1 files changed, 8 insertions, 8 deletions
diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c
index 6378ec8c07..1b5aad72f7 100644
--- a/src/lib/libssl/ssl_sigalgs.c
+++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.21 2020/05/09 16:52:15 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.22 2020/10/11 01:13:04 guenther Exp $ */
 /*
 * Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
 *
@@ -144,7 +144,7 @@ const struct ssl_sigalg sigalgs[] = {
 };
 /* Sigalgs for tls 1.3, in preference order, */
-uint16_t tls13_sigalgs[] = {
+const uint16_t tls13_sigalgs[] = {
        SIGALG_RSA_PSS_RSAE_SHA512,
        SIGALG_RSA_PKCS1_SHA512,
        SIGALG_ECDSA_SECP521R1_SHA512,
@@ -155,10 +155,10 @@ uint16_t tls13_sigalgs[] = {
        SIGALG_RSA_PKCS1_SHA256,
        SIGALG_ECDSA_SECP256R1_SHA256,
 };
-size_t tls13_sigalgs_len = (sizeof(tls13_sigalgs) / sizeof(tls13_sigalgs[0]));
+const size_t tls13_sigalgs_len = (sizeof(tls13_sigalgs) / sizeof(tls13_sigalgs[0]));
 /* Sigalgs for tls 1.2, in preference order, */
-uint16_t tls12_sigalgs[] = {
+const uint16_t tls12_sigalgs[] = {
        SIGALG_RSA_PSS_RSAE_SHA512,
        SIGALG_RSA_PKCS1_SHA512,
        SIGALG_ECDSA_SECP521R1_SHA512,
@@ -171,7 +171,7 @@ uint16_t tls12_sigalgs[] = {
        SIGALG_RSA_PKCS1_SHA1, /* XXX */
        SIGALG_ECDSA_SHA1,     /* XXX */
 };
-size_t tls12_sigalgs_len = (sizeof(tls12_sigalgs) / sizeof(tls12_sigalgs[0]));
+const size_t tls12_sigalgs_len = (sizeof(tls12_sigalgs) / sizeof(tls12_sigalgs[0]));
 const struct ssl_sigalg *
 ssl_sigalg_lookup(uint16_t sigalg)
@@ -187,7 +187,7 @@ ssl_sigalg_lookup(uint16_t sigalg)
 }
 const struct ssl_sigalg *
-ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len)
+ssl_sigalg(uint16_t sigalg, const uint16_t *values, size_t len)
 {
        int i;
@@ -200,7 +200,7 @@ ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len)
 }
 int
-ssl_sigalgs_build(CBB *cbb, uint16_t *values, size_t len)
+ssl_sigalgs_build(CBB *cbb, const uint16_t *values, size_t len)
 {
        size_t i;
@@ -260,7 +260,7 @@ ssl_sigalg_pkey_ok(const struct ssl_sigalg *sigalg, EVP_PKEY *pkey,
 const struct ssl_sigalg *
 ssl_sigalg_select(SSL *s, EVP_PKEY *pkey)
 {
-        uint16_t *tls_sigalgs = tls12_sigalgs;
+        const uint16_t *tls_sigalgs = tls12_sigalgs;
        size_t tls_sigalgs_len = tls12_sigalgs_len;
        int check_curve = 0;
        CBS cbs;

diff --git a/src/lib/libssl/ssl_sigalgs.c b/src/lib/libssl/ssl_sigalgs.c index 6378ec8c07..1b5aad72f7 100644 --- a/src/lib/libssl/ssl_sigalgs.c +++ b/src/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sigalgs.c,v 1.21 2020/05/09 16:52:15 beck Exp $ */	1	/* $OpenBSD: ssl_sigalgs.c,v 1.22 2020/10/11 01:13:04 guenther Exp $ */
2	/*	2	/*
3	* Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>	3	* Copyright (c) 2018-2020 Bob Beck <beck@openbsd.org>
