cURL / Mailing Lists / curl-library / Single Mail


RE: lib/vtls/openssl.c verifystatus not compiling if OPENSSL_NO_TLSEXT is defined.

From: Joe Mason <>
Date: Tue, 27 Jan 2015 16:17:40 +0000

> From: curl-library [] on behalf of Alessandro
> Ghedini []
> It looks good to me, but note that the OpenSSL developers are planning to
> remove
> the OPENSSL_NO_TLSEXT option (see [0]), so this will probably fail to build at
> some point in the future.

I don't think that will cause a problem unless a version of openssl ships that doesn't have OCSP support but doesn't define OPENSSL_NO_TLSEXT. I assume that's not what they're doing - if they remove the definition, it would mean that all versions shipped after that point always support TLSEXT (and therefore OCSP).

However it might be a good idea to define a OPENSSL_HAVE_OCSP macro, so that we don't have to repeat this test several times, and only have to update the macro definition if we find other configurations that need OCSP disabled.

List admin:
Received on 2015-01-27