BUG/MINOR: disable dynamic OCSP load with BoringSSL it was accidently enabled on BoringSSL while actually it is not supported wla: Fix part of the issue mentionned in #895. It fixes build of boringSSL versions prior to commit https://boringssl.googlesource.com/boringssl/+/49e9f67d8b7cbeb3953b5548ad1009d15947a523 Must be backported in 2.2. Signed-off-by: William Lallemand <wlallemand@haproxy.org>

commit: b3201a3e077198b3f75ebe8661aa45589b811552 [log] [tgz]
author: Ilya Shipitsin <chipitsine@gmail.com> Sun Oct 18 09:11:50 2020 +0500
committer: William Lallemand <wlallemand@haproxy.org> Mon Oct 19 11:00:51 2020 +0200
tree: 8ae5ae95aeaec1f54c80cefbdf6afc5e52d6b7b2
parent: 4b6e3c284a98cb2e6b4758a418066bfce5b9cd05 [diff]
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index cce06cd..69d76b0 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c

@@ -1278,7 +1278,7 @@
 
 #endif
 
-#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
+#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) && !defined OPENSSL_IS_BORINGSSL)
 
 
 /*
@@ -3137,7 +3137,7 @@
 	}
 #endif
 
-#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) || defined OPENSSL_IS_BORINGSSL)
+#if ((defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB && !defined OPENSSL_NO_OCSP) && !defined OPENSSL_IS_BORINGSSL)
 	/* Load OCSP Info into context */
 	if (ckch->ocsp_response) {
 		if (ssl_sock_load_ocsp(ctx, ckch, find_chain) < 0) {
commit	b3201a3e077198b3f75ebe8661aa45589b811552	[log] [tgz]
author	Ilya Shipitsin <chipitsine@gmail.com>	Sun Oct 18 09:11:50 2020 +0500
committer	William Lallemand <wlallemand@haproxy.org>	Mon Oct 19 11:00:51 2020 +0200
tree	8ae5ae95aeaec1f54c80cefbdf6afc5e52d6b7b2
parent	4b6e3c284a98cb2e6b4758a418066bfce5b9cd05 [diff]