From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Mon, 17 Sep 2018 16:20:14 +0000 (+0100)
Subject: Constification
X-Git-Tag: exim-4.92-RC1~104
X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/3fb3231cf83c8a9328499ea17b3663c1618210dc

Constification
---

diff --git a/src/src/functions.h b/src/src/functions.h
index 920f3d96f..f37c10733 100644
--- a/src/src/functions.h
+++ b/src/src/functions.h
@@ -570,7 +570,7 @@ extern int     verify_check_headers(uschar **);
 extern int     verify_check_header_names_ascii(uschar **);
 extern int     verify_check_host(uschar **);
 extern int     verify_check_notblind(void);
-extern int     verify_check_given_host(uschar **, host_item *);
+extern int     verify_check_given_host(const uschar **, const host_item *);
 extern int     verify_check_this_host(const uschar **, unsigned int *,
 	         const uschar*, const uschar *, const uschar **);
 extern address_item *verify_checked_sender(uschar *);
diff --git a/src/src/smtp_out.c b/src/src/smtp_out.c
index 6fd0bf729..62d4c7333 100644
--- a/src/src/smtp_out.c
+++ b/src/src/smtp_out.c
@@ -264,7 +264,7 @@ requested some early-data then include that in the TFO request. */
 else
   {
 #ifdef TCP_FASTOPEN
-  if (verify_check_given_host(&ob->hosts_try_fastopen, host) == OK)
+  if (verify_check_given_host(CUSS &ob->hosts_try_fastopen, host) == OK)
     fastopen_blob = early_data ? early_data : &tcp_fastopen_nodata;
 #endif
 
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 3e618a697..9fcb50dfe 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2158,7 +2158,7 @@ static void
 tls_client_setup_hostname_checks(host_item * host, exim_gnutls_state_st * state,
   smtp_transport_options_block * ob)
 {
-if (verify_check_given_host(&ob->tls_verify_cert_hostnames, host) == OK)
+if (verify_check_given_host(CUSS &ob->tls_verify_cert_hostnames, host) == OK)
   {
   state->exp_tls_verify_cert_hostnames =
 #ifdef SUPPORT_I18N
@@ -2284,9 +2284,9 @@ uschar *cipher_list = NULL;
 
 #ifndef DISABLE_OCSP
 BOOL require_ocsp =
-  verify_check_given_host(&ob->hosts_require_ocsp, host) == OK;
+  verify_check_given_host(CUSS &ob->hosts_require_ocsp, host) == OK;
 BOOL request_ocsp = require_ocsp ? TRUE
-  : verify_check_given_host(&ob->hosts_request_ocsp, host) == OK;
+  : verify_check_given_host(CUSS &ob->hosts_request_ocsp, host) == OK;
 #endif
 
 DEBUG(D_tls) debug_printf("initialising GnuTLS as a client on fd %d\n", fd);
@@ -2346,7 +2346,7 @@ else
 	  && !ob->tls_verify_hosts
 	  && (!ob->tls_try_verify_hosts || !*ob->tls_try_verify_hosts)
 	  )
-	|| verify_check_given_host(&ob->tls_verify_hosts, host) == OK
+	|| verify_check_given_host(CUSS &ob->tls_verify_hosts, host) == OK
        )
   {
   tls_client_setup_hostname_checks(host, state, ob);
@@ -2355,7 +2355,7 @@ else
   state->verify_requirement = VERIFY_REQUIRED;
   gnutls_certificate_server_set_request(state->session, GNUTLS_CERT_REQUIRE);
   }
-else if (verify_check_given_host(&ob->tls_try_verify_hosts, host) == OK)
+else if (verify_check_given_host(CUSS &ob->tls_try_verify_hosts, host) == OK)
   {
   tls_client_setup_hostname_checks(host, state, ob);
   DEBUG(D_tls)
diff --git a/src/src/transports/smtp.c b/src/src/transports/smtp.c
index aac47aa5a..b2adeb555 100644
--- a/src/src/transports/smtp.c
+++ b/src/src/transports/smtp.c
@@ -1022,7 +1022,7 @@ uschar *fail_reason = US"server did not advertise AUTH support";
 
