add const to most rfc4251:: variables

author: Timo Weingärtner <timo@tiwe.de> 2021-04-25 17:45:45 +0200
committer: Timo Weingärtner <timo@tiwe.de> 2026-03-07 22:25:16 +0100
commit: 1ed4729f59343b8041387b8802610c25de599085 (patch)
tree: 53d91a544496648562e764640ae627d2391b3b57 /ssh-agent-filter.C
parent: 145c64e6c4e4151e869104e12da71786b8c31932 (diff)
download: ssh-agent-filter-1ed4729f59343b8041387b8802610c25de599085.tar.gz
1 files changed, 51 insertions, 51 deletions
diff --git a/ssh-agent-filter.C b/ssh-agent-filter.C
index 175fba2..750ae60 100644
--- a/ssh-agent-filter.C
+++ b/ssh-agent-filter.C
@@ -236,13 +236,13 @@ void setup_filters () {
 	arm(agent);
 	
 	agent << rfc4251::string{string{SSH2_AGENTC_REQUEST_IDENTITIES}};
-	rfc4251::string answer{agent};
+	rfc4251::string const answer{agent};
 	io::stream<io::array_source> answer_iss{answer.data(), answer.size()};
 	arm(answer_iss);
-	rfc4251::byte resp_code{answer_iss};
+	rfc4251::byte const resp_code{answer_iss};
 	if (resp_code != SSH2_AGENT_IDENTITIES_ANSWER)
 		throw runtime_error{"unexpected answer from ssh-agent"};
-	rfc4251::uint32 keycount{answer_iss};
+	rfc4251::uint32 const keycount{answer_iss};
 	for (uint32_t i = keycount; i; --i) {
 		rfc4251::string key{answer_iss};
 		rfc4251::string comment{answer_iss};
@@ -329,7 +329,7 @@ std::optional<string> dissect_auth_data_ssh_cert (rfc4251::string const & data)
 	string request_description{};
 
 	// Format specified in https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?annotate=1.13
-	rfc4251::string		keytype{datastream};
+	rfc4251::string const	keytype{datastream};
 	std::string		keytype_str{keytype};
 	{
 		// check for and remove suffix to get the base keytype
@@ -341,40 +341,40 @@ std::optional<string> dissect_auth_data_ssh_cert (rfc4251::string const & data)
 			return {};
 		keytype_str.erase(suffix_start, keytype_str.end());
 	}
-	rfc4251::string		nonce{datastream};
+	rfc4251::string const	nonce{datastream};
 	std::ostringstream	key_to_be_signed{};
 	if (keytype_str == "ssh-rsa") {
-		rfc4251::mpint		e{datastream};
-		rfc4251::mpint		n{datastream};
+		rfc4251::mpint const	e{datastream};
+		rfc4251::mpint const	n{datastream};
 		key_to_be_signed << rfc4251::string{keytype_str} << e << n;
 	} else if (keytype_str == "ssh-dss") {
-		rfc4251::mpint		p{datastream};
-		rfc4251::mpint		q{datastream};
-		rfc4251::mpint		g{datastream};
-		rfc4251::mpint		y{datastream};
+		rfc4251::mpint const	p{datastream};
+		rfc4251::mpint const	q{datastream};
+		rfc4251::mpint const	g{datastream};
+		rfc4251::mpint const	y{datastream};
 		key_to_be_signed << rfc4251::string{keytype_str} << p << q << g << y;
 	} else if (keytype_str == "ecdsa-sha2-nistp256"
 			|| keytype_str == "ecdsa-sha2-nistp384"
 			|| keytype_str == "ecdsa-sha2-nistp521") {
-		rfc4251::string		curve{datastream};
-		rfc4251::string		public_key{datastream};
+		rfc4251::string const	curve{datastream};
+		rfc4251::string const	public_key{datastream};
 		key_to_be_signed << rfc4251::string{keytype_str} << curve << public_key;
 	} else if (keytype_str == "ssh-ed25519") {
-		rfc4251::string		pk{datastream};
+		rfc4251::string const	pk{datastream};
 		key_to_be_signed << rfc4251::string{keytype_str} << pk;
 	} else {
 		return {};
 	}
-	rfc4251::uint64		serial{datastream};
-	rfc4251::uint32		type{datastream};
-	rfc4251::string		key_id{datastream};
-	rfc4251::string		valid_principals{datastream};
-	rfc4251::uint64		valid_after{datastream};
-	rfc4251::uint64		valid_before{datastream};
-	rfc4251::string		critical_options{datastream};
-	rfc4251::string		extensions{datastream};
-	rfc4251::string		reserved{datastream};
-	rfc4251::string		signature_key{datastream};
+	rfc4251::uint64 const	serial{datastream};
+	rfc4251::uint32 const	type{datastream};
+	rfc4251::string const	key_id{datastream};
+	rfc4251::string const	valid_principals{datastream};
+	rfc4251::uint64 const	valid_after{datastream};
+	rfc4251::uint64 const	valid_before{datastream};
+	rfc4251::string const	critical_options{datastream};
+	rfc4251::string const	extensions{datastream};
+	rfc4251::string const	reserved{datastream};
+	rfc4251::string const	signature_key{datastream};
 
 	request_description = "The request is for a certificate signature on key " + base64_encode(key_to_be_signed.str()) + ".";
 
@@ -389,14 +389,14 @@ std::optional<string> dissect_auth_data_ssh (rfc4251::string const & data) try {
 	string request_description{};
 
