From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Fri, 18 Nov 2016 18:09:15 +0000 (+0200)
Subject: Accomodate consts added in OpenSSL 1.1
X-Git-Tag: release_3_0_13~92^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e787e4d0663ca77681338e40716a8c06e7cd0c1a;p=thirdparty%2Ffreeradius-server.git

Accomodate consts added in OpenSSL 1.1

Update some declarations to use const to match respective changes in
OpenSSL 1.1 and not produce build warnings.
---

diff --git a/src/main/tls.c b/src/main/tls.c
index 0f983d1362d..692bab70217 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -1412,7 +1412,11 @@ error:
 	return 0;
 }
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, int *copy)
+#else
+static SSL_SESSION *cbtls_get_session(SSL *ssl, const unsigned char *data, int len, int *copy)
+#endif
 {
 	size_t			size;
 	char			buffer[2 * MAX_SESSION_SIZE + 1];
@@ -1911,7 +1915,11 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
 	char		cn_str[1024];
 	char		buf[64];
 	X509		*client_cert;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+	const STACK_OF(X509_EXTENSION) *ext_list;
+#else
 	STACK_OF(X509_EXTENSION) *ext_list;
+#endif
 	SSL		*ssl;
 	int		err, depth, lookup, loc;
 	fr_tls_server_conf_t *conf;
diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c
index 2a5c7c475a7..6fbb881985d 100644
--- a/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c
+++ b/src/modules/rlm_eap/types/rlm_eap_fast/rlm_eap_fast.c
@@ -185,9 +185,15 @@ static void eap_fast_session_ticket(tls_session_t *tls_session, uint8_t *client_
 }
 
 // hostap:src/crypto/tls_openssl.c:tls_sess_sec_cb()
+#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
 static int _session_secret(SSL *s, void *secret, int *secret_len,
 			   UNUSED STACK_OF(SSL_CIPHER) *peer_ciphers,
 			   UNUSED SSL_CIPHER **cipher, void *arg)
+#else
+static int _session_secret(SSL *s, void *secret, int *secret_len,
+			   UNUSED STACK_OF(SSL_CIPHER) *peer_ciphers,
+			   UNUSED const SSL_CIPHER **cipher, void *arg)
+#endif
 {
 	// FIXME enforce non-anon cipher