 f.smtp_authenticated = FALSE;
 client_authenticator = client_authenticated_id = client_authenticated_sender = NULL;
-require_auth = verify_check_given_host(&ob->hosts_require_auth, sx->host);
+require_auth = verify_check_given_host(CUSS &ob->hosts_require_auth, sx->host);
 
 if (sx->esmtp && !regex_AUTH) regex_AUTH =
     regex_must_compile(US"\\n250[\\s\\-]AUTH\\s+([\\-\\w\\s]+)(?:\\n|$)",
@@ -1037,7 +1037,7 @@ if (sx->esmtp && regex_match_and_setup(regex_AUTH, buffer, 0, -1))
   regex match above. */
 
   if (require_auth == OK ||
-      verify_check_given_host(&ob->hosts_try_auth, sx->host) == OK)
+      verify_check_given_host(CUSS &ob->hosts_try_auth, sx->host) == OK)
     {
     auth_instance *au;
     fail_reason = US"no common mechanisms were found";
@@ -1569,7 +1569,7 @@ sx->dsn_all_lasthop = TRUE;
 #if defined(SUPPORT_TLS) && defined(SUPPORT_DANE)
 sx->dane = FALSE;
 sx->dane_required =
-  verify_check_given_host(&sx->ob->hosts_require_dane, sx->host) == OK;
+  verify_check_given_host(CUSS &sx->ob->hosts_require_dane, sx->host) == OK;
 #endif
 
 if ((sx->max_rcpt = sx->tblock->max_addresses) == 0) sx->max_rcpt = 999999;
@@ -1650,7 +1650,7 @@ if (!continue_hostname)
     if (sx->host->dnssec == DS_YES)
       {
       if(  sx->dane_required
-	|| verify_check_given_host(&sx->ob->hosts_try_dane, sx->host) == OK
+	|| verify_check_given_host(CUSS &sx->ob->hosts_try_dane, sx->host) == OK
 	)
 	switch (rc = tlsa_lookup(sx->host, &tlsa_dnsa, sx->dane_required))
 	  {
@@ -1819,7 +1819,7 @@ goto SEND_QUIT;
   mailers use upper case for some reason (the RFC is quite clear about case
   independence) so, for peace of mind, I gave in. */
 
-  sx->esmtp = verify_check_given_host(&sx->ob->hosts_avoid_esmtp, sx->host) != OK;
+  sx->esmtp = verify_check_given_host(CUSS &sx->ob->hosts_avoid_esmtp, sx->host) != OK;
 
   /* Alas; be careful, since this goto is not an error-out, so conceivably
   we might set data between here and the target which we assume to exist
@@ -1966,9 +1966,9 @@ for error analysis. */
 #ifdef SUPPORT_TLS
 if (  smtp_peer_options & OPTION_TLS
    && !suppress_tls
-   && verify_check_given_host(&sx->ob->hosts_avoid_tls, sx->host) != OK
+   && verify_check_given_host(CUSS &sx->ob->hosts_avoid_tls, sx->host) != OK
    && (  !sx->verify
-      || verify_check_given_host(&sx->ob->hosts_verify_avoid_tls, sx->host) != OK
+      || verify_check_given_host(CUSS &sx->ob->hosts_verify_avoid_tls, sx->host) != OK
    )  )
   {
   uschar buffer2[4096];
@@ -2116,7 +2116,7 @@ else if (  sx->smtps
 # ifdef EXPERIMENTAL_REQUIRETLS
 	|| tls_requiretls & REQUIRETLS_MSG
 # endif
-	|| verify_check_given_host(&sx->ob->hosts_require_tls, sx->host) == OK
+	|| verify_check_given_host(CUSS &sx->ob->hosts_require_tls, sx->host) == OK
 	)
   {
   errno =
@@ -2184,14 +2184,14 @@ if (continue_hostname == NULL
     the current host matches hosts_avoid_pipelining, don't do it. */
 
     if (  sx->peer_offered & OPTION_PIPE
-       && verify_check_given_host(&sx->ob->hosts_avoid_pipelining, sx->host) != OK)
+       && verify_check_given_host(CUSS &sx->ob->hosts_avoid_pipelining, sx->host) != OK)
       smtp_peer_options |= OPTION_PIPE;
 
