On mar, gen 27, 2015 at 04:17:40 +0000, Joe Mason wrote: > > From: curl-library [[email protected]] on behalf of > > Alessandro > > Ghedini [[email protected]] > > > > It looks good to me, but note that the OpenSSL developers are planning to > > remove > > the OPENSSL_NO_TLSEXT option (see [0]), so this will probably fail to build > > at > > some point in the future. > > I don't think that will cause a problem unless a version of openssl ships > that doesn't have OCSP support but doesn't define OPENSSL_NO_TLSEXT. I assume > that's not what they're doing - if they remove the definition, it would mean > that all versions shipped after that point always support TLSEXT (and > therefore OCSP).
Right, I have no idea why I wrote that it would fail to build, go figure... > However it might be a good idea to define a OPENSSL_HAVE_OCSP macro, so that > we don't have to repeat this test several times, and only have to update the > macro definition if we find other configurations that need OCSP disabled. Yes, it may also check for the OpenSSL version, although it's probably old enough that a check isn't really needed. I'll write a patch if no one beats me to it. Cheers
signature.asc
Description: Digital signature
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