 	// Format specified in RFC 4252 Section 7
-	rfc4251::string		session_identifier{datastream};
-	rfc4251::byte		requesttype{datastream};
-	rfc4251::string		username{datastream};
-	rfc4251::string		servicename{datastream};
-	rfc4251::string		publickeystring{datastream};
-	rfc4251::boolean	shouldbetrue{datastream};
-	rfc4251::string		publickeyalgorithm{datastream};
-	rfc4251::string		publickey{datastream};
+	rfc4251::string const	session_identifier{datastream};
+	rfc4251::byte const	requesttype{datastream};
+	rfc4251::string const	username{datastream};
+	rfc4251::string const	servicename{datastream};
+	rfc4251::string const	publickeystring{datastream};
+	rfc4251::boolean const	shouldbetrue{datastream};
+	rfc4251::string const	publickeyalgorithm{datastream};
+	rfc4251::string const	publickey{datastream};
 
 	request_description = "The request is for an ssh connection as user '" + string{username} + "' with service name '" + string{servicename} + "'.";
 
@@ -405,17 +405,17 @@ std::optional<string> dissect_auth_data_ssh (rfc4251::string const & data) try {
 		io::stream<io::array_source> idstream{session_identifier.data(), session_identifier.size()};
 		arm(idstream);
 
-		rfc4251::uint32	type{idstream};
+		rfc4251::uint32 const	type{idstream};
 		if (type == 101) {
 			// PAM_SSH_AGENT_AUTH_REQUESTv1
-			rfc4251::string	cookie{idstream};
-			rfc4251::string	user{idstream};
-			rfc4251::string	ruser{idstream};
-			rfc4251::string	pam_service{idstream};
-			rfc4251::string	pwd{idstream};
-			rfc4251::string	action{idstream};
-			rfc4251::string	hostname{idstream};
-			rfc4251::uint64	timestamp{idstream};
+			rfc4251::string const	cookie{idstream};
+			rfc4251::string const	user{idstream};
+			rfc4251::string const	ruser{idstream};
+			rfc4251::string const	pam_service{idstream};
+			rfc4251::string const	pwd{idstream};
+			rfc4251::string const	action{idstream};
+			rfc4251::string const	hostname{idstream};
+			rfc4251::uint64 const	timestamp{idstream};
 
 			string singleuser{user};
 			if (user != ruser)
@@ -428,12 +428,12 @@ std::optional<string> dissect_auth_data_ssh (rfc4251::string const & data) try {
 			io::stream<io::array_source> actionstream{action.data(), action.size()};
 			arm(actionstream);
 			
-			rfc4251::uint32	argc{actionstream};
+			rfc4251::uint32 const	argc{actionstream};
 			
 			if (argc) {
 				additional += " to run";
 				for (uint32_t i = argc; i; --i) {
-					rfc4251::string	argv{actionstream};
+					rfc4251::string const	argv{actionstream};
 					additional += ' ' + string{argv};
 				}
 			}
@@ -474,7 +474,7 @@ rfc4251::string handle_request (rfc4251::string const & r) {
 	io::stream<io::back_insert_device<vector<char>>> answer{ret.buf};
 	arm(request);
 	arm(answer);
-	rfc4251::byte request_code{request};
+	rfc4251::byte const request_code{request};
 	switch (request_code) {
 		case SSH2_AGENTC_REQUEST_IDENTITIES:
 			{
@@ -483,14 +483,14 @@ rfc4251::string handle_request (rfc4251::string const & r) {
 				agent << rfc4251::string{string{SSH2_AGENTC_REQUEST_IDENTITIES}};
 				// temp to test key filtering when signing
 				//return rfc4251::string{agent};
-				rfc4251::string agent_answer{agent};
+				rfc4251::string const agent_answer{agent};
 				io::stream<io::array_source> agent_answer_iss{agent_answer.data(), agent_answer.size()};
 				arm(agent_answer_iss);
-				rfc4251::byte answer_code{agent_answer_iss};
-				rfc4251::uint32 keycount{agent_answer_iss};
+				rfc4251::byte const answer_code{agent_answer_iss};
+				rfc4251::uint32 const keycount{agent_answer_iss};
 				if (answer_code != SSH2_AGENT_IDENTITIES_ANSWER)
 					throw runtime_error{"unexpected answer from ssh-agent"};
-				vector<pair<rfc4251::string, rfc4251::string>> keys;
+				vector<pair<rfc4251::string const, rfc4251::string const>> keys;
 				for (uint32_t i = keycount; i; --i) {
 					rfc4251::string key{agent_answer_iss};
 					rfc4251::string comment{agent_answer_iss};
@@ -504,9 +504,9 @@ rfc4251::string handle_request (rfc4251::string const & r) {
 			break;
 		case SSH2_AGENTC_SIGN_REQUEST:
 			{
-				rfc4251::string key{request};
-				rfc4251::string data_to_be_signed{request};
-				rfc4251::uint32 flags{request};
+				rfc4251::string const key{request};
+				rfc4251::string const data_to_be_signed{request};
+				rfc4251::uint32 const flags{request};
 				bool allow{false};
 				
 				if (allowed_pubkeys.count(key))
author	Timo Weingärtner <timo@tiwe.de>	2021-04-25 17:45:45 +0200
committer	Timo Weingärtner <timo@tiwe.de>	2026-03-07 22:25:16 +0100
commit	1ed4729f59343b8041387b8802610c25de599085 (patch)
tree	53d91a544496648562e764640ae627d2391b3b57 /ssh-agent-filter.C
parent	145c64e6c4e4151e869104e12da71786b8c31932 (diff)
download	ssh-agent-filter-1ed4729f59343b8041387b8802610c25de599085.tar.gz