robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
Browse Source

[tls] Use const to mark incoming data being processed 

Signed-off-by: Michael Brown <mcb30@ipxe.org>
tags/v1.20.1
Michael Brown 13 years ago
parent
1c29b4d979
commit
b63bcd73a0
2 changed files with 29 additions and 27 deletions
Unified View Show Diff Stats
  1. 1
    1
      src/include/ipxe/asn1.h
  2. 28
    26
      src/net/tls.c

+ 1
- 1
src/include/ipxe/asn1.h View File

23 
  */
 23 
  */
24 
 struct asn1_cursor {
 24 
 struct asn1_cursor {
25 
 	/** Start of data */
 25 
 	/** Start of data */
26 
-	void *data;
26 
+	const void *data;
27 
 	/** Length of data */
 27 
 	/** Length of data */
28 
 	size_t len;
 28 
 	size_t len;
29 
 };
 29 
 };

+ 28
- 26
src/net/tls.c View File

65 
  * TLS uses 24-bit integers in several places, which are awkward to
 65 
  * TLS uses 24-bit integers in several places, which are awkward to
66 
  * parse in C.
 66 
  * parse in C.
67 
  */
 67 
  */
68 
-static unsigned long tls_uint24 ( uint8_t field24[3] ) {
68 
+static unsigned long tls_uint24 ( const uint8_t field24[3] ) {
69 
 	return ( ( field24[0] << 16 ) + ( field24[1] << 8 ) + field24[2] );
 69 
 	return ( ( field24[0] << 16 ) + ( field24[1] << 8 ) + field24[2] );
70 
 }
 70 
 }
71
71
874 
  * @ret rc		Return status code
 874 
  * @ret rc		Return status code
875 
  */
 875 
  */
876 
 static int tls_new_change_cipher ( struct tls_session *tls,
 876 
 static int tls_new_change_cipher ( struct tls_session *tls,
877 
-				   void *data, size_t len ) {
877 
+				   const void *data, size_t len ) {
878 
 	int rc;
 878 
 	int rc;
879
879
880 
 	if ( ( len != 1 ) || ( *( ( uint8_t * ) data ) != 1 ) ) {
 880 
 	if ( ( len != 1 ) || ( *( ( uint8_t * ) data ) != 1 ) ) {
902 
  * @v len		Length of plaintext record
 902 
  * @v len		Length of plaintext record
903 
  * @ret rc		Return status code
 903 
  * @ret rc		Return status code
904 
  */
 904 
  */
905 
-static int tls_new_alert ( struct tls_session *tls, void *data, size_t len ) {
906 
-	struct {
905 
+static int tls_new_alert ( struct tls_session *tls, const void *data,
906 
+			   size_t len ) {
907 
+	const struct {
907 
 		uint8_t level;
 908 
 		uint8_t level;
908 
 		uint8_t description;
 909 
 		uint8_t description;
909 
 		char next[0];
 910 
 		char next[0];
910 
 	} __attribute__ (( packed )) *alert = data;
 911 
 	} __attribute__ (( packed )) *alert = data;
911 
-	void *end = alert->next;
912 
+	const void *end = alert->next;
912
913
913 
 	/* Sanity check */
 914 
 	/* Sanity check */
914 
 	if ( end != ( data + len ) ) {
 915 
 	if ( end != ( data + len ) ) {
942 
  * @ret rc		Return status code
 943 
  * @ret rc		Return status code
943 
  */
 944 
  */
944 
 static int tls_new_server_hello ( struct tls_session *tls,
 945 
 static int tls_new_server_hello ( struct tls_session *tls,
945 
-				  void *data, size_t len ) {
946 
-	struct {
946 
+				  const void *data, size_t len ) {
947 
+	const struct {
947 
 		uint16_t version;
 948 
 		uint16_t version;
948 
 		uint8_t random[32];
 949 
 		uint8_t random[32];
949 
 		uint8_t session_id_len;
 950 
 		uint8_t session_id_len;
950 
 		char next[0];
 951 
