From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Sat, 3 Aug 2024 00:53:51 +0000 (-0600)
Subject: We need the TLS headers in order to be able to manipulate the SSL_CTX *
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9c47cd786bc998b6df2c3dda0ca4660b6445572a;p=thirdparty%2Ffreeradius-server.git

We need the TLS headers in order to be able to manipulate the SSL_CTX *
---

diff --git a/src/lib/curl/base.c b/src/lib/curl/base.c
index 8c6fdf21d70..8dd8309c1c6 100644
--- a/src/lib/curl/base.c
+++ b/src/lib/curl/base.c
@@ -72,7 +72,9 @@ conf_parser_t fr_curl_tls_config[] = {
 	{ FR_CONF_OFFSET("check_cert", fr_curl_tls_t, check_cert), .dflt = "yes" },
 	{ FR_CONF_OFFSET("check_cert_cn", fr_curl_tls_t, check_cert_cn), .dflt = "yes" },
 	{ FR_CONF_OFFSET("extract_cert_attrs", fr_curl_tls_t, extract_cert_attrs), .dflt = "no" },
+#ifdef WITH_TLS
 	{ FR_CONF_OFFSET_FLAGS("keylog_file", CONF_FLAG_FILE_OUTPUT, fr_curl_tls_t,  keylog_file) },
+#endif
 	CONF_PARSER_TERMINATOR
 };
 
@@ -89,6 +91,7 @@ conf_parser_t fr_curl_conn_config[] = {
 	CONF_PARSER_TERMINATOR
 };
 
+#ifdef WITH_TLS
 static void _curl_easy_tls_keylog(const SSL *ssl, const char *line)
 {
 	fr_curl_tls_t const *conf = SSL_CTX_get_ex_data(SSL_get_SSL_CTX(ssl), FR_TLS_EX_INDEX_CURL_CONF);
@@ -122,6 +125,7 @@ static CURLcode _curl_easy_ssl_ctx_conf(UNUSED CURL *curl, void *ssl_ctx, void *
 
 	return CURLE_OK;
 }
+#endif
 
 int fr_curl_easy_tls_init(fr_curl_io_request_t *randle, fr_curl_tls_t const *conf)
 {
@@ -142,10 +146,12 @@ int fr_curl_easy_tls_init(fr_curl_io_request_t *randle, fr_curl_tls_t const *con
 	FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_SSL_VERIFYHOST, (conf->check_cert_cn == true) ? 2L : 0L);
 	if (conf->extract_cert_attrs) FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_CERTINFO, 1L);
 
+#ifdef WITH_TLS
 	if (conf->keylog_file) {
 		FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_SSL_CTX_FUNCTION, _curl_easy_ssl_ctx_conf);
 		FR_CURL_ROPTIONAL_SET_OPTION(CURLOPT_SSL_CTX_DATA, conf);
 	}
+#endif
 
 	return 0;
 error: