From b0e9b80efde53e09ba0e6da43a3086b062ae877e Mon Sep 17 00:00:00 2001
From: tb <>
Date: Sun, 13 May 2018 15:04:05 +0000
Subject: Add const qualifier to the ASN1_OBJ * argument of
 TS_REQ_get_ext_by_OBJ(3), TS_REQ_set_policy_id(3), TS_RESP_CTX_add_policy(3),
 TS_RESP_CTX_set_def_policy(3), and TS_TST_INFO_get_ext_by_OBJ(3)

tested in a bulk by sthen
ok jsing
---
 src/lib/libcrypto/ts/ts.h           | 10 +++++-----
 src/lib/libcrypto/ts/ts_req_utils.c |  6 +++---
 src/lib/libcrypto/ts/ts_rsp_sign.c  |  6 +++---
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/src/lib/libcrypto/ts/ts.h b/src/lib/libcrypto/ts/ts.h
index a8d2281b7a..3a010d517b 100644
--- a/src/lib/libcrypto/ts/ts.h
+++ b/src/lib/libcrypto/ts/ts.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts.h,v 1.8 2016/12/27 16:05:57 jsing Exp $ */
+/* $OpenBSD: ts.h,v 1.9 2018/05/13 15:04:05 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@opentsa.org) for the OpenSSL
  * project 2002, 2003, 2004.
  */
@@ -365,7 +365,7 @@ X509_ALGOR *TS_MSG_IMPRINT_get_algo(TS_MSG_IMPRINT *a);
 int TS_MSG_IMPRINT_set_msg(TS_MSG_IMPRINT *a, unsigned char *d, int len);
 ASN1_OCTET_STRING *TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a);
 
-int TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy);
+int TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy);
 ASN1_OBJECT *TS_REQ_get_policy_id(TS_REQ *a);
 
 int TS_REQ_set_nonce(TS_REQ *a, const ASN1_INTEGER *nonce);
@@ -378,7 +378,7 @@ STACK_OF(X509_EXTENSION) *TS_REQ_get_exts(TS_REQ *a);
 void TS_REQ_ext_free(TS_REQ *a);
 int TS_REQ_get_ext_count(TS_REQ *a);
 int TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos);
-int TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos);
+int TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos);
 int TS_REQ_get_ext_by_critical(TS_REQ *a, int crit, int lastpos);
 X509_EXTENSION *TS_REQ_get_ext(TS_REQ *a, int loc);
 X509_EXTENSION *TS_REQ_delete_ext(TS_REQ *a, int loc);
@@ -524,14 +524,14 @@ int TS_RESP_CTX_set_signer_cert(TS_RESP_CTX *ctx, X509 *signer);
 int TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key);
 
 /* This parameter must be set. */
-int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy);
+int TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy);
 
 /* No additional certs are included in the response by default. */
 int TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs);
 
 /* Adds a new acceptable policy, only the default policy
    is accepted by default. */
-int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy);
+int TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy);
 
 /* Adds a new acceptable message digest. Note that no message digests
    are accepted by default. The md argument is shared with the caller. */
diff --git a/src/lib/libcrypto/ts/ts_req_utils.c b/src/lib/libcrypto/ts/ts_req_utils.c
index bd707c228f..6b9c13f39b 100644
--- a/src/lib/libcrypto/ts/ts_req_utils.c
+++ b/src/lib/libcrypto/ts/ts_req_utils.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_req_utils.c,v 1.5 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ts_req_utils.c,v 1.6 2018/05/13 15:04:05 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -134,7 +134,7 @@ TS_MSG_IMPRINT_get_msg(TS_MSG_IMPRINT *a)
 }
 
 int
-TS_REQ_set_policy_id(TS_REQ *a, ASN1_OBJECT *policy)
+TS_REQ_set_policy_id(TS_REQ *a, const ASN1_OBJECT *policy)
 {
 	ASN1_OBJECT *new_policy;
 
@@ -219,7 +219,7 @@ TS_REQ_get_ext_by_NID(TS_REQ *a, int nid, int lastpos)
 }
 
 int
-TS_REQ_get_ext_by_OBJ(TS_REQ *a, ASN1_OBJECT *obj, int lastpos)
+TS_REQ_get_ext_by_OBJ(TS_REQ *a, const ASN1_OBJECT *obj, int lastpos)
 {
 	return X509v3_get_ext_by_OBJ(a->extensions, obj, lastpos);
 }
diff --git a/src/lib/libcrypto/ts/ts_rsp_sign.c b/src/lib/libcrypto/ts/ts_rsp_sign.c
index 57e2d7f348..9ab80160b3 100644
--- a/src/lib/libcrypto/ts/ts_rsp_sign.c
+++ b/src/lib/libcrypto/ts/ts_rsp_sign.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ts_rsp_sign.c,v 1.21 2017/01/29 17:49:23 beck Exp $ */
+/* $OpenBSD: ts_rsp_sign.c,v 1.22 2018/05/13 15:04:05 tb Exp $ */
 /* Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL
  * project 2002.
  */
@@ -201,7 +201,7 @@ TS_RESP_CTX_set_signer_key(TS_RESP_CTX *ctx, EVP_PKEY *key)
 }
 
 int
-TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *def_policy)
+TS_RESP_CTX_set_def_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *def_policy)
 {
 	if (ctx->default_policy)
 		ASN1_OBJECT_free(ctx->default_policy);
@@ -238,7 +238,7 @@ TS_RESP_CTX_set_certs(TS_RESP_CTX *ctx, STACK_OF(X509) *certs)
 }
 
 int
-TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, ASN1_OBJECT *policy)
+TS_RESP_CTX_add_policy(TS_RESP_CTX *ctx, const ASN1_OBJECT *policy)
 {
 	ASN1_OBJECT *copy = NULL;
 
-- 
cgit v1.2.3-55-g6feb