     DEBUG(D_transport) debug_printf("%susing PIPELINING\n",
       smtp_peer_options & OPTION_PIPE ? "" : "not ");
 
     if (  sx->peer_offered & OPTION_CHUNKING
-       && verify_check_given_host(&sx->ob->hosts_try_chunking, sx->host) != OK)
+       && verify_check_given_host(CUSS &sx->ob->hosts_try_chunking, sx->host) != OK)
       sx->peer_offered &= ~OPTION_CHUNKING;
 
     if (sx->peer_offered & OPTION_CHUNKING)
@@ -2199,7 +2199,7 @@ if (continue_hostname == NULL
 
 #ifndef DISABLE_PRDR
     if (  sx->peer_offered & OPTION_PRDR
-       && verify_check_given_host(&sx->ob->hosts_try_prdr, sx->host) != OK)
+       && verify_check_given_host(CUSS &sx->ob->hosts_try_prdr, sx->host) != OK)
       sx->peer_offered &= ~OPTION_PRDR;
 
     if (sx->peer_offered & OPTION_PRDR)
@@ -3602,7 +3602,7 @@ if (sx.completed_addr && sx.ok && sx.send_quit)
      || (
 #ifdef SUPPORT_TLS
 	   (  tls_out.active.sock < 0  &&  !continue_proxy_cipher
-           || verify_check_given_host(&sx.ob->hosts_nopass_tls, host) != OK
+           || verify_check_given_host(CUSS &sx.ob->hosts_nopass_tls, host) != OK
 	   )
         &&
 #endif
@@ -3658,7 +3658,7 @@ if (sx.completed_addr && sx.ok && sx.send_quit)
 #ifdef SUPPORT_TLS
       if (tls_out.active.sock >= 0)
 	if (  f.continue_more
-	   || verify_check_given_host(&sx.ob->hosts_noproxy_tls, host) == OK)
+	   || verify_check_given_host(CUSS &sx.ob->hosts_noproxy_tls, host) == OK)
 	  {
 	  /* Before passing the socket on, or returning to caller with it still
 	  open, we must shut down TLS.  Not all MTAs allow for the continuation
@@ -4435,7 +4435,7 @@ retry_non_continued:
     sending the message down a pre-existing connection. */
 
     if (  !continue_hostname
-       && verify_check_given_host(&ob->serialize_hosts, host) == OK)
+       && verify_check_given_host(CUSS &ob->serialize_hosts, host) == OK)
       {
       serialize_key = string_sprintf("host-serialize-%s", host->name);
       if (!enq_start(serialize_key, 1))
@@ -4576,7 +4576,7 @@ retry_non_continued:
       if (  rc == DEFER
 	 && first_addr->basic_errno == ERRNO_TLSFAILURE
 	 && ob->tls_tempfail_tryclear
-	 && verify_check_given_host(&ob->hosts_require_tls, host) != OK
+	 && verify_check_given_host(CUSS &ob->hosts_require_tls, host) != OK
 	 )
         {
         log_write(0, LOG_MAIN,
diff --git a/src/src/verify.c b/src/src/verify.c
index 8d31f5d8e..9aff78a9a 100644
--- a/src/src/verify.c
+++ b/src/src/verify.c
@@ -693,7 +693,7 @@ tls_retry_connection:
     if (  yield == DEFER
        && addr->basic_errno == ERRNO_TLSFAILURE
        && ob->tls_tempfail_tryclear
-       && verify_check_given_host(&ob->hosts_require_tls, host) != OK
+       && verify_check_given_host(CUSS &ob->hosts_require_tls, host) != OK
        )
       {
       log_write(0, LOG_MAIN,
@@ -3244,9 +3244,9 @@ return rc;
 *      Check the given host item matches a list  *
 *************************************************/
 int
-verify_check_given_host(uschar **listptr, host_item *host)
+verify_check_given_host(const uschar **listptr, const host_item *host)
 {
-return verify_check_this_host(CUSS listptr, NULL, host->name, host->address, NULL);
+return verify_check_this_host(listptr, NULL, host->name, host->address, NULL);
 }
 
 /*************************************************