Fix build with older TLS library versions
authorJeremy Harris <jgh146exb@wizmail.org>
Sat, 28 Dec 2019 18:27:54 +0000 (18:27 +0000)
committerJeremy Harris <jgh146exb@wizmail.org>
Sat, 28 Dec 2019 18:35:24 +0000 (18:35 +0000)
Broken-by: 1c519e07b9
src/src/tls-gnu.c
src/src/tls-openssl.c

index 69a8bd6f41fb510106e42c60b57b7f2c202d21ef..34ebc0903114a5414ac8c0c48bc2a8b46cdf2a6c 100644 (file)
@@ -2529,8 +2529,10 @@ if (rc != GNUTLS_E_SUCCESS)
   return FAIL;
   }
 
   return FAIL;
   }
 
+#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET
 if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
   tls_in.ext_master_secret = TRUE;
 if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
   tls_in.ext_master_secret = TRUE;
+#endif
 
 #ifdef EXPERIMENTAL_TLS_RESUME
 tls_server_resume_posthandshake(state);
 
 #ifdef EXPERIMENTAL_TLS_RESUME
 tls_server_resume_posthandshake(state);
@@ -3001,8 +3003,10 @@ if (!verify_certificate(state, errstr))
   return FALSE;
   }
 
   return FALSE;
   }
 
+#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET
 if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
   tlsp->ext_master_secret = TRUE;
 if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET)
   tlsp->ext_master_secret = TRUE;
+#endif
 
 #ifndef DISABLE_OCSP
 if (request_ocsp)
 
 #ifndef DISABLE_OCSP
 if (request_ocsp)
index d16479e5806a3627a0b611cbdab5d748628d48f0..c97dc1bff2f48a19d4bd1ebe7ce3c85c9d68db03 100644 (file)
@@ -2784,7 +2784,9 @@ if (SSL_session_reused(server_ssl))
 /* TLS has been set up. Record data for the connection,
 adjust the input functions to read via TLS, and initialize things. */
 
 /* TLS has been set up. Record data for the connection,
 adjust the input functions to read via TLS, and initialize things. */
 
+#ifdef SSL_get_extms_support
 tls_in.ext_master_secret = SSL_get_extms_support(server_ssl) == 1;
 tls_in.ext_master_secret = SSL_get_extms_support(server_ssl) == 1;
+#endif
 peer_cert(server_ssl, &tls_in, peerdn, sizeof(peerdn));
 
 tls_in.ver = tlsver_name(server_ssl);
 peer_cert(server_ssl, &tls_in, peerdn, sizeof(peerdn));
 
 tls_in.ver = tlsver_name(server_ssl);
@@ -3385,7 +3387,9 @@ DEBUG(D_tls)
 tls_client_resume_posthandshake(exim_client_ctx, tlsp);
 #endif
 
 tls_client_resume_posthandshake(exim_client_ctx, tlsp);
 #endif
 
+#ifdef SSL_get_extms_support
 tlsp->ext_master_secret = SSL_get_extms_support(exim_client_ctx->ssl) == 1;
 tlsp->ext_master_secret = SSL_get_extms_support(exim_client_ctx->ssl) == 1;
+#endif
 peer_cert(exim_client_ctx->ssl, tlsp, peerdn, sizeof(peerdn));
 
 tlsp->ver = tlsver_name(exim_client_ctx->ssl);
 peer_cert(exim_client_ctx->ssl, tlsp, peerdn, sizeof(peerdn));
 
 tlsp->ver = tlsver_name(exim_client_ctx->ssl);