Hi,
The properties of the crypto algorithms never change. So they can
be declared constant and mapped as read only.
ok?
bluhm
Index: arch/amd64/amd64/aesni.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/aesni.c,v
retrieving revision 1.49
diff -u -p -r1.49 aesni.c
--- arch/amd64/amd64/aesni.c 16 Mar 2019 16:33:59 -0000 1.49
+++ arch/amd64/amd64/aesni.c 7 Jul 2021 23:11:11 -0000
@@ -178,7 +178,7 @@ aesni_newsession(u_int32_t *sidp, struct
struct aesni_session *ses = NULL;
struct aesni_aes_ctx *aes1, *aes2;
struct cryptoini *c;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
struct swcr_data *swd;
int i;
@@ -363,7 +363,7 @@ void
aesni_free(struct aesni_session *ses)
{
struct swcr_data *swd;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
if (ses->ses_ghash) {
explicit_bzero(ses->ses_ghash, sizeof(GHASH_CTX));
Index: arch/amd64/amd64/via.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/via.c,v
retrieving revision 1.33
diff -u -p -r1.33 via.c
--- arch/amd64/amd64/via.c 29 May 2020 04:42:23 -0000 1.33
+++ arch/amd64/amd64/via.c 7 Jul 2021 23:11:11 -0000
@@ -114,7 +114,7 @@ viac3_crypto_newsession(u_int32_t *sidp,
struct cryptoini *c;
struct viac3_softc *sc = vc3_sc;
struct viac3_session *ses = NULL;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
struct swcr_data *swd;
int sesn, i, cw0;
@@ -271,7 +271,7 @@ viac3_crypto_freesession(u_int64_t tid)
{
struct viac3_softc *sc = vc3_sc;
struct swcr_data *swd;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
int sesn;
u_int32_t sid = ((u_int32_t)tid) & 0xffffffff;
Index: arch/arm64/arm64/cryptox.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/arm64/arm64/cryptox.c,v
retrieving revision 1.1
diff -u -p -r1.1 cryptox.c
--- arch/arm64/arm64/cryptox.c 21 Feb 2021 14:55:17 -0000 1.1
+++ arch/arm64/arm64/cryptox.c 7 Jul 2021 23:06:24 -0000
@@ -143,7 +143,7 @@ cryptox_newsession(u_int32_t *sidp, stru
{
struct cryptox_session *ses = NULL;
struct cryptoini *c;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
struct swcr_data *swd;
int i;
@@ -280,7 +280,7 @@ void
cryptox_free(struct cryptox_session *ses)
{
struct swcr_data *swd;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
if (ses->ses_swd) {
swd = ses->ses_swd;
Index: arch/i386/i386/via.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/i386/via.c,v
retrieving revision 1.46
diff -u -p -r1.46 via.c
--- arch/i386/i386/via.c 29 May 2020 04:42:24 -0000 1.46
+++ arch/i386/i386/via.c 7 Jul 2021 23:11:11 -0000
@@ -115,7 +115,7 @@ viac3_crypto_newsession(u_int32_t *sidp,
struct cryptoini *c;
struct viac3_softc *sc = vc3_sc;
struct viac3_session *ses = NULL;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
struct swcr_data *swd;
int sesn, i, cw0;
@@ -272,7 +272,7 @@ viac3_crypto_freesession(u_int64_t tid)
{
struct viac3_softc *sc = vc3_sc;
struct swcr_data *swd;
- struct auth_hash *axf;
+ const struct auth_hash *axf;
int sesn;
u_int32_t sid = ((u_int32_t)tid) & 0xffffffff;
Index: arch/i386/pci/glxsb.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/pci/glxsb.c,v
retrieving revision 1.36
diff -u -p -r1.36 glxsb.c
--- arch/i386/pci/glxsb.c 29 May 2020 04:42:24 -0000 1.36
+++ arch/i386/pci/glxsb.c 7 Jul 2021 23:11:11 -0000
@@ -357,8 +357,8 @@ glxsb_crypto_newsession(uint32_t *sidp,
{
struct glxsb_softc *sc = glxsb_sc;
struct glxsb_session *ses = NULL;
- struct auth_hash *axf;
- struct enc_xform *txf;
+ const struct auth_hash *axf;
+ const struct enc_xform *txf;
struct cryptoini *c;
struct swcr_data *swd;
int sesn, i;
@@ -509,8 +509,8 @@ glxsb_crypto_freesession(uint64_t tid)
{
struct glxsb_softc *sc = glxsb_sc;
struct swcr_data *swd;
- struct auth_hash *axf;
- struct enc_xform *txf;
+ const struct auth_hash *axf;
+ const struct enc_xform *txf;
int sesn;
uint32_t sid = ((uint32_t)tid) & 0xffffffff;
Index: arch/octeon/dev/octcrypto.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/octeon/dev/octcrypto.c,v
retrieving revision 1.4
diff -u -p -r1.4 octcrypto.c
--- arch/octeon/dev/octcrypto.c 25 Feb 2021 02:48:19 -0000 1.4
+++ arch/octeon/dev/octcrypto.c 7 Jul 2021 23:08:01 -0000
@@ -299,7 +299,7 @@ octcrypto_get(struct octcrypto_softc *sc
void
octcrypto_free(struct octcrypto_session *ses)
{
- struct auth_hash *axf;
+ const struct auth_hash *axf;
struct swcr_data *swd;
if (ses->ses_swd != NULL) {
@@ -333,7 +333,7 @@ int
octcrypto_newsession(uint32_t *sidp, struct cryptoini *cri)
{
uint64_t block[ndwords(HMAC_MAX_BLOCK_LEN)];
- struct auth_hash *axf;
+ const struct auth_hash *axf;
struct cryptoini *c;
const struct octcrypto_hmac *hmac = NULL;
struct octcrypto_softc *sc = octcrypto_sc;
Index: crypto/cryptosoft.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/crypto/cryptosoft.c,v
retrieving revision 1.86
diff -u -p -r1.86 cryptosoft.c
--- crypto/cryptosoft.c 29 May 2020 01:22:53 -0000 1.86
+++ crypto/cryptosoft.c 7 Jul 2021 23:11:11 -0000
@@ -101,7 +101,7 @@ swcr_encdec(struct cryptodesc *crd, stru
{
unsigned char iv[EALG_MAX_BLOCK_LEN], blk[EALG_MAX_BLOCK_LEN], *idat;
unsigned char *ivp, *nivp, iv2[EALG_MAX_BLOCK_LEN];
- struct enc_xform *exf;
+ const struct enc_xform *exf;
int i, k, j, blks, ind, count, ivlen;
struct mbuf *m = NULL;
struct uio *uio = NULL;
@@ -420,7 +420,7 @@ swcr_authcompute(struct cryptop *crp, st
struct swcr_data *sw, caddr_t buf, int outtype)
{
unsigned char aalg[AALG_MAX_RESULT_LEN];
- struct auth_hash *axf;
+ const struct auth_hash *axf;
union authctx ctx;
int err;
@@ -486,8 +486,8 @@ swcr_authenc(struct cryptop *crp)
union authctx ctx;
struct cryptodesc *crd, *crda = NULL, *crde = NULL;
struct swcr_data *sw, *swa, *swe = NULL;
- struct auth_hash *axf = NULL;
- struct enc_xform *exf = NULL;
+ const struct auth_hash *axf = NULL;
+ const struct enc_xform *exf = NULL;
caddr_t buf = (caddr_t)crp->crp_buf;
uint32_t *blkp;
int aadlen, blksz, i, ivlen, outtype, len, iskip, oskip;
@@ -654,7 +654,7 @@ swcr_compdec(struct cryptodesc *crd, str
caddr_t buf, int outtype)
{
u_int8_t *data, *out;
- struct comp_algo *cxf;
+ const struct comp_algo *cxf;
int adj;
u_int32_t result;
@@ -729,9 +729,9 @@ int
swcr_newsession(u_int32_t *sid, struct cryptoini *cri)
{
struct swcr_data **swd;
- struct auth_hash *axf;
- struct enc_xform *txf;
- struct comp_algo *cxf;
+ const struct auth_hash *axf;
