From eaad5cc2d83ddd2b1c3ea314cb7eba0d54e45b64 Mon Sep 17 00:00:00 2001
From: Emmanuel Hocdet <manu@gandi.net>
Date: Fri, 25 Oct 2019 12:19:00 +0200
Subject: [PATCH] MINOR: ssl: BoringSSL ocsp_response does not need issuer

HAproxy can fail when issuer is not found, it must not with BoringSSL.
---
 src/ssl_sock.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 770216d4a..aaa865288 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -3281,6 +3281,7 @@ static int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_c
 		}
 	}
 
+#ifndef OPENSSL_IS_BORINGSSL /* Useless for BoringSSL */
 	if (ckch->ocsp_response) {
 		X509 *issuer;
 		int i;
@@ -3321,6 +3322,7 @@ static int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_c
 			}
 		}
 	}
+#endif
 
 	ret = 0;