Fix build with older TLS library versions

Broken-by: 1c519e07b9

2 files changed, 8 insertions, 0 deletions

diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 69a8bd6f4..34ebc0903 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2529,8 +2529,10 @@ if (rc != GNUTLS_E_SUCCESS)
   return FAIL;
   }
 
+#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET
 if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
   tls_in.ext_master_secret = TRUE;
+#endif
 
 #ifdef EXPERIMENTAL_TLS_RESUME
 tls_server_resume_posthandshake(state);
@@ -3001,8 +3003,10 @@ if (!verify_certificate(state, errstr))
   return FALSE;
   }
 
+#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET
 if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
   tlsp->ext_master_secret = TRUE;
+#endif
 
 #ifndef DISABLE_OCSP
 if (request_ocsp)
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index d16479e58..c97dc1bff 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -2784,7 +2784,9 @@ if (SSL_session_reused(server_ssl))
 /* TLS has been set up. Record data for the connection,
 adjust the input functions to read via TLS, and initialize things. */
 
+#ifdef SSL_get_extms_support
 tls_in.ext_master_secret = SSL_get_extms_support(server_ssl) == 1;
+#endif
 peer_cert(server_ssl, &tls_in, peerdn, sizeof(peerdn));
 
 tls_in.ver = tlsver_name(server_ssl);
@@ -3385,7 +3387,9 @@ DEBUG(D_tls)
 tls_client_resume_posthandshake(exim_client_ctx, tlsp);
 #endif
 
+#ifdef SSL_get_extms_support
 tlsp->ext_master_secret = SSL_get_extms_support(exim_client_ctx->ssl) == 1;
+#endif
 peer_cert(exim_client_ctx->ssl, tlsp, peerdn, sizeof(peerdn));
 
 tlsp->ver = tlsver_name(exim_client_ctx->ssl);