+ const struct enc_xform *txf;
+ const struct comp_algo *cxf;
u_int32_t i;
int k;
@@ -940,8 +940,8 @@ int
swcr_freesession(u_int64_t tid)
{
struct swcr_data *swd;
- struct enc_xform *txf;
- struct auth_hash *axf;
+ const struct enc_xform *txf;
+ const struct auth_hash *axf;
u_int32_t sid = ((u_int32_t) tid) & 0xffffffff;
if (sid > swcr_sesnum || swcr_sessions == NULL ||
Index: crypto/cryptosoft.h
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/crypto/cryptosoft.h,v
retrieving revision 1.14
diff -u -p -r1.14 cryptosoft.h
--- crypto/cryptosoft.h 7 Dec 2012 17:03:22 -0000 1.14
+++ crypto/cryptosoft.h 7 Jul 2021 23:11:11 -0000
@@ -32,15 +32,15 @@ struct swcr_data {
u_int8_t *SW_ictx;
u_int8_t *SW_octx;
u_int32_t SW_klen;
- struct auth_hash *SW_axf;
+ const struct auth_hash *SW_axf;
} SWCR_AUTH;
struct {
u_int8_t *SW_kschedule;
- struct enc_xform *SW_exf;
+ const struct enc_xform *SW_exf;
} SWCR_ENC;
struct {
u_int32_t SW_size;
- struct comp_algo *SW_cxf;
+ const struct comp_algo *SW_cxf;
} SWCR_COMP;
} SWCR_UN;
Index: crypto/xform.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/crypto/xform.c,v
retrieving revision 1.59
diff -u -p -r1.59 xform.c
--- crypto/xform.c 9 Apr 2018 04:34:56 -0000 1.59
+++ crypto/xform.c 7 Jul 2021 23:11:11 -0000
@@ -123,7 +123,7 @@ struct aes_xts_ctx {
void aes_xts_crypt(struct aes_xts_ctx *, u_int8_t *, u_int);
/* Encryption instances */
-struct enc_xform enc_xform_3des = {
+const struct enc_xform enc_xform_3des = {
CRYPTO_3DES_CBC, "3DES",
8, 8, 24, 24, 384,
des3_encrypt,
@@ -132,7 +132,7 @@ struct enc_xform enc_xform_3des = {
NULL
};
-struct enc_xform enc_xform_blf = {
+const struct enc_xform enc_xform_blf = {
CRYPTO_BLF_CBC, "Blowfish",
8, 8, 5, 56 /* 448 bits, max key */,
sizeof(blf_ctx),
@@ -142,7 +142,7 @@ struct enc_xform enc_xform_blf = {
NULL
};
-struct enc_xform enc_xform_cast5 = {
+const struct enc_xform enc_xform_cast5 = {
CRYPTO_CAST_CBC, "CAST-128",
8, 8, 5, 16,
sizeof(cast_key),
@@ -152,7 +152,7 @@ struct enc_xform enc_xform_cast5 = {
NULL
};
-struct enc_xform enc_xform_aes = {
+const struct enc_xform enc_xform_aes = {
CRYPTO_AES_CBC, "AES",
16, 16, 16, 32,
sizeof(AES_CTX),
@@ -162,7 +162,7 @@ struct enc_xform enc_xform_aes = {
NULL
};
-struct enc_xform enc_xform_aes_ctr = {
+const struct enc_xform enc_xform_aes_ctr = {
CRYPTO_AES_CTR, "AES-CTR",
16, 8, 16+4, 32+4,
sizeof(struct aes_ctr_ctx),
@@ -172,7 +172,7 @@ struct enc_xform enc_xform_aes_ctr = {
aes_ctr_reinit
};
-struct enc_xform enc_xform_aes_gcm = {
+const struct enc_xform enc_xform_aes_gcm = {
CRYPTO_AES_GCM_16, "AES-GCM",
1, 8, 16+4, 32+4,
sizeof(struct aes_ctr_ctx),
@@ -182,7 +182,7 @@ struct enc_xform enc_xform_aes_gcm = {
aes_gcm_reinit
};
-struct enc_xform enc_xform_aes_gmac = {
+const struct enc_xform enc_xform_aes_gmac = {
CRYPTO_AES_GMAC, "AES-GMAC",
1, 8, 16+4, 32+4, 0,
NULL,
@@ -191,7 +191,7 @@ struct enc_xform enc_xform_aes_gmac = {
NULL
};
-struct enc_xform enc_xform_aes_xts = {
+const struct enc_xform enc_xform_aes_xts = {
CRYPTO_AES_XTS, "AES-XTS",
16, 8, 32, 64,
sizeof(struct aes_xts_ctx),
@@ -201,7 +201,7 @@ struct enc_xform enc_xform_aes_xts = {
