For each TLS backend let us use correct types.

Makefile

@@ -40,6 +40,8 @@ LDFLAGS+=-rdynamic
 
 ifeq ("$(TLS_BACKEND)", "openssl")
 	S_SRC+=src/keymgr_openssl.c
+	CFLAGS+=-DTLS_BACKEND_OPENSSL
+	FEATURES+=-DTLS_BACKEND_OPENSSL
 
 	ifneq ("$(OPENSSL_PATH)", "")
 		CFLAGS+=-I$(OPENSSL_PATH)/include

include/kore/kore.h

@@ -61,6 +61,20 @@ extern int daemon(int, int);
 #define KORE_USE_PLATFORM_PLEDGE	1
 #endif
 
+#if defined(TLS_BACKEND_OPENSSL)
+#include <openssl/x509.h>
+#include <openssl/ssl.h>
+typedef X509		KORE_X509;
+typedef SSL		KORE_TLS;
+typedef SSL_CTX		KORE_TLS_CTX;
+typedef X509_NAME	KORE_X509_NAMES;
+#else
+typedef void		KORE_X509;
+typedef void		KORE_TLS;
+typedef void		KORE_TLS_CTX;
+typedef void		KORE_X509_NAMES;
+#endif
+
 #define KORE_RSAKEY_BITS	4096
 
 #define KORE_RESULT_ERROR	0
@@ -78,7 +92,6 @@ extern int daemon(int, int);
 
 #define errno_s			strerror(errno)
 #define ssl_errno_s		ERR_error_string(ERR_get_error(), NULL)
-
 #define KORE_DOMAINNAME_LEN		255
 #define KORE_PIDFILE_DEFAULT		"kore.pid"
 #define KORE_DHPARAM_PATH		PREFIX "/share/kore/ffdhe4096.pem"
@@ -214,8 +227,8 @@ struct connection {
 	u_int8_t		state;
 	u_int8_t		proto;
 	struct listener		*owner;
-	void			*tls;
+	KORE_TLS		*tls;
-	void			*tls_cert;
+	KORE_X509		*tls_cert;
 	char			*tls_sni;
 	int			tls_reneg;
 
@@ -338,7 +351,7 @@ struct kore_domain {
 	char					*crlfile;
 	char					*certfile;
 	char					*certkey;
-	void					*ssl_ctx;
+	KORE_TLS_CTX				*tls_ctx;
 	int					x509_verify_depth;
 #if !defined(KORE_NO_HTTP)
 	TAILQ_HEAD(, kore_route)		routes;
@@ -826,9 +839,9 @@ void		*kore_tls_rsakey_load(const char *);
 void		*kore_tls_rsakey_generate(const char *);
 
 int		kore_tls_x509_data(struct connection *, u_int8_t **, size_t *);
-void		*kore_tls_x509_issuer_name(struct connection *);
+KORE_X509_NAMES	*kore_tls_x509_issuer_name(struct connection *);
-void		*kore_tls_x509_subject_name(struct connection *);
+KORE_X509_NAMES	*kore_tls_x509_subject_name(struct connection *);
-int		kore_tls_x509name_foreach(void *, int, void *,
+int		kore_tls_x509name_foreach(KORE_X509_NAMES *, int, void *,
 		    int (*)(void *, int, int, const char *,
 		    const void *, size_t, int));
 /* accesslog.c */

src/python.c

@@ -2935,7 +2935,7 @@ pyconnection_get_peer_x509(struct pyconnection *pyc, void *closure)
 static PyObject *
 pyconnection_get_peer_x509dict(struct pyconnection *pyc, void *closure)
 {
-	void		*name;
+	KORE_X509_NAMES	*name;
 	PyObject	*dict, *issuer, *subject, *ret;
 
 	ret = NULL;

src/tls_openssl.c

@@ -651,7 +651,7 @@ kore_tls_rsakey_generate(const char *path)
 	return (pkey);
 }
 
-void *
+KORE_X509_NAMES *
 kore_tls_x509_subject_name(struct connection *c)
 {
 	X509_NAME	*name;
@@ -662,7 +662,7 @@ kore_tls_x509_subject_name(struct connection *c)
 	return (name);
 }
 
-void *
+KORE_X509_NAMES *
 kore_tls_x509_issuer_name(struct connection *c)
 {
 	X509_NAME	*name;
@@ -674,7 +674,7 @@ kore_tls_x509_issuer_name(struct connection *c)
 }
 
 int
-kore_tls_x509name_foreach(void *name, int flags, void *udata,
+kore_tls_x509name_foreach(KORE_X509_NAMES *name, int flags, void *udata,
     int (*cb)(void *, int, int, const char *, const void *, size_t, int))
 {
 	u_int8_t		*data;

src/utils.c

@@ -495,7 +495,7 @@ int
 kore_x509_issuer_name(struct connection *c, char **out, int flags)
 {
 	struct kore_buf		buf;
-	void			*name;
+	KORE_X509_NAMES		*name;
 
 	if ((name = kore_tls_x509_issuer_name(c)) == NULL)
 		return (KORE_RESULT_ERROR);
@@ -520,7 +520,7 @@ int
 kore_x509_subject_name(struct connection *c, char **out, int flags)
 {
 	struct kore_buf		buf;
-	void			*name;
+	KORE_X509_NAMES		*name;
 
 	if ((name = kore_tls_x509_subject_name(c)) == NULL)
 		return (KORE_RESULT_ERROR);