From: Jeremy Harris Date: Sat, 28 Dec 2019 18:27:54 +0000 (+0000) Subject: Fix build with older TLS library versions X-Git-Url: https://git.exim.org/users/jgh/exim.git/commitdiff_plain/17ba0f52b8df4e6ece849deac1b9d6b88bdc26c6?hp=44e90dfa8316518d0fcba106c9fc083a56e15101 Fix build with older TLS library versions Broken-by: 1c519e07b9 --- diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c index 69a8bd6f4..34ebc0903 100644 --- a/src/src/tls-gnu.c +++ b/src/src/tls-gnu.c @@ -2529,8 +2529,10 @@ if (rc != GNUTLS_E_SUCCESS) return FAIL; } +#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET) tls_in.ext_master_secret = TRUE; +#endif #ifdef EXPERIMENTAL_TLS_RESUME tls_server_resume_posthandshake(state); @@ -3001,8 +3003,10 @@ if (!verify_certificate(state, errstr)) return FALSE; } +#ifdef GNUTLS_SFLAGS_EXT_MASTER_SECRET if (gnutls_session_get_flags(state->session) & GNUTLS_SFLAGS_EXT_MASTER_SECRET) tlsp->ext_master_secret = TRUE; +#endif #ifndef DISABLE_OCSP if (request_ocsp) diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c index d16479e58..c97dc1bff 100644 --- a/src/src/tls-openssl.c +++ b/src/src/tls-openssl.c @@ -2784,7 +2784,9 @@ if (SSL_session_reused(server_ssl)) /* TLS has been set up. Record data for the connection, adjust the input functions to read via TLS, and initialize things. */ +#ifdef SSL_get_extms_support tls_in.ext_master_secret = SSL_get_extms_support(server_ssl) == 1; +#endif peer_cert(server_ssl, &tls_in, peerdn, sizeof(peerdn)); tls_in.ver = tlsver_name(server_ssl); @@ -3385,7 +3387,9 @@ DEBUG(D_tls) tls_client_resume_posthandshake(exim_client_ctx, tlsp); #endif +#ifdef SSL_get_extms_support tlsp->ext_master_secret = SSL_get_extms_support(exim_client_ctx->ssl) == 1; +#endif peer_cert(exim_client_ctx->ssl, tlsp, peerdn, sizeof(peerdn)); tlsp->ver = tlsver_name(exim_client_ctx->ssl);