GnuTLS: fix build with older GnuTLS

The ALPN handling we need requires later features than the basic functions. Broken-byu: f50a063dc0
author: Jeremy Harris <jgh146exb@wizmail.org> 2021-06-22 23:42:24 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2021-06-22 23:46:08 +0100
commit: 1013a770f1be6eff05c4b835bb92b2c916fdd341 (patch)
tree: 7441f2ccfbb199c5975c00aedf7970e269b5063b /src
parent: f50a063dc0b96ac95b3a7bc0aebad3b3f2534c02 (diff)
1 files changed, 6 insertions, 4 deletions
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 1affba366..2d7041f3e 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -120,7 +120,9 @@ require current GnuTLS, then we'll drop support for the ancient libraries).
 #endif
 
 #if GNUTLS_VERSION_NUMBER >= 0x030200
-# define EXIM_HAVE_ALPN
+# ifdef SUPPORT_GNUTLS_EXT_RAW_PARSE
+#  define EXIM_HAVE_ALPN
+# endif
 #endif
 
 #ifndef DISABLE_OCSP
@@ -1142,12 +1144,12 @@ tls_server_certstatus_cb(gnutls_session_t session, unsigned int htype,
   unsigned when, unsigned int incoming, const gnutls_datum_t * msg)
 {
 DEBUG(D_tls) debug_printf("Sending certificate-status\n");		/*XXX we get this for tls1.2 but not for 1.3 */
-#ifdef SUPPORT_SRV_OCSP_STACK
+# ifdef SUPPORT_SRV_OCSP_STACK
 tls_in.ocsp = exim_testharness_disable_ocsp_validity_check
   ? OCSP_VFY_NOT_TRIED : OCSP_VFIED;	/* We know that GnuTLS verifies responses */
-#else
+# else
 tls_in.ocsp = OCSP_VFY_NOT_TRIED;
-#endif
+# endif
 return 0;
 }
author	Jeremy Harris <jgh146exb@wizmail.org>	2021-06-22 23:42:24 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2021-06-22 23:46:08 +0100
commit	1013a770f1be6eff05c4b835bb92b2c916fdd341 (patch)
tree	7441f2ccfbb199c5975c00aedf7970e269b5063b /src
parent	f50a063dc0b96ac95b3a7bc0aebad3b3f2534c02 (diff)