Index: generic/tls.c
==================================================================
--- generic/tls.c
+++ generic/tls.c
@@ -956,11 +956,11 @@
 CiphersObjCmd(ClientData clientData, Tcl_Interp *interp, int objc, Tcl_Obj *const objv[]) {
     Tcl_Obj *objPtr = NULL;
     SSL_CTX *ctx = NULL;
     SSL *ssl = NULL;
     STACK_OF(SSL_CIPHER) *sk;
-    char *cp, buf[BUFSIZ];
+    char buf[BUFSIZ];
     int index, verbose = 0, use_supported = 0;
     const SSL_METHOD *method;
     (void) clientData;
 
     dprintf("Called");
@@ -1052,19 +1052,20 @@
 	sk = SSL_get_ciphers(ssl);
     }
 
     if (sk != NULL) {
 	if (!verbose) {
+	    const char *cp;
 	    objPtr = Tcl_NewListObj(0, NULL);
 	    for (int i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
 		const SSL_CIPHER *c = sk_SSL_CIPHER_value(sk, i);
 		if (c == NULL) continue;
 
 		/* cipher name or (NONE) */
 		cp = SSL_CIPHER_get_name(c);
 		if (cp == NULL) break;
-		Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj(cp, -1));
+		Tcl_ListObjAppendElement(interp, objPtr, Tcl_NewStringObj((char *) cp, -1));
 	    }
 
 	} else {
 	    objPtr = Tcl_NewStringObj("",0);
 	    for (int i = 0; i < sk_SSL_CIPHER_num(sk); i++) {
@@ -1270,11 +1271,11 @@
     char *CAfile		= NULL;
     char *CApath		= NULL;
     char *DHparams		= NULL;
     char *model			= NULL;
     char *servername		= NULL;	/* hostname for Server Name Indication */
-    const unsigned char *session_id = NULL;
+    char *session_id		= NULL;
     Tcl_Obj *alpn		= NULL;
     int ssl2 = 0, ssl3 = 0;
     int tls1 = 1, tls1_1 = 1, tls1_2 = 1, tls1_3 = 1;
     int proto = 0, level = -1;
     int verify = 0, require = 0, request = 1, post_handshake = 0;
@@ -1511,11 +1512,12 @@
     }
 
     /* Resume session id */
     if (session_id && strlen(session_id) <= SSL_MAX_SID_CTX_LENGTH) {
 	/* SSL_set_session() */
-	if (!SSL_SESSION_set1_id_context(SSL_get_session(statePtr->ssl), session_id, (unsigned int) strlen(session_id))) {
+	if (!SSL_SESSION_set1_id_context(SSL_get_session(statePtr->ssl),
+		(const unsigned char *) session_id, (unsigned int) strlen(session_id))) {
 	    Tcl_AppendResult(interp, "Resume session failed: ", GET_ERR_REASON(), (char *) NULL);
 	    Tcl_SetErrorCode(interp, "TLS", "IMPORT", "SESSION", "FAILED", (char *) NULL);
 	    Tls_Free((char *) statePtr);
 	    return TCL_ERROR;
 	}

Index: tests/common.tcl
==================================================================
--- tests/common.tcl
+++ tests/common.tcl
@@ -19,10 +19,5 @@
 
 # Legacy OpenSSL v1.1.1 vs new v3.x
 scan [lindex [split [::tls::version]] 1] %f version
 ::tcltest::testConstraint new_api [expr {$version >= 3.0}]
 ::tcltest::testConstraint old_api [expr {$version < 3.0}]
-
-# Load legacy provider
-if {$version >= 3.0} {
-    tls::provider legacy
-}