diff options
-rw-r--r-- | CHANGES | 5 | ||||
-rw-r--r-- | apps/ciphers.c | 2 | ||||
-rw-r--r-- | apps/s_client.c | 2 | ||||
-rw-r--r-- | apps/s_server.c | 2 | ||||
-rw-r--r-- | apps/s_time.c | 2 | ||||
-rw-r--r-- | doc/ssl/SSL_CTX_new.pod | 2 | ||||
-rw-r--r-- | doc/ssl/SSL_CTX_set_ssl_version.pod | 6 | ||||
-rw-r--r-- | doc/ssl/ssl.pod | 26 | ||||
-rw-r--r-- | ssl/d1_clnt.c | 4 | ||||
-rw-r--r-- | ssl/d1_meth.c | 4 | ||||
-rw-r--r-- | ssl/d1_srvr.c | 4 | ||||
-rw-r--r-- | ssl/s23_clnt.c | 4 | ||||
-rw-r--r-- | ssl/s23_meth.c | 4 | ||||
-rw-r--r-- | ssl/s23_srvr.c | 4 | ||||
-rw-r--r-- | ssl/s2_clnt.c | 4 | ||||
-rw-r--r-- | ssl/s2_meth.c | 4 | ||||
-rw-r--r-- | ssl/s2_srvr.c | 4 | ||||
-rw-r--r-- | ssl/s3_clnt.c | 4 | ||||
-rw-r--r-- | ssl/s3_meth.c | 4 | ||||
-rw-r--r-- | ssl/s3_srvr.c | 4 | ||||
-rw-r--r-- | ssl/ssl.h | 44 | ||||
-rw-r--r-- | ssl/ssl_lib.c | 8 | ||||
-rw-r--r-- | ssl/ssl_locl.h | 20 | ||||
-rw-r--r-- | ssl/ssl_sess.c | 2 | ||||
-rw-r--r-- | ssl/ssltest.c | 2 | ||||
-rw-r--r-- | ssl/t1_clnt.c | 4 | ||||
-rw-r--r-- | ssl/t1_meth.c | 4 | ||||
-rw-r--r-- | ssl/t1_srvr.c | 4 |
28 files changed, 94 insertions, 89 deletions
@@ -4,6 +4,11 @@ Changes between 0.9.8 and 0.9.9 [xx XXX xxxx] + *) Let the TLSv1_method() etc. functions return a 'const' SSL_METHOD + pointer and make the SSL_METHOD parameter in SSL_CTX_new, + SSL_CTX_set_ssl_version and SSL_set_ssl_method 'const'. + [Nils Larsch] + *) Modify CRL distribution points extension code to print out previously unsupported fields. Enhance extension setting code to allow setting of all fields. diff --git a/apps/ciphers.c b/apps/ciphers.c index 43f0ac594a..f5e8700a01 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -90,7 +90,7 @@ int MAIN(int argc, char **argv) SSL_CTX *ctx=NULL; SSL *ssl=NULL; char *ciphers=NULL; - SSL_METHOD *meth=NULL; + const SSL_METHOD *meth=NULL; STACK_OF(SSL_CIPHER) *sk; char buf[512]; BIO *STDout=NULL; diff --git a/apps/s_client.c b/apps/s_client.c index b22f3196e6..6478ae321a 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -262,7 +262,7 @@ int MAIN(int argc, char **argv) int ret=1,in_init=1,i,nbio_test=0; int starttls_proto = 0; int prexit = 0, vflags = 0; - SSL_METHOD *meth=NULL; + const SSL_METHOD *meth=NULL; #ifdef sock_type #undef sock_type #endif diff --git a/apps/s_server.c b/apps/s_server.c index f83dd82343..41b9736025 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -544,7 +544,7 @@ int MAIN(int argc, char *argv[]) int off=0; int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0; int state=0; - SSL_METHOD *meth=NULL; + const SSL_METHOD *meth=NULL; #ifdef sock_type #undef sock_type #endif diff --git a/apps/s_time.c b/apps/s_time.c index 904945e1a8..606de54a86 100644 --- a/apps/s_time.c +++ b/apps/s_time.c @@ -177,7 +177,7 @@ static char *tm_cipher=NULL; static int tm_verify = SSL_VERIFY_NONE; static int maxTime = SECONDS; static SSL_CTX *tm_ctx=NULL; -static SSL_METHOD *s_time_meth=NULL; +static const SSL_METHOD *s_time_meth=NULL; static char *s_www_path=NULL; static long bytes_read=0; static int st_bugs=0; diff --git a/doc/ssl/SSL_CTX_new.pod b/doc/ssl/SSL_CTX_new.pod index 465220a75c..73e8c47f9a 100644 --- a/doc/ssl/SSL_CTX_new.pod +++ b/doc/ssl/SSL_CTX_new.pod @@ -8,7 +8,7 @@ SSL_CTX_new - create a new SSL_CTX object as framework for TLS/SSL enabled funct #include <openssl/ssl.h> - SSL_CTX *SSL_CTX_new(SSL_METHOD *method); + SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); =head1 DESCRIPTION diff --git a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod index 0020180965..254f2b4397 100644 --- a/doc/ssl/SSL_CTX_set_ssl_version.pod +++ b/doc/ssl/SSL_CTX_set_ssl_version.pod @@ -9,9 +9,9 @@ SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method #include <openssl/ssl.h> - int SSL_CTX_set_ssl_version(SSL_CTX *ctx, SSL_METHOD *method); - int SSL_set_ssl_method(SSL *s, SSL_METHOD *method); - SSL_METHOD *SSL_get_ssl_method(SSL *ssl); + int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *method); + int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); + const SSL_METHOD *SSL_get_ssl_method(SSL *ssl); =head1 DESCRIPTION diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod index 266697d221..8391c66650 100644 --- a/doc/ssl/ssl.pod +++ b/doc/ssl/ssl.pod @@ -130,39 +130,39 @@ protocol methods defined in B<SSL_METHOD> structures. =over 4 -=item SSL_METHOD *B<SSLv2_client_method>(void); +=item const SSL_METHOD *B<SSLv2_client_method>(void); Constructor for the SSLv2 SSL_METHOD structure for a dedicated client. -=item SSL_METHOD *B<SSLv2_server_method>(void); +=item const SSL_METHOD *B<SSLv2_server_method>(void); Constructor for the SSLv2 SSL_METHOD structure for a dedicated server. -=item SSL_METHOD *B<SSLv2_method>(void); +=item const SSL_METHOD *B<SSLv2_method>(void); Constructor for the SSLv2 SSL_METHOD structure for combined client and server. -=item SSL_METHOD *B<SSLv3_client_method>(void); +=item const SSL_METHOD *B<SSLv3_client_method>(void); Constructor for the SSLv3 SSL_METHOD structure for a dedicated client. -=item SSL_METHOD *B<SSLv3_server_method>(void); +=item const SSL_METHOD *B<SSLv3_server_method>(void); Constructor for the SSLv3 SSL_METHOD structure for a dedicated server. -=item SSL_METHOD *B<SSLv3_method>(void); +=item const SSL_METHOD *B<SSLv3_method>(void); Constructor for the SSLv3 SSL_METHOD structure for combined client and server. -=item SSL_METHOD *B<TLSv1_client_method>(void); +=item const SSL_METHOD *B<TLSv1_client_method>(void); Constructor for the TLSv1 SSL_METHOD structure for a dedicated client. -=item SSL_METHOD *B<TLSv1_server_method>(void); +=item cosnt SSL_METHOD *B<TLSv1_server_method>(void); Constructor for the TLSv1 SSL_METHOD structure for a dedicated server. -=item SSL_METHOD *B<TLSv1_method>(void); +=item const SSL_METHOD *B<TLSv1_method>(void); Constructor for the TLSv1 SSL_METHOD structure for combined client and server. @@ -249,7 +249,7 @@ protocol context defined in the B<SSL_CTX> structure. =item long B<SSL_CTX_need_tmp_RSA>(SSL_CTX *ctx); -=item SSL_CTX *B<SSL_CTX_new>(SSL_METHOD *meth); +=item SSL_CTX *B<SSL_CTX_new>(const SSL_METHOD *meth); =item int B<SSL_CTX_remove_session>(SSL_CTX *ctx, SSL_SESSION *c); @@ -327,7 +327,7 @@ protocol context defined in the B<SSL_CTX> structure. =item void B<SSL_CTX_set_session_cache_mode>(SSL_CTX *ctx, int mode); -=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, SSL_METHOD *meth); +=item