const correct tls_session_secret_cb_fn()

Various ports throw a warning since their tls_session_secret_cb's signature doesn't match what we expect. Aligns us with OpenSSL 1.1. This is only useful for RFC 4851 EAP-FAST implementations and surprisingly it's undocumented. ok jsing
author: tb <> 2025-03-09 15:53:36 +0000
committer: tb <> 2025-03-09 15:53:36 +0000
commit: 35761752f2bfb222979aa98610559dcfa73b3b57 (patch)
tree: fdf63c3e86200e85b3faaf385839c00af061ba8b /src/lib/libssl/ssl.h
parent: 38cf98dc69b5872f5a59ded35918c72a565982cf (diff)
download: openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.tar.gz
openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.tar.bz2
openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index 650131a779..062c6dcbb9 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.245 2024/10/23 01:57:19 jsg Exp $ */
+/* $OpenBSD: ssl.h,v 1.246 2025/03/09 15:53:36 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -364,7 +364,7 @@ DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
 typedef int (*tls_session_ticket_ext_cb_fn)(SSL *s, const unsigned char *data,
    int len, void *arg);
 typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
-    STACK_OF(SSL_CIPHER) *peer_ciphers, SSL_CIPHER **cipher, void *arg);
+    STACK_OF(SSL_CIPHER) *peer_ciphers, const SSL_CIPHER **cipher, void *arg);
 /* Allow initial connection to servers that don't support RI */
 #define SSL_OP_LEGACY_SERVER_CONNECT                    0x00000004L
author	tb <>	2025-03-09 15:53:36 +0000
committer	tb <>	2025-03-09 15:53:36 +0000
commit	35761752f2bfb222979aa98610559dcfa73b3b57 (patch)
tree	fdf63c3e86200e85b3faaf385839c00af061ba8b /src/lib/libssl/ssl.h
parent	38cf98dc69b5872f5a59ded35918c72a565982cf (diff)
download	openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.tar.gz openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.tar.bz2 openbsd-35761752f2bfb222979aa98610559dcfa73b3b57.zip

diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h index 650131a779..062c6dcbb9 100644 --- a/src/lib/libssl/ssl.h +++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssl.h,v 1.245 2024/10/23 01:57:19 jsg Exp $ */	1	/* $OpenBSD: ssl.h,v 1.246 2025/03/09 15:53:36 tb Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -364,7 +364,7 @@ DECLARE_STACK_OF(SRTP_PROTECTION_PROFILE)
364	typedef int (tls_session_ticket_ext_cb_fn)(SSL s, const unsigned char *data,	364	typedef int (tls_session_ticket_ext_cb_fn)(SSL s, const unsigned char *data,
365	int len, void *arg);	365	int len, void *arg);
366	typedef int (tls_session_secret_cb_fn)(SSL s, void secret, int secret_len,	366	typedef int (tls_session_secret_cb_fn)(SSL s, void secret, int secret_len,
367	STACK_OF(SSL_CIPHER) peer_ciphers, SSL_CIPHER cipher, void arg);	367	STACK_OF(SSL_CIPHER) peer_ciphers, const SSL_CIPHER cipher, void arg);
368		368
369	/* Allow initial connection to servers that don't support RI */	369	/* Allow initial connection to servers that don't support RI */
370	#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L	370	#define SSL_OP_LEGACY_SERVER_CONNECT 0x00000004L