In commit c7566001 ("MINOR: server: Add "alpn" and "npn" keywords") and
commit 201b9f4e ("MAJOR: connections: Defer mux creation for outgoing
connection if alpn is set"), the build was broken on older OpenSSL
releases.

Move the #ifdef's around so that we build again with older OpenSSL
releases (0.9.8 was tested).
---
src/backend.c | 6 +++---
src/ssl_sock.c | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/backend.c b/src/backend.c
index cdc63c6..e55d87c 100644
--- a/src/backend.c
+++ b/src/backend.c
@@ -1035,7 +1035,7 @@ static void assign_tproxy_address(struct stream *s)
#endif
}

-#ifdef USE_OPENSSL
+#if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
/*
* Pick the right mux once the connection is established, we should now have
* an alpn if available, so we are now able to choose.
@@ -1259,7 +1259,7 @@ int connect_server(struct stream *s)
else
return SF_ERR_INTERNAL; /* how did we get there ? */

-#ifdef USE_OPENSSL
+#if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
if (!srv ||
((!(srv->ssl_ctx.alpn_str) && !(srv->ssl_ctx.npn_str)) ||
srv->mux_proto))
@@ -1273,7 +1273,7 @@ int connect_server(struct stream *s)
if (conn_install_mux_be(srv_conn, srv_cs) < 0)
return SF_ERR_INTERNAL;
}
-#ifdef USE_OPENSSL
+#if defined(USE_OPENSSL) && defined(TLSEXT_TYPE_application_layer_protocol_negotiation)
else {
srv_conn->mux_ctx = s;
/* Store the connection into the stream interface,
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index c1e2e7b..4fb984f 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -4842,9 +4842,9 @@ void ssl_sock_free_srv_ctx(struct server *srv)
if (srv->ssl_ctx.alpn_str)
free(srv->ssl_ctx.alpn_str);
#endif
+#ifdef OPENSSL_NPN_NEGOTIATED
if (srv->ssl_ctx.npn_str)
free(srv->ssl_ctx.npn_str);
-#ifdef OPENSSL_NPN_NEGOTIATED
if (srv->ssl_ctx.ctx)
SSL_CTX_free(srv->ssl_ctx.ctx);
#endif