TLS: library version build-time checks for resumption support

[exim.git] / src / src / tls-openssl.c

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 06008deccceb03aa48583b7227fba4c89582ed05..824212dbcbdfa87a2af1b6c61e7a2babfbb5b33d 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -73,6 +73,7 @@ change this guard and punt the issue for a while longer. */
 #  define EXIM_HAVE_OPENSSL_KEYLOG
 #  define EXIM_HAVE_OPENSSL_CIPHER_GET_ID
 #  define EXIM_HAVE_SESSION_TICKET
+#  define EXIM_HAVE_OPESSL_TRACE
 # else
 #  define EXIM_NEED_OPENSSL_INIT
 # endif
@@ -107,6 +108,12 @@ change this guard and punt the issue for a while longer. */
 # define DISABLE_OCSP
 #endif
 
+#ifdef EXPERIMENTAL_TLS_RESUME
+# if OPENSSL_VERSION_NUMBER < 0x0101010L
+#  error OpenSSL version too old for session-resumption
+# endif
+#endif
+
 #ifdef EXIM_HAVE_OPENSSL_CHECKHOST
 # include <openssl/x509v3.h>
 #endif
@@ -1942,7 +1949,8 @@ level. */
 DEBUG(D_tls)
   {
   SSL_CTX_set_info_callback(ctx, (void (*)())info_callback);
-#ifndef OPENSSL_NO_SSL_TRACE   /* this needs a debug build of OpenSSL */
+#if defined(EXIM_HAVE_OPESSL_TRACE) && !defined(OPENSSL_NO_SSL_TRACE)
+  /* this needs a debug build of OpenSSL */
   SSL_CTX_set_msg_callback(ctx, (void (*)())SSL_trace);
 #endif
 #ifdef OPENSSL_HAVE_KEYLOG_CB