From 43b313988d66de144a528e4cf57827df1e8c692d Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Tue, 12 Apr 2022 20:00:36 +0200
Subject: [PATCH] adapters: fix build with libressl >= 2.8.0 (#589)

Fix the following build failure with libressl >= 2.8.0 raised since
https://github.com/libressl-portable/openbsd/commit/703abab3212b397d500bd8c2f5f7ee6b03feb159:

/nvmedata/autobuild/instance-20/output-1/build/azure-iot-sdk-c-LTS_01_2022_Ref01/c-utility/adapters/tlsio_openssl.c: In function 'add_certificate_to_store':
/nvmedata/autobuild/instance-20/output-1/build/azure-iot-sdk-c-LTS_01_2022_Ref01/c-utility/adapters/tlsio_openssl.c:961:24: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
  961 |             bio_method = BIO_s_mem();
      |                        ^
cc1: all warnings being treated as errors

Fix #585

Fixes:
 - http://autobuild.buildroot.org/results/873f86fb2311ed29a791140f2341943475985fcc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Retrieved from:
https://github.com/Azure/azure-c-shared-utility/commit/43b313988d66de144a528e4cf57827df1e8c692d]
---
 adapters/tlsio_openssl.c                | 2 +-
 adapters/x509_openssl.c                 | 4 ++--
 tests/x509_openssl_ut/x509_openssl_ut.c | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/c-utility/adapters/tlsio_openssl.c b/c-utility/adapters/tlsio_openssl.c
index 4a3df8496..aa48ce52d 100644
--- a/c-utility/adapters/tlsio_openssl.c
+++ b/c-utility/adapters/tlsio_openssl.c
@@ -953,7 +953,7 @@ static int add_certificate_to_store(TLS_IO_INSTANCE* tls_io_instance, const char
         }
         else
         {
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L)
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L) || defined(LIBRESSL_VERSION_NUMBER)
             const BIO_METHOD* bio_method;
 #else
             BIO_METHOD* bio_method;
diff --git a/c-utility/adapters/x509_openssl.c b/c-utility/adapters/x509_openssl.c
index 5a9e5ac29..46195b403 100644
--- a/c-utility/adapters/x509_openssl.c
+++ b/c-utility/adapters/x509_openssl.c
@@ -75,7 +75,7 @@ static int load_certificate_chain(SSL_CTX* ssl_ctx, const char* certificate)
                 // certificates.
 
                 /* Codes_SRS_X509_OPENSSL_07_006: [ If successful x509_openssl_add_ecc_credentials shall to import each certificate in the cert chain. ] */
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L)
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L) || defined(LIBRESSL_VERSION_NUMBER)
                 SSL_CTX_clear_extra_chain_certs(ssl_ctx);
 #else
                 if (ssl_ctx->extra_certs != NULL)
@@ -345,7 +345,7 @@ int x509_openssl_add_certificates(SSL_CTX* ssl_ctx, const char* certificates)
         else
         {
             /*Codes_SRS_X509_OPENSSL_02_012: [ x509_openssl_add_certificates shall get the memory BIO method function by calling BIO_s_mem. ]*/
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L)
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L) || defined(LIBRESSL_VERSION_NUMBER)
             const BIO_METHOD* bio_method;
 #else
             BIO_METHOD* bio_method;
diff --git a/c-utility/tests/x509_openssl_ut/x509_openssl_ut.c b/c-utility/tests/x509_openssl_ut/x509_openssl_ut.c
index b3349f6b0..f73191e3f 100644
--- a/c-utility/tests/x509_openssl_ut/x509_openssl_ut.c
+++ b/c-utility/tests/x509_openssl_ut/x509_openssl_ut.c
@@ -348,7 +348,7 @@ BEGIN_TEST_SUITE(x509_openssl_unittests)
         STRICT_EXPECTED_CALL(BIO_new_mem_buf((void*)TEST_PUBLIC_CERTIFICATE, -1));
         STRICT_EXPECTED_CALL(PEM_read_bio_X509_AUX(IGNORED_PTR_ARG, NULL, NULL, NULL));
         STRICT_EXPECTED_CALL(SSL_CTX_use_certificate(IGNORED_PTR_ARG, IGNORED_PTR_ARG));
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L)
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L) || defined(LIBRESSL_VERSION_NUMBER)
         // Actual macro name: SSL_CTX_clear_extra_chain_certs:
         STRICT_EXPECTED_CALL(SSL_CTX_ctrl(TEST_SSL_CTX_STRUCTURE, SSL_CTRL_CLEAR_EXTRA_CHAIN_CERTS, 0, NULL));
 #endif
@@ -537,7 +537,7 @@ BEGIN_TEST_SUITE(x509_openssl_unittests)
 
         umock_c_negative_tests_snapshot();
 
-#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L)
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && (OPENSSL_VERSION_NUMBER < 0x20000000L) || defined(LIBRESSL_VERSION_NUMBER)
     #ifdef __APPLE__
         size_t calls_cannot_fail_rsa[] = { 4, 5, 6, 10, 12, 13, 14 };
         size_t calls_cannot_fail_ecc[] = { 3, 4, 8, 10, 11, 12} ;