@@ -154,7 +155,7 @@ int asn1parse_main(int argc, char **argv)
goto end;
if (strictpem) {
- if (PEM_read_bio(in, &name, &header, (unsigned char **)&str, &num) !=
+ if (PEM_read_bio(in, &name, &header, &str, &num) !=
1) {
BIO_printf(bio_err, "Error reading PEM file\n");
ERR_print_errors(bio_err);
@@ -198,14 +199,14 @@ int asn1parse_main(int argc, char **argv)
num += i;
}
}
- str = buf->data;
+ str = (unsigned char *)buf->data;
}
/* If any structs to parse go through in sequence */
if (sk_OPENSSL_STRING_num(osk)) {
- tmpbuf = (unsigned char *)str;
+ tmpbuf = str;
tmplen = num;
for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
ASN1_TYPE *atmp;
@@ -239,7 +240,7 @@ int asn1parse_main(int argc, char **argv)
tmpbuf = at->value.asn1_string->data;
tmplen = at->value.asn1_string->length;
}
- str = (char *)tmpbuf;
+ str = tmpbuf;
num = tmplen;
}
@@ -260,7 +261,7 @@ int asn1parse_main(int argc, char **argv)
}
}
if (!noout &&
- !ASN1_parse_dump(bio_out, (unsigned char *)&(str[offset]), length,
+ !ASN1_parse_dump(bio_out, &(str[offset]), length,
indent, dump)) {
ERR_print_errors(bio_err);
goto end;
diff --git a/apps/engine.c b/apps/engine.c
index bb4b0c1..c98839a 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -45,10 +45,6 @@ OPTIONS engine_options[] = {
{NULL}
};
-static void identity(char *ptr)
-{
-}
-
static int append_buf(char **buf, int *size, const char *s)
{
if (*buf == NULL) {
@@ -217,7 +213,7 @@ static int util_verbose(ENGINE *e, int verbose, BIO *out, const char *indent)
BIO_printf(out, "\n");
ret = 1;
err:
- sk_OPENSSL_STRING_pop_free(cmds, identity);
+ sk_OPENSSL_STRING_free(cmds);
OPENSSL_free(name);
OPENSSL_free(desc);
return ret;
@@ -267,7 +263,7 @@ int engine_main(int argc, char **argv)
int ret = 1, i;
int verbose = 0, list_cap = 0, test_avail = 0, test_avail_noise = 0;
ENGINE *e;
- STACK_OF(OPENSSL_STRING) *engines = sk_OPENSSL_STRING_new_null();
+ STACK_OF(OPENSSL_CSTRING) *engines = sk_OPENSSL_CSTRING_new_null();
STACK_OF(OPENSSL_STRING) *pre_cmds = sk_OPENSSL_STRING_new_null();
STACK_OF(OPENSSL_STRING) *post_cmds = sk_OPENSSL_STRING_new_null();
BIO *out;
@@ -284,7 +280,7 @@ int engine_main(int argc, char **argv)
* names, and then setup to parse the rest of the line as flags. */
prog = argv[0];
while ((argv1 = argv[1]) != NULL && *argv1 != '-') {
- sk_OPENSSL_STRING_push(engines, argv1);
+ sk_OPENSSL_CSTRING_push(engines, argv1);
argc--;
argv++;
}
@@ -337,17 +333,17 @@ int engine_main(int argc, char **argv)
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
}
- sk_OPENSSL_STRING_push(engines, *argv);
+ sk_OPENSSL_CSTRING_push(engines, *argv);
}
- if (sk_OPENSSL_STRING_num(engines) == 0) {
+ if (sk_OPENSSL_CSTRING_num(engines) == 0) {
for (e = ENGINE_get_first(); e != NULL; e = ENGINE_get_next(e)) {
- sk_OPENSSL_STRING_push(engines, (char *)ENGINE_get_id(e));
+ sk_OPENSSL_CSTRING_push(engines, ENGINE_get_id(e));
}
}
- for (i = 0; i < sk_OPENSSL_STRING_num(engines); i++) {
- const char *id = sk_OPENSSL_STRING_value(engines, i);
+ for (i = 0; i < sk_OPENSSL_CSTRING_num(engines); i++) {
+ const char *id = sk_OPENSSL_CSTRING_value(engines, i);
if ((e = ENGINE_by_id(id)) != NULL) {
const char *name = ENGINE_get_name(e);
/*
@@ -436,9 +432,9 @@ int engine_main(int argc, char **argv)
end:
ERR_print_errors(bio_err);
- sk_OPENSSL_STRING_pop_free(engines, identity);
- sk_OPENSSL_STRING_pop_free(pre_cmds, identity);
- sk_OPENSSL_STRING_pop_free(post_cmds, identity);
+ sk_OPENSSL_CSTRING_free(engines);
+ sk_OPENSSL_STRING_free(pre_cmds);
+ sk_OPENSSL_STRING_free(post_cmds);
BIO_free_all(out);
return (ret);
}
diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
index 3a9a00c..e5352db 100644
--- a/crypto/bio/b_addr.c
+++ b/crypto/bio/b_addr.c
@@ -708,12 +708,12 @@ int BIO_lookup(const char *host, const char *service,
