Don't allow change of CRT frame returned by x509_crt_frame_acquire()
diff --git a/library/ssl_srv.c b/library/ssl_srv.c
index 1fd1d31..1e3c6fa 100644
--- a/library/ssl_srv.c
+++ b/library/ssl_srv.c
@@ -874,7 +874,7 @@
mbedtls_md_type_t sig_md;
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( cur->cert, &frame );
if( ret != 0 )
return( ret );
@@ -2996,7 +2996,7 @@
while( crt != NULL && crt->raw.p != NULL )
{
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 )
return( ret );
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 29b304a..04e8125 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -288,7 +288,7 @@
mbedtls_x509_sequence **subj_alt )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
mbedtls_x509_sequence *seq;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@@ -311,7 +311,7 @@
mbedtls_x509_sequence **ext_key_usage )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
mbedtls_x509_sequence *seq;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@@ -334,7 +334,7 @@
mbedtls_x509_name **subject )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
mbedtls_x509_name *name;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@@ -357,7 +357,7 @@
mbedtls_x509_name **issuer )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
mbedtls_x509_name *name;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
@@ -380,7 +380,7 @@
mbedtls_x509_crt_frame *dst )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 )
return( ret );
@@ -2426,7 +2426,7 @@
unsigned int usage )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 )
return( MBEDTLS_ERR_X509_FATAL_ERROR );
@@ -2474,7 +2474,7 @@
size_t usage_len )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
unsigned ext_types;
unsigned char *p, *end;
x509_crt_check_ext_key_usage_cb_ctx_t cb_ctx = { usage_oid, usage_len };
@@ -2534,7 +2534,7 @@
const mbedtls_x509_crl *crl )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 )
@@ -2569,7 +2569,7 @@
return( flags );
{
- mbedtls_x509_crt_frame *ca;
+ mbedtls_x509_crt_frame const *ca;
ret = mbedtls_x509_crt_frame_acquire( ca_crt, &ca );
if( ret != 0 )
return( MBEDTLS_X509_BADCRL_NOT_TRUSTED );
@@ -2846,7 +2846,7 @@
parent_valid = parent_match = path_len_ok = 0;
{
- mbedtls_x509_crt_frame *parent;
+ mbedtls_x509_crt_frame const *parent;
ret = mbedtls_x509_crt_frame_acquire( parent_crt, &parent );
if( ret != 0 )
@@ -3139,7 +3139,7 @@
{
mbedtls_x509_crt_sig_info child_sig;
{
- mbedtls_x509_crt_frame *child;
+ mbedtls_x509_crt_frame const *child;
ret = mbedtls_x509_crt_frame_acquire( child_crt, &child );
if( ret != 0 )
@@ -3340,7 +3340,7 @@
uint32_t *flags )
{
int ret;
- mbedtls_x509_crt_frame *frame;
+ mbedtls_x509_crt_frame const *frame;
ret = mbedtls_x509_crt_frame_acquire( crt, &frame );
if( ret != 0 )