libssl: It is now likely that the OCSP leak will be fixed in OpenSSL 3.6.1

Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>
(cherry picked from commit 2342ad6efa8065039c85c7ee0f373c3f61d0f1ce)

diff --git a/pdns/libssl.cc b/pdns/libssl.cc
index 41967986d3af1fa1713f6bfdde4a420002a5850a..7a18f2f8ad3fee0a0eddc4282235e300bb6b712f 100644 (file)
--- a/pdns/libssl.cc
+++ b/pdns/libssl.cc
@@ -375,7 +375,7 @@ int libssl_ocsp_stapling_callback(SSL* ssl, const std::map<int, std::string>& oc
   }
 
   const auto ocsp_resp_size = data->second.size();
-#if OPENSSL_VERSION_NUMBER < 0x30600000L
+#if OPENSSL_VERSION_NUMBER != 0x30600000L
   /* we need to allocate a copy because OpenSSL will free the pointer passed to SSL_set_tlsext_status_ocsp_resp() */
   void* ocsp_resp = OPENSSL_malloc(ocsp_resp_size);
   if (ocsp_resp == nullptr) {