/* Windows doesn't seem to have in_addr_t */
#ifdef OPENSSL_SYS_WINDOWS
static uint32_t he_fallback_address;
- static const uint32_t *he_fallback_addresses[] =
- { &he_fallback_address, NULL };
+ static const char *he_fallback_addresses[] =
+ { (char *)&he_fallback_address, NULL };
#else
static in_addr_t he_fallback_address;
- static const in_addr_t *he_fallback_addresses[] =
- { &he_fallback_address, NULL };
+ static const char *he_fallback_addresses[] =
+ { (char *)&he_fallback_address, NULL };
#endif
static const struct hostent he_fallback =
{ NULL, NULL, AF_INET, sizeof(he_fallback_address),
diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c
index 766a0a2..0667174 100644
--- a/crypto/srp/srp_lib.c
+++ b/crypto/srp/srp_lib.c
@@ -14,7 +14,7 @@
# include <openssl/evp.h>
# include "internal/bn_srp.h"
-static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
+static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g)
{
/* k = SHA1(N | PAD(g)) -- tls-srp draft 8 */
@@ -52,7 +52,7 @@ static BIGNUM *srp_Calc_k(BIGNUM *N, BIGNUM *g)
return res;
}
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
+BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N)
{
/* k = SHA1(PAD(A) || PAD(B) ) -- tls-srp draft 8 */
@@ -95,8 +95,8 @@ BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N)
return u;
}
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
- BIGNUM *N)
+BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
+ const BIGNUM *b, const BIGNUM *N)
{
BIGNUM *tmp = NULL, *S = NULL;
BN_CTX *bn_ctx;
@@ -125,7 +125,8 @@ BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
return S;
}
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
+BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v)
{
BIGNUM *kv = NULL, *gb = NULL;
BIGNUM *B = NULL, *k = NULL;
@@ -156,7 +157,7 @@ BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v)
return B;
}
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
+BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass)
{
unsigned char dig[SHA_DIGEST_LENGTH];
EVP_MD_CTX *ctxt;
@@ -191,7 +192,7 @@ BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass)
return res;
}
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
+BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g)
{
BN_CTX *bn_ctx;
BIGNUM *A = NULL;
@@ -207,8 +208,8 @@ BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g)
return A;
}
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
- BIGNUM *a, BIGNUM *u)
+BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u)
{
BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL;
BN_CTX *bn_ctx;
@@ -249,7 +250,7 @@ BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
return K;
}
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
+int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N)
{
BIGNUM *r;
BN_CTX *bn_ctx;
@@ -270,20 +271,20 @@ int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N)
return ret;
}
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N)
+int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N)
{
/* Checks if A % N == 0 */
return SRP_Verify_B_mod_N(A, N);
}
static SRP_gN knowngN[] = {
- {"8192", (BIGNUM *)&bn_generator_19, (BIGNUM *)&bn_group_8192},
- {"6144", (BIGNUM *)&bn_generator_5, (BIGNUM *)&bn_group_6144},
- {"4096", (BIGNUM *)&bn_generator_5, (BIGNUM *)&bn_group_4096},
- {"3072", (BIGNUM *)&bn_generator_5, (BIGNUM *)&bn_group_3072},
- {"2048", (BIGNUM *)&bn_generator_2, (BIGNUM *)&bn_group_2048},
- {"1536", (BIGNUM *)&bn_generator_2, (BIGNUM *)&bn_group_1536},
- {"1024", (BIGNUM *)&bn_generator_2, (BIGNUM *)&bn_group_1024},
+ {"8192", &bn_generator_19, &bn_group_8192},
+ {"6144", &bn_generator_5, &bn_group_6144},
+ {"4096", &bn_generator_5, &bn_group_4096},
+ {"3072", &bn_generator_5, &bn_group_3072},
+ {"2048", &bn_generator_2, &bn_group_2048},
