We need the TLS headers in order to be able to manipulate the SSL_CTX *

diff --git a/src/lib/curl/base.c b/src/lib/curl/base.c
index 8c6fdf21d7058adbc9c2b919f5ecea1c58948ad1..8dd8309c1c60ea4fdfb9c0eccfb582784bbc2a42 100644 (file)
--- a/src/lib/curl/base.c
+++ b/src/lib/curl/base.c
@@ -72,7 +72,9 @@ conf_parser_t fr_curl_tls_config[] = {
        { FR_CONF_OFFSET("check_cert", fr_curl_tls_t, check_cert), .dflt = "yes" },
        { FR_CONF_OFFSET("check_cert_cn", fr_curl_tls_t, check_cert_cn), .dflt = "yes" },
        { FR_CONF_OFFSET("extract_cert_attrs", fr_curl_tls_t, extract_cert_attrs), .dflt = "no" },
+#ifdef WITH_TLS
        { FR_CONF_OFFSET_FLAGS("keylog_file", CONF_FLAG_FILE_OUTPUT, fr_curl_tls_t,  keylog_file) },
+#endif
        CONF_PARSER_TERMINATOR
 };
 
@@ -89,6 +91,7 @@ conf_parser_t fr_curl_conn_config[] = {
        CONF_PARSER_TERMINATOR
 };
 
+#ifdef WITH_TLS
 static void _curl_easy_tls_keylog(const SSL *ssl, const char *line)
 {
        fr_curl_tls_t const *conf = SSL_CTX_get_ex_data(SSL_get_SSL_CTX(ssl), FR_TLS_EX_INDEX_CURL_CONF);
@@ -122,6 +125,7 @@ static CURLcode _curl_easy_ssl_ctx_conf(UNUSED CURL *curl, void *ssl_ctx, void *
 
        return CURLE_OK;
 }
+#endif
 
 int fr_curl_easy_tls_init(fr_curl_io_request_t *randle, fr_curl_tls_t const *conf)
 {
@@ -142,10 +146,12 @@ int fr_curl_easy_tls_init(fr_curl_io_request_t *randle, fr_curl_tls_t const *con
        FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_SSL_VERIFYHOST, (conf->check_cert_cn == true) ? 2L : 0L);
        if (conf->extract_cert_attrs) FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_CERTINFO, 1L);
 
+#ifdef WITH_TLS
        if (conf->keylog_file) {
                FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_SSL_CTX_FUNCTION, _curl_easy_ssl_ctx_conf);
                FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_SSL_CTX_DATA, conf);
        }
+#endif
 
        return 0;
 error: