sslc does not currently support X509V3_EXT_d2i

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@94216 13f79535-47bb-0310-9956-ffa450edef68

2 files changed, 10 insertions, 0 deletions

diff --git a/modules/ssl/ssl_toolkit_compat.h b/modules/ssl/ssl_toolkit_compat.h
index 955e2f099f..06f95ad3ec 100644
--- a/modules/ssl/ssl_toolkit_compat.h
+++ b/modules/ssl/ssl_toolkit_compat.h
@@ -56,6 +56,8 @@
 
 #define HAVE_SSL_RAND_EGD /* since 9.5.1 */
 
+#define HAVE_SSL_X509V3_EXT_d2i
+
 #else /* RSA sslc */
 
 /* sslc does not support this function, OpenSSL has since 9.5.1 */
diff --git a/modules/ssl/ssl_util_ssl.c b/modules/ssl/ssl_util_ssl.c
index c574d8db40..750e3a2316 100644
--- a/modules/ssl/ssl_util_ssl.c
+++ b/modules/ssl/ssl_util_ssl.c
@@ -317,6 +317,7 @@ char *SSL_make_ciphersuite(apr_pool_t *p, SSL *ssl)
 /* check whether cert contains extended key usage with a SGC tag */
 BOOL SSL_X509_isSGC(X509 *cert)
 {
+#ifdef HAVE_SSL_X509V3_EXT_d2i
     X509_EXTENSION *ext;
     int ext_nid;
     STACK *sk;
@@ -339,11 +340,15 @@ BOOL SSL_X509_isSGC(X509 *cert)
         }
     }
     return is_sgc;
+#else
+    return FALSE;
+#endif
 }
 
 /* retrieve basic constraints ingredients */
 BOOL SSL_X509_getBC(X509 *cert, int *ca, int *pathlen)
 {
+#ifdef HAVE_SSL_X509V3_EXT_d2i
     X509_EXTENSION *ext;
     BASIC_CONSTRAINTS *bc;
     int idx;
@@ -370,6 +375,9 @@ BOOL SSL_X509_getBC(X509 *cert, int *ca, int *pathlen)
     }
     BASIC_CONSTRAINTS_free(bc);
     return TRUE;
+#else
+    return FALSE;
+#endif
 }
 
 /* retrieve subject CommonName of certificate */