libssl: const correct the ssl_session_dup() helper

This allows a const correct SSL_SESSION_dup() implementation at the cost of casting away const due to the const incorrect CRYPTO_dup_ex_data()... (I should look into fixing that, but things like rust-openssl make that hard at this point in the release cycle.) ok kenjiro (as part of a larger diff)
author: tb <> 2025-10-24 09:23:06 +0000
committer: tb <> 2025-10-24 09:23:06 +0000
commit: 2e803cbe8e599c0ae52e9dda44c3d22e3dec105d (patch)
tree: 1745d43df8008897003b3d8082f0f6d76a233b47
parent: 783e86feca43e6347eff9ec54047dfd62b4c93e0 (diff)
download: openbsd-2e803cbe8e599c0ae52e9dda44c3d22e3dec105d.tar.gz
openbsd-2e803cbe8e599c0ae52e9dda44c3d22e3dec105d.tar.bz2
openbsd-2e803cbe8e599c0ae52e9dda44c3d22e3dec105d.zip
2 files changed, 5 insertions, 5 deletions
diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h
index acb87f8650..9921c3a730 100644
--- a/src/lib/libssl/ssl_local.h
+++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_local.h,v 1.33 2025/05/10 06:04:36 tb Exp $ */
+/* $OpenBSD: ssl_local.h,v 1.34 2025/10/24 09:23:06 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1240,7 +1240,7 @@ int ssl_security_cert_chain(const SSL *ssl, STACK_OF(X509) *sk,
 int ssl_security_shared_group(const SSL *ssl, uint16_t group_id);
 int ssl_security_supported_group(const SSL *ssl, uint16_t group_id);
-SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int include_ticket);
+SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int include_ticket);
 int ssl_get_new_session(SSL *s, int session);
 int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block,
    int *alert);
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index a5cfc33c04..f2ef124e1e 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.129 2025/03/09 15:53:36 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.130 2025/10/24 09:23:06 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -247,7 +247,7 @@ SSL_SESSION_new(void)
 LSSL_ALIAS(SSL_SESSION_new);
 SSL_SESSION *
-ssl_session_dup(SSL_SESSION *sess, int include_ticket)
+ssl_session_dup(const SSL_SESSION *sess, int include_ticket)
 {
        SSL_SESSION *copy;
        CBS cbs;
@@ -313,7 +313,7 @@ ssl_session_dup(SSL_SESSION *sess, int include_ticket)
                goto err;
        if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, &copy->ex_data,
-            &sess->ex_data))
+            (CRYPTO_EX_DATA *)&sess->ex_data))
                goto err;
        /* Omit prev/next: the new session gets its own slot in the cache. */
author	tb <>	2025-10-24 09:23:06 +0000
committer	tb <>	2025-10-24 09:23:06 +0000
commit	2e803cbe8e599c0ae52e9dda44c3d22e3dec105d (patch)
tree	1745d43df8008897003b3d8082f0f6d76a233b47
parent	783e86feca43e6347eff9ec54047dfd62b4c93e0 (diff)
download	openbsd-2e803cbe8e599c0ae52e9dda44c3d22e3dec105d.tar.gz openbsd-2e803cbe8e599c0ae52e9dda44c3d22e3dec105d.tar.bz2 openbsd-2e803cbe8e599c0ae52e9dda44c3d22e3dec105d.zip

diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h index acb87f8650..9921c3a730 100644 --- a/src/lib/libssl/ssl_local.h +++ b/src/lib/libssl/ssl_local.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_local.h,v 1.33 2025/05/10 06:04:36 tb Exp $ */	1	/* $OpenBSD: ssl_local.h,v 1.34 2025/10/24 09:23:06 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -1240,7 +1240,7 @@ int ssl_security_cert_chain(const SSL ssl, STACK_OF(X509) sk,
1240	int ssl_security_shared_group(const SSL *ssl, uint16_t group_id);	1240	int ssl_security_shared_group(const SSL *ssl, uint16_t group_id);
1241	int ssl_security_supported_group(const SSL *ssl, uint16_t group_id);	1241	int ssl_security_supported_group(const SSL *ssl, uint16_t group_id);
1242		1242
1243	SSL_SESSION ssl_session_dup(SSL_SESSION src, int include_ticket);	1243	SSL_SESSION ssl_session_dup(const SSL_SESSION src, int include_ticket);
1244	int ssl_get_new_session(SSL *s, int session);	1244	int ssl_get_new_session(SSL *s, int session);
1245	int ssl_get_prev_session(SSL s, CBS session_id, CBS *ext_block,	1245	int ssl_get_prev_session(SSL s, CBS session_id, CBS *ext_block,
1246	int *alert);	1246	int *alert);


diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index a5cfc33c04..f2ef124e1e 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl_sess.c,v 1.129 2025/03/09 15:53:36 tb Exp $ */	1	/* $OpenBSD: ssl_sess.c,v 1.130 2025/10/24 09:23:06 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -247,7 +247,7 @@ SSL_SESSION_new(void)
247	LSSL_ALIAS(SSL_SESSION_new);	247	LSSL_ALIAS(SSL_SESSION_new);
248		248
249	SSL_SESSION *	249	SSL_SESSION *
250	ssl_session_dup(SSL_SESSION *sess, int include_ticket)	250	ssl_session_dup(const SSL_SESSION *sess, int include_ticket)
251	{	251	{
252	SSL_SESSION *copy;	252	SSL_SESSION *copy;
253	CBS cbs;	253	CBS cbs;
@@ -313,7 +313,7 @@ ssl_session_dup(SSL_SESSION *sess, int include_ticket)
313	goto err;	313	goto err;
314		314
315	if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, &copy->ex_data,	315	if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, &copy->ex_data,
316	&sess->ex_data))	316	(CRYPTO_EX_DATA *)&sess->ex_data))
317	goto err;	317	goto err;
318		318
319	/* Omit prev/next: the new session gets its own slot in the cache. */	319	/* Omit prev/next: the new session gets its own slot in the cache. */