$NetBSD$

--- imap/tls.c.orig	2008-11-14 22:24:38.000000000 +0000
+++ imap/tls.c
@@ -223,7 +223,7 @@ static RSA *tmp_rsa_cb(SSL * s __attribu
     return (rsa_tmp);
 }
 
-#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
+#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_LACK_BN_CONST)
 /* Logic copied from OpenSSL apps/s_server.c: give the TLS context
  * DH params to work with DHE-* cipher suites. Hardcoded fallback
  * in case no DH params in tls_key_file or tls_cert_file.
@@ -735,7 +735,7 @@ int     tls_init_serverengine(const char
     }
     SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
 
-#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL)
+#if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_LACK_BN_CONST)
     /* Load DH params for DHE-* key exchanges */
     SSL_CTX_set_tmp_dh(s_ctx, load_dh_param(s_key_file, s_cert_file));
     /* FIXME: Load ECDH params for ECDHE suites when 0.9.9 is released */
