Convert X509_CRL* functions to use const getters

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>

apps/crl.c

@@ -250,9 +250,9 @@ int crl_main(int argc, char **argv)
     }
 
     if (badsig) {
-        ASN1_BIT_STRING *sig;
+        const ASN1_BIT_STRING *sig;
 
-        X509_CRL_get0_signature(&sig, NULL, x);
+        X509_CRL_get0_signature(x, &sig, NULL);
         corrupt_signature(sig);
     }
 

crypto/x509/t_crl.c

@@ -36,8 +36,8 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
 {
     STACK_OF(X509_REVOKED) *rev;
     X509_REVOKED *r;
-    X509_ALGOR *sig_alg;
-    ASN1_BIT_STRING *sig;
+    const X509_ALGOR *sig_alg;
+    const ASN1_BIT_STRING *sig;
     long l;
     int i;
     char *p;
@@ -45,7 +45,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
     BIO_printf(out, "Certificate Revocation List (CRL):\n");
     l = X509_CRL_get_version(x);
     BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
-    X509_CRL_get0_signature(&sig, &sig_alg, x);
+    X509_CRL_get0_signature(x, &sig, &sig_alg);
     X509_signature_print(out, sig_alg, NULL);
     p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
     BIO_printf(out, "%8sIssuer: %s\n", "", p);

crypto/x509/t_x509.c

@@ -287,7 +287,8 @@ int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
     return 1;
 }
 
-int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
+int X509_signature_print(BIO *bp, const X509_ALGOR *sigalg,
+                         const ASN1_STRING *sig)
 {
     int sig_nid;
     if (BIO_puts(bp, "    Signature Algorithm: ") <= 0)

crypto/x509/x509cset.c

@@ -115,7 +115,7 @@ X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl)
     return crl->crl.issuer;
 }
 
-STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(X509_CRL *crl)
+const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl)
 {
     return crl->crl.extensions;
 }
@@ -125,8 +125,8 @@ STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl)
     return crl->crl.revoked;
 }
 
-void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
-                             X509_CRL *crl)
+void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
+                             const X509_ALGOR **palg)
 {
     if (psig != NULL)
         *psig = &crl->signature;

crypto/x509v3/v3_prn.c

@@ -135,8 +135,8 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
     return ok;
 }
 
-int X509V3_extensions_print(BIO *bp, char *title,
-                            STACK_OF(X509_EXTENSION) *exts,
+int X509V3_extensions_print(BIO *bp, const char *title,
+                            const STACK_OF(X509_EXTENSION) *exts,
                             unsigned long flag, int indent)
 {
     int i, j;

doc/crypto/X509V3_get_d2i.pod

@@ -33,7 +33,7 @@ X509_REVOKED_add1_ext_i2d - X509 extension decode and encode functions
                                unsigned long flags);
 
  STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x);
- STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(X509_CRL *crl);
+ const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
  STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(const X509_REVOKED *r);
 
 =head1 DESCRIPTION

doc/crypto/X509_get0_signature.pod

@@ -19,8 +19,9 @@ X509_CRL_get_signature_nid - signature information
                               const X509_REQ *crl);
  int X509_REQ_get_signature_nid(const X509_REQ *crl);
 
- void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
-                              const X509_CRL *crl);
+ void X509_CRL_get0_signature(const X509_CRL *crl,
+                              const ASN1_BIT_STRING **psig,
+                              const X509_ALGOR **palg);
  int X509_CRL_get_signature_nid(const X509_CRL *crl);
 
 =head1 DESCRIPTION

include/openssl/x509.h

@@ -351,7 +351,8 @@ int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
 int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki);
 
 int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent);
-int X509_signature_print(BIO *bp, X509_ALGOR *alg, ASN1_STRING *sig);
+int X509_signature_print(BIO *bp, const X509_ALGOR *alg,
+                         const ASN1_STRING *sig);
 
 int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
 int X509_sign_ctx(X509 *x, EVP_MD_CTX *ctx);
@@ -685,10 +686,10 @@ long X509_CRL_get_version(const X509_CRL *crl);
 ASN1_TIME *X509_CRL_get_lastUpdate(const X509_CRL *crl);
 ASN1_TIME *X509_CRL_get_nextUpdate(const X509_CRL *crl);
 X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl);
-STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(X509_CRL *crl);
+const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl);
 STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl);
-void X509_CRL_get0_signature(ASN1_BIT_STRING **psig, X509_ALGOR **palg,
-                             X509_CRL *crl);
+void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
+                             const X509_ALGOR **palg);
 int X509_CRL_get_signature_nid(const X509_CRL *crl);
 int i2d_re_X509_CRL_tbs(X509_CRL *req, unsigned char **pp);
 

include/openssl/x509v3.h

@@ -639,8 +639,8 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag,
 #ifndef OPENSSL_NO_STDIO
 int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent);
 #endif
-int X509V3_extensions_print(BIO *out, char *title,
-                            STACK_OF(X509_EXTENSION) *exts,
+int X509V3_extensions_print(BIO *out, const char *title,
+                            const STACK_OF(X509_EXTENSION) *exts,
                             unsigned long flag, int indent);
 
 int X509_check_ca(X509 *x);