On Wed, Dec 08, 2021 at 04:59:36AM +0100, Theo Buehler wrote: > BIO_new_mem_buf has had const since 2018, so this workaround is no > longer needed.
OK bluhm@ > Index: ssl.c > =================================================================== > RCS file: /cvs/src/usr.sbin/relayd/ssl.c,v > retrieving revision 1.35 > diff -u -p -r1.35 ssl.c > --- ssl.c 27 Jan 2021 20:33:05 -0000 1.35 > +++ ssl.c 8 Dec 2021 03:47:48 -0000 > @@ -123,16 +123,9 @@ ssl_update_certificate(const uint8_t *ol > BIO *in, *out = NULL; > BUF_MEM *bptr = NULL; > X509 *cert = NULL; > - uint8_t *newcert = NULL, *foo = NULL; > + uint8_t *newcert = NULL; > > - /* XXX BIO_new_mem_buf is not using const so work around this */ > - if ((foo = malloc(oldlen)) == NULL) { > - log_warn("%s: malloc", __func__); > - return (NULL); > - } > - memcpy(foo, oldcert, oldlen); > - > - if ((in = BIO_new_mem_buf(foo, oldlen)) == NULL) { > + if ((in = BIO_new_mem_buf(oldcert, oldlen)) == NULL) { > log_warnx("%s: BIO_new_mem_buf failed", __func__); > goto done; > } > @@ -193,7 +186,6 @@ ssl_update_certificate(const uint8_t *ol > *newlen = bptr->length; > > done: > - free(foo); > if (in) > BIO_free(in); > if (out)