>At 01:48 AM 7/8/2005, Joe Orton wrote:
>>On Thu, Jul 07, 2005 at 06:51:04PM -0500, William Rowe wrote:
>>>
>>> This resolves build issues which caused errors in 0.9.7f and
>>> prior on Win32 and build failures on Netware. This patch
>>> correctly chooses the appropriate const-ness for 0.9.6, 0.9.7,
>>> or 0.9.8 OpenSSL. It needs to be verified on Netware since
>>> my Win32 builds completely clean.
>>
>>-1, this is barely readable, using a #define as previously or a typedef
>>in ssl_toolkit_compat.h is much cleaner.
Ok, attached is a const-flag based solution buried back into
ssl_toolkit_compat.h, that I believe is the most readable.
Comments/Votes? 2.0.x patch attached; 2.1 committed.
Bill
Index: ssl_engine_init.c
===================================================================
--- ssl_engine_init.c (revision 209795)
+++ ssl_engine_init.c (working copy)
@@ -705,7 +705,7 @@
{
SSLModConfigRec *mc = myModConfig(s);
ssl_asn1_t *asn1;
- unsigned char *ptr;
+ MODSSL_D2I_X509_CONST unsigned char *ptr;
const char *type = ssl_asn1_keystr(idx);
X509 *cert;
@@ -743,7 +743,7 @@
{
SSLModConfigRec *mc = myModConfig(s);
ssl_asn1_t *asn1;
- unsigned char *ptr;
+ MODSSL_D2I_PrivateKey_CONST unsigned char *ptr;
const char *type = ssl_asn1_keystr(idx);
int pkey_type = (idx == SSL_AIDX_RSA) ? EVP_PKEY_RSA : EVP_PKEY_DSA;
EVP_PKEY *pkey;
Index: ssl_toolkit_compat.h
===================================================================
--- ssl_toolkit_compat.h (revision 209795)
+++ ssl_toolkit_compat.h (working copy)
@@ -69,6 +69,21 @@
#define MODSSL_CLIENT_CERT_CB_ARG_TYPE X509
#define MODSSL_PCHAR_CAST
+/* ...shifting sands of openssl... */
+#if (OPENSSL_VERSION_NUMBER >= 0x0090707f)
+# define MODSSL_D2I_SSL_SESSION_CONST const
+#else
+# define MODSSL_D2I_SSL_SESSION_CONST
+#endif
+
+#if (OPENSSL_VERSION_NUMBER >= 0x00908000)
+# define MODSSL_D2I_PrivateKey_CONST const
+# define MODSSL_D2I_X509_CONST const
+#else
+# define MODSSL_D2I_PrivateKey_CONST
+# define MODSSL_D2I_X509_CONST
+#endif
+
#define modssl_X509_verify_cert X509_verify_cert
typedef int (modssl_read_bio_cb_fn)(char*,int,int,void*);
@@ -123,6 +138,9 @@
#define MODSSL_INFO_CB_ARG_TYPE SSL*
#define MODSSL_CLIENT_CERT_CB_ARG_TYPE void
#define MODSSL_PCHAR_CAST (char *)
+#define MODSSL_D2I_SSL_SESSION_CONST
+#define MODSSL_D2I_PrivateKey_CONST
+#define MODSSL_D2I_X509_CONST
typedef int (modssl_read_bio_cb_fn)(char*,int,int);
Index: ssl_scache_shmcb.c
===================================================================
--- ssl_scache_shmcb.c (revision 209795)
+++ ssl_scache_shmcb.c (working copy)
@@ -1203,7 +1203,7 @@
SHMCBHeader *header;
SSL_SESSION *pSession = NULL;
unsigned int curr_pos, loop, count;
- unsigned char *ptr;
+ MODSSL_D2I_SSL_SESSION_CONST unsigned char *ptr;
time_t now;
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
@@ -1281,7 +1281,7 @@
SHMCBIndex *idx;
SHMCBHeader *header;
unsigned int curr_pos, loop, count;
- unsigned char *ptr;
+ MODSSL_D2I_SSL_SESSION_CONST unsigned char *ptr;
BOOL to_return = FALSE;
ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, s,
Index: ssl_scache_dbm.c
===================================================================
--- ssl_scache_dbm.c (revision 209795)
+++ ssl_scache_dbm.c (working copy)
@@ -193,7 +193,7 @@
apr_datum_t dbmkey;
apr_datum_t dbmval;
SSL_SESSION *sess = NULL;
- UCHAR *ucpData;
+ MODSSL_D2I_SSL_SESSION_CONST unsigned char *ucpData;
int nData;
time_t expiry;
time_t now;
@@ -234,13 +234,14 @@
/* parse resulting data */
nData = dbmval.dsize-sizeof(time_t);
- ucpData = (UCHAR *)malloc(nData);
+ ucpData = malloc(nData);
if (ucpData == NULL) {
apr_dbm_close(dbm);
ssl_mutex_off(s);
return NULL;
}
- memcpy(ucpData, (char *)dbmval.dptr+sizeof(time_t), nData);
+ /* Cast needed, ucpData may be const */
+ memcpy((UCHAR *)ucpData, (char *)dbmval.dptr+sizeof(time_t), nData);
memcpy(&expiry, dbmval.dptr, sizeof(time_t));
apr_dbm_close(dbm);