int B<SSL_CTX_set_ssl_version>(SSL_CTX *ctx, const SSL_METHOD *meth); =item void B<SSL_CTX_set_timeout>(SSL_CTX *ctx, long t); @@ -512,7 +512,7 @@ connection defined in the B<SSL> structure. =item int B<SSL_get_shutdown>(const SSL *ssl); -=item SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl); +=item const SSL_METHOD *B<SSL_get_ssl_method>(SSL *ssl); =item int B<SSL_get_state>(const SSL *ssl); @@ -596,7 +596,7 @@ connection defined in the B<SSL> structure. =item void B<SSL_set_shutdown>(SSL *ssl, int mode); -=item int B<SSL_set_ssl_method>(SSL *ssl, SSL_METHOD *meth); +=item int B<SSL_set_ssl_method>(SSL *ssl, const SSL_METHOD *meth); =item void B<SSL_set_time>(SSL *ssl, long t); diff --git a/ssl/d1_clnt.c b/ssl/d1_clnt.c index 15ccf435fc..7b38da0b7c 100644 --- a/ssl/d1_clnt.c +++ b/ssl/d1_clnt.c @@ -125,10 +125,10 @@ #include <openssl/dh.h> #endif -static SSL_METHOD *dtls1_get_client_method(int ver); +static const SSL_METHOD *dtls1_get_client_method(int ver); static int dtls1_get_hello_verify(SSL *s); -static SSL_METHOD *dtls1_get_client_method(int ver) +static const SSL_METHOD *dtls1_get_client_method(int ver) { if (ver == DTLS1_VERSION) return(DTLSv1_client_method()); diff --git a/ssl/d1_meth.c b/ssl/d1_meth.c index 8a6cf31947..5c4004bfe3 100644 --- a/ssl/d1_meth.c +++ b/ssl/d1_meth.c @@ -61,8 +61,8 @@ #include <openssl/objects.h> #include "ssl_locl.h" -static SSL_METHOD *dtls1_get_method(int ver); -static SSL_METHOD *dtls1_get_method(int ver) +static const SSL_METHOD *dtls1_get_method(int ver); +static const SSL_METHOD *dtls1_get_method(int ver) { if (ver == DTLS1_VERSION) return(DTLSv1_method()); diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c index 6057c1088d..4847a866b5 100644 --- a/ssl/d1_srvr.c +++ b/ssl/d1_srvr.c @@ -126,10 +126,10 @@ #include <openssl/dh.h> #endif -static SSL_METHOD *dtls1_get_server_method(int ver); +static const SSL_METHOD *dtls1_get_server_method(int ver); static int dtls1_send_hello_verify_request(SSL *s); -static SSL_METHOD *dtls1_get_server_method(int ver) +static const SSL_METHOD *dtls1_get_server_method(int ver) { if (ver == DTLS1_VERSION) return(DTLSv1_server_method()); diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c index 8bac26c5ac..045a953ce4 100644 --- a/ssl/s23_clnt.c +++ b/ssl/s23_clnt.c @@ -63,10 +63,10 @@ #include <openssl/objects.h> #include <openssl/evp.h> -static SSL_METHOD *ssl23_get_client_method(int ver); +static const SSL_METHOD *ssl23_get_client_method(int ver); static int ssl23_client_hello(SSL *s); static int ssl23_get_server_hello(SSL *s); -static SSL_METHOD *ssl23_get_client_method(int ver) +static const SSL_METHOD *ssl23_get_client_method(int ver) { #ifndef OPENSSL_NO_SSL2 if (ver == SSL2_VERSION) diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c index c88569d32c..115dc11a7e 100644 --- a/ssl/s23_meth.c +++ b/ssl/s23_meth.c @@ -60,8 +60,8 @@ #include <openssl/objects.h> #include "ssl_locl.h" -static SSL_METHOD *ssl23_get_method(int ver); -static SSL_METHOD *ssl23_get_method(int ver) +static const SSL_METHOD *ssl23_get_method(int ver); +static const SSL_METHOD *ssl23_get_method(int ver) { if (ver == SSL2_VERSION) return(SSLv2_method()); diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c