On Wed, Dec 08, 2021 at 04:59:36AM +0100, Theo Buehler wrote:
> BIO_new_mem_buf has had const since 2018, so this workaround is no
> longer needed.
OK bluhm@
> Index: ssl.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/relayd/ssl.c,v
> retrieving revision 1.35
> diff -u -p -r1.35 ssl.c
> --- ssl.c 27 Jan 2021 20:33:05 -0000 1.35
> +++ ssl.c 8 Dec 2021 03:47:48 -0000
> @@ -123,16 +123,9 @@ ssl_update_certificate(const uint8_t *ol
> BIO *in, *out = NULL;
> BUF_MEM *bptr = NULL;
> X509 *cert = NULL;
> - uint8_t *newcert = NULL, *foo = NULL;
> + uint8_t *newcert = NULL;
>
> - /* XXX BIO_new_mem_buf is not using const so work around this */
> - if ((foo = malloc(oldlen)) == NULL) {
> - log_warn("%s: malloc", __func__);
> - return (NULL);
> - }
> - memcpy(foo, oldcert, oldlen);
> -
> - if ((in = BIO_new_mem_buf(foo, oldlen)) == NULL) {
> + if ((in = BIO_new_mem_buf(oldcert, oldlen)) == NULL) {
> log_warnx("%s: BIO_new_mem_buf failed", __func__);
> goto done;
> }
> @@ -193,7 +186,6 @@ ssl_update_certificate(const uint8_t *ol
> *newlen = bptr->length;
>
> done:
> - free(foo);
> if (in)
> BIO_free(in);
> if (out)