aes_xts_reinit
};
-struct enc_xform enc_xform_chacha20_poly1305 = {
+const struct enc_xform enc_xform_chacha20_poly1305 = {
CRYPTO_CHACHA20_POLY1305, "CHACHA20-POLY1305",
1, 8, 32+4, 32+4,
sizeof(struct chacha20_ctx),
@@ -211,7 +211,7 @@ struct enc_xform enc_xform_chacha20_poly
chacha20_reinit
};
-struct enc_xform enc_xform_null = {
+const struct enc_xform enc_xform_null = {
CRYPTO_NULL, "NULL",
4, 0, 0, 256, 0,
null_encrypt,
@@ -221,7 +221,7 @@ struct enc_xform enc_xform_null = {
};
/* Authentication instances */
-struct auth_hash auth_hash_hmac_md5_96 = {
+const struct auth_hash auth_hash_hmac_md5_96 = {
CRYPTO_MD5_HMAC, "HMAC-MD5",
16, 16, 12, sizeof(MD5_CTX), HMAC_MD5_BLOCK_LEN,
(void (*) (void *)) MD5Init, NULL, NULL,
@@ -229,7 +229,7 @@ struct auth_hash auth_hash_hmac_md5_96 =
(void (*) (u_int8_t *, void *)) MD5Final
};
-struct auth_hash auth_hash_hmac_sha1_96 = {
+const struct auth_hash auth_hash_hmac_sha1_96 = {
CRYPTO_SHA1_HMAC, "HMAC-SHA1",
20, 20, 12, sizeof(SHA1_CTX), HMAC_SHA1_BLOCK_LEN,
(void (*) (void *)) SHA1Init, NULL, NULL,
@@ -237,7 +237,7 @@ struct auth_hash auth_hash_hmac_sha1_96
(void (*) (u_int8_t *, void *)) SHA1Final
};
-struct auth_hash auth_hash_hmac_ripemd_160_96 = {
+const struct auth_hash auth_hash_hmac_ripemd_160_96 = {
CRYPTO_RIPEMD160_HMAC, "HMAC-RIPEMD-160",
20, 20, 12, sizeof(RMD160_CTX), HMAC_RIPEMD160_BLOCK_LEN,
(void (*)(void *)) RMD160Init, NULL, NULL,
@@ -245,7 +245,7 @@ struct auth_hash auth_hash_hmac_ripemd_1
(void (*)(u_int8_t *, void *)) RMD160Final
};
-struct auth_hash auth_hash_hmac_sha2_256_128 = {
+const struct auth_hash auth_hash_hmac_sha2_256_128 = {
CRYPTO_SHA2_256_HMAC, "HMAC-SHA2-256",
32, 32, 16, sizeof(SHA2_CTX), HMAC_SHA2_256_BLOCK_LEN,
(void (*)(void *)) SHA256Init, NULL, NULL,
@@ -253,7 +253,7 @@ struct auth_hash auth_hash_hmac_sha2_256
(void (*)(u_int8_t *, void *)) SHA256Final
};
-struct auth_hash auth_hash_hmac_sha2_384_192 = {
+const struct auth_hash auth_hash_hmac_sha2_384_192 = {
CRYPTO_SHA2_384_HMAC, "HMAC-SHA2-384",
48, 48, 24, sizeof(SHA2_CTX), HMAC_SHA2_384_BLOCK_LEN,
(void (*)(void *)) SHA384Init, NULL, NULL,
@@ -261,7 +261,7 @@ struct auth_hash auth_hash_hmac_sha2_384
(void (*)(u_int8_t *, void *)) SHA384Final
};
-struct auth_hash auth_hash_hmac_sha2_512_256 = {
+const struct auth_hash auth_hash_hmac_sha2_512_256 = {
CRYPTO_SHA2_512_HMAC, "HMAC-SHA2-512",
64, 64, 32, sizeof(SHA2_CTX), HMAC_SHA2_512_BLOCK_LEN,
(void (*)(void *)) SHA512Init, NULL, NULL,
@@ -269,28 +269,28 @@ struct auth_hash auth_hash_hmac_sha2_512
(void (*)(u_int8_t *, void *)) SHA512Final
};
-struct auth_hash auth_hash_gmac_aes_128 = {
+const struct auth_hash auth_hash_gmac_aes_128 = {
CRYPTO_AES_128_GMAC, "GMAC-AES-128",
16+4, GMAC_BLOCK_LEN, GMAC_DIGEST_LEN, sizeof(AES_GMAC_CTX),
AESCTR_BLOCKSIZE, AES_GMAC_Init, AES_GMAC_Setkey, AES_GMAC_Reinit,
AES_GMAC_Update, AES_GMAC_Final
};
-struct auth_hash auth_hash_gmac_aes_192 = {
+const struct auth_hash auth_hash_gmac_aes_192 = {
CRYPTO_AES_192_GMAC, "GMAC-AES-192",
24+4, GMAC_BLOCK_LEN, GMAC_DIGEST_LEN, sizeof(AES_GMAC_CTX),
AESCTR_BLOCKSIZE, AES_GMAC_Init, AES_GMAC_Setkey, AES_GMAC_Reinit,
