openssl: Fix some const issues with OpenSSL 1.1.0

This commit is contained in:
Tobias Brunner 2018-10-30 17:15:49 +01:00
parent fd3947d9e5
commit 8b4c2a1d8e
4 changed files with 26 additions and 10 deletions

View File

@ -291,7 +291,11 @@ METHOD(certificate_t, issued_by, bool,
chunk_t fingerprint, tbs;
public_key_t *key;
x509_t *x509;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const ASN1_BIT_STRING *sig;
#else
ASN1_BIT_STRING *sig;
#endif
bool valid;
if (issuer->get_type(issuer) != CERT_X509)
@ -512,7 +516,7 @@ static bool parse_extensions(private_openssl_crl_t *this)
bool ok;
int i, num;
X509_EXTENSION *ext;
STACK_OF(X509_EXTENSION) *extensions;
const STACK_OF(X509_EXTENSION) *extensions;
extensions = X509_CRL_get0_extensions(this->crl);
if (extensions)
@ -567,7 +571,11 @@ static bool parse_crl(private_openssl_crl_t *this)
{
const unsigned char *ptr = this->encoding.ptr;
chunk_t sig_scheme;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const X509_ALGOR *alg;
#else
X509_ALGOR *alg;
#endif
this->crl = d2i_X509_CRL(NULL, &ptr, this->encoding.len);
if (!this->crl)
@ -576,7 +584,7 @@ static bool parse_crl(private_openssl_crl_t *this)
}
X509_CRL_get0_signature(this->crl, NULL, &alg);
sig_scheme = openssl_i2chunk(X509_ALGOR, alg);
sig_scheme = openssl_i2chunk(X509_ALGOR, (X509_ALGOR*)alg);
INIT(this->scheme);
if (!signature_params_parse(sig_scheme, 0, this->scheme))
{

View File

@ -26,7 +26,7 @@
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define OBJ_get0_data(o) ((o)->data)
#define OBJ_length(o) ((o)->length)
#define ASN1_STRING_get0_data(a) ASN1_STRING_data(a)
#define ASN1_STRING_get0_data(a) ASN1_STRING_data((ASN1_STRING*)a)
#endif
/**
@ -165,7 +165,7 @@ chunk_t openssl_asn1_obj2chunk(ASN1_OBJECT *asn1)
/**
* Described in header.
*/
chunk_t openssl_asn1_str2chunk(ASN1_STRING *asn1)
chunk_t openssl_asn1_str2chunk(const ASN1_STRING *asn1)
{
if (asn1)
{
@ -214,7 +214,7 @@ int openssl_asn1_known_oid(ASN1_OBJECT *obj)
/**
* Described in header.
*/
time_t openssl_asn1_to_time(ASN1_TIME *time)
time_t openssl_asn1_to_time(const ASN1_TIME *time)
{
chunk_t chunk;

View File

@ -109,7 +109,7 @@ chunk_t openssl_asn1_obj2chunk(ASN1_OBJECT *asn1);
* @param asn1 asn1 string to convert
* @return chunk, pointing into asn1 string
*/
chunk_t openssl_asn1_str2chunk(ASN1_STRING *asn1);
chunk_t openssl_asn1_str2chunk(const ASN1_STRING *asn1);
/**
* Convert an openssl X509_NAME to a identification_t of type ID_DER_ASN1_DN.
@ -133,7 +133,7 @@ int openssl_asn1_known_oid(ASN1_OBJECT *obj);
* @param time openssl ASN1_TIME
* @returns time_t, 0 on error
*/
time_t openssl_asn1_to_time(ASN1_TIME *time);
time_t openssl_asn1_to_time(const ASN1_TIME *time);
/**
* Compatibility macros

View File

@ -389,7 +389,11 @@ METHOD(certificate_t, issued_by, bool,
public_key_t *key;
bool valid;
x509_t *x509 = (x509_t*)issuer;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const ASN1_BIT_STRING *sig;
#else
ASN1_BIT_STRING *sig;
#endif
chunk_t tbs;
if (&this->public.x509.interface == issuer)
@ -993,7 +997,7 @@ static bool parse_subjectKeyIdentifier_ext(private_openssl_x509_t *this,
*/
static bool parse_extensions(private_openssl_x509_t *this)
{
STACK_OF(X509_EXTENSION) *extensions;
const STACK_OF(X509_EXTENSION) *extensions;
int i, num;
/* unless we see a keyUsage extension we are compliant with RFC 4945 */
@ -1077,7 +1081,11 @@ static bool parse_certificate(private_openssl_x509_t *this)
hasher_t *hasher;
chunk_t chunk, sig_scheme, sig_scheme_tbs;
ASN1_OBJECT *oid;
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
const X509_ALGOR *alg;
#else
X509_ALGOR *alg;
#endif
this->x509 = d2i_X509(NULL, &ptr, this->encoding.len);
if (!this->x509)
@ -1135,9 +1143,9 @@ static bool parse_certificate(private_openssl_x509_t *this)
/* while X509_ALGOR_cmp() is declared in the headers of older OpenSSL
* versions, at least on Ubuntu 14.04 it is not actually defined */
X509_get0_signature(NULL, &alg, this->x509);
sig_scheme = openssl_i2chunk(X509_ALGOR, alg);
sig_scheme = openssl_i2chunk(X509_ALGOR, (X509_ALGOR*)alg);
alg = X509_get0_tbs_sigalg(this->x509);
sig_scheme_tbs = openssl_i2chunk(X509_ALGOR, alg);
sig_scheme_tbs = openssl_i2chunk(X509_ALGOR, (X509_ALGOR*)alg);
if (!chunk_equals(sig_scheme, sig_scheme_tbs))
{
free(sig_scheme_tbs.ptr);