Fix various warnings when compiling with KRB5 code.

crypto/asn1/asn1.h

diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 170a2aa..dfd2244 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -440,6 +440,8 @@
 DECLARE_STACK_OF(ASN1_INTEGER)
 DECLARE_ASN1_SET_OF(ASN1_INTEGER)
 
+DECLARE_STACK_OF(ASN1_GENERALSTRING)
+
 typedef struct asn1_type_st
 	{
 	int type;

crypto/stack/safestack.h

diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h
index b931414..ed9ed2c 100644
--- a/crypto/stack/safestack.h
+++ b/crypto/stack/safestack.h
@@ -224,6 +224,26 @@
 #define sk_ACCESS_DESCRIPTION_pop(st) SKM_sk_pop(ACCESS_DESCRIPTION, (st))
 #define sk_ACCESS_DESCRIPTION_sort(st) SKM_sk_sort(ACCESS_DESCRIPTION, (st))
 
+#define sk_ASN1_GENERALSTRING_new(st) SKM_sk_new(ASN1_GENERALSTRING, (st))
+#define sk_ASN1_GENERALSTRING_new_null() SKM_sk_new_null(ASN1_GENERALSTRING)
+#define sk_ASN1_GENERALSTRING_free(st) SKM_sk_free(ASN1_GENERALSTRING, (st))
+#define sk_ASN1_GENERALSTRING_num(st) SKM_sk_num(ASN1_GENERALSTRING, (st))
+#define sk_ASN1_GENERALSTRING_value(st, i) SKM_sk_value(ASN1_GENERALSTRING, (st), (i))
+#define sk_ASN1_GENERALSTRING_set(st, i, val) SKM_sk_set(ASN1_GENERALSTRING, (st), (i), (val))
+#define sk_ASN1_GENERALSTRING_zero(st) SKM_sk_zero(ASN1_GENERALSTRING, (st))
+#define sk_ASN1_GENERALSTRING_push(st, val) SKM_sk_push(ASN1_GENERALSTRING, (st), (val))
+#define sk_ASN1_GENERALSTRING_unshift(st, val) SKM_sk_unshift(ASN1_GENERALSTRING, (st), (val))
+#define sk_ASN1_GENERALSTRING_find(st, val) SKM_sk_find(ASN1_GENERALSTRING, (st), (val))
+#define sk_ASN1_GENERALSTRING_delete(st, i) SKM_sk_delete(ASN1_GENERALSTRING, (st), (i))
+#define sk_ASN1_GENERALSTRING_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_GENERALSTRING, (st), (ptr))
+#define sk_ASN1_GENERALSTRING_insert(st, val, i) SKM_sk_insert(ASN1_GENERALSTRING, (st), (val), (i))
+#define sk_ASN1_GENERALSTRING_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_GENERALSTRING, (st), (cmp))
+#define sk_ASN1_GENERALSTRING_dup(st) SKM_sk_dup(ASN1_GENERALSTRING, st)
+#define sk_ASN1_GENERALSTRING_pop_free(st, free_func) SKM_sk_pop_free(ASN1_GENERALSTRING, (st), (free_func))
+#define sk_ASN1_GENERALSTRING_shift(st) SKM_sk_shift(ASN1_GENERALSTRING, (st))
+#define sk_ASN1_GENERALSTRING_pop(st) SKM_sk_pop(ASN1_GENERALSTRING, (st))
+#define sk_ASN1_GENERALSTRING_sort(st) SKM_sk_sort(ASN1_GENERALSTRING, (st))
+
 #define sk_ASN1_INTEGER_new(st) SKM_sk_new(ASN1_INTEGER, (st))
 #define sk_ASN1_INTEGER_new_null() SKM_sk_new_null(ASN1_INTEGER)
 #define sk_ASN1_INTEGER_free(st) SKM_sk_free(ASN1_INTEGER, (st))

