Revert the size_t modifications from HEAD that had led to more

[openssl.git] / ssl / ssl_lib.c

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index fc41a3bf17969a156471c5d9ea2c02a789edb165..803894c44f968b82e22e4dfd9592256db913c588 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -1348,7 +1348,7 @@ int ssl_cipher_list_to_bytes(SSL *s,STACK_OF(SSL_CIPHER) *sk,unsigned char *p,
 STACK_OF(SSL_CIPHER) *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,
                                               STACK_OF(SSL_CIPHER) **skp)
        {
-       SSL_CIPHER *c;
+       const SSL_CIPHER *c;
        STACK_OF(SSL_CIPHER) *sk;
        int i,n;
 
@@ -1581,7 +1581,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
        ret->psk_client_callback=NULL;
        ret->psk_server_callback=NULL;
 #endif
-#if !defined(OPENSSL_NO_BUF_FREELISTS) && !defined(OPENSSL_NO_RELEASE_BUFFERS)
+#ifndef OPENSSL_NO_BUF_FREELISTS
        ret->freelist_max_len = SSL_MAX_BUF_FREELIST_LEN_DEFAULT;
        ret->rbuf_freelist = OPENSSL_malloc(sizeof(SSL3_BUF_FREELIST));
        if (!ret->rbuf_freelist)
@@ -1608,6 +1608,12 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
        {
        ENGINE *eng;
        eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+       if (!eng)
+               {
+               ERR_clear_error();
+               ENGINE_load_builtin_engines();
+               eng = ENGINE_by_id(eng_str(OPENSSL_SSL_CLIENT_ENGINE_AUTO));
+               }
        if (!eng || !SSL_CTX_set_client_cert_engine(ret, eng))
                ERR_clear_error();
        }
@@ -1627,7 +1633,7 @@ static void SSL_COMP_free(SSL_COMP *comp)
     { OPENSSL_free(comp); }
 #endif
 
-#if !defined(OPENSSL_NO_BUF_FREELISTS) && !defined(OPENSSL_NO_RELEASE_BUFFERS)
+#ifndef OPENSSL_NO_BUF_FREELISTS
 static void
 ssl_buf_freelist_free(SSL3_BUF_FREELIST *list)
        {
@@ -1708,7 +1714,7 @@ void SSL_CTX_free(SSL_CTX *a)
                ENGINE_finish(a->client_cert_engine);
 #endif
 
-#if !defined(OPENSSL_NO_BUF_FREELISTS) && !defined(OPENSSL_NO_RELEASE_BUFFERS)
+#ifndef OPENSSL_NO_BUF_FREELISTS
        if (a->wbuf_freelist)
                ssl_buf_freelist_free(a->wbuf_freelist);
        if (a->rbuf_freelist)
@@ -1745,7 +1751,7 @@ void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth)
        X509_VERIFY_PARAM_set_depth(ctx->param, depth);
        }
 
-void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
+void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
        {
        CERT_PKEY *cpk;
        int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
@@ -1957,7 +1963,7 @@ void ssl_set_cert_masks(CERT *c, SSL_CIPHER *cipher)
 #define ku_reject(x, usage) \
        (((x)->ex_flags & EXFLAG_KUSAGE) && !((x)->ex_kusage & (usage)))
 
-int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CIPHER *cs)
+int ssl_check_srvr_ecc_cert_and_alg(X509 *x, const SSL_CIPHER *cs)
        {
        unsigned long alg_k, alg_a;
        EVP_PKEY *pkey = NULL;
@@ -2103,7 +2109,7 @@ X509 *ssl_get_server_send_cert(SSL *s)
        return(c->pkeys[i].x509);
        }
 
-EVP_PKEY *ssl_get_sign_pkey(SSL *s,SSL_CIPHER *cipher)
+EVP_PKEY *ssl_get_sign_pkey(SSL *s,const SSL_CIPHER *cipher)
        {
        unsigned long alg_a;
        CERT *c;
@@ -2541,7 +2547,7 @@ EVP_PKEY *SSL_get_privatekey(SSL *s)
                return(NULL);
        }
 
-SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
+const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
        {
        if ((s->session != NULL) && (s->session->cipher != NULL))
                return(s->session->cipher);