summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2012-05-20 19:35:34 -0400
committerPhil Pennock <pdp@exim.org>2012-05-20 19:35:34 -0400
commit3bcbbbe2697819d248259b1938ffd52d2bf4090b (patch)
tree294cbaf4460eb9e3ef152bb79090ce9b2801e43e /src
parent5779e6aa2e83b7e60d0c20e873de922b88e35be4 (diff)
Guard TLS SNI callback define better.
Guarded the callback invocation on OpenSSL having TLS extension support. Failed to guard the callback definition. Fixed. Problem spotted by Todd Lyons.
Diffstat (limited to 'src')
-rw-r--r--src/src/tls-openssl.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 1938d2fb7..de9c659a6 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -29,6 +29,10 @@ functions from the OpenSSL library. */
#define EXIM_OCSP_MAX_AGE (-1L)
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
+#define EXIM_HAVE_OPENSSL_TLSEXT
+#endif
+
/* Structure for collecting random data for seeding. */
typedef struct randstuff {
@@ -77,7 +81,9 @@ static int
setup_certs(SSL_CTX *sctx, uschar *certs, uschar *crl, host_item *host, BOOL optional);
/* Callbacks */
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
static int tls_servername_cb(SSL *s, int *ad ARG_UNUSED, void *arg);
+#endif
#ifdef EXPERIMENTAL_OCSP
static int tls_stapling_cb(SSL *s, void *arg);
#endif
@@ -540,6 +546,7 @@ Arguments:
Returns: SSL_TLSEXT_ERR_{OK,ALERT_WARNING,ALERT_FATAL,NOACK}
*/
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
static int
tls_servername_cb(SSL *s, int *ad ARG_UNUSED, void *arg)
{
@@ -606,6 +613,7 @@ SSL_set_SSL_CTX(s, ctx_sni);
return SSL_TLSEXT_ERR_OK;
}
+#endif /* EXIM_HAVE_OPENSSL_TLSEXT */
@@ -768,7 +776,7 @@ rc = tls_expand_session_files(ctx, cbinfo);
if (rc != OK) return rc;
/* If we need to handle SNI, do so */
-#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
if (host == NULL)
{
#ifdef EXPERIMENTAL_OCSP