Gitweb:
http://git.exim.org/exim.git/commitdiff/3bcbbbe2697819d248259b1938ffd52d2bf4090b
Commit: 3bcbbbe2697819d248259b1938ffd52d2bf4090b
Parent: 5779e6aa2e83b7e60d0c20e873de922b88e35be4
Author: Phil Pennock <pdp@???>
AuthorDate: Sun May 20 19:35:34 2012 -0400
Committer: Phil Pennock <pdp@???>
CommitDate: Sun May 20 19:35:34 2012 -0400
Guard TLS SNI callback define better.
Guarded the callback invocation on OpenSSL having TLS extension support.
Failed to guard the callback definition. Fixed.
Problem spotted by Todd Lyons.
---
src/src/tls-openssl.c | 10 +++++++++-
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 1938d2f..de9c659 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -29,6 +29,10 @@ functions from the OpenSSL library. */
#define EXIM_OCSP_MAX_AGE (-1L)
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
+#define EXIM_HAVE_OPENSSL_TLSEXT
+#endif
+
/* Structure for collecting random data for seeding. */
typedef struct randstuff {
@@ -77,7 +81,9 @@ static int
setup_certs(SSL_CTX *sctx, uschar *certs, uschar *crl, host_item *host, BOOL optional);
/* Callbacks */
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
static int tls_servername_cb(SSL *s, int *ad ARG_UNUSED, void *arg);
+#endif
#ifdef EXPERIMENTAL_OCSP
static int tls_stapling_cb(SSL *s, void *arg);
#endif
@@ -540,6 +546,7 @@ Arguments:
Returns: SSL_TLSEXT_ERR_{OK,ALERT_WARNING,ALERT_FATAL,NOACK}
*/
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
static int
tls_servername_cb(SSL *s, int *ad ARG_UNUSED, void *arg)
{
@@ -606,6 +613,7 @@ SSL_set_SSL_CTX(s, ctx_sni);
return SSL_TLSEXT_ERR_OK;
}
+#endif /* EXIM_HAVE_OPENSSL_TLSEXT */
@@ -768,7 +776,7 @@ rc = tls_expand_session_files(ctx, cbinfo);
if (rc != OK) return rc;
/* If we need to handle SNI, do so */
-#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
+#ifdef EXIM_HAVE_OPENSSL_TLSEXT
if (host == NULL)
{
#ifdef EXPERIMENTAL_OCSP