AES_GMAC_Update, AES_GMAC_Final
};
-struct auth_hash auth_hash_gmac_aes_256 = {
+const struct auth_hash auth_hash_gmac_aes_256 = {
CRYPTO_AES_256_GMAC, "GMAC-AES-256",
32+4, GMAC_BLOCK_LEN, GMAC_DIGEST_LEN, sizeof(AES_GMAC_CTX),
AESCTR_BLOCKSIZE, AES_GMAC_Init, AES_GMAC_Setkey, AES_GMAC_Reinit,
AES_GMAC_Update, AES_GMAC_Final
};
-struct auth_hash auth_hash_chacha20_poly1305 = {
+const struct auth_hash auth_hash_chacha20_poly1305 = {
CRYPTO_CHACHA20_POLY1305_MAC, "CHACHA20-POLY1305",
CHACHA20_KEYSIZE+CHACHA20_SALT, POLY1305_BLOCK_LEN, POLY1305_TAGLEN,
sizeof(CHACHA20_POLY1305_CTX), CHACHA20_BLOCK_LEN,
@@ -300,13 +300,13 @@ struct auth_hash auth_hash_chacha20_poly
};
/* Compression instance */
-struct comp_algo comp_algo_deflate = {
+const struct comp_algo comp_algo_deflate = {
CRYPTO_DEFLATE_COMP, "Deflate",
90, deflate_compress,
deflate_decompress
};
-struct comp_algo comp_algo_lzs = {
+const struct comp_algo comp_algo_lzs = {
CRYPTO_LZS_COMP, "LZS",
90, lzs_dummy,
lzs_dummy
Index: crypto/xform.h
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/crypto/xform.h,v
retrieving revision 1.30
diff -u -p -r1.30 xform.h
--- crypto/xform.h 9 Apr 2018 04:34:56 -0000 1.30
+++ crypto/xform.h 7 Jul 2021 23:11:11 -0000
@@ -84,29 +84,29 @@ union authctx {
AES_GMAC_CTX aes_gmac_ctx;
};
-extern struct enc_xform enc_xform_3des;
-extern struct enc_xform enc_xform_blf;
-extern struct enc_xform enc_xform_cast5;
-extern struct enc_xform enc_xform_aes;
-extern struct enc_xform enc_xform_aes_ctr;
-extern struct enc_xform enc_xform_aes_gcm;
-extern struct enc_xform enc_xform_aes_gmac;
-extern struct enc_xform enc_xform_aes_xts;
-extern struct enc_xform enc_xform_chacha20_poly1305;
-extern struct enc_xform enc_xform_null;
+extern const struct enc_xform enc_xform_3des;
+extern const struct enc_xform enc_xform_blf;
+extern const struct enc_xform enc_xform_cast5;
+extern const struct enc_xform enc_xform_aes;
+extern const struct enc_xform enc_xform_aes_ctr;
+extern const struct enc_xform enc_xform_aes_gcm;
+extern const struct enc_xform enc_xform_aes_gmac;
+extern const struct enc_xform enc_xform_aes_xts;
+extern const struct enc_xform enc_xform_chacha20_poly1305;
+extern const struct enc_xform enc_xform_null;
-extern struct auth_hash auth_hash_hmac_md5_96;
-extern struct auth_hash auth_hash_hmac_sha1_96;
-extern struct auth_hash auth_hash_hmac_ripemd_160_96;
-extern struct auth_hash auth_hash_hmac_sha2_256_128;
-extern struct auth_hash auth_hash_hmac_sha2_384_192;
-extern struct auth_hash auth_hash_hmac_sha2_512_256;
-extern struct auth_hash auth_hash_gmac_aes_128;
-extern struct auth_hash auth_hash_gmac_aes_192;
-extern struct auth_hash auth_hash_gmac_aes_256;
-extern struct auth_hash auth_hash_chacha20_poly1305;
+extern const struct auth_hash auth_hash_hmac_md5_96;
+extern const struct auth_hash auth_hash_hmac_sha1_96;
+extern const struct auth_hash auth_hash_hmac_ripemd_160_96;
+extern const struct auth_hash auth_hash_hmac_sha2_256_128;
+extern const struct auth_hash auth_hash_hmac_sha2_384_192;
+extern const struct auth_hash auth_hash_hmac_sha2_512_256;
