More ocsp build cleanups

diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index e2b7c484b250b1036756ac7b4eae4b36f5ecaaea..067388af595a93dcf6db95e5b6d4c7eee9630cb2 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@ -356,10 +356,11 @@ ocsp_end:
        BIO_free_all(cbio);
        OCSP_BASICRESP_free(bresp);
 
-       if(ocsp_ok)
+       if (ocsp_ok) {
                DEBUG2("[ocsp] --> Certificate is valid!");
-       else
+       } else {
                DEBUG2("[ocsp] --> Certificate has been expired/revoked!");
+       }
 
        return ocsp_ok;
 }
@@ -1041,8 +1042,10 @@ static int eaptls_detach(void *arg)
        if (inst->ctx) SSL_CTX_free(inst->ctx);
        inst->ctx = NULL;
 
+#ifdef HAVE_OPENSSL_OCSP_H
        if (inst->store) X509_STORE_free(inst->store);
        inst->store = NULL;
+#endif
 
        free(inst);
 
@@ -1284,7 +1287,9 @@ static int eaptls_initiate(void *type_arg, EAP_HANDLER *handler)
         */
        SSL_set_ex_data(ssn->ssl, 0, (void *)handler);
        SSL_set_ex_data(ssn->ssl, 1, (void *)inst->conf);
+#ifdef HAVE_OPENSSL_OCSP_H
        SSL_set_ex_data(ssn->ssl, 2, (void *)inst->store);
+#endif
 
        ssn->length_flag = inst->conf->include_length;
 

diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.h b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.h
index 49c8bc72ba70fe1bf07c5242ffa86fe31ccd7cc7..6be8542140bf8eb6bd0d2ea30a481ba0daf5308c 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.h
+++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.h
@@ -85,7 +85,9 @@ typedef struct eap_tls_conf {
 typedef struct _eap_tls_t {
        EAP_TLS_CONF    *conf;
        SSL_CTX         *ctx;
+#ifdef HAVE_OPENSSL_OCSP_H
        X509_STORE      *store; /* OCSP Revocation Store */
+#endif
 } eap_tls_t;