From 2e803cbe8e599c0ae52e9dda44c3d22e3dec105d Mon Sep 17 00:00:00 2001 From: tb <> Date: Fri, 24 Oct 2025 09:23:06 +0000 Subject: libssl: const correct the ssl_session_dup() helper This allows a const correct SSL_SESSION_dup() implementation at the cost of casting away const due to the const incorrect CRYPTO_dup_ex_data()... (I should look into fixing that, but things like rust-openssl make that hard at this point in the release cycle.) ok kenjiro (as part of a larger diff) --- src/lib/libssl/ssl_local.h | 4 ++-- src/lib/libssl/ssl_sess.c | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/lib/libssl/ssl_local.h b/src/lib/libssl/ssl_local.h index acb87f8650..9921c3a730 100644 --- a/src/lib/libssl/ssl_local.h +++ b/src/lib/libssl/ssl_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_local.h,v 1.33 2025/05/10 06:04:36 tb Exp $ */ +/* $OpenBSD: ssl_local.h,v 1.34 2025/10/24 09:23:06 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -1240,7 +1240,7 @@ int ssl_security_cert_chain(const SSL *ssl, STACK_OF(X509) *sk, int ssl_security_shared_group(const SSL *ssl, uint16_t group_id); int ssl_security_supported_group(const SSL *ssl, uint16_t group_id); -SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int include_ticket); +SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int include_ticket); int ssl_get_new_session(SSL *s, int session); int ssl_get_prev_session(SSL *s, CBS *session_id, CBS *ext_block, int *alert); diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c index a5cfc33c04..f2ef124e1e 100644 --- a/src/lib/libssl/ssl_sess.c +++ b/src/lib/libssl/ssl_sess.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_sess.c,v 1.129 2025/03/09 15:53:36 tb Exp $ */ +/* $OpenBSD: ssl_sess.c,v 1.130 2025/10/24 09:23:06 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -247,7 +247,7 @@ SSL_SESSION_new(void) LSSL_ALIAS(SSL_SESSION_new); SSL_SESSION * -ssl_session_dup(SSL_SESSION *sess, int include_ticket) +ssl_session_dup(const SSL_SESSION *sess, int include_ticket) { SSL_SESSION *copy; CBS cbs; @@ -313,7 +313,7 @@ ssl_session_dup(SSL_SESSION *sess, int include_ticket) goto err; if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ©->ex_data, - &sess->ex_data)) + (CRYPTO_EX_DATA *)&sess->ex_data)) goto err; /* Omit prev/next: the new session gets its own slot in the cache. */ -- cgit v1.2.3-55-g6feb