From: Phil Pennock <pdp@exim.org>
Date: Sun, 11 Jul 2010 07:19:56 +0000 (-0700)
Subject: OpenSSL 1.0.0 const fix for SSL_get_current_cipher
X-Git-Tag: exim-4_73_RC0~18
X-Git-Url: https://vcs.fsf.org/?p=exim.git;a=commitdiff_plain;h=57b3a7f5217369edd800f6d57abbd67ea12e9bbe;ds=sidebyside

OpenSSL 1.0.0 const fix for SSL_get_current_cipher

OpenSSL 1.0.0 changes SSL_get_current_cipher()'s return value to include
const.  It looks like a safe change for older OpenSSL, so treat it
appropriately and cast as needed.
---

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 3ea55f238..b6a8dcb8c 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -438,7 +438,10 @@ static void
 construct_cipher_name(SSL *ssl)
 {
 static uschar cipherbuf[256];
-SSL_CIPHER *c;
+/* With OpenSSL 1.0.0a, this needs to be const but the documentation doesn't
+yet reflect that.  It should be a safe change anyway, even 0.9.8 versions have
+the accessor functions use const in the prototype. */
+const SSL_CIPHER *c;
 uschar *ver;
 int bits;
 
@@ -460,7 +463,7 @@ switch (ssl->session->ssl_version)
   ver = US"UNKNOWN";
   }
 
-c = SSL_get_current_cipher(ssl);
+c = (const SSL_CIPHER *) SSL_get_current_cipher(ssl);
 SSL_CIPHER_get_bits(c, &bits);
 
 string_format(cipherbuf, sizeof(cipherbuf), "%s:%s:%u", ver,