From a268a804b709e6d899f611d9ef1c885d964f7b4a Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Tue, 27 Jan 2015 11:52:14 +0000 Subject: [PATCH] openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext' Fixed the build of openssl.c when OpenSSL is built without the necessary TLS extensions for OCSP stapling. Reported-by: John E. Malmberg --- lib/vtls/openssl.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 2bb76aebe..fb19ab1ae 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1323,7 +1323,7 @@ static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert) return result; } -#ifndef HAVE_BORINGSSL +#if !defined(HAVE_BORINGSSL) && !defined(OPENSSL_NO_TLSEXT) static CURLcode verifystatus(struct connectdata *conn, struct ssl_connect_data *connssl) { @@ -2060,7 +2060,7 @@ static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex) return CURLE_OUT_OF_MEMORY; } -#ifndef HAVE_BORINGSSL +#if !defined(HAVE_BORINGSSL) && !defined(OPENSSL_NO_TLSEXT) if(data->set.ssl.verifystatus) SSL_set_tlsext_status_type(connssl->handle, TLSEXT_STATUSTYPE_ocsp); #endif @@ -2748,7 +2748,7 @@ static CURLcode servercert(struct connectdata *conn, infof(data, "\t SSL certificate verify ok.\n"); } -#ifndef HAVE_BORINGSSL +#if !defined(HAVE_BORINGSSL) && !defined(OPENSSL_NO_TLSEXT) if(data->set.ssl.verifystatus) { result = verifystatus(conn, connssl); if(result) { -- 2.40.0