[exim-cvs] OpenSSL 1.0.0 const fix for SSL_get_current_ciphe…

Top Page
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] OpenSSL 1.0.0 const fix for SSL_get_current_cipher
Gitweb: http://git.exim.org/exim.git/commitdiff/57b3a7f5217369edd800f6d57abbd67ea12e9bbe
Commit:     57b3a7f5217369edd800f6d57abbd67ea12e9bbe
Parent:     2daddfb8bf41421c78cbc9bf5cf5a24acc4b0ff8
Author:     Phil Pennock <pdp@???>
AuthorDate: Sun Jul 11 00:19:56 2010 -0700
Committer:  Phil Pennock <pdp@???>
CommitDate: Sun Sep 5 18:49:34 2010 -0400


    OpenSSL 1.0.0 const fix for SSL_get_current_cipher


    OpenSSL 1.0.0 changes SSL_get_current_cipher()'s return value to include
    const.  It looks like a safe change for older OpenSSL, so treat it
    appropriately and cast as needed.
---
 src/src/tls-openssl.c |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)


diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 3ea55f2..b6a8dcb 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -438,7 +438,10 @@ static void
construct_cipher_name(SSL *ssl)
{
static uschar cipherbuf[256];
-SSL_CIPHER *c;
+/* With OpenSSL 1.0.0a, this needs to be const but the documentation doesn't
+yet reflect that. It should be a safe change anyway, even 0.9.8 versions have
+the accessor functions use const in the prototype. */
+const SSL_CIPHER *c;
uschar *ver;
int bits;

@@ -460,7 +463,7 @@ switch (ssl->session->ssl_version)
ver = US"UNKNOWN";
}

-c = SSL_get_current_cipher(ssl);
+c = (const SSL_CIPHER *) SSL_get_current_cipher(ssl);
SSL_CIPHER_get_bits(c, &bits);

string_format(cipherbuf, sizeof(cipherbuf), "%s:%s:%u", ver,