 		char next[0];
951 
 	} __attribute__ (( packed )) *hello_a = data;
 952 
 	} __attribute__ (( packed )) *hello_a = data;
952 
-	struct {
953 
+	const struct {
953 
 		uint8_t session_id[hello_a->session_id_len];
 954 
 		uint8_t session_id[hello_a->session_id_len];
954 
 		uint16_t cipher_suite;
 955 
 		uint16_t cipher_suite;
955 
 		uint8_t compression_method;
 956 
 		uint8_t compression_method;
956 
 		char next[0];
 957 
 		char next[0];
957 
 	} __attribute__ (( packed )) *hello_b = ( void * ) &hello_a->next;
 958 
 	} __attribute__ (( packed )) *hello_b = ( void * ) &hello_a->next;
958 
-	void *end = hello_b->next;
959 
+	const void *end = hello_b->next;
959 
 	uint16_t version;
 960 
 	uint16_t version;
960 
 	int rc;
 961 
 	int rc;
961
962
1008 
  * @ret rc		Return status code
 1009 
  * @ret rc		Return status code
1009 
  */
 1010 
  */
1010 
 static int tls_new_certificate ( struct tls_session *tls,
 1011 
 static int tls_new_certificate ( struct tls_session *tls,
1011 
-				 void *data, size_t len ) {
1012 
-	struct {
1012 
+				 const void *data, size_t len ) {
1013 
+	const struct {
1013 
 		uint8_t length[3];
 1014 
 		uint8_t length[3];
1014 
 		uint8_t certificates[0];
 1015 
 		uint8_t certificates[0];
1015 
 	} __attribute__ (( packed )) *certificate = data;
 1016 
 	} __attribute__ (( packed )) *certificate = data;
1016 
-	struct {
1017 
+	const struct {
1017 
 		uint8_t length[3];
 1018 
 		uint8_t length[3];
1018 
 		uint8_t certificate[0];
 1019 
 		uint8_t certificate[0];
1019 
 	} __attribute__ (( packed )) *element =
 1020 
 	} __attribute__ (( packed )) *element =
1020 
 		  ( ( void * ) certificate->certificates );
 1021 
 		  ( ( void * ) certificate->certificates );
1021 
 	size_t elements_len = tls_uint24 ( certificate->length );
 1022 
 	size_t elements_len = tls_uint24 ( certificate->length );
1022 
-	void *end = ( certificate->certificates + elements_len );
1023 
+	const void *end = ( certificate->certificates + elements_len );
1023 
 	struct asn1_cursor cursor;
 1024 
 	struct asn1_cursor cursor;
1024 
 	int rc;
 1025 
 	int rc;
1025
1026
1066 
  * @ret rc		Return status code
 1067 
  * @ret rc		Return status code
1067 
  */
 1068 
  */
1068 
 static int tls_new_certificate_request ( struct tls_session *tls,
 1069 
 static int tls_new_certificate_request ( struct tls_session *tls,
1069 
-					 void *data __unused,
1070 
+					 const void *data __unused,
1070 
 					 size_t len __unused ) {
 1071 
 					 size_t len __unused ) {
1071
1072
1072 
 	/* We can only send an empty certificate (as mandated by
 1073 
 	/* We can only send an empty certificate (as mandated by
1090 
  * @ret rc		Return status code
 1091 
  * @ret rc		Return status code
1091 
  */
 1092 
  */
1092 
 static int tls_new_server_hello_done ( struct tls_session *tls,
 1093 
 static int tls_new_server_hello_done ( struct tls_session *tls,
1093 
-				       void *data, size_t len ) {
1094 
-	struct {
1094 
+				       const void *data, size_t len ) {
1095 
+	const struct {
1095 
 		char next[0];
 1096 
 		char next[0];
1096 
 	} __attribute__ (( packed )) *hello_done = data;
 1097 
 	} __attribute__ (( packed )) *hello_done = data;
1097 