4	*	4	*
@@ -144,7 +144,7 @@ const struct ssl_sigalg sigalgs[] = {
144	};	144	};
145		145
146	/* Sigalgs for tls 1.3, in preference order, */	146	/* Sigalgs for tls 1.3, in preference order, */
147	uint16_t tls13_sigalgs[] = {	147	const uint16_t tls13_sigalgs[] = {
148	SIGALG_RSA_PSS_RSAE_SHA512,	148	SIGALG_RSA_PSS_RSAE_SHA512,
149	SIGALG_RSA_PKCS1_SHA512,	149	SIGALG_RSA_PKCS1_SHA512,
150	SIGALG_ECDSA_SECP521R1_SHA512,	150	SIGALG_ECDSA_SECP521R1_SHA512,
@@ -155,10 +155,10 @@ uint16_t tls13_sigalgs[] = {
155	SIGALG_RSA_PKCS1_SHA256,	155	SIGALG_RSA_PKCS1_SHA256,
156	SIGALG_ECDSA_SECP256R1_SHA256,	156	SIGALG_ECDSA_SECP256R1_SHA256,
157	};	157	};
158	size_t tls13_sigalgs_len = (sizeof(tls13_sigalgs) / sizeof(tls13_sigalgs[0]));	158	const size_t tls13_sigalgs_len = (sizeof(tls13_sigalgs) / sizeof(tls13_sigalgs[0]));
159		159
160	/* Sigalgs for tls 1.2, in preference order, */	160	/* Sigalgs for tls 1.2, in preference order, */
161	uint16_t tls12_sigalgs[] = {	161	const uint16_t tls12_sigalgs[] = {
162	SIGALG_RSA_PSS_RSAE_SHA512,	162	SIGALG_RSA_PSS_RSAE_SHA512,
163	SIGALG_RSA_PKCS1_SHA512,	163	SIGALG_RSA_PKCS1_SHA512,
164	SIGALG_ECDSA_SECP521R1_SHA512,	164	SIGALG_ECDSA_SECP521R1_SHA512,
@@ -171,7 +171,7 @@ uint16_t tls12_sigalgs[] = {
171	SIGALG_RSA_PKCS1_SHA1, /* XXX */	171	SIGALG_RSA_PKCS1_SHA1, /* XXX */
172	SIGALG_ECDSA_SHA1, /* XXX */	172	SIGALG_ECDSA_SHA1, /* XXX */
173	};	173	};
174	size_t tls12_sigalgs_len = (sizeof(tls12_sigalgs) / sizeof(tls12_sigalgs[0]));	174	const size_t tls12_sigalgs_len = (sizeof(tls12_sigalgs) / sizeof(tls12_sigalgs[0]));
175		175
176	const struct ssl_sigalg *	176	const struct ssl_sigalg *
177	ssl_sigalg_lookup(uint16_t sigalg)	177	ssl_sigalg_lookup(uint16_t sigalg)
@@ -187,7 +187,7 @@ ssl_sigalg_lookup(uint16_t sigalg)
187	}	187	}
188		188
189	const struct ssl_sigalg *	189	const struct ssl_sigalg *
190	ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len)	190	ssl_sigalg(uint16_t sigalg, const uint16_t *values, size_t len)
191	{	191	{
192	int i;	192	int i;
193		193
@@ -200,7 +200,7 @@ ssl_sigalg(uint16_t sigalg, uint16_t *values, size_t len)
200	}	200	}
201		201
202	int	202	int
203	ssl_sigalgs_build(CBB cbb, uint16_t values, size_t len)	203	ssl_sigalgs_build(CBB cbb, const uint16_t values, size_t len)
204	{	204	{
205	size_t i;	205	size_t i;
206		206
@@ -260,7 +260,7 @@ ssl_sigalg_pkey_ok(const struct ssl_sigalg sigalg, EVP_PKEY pkey,
260	const struct ssl_sigalg *	260	const struct ssl_sigalg *
261	ssl_sigalg_select(SSL s, EVP_PKEY pkey)	261	ssl_sigalg_select(SSL s, EVP_PKEY pkey)
262	{	262	{
263	uint16_t *tls_sigalgs = tls12_sigalgs;	263	const uint16_t *tls_sigalgs = tls12_sigalgs;
264	size_t tls_sigalgs_len = tls12_sigalgs_len;	264	size_t tls_sigalgs_len = tls12_sigalgs_len;
265	int check_curve = 0;	265	int check_curve = 0;
266	CBS cbs;	266	CBS cbs;