Hi,
this one is a bit tricky (cee http://c-faq.com/ansi/constmismatch.html),
it fixes the warning:
/usr/src/sbin/iked/crypto.c:854:44: warning: cast from 'uint8_t **'
(aka 'unsigned char **') to 'const uint8_t **' (aka
'const unsigned char **') must have all intermediate pointers const
qualified to be safe [-Wcast-qual]
if (d2i_ECDSA_SIG(&obj, (const uint8_t **)&tmp, tmplen) == NULL)
^
Note that tmp is not used after the call.
ALso note that I'm not runing iked, so I would like confirmation from
somebody this works on a setup that triggers this function.
-Otto
Index: crypto.c
===================================================================
RCS file: /cvs/src/sbin/iked/crypto.c,v
retrieving revision 1.21
diff -u -p -r1.21 crypto.c
--- crypto.c 27 Mar 2017 10:29:02 -0000 1.21
+++ crypto.c 28 Aug 2017 07:11:50 -0000
@@ -833,6 +833,7 @@ _dsa_sign_ecdsa(struct iked_dsa *dsa, ui
{
ECDSA_SIG *obj = NULL;
uint8_t *otmp = NULL, *tmp;
+ const uint8_t *p;
unsigned int tmplen;
int ret = -1;
int bnlen, off;
@@ -851,7 +852,8 @@ _dsa_sign_ecdsa(struct iked_dsa *dsa, ui
goto done;
if (!EVP_SignFinal(dsa->dsa_ctx, tmp, &tmplen, dsa->dsa_key))
goto done;
- if (d2i_ECDSA_SIG(&obj, (const uint8_t **)&tmp, tmplen) == NULL)
+ p = tmp;
+ if (d2i_ECDSA_SIG(&obj, &p, tmplen) == NULL)
goto done;
if (BN_num_bytes(obj->r) > bnlen || BN_num_bytes(obj->s) > bnlen)
goto done;
