From: Steve Holme <steve_holme@hotmail.com>
Date: Tue, 27 Jan 2015 11:52:14 +0000 (+0000)
Subject: openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext'
X-Git-Tag: curl-7_41_0~86
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a268a804b709e6d899f611d9ef1c885d964f7b4a;p=curl

openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext'

Fixed the build of openssl.c when OpenSSL is built without the necessary
TLS extensions for OCSP stapling.

Reported-by: John E. Malmberg
---

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 2bb76aebe..fb19ab1ae 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -1323,7 +1323,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert)
   return result;
 }
 
-#ifndef HAVE_BORINGSSL
+#if !defined(HAVE_BORINGSSL) && !defined(OPENSSL_NO_TLSEXT)
 static CURLcode verifystatus(struct connectdata *conn,
                              struct ssl_connect_data *connssl)
 {
@@ -2060,7 +2060,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
     return CURLE_OUT_OF_MEMORY;
   }
 
-#ifndef HAVE_BORINGSSL
+#if !defined(HAVE_BORINGSSL) && !defined(OPENSSL_NO_TLSEXT)
   if(data->set.ssl.verifystatus)
     SSL_set_tlsext_status_type(connssl->handle, TLSEXT_STATUSTYPE_ocsp);
 #endif
@@ -2748,7 +2748,7 @@ static CURLcode servercert(struct connectdata *conn,
       infof(data, "\t SSL certificate verify ok.\n");
   }
 
-#ifndef HAVE_BORINGSSL
+#if !defined(HAVE_BORINGSSL) && !defined(OPENSSL_NO_TLSEXT)
   if(data->set.ssl.verifystatus) {
     result = verifystatus(conn, connssl);
     if(result) {