[exim-cvs] Fix build with older TLS library versions

Top Page
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] Fix build with older TLS library versions
Gitweb: https://git.exim.org/exim.git/commitdiff/17ba0f52b8df4e6ece849deac1b9d6b88bdc26c6
Commit:     17ba0f52b8df4e6ece849deac1b9d6b88bdc26c6
Parent:     44e90dfa8316518d0fcba106c9fc083a56e15101
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sat Dec 28 18:27:54 2019 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Sat Dec 28 18:35:24 2019 +0000


    Fix build with older TLS library versions


    Broken-by: 1c519e07b9
---
 src/src/tls-gnu.c     | 4 ++++
 src/src/tls-openssl.c | 4 ++++
 2 files changed, 8 insertions(+)


diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index 69a8bd6..34ebc09 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2529,8 +2529,10 @@ if (rc != GNUTLS_E_SUCCESS)
return FAIL;
}

+#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET
if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
tls_in.ext_master_secret = TRUE;
+#endif

#ifdef EXPERIMENTAL_TLS_RESUME
tls_server_resume_posthandshake(state);
@@ -3001,8 +3003,10 @@ if (!verify_certificate(state, errstr))
return FALSE;
}

+#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET
if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
tlsp->ext_master_secret = TRUE;
+#endif

#ifndef DISABLE_OCSP
if (request_ocsp)
diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index d16479e..c97dc1b 100644
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -2784,7 +2784,9 @@ if (SSL_session_reused(server_ssl))
/* TLS has been set up. Record data for the connection,
adjust the input functions to read via TLS, and initialize things. */

+#ifdef SSL_get_extms_support
tls_in.ext_master_secret = SSL_get_extms_support(server_ssl) == 1;
+#endif
peer_cert(server_ssl, &tls_in, peerdn, sizeof(peerdn));

tls_in.ver = tlsver_name(server_ssl);
@@ -3385,7 +3387,9 @@ DEBUG(D_tls)
tls_client_resume_posthandshake(exim_client_ctx, tlsp);
#endif

+#ifdef SSL_get_extms_support
tlsp->ext_master_secret = SSL_get_extms_support(exim_client_ctx->ssl) == 1;
+#endif
peer_cert(exim_client_ctx->ssl, tlsp, peerdn, sizeof(peerdn));

tlsp->ver = tlsver_name(exim_client_ctx->ssl);