From 3fb3231cf83c8a9328499ea17b3663c1618210dc Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Mon, 17 Sep 2018 17:20:14 +0100 Subject: [PATCH] Constification --- src/src/functions.h | 2 +- src/src/smtp_out.c | 2 +- src/src/tls-gnu.c | 10 +++++----- src/src/transports/smtp.c | 30 +++++++++++++++--------------- src/src/verify.c | 6 +++--- 5 files changed, 25 insertions(+), 25 deletions(-) diff --git a/src/src/functions.h b/src/src/functions.h index 920f3d96f..f37c10733 100644 --- a/src/src/functions.h +++ b/src/src/functions.h @@ -570,7 +570,7 @@ extern int verify_check_headers(uschar **); extern int verify_check_header_names_ascii(uschar **); extern int verify_check_host(uschar **); extern int verify_check_notblind(void); -extern int verify_check_given_host(uschar **, host_item *); +extern int verify_check_given_host(const uschar **, const host_item *); extern int verify_check_this_host(const uschar **, unsigned int *, const uschar*, const uschar *, const uschar **); extern address_item *verify_checked_sender(uschar *); diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c index 6fd0bf729..62d4c7333 100644 --- a/src/src/smtp_out.c +++ b/src/src/smtp_out.c @@ -264,7 +264,7 @@ requested some early-data then include that in the TFO request. */ else { #ifdef TCP_FASTOPEN - if (verify_check_given_host(&ob->hosts_try_fastopen, host) == OK) + if (verify_check_given_host(CUSS &ob->hosts_try_fastopen, host) == OK) fastopen_blob = early_data ? early_data : &tcp_fastopen_nodata; #endif diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index 3e618a697..9fcb50dfe 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -2158,7 +2158,7 @@ static void tls_client_setup_hostname_checks(host_item * host, exim_gnutls_state_st * state, smtp_transport_options_block * ob) { -if (verify_check_given_host(&ob->tls_verify_cert_hostnames, host) == OK) +if (verify_check_given_host(CUSS &ob->tls_verify_cert_hostnames, host) == OK) { state->exp_tls_verify_cert_hostnames = #ifdef SUPPORT_I18N @@ -2284,9 +2284,9 @@ uschar *cipher_list = NULL; #ifndef DISABLE_OCSP BOOL require_ocsp = - verify_check_given_host(&ob->hosts_require_ocsp, host) == OK; + verify_check_given_host(CUSS &ob->hosts_require_ocsp, host) == OK; BOOL request_ocsp = require_ocsp ? TRUE - : verify_check_given_host(&ob->hosts_request_ocsp, host) == OK; + : verify_check_given_host(CUSS &ob->hosts_request_ocsp, host) == OK; #endif DEBUG(D_tls) debug_printf("initialising GnuTLS as a client on fd %d\n", fd); @@ -2346,7 +2346,7 @@ else && !ob->tls_verify_hosts && (!ob->tls_try_verify_hosts || !*ob->tls_try_verify_hosts) ) - || verify_check_given_host(&ob->tls_verify_hosts, host) == OK + || verify_check_given_host(CUSS &ob->tls_verify_hosts, host) == OK ) { tls_client_setup_hostname_checks(host, state, ob); @@ -2355,7 +2355,7 @@ else state->verify_requirement = VERIFY_REQUIRED; gnutls_certificate_server_set_request(state->session, GNUTLS_CERT_REQUIRE); } -else if (verify_check_given_host(&ob->tls_try_verify_hosts, host) == OK) +else if (verify_check_given_host(CUSS &ob->tls_try_verify_hosts, host) == OK) { tls_client_setup_hostname_checks(host, state, ob); DEBUG(D_tls) diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c index aac47aa5a..b2adeb555 100644 --- a/src/src/transports/smtp.c +++ b/src/src/transports/smtp.c @@ -1022,7 +1022,7 @@ uschar *fail_reason = US"server did not advertise AUTH support"; f.smtp_authenticated = FALSE; client_authenticator = client_authenticated_id = client_authenticated_sender = NULL; -require_auth = verify_check_given_host(&ob->hosts_require_auth, sx->host); +require_auth = verify_check_given_host(CUSS &ob->hosts_require_auth, sx->host); if (sx->esmtp && !regex_AUTH) regex_AUTH = regex_must_compile(US"\\n250[\\s\\-]AUTH\\s+([\\-\\w\\s]+)(?:\\n|$)", @@ -1037,7 +1037,7 @@ if (sx->esmtp && regex_match_and_setup(regex_AUTH, buffer, 0, -1)) regex match above. */ if (require_auth == OK || - verify_check_given_host(&ob->hosts_try_auth, sx->host) == OK) + verify_check_given_host(CUSS &ob->hosts_try_auth, sx->host) == OK) { auth_instance *au; fail_reason = US"no common mechanisms were found"; @@ -1569,7 +1569,7 @@ sx->dsn_all_lasthop = TRUE; #if defined(SUPPORT_TLS) && defined(SUPPORT_DANE) sx->dane = FALSE; sx->dane_required = - verify_check_given_host(&sx->ob->hosts_require_dane, sx->host) == OK; + verify_check_given_host(CUSS &sx->ob->hosts_require_dane, sx->host) == OK; #endif if ((sx->max_rcpt = sx->tblock->max_addresses) == 0) sx->max_rcpt = 999999; @@ -1650,7 +1650,7 @@ if (!continue_hostname) if (sx->host->dnssec == DS_YES) { if( sx->dane_required - || verify_check_given_host(&sx->ob->hosts_try_dane, sx->host) == OK + || verify_check_given_host(CUSS &sx->ob->hosts_try_dane, sx->host) == OK ) switch (rc = tlsa_lookup(sx->host, &tlsa_dnsa, sx->dane_required)) { @@ -1819,7 +1819,7 @@ goto SEND_QUIT; mailers use upper case for some reason (the RFC is quite clear about case independence) so, for peace of mind, I gave in. */ - sx->esmtp = verify_check_given_host(&sx->ob->hosts_avoid_esmtp, sx->host) != OK; + sx->esmtp = verify_check_given_host(CUSS &sx->ob->hosts_avoid_esmtp, sx->host) != OK; /* Alas; be careful, since this goto is not an error-out, so conceivably we might set data between here and the target which we assume to exist @@ -1966,9 +1966,9 @@ for error analysis. */ #ifdef SUPPORT_TLS if ( smtp_peer_options & OPTION_TLS && !suppress_tls - && verify_check_given_host(&sx->ob->hosts_avoid_tls, sx->host) != OK + && verify_check_given_host(CUSS &sx->ob->hosts_avoid_tls, sx->host) != OK && ( !sx->verify - || verify_check_given_host(&sx->ob->hosts_verify_avoid_tls, sx->host) != OK + || verify_check_given_host(CUSS &sx->ob->hosts_verify_avoid_tls, sx->host) != OK ) ) { uschar buffer2[4096]; @@ -2116,7 +2116,7 @@ else if ( sx->smtps # ifdef EXPERIMENTAL_REQUIRETLS || tls_requiretls & REQUIRETLS_MSG # endif - || verify_check_given_host(&sx->ob->hosts_require_tls, sx->host) == OK + || verify_check_given_host(CUSS &sx->ob->hosts_require_tls, sx->host) == OK ) { errno = @@ -2184,14 +2184,14 @@ if (continue_hostname == NULL the current host matches hosts_avoid_pipelining, don't do it. */ if ( sx->peer_offered & OPTION_PIPE - && verify_check_given_host(&sx->ob->hosts_avoid_pipelining, sx->host) != OK) + && verify_check_given_host(CUSS &sx->ob->hosts_avoid_pipelining, sx->host) != OK) smtp_peer_options |= OPTION_PIPE; DEBUG(D_transport) debug_printf("%susing PIPELINING\n", smtp_peer_options & OPTION_PIPE ? "" : "not "); if ( sx->peer_offered & OPTION_CHUNKING - && verify_check_given_host(&sx->ob->hosts_try_chunking, sx->host) != OK) + && verify_check_given_host(CUSS &sx->ob->hosts_try_chunking, sx->host) != OK) sx->peer_offered &= ~OPTION_CHUNKING; if (sx->peer_offered & OPTION_CHUNKING) @@ -2199,7 +2199,7 @@ if (continue_hostname == NULL #ifndef DISABLE_PRDR if ( sx->peer_offered & OPTION_PRDR - && verify_check_given_host(&sx->ob->hosts_try_prdr, sx->host) != OK) + && verify_check_given_host(CUSS &sx->ob->hosts_try_prdr, sx->host) != OK) sx->peer_offered &= ~OPTION_PRDR; if (sx->peer_offered & OPTION_PRDR) @@ -3602,7 +3602,7 @@ if (sx.completed_addr && sx.ok && sx.send_quit) || ( #ifdef SUPPORT_TLS ( tls_out.active.sock < 0 && !continue_proxy_cipher - || verify_check_given_host(&sx.ob->hosts_nopass_tls, host) != OK + || verify_check_given_host(CUSS &sx.ob->hosts_nopass_tls, host) != OK ) && #endif @@ -3658,7 +3658,7 @@ if (sx.completed_addr && sx.ok && sx.send_quit) #ifdef SUPPORT_TLS if (tls_out.active.sock >= 0) if ( f.continue_more - || verify_check_given_host(&sx.ob->hosts_noproxy_tls, host) == OK) + || verify_check_given_host(CUSS &sx.ob->hosts_noproxy_tls, host) == OK) { /* Before passing the socket on, or returning to caller with it still open, we must shut down TLS. Not all MTAs allow for the continuation @@ -4435,7 +4435,7 @@ retry_non_continued: sending the message down a pre-existing connection. */ if ( !continue_hostname - && verify_check_given_host(&ob->serialize_hosts, host) == OK) + && verify_check_given_host(CUSS &ob->serialize_hosts, host) == OK) { serialize_key = string_sprintf("host-serialize-%s", host->name); if (!enq_start(serialize_key, 1)) @@ -4576,7 +4576,7 @@ retry_non_continued: if ( rc == DEFER && first_addr->basic_errno == ERRNO_TLSFAILURE && ob->tls_tempfail_tryclear - && verify_check_given_host(&ob->hosts_require_tls, host) != OK + && verify_check_given_host(CUSS &ob->hosts_require_tls, host) != OK ) { log_write(0, LOG_MAIN, diff --git a/src/src/verify.c b/src/src/verify.c index 8d31f5d8e..9aff78a9a 100644 --- a/src/src/verify.c +++ b/src/src/verify.c @@ -693,7 +693,7 @@ tls_retry_connection: if ( yield == DEFER && addr->basic_errno == ERRNO_TLSFAILURE && ob->tls_tempfail_tryclear - && verify_check_given_host(&ob->hosts_require_tls, host) != OK + && verify_check_given_host(CUSS &ob->hosts_require_tls, host) != OK ) { log_write(0, LOG_MAIN, @@ -3244,9 +3244,9 @@ return rc; * Check the given host item matches a list * *************************************************/ int -verify_check_given_host(uschar **listptr, host_item *host) +verify_check_given_host(const uschar **listptr, const host_item *host) { -return verify_check_this_host(CUSS listptr, NULL, host->name, host->address, NULL); +return verify_check_this_host(listptr, NULL, host->name, host->address, NULL); } /************************************************* -- 2.25.1