From 9a6593877b3a9950f41f5864a96119f362910241 Mon Sep 17 00:00:00 2001 From: tb Date: Fri, 24 Aug 2018 20:03:21 +0000 Subject: [PATCH] Add const to two arguments of OCSP_cert_to_id() tested in a bulk by sthen ok jsing --- lib/libcrypto/ocsp/ocsp.h | 5 +++-- lib/libcrypto/ocsp/ocsp_lib.c | 8 ++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/lib/libcrypto/ocsp/ocsp.h b/lib/libcrypto/ocsp/ocsp.h index fd3d45afb2b..316fb8ed937 100644 --- a/lib/libcrypto/ocsp/ocsp.h +++ b/lib/libcrypto/ocsp/ocsp.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp.h,v 1.15 2018/05/13 10:42:03 tb Exp $ */ +/* $OpenBSD: ocsp.h,v 1.16 2018/08/24 20:03:21 tb Exp $ */ /* Written by Tom Titchener for the OpenSSL * project. */ @@ -392,7 +392,8 @@ int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, OCSP_REQUEST *req); int OCSP_REQ_CTX_add1_header(OCSP_REQ_CTX *rctx, const char *name, const char *value); -OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer); +OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, + const X509 *issuer); OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, const X509_NAME *issuerName, const ASN1_BIT_STRING *issuerKey, const ASN1_INTEGER *serialNumber); diff --git a/lib/libcrypto/ocsp/ocsp_lib.c b/lib/libcrypto/ocsp/ocsp_lib.c index 0d95a9d0ec8..53d516020da 100644 --- a/lib/libcrypto/ocsp/ocsp_lib.c +++ b/lib/libcrypto/ocsp/ocsp_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ocsp_lib.c,v 1.22 2018/05/13 10:42:03 tb Exp $ */ +/* $OpenBSD: ocsp_lib.c,v 1.23 2018/08/24 20:03:21 tb Exp $ */ /* Written by Tom Titchener for the OpenSSL * project. */ @@ -77,10 +77,10 @@ /* Convert a certificate and its issuer to an OCSP_CERTID */ OCSP_CERTID * -OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) +OCSP_cert_to_id(const EVP_MD *dgst, const X509 *subject, const X509 *issuer) { X509_NAME *iname; - ASN1_INTEGER *serial; + const ASN1_INTEGER *serial; ASN1_BIT_STRING *ikey; #ifndef OPENSSL_NO_SHA1 @@ -89,7 +89,7 @@ OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) #endif if (subject) { iname = X509_get_issuer_name(subject); - serial = X509_get_serialNumber(subject); + serial = X509_get0_serialNumber(subject); } else { iname = X509_get_subject_name(issuer); serial = NULL; -- 2.20.1