Make kerberos ciphersuite code work with newer header files

[openssl.git] / ssl / s3_srvr.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index c426cd444b54de274bd48618b9236100ebe00f51..4d196371ec282687d2ad532b7574b344918357b0 100644 (file)
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -133,6 +133,8 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include <openssl/x509.h>
+#include <openssl/dh.h>
+#include <openssl/bn.h>
 #ifndef OPENSSL_NO_KRB5
 #include <openssl/krb5_asn.h>
 #endif
@@ -994,7 +996,7 @@ static int ssl3_send_server_hello(SSL *s)
                p=s->s3->server_random;
                Time=time(NULL);                        /* Time */
                l2n(Time,p);
-               RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+               RAND_pseudo_bytes(p,SSL3_RANDOM_SIZE-4);
                /* Do the message type and length last */
                d=p= &(buf[4]);
 
@@ -1848,8 +1850,8 @@ static int ssl3_get_client_key_exchange(SSL *s)
                        goto err;
                        }
 
-               if (n != enc_ticket.length + authenticator.length +
-                                               enc_pms.length + 6)
+               if (n != (long)(enc_ticket.length + authenticator.length +
+                                               enc_pms.length + 6))
                        {
                        SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
                                SSL_R_DATA_LENGTH_TOO_LONG);
@@ -2294,7 +2296,8 @@ static int ssl3_get_client_certificate(SSL *s)
        int i,ok,al,ret= -1;
        X509 *x=NULL;
        unsigned long l,nc,llen,n;
-       unsigned char *p,*d,*q;
+       const unsigned char *p,*q;
+       unsigned char *d;
        STACK_OF(X509) *sk=NULL;
 
        n=ssl3_get_message(s,
@@ -2332,7 +2335,7 @@ static int ssl3_get_client_certificate(SSL *s)
                SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
                goto f_err;
                }
-       d=p=(unsigned char *)s->init_msg;
+       p=d=(unsigned char *)s->init_msg;
 
        if ((sk=sk_X509_new_null()) == NULL)
                {