Make error constants const in libssl

This could be made cleaner if we expose ERR_load_const_strings(), but for now this hackier version with casts achieves the same and removes the last unprotected modifiable globals in this library. ok jsing
author: tb <> 2024-07-13 17:42:13 +0000
committer: tb <> 2024-07-13 17:42:13 +0000
commit: 887938c431474ff916a38fb6794af1148ce9393b (patch)
tree: 44c945811ced223484deb5ba19d9fd10d48856a6 /src/lib/libssl/ssl_err.c
parent: 619acf361b7374579dfd97deb36c2a1c70d560d0 (diff)
download: openbsd-887938c431474ff916a38fb6794af1148ce9393b.tar.gz
openbsd-887938c431474ff916a38fb6794af1148ce9393b.tar.bz2
openbsd-887938c431474ff916a38fb6794af1148ce9393b.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c
index 5b130d45e7..61d72fac6a 100644
--- a/src/lib/libssl/ssl_err.c
+++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_err.c,v 1.49 2024/06/24 06:50:07 tb Exp $ */
+/* $OpenBSD: ssl_err.c,v 1.50 2024/07/13 17:42:13 tb Exp $ */
 /* ====================================================================
 * Copyright (c) 1999-2011 The OpenSSL Project.  All rights reserved.
 *
@@ -67,7 +67,7 @@
 #define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
 /* See SSL_state_func_code below */
-static ERR_STRING_DATA SSL_str_functs[] = {
+static const ERR_STRING_DATA SSL_str_functs[] = {
        {ERR_FUNC(1),  "CONNECT_CW_FLUSH"},
        {ERR_FUNC(2),  "CONNECT_CW_CLNT_HELLO"},
        {ERR_FUNC(3),  "CONNECT_CW_CLNT_HELLO"},
@@ -153,7 +153,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
        {0, NULL}
 };
-static ERR_STRING_DATA SSL_str_reasons[]= {
+static const ERR_STRING_DATA SSL_str_reasons[] = {
        {ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"},
        {ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"},
        {ERR_REASON(SSL_R_BAD_ALERT_RECORD)      , "bad alert record"},
@@ -476,8 +476,8 @@ ERR_load_SSL_strings(void)
 {
 #ifndef OPENSSL_NO_ERR
        if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
-                ERR_load_strings(0, SSL_str_functs);
+                ERR_load_strings(0, (ERR_STRING_DATA *)SSL_str_functs);
-                ERR_load_strings(0, SSL_str_reasons);
+                ERR_load_strings(0, (ERR_STRING_DATA *)SSL_str_reasons);
        }
 #endif
 }
author	tb <>	2024-07-13 17:42:13 +0000
committer	tb <>	2024-07-13 17:42:13 +0000
commit	887938c431474ff916a38fb6794af1148ce9393b (patch)
tree	44c945811ced223484deb5ba19d9fd10d48856a6 /src/lib/libssl/ssl_err.c
parent	619acf361b7374579dfd97deb36c2a1c70d560d0 (diff)
download	openbsd-887938c431474ff916a38fb6794af1148ce9393b.tar.gz openbsd-887938c431474ff916a38fb6794af1148ce9393b.tar.bz2 openbsd-887938c431474ff916a38fb6794af1148ce9393b.zip

diff --git a/src/lib/libssl/ssl_err.c b/src/lib/libssl/ssl_err.c index 5b130d45e7..61d72fac6a 100644 --- a/src/lib/libssl/ssl_err.c +++ b/src/lib/libssl/ssl_err.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_err.c,v 1.49 2024/06/24 06:50:07 tb Exp $ */	1	/* $OpenBSD: ssl_err.c,v 1.50 2024/07/13 17:42:13 tb Exp $ */
2	/* ====================================================================	2	/* ====================================================================
3	* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.	3	* Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4	*	4	*
@@ -67,7 +67,7 @@
67	#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)	67	#define ERR_REASON(reason) ERR_PACK(ERR_LIB_SSL,0,reason)
68		68
69	/* See SSL_state_func_code below */	69	/* See SSL_state_func_code below */
70	static ERR_STRING_DATA SSL_str_functs[] = {	70	static const ERR_STRING_DATA SSL_str_functs[] = {
71	{ERR_FUNC(1), "CONNECT_CW_FLUSH"},	71	{ERR_FUNC(1), "CONNECT_CW_FLUSH"},
72	{ERR_FUNC(2), "CONNECT_CW_CLNT_HELLO"},	72	{ERR_FUNC(2), "CONNECT_CW_CLNT_HELLO"},
73	{ERR_FUNC(3), "CONNECT_CW_CLNT_HELLO"},	73	{ERR_FUNC(3), "CONNECT_CW_CLNT_HELLO"},
@@ -153,7 +153,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
153	{0, NULL}	153	{0, NULL}
154	};	154	};
155		155
156	static ERR_STRING_DATA SSL_str_reasons[]= {	156	static const ERR_STRING_DATA SSL_str_reasons[] = {
157	{ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"},	157	{ERR_REASON(SSL_R_APP_DATA_IN_HANDSHAKE) , "app data in handshake"},
158	{ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"},	158	{ERR_REASON(SSL_R_ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT), "attempt to reuse session in different context"},
159	{ERR_REASON(SSL_R_BAD_ALERT_RECORD) , "bad alert record"},	159	{ERR_REASON(SSL_R_BAD_ALERT_RECORD) , "bad alert record"},
@@ -476,8 +476,8 @@ ERR_load_SSL_strings(void)
476	{	476	{
477	#ifndef OPENSSL_NO_ERR	477	#ifndef OPENSSL_NO_ERR
478	if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {	478	if (ERR_func_error_string(SSL_str_functs[0].error) == NULL) {
479	ERR_load_strings(0, SSL_str_functs);	479	ERR_load_strings(0, (ERR_STRING_DATA *)SSL_str_functs);
480	ERR_load_strings(0, SSL_str_reasons);	480	ERR_load_strings(0, (ERR_STRING_DATA *)SSL_str_reasons);
481	}	481	}
482	#endif	482	#endif
483	}	483	}