From 83cb8883a6de791fbbf841d4e4dbdc59a5f4c860 Mon Sep 17 00:00:00 2001
From: Quanah Gibson-Mount <quanah@openldap.org>
Date: Tue, 17 Feb 2009 21:39:50 +0000
Subject: [PATCH] More for ITS#5955 Also special case rand file bits that are
 OpenSSL only

---
 libraries/libldap/tls2.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/libraries/libldap/tls2.c b/libraries/libldap/tls2.c
index 871ffe574c..993e196106 100644
--- a/libraries/libldap/tls2.c
+++ b/libraries/libldap/tls2.c
@@ -559,6 +559,7 @@ ldap_int_tls_config( LDAP *ld, int option, const char *arg )
 		}
 		return ldap_pvt_tls_set_option( ld, option, &i );
 		}
+#ifdef HAVE_OPENSSL_CRL
 	case LDAP_OPT_X_TLS_CRLCHECK:	/* OpenSSL only */
 		i = -1;
 		if ( strcasecmp( arg, "none" ) == 0 ) {
@@ -572,6 +573,7 @@ ldap_int_tls_config( LDAP *ld, int option, const char *arg )
 			return ldap_pvt_tls_set_option( ld, option, &i );
 		}
 		return -1;
+#endif
 	}
 	return -1;
 }
@@ -647,10 +649,12 @@ ldap_pvt_tls_get_option( LDAP *ld, int option, void *arg )
 	case LDAP_OPT_X_TLS_PROTOCOL_MIN:
 		*(int *)arg = lo->ldo_tls_protocol_min;
 		break;
+#ifdef HAVE_OPENSSL
 	case LDAP_OPT_X_TLS_RANDOM_FILE:	/* OpenSSL only */
 		*(char **)arg = lo->ldo_tls_randfile ?
 			LDAP_STRDUP( lo->ldo_tls_randfile ) : NULL;
 		break;
+#endif
 	case LDAP_OPT_X_TLS_SSL_CTX: {
 		void *retval = 0;
 		if ( ld != NULL ) {
@@ -763,6 +767,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
 			return 0;
 		}
 		return -1;
+#ifdef HAVE_OPENSSL_CRL
 	case LDAP_OPT_X_TLS_CRLCHECK:	/* OpenSSL only */
 		if ( !arg ) return -1;
 		switch( *(int *) arg ) {
@@ -773,6 +778,7 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
 			return 0;
 		}
 		return -1;
+#endif
 	case LDAP_OPT_X_TLS_CIPHER_SUITE:
 		if ( lo->ldo_tls_ciphersuite ) LDAP_FREE( lo->ldo_tls_ciphersuite );
 		lo->ldo_tls_ciphersuite = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
@@ -782,14 +788,14 @@ ldap_pvt_tls_set_option( LDAP *ld, int option, void *arg )
 		if ( !arg ) return -1;
 		lo->ldo_tls_protocol_min = *(int *)arg;
 		return 0;
-
+#ifdef HAVE_OPENSSL
 	case LDAP_OPT_X_TLS_RANDOM_FILE:	/* OpenSSL only */
 		if ( ld != NULL )
 			return -1;
 		if ( lo->ldo_tls_randfile ) LDAP_FREE (lo->ldo_tls_randfile );
 		lo->ldo_tls_randfile = arg ? LDAP_STRDUP( (char *) arg ) : NULL;
 		break;
-
+#endif
 	case LDAP_OPT_X_TLS_NEWCTX:
 		if ( !arg ) return -1;
 		if ( lo->ldo_tls_ctx )
-- 
2.39.5