index 945a2c9872..7168385659 100644 --- a/ssl/s23_srvr.c +++ b/ssl/s23_srvr.c @@ -116,9 +116,9 @@ #include <openssl/objects.h> #include <openssl/evp.h> -static SSL_METHOD *ssl23_get_server_method(int ver); +static const SSL_METHOD *ssl23_get_server_method(int ver); int ssl23_get_client_hello(SSL *s); -static SSL_METHOD *ssl23_get_server_method(int ver) +static const SSL_METHOD *ssl23_get_server_method(int ver) { #ifndef OPENSSL_NO_SSL2 if (ver == SSL2_VERSION) diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c index 0c9e24d5c4..d5eefbdc2a 100644 --- a/ssl/s2_clnt.c +++ b/ssl/s2_clnt.c @@ -117,7 +117,7 @@ #include <openssl/objects.h> #include <openssl/evp.h> -static SSL_METHOD *ssl2_get_client_method(int ver); +static const SSL_METHOD *ssl2_get_client_method(int ver); static int get_server_finished(SSL *s); static int get_server_verify(SSL *s); static int get_server_hello(SSL *s); @@ -129,7 +129,7 @@ static int ssl_rsa_public_encrypt(SESS_CERT *sc, int len, unsigned char *from, unsigned char *to,int padding); #define BREAK break -static SSL_METHOD *ssl2_get_client_method(int ver) +static const SSL_METHOD *ssl2_get_client_method(int ver) { if (ver == SSL2_VERSION) return(SSLv2_client_method()); diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c index a35e435b71..2bffa78ff4 100644 --- a/ssl/s2_meth.c +++ b/ssl/s2_meth.c @@ -61,8 +61,8 @@ #include <stdio.h> #include <openssl/objects.h> -static SSL_METHOD *ssl2_get_method(int ver); -static SSL_METHOD *ssl2_get_method(int ver) +static const SSL_METHOD *ssl2_get_method(int ver); +static const SSL_METHOD *ssl2_get_method(int ver) { if (ver == SSL2_VERSION) return(SSLv2_method()); diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c index 247cc89155..f0a1d4c3a9 100644 --- a/ssl/s2_srvr.c +++ b/ssl/s2_srvr.c @@ -117,7 +117,7 @@ #include <openssl/objects.h> #include <openssl/evp.h> -static SSL_METHOD *ssl2_get_server_method(int ver); +static const SSL_METHOD *ssl2_get_server_method(int ver); static int get_client_master_key(SSL *s); static int get_client_hello(SSL *s); static int server_hello(SSL *s); @@ -129,7 +129,7 @@ static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from, unsigned char *to,int padding); #define BREAK break -static SSL_METHOD *ssl2_get_server_method(int ver) +static const SSL_METHOD *ssl2_get_server_method(int ver) { if (ver == SSL2_VERSION) return(SSLv2_server_method()); diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c index 51d4c48724..34d0f345a5 100644 --- a/ssl/s3_clnt.c +++ b/ssl/s3_clnt.c @@ -135,7 +135,7 @@ #endif #include <openssl/bn.h> -static SSL_METHOD *ssl3_get_client_method(int ver); +static const SSL_METHOD *ssl3_get_client_method(int ver); static int ca_dn_cmp(const X509_NAME * const *a,const X509_NAME * const *b); #ifndef OPENSSL_NO_ECDH @@ -143,7 +143,7 @@ static int curve_id2nid(int curve_id); int check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs); #endif -static SSL_METHOD *ssl3_get_client_method(int ver) +static const SSL_METHOD *ssl3_get_client_method(int ver) { if (ver == SSL3_VERSION) return(SSLv3_client_method()); diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c index 6a6eb1c58f..6b39ce89f6 100644 --- a/ssl/s3_meth.c +++ b/ssl/s3_meth.c @@ -60,8 +60,8 @@ #include <openssl/objects.h> #include "ssl_locl.h" -static SSL_METHOD *ssl3_get_method(int ver); -static SSL_METHOD *ssl3_get_method(int ver) +static const SSL_METHOD *ssl3_get_method(int ver); +static const SSL_METHOD *ssl3_get_method(int ver) { if (ver == SSL3_VERSION) return(SSLv3_method()); diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c index 7cc7634bb3..3e11cc4e84 100644 --- a/ssl/s3_srvr.c +++ b/ssl/s3_srvr.c @@ -142,13 +142,13 @@ #endif #include <openssl/md5.h> -static SSL_METHOD *ssl3_get_server_method(int ver); +static const SSL_METHOD *ssl3_get_server_method(int ver); #ifndef OPENSSL_NO_ECDH static int nid2curve_id(int nid); #endif -static SSL_METHOD *ssl3_get_server_method(int ver) +static const SSL_METHOD *ssl3_get_server_method(int ver) { if (ver == SSL3_VERSION) return(SSLv3_server_method()); @@ -389,7 +389,7 @@ typedef struct ssl_method_st int (*ssl_pending)(const SSL *s); int (*num_ciphers)(void); SSL_CIPHER *(*get_cipher)(unsigned ncipher); - struct ssl_method_st *(*get_ssl_method)(int version); + const struct ssl_method_st *(*get_ssl_method)(int version); long (*get_timeout)(void); struct ssl3_enc_method *ssl3_enc; /* Extra SSLv3/TLS stuff */ int (*ssl_version)(void); @@ -616,7 +616,7 @@ DECLARE_STACK_OF(SSL_COMP) struct ssl_ctx_st { - SSL_METHOD *method; + const SSL_METHOD *method; STACK_OF(SSL_CIPHER) *cipher_list; /* same as above but sorted for lookup */ @@ -818,7 +818,7 @@ struct ssl_st int version; int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */ - SSL_METHOD *method; /* SSLv3 */ + const SSL_METHOD *method; /* SSLv3 */ /* There are 2 BIO's even though they are normally both the * same. This is so data can be read and written to different @@ -1212,7 +1212,7 @@ void BIO_ssl_shutdown(BIO *ssl_bio); #endif int SSL_CTX_set_cipher_list(SSL_CTX *,const char *str); -SSL_CTX *SSL_CTX_new(SSL_METHOD *meth); +SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth); void SSL_CTX_free(SSL_CTX *); long SSL_CTX_set_timeout(SSL_CTX *ctx,long t); long SSL_CTX_get_timeout(const SSL_CTX *ctx); @@ -1371,27 +1371,27 @@ int SSL_get_error(const SSL *s,int ret_code); const char *SSL_get_version(const SSL *s); /* This sets the 'default' SSL version that SSL_new() will create */ -int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth); +int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth); -SSL_METHOD *SSLv2_method(void); /* SSLv2 */ -SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ -SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ +const SSL_METHOD *SSLv2_method(void); /* SSLv2 */ +const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */ +const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */ -SSL_METHOD *SSLv3_method(void); /* SSLv3 */ -SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ -SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ +const SSL_METHOD *SSLv3_method(void); /* SSLv3 */ +const SSL_METHOD *SSLv3_server_method(void); /* SSLv3 */ +const SSL_METHOD *SSLv3_client_method(void); /* SSLv3 */ -SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */ -SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */ -SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */ +const SSL_METHOD *SSLv23_method(void); /* SSLv3 but can rollback to v2 */ +const SSL_METHOD *SSLv23_server_method(void); /* SSLv3 but can rollback to v2 */ +const SSL_METHOD *SSLv23_client_method(void); /* SSLv3 but can rollback to v2 */ -SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ -SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ -SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ +const SSL_METHOD *TLSv1_method(void); /* TLSv1.0 */ +const SSL_METHOD *TLSv1_server_method(void); /* TLSv1.0 */ +const SSL_METHOD *TLSv1_client_method(void); /* TLSv1.0 */ -SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */ -SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */ -SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */ +const SSL_METHOD *DTLSv1_method(void); /* DTLSv1.0 */ +const SSL_METHOD *DTLSv1_server_method(void); /* DTLSv1.0 */ +const SSL_METHOD *DTLSv1_client_method(void); /* DTLSv1.0 */ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s); @@ -1400,8 +1400,8 @@ int SSL_renegotiate(SSL *s); int SSL_renegotiate_pending(SSL *s); int SSL_shutdown(SSL *s); -SSL_METHOD *SSL_get_ssl_method(SSL *s); -int SSL_set_ssl_method(SSL *s,SSL_METHOD *method); +const SSL_METHOD *SSL_get_ssl_method(SSL *s); +int SSL_set_ssl_method(SSL *s, const SSL_METHOD *method); const char *SSL_alert_type_string_long(int value); const char *SSL_alert_type_string(int value); const char *SSL_alert_desc_string_long(int value); diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index f8c8e1d8ac..6955215c1f 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -212,7 +212,7 @@ int SSL_clear(SSL *s) } /** Used to change an SSL_CTXs default SSL method type */ -int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth) +int SSL_CTX_set_ssl_version(SSL_CTX *ctx,const SSL_METHOD *meth) { STACK_OF(SSL_CIPHER) *sk; @@ -1330,7 +1330,7 @@ int SSL_SESSION_cmp(const SSL_SESSION *a,const SSL_SESSION *b) static IMPLEMENT_LHASH_HASH_FN(SSL_SESSION_hash, SSL_SESSION *) static IMPLEMENT_LHASH_COMP_FN(SSL_SESSION_cmp, SSL_SESSION *) -SSL_CTX *SSL_CTX_new(SSL_METHOD *meth) +SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) { SSL_CTX *ret=NULL; @@ -1899,12 +1899,12 @@ void ssl_update_cache(SSL *s,int mode) } } -SSL_METHOD *SSL_get_ssl_method(SSL *s) +const SSL_METHOD *SSL_get_ssl_method(SSL *s) { return(s->method); } -int SSL_set_ssl_method(SSL *s,SSL_METHOD *meth) +int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth) { int conn= -1; int ret=1; diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h index fb2cbfdd68..0b81e09091 100644 --- a/ssl/ssl_locl.h +++ b/ssl/ssl_locl.h @@ -517,9 +517,9 @@ extern SSL3_ENC_METHOD SSLv3_enc_data; extern SSL3_ENC_METHOD DTLSv1_enc_data; #define IMPLEMENT_tls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -SSL_METHOD *func_name(void) \ +const SSL_METHOD *func_name(void) \ { \ - static SSL_METHOD func_name##_data= { \ + static const SSL_METHOD func_name##_data= { \ TLS1_VERSION, \ tls1_new, \ tls1_clear, \ @@ -554,9 +554,9 @@ SSL_METHOD *func_name(void) \ } #define IMPLEMENT_ssl3_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -SSL_METHOD *func_name(void) \ +const SSL_METHOD *func_name(void) \ { \ - static SSL_METHOD func_name##_data= { \ + static const SSL_METHOD func_name##_data= { \ SSL3_VERSION, \ ssl3_new, \ ssl3_clear, \ @@ -591,9 +591,9 @@ SSL_METHOD *func_name(void) \ } #define IMPLEMENT_ssl23_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -SSL_METHOD *func_name(void) \ +const SSL_METHOD *func_name(void) \ { \ - static SSL_METHOD func_name##_data= { \ + static const SSL_METHOD func_name##_data= { \ TLS1_VERSION, \ tls1_new, \ tls1_clear, \ @@ -628,9 +628,9 @@ SSL_METHOD *func_name(void) \ } #define IMPLEMENT_ssl2_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -SSL_METHOD *func_name(void) \ +const SSL_METHOD *func_name(void) \ { \ - static SSL_METHOD func_name##_data= { \ + static const SSL_METHOD func_name##_data= { \ SSL2_VERSION, \ ssl2_new, /* local */ \ ssl2_clear, /* local */ \ @@ -665,9 +665,9 @@ SSL_METHOD *func_name(void) \ } #define IMPLEMENT_dtls1_meth_func(func_name, s_accept, s_connect, s_get_meth) \ -SSL_METHOD *func_name(void) \ +const SSL_METHOD *func_name(void) \ { \ - static SSL_METHOD func_name##_data= { \ + static const SSL_METHOD func_name##_data= { \ DTLS1_VERSION, \ dtls1_new, \ dtls1_clear, \ diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 5d00a98a74..1da69cf787 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -553,7 +553,7 @@ void SSL_SESSION_free(SSL_SESSION *ss) int SSL_set_session(SSL *s, SSL_SESSION *session) { int ret=0; - SSL_METHOD *meth; + const SSL_METHOD *meth; if (session != NULL) { diff --git a/ssl/ssltest.c b/ssl/ssltest.c index 8c04e7434d..ee4e99af64 100644 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -401,7 +401,7 @@ int main(int argc, char *argv[]) #endif SSL_CTX *s_ctx=NULL; SSL_CTX *c_ctx=NULL; - SSL_METHOD *meth=NULL; + const SSL_METHOD *meth=NULL; SSL *c_ssl,*s_ssl; int number=1,reuse=0; long bytes=256L; diff --git a/ssl/t1_clnt.c b/ssl/t1_clnt.c index 4d1e198cdc..c87af17712 100644 --- a/ssl/t1_clnt.c +++ b/ssl/t1_clnt.c @@ -63,8 +63,8 @@ #include <openssl/objects.h> #include <openssl/evp.h> -static SSL_METHOD *tls1_get_client_method(int ver); -static SSL_METHOD *tls1_get_client_method(int ver) +static const SSL_METHOD *tls1_get_client_method(int ver); +static const SSL_METHOD *tls1_get_client_method(int ver) { if (ver == TLS1_VERSION) return(TLSv1_client_method()); diff --git a/ssl/t1_meth.c b/ssl/t1_meth.c index f5d8df634e..6ce7c0bbf5 100644 --- a/ssl/t1_meth.c +++ b/ssl/t1_meth.c @@ -60,8 +60,8 @@ #include <openssl/objects.h> #include "ssl_locl.h" -static SSL_METHOD *tls1_get_method(int ver); -static SSL_METHOD *tls1_get_method(int ver) +static const SSL_METHOD *tls1_get_method(int ver); +static const SSL_METHOD *tls1_get_method(int ver) { if (ver == TLS1_VERSION) return(TLSv1_method()); diff --git a/ssl/t1_srvr.c b/ssl/t1_srvr.c index b75636abba..42525e9e89 100644 --- a/ssl/t1_srvr.c +++ b/ssl/t1_srvr.c @@ -64,8 +64,8 @@ #include <openssl/evp.h> #include <openssl/x509.h> -static SSL_METHOD *tls1_get_server_method(int ver); -static SSL_METHOD *tls1_get_server_method(int ver) +static const SSL_METHOD *tls1_get_server_method(int ver); +static const SSL_METHOD *tls1_get_server_method(int ver) { if (ver == TLS1_VERSION) return(TLSv1_server_method()); |