From 57b3a7f5217369edd800f6d57abbd67ea12e9bbe Mon Sep 17 00:00:00 2001 From: Phil Pennock Date: Sun, 11 Jul 2010 00:19:56 -0700 Subject: [PATCH] OpenSSL 1.0.0 const fix for SSL_get_current_cipher OpenSSL 1.0.0 changes SSL_get_current_cipher()'s return value to include const. It looks like a safe change for older OpenSSL, so treat it appropriately and cast as needed. --- src/src/tls-openssl.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 3ea55f238..b6a8dcb8c 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -438,7 +438,10 @@ static void construct_cipher_name(SSL *ssl) { static uschar cipherbuf[256]; -SSL_CIPHER *c; +/* With OpenSSL 1.0.0a, this needs to be const but the documentation doesn't +yet reflect that. It should be a safe change anyway, even 0.9.8 versions have +the accessor functions use const in the prototype. */ +const SSL_CIPHER *c; uschar *ver; int bits; @@ -460,7 +463,7 @@ switch (ssl->session->ssl_version) ver = US"UNKNOWN"; } -c = SSL_get_current_cipher(ssl); +c = (const SSL_CIPHER *) SSL_get_current_cipher(ssl); SSL_CIPHER_get_bits(c, &bits); string_format(cipherbuf, sizeof(cipherbuf), "%s:%s:%u", ver, -- 2.30.2