+ {"1536", &bn_generator_2, &bn_group_1536},
+ {"1024", &bn_generator_2, &bn_group_1024},
};
# define KNOWN_GN_NUMBER sizeof(knowngN) / sizeof(SRP_gN)
@@ -292,7 +293,7 @@ static SRP_gN knowngN[] = {
* Check if G and N are known parameters. The values have been generated
* from the ietf-tls-srp draft version 8
*/
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N)
+char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N)
{
size_t i;
if ((g == NULL) || (N == NULL))
diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c
index 11b9a4b..f99fa1b 100644
--- a/crypto/srp/srp_vfy.c
+++ b/crypto/srp/srp_vfy.c
@@ -525,7 +525,8 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
{
int len;
char *result = NULL, *vf = NULL;
- BIGNUM *N_bn = NULL, *g_bn = NULL, *s = NULL, *v = NULL;
+ const BIGNUM *N_bn = NULL, *g_bn = NULL;
+ BIGNUM *N_bn_alloc = NULL, *g_bn_alloc = NULL, *s = NULL, *v = NULL;
unsigned char tmp[MAX_LEN];
unsigned char tmp2[MAX_LEN];
char *defgNid = NULL;
@@ -538,10 +539,12 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
if (N) {
if ((len = t_fromb64(tmp, N)) == 0)
goto err;
- N_bn = BN_bin2bn(tmp, len, NULL);
+ N_bn_alloc = BN_bin2bn(tmp, len, NULL);
+ N_bn = N_bn_alloc;
if ((len = t_fromb64(tmp, g)) == 0)
goto err;
- g_bn = BN_bin2bn(tmp, len, NULL);
+ g_bn_alloc = BN_bin2bn(tmp, len, NULL);
+ g_bn = g_bn_alloc;
defgNid = "*";
} else {
SRP_gN *gN = SRP_get_gN_by_id(g, NULL);
@@ -587,10 +590,8 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt,
result = defgNid;
err:
- if (N) {
- BN_free(N_bn);
- BN_free(g_bn);
- }
+ BN_free(N_bn_alloc);
+ BN_free(g_bn_alloc);
OPENSSL_clear_free(vf, vfsize);
BN_clear_free(s);
BN_clear_free(v);
diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c
index a4acc9e..8619cb5 100644
--- a/crypto/ts/ts_rsp_sign.c
+++ b/crypto/ts/ts_rsp_sign.c
@@ -223,7 +223,7 @@ int TS_RESP_CTX_add_md(TS_RESP_CTX *ctx, const EVP_MD *md)
if (ctx->mds == NULL
&& (ctx->mds = sk_EVP_MD_new_null()) == NULL)
goto err;
- if (!sk_EVP_MD_push(ctx->mds, (EVP_MD *)md))
+ if (!sk_EVP_MD_push(ctx->mds, md))
goto err;
return 1;
@@ -446,7 +446,7 @@ static int ts_RESP_check_request(TS_RESP_CTX *ctx)
X509_ALGOR *md_alg;
int md_alg_id;
const ASN1_OCTET_STRING *digest;
- EVP_MD *md = NULL;
+ const EVP_MD *md = NULL;
int i;
if (TS_REQ_get_version(request) != 1) {
@@ -460,7 +460,7 @@ static int ts_RESP_check_request(TS_RESP_CTX *ctx)
md_alg = msg_imprint->hash_algo;
md_alg_id = OBJ_obj2nid(md_alg->algorithm);
for (i = 0; !md && i < sk_EVP_MD_num(ctx->mds); ++i) {
- EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
+ const EVP_MD *current_md = sk_EVP_MD_value(ctx->mds, i);
if (md_alg_id == EVP_MD_type(current_md))
md = current_md;
}
diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h
index 198ebdf..99ea347 100644
--- a/include/openssl/e_os2.h
+++ b/include/openssl/e_os2.h
@@ -245,7 +245,7 @@ typedef UINT64 uint64_t;
# define PRIu64 "%Lu"
# elif (defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L) || \
defined(__osf__) || defined(__sgi) || defined(__hpux) || \
- defined(OPENSSL_SYS_VMS)
+ defined(OPENSSL_SYS_VMS) || defined (__OpenBSD__)
# include <inttypes.h>
# elif defined(_MSC_VER) && _MSC_VER<=1500
/*
diff --git a/include/openssl/safestack.h b/include/openssl/safestack.h
index 306b3ac..fb8d910 100644
--- a/include/openssl/safestack.h
+++ b/include/openssl/safestack.h
@@ -120,6 +120,8 @@ extern "C" {
# define DEFINE_SPECIAL_STACK_OF(t1, t2) SKM_DEFINE_STACK_OF(t1, t2, t2)
# define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t)
+# define DEFINE_SPECIAL_STACK_OF_CONST(t1, t2) \
+ SKM_DEFINE_STACK_OF(t1, const t2, t2)
# define DEFINE_STACK_OF_CONST(t) SKM_DEFINE_STACK_OF(t, const t, t)
/*-
@@ -147,6 +149,7 @@ typedef const char *OPENSSL_CSTRING;
* dealt with in the autogenerated macros below.
