BUILD: ssl: disable OCSP when using boringssl
Google's boringssl doesn't currently support OCSP, so
disable it if detected.
OCSP support may be reintroduced as per:
https://code.google.com/p/chromium/issues/detail?id=398677
In that case we can simply revert this commit.
Signed-off-by: Lukas Tribus <luky-37@hotmail.com>
diff --git a/src/dumpstats.c b/src/dumpstats.c
index 5365042..3855e09 100644
--- a/src/dumpstats.c
+++ b/src/dumpstats.c
@@ -1794,7 +1794,7 @@
#ifdef USE_OPENSSL
else if (strcmp(args[1], "ssl") == 0) {
if (strcmp(args[2], "ocsp-response") == 0) {
-#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
+#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_IS_BORINGSSL)
char *err = NULL;
/* Expect one parameter: the new response in base64 encoding */
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index cf8adc7..e53e3bd 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -44,7 +44,7 @@
#include <openssl/x509.h>
#include <openssl/err.h>
#include <openssl/rand.h>
-#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
+#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_IS_BORINGSSL)
#include <openssl/ocsp.h>
#endif
@@ -112,7 +112,7 @@
static DH *local_dh_8192 = NULL;
#endif /* OPENSSL_NO_DH */
-#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
+#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_IS_BORINGSSL)
struct certificate_ocsp {
struct ebmb_node key;
unsigned char key_data[OCSP_MAX_CERTID_ASN1_LENGTH];
@@ -1282,7 +1282,7 @@
}
#endif
-#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
+#if (defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_IS_BORINGSSL)
ret = ssl_sock_load_ocsp(ctx, path);
if (ret < 0) {
if (err)