On Dec 5, 14:57, Daniel Stenberg wrote:
>Hey Gisle,
>
>> Recent OpenSSL returns a 'const' in '*_client_method()'. So avoid
>> 'assignment discards qualifiers from pointer target type' warning.
>
>...
>
>> - SSL_METHOD *req_method;
>> + const SSL_METHOD *req_method;
>
>... as you can see now in the autobuilds, this change causes warnings on all
>systems that build with a somewhat older OpenSSL version... :-O
>
>(Don't you just love header-changes like this...)

I don't have a copy of any OpenSSL library where the _client_method()
functions return 'const SSL_METHOD *', but if so then there's something
wrong with that library, _or_ we're using it incorrectly.. I suspect
the former though - but as I don't have a copy I'm guessing a bit as
to what it looks like.

Anyway, if the _client_method() functions return a 'const SSL_method *'
then it's not legal to use the return value as input to SSL_CTX_new()
unless the latter has also been changed from

SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
to
SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);

If it has intentionally (by the openssl folks) been declared as the former
then it *can't* take the return value from _client_method() as parameter.

If, on the other hand, that function doesn't modifiy the content of what
*meth points to then it has been incorrectly declared in ssl.h and the
reason we have a warning is because of an error in the ssl declarations.

If so, then Gisle's change looks correct to me and a bug should be
reported on that version of the openssl library.

-Tor (Hm, I wonder if anyone managed to decipher what I just wrote.. :-)
Received on 2005-12-05