cURL / Mailing Lists / curl-library / Single Mail

curl-library

RE: lib/vtls/openssl.c verifystatus not compiling if OPENSSL_NO_TLSEXT is defined.

From: Steve Holme <steve_holme_at_hotmail.com>
Date: Tue, 27 Jan 2015 13:18:54 +0000

On Mon, 26 Jan 2015, John E. Malmberg wrote:

> The lib/vtls/openssl.c verifystatus() can not be compiled using
> OpenSSL builds that define the macro OPENSSL_NO_TLSEXT in
> opensslconf.h.

I've just pushed commit a268a804b7 which hopefully fixes it. I tried to compile OpenSSL here with 'no-tlsext' and ran into compilation errors in OpenSSL :(

However, it build enough of itself for me to test my fix here. However, I would appreciate it if you could also give it a once over please.

I've also pushed a fix to correct Curl_ossl_cert_status_request() not returning FALSE when OCSP stapling is disabled through compilation with BoringSSL or OpenSSL with 'no-tlsext' which I believe is the correct thing to do. But if Daniel, Alessandro or someone else that knows more about it than me could verify this as well that would be great.

Many thanks

Steve

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-01-27