diff options
| author | Jeremy Harris <jgh146exb@wizmail.org> | 2017-12-04 14:32:44 +0000 |
|---|---|---|
| committer | Jeremy Harris <jgh146exb@wizmail.org> | 2017-12-04 14:32:44 +0000 |
| commit | a65104203283ead15a6101f548107b95a450c7c9 (patch) | |
| tree | 62580277138cc21a1d75c6ea972f35b98dc561b4 | |
| parent | 77020c7983ba76ddb0b5741b501d97af89f794b3 (diff) | |
Fix non-OCSP OpenSSL build
Issue found by: Frank Elsner
| -rw-r--r-- | src/src/tls-openssl.c | 9 | ||||
| -rw-r--r-- | test/confs/5860 | 2 |
2 files changed, 9 insertions, 2 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index 9816f734f..b225eb762 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -94,6 +94,10 @@ functions from the OpenSSL library. */ # define DISABLE_OCSP #endif +#ifdef EXIM_HAVE_OPENSSL_CHECKHOST +# include <openssl/x509v3.h> +#endif + /* Structure for collecting random data for seeding. */ typedef struct randstuff { @@ -147,8 +151,8 @@ static BOOL reexpand_tls_files_for_sni = FALSE; typedef struct tls_ext_ctx_cb { uschar *certificate; uschar *privatekey; -#ifndef DISABLE_OCSP BOOL is_server; +#ifndef DISABLE_OCSP STACK_OF(X509) *verify_stack; /* chain for verifying the proof */ union { struct { @@ -1483,9 +1487,10 @@ tls_ext_ctx_cb * cbinfo; cbinfo = store_malloc(sizeof(tls_ext_ctx_cb)); cbinfo->certificate = certificate; cbinfo->privatekey = privatekey; +cbinfo->is_server = host==NULL; #ifndef DISABLE_OCSP cbinfo->verify_stack = NULL; -if ((cbinfo->is_server = host==NULL)) +if (!host) { cbinfo->u_ocsp.server.file = ocsp_file; cbinfo->u_ocsp.server.file_expanded = NULL; diff --git a/test/confs/5860 b/test/confs/5860 index 94436c344..81eb5a16d 100644 --- a/test/confs/5860 +++ b/test/confs/5860 @@ -74,9 +74,11 @@ send_to_server: # hosts_try_dane = * hosts_require_dane = * +.ifdef _HAVE_OCSP hosts_request_ocsp = ${if or { {= {4}{$tls_out_tlsa_usage}} \ {= {0}{$tls_out_tlsa_usage}} } \ {*}{}} +.endif event_action = ${acl {logger}} |