*/
DEFINE_SPECIAL_STACK_OF(OPENSSL_STRING, char)
+DEFINE_SPECIAL_STACK_OF_CONST(OPENSSL_CSTRING, char)
/*
* Similarly, we sometimes use a block of characters, NOT nul-terminated.
diff --git a/include/openssl/srp.h b/include/openssl/srp.h
index 1007b83..80bcb0d 100644
--- a/include/openssl/srp.h
+++ b/include/openssl/srp.h
@@ -52,8 +52,8 @@ typedef struct SRP_VBASE_st {
STACK_OF(SRP_gN_cache) *gN_cache;
/* to simulate a user */
char *seed_key;
- BIGNUM *default_g;
- BIGNUM *default_N;
+ const BIGNUM *default_g;
+ const BIGNUM *default_N;
} SRP_VBASE;
/*
@@ -61,8 +61,8 @@ typedef struct SRP_VBASE_st {
*/
typedef struct SRP_gN_st {
char *id;
- BIGNUM *g;
- BIGNUM *N;
+ const BIGNUM *g;
+ const BIGNUM *N;
} SRP_gN;
DEFINE_STACK_OF(SRP_gN)
@@ -103,22 +103,23 @@ int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt,
# define DB_SRP_MODIF 'v'
/* see srp.c */
-char *SRP_check_known_gN_param(BIGNUM *g, BIGNUM *N);
+char *SRP_check_known_gN_param(const BIGNUM *g, const BIGNUM *N);
SRP_gN *SRP_get_default_gN(const char *id);
/* server side .... */
-BIGNUM *SRP_Calc_server_key(BIGNUM *A, BIGNUM *v, BIGNUM *u, BIGNUM *b,
- BIGNUM *N);
-BIGNUM *SRP_Calc_B(BIGNUM *b, BIGNUM *N, BIGNUM *g, BIGNUM *v);
-int SRP_Verify_A_mod_N(BIGNUM *A, BIGNUM *N);
-BIGNUM *SRP_Calc_u(BIGNUM *A, BIGNUM *B, BIGNUM *N);
+BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u,
+ const BIGNUM *b, const BIGNUM *N);
+BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g,
+ const BIGNUM *v);
+int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N);
+BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N);
/* client side .... */
-BIGNUM *SRP_Calc_x(BIGNUM *s, const char *user, const char *pass);
-BIGNUM *SRP_Calc_A(BIGNUM *a, BIGNUM *N, BIGNUM *g);
-BIGNUM *SRP_Calc_client_key(BIGNUM *N, BIGNUM *B, BIGNUM *g, BIGNUM *x,
- BIGNUM *a, BIGNUM *u);
-int SRP_Verify_B_mod_N(BIGNUM *B, BIGNUM *N);
+BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass);
+BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g);
+BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g,
+ const BIGNUM *x, const BIGNUM *a, const BIGNUM *u);
+int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N);
# define SRP_MINIMAL_N 1024
diff --git a/include/openssl/ts.h b/include/openssl/ts.h
index d512648..3fbaf55 100644
--- a/include/openssl/ts.h
+++ b/include/openssl/ts.h
@@ -306,7 +306,7 @@ typedef int (*TS_extension_cb) (struct TS_resp_ctx *, X509_EXTENSION *,
typedef struct TS_resp_ctx TS_RESP_CTX;
-DEFINE_STACK_OF(EVP_MD)
+DEFINE_STACK_OF_CONST(EVP_MD)
/* Creates a response context that can be used for generating responses. */
TS_RESP_CTX *TS_RESP_CTX_new(void);
More information about the openssl-commits
mailing list