From fd91586b4f6d21c65ff47b7c82348a6885b81e83 Mon Sep 17 00:00:00 2001
From: Remi Gacogne <remi.gacogne@powerdns.com>
Date: Mon, 31 Jan 2022 14:47:54 +0100
Subject: [PATCH] rec-4.6.x: Fix build with OpenSSL 3.0.0

(cherry picked from commit 8535f66672ec9d1eebf5835d3e53238973a80478)
---
 pdns/credentials.cc | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/pdns/credentials.cc b/pdns/credentials.cc
index b3a09e5c81..d058a948ac 100644
--- a/pdns/credentials.cc
+++ b/pdns/credentials.cc
@@ -31,6 +31,7 @@
 #ifdef HAVE_EVP_PKEY_CTX_SET1_SCRYPT_SALT
 #include <openssl/evp.h>
 #include <openssl/kdf.h>
+#include <openssl/opensslv.h>
 #include <openssl/rand.h>
 #endif
 
@@ -105,8 +106,13 @@ static std::string hashPasswordInternal(const std::string& password, const std::
     throw std::runtime_error("Error intializing the scrypt context to hash the supplied password");
   }
 
-  // OpenSSL 3.0 changed the string arg to const unsigned char*, other versions use const char *, so cast to const void * to satisfy both
-  if (EVP_PKEY_CTX_set1_pbe_pass(pctx.get(), reinterpret_cast<const void*>(password.data()), password.size()) <= 0) {
+  // OpenSSL 3.0 changed the string arg to const unsigned char*, other versions use const char *
+#if OPENSSL_VERSION_MAJOR >= 3
+  auto passwordData = reinterpret_cast<const char*>(password.data());
+#else
+  auto passwordData = reinterpret_cast<const unsigned char*>(password.data());
+#endif
+  if (EVP_PKEY_CTX_set1_pbe_pass(pctx.get(), passwordData, password.size()) <= 0) {
     throw std::runtime_error("Error adding the password to the scrypt context to hash the supplied password");
   }
 
-- 
2.47.2