From 4def38dd7e9089847b4d5415e5d451e57249543c Mon Sep 17 00:00:00 2001
From: Jacob Barthelmeh <jacob@wolfssl.com>
Date: Wed, 17 Feb 2021 18:23:03 +0700
Subject: [PATCH] fix build for apache without tls 1.3

---
 src/internal.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/internal.c b/src/internal.c
index e48085de1..5f5220a8c 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -5323,6 +5323,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
     ssl->options.mask = ctx->mask;
 #endif
 #ifdef OPENSSL_EXTRA
+    #ifdef WOLFSSL_TLS13
     if (ssl->version.minor == TLSv1_3_MINOR &&
      (ssl->options.mask & SSL_OP_NO_TLSv1_3) == SSL_OP_NO_TLSv1_3) {
         if (!ctx->method->downgrade) {
@@ -5333,6 +5334,7 @@ int SetSSL_CTX(WOLFSSL* ssl, WOLFSSL_CTX* ctx, int writeDup)
         WOLFSSL_MSG("\tOption set to not allow TLSv1.3, Downgrading");
         ssl->version.minor = TLSv1_2_MINOR;
     }
+    #endif
     if (ssl->version.minor == TLSv1_2_MINOR &&
      (ssl->options.mask & SSL_OP_NO_TLSv1_2) == SSL_OP_NO_TLSv1_2) {
         if (!ctx->method->downgrade) {