+extern const struct auth_hash auth_hash_gmac_aes_128;
+extern const struct auth_hash auth_hash_gmac_aes_192;
+extern const struct auth_hash auth_hash_gmac_aes_256;
+extern const struct auth_hash auth_hash_chacha20_poly1305;
-extern struct comp_algo comp_algo_deflate;
-extern struct comp_algo comp_algo_lzs;
+extern const struct comp_algo comp_algo_deflate;
+extern const struct comp_algo comp_algo_lzs;
#endif /* _CRYPTO_XFORM_H_ */
Index: netinet/ip_ah.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_ah.c,v
retrieving revision 1.147
diff -u -p -r1.147 ip_ah.c
--- netinet/ip_ah.c 18 Jun 2021 15:34:21 -0000 1.147
+++ netinet/ip_ah.c 7 Jul 2021 23:11:11 -0000
@@ -96,7 +96,7 @@ ah_attach(void)
int
ah_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii)
{
- struct auth_hash *thash = NULL;
+ const struct auth_hash *thash = NULL;
struct cryptoini cria, crin;
int error;
@@ -529,7 +529,7 @@ error6:
int
ah_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
- struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform;
+ const struct auth_hash *ahx = tdb->tdb_authalgxform;
struct tdb_crypto *tc = NULL;
u_int32_t btsx, esn;
u_int8_t hl;
@@ -717,7 +717,7 @@ ah_input(struct mbuf *m, struct tdb *tdb
int
ah_input_cb(struct tdb *tdb, struct tdb_crypto *tc, struct mbuf *m, int clen)
{
- struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform;
+ const struct auth_hash *ahx = tdb->tdb_authalgxform;
int roff, rplen, skip, protoff;
u_int32_t btsx, esn;
caddr_t ptr;
@@ -892,7 +892,7 @@ int
ah_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
int protoff)
{
- struct auth_hash *ahx = (struct auth_hash *) tdb->tdb_authalgxform;
+ const struct auth_hash *ahx = tdb->tdb_authalgxform;
struct cryptodesc *crda;
struct tdb_crypto *tc = NULL;
struct mbuf *mi;
Index: netinet/ip_esp.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_esp.c,v
retrieving revision 1.164
diff -u -p -r1.164 ip_esp.c
--- netinet/ip_esp.c 7 Jul 2021 18:03:46 -0000 1.164
+++ netinet/ip_esp.c 7 Jul 2021 23:11:11 -0000
@@ -90,8 +90,8 @@ esp_attach(void)
int
esp_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii)
{
- struct enc_xform *txform = NULL;
- struct auth_hash *thash = NULL;
+ const struct enc_xform *txform = NULL;
+ const struct auth_hash *thash = NULL;
struct cryptoini cria, crie, crin;
int error;
@@ -337,8 +337,8 @@ esp_zeroize(struct tdb *tdbp)
int
esp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
- struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform;
- struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform;
+ const struct auth_hash *esph = tdb->tdb_authalgxform;
+ const struct enc_xform *espx = tdb->tdb_encalgxform;
struct cryptodesc *crde = NULL, *crda = NULL;
struct cryptop *crp = NULL;
struct tdb_crypto *tc = NULL;
@@ -546,7 +546,7 @@ esp_input_cb(struct tdb *tdb, struct tdb
u_int8_t lastthree[3], aalg[AH_HMAC_MAX_HASHLEN];
int hlen, roff, skip, protoff;
struct mbuf *m1, *mo;
- struct auth_hash *esph;
+ const struct auth_hash *esph;
u_int32_t btsx, esn;
caddr_t ptr;
#ifdef ENCDEBUG
@@ -558,7 +558,7 @@ esp_input_cb(struct tdb *tdb, struct tdb
NET_ASSERT_LOCKED();
- esph = (struct auth_hash *) tdb->tdb_authalgxform;
+ esph = tdb->tdb_authalgxform;
/* If authentication was performed, check now. */
if (esph != NULL) {
@@ -743,8 +743,8 @@ int
esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
int protoff)
{
- struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform;
- struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform;
+ const struct enc_xform *espx = tdb->tdb_encalgxform;
+ const struct auth_hash *esph = tdb->tdb_authalgxform;
int ilen, hlen, rlen, padding, blks, alen, roff, error;
u_int64_t replay64;
u_int32_t replay;
Index: netinet/ip_ipcomp.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_ipcomp.c,v
retrieving revision 1.68
diff -u -p -r1.68 ip_ipcomp.c
--- netinet/ip_ipcomp.c 18 Jun 2021 15:34:21 -0000 1.68
+++ netinet/ip_ipcomp.c 7 Jul 2021 23:11:11 -0000
@@ -77,7 +77,7 @@ ipcomp_attach(void)
int
ipcomp_init(struct tdb *tdbp, struct xformsw *xsp, struct ipsecinit *ii)
{
- struct comp_algo *tcomp = NULL;
+ const struct comp_algo *tcomp = NULL;
struct cryptoini cric;
int error;
@@ -133,7 +133,7 @@ ipcomp_zeroize(struct tdb *tdbp)
int
ipcomp_input(struct mbuf *m, struct tdb *tdb, int skip, int protoff)
{
- struct comp_algo *ipcompx = (struct comp_algo *) tdb->tdb_compalgxform;
+ const struct comp_algo *ipcompx = tdb->tdb_compalgxform;
struct tdb_crypto *tc;
int hlen, error;
@@ -321,7 +321,7 @@ int
ipcomp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
int protoff)
{
- struct comp_algo *ipcompx = (struct comp_algo *) tdb->tdb_compalgxform;
+ const struct comp_algo *ipcompx = tdb->tdb_compalgxform;
int error, hlen;
struct cryptodesc *crdc = NULL;
struct cryptop *crp = NULL;
Index: netinet/ip_ipsp.h
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_ipsp.h,v
retrieving revision 1.198
diff -u -p -r1.198 ip_ipsp.h
--- netinet/ip_ipsp.h 7 Jul 2021 18:03:46 -0000 1.198
+++ netinet/ip_ipsp.h 7 Jul 2021 23:11:11 -0000
@@ -321,9 +321,9 @@ struct tdb { /* tunnel
descriptor blo
struct tdb *tdb_onext;
struct xformsw *tdb_xform; /* Transform to use */
- struct enc_xform *tdb_encalgxform; /* Enc algorithm */
- struct auth_hash *tdb_authalgxform; /* Auth algorithm */
- struct comp_algo *tdb_compalgxform; /* Compression algo */
+ const struct enc_xform *tdb_encalgxform; /* Enc algorithm */
+ const struct auth_hash *tdb_authalgxform; /* Auth algorithm */
+ const struct comp_algo *tdb_compalgxform; /* Compression algo */
#define TDBF_UNIQUE 0x00001 /* This should not be used by
others */
#define TDBF_TIMER 0x00002 /* Absolute expiration timer in
use */
@@ -517,17 +517,6 @@ extern int ipsec_exp_first_use; /* seco
extern char ipsec_def_enc[];
extern char ipsec_def_auth[];
extern char ipsec_def_comp[];
-
-extern struct enc_xform enc_xform_des;
-extern struct enc_xform enc_xform_3des;
-extern struct enc_xform enc_xform_blf;
-extern struct enc_xform enc_xform_cast5;
-
-extern struct auth_hash auth_hash_hmac_md5_96;
-extern struct auth_hash auth_hash_hmac_sha1_96;
-extern struct auth_hash auth_hash_hmac_ripemd_160_96;
-
-extern struct comp_algo comp_algo_deflate;
extern TAILQ_HEAD(ipsec_policy_head, ipsec_policy) ipsec_policy_head;