-	void *end = hello_done->next;
1098 
+	const void *end = hello_done->next;
1098
1099
1099 
 	/* Sanity check */
 1100 
 	/* Sanity check */
1100 
 	if ( end != ( data + len ) ) {
 1101 
 	if ( end != ( data + len ) ) {
1122 
  * @ret rc		Return status code
 1123 
  * @ret rc		Return status code
1123 
  */
 1124 
  */
1124 
 static int tls_new_finished ( struct tls_session *tls,
 1125 
 static int tls_new_finished ( struct tls_session *tls,
1125 
-			      void *data, size_t len ) {
1126 
-	struct {
1126 
+			      const void *data, size_t len ) {
1127 
+	const struct {
1127 
 		uint8_t verify_data[12];
 1128 
 		uint8_t verify_data[12];
1128 
 		char next[0];
 1129 
 		char next[0];
1129 
 	} __attribute__ (( packed )) *finished = data;
 1130 
 	} __attribute__ (( packed )) *finished = data;
1130 
-	void *end = finished->next;
1131 
+	const void *end = finished->next;
1131 
 	uint8_t digest[ tls_verify_handshake_len ( tls ) ];
 1132 
 	uint8_t digest[ tls_verify_handshake_len ( tls ) ];
1132 
 	uint8_t verify_data[ sizeof ( finished->verify_data ) ];
 1133 
 	uint8_t verify_data[ sizeof ( finished->verify_data ) ];
1133
1134
1167 
  * @ret rc		Return status code
 1168 
  * @ret rc		Return status code
1168 
  */
 1169 
  */
1169 
 static int tls_new_handshake ( struct tls_session *tls,
 1170 
 static int tls_new_handshake ( struct tls_session *tls,
1170 
-			       void *data, size_t len ) {
1171 
-	void *end = ( data + len );
1171 
+			       const void *data, size_t len ) {
1172 
+	const void *end = ( data + len );
1172 
 	int rc;
 1173 
 	int rc;
1173
1174
1174 
 	while ( data != end ) {
 1175 
 	while ( data != end ) {
1175 
-		struct {
1176 
+		const struct {
1176 
 			uint8_t type;
 1177 
 			uint8_t type;
1177 
 			uint8_t length[3];
 1178 
 			uint8_t length[3];
1178 
 			uint8_t payload[0];
 1179 
 			uint8_t payload[0];
1242 
  * @v len		Length of plaintext record
 1243 
  * @v len		Length of plaintext record
1243 
  * @ret rc		Return status code
 1244 
  * @ret rc		Return status code
1244 
  */
 1245 
  */
1245 
-static int tls_new_record ( struct tls_session *tls,
1246 
-			    unsigned int type, void *data, size_t len ) {
1246 
+static int tls_new_record ( struct tls_session *tls, unsigned int type,
1247 
+			    const void *data, size_t len ) {
1247
1248
1248 
 	switch ( type ) {
 1249 
 	switch ( type ) {
1249 
 	case TLS_TYPE_CHANGE_CIPHER:
 1250 
 	case TLS_TYPE_CHANGE_CIPHER:
1588 
  * @ret rc		Return status code
 1589 
  * @ret rc		Return status code
1589 
  */
 1590 
  */
1590 
 static int tls_new_ciphertext ( struct tls_session *tls,
 1591 
 static int tls_new_ciphertext ( struct tls_session *tls,
1591 
-				struct tls_header *tlshdr, void *ciphertext ) {
1592 
+				struct tls_header *tlshdr,
1593 
+				const void *ciphertext ) {
1592 
 	struct tls_header plaintext_tlshdr;
 1594 
 	struct tls_header plaintext_tlshdr;
1593 
 	struct tls_cipherspec *cipherspec = &tls->rx_cipherspec;
 1595 
 	struct tls_cipherspec *cipherspec = &tls->rx_cipherspec;
1594 
 	struct cipher_algorithm *cipher = cipherspec->suite->cipher;
 1596 
 	struct cipher_algorithm *cipher = cipherspec->suite->cipher;

Write Preview
Loading…
Cancel
Save