ssl/kssl.c

diff --git a/ssl/kssl.c b/ssl/kssl.c
index edc108b..04fe244 100644
--- a/ssl/kssl.c
+++ b/ssl/kssl.c
@@ -793,7 +793,7 @@
 **	Return NULL for unknown or problematic (krb5_dk_encrypt) enctypes.
 **	Assume ENCTYPE_*_RAW (krb5_raw_encrypt) are OK.
 */
-EVP_CIPHER *
+const EVP_CIPHER *
 kssl_map_enc(krb5_enctype enctype)
         {
 	switch (enctype)
@@ -803,14 +803,14 @@
 	case ENCTYPE_DES_CBC_MD4:
 	case ENCTYPE_DES_CBC_MD5:
 	case ENCTYPE_DES_CBC_RAW:
-				return (EVP_CIPHER *) EVP_des_cbc();
+				return EVP_des_cbc();
 				break;
 	case ENCTYPE_DES3_CBC_SHA1:		/*    EVP_des_ede3_cbc();  */
 	case ENCTYPE_DES3_CBC_SHA:
 	case ENCTYPE_DES3_CBC_RAW:
-				return (EVP_CIPHER *) EVP_des_ede3_cbc();
+				return EVP_des_ede3_cbc();
 				break;
-	default:                return (EVP_CIPHER *) NULL;
+	default:                return NULL;
 				break;
 		}
 	}
@@ -1221,8 +1221,7 @@
 
 	if (asn1ticket == NULL  ||  asn1ticket->realm == NULL  ||
 		asn1ticket->sname == NULL  || 
-		asn1ticket->sname->namestring == NULL  ||
-		asn1ticket->sname->namestring->num < 2)
+		sk_ASN1_GENERALSTRING_num(asn1ticket->sname->namestring) < 2)
 		{
 		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
 			"Null field in asn1ticket.\n");
@@ -1238,14 +1237,14 @@
 		return ENOMEM;		/*  or  KRB5KRB_ERR_GENERIC;	*/
 		}
 
-	gstr_svc  = (ASN1_GENERALSTRING*)asn1ticket->sname->namestring->data[0];
-	gstr_host = (ASN1_GENERALSTRING*)asn1ticket->sname->namestring->data[1];
+	gstr_svc  = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 0);
+	gstr_host = sk_ASN1_GENERALSTRING_value(asn1ticket->sname->namestring, 1);
 
 	if ((krb5rc = kssl_build_principal_2(krb5context,
 			&new5ticket->server,
-			asn1ticket->realm->length, asn1ticket->realm->data,
-			gstr_svc->length,  gstr_svc->data,
-			gstr_host->length, gstr_host->data)) != 0)
+			asn1ticket->realm->length, (char *)asn1ticket->realm->data,
+			gstr_svc->length,  (char *)gstr_svc->data,
+			gstr_host->length, (char *)gstr_host->data)) != 0)
 		{
 		free(new5ticket);
 		BIO_snprintf(kssl_err->text, KSSL_ERR_MAX,
@@ -1965,7 +1964,7 @@
 	KRB5_AUTHENTBODY	*auth = NULL;
 	krb5_enctype		enctype;
 	EVP_CIPHER_CTX		ciph_ctx;
-	EVP_CIPHER		*enc = NULL;
+	const EVP_CIPHER	*enc = NULL;
 	unsigned char		iv[EVP_MAX_IV_LENGTH];
 	unsigned char		*p, *unenc_authent;
 	int 			padl, outl, unencbufsize;

ssl/s3_srvr.c

diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
index cc2a773..b0c5871 100644
--- a/ssl/s3_srvr.c
+++ b/ssl/s3_srvr.c
@@ -1561,17 +1561,17 @@
 
 		n2s(p,i);
 		enc_ticket.length = i;
-		enc_ticket.data = p;
+		enc_ticket.data = (char *)p;
 		p+=enc_ticket.length;
 
 		n2s(p,i);
 		authenticator.length = i;
-		authenticator.data = p;
+		authenticator.data = (char *)p;
 		p+=authenticator.length;
 
 		n2s(p,i);
 		enc_pms.length = i;
-		enc_pms.data = p;
+		enc_pms.data = (char *)p;
 		p+=enc_pms.length;
 
 		if ((unsigned long)n != enc_ticket.length + authenticator.length +
@@ -1636,7 +1636,7 @@
 			goto err;
 			}
 		if (!EVP_DecryptUpdate(&ciph_ctx, pms,&outl,
-					enc_pms.data, enc_pms.length))
+					(unsigned char *)enc_pms.data, enc_pms.length))
 			{
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 				SSL_R_DECRYPTION_FAILED);