Check for OpenSSL error code for < 0.9.8

author scantor <scantor@de75baf8-a10c-0410-a50a-987c0e22f00f>

Wed, 11 Jan 2012 18:55:02 +0000 (18:55 +0000)

committer scantor <scantor@de75baf8-a10c-0410-a50a-987c0e22f00f>

Wed, 11 Jan 2012 18:55:02 +0000 (18:55 +0000)
author scantor <scantor@de75baf8-a10c-0410-a50a-987c0e22f00f>
Wed, 11 Jan 2012 18:55:02 +0000 (18:55 +0000)
committer scantor <scantor@de75baf8-a10c-0410-a50a-987c0e22f00f>
Wed, 11 Jan 2012 18:55:02 +0000 (18:55 +0000)
diff --git a/xmltooling/security/impl/PKIXPathValidator.cpp b/xmltooling/security/impl/PKIXPathValidator.cpp

index cc9eb45..3a86057 100644 (file)
--- a/xmltooling/security/impl/PKIXPathValidator.cpp
+++ b/xmltooling/security/impl/PKIXPathValidator.cpp
@@ -406,7 +406,7 @@ bool PKIXPathValidator::validate(X509* EE, STACK_OF(X509)* untrusted, const Path
      if (ret == 1) {
          m_log.debug("successfully validated certificate chain");
      }
-#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
+#if defined(X509_V_ERR_NO_EXPLICIT_POLICY) && (OPENSSL_VERSION_NUMBER < 0x10000000L)
      else if (X509_STORE_CTX_get_error(&ctx) == X509_V_ERR_NO_EXPLICIT_POLICY && !pkixParams->isPolicyMappingInhibited()) {
          m_log.warn("policy mapping requires OpenSSL 1.0.0 or later");
      }
author	scantor <scantor@de75baf8-a10c-0410-a50a-987c0e22f00f>
	Wed, 11 Jan 2012 18:55:02 +0000 (18:55 +0000)
committer	scantor <scantor@de75baf8-a10c-0410-a50a-987c0e22f00f>
	Wed, 11 Jan 2012 18:55:02 +0000